diff --git a/perl-versions.def b/perl-versions.def index d5882919d..58fdf3ce6 100644 --- a/perl-versions.def +++ b/perl-versions.def @@ -3,23 +3,23 @@ BERKELEYDB := 0.55 BIT_VECTOR := 7.4 CACHE_FASTMMAP := 1.43 CANARY_STABILITY := 2006 -CARP_CLAN := 6.04 +CARP_CLAN := 6.08 CLASS_INSPECTOR := 1.28 -COMPRESS_RAW_BZIP2 := 2.069 -COMPRESS_RAW_ZLIB := 2.069 +COMPRESS_RAW_BZIP2 := 2.093 +COMPRESS_RAW_ZLIB := 2.093 CONFIG_INIFILES := 2.86 CONVERT_ASN1 := 0.27 CONVERT_BINHEX := 1.124 CONVERT_TNEF := 0.18 CONVERT_UULIB := 1.5 CRYPT_OPENSSL_RANDOM := 0.11 -CRYPT_OPENSSL_RSA := 0.28 +CRYPT_OPENSSL_RSA := 0.31 CRYPT_SALTEDHASH := 0.09 DATA_UUID := 1.221 DATE_CALC := 6.4 DATE_MANIP := 6.51 DB_FILE := 1.835 -DBD_MYSQL := 4.033 +DBD_MYSQL := 4.050 DBD_SQLITE := 1.48 DBI := 1.634 DIGEST_HMAC := 1.03 @@ -43,17 +43,17 @@ HTTP_DATE := 6.02 HTTP_MESSAGE := 6.11 HTTP_NEGOTIATE := 6.01 INNOTOP := 1.9.1 -IO_COMPRESS := 2.069 +IO_COMPRESS := 2.093 IO_HTML := 1.001 IO_SESSIONDATA := 1.03 IO_SOCKET_INET6 := 2.72 IO_SOCKET_IP := 0.37 -IO_SOCKET_SSL := 2.020 +IO_SOCKET_SSL := 2.068 IO_STRINGY := 2.111 IP_COUNTRY := 2.28 JSON_PP := 2.27300 LIBWWW := 6.13 -LIST_MOREUTILS := 0.413 +LIST_MOREUTILS := 0.428 LWP_MEDIATYPES := 6.02 LWP_PROTOCOL_HTTPS := 6.06 MAIL_DKIM := 0.40 @@ -73,8 +73,8 @@ NET_HTTP := 6.09 NET_LDAP := 0.65 NET_LDAPAPI := 3.0.3 NET_LIBIDN := 0.12 -NET_SERVER := 2.008 -NET_SSLEAY := 1.72 +NET_SERVER := 2.009 +NET_SSLEAY := 1.88 NETADDR_IP := 4.078 PARENT := 0.234 PROC_PROCESSTABLE := 0.53 @@ -96,6 +96,7 @@ XML_PARSER_LITE := 0.721 XML_SAX := 0.99 XML_SAX_BASE := 1.08 XML_SAX_EXPAT := 0.51 -XML_SIMPLE := 2.20 +XML_SIMPLE := 2.25 ZMQ_CONSTANTS := 1.04 ZMQ_LIB := 1.19 + diff --git a/thirdparty/apr-util/zimbra-apr-util/debian/changelog b/thirdparty/apr-util/zimbra-apr-util/debian/changelog index 7df8b7c1f..16af4fa48 100644 --- a/thirdparty/apr-util/zimbra-apr-util/debian/changelog +++ b/thirdparty/apr-util/zimbra-apr-util/debian/changelog @@ -1,3 +1,15 @@ +zimbra-apr-util (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1h + + -- Zimbra Packaging Services Fri, 02 Dec 2020 22:26:24 +0000 + +zimbra-apr-util (VERSION-ITERATIONZAPPEND) unstable; urgency=medium + + * Upgraded to 1.6.1 and updated dependency openssl to 1.1.1g + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-apr-util (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/apr-util/zimbra-apr-util/debian/control b/thirdparty/apr-util/zimbra-apr-util/debian/control index b0f6e7923..5cc8255b2 100644 --- a/thirdparty/apr-util/zimbra-apr-util/debian/control +++ b/thirdparty/apr-util/zimbra-apr-util/debian/control @@ -1,6 +1,6 @@ Source: zimbra-apr-util Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-apr-dev, - libexpat1-dev, zimbra-openssl-dev + libexpat1-dev, zimbra-openssl-dev (>= 1.1.1h-1zimbra8.7b3ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services diff --git a/thirdparty/apr-util/zimbra-apr-util/debian/rules b/thirdparty/apr-util/zimbra-apr-util/debian/rules index 174dace10..28cf8d101 100755 --- a/thirdparty/apr-util/zimbra-apr-util/debian/rules +++ b/thirdparty/apr-util/zimbra-apr-util/debian/rules @@ -19,3 +19,6 @@ override_dh_strip: override_dh_auto_install: make install DESTDIR=$$(pwd)/debian/tmp + +override_dh_shlibdeps: + dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info diff --git a/thirdparty/apr-util/zimbra-apr-util/rpm/SPECS/apr-util.spec b/thirdparty/apr-util/zimbra-apr-util/rpm/SPECS/apr-util.spec index 9e7e44f26..ea4290662 100644 --- a/thirdparty/apr-util/zimbra-apr-util/rpm/SPECS/apr-util.spec +++ b/thirdparty/apr-util/zimbra-apr-util/rpm/SPECS/apr-util.spec @@ -1,11 +1,11 @@ Summary: Zimbra's Apache Portable Runtime Utilities build Name: zimbra-apr-util Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: Apache-2.0 Source: %{name}-%{version}.tar.bz2 BuildRequires: zimbra-apr-devel, expat-devel -BuildRequires: zimbra-openssl-devel +BuildRequires: zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND Requires: zimbra-apr-util-libs = %{version}-%{release} AutoReqProv: no URL: https://apr.apache.org/ @@ -13,6 +13,14 @@ URL: https://apr.apache.org/ %description The Zimbra Apache Portable Runtime Utilities build +%define debug_package %{nil} + +%changelog +* Fri Dec 02 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency openssl to 1.1.1h +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgraded to 1.6.1 and updated dependency openssl to 1.1.1g + %prep %setup -n apr-util-%{version} diff --git a/thirdparty/aspell-ar/zimbra-aspell-ar/debian/changelog b/thirdparty/aspell-ar/zimbra-aspell-ar/debian/changelog index d19c86b3d..073a995aa 100644 --- a/thirdparty/aspell-ar/zimbra-aspell-ar/debian/changelog +++ b/thirdparty/aspell-ar/zimbra-aspell-ar/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-ar (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Updated dependency aspell to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-ar (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-ar/zimbra-aspell-ar/debian/control b/thirdparty/aspell-ar/zimbra-aspell-ar/debian/control index 3ae08f12c..0bbe38b99 100644 --- a/thirdparty/aspell-ar/zimbra-aspell-ar/debian/control +++ b/thirdparty/aspell-ar/zimbra-aspell-ar/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-ar -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-ar Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell Arabic Dictionary diff --git a/thirdparty/aspell-ar/zimbra-aspell-ar/rpm/SPECS/aspell-ar.spec b/thirdparty/aspell-ar/zimbra-aspell-ar/rpm/SPECS/aspell-ar.spec index fab9c685e..120b5d04c 100644 --- a/thirdparty/aspell-ar/zimbra-aspell-ar/rpm/SPECS/aspell-ar.spec +++ b/thirdparty/aspell-ar/zimbra-aspell-ar/rpm/SPECS/aspell-ar.spec @@ -1,17 +1,21 @@ Summary: Zimbra's Aspell Arabic dictionary Name: zimbra-aspell-ar Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2.0 Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell Arabic dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-da/zimbra-aspell-da/debian/changelog b/thirdparty/aspell-da/zimbra-aspell-da/debian/changelog index 7d250b526..febfa0929 100644 --- a/thirdparty/aspell-da/zimbra-aspell-da/debian/changelog +++ b/thirdparty/aspell-da/zimbra-aspell-da/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-da (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency aspell to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-da (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-da/zimbra-aspell-da/debian/control b/thirdparty/aspell-da/zimbra-aspell-da/debian/control index 067b7006f..2b17ea897 100644 --- a/thirdparty/aspell-da/zimbra-aspell-da/debian/control +++ b/thirdparty/aspell-da/zimbra-aspell-da/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-da -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-da Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell Danish Dictionary diff --git a/thirdparty/aspell-da/zimbra-aspell-da/rpm/SPECS/aspell-da.spec b/thirdparty/aspell-da/zimbra-aspell-da/rpm/SPECS/aspell-da.spec index a304e9694..d45019a61 100644 --- a/thirdparty/aspell-da/zimbra-aspell-da/rpm/SPECS/aspell-da.spec +++ b/thirdparty/aspell-da/zimbra-aspell-da/rpm/SPECS/aspell-da.spec @@ -1,17 +1,21 @@ Summary: Zimbra's Aspell Danish dictionary Name: zimbra-aspell-da Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2.0 Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell Danish dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-de/zimbra-aspell-de/debian/changelog b/thirdparty/aspell-de/zimbra-aspell-de/debian/changelog index bb4bdfe85..b97e2d5be 100644 --- a/thirdparty/aspell-de/zimbra-aspell-de/debian/changelog +++ b/thirdparty/aspell-de/zimbra-aspell-de/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-de (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency aspell to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-de (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-de/zimbra-aspell-de/debian/control b/thirdparty/aspell-de/zimbra-aspell-de/debian/control index 84c126cdd..0bd67ea1b 100644 --- a/thirdparty/aspell-de/zimbra-aspell-de/debian/control +++ b/thirdparty/aspell-de/zimbra-aspell-de/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-de -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-de Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell German Dictionary diff --git a/thirdparty/aspell-de/zimbra-aspell-de/rpm/SPECS/aspell-de.spec b/thirdparty/aspell-de/zimbra-aspell-de/rpm/SPECS/aspell-de.spec index ee7c47205..43bc744a1 100644 --- a/thirdparty/aspell-de/zimbra-aspell-de/rpm/SPECS/aspell-de.spec +++ b/thirdparty/aspell-de/zimbra-aspell-de/rpm/SPECS/aspell-de.spec @@ -1,17 +1,21 @@ Summary: Zimbra's Aspell German dictionary Name: zimbra-aspell-de Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2.0 Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell German dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-en/zimbra-aspell-en/debian/changelog b/thirdparty/aspell-en/zimbra-aspell-en/debian/changelog index 055b9639a..9d913a9f2 100644 --- a/thirdparty/aspell-en/zimbra-aspell-en/debian/changelog +++ b/thirdparty/aspell-en/zimbra-aspell-en/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-en (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency aspell to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-en (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-en/zimbra-aspell-en/debian/control b/thirdparty/aspell-en/zimbra-aspell-en/debian/control index b8af344c9..115ee9f9d 100644 --- a/thirdparty/aspell-en/zimbra-aspell-en/debian/control +++ b/thirdparty/aspell-en/zimbra-aspell-en/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-en -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-en Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell English Dictionary diff --git a/thirdparty/aspell-en/zimbra-aspell-en/rpm/SPECS/aspell-en.spec b/thirdparty/aspell-en/zimbra-aspell-en/rpm/SPECS/aspell-en.spec index 27398fa59..c3fb2bb0b 100644 --- a/thirdparty/aspell-en/zimbra-aspell-en/rpm/SPECS/aspell-en.spec +++ b/thirdparty/aspell-en/zimbra-aspell-en/rpm/SPECS/aspell-en.spec @@ -1,17 +1,21 @@ Summary: Zimbra's Aspell English dictionary Name: zimbra-aspell-en Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: BSD Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell English dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-es/zimbra-aspell-es/debian/changelog b/thirdparty/aspell-es/zimbra-aspell-es/debian/changelog index 72f2d301f..7e9d73ead 100644 --- a/thirdparty/aspell-es/zimbra-aspell-es/debian/changelog +++ b/thirdparty/aspell-es/zimbra-aspell-es/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-es (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency aspell to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-es (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-es/zimbra-aspell-es/debian/control b/thirdparty/aspell-es/zimbra-aspell-es/debian/control index 8d2013e90..c7c533bcf 100644 --- a/thirdparty/aspell-es/zimbra-aspell-es/debian/control +++ b/thirdparty/aspell-es/zimbra-aspell-es/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-es -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-es Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell Spanish Dictionary diff --git a/thirdparty/aspell-es/zimbra-aspell-es/rpm/SPECS/aspell-es.spec b/thirdparty/aspell-es/zimbra-aspell-es/rpm/SPECS/aspell-es.spec index 4bbd8a4da..39d182190 100644 --- a/thirdparty/aspell-es/zimbra-aspell-es/rpm/SPECS/aspell-es.spec +++ b/thirdparty/aspell-es/zimbra-aspell-es/rpm/SPECS/aspell-es.spec @@ -1,17 +1,21 @@ Summary: Zimbra's Aspell Spanish dictionary Name: zimbra-aspell-es Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2.0 Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell Spanish dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-fr/zimbra-aspell-fr/debian/changelog b/thirdparty/aspell-fr/zimbra-aspell-fr/debian/changelog index 834b836d8..852a31c1e 100644 --- a/thirdparty/aspell-fr/zimbra-aspell-fr/debian/changelog +++ b/thirdparty/aspell-fr/zimbra-aspell-fr/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-fr (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency aspell to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-fr (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-fr/zimbra-aspell-fr/debian/control b/thirdparty/aspell-fr/zimbra-aspell-fr/debian/control index cee2c1e6a..19a631c98 100644 --- a/thirdparty/aspell-fr/zimbra-aspell-fr/debian/control +++ b/thirdparty/aspell-fr/zimbra-aspell-fr/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-fr -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-fr Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell French Dictionary diff --git a/thirdparty/aspell-fr/zimbra-aspell-fr/rpm/SPECS/aspell-fr.spec b/thirdparty/aspell-fr/zimbra-aspell-fr/rpm/SPECS/aspell-fr.spec index 5aad291da..08d273afd 100644 --- a/thirdparty/aspell-fr/zimbra-aspell-fr/rpm/SPECS/aspell-fr.spec +++ b/thirdparty/aspell-fr/zimbra-aspell-fr/rpm/SPECS/aspell-fr.spec @@ -1,18 +1,22 @@ Summary: Zimbra's Aspell French dictionary Name: zimbra-aspell-fr Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2.0 Patch0: aspell-fr.patch Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell French dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-hi/zimbra-aspell-hi/debian/changelog b/thirdparty/aspell-hi/zimbra-aspell-hi/debian/changelog index ff40783c0..a09848aa9 100644 --- a/thirdparty/aspell-hi/zimbra-aspell-hi/debian/changelog +++ b/thirdparty/aspell-hi/zimbra-aspell-hi/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-hi (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency aspell to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-hi (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-hi/zimbra-aspell-hi/debian/control b/thirdparty/aspell-hi/zimbra-aspell-hi/debian/control index ef4efd959..d04988851 100644 --- a/thirdparty/aspell-hi/zimbra-aspell-hi/debian/control +++ b/thirdparty/aspell-hi/zimbra-aspell-hi/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-hi -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-hi Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell Hindi Dictionary diff --git a/thirdparty/aspell-hi/zimbra-aspell-hi/rpm/SPECS/aspell-hi.spec b/thirdparty/aspell-hi/zimbra-aspell-hi/rpm/SPECS/aspell-hi.spec index d8810d97e..2c1c42729 100644 --- a/thirdparty/aspell-hi/zimbra-aspell-hi/rpm/SPECS/aspell-hi.spec +++ b/thirdparty/aspell-hi/zimbra-aspell-hi/rpm/SPECS/aspell-hi.spec @@ -1,17 +1,21 @@ Summary: Zimbra's Aspell Hindi dictionary Name: zimbra-aspell-hi Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2.0 Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell Hindi dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-hu/zimbra-aspell-hu/debian/changelog b/thirdparty/aspell-hu/zimbra-aspell-hu/debian/changelog index d4d9d890e..d2a1a9583 100644 --- a/thirdparty/aspell-hu/zimbra-aspell-hu/debian/changelog +++ b/thirdparty/aspell-hu/zimbra-aspell-hu/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-hu (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency aspell to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-hu (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-hu/zimbra-aspell-hu/debian/control b/thirdparty/aspell-hu/zimbra-aspell-hu/debian/control index f52604b30..abdccca9c 100644 --- a/thirdparty/aspell-hu/zimbra-aspell-hu/debian/control +++ b/thirdparty/aspell-hu/zimbra-aspell-hu/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-hu -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-hu Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell Hungarian Dictionary diff --git a/thirdparty/aspell-hu/zimbra-aspell-hu/rpm/SPECS/aspell-hu.spec b/thirdparty/aspell-hu/zimbra-aspell-hu/rpm/SPECS/aspell-hu.spec index ac4d76cc5..3aacb0026 100644 --- a/thirdparty/aspell-hu/zimbra-aspell-hu/rpm/SPECS/aspell-hu.spec +++ b/thirdparty/aspell-hu/zimbra-aspell-hu/rpm/SPECS/aspell-hu.spec @@ -1,17 +1,21 @@ Summary: Zimbra's Aspell Hungarian dictionary Name: zimbra-aspell-hu Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2.0 Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell Hungarian dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-it/zimbra-aspell-it/debian/changelog b/thirdparty/aspell-it/zimbra-aspell-it/debian/changelog index 46eef60f8..a349324ad 100644 --- a/thirdparty/aspell-it/zimbra-aspell-it/debian/changelog +++ b/thirdparty/aspell-it/zimbra-aspell-it/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-it (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency aspell to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-it (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-it/zimbra-aspell-it/debian/control b/thirdparty/aspell-it/zimbra-aspell-it/debian/control index 9286537dd..23fcef72f 100644 --- a/thirdparty/aspell-it/zimbra-aspell-it/debian/control +++ b/thirdparty/aspell-it/zimbra-aspell-it/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-it -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-it Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell Italian Dictionary diff --git a/thirdparty/aspell-it/zimbra-aspell-it/rpm/SPECS/aspell-it.spec b/thirdparty/aspell-it/zimbra-aspell-it/rpm/SPECS/aspell-it.spec index 4664df4a5..e26448416 100644 --- a/thirdparty/aspell-it/zimbra-aspell-it/rpm/SPECS/aspell-it.spec +++ b/thirdparty/aspell-it/zimbra-aspell-it/rpm/SPECS/aspell-it.spec @@ -1,17 +1,21 @@ Summary: Zimbra's Aspell Italian dictionary Name: zimbra-aspell-it Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2.0 Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell Italian dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-nl/zimbra-aspell-nl/debian/changelog b/thirdparty/aspell-nl/zimbra-aspell-nl/debian/changelog index 02159f0bb..05555dc46 100644 --- a/thirdparty/aspell-nl/zimbra-aspell-nl/debian/changelog +++ b/thirdparty/aspell-nl/zimbra-aspell-nl/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-nl (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-nl (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-nl/zimbra-aspell-nl/debian/control b/thirdparty/aspell-nl/zimbra-aspell-nl/debian/control index a6f4b7f87..fc389ca1f 100644 --- a/thirdparty/aspell-nl/zimbra-aspell-nl/debian/control +++ b/thirdparty/aspell-nl/zimbra-aspell-nl/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-nl -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-nl Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell Dutch Dictionary diff --git a/thirdparty/aspell-nl/zimbra-aspell-nl/rpm/SPECS/aspell-nl.spec b/thirdparty/aspell-nl/zimbra-aspell-nl/rpm/SPECS/aspell-nl.spec index b9c80c6ec..57b955421 100644 --- a/thirdparty/aspell-nl/zimbra-aspell-nl/rpm/SPECS/aspell-nl.spec +++ b/thirdparty/aspell-nl/zimbra-aspell-nl/rpm/SPECS/aspell-nl.spec @@ -1,18 +1,22 @@ Summary: Zimbra's Aspell Dutch dictionary Name: zimbra-aspell-nl Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: Public Domain Patch0: aspell-nl.patch Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell Dutch dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-pl/zimbra-aspell-pl/debian/changelog b/thirdparty/aspell-pl/zimbra-aspell-pl/debian/changelog index 701df14bd..6733e9cd2 100644 --- a/thirdparty/aspell-pl/zimbra-aspell-pl/debian/changelog +++ b/thirdparty/aspell-pl/zimbra-aspell-pl/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-pl (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-pl (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-pl/zimbra-aspell-pl/debian/control b/thirdparty/aspell-pl/zimbra-aspell-pl/debian/control index e04ce9113..80dbb5a39 100644 --- a/thirdparty/aspell-pl/zimbra-aspell-pl/debian/control +++ b/thirdparty/aspell-pl/zimbra-aspell-pl/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-pl -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-pl Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell Polish Dictionary diff --git a/thirdparty/aspell-pl/zimbra-aspell-pl/rpm/SPECS/aspell-pl.spec b/thirdparty/aspell-pl/zimbra-aspell-pl/rpm/SPECS/aspell-pl.spec index 2c640adf7..c2411c996 100644 --- a/thirdparty/aspell-pl/zimbra-aspell-pl/rpm/SPECS/aspell-pl.spec +++ b/thirdparty/aspell-pl/zimbra-aspell-pl/rpm/SPECS/aspell-pl.spec @@ -1,17 +1,21 @@ Summary: Zimbra's Aspell Polish dictionary Name: zimbra-aspell-pl Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2.0 Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell Polish dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-pt-br/zimbra-aspell-pt-br/debian/changelog b/thirdparty/aspell-pt-br/zimbra-aspell-pt-br/debian/changelog index 473647dc9..0995d05e6 100644 --- a/thirdparty/aspell-pt-br/zimbra-aspell-pt-br/debian/changelog +++ b/thirdparty/aspell-pt-br/zimbra-aspell-pt-br/debian/changelog @@ -1,3 +1,10 @@ +zimbra-aspell-pt-br (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency aspell to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + + zimbra-aspell-pt-br (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-pt-br/zimbra-aspell-pt-br/debian/control b/thirdparty/aspell-pt-br/zimbra-aspell-pt-br/debian/control index 4bde9ec26..00584db14 100644 --- a/thirdparty/aspell-pt-br/zimbra-aspell-pt-br/debian/control +++ b/thirdparty/aspell-pt-br/zimbra-aspell-pt-br/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-pt-br -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-pt-br Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell Brazilian Portuguese Dictionary diff --git a/thirdparty/aspell-pt-br/zimbra-aspell-pt-br/rpm/SPECS/aspell-pt-br.spec b/thirdparty/aspell-pt-br/zimbra-aspell-pt-br/rpm/SPECS/aspell-pt-br.spec index bbd7b4dba..6007357be 100644 --- a/thirdparty/aspell-pt-br/zimbra-aspell-pt-br/rpm/SPECS/aspell-pt-br.spec +++ b/thirdparty/aspell-pt-br/zimbra-aspell-pt-br/rpm/SPECS/aspell-pt-br.spec @@ -1,17 +1,21 @@ Summary: Zimbra's Aspell Brazilian Portuguese dictionary Name: zimbra-aspell-pt-br Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: LGPL-2.1 Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell Brazilian Portuguese dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-ru/zimbra-aspell-ru/debian/changelog b/thirdparty/aspell-ru/zimbra-aspell-ru/debian/changelog index ed649fa51..20de65775 100644 --- a/thirdparty/aspell-ru/zimbra-aspell-ru/debian/changelog +++ b/thirdparty/aspell-ru/zimbra-aspell-ru/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-ru (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency aspell to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-ru (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-ru/zimbra-aspell-ru/debian/control b/thirdparty/aspell-ru/zimbra-aspell-ru/debian/control index 8f88e0569..19fe1fb6b 100644 --- a/thirdparty/aspell-ru/zimbra-aspell-ru/debian/control +++ b/thirdparty/aspell-ru/zimbra-aspell-ru/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-ru -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-ru Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell Russian Dictionary diff --git a/thirdparty/aspell-ru/zimbra-aspell-ru/rpm/SPECS/aspell-ru.spec b/thirdparty/aspell-ru/zimbra-aspell-ru/rpm/SPECS/aspell-ru.spec index 7be20de53..62aa10d61 100644 --- a/thirdparty/aspell-ru/zimbra-aspell-ru/rpm/SPECS/aspell-ru.spec +++ b/thirdparty/aspell-ru/zimbra-aspell-ru/rpm/SPECS/aspell-ru.spec @@ -1,17 +1,21 @@ Summary: Zimbra's Aspell Russian dictionary Name: zimbra-aspell-ru Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: MIT Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell Russian dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-sv/zimbra-aspell-sv/debian/changelog b/thirdparty/aspell-sv/zimbra-aspell-sv/debian/changelog index 15958a701..bf464d789 100644 --- a/thirdparty/aspell-sv/zimbra-aspell-sv/debian/changelog +++ b/thirdparty/aspell-sv/zimbra-aspell-sv/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-sv (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency aspell to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-sv (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell-sv/zimbra-aspell-sv/debian/control b/thirdparty/aspell-sv/zimbra-aspell-sv/debian/control index e8b43593c..0100e985a 100644 --- a/thirdparty/aspell-sv/zimbra-aspell-sv/debian/control +++ b/thirdparty/aspell-sv/zimbra-aspell-sv/debian/control @@ -1,5 +1,5 @@ Source: zimbra-aspell-sv -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services @@ -10,5 +10,5 @@ Homepage: http://aspell.net/ Package: zimbra-aspell-sv Priority: optional Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell +Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND) Description: Aspell Swedish Dictionary diff --git a/thirdparty/aspell-sv/zimbra-aspell-sv/rpm/SPECS/aspell-sv.spec b/thirdparty/aspell-sv/zimbra-aspell-sv/rpm/SPECS/aspell-sv.spec index 01780dd0d..2ac738781 100644 --- a/thirdparty/aspell-sv/zimbra-aspell-sv/rpm/SPECS/aspell-sv.spec +++ b/thirdparty/aspell-sv/zimbra-aspell-sv/rpm/SPECS/aspell-sv.spec @@ -1,17 +1,21 @@ Summary: Zimbra's Aspell Swedish dictionary Name: zimbra-aspell-sv Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: Public Domain Source: %{name}-%{version}.tar.bz2 -BuildRequires: zimbra-aspell -Requires: zimbra-aspell +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND +Requires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: http://aspell.net/ %description The Zimbra Aspell Swedish dictionary +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency aspell to 0.60.8 + %define debug_package %{nil} %prep diff --git a/thirdparty/aspell-zimbra/zimbra-aspell-zimbra/debian/changelog b/thirdparty/aspell-zimbra/zimbra-aspell-zimbra/debian/changelog index 2d424b112..0c2fde806 100644 --- a/thirdparty/aspell-zimbra/zimbra-aspell-zimbra/debian/changelog +++ b/thirdparty/aspell-zimbra/zimbra-aspell-zimbra/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell-zimbra (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Updated dependency zimbra-aspell-en + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell-zimbra (1.0.0-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/aspell-zimbra/zimbra-aspell-zimbra/debian/control b/thirdparty/aspell-zimbra/zimbra-aspell-zimbra/debian/control index 8fa53b284..83e02a7c2 100644 --- a/thirdparty/aspell-zimbra/zimbra-aspell-zimbra/debian/control +++ b/thirdparty/aspell-zimbra/zimbra-aspell-zimbra/debian/control @@ -2,13 +2,13 @@ Source: zimbra-aspell-zimbra Section: mail Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-aspell-en +Build-Depends: debhelper (>= 9), zimbra-aspell-en (>= 7.1.0-1zimbra8.7b2ZAPPEND) Standards-Version: 3.9.5 Package: zimbra-aspell-zimbra Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, - zimbra-aspell-en + zimbra-aspell-en (>= 7.1.0-1zimbra8.7b2ZAPPEND) Description: Zimbra custom dictionary This is a dictionary for aspell defining specific words that Zimbra does not want viewed as a typo. The word Zimbra diff --git a/thirdparty/aspell-zimbra/zimbra-aspell-zimbra/rpm/SPECS/aspell-zimbra.spec b/thirdparty/aspell-zimbra/zimbra-aspell-zimbra/rpm/SPECS/aspell-zimbra.spec index 76ffc6eb0..8cdbc06bc 100644 --- a/thirdparty/aspell-zimbra/zimbra-aspell-zimbra/rpm/SPECS/aspell-zimbra.spec +++ b/thirdparty/aspell-zimbra/zimbra-aspell-zimbra/rpm/SPECS/aspell-zimbra.spec @@ -1,10 +1,10 @@ Summary: Zimbra custom dictionary Name: zimbra-aspell-zimbra Version: 1.0.0 -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2 -BuildRequires: zimbra-aspell-en -Requires: zimbra-aspell-en +BuildRequires: zimbra-aspell-en >= 7.1.0-1zimbra8.7b2ZAPPEND +Requires: zimbra-aspell-en >= 7.1.0-1zimbra8.7b2ZAPPEND Packager: Zimbra Packaging Services Group: Development/Languages AutoReqProv: no @@ -16,6 +16,10 @@ This is a dictionary for aspell defining specific words that Zimbra does not want viewed as a typo. The word Zimbra is one example. +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-aspell-en + %install mkdir -p ${RPM_BUILD_ROOT}/OZCL/aspell-0.60 echo -e "Zimbra\nzimlet\nzimlets\nComcast\nVMware\nSynacor\nZimbra" | /opt/zimbra/common/bin/aspell create master --lang=en ${RPM_BUILD_ROOT}/OZCL/aspell-0.60/zimbra.rws diff --git a/thirdparty/aspell/Makefile b/thirdparty/aspell/Makefile index 43f7154d2..3041d6254 100644 --- a/thirdparty/aspell/Makefile +++ b/thirdparty/aspell/Makefile @@ -6,7 +6,7 @@ pvers := $(ASPELL_VERSION) pname := aspell pfile := $(pname)-$(pvers).tar.gz psrc_file := $(SRC_DIR)/$(pfile) -purl := ftp://alpha.gnu.org/gnu/aspell/$(pfile) +purl := ftp://ftp.gnu.org/gnu/aspell/$(pname)-$(pvers).tar.gz zname := zimbra-$(pname) zspec := $(pname).spec diff --git a/thirdparty/aspell/zimbra-aspell/debian/changelog b/thirdparty/aspell/zimbra-aspell/debian/changelog index b309966a9..7290dd031 100644 --- a/thirdparty/aspell/zimbra-aspell/debian/changelog +++ b/thirdparty/aspell/zimbra-aspell/debian/changelog @@ -1,3 +1,9 @@ +zimbra-aspell (VERSION-ITERATIONZAPPEND) unstable; urgency=medium + + * Upgraded aspell to 0.60.8 + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-aspell (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/aspell/zimbra-aspell/rpm/SPECS/aspell.spec b/thirdparty/aspell/zimbra-aspell/rpm/SPECS/aspell.spec index c3a59a4f5..98dcb993b 100644 --- a/thirdparty/aspell/zimbra-aspell/rpm/SPECS/aspell.spec +++ b/thirdparty/aspell/zimbra-aspell/rpm/SPECS/aspell.spec @@ -12,6 +12,10 @@ URL: http://aspell.net/ %description The Zimbra Aspell build +%changelog +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgraded aspell to 0.60.8 + %prep %setup -n aspell-%{version} diff --git a/thirdparty/bdb/Makefile b/thirdparty/bdb/Makefile index e273939b3..6256e2b75 100644 --- a/thirdparty/bdb/Makefile +++ b/thirdparty/bdb/Makefile @@ -7,7 +7,7 @@ pname := bdb uname := db pfile := $(uname)-$(pvers).tar.gz psrc_file := $(SRC_DIR)/$(pfile) -purl := http://ftp.nsysu.edu.tw/FreeBSD/ports/distfiles/bdb/$(pfile) +purl := https://ftp.tw.freebsd.org/distfiles/bdb/$(pfile) zname := zimbra-$(pname) zspec := $(pname).spec diff --git a/thirdparty/clamav/zimbra-clamav/debian/changelog b/thirdparty/clamav/zimbra-clamav/debian/changelog index 485202e6b..d7323d2a6 100644 --- a/thirdparty/clamav/zimbra-clamav/debian/changelog +++ b/thirdparty/clamav/zimbra-clamav/debian/changelog @@ -1,3 +1,15 @@ +zimbra-clamav (VERSION-1zimbra8.8b3ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1h + + -- Zimbra Packaging Services Sat, 05 Dec 2020 22:26:24 +0000 + +zimbra-clamav (VERSION-1zimbra8.8b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1g + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-clamav (VERSION-1zimbra8.8b1ZAPPEND) unstable; urgency=medium * Upgraded clamav to 0.102.2 diff --git a/thirdparty/clamav/zimbra-clamav/debian/control b/thirdparty/clamav/zimbra-clamav/debian/control index 02506b5ad..d226abbbc 100644 --- a/thirdparty/clamav/zimbra-clamav/debian/control +++ b/thirdparty/clamav/zimbra-clamav/debian/control @@ -1,5 +1,5 @@ Source: zimbra-clamav -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev, zimbra-libxml2-dev, +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev (>= 1.1.1h-1zimbra8.7b3ZAPPEND), zimbra-libxml2-dev, libz-dev, zimbra-libmilter-dev, libncurses5-dev Section: utils Priority: optional diff --git a/thirdparty/clamav/zimbra-clamav/rpm/SPECS/clamav.spec b/thirdparty/clamav/zimbra-clamav/rpm/SPECS/clamav.spec index 5be740806..3e62550f8 100644 --- a/thirdparty/clamav/zimbra-clamav/rpm/SPECS/clamav.spec +++ b/thirdparty/clamav/zimbra-clamav/rpm/SPECS/clamav.spec @@ -1,15 +1,15 @@ Summary: Zimbra's ClamAV build Name: zimbra-clamav Version: VERSION -Release: 1zimbra8.8b1ZAPPEND +Release: 1zimbra8.8b3ZAPPEND License: GPL-2 Source: %{name}-%{version}.tar.gz BuildRequires: zlib-devel BuildRequires: ncurses-devel -BuildRequires: zimbra-openssl-devel +BuildRequires: zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND BuildRequires: zimbra-libxml2-devel BuildRequires: zimbra-libmilter-devel -Requires: zlib, ncurses-libs, zimbra-clamav-libs = %{version}-%{release}, zimbra-openssl-libs +Requires: zlib, ncurses-libs, zimbra-clamav-libs = %{version}-%{release}, zimbra-openssl-libs >= 1.1.1h-1zimbra8.7b3ZAPPEND Requires: zimbra-libxml2-libs AutoReqProv: no URL: http://www.clamav.net/ @@ -17,7 +17,13 @@ URL: http://www.clamav.net/ %description The Zimbra ClamAV build +%define debug_package %{nil} + %changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.8b3ZAPPEND +- Upgraded dependency openssl to 1.1.1h +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.8b2ZAPPEND +- Upgraded dependency openssl to 1.1.1g * Sun Mar 15 2020 Zimbra Packaging Services - VERSION-1zimbra8.8b1ZAPPEND - Upgraded clamav to 0.102.2 diff --git a/thirdparty/cluebringer/zimbra-cluebringer/debian/changelog b/thirdparty/cluebringer/zimbra-cluebringer/debian/changelog index 0095d78dc..05d74dea8 100644 --- a/thirdparty/cluebringer/zimbra-cluebringer/debian/changelog +++ b/thirdparty/cluebringer/zimbra-cluebringer/debian/changelog @@ -1,3 +1,9 @@ +zimbra-cluebringer (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependencies zimbra-perl-config-inifiles,zimbra-perl-net-server + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-cluebringer (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/cluebringer/zimbra-cluebringer/debian/control b/thirdparty/cluebringer/zimbra-cluebringer/debian/control index 9b9804d5e..2831a4453 100644 --- a/thirdparty/cluebringer/zimbra-cluebringer/debian/control +++ b/thirdparty/cluebringer/zimbra-cluebringer/debian/control @@ -11,9 +11,9 @@ Package: zimbra-cluebringer Priority: optional Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-mta-base, - zimbra-perl-base, zimbra-perl-cache-fastmmap, zimbra-perl-config-inifiles, + zimbra-perl-base, zimbra-perl-cache-fastmmap, zimbra-perl-config-inifiles (>= 2.86-1zimbra8.7b2ZAPPEND), zimbra-perl-dbi, zimbra-perl-dbd-sqlite, zimbra-perl-mail-spf, - zimbra-perl-net-cidr, zimbra-perl-net-dns, zimbra-perl-net-server, zimbra-perl-timedate + zimbra-perl-net-cidr, zimbra-perl-net-dns, zimbra-perl-net-server (>= 2.009-1zimbra8.7b1ZAPPEND), zimbra-perl-timedate Description: ClueBringer Policy Daemon PolicyD v2 (codenamed "cluebringer") is a multi-platform policy server for popular MTAs. This policy daemon is designed mostly for large scale mail hosting environments. diff --git a/thirdparty/cluebringer/zimbra-cluebringer/rpm/SPECS/cluebringer.spec b/thirdparty/cluebringer/zimbra-cluebringer/rpm/SPECS/cluebringer.spec index d85a41d3e..a60f1b796 100644 --- a/thirdparty/cluebringer/zimbra-cluebringer/rpm/SPECS/cluebringer.spec +++ b/thirdparty/cluebringer/zimbra-cluebringer/rpm/SPECS/cluebringer.spec @@ -1,14 +1,14 @@ Summary: ClueBringer Policy Daemon Name: zimbra-cluebringer Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2 Source: %{name}-%{version}.tgz Packager: Zimbra Packaging Services Requires: zimbra-mta-base, zimbra-perl-base, zimbra-perl-cache-fastmmap -Requires: zimbra-perl-config-inifiles, zimbra-perl-dbi, zimbra-perl-dbd-sqlite +Requires: zimbra-perl-config-inifiles >= 2.86-1zimbra8.7b2ZAPPEND, zimbra-perl-dbi, zimbra-perl-dbd-sqlite Requires: zimbra-perl-mail-spf, zimbra-perl-net-cidr, zimbra-perl-net-dns -Requires: zimbra-perl-net-server, zimbra-perl-timedate +Requires: zimbra-perl-net-server >= 2.009-1zimbra8.7b1ZAPPEND, zimbra-perl-timedate AutoReqProv: no URL: http://wiki.policyd.org/ @@ -21,6 +21,10 @@ required for mission critical email hosting of today. Most of the ideas and meth implemented in PolicyD v2 stem from PolicyD v1 as well as the authors' long time involvement in large scale mail hosting industry. +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependencies zimbra-perl-config-inifiles,zimbra-perl-net-server + %define debug_package %{nil} %prep diff --git a/thirdparty/curl/zimbra-curl/debian/changelog b/thirdparty/curl/zimbra-curl/debian/changelog index 73dbbedaa..e8fcb03f1 100644 --- a/thirdparty/curl/zimbra-curl/debian/changelog +++ b/thirdparty/curl/zimbra-curl/debian/changelog @@ -1,3 +1,15 @@ +zimbra-curl (VERSION-1zimbra8.7b3ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1h and updated dependency heimdal + + -- Zimbra Packaging Services Fri, 02 Dec 2020 22:26:24 +0000 + +zimbra-curl (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1g and updated dependency heimdal + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-curl (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/curl/zimbra-curl/debian/control b/thirdparty/curl/zimbra-curl/debian/control index 57c1c942f..cf6440ac4 100644 --- a/thirdparty/curl/zimbra-curl/debian/control +++ b/thirdparty/curl/zimbra-curl/debian/control @@ -1,6 +1,6 @@ Source: zimbra-curl -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev, - zimbra-heimdal-dev, libz-dev +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev (>= 1.1.1h-1zimbra8.7b3ZAPPEND), + zimbra-heimdal-dev (>= 1.5.3-1zimbra8.7b3ZAPPEND), libz-dev Section: utils Priority: optional Maintainer: Zimbra Packaging Services diff --git a/thirdparty/curl/zimbra-curl/debian/rules b/thirdparty/curl/zimbra-curl/debian/rules index fae4147ad..821339b1e 100755 --- a/thirdparty/curl/zimbra-curl/debian/rules +++ b/thirdparty/curl/zimbra-curl/debian/rules @@ -32,3 +32,6 @@ override_dh_auto_install: override_dh_install: dh_install rm -f $(CURDIR)/debian/zimbra-curlOZCB/curl-config + +override_dh_shlibdeps: + dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info diff --git a/thirdparty/curl/zimbra-curl/rpm/SPECS/curl.spec b/thirdparty/curl/zimbra-curl/rpm/SPECS/curl.spec index 660cd6dc5..c24b3c492 100644 --- a/thirdparty/curl/zimbra-curl/rpm/SPECS/curl.spec +++ b/thirdparty/curl/zimbra-curl/rpm/SPECS/curl.spec @@ -1,19 +1,27 @@ Summary: Zimbra's Curl build Name: zimbra-curl Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b3ZAPPEND License: MIT Source: %{name}-%{version}.tar.gz BuildRequires: zlib-devel -BuildRequires: zimbra-openssl-devel -BuildRequires: zimbra-heimdal-devel -Requires: zlib, zimbra-curl-libs = %{version}-%{release}, zimbra-openssl-libs, zimbra-heimdal-libs +BuildRequires: zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND +BuildRequires: zimbra-heimdal-devel >= 1.5.3-1zimbra8.7b3ZAPPEND +Requires: zlib, zimbra-curl-libs = %{version}-%{release}, zimbra-openssl-libs >= 1.1.1h-1zimbra8.7b3ZAPPEND, zimbra-heimdal-libs >= 1.5.3-1zimbra8.7b3ZAPPEND AutoReqProv: no URL: http://curl.haxx.se/ %description The Zimbra Curl build +%define debug_package %{nil} + +%changelog +* Fri Dec 02 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Upgraded dependency openssl to 1.1.1h and updated dependency heimdal +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency openssl to 1.1.1g and updated dependency heimdal + %prep %setup -n curl-%{version} diff --git a/thirdparty/cyrus-sasl/Makefile b/thirdparty/cyrus-sasl/Makefile index cdf825e04..76ce6c641 100644 --- a/thirdparty/cyrus-sasl/Makefile +++ b/thirdparty/cyrus-sasl/Makefile @@ -6,7 +6,7 @@ pvers := $(CYRUS_VERSION) pname := cyrus-sasl pfile := $(pname)-$(pvers).tar.gz psrc_file := $(SRC_DIR)/$(pfile) -purl := ftp://ftp.cyrusimap.org/cyrus-sasl//$(pfile) +purl := https://ftp.osuosl.org/pub/blfs/conglomeration/cyrus-sasl/$(pfile) zname := zimbra-$(pname) zspec := $(pname).spec diff --git a/thirdparty/cyrus-sasl/patches/openssl-1.1.1g.patch b/thirdparty/cyrus-sasl/patches/openssl-1.1.1g.patch new file mode 100644 index 000000000..86155105e --- /dev/null +++ b/thirdparty/cyrus-sasl/patches/openssl-1.1.1g.patch @@ -0,0 +1,23 @@ +diff -ruN a/plugins/otp.c b/plugins/otp.c +--- a/plugins/otp.c 2020-09-17 18:57:39.740142828 +0000 ++++ b/plugins/otp.c 2020-09-17 18:58:34.440144371 +0000 +@@ -118,7 +118,8 @@ + static void otp_hash(const EVP_MD *md, char *in, size_t inlen, + unsigned char *out, int swab) + { +- EVP_MD_CTX mdctx; ++ EVP_MD_CTX *mdctx; ++ mdctx = EVP_MD_CTX_new(); + char hash[EVP_MAX_MD_SIZE]; + unsigned int i; + int j; +@@ -752,7 +753,8 @@ + + /* alternate dictionary */ + if (alt_dict) { +- EVP_MD_CTX mdctx; ++ EVP_MD_CTX *mdctx; ++ mdctx = EVP_MD_CTX_new(); + char hash[EVP_MAX_MD_SIZE]; + int hashlen; + diff --git a/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/changelog b/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/changelog index a37f08d39..22abb7817 100644 --- a/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/changelog +++ b/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/changelog @@ -1,3 +1,15 @@ +zimbra-cyrus-sasl (VERSION-1zimbra8.7b3ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1h + + -- Zimbra Packaging Services Sat, 05 Dec 2020 22:26:24 +0000 + +zimbra-cyrus-sasl (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1g and updated dependency heimdal,curl + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-cyrus-sasl (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/control b/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/control index 385582a51..e79a6aa6f 100644 --- a/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/control +++ b/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/control @@ -1,6 +1,6 @@ Source: zimbra-cyrus-sasl -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev, - zimbra-heimdal-dev, zimbra-curl-dev, zimbra-libxml2-dev +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev (>= 1.1.1h-1zimbra8.7b3ZAPPEND), + zimbra-heimdal-dev (>= 1.5.3-1zimbra8.7b3ZAPPEND), zimbra-curl-dev (>= 7.49.1-1zimbra8.7b3ZAPPEND), zimbra-libxml2-dev Section: utils Priority: optional Maintainer: Zimbra Packaging Services diff --git a/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/patches/series b/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/patches/series index 88f316c7f..305a1c154 100644 --- a/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/patches/series +++ b/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/patches/series @@ -1,3 +1,4 @@ sasl-auth-zimbra-2.1.26.patch saslauthd-conf.patch auxprop.patch +openssl-1.1.1g.patch diff --git a/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/rules b/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/rules index c6b0bf18e..5af553a81 100755 --- a/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/rules +++ b/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/debian/rules @@ -42,3 +42,6 @@ override_dh_strip: override_dh_auto_install: make install DESTDIR=$$(pwd)/debian/tmp + +override_dh_shlibdeps: + dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info diff --git a/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/rpm/SPECS/cyrus-sasl.spec b/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/rpm/SPECS/cyrus-sasl.spec index e9fd5bbd3..84fb1c5d9 100644 --- a/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/rpm/SPECS/cyrus-sasl.spec +++ b/thirdparty/cyrus-sasl/zimbra-cyrus-sasl/rpm/SPECS/cyrus-sasl.spec @@ -1,30 +1,40 @@ Summary: Zimbra's Cyrus-SASL build Name: zimbra-cyrus-sasl Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b3ZAPPEND License: MIT Source: %{name}-%{version}.tar.gz Patch0: sasl-auth-zimbra-2.1.26.patch Patch1: saslauthd-conf.patch Patch2: auxprop.patch +Patch3: openssl-1.1.1g.patch BuildRequires: zlib-devel -BuildRequires: zimbra-openssl-devel -BuildRequires: zimbra-heimdal-devel +BuildRequires: zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND +BuildRequires: zimbra-heimdal-devel >= 1.5.3-1zimbra8.7b3ZAPPEND BuildRequires: zimbra-libxml2-devel -BuildRequires: zimbra-curl-devel -Requires: zlib, zimbra-cyrus-sasl-libs = %{version}-%{release}, zimbra-openssl-libs, zimbra-heimdal-libs -Requires: zimbra-libxml2-libs, zimbra-curl-libs +BuildRequires: zimbra-curl-devel >= 7.49.1-1zimbra8.7b3ZAPPEND +Requires: zlib, zimbra-cyrus-sasl-libs = %{version}-%{release}, zimbra-openssl-libs >= 1.1.1h-1zimbra8.7b3ZAPPEND, zimbra-heimdal-libs >= 1.5.3-1zimbra8.7b3ZAPPEND +Requires: zimbra-libxml2-libs, zimbra-curl-libs >= 7.49.1-1zimbra8.7b3ZAPPEND AutoReqProv: no URL: https://cyrusimap.org/ %description The Zimbra Cyrus-SASL build +%define debug_package %{nil} + +%changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Upgraded dependency openssl to 1.1.1h +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency openssl to 1.1.1g and updated heimdal,curl + %prep %setup -n cyrus-sasl-%{version} %patch0 -p1 %patch1 -p1 %patch2 -p1 +%patch3 -p1 %build LDFLAGS="-Wl,-rpath,OZCL"; export LDFLAGS; diff --git a/thirdparty/heimdal/Makefile b/thirdparty/heimdal/Makefile index 8e3995486..3dbd4b0bd 100644 --- a/thirdparty/heimdal/Makefile +++ b/thirdparty/heimdal/Makefile @@ -6,7 +6,7 @@ pvers := $(HEIMDAL_VERSION) pname := heimdal pfile := $(pname)-$(pvers).tar.gz psrc_file := $(SRC_DIR)/$(pfile) -purl := http://www.h5l.org/dist/src/$(pfile) +purl := http://ftp.riken.jp/net/heimdal/src/$(pfile) zname := zimbra-$(pname) zspec := $(pname).spec diff --git a/thirdparty/heimdal/zimbra-heimdal/debian/changelog b/thirdparty/heimdal/zimbra-heimdal/debian/changelog index 3d77e2276..214c47cbd 100644 --- a/thirdparty/heimdal/zimbra-heimdal/debian/changelog +++ b/thirdparty/heimdal/zimbra-heimdal/debian/changelog @@ -1,3 +1,15 @@ +zimbra-heimdal (VERSION-1zimbra8.7b3ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1h + + -- Zimbra Packaging Services Fri, 02 Dec 2020 22:26:24 +0000 + +zimbra-heimdal (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1g + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-heimdal (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/heimdal/zimbra-heimdal/debian/control b/thirdparty/heimdal/zimbra-heimdal/debian/control index f0210601e..4ce768d20 100644 --- a/thirdparty/heimdal/zimbra-heimdal/debian/control +++ b/thirdparty/heimdal/zimbra-heimdal/debian/control @@ -1,5 +1,5 @@ Source: zimbra-heimdal -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev, libncurses-dev +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev (>=1.1.1h-1zimbra8.7b3ZAPPEND), libncurses-dev Section: utils Priority: optional Maintainer: Zimbra Packaging Services diff --git a/thirdparty/heimdal/zimbra-heimdal/rpm/SPECS/heimdal.spec b/thirdparty/heimdal/zimbra-heimdal/rpm/SPECS/heimdal.spec index 610f5a690..bde4d5153 100644 --- a/thirdparty/heimdal/zimbra-heimdal/rpm/SPECS/heimdal.spec +++ b/thirdparty/heimdal/zimbra-heimdal/rpm/SPECS/heimdal.spec @@ -1,18 +1,20 @@ Summary: Zimbra's Heimdal Kerberos build Name: zimbra-heimdal Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b3ZAPPEND License: BSD Source: %{name}-%{version}.tar.gz -BuildRequires: zimbra-openssl-devel +BuildRequires: zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND BuildRequires: ncurses-devel -Requires: zimbra-openssl-libs, zimbra-heimdal-libs = %{version}-%{release}, ncurses-libs +Requires: zimbra-openssl-libs >= 1.1.1h-1zimbra8.7b3ZAPPEND, zimbra-heimdal-libs = %{version}-%{release}, ncurses-libs AutoReqProv: no URL: http://www.h5l.org/ %description The Zimbra Heimdal Kerberos build for additional encryption services +%define debug_package %{nil} + %prep %setup -n heimdal-%{version} @@ -100,5 +102,9 @@ OZCL/*.so OZCI %changelog +* Fri Dec 02 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Upgraded dependency openssl to 1.1.1h +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency openssl to 1.1.1g * Wed May 20 2015 Zimbra Packaging Services - initial packaging diff --git a/thirdparty/httpd/Makefile b/thirdparty/httpd/Makefile index fad9857a4..13167915e 100644 --- a/thirdparty/httpd/Makefile +++ b/thirdparty/httpd/Makefile @@ -20,7 +20,7 @@ $(psrc_file): $(MKDIR) $(@D) && $(CD) $(@D) && $(WGET) $(purl) pkgadd: - $(PKG_EXTRACT) zimbra-base zimbra-apr-$(PKG_DEV) zimbra-apr-util-$(PKG_DEV) + $(PKG_EXTRACT) zimbra-base zimbra-apr-$(PKG_DEV) zimbra-apr-util-$(PKG_DEV) zimbra-openssl-$(PKG_DEV) pkgrm: pkgrm% pkgrm%: diff --git a/thirdparty/httpd/zimbra-httpd/debian/changelog b/thirdparty/httpd/zimbra-httpd/debian/changelog index 3b1e18b48..cbec860d0 100644 --- a/thirdparty/httpd/zimbra-httpd/debian/changelog +++ b/thirdparty/httpd/zimbra-httpd/debian/changelog @@ -1,3 +1,15 @@ +zimbra-httpd (VERSION-1zimbra8.7b3ZAPPEND) unstable; urgency=medium + + * Updated dependency zimbra-apr-util + + -- Zimbra Packaging Services Sat, 05 Dec 2020 22:26:24 +0000 + +zimbra-httpd (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Updated dependency zimbra-apr-util + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-httpd (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Updated the version. diff --git a/thirdparty/httpd/zimbra-httpd/debian/control b/thirdparty/httpd/zimbra-httpd/debian/control index 7af598a91..ef9ab896c 100644 --- a/thirdparty/httpd/zimbra-httpd/debian/control +++ b/thirdparty/httpd/zimbra-httpd/debian/control @@ -1,6 +1,6 @@ Source: zimbra-httpd Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), - zimbra-apr-dev, zimbra-apr-util-dev, + zimbra-apr-dev, zimbra-apr-util-dev (>= 1.6.1-1zimbra8.7b2ZAPPEND), libz-dev, libpcre3-dev Section: utils Priority: optional @@ -21,7 +21,7 @@ Priority: optional Architecture: any Multi-Arch: same Depends: zimbra-httpd (= ${binary:Version}), ${misc:Depends}, zimbra-apr-dev, - zimbra-apr-util-dev + zimbra-apr-util-dev (>= 1.6.1-1zimbra8.7b2ZAPPEND) Description: Apache HTTPD development pieces Package: zimbra-httpd-dbg diff --git a/thirdparty/httpd/zimbra-httpd/debian/rules b/thirdparty/httpd/zimbra-httpd/debian/rules index e496877f3..c7f7505a0 100755 --- a/thirdparty/httpd/zimbra-httpd/debian/rules +++ b/thirdparty/httpd/zimbra-httpd/debian/rules @@ -32,3 +32,6 @@ override_dh_install: dh_install rm -rf $(CURDIR)/debian/zimbra-httpd/opt/zimbra/data/httpd/build rm -f $(CURDIR)/debian/zimbra-httpdOZCB/apxs + +override_dh_shlibdeps: + dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info diff --git a/thirdparty/httpd/zimbra-httpd/rpm/SPECS/httpd.spec b/thirdparty/httpd/zimbra-httpd/rpm/SPECS/httpd.spec index bbdf1a788..86e45e2dc 100644 --- a/thirdparty/httpd/zimbra-httpd/rpm/SPECS/httpd.spec +++ b/thirdparty/httpd/zimbra-httpd/rpm/SPECS/httpd.spec @@ -1,22 +1,28 @@ Summary: Zimbra's Apache HTTPD build Name: zimbra-httpd Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b3ZAPPEND License: Apache-2.0 Source: %{name}-%{version}.tar.bz2 BuildRequires: zimbra-apr-devel -BuildRequires: zimbra-apr-util-devel +BuildRequires: zimbra-apr-util-devel >= 1.6.1-1zimbra8.7b2ZAPPEND BuildRequires: zlib-devel BuildRequires: pcre-devel Requires: zlib, pcre -Requires: zimbra-apr-libs, zimbra-apr-util-libs, zimbra-apache-base +Requires: zimbra-apr-libs, zimbra-apr-util-libs >= 1.6.1-1zimbra8.7b2ZAPPEND, zimbra-apache-base AutoReqProv: no URL: http://httpd.apache.org/ %description The Zimbra Apache HTTPD build +%define debug_package %{nil} + %changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Updated dependency zimbra-apr-util +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-apr-util * Fri Feb 08 2019 Zimbra Packaging Services -Updated the version. * Fri May 01 2015 Zimbra Packaging Services @@ -49,7 +55,7 @@ mv ${RPM_BUILD_ROOT}/OZC/conf/magic ${RPM_BUILD_ROOT}/opt/zimbra/data/httpd/conf Summary: Apache HTTPD Development Requires: zimbra-httpd = %{version}-%{release} Requires: zimbra-apr-devel -Requires: zimbra-apr-util-devel +Requires: zimbra-apr-util-devel >= 1.6.1-1zimbra8.7b2ZAPPEND AutoReqProv: no %description devel diff --git a/thirdparty/libbsd/zimbra-libbsd/rpm/SPECS/libbsd.spec b/thirdparty/libbsd/zimbra-libbsd/rpm/SPECS/libbsd.spec index 7700435f9..b09ea2fb6 100644 --- a/thirdparty/libbsd/zimbra-libbsd/rpm/SPECS/libbsd.spec +++ b/thirdparty/libbsd/zimbra-libbsd/rpm/SPECS/libbsd.spec @@ -9,6 +9,8 @@ URL: http://libbsd.freedesktop.org/ %description The Zimbra libbsd build +%define debug_package %{nil} + %prep %setup -n libbsd-%{version} diff --git a/thirdparty/mariadb/Makefile b/thirdparty/mariadb/Makefile index d1eca0287..80eb422f5 100644 --- a/thirdparty/mariadb/Makefile +++ b/thirdparty/mariadb/Makefile @@ -6,7 +6,7 @@ pvers := $(MARIADB_VERSION) pname := mariadb pfile := $(pname)-$(pvers).tar.gz psrc_file := $(SRC_DIR)/$(pfile) -purl := https://downloads.mariadb.org/f/$(pname)-$(pvers)/source/$(pfile) +purl := http://ftp.hosteurope.de/mirror/archive.mariadb.org/$(pname)-$(pvers)/source/$(pfile) zname := zimbra-$(pname) zspec := $(pname).spec diff --git a/thirdparty/mariadb/zimbra-mariadb/debian/changelog b/thirdparty/mariadb/zimbra-mariadb/debian/changelog index c789ebd98..b15e5e0bf 100644 --- a/thirdparty/mariadb/zimbra-mariadb/debian/changelog +++ b/thirdparty/mariadb/zimbra-mariadb/debian/changelog @@ -1,3 +1,15 @@ +zimbra-mariadb (VERSION-1zimbra8.7b3ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1h + + -- Zimbra Packaging Services Fri, 02 Dec 2020 22:26:24 +0000 + +zimbra-mariadb (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded openssl to 1.1.1g + + -- Zimbra Packaging Services Fri, 28 Aug 2020 22:26:24 +0000 + zimbra-mariadb (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/mariadb/zimbra-mariadb/debian/control b/thirdparty/mariadb/zimbra-mariadb/debian/control index 2aa2f4a91..ddaf36070 100644 --- a/thirdparty/mariadb/zimbra-mariadb/debian/control +++ b/thirdparty/mariadb/zimbra-mariadb/debian/control @@ -1,5 +1,5 @@ Source: zimbra-mariadb -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev, libaio-dev, libncurses5-dev +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev (>= 1.0.2t-1zimbra8.7b2ZAPPEND), libaio-dev, libncurses5-dev Section: utils Priority: optional Maintainer: Zimbra Packaging Services diff --git a/thirdparty/mariadb/zimbra-mariadb/debian/rules b/thirdparty/mariadb/zimbra-mariadb/debian/rules index 247a866bf..0b5ebe9cd 100755 --- a/thirdparty/mariadb/zimbra-mariadb/debian/rules +++ b/thirdparty/mariadb/zimbra-mariadb/debian/rules @@ -2,7 +2,7 @@ export DEB_BUILD_OPTIONS=nocheck export DEB_CFLAGS_MAINT_STRIP=-O2 export DEB_CFLAGS_MAINT_APPEND=-O3 -fno-omit-frame-pointer -pipe -Wall -Wno-uninitialized -DNDEBUG -export DEB_LDFLAGS_MAINT_APPEND=-Wl,-rpath,OZCL +export DEB_LDFLAGS_MAINT_APPEND=-Wl,-rpath,OZCL:OZCL/mysql %: dh $@ @@ -55,8 +55,14 @@ override_dh_auto_install: cd $$(pwd)/debian/tmpOZCL && \ ln -s libmysqlclient.so.18.0.0 libmysqlclient_r.so.18.0.0 && \ ln -s libmysqlclient.so.18 libmysqlclient_r.so.18 + mkdir -p $$(pwd)/debian/tmpOZCL/mysql && sudo chmod 755 -R $$(pwd)/debian/tmpOZCL/mysql + cp -r /opt/zimbra/common/lib/libssl.so.1.0.0 /opt/zimbra/common/lib/libcrypto.so.1.0.0 $$(pwd)/debian/tmpOZCL/mysql/ + sudo chmod 755 -R $$(pwd)/debian/tmpOZCL/mysql/ override_dh_install: dh_install rm -f $(CURDIR)/debian/zimbra-mariadbOZCB/mysql_config rm -f $(CURDIR)/debian/zimbra-mariadbOZCS/man/man1/mysql_config.1 + +override_dh_shlibdeps: + dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info diff --git a/thirdparty/mariadb/zimbra-mariadb/debian/zimbra-mariadb-lib.install b/thirdparty/mariadb/zimbra-mariadb/debian/zimbra-mariadb-lib.install index cfd8b8afa..6416f96b7 100644 --- a/thirdparty/mariadb/zimbra-mariadb/debian/zimbra-mariadb-lib.install +++ b/thirdparty/mariadb/zimbra-mariadb/debian/zimbra-mariadb-lib.install @@ -1,2 +1,3 @@ opt/zimbra/common/lib/*.so.* opt/zimbra/common/lib/plugin +opt/zimbra/common/lib/mysql diff --git a/thirdparty/mariadb/zimbra-mariadb/rpm/SPECS/mariadb.spec b/thirdparty/mariadb/zimbra-mariadb/rpm/SPECS/mariadb.spec index 63c91dbe8..1bb24c9d8 100644 --- a/thirdparty/mariadb/zimbra-mariadb/rpm/SPECS/mariadb.spec +++ b/thirdparty/mariadb/zimbra-mariadb/rpm/SPECS/mariadb.spec @@ -1,13 +1,13 @@ Summary: Zimbra's MariaDB build Name: zimbra-mariadb Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b3ZAPPEND License: GPLv2 Source: %{name}-%{version}.tar.gz BuildRequires: libaio-devel BuildRequires: ncurses-devel -BuildRequires: zimbra-openssl-devel -Requires: libaio, zimbra-openssl-libs, zimbra-base +BuildRequires: zimbra-openssl-devel = 1.0.2t-1zimbra8.7b2ZAPPEND +Requires: libaio, zimbra-openssl-libs >= 1.1.1h-1zimbra8.7b3ZAPPEND, zimbra-base Requires: zimbra-mariadb-libs = %{version}-%{release}, ncurses-libs, perl AutoReqProv: no URL: https://www.mariadb.org/ @@ -18,8 +18,10 @@ The Zimbra MariaDB build for SQL database storage %prep %setup -n mariadb-%{version} +%define debug_package %{nil} + %build -LDFLAGS="-Wl,-rpath,OZCL"; export LDFLAGS; \ +LDFLAGS="-Wl,-rpath,OZCL:OZCL/mysql"; export LDFLAGS; \ CFLAGS="-O3 -fno-omit-frame-pointer -pipe -Wall -Wno-uninitialized -DNDEBUG"; export CFLAGS; \ /usr/bin/cmake . \ -DBUILD_CONFIG=mysql_release \ @@ -71,10 +73,13 @@ rm -f ${RPM_BUILD_ROOT}OZCL/libmysqlclient_r.so.18.0.0 cd ${RPM_BUILD_ROOT}OZCL && \ ln -s libmysqlclient.so.18.0.0 libmysqlclient_r.so.18.0.0 && \ ln -s libmysqlclient.so.18 libmysqlclient_r.so.18 +mkdir -p ${RPM_BUILD_ROOT}OZCL/mysql && sudo chmod 755 -R ${RPM_BUILD_ROOT}OZCL/mysql +cp -r /opt/zimbra/common/lib/libssl.so.1.0.0 /opt/zimbra/common/lib/libcrypto.so.1.0.0 ${RPM_BUILD_ROOT}OZCL/mysql/ +sudo chmod 755 -R ${RPM_BUILD_ROOT}OZCL/mysql %package libs Summary: MariaDB Libaries -Requires: libaio, zimbra-openssl-libs, zimbra-base +Requires: libaio, zimbra-openssl-libs >= 1.1.1h-1zimbra8.7b3ZAPPEND, zimbra-base AutoReqProv: no %description libs @@ -100,6 +105,7 @@ OZCS %defattr(-,root,root) OZCL/*.so.* OZCL/plugin +OZCL/mysql %files devel %defattr(-,root,root) @@ -110,5 +116,9 @@ OZCI OZCS/man/man1/mysql_config.1 %changelog +* Fri Dec 02 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Upgraded dependency openssl to 1.1.1h +* Thu Sep 17 2020 Zimbra Packaging Services +- Upgraded dependency openssl to 1.1.1g * Wed May 20 2015 Zimbra Packaging Services - initial packaging diff --git a/thirdparty/memcached/zimbra-memcached/debian/changelog b/thirdparty/memcached/zimbra-memcached/debian/changelog index ecd16bf91..d6add39a1 100644 --- a/thirdparty/memcached/zimbra-memcached/debian/changelog +++ b/thirdparty/memcached/zimbra-memcached/debian/changelog @@ -1,3 +1,9 @@ +zimbra-memcached (VERSION-1zimbra8.7b1ZAPPEND) unstable; urgency=medium + + * Upgrade to memcached 1.6.5 . + + -- Zimbra Packaging Services Fri, 24 Apr 2020 10:55:00 +0530 + zimbra-memcached (1:VERSION-2.PKG_OS_TAG) unstable; urgency=medium * Upgrade to memcached 1.4.37 for Bug 107246. diff --git a/thirdparty/memcached/zimbra-memcached/rpm/SPECS/memcached.spec b/thirdparty/memcached/zimbra-memcached/rpm/SPECS/memcached.spec index 31c0c6732..a12138155 100644 --- a/thirdparty/memcached/zimbra-memcached/rpm/SPECS/memcached.spec +++ b/thirdparty/memcached/zimbra-memcached/rpm/SPECS/memcached.spec @@ -2,7 +2,7 @@ Summary: Zimbra's memcached build Name: zimbra-memcached Epoch: 1 Version: VERSION -Release: 2.PKG_OS_TAG +Release: ITERATIONZAPPEND License: BSD Source: %{name}-%{version}.tar.gz BuildRequires: zimbra-libevent-devel @@ -15,6 +15,8 @@ URL: http://memcached.org/ The Zimbra memcached build %changelog +* Fri Apr 24 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgrade to memcached 1.6.5. * Sat Jun 24 2017 Zimbra Packaging Services - VERSION-2.PKG_OS_TAG - Upgrade to memcached 1.4.37 for Bug 107246. diff --git a/thirdparty/net-snmp/zimbra-net-snmp/debian/changelog b/thirdparty/net-snmp/zimbra-net-snmp/debian/changelog index 700126e18..e5705db02 100644 --- a/thirdparty/net-snmp/zimbra-net-snmp/debian/changelog +++ b/thirdparty/net-snmp/zimbra-net-snmp/debian/changelog @@ -1,3 +1,9 @@ +zimbra-net-snmp (VERSION-ITERATIONZAPPEND) unstable; urgency=medium + + * Upgraded net-snmp to 5.8. + + -- Zimbra Packaging Services Fri, 24 Apr 2020 22:26:24 +0000 + zimbra-net-snmp (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/net-snmp/zimbra-net-snmp/rpm/SPECS/net-snmp.spec b/thirdparty/net-snmp/zimbra-net-snmp/rpm/SPECS/net-snmp.spec index 6641365f0..b94e32f51 100644 --- a/thirdparty/net-snmp/zimbra-net-snmp/rpm/SPECS/net-snmp.spec +++ b/thirdparty/net-snmp/zimbra-net-snmp/rpm/SPECS/net-snmp.spec @@ -1,10 +1,10 @@ Summary: Zimbra's NetSNMP build Name: zimbra-net-snmp Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b3ZAPPEND License: BSD Source: %{name}-%{version}.tar.gz -BuildRequires: zimbra-openssl-devel +BuildRequires: zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND BuildRequires: perl-devel Requires: perl, perl-core Requires: zimbra-net-snmp-libs = %{version}-%{release} @@ -14,6 +14,15 @@ URL: http://www.net-snmp.org/ %description The Zimbra NetSNMP build +%define debug_package %{nil} +%changelog +* Fri Dec 02 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Upgraded dependency openssl to 1.1.1h +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated zimbra-openssl +* Tue Apr 24 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgraded net-snmp to 5.8 + %prep %setup -n net-snmp-%{version} diff --git a/thirdparty/opendkim/zimbra-opendkim/debian/changelog b/thirdparty/opendkim/zimbra-opendkim/debian/changelog index 70f067c3e..10ad7c877 100644 --- a/thirdparty/opendkim/zimbra-opendkim/debian/changelog +++ b/thirdparty/opendkim/zimbra-opendkim/debian/changelog @@ -1,3 +1,15 @@ +zimbra-opendkim (VERSION-1zimbra8.7b4ZAPPEND) unstable; urgency=medium + + * Upgraded openssl to 1.1.1h and updated cyrus-sasl, openldap + + -- Zimbra Packaging Services Sat, 05 Dec 2020 22:26:24 +0000 + +zimbra-opendkim (VERSION-1zimbra8.7b3ZAPPEND) unstable; urgency=medium + + * Upgraded openssl to 1.1.1g and updated cyrus-sasl, openldap + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-opendkim (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium * Add patch for ticket 226 diff --git a/thirdparty/opendkim/zimbra-opendkim/debian/control b/thirdparty/opendkim/zimbra-opendkim/debian/control index 250d761a8..73e5bb890 100644 --- a/thirdparty/opendkim/zimbra-opendkim/debian/control +++ b/thirdparty/opendkim/zimbra-opendkim/debian/control @@ -1,6 +1,6 @@ Source: zimbra-opendkim -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev, zimbra-libbsd-dev, - zimbra-openldap-dev, zimbra-libmilter-dev, zimbra-cyrus-sasl-dev +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev (>= 1.1.1h-1zimbra8.7b3ZAPPEND), zimbra-libbsd-dev, + zimbra-openldap-dev (>= 2.4.49-1zimbra8.8b4ZAPPEND), zimbra-libmilter-dev, zimbra-cyrus-sasl-dev (>= 2.1.26-1zimbra8.7b3ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services diff --git a/thirdparty/opendkim/zimbra-opendkim/debian/rules b/thirdparty/opendkim/zimbra-opendkim/debian/rules index bda125851..dd94f9530 100755 --- a/thirdparty/opendkim/zimbra-opendkim/debian/rules +++ b/thirdparty/opendkim/zimbra-opendkim/debian/rules @@ -20,7 +20,7 @@ override_dh_auto_configure: --enable-vbr \ --enable-default_sender \ --enable-rpath \ - --with-openssl=OZC \ + --with-openssl=OZCL \ --with-milter=OZC \ --with-openldap=OZC \ --with-sasl=OZC \ @@ -33,3 +33,6 @@ override_dh_strip: override_dh_auto_install: make install DESTDIR=$$(pwd)/debian/tmp + +override_dh_shlibdeps: + dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info diff --git a/thirdparty/opendkim/zimbra-opendkim/rpm/SPECS/opendkim.spec b/thirdparty/opendkim/zimbra-opendkim/rpm/SPECS/opendkim.spec index f07d685b6..556cfb73c 100644 --- a/thirdparty/opendkim/zimbra-opendkim/rpm/SPECS/opendkim.spec +++ b/thirdparty/opendkim/zimbra-opendkim/rpm/SPECS/opendkim.spec @@ -1,27 +1,33 @@ Summary: Zimbra's OpenDKIM build Name: zimbra-opendkim Version: VERSION -Release: 1zimbra8.7b2ZAPPEND +Release: 1zimbra8.7b4ZAPPEND License: OpenDKIM Source: %{name}-%{version}.tar.gz Patch0: ticket226.patch BuildRequires: zlib-devel -BuildRequires: zimbra-openssl-devel +BuildRequires: zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND BuildRequires: zimbra-libbsd-devel -BuildRequires: zimbra-openldap-devel +BuildRequires: zimbra-openldap-devel >= 2.4.49-1zimbra8.8b4ZAPPEND BuildRequires: zimbra-libmilter-devel -BuildRequires: zimbra-cyrus-sasl-devel +BuildRequires: zimbra-cyrus-sasl-devel >= 2.1.26-1zimbra8.7b3ZAPPEND Requires: zlib, zimbra-opendkim-libs = %{version}-%{release} -Requires: zimbra-openssl-libs +Requires: zimbra-openssl-libs >= 1.1.1h-1zimbra8.7b3ZAPPEND Requires: zimbra-libbsd-libs -Requires: zimbra-openldap-libs +Requires: zimbra-openldap-libs >= 2.4.49-1zimbra8.8b4ZAPPEND AutoReqProv: no URL: http://www.opendkim.org/ %description The Zimbra OpenDKIM build +%define debug_package %{nil} + %changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b4ZAPPEND +- Upgraded openssl to 1.1.1h and updated cyrus-sasl, openldap +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Upgraded openssl to 1.1.1g and updated cyrus-sasl, openldap * Mon May 02 2016 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND - Add patch for ticket 226 @@ -44,7 +50,7 @@ CPPFLAGS="-IOZCI"; export CPPFLAGS; --enable-vbr \ --enable-default_sender \ --enable-rpath \ - --with-openssl=OZC \ + --with-openssl=OZCL \ --with-milter=OZC \ --with-openldap=OZC \ --with-sasl=OZC \ diff --git a/thirdparty/openldap/zimbra-openldap/debian/changelog b/thirdparty/openldap/zimbra-openldap/debian/changelog index 02892e8b3..480994d8a 100644 --- a/thirdparty/openldap/zimbra-openldap/debian/changelog +++ b/thirdparty/openldap/zimbra-openldap/debian/changelog @@ -1,3 +1,21 @@ +zimbra-openldap (VERSION-1zimbra8.8b4ZAPPEND) unstable; urgency=medium + + * Updated dependencies openssl to 1.1.1h and cyrus-sasl + + -- Zimbra Packaging Services Sat, 05 Dec 2020 22:26:24 +0000 + +zimbra-openldap (VERSION-1zimbra8.8b3ZAPPEND) unstable; urgency=medium + + * Upgraded openssl to 1.1.1g and updated cyrus-sasl + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + +zimbra-openldap (VERSION-1zimbra8.8b2ZAPPEND) unstable; urgency=medium + + * Fix for ZBUG-1441 + + -- Zimbra Packaging Services Tue, 09 Jun 2020 11:25:24 +0000 + zimbra-openldap (VERSION-1zimbra8.8b1ZAPPEND) unstable; urgency=medium * Update for OpenLDAP 2.4.49 diff --git a/thirdparty/openldap/zimbra-openldap/debian/control b/thirdparty/openldap/zimbra-openldap/debian/control index 1d25194f7..88bfaa434 100644 --- a/thirdparty/openldap/zimbra-openldap/debian/control +++ b/thirdparty/openldap/zimbra-openldap/debian/control @@ -1,6 +1,6 @@ Source: zimbra-openldap -Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev, - zimbra-cyrus-sasl-dev, zimbra-libltdl-dev +Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-openssl-dev (>= 1.1.1h-1zimbra8.7b3ZAPPEND), + zimbra-cyrus-sasl-dev (>= 2.1.26-1zimbra8.7b3ZAPPEND), zimbra-libltdl-dev Section: utils Priority: optional Maintainer: Zimbra Packaging Services diff --git a/thirdparty/openldap/zimbra-openldap/debian/rules b/thirdparty/openldap/zimbra-openldap/debian/rules index e7d7d6e7d..e7ad0d9aa 100755 --- a/thirdparty/openldap/zimbra-openldap/debian/rules +++ b/thirdparty/openldap/zimbra-openldap/debian/rules @@ -75,3 +75,6 @@ override_dh_install: rm -f $(CURDIR)/debian/zimbra-openldap-clientOZCS/man/man1/mdb_stat.1 rm -f $(CURDIR)/debian/zimbra-openldap-libOZCL/liblmdb.so.0.0.0 rm -f $(CURDIR)/debian/zimbra-openldap-libOZCL/liblmdb.so.0 + +override_dh_shlibdeps: + dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info diff --git a/thirdparty/openldap/zimbra-openldap/rpm/SPECS/openldap.spec b/thirdparty/openldap/zimbra-openldap/rpm/SPECS/openldap.spec index 16ef712d4..0a2f04fd3 100644 --- a/thirdparty/openldap/zimbra-openldap/rpm/SPECS/openldap.spec +++ b/thirdparty/openldap/zimbra-openldap/rpm/SPECS/openldap.spec @@ -1,7 +1,7 @@ Summary: Zimbra's openldap build Name: zimbra-openldap Version: VERSION -Release: 1zimbra8.8b1ZAPPEND +Release: 1zimbra8.8b4ZAPPEND License: BSD Source: %{name}-%{version}.tgz Patch0: ITS5037.patch @@ -11,8 +11,8 @@ Patch3: ITS8054.patch Patch4: liblmdb-soname.patch Patch5: multival.patch Patch6: liblmdb-keysize.patch -BuildRequires: zimbra-openssl-devel -BuildRequires: zimbra-cyrus-sasl-devel +BuildRequires: zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND +BuildRequires: zimbra-cyrus-sasl-devel >= 2.1.26-1zimbra8.7b3ZAPPEND BuildRequires: zimbra-libltdl-devel AutoReqProv: no URL: http://www.openldap.org @@ -20,7 +20,15 @@ URL: http://www.openldap.org %description The Zimbra openldap build +%define debug_package %{nil} + %changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.8b4ZAPPEND +- Upgraded openssl to 1.1.1h and updated cyrus-sasl +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.8b3ZAPPEND +- Upgraded openssl to 1.1.1g and updated cyrus-sasl +* Tue Jun 09 2020 Zimbra Packaging Services - VERSION-1zimbra8.8b2ZAPPEND +- Fix for ZBUG-1441 * Mon Feb 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.8b1ZAPPEND - Update for OpenLDAP 2.4.49 @@ -155,6 +163,10 @@ The zimbra-lmdb-devel package contains the linking libraries and include files /opt/zimbra/common/etc /opt/zimbra/common/libexec /opt/zimbra/common/share/man +%attr(644, root, root) /opt/zimbra/common/etc/openldap/slapd.conf +%attr(644, root, root) /opt/zimbra/common/etc/openldap/slapd.conf.default +%attr(644, root, root) /opt/zimbra/common/etc/openldap/slapd.ldif +%attr(644, root, root) /opt/zimbra/common/etc/openldap/slapd.ldif.default %exclude /opt/zimbra/common/etc/openldap/ldap.conf %exclude /opt/zimbra/common/etc/openldap/ldap.conf.default %exclude /opt/zimbra/common/share/man/man1 diff --git a/thirdparty/openssl/Makefile b/thirdparty/openssl/Makefile index e969a81e7..01105c11e 100644 --- a/thirdparty/openssl/Makefile +++ b/thirdparty/openssl/Makefile @@ -22,12 +22,7 @@ $(psrc_file): setup: $(generic-setup) -build_fips: - $(WGET) -O /tmp/openssl-fips-2.0.16.tar.gz https://www.openssl.org/source/openssl-fips-2.0.16.tar.gz && \ - $(CD) /tmp && $(TAR) xfz openssl-fips-2.0.16.tar.gz && \ - $(CD) /tmp/openssl-fips-2.0.16 && ./config && $(MAKE) && $(MAKE) install - -build: setup build_fips build_$(PKG_EXT) +build: setup build_$(PKG_EXT) build_rpm: specfile = SPECS/$(zspec) build_rpm: diff --git a/thirdparty/openssl/patches/openssl-1.1.1-ec-curve.patch b/thirdparty/openssl/patches/openssl-1.1.1-ec-curve.patch new file mode 100644 index 000000000..1ff0319b0 --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-ec-curve.patch @@ -0,0 +1,2781 @@ +diff -ruN a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c +--- a/crypto/ec/ec_curve.c 2020-11-19 06:23:14.420461911 +0000 ++++ b/crypto/ec/ec_curve.c 2020-11-19 07:19:44.124557562 +0000 +@@ -25,38 +25,6 @@ + /* the nist prime curves */ + static const struct { + EC_CURVE_DATA h; +- unsigned char data[20 + 24 * 6]; +-} _EC_NIST_PRIME_192 = { +- { +- NID_X9_62_prime_field, 20, 24, 1 +- }, +- { +- /* seed */ +- 0x30, 0x45, 0xAE, 0x6F, 0xC8, 0x42, 0x2F, 0x64, 0xED, 0x57, 0x95, 0x28, +- 0xD3, 0x81, 0x20, 0xEA, 0xE1, 0x21, 0x96, 0xD5, +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0x64, 0x21, 0x05, 0x19, 0xE5, 0x9C, 0x80, 0xE7, 0x0F, 0xA7, 0xE9, 0xAB, +- 0x72, 0x24, 0x30, 0x49, 0xFE, 0xB8, 0xDE, 0xEC, 0xC1, 0x46, 0xB9, 0xB1, +- /* x */ +- 0x18, 0x8D, 0xA8, 0x0E, 0xB0, 0x30, 0x90, 0xF6, 0x7C, 0xBF, 0x20, 0xEB, +- 0x43, 0xA1, 0x88, 0x00, 0xF4, 0xFF, 0x0A, 0xFD, 0x82, 0xFF, 0x10, 0x12, +- /* y */ +- 0x07, 0x19, 0x2b, 0x95, 0xff, 0xc8, 0xda, 0x78, 0x63, 0x10, 0x11, 0xed, +- 0x6b, 0x24, 0xcd, 0xd5, 0x73, 0xf9, 0x77, 0xa1, 0x1e, 0x79, 0x48, 0x11, +- /* order */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x99, 0xDE, 0xF8, 0x36, 0x14, 0x6B, 0xC9, 0xB1, 0xB4, 0xD2, 0x28, 0x31 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; + unsigned char data[20 + 28 * 6]; + } _EC_NIST_PRIME_224 = { + { +@@ -193,185 +161,6 @@ + } + }; + +-/* the x9.62 prime curves (minus the nist prime curves) */ +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 24 * 6]; +-} _EC_X9_62_PRIME_192V2 = { +- { +- NID_X9_62_prime_field, 20, 24, 1 +- }, +- { +- /* seed */ +- 0x31, 0xA9, 0x2E, 0xE2, 0x02, 0x9F, 0xD1, 0x0D, 0x90, 0x1B, 0x11, 0x3E, +- 0x99, 0x07, 0x10, 0xF0, 0xD2, 0x1A, 0xC6, 0xB6, +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0xCC, 0x22, 0xD6, 0xDF, 0xB9, 0x5C, 0x6B, 0x25, 0xE4, 0x9C, 0x0D, 0x63, +- 0x64, 0xA4, 0xE5, 0x98, 0x0C, 0x39, 0x3A, 0xA2, 0x16, 0x68, 0xD9, 0x53, +- /* x */ +- 0xEE, 0xA2, 0xBA, 0xE7, 0xE1, 0x49, 0x78, 0x42, 0xF2, 0xDE, 0x77, 0x69, +- 0xCF, 0xE9, 0xC9, 0x89, 0xC0, 0x72, 0xAD, 0x69, 0x6F, 0x48, 0x03, 0x4A, +- /* y */ +- 0x65, 0x74, 0xd1, 0x1d, 0x69, 0xb6, 0xec, 0x7a, 0x67, 0x2b, 0xb8, 0x2a, +- 0x08, 0x3d, 0xf2, 0xf2, 0xb0, 0x84, 0x7d, 0xe9, 0x70, 0xb2, 0xde, 0x15, +- /* order */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, +- 0x5F, 0xB1, 0xA7, 0x24, 0xDC, 0x80, 0x41, 0x86, 0x48, 0xD8, 0xDD, 0x31 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 24 * 6]; +-} _EC_X9_62_PRIME_192V3 = { +- { +- NID_X9_62_prime_field, 20, 24, 1 +- }, +- { +- /* seed */ +- 0xC4, 0x69, 0x68, 0x44, 0x35, 0xDE, 0xB3, 0x78, 0xC4, 0xB6, 0x5C, 0xA9, +- 0x59, 0x1E, 0x2A, 0x57, 0x63, 0x05, 0x9A, 0x2E, +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0x22, 0x12, 0x3D, 0xC2, 0x39, 0x5A, 0x05, 0xCA, 0xA7, 0x42, 0x3D, 0xAE, +- 0xCC, 0xC9, 0x47, 0x60, 0xA7, 0xD4, 0x62, 0x25, 0x6B, 0xD5, 0x69, 0x16, +- /* x */ +- 0x7D, 0x29, 0x77, 0x81, 0x00, 0xC6, 0x5A, 0x1D, 0xA1, 0x78, 0x37, 0x16, +- 0x58, 0x8D, 0xCE, 0x2B, 0x8B, 0x4A, 0xEE, 0x8E, 0x22, 0x8F, 0x18, 0x96, +- /* y */ +- 0x38, 0xa9, 0x0f, 0x22, 0x63, 0x73, 0x37, 0x33, 0x4b, 0x49, 0xdc, 0xb6, +- 0x6a, 0x6d, 0xc8, 0xf9, 0x97, 0x8a, 0xca, 0x76, 0x48, 0xa9, 0x43, 0xb0, +- /* order */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7A, 0x62, 0xD0, 0x31, 0xC8, 0x3F, 0x42, 0x94, 0xF6, 0x40, 0xEC, 0x13 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 30 * 6]; +-} _EC_X9_62_PRIME_239V1 = { +- { +- NID_X9_62_prime_field, 20, 30, 1 +- }, +- { +- /* seed */ +- 0xE4, 0x3B, 0xB4, 0x60, 0xF0, 0xB8, 0x0C, 0xC0, 0xC0, 0xB0, 0x75, 0x79, +- 0x8E, 0x94, 0x80, 0x60, 0xF8, 0x32, 0x1B, 0x7D, +- /* p */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0x6B, 0x01, 0x6C, 0x3B, 0xDC, 0xF1, 0x89, 0x41, 0xD0, 0xD6, 0x54, 0x92, +- 0x14, 0x75, 0xCA, 0x71, 0xA9, 0xDB, 0x2F, 0xB2, 0x7D, 0x1D, 0x37, 0x79, +- 0x61, 0x85, 0xC2, 0x94, 0x2C, 0x0A, +- /* x */ +- 0x0F, 0xFA, 0x96, 0x3C, 0xDC, 0xA8, 0x81, 0x6C, 0xCC, 0x33, 0xB8, 0x64, +- 0x2B, 0xED, 0xF9, 0x05, 0xC3, 0xD3, 0x58, 0x57, 0x3D, 0x3F, 0x27, 0xFB, +- 0xBD, 0x3B, 0x3C, 0xB9, 0xAA, 0xAF, +- /* y */ +- 0x7d, 0xeb, 0xe8, 0xe4, 0xe9, 0x0a, 0x5d, 0xae, 0x6e, 0x40, 0x54, 0xca, +- 0x53, 0x0b, 0xa0, 0x46, 0x54, 0xb3, 0x68, 0x18, 0xce, 0x22, 0x6b, 0x39, +- 0xfc, 0xcb, 0x7b, 0x02, 0xf1, 0xae, +- /* order */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0x9E, 0x5E, 0x9A, 0x9F, 0x5D, 0x90, 0x71, 0xFB, 0xD1, +- 0x52, 0x26, 0x88, 0x90, 0x9D, 0x0B +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 30 * 6]; +-} _EC_X9_62_PRIME_239V2 = { +- { +- NID_X9_62_prime_field, 20, 30, 1 +- }, +- { +- /* seed */ +- 0xE8, 0xB4, 0x01, 0x16, 0x04, 0x09, 0x53, 0x03, 0xCA, 0x3B, 0x80, 0x99, +- 0x98, 0x2B, 0xE0, 0x9F, 0xCB, 0x9A, 0xE6, 0x16, +- /* p */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0x61, 0x7F, 0xAB, 0x68, 0x32, 0x57, 0x6C, 0xBB, 0xFE, 0xD5, 0x0D, 0x99, +- 0xF0, 0x24, 0x9C, 0x3F, 0xEE, 0x58, 0xB9, 0x4B, 0xA0, 0x03, 0x8C, 0x7A, +- 0xE8, 0x4C, 0x8C, 0x83, 0x2F, 0x2C, +- /* x */ +- 0x38, 0xAF, 0x09, 0xD9, 0x87, 0x27, 0x70, 0x51, 0x20, 0xC9, 0x21, 0xBB, +- 0x5E, 0x9E, 0x26, 0x29, 0x6A, 0x3C, 0xDC, 0xF2, 0xF3, 0x57, 0x57, 0xA0, +- 0xEA, 0xFD, 0x87, 0xB8, 0x30, 0xE7, +- /* y */ +- 0x5b, 0x01, 0x25, 0xe4, 0xdb, 0xea, 0x0e, 0xc7, 0x20, 0x6d, 0xa0, 0xfc, +- 0x01, 0xd9, 0xb0, 0x81, 0x32, 0x9f, 0xb5, 0x55, 0xde, 0x6e, 0xf4, 0x60, +- 0x23, 0x7d, 0xff, 0x8b, 0xe4, 0xba, +- /* order */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x80, 0x00, 0x00, 0xCF, 0xA7, 0xE8, 0x59, 0x43, 0x77, 0xD4, 0x14, 0xC0, +- 0x38, 0x21, 0xBC, 0x58, 0x20, 0x63 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 30 * 6]; +-} _EC_X9_62_PRIME_239V3 = { +- { +- NID_X9_62_prime_field, 20, 30, 1 +- }, +- { +- /* seed */ +- 0x7D, 0x73, 0x74, 0x16, 0x8F, 0xFE, 0x34, 0x71, 0xB6, 0x0A, 0x85, 0x76, +- 0x86, 0xA1, 0x94, 0x75, 0xD3, 0xBF, 0xA2, 0xFF, +- /* p */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0x25, 0x57, 0x05, 0xFA, 0x2A, 0x30, 0x66, 0x54, 0xB1, 0xF4, 0xCB, 0x03, +- 0xD6, 0xA7, 0x50, 0xA3, 0x0C, 0x25, 0x01, 0x02, 0xD4, 0x98, 0x87, 0x17, +- 0xD9, 0xBA, 0x15, 0xAB, 0x6D, 0x3E, +- /* x */ +- 0x67, 0x68, 0xAE, 0x8E, 0x18, 0xBB, 0x92, 0xCF, 0xCF, 0x00, 0x5C, 0x94, +- 0x9A, 0xA2, 0xC6, 0xD9, 0x48, 0x53, 0xD0, 0xE6, 0x60, 0xBB, 0xF8, 0x54, +- 0xB1, 0xC9, 0x50, 0x5F, 0xE9, 0x5A, +- /* y */ +- 0x16, 0x07, 0xe6, 0x89, 0x8f, 0x39, 0x0c, 0x06, 0xbc, 0x1d, 0x55, 0x2b, +- 0xad, 0x22, 0x6f, 0x3b, 0x6f, 0xcf, 0xe4, 0x8b, 0x6e, 0x81, 0x84, 0x99, +- 0xaf, 0x18, 0xe3, 0xed, 0x6c, 0xf3, +- /* order */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0x97, 0x5D, 0xEB, 0x41, 0xB3, 0xA6, 0x05, 0x7C, 0x3C, +- 0x43, 0x21, 0x46, 0x52, 0x65, 0x51 +- } +-}; +- + static const struct { + EC_CURVE_DATA h; + unsigned char data[20 + 32 * 6]; +@@ -410,295 +199,6 @@ + } + }; + +-/* the secg prime curves (minus the nist and x9.62 prime curves) */ +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 14 * 6]; +-} _EC_SECG_PRIME_112R1 = { +- { +- NID_X9_62_prime_field, 20, 14, 1 +- }, +- { +- /* seed */ +- 0x00, 0xF5, 0x0B, 0x02, 0x8E, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, +- 0x51, 0x75, 0x29, 0x04, 0x72, 0x78, 0x3F, 0xB1, +- /* p */ +- 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD, +- 0x20, 0x8B, +- /* a */ +- 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD, +- 0x20, 0x88, +- /* b */ +- 0x65, 0x9E, 0xF8, 0xBA, 0x04, 0x39, 0x16, 0xEE, 0xDE, 0x89, 0x11, 0x70, +- 0x2B, 0x22, +- /* x */ +- 0x09, 0x48, 0x72, 0x39, 0x99, 0x5A, 0x5E, 0xE7, 0x6B, 0x55, 0xF9, 0xC2, +- 0xF0, 0x98, +- /* y */ +- 0xa8, 0x9c, 0xe5, 0xaf, 0x87, 0x24, 0xc0, 0xa2, 0x3e, 0x0e, 0x0f, 0xf7, +- 0x75, 0x00, +- /* order */ +- 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x76, 0x28, 0xDF, 0xAC, 0x65, +- 0x61, 0xC5 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 14 * 6]; +-} _EC_SECG_PRIME_112R2 = { +- { +- NID_X9_62_prime_field, 20, 14, 4 +- }, +- { +- /* seed */ +- 0x00, 0x27, 0x57, 0xA1, 0x11, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, +- 0x51, 0x75, 0x53, 0x16, 0xC0, 0x5E, 0x0B, 0xD4, +- /* p */ +- 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD, +- 0x20, 0x8B, +- /* a */ +- 0x61, 0x27, 0xC2, 0x4C, 0x05, 0xF3, 0x8A, 0x0A, 0xAA, 0xF6, 0x5C, 0x0E, +- 0xF0, 0x2C, +- /* b */ +- 0x51, 0xDE, 0xF1, 0x81, 0x5D, 0xB5, 0xED, 0x74, 0xFC, 0xC3, 0x4C, 0x85, +- 0xD7, 0x09, +- /* x */ +- 0x4B, 0xA3, 0x0A, 0xB5, 0xE8, 0x92, 0xB4, 0xE1, 0x64, 0x9D, 0xD0, 0x92, +- 0x86, 0x43, +- /* y */ +- 0xad, 0xcd, 0x46, 0xf5, 0x88, 0x2e, 0x37, 0x47, 0xde, 0xf3, 0x6e, 0x95, +- 0x6e, 0x97, +- /* order */ +- 0x36, 0xDF, 0x0A, 0xAF, 0xD8, 0xB8, 0xD7, 0x59, 0x7C, 0xA1, 0x05, 0x20, +- 0xD0, 0x4B +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 16 * 6]; +-} _EC_SECG_PRIME_128R1 = { +- { +- NID_X9_62_prime_field, 20, 16, 1 +- }, +- { +- /* seed */ +- 0x00, 0x0E, 0x0D, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, +- 0x0C, 0xC0, 0x3A, 0x44, 0x73, 0xD0, 0x36, 0x79, +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0xE8, 0x75, 0x79, 0xC1, 0x10, 0x79, 0xF4, 0x3D, 0xD8, 0x24, 0x99, 0x3C, +- 0x2C, 0xEE, 0x5E, 0xD3, +- /* x */ +- 0x16, 0x1F, 0xF7, 0x52, 0x8B, 0x89, 0x9B, 0x2D, 0x0C, 0x28, 0x60, 0x7C, +- 0xA5, 0x2C, 0x5B, 0x86, +- /* y */ +- 0xcf, 0x5a, 0xc8, 0x39, 0x5b, 0xaf, 0xeb, 0x13, 0xc0, 0x2d, 0xa2, 0x92, +- 0xdd, 0xed, 0x7a, 0x83, +- /* order */ +- 0xFF, 0xFF, 0xFF, 0xFE, 0x00, 0x00, 0x00, 0x00, 0x75, 0xA3, 0x0D, 0x1B, +- 0x90, 0x38, 0xA1, 0x15 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 16 * 6]; +-} _EC_SECG_PRIME_128R2 = { +- { +- NID_X9_62_prime_field, 20, 16, 4 +- }, +- { +- /* seed */ +- 0x00, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, 0x12, 0xD8, +- 0xF0, 0x34, 0x31, 0xFC, 0xE6, 0x3B, 0x88, 0xF4, +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0xD6, 0x03, 0x19, 0x98, 0xD1, 0xB3, 0xBB, 0xFE, 0xBF, 0x59, 0xCC, 0x9B, +- 0xBF, 0xF9, 0xAE, 0xE1, +- /* b */ +- 0x5E, 0xEE, 0xFC, 0xA3, 0x80, 0xD0, 0x29, 0x19, 0xDC, 0x2C, 0x65, 0x58, +- 0xBB, 0x6D, 0x8A, 0x5D, +- /* x */ +- 0x7B, 0x6A, 0xA5, 0xD8, 0x5E, 0x57, 0x29, 0x83, 0xE6, 0xFB, 0x32, 0xA7, +- 0xCD, 0xEB, 0xC1, 0x40, +- /* y */ +- 0x27, 0xb6, 0x91, 0x6a, 0x89, 0x4d, 0x3a, 0xee, 0x71, 0x06, 0xfe, 0x80, +- 0x5f, 0xc3, 0x4b, 0x44, +- /* order */ +- 0x3F, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, 0xBE, 0x00, 0x24, 0x72, +- 0x06, 0x13, 0xB5, 0xA3 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 21 * 6]; +-} _EC_SECG_PRIME_160K1 = { +- { +- NID_X9_62_prime_field, 0, 21, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x73, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, +- /* x */ +- 0x00, 0x3B, 0x4C, 0x38, 0x2C, 0xE3, 0x7A, 0xA1, 0x92, 0xA4, 0x01, 0x9E, +- 0x76, 0x30, 0x36, 0xF4, 0xF5, 0xDD, 0x4D, 0x7E, 0xBB, +- /* y */ +- 0x00, 0x93, 0x8c, 0xf9, 0x35, 0x31, 0x8f, 0xdc, 0xed, 0x6b, 0xc2, 0x82, +- 0x86, 0x53, 0x17, 0x33, 0xc3, 0xf0, 0x3c, 0x4f, 0xee, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xB8, +- 0xFA, 0x16, 0xDF, 0xAB, 0x9A, 0xCA, 0x16, 0xB6, 0xB3 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 21 * 6]; +-} _EC_SECG_PRIME_160R1 = { +- { +- NID_X9_62_prime_field, 20, 21, 1 +- }, +- { +- /* seed */ +- 0x10, 0x53, 0xCD, 0xE4, 0x2C, 0x14, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, +- 0x15, 0x17, 0x53, 0x3B, 0xF3, 0xF8, 0x33, 0x45, +- /* p */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0x00, 0x1C, 0x97, 0xBE, 0xFC, 0x54, 0xBD, 0x7A, 0x8B, 0x65, 0xAC, 0xF8, +- 0x9F, 0x81, 0xD4, 0xD4, 0xAD, 0xC5, 0x65, 0xFA, 0x45, +- /* x */ +- 0x00, 0x4A, 0x96, 0xB5, 0x68, 0x8E, 0xF5, 0x73, 0x28, 0x46, 0x64, 0x69, +- 0x89, 0x68, 0xC3, 0x8B, 0xB9, 0x13, 0xCB, 0xFC, 0x82, +- /* y */ +- 0x00, 0x23, 0xa6, 0x28, 0x55, 0x31, 0x68, 0x94, 0x7d, 0x59, 0xdc, 0xc9, +- 0x12, 0x04, 0x23, 0x51, 0x37, 0x7a, 0xc5, 0xfb, 0x32, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xF4, +- 0xC8, 0xF9, 0x27, 0xAE, 0xD3, 0xCA, 0x75, 0x22, 0x57 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 21 * 6]; +-} _EC_SECG_PRIME_160R2 = { +- { +- NID_X9_62_prime_field, 20, 21, 1 +- }, +- { +- /* seed */ +- 0xB9, 0x9B, 0x99, 0xB0, 0x99, 0xB3, 0x23, 0xE0, 0x27, 0x09, 0xA4, 0xD6, +- 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x51, +- /* p */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x73, +- /* a */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x70, +- /* b */ +- 0x00, 0xB4, 0xE1, 0x34, 0xD3, 0xFB, 0x59, 0xEB, 0x8B, 0xAB, 0x57, 0x27, +- 0x49, 0x04, 0x66, 0x4D, 0x5A, 0xF5, 0x03, 0x88, 0xBA, +- /* x */ +- 0x00, 0x52, 0xDC, 0xB0, 0x34, 0x29, 0x3A, 0x11, 0x7E, 0x1F, 0x4F, 0xF1, +- 0x1B, 0x30, 0xF7, 0x19, 0x9D, 0x31, 0x44, 0xCE, 0x6D, +- /* y */ +- 0x00, 0xfe, 0xaf, 0xfe, 0xf2, 0xe3, 0x31, 0xf2, 0x96, 0xe0, 0x71, 0xfa, +- 0x0d, 0xf9, 0x98, 0x2c, 0xfe, 0xa7, 0xd4, 0x3f, 0x2e, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x35, +- 0x1E, 0xE7, 0x86, 0xA8, 0x18, 0xF3, 0xA1, 0xA1, 0x6B +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 24 * 6]; +-} _EC_SECG_PRIME_192K1 = { +- { +- NID_X9_62_prime_field, 0, 24, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xEE, 0x37, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, +- /* x */ +- 0xDB, 0x4F, 0xF1, 0x0E, 0xC0, 0x57, 0xE9, 0xAE, 0x26, 0xB0, 0x7D, 0x02, +- 0x80, 0xB7, 0xF4, 0x34, 0x1D, 0xA5, 0xD1, 0xB1, 0xEA, 0xE0, 0x6C, 0x7D, +- /* y */ +- 0x9b, 0x2f, 0x2f, 0x6d, 0x9c, 0x56, 0x28, 0xa7, 0x84, 0x41, 0x63, 0xd0, +- 0x15, 0xbe, 0x86, 0x34, 0x40, 0x82, 0xaa, 0x88, 0xd9, 0x5e, 0x2f, 0x9d, +- /* order */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, +- 0x26, 0xF2, 0xFC, 0x17, 0x0F, 0x69, 0x46, 0x6A, 0x74, 0xDE, 0xFD, 0x8D +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 29 * 6]; +-} _EC_SECG_PRIME_224K1 = { +- { +- NID_X9_62_prime_field, 0, 29, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFE, 0xFF, 0xFF, 0xE5, 0x6D, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x05, +- /* x */ +- 0x00, 0xA1, 0x45, 0x5B, 0x33, 0x4D, 0xF0, 0x99, 0xDF, 0x30, 0xFC, 0x28, +- 0xA1, 0x69, 0xA4, 0x67, 0xE9, 0xE4, 0x70, 0x75, 0xA9, 0x0F, 0x7E, 0x65, +- 0x0E, 0xB6, 0xB7, 0xA4, 0x5C, +- /* y */ +- 0x00, 0x7e, 0x08, 0x9f, 0xed, 0x7f, 0xba, 0x34, 0x42, 0x82, 0xca, 0xfb, +- 0xd6, 0xf7, 0xe3, 0x19, 0xf7, 0xc0, 0xb0, 0xbd, 0x59, 0xe2, 0xca, 0x4b, +- 0xdb, 0x55, 0x6d, 0x61, 0xa5, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x01, 0xDC, 0xE8, 0xD2, 0xEC, 0x61, 0x84, 0xCA, 0xF0, 0xA9, +- 0x71, 0x76, 0x9F, 0xB1, 0xF7 +- } +-}; +- + static const struct { + EC_CURVE_DATA h; + unsigned char data[0 + 32 * 6]; +@@ -735,2061 +235,6 @@ + } + }; + +-/* some wap/wtls curves */ +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 15 * 6]; +-} _EC_WTLS_8 = { +- { +- NID_X9_62_prime_field, 0, 15, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFD, 0xE7, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x03, +- /* x */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x01, +- /* y */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x02, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xEC, 0xEA, 0x55, 0x1A, +- 0xD8, 0x37, 0xE9 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 21 * 6]; +-} _EC_WTLS_9 = { +- { +- NID_X9_62_prime_field, 0, 21, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0x80, 0x8F, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, +- /* x */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* y */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xCD, +- 0xC9, 0x8A, 0xE0, 0xE2, 0xDE, 0x57, 0x4A, 0xBF, 0x33 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 28 * 6]; +-} _EC_WTLS_12 = { +- { +- NID_X9_62_prime_field, 0, 28, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, +- /* b */ +- 0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56, +- 0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43, +- 0x23, 0x55, 0xFF, 0xB4, +- /* x */ +- 0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9, +- 0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6, +- 0x11, 0x5C, 0x1D, 0x21, +- /* y */ +- 0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6, +- 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99, +- 0x85, 0x00, 0x7e, 0x34, +- /* order */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45, +- 0x5C, 0x5C, 0x2A, 0x3D +- } +-}; +- +-#ifndef OPENSSL_NO_EC2M +- +-/* characteristic two curves */ +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 15 * 6]; +-} _EC_SECG_CHAR2_113R1 = { +- { +- NID_X9_62_characteristic_two_field, 20, 15, 2 +- }, +- { +- /* seed */ +- 0x10, 0xE7, 0x23, 0xAB, 0x14, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, +- 0x17, 0x56, 0xFE, 0xBF, 0x8F, 0xCB, 0x49, 0xA9, +- /* p */ +- 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x02, 0x01, +- /* a */ +- 0x00, 0x30, 0x88, 0x25, 0x0C, 0xA6, 0xE7, 0xC7, 0xFE, 0x64, 0x9C, 0xE8, +- 0x58, 0x20, 0xF7, +- /* b */ +- 0x00, 0xE8, 0xBE, 0xE4, 0xD3, 0xE2, 0x26, 0x07, 0x44, 0x18, 0x8B, 0xE0, +- 0xE9, 0xC7, 0x23, +- /* x */ +- 0x00, 0x9D, 0x73, 0x61, 0x6F, 0x35, 0xF4, 0xAB, 0x14, 0x07, 0xD7, 0x35, +- 0x62, 0xC1, 0x0F, +- /* y */ +- 0x00, 0xA5, 0x28, 0x30, 0x27, 0x79, 0x58, 0xEE, 0x84, 0xD1, 0x31, 0x5E, +- 0xD3, 0x18, 0x86, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xD9, 0xCC, 0xEC, 0x8A, +- 0x39, 0xE5, 0x6F +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 15 * 6]; +-} _EC_SECG_CHAR2_113R2 = { +- { +- NID_X9_62_characteristic_two_field, 20, 15, 2 +- }, +- { +- /* seed */ +- 0x10, 0xC0, 0xFB, 0x15, 0x76, 0x08, 0x60, 0xDE, 0xF1, 0xEE, 0xF4, 0xD6, +- 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x5D, +- /* p */ +- 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x02, 0x01, +- /* a */ +- 0x00, 0x68, 0x99, 0x18, 0xDB, 0xEC, 0x7E, 0x5A, 0x0D, 0xD6, 0xDF, 0xC0, +- 0xAA, 0x55, 0xC7, +- /* b */ +- 0x00, 0x95, 0xE9, 0xA9, 0xEC, 0x9B, 0x29, 0x7B, 0xD4, 0xBF, 0x36, 0xE0, +- 0x59, 0x18, 0x4F, +- /* x */ +- 0x01, 0xA5, 0x7A, 0x6A, 0x7B, 0x26, 0xCA, 0x5E, 0xF5, 0x2F, 0xCD, 0xB8, +- 0x16, 0x47, 0x97, +- /* y */ +- 0x00, 0xB3, 0xAD, 0xC9, 0x4E, 0xD1, 0xFE, 0x67, 0x4C, 0x06, 0xE6, 0x95, +- 0xBA, 0xBA, 0x1D, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x08, 0x78, 0x9B, 0x24, +- 0x96, 0xAF, 0x93 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 17 * 6]; +-} _EC_SECG_CHAR2_131R1 = { +- { +- NID_X9_62_characteristic_two_field, 20, 17, 2 +- }, +- { +- /* seed */ +- 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, 0x98, 0x5B, 0xD3, +- 0xAD, 0xBA, 0xDA, 0x21, 0xB4, 0x3A, 0x97, 0xE2, +- /* p */ +- 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x01, 0x0D, +- /* a */ +- 0x07, 0xA1, 0x1B, 0x09, 0xA7, 0x6B, 0x56, 0x21, 0x44, 0x41, 0x8F, 0xF3, +- 0xFF, 0x8C, 0x25, 0x70, 0xB8, +- /* b */ +- 0x02, 0x17, 0xC0, 0x56, 0x10, 0x88, 0x4B, 0x63, 0xB9, 0xC6, 0xC7, 0x29, +- 0x16, 0x78, 0xF9, 0xD3, 0x41, +- /* x */ +- 0x00, 0x81, 0xBA, 0xF9, 0x1F, 0xDF, 0x98, 0x33, 0xC4, 0x0F, 0x9C, 0x18, +- 0x13, 0x43, 0x63, 0x83, 0x99, +- /* y */ +- 0x07, 0x8C, 0x6E, 0x7E, 0xA3, 0x8C, 0x00, 0x1F, 0x73, 0xC8, 0x13, 0x4B, +- 0x1B, 0x4E, 0xF9, 0xE1, 0x50, +- /* order */ +- 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x31, 0x23, 0x95, +- 0x3A, 0x94, 0x64, 0xB5, 0x4D +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 17 * 6]; +-} _EC_SECG_CHAR2_131R2 = { +- { +- NID_X9_62_characteristic_two_field, 20, 17, 2 +- }, +- { +- /* seed */ +- 0x98, 0x5B, 0xD3, 0xAD, 0xBA, 0xD4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, +- 0x15, 0x17, 0x5A, 0x21, 0xB4, 0x3A, 0x97, 0xE3, +- /* p */ +- 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x01, 0x0D, +- /* a */ +- 0x03, 0xE5, 0xA8, 0x89, 0x19, 0xD7, 0xCA, 0xFC, 0xBF, 0x41, 0x5F, 0x07, +- 0xC2, 0x17, 0x65, 0x73, 0xB2, +- /* b */ +- 0x04, 0xB8, 0x26, 0x6A, 0x46, 0xC5, 0x56, 0x57, 0xAC, 0x73, 0x4C, 0xE3, +- 0x8F, 0x01, 0x8F, 0x21, 0x92, +- /* x */ +- 0x03, 0x56, 0xDC, 0xD8, 0xF2, 0xF9, 0x50, 0x31, 0xAD, 0x65, 0x2D, 0x23, +- 0x95, 0x1B, 0xB3, 0x66, 0xA8, +- /* y */ +- 0x06, 0x48, 0xF0, 0x6D, 0x86, 0x79, 0x40, 0xA5, 0x36, 0x6D, 0x9E, 0x26, +- 0x5D, 0xE9, 0xEB, 0x24, 0x0F, +- /* order */ +- 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x69, 0x54, 0xA2, +- 0x33, 0x04, 0x9B, 0xA9, 0x8F +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 21 * 6]; +-} _EC_NIST_CHAR2_163K = { +- { +- NID_X9_62_characteristic_two_field, 0, 21, 2 +- }, +- { +- /* no seed */ +- /* p */ +- 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC9, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* x */ +- 0x02, 0xFE, 0x13, 0xC0, 0x53, 0x7B, 0xBC, 0x11, 0xAC, 0xAA, 0x07, 0xD7, +- 0x93, 0xDE, 0x4E, 0x6D, 0x5E, 0x5C, 0x94, 0xEE, 0xE8, +- /* y */ +- 0x02, 0x89, 0x07, 0x0F, 0xB0, 0x5D, 0x38, 0xFF, 0x58, 0x32, 0x1F, 0x2E, +- 0x80, 0x05, 0x36, 0xD5, 0x38, 0xCC, 0xDA, 0xA3, 0xD9, +- /* order */ +- 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01, +- 0x08, 0xA2, 0xE0, 0xCC, 0x0D, 0x99, 0xF8, 0xA5, 0xEF +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 21 * 6]; +-} _EC_SECG_CHAR2_163R1 = { +- { +- NID_X9_62_characteristic_two_field, 0, 21, 2 +- }, +- { +- /* p */ +- 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC9, +- /* a */ +- 0x07, 0xB6, 0x88, 0x2C, 0xAA, 0xEF, 0xA8, 0x4F, 0x95, 0x54, 0xFF, 0x84, +- 0x28, 0xBD, 0x88, 0xE2, 0x46, 0xD2, 0x78, 0x2A, 0xE2, +- /* b */ +- 0x07, 0x13, 0x61, 0x2D, 0xCD, 0xDC, 0xB4, 0x0A, 0xAB, 0x94, 0x6B, 0xDA, +- 0x29, 0xCA, 0x91, 0xF7, 0x3A, 0xF9, 0x58, 0xAF, 0xD9, +- /* x */ +- 0x03, 0x69, 0x97, 0x96, 0x97, 0xAB, 0x43, 0x89, 0x77, 0x89, 0x56, 0x67, +- 0x89, 0x56, 0x7F, 0x78, 0x7A, 0x78, 0x76, 0xA6, 0x54, +- /* y */ +- 0x00, 0x43, 0x5E, 0xDB, 0x42, 0xEF, 0xAF, 0xB2, 0x98, 0x9D, 0x51, 0xFE, +- 0xFC, 0xE3, 0xC8, 0x09, 0x88, 0xF4, 0x1F, 0xF8, 0x83, +- /* order */ +- 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x48, +- 0xAA, 0xB6, 0x89, 0xC2, 0x9C, 0xA7, 0x10, 0x27, 0x9B +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 21 * 6]; +-} _EC_NIST_CHAR2_163B = { +- { +- NID_X9_62_characteristic_two_field, 0, 21, 2 +- }, +- { +- /* p */ +- 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC9, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* b */ +- 0x02, 0x0A, 0x60, 0x19, 0x07, 0xB8, 0xC9, 0x53, 0xCA, 0x14, 0x81, 0xEB, +- 0x10, 0x51, 0x2F, 0x78, 0x74, 0x4A, 0x32, 0x05, 0xFD, +- /* x */ +- 0x03, 0xF0, 0xEB, 0xA1, 0x62, 0x86, 0xA2, 0xD5, 0x7E, 0xA0, 0x99, 0x11, +- 0x68, 0xD4, 0x99, 0x46, 0x37, 0xE8, 0x34, 0x3E, 0x36, +- /* y */ +- 0x00, 0xD5, 0x1F, 0xBC, 0x6C, 0x71, 0xA0, 0x09, 0x4F, 0xA2, 0xCD, 0xD5, +- 0x45, 0xB1, 0x1C, 0x5C, 0x0C, 0x79, 0x73, 0x24, 0xF1, +- /* order */ +- 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x92, +- 0xFE, 0x77, 0xE7, 0x0C, 0x12, 0xA4, 0x23, 0x4C, 0x33 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 25 * 6]; +-} _EC_SECG_CHAR2_193R1 = { +- { +- NID_X9_62_characteristic_two_field, 20, 25, 2 +- }, +- { +- /* seed */ +- 0x10, 0x3F, 0xAE, 0xC7, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, +- 0x75, 0x77, 0x7F, 0xC5, 0xB1, 0x91, 0xEF, 0x30, +- /* p */ +- 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, +- 0x01, +- /* a */ +- 0x00, 0x17, 0x85, 0x8F, 0xEB, 0x7A, 0x98, 0x97, 0x51, 0x69, 0xE1, 0x71, +- 0xF7, 0x7B, 0x40, 0x87, 0xDE, 0x09, 0x8A, 0xC8, 0xA9, 0x11, 0xDF, 0x7B, +- 0x01, +- /* b */ +- 0x00, 0xFD, 0xFB, 0x49, 0xBF, 0xE6, 0xC3, 0xA8, 0x9F, 0xAC, 0xAD, 0xAA, +- 0x7A, 0x1E, 0x5B, 0xBC, 0x7C, 0xC1, 0xC2, 0xE5, 0xD8, 0x31, 0x47, 0x88, +- 0x14, +- /* x */ +- 0x01, 0xF4, 0x81, 0xBC, 0x5F, 0x0F, 0xF8, 0x4A, 0x74, 0xAD, 0x6C, 0xDF, +- 0x6F, 0xDE, 0xF4, 0xBF, 0x61, 0x79, 0x62, 0x53, 0x72, 0xD8, 0xC0, 0xC5, +- 0xE1, +- /* y */ +- 0x00, 0x25, 0xE3, 0x99, 0xF2, 0x90, 0x37, 0x12, 0xCC, 0xF3, 0xEA, 0x9E, +- 0x3A, 0x1A, 0xD1, 0x7F, 0xB0, 0xB3, 0x20, 0x1B, 0x6A, 0xF7, 0xCE, 0x1B, +- 0x05, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0xC7, 0xF3, 0x4A, 0x77, 0x8F, 0x44, 0x3A, 0xCC, 0x92, 0x0E, 0xBA, +- 0x49 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 25 * 6]; +-} _EC_SECG_CHAR2_193R2 = { +- { +- NID_X9_62_characteristic_two_field, 20, 25, 2 +- }, +- { +- /* seed */ +- 0x10, 0xB7, 0xB4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x51, +- 0x37, 0xC8, 0xA1, 0x6F, 0xD0, 0xDA, 0x22, 0x11, +- /* p */ +- 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, +- 0x01, +- /* a */ +- 0x01, 0x63, 0xF3, 0x5A, 0x51, 0x37, 0xC2, 0xCE, 0x3E, 0xA6, 0xED, 0x86, +- 0x67, 0x19, 0x0B, 0x0B, 0xC4, 0x3E, 0xCD, 0x69, 0x97, 0x77, 0x02, 0x70, +- 0x9B, +- /* b */ +- 0x00, 0xC9, 0xBB, 0x9E, 0x89, 0x27, 0xD4, 0xD6, 0x4C, 0x37, 0x7E, 0x2A, +- 0xB2, 0x85, 0x6A, 0x5B, 0x16, 0xE3, 0xEF, 0xB7, 0xF6, 0x1D, 0x43, 0x16, +- 0xAE, +- /* x */ +- 0x00, 0xD9, 0xB6, 0x7D, 0x19, 0x2E, 0x03, 0x67, 0xC8, 0x03, 0xF3, 0x9E, +- 0x1A, 0x7E, 0x82, 0xCA, 0x14, 0xA6, 0x51, 0x35, 0x0A, 0xAE, 0x61, 0x7E, +- 0x8F, +- /* y */ +- 0x01, 0xCE, 0x94, 0x33, 0x56, 0x07, 0xC3, 0x04, 0xAC, 0x29, 0xE7, 0xDE, +- 0xFB, 0xD9, 0xCA, 0x01, 0xF5, 0x96, 0xF9, 0x27, 0x22, 0x4C, 0xDE, 0xCF, +- 0x6C, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x01, 0x5A, 0xAB, 0x56, 0x1B, 0x00, 0x54, 0x13, 0xCC, 0xD4, 0xEE, 0x99, +- 0xD5 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 30 * 6]; +-} _EC_NIST_CHAR2_233K = { +- { +- NID_X9_62_characteristic_two_field, 0, 30, 4 +- }, +- { +- /* no seed */ +- 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* x */ +- 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2, +- 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C, +- 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26, +- /* y */ +- 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A, +- 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0, +- 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3, +- /* order */ +- 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB, +- 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 30 * 6]; +-} _EC_NIST_CHAR2_233B = { +- { +- NID_X9_62_characteristic_two_field, 20, 30, 2 +- }, +- { +- /* seed */ +- 0x74, 0xD5, 0x9F, 0xF0, 0x7F, 0x6B, 0x41, 0x3D, 0x0E, 0xA1, 0x4B, 0x34, +- 0x4B, 0x20, 0xA2, 0xDB, 0x04, 0x9B, 0x50, 0xC3, +- /* p */ +- 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* b */ +- 0x00, 0x66, 0x64, 0x7E, 0xDE, 0x6C, 0x33, 0x2C, 0x7F, 0x8C, 0x09, 0x23, +- 0xBB, 0x58, 0x21, 0x3B, 0x33, 0x3B, 0x20, 0xE9, 0xCE, 0x42, 0x81, 0xFE, +- 0x11, 0x5F, 0x7D, 0x8F, 0x90, 0xAD, +- /* x */ +- 0x00, 0xFA, 0xC9, 0xDF, 0xCB, 0xAC, 0x83, 0x13, 0xBB, 0x21, 0x39, 0xF1, +- 0xBB, 0x75, 0x5F, 0xEF, 0x65, 0xBC, 0x39, 0x1F, 0x8B, 0x36, 0xF8, 0xF8, +- 0xEB, 0x73, 0x71, 0xFD, 0x55, 0x8B, +- /* y */ +- 0x01, 0x00, 0x6A, 0x08, 0xA4, 0x19, 0x03, 0x35, 0x06, 0x78, 0xE5, 0x85, +- 0x28, 0xBE, 0xBF, 0x8A, 0x0B, 0xEF, 0xF8, 0x67, 0xA7, 0xCA, 0x36, 0x71, +- 0x6F, 0x7E, 0x01, 0xF8, 0x10, 0x52, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x13, 0xE9, 0x74, 0xE7, 0x2F, 0x8A, 0x69, 0x22, 0x03, +- 0x1D, 0x26, 0x03, 0xCF, 0xE0, 0xD7 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 30 * 6]; +-} _EC_SECG_CHAR2_239K1 = { +- { +- NID_X9_62_characteristic_two_field, 0, 30, 4 +- }, +- { +- /* no seed */ +- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* x */ +- 0x29, 0xA0, 0xB6, 0xA8, 0x87, 0xA9, 0x83, 0xE9, 0x73, 0x09, 0x88, 0xA6, +- 0x87, 0x27, 0xA8, 0xB2, 0xD1, 0x26, 0xC4, 0x4C, 0xC2, 0xCC, 0x7B, 0x2A, +- 0x65, 0x55, 0x19, 0x30, 0x35, 0xDC, +- /* y */ +- 0x76, 0x31, 0x08, 0x04, 0xF1, 0x2E, 0x54, 0x9B, 0xDB, 0x01, 0x1C, 0x10, +- 0x30, 0x89, 0xE7, 0x35, 0x10, 0xAC, 0xB2, 0x75, 0xFC, 0x31, 0x2A, 0x5D, +- 0xC6, 0xB7, 0x65, 0x53, 0xF0, 0xCA, +- /* order */ +- 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x5A, 0x79, 0xFE, 0xC6, 0x7C, 0xB6, 0xE9, 0x1F, 0x1C, +- 0x1D, 0xA8, 0x00, 0xE4, 0x78, 0xA5 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 36 * 6]; +-} _EC_NIST_CHAR2_283K = { +- { +- NID_X9_62_characteristic_two_field, 0, 36, 4 +- }, +- { +- /* no seed */ +- 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0xA1, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* x */ +- 0x05, 0x03, 0x21, 0x3F, 0x78, 0xCA, 0x44, 0x88, 0x3F, 0x1A, 0x3B, 0x81, +- 0x62, 0xF1, 0x88, 0xE5, 0x53, 0xCD, 0x26, 0x5F, 0x23, 0xC1, 0x56, 0x7A, +- 0x16, 0x87, 0x69, 0x13, 0xB0, 0xC2, 0xAC, 0x24, 0x58, 0x49, 0x28, 0x36, +- /* y */ +- 0x01, 0xCC, 0xDA, 0x38, 0x0F, 0x1C, 0x9E, 0x31, 0x8D, 0x90, 0xF9, 0x5D, +- 0x07, 0xE5, 0x42, 0x6F, 0xE8, 0x7E, 0x45, 0xC0, 0xE8, 0x18, 0x46, 0x98, +- 0xE4, 0x59, 0x62, 0x36, 0x4E, 0x34, 0x11, 0x61, 0x77, 0xDD, 0x22, 0x59, +- /* order */ +- 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xE9, 0xAE, 0x2E, 0xD0, 0x75, 0x77, +- 0x26, 0x5D, 0xFF, 0x7F, 0x94, 0x45, 0x1E, 0x06, 0x1E, 0x16, 0x3C, 0x61 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 36 * 6]; +-} _EC_NIST_CHAR2_283B = { +- { +- NID_X9_62_characteristic_two_field, 20, 36, 2 +- }, +- { +- /* no seed */ +- 0x77, 0xE2, 0xB0, 0x73, 0x70, 0xEB, 0x0F, 0x83, 0x2A, 0x6D, 0xD5, 0xB6, +- 0x2D, 0xFC, 0x88, 0xCD, 0x06, 0xBB, 0x84, 0xBE, +- /* p */ +- 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0xA1, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* b */ +- 0x02, 0x7B, 0x68, 0x0A, 0xC8, 0xB8, 0x59, 0x6D, 0xA5, 0xA4, 0xAF, 0x8A, +- 0x19, 0xA0, 0x30, 0x3F, 0xCA, 0x97, 0xFD, 0x76, 0x45, 0x30, 0x9F, 0xA2, +- 0xA5, 0x81, 0x48, 0x5A, 0xF6, 0x26, 0x3E, 0x31, 0x3B, 0x79, 0xA2, 0xF5, +- /* x */ +- 0x05, 0xF9, 0x39, 0x25, 0x8D, 0xB7, 0xDD, 0x90, 0xE1, 0x93, 0x4F, 0x8C, +- 0x70, 0xB0, 0xDF, 0xEC, 0x2E, 0xED, 0x25, 0xB8, 0x55, 0x7E, 0xAC, 0x9C, +- 0x80, 0xE2, 0xE1, 0x98, 0xF8, 0xCD, 0xBE, 0xCD, 0x86, 0xB1, 0x20, 0x53, +- /* y */ +- 0x03, 0x67, 0x68, 0x54, 0xFE, 0x24, 0x14, 0x1C, 0xB9, 0x8F, 0xE6, 0xD4, +- 0xB2, 0x0D, 0x02, 0xB4, 0x51, 0x6F, 0xF7, 0x02, 0x35, 0x0E, 0xDD, 0xB0, +- 0x82, 0x67, 0x79, 0xC8, 0x13, 0xF0, 0xDF, 0x45, 0xBE, 0x81, 0x12, 0xF4, +- /* order */ +- 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xEF, 0x90, 0x39, 0x96, 0x60, 0xFC, +- 0x93, 0x8A, 0x90, 0x16, 0x5B, 0x04, 0x2A, 0x7C, 0xEF, 0xAD, 0xB3, 0x07 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 52 * 6]; +-} _EC_NIST_CHAR2_409K = { +- { +- NID_X9_62_characteristic_two_field, 0, 52, 4 +- }, +- { +- /* no seed */ +- /* p */ +- 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x01, +- /* x */ +- 0x00, 0x60, 0xF0, 0x5F, 0x65, 0x8F, 0x49, 0xC1, 0xAD, 0x3A, 0xB1, 0x89, +- 0x0F, 0x71, 0x84, 0x21, 0x0E, 0xFD, 0x09, 0x87, 0xE3, 0x07, 0xC8, 0x4C, +- 0x27, 0xAC, 0xCF, 0xB8, 0xF9, 0xF6, 0x7C, 0xC2, 0xC4, 0x60, 0x18, 0x9E, +- 0xB5, 0xAA, 0xAA, 0x62, 0xEE, 0x22, 0x2E, 0xB1, 0xB3, 0x55, 0x40, 0xCF, +- 0xE9, 0x02, 0x37, 0x46, +- /* y */ +- 0x01, 0xE3, 0x69, 0x05, 0x0B, 0x7C, 0x4E, 0x42, 0xAC, 0xBA, 0x1D, 0xAC, +- 0xBF, 0x04, 0x29, 0x9C, 0x34, 0x60, 0x78, 0x2F, 0x91, 0x8E, 0xA4, 0x27, +- 0xE6, 0x32, 0x51, 0x65, 0xE9, 0xEA, 0x10, 0xE3, 0xDA, 0x5F, 0x6C, 0x42, +- 0xE9, 0xC5, 0x52, 0x15, 0xAA, 0x9C, 0xA2, 0x7A, 0x58, 0x63, 0xEC, 0x48, +- 0xD8, 0xE0, 0x28, 0x6B, +- /* order */ +- 0x00, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFE, 0x5F, 0x83, 0xB2, 0xD4, 0xEA, 0x20, 0x40, 0x0E, 0xC4, +- 0x55, 0x7D, 0x5E, 0xD3, 0xE3, 0xE7, 0xCA, 0x5B, 0x4B, 0x5C, 0x83, 0xB8, +- 0xE0, 0x1E, 0x5F, 0xCF +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 52 * 6]; +-} _EC_NIST_CHAR2_409B = { +- { +- NID_X9_62_characteristic_two_field, 20, 52, 2 +- }, +- { +- /* seed */ +- 0x40, 0x99, 0xB5, 0xA4, 0x57, 0xF9, 0xD6, 0x9F, 0x79, 0x21, 0x3D, 0x09, +- 0x4C, 0x4B, 0xCD, 0x4D, 0x42, 0x62, 0x21, 0x0B, +- /* p */ +- 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x01, +- /* b */ +- 0x00, 0x21, 0xA5, 0xC2, 0xC8, 0xEE, 0x9F, 0xEB, 0x5C, 0x4B, 0x9A, 0x75, +- 0x3B, 0x7B, 0x47, 0x6B, 0x7F, 0xD6, 0x42, 0x2E, 0xF1, 0xF3, 0xDD, 0x67, +- 0x47, 0x61, 0xFA, 0x99, 0xD6, 0xAC, 0x27, 0xC8, 0xA9, 0xA1, 0x97, 0xB2, +- 0x72, 0x82, 0x2F, 0x6C, 0xD5, 0x7A, 0x55, 0xAA, 0x4F, 0x50, 0xAE, 0x31, +- 0x7B, 0x13, 0x54, 0x5F, +- /* x */ +- 0x01, 0x5D, 0x48, 0x60, 0xD0, 0x88, 0xDD, 0xB3, 0x49, 0x6B, 0x0C, 0x60, +- 0x64, 0x75, 0x62, 0x60, 0x44, 0x1C, 0xDE, 0x4A, 0xF1, 0x77, 0x1D, 0x4D, +- 0xB0, 0x1F, 0xFE, 0x5B, 0x34, 0xE5, 0x97, 0x03, 0xDC, 0x25, 0x5A, 0x86, +- 0x8A, 0x11, 0x80, 0x51, 0x56, 0x03, 0xAE, 0xAB, 0x60, 0x79, 0x4E, 0x54, +- 0xBB, 0x79, 0x96, 0xA7, +- /* y */ +- 0x00, 0x61, 0xB1, 0xCF, 0xAB, 0x6B, 0xE5, 0xF3, 0x2B, 0xBF, 0xA7, 0x83, +- 0x24, 0xED, 0x10, 0x6A, 0x76, 0x36, 0xB9, 0xC5, 0xA7, 0xBD, 0x19, 0x8D, +- 0x01, 0x58, 0xAA, 0x4F, 0x54, 0x88, 0xD0, 0x8F, 0x38, 0x51, 0x4F, 0x1F, +- 0xDF, 0x4B, 0x4F, 0x40, 0xD2, 0x18, 0x1B, 0x36, 0x81, 0xC3, 0x64, 0xBA, +- 0x02, 0x73, 0xC7, 0x06, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x01, 0xE2, 0xAA, 0xD6, 0xA6, 0x12, 0xF3, 0x33, 0x07, 0xBE, +- 0x5F, 0xA4, 0x7C, 0x3C, 0x9E, 0x05, 0x2F, 0x83, 0x81, 0x64, 0xCD, 0x37, +- 0xD9, 0xA2, 0x11, 0x73 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 72 * 6]; +-} _EC_NIST_CHAR2_571K = { +- { +- NID_X9_62_characteristic_two_field, 0, 72, 4 +- }, +- { +- /* no seed */ +- /* p */ +- 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x25, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* x */ +- 0x02, 0x6E, 0xB7, 0xA8, 0x59, 0x92, 0x3F, 0xBC, 0x82, 0x18, 0x96, 0x31, +- 0xF8, 0x10, 0x3F, 0xE4, 0xAC, 0x9C, 0xA2, 0x97, 0x00, 0x12, 0xD5, 0xD4, +- 0x60, 0x24, 0x80, 0x48, 0x01, 0x84, 0x1C, 0xA4, 0x43, 0x70, 0x95, 0x84, +- 0x93, 0xB2, 0x05, 0xE6, 0x47, 0xDA, 0x30, 0x4D, 0xB4, 0xCE, 0xB0, 0x8C, +- 0xBB, 0xD1, 0xBA, 0x39, 0x49, 0x47, 0x76, 0xFB, 0x98, 0x8B, 0x47, 0x17, +- 0x4D, 0xCA, 0x88, 0xC7, 0xE2, 0x94, 0x52, 0x83, 0xA0, 0x1C, 0x89, 0x72, +- /* y */ +- 0x03, 0x49, 0xDC, 0x80, 0x7F, 0x4F, 0xBF, 0x37, 0x4F, 0x4A, 0xEA, 0xDE, +- 0x3B, 0xCA, 0x95, 0x31, 0x4D, 0xD5, 0x8C, 0xEC, 0x9F, 0x30, 0x7A, 0x54, +- 0xFF, 0xC6, 0x1E, 0xFC, 0x00, 0x6D, 0x8A, 0x2C, 0x9D, 0x49, 0x79, 0xC0, +- 0xAC, 0x44, 0xAE, 0xA7, 0x4F, 0xBE, 0xBB, 0xB9, 0xF7, 0x72, 0xAE, 0xDC, +- 0xB6, 0x20, 0xB0, 0x1A, 0x7B, 0xA7, 0xAF, 0x1B, 0x32, 0x04, 0x30, 0xC8, +- 0x59, 0x19, 0x84, 0xF6, 0x01, 0xCD, 0x4C, 0x14, 0x3E, 0xF1, 0xC7, 0xA3, +- /* order */ +- 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x13, 0x18, 0x50, 0xE1, 0xF1, 0x9A, 0x63, 0xE4, 0xB3, 0x91, 0xA8, 0xDB, +- 0x91, 0x7F, 0x41, 0x38, 0xB6, 0x30, 0xD8, 0x4B, 0xE5, 0xD6, 0x39, 0x38, +- 0x1E, 0x91, 0xDE, 0xB4, 0x5C, 0xFE, 0x77, 0x8F, 0x63, 0x7C, 0x10, 0x01 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 72 * 6]; +-} _EC_NIST_CHAR2_571B = { +- { +- NID_X9_62_characteristic_two_field, 20, 72, 2 +- }, +- { +- /* seed */ +- 0x2A, 0xA0, 0x58, 0xF7, 0x3A, 0x0E, 0x33, 0xAB, 0x48, 0x6B, 0x0F, 0x61, +- 0x04, 0x10, 0xC5, 0x3A, 0x7F, 0x13, 0x23, 0x10, +- /* p */ +- 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x25, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* b */ +- 0x02, 0xF4, 0x0E, 0x7E, 0x22, 0x21, 0xF2, 0x95, 0xDE, 0x29, 0x71, 0x17, +- 0xB7, 0xF3, 0xD6, 0x2F, 0x5C, 0x6A, 0x97, 0xFF, 0xCB, 0x8C, 0xEF, 0xF1, +- 0xCD, 0x6B, 0xA8, 0xCE, 0x4A, 0x9A, 0x18, 0xAD, 0x84, 0xFF, 0xAB, 0xBD, +- 0x8E, 0xFA, 0x59, 0x33, 0x2B, 0xE7, 0xAD, 0x67, 0x56, 0xA6, 0x6E, 0x29, +- 0x4A, 0xFD, 0x18, 0x5A, 0x78, 0xFF, 0x12, 0xAA, 0x52, 0x0E, 0x4D, 0xE7, +- 0x39, 0xBA, 0xCA, 0x0C, 0x7F, 0xFE, 0xFF, 0x7F, 0x29, 0x55, 0x72, 0x7A, +- /* x */ +- 0x03, 0x03, 0x00, 0x1D, 0x34, 0xB8, 0x56, 0x29, 0x6C, 0x16, 0xC0, 0xD4, +- 0x0D, 0x3C, 0xD7, 0x75, 0x0A, 0x93, 0xD1, 0xD2, 0x95, 0x5F, 0xA8, 0x0A, +- 0xA5, 0xF4, 0x0F, 0xC8, 0xDB, 0x7B, 0x2A, 0xBD, 0xBD, 0xE5, 0x39, 0x50, +- 0xF4, 0xC0, 0xD2, 0x93, 0xCD, 0xD7, 0x11, 0xA3, 0x5B, 0x67, 0xFB, 0x14, +- 0x99, 0xAE, 0x60, 0x03, 0x86, 0x14, 0xF1, 0x39, 0x4A, 0xBF, 0xA3, 0xB4, +- 0xC8, 0x50, 0xD9, 0x27, 0xE1, 0xE7, 0x76, 0x9C, 0x8E, 0xEC, 0x2D, 0x19, +- /* y */ +- 0x03, 0x7B, 0xF2, 0x73, 0x42, 0xDA, 0x63, 0x9B, 0x6D, 0xCC, 0xFF, 0xFE, +- 0xB7, 0x3D, 0x69, 0xD7, 0x8C, 0x6C, 0x27, 0xA6, 0x00, 0x9C, 0xBB, 0xCA, +- 0x19, 0x80, 0xF8, 0x53, 0x39, 0x21, 0xE8, 0xA6, 0x84, 0x42, 0x3E, 0x43, +- 0xBA, 0xB0, 0x8A, 0x57, 0x62, 0x91, 0xAF, 0x8F, 0x46, 0x1B, 0xB2, 0xA8, +- 0xB3, 0x53, 0x1D, 0x2F, 0x04, 0x85, 0xC1, 0x9B, 0x16, 0xE2, 0xF1, 0x51, +- 0x6E, 0x23, 0xDD, 0x3C, 0x1A, 0x48, 0x27, 0xAF, 0x1B, 0x8A, 0xC1, 0x5B, +- /* order */ +- 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xE6, 0x61, 0xCE, 0x18, 0xFF, 0x55, 0x98, 0x73, 0x08, 0x05, 0x9B, 0x18, +- 0x68, 0x23, 0x85, 0x1E, 0xC7, 0xDD, 0x9C, 0xA1, 0x16, 0x1D, 0xE9, 0x3D, +- 0x51, 0x74, 0xD6, 0x6E, 0x83, 0x82, 0xE9, 0xBB, 0x2F, 0xE8, 0x4E, 0x47 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 21 * 6]; +-} _EC_X9_62_CHAR2_163V1 = { +- { +- NID_X9_62_characteristic_two_field, 20, 21, 2 +- }, +- { +- /* seed */ +- 0xD2, 0xC0, 0xFB, 0x15, 0x76, 0x08, 0x60, 0xDE, 0xF1, 0xEE, 0xF4, 0xD6, +- 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x54, +- /* p */ +- 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x07, +- /* a */ +- 0x07, 0x25, 0x46, 0xB5, 0x43, 0x52, 0x34, 0xA4, 0x22, 0xE0, 0x78, 0x96, +- 0x75, 0xF4, 0x32, 0xC8, 0x94, 0x35, 0xDE, 0x52, 0x42, +- /* b */ +- 0x00, 0xC9, 0x51, 0x7D, 0x06, 0xD5, 0x24, 0x0D, 0x3C, 0xFF, 0x38, 0xC7, +- 0x4B, 0x20, 0xB6, 0xCD, 0x4D, 0x6F, 0x9D, 0xD4, 0xD9, +- /* x */ +- 0x07, 0xAF, 0x69, 0x98, 0x95, 0x46, 0x10, 0x3D, 0x79, 0x32, 0x9F, 0xCC, +- 0x3D, 0x74, 0x88, 0x0F, 0x33, 0xBB, 0xE8, 0x03, 0xCB, +- /* y */ +- 0x01, 0xEC, 0x23, 0x21, 0x1B, 0x59, 0x66, 0xAD, 0xEA, 0x1D, 0x3F, 0x87, +- 0xF7, 0xEA, 0x58, 0x48, 0xAE, 0xF0, 0xB7, 0xCA, 0x9F, +- /* order */ +- 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xE6, +- 0x0F, 0xC8, 0x82, 0x1C, 0xC7, 0x4D, 0xAE, 0xAF, 0xC1 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 21 * 6]; +-} _EC_X9_62_CHAR2_163V2 = { +- { +- NID_X9_62_characteristic_two_field, 20, 21, 2 +- }, +- { +- /* seed */ +- 0x53, 0x81, 0x4C, 0x05, 0x0D, 0x44, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, +- 0x15, 0x17, 0x58, 0x0C, 0xA4, 0xE2, 0x9F, 0xFD, +- /* p */ +- 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x07, +- /* a */ +- 0x01, 0x08, 0xB3, 0x9E, 0x77, 0xC4, 0xB1, 0x08, 0xBE, 0xD9, 0x81, 0xED, +- 0x0E, 0x89, 0x0E, 0x11, 0x7C, 0x51, 0x1C, 0xF0, 0x72, +- /* b */ +- 0x06, 0x67, 0xAC, 0xEB, 0x38, 0xAF, 0x4E, 0x48, 0x8C, 0x40, 0x74, 0x33, +- 0xFF, 0xAE, 0x4F, 0x1C, 0x81, 0x16, 0x38, 0xDF, 0x20, +- /* x */ +- 0x00, 0x24, 0x26, 0x6E, 0x4E, 0xB5, 0x10, 0x6D, 0x0A, 0x96, 0x4D, 0x92, +- 0xC4, 0x86, 0x0E, 0x26, 0x71, 0xDB, 0x9B, 0x6C, 0xC5, +- /* y */ +- 0x07, 0x9F, 0x68, 0x4D, 0xDF, 0x66, 0x84, 0xC5, 0xCD, 0x25, 0x8B, 0x38, +- 0x90, 0x02, 0x1B, 0x23, 0x86, 0xDF, 0xD1, 0x9F, 0xC5, +- /* order */ +- 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFD, 0xF6, +- 0x4D, 0xE1, 0x15, 0x1A, 0xDB, 0xB7, 0x8F, 0x10, 0xA7 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 21 * 6]; +-} _EC_X9_62_CHAR2_163V3 = { +- { +- NID_X9_62_characteristic_two_field, 20, 21, 2 +- }, +- { +- /* seed */ +- 0x50, 0xCB, 0xF1, 0xD9, 0x5C, 0xA9, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, +- 0x61, 0x51, 0x75, 0xF1, 0x6A, 0x36, 0xA3, 0xB8, +- /* p */ +- 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x07, +- /* a */ +- 0x07, 0xA5, 0x26, 0xC6, 0x3D, 0x3E, 0x25, 0xA2, 0x56, 0xA0, 0x07, 0x69, +- 0x9F, 0x54, 0x47, 0xE3, 0x2A, 0xE4, 0x56, 0xB5, 0x0E, +- /* b */ +- 0x03, 0xF7, 0x06, 0x17, 0x98, 0xEB, 0x99, 0xE2, 0x38, 0xFD, 0x6F, 0x1B, +- 0xF9, 0x5B, 0x48, 0xFE, 0xEB, 0x48, 0x54, 0x25, 0x2B, +- /* x */ +- 0x02, 0xF9, 0xF8, 0x7B, 0x7C, 0x57, 0x4D, 0x0B, 0xDE, 0xCF, 0x8A, 0x22, +- 0xE6, 0x52, 0x47, 0x75, 0xF9, 0x8C, 0xDE, 0xBD, 0xCB, +- /* y */ +- 0x05, 0xB9, 0x35, 0x59, 0x0C, 0x15, 0x5E, 0x17, 0xEA, 0x48, 0xEB, 0x3F, +- 0xF3, 0x71, 0x8B, 0x89, 0x3D, 0xF5, 0x9A, 0x05, 0xD0, +- /* order */ +- 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0x1A, +- 0xEE, 0x14, 0x0F, 0x11, 0x0A, 0xFF, 0x96, 0x13, 0x09 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 23 * 6]; +-} _EC_X9_62_CHAR2_176V1 = { +- { +- NID_X9_62_characteristic_two_field, 0, 23, 0xFF6E +- }, +- { +- /* no seed */ +- /* p */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x07, +- /* a */ +- 0x00, 0xE4, 0xE6, 0xDB, 0x29, 0x95, 0x06, 0x5C, 0x40, 0x7D, 0x9D, 0x39, +- 0xB8, 0xD0, 0x96, 0x7B, 0x96, 0x70, 0x4B, 0xA8, 0xE9, 0xC9, 0x0B, +- /* b */ +- 0x00, 0x5D, 0xDA, 0x47, 0x0A, 0xBE, 0x64, 0x14, 0xDE, 0x8E, 0xC1, 0x33, +- 0xAE, 0x28, 0xE9, 0xBB, 0xD7, 0xFC, 0xEC, 0x0A, 0xE0, 0xFF, 0xF2, +- /* x */ +- 0x00, 0x8D, 0x16, 0xC2, 0x86, 0x67, 0x98, 0xB6, 0x00, 0xF9, 0xF0, 0x8B, +- 0xB4, 0xA8, 0xE8, 0x60, 0xF3, 0x29, 0x8C, 0xE0, 0x4A, 0x57, 0x98, +- /* y */ +- 0x00, 0x6F, 0xA4, 0x53, 0x9C, 0x2D, 0xAD, 0xDD, 0xD6, 0xBA, 0xB5, 0x16, +- 0x7D, 0x61, 0xB4, 0x36, 0xE1, 0xD9, 0x2B, 0xB1, 0x6A, 0x56, 0x2C, +- /* order */ +- 0x00, 0x00, 0x01, 0x00, 0x92, 0x53, 0x73, 0x97, 0xEC, 0xA4, 0xF6, 0x14, +- 0x57, 0x99, 0xD6, 0x2B, 0x0A, 0x19, 0xCE, 0x06, 0xFE, 0x26, 0xAD +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 24 * 6]; +-} _EC_X9_62_CHAR2_191V1 = { +- { +- NID_X9_62_characteristic_two_field, 20, 24, 2 +- }, +- { +- /* seed */ +- 0x4E, 0x13, 0xCA, 0x54, 0x27, 0x44, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, +- 0x15, 0x17, 0x55, 0x2F, 0x27, 0x9A, 0x8C, 0x84, +- /* p */ +- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01, +- /* a */ +- 0x28, 0x66, 0x53, 0x7B, 0x67, 0x67, 0x52, 0x63, 0x6A, 0x68, 0xF5, 0x65, +- 0x54, 0xE1, 0x26, 0x40, 0x27, 0x6B, 0x64, 0x9E, 0xF7, 0x52, 0x62, 0x67, +- /* b */ +- 0x2E, 0x45, 0xEF, 0x57, 0x1F, 0x00, 0x78, 0x6F, 0x67, 0xB0, 0x08, 0x1B, +- 0x94, 0x95, 0xA3, 0xD9, 0x54, 0x62, 0xF5, 0xDE, 0x0A, 0xA1, 0x85, 0xEC, +- /* x */ +- 0x36, 0xB3, 0xDA, 0xF8, 0xA2, 0x32, 0x06, 0xF9, 0xC4, 0xF2, 0x99, 0xD7, +- 0xB2, 0x1A, 0x9C, 0x36, 0x91, 0x37, 0xF2, 0xC8, 0x4A, 0xE1, 0xAA, 0x0D, +- /* y */ +- 0x76, 0x5B, 0xE7, 0x34, 0x33, 0xB3, 0xF9, 0x5E, 0x33, 0x29, 0x32, 0xE7, +- 0x0E, 0xA2, 0x45, 0xCA, 0x24, 0x18, 0xEA, 0x0E, 0xF9, 0x80, 0x18, 0xFB, +- /* order */ +- 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x04, 0xA2, 0x0E, 0x90, 0xC3, 0x90, 0x67, 0xC8, 0x93, 0xBB, 0xB9, 0xA5 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 24 * 6]; +-} _EC_X9_62_CHAR2_191V2 = { +- { +- NID_X9_62_characteristic_two_field, 20, 24, 4 +- }, +- { +- /* seed */ +- 0x08, 0x71, 0xEF, 0x2F, 0xEF, 0x24, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, +- 0x15, 0x17, 0x58, 0xBE, 0xE0, 0xD9, 0x5C, 0x15, +- /* p */ +- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01, +- /* a */ +- 0x40, 0x10, 0x28, 0x77, 0x4D, 0x77, 0x77, 0xC7, 0xB7, 0x66, 0x6D, 0x13, +- 0x66, 0xEA, 0x43, 0x20, 0x71, 0x27, 0x4F, 0x89, 0xFF, 0x01, 0xE7, 0x18, +- /* b */ +- 0x06, 0x20, 0x04, 0x8D, 0x28, 0xBC, 0xBD, 0x03, 0xB6, 0x24, 0x9C, 0x99, +- 0x18, 0x2B, 0x7C, 0x8C, 0xD1, 0x97, 0x00, 0xC3, 0x62, 0xC4, 0x6A, 0x01, +- /* x */ +- 0x38, 0x09, 0xB2, 0xB7, 0xCC, 0x1B, 0x28, 0xCC, 0x5A, 0x87, 0x92, 0x6A, +- 0xAD, 0x83, 0xFD, 0x28, 0x78, 0x9E, 0x81, 0xE2, 0xC9, 0xE3, 0xBF, 0x10, +- /* y */ +- 0x17, 0x43, 0x43, 0x86, 0x62, 0x6D, 0x14, 0xF3, 0xDB, 0xF0, 0x17, 0x60, +- 0xD9, 0x21, 0x3A, 0x3E, 0x1C, 0xF3, 0x7A, 0xEC, 0x43, 0x7D, 0x66, 0x8A, +- /* order */ +- 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x50, 0x50, 0x8C, 0xB8, 0x9F, 0x65, 0x28, 0x24, 0xE0, 0x6B, 0x81, 0x73 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 24 * 6]; +-} _EC_X9_62_CHAR2_191V3 = { +- { +- NID_X9_62_characteristic_two_field, 20, 24, 6 +- }, +- { +- /* seed */ +- 0xE0, 0x53, 0x51, 0x2D, 0xC6, 0x84, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, +- 0x15, 0x17, 0x50, 0x67, 0xAE, 0x78, 0x6D, 0x1F, +- /* p */ +- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01, +- /* a */ +- 0x6C, 0x01, 0x07, 0x47, 0x56, 0x09, 0x91, 0x22, 0x22, 0x10, 0x56, 0x91, +- 0x1C, 0x77, 0xD7, 0x7E, 0x77, 0xA7, 0x77, 0xE7, 0xE7, 0xE7, 0x7F, 0xCB, +- /* b */ +- 0x71, 0xFE, 0x1A, 0xF9, 0x26, 0xCF, 0x84, 0x79, 0x89, 0xEF, 0xEF, 0x8D, +- 0xB4, 0x59, 0xF6, 0x63, 0x94, 0xD9, 0x0F, 0x32, 0xAD, 0x3F, 0x15, 0xE8, +- /* x */ +- 0x37, 0x5D, 0x4C, 0xE2, 0x4F, 0xDE, 0x43, 0x44, 0x89, 0xDE, 0x87, 0x46, +- 0xE7, 0x17, 0x86, 0x01, 0x50, 0x09, 0xE6, 0x6E, 0x38, 0xA9, 0x26, 0xDD, +- /* y */ +- 0x54, 0x5A, 0x39, 0x17, 0x61, 0x96, 0x57, 0x5D, 0x98, 0x59, 0x99, 0x36, +- 0x6E, 0x6A, 0xD3, 0x4C, 0xE0, 0xA7, 0x7C, 0xD7, 0x12, 0x7B, 0x06, 0xBE, +- /* order */ +- 0x15, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, +- 0x61, 0x0C, 0x0B, 0x19, 0x68, 0x12, 0xBF, 0xB6, 0x28, 0x8A, 0x3E, 0xA3 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 27 * 6]; +-} _EC_X9_62_CHAR2_208W1 = { +- { +- NID_X9_62_characteristic_two_field, 0, 27, 0xFE48 +- }, +- { +- /* no seed */ +- /* p */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x07, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0xC8, 0x61, 0x9E, 0xD4, 0x5A, 0x62, 0xE6, 0x21, 0x2E, 0x11, 0x60, +- 0x34, 0x9E, 0x2B, 0xFA, 0x84, 0x44, 0x39, 0xFA, 0xFC, 0x2A, 0x3F, 0xD1, +- 0x63, 0x8F, 0x9E, +- /* x */ +- 0x00, 0x89, 0xFD, 0xFB, 0xE4, 0xAB, 0xE1, 0x93, 0xDF, 0x95, 0x59, 0xEC, +- 0xF0, 0x7A, 0xC0, 0xCE, 0x78, 0x55, 0x4E, 0x27, 0x84, 0xEB, 0x8C, 0x1E, +- 0xD1, 0xA5, 0x7A, +- /* y */ +- 0x00, 0x0F, 0x55, 0xB5, 0x1A, 0x06, 0xE7, 0x8E, 0x9A, 0xC3, 0x8A, 0x03, +- 0x5F, 0xF5, 0x20, 0xD8, 0xB0, 0x17, 0x81, 0xBE, 0xB1, 0xA6, 0xBB, 0x08, +- 0x61, 0x7D, 0xE3, +- /* order */ +- 0x00, 0x00, 0x01, 0x01, 0xBA, 0xF9, 0x5C, 0x97, 0x23, 0xC5, 0x7B, 0x6C, +- 0x21, 0xDA, 0x2E, 0xFF, 0x2D, 0x5E, 0xD5, 0x88, 0xBD, 0xD5, 0x71, 0x7E, +- 0x21, 0x2F, 0x9D +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 30 * 6]; +-} _EC_X9_62_CHAR2_239V1 = { +- { +- NID_X9_62_characteristic_two_field, 20, 30, 4 +- }, +- { +- /* seed */ +- 0xD3, 0x4B, 0x9A, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, +- 0xCA, 0x71, 0xB9, 0x20, 0xBF, 0xEF, 0xB0, 0x5D, +- /* p */ +- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x10, 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0x32, 0x01, 0x08, 0x57, 0x07, 0x7C, 0x54, 0x31, 0x12, 0x3A, 0x46, 0xB8, +- 0x08, 0x90, 0x67, 0x56, 0xF5, 0x43, 0x42, 0x3E, 0x8D, 0x27, 0x87, 0x75, +- 0x78, 0x12, 0x57, 0x78, 0xAC, 0x76, +- /* b */ +- 0x79, 0x04, 0x08, 0xF2, 0xEE, 0xDA, 0xF3, 0x92, 0xB0, 0x12, 0xED, 0xEF, +- 0xB3, 0x39, 0x2F, 0x30, 0xF4, 0x32, 0x7C, 0x0C, 0xA3, 0xF3, 0x1F, 0xC3, +- 0x83, 0xC4, 0x22, 0xAA, 0x8C, 0x16, +- /* x */ +- 0x57, 0x92, 0x70, 0x98, 0xFA, 0x93, 0x2E, 0x7C, 0x0A, 0x96, 0xD3, 0xFD, +- 0x5B, 0x70, 0x6E, 0xF7, 0xE5, 0xF5, 0xC1, 0x56, 0xE1, 0x6B, 0x7E, 0x7C, +- 0x86, 0x03, 0x85, 0x52, 0xE9, 0x1D, +- /* y */ +- 0x61, 0xD8, 0xEE, 0x50, 0x77, 0xC3, 0x3F, 0xEC, 0xF6, 0xF1, 0xA1, 0x6B, +- 0x26, 0x8D, 0xE4, 0x69, 0xC3, 0xC7, 0x74, 0x4E, 0xA9, 0xA9, 0x71, 0x64, +- 0x9F, 0xC7, 0xA9, 0x61, 0x63, 0x05, +- /* order */ +- 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x0F, 0x4D, 0x42, 0xFF, 0xE1, 0x49, 0x2A, 0x49, 0x93, +- 0xF1, 0xCA, 0xD6, 0x66, 0xE4, 0x47 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 30 * 6]; +-} _EC_X9_62_CHAR2_239V2 = { +- { +- NID_X9_62_characteristic_two_field, 20, 30, 6 +- }, +- { +- /* seed */ +- 0x2A, 0xA6, 0x98, 0x2F, 0xDF, 0xA4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, +- 0x15, 0x17, 0x5D, 0x26, 0x67, 0x27, 0x27, 0x7D, +- /* p */ +- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x10, 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0x42, 0x30, 0x01, 0x77, 0x57, 0xA7, 0x67, 0xFA, 0xE4, 0x23, 0x98, 0x56, +- 0x9B, 0x74, 0x63, 0x25, 0xD4, 0x53, 0x13, 0xAF, 0x07, 0x66, 0x26, 0x64, +- 0x79, 0xB7, 0x56, 0x54, 0xE6, 0x5F, +- /* b */ +- 0x50, 0x37, 0xEA, 0x65, 0x41, 0x96, 0xCF, 0xF0, 0xCD, 0x82, 0xB2, 0xC1, +- 0x4A, 0x2F, 0xCF, 0x2E, 0x3F, 0xF8, 0x77, 0x52, 0x85, 0xB5, 0x45, 0x72, +- 0x2F, 0x03, 0xEA, 0xCD, 0xB7, 0x4B, +- /* x */ +- 0x28, 0xF9, 0xD0, 0x4E, 0x90, 0x00, 0x69, 0xC8, 0xDC, 0x47, 0xA0, 0x85, +- 0x34, 0xFE, 0x76, 0xD2, 0xB9, 0x00, 0xB7, 0xD7, 0xEF, 0x31, 0xF5, 0x70, +- 0x9F, 0x20, 0x0C, 0x4C, 0xA2, 0x05, +- /* y */ +- 0x56, 0x67, 0x33, 0x4C, 0x45, 0xAF, 0xF3, 0xB5, 0xA0, 0x3B, 0xAD, 0x9D, +- 0xD7, 0x5E, 0x2C, 0x71, 0xA9, 0x93, 0x62, 0x56, 0x7D, 0x54, 0x53, 0xF7, +- 0xFA, 0x6E, 0x22, 0x7E, 0xC8, 0x33, +- /* order */ +- 0x15, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, +- 0x55, 0x55, 0x55, 0x3C, 0x6F, 0x28, 0x85, 0x25, 0x9C, 0x31, 0xE3, 0xFC, +- 0xDF, 0x15, 0x46, 0x24, 0x52, 0x2D +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 30 * 6]; +-} _EC_X9_62_CHAR2_239V3 = { +- { +- NID_X9_62_characteristic_two_field, 20, 30, 0xA +- }, +- { +- /* seed */ +- 0x9E, 0x07, 0x6F, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, +- 0xE1, 0x1E, 0x9F, 0xDD, 0x77, 0xF9, 0x20, 0x41, +- /* p */ +- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x10, 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0x01, 0x23, 0x87, 0x74, 0x66, 0x6A, 0x67, 0x76, 0x6D, 0x66, 0x76, 0xF7, +- 0x78, 0xE6, 0x76, 0xB6, 0x69, 0x99, 0x17, 0x66, 0x66, 0xE6, 0x87, 0x66, +- 0x6D, 0x87, 0x66, 0xC6, 0x6A, 0x9F, +- /* b */ +- 0x6A, 0x94, 0x19, 0x77, 0xBA, 0x9F, 0x6A, 0x43, 0x51, 0x99, 0xAC, 0xFC, +- 0x51, 0x06, 0x7E, 0xD5, 0x87, 0xF5, 0x19, 0xC5, 0xEC, 0xB5, 0x41, 0xB8, +- 0xE4, 0x41, 0x11, 0xDE, 0x1D, 0x40, +- /* x */ +- 0x70, 0xF6, 0xE9, 0xD0, 0x4D, 0x28, 0x9C, 0x4E, 0x89, 0x91, 0x3C, 0xE3, +- 0x53, 0x0B, 0xFD, 0xE9, 0x03, 0x97, 0x7D, 0x42, 0xB1, 0x46, 0xD5, 0x39, +- 0xBF, 0x1B, 0xDE, 0x4E, 0x9C, 0x92, +- /* y */ +- 0x2E, 0x5A, 0x0E, 0xAF, 0x6E, 0x5E, 0x13, 0x05, 0xB9, 0x00, 0x4D, 0xCE, +- 0x5C, 0x0E, 0xD7, 0xFE, 0x59, 0xA3, 0x56, 0x08, 0xF3, 0x38, 0x37, 0xC8, +- 0x16, 0xD8, 0x0B, 0x79, 0xF4, 0x61, +- /* order */ +- 0x0C, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, +- 0xCC, 0xCC, 0xCC, 0xAC, 0x49, 0x12, 0xD2, 0xD9, 0xDF, 0x90, 0x3E, 0xF9, +- 0x88, 0x8B, 0x8A, 0x0E, 0x4C, 0xFF +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 35 * 6]; +-} _EC_X9_62_CHAR2_272W1 = { +- { +- NID_X9_62_characteristic_two_field, 0, 35, 0xFF06 +- }, +- { +- /* no seed */ +- /* p */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0B, +- /* a */ +- 0x00, 0x91, 0xA0, 0x91, 0xF0, 0x3B, 0x5F, 0xBA, 0x4A, 0xB2, 0xCC, 0xF4, +- 0x9C, 0x4E, 0xDD, 0x22, 0x0F, 0xB0, 0x28, 0x71, 0x2D, 0x42, 0xBE, 0x75, +- 0x2B, 0x2C, 0x40, 0x09, 0x4D, 0xBA, 0xCD, 0xB5, 0x86, 0xFB, 0x20, +- /* b */ +- 0x00, 0x71, 0x67, 0xEF, 0xC9, 0x2B, 0xB2, 0xE3, 0xCE, 0x7C, 0x8A, 0xAA, +- 0xFF, 0x34, 0xE1, 0x2A, 0x9C, 0x55, 0x70, 0x03, 0xD7, 0xC7, 0x3A, 0x6F, +- 0xAF, 0x00, 0x3F, 0x99, 0xF6, 0xCC, 0x84, 0x82, 0xE5, 0x40, 0xF7, +- /* x */ +- 0x00, 0x61, 0x08, 0xBA, 0xBB, 0x2C, 0xEE, 0xBC, 0xF7, 0x87, 0x05, 0x8A, +- 0x05, 0x6C, 0xBE, 0x0C, 0xFE, 0x62, 0x2D, 0x77, 0x23, 0xA2, 0x89, 0xE0, +- 0x8A, 0x07, 0xAE, 0x13, 0xEF, 0x0D, 0x10, 0xD1, 0x71, 0xDD, 0x8D, +- /* y */ +- 0x00, 0x10, 0xC7, 0x69, 0x57, 0x16, 0x85, 0x1E, 0xEF, 0x6B, 0xA7, 0xF6, +- 0x87, 0x2E, 0x61, 0x42, 0xFB, 0xD2, 0x41, 0xB8, 0x30, 0xFF, 0x5E, 0xFC, +- 0xAC, 0xEC, 0xCA, 0xB0, 0x5E, 0x02, 0x00, 0x5D, 0xDE, 0x9D, 0x23, +- /* order */ +- 0x00, 0x00, 0x01, 0x00, 0xFA, 0xF5, 0x13, 0x54, 0xE0, 0xE3, 0x9E, 0x48, +- 0x92, 0xDF, 0x6E, 0x31, 0x9C, 0x72, 0xC8, 0x16, 0x16, 0x03, 0xFA, 0x45, +- 0xAA, 0x7B, 0x99, 0x8A, 0x16, 0x7B, 0x8F, 0x1E, 0x62, 0x95, 0x21 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 39 * 6]; +-} _EC_X9_62_CHAR2_304W1 = { +- { +- NID_X9_62_characteristic_two_field, 0, 39, 0xFE2E +- }, +- { +- /* no seed */ +- /* p */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x08, 0x07, +- /* a */ +- 0x00, 0xFD, 0x0D, 0x69, 0x31, 0x49, 0xA1, 0x18, 0xF6, 0x51, 0xE6, 0xDC, +- 0xE6, 0x80, 0x20, 0x85, 0x37, 0x7E, 0x5F, 0x88, 0x2D, 0x1B, 0x51, 0x0B, +- 0x44, 0x16, 0x00, 0x74, 0xC1, 0x28, 0x80, 0x78, 0x36, 0x5A, 0x03, 0x96, +- 0xC8, 0xE6, 0x81, +- /* b */ +- 0x00, 0xBD, 0xDB, 0x97, 0xE5, 0x55, 0xA5, 0x0A, 0x90, 0x8E, 0x43, 0xB0, +- 0x1C, 0x79, 0x8E, 0xA5, 0xDA, 0xA6, 0x78, 0x8F, 0x1E, 0xA2, 0x79, 0x4E, +- 0xFC, 0xF5, 0x71, 0x66, 0xB8, 0xC1, 0x40, 0x39, 0x60, 0x1E, 0x55, 0x82, +- 0x73, 0x40, 0xBE, +- /* x */ +- 0x00, 0x19, 0x7B, 0x07, 0x84, 0x5E, 0x9B, 0xE2, 0xD9, 0x6A, 0xDB, 0x0F, +- 0x5F, 0x3C, 0x7F, 0x2C, 0xFF, 0xBD, 0x7A, 0x3E, 0xB8, 0xB6, 0xFE, 0xC3, +- 0x5C, 0x7F, 0xD6, 0x7F, 0x26, 0xDD, 0xF6, 0x28, 0x5A, 0x64, 0x4F, 0x74, +- 0x0A, 0x26, 0x14, +- /* y */ +- 0x00, 0xE1, 0x9F, 0xBE, 0xB7, 0x6E, 0x0D, 0xA1, 0x71, 0x51, 0x7E, 0xCF, +- 0x40, 0x1B, 0x50, 0x28, 0x9B, 0xF0, 0x14, 0x10, 0x32, 0x88, 0x52, 0x7A, +- 0x9B, 0x41, 0x6A, 0x10, 0x5E, 0x80, 0x26, 0x0B, 0x54, 0x9F, 0xDC, 0x1B, +- 0x92, 0xC0, 0x3B, +- /* order */ +- 0x00, 0x00, 0x01, 0x01, 0xD5, 0x56, 0x57, 0x2A, 0xAB, 0xAC, 0x80, 0x01, +- 0x01, 0xD5, 0x56, 0x57, 0x2A, 0xAB, 0xAC, 0x80, 0x01, 0x02, 0x2D, 0x5C, +- 0x91, 0xDD, 0x17, 0x3F, 0x8F, 0xB5, 0x61, 0xDA, 0x68, 0x99, 0x16, 0x44, +- 0x43, 0x05, 0x1D +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 45 * 6]; +-} _EC_X9_62_CHAR2_359V1 = { +- { +- NID_X9_62_characteristic_two_field, 20, 45, 0x4C +- }, +- { +- /* seed */ +- 0x2B, 0x35, 0x49, 0x20, 0xB7, 0x24, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, +- 0x15, 0x17, 0x58, 0x5B, 0xA1, 0x33, 0x2D, 0xC6, +- /* p */ +- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0x56, 0x67, 0x67, 0x6A, 0x65, 0x4B, 0x20, 0x75, 0x4F, 0x35, 0x6E, 0xA9, +- 0x20, 0x17, 0xD9, 0x46, 0x56, 0x7C, 0x46, 0x67, 0x55, 0x56, 0xF1, 0x95, +- 0x56, 0xA0, 0x46, 0x16, 0xB5, 0x67, 0xD2, 0x23, 0xA5, 0xE0, 0x56, 0x56, +- 0xFB, 0x54, 0x90, 0x16, 0xA9, 0x66, 0x56, 0xA5, 0x57, +- /* b */ +- 0x24, 0x72, 0xE2, 0xD0, 0x19, 0x7C, 0x49, 0x36, 0x3F, 0x1F, 0xE7, 0xF5, +- 0xB6, 0xDB, 0x07, 0x5D, 0x52, 0xB6, 0x94, 0x7D, 0x13, 0x5D, 0x8C, 0xA4, +- 0x45, 0x80, 0x5D, 0x39, 0xBC, 0x34, 0x56, 0x26, 0x08, 0x96, 0x87, 0x74, +- 0x2B, 0x63, 0x29, 0xE7, 0x06, 0x80, 0x23, 0x19, 0x88, +- /* x */ +- 0x3C, 0x25, 0x8E, 0xF3, 0x04, 0x77, 0x67, 0xE7, 0xED, 0xE0, 0xF1, 0xFD, +- 0xAA, 0x79, 0xDA, 0xEE, 0x38, 0x41, 0x36, 0x6A, 0x13, 0x2E, 0x16, 0x3A, +- 0xCE, 0xD4, 0xED, 0x24, 0x01, 0xDF, 0x9C, 0x6B, 0xDC, 0xDE, 0x98, 0xE8, +- 0xE7, 0x07, 0xC0, 0x7A, 0x22, 0x39, 0xB1, 0xB0, 0x97, +- /* y */ +- 0x53, 0xD7, 0xE0, 0x85, 0x29, 0x54, 0x70, 0x48, 0x12, 0x1E, 0x9C, 0x95, +- 0xF3, 0x79, 0x1D, 0xD8, 0x04, 0x96, 0x39, 0x48, 0xF3, 0x4F, 0xAE, 0x7B, +- 0xF4, 0x4E, 0xA8, 0x23, 0x65, 0xDC, 0x78, 0x68, 0xFE, 0x57, 0xE4, 0xAE, +- 0x2D, 0xE2, 0x11, 0x30, 0x5A, 0x40, 0x71, 0x04, 0xBD, +- /* order */ +- 0x01, 0xAF, 0x28, 0x6B, 0xCA, 0x1A, 0xF2, 0x86, 0xBC, 0xA1, 0xAF, 0x28, +- 0x6B, 0xCA, 0x1A, 0xF2, 0x86, 0xBC, 0xA1, 0xAF, 0x28, 0x6B, 0xC9, 0xFB, +- 0x8F, 0x6B, 0x85, 0xC5, 0x56, 0x89, 0x2C, 0x20, 0xA7, 0xEB, 0x96, 0x4F, +- 0xE7, 0x71, 0x9E, 0x74, 0xF4, 0x90, 0x75, 0x8D, 0x3B +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 47 * 6]; +-} _EC_X9_62_CHAR2_368W1 = { +- { +- NID_X9_62_characteristic_two_field, 0, 47, 0xFF70 +- }, +- { +- /* no seed */ +- /* p */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, +- /* a */ +- 0x00, 0xE0, 0xD2, 0xEE, 0x25, 0x09, 0x52, 0x06, 0xF5, 0xE2, 0xA4, 0xF9, +- 0xED, 0x22, 0x9F, 0x1F, 0x25, 0x6E, 0x79, 0xA0, 0xE2, 0xB4, 0x55, 0x97, +- 0x0D, 0x8D, 0x0D, 0x86, 0x5B, 0xD9, 0x47, 0x78, 0xC5, 0x76, 0xD6, 0x2F, +- 0x0A, 0xB7, 0x51, 0x9C, 0xCD, 0x2A, 0x1A, 0x90, 0x6A, 0xE3, 0x0D, +- /* b */ +- 0x00, 0xFC, 0x12, 0x17, 0xD4, 0x32, 0x0A, 0x90, 0x45, 0x2C, 0x76, 0x0A, +- 0x58, 0xED, 0xCD, 0x30, 0xC8, 0xDD, 0x06, 0x9B, 0x3C, 0x34, 0x45, 0x38, +- 0x37, 0xA3, 0x4E, 0xD5, 0x0C, 0xB5, 0x49, 0x17, 0xE1, 0xC2, 0x11, 0x2D, +- 0x84, 0xD1, 0x64, 0xF4, 0x44, 0xF8, 0xF7, 0x47, 0x86, 0x04, 0x6A, +- /* x */ +- 0x00, 0x10, 0x85, 0xE2, 0x75, 0x53, 0x81, 0xDC, 0xCC, 0xE3, 0xC1, 0x55, +- 0x7A, 0xFA, 0x10, 0xC2, 0xF0, 0xC0, 0xC2, 0x82, 0x56, 0x46, 0xC5, 0xB3, +- 0x4A, 0x39, 0x4C, 0xBC, 0xFA, 0x8B, 0xC1, 0x6B, 0x22, 0xE7, 0xE7, 0x89, +- 0xE9, 0x27, 0xBE, 0x21, 0x6F, 0x02, 0xE1, 0xFB, 0x13, 0x6A, 0x5F, +- /* y */ +- 0x00, 0x7B, 0x3E, 0xB1, 0xBD, 0xDC, 0xBA, 0x62, 0xD5, 0xD8, 0xB2, 0x05, +- 0x9B, 0x52, 0x57, 0x97, 0xFC, 0x73, 0x82, 0x2C, 0x59, 0x05, 0x9C, 0x62, +- 0x3A, 0x45, 0xFF, 0x38, 0x43, 0xCE, 0xE8, 0xF8, 0x7C, 0xD1, 0x85, 0x5A, +- 0xDA, 0xA8, 0x1E, 0x2A, 0x07, 0x50, 0xB8, 0x0F, 0xDA, 0x23, 0x10, +- /* order */ +- 0x00, 0x00, 0x01, 0x00, 0x90, 0x51, 0x2D, 0xA9, 0xAF, 0x72, 0xB0, 0x83, +- 0x49, 0xD9, 0x8A, 0x5D, 0xD4, 0xC7, 0xB0, 0x53, 0x2E, 0xCA, 0x51, 0xCE, +- 0x03, 0xE2, 0xD1, 0x0F, 0x3B, 0x7A, 0xC5, 0x79, 0xBD, 0x87, 0xE9, 0x09, +- 0xAE, 0x40, 0xA6, 0xF1, 0x31, 0xE9, 0xCF, 0xCE, 0x5B, 0xD9, 0x67 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 54 * 6]; +-} _EC_X9_62_CHAR2_431R1 = { +- { +- NID_X9_62_characteristic_two_field, 0, 54, 0x2760 +- }, +- { +- /* no seed */ +- /* p */ +- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0x1A, 0x82, 0x7E, 0xF0, 0x0D, 0xD6, 0xFC, 0x0E, 0x23, 0x4C, 0xAF, 0x04, +- 0x6C, 0x6A, 0x5D, 0x8A, 0x85, 0x39, 0x5B, 0x23, 0x6C, 0xC4, 0xAD, 0x2C, +- 0xF3, 0x2A, 0x0C, 0xAD, 0xBD, 0xC9, 0xDD, 0xF6, 0x20, 0xB0, 0xEB, 0x99, +- 0x06, 0xD0, 0x95, 0x7F, 0x6C, 0x6F, 0xEA, 0xCD, 0x61, 0x54, 0x68, 0xDF, +- 0x10, 0x4D, 0xE2, 0x96, 0xCD, 0x8F, +- /* b */ +- 0x10, 0xD9, 0xB4, 0xA3, 0xD9, 0x04, 0x7D, 0x8B, 0x15, 0x43, 0x59, 0xAB, +- 0xFB, 0x1B, 0x7F, 0x54, 0x85, 0xB0, 0x4C, 0xEB, 0x86, 0x82, 0x37, 0xDD, +- 0xC9, 0xDE, 0xDA, 0x98, 0x2A, 0x67, 0x9A, 0x5A, 0x91, 0x9B, 0x62, 0x6D, +- 0x4E, 0x50, 0xA8, 0xDD, 0x73, 0x1B, 0x10, 0x7A, 0x99, 0x62, 0x38, 0x1F, +- 0xB5, 0xD8, 0x07, 0xBF, 0x26, 0x18, +- /* x */ +- 0x12, 0x0F, 0xC0, 0x5D, 0x3C, 0x67, 0xA9, 0x9D, 0xE1, 0x61, 0xD2, 0xF4, +- 0x09, 0x26, 0x22, 0xFE, 0xCA, 0x70, 0x1B, 0xE4, 0xF5, 0x0F, 0x47, 0x58, +- 0x71, 0x4E, 0x8A, 0x87, 0xBB, 0xF2, 0xA6, 0x58, 0xEF, 0x8C, 0x21, 0xE7, +- 0xC5, 0xEF, 0xE9, 0x65, 0x36, 0x1F, 0x6C, 0x29, 0x99, 0xC0, 0xC2, 0x47, +- 0xB0, 0xDB, 0xD7, 0x0C, 0xE6, 0xB7, +- /* y */ +- 0x20, 0xD0, 0xAF, 0x89, 0x03, 0xA9, 0x6F, 0x8D, 0x5F, 0xA2, 0xC2, 0x55, +- 0x74, 0x5D, 0x3C, 0x45, 0x1B, 0x30, 0x2C, 0x93, 0x46, 0xD9, 0xB7, 0xE4, +- 0x85, 0xE7, 0xBC, 0xE4, 0x1F, 0x6B, 0x59, 0x1F, 0x3E, 0x8F, 0x6A, 0xDD, +- 0xCB, 0xB0, 0xBC, 0x4C, 0x2F, 0x94, 0x7A, 0x7D, 0xE1, 0xA8, 0x9B, 0x62, +- 0x5D, 0x6A, 0x59, 0x8B, 0x37, 0x60, +- /* order */ +- 0x00, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, +- 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, +- 0x34, 0x03, 0x40, 0x34, 0x03, 0x23, 0xC3, 0x13, 0xFA, 0xB5, 0x05, 0x89, +- 0x70, 0x3B, 0x5E, 0xC6, 0x8D, 0x35, 0x87, 0xFE, 0xC6, 0x0D, 0x16, 0x1C, +- 0xC1, 0x49, 0xC1, 0xAD, 0x4A, 0x91 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 15 * 6]; +-} _EC_WTLS_1 = { +- { +- NID_X9_62_characteristic_two_field, 0, 15, 2 +- }, +- { +- /* no seed */ +- /* p */ +- 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x02, 0x01, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x01, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x01, +- /* x */ +- 0x01, 0x66, 0x79, 0x79, 0xA4, 0x0B, 0xA4, 0x97, 0xE5, 0xD5, 0xC2, 0x70, +- 0x78, 0x06, 0x17, +- /* y */ +- 0x00, 0xF4, 0x4B, 0x4A, 0xF1, 0xEC, 0xC2, 0x63, 0x0E, 0x08, 0x78, 0x5C, +- 0xEB, 0xCC, 0x15, +- /* order */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFD, 0xBF, 0x91, 0xAF, +- 0x6D, 0xEA, 0x73 +- } +-}; +- +-/* IPSec curves */ +-/* +- * NOTE: The of curves over a extension field of non prime degree is not +- * recommended (Weil-descent). As the group order is not a prime this curve +- * is not suitable for ECDSA. +- */ +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 20 * 6]; +-} _EC_IPSEC_155_ID3 = { +- { +- NID_X9_62_characteristic_two_field, 0, 20, 3 +- }, +- { +- /* no seed */ +- /* p */ +- 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x33, 0x8f, +- /* x */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7b, +- /* y */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xc8, +- /* order */ +- 0x02, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xC7, 0xF3, +- 0xC7, 0x88, 0x1B, 0xD0, 0x86, 0x8F, 0xA8, 0x6C +- } +-}; +- +-/* +- * NOTE: The of curves over a extension field of non prime degree is not +- * recommended (Weil-descent). As the group order is not a prime this curve +- * is not suitable for ECDSA. +- */ +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 24 * 6]; +-} _EC_IPSEC_185_ID4 = { +- { +- NID_X9_62_characteristic_two_field, 0, 24, 2 +- }, +- { +- /* no seed */ +- /* p */ +- 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1e, 0xe9, +- /* x */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, +- /* y */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0d, +- /* order */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xED, 0xF9, 0x7C, 0x44, 0xDB, 0x9F, 0x24, 0x20, 0xBA, 0xFC, 0xA7, 0x5E +- } +-}; +- +-#endif +- +-/* +- * These curves were added by Annie Yousar. +- * For the definition of RFC 5639 curves see +- * http://www.ietf.org/rfc/rfc5639.txt These curves are generated verifiable +- * at random, nevertheless the seed is omitted as parameter because the +- * generation mechanism is different from those defined in ANSI X9.62. +- */ +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 20 * 6]; +-} _EC_brainpoolP160r1 = { +- { +- NID_X9_62_prime_field, 0, 20, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0xC7, 0xAD, +- 0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0F, +- /* a */ +- 0x34, 0x0E, 0x7B, 0xE2, 0xA2, 0x80, 0xEB, 0x74, 0xE2, 0xBE, 0x61, 0xBA, +- 0xDA, 0x74, 0x5D, 0x97, 0xE8, 0xF7, 0xC3, 0x00, +- /* b */ +- 0x1E, 0x58, 0x9A, 0x85, 0x95, 0x42, 0x34, 0x12, 0x13, 0x4F, 0xAA, 0x2D, +- 0xBD, 0xEC, 0x95, 0xC8, 0xD8, 0x67, 0x5E, 0x58, +- /* x */ +- 0xBE, 0xD5, 0xAF, 0x16, 0xEA, 0x3F, 0x6A, 0x4F, 0x62, 0x93, 0x8C, 0x46, +- 0x31, 0xEB, 0x5A, 0xF7, 0xBD, 0xBC, 0xDB, 0xC3, +- /* y */ +- 0x16, 0x67, 0xCB, 0x47, 0x7A, 0x1A, 0x8E, 0xC3, 0x38, 0xF9, 0x47, 0x41, +- 0x66, 0x9C, 0x97, 0x63, 0x16, 0xDA, 0x63, 0x21, +- /* order */ +- 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0x59, 0x91, +- 0xD4, 0x50, 0x29, 0x40, 0x9E, 0x60, 0xFC, 0x09 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 20 * 6]; +-} _EC_brainpoolP160t1 = { +- { +- NID_X9_62_prime_field, 0, 20, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0xC7, 0xAD, +- 0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0F, +- /* a */ +- 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0xC7, 0xAD, +- 0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0C, +- /* b */ +- 0x7A, 0x55, 0x6B, 0x6D, 0xAE, 0x53, 0x5B, 0x7B, 0x51, 0xED, 0x2C, 0x4D, +- 0x7D, 0xAA, 0x7A, 0x0B, 0x5C, 0x55, 0xF3, 0x80, +- /* x */ +- 0xB1, 0x99, 0xB1, 0x3B, 0x9B, 0x34, 0xEF, 0xC1, 0x39, 0x7E, 0x64, 0xBA, +- 0xEB, 0x05, 0xAC, 0xC2, 0x65, 0xFF, 0x23, 0x78, +- /* y */ +- 0xAD, 0xD6, 0x71, 0x8B, 0x7C, 0x7C, 0x19, 0x61, 0xF0, 0x99, 0x1B, 0x84, +- 0x24, 0x43, 0x77, 0x21, 0x52, 0xC9, 0xE0, 0xAD, +- /* order */ +- 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0x59, 0x91, +- 0xD4, 0x50, 0x29, 0x40, 0x9E, 0x60, 0xFC, 0x09 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 24 * 6]; +-} _EC_brainpoolP192r1 = { +- { +- NID_X9_62_prime_field, 0, 24, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x30, +- 0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x97, +- /* a */ +- 0x6A, 0x91, 0x17, 0x40, 0x76, 0xB1, 0xE0, 0xE1, 0x9C, 0x39, 0xC0, 0x31, +- 0xFE, 0x86, 0x85, 0xC1, 0xCA, 0xE0, 0x40, 0xE5, 0xC6, 0x9A, 0x28, 0xEF, +- /* b */ +- 0x46, 0x9A, 0x28, 0xEF, 0x7C, 0x28, 0xCC, 0xA3, 0xDC, 0x72, 0x1D, 0x04, +- 0x4F, 0x44, 0x96, 0xBC, 0xCA, 0x7E, 0xF4, 0x14, 0x6F, 0xBF, 0x25, 0xC9, +- /* x */ +- 0xC0, 0xA0, 0x64, 0x7E, 0xAA, 0xB6, 0xA4, 0x87, 0x53, 0xB0, 0x33, 0xC5, +- 0x6C, 0xB0, 0xF0, 0x90, 0x0A, 0x2F, 0x5C, 0x48, 0x53, 0x37, 0x5F, 0xD6, +- /* y */ +- 0x14, 0xB6, 0x90, 0x86, 0x6A, 0xBD, 0x5B, 0xB8, 0x8B, 0x5F, 0x48, 0x28, +- 0xC1, 0x49, 0x00, 0x02, 0xE6, 0x77, 0x3F, 0xA2, 0xFA, 0x29, 0x9B, 0x8F, +- /* order */ +- 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x2F, +- 0x9E, 0x9E, 0x91, 0x6B, 0x5B, 0xE8, 0xF1, 0x02, 0x9A, 0xC4, 0xAC, 0xC1 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 24 * 6]; +-} _EC_brainpoolP192t1 = { +- { +- NID_X9_62_prime_field, 0, 24, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x30, +- 0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x97, +- /* a */ +- 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x30, +- 0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x94, +- /* b */ +- 0x13, 0xD5, 0x6F, 0xFA, 0xEC, 0x78, 0x68, 0x1E, 0x68, 0xF9, 0xDE, 0xB4, +- 0x3B, 0x35, 0xBE, 0xC2, 0xFB, 0x68, 0x54, 0x2E, 0x27, 0x89, 0x7B, 0x79, +- /* x */ +- 0x3A, 0xE9, 0xE5, 0x8C, 0x82, 0xF6, 0x3C, 0x30, 0x28, 0x2E, 0x1F, 0xE7, +- 0xBB, 0xF4, 0x3F, 0xA7, 0x2C, 0x44, 0x6A, 0xF6, 0xF4, 0x61, 0x81, 0x29, +- /* y */ +- 0x09, 0x7E, 0x2C, 0x56, 0x67, 0xC2, 0x22, 0x3A, 0x90, 0x2A, 0xB5, 0xCA, +- 0x44, 0x9D, 0x00, 0x84, 0xB7, 0xE5, 0xB3, 0xDE, 0x7C, 0xCC, 0x01, 0xC9, +- /* order */ +- 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x2F, +- 0x9E, 0x9E, 0x91, 0x6B, 0x5B, 0xE8, 0xF1, 0x02, 0x9A, 0xC4, 0xAC, 0xC1 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 28 * 6]; +-} _EC_brainpoolP224r1 = { +- { +- NID_X9_62_prime_field, 0, 28, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25, +- 0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5, +- 0x7E, 0xC8, 0xC0, 0xFF, +- /* a */ +- 0x68, 0xA5, 0xE6, 0x2C, 0xA9, 0xCE, 0x6C, 0x1C, 0x29, 0x98, 0x03, 0xA6, +- 0xC1, 0x53, 0x0B, 0x51, 0x4E, 0x18, 0x2A, 0xD8, 0xB0, 0x04, 0x2A, 0x59, +- 0xCA, 0xD2, 0x9F, 0x43, +- /* b */ +- 0x25, 0x80, 0xF6, 0x3C, 0xCF, 0xE4, 0x41, 0x38, 0x87, 0x07, 0x13, 0xB1, +- 0xA9, 0x23, 0x69, 0xE3, 0x3E, 0x21, 0x35, 0xD2, 0x66, 0xDB, 0xB3, 0x72, +- 0x38, 0x6C, 0x40, 0x0B, +- /* x */ +- 0x0D, 0x90, 0x29, 0xAD, 0x2C, 0x7E, 0x5C, 0xF4, 0x34, 0x08, 0x23, 0xB2, +- 0xA8, 0x7D, 0xC6, 0x8C, 0x9E, 0x4C, 0xE3, 0x17, 0x4C, 0x1E, 0x6E, 0xFD, +- 0xEE, 0x12, 0xC0, 0x7D, +- /* y */ +- 0x58, 0xAA, 0x56, 0xF7, 0x72, 0xC0, 0x72, 0x6F, 0x24, 0xC6, 0xB8, 0x9E, +- 0x4E, 0xCD, 0xAC, 0x24, 0x35, 0x4B, 0x9E, 0x99, 0xCA, 0xA3, 0xF6, 0xD3, +- 0x76, 0x14, 0x02, 0xCD, +- /* order */ +- 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25, +- 0x75, 0xD0, 0xFB, 0x98, 0xD1, 0x16, 0xBC, 0x4B, 0x6D, 0xDE, 0xBC, 0xA3, +- 0xA5, 0xA7, 0x93, 0x9F +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 28 * 6]; +-} _EC_brainpoolP224t1 = { +- { +- NID_X9_62_prime_field, 0, 28, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25, +- 0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5, +- 0x7E, 0xC8, 0xC0, 0xFF, +- /* a */ +- 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25, +- 0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5, +- 0x7E, 0xC8, 0xC0, 0xFC, +- /* b */ +- 0x4B, 0x33, 0x7D, 0x93, 0x41, 0x04, 0xCD, 0x7B, 0xEF, 0x27, 0x1B, 0xF6, +- 0x0C, 0xED, 0x1E, 0xD2, 0x0D, 0xA1, 0x4C, 0x08, 0xB3, 0xBB, 0x64, 0xF1, +- 0x8A, 0x60, 0x88, 0x8D, +- /* x */ +- 0x6A, 0xB1, 0xE3, 0x44, 0xCE, 0x25, 0xFF, 0x38, 0x96, 0x42, 0x4E, 0x7F, +- 0xFE, 0x14, 0x76, 0x2E, 0xCB, 0x49, 0xF8, 0x92, 0x8A, 0xC0, 0xC7, 0x60, +- 0x29, 0xB4, 0xD5, 0x80, +- /* y */ +- 0x03, 0x74, 0xE9, 0xF5, 0x14, 0x3E, 0x56, 0x8C, 0xD2, 0x3F, 0x3F, 0x4D, +- 0x7C, 0x0D, 0x4B, 0x1E, 0x41, 0xC8, 0xCC, 0x0D, 0x1C, 0x6A, 0xBD, 0x5F, +- 0x1A, 0x46, 0xDB, 0x4C, +- /* order */ +- 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25, +- 0x75, 0xD0, 0xFB, 0x98, 0xD1, 0x16, 0xBC, 0x4B, 0x6D, 0xDE, 0xBC, 0xA3, +- 0xA5, 0xA7, 0x93, 0x9F +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 32 * 6]; +-} _EC_brainpoolP256r1 = { +- { +- NID_X9_62_prime_field, 0, 32, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90, +- 0x9D, 0x83, 0x8D, 0x72, 0x6E, 0x3B, 0xF6, 0x23, 0xD5, 0x26, 0x20, 0x28, +- 0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E, 0x53, 0x77, +- /* a */ +- 0x7D, 0x5A, 0x09, 0x75, 0xFC, 0x2C, 0x30, 0x57, 0xEE, 0xF6, 0x75, 0x30, +- 0x41, 0x7A, 0xFF, 0xE7, 0xFB, 0x80, 0x55, 0xC1, 0x26, 0xDC, 0x5C, 0x6C, +- 0xE9, 0x4A, 0x4B, 0x44, 0xF3, 0x30, 0xB5, 0xD9, +- /* b */ +- 0x26, 0xDC, 0x5C, 0x6C, 0xE9, 0x4A, 0x4B, 0x44, 0xF3, 0x30, 0xB5, 0xD9, +- 0xBB, 0xD7, 0x7C, 0xBF, 0x95, 0x84, 0x16, 0x29, 0x5C, 0xF7, 0xE1, 0xCE, +- 0x6B, 0xCC, 0xDC, 0x18, 0xFF, 0x8C, 0x07, 0xB6, +- /* x */ +- 0x8B, 0xD2, 0xAE, 0xB9, 0xCB, 0x7E, 0x57, 0xCB, 0x2C, 0x4B, 0x48, 0x2F, +- 0xFC, 0x81, 0xB7, 0xAF, 0xB9, 0xDE, 0x27, 0xE1, 0xE3, 0xBD, 0x23, 0xC2, +- 0x3A, 0x44, 0x53, 0xBD, 0x9A, 0xCE, 0x32, 0x62, +- /* y */ +- 0x54, 0x7E, 0xF8, 0x35, 0xC3, 0xDA, 0xC4, 0xFD, 0x97, 0xF8, 0x46, 0x1A, +- 0x14, 0x61, 0x1D, 0xC9, 0xC2, 0x77, 0x45, 0x13, 0x2D, 0xED, 0x8E, 0x54, +- 0x5C, 0x1D, 0x54, 0xC7, 0x2F, 0x04, 0x69, 0x97, +- /* order */ +- 0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90, +- 0x9D, 0x83, 0x8D, 0x71, 0x8C, 0x39, 0x7A, 0xA3, 0xB5, 0x61, 0xA6, 0xF7, +- 0x90, 0x1E, 0x0E, 0x82, 0x97, 0x48, 0x56, 0xA7 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 32 * 6]; +-} _EC_brainpoolP256t1 = { +- { +- NID_X9_62_prime_field, 0, 32, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90, +- 0x9D, 0x83, 0x8D, 0x72, 0x6E, 0x3B, 0xF6, 0x23, 0xD5, 0x26, 0x20, 0x28, +- 0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E, 0x53, 0x77, +- /* a */ +- 0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90, +- 0x9D, 0x83, 0x8D, 0x72, 0x6E, 0x3B, 0xF6, 0x23, 0xD5, 0x26, 0x20, 0x28, +- 0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E, 0x53, 0x74, +- /* b */ +- 0x66, 0x2C, 0x61, 0xC4, 0x30, 0xD8, 0x4E, 0xA4, 0xFE, 0x66, 0xA7, 0x73, +- 0x3D, 0x0B, 0x76, 0xB7, 0xBF, 0x93, 0xEB, 0xC4, 0xAF, 0x2F, 0x49, 0x25, +- 0x6A, 0xE5, 0x81, 0x01, 0xFE, 0xE9, 0x2B, 0x04, +- /* x */ +- 0xA3, 0xE8, 0xEB, 0x3C, 0xC1, 0xCF, 0xE7, 0xB7, 0x73, 0x22, 0x13, 0xB2, +- 0x3A, 0x65, 0x61, 0x49, 0xAF, 0xA1, 0x42, 0xC4, 0x7A, 0xAF, 0xBC, 0x2B, +- 0x79, 0xA1, 0x91, 0x56, 0x2E, 0x13, 0x05, 0xF4, +- /* y */ +- 0x2D, 0x99, 0x6C, 0x82, 0x34, 0x39, 0xC5, 0x6D, 0x7F, 0x7B, 0x22, 0xE1, +- 0x46, 0x44, 0x41, 0x7E, 0x69, 0xBC, 0xB6, 0xDE, 0x39, 0xD0, 0x27, 0x00, +- 0x1D, 0xAB, 0xE8, 0xF3, 0x5B, 0x25, 0xC9, 0xBE, +- /* order */ +- 0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90, +- 0x9D, 0x83, 0x8D, 0x71, 0x8C, 0x39, 0x7A, 0xA3, 0xB5, 0x61, 0xA6, 0xF7, +- 0x90, 0x1E, 0x0E, 0x82, 0x97, 0x48, 0x56, 0xA7 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 40 * 6]; +-} _EC_brainpoolP320r1 = { +- { +- NID_X9_62_prime_field, 0, 40, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E, +- 0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA6, 0xF6, 0xF4, 0x0D, 0xEF, +- 0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93, 0xEC, 0x28, 0xFC, 0xD4, 0x12, 0xB1, +- 0xF1, 0xB3, 0x2E, 0x27, +- /* a */ +- 0x3E, 0xE3, 0x0B, 0x56, 0x8F, 0xBA, 0xB0, 0xF8, 0x83, 0xCC, 0xEB, 0xD4, +- 0x6D, 0x3F, 0x3B, 0xB8, 0xA2, 0xA7, 0x35, 0x13, 0xF5, 0xEB, 0x79, 0xDA, +- 0x66, 0x19, 0x0E, 0xB0, 0x85, 0xFF, 0xA9, 0xF4, 0x92, 0xF3, 0x75, 0xA9, +- 0x7D, 0x86, 0x0E, 0xB4, +- /* b */ +- 0x52, 0x08, 0x83, 0x94, 0x9D, 0xFD, 0xBC, 0x42, 0xD3, 0xAD, 0x19, 0x86, +- 0x40, 0x68, 0x8A, 0x6F, 0xE1, 0x3F, 0x41, 0x34, 0x95, 0x54, 0xB4, 0x9A, +- 0xCC, 0x31, 0xDC, 0xCD, 0x88, 0x45, 0x39, 0x81, 0x6F, 0x5E, 0xB4, 0xAC, +- 0x8F, 0xB1, 0xF1, 0xA6, +- /* x */ +- 0x43, 0xBD, 0x7E, 0x9A, 0xFB, 0x53, 0xD8, 0xB8, 0x52, 0x89, 0xBC, 0xC4, +- 0x8E, 0xE5, 0xBF, 0xE6, 0xF2, 0x01, 0x37, 0xD1, 0x0A, 0x08, 0x7E, 0xB6, +- 0xE7, 0x87, 0x1E, 0x2A, 0x10, 0xA5, 0x99, 0xC7, 0x10, 0xAF, 0x8D, 0x0D, +- 0x39, 0xE2, 0x06, 0x11, +- /* y */ +- 0x14, 0xFD, 0xD0, 0x55, 0x45, 0xEC, 0x1C, 0xC8, 0xAB, 0x40, 0x93, 0x24, +- 0x7F, 0x77, 0x27, 0x5E, 0x07, 0x43, 0xFF, 0xED, 0x11, 0x71, 0x82, 0xEA, +- 0xA9, 0xC7, 0x78, 0x77, 0xAA, 0xAC, 0x6A, 0xC7, 0xD3, 0x52, 0x45, 0xD1, +- 0x69, 0x2E, 0x8E, 0xE1, +- /* order */ +- 0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E, +- 0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA5, 0xB6, 0x8F, 0x12, 0xA3, +- 0x2D, 0x48, 0x2E, 0xC7, 0xEE, 0x86, 0x58, 0xE9, 0x86, 0x91, 0x55, 0x5B, +- 0x44, 0xC5, 0x93, 0x11 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 40 * 6]; +-} _EC_brainpoolP320t1 = { +- { +- NID_X9_62_prime_field, 0, 40, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E, +- 0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA6, 0xF6, 0xF4, 0x0D, 0xEF, +- 0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93, 0xEC, 0x28, 0xFC, 0xD4, 0x12, 0xB1, +- 0xF1, 0xB3, 0x2E, 0x27, +- /* a */ +- 0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E, +- 0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA6, 0xF6, 0xF4, 0x0D, 0xEF, +- 0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93, 0xEC, 0x28, 0xFC, 0xD4, 0x12, 0xB1, +- 0xF1, 0xB3, 0x2E, 0x24, +- /* b */ +- 0xA7, 0xF5, 0x61, 0xE0, 0x38, 0xEB, 0x1E, 0xD5, 0x60, 0xB3, 0xD1, 0x47, +- 0xDB, 0x78, 0x20, 0x13, 0x06, 0x4C, 0x19, 0xF2, 0x7E, 0xD2, 0x7C, 0x67, +- 0x80, 0xAA, 0xF7, 0x7F, 0xB8, 0xA5, 0x47, 0xCE, 0xB5, 0xB4, 0xFE, 0xF4, +- 0x22, 0x34, 0x03, 0x53, +- /* x */ +- 0x92, 0x5B, 0xE9, 0xFB, 0x01, 0xAF, 0xC6, 0xFB, 0x4D, 0x3E, 0x7D, 0x49, +- 0x90, 0x01, 0x0F, 0x81, 0x34, 0x08, 0xAB, 0x10, 0x6C, 0x4F, 0x09, 0xCB, +- 0x7E, 0xE0, 0x78, 0x68, 0xCC, 0x13, 0x6F, 0xFF, 0x33, 0x57, 0xF6, 0x24, +- 0xA2, 0x1B, 0xED, 0x52, +- /* y */ +- 0x63, 0xBA, 0x3A, 0x7A, 0x27, 0x48, 0x3E, 0xBF, 0x66, 0x71, 0xDB, 0xEF, +- 0x7A, 0xBB, 0x30, 0xEB, 0xEE, 0x08, 0x4E, 0x58, 0xA0, 0xB0, 0x77, 0xAD, +- 0x42, 0xA5, 0xA0, 0x98, 0x9D, 0x1E, 0xE7, 0x1B, 0x1B, 0x9B, 0xC0, 0x45, +- 0x5F, 0xB0, 0xD2, 0xC3, +- /* order */ +- 0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E, +- 0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA5, 0xB6, 0x8F, 0x12, 0xA3, +- 0x2D, 0x48, 0x2E, 0xC7, 0xEE, 0x86, 0x58, 0xE9, 0x86, 0x91, 0x55, 0x5B, +- 0x44, 0xC5, 0x93, 0x11 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 48 * 6]; +-} _EC_brainpoolP384r1 = { +- { +- NID_X9_62_prime_field, 0, 48, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E, +- 0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB4, +- 0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7, 0x11, 0x23, 0xAC, 0xD3, 0xA7, 0x29, +- 0x90, 0x1D, 0x1A, 0x71, 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x53, +- /* a */ +- 0x7B, 0xC3, 0x82, 0xC6, 0x3D, 0x8C, 0x15, 0x0C, 0x3C, 0x72, 0x08, 0x0A, +- 0xCE, 0x05, 0xAF, 0xA0, 0xC2, 0xBE, 0xA2, 0x8E, 0x4F, 0xB2, 0x27, 0x87, +- 0x13, 0x91, 0x65, 0xEF, 0xBA, 0x91, 0xF9, 0x0F, 0x8A, 0xA5, 0x81, 0x4A, +- 0x50, 0x3A, 0xD4, 0xEB, 0x04, 0xA8, 0xC7, 0xDD, 0x22, 0xCE, 0x28, 0x26, +- /* b */ +- 0x04, 0xA8, 0xC7, 0xDD, 0x22, 0xCE, 0x28, 0x26, 0x8B, 0x39, 0xB5, 0x54, +- 0x16, 0xF0, 0x44, 0x7C, 0x2F, 0xB7, 0x7D, 0xE1, 0x07, 0xDC, 0xD2, 0xA6, +- 0x2E, 0x88, 0x0E, 0xA5, 0x3E, 0xEB, 0x62, 0xD5, 0x7C, 0xB4, 0x39, 0x02, +- 0x95, 0xDB, 0xC9, 0x94, 0x3A, 0xB7, 0x86, 0x96, 0xFA, 0x50, 0x4C, 0x11, +- /* x */ +- 0x1D, 0x1C, 0x64, 0xF0, 0x68, 0xCF, 0x45, 0xFF, 0xA2, 0xA6, 0x3A, 0x81, +- 0xB7, 0xC1, 0x3F, 0x6B, 0x88, 0x47, 0xA3, 0xE7, 0x7E, 0xF1, 0x4F, 0xE3, +- 0xDB, 0x7F, 0xCA, 0xFE, 0x0C, 0xBD, 0x10, 0xE8, 0xE8, 0x26, 0xE0, 0x34, +- 0x36, 0xD6, 0x46, 0xAA, 0xEF, 0x87, 0xB2, 0xE2, 0x47, 0xD4, 0xAF, 0x1E, +- /* y */ +- 0x8A, 0xBE, 0x1D, 0x75, 0x20, 0xF9, 0xC2, 0xA4, 0x5C, 0xB1, 0xEB, 0x8E, +- 0x95, 0xCF, 0xD5, 0x52, 0x62, 0xB7, 0x0B, 0x29, 0xFE, 0xEC, 0x58, 0x64, +- 0xE1, 0x9C, 0x05, 0x4F, 0xF9, 0x91, 0x29, 0x28, 0x0E, 0x46, 0x46, 0x21, +- 0x77, 0x91, 0x81, 0x11, 0x42, 0x82, 0x03, 0x41, 0x26, 0x3C, 0x53, 0x15, +- /* order */ +- 0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E, +- 0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB3, +- 0x1F, 0x16, 0x6E, 0x6C, 0xAC, 0x04, 0x25, 0xA7, 0xCF, 0x3A, 0xB6, 0xAF, +- 0x6B, 0x7F, 0xC3, 0x10, 0x3B, 0x88, 0x32, 0x02, 0xE9, 0x04, 0x65, 0x65 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 48 * 6]; +-} _EC_brainpoolP384t1 = { +- { +- NID_X9_62_prime_field, 0, 48, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E, +- 0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB4, +- 0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7, 0x11, 0x23, 0xAC, 0xD3, 0xA7, 0x29, +- 0x90, 0x1D, 0x1A, 0x71, 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x53, +- /* a */ +- 0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E, +- 0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB4, +- 0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7, 0x11, 0x23, 0xAC, 0xD3, 0xA7, 0x29, +- 0x90, 0x1D, 0x1A, 0x71, 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x50, +- /* b */ +- 0x7F, 0x51, 0x9E, 0xAD, 0xA7, 0xBD, 0xA8, 0x1B, 0xD8, 0x26, 0xDB, 0xA6, +- 0x47, 0x91, 0x0F, 0x8C, 0x4B, 0x93, 0x46, 0xED, 0x8C, 0xCD, 0xC6, 0x4E, +- 0x4B, 0x1A, 0xBD, 0x11, 0x75, 0x6D, 0xCE, 0x1D, 0x20, 0x74, 0xAA, 0x26, +- 0x3B, 0x88, 0x80, 0x5C, 0xED, 0x70, 0x35, 0x5A, 0x33, 0xB4, 0x71, 0xEE, +- /* x */ +- 0x18, 0xDE, 0x98, 0xB0, 0x2D, 0xB9, 0xA3, 0x06, 0xF2, 0xAF, 0xCD, 0x72, +- 0x35, 0xF7, 0x2A, 0x81, 0x9B, 0x80, 0xAB, 0x12, 0xEB, 0xD6, 0x53, 0x17, +- 0x24, 0x76, 0xFE, 0xCD, 0x46, 0x2A, 0xAB, 0xFF, 0xC4, 0xFF, 0x19, 0x1B, +- 0x94, 0x6A, 0x5F, 0x54, 0xD8, 0xD0, 0xAA, 0x2F, 0x41, 0x88, 0x08, 0xCC, +- /* y */ +- 0x25, 0xAB, 0x05, 0x69, 0x62, 0xD3, 0x06, 0x51, 0xA1, 0x14, 0xAF, 0xD2, +- 0x75, 0x5A, 0xD3, 0x36, 0x74, 0x7F, 0x93, 0x47, 0x5B, 0x7A, 0x1F, 0xCA, +- 0x3B, 0x88, 0xF2, 0xB6, 0xA2, 0x08, 0xCC, 0xFE, 0x46, 0x94, 0x08, 0x58, +- 0x4D, 0xC2, 0xB2, 0x91, 0x26, 0x75, 0xBF, 0x5B, 0x9E, 0x58, 0x29, 0x28, +- /* order */ +- 0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E, +- 0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB3, +- 0x1F, 0x16, 0x6E, 0x6C, 0xAC, 0x04, 0x25, 0xA7, 0xCF, 0x3A, 0xB6, 0xAF, +- 0x6B, 0x7F, 0xC3, 0x10, 0x3B, 0x88, 0x32, 0x02, 0xE9, 0x04, 0x65, 0x65 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 64 * 6]; +-} _EC_brainpoolP512r1 = { +- { +- NID_X9_62_prime_field, 0, 64, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE, +- 0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E, +- 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x71, 0x7D, 0x4D, 0x9B, 0x00, +- 0x9B, 0xC6, 0x68, 0x42, 0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6, +- 0x28, 0x81, 0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, 0x28, 0xAA, 0x60, 0x56, +- 0x58, 0x3A, 0x48, 0xF3, +- /* a */ +- 0x78, 0x30, 0xA3, 0x31, 0x8B, 0x60, 0x3B, 0x89, 0xE2, 0x32, 0x71, 0x45, +- 0xAC, 0x23, 0x4C, 0xC5, 0x94, 0xCB, 0xDD, 0x8D, 0x3D, 0xF9, 0x16, 0x10, +- 0xA8, 0x34, 0x41, 0xCA, 0xEA, 0x98, 0x63, 0xBC, 0x2D, 0xED, 0x5D, 0x5A, +- 0xA8, 0x25, 0x3A, 0xA1, 0x0A, 0x2E, 0xF1, 0xC9, 0x8B, 0x9A, 0xC8, 0xB5, +- 0x7F, 0x11, 0x17, 0xA7, 0x2B, 0xF2, 0xC7, 0xB9, 0xE7, 0xC1, 0xAC, 0x4D, +- 0x77, 0xFC, 0x94, 0xCA, +- /* b */ +- 0x3D, 0xF9, 0x16, 0x10, 0xA8, 0x34, 0x41, 0xCA, 0xEA, 0x98, 0x63, 0xBC, +- 0x2D, 0xED, 0x5D, 0x5A, 0xA8, 0x25, 0x3A, 0xA1, 0x0A, 0x2E, 0xF1, 0xC9, +- 0x8B, 0x9A, 0xC8, 0xB5, 0x7F, 0x11, 0x17, 0xA7, 0x2B, 0xF2, 0xC7, 0xB9, +- 0xE7, 0xC1, 0xAC, 0x4D, 0x77, 0xFC, 0x94, 0xCA, 0xDC, 0x08, 0x3E, 0x67, +- 0x98, 0x40, 0x50, 0xB7, 0x5E, 0xBA, 0xE5, 0xDD, 0x28, 0x09, 0xBD, 0x63, +- 0x80, 0x16, 0xF7, 0x23, +- /* x */ +- 0x81, 0xAE, 0xE4, 0xBD, 0xD8, 0x2E, 0xD9, 0x64, 0x5A, 0x21, 0x32, 0x2E, +- 0x9C, 0x4C, 0x6A, 0x93, 0x85, 0xED, 0x9F, 0x70, 0xB5, 0xD9, 0x16, 0xC1, +- 0xB4, 0x3B, 0x62, 0xEE, 0xF4, 0xD0, 0x09, 0x8E, 0xFF, 0x3B, 0x1F, 0x78, +- 0xE2, 0xD0, 0xD4, 0x8D, 0x50, 0xD1, 0x68, 0x7B, 0x93, 0xB9, 0x7D, 0x5F, +- 0x7C, 0x6D, 0x50, 0x47, 0x40, 0x6A, 0x5E, 0x68, 0x8B, 0x35, 0x22, 0x09, +- 0xBC, 0xB9, 0xF8, 0x22, +- /* y */ +- 0x7D, 0xDE, 0x38, 0x5D, 0x56, 0x63, 0x32, 0xEC, 0xC0, 0xEA, 0xBF, 0xA9, +- 0xCF, 0x78, 0x22, 0xFD, 0xF2, 0x09, 0xF7, 0x00, 0x24, 0xA5, 0x7B, 0x1A, +- 0xA0, 0x00, 0xC5, 0x5B, 0x88, 0x1F, 0x81, 0x11, 0xB2, 0xDC, 0xDE, 0x49, +- 0x4A, 0x5F, 0x48, 0x5E, 0x5B, 0xCA, 0x4B, 0xD8, 0x8A, 0x27, 0x63, 0xAE, +- 0xD1, 0xCA, 0x2B, 0x2F, 0xA8, 0xF0, 0x54, 0x06, 0x78, 0xCD, 0x1E, 0x0F, +- 0x3A, 0xD8, 0x08, 0x92, +- /* order */ +- 0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE, +- 0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E, +- 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x70, 0x55, 0x3E, 0x5C, 0x41, +- 0x4C, 0xA9, 0x26, 0x19, 0x41, 0x86, 0x61, 0x19, 0x7F, 0xAC, 0x10, 0x47, +- 0x1D, 0xB1, 0xD3, 0x81, 0x08, 0x5D, 0xDA, 0xDD, 0xB5, 0x87, 0x96, 0x82, +- 0x9C, 0xA9, 0x00, 0x69 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 64 * 6]; +-} _EC_brainpoolP512t1 = { +- { +- NID_X9_62_prime_field, 0, 64, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE, +- 0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E, +- 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x71, 0x7D, 0x4D, 0x9B, 0x00, +- 0x9B, 0xC6, 0x68, 0x42, 0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6, +- 0x28, 0x81, 0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, 0x28, 0xAA, 0x60, 0x56, +- 0x58, 0x3A, 0x48, 0xF3, +- /* a */ +- 0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE, +- 0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E, +- 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x71, 0x7D, 0x4D, 0x9B, 0x00, +- 0x9B, 0xC6, 0x68, 0x42, 0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6, +- 0x28, 0x81, 0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, 0x28, 0xAA, 0x60, 0x56, +- 0x58, 0x3A, 0x48, 0xF0, +- /* b */ +- 0x7C, 0xBB, 0xBC, 0xF9, 0x44, 0x1C, 0xFA, 0xB7, 0x6E, 0x18, 0x90, 0xE4, +- 0x68, 0x84, 0xEA, 0xE3, 0x21, 0xF7, 0x0C, 0x0B, 0xCB, 0x49, 0x81, 0x52, +- 0x78, 0x97, 0x50, 0x4B, 0xEC, 0x3E, 0x36, 0xA6, 0x2B, 0xCD, 0xFA, 0x23, +- 0x04, 0x97, 0x65, 0x40, 0xF6, 0x45, 0x00, 0x85, 0xF2, 0xDA, 0xE1, 0x45, +- 0xC2, 0x25, 0x53, 0xB4, 0x65, 0x76, 0x36, 0x89, 0x18, 0x0E, 0xA2, 0x57, +- 0x18, 0x67, 0x42, 0x3E, +- /* x */ +- 0x64, 0x0E, 0xCE, 0x5C, 0x12, 0x78, 0x87, 0x17, 0xB9, 0xC1, 0xBA, 0x06, +- 0xCB, 0xC2, 0xA6, 0xFE, 0xBA, 0x85, 0x84, 0x24, 0x58, 0xC5, 0x6D, 0xDE, +- 0x9D, 0xB1, 0x75, 0x8D, 0x39, 0xC0, 0x31, 0x3D, 0x82, 0xBA, 0x51, 0x73, +- 0x5C, 0xDB, 0x3E, 0xA4, 0x99, 0xAA, 0x77, 0xA7, 0xD6, 0x94, 0x3A, 0x64, +- 0xF7, 0xA3, 0xF2, 0x5F, 0xE2, 0x6F, 0x06, 0xB5, 0x1B, 0xAA, 0x26, 0x96, +- 0xFA, 0x90, 0x35, 0xDA, +- /* y */ +- 0x5B, 0x53, 0x4B, 0xD5, 0x95, 0xF5, 0xAF, 0x0F, 0xA2, 0xC8, 0x92, 0x37, +- 0x6C, 0x84, 0xAC, 0xE1, 0xBB, 0x4E, 0x30, 0x19, 0xB7, 0x16, 0x34, 0xC0, +- 0x11, 0x31, 0x15, 0x9C, 0xAE, 0x03, 0xCE, 0xE9, 0xD9, 0x93, 0x21, 0x84, +- 0xBE, 0xEF, 0x21, 0x6B, 0xD7, 0x1D, 0xF2, 0xDA, 0xDF, 0x86, 0xA6, 0x27, +- 0x30, 0x6E, 0xCF, 0xF9, 0x6D, 0xBB, 0x8B, 0xAC, 0xE1, 0x98, 0xB6, 0x1E, +- 0x00, 0xF8, 0xB3, 0x32, +- /* order */ +- 0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE, +- 0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E, +- 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x70, 0x55, 0x3E, 0x5C, 0x41, +- 0x4C, 0xA9, 0x26, 0x19, 0x41, 0x86, 0x61, 0x19, 0x7F, 0xAC, 0x10, 0x47, +- 0x1D, 0xB1, 0xD3, 0x81, 0x08, 0x5D, 0xDA, 0xDD, 0xB5, 0x87, 0x96, 0x82, +- 0x9C, 0xA9, 0x00, 0x69 +- } +-}; +- +-#ifndef OPENSSL_NO_SM2 +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 32 * 6]; +-} _EC_sm2p256v1 = { +- { +- NID_X9_62_prime_field, 0, 32, 1 +- }, +- { +- /* no seed */ +- +- /* p */ +- 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, +- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +- /* a */ +- 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, +- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc, +- /* b */ +- 0x28, 0xe9, 0xfa, 0x9e, 0x9d, 0x9f, 0x5e, 0x34, 0x4d, 0x5a, 0x9e, 0x4b, +- 0xcf, 0x65, 0x09, 0xa7, 0xf3, 0x97, 0x89, 0xf5, 0x15, 0xab, 0x8f, 0x92, +- 0xdd, 0xbc, 0xbd, 0x41, 0x4d, 0x94, 0x0e, 0x93, +- /* x */ +- 0x32, 0xc4, 0xae, 0x2c, 0x1f, 0x19, 0x81, 0x19, 0x5f, 0x99, 0x04, 0x46, +- 0x6a, 0x39, 0xc9, 0x94, 0x8f, 0xe3, 0x0b, 0xbf, 0xf2, 0x66, 0x0b, 0xe1, +- 0x71, 0x5a, 0x45, 0x89, 0x33, 0x4c, 0x74, 0xc7, +- /* y */ +- 0xbc, 0x37, 0x36, 0xa2, 0xf4, 0xf6, 0x77, 0x9c, 0x59, 0xbd, 0xce, 0xe3, +- 0x6b, 0x69, 0x21, 0x53, 0xd0, 0xa9, 0x87, 0x7c, 0xc6, 0x2a, 0x47, 0x40, +- 0x02, 0xdf, 0x32, 0xe5, 0x21, 0x39, 0xf0, 0xa0, +- /* order */ +- 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +- 0xff, 0xff, 0xff, 0xff, 0x72, 0x03, 0xdf, 0x6b, 0x21, 0xc6, 0x05, 0x2b, +- 0x53, 0xbb, 0xf4, 0x09, 0x39, 0xd5, 0x41, 0x23, +- } +-}; +-#endif /* OPENSSL_NO_SM2 */ +- + typedef struct _ec_list_element_st { + int nid; + const EC_CURVE_DATA *data; +@@ -2800,25 +245,6 @@ + static const ec_list_element curve_list[] = { + /* prime field curves */ + /* secg curves */ +- {NID_secp112r1, &_EC_SECG_PRIME_112R1.h, 0, +- "SECG/WTLS curve over a 112 bit prime field"}, +- {NID_secp112r2, &_EC_SECG_PRIME_112R2.h, 0, +- "SECG curve over a 112 bit prime field"}, +- {NID_secp128r1, &_EC_SECG_PRIME_128R1.h, 0, +- "SECG curve over a 128 bit prime field"}, +- {NID_secp128r2, &_EC_SECG_PRIME_128R2.h, 0, +- "SECG curve over a 128 bit prime field"}, +- {NID_secp160k1, &_EC_SECG_PRIME_160K1.h, 0, +- "SECG curve over a 160 bit prime field"}, +- {NID_secp160r1, &_EC_SECG_PRIME_160R1.h, 0, +- "SECG curve over a 160 bit prime field"}, +- {NID_secp160r2, &_EC_SECG_PRIME_160R2.h, 0, +- "SECG/WTLS curve over a 160 bit prime field"}, +- /* SECG secp192r1 is the same as X9.62 prime192v1 and hence omitted */ +- {NID_secp192k1, &_EC_SECG_PRIME_192K1.h, 0, +- "SECG curve over a 192 bit prime field"}, +- {NID_secp224k1, &_EC_SECG_PRIME_224K1.h, 0, +- "SECG curve over a 224 bit prime field"}, + #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 + {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, + "NIST/SECG curve over a 224 bit prime field"}, +@@ -2839,18 +265,6 @@ + "NIST/SECG curve over a 521 bit prime field"}, + #endif + /* X9.62 curves */ +- {NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0, +- "NIST/X9.62/SECG curve over a 192 bit prime field"}, +- {NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, 0, +- "X9.62 curve over a 192 bit prime field"}, +- {NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, 0, +- "X9.62 curve over a 192 bit prime field"}, +- {NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, 0, +- "X9.62 curve over a 239 bit prime field"}, +- {NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, 0, +- "X9.62 curve over a 239 bit prime field"}, +- {NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, 0, +- "X9.62 curve over a 239 bit prime field"}, + {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, + #if defined(ECP_NISTZ256_ASM) + EC_GFp_nistz256_method, +@@ -2860,149 +274,6 @@ + 0, + #endif + "X9.62/SECG curve over a 256 bit prime field"}, +-#ifndef OPENSSL_NO_EC2M +- /* characteristic two field curves */ +- /* NIST/SECG curves */ +- {NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, 0, +- "SECG curve over a 113 bit binary field"}, +- {NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, 0, +- "SECG curve over a 113 bit binary field"}, +- {NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, 0, +- "SECG/WTLS curve over a 131 bit binary field"}, +- {NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, 0, +- "SECG curve over a 131 bit binary field"}, +- {NID_sect163k1, &_EC_NIST_CHAR2_163K.h, 0, +- "NIST/SECG/WTLS curve over a 163 bit binary field"}, +- {NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, 0, +- "SECG curve over a 163 bit binary field"}, +- {NID_sect163r2, &_EC_NIST_CHAR2_163B.h, 0, +- "NIST/SECG curve over a 163 bit binary field"}, +- {NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, 0, +- "SECG curve over a 193 bit binary field"}, +- {NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, 0, +- "SECG curve over a 193 bit binary field"}, +- {NID_sect233k1, &_EC_NIST_CHAR2_233K.h, 0, +- "NIST/SECG/WTLS curve over a 233 bit binary field"}, +- {NID_sect233r1, &_EC_NIST_CHAR2_233B.h, 0, +- "NIST/SECG/WTLS curve over a 233 bit binary field"}, +- {NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, 0, +- "SECG curve over a 239 bit binary field"}, +- {NID_sect283k1, &_EC_NIST_CHAR2_283K.h, 0, +- "NIST/SECG curve over a 283 bit binary field"}, +- {NID_sect283r1, &_EC_NIST_CHAR2_283B.h, 0, +- "NIST/SECG curve over a 283 bit binary field"}, +- {NID_sect409k1, &_EC_NIST_CHAR2_409K.h, 0, +- "NIST/SECG curve over a 409 bit binary field"}, +- {NID_sect409r1, &_EC_NIST_CHAR2_409B.h, 0, +- "NIST/SECG curve over a 409 bit binary field"}, +- {NID_sect571k1, &_EC_NIST_CHAR2_571K.h, 0, +- "NIST/SECG curve over a 571 bit binary field"}, +- {NID_sect571r1, &_EC_NIST_CHAR2_571B.h, 0, +- "NIST/SECG curve over a 571 bit binary field"}, +- /* X9.62 curves */ +- {NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, 0, +- "X9.62 curve over a 163 bit binary field"}, +- {NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, 0, +- "X9.62 curve over a 163 bit binary field"}, +- {NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, 0, +- "X9.62 curve over a 163 bit binary field"}, +- {NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, 0, +- "X9.62 curve over a 176 bit binary field"}, +- {NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, 0, +- "X9.62 curve over a 191 bit binary field"}, +- {NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, 0, +- "X9.62 curve over a 191 bit binary field"}, +- {NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, 0, +- "X9.62 curve over a 191 bit binary field"}, +- {NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, 0, +- "X9.62 curve over a 208 bit binary field"}, +- {NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, 0, +- "X9.62 curve over a 239 bit binary field"}, +- {NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, 0, +- "X9.62 curve over a 239 bit binary field"}, +- {NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, 0, +- "X9.62 curve over a 239 bit binary field"}, +- {NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, 0, +- "X9.62 curve over a 272 bit binary field"}, +- {NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, 0, +- "X9.62 curve over a 304 bit binary field"}, +- {NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, 0, +- "X9.62 curve over a 359 bit binary field"}, +- {NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, 0, +- "X9.62 curve over a 368 bit binary field"}, +- {NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, 0, +- "X9.62 curve over a 431 bit binary field"}, +- /* +- * the WAP/WTLS curves [unlike SECG, spec has its own OIDs for curves +- * from X9.62] +- */ +- {NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, 0, +- "WTLS curve over a 113 bit binary field"}, +- {NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h, 0, +- "NIST/SECG/WTLS curve over a 163 bit binary field"}, +- {NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h, 0, +- "SECG curve over a 113 bit binary field"}, +- {NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, 0, +- "X9.62 curve over a 163 bit binary field"}, +-#endif +- {NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h, 0, +- "SECG/WTLS curve over a 112 bit prime field"}, +- {NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h, 0, +- "SECG/WTLS curve over a 160 bit prime field"}, +- {NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, 0, +- "WTLS curve over a 112 bit prime field"}, +- {NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, 0, +- "WTLS curve over a 160 bit prime field"}, +-#ifndef OPENSSL_NO_EC2M +- {NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, 0, +- "NIST/SECG/WTLS curve over a 233 bit binary field"}, +- {NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, 0, +- "NIST/SECG/WTLS curve over a 233 bit binary field"}, +-#endif +- {NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, 0, +- "WTLS curve over a 224 bit prime field"}, +-#ifndef OPENSSL_NO_EC2M +- /* IPSec curves */ +- {NID_ipsec3, &_EC_IPSEC_155_ID3.h, 0, +- "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n" +- "\tNot suitable for ECDSA.\n\tQuestionable extension field!"}, +- {NID_ipsec4, &_EC_IPSEC_185_ID4.h, 0, +- "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n" +- "\tNot suitable for ECDSA.\n\tQuestionable extension field!"}, +-#endif +- /* brainpool curves */ +- {NID_brainpoolP160r1, &_EC_brainpoolP160r1.h, 0, +- "RFC 5639 curve over a 160 bit prime field"}, +- {NID_brainpoolP160t1, &_EC_brainpoolP160t1.h, 0, +- "RFC 5639 curve over a 160 bit prime field"}, +- {NID_brainpoolP192r1, &_EC_brainpoolP192r1.h, 0, +- "RFC 5639 curve over a 192 bit prime field"}, +- {NID_brainpoolP192t1, &_EC_brainpoolP192t1.h, 0, +- "RFC 5639 curve over a 192 bit prime field"}, +- {NID_brainpoolP224r1, &_EC_brainpoolP224r1.h, 0, +- "RFC 5639 curve over a 224 bit prime field"}, +- {NID_brainpoolP224t1, &_EC_brainpoolP224t1.h, 0, +- "RFC 5639 curve over a 224 bit prime field"}, +- {NID_brainpoolP256r1, &_EC_brainpoolP256r1.h, 0, +- "RFC 5639 curve over a 256 bit prime field"}, +- {NID_brainpoolP256t1, &_EC_brainpoolP256t1.h, 0, +- "RFC 5639 curve over a 256 bit prime field"}, +- {NID_brainpoolP320r1, &_EC_brainpoolP320r1.h, 0, +- "RFC 5639 curve over a 320 bit prime field"}, +- {NID_brainpoolP320t1, &_EC_brainpoolP320t1.h, 0, +- "RFC 5639 curve over a 320 bit prime field"}, +- {NID_brainpoolP384r1, &_EC_brainpoolP384r1.h, 0, +- "RFC 5639 curve over a 384 bit prime field"}, +- {NID_brainpoolP384t1, &_EC_brainpoolP384t1.h, 0, +- "RFC 5639 curve over a 384 bit prime field"}, +- {NID_brainpoolP512r1, &_EC_brainpoolP512r1.h, 0, +- "RFC 5639 curve over a 512 bit prime field"}, +- {NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0, +- "RFC 5639 curve over a 512 bit prime field"}, +-#ifndef OPENSSL_NO_SM2 +- {NID_sm2, &_EC_sm2p256v1.h, 0, +- "SM2 curve over a 256 bit prime field"}, +-#endif + }; + + #define curve_list_length OSSL_NELEM(curve_list) diff --git a/thirdparty/openssl/patches/openssl-1.1.1-edk2-build.patch b/thirdparty/openssl/patches/openssl-1.1.1-edk2-build.patch new file mode 100644 index 000000000..b13708e41 --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-edk2-build.patch @@ -0,0 +1,57 @@ +diff -up openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build openssl-1.1.1g/crypto/evp/pkey_kdf.c +--- openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build 2020-05-18 12:55:53.299548432 +0200 ++++ openssl-1.1.1g/crypto/evp/pkey_kdf.c 2020-05-18 12:55:53.340548788 +0200 +@@ -12,6 +12,7 @@ + #include + #include + #include ++#include "internal/numbers.h" + #include "crypto/evp.h" + + static int pkey_kdf_init(EVP_PKEY_CTX *ctx) +diff -up openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build openssl-1.1.1g/crypto/kdf/hkdf.c +--- openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build 2020-05-18 12:55:53.340548788 +0200 ++++ openssl-1.1.1g/crypto/kdf/hkdf.c 2020-05-18 12:57:18.648288904 +0200 +@@ -13,6 +13,7 @@ + #include + #include + #include ++#include "internal/numbers.h" + #include "internal/cryptlib.h" + #include "crypto/evp.h" + #include "kdf_local.h" +diff -up openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build openssl-1.1.1g/crypto/rand/rand_unix.c +--- openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build 2020-05-18 12:56:05.646655554 +0200 ++++ openssl-1.1.1g/crypto/rand/rand_unix.c 2020-05-18 12:58:51.088090896 +0200 +@@ -20,7 +20,7 @@ + #include "crypto/fips.h" + #include + #include "internal/dso.h" +-#ifdef __linux ++#if defined(__linux) && !defined(OPENSSL_SYS_UEFI) + # include + # include + # ifdef DEVRANDOM_WAIT +diff -up openssl-1.1.1g/include/crypto/fips.h.edk2-build openssl-1.1.1g/include/crypto/fips.h +--- openssl-1.1.1g/include/crypto/fips.h.edk2-build 2020-05-18 12:55:53.296548406 +0200 ++++ openssl-1.1.1g/include/crypto/fips.h 2020-05-18 12:55:53.340548788 +0200 +@@ -50,10 +50,6 @@ + #include + #include + +-#ifndef OPENSSL_FIPS +-# error FIPS is disabled. +-#endif +- + #ifdef OPENSSL_FIPS + + int FIPS_module_mode_set(int onoff); +@@ -97,4 +93,8 @@ void fips_set_selftest_fail(void); + + void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr); + ++#else ++ ++# define fips_in_post() 0 ++ + #endif diff --git a/thirdparty/openssl/patches/openssl-1.1.1-evp-kdf.patch b/thirdparty/openssl/patches/openssl-1.1.1-evp-kdf.patch new file mode 100644 index 000000000..f1d7618c2 --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-evp-kdf.patch @@ -0,0 +1,5238 @@ +diff -up openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf openssl-1.1.1e/crypto/err/openssl.txt +--- openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/err/openssl.txt 2020-03-19 16:04:11.299063517 +0100 +@@ -747,6 +747,9 @@ EVP_F_EVP_DIGESTINIT_EX:128:EVP_DigestIn + EVP_F_EVP_ENCRYPTDECRYPTUPDATE:219:evp_EncryptDecryptUpdate + EVP_F_EVP_ENCRYPTFINAL_EX:127:EVP_EncryptFinal_ex + EVP_F_EVP_ENCRYPTUPDATE:167:EVP_EncryptUpdate ++EVP_F_EVP_KDF_CTRL:224:EVP_KDF_ctrl ++EVP_F_EVP_KDF_CTRL_STR:225:EVP_KDF_ctrl_str ++EVP_F_EVP_KDF_CTX_NEW_ID:226:EVP_KDF_CTX_new_id + EVP_F_EVP_MD_CTX_COPY_EX:110:EVP_MD_CTX_copy_ex + EVP_F_EVP_MD_SIZE:162:EVP_MD_size + EVP_F_EVP_OPENINIT:102:EVP_OpenInit +@@ -809,12 +812,31 @@ EVP_F_PKCS5_PBE_KEYIVGEN:117:PKCS5_PBE_k + EVP_F_PKCS5_V2_PBE_KEYIVGEN:118:PKCS5_v2_PBE_keyivgen + EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN:164:PKCS5_v2_PBKDF2_keyivgen + EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN:180:PKCS5_v2_scrypt_keyivgen ++EVP_F_PKEY_KDF_CTRL:227:pkey_kdf_ctrl + EVP_F_PKEY_SET_TYPE:158:pkey_set_type + EVP_F_RC2_MAGIC_TO_METH:109:rc2_magic_to_meth + EVP_F_RC5_CTRL:125:rc5_ctrl + EVP_F_R_32_12_16_INIT_KEY:242:r_32_12_16_init_key + EVP_F_S390X_AES_GCM_CTRL:201:s390x_aes_gcm_ctrl ++EVP_F_SCRYPT_ALG:228:scrypt_alg + EVP_F_UPDATE:173:update ++KDF_F_HKDF_EXTRACT:112:HKDF_Extract ++KDF_F_KDF_HKDF_DERIVE:113:kdf_hkdf_derive ++KDF_F_KDF_HKDF_NEW:114:kdf_hkdf_new ++KDF_F_KDF_HKDF_SIZE:115:kdf_hkdf_size ++KDF_F_KDF_MD2CTRL:116:kdf_md2ctrl ++KDF_F_KDF_PBKDF2_CTRL_STR:117:kdf_pbkdf2_ctrl_str ++KDF_F_KDF_PBKDF2_DERIVE:118:kdf_pbkdf2_derive ++KDF_F_KDF_PBKDF2_NEW:119:kdf_pbkdf2_new ++KDF_F_KDF_SCRYPT_CTRL_STR:120:kdf_scrypt_ctrl_str ++KDF_F_KDF_SCRYPT_CTRL_UINT32:121:kdf_scrypt_ctrl_uint32 ++KDF_F_KDF_SCRYPT_CTRL_UINT64:122:kdf_scrypt_ctrl_uint64 ++KDF_F_KDF_SCRYPT_DERIVE:123:kdf_scrypt_derive ++KDF_F_KDF_SCRYPT_NEW:124:kdf_scrypt_new ++KDF_F_KDF_TLS1_PRF_CTRL_STR:125:kdf_tls1_prf_ctrl_str ++KDF_F_KDF_TLS1_PRF_DERIVE:126:kdf_tls1_prf_derive ++KDF_F_KDF_TLS1_PRF_NEW:127:kdf_tls1_prf_new ++KDF_F_PBKDF2_SET_MEMBUF:128:pbkdf2_set_membuf + KDF_F_PKEY_HKDF_CTRL_STR:103:pkey_hkdf_ctrl_str + KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive + KDF_F_PKEY_HKDF_INIT:108:pkey_hkdf_init +@@ -826,6 +848,7 @@ KDF_F_PKEY_SCRYPT_SET_MEMBUF:107:pkey_sc + KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tls1_prf_ctrl_str + KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive + KDF_F_PKEY_TLS1_PRF_INIT:110:pkey_tls1_prf_init ++KDF_F_SCRYPT_SET_MEMBUF:129:scrypt_set_membuf + KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg + OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object + OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid +@@ -2277,6 +2300,7 @@ EVP_R_ONLY_ONESHOT_SUPPORTED:177:only on + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\ + operation not supported for this keytype + EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized ++EVP_R_PARAMETER_TOO_LARGE:187:parameter too large + EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers + EVP_R_PBKDF2_ERROR:181:pbkdf2 error + EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\ +@@ -2313,6 +2337,7 @@ KDF_R_MISSING_SEED:106:missing seed + KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type + KDF_R_VALUE_ERROR:108:value error + KDF_R_VALUE_MISSING:102:value missing ++KDF_R_WRONG_OUTPUT_BUFFER_SIZE:112:wrong output buffer size + OBJ_R_OID_EXISTS:102:oid exists + OBJ_R_UNKNOWN_NID:101:unknown nid + OCSP_R_CERTIFICATE_VERIFY_ERROR:101:certificate verify error +diff -up openssl-1.1.1e/crypto/evp/build.info.evp-kdf openssl-1.1.1e/crypto/evp/build.info +--- openssl-1.1.1e/crypto/evp/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/build.info 2020-03-19 16:04:11.300063500 +0100 +@@ -9,7 +9,8 @@ SOURCE[../../libcrypto]=\ + p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ + bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ + c_allc.c c_alld.c evp_lib.c bio_ok.c \ +- evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c pbe_scrypt.c \ ++ evp_pkey.c kdf_lib.c evp_pbe.c p5_crpt.c p5_crpt2.c pbe_scrypt.c \ ++ pkey_kdf.c \ + e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \ + e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \ + e_chacha20_poly1305.c cmeth_lib.c +diff -up openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c.evp-kdf openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c +--- openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c.evp-kdf 2020-03-19 16:04:11.300063500 +0100 ++++ openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c 2020-03-19 16:16:46.497967633 +0100 +@@ -14,9 +14,9 @@ + + # include + # include +-# include "evp_local.h" + # include "crypto/evp.h" + # include "crypto/chacha.h" ++# include "evp_local.h" + + typedef struct { + union { +diff -up openssl-1.1.1e/crypto/evp/encode.c.evp-kdf openssl-1.1.1e/crypto/evp/encode.c +--- openssl-1.1.1e/crypto/evp/encode.c.evp-kdf 2020-03-19 16:04:11.301063483 +0100 ++++ openssl-1.1.1e/crypto/evp/encode.c 2020-03-19 16:14:13.147628683 +0100 +@@ -11,8 +11,8 @@ + #include + #include "internal/cryptlib.h" + #include +-#include "evp_local.h" + #include "crypto/evp.h" ++#include "evp_local.h" + + static unsigned char conv_ascii2bin(unsigned char a, + const unsigned char *table); +diff -up openssl-1.1.1e/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1e/crypto/evp/evp_err.c +--- openssl-1.1.1e/crypto/evp/evp_err.c.evp-kdf 2020-03-19 16:04:11.218064919 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_err.c 2020-03-19 16:04:11.302063465 +0100 +@@ -60,6 +60,9 @@ static const ERR_STRING_DATA EVP_str_fun + {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, 0), + "EVP_EncryptFinal_ex"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTUPDATE, 0), "EVP_EncryptUpdate"}, ++ {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTRL, 0), "EVP_KDF_ctrl"}, ++ {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTRL_STR, 0), "EVP_KDF_ctrl_str"}, ++ {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTX_NEW_ID, 0), "EVP_KDF_CTX_new_id"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_CTX_COPY_EX, 0), "EVP_MD_CTX_copy_ex"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_SIZE, 0), "EVP_MD_size"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_OPENINIT, 0), "EVP_OpenInit"}, +@@ -151,12 +154,14 @@ static const ERR_STRING_DATA EVP_str_fun + "PKCS5_v2_PBKDF2_keyivgen"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN, 0), + "PKCS5_v2_scrypt_keyivgen"}, ++ {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_KDF_CTRL, 0), "pkey_kdf_ctrl"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_SET_TYPE, 0), "pkey_set_type"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_RC2_MAGIC_TO_METH, 0), "rc2_magic_to_meth"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_RC5_CTRL, 0), "rc5_ctrl"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_R_32_12_16_INIT_KEY, 0), + "r_32_12_16_init_key"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_S390X_AES_GCM_CTRL, 0), "s390x_aes_gcm_ctrl"}, ++ {ERR_PACK(ERR_LIB_EVP, EVP_F_SCRYPT_ALG, 0), "scrypt_alg"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_UPDATE, 0), "update"}, + {0, NULL} + }; +@@ -241,6 +246,8 @@ static const ERR_STRING_DATA EVP_str_rea + "operation not supported for this keytype"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED), + "operaton not initialized"}, ++ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARAMETER_TOO_LARGE), ++ "parameter too large"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING), + "partially overlapping buffers"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"}, +diff -up openssl-1.1.1e/crypto/evp/evp_local.h.evp-kdf openssl-1.1.1e/crypto/evp/evp_local.h +--- openssl-1.1.1e/crypto/evp/evp_local.h.evp-kdf 2020-03-19 16:04:10.657074629 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_local.h 2020-03-19 16:04:20.722900404 +0100 +@@ -41,6 +41,11 @@ struct evp_cipher_ctx_st { + unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */ + } /* EVP_CIPHER_CTX */ ; + ++struct evp_kdf_ctx_st { ++ const EVP_KDF_METHOD *kmeth; ++ EVP_KDF_IMPL *impl; /* Algorithm-specific data */ ++} /* EVP_KDF_CTX */ ; ++ + int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, + int passlen, ASN1_TYPE *param, + const EVP_CIPHER *c, const EVP_MD *md, +diff -up openssl-1.1.1e/crypto/evp/evp_pbe.c.evp-kdf openssl-1.1.1e/crypto/evp/evp_pbe.c +--- openssl-1.1.1e/crypto/evp/evp_pbe.c.evp-kdf 2020-03-19 16:04:20.723900386 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_pbe.c 2020-03-19 16:11:56.425001210 +0100 +@@ -12,6 +12,7 @@ + #include + #include + #include ++#include "crypto/evp.h" + #include "evp_local.h" + + /* Password based encryption (PBE) functions */ +diff -up openssl-1.1.1e/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1e/crypto/evp/kdf_lib.c +--- openssl-1.1.1e/crypto/evp/kdf_lib.c.evp-kdf 2020-03-19 16:04:20.723900386 +0100 ++++ openssl-1.1.1e/crypto/evp/kdf_lib.c 2020-03-19 16:04:20.723900386 +0100 +@@ -0,0 +1,165 @@ ++/* ++ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include "internal/cryptlib.h" ++#include ++#include ++#include ++#include ++#include "crypto/asn1.h" ++#include "crypto/evp.h" ++#include "internal/numbers.h" ++#include "evp_local.h" ++ ++typedef int sk_cmp_fn_type(const char *const *a, const char *const *b); ++ ++/* This array needs to be in order of NIDs */ ++static const EVP_KDF_METHOD *standard_methods[] = { ++ &pbkdf2_kdf_meth, ++#ifndef OPENSSL_NO_SCRYPT ++ &scrypt_kdf_meth, ++#endif ++ &tls1_prf_kdf_meth, ++ &hkdf_kdf_meth ++}; ++ ++DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, ++ kmeth); ++ ++static int kmeth_cmp(const EVP_KDF_METHOD *const *a, ++ const EVP_KDF_METHOD *const *b) ++{ ++ return ((*a)->type - (*b)->type); ++} ++ ++IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, ++ kmeth); ++ ++static const EVP_KDF_METHOD *kdf_meth_find(int type) ++{ ++ EVP_KDF_METHOD tmp; ++ const EVP_KDF_METHOD *t = &tmp, **ret; ++ ++ tmp.type = type; ++ ret = OBJ_bsearch_kmeth(&t, standard_methods, ++ OSSL_NELEM(standard_methods)); ++ if (ret == NULL || *ret == NULL) ++ return NULL; ++ ++ return *ret; ++} ++ ++EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id) ++{ ++ EVP_KDF_CTX *ret; ++ const EVP_KDF_METHOD *kmeth; ++ ++ kmeth = kdf_meth_find(id); ++ if (kmeth == NULL) { ++ EVPerr(EVP_F_EVP_KDF_CTX_NEW_ID, EVP_R_UNSUPPORTED_ALGORITHM); ++ return NULL; ++ } ++ ++ ret = OPENSSL_zalloc(sizeof(*ret)); ++ if (ret == NULL) { ++ EVPerr(EVP_F_EVP_KDF_CTX_NEW_ID, ERR_R_MALLOC_FAILURE); ++ return NULL; ++ } ++ ++ if (kmeth->new != NULL && (ret->impl = kmeth->new()) == NULL) { ++ EVP_KDF_CTX_free(ret); ++ return NULL; ++ } ++ ++ ret->kmeth = kmeth; ++ return ret; ++} ++ ++void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx) ++{ ++ if (ctx == NULL) ++ return; ++ ++ ctx->kmeth->free(ctx->impl); ++ OPENSSL_free(ctx); ++} ++ ++void EVP_KDF_reset(EVP_KDF_CTX *ctx) ++{ ++ if (ctx == NULL) ++ return; ++ ++ if (ctx->kmeth->reset != NULL) ++ ctx->kmeth->reset(ctx->impl); ++} ++ ++int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...) ++{ ++ int ret; ++ va_list args; ++ ++ va_start(args, cmd); ++ ret = EVP_KDF_vctrl(ctx, cmd, args); ++ va_end(args); ++ ++ if (ret == -2) ++ EVPerr(EVP_F_EVP_KDF_CTRL, EVP_R_COMMAND_NOT_SUPPORTED); ++ ++ return ret; ++} ++ ++int EVP_KDF_vctrl(EVP_KDF_CTX *ctx, int cmd, va_list args) ++{ ++ if (ctx == NULL) ++ return 0; ++ ++ return ctx->kmeth->ctrl(ctx->impl, cmd, args); ++} ++ ++int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value) ++{ ++ int ret; ++ ++ if (ctx == NULL) ++ return 0; ++ ++ if (ctx->kmeth->ctrl_str == NULL) { ++ EVPerr(EVP_F_EVP_KDF_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED); ++ return -2; ++ } ++ ++ ret = ctx->kmeth->ctrl_str(ctx->impl, type, value); ++ if (ret == -2) ++ EVPerr(EVP_F_EVP_KDF_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED); ++ ++ return ret; ++} ++ ++size_t EVP_KDF_size(EVP_KDF_CTX *ctx) ++{ ++ if (ctx == NULL) ++ return 0; ++ ++ if (ctx->kmeth->size == NULL) ++ return SIZE_MAX; ++ ++ return ctx->kmeth->size(ctx->impl); ++} ++ ++int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen) ++{ ++ if (ctx == NULL) ++ return 0; ++ ++ return ctx->kmeth->derive(ctx->impl, key, keylen); ++} ++ +diff -up openssl-1.1.1e/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1e/crypto/evp/p5_crpt2.c +--- openssl-1.1.1e/crypto/evp/p5_crpt2.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/p5_crpt2.c 2020-03-19 16:17:48.822886126 +0100 +@@ -1,5 +1,5 @@ + /* +- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy +@@ -10,105 +10,51 @@ + #include + #include + #include "internal/cryptlib.h" +-# include +-# include +-# include +-# include "evp_local.h" ++#include ++#include ++#include ++#include ++#include "crypto/evp.h" ++#include "evp_local.h" + + /* set this to print out info about the keygen algorithm */ + /* #define OPENSSL_DEBUG_PKCS5V2 */ + +-# ifdef OPENSSL_DEBUG_PKCS5V2 ++#ifdef OPENSSL_DEBUG_PKCS5V2 + static void h__dump(const unsigned char *p, int len); +-# endif +- +-/* +- * This is an implementation of PKCS#5 v2.0 password based encryption key +- * derivation function PBKDF2. SHA1 version verified against test vectors +- * posted by Peter Gutmann to the PKCS-TNG mailing list. +- */ ++#endif + + int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, + const unsigned char *salt, int saltlen, int iter, + const EVP_MD *digest, int keylen, unsigned char *out) + { + const char *empty = ""; +- unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; +- int cplen, j, k, tkeylen, mdlen; +- unsigned long i = 1; +- HMAC_CTX *hctx_tpl = NULL, *hctx = NULL; +- +- mdlen = EVP_MD_size(digest); +- if (mdlen < 0) +- return 0; ++ int rv = 1; ++ EVP_KDF_CTX *kctx; + +- hctx_tpl = HMAC_CTX_new(); +- if (hctx_tpl == NULL) +- return 0; +- p = out; +- tkeylen = keylen; ++ /* Keep documented behaviour. */ + if (pass == NULL) { + pass = empty; + passlen = 0; + } else if (passlen == -1) { + passlen = strlen(pass); + } +- if (!HMAC_Init_ex(hctx_tpl, pass, passlen, digest, NULL)) { +- HMAC_CTX_free(hctx_tpl); +- return 0; +- } +- hctx = HMAC_CTX_new(); +- if (hctx == NULL) { +- HMAC_CTX_free(hctx_tpl); ++ if (salt == NULL && saltlen == 0) ++ salt = (unsigned char *)empty; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2); ++ if (kctx == NULL) + return 0; +- } +- while (tkeylen) { +- if (tkeylen > mdlen) +- cplen = mdlen; +- else +- cplen = tkeylen; +- /* +- * We are unlikely to ever use more than 256 blocks (5120 bits!) but +- * just in case... +- */ +- itmp[0] = (unsigned char)((i >> 24) & 0xff); +- itmp[1] = (unsigned char)((i >> 16) & 0xff); +- itmp[2] = (unsigned char)((i >> 8) & 0xff); +- itmp[3] = (unsigned char)(i & 0xff); +- if (!HMAC_CTX_copy(hctx, hctx_tpl)) { +- HMAC_CTX_free(hctx); +- HMAC_CTX_free(hctx_tpl); +- return 0; +- } +- if (!HMAC_Update(hctx, salt, saltlen) +- || !HMAC_Update(hctx, itmp, 4) +- || !HMAC_Final(hctx, digtmp, NULL)) { +- HMAC_CTX_free(hctx); +- HMAC_CTX_free(hctx_tpl); +- return 0; +- } +- memcpy(p, digtmp, cplen); +- for (j = 1; j < iter; j++) { +- if (!HMAC_CTX_copy(hctx, hctx_tpl)) { +- HMAC_CTX_free(hctx); +- HMAC_CTX_free(hctx_tpl); +- return 0; +- } +- if (!HMAC_Update(hctx, digtmp, mdlen) +- || !HMAC_Final(hctx, digtmp, NULL)) { +- HMAC_CTX_free(hctx); +- HMAC_CTX_free(hctx_tpl); +- return 0; +- } +- for (k = 0; k < cplen; k++) +- p[k] ^= digtmp[k]; +- } +- tkeylen -= cplen; +- i++; +- p += cplen; +- } +- HMAC_CTX_free(hctx); +- HMAC_CTX_free(hctx_tpl); ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, pass, (size_t)passlen) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, ++ salt, (size_t)saltlen) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, iter) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, digest) != 1 ++ || EVP_KDF_derive(kctx, out, keylen) != 1) ++ rv = 0; ++ ++ EVP_KDF_CTX_free(kctx); ++ + # ifdef OPENSSL_DEBUG_PKCS5V2 + fprintf(stderr, "Password:\n"); + h__dump(pass, passlen); +@@ -118,7 +64,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, + fprintf(stderr, "Key:\n"); + h__dump(out, keylen); + # endif +- return 1; ++ return rv; + } + + int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, +diff -up openssl-1.1.1e/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1e/crypto/evp/pbe_scrypt.c +--- openssl-1.1.1e/crypto/evp/pbe_scrypt.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/pbe_scrypt.c 2020-03-19 16:04:20.725900352 +0100 +@@ -7,135 +7,12 @@ + * https://www.openssl.org/source/license.html + */ + +-#include +-#include +-#include + #include + #include +-#include "internal/numbers.h" ++#include + + #ifndef OPENSSL_NO_SCRYPT + +-#define R(a,b) (((a) << (b)) | ((a) >> (32 - (b)))) +-static void salsa208_word_specification(uint32_t inout[16]) +-{ +- int i; +- uint32_t x[16]; +- memcpy(x, inout, sizeof(x)); +- for (i = 8; i > 0; i -= 2) { +- x[4] ^= R(x[0] + x[12], 7); +- x[8] ^= R(x[4] + x[0], 9); +- x[12] ^= R(x[8] + x[4], 13); +- x[0] ^= R(x[12] + x[8], 18); +- x[9] ^= R(x[5] + x[1], 7); +- x[13] ^= R(x[9] + x[5], 9); +- x[1] ^= R(x[13] + x[9], 13); +- x[5] ^= R(x[1] + x[13], 18); +- x[14] ^= R(x[10] + x[6], 7); +- x[2] ^= R(x[14] + x[10], 9); +- x[6] ^= R(x[2] + x[14], 13); +- x[10] ^= R(x[6] + x[2], 18); +- x[3] ^= R(x[15] + x[11], 7); +- x[7] ^= R(x[3] + x[15], 9); +- x[11] ^= R(x[7] + x[3], 13); +- x[15] ^= R(x[11] + x[7], 18); +- x[1] ^= R(x[0] + x[3], 7); +- x[2] ^= R(x[1] + x[0], 9); +- x[3] ^= R(x[2] + x[1], 13); +- x[0] ^= R(x[3] + x[2], 18); +- x[6] ^= R(x[5] + x[4], 7); +- x[7] ^= R(x[6] + x[5], 9); +- x[4] ^= R(x[7] + x[6], 13); +- x[5] ^= R(x[4] + x[7], 18); +- x[11] ^= R(x[10] + x[9], 7); +- x[8] ^= R(x[11] + x[10], 9); +- x[9] ^= R(x[8] + x[11], 13); +- x[10] ^= R(x[9] + x[8], 18); +- x[12] ^= R(x[15] + x[14], 7); +- x[13] ^= R(x[12] + x[15], 9); +- x[14] ^= R(x[13] + x[12], 13); +- x[15] ^= R(x[14] + x[13], 18); +- } +- for (i = 0; i < 16; ++i) +- inout[i] += x[i]; +- OPENSSL_cleanse(x, sizeof(x)); +-} +- +-static void scryptBlockMix(uint32_t *B_, uint32_t *B, uint64_t r) +-{ +- uint64_t i, j; +- uint32_t X[16], *pB; +- +- memcpy(X, B + (r * 2 - 1) * 16, sizeof(X)); +- pB = B; +- for (i = 0; i < r * 2; i++) { +- for (j = 0; j < 16; j++) +- X[j] ^= *pB++; +- salsa208_word_specification(X); +- memcpy(B_ + (i / 2 + (i & 1) * r) * 16, X, sizeof(X)); +- } +- OPENSSL_cleanse(X, sizeof(X)); +-} +- +-static void scryptROMix(unsigned char *B, uint64_t r, uint64_t N, +- uint32_t *X, uint32_t *T, uint32_t *V) +-{ +- unsigned char *pB; +- uint32_t *pV; +- uint64_t i, k; +- +- /* Convert from little endian input */ +- for (pV = V, i = 0, pB = B; i < 32 * r; i++, pV++) { +- *pV = *pB++; +- *pV |= *pB++ << 8; +- *pV |= *pB++ << 16; +- *pV |= (uint32_t)*pB++ << 24; +- } +- +- for (i = 1; i < N; i++, pV += 32 * r) +- scryptBlockMix(pV, pV - 32 * r, r); +- +- scryptBlockMix(X, V + (N - 1) * 32 * r, r); +- +- for (i = 0; i < N; i++) { +- uint32_t j; +- j = X[16 * (2 * r - 1)] % N; +- pV = V + 32 * r * j; +- for (k = 0; k < 32 * r; k++) +- T[k] = X[k] ^ *pV++; +- scryptBlockMix(X, T, r); +- } +- /* Convert output to little endian */ +- for (i = 0, pB = B; i < 32 * r; i++) { +- uint32_t xtmp = X[i]; +- *pB++ = xtmp & 0xff; +- *pB++ = (xtmp >> 8) & 0xff; +- *pB++ = (xtmp >> 16) & 0xff; +- *pB++ = (xtmp >> 24) & 0xff; +- } +-} +- +-#ifndef SIZE_MAX +-# define SIZE_MAX ((size_t)-1) +-#endif +- +-/* +- * Maximum power of two that will fit in uint64_t: this should work on +- * most (all?) platforms. +- */ +- +-#define LOG2_UINT64_MAX (sizeof(uint64_t) * 8 - 1) +- +-/* +- * Maximum value of p * r: +- * p <= ((2^32-1) * hLen) / MFLen => +- * p <= ((2^32-1) * 32) / (128 * r) => +- * p * r <= (2^30-1) +- * +- */ +- +-#define SCRYPT_PR_MAX ((1 << 30) - 1) +- + /* + * Maximum permitted memory allow this to be overridden with Configuration + * option: e.g. -DSCRYPT_MAX_MEM=0 for maximum possible. +@@ -160,107 +37,43 @@ int EVP_PBE_scrypt(const char *pass, siz + uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, + unsigned char *key, size_t keylen) + { +- int rv = 0; +- unsigned char *B; +- uint32_t *X, *V, *T; +- uint64_t i, Blen, Vlen; +- +- /* Sanity check parameters */ +- /* initial check, r,p must be non zero, N >= 2 and a power of 2 */ +- if (r == 0 || p == 0 || N < 2 || (N & (N - 1))) +- return 0; +- /* Check p * r < SCRYPT_PR_MAX avoiding overflow */ +- if (p > SCRYPT_PR_MAX / r) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); +- return 0; +- } +- +- /* +- * Need to check N: if 2^(128 * r / 8) overflows limit this is +- * automatically satisfied since N <= UINT64_MAX. +- */ +- +- if (16 * r <= LOG2_UINT64_MAX) { +- if (N >= (((uint64_t)1) << (16 * r))) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); +- return 0; +- } +- } ++ const char *empty = ""; ++ int rv = 1; ++ EVP_KDF_CTX *kctx; + +- /* Memory checks: check total allocated buffer size fits in uint64_t */ +- +- /* +- * B size in section 5 step 1.S +- * Note: we know p * 128 * r < UINT64_MAX because we already checked +- * p * r < SCRYPT_PR_MAX +- */ +- Blen = p * 128 * r; +- /* +- * Yet we pass it as integer to PKCS5_PBKDF2_HMAC... [This would +- * have to be revised when/if PKCS5_PBKDF2_HMAC accepts size_t.] +- */ +- if (Blen > INT_MAX) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ if (r > UINT32_MAX || p > UINT32_MAX) { ++ EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE); + return 0; + } + +- /* +- * Check 32 * r * (N + 2) * sizeof(uint32_t) fits in uint64_t +- * This is combined size V, X and T (section 4) +- */ +- i = UINT64_MAX / (32 * sizeof(uint32_t)); +- if (N + 2 > i / r) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); +- return 0; ++ /* Maintain existing behaviour. */ ++ if (pass == NULL) { ++ pass = empty; ++ passlen = 0; + } +- Vlen = 32 * r * (N + 2) * sizeof(uint32_t); +- +- /* check total allocated size fits in uint64_t */ +- if (Blen > UINT64_MAX - Vlen) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); +- return 0; ++ if (salt == NULL) { ++ salt = (const unsigned char *)empty; ++ saltlen = 0; + } +- + if (maxmem == 0) + maxmem = SCRYPT_MAX_MEM; + +- /* Check that the maximum memory doesn't exceed a size_t limits */ +- if (maxmem > SIZE_MAX) +- maxmem = SIZE_MAX; +- +- if (Blen + Vlen > maxmem) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT); ++ if (kctx == NULL) + return 0; +- } + +- /* If no key return to indicate parameters are OK */ +- if (key == NULL) +- return 1; +- +- B = OPENSSL_malloc((size_t)(Blen + Vlen)); +- if (B == NULL) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, ERR_R_MALLOC_FAILURE); +- return 0; +- } +- X = (uint32_t *)(B + Blen); +- T = X + 32 * r; +- V = T + 32 * r; +- if (PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, 1, EVP_sha256(), +- (int)Blen, B) == 0) +- goto err; +- +- for (i = 0; i < p; i++) +- scryptROMix(B + 128 * r * i, r, N, X, T, V); +- +- if (PKCS5_PBKDF2_HMAC(pass, passlen, B, (int)Blen, 1, EVP_sha256(), +- keylen, key) == 0) +- goto err; +- rv = 1; +- err: +- if (rv == 0) +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PBKDF2_ERROR); ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, pass, (size_t)passlen) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, ++ salt, (size_t)saltlen) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, N) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)r) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)p) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, maxmem) != 1 ++ || EVP_KDF_derive(kctx, key, keylen) != 1) ++ rv = 0; + +- OPENSSL_clear_free(B, (size_t)(Blen + Vlen)); ++ EVP_KDF_CTX_free(kctx); + return rv; + } ++ + #endif +diff -up openssl-1.1.1e/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1e/crypto/evp/pkey_kdf.c +--- openssl-1.1.1e/crypto/evp/pkey_kdf.c.evp-kdf 2020-03-19 16:04:20.726900334 +0100 ++++ openssl-1.1.1e/crypto/evp/pkey_kdf.c 2020-03-19 16:04:20.725900352 +0100 +@@ -0,0 +1,255 @@ ++/* ++ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include ++#include ++#include "crypto/evp.h" ++ ++static int pkey_kdf_init(EVP_PKEY_CTX *ctx) ++{ ++ EVP_KDF_CTX *kctx; ++ ++ kctx = EVP_KDF_CTX_new_id(ctx->pmeth->pkey_id); ++ if (kctx == NULL) ++ return 0; ++ ++ ctx->data = kctx; ++ return 1; ++} ++ ++static void pkey_kdf_cleanup(EVP_PKEY_CTX *ctx) ++{ ++ EVP_KDF_CTX *kctx = ctx->data; ++ ++ EVP_KDF_CTX_free(kctx); ++} ++ ++static int pkey_kdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) ++{ ++ EVP_KDF_CTX *kctx = ctx->data; ++ uint64_t u64_value; ++ int cmd; ++ int ret; ++ ++ switch (type) { ++ case EVP_PKEY_CTRL_PASS: ++ cmd = EVP_KDF_CTRL_SET_PASS; ++ break; ++ case EVP_PKEY_CTRL_HKDF_SALT: ++ case EVP_PKEY_CTRL_SCRYPT_SALT: ++ cmd = EVP_KDF_CTRL_SET_SALT; ++ break; ++ case EVP_PKEY_CTRL_TLS_MD: ++ case EVP_PKEY_CTRL_HKDF_MD: ++ cmd = EVP_KDF_CTRL_SET_MD; ++ break; ++ case EVP_PKEY_CTRL_TLS_SECRET: ++ cmd = EVP_KDF_CTRL_SET_TLS_SECRET; ++ ret = EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_RESET_TLS_SEED); ++ if (ret < 1) ++ return ret; ++ break; ++ case EVP_PKEY_CTRL_TLS_SEED: ++ cmd = EVP_KDF_CTRL_ADD_TLS_SEED; ++ break; ++ case EVP_PKEY_CTRL_HKDF_KEY: ++ cmd = EVP_KDF_CTRL_SET_KEY; ++ break; ++ case EVP_PKEY_CTRL_HKDF_INFO: ++ cmd = EVP_KDF_CTRL_ADD_HKDF_INFO; ++ break; ++ case EVP_PKEY_CTRL_HKDF_MODE: ++ cmd = EVP_KDF_CTRL_SET_HKDF_MODE; ++ break; ++ case EVP_PKEY_CTRL_SCRYPT_N: ++ cmd = EVP_KDF_CTRL_SET_SCRYPT_N; ++ break; ++ case EVP_PKEY_CTRL_SCRYPT_R: ++ cmd = EVP_KDF_CTRL_SET_SCRYPT_R; ++ break; ++ case EVP_PKEY_CTRL_SCRYPT_P: ++ cmd = EVP_KDF_CTRL_SET_SCRYPT_P; ++ break; ++ case EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES: ++ cmd = EVP_KDF_CTRL_SET_MAXMEM_BYTES; ++ break; ++ default: ++ return -2; ++ } ++ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_PASS: ++ case EVP_KDF_CTRL_SET_SALT: ++ case EVP_KDF_CTRL_SET_KEY: ++ case EVP_KDF_CTRL_SET_TLS_SECRET: ++ case EVP_KDF_CTRL_ADD_TLS_SEED: ++ case EVP_KDF_CTRL_ADD_HKDF_INFO: ++ return EVP_KDF_ctrl(kctx, cmd, (const unsigned char *)p2, (size_t)p1); ++ ++ case EVP_KDF_CTRL_SET_MD: ++ return EVP_KDF_ctrl(kctx, cmd, (const EVP_MD *)p2); ++ ++ case EVP_KDF_CTRL_SET_HKDF_MODE: ++ return EVP_KDF_ctrl(kctx, cmd, (int)p1); ++ ++ case EVP_KDF_CTRL_SET_SCRYPT_R: ++ case EVP_KDF_CTRL_SET_SCRYPT_P: ++ u64_value = *(uint64_t *)p2; ++ if (u64_value > UINT32_MAX) { ++ EVPerr(EVP_F_PKEY_KDF_CTRL, EVP_R_PARAMETER_TOO_LARGE); ++ return 0; ++ } ++ ++ return EVP_KDF_ctrl(kctx, cmd, (uint32_t)u64_value); ++ ++ case EVP_KDF_CTRL_SET_SCRYPT_N: ++ case EVP_KDF_CTRL_SET_MAXMEM_BYTES: ++ return EVP_KDF_ctrl(kctx, cmd, *(uint64_t *)p2); ++ ++ default: ++ return 0; ++ } ++} ++ ++static int pkey_kdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, ++ const char *value) ++{ ++ EVP_KDF_CTX *kctx = ctx->data; ++ ++ if (strcmp(type, "md") == 0) ++ return EVP_KDF_ctrl_str(kctx, "digest", value); ++ return EVP_KDF_ctrl_str(kctx, type, value); ++} ++ ++static int pkey_kdf_derive_init(EVP_PKEY_CTX *ctx) ++{ ++ EVP_KDF_CTX *kctx = ctx->data; ++ ++ EVP_KDF_reset(kctx); ++ return 1; ++} ++ ++/* ++ * For fixed-output algorithms the keylen parameter is an "out" parameter ++ * otherwise it is an "in" parameter. ++ */ ++static int pkey_kdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, ++ size_t *keylen) ++{ ++ EVP_KDF_CTX *kctx = ctx->data; ++ size_t outlen = EVP_KDF_size(kctx); ++ ++ if (outlen == 0 || outlen == SIZE_MAX) { ++ /* Variable-output algorithm */ ++ if (key == NULL) ++ return 0; ++ } else { ++ /* Fixed-output algorithm */ ++ *keylen = outlen; ++ if (key == NULL) ++ return 1; ++ } ++ return EVP_KDF_derive(kctx, key, *keylen); ++} ++ ++#ifndef OPENSSL_NO_SCRYPT ++const EVP_PKEY_METHOD scrypt_pkey_meth = { ++ EVP_PKEY_SCRYPT, ++ 0, ++ pkey_kdf_init, ++ 0, ++ pkey_kdf_cleanup, ++ ++ 0, 0, ++ 0, 0, ++ ++ 0, ++ 0, ++ ++ 0, ++ 0, ++ ++ 0, 0, ++ ++ 0, 0, 0, 0, ++ ++ 0, 0, ++ ++ 0, 0, ++ ++ pkey_kdf_derive_init, ++ pkey_kdf_derive, ++ pkey_kdf_ctrl, ++ pkey_kdf_ctrl_str ++}; ++#endif ++ ++const EVP_PKEY_METHOD tls1_prf_pkey_meth = { ++ EVP_PKEY_TLS1_PRF, ++ EVP_PKEY_FLAG_FIPS, ++ pkey_kdf_init, ++ 0, ++ pkey_kdf_cleanup, ++ ++ 0, 0, ++ 0, 0, ++ ++ 0, ++ 0, ++ ++ 0, ++ 0, ++ ++ 0, 0, ++ ++ 0, 0, 0, 0, ++ ++ 0, 0, ++ ++ 0, 0, ++ ++ pkey_kdf_derive_init, ++ pkey_kdf_derive, ++ pkey_kdf_ctrl, ++ pkey_kdf_ctrl_str ++}; ++ ++const EVP_PKEY_METHOD hkdf_pkey_meth = { ++ EVP_PKEY_HKDF, ++ EVP_PKEY_FLAG_FIPS, ++ pkey_kdf_init, ++ 0, ++ pkey_kdf_cleanup, ++ ++ 0, 0, ++ 0, 0, ++ ++ 0, ++ 0, ++ ++ 0, ++ 0, ++ ++ 0, 0, ++ ++ 0, 0, 0, 0, ++ ++ 0, 0, ++ ++ 0, 0, ++ ++ pkey_kdf_derive_init, ++ pkey_kdf_derive, ++ pkey_kdf_ctrl, ++ pkey_kdf_ctrl_str ++}; ++ +diff -up openssl-1.1.1e/crypto/kdf/build.info.evp-kdf openssl-1.1.1e/crypto/kdf/build.info +--- openssl-1.1.1e/crypto/kdf/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/build.info 2020-03-19 16:04:32.347699194 +0100 +@@ -1,3 +1,3 @@ + LIBS=../../libcrypto + SOURCE[../../libcrypto]=\ +- tls1_prf.c kdf_err.c hkdf.c scrypt.c ++ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c +diff -up openssl-1.1.1e/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1e/crypto/kdf/hkdf.c +--- openssl-1.1.1e/crypto/kdf/hkdf.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/hkdf.c 2020-03-19 16:06:59.757147720 +0100 +@@ -8,32 +8,33 @@ + */ + + #include ++#include + #include + #include + #include + #include + #include "internal/cryptlib.h" + #include "crypto/evp.h" ++#include "kdf_local.h" + + #define HKDF_MAXBUF 1024 + +-static unsigned char *HKDF(const EVP_MD *evp_md, +- const unsigned char *salt, size_t salt_len, +- const unsigned char *key, size_t key_len, +- const unsigned char *info, size_t info_len, +- unsigned char *okm, size_t okm_len); +- +-static unsigned char *HKDF_Extract(const EVP_MD *evp_md, +- const unsigned char *salt, size_t salt_len, +- const unsigned char *key, size_t key_len, +- unsigned char *prk, size_t *prk_len); +- +-static unsigned char *HKDF_Expand(const EVP_MD *evp_md, +- const unsigned char *prk, size_t prk_len, +- const unsigned char *info, size_t info_len, +- unsigned char *okm, size_t okm_len); ++static void kdf_hkdf_reset(EVP_KDF_IMPL *impl); ++static int HKDF(const EVP_MD *evp_md, ++ const unsigned char *salt, size_t salt_len, ++ const unsigned char *key, size_t key_len, ++ const unsigned char *info, size_t info_len, ++ unsigned char *okm, size_t okm_len); ++static int HKDF_Extract(const EVP_MD *evp_md, ++ const unsigned char *salt, size_t salt_len, ++ const unsigned char *key, size_t key_len, ++ unsigned char *prk, size_t prk_len); ++static int HKDF_Expand(const EVP_MD *evp_md, ++ const unsigned char *prk, size_t prk_len, ++ const unsigned char *info, size_t info_len, ++ unsigned char *okm, size_t okm_len); + +-typedef struct { ++struct evp_kdf_impl_st { + int mode; + const EVP_MD *md; + unsigned char *salt; +@@ -42,230 +43,208 @@ typedef struct { + size_t key_len; + unsigned char info[HKDF_MAXBUF]; + size_t info_len; +-} HKDF_PKEY_CTX; ++}; + +-static int pkey_hkdf_init(EVP_PKEY_CTX *ctx) ++static EVP_KDF_IMPL *kdf_hkdf_new(void) + { +- HKDF_PKEY_CTX *kctx; +- +- if ((kctx = OPENSSL_zalloc(sizeof(*kctx))) == NULL) { +- KDFerr(KDF_F_PKEY_HKDF_INIT, ERR_R_MALLOC_FAILURE); +- return 0; +- } ++ EVP_KDF_IMPL *impl; + +- ctx->data = kctx; ++ if ((impl = OPENSSL_zalloc(sizeof(*impl))) == NULL) ++ KDFerr(KDF_F_KDF_HKDF_NEW, ERR_R_MALLOC_FAILURE); ++ return impl; ++} + +- return 1; ++static void kdf_hkdf_free(EVP_KDF_IMPL *impl) ++{ ++ kdf_hkdf_reset(impl); ++ OPENSSL_free(impl); + } + +-static void pkey_hkdf_cleanup(EVP_PKEY_CTX *ctx) ++static void kdf_hkdf_reset(EVP_KDF_IMPL *impl) + { +- HKDF_PKEY_CTX *kctx = ctx->data; +- OPENSSL_clear_free(kctx->salt, kctx->salt_len); +- OPENSSL_clear_free(kctx->key, kctx->key_len); +- OPENSSL_cleanse(kctx->info, kctx->info_len); +- OPENSSL_free(kctx); ++ OPENSSL_free(impl->salt); ++ OPENSSL_clear_free(impl->key, impl->key_len); ++ OPENSSL_cleanse(impl->info, impl->info_len); ++ memset(impl, 0, sizeof(*impl)); + } + +-static int pkey_hkdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) ++static int kdf_hkdf_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) + { +- HKDF_PKEY_CTX *kctx = ctx->data; ++ const unsigned char *p; ++ size_t len; ++ const EVP_MD *md; + +- switch (type) { +- case EVP_PKEY_CTRL_HKDF_MD: +- if (p2 == NULL) ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_MD: ++ md = va_arg(args, const EVP_MD *); ++ if (md == NULL) + return 0; + +- kctx->md = p2; ++ impl->md = md; + return 1; + +- case EVP_PKEY_CTRL_HKDF_MODE: +- kctx->mode = p1; ++ case EVP_KDF_CTRL_SET_HKDF_MODE: ++ impl->mode = va_arg(args, int); + return 1; + +- case EVP_PKEY_CTRL_HKDF_SALT: +- if (p1 == 0 || p2 == NULL) ++ case EVP_KDF_CTRL_SET_SALT: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ if (len == 0 || p == NULL) + return 1; + +- if (p1 < 0) ++ OPENSSL_free(impl->salt); ++ impl->salt = OPENSSL_memdup(p, len); ++ if (impl->salt == NULL) + return 0; + +- if (kctx->salt != NULL) +- OPENSSL_clear_free(kctx->salt, kctx->salt_len); +- +- kctx->salt = OPENSSL_memdup(p2, p1); +- if (kctx->salt == NULL) +- return 0; +- +- kctx->salt_len = p1; ++ impl->salt_len = len; + return 1; + +- case EVP_PKEY_CTRL_HKDF_KEY: +- if (p1 < 0) ++ case EVP_KDF_CTRL_SET_KEY: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ OPENSSL_clear_free(impl->key, impl->key_len); ++ impl->key = OPENSSL_memdup(p, len); ++ if (impl->key == NULL) + return 0; + +- if (kctx->key != NULL) +- OPENSSL_clear_free(kctx->key, kctx->key_len); +- +- kctx->key = OPENSSL_memdup(p2, p1); +- if (kctx->key == NULL) +- return 0; ++ impl->key_len = len; ++ return 1; + +- kctx->key_len = p1; ++ case EVP_KDF_CTRL_RESET_HKDF_INFO: ++ OPENSSL_cleanse(impl->info, impl->info_len); ++ impl->info_len = 0; + return 1; + +- case EVP_PKEY_CTRL_HKDF_INFO: +- if (p1 == 0 || p2 == NULL) ++ case EVP_KDF_CTRL_ADD_HKDF_INFO: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ if (len == 0 || p == NULL) + return 1; + +- if (p1 < 0 || p1 > (int)(HKDF_MAXBUF - kctx->info_len)) ++ if (len > (HKDF_MAXBUF - impl->info_len)) + return 0; + +- memcpy(kctx->info + kctx->info_len, p2, p1); +- kctx->info_len += p1; ++ memcpy(impl->info + impl->info_len, p, len); ++ impl->info_len += len; + return 1; + + default: + return -2; +- + } + } + +-static int pkey_hkdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, +- const char *value) ++static int kdf_hkdf_ctrl_str(EVP_KDF_IMPL *impl, const char *type, ++ const char *value) + { + if (strcmp(type, "mode") == 0) { + int mode; + + if (strcmp(value, "EXTRACT_AND_EXPAND") == 0) +- mode = EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND; ++ mode = EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND; + else if (strcmp(value, "EXTRACT_ONLY") == 0) +- mode = EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY; ++ mode = EVP_KDF_HKDF_MODE_EXTRACT_ONLY; + else if (strcmp(value, "EXPAND_ONLY") == 0) +- mode = EVP_PKEY_HKDEF_MODE_EXPAND_ONLY; ++ mode = EVP_KDF_HKDF_MODE_EXPAND_ONLY; + else + return 0; + +- return EVP_PKEY_CTX_hkdf_mode(ctx, mode); ++ return call_ctrl(kdf_hkdf_ctrl, impl, EVP_KDF_CTRL_SET_HKDF_MODE, mode); + } + +- if (strcmp(type, "md") == 0) +- return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_DERIVE, +- EVP_PKEY_CTRL_HKDF_MD, value); ++ if (strcmp(type, "digest") == 0) ++ return kdf_md2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); + + if (strcmp(type, "salt") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_SALT, value); ++ return kdf_str2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_SALT, value); + + if (strcmp(type, "hexsalt") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_SALT, value); ++ return kdf_hex2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_SALT, value); + + if (strcmp(type, "key") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_KEY, value); ++ return kdf_str2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_KEY, value); + + if (strcmp(type, "hexkey") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_KEY, value); ++ return kdf_hex2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_KEY, value); + + if (strcmp(type, "info") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_INFO, value); ++ return kdf_str2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_ADD_HKDF_INFO, ++ value); + + if (strcmp(type, "hexinfo") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_INFO, value); ++ return kdf_hex2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_ADD_HKDF_INFO, ++ value); + +- KDFerr(KDF_F_PKEY_HKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); + return -2; + } + +-static int pkey_hkdf_derive_init(EVP_PKEY_CTX *ctx) ++static size_t kdf_hkdf_size(EVP_KDF_IMPL *impl) + { +- HKDF_PKEY_CTX *kctx = ctx->data; ++ if (impl->mode != EVP_KDF_HKDF_MODE_EXTRACT_ONLY) ++ return SIZE_MAX; + +- OPENSSL_clear_free(kctx->key, kctx->key_len); +- OPENSSL_clear_free(kctx->salt, kctx->salt_len); +- OPENSSL_cleanse(kctx->info, kctx->info_len); +- memset(kctx, 0, sizeof(*kctx)); +- +- return 1; ++ if (impl->md == NULL) { ++ KDFerr(KDF_F_KDF_HKDF_SIZE, KDF_R_MISSING_MESSAGE_DIGEST); ++ return 0; ++ } ++ return EVP_MD_size(impl->md); + } + +-static int pkey_hkdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, +- size_t *keylen) ++static int kdf_hkdf_derive(EVP_KDF_IMPL *impl, unsigned char *key, ++ size_t keylen) + { +- HKDF_PKEY_CTX *kctx = ctx->data; +- +- if (kctx->md == NULL) { +- KDFerr(KDF_F_PKEY_HKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); ++ if (impl->md == NULL) { ++ KDFerr(KDF_F_KDF_HKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); + return 0; + } +- if (kctx->key == NULL) { +- KDFerr(KDF_F_PKEY_HKDF_DERIVE, KDF_R_MISSING_KEY); ++ if (impl->key == NULL) { ++ KDFerr(KDF_F_KDF_HKDF_DERIVE, KDF_R_MISSING_KEY); + return 0; + } + +- switch (kctx->mode) { +- case EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND: +- return HKDF(kctx->md, kctx->salt, kctx->salt_len, kctx->key, +- kctx->key_len, kctx->info, kctx->info_len, key, +- *keylen) != NULL; +- +- case EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY: +- if (key == NULL) { +- *keylen = EVP_MD_size(kctx->md); +- return 1; +- } +- return HKDF_Extract(kctx->md, kctx->salt, kctx->salt_len, kctx->key, +- kctx->key_len, key, keylen) != NULL; +- +- case EVP_PKEY_HKDEF_MODE_EXPAND_ONLY: +- return HKDF_Expand(kctx->md, kctx->key, kctx->key_len, kctx->info, +- kctx->info_len, key, *keylen) != NULL; ++ switch (impl->mode) { ++ case EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND: ++ return HKDF(impl->md, impl->salt, impl->salt_len, impl->key, ++ impl->key_len, impl->info, impl->info_len, key, ++ keylen); ++ ++ case EVP_KDF_HKDF_MODE_EXTRACT_ONLY: ++ return HKDF_Extract(impl->md, impl->salt, impl->salt_len, impl->key, ++ impl->key_len, key, keylen); ++ ++ case EVP_KDF_HKDF_MODE_EXPAND_ONLY: ++ return HKDF_Expand(impl->md, impl->key, impl->key_len, impl->info, ++ impl->info_len, key, keylen); + + default: + return 0; + } + } + +-const EVP_PKEY_METHOD hkdf_pkey_meth = { +- EVP_PKEY_HKDF, +- 0, +- pkey_hkdf_init, +- 0, +- pkey_hkdf_cleanup, +- +- 0, 0, +- 0, 0, +- +- 0, +- 0, +- +- 0, +- 0, +- +- 0, 0, +- +- 0, 0, 0, 0, +- +- 0, 0, +- +- 0, 0, +- +- pkey_hkdf_derive_init, +- pkey_hkdf_derive, +- pkey_hkdf_ctrl, +- pkey_hkdf_ctrl_str ++const EVP_KDF_METHOD hkdf_kdf_meth = { ++ EVP_KDF_HKDF, ++ kdf_hkdf_new, ++ kdf_hkdf_free, ++ kdf_hkdf_reset, ++ kdf_hkdf_ctrl, ++ kdf_hkdf_ctrl_str, ++ kdf_hkdf_size, ++ kdf_hkdf_derive + }; + +-static unsigned char *HKDF(const EVP_MD *evp_md, +- const unsigned char *salt, size_t salt_len, +- const unsigned char *key, size_t key_len, +- const unsigned char *info, size_t info_len, +- unsigned char *okm, size_t okm_len) ++static int HKDF(const EVP_MD *evp_md, ++ const unsigned char *salt, size_t salt_len, ++ const unsigned char *key, size_t key_len, ++ const unsigned char *info, size_t info_len, ++ unsigned char *okm, size_t okm_len) + { + unsigned char prk[EVP_MAX_MD_SIZE]; +- unsigned char *ret; +- size_t prk_len; ++ int ret; ++ size_t prk_len = EVP_MD_size(evp_md); + +- if (!HKDF_Extract(evp_md, salt, salt_len, key, key_len, prk, &prk_len)) +- return NULL; ++ if (!HKDF_Extract(evp_md, salt, salt_len, key, key_len, prk, prk_len)) ++ return 0; + + ret = HKDF_Expand(evp_md, prk, prk_len, info, info_len, okm, okm_len); + OPENSSL_cleanse(prk, sizeof(prk)); +@@ -273,43 +252,38 @@ static unsigned char *HKDF(const EVP_MD + return ret; + } + +-static unsigned char *HKDF_Extract(const EVP_MD *evp_md, +- const unsigned char *salt, size_t salt_len, +- const unsigned char *key, size_t key_len, +- unsigned char *prk, size_t *prk_len) ++static int HKDF_Extract(const EVP_MD *evp_md, ++ const unsigned char *salt, size_t salt_len, ++ const unsigned char *key, size_t key_len, ++ unsigned char *prk, size_t prk_len) + { +- unsigned int tmp_len; +- +- if (!HMAC(evp_md, salt, salt_len, key, key_len, prk, &tmp_len)) +- return NULL; +- +- *prk_len = tmp_len; +- return prk; ++ if (prk_len != (size_t)EVP_MD_size(evp_md)) { ++ KDFerr(KDF_F_HKDF_EXTRACT, KDF_R_WRONG_OUTPUT_BUFFER_SIZE); ++ return 0; ++ } ++ return HMAC(evp_md, salt, salt_len, key, key_len, prk, NULL) != NULL; + } + +-static unsigned char *HKDF_Expand(const EVP_MD *evp_md, +- const unsigned char *prk, size_t prk_len, +- const unsigned char *info, size_t info_len, +- unsigned char *okm, size_t okm_len) ++static int HKDF_Expand(const EVP_MD *evp_md, ++ const unsigned char *prk, size_t prk_len, ++ const unsigned char *info, size_t info_len, ++ unsigned char *okm, size_t okm_len) + { + HMAC_CTX *hmac; +- unsigned char *ret = NULL; +- ++ int ret = 0; + unsigned int i; +- + unsigned char prev[EVP_MAX_MD_SIZE]; +- + size_t done_len = 0, dig_len = EVP_MD_size(evp_md); +- + size_t n = okm_len / dig_len; ++ + if (okm_len % dig_len) + n++; + + if (n > 255 || okm == NULL) +- return NULL; ++ return 0; + + if ((hmac = HMAC_CTX_new()) == NULL) +- return NULL; ++ return 0; + + if (!HMAC_Init_ex(hmac, prk, prk_len, evp_md, NULL)) + goto err; +@@ -343,7 +317,7 @@ static unsigned char *HKDF_Expand(const + + done_len += copy_len; + } +- ret = okm; ++ ret = 1; + + err: + OPENSSL_cleanse(prev, sizeof(prev)); +diff -up openssl-1.1.1e/crypto/kdf/kdf_err.c.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_err.c +--- openssl-1.1.1e/crypto/kdf/kdf_err.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/kdf_err.c 2020-03-19 16:04:32.349699159 +0100 +@@ -1,6 +1,6 @@ + /* + * Generated by util/mkerr.pl DO NOT EDIT +- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy +@@ -14,6 +14,29 @@ + #ifndef OPENSSL_NO_ERR + + static const ERR_STRING_DATA KDF_str_functs[] = { ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_HKDF_EXTRACT, 0), "HKDF_Extract"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_DERIVE, 0), "kdf_hkdf_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_NEW, 0), "kdf_hkdf_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_SIZE, 0), "kdf_hkdf_size"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_MD2CTRL, 0), "kdf_md2ctrl"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_PBKDF2_CTRL_STR, 0), ++ "kdf_pbkdf2_ctrl_str"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_PBKDF2_DERIVE, 0), "kdf_pbkdf2_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_PBKDF2_NEW, 0), "kdf_pbkdf2_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_CTRL_STR, 0), ++ "kdf_scrypt_ctrl_str"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_CTRL_UINT32, 0), ++ "kdf_scrypt_ctrl_uint32"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_CTRL_UINT64, 0), ++ "kdf_scrypt_ctrl_uint64"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_DERIVE, 0), "kdf_scrypt_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_NEW, 0), "kdf_scrypt_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_CTRL_STR, 0), ++ "kdf_tls1_prf_ctrl_str"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_DERIVE, 0), ++ "kdf_tls1_prf_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_NEW, 0), "kdf_tls1_prf_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_PBKDF2_SET_MEMBUF, 0), "pbkdf2_set_membuf"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_INIT, 0), "pkey_hkdf_init"}, +@@ -30,6 +53,7 @@ static const ERR_STRING_DATA KDF_str_fun + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_DERIVE, 0), + "pkey_tls1_prf_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_INIT, 0), "pkey_tls1_prf_init"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_SCRYPT_SET_MEMBUF, 0), "scrypt_set_membuf"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_TLS1_PRF_ALG, 0), "tls1_prf_alg"}, + {0, NULL} + }; +@@ -50,6 +74,8 @@ static const ERR_STRING_DATA KDF_str_rea + "unknown parameter type"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_ERROR), "value error"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_WRONG_OUTPUT_BUFFER_SIZE), ++ "wrong output buffer size"}, + {0, NULL} + }; + +diff -up openssl-1.1.1e/crypto/kdf/kdf_local.h.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_local.h +--- openssl-1.1.1e/crypto/kdf/kdf_local.h.evp-kdf 2020-03-19 16:04:32.349699159 +0100 ++++ openssl-1.1.1e/crypto/kdf/kdf_local.h 2020-03-19 16:04:32.349699159 +0100 +@@ -0,0 +1,22 @@ ++/* ++ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++int call_ctrl(int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ EVP_KDF_IMPL *impl, int cmd, ...); ++int kdf_str2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *str); ++int kdf_hex2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *hex); ++int kdf_md2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *md_name); ++ +diff -up openssl-1.1.1e/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_util.c +--- openssl-1.1.1e/crypto/kdf/kdf_util.c.evp-kdf 2020-03-19 16:04:32.350699142 +0100 ++++ openssl-1.1.1e/crypto/kdf/kdf_util.c 2020-03-19 16:04:32.350699142 +0100 +@@ -0,0 +1,73 @@ ++/* ++ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include ++#include ++#include "internal/cryptlib.h" ++#include "crypto/evp.h" ++#include "internal/numbers.h" ++#include "kdf_local.h" ++ ++int call_ctrl(int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ EVP_KDF_IMPL *impl, int cmd, ...) ++{ ++ int ret; ++ va_list args; ++ ++ va_start(args, cmd); ++ ret = ctrl(impl, cmd, args); ++ va_end(args); ++ ++ return ret; ++} ++ ++/* Utility functions to send a string or hex string to a ctrl */ ++ ++int kdf_str2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *str) ++{ ++ return call_ctrl(ctrl, impl, cmd, (const unsigned char *)str, strlen(str)); ++} ++ ++int kdf_hex2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *hex) ++{ ++ unsigned char *bin; ++ long binlen; ++ int ret = -1; ++ ++ bin = OPENSSL_hexstr2buf(hex, &binlen); ++ if (bin == NULL) ++ return 0; ++ ++ if (binlen <= INT_MAX) ++ ret = call_ctrl(ctrl, impl, cmd, bin, (size_t)binlen); ++ OPENSSL_free(bin); ++ return ret; ++} ++ ++/* Pass a message digest to a ctrl */ ++int kdf_md2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *md_name) ++{ ++ const EVP_MD *md; ++ ++ if (md_name == NULL || (md = EVP_get_digestbyname(md_name)) == NULL) { ++ KDFerr(KDF_F_KDF_MD2CTRL, KDF_R_INVALID_DIGEST); ++ return 0; ++ } ++ return call_ctrl(ctrl, impl, cmd, md); ++} ++ +diff -up openssl-1.1.1e/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1e/crypto/kdf/pbkdf2.c +--- openssl-1.1.1e/crypto/kdf/pbkdf2.c.evp-kdf 2020-03-19 16:04:32.374698727 +0100 ++++ openssl-1.1.1e/crypto/kdf/pbkdf2.c 2020-03-19 16:04:32.374698727 +0100 +@@ -0,0 +1,264 @@ ++/* ++ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include "internal/cryptlib.h" ++#include "crypto/evp.h" ++#include "kdf_local.h" ++ ++static void kdf_pbkdf2_reset(EVP_KDF_IMPL *impl); ++static void kdf_pbkdf2_init(EVP_KDF_IMPL *impl); ++static int pkcs5_pbkdf2_alg(const char *pass, size_t passlen, ++ const unsigned char *salt, int saltlen, int iter, ++ const EVP_MD *digest, unsigned char *key, ++ size_t keylen); ++ ++struct evp_kdf_impl_st { ++ unsigned char *pass; ++ size_t pass_len; ++ unsigned char *salt; ++ size_t salt_len; ++ int iter; ++ const EVP_MD *md; ++}; ++ ++static EVP_KDF_IMPL *kdf_pbkdf2_new(void) ++{ ++ EVP_KDF_IMPL *impl; ++ ++ impl = OPENSSL_zalloc(sizeof(*impl)); ++ if (impl == NULL) { ++ KDFerr(KDF_F_KDF_PBKDF2_NEW, ERR_R_MALLOC_FAILURE); ++ return NULL; ++ } ++ kdf_pbkdf2_init(impl); ++ return impl; ++} ++ ++static void kdf_pbkdf2_free(EVP_KDF_IMPL *impl) ++{ ++ kdf_pbkdf2_reset(impl); ++ OPENSSL_free(impl); ++} ++ ++static void kdf_pbkdf2_reset(EVP_KDF_IMPL *impl) ++{ ++ OPENSSL_free(impl->salt); ++ OPENSSL_clear_free(impl->pass, impl->pass_len); ++ memset(impl, 0, sizeof(*impl)); ++ kdf_pbkdf2_init(impl); ++} ++ ++static void kdf_pbkdf2_init(EVP_KDF_IMPL *impl) ++{ ++ impl->iter = PKCS5_DEFAULT_ITER; ++ impl->md = EVP_sha1(); ++} ++ ++static int pbkdf2_set_membuf(unsigned char **buffer, size_t *buflen, ++ const unsigned char *new_buffer, ++ size_t new_buflen) ++{ ++ if (new_buffer == NULL) ++ return 1; ++ ++ OPENSSL_clear_free(*buffer, *buflen); ++ ++ if (new_buflen > 0) { ++ *buffer = OPENSSL_memdup(new_buffer, new_buflen); ++ } else { ++ *buffer = OPENSSL_malloc(1); ++ } ++ if (*buffer == NULL) { ++ KDFerr(KDF_F_PBKDF2_SET_MEMBUF, ERR_R_MALLOC_FAILURE); ++ return 0; ++ } ++ ++ *buflen = new_buflen; ++ return 1; ++} ++ ++static int kdf_pbkdf2_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) ++{ ++ int iter; ++ const unsigned char *p; ++ size_t len; ++ const EVP_MD *md; ++ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_PASS: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ return pbkdf2_set_membuf(&impl->pass, &impl->pass_len, p, len); ++ ++ case EVP_KDF_CTRL_SET_SALT: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ return pbkdf2_set_membuf(&impl->salt, &impl->salt_len, p, len); ++ ++ case EVP_KDF_CTRL_SET_ITER: ++ iter = va_arg(args, int); ++ if (iter < 1) ++ return 0; ++ ++ impl->iter = iter; ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_MD: ++ md = va_arg(args, const EVP_MD *); ++ if (md == NULL) ++ return 0; ++ ++ impl->md = md; ++ return 1; ++ ++ default: ++ return -2; ++ } ++} ++ ++static int kdf_pbkdf2_ctrl_str(EVP_KDF_IMPL *impl, const char *type, ++ const char *value) ++{ ++ if (value == NULL) { ++ KDFerr(KDF_F_KDF_PBKDF2_CTRL_STR, KDF_R_VALUE_MISSING); ++ return 0; ++ } ++ ++ if (strcmp(type, "pass") == 0) ++ return kdf_str2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_PASS, ++ value); ++ ++ if (strcmp(type, "hexpass") == 0) ++ return kdf_hex2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_PASS, ++ value); ++ ++ if (strcmp(type, "salt") == 0) ++ return kdf_str2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_SALT, ++ value); ++ ++ if (strcmp(type, "hexsalt") == 0) ++ return kdf_hex2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_SALT, ++ value); ++ ++ if (strcmp(type, "iter") == 0) ++ return call_ctrl(kdf_pbkdf2_ctrl, impl, EVP_KDF_CTRL_SET_ITER, ++ atoi(value)); ++ ++ if (strcmp(type, "digest") == 0) ++ return kdf_md2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_MD, value); ++ ++ return -2; ++} ++ ++static int kdf_pbkdf2_derive(EVP_KDF_IMPL *impl, unsigned char *key, ++ size_t keylen) ++{ ++ if (impl->pass == NULL) { ++ KDFerr(KDF_F_KDF_PBKDF2_DERIVE, KDF_R_MISSING_PASS); ++ return 0; ++ } ++ ++ if (impl->salt == NULL) { ++ KDFerr(KDF_F_KDF_PBKDF2_DERIVE, KDF_R_MISSING_SALT); ++ return 0; ++ } ++ ++ return pkcs5_pbkdf2_alg((char *)impl->pass, impl->pass_len, ++ impl->salt, impl->salt_len, impl->iter, ++ impl->md, key, keylen); ++} ++ ++const EVP_KDF_METHOD pbkdf2_kdf_meth = { ++ EVP_KDF_PBKDF2, ++ kdf_pbkdf2_new, ++ kdf_pbkdf2_free, ++ kdf_pbkdf2_reset, ++ kdf_pbkdf2_ctrl, ++ kdf_pbkdf2_ctrl_str, ++ NULL, ++ kdf_pbkdf2_derive ++}; ++ ++/* ++ * This is an implementation of PKCS#5 v2.0 password based encryption key ++ * derivation function PBKDF2. SHA1 version verified against test vectors ++ * posted by Peter Gutmann to the PKCS-TNG mailing list. ++ */ ++ ++static int pkcs5_pbkdf2_alg(const char *pass, size_t passlen, ++ const unsigned char *salt, int saltlen, int iter, ++ const EVP_MD *digest, unsigned char *key, ++ size_t keylen) ++{ ++ int ret = 0; ++ unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; ++ int cplen, j, k, tkeylen, mdlen; ++ unsigned long i = 1; ++ HMAC_CTX *hctx_tpl = NULL, *hctx = NULL; ++ ++ mdlen = EVP_MD_size(digest); ++ if (mdlen < 0) ++ return 0; ++ ++ hctx_tpl = HMAC_CTX_new(); ++ if (hctx_tpl == NULL) ++ return 0; ++ p = key; ++ tkeylen = keylen; ++ if (!HMAC_Init_ex(hctx_tpl, pass, passlen, digest, NULL)) ++ goto err; ++ hctx = HMAC_CTX_new(); ++ if (hctx == NULL) ++ goto err; ++ while (tkeylen) { ++ if (tkeylen > mdlen) ++ cplen = mdlen; ++ else ++ cplen = tkeylen; ++ /* ++ * We are unlikely to ever use more than 256 blocks (5120 bits!) but ++ * just in case... ++ */ ++ itmp[0] = (unsigned char)((i >> 24) & 0xff); ++ itmp[1] = (unsigned char)((i >> 16) & 0xff); ++ itmp[2] = (unsigned char)((i >> 8) & 0xff); ++ itmp[3] = (unsigned char)(i & 0xff); ++ if (!HMAC_CTX_copy(hctx, hctx_tpl)) ++ goto err; ++ if (!HMAC_Update(hctx, salt, saltlen) ++ || !HMAC_Update(hctx, itmp, 4) ++ || !HMAC_Final(hctx, digtmp, NULL)) ++ goto err; ++ memcpy(p, digtmp, cplen); ++ for (j = 1; j < iter; j++) { ++ if (!HMAC_CTX_copy(hctx, hctx_tpl)) ++ goto err; ++ if (!HMAC_Update(hctx, digtmp, mdlen) ++ || !HMAC_Final(hctx, digtmp, NULL)) ++ goto err; ++ for (k = 0; k < cplen; k++) ++ p[k] ^= digtmp[k]; ++ } ++ tkeylen -= cplen; ++ i++; ++ p += cplen; ++ } ++ ret = 1; ++ ++err: ++ HMAC_CTX_free(hctx); ++ HMAC_CTX_free(hctx_tpl); ++ return ret; ++} +diff -up openssl-1.1.1e/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1e/crypto/kdf/scrypt.c +--- openssl-1.1.1e/crypto/kdf/scrypt.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/scrypt.c 2020-03-19 16:11:06.215872475 +0100 +@@ -8,25 +8,35 @@ + */ + + #include ++#include + #include + #include + #include + #include +-#include "internal/cryptlib.h" ++#include + #include "crypto/evp.h" ++#include "internal/numbers.h" ++#include "kdf_local.h" + + #ifndef OPENSSL_NO_SCRYPT + ++static void kdf_scrypt_reset(EVP_KDF_IMPL *impl); ++static void kdf_scrypt_init(EVP_KDF_IMPL *impl); + static int atou64(const char *nptr, uint64_t *result); ++static int scrypt_alg(const char *pass, size_t passlen, ++ const unsigned char *salt, size_t saltlen, ++ uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, ++ unsigned char *key, size_t keylen); + +-typedef struct { ++struct evp_kdf_impl_st { + unsigned char *pass; + size_t pass_len; + unsigned char *salt; + size_t salt_len; +- uint64_t N, r, p; ++ uint64_t N; ++ uint32_t r, p; + uint64_t maxmem_bytes; +-} SCRYPT_PKEY_CTX; ++}; + + /* Custom uint64_t parser since we do not have strtoull */ + static int atou64(const char *nptr, uint64_t *result) +@@ -53,51 +63,53 @@ static int atou64(const char *nptr, uint + return 1; + } + +-static int pkey_scrypt_init(EVP_PKEY_CTX *ctx) ++static EVP_KDF_IMPL *kdf_scrypt_new(void) + { +- SCRYPT_PKEY_CTX *kctx; ++ EVP_KDF_IMPL *impl; + +- kctx = OPENSSL_zalloc(sizeof(*kctx)); +- if (kctx == NULL) { +- KDFerr(KDF_F_PKEY_SCRYPT_INIT, ERR_R_MALLOC_FAILURE); +- return 0; ++ impl = OPENSSL_zalloc(sizeof(*impl)); ++ if (impl == NULL) { ++ KDFerr(KDF_F_KDF_SCRYPT_NEW, ERR_R_MALLOC_FAILURE); ++ return NULL; + } ++ kdf_scrypt_init(impl); ++ return impl; ++} + +- /* Default values are the most conservative recommendation given in the +- * original paper of C. Percival. Derivation uses roughly 1 GiB of memory +- * for this parameter choice (approx. 128 * r * (N + p) bytes). +- */ +- kctx->N = 1 << 20; +- kctx->r = 8; +- kctx->p = 1; +- kctx->maxmem_bytes = 1025 * 1024 * 1024; +- +- ctx->data = kctx; +- +- return 1; ++static void kdf_scrypt_free(EVP_KDF_IMPL *impl) ++{ ++ kdf_scrypt_reset(impl); ++ OPENSSL_free(impl); + } + +-static void pkey_scrypt_cleanup(EVP_PKEY_CTX *ctx) ++static void kdf_scrypt_reset(EVP_KDF_IMPL *impl) + { +- SCRYPT_PKEY_CTX *kctx = ctx->data; ++ OPENSSL_free(impl->salt); ++ OPENSSL_clear_free(impl->pass, impl->pass_len); ++ memset(impl, 0, sizeof(*impl)); ++ kdf_scrypt_init(impl); ++} + +- OPENSSL_clear_free(kctx->salt, kctx->salt_len); +- OPENSSL_clear_free(kctx->pass, kctx->pass_len); +- OPENSSL_free(kctx); ++static void kdf_scrypt_init(EVP_KDF_IMPL *impl) ++{ ++ /* Default values are the most conservative recommendation given in the ++ * original paper of C. Percival. Derivation uses roughly 1 GiB of memory ++ * for this parameter choice (approx. 128 * r * N * p bytes). ++ */ ++ impl->N = 1 << 20; ++ impl->r = 8; ++ impl->p = 1; ++ impl->maxmem_bytes = 1025 * 1024 * 1024; + } + +-static int pkey_scrypt_set_membuf(unsigned char **buffer, size_t *buflen, +- const unsigned char *new_buffer, +- const int new_buflen) ++static int scrypt_set_membuf(unsigned char **buffer, size_t *buflen, ++ const unsigned char *new_buffer, ++ size_t new_buflen) + { + if (new_buffer == NULL) + return 1; + +- if (new_buflen < 0) +- return 0; +- +- if (*buffer != NULL) +- OPENSSL_clear_free(*buffer, *buflen); ++ OPENSSL_clear_free(*buffer, *buflen); + + if (new_buflen > 0) { + *buffer = OPENSSL_memdup(new_buffer, new_buflen); +@@ -105,7 +117,7 @@ static int pkey_scrypt_set_membuf(unsign + *buffer = OPENSSL_malloc(1); + } + if (*buffer == NULL) { +- KDFerr(KDF_F_PKEY_SCRYPT_SET_MEMBUF, ERR_R_MALLOC_FAILURE); ++ KDFerr(KDF_F_SCRYPT_SET_MEMBUF, ERR_R_MALLOC_FAILURE); + return 0; + } + +@@ -118,149 +130,378 @@ static int is_power_of_two(uint64_t valu + return (value != 0) && ((value & (value - 1)) == 0); + } + +-static int pkey_scrypt_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) ++static int kdf_scrypt_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) + { +- SCRYPT_PKEY_CTX *kctx = ctx->data; + uint64_t u64_value; ++ uint32_t value; ++ const unsigned char *p; ++ size_t len; ++ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_PASS: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ return scrypt_set_membuf(&impl->pass, &impl->pass_len, p, len); ++ ++ case EVP_KDF_CTRL_SET_SALT: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ return scrypt_set_membuf(&impl->salt, &impl->salt_len, p, len); + +- switch (type) { +- case EVP_PKEY_CTRL_PASS: +- return pkey_scrypt_set_membuf(&kctx->pass, &kctx->pass_len, p2, p1); +- +- case EVP_PKEY_CTRL_SCRYPT_SALT: +- return pkey_scrypt_set_membuf(&kctx->salt, &kctx->salt_len, p2, p1); +- +- case EVP_PKEY_CTRL_SCRYPT_N: +- u64_value = *((uint64_t *)p2); ++ case EVP_KDF_CTRL_SET_SCRYPT_N: ++ u64_value = va_arg(args, uint64_t); + if ((u64_value <= 1) || !is_power_of_two(u64_value)) + return 0; +- kctx->N = u64_value; ++ ++ impl->N = u64_value; + return 1; + +- case EVP_PKEY_CTRL_SCRYPT_R: +- u64_value = *((uint64_t *)p2); +- if (u64_value < 1) ++ case EVP_KDF_CTRL_SET_SCRYPT_R: ++ value = va_arg(args, uint32_t); ++ if (value < 1) + return 0; +- kctx->r = u64_value; ++ ++ impl->r = value; + return 1; + +- case EVP_PKEY_CTRL_SCRYPT_P: +- u64_value = *((uint64_t *)p2); +- if (u64_value < 1) ++ case EVP_KDF_CTRL_SET_SCRYPT_P: ++ value = va_arg(args, uint32_t); ++ if (value < 1) + return 0; +- kctx->p = u64_value; ++ ++ impl->p = value; + return 1; + +- case EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES: +- u64_value = *((uint64_t *)p2); ++ case EVP_KDF_CTRL_SET_MAXMEM_BYTES: ++ u64_value = va_arg(args, uint64_t); + if (u64_value < 1) + return 0; +- kctx->maxmem_bytes = u64_value; ++ ++ impl->maxmem_bytes = u64_value; + return 1; + + default: + return -2; ++ } ++} + ++static int kdf_scrypt_ctrl_uint32(EVP_KDF_IMPL *impl, int cmd, ++ const char *value) ++{ ++ int int_value = atoi(value); ++ ++ if (int_value < 0 || (uint64_t)int_value > UINT32_MAX) { ++ KDFerr(KDF_F_KDF_SCRYPT_CTRL_UINT32, KDF_R_VALUE_ERROR); ++ return 0; + } ++ return call_ctrl(kdf_scrypt_ctrl, impl, cmd, (uint32_t)int_value); + } + +-static int pkey_scrypt_ctrl_uint64(EVP_PKEY_CTX *ctx, int type, +- const char *value) ++static int kdf_scrypt_ctrl_uint64(EVP_KDF_IMPL *impl, int cmd, ++ const char *value) + { +- uint64_t int_value; ++ uint64_t u64_value; + +- if (!atou64(value, &int_value)) { +- KDFerr(KDF_F_PKEY_SCRYPT_CTRL_UINT64, KDF_R_VALUE_ERROR); ++ if (!atou64(value, &u64_value)) { ++ KDFerr(KDF_F_KDF_SCRYPT_CTRL_UINT64, KDF_R_VALUE_ERROR); + return 0; + } +- return pkey_scrypt_ctrl(ctx, type, 0, &int_value); ++ return call_ctrl(kdf_scrypt_ctrl, impl, cmd, u64_value); + } + +-static int pkey_scrypt_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, +- const char *value) ++static int kdf_scrypt_ctrl_str(EVP_KDF_IMPL *impl, const char *type, ++ const char *value) + { + if (value == NULL) { +- KDFerr(KDF_F_PKEY_SCRYPT_CTRL_STR, KDF_R_VALUE_MISSING); ++ KDFerr(KDF_F_KDF_SCRYPT_CTRL_STR, KDF_R_VALUE_MISSING); + return 0; + } + + if (strcmp(type, "pass") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_PASS, value); ++ return kdf_str2ctrl(impl, kdf_scrypt_ctrl, EVP_KDF_CTRL_SET_PASS, ++ value); + + if (strcmp(type, "hexpass") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_PASS, value); ++ return kdf_hex2ctrl(impl, kdf_scrypt_ctrl, EVP_KDF_CTRL_SET_PASS, ++ value); + + if (strcmp(type, "salt") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_SCRYPT_SALT, value); ++ return kdf_str2ctrl(impl, kdf_scrypt_ctrl, EVP_KDF_CTRL_SET_SALT, ++ value); + + if (strcmp(type, "hexsalt") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_SCRYPT_SALT, value); ++ return kdf_hex2ctrl(impl, kdf_scrypt_ctrl, EVP_KDF_CTRL_SET_SALT, ++ value); + + if (strcmp(type, "N") == 0) +- return pkey_scrypt_ctrl_uint64(ctx, EVP_PKEY_CTRL_SCRYPT_N, value); ++ return kdf_scrypt_ctrl_uint64(impl, EVP_KDF_CTRL_SET_SCRYPT_N, value); + + if (strcmp(type, "r") == 0) +- return pkey_scrypt_ctrl_uint64(ctx, EVP_PKEY_CTRL_SCRYPT_R, value); ++ return kdf_scrypt_ctrl_uint32(impl, EVP_KDF_CTRL_SET_SCRYPT_R, value); + + if (strcmp(type, "p") == 0) +- return pkey_scrypt_ctrl_uint64(ctx, EVP_PKEY_CTRL_SCRYPT_P, value); ++ return kdf_scrypt_ctrl_uint32(impl, EVP_KDF_CTRL_SET_SCRYPT_P, value); + + if (strcmp(type, "maxmem_bytes") == 0) +- return pkey_scrypt_ctrl_uint64(ctx, EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, +- value); ++ return kdf_scrypt_ctrl_uint64(impl, EVP_KDF_CTRL_SET_MAXMEM_BYTES, ++ value); + +- KDFerr(KDF_F_PKEY_SCRYPT_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); + return -2; + } + +-static int pkey_scrypt_derive(EVP_PKEY_CTX *ctx, unsigned char *key, +- size_t *keylen) ++static int kdf_scrypt_derive(EVP_KDF_IMPL *impl, unsigned char *key, ++ size_t keylen) + { +- SCRYPT_PKEY_CTX *kctx = ctx->data; +- +- if (kctx->pass == NULL) { +- KDFerr(KDF_F_PKEY_SCRYPT_DERIVE, KDF_R_MISSING_PASS); ++ if (impl->pass == NULL) { ++ KDFerr(KDF_F_KDF_SCRYPT_DERIVE, KDF_R_MISSING_PASS); + return 0; + } + +- if (kctx->salt == NULL) { +- KDFerr(KDF_F_PKEY_SCRYPT_DERIVE, KDF_R_MISSING_SALT); ++ if (impl->salt == NULL) { ++ KDFerr(KDF_F_KDF_SCRYPT_DERIVE, KDF_R_MISSING_SALT); + return 0; + } + +- return EVP_PBE_scrypt((char *)kctx->pass, kctx->pass_len, kctx->salt, +- kctx->salt_len, kctx->N, kctx->r, kctx->p, +- kctx->maxmem_bytes, key, *keylen); ++ return scrypt_alg((char *)impl->pass, impl->pass_len, impl->salt, ++ impl->salt_len, impl->N, impl->r, impl->p, ++ impl->maxmem_bytes, key, keylen); + } + +-const EVP_PKEY_METHOD scrypt_pkey_meth = { +- EVP_PKEY_SCRYPT, +- 0, +- pkey_scrypt_init, +- 0, +- pkey_scrypt_cleanup, ++const EVP_KDF_METHOD scrypt_kdf_meth = { ++ EVP_KDF_SCRYPT, ++ kdf_scrypt_new, ++ kdf_scrypt_free, ++ kdf_scrypt_reset, ++ kdf_scrypt_ctrl, ++ kdf_scrypt_ctrl_str, ++ NULL, ++ kdf_scrypt_derive ++}; + +- 0, 0, +- 0, 0, ++#define R(a,b) (((a) << (b)) | ((a) >> (32 - (b)))) ++static void salsa208_word_specification(uint32_t inout[16]) ++{ ++ int i; ++ uint32_t x[16]; + +- 0, +- 0, ++ memcpy(x, inout, sizeof(x)); ++ for (i = 8; i > 0; i -= 2) { ++ x[4] ^= R(x[0] + x[12], 7); ++ x[8] ^= R(x[4] + x[0], 9); ++ x[12] ^= R(x[8] + x[4], 13); ++ x[0] ^= R(x[12] + x[8], 18); ++ x[9] ^= R(x[5] + x[1], 7); ++ x[13] ^= R(x[9] + x[5], 9); ++ x[1] ^= R(x[13] + x[9], 13); ++ x[5] ^= R(x[1] + x[13], 18); ++ x[14] ^= R(x[10] + x[6], 7); ++ x[2] ^= R(x[14] + x[10], 9); ++ x[6] ^= R(x[2] + x[14], 13); ++ x[10] ^= R(x[6] + x[2], 18); ++ x[3] ^= R(x[15] + x[11], 7); ++ x[7] ^= R(x[3] + x[15], 9); ++ x[11] ^= R(x[7] + x[3], 13); ++ x[15] ^= R(x[11] + x[7], 18); ++ x[1] ^= R(x[0] + x[3], 7); ++ x[2] ^= R(x[1] + x[0], 9); ++ x[3] ^= R(x[2] + x[1], 13); ++ x[0] ^= R(x[3] + x[2], 18); ++ x[6] ^= R(x[5] + x[4], 7); ++ x[7] ^= R(x[6] + x[5], 9); ++ x[4] ^= R(x[7] + x[6], 13); ++ x[5] ^= R(x[4] + x[7], 18); ++ x[11] ^= R(x[10] + x[9], 7); ++ x[8] ^= R(x[11] + x[10], 9); ++ x[9] ^= R(x[8] + x[11], 13); ++ x[10] ^= R(x[9] + x[8], 18); ++ x[12] ^= R(x[15] + x[14], 7); ++ x[13] ^= R(x[12] + x[15], 9); ++ x[14] ^= R(x[13] + x[12], 13); ++ x[15] ^= R(x[14] + x[13], 18); ++ } ++ for (i = 0; i < 16; ++i) ++ inout[i] += x[i]; ++ OPENSSL_cleanse(x, sizeof(x)); ++} + +- 0, +- 0, ++static void scryptBlockMix(uint32_t *B_, uint32_t *B, uint64_t r) ++{ ++ uint64_t i, j; ++ uint32_t X[16], *pB; + +- 0, 0, ++ memcpy(X, B + (r * 2 - 1) * 16, sizeof(X)); ++ pB = B; ++ for (i = 0; i < r * 2; i++) { ++ for (j = 0; j < 16; j++) ++ X[j] ^= *pB++; ++ salsa208_word_specification(X); ++ memcpy(B_ + (i / 2 + (i & 1) * r) * 16, X, sizeof(X)); ++ } ++ OPENSSL_cleanse(X, sizeof(X)); ++} + +- 0, 0, 0, 0, ++static void scryptROMix(unsigned char *B, uint64_t r, uint64_t N, ++ uint32_t *X, uint32_t *T, uint32_t *V) ++{ ++ unsigned char *pB; ++ uint32_t *pV; ++ uint64_t i, k; ++ ++ /* Convert from little endian input */ ++ for (pV = V, i = 0, pB = B; i < 32 * r; i++, pV++) { ++ *pV = *pB++; ++ *pV |= *pB++ << 8; ++ *pV |= *pB++ << 16; ++ *pV |= (uint32_t)*pB++ << 24; ++ } + +- 0, 0, ++ for (i = 1; i < N; i++, pV += 32 * r) ++ scryptBlockMix(pV, pV - 32 * r, r); + +- 0, 0, ++ scryptBlockMix(X, V + (N - 1) * 32 * r, r); + +- 0, +- pkey_scrypt_derive, +- pkey_scrypt_ctrl, +- pkey_scrypt_ctrl_str +-}; ++ for (i = 0; i < N; i++) { ++ uint32_t j; ++ j = X[16 * (2 * r - 1)] % N; ++ pV = V + 32 * r * j; ++ for (k = 0; k < 32 * r; k++) ++ T[k] = X[k] ^ *pV++; ++ scryptBlockMix(X, T, r); ++ } ++ /* Convert output to little endian */ ++ for (i = 0, pB = B; i < 32 * r; i++) { ++ uint32_t xtmp = X[i]; ++ *pB++ = xtmp & 0xff; ++ *pB++ = (xtmp >> 8) & 0xff; ++ *pB++ = (xtmp >> 16) & 0xff; ++ *pB++ = (xtmp >> 24) & 0xff; ++ } ++} ++ ++#ifndef SIZE_MAX ++# define SIZE_MAX ((size_t)-1) ++#endif ++ ++/* ++ * Maximum power of two that will fit in uint64_t: this should work on ++ * most (all?) platforms. ++ */ ++ ++#define LOG2_UINT64_MAX (sizeof(uint64_t) * 8 - 1) ++ ++/* ++ * Maximum value of p * r: ++ * p <= ((2^32-1) * hLen) / MFLen => ++ * p <= ((2^32-1) * 32) / (128 * r) => ++ * p * r <= (2^30-1) ++ */ ++ ++#define SCRYPT_PR_MAX ((1 << 30) - 1) ++ ++static int scrypt_alg(const char *pass, size_t passlen, ++ const unsigned char *salt, size_t saltlen, ++ uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, ++ unsigned char *key, size_t keylen) ++{ ++ int rv = 0; ++ unsigned char *B; ++ uint32_t *X, *V, *T; ++ uint64_t i, Blen, Vlen; ++ ++ /* Sanity check parameters */ ++ /* initial check, r,p must be non zero, N >= 2 and a power of 2 */ ++ if (r == 0 || p == 0 || N < 2 || (N & (N - 1))) ++ return 0; ++ /* Check p * r < SCRYPT_PR_MAX avoiding overflow */ ++ if (p > SCRYPT_PR_MAX / r) { ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ return 0; ++ } ++ ++ /* ++ * Need to check N: if 2^(128 * r / 8) overflows limit this is ++ * automatically satisfied since N <= UINT64_MAX. ++ */ ++ ++ if (16 * r <= LOG2_UINT64_MAX) { ++ if (N >= (((uint64_t)1) << (16 * r))) { ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ return 0; ++ } ++ } ++ ++ /* Memory checks: check total allocated buffer size fits in uint64_t */ ++ ++ /* ++ * B size in section 5 step 1.S ++ * Note: we know p * 128 * r < UINT64_MAX because we already checked ++ * p * r < SCRYPT_PR_MAX ++ */ ++ Blen = p * 128 * r; ++ /* ++ * Yet we pass it as integer to PKCS5_PBKDF2_HMAC... [This would ++ * have to be revised when/if PKCS5_PBKDF2_HMAC accepts size_t.] ++ */ ++ if (Blen > INT_MAX) { ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ return 0; ++ } ++ ++ /* ++ * Check 32 * r * (N + 2) * sizeof(uint32_t) fits in uint64_t ++ * This is combined size V, X and T (section 4) ++ */ ++ i = UINT64_MAX / (32 * sizeof(uint32_t)); ++ if (N + 2 > i / r) { ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ return 0; ++ } ++ Vlen = 32 * r * (N + 2) * sizeof(uint32_t); ++ ++ /* check total allocated size fits in uint64_t */ ++ if (Blen > UINT64_MAX - Vlen) { ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ return 0; ++ } ++ ++ /* Check that the maximum memory doesn't exceed a size_t limits */ ++ if (maxmem > SIZE_MAX) ++ maxmem = SIZE_MAX; ++ ++ if (Blen + Vlen > maxmem) { ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ return 0; ++ } ++ ++ /* If no key return to indicate parameters are OK */ ++ if (key == NULL) ++ return 1; ++ ++ B = OPENSSL_malloc((size_t)(Blen + Vlen)); ++ if (B == NULL) { ++ EVPerr(EVP_F_SCRYPT_ALG, ERR_R_MALLOC_FAILURE); ++ return 0; ++ } ++ X = (uint32_t *)(B + Blen); ++ T = X + 32 * r; ++ V = T + 32 * r; ++ if (PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, 1, EVP_sha256(), ++ (int)Blen, B) == 0) ++ goto err; ++ ++ for (i = 0; i < p; i++) ++ scryptROMix(B + 128 * r * i, r, N, X, T, V); ++ ++ if (PKCS5_PBKDF2_HMAC(pass, passlen, B, (int)Blen, 1, EVP_sha256(), ++ keylen, key) == 0) ++ goto err; ++ rv = 1; ++ err: ++ if (rv == 0) ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_PBKDF2_ERROR); ++ ++ OPENSSL_clear_free(B, (size_t)(Blen + Vlen)); ++ return rv; ++} + + #endif +diff -up openssl-1.1.1e/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1e/crypto/kdf/tls1_prf.c +--- openssl-1.1.1e/crypto/kdf/tls1_prf.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/tls1_prf.c 2020-03-19 16:10:32.317460707 +0100 +@@ -8,11 +8,15 @@ + */ + + #include ++#include ++#include + #include "internal/cryptlib.h" + #include + #include + #include "crypto/evp.h" ++#include "kdf_local.h" + ++static void kdf_tls1_prf_reset(EVP_KDF_IMPL *impl); + static int tls1_prf_alg(const EVP_MD *md, + const unsigned char *sec, size_t slen, + const unsigned char *seed, size_t seed_len, +@@ -20,9 +24,9 @@ static int tls1_prf_alg(const EVP_MD *md + + #define TLS1_PRF_MAXBUF 1024 + +-/* TLS KDF pkey context structure */ ++/* TLS KDF kdf context structure */ + +-typedef struct { ++struct evp_kdf_impl_st { + /* Digest to use for PRF */ + const EVP_MD *md; + /* Secret value to use for PRF */ +@@ -31,145 +35,137 @@ typedef struct { + /* Buffer of concatenated seed data */ + unsigned char seed[TLS1_PRF_MAXBUF]; + size_t seedlen; +-} TLS1_PRF_PKEY_CTX; ++}; + +-static int pkey_tls1_prf_init(EVP_PKEY_CTX *ctx) ++static EVP_KDF_IMPL *kdf_tls1_prf_new(void) + { +- TLS1_PRF_PKEY_CTX *kctx; ++ EVP_KDF_IMPL *impl; + +- if ((kctx = OPENSSL_zalloc(sizeof(*kctx))) == NULL) { +- KDFerr(KDF_F_PKEY_TLS1_PRF_INIT, ERR_R_MALLOC_FAILURE); +- return 0; +- } +- ctx->data = kctx; ++ if ((impl = OPENSSL_zalloc(sizeof(*impl))) == NULL) ++ KDFerr(KDF_F_KDF_TLS1_PRF_NEW, ERR_R_MALLOC_FAILURE); ++ return impl; ++} + +- return 1; ++static void kdf_tls1_prf_free(EVP_KDF_IMPL *impl) ++{ ++ kdf_tls1_prf_reset(impl); ++ OPENSSL_free(impl); + } + +-static void pkey_tls1_prf_cleanup(EVP_PKEY_CTX *ctx) ++static void kdf_tls1_prf_reset(EVP_KDF_IMPL *impl) + { +- TLS1_PRF_PKEY_CTX *kctx = ctx->data; +- OPENSSL_clear_free(kctx->sec, kctx->seclen); +- OPENSSL_cleanse(kctx->seed, kctx->seedlen); +- OPENSSL_free(kctx); ++ OPENSSL_clear_free(impl->sec, impl->seclen); ++ OPENSSL_cleanse(impl->seed, impl->seedlen); ++ memset(impl, 0, sizeof(*impl)); + } + +-static int pkey_tls1_prf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) ++static int kdf_tls1_prf_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) + { +- TLS1_PRF_PKEY_CTX *kctx = ctx->data; +- switch (type) { +- case EVP_PKEY_CTRL_TLS_MD: +- kctx->md = p2; +- return 1; ++ const unsigned char *p; ++ size_t len; ++ const EVP_MD *md; + +- case EVP_PKEY_CTRL_TLS_SECRET: +- if (p1 < 0) ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_MD: ++ md = va_arg(args, const EVP_MD *); ++ if (md == NULL) + return 0; +- if (kctx->sec != NULL) +- OPENSSL_clear_free(kctx->sec, kctx->seclen); +- OPENSSL_cleanse(kctx->seed, kctx->seedlen); +- kctx->seedlen = 0; +- kctx->sec = OPENSSL_memdup(p2, p1); +- if (kctx->sec == NULL) ++ ++ impl->md = md; ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_TLS_SECRET: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ OPENSSL_clear_free(impl->sec, impl->seclen); ++ impl->sec = OPENSSL_memdup(p, len); ++ if (impl->sec == NULL) + return 0; +- kctx->seclen = p1; ++ ++ impl->seclen = len; ++ return 1; ++ ++ case EVP_KDF_CTRL_RESET_TLS_SEED: ++ OPENSSL_cleanse(impl->seed, impl->seedlen); ++ impl->seedlen = 0; + return 1; + +- case EVP_PKEY_CTRL_TLS_SEED: +- if (p1 == 0 || p2 == NULL) ++ case EVP_KDF_CTRL_ADD_TLS_SEED: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ if (len == 0 || p == NULL) + return 1; +- if (p1 < 0 || p1 > (int)(TLS1_PRF_MAXBUF - kctx->seedlen)) ++ ++ if (len > (TLS1_PRF_MAXBUF - impl->seedlen)) + return 0; +- memcpy(kctx->seed + kctx->seedlen, p2, p1); +- kctx->seedlen += p1; ++ ++ memcpy(impl->seed + impl->seedlen, p, len); ++ impl->seedlen += len; + return 1; + + default: + return -2; +- + } + } + +-static int pkey_tls1_prf_ctrl_str(EVP_PKEY_CTX *ctx, +- const char *type, const char *value) ++static int kdf_tls1_prf_ctrl_str(EVP_KDF_IMPL *impl, ++ const char *type, const char *value) + { + if (value == NULL) { +- KDFerr(KDF_F_PKEY_TLS1_PRF_CTRL_STR, KDF_R_VALUE_MISSING); ++ KDFerr(KDF_F_KDF_TLS1_PRF_CTRL_STR, KDF_R_VALUE_MISSING); + return 0; + } +- if (strcmp(type, "md") == 0) { +- TLS1_PRF_PKEY_CTX *kctx = ctx->data; ++ if (strcmp(type, "digest") == 0) ++ return kdf_md2ctrl(impl, kdf_tls1_prf_ctrl, EVP_KDF_CTRL_SET_MD, value); + +- const EVP_MD *md = EVP_get_digestbyname(value); +- if (md == NULL) { +- KDFerr(KDF_F_PKEY_TLS1_PRF_CTRL_STR, KDF_R_INVALID_DIGEST); +- return 0; +- } +- kctx->md = md; +- return 1; +- } + if (strcmp(type, "secret") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value); ++ return kdf_str2ctrl(impl, kdf_tls1_prf_ctrl, ++ EVP_KDF_CTRL_SET_TLS_SECRET, value); ++ + if (strcmp(type, "hexsecret") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value); ++ return kdf_hex2ctrl(impl, kdf_tls1_prf_ctrl, ++ EVP_KDF_CTRL_SET_TLS_SECRET, value); ++ + if (strcmp(type, "seed") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value); ++ return kdf_str2ctrl(impl, kdf_tls1_prf_ctrl, EVP_KDF_CTRL_ADD_TLS_SEED, ++ value); ++ + if (strcmp(type, "hexseed") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value); ++ return kdf_hex2ctrl(impl, kdf_tls1_prf_ctrl, EVP_KDF_CTRL_ADD_TLS_SEED, ++ value); + +- KDFerr(KDF_F_PKEY_TLS1_PRF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); + return -2; + } + +-static int pkey_tls1_prf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, +- size_t *keylen) ++static int kdf_tls1_prf_derive(EVP_KDF_IMPL *impl, unsigned char *key, ++ size_t keylen) + { +- TLS1_PRF_PKEY_CTX *kctx = ctx->data; +- if (kctx->md == NULL) { +- KDFerr(KDF_F_PKEY_TLS1_PRF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); ++ if (impl->md == NULL) { ++ KDFerr(KDF_F_KDF_TLS1_PRF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); + return 0; + } +- if (kctx->sec == NULL) { +- KDFerr(KDF_F_PKEY_TLS1_PRF_DERIVE, KDF_R_MISSING_SECRET); ++ if (impl->sec == NULL) { ++ KDFerr(KDF_F_KDF_TLS1_PRF_DERIVE, KDF_R_MISSING_SECRET); + return 0; + } +- if (kctx->seedlen == 0) { +- KDFerr(KDF_F_PKEY_TLS1_PRF_DERIVE, KDF_R_MISSING_SEED); ++ if (impl->seedlen == 0) { ++ KDFerr(KDF_F_KDF_TLS1_PRF_DERIVE, KDF_R_MISSING_SEED); + return 0; + } +- return tls1_prf_alg(kctx->md, kctx->sec, kctx->seclen, +- kctx->seed, kctx->seedlen, +- key, *keylen); ++ return tls1_prf_alg(impl->md, impl->sec, impl->seclen, ++ impl->seed, impl->seedlen, ++ key, keylen); + } + +-const EVP_PKEY_METHOD tls1_prf_pkey_meth = { +- EVP_PKEY_TLS1_PRF, +- 0, +- pkey_tls1_prf_init, +- 0, +- pkey_tls1_prf_cleanup, +- +- 0, 0, +- 0, 0, +- +- 0, +- 0, +- +- 0, +- 0, +- +- 0, 0, +- +- 0, 0, 0, 0, +- +- 0, 0, +- +- 0, 0, +- +- 0, +- pkey_tls1_prf_derive, +- pkey_tls1_prf_ctrl, +- pkey_tls1_prf_ctrl_str ++const EVP_KDF_METHOD tls1_prf_kdf_meth = { ++ EVP_KDF_TLS1_PRF, ++ kdf_tls1_prf_new, ++ kdf_tls1_prf_free, ++ kdf_tls1_prf_reset, ++ kdf_tls1_prf_ctrl, ++ kdf_tls1_prf_ctrl_str, ++ NULL, ++ kdf_tls1_prf_derive + }; + + static int tls1_prf_P_hash(const EVP_MD *md, +@@ -249,12 +245,11 @@ static int tls1_prf_alg(const EVP_MD *md + const unsigned char *seed, size_t seed_len, + unsigned char *out, size_t olen) + { +- + if (EVP_MD_type(md) == NID_md5_sha1) { + size_t i; + unsigned char *tmp; + if (!tls1_prf_P_hash(EVP_md5(), sec, slen/2 + (slen & 1), +- seed, seed_len, out, olen)) ++ seed, seed_len, out, olen)) + return 0; + + if ((tmp = OPENSSL_malloc(olen)) == NULL) { +@@ -262,7 +257,7 @@ static int tls1_prf_alg(const EVP_MD *md + return 0; + } + if (!tls1_prf_P_hash(EVP_sha1(), sec + slen/2, slen/2 + (slen & 1), +- seed, seed_len, tmp, olen)) { ++ seed, seed_len, tmp, olen)) { + OPENSSL_clear_free(tmp, olen); + return 0; + } +diff -up openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod.evp-kdf openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod +--- openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod.evp-kdf 2020-03-19 16:04:32.377698675 +0100 ++++ openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod 2020-03-19 16:04:32.377698675 +0100 +@@ -0,0 +1,217 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_CTX, EVP_KDF_CTX_new_id, EVP_KDF_CTX_free, EVP_KDF_reset, ++EVP_KDF_ctrl, EVP_KDF_vctrl, EVP_KDF_ctrl_str, EVP_KDF_size, ++EVP_KDF_derive - EVP KDF routines ++ ++=head1 SYNOPSIS ++ ++ #include ++ ++ typedef struct evp_kdf_ctx_st EVP_KDF_CTX; ++ ++ EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id); ++ void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); ++ void EVP_KDF_reset(EVP_KDF_CTX *ctx); ++ int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...); ++ int EVP_KDF_vctrl(EVP_KDF_CTX *ctx, int cmd, va_list args); ++ int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value); ++ size_t EVP_KDF_size(EVP_KDF_CTX *ctx); ++ int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); ++ ++=head1 DESCRIPTION ++ ++The EVP KDF routines are a high level interface to Key Derivation Function ++algorithms and should be used instead of algorithm-specific functions. ++ ++After creating a C for the required algorithm using ++EVP_KDF_CTX_new_id(), inputs to the algorithm are supplied using calls to ++EVP_KDF_ctrl(), EVP_KDF_vctrl() or EVP_KDF_ctrl_str() before calling ++EVP_KDF_derive() to derive the key. ++ ++=head2 Types ++ ++B is a context type that holds the algorithm inputs. ++ ++=head2 Context manipulation functions ++ ++EVP_KDF_CTX_new_id() creates a KDF context for the algorithm identified by the ++specified NID. ++ ++EVP_KDF_CTX_free() frees up the context C. If C is C, nothing ++is done. ++ ++=head2 Computing functions ++ ++EVP_KDF_reset() resets the context to the default state as if the context ++had just been created. ++ ++EVP_KDF_ctrl() is used to provide inputs to the KDF algorithm prior to ++EVP_KDF_derive() being called. The inputs that may be provided will vary ++depending on the KDF algorithm or its implementation. This functions takes ++variable arguments, the exact expected arguments depend on C. ++See L below for a description of standard controls. ++ ++EVP_KDF_vctrl() is the variant of EVP_KDF_ctrl() that takes a C ++argument instead of variadic arguments. ++ ++EVP_KDF_ctrl_str() allows an application to send an algorithm specific control ++operation to a context C in string form. This is intended to be used for ++options specified on the command line or in text files. ++ ++EVP_KDF_size() returns the output size if the algorithm produces a fixed amount ++of output and C otherwise. If an error occurs then 0 is returned. ++For some algorithms an error may result if input parameters necessary to ++calculate a fixed output size have not yet been supplied. ++ ++EVP_KDF_derive() derives C bytes of key material and places it in the ++C buffer. If the algorithm produces a fixed amount of output then an ++error will occur unless the C parameter is equal to that output size, ++as returned by EVP_KDF_size(). ++ ++=head1 CONTROLS ++ ++The standard controls are: ++ ++=over 4 ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++Some KDF implementations require a password. For those KDF implementations ++that support it, this control sets the password. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "pass" ++ ++The value string is used as is. ++ ++=item "hexpass" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++Some KDF implementations can take a salt. For those KDF implementations that ++support it, this control sets the salt. ++ ++The default value, if any, is implementation dependent. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "salt" ++ ++The value string is used as is. ++ ++=item "hexsalt" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control expects one argument: C ++ ++Some KDF implementations require an iteration count. For those KDF implementations that support it, this control sets the iteration count. ++ ++The default value, if any, is implementation dependent. ++ ++EVP_KDF_ctrl_str() type string: "iter" ++ ++The value string is expected to be a decimal number. ++ ++=item B ++ ++This control expects one argument: C ++ ++For MAC implementations that use a message digest as an underlying computation ++algorithm, this control set what the digest algorithm should be. ++ ++EVP_KDF_ctrl_str() type string: "md" ++ ++The value string is expected to be the name of a digest. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++Some KDF implementations require a key. For those KDF implementations that ++support it, this control sets the key. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "key" ++ ++The value string is used as is. ++ ++=item "hexkey" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control expects one argument: C ++ ++Memory-hard password-based KDF algorithms, such as scrypt, use an amount of ++memory that depends on the load factors provided as input. For those KDF ++implementations that support it, this control sets an upper limit on the amount ++of memory that may be consumed while performing a key derivation. If this ++memory usage limit is exceeded because the load factors are chosen too high, ++the key derivation will fail. ++ ++The default value is implementation dependent. ++ ++EVP_KDF_ctrl_str() type string: "maxmem_bytes" ++ ++The value string is expected to be a decimal number. ++ ++=back ++ ++=head1 RETURN VALUES ++ ++EVP_KDF_CTX_new_id() returns either the newly allocated C ++structure or C if an error occurred. ++ ++EVP_KDF_CTX_free() and EVP_KDF_reset() do not return a value. ++ ++EVP_KDF_size() returns the output size. C is returned to indicate ++that the algorithm produces a variable amount of output; 0 to indicate failure. ++ ++The remaining functions return 1 for success and 0 or a negative value for ++failure. In particular, a return value of -2 indicates the operation is not ++supported by the KDF algorithm. ++ ++=head1 SEE ALSO ++ ++L ++ ++=head1 COPYRIGHT ++ ++Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the Apache License 2.0 (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod +--- openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod.evp-kdf 2020-03-19 16:04:32.377698675 +0100 ++++ openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod 2020-03-19 16:04:32.377698675 +0100 +@@ -0,0 +1,180 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_HKDF - The HKDF EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++Support for computing the B KDF through the B API. ++ ++The EVP_KDF_HKDF algorithm implements the HKDF key derivation function. ++HKDF follows the "extract-then-expand" paradigm, where the KDF logically ++consists of two modules. The first stage takes the input keying material ++and "extracts" from it a fixed-length pseudorandom key K. The second stage ++"expands" the key K into several additional pseudorandom keys (the output ++of the KDF). ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it ++can be used with the EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++=item B ++ ++=item B ++ ++These controls work as described in L. ++ ++=item B ++ ++This control does not expect any arguments. ++ ++Resets the context info buffer to zero length. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++Sets the info value to the first B bytes of the buffer B. If a ++value is already set, the contents of the buffer are appended to the existing ++value. ++ ++The total length of the context info buffer cannot exceed 1024 bytes; ++this should be more than enough for any normal use of HKDF. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "info" ++ ++The value string is used as is. ++ ++=item "hexinfo" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control expects one argument: C ++ ++Sets the mode for the HKDF operation. There are three modes that are currently ++defined: ++ ++=over 4 ++ ++=item EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND ++ ++This is the default mode. Calling L on an EVP_KDF_CTX set ++up for HKDF will perform an extract followed by an expand operation in one go. ++The derived key returned will be the result after the expand operation. The ++intermediate fixed-length pseudorandom key K is not returned. ++ ++In this mode the digest, key, salt and info values must be set before a key is ++derived otherwise an error will occur. ++ ++=item EVP_KDF_HKDF_MODE_EXTRACT_ONLY ++ ++In this mode calling L will just perform the extract ++operation. The value returned will be the intermediate fixed-length pseudorandom ++key K. The C parameter must match the size of K, which can be looked ++up by calling EVP_KDF_size() after setting the mode and digest. ++ ++The digest, key and salt values must be set before a key is derived otherwise ++an error will occur. ++ ++=item EVP_KDF_HKDF_MODE_EXPAND_ONLY ++ ++In this mode calling L will just perform the expand ++operation. The input key should be set to the intermediate fixed-length ++pseudorandom key K returned from a previous extract operation. ++ ++The digest, key and info values must be set before a key is derived otherwise ++an error will occur. ++ ++=back ++ ++EVP_KDF_ctrl_str() type string: "mode" ++ ++The value string is expected to be one of: "EXTRACT_AND_EXPAND", "EXTRACT_ONLY" ++or "EXPAND_ONLY". ++ ++=back ++ ++=head1 NOTES ++ ++A context for HKDF can be obtained by calling: ++ ++ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF); ++ ++The output length of an HKDF expand operation is specified via the C ++parameter to the L function. When using ++EVP_KDF_HKDF_MODE_EXTRACT_ONLY the C parameter must equal the size of ++the intermediate fixed-length pseudorandom key otherwise an error will occur. ++For that mode, the fixed output size can be looked up by calling EVP_KDF_size() ++after setting the mode and digest on the C. ++ ++=head1 EXAMPLE ++ ++This example derives 10 bytes using SHA-256 with the secret key "secret", ++salt value "salt" and info value "label": ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char out[10]; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF); ++ ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ error("EVP_KDF_CTRL_SET_MD"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { ++ error("EVP_KDF_CTRL_SET_SALT"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", (size_t)6) <= 0) { ++ error("EVP_KDF_CTRL_SET_KEY"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO, "label", (size_t)5) <= 0) { ++ error("EVP_KDF_CTRL_ADD_HKDF_INFO"); ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ error("EVP_KDF_derive"); ++ } ++ ++ EVP_KDF_CTX_free(kctx); ++ ++=head1 CONFORMING TO ++ ++RFC 5869 ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 COPYRIGHT ++ ++Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the Apache License 2.0 (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod +--- openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100 ++++ openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod 2020-03-19 16:04:32.378698658 +0100 +@@ -0,0 +1,78 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_PBKDF2 - The PBKDF2 EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++Support for computing the B password-based KDF through the B ++API. ++ ++The EVP_KDF_PBKDF2 algorithm implements the PBKDF2 password-based key ++derivation function, as described in RFC 2898; it derives a key from a password ++using a salt and iteration count. ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it ++can be used with the EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++=item B ++ ++=item B ++ ++=item B ++ ++These controls work as described in L. ++ ++B is the iteration count and its value should be greater than or equal to ++1. RFC 2898 suggests an iteration count of at least 1000. The default value is ++2048. Any B less than 1 is treated as a single iteration. ++ ++=back ++ ++=head1 NOTES ++ ++A typical application of this algorithm is to derive keying material for an ++encryption algorithm from a password in the B, a salt in B, ++and an iteration count. ++ ++Increasing the B parameter slows down the algorithm which makes it ++harder for an attacker to perform a brute force attack using a large number ++of candidate passwords. ++ ++No assumption is made regarding the given password; it is simply treated as a ++byte sequence. ++ ++=head1 CONFORMING TO ++ ++RFC 2898 ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 COPYRIGHT ++ ++Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the Apache License 2.0 (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod +--- openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100 ++++ openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod 2020-03-19 16:04:32.378698658 +0100 +@@ -0,0 +1,149 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_SCRYPT - The scrypt EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++Support for computing the B password-based KDF through the B ++API. ++ ++The EVP_KDF_SCRYPT algorithm implements the scrypt password-based key ++derivation function, as described in RFC 7914. It is memory-hard in the sense ++that it deliberately requires a significant amount of RAM for efficient ++computation. The intention of this is to render brute forcing of passwords on ++systems that lack large amounts of main memory (such as GPUs or ASICs) ++computationally infeasible. ++ ++scrypt provides three work factors that can be customized: N, r and p. N, which ++has to be a positive power of two, is the general work factor and scales CPU ++time in an approximately linear fashion. r is the block size of the internally ++used hash function and p is the parallelization factor. Both r and p need to be ++greater than zero. The amount of RAM that scrypt requires for its computation ++is roughly (128 * N * r * p) bytes. ++ ++In the original paper of Colin Percival ("Stronger Key Derivation via ++Sequential Memory-Hard Functions", 2009), the suggested values that give a ++computation time of less than 5 seconds on a 2.5 GHz Intel Core 2 Duo are N = ++2^20 = 1048576, r = 8, p = 1. Consequently, the required amount of memory for ++this computation is roughly 1 GiB. On a more recent CPU (Intel i7-5930K at 3.5 ++GHz), this computation takes about 3 seconds. When N, r or p are not specified, ++they default to 1048576, 8, and 1, respectively. The maximum amount of RAM that ++may be used by scrypt defaults to 1025 MiB. ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it ++can be used with the EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++=item B ++ ++These controls work as described in L. ++ ++=item B ++ ++=item B ++ ++=item B ++ ++B expects one argument: C ++ ++B expects one argument: C ++ ++B expects one argument: C ++ ++These controls configure the scrypt work factors N, r and p. ++ ++EVP_KDF_ctrl_str() type strings: "N", "r" and "p", respectively. ++ ++The corresponding value strings are expected to be decimal numbers. ++ ++=back ++ ++=head1 NOTES ++ ++A context for scrypt can be obtained by calling: ++ ++ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT); ++ ++The output length of an scrypt key derivation is specified via the ++B parameter to the L function. ++ ++=head1 EXAMPLE ++ ++This example derives a 64-byte long test vector using scrypt with the password ++"password", salt "NaCl" and N = 1024, r = 8, p = 16. ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char out[64]; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT); ++ ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { ++ error("EVP_KDF_CTRL_SET_PASS"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl", (size_t)4) <= 0) { ++ error("EVP_KDF_CTRL_SET_SALT"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, (uint64_t)1024) <= 0) { ++ error("EVP_KDF_CTRL_SET_SCRYPT_N"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)8) <= 0) { ++ error("EVP_KDF_CTRL_SET_SCRYPT_R"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)16) <= 0) { ++ error("EVP_KDF_CTRL_SET_SCRYPT_P"); ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ error("EVP_KDF_derive"); ++ } ++ ++ { ++ const unsigned char expected[sizeof(out)] = { ++ 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00, ++ 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe, ++ 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30, ++ 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62, ++ 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88, ++ 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda, ++ 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d, ++ 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 ++ }; ++ ++ assert(!memcmp(out, expected, sizeof(out))); ++ } ++ ++ EVP_KDF_CTX_free(kctx); ++ ++=head1 CONFORMING TO ++ ++RFC 7914 ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 COPYRIGHT ++ ++Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the OpenSSL license (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod +--- openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100 ++++ openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod 2020-03-19 16:04:32.378698658 +0100 +@@ -0,0 +1,142 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_TLS1_PRF - The TLS1 PRF EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++Support for computing the B PRF through the B API. ++ ++The EVP_KDF_TLS1_PRF algorithm implements the PRF used by TLS versions up to ++and including TLS 1.2. ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it ++can be used with the EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++This control works as described in L. ++ ++The C control is used to set the message digest associated ++with the TLS PRF. EVP_md5_sha1() is treated as a special case which uses the ++PRF algorithm using both B and B as used in TLS 1.0 and 1.1. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++Sets the secret value of the TLS PRF to B bytes of the buffer B. ++Any existing secret value is replaced. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "secret" ++ ++The value string is used as is. ++ ++=item "hexsecret" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control does not expect any arguments. ++ ++Resets the context seed buffer to zero length. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++Sets the seed to B bytes of B. If a seed is already set it is ++appended to the existing value. ++ ++The total length of the context seed buffer cannot exceed 1024 bytes; ++this should be more than enough for any normal use of the TLS PRF. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "seed" ++ ++The value string is used as is. ++ ++=item "hexseed" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=back ++ ++=head1 NOTES ++ ++A context for the TLS PRF can be obtained by calling: ++ ++ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_TLS1_PRF, NULL); ++ ++The digest, secret value and seed must be set before a key is derived otherwise ++an error will occur. ++ ++The output length of the PRF is specified by the C parameter to the ++EVP_KDF_derive() function. ++ ++=head1 EXAMPLE ++ ++This example derives 10 bytes using SHA-256 with the secret key "secret" ++and seed value "seed": ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char out[10]; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_TLS1_PRF); ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ error("EVP_KDF_CTRL_SET_MD"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET, ++ "secret", (size_t)6) <= 0) { ++ error("EVP_KDF_CTRL_SET_TLS_SECRET"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed", (size_t)4) <= 0) { ++ error("EVP_KDF_CTRL_ADD_TLS_SEED"); ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ error("EVP_KDF_derive"); ++ } ++ EVP_KDF_CTX_free(kctx); ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 COPYRIGHT ++ ++Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the Apache License 2.0 (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1e/include/crypto/evp.h.evp-kdf openssl-1.1.1e/include/crypto/evp.h +--- openssl-1.1.1e/include/crypto/evp.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/crypto/evp.h 2020-03-19 16:04:32.347699194 +0100 +@@ -112,6 +112,24 @@ extern const EVP_PKEY_METHOD hkdf_pkey_m + extern const EVP_PKEY_METHOD poly1305_pkey_meth; + extern const EVP_PKEY_METHOD siphash_pkey_meth; + ++/* struct evp_kdf_impl_st is defined by the implementation */ ++typedef struct evp_kdf_impl_st EVP_KDF_IMPL; ++typedef struct { ++ int type; ++ EVP_KDF_IMPL *(*new) (void); ++ void (*free) (EVP_KDF_IMPL *impl); ++ void (*reset) (EVP_KDF_IMPL *impl); ++ int (*ctrl) (EVP_KDF_IMPL *impl, int cmd, va_list args); ++ int (*ctrl_str) (EVP_KDF_IMPL *impl, const char *type, const char *value); ++ size_t (*size) (EVP_KDF_IMPL *impl); ++ int (*derive) (EVP_KDF_IMPL *impl, unsigned char *key, size_t keylen); ++} EVP_KDF_METHOD; ++ ++extern const EVP_KDF_METHOD pbkdf2_kdf_meth; ++extern const EVP_KDF_METHOD scrypt_kdf_meth; ++extern const EVP_KDF_METHOD tls1_prf_kdf_meth; ++extern const EVP_KDF_METHOD hkdf_kdf_meth; ++ + struct evp_md_st { + int type; + int pkey_type; +diff -up openssl-1.1.1e/include/openssl/evperr.h.evp-kdf openssl-1.1.1e/include/openssl/evperr.h +--- openssl-1.1.1e/include/openssl/evperr.h.evp-kdf 2020-03-19 16:04:11.250064365 +0100 ++++ openssl-1.1.1e/include/openssl/evperr.h 2020-03-19 16:04:32.379698640 +0100 +@@ -58,6 +58,9 @@ int ERR_load_EVP_strings(void); + # define EVP_F_EVP_ENCRYPTDECRYPTUPDATE 219 + # define EVP_F_EVP_ENCRYPTFINAL_EX 127 + # define EVP_F_EVP_ENCRYPTUPDATE 167 ++# define EVP_F_EVP_KDF_CTRL 224 ++# define EVP_F_EVP_KDF_CTRL_STR 225 ++# define EVP_F_EVP_KDF_CTX_NEW_ID 226 + # define EVP_F_EVP_MD_CTX_COPY_EX 110 + # define EVP_F_EVP_MD_SIZE 162 + # define EVP_F_EVP_OPENINIT 102 +@@ -120,11 +123,13 @@ int ERR_load_EVP_strings(void); + # define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 + # define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164 + # define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN 180 ++# define EVP_F_PKEY_KDF_CTRL 227 + # define EVP_F_PKEY_SET_TYPE 158 + # define EVP_F_RC2_MAGIC_TO_METH 109 + # define EVP_F_RC5_CTRL 125 + # define EVP_F_R_32_12_16_INIT_KEY 242 + # define EVP_F_S390X_AES_GCM_CTRL 201 ++# define EVP_F_SCRYPT_ALG 228 + # define EVP_F_UPDATE 173 + + /* +@@ -181,6 +186,7 @@ int ERR_load_EVP_strings(void); + # define EVP_R_ONLY_ONESHOT_SUPPORTED 177 + # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150 + # define EVP_R_OPERATON_NOT_INITIALIZED 151 ++# define EVP_R_PARAMETER_TOO_LARGE 187 + # define EVP_R_PARTIALLY_OVERLAPPING 162 + # define EVP_R_PBKDF2_ERROR 181 + # define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179 +diff -up openssl-1.1.1e/include/openssl/kdferr.h.evp-kdf openssl-1.1.1e/include/openssl/kdferr.h +--- openssl-1.1.1e/include/openssl/kdferr.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/kdferr.h 2020-03-19 16:04:32.379698640 +0100 +@@ -23,6 +23,23 @@ int ERR_load_KDF_strings(void); + /* + * KDF function codes. + */ ++# define KDF_F_HKDF_EXTRACT 112 ++# define KDF_F_KDF_HKDF_DERIVE 113 ++# define KDF_F_KDF_HKDF_NEW 114 ++# define KDF_F_KDF_HKDF_SIZE 115 ++# define KDF_F_KDF_MD2CTRL 116 ++# define KDF_F_KDF_PBKDF2_CTRL_STR 117 ++# define KDF_F_KDF_PBKDF2_DERIVE 118 ++# define KDF_F_KDF_PBKDF2_NEW 119 ++# define KDF_F_KDF_SCRYPT_CTRL_STR 120 ++# define KDF_F_KDF_SCRYPT_CTRL_UINT32 121 ++# define KDF_F_KDF_SCRYPT_CTRL_UINT64 122 ++# define KDF_F_KDF_SCRYPT_DERIVE 123 ++# define KDF_F_KDF_SCRYPT_NEW 124 ++# define KDF_F_KDF_TLS1_PRF_CTRL_STR 125 ++# define KDF_F_KDF_TLS1_PRF_DERIVE 126 ++# define KDF_F_KDF_TLS1_PRF_NEW 127 ++# define KDF_F_PBKDF2_SET_MEMBUF 128 + # define KDF_F_PKEY_HKDF_CTRL_STR 103 + # define KDF_F_PKEY_HKDF_DERIVE 102 + # define KDF_F_PKEY_HKDF_INIT 108 +@@ -34,6 +51,7 @@ int ERR_load_KDF_strings(void); + # define KDF_F_PKEY_TLS1_PRF_CTRL_STR 100 + # define KDF_F_PKEY_TLS1_PRF_DERIVE 101 + # define KDF_F_PKEY_TLS1_PRF_INIT 110 ++# define KDF_F_SCRYPT_SET_MEMBUF 129 + # define KDF_F_TLS1_PRF_ALG 111 + + /* +@@ -51,5 +69,6 @@ int ERR_load_KDF_strings(void); + # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 + # define KDF_R_VALUE_ERROR 108 + # define KDF_R_VALUE_MISSING 102 ++# define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112 + + #endif +diff -up openssl-1.1.1e/include/openssl/kdf.h.evp-kdf openssl-1.1.1e/include/openssl/kdf.h +--- openssl-1.1.1e/include/openssl/kdf.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/kdf.h 2020-03-19 16:04:32.380698623 +0100 +@@ -10,10 +10,50 @@ + #ifndef HEADER_KDF_H + # define HEADER_KDF_H + ++# include + # include +-#ifdef __cplusplus ++# ifdef __cplusplus + extern "C" { +-#endif ++# endif ++ ++# define EVP_KDF_PBKDF2 NID_id_pbkdf2 ++# define EVP_KDF_SCRYPT NID_id_scrypt ++# define EVP_KDF_TLS1_PRF NID_tls1_prf ++# define EVP_KDF_HKDF NID_hkdf ++ ++EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id); ++void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); ++ ++void EVP_KDF_reset(EVP_KDF_CTX *ctx); ++int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...); ++int EVP_KDF_vctrl(EVP_KDF_CTX *ctx, int cmd, va_list args); ++int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value); ++size_t EVP_KDF_size(EVP_KDF_CTX *ctx); ++int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); ++ ++ ++# define EVP_KDF_CTRL_SET_PASS 0x01 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_SALT 0x02 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_ITER 0x03 /* int */ ++# define EVP_KDF_CTRL_SET_MD 0x04 /* EVP_MD * */ ++# define EVP_KDF_CTRL_SET_KEY 0x05 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_MAXMEM_BYTES 0x06 /* uint64_t */ ++# define EVP_KDF_CTRL_SET_TLS_SECRET 0x07 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_RESET_TLS_SEED 0x08 ++# define EVP_KDF_CTRL_ADD_TLS_SEED 0x09 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_RESET_HKDF_INFO 0x0a ++# define EVP_KDF_CTRL_ADD_HKDF_INFO 0x0b /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_HKDF_MODE 0x0c /* int */ ++# define EVP_KDF_CTRL_SET_SCRYPT_N 0x0d /* uint64_t */ ++# define EVP_KDF_CTRL_SET_SCRYPT_R 0x0e /* uint32_t */ ++# define EVP_KDF_CTRL_SET_SCRYPT_P 0x0f /* uint32_t */ ++ ++# define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0 ++# define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1 ++# define EVP_KDF_HKDF_MODE_EXPAND_ONLY 2 ++ ++ ++/**** The legacy PKEY-based KDF API follows. ****/ + + # define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL) + # define EVP_PKEY_CTRL_TLS_SECRET (EVP_PKEY_ALG_CTRL + 1) +@@ -30,9 +70,12 @@ extern "C" { + # define EVP_PKEY_CTRL_SCRYPT_P (EVP_PKEY_ALG_CTRL + 12) + # define EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES (EVP_PKEY_ALG_CTRL + 13) + +-# define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND 0 +-# define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1 +-# define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2 ++# define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND \ ++ EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND ++# define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY \ ++ EVP_KDF_HKDF_MODE_EXTRACT_ONLY ++# define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY \ ++ EVP_KDF_HKDF_MODE_EXPAND_ONLY + + # define EVP_PKEY_CTX_set_tls1_prf_md(pctx, md) \ + EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ +@@ -91,7 +134,7 @@ extern "C" { + EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, maxmem_bytes) + + +-# ifdef __cplusplus ++# ifdef __cplusplus + } + # endif + #endif +diff -up openssl-1.1.1e/include/openssl/ossl_typ.h.evp-kdf openssl-1.1.1e/include/openssl/ossl_typ.h +--- openssl-1.1.1e/include/openssl/ossl_typ.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/ossl_typ.h 2020-03-19 16:04:32.381698606 +0100 +@@ -97,6 +97,8 @@ typedef struct evp_pkey_asn1_method_st E + typedef struct evp_pkey_method_st EVP_PKEY_METHOD; + typedef struct evp_pkey_ctx_st EVP_PKEY_CTX; + ++typedef struct evp_kdf_ctx_st EVP_KDF_CTX; ++ + typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX; + + typedef struct hmac_ctx_st HMAC_CTX; +diff -up openssl-1.1.1e/test/build.info.evp-kdf openssl-1.1.1e/test/build.info +--- openssl-1.1.1e/test/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/build.info 2020-03-19 16:04:32.381698606 +0100 +@@ -44,7 +44,8 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I + ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \ + bio_callback_test bio_memleak_test \ + bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \ +- pkey_meth_test pkey_meth_kdf_test uitest cipherbytes_test \ ++ pkey_meth_test pkey_meth_kdf_test evp_kdf_test uitest \ ++ cipherbytes_test \ + asn1_encode_test asn1_decode_test asn1_string_table_test \ + x509_time_test x509_dup_cert_test x509_check_cert_pkey_test \ + recordlentest drbgtest sslbuffertest \ +@@ -336,6 +337,10 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I + INCLUDE[pkey_meth_kdf_test]=../include + DEPEND[pkey_meth_kdf_test]=../libcrypto libtestutil.a + ++ SOURCE[evp_kdf_test]=evp_kdf_test.c ++ INCLUDE[evp_kdf_test]=../include ++ DEPEND[evp_kdf_test]=../libcrypto libtestutil.a ++ + SOURCE[x509_time_test]=x509_time_test.c + INCLUDE[x509_time_test]=../include + DEPEND[x509_time_test]=../libcrypto libtestutil.a +diff -up openssl-1.1.1e/test/evp_kdf_test.c.evp-kdf openssl-1.1.1e/test/evp_kdf_test.c +--- openssl-1.1.1e/test/evp_kdf_test.c.evp-kdf 2020-03-19 16:04:32.382698588 +0100 ++++ openssl-1.1.1e/test/evp_kdf_test.c 2020-03-19 16:04:32.382698588 +0100 +@@ -0,0 +1,237 @@ ++/* ++ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++/* Tests of the EVP_KDF_CTX APIs */ ++ ++#include ++#include ++ ++#include ++#include ++#include "testutil.h" ++ ++static int test_kdf_tls1_prf(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ unsigned char out[16]; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_TLS1_PRF)) == NULL) { ++ TEST_error("EVP_KDF_TLS1_PRF"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MD"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET, ++ "secret", (size_t)6) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_TLS_SECRET"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed", (size_t)4) <= 0) { ++ TEST_error("EVP_KDF_CTRL_ADD_TLS_SEED"); ++ goto err; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ TEST_error("EVP_KDF_derive"); ++ goto err; ++ } ++ ++ { ++ const unsigned char expected[sizeof(out)] = { ++ 0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0, ++ 0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc ++ }; ++ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { ++ goto err; ++ } ++ } ++ ret = 1; ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++static int test_kdf_hkdf(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ unsigned char out[10]; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF)) == NULL) { ++ TEST_error("EVP_KDF_HKDF"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MD"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", (size_t)6) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO, ++ "label", (size_t)5) <= 0) { ++ TEST_error("EVP_KDF_CTRL_ADD_HKDF_INFO"); ++ goto err; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ TEST_error("EVP_KDF_derive"); ++ goto err; ++ } ++ ++ { ++ const unsigned char expected[sizeof(out)] = { ++ 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13 ++ }; ++ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { ++ goto err; ++ } ++ } ++ ret = 1; ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++static int test_kdf_pbkdf2(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ unsigned char out[32]; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2)) == NULL) { ++ TEST_error("EVP_KDF_PBKDF2"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_PASS"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_ITER"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MD"); ++ goto err; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ TEST_error("EVP_KDF_derive"); ++ goto err; ++ } ++ ++ { ++ const unsigned char expected[sizeof(out)] = { ++ 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3, ++ 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0, ++ 0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf, ++ 0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43 ++ }; ++ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { ++ goto err; ++ } ++ } ++ ret = 1; ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++#ifndef OPENSSL_NO_SCRYPT ++static int test_kdf_scrypt(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ unsigned char out[64]; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT)) == NULL) { ++ TEST_error("EVP_KDF_SCRYPT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_PASS"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl", (size_t)4) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, (uint64_t)1024) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SCRYPT_N"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)8) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SCRYPT_R"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)16) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SCRYPT_P"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, (uint64_t)16) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MAXMEM_BYTES"); ++ goto err; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) > 0) { ++ TEST_error("EVP_KDF_derive should have failed"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, ++ (uint64_t)(10 * 1024 * 1024)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MAXMEM_BYTES"); ++ goto err; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ TEST_error("EVP_KDF_derive"); ++ goto err; ++ } ++ ++ { ++ const unsigned char expected[sizeof(out)] = { ++ 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00, ++ 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe, ++ 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30, ++ 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62, ++ 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88, ++ 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda, ++ 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d, ++ 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 ++ }; ++ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { ++ goto err; ++ } ++ } ++ ret = 1; ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++#endif ++ ++int setup_tests(void) ++{ ++ ADD_TEST(test_kdf_tls1_prf); ++ ADD_TEST(test_kdf_hkdf); ++ ADD_TEST(test_kdf_pbkdf2); ++#ifndef OPENSSL_NO_SCRYPT ++ ADD_TEST(test_kdf_scrypt); ++#endif ++ return 1; ++} +diff -up openssl-1.1.1e/test/evp_test.c.evp-kdf openssl-1.1.1e/test/evp_test.c +--- openssl-1.1.1e/test/evp_test.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/evp_test.c 2020-03-19 16:04:32.383698571 +0100 +@@ -1705,13 +1705,14 @@ static const EVP_TEST_METHOD encode_test + encode_test_run, + }; + ++ + /** + *** KDF TESTS + **/ + + typedef struct kdf_data_st { + /* Context for this operation */ +- EVP_PKEY_CTX *ctx; ++ EVP_KDF_CTX *ctx; + /* Expected output */ + unsigned char *output; + size_t output_len; +@@ -1738,16 +1739,11 @@ static int kdf_test_init(EVP_TEST *t, co + + if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata)))) + return 0; +- kdata->ctx = EVP_PKEY_CTX_new_id(kdf_nid, NULL); ++ kdata->ctx = EVP_KDF_CTX_new_id(kdf_nid); + if (kdata->ctx == NULL) { + OPENSSL_free(kdata); + return 0; + } +- if (EVP_PKEY_derive_init(kdata->ctx) <= 0) { +- EVP_PKEY_CTX_free(kdata->ctx); +- OPENSSL_free(kdata); +- return 0; +- } + t->data = kdata; + return 1; + } +@@ -1756,7 +1752,42 @@ static void kdf_test_cleanup(EVP_TEST *t + { + KDF_DATA *kdata = t->data; + OPENSSL_free(kdata->output); +- EVP_PKEY_CTX_free(kdata->ctx); ++ EVP_KDF_CTX_free(kdata->ctx); ++} ++ ++static int kdf_test_ctrl(EVP_TEST *t, EVP_KDF_CTX *kctx, ++ const char *value) ++{ ++ int rv; ++ char *p, *tmpval; ++ ++ if (!TEST_ptr(tmpval = OPENSSL_strdup(value))) ++ return 0; ++ p = strchr(tmpval, ':'); ++ if (p != NULL) ++ *p++ = '\0'; ++ rv = EVP_KDF_ctrl_str(kctx, tmpval, p); ++ if (rv == -2) { ++ t->err = "KDF_CTRL_INVALID"; ++ rv = 1; ++ } else if (p != NULL && rv <= 0) { ++ /* If p has an OID and lookup fails assume disabled algorithm */ ++ int nid = OBJ_sn2nid(p); ++ ++ if (nid == NID_undef) ++ nid = OBJ_ln2nid(p); ++ if (nid != NID_undef ++ && EVP_get_digestbynid(nid) == NULL ++ && EVP_get_cipherbynid(nid) == NULL) { ++ t->skip = 1; ++ rv = 1; ++ } else { ++ t->err = "KDF_CTRL_ERROR"; ++ rv = 1; ++ } ++ } ++ OPENSSL_free(tmpval); ++ return rv > 0; + } + + static int kdf_test_parse(EVP_TEST *t, +@@ -1767,7 +1798,7 @@ static int kdf_test_parse(EVP_TEST *t, + if (strcmp(keyword, "Output") == 0) + return parse_bin(value, &kdata->output, &kdata->output_len); + if (strncmp(keyword, "Ctrl", 4) == 0) +- return pkey_test_ctrl(t, kdata->ctx, value); ++ return kdf_test_ctrl(t, kdata->ctx, value); + return 0; + } + +@@ -1781,7 +1812,7 @@ static int kdf_test_run(EVP_TEST *t) + t->err = "INTERNAL_ERROR"; + goto err; + } +- if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) { ++ if (EVP_KDF_derive(expected->ctx, got, got_len) <= 0) { + t->err = "KDF_DERIVE_ERROR"; + goto err; + } +@@ -1807,6 +1838,106 @@ static const EVP_TEST_METHOD kdf_test_me + + + /** ++*** PKEY KDF TESTS ++**/ ++ ++typedef struct pkey_kdf_data_st { ++ /* Context for this operation */ ++ EVP_PKEY_CTX *ctx; ++ /* Expected output */ ++ unsigned char *output; ++ size_t output_len; ++} PKEY_KDF_DATA; ++ ++/* ++ * Perform public key operation setup: lookup key, allocated ctx and call ++ * the appropriate initialisation function ++ */ ++static int pkey_kdf_test_init(EVP_TEST *t, const char *name) ++{ ++ PKEY_KDF_DATA *kdata; ++ int kdf_nid = OBJ_sn2nid(name); ++ ++#ifdef OPENSSL_NO_SCRYPT ++ if (strcmp(name, "scrypt") == 0) { ++ t->skip = 1; ++ return 1; ++ } ++#endif ++ ++ if (kdf_nid == NID_undef) ++ kdf_nid = OBJ_ln2nid(name); ++ ++ if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata)))) ++ return 0; ++ kdata->ctx = EVP_PKEY_CTX_new_id(kdf_nid, NULL); ++ if (kdata->ctx == NULL) { ++ OPENSSL_free(kdata); ++ return 0; ++ } ++ if (EVP_PKEY_derive_init(kdata->ctx) <= 0) { ++ EVP_PKEY_CTX_free(kdata->ctx); ++ OPENSSL_free(kdata); ++ return 0; ++ } ++ t->data = kdata; ++ return 1; ++} ++ ++static void pkey_kdf_test_cleanup(EVP_TEST *t) ++{ ++ PKEY_KDF_DATA *kdata = t->data; ++ OPENSSL_free(kdata->output); ++ EVP_PKEY_CTX_free(kdata->ctx); ++} ++ ++static int pkey_kdf_test_parse(EVP_TEST *t, ++ const char *keyword, const char *value) ++{ ++ PKEY_KDF_DATA *kdata = t->data; ++ ++ if (strcmp(keyword, "Output") == 0) ++ return parse_bin(value, &kdata->output, &kdata->output_len); ++ if (strncmp(keyword, "Ctrl", 4) == 0) ++ return pkey_test_ctrl(t, kdata->ctx, value); ++ return 0; ++} ++ ++static int pkey_kdf_test_run(EVP_TEST *t) ++{ ++ PKEY_KDF_DATA *expected = t->data; ++ unsigned char *got = NULL; ++ size_t got_len = expected->output_len; ++ ++ if (!TEST_ptr(got = OPENSSL_malloc(got_len))) { ++ t->err = "INTERNAL_ERROR"; ++ goto err; ++ } ++ if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) { ++ t->err = "KDF_DERIVE_ERROR"; ++ goto err; ++ } ++ if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) { ++ t->err = "KDF_MISMATCH"; ++ goto err; ++ } ++ t->err = NULL; ++ ++ err: ++ OPENSSL_free(got); ++ return 1; ++} ++ ++static const EVP_TEST_METHOD pkey_kdf_test_method = { ++ "PKEYKDF", ++ pkey_kdf_test_init, ++ pkey_kdf_test_cleanup, ++ pkey_kdf_test_parse, ++ pkey_kdf_test_run ++}; ++ ++ ++/** + *** KEYPAIR TESTS + **/ + +@@ -2310,6 +2441,7 @@ static const EVP_TEST_METHOD *evp_test_l + &digestverify_test_method, + &encode_test_method, + &kdf_test_method, ++ &pkey_kdf_test_method, + &keypair_test_method, + &keygen_test_method, + &mac_test_method, +diff -up openssl-1.1.1e/test/pkey_meth_kdf_test.c.evp-kdf openssl-1.1.1e/test/pkey_meth_kdf_test.c +--- openssl-1.1.1e/test/pkey_meth_kdf_test.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/pkey_meth_kdf_test.c 2020-03-19 16:04:32.386698519 +0100 +@@ -1,5 +1,5 @@ + /* +- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy +@@ -18,30 +18,34 @@ + + static int test_kdf_tls1_prf(void) + { ++ int ret = 0; + EVP_PKEY_CTX *pctx; + unsigned char out[16]; + size_t outlen = sizeof(out); +- pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL); + ++ if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL)) == NULL) { ++ TEST_error("EVP_PKEY_TLS1_PRF"); ++ goto err; ++ } + if (EVP_PKEY_derive_init(pctx) <= 0) { + TEST_error("EVP_PKEY_derive_init"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) <= 0) { + TEST_error("EVP_PKEY_CTX_set_tls1_prf_md"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, "secret", 6) <= 0) { + TEST_error("EVP_PKEY_CTX_set1_tls1_prf_secret"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, "seed", 4) <= 0) { + TEST_error("EVP_PKEY_CTX_add1_tls1_prf_seed"); +- return 0; ++ goto err; + } + if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) { + TEST_error("EVP_PKEY_derive"); +- return 0; ++ goto err; + } + + { +@@ -50,43 +54,49 @@ static int test_kdf_tls1_prf(void) + 0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc + }; + if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { +- return 0; ++ goto err; + } + } ++ ret = 1; ++err: + EVP_PKEY_CTX_free(pctx); +- return 1; ++ return ret; + } + + static int test_kdf_hkdf(void) + { ++ int ret = 0; + EVP_PKEY_CTX *pctx; + unsigned char out[10]; + size_t outlen = sizeof(out); +- pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); + ++ if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)) == NULL) { ++ TEST_error("EVP_PKEY_HKDF"); ++ goto err; ++ } + if (EVP_PKEY_derive_init(pctx) <= 0) { + TEST_error("EVP_PKEY_derive_init"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) <= 0) { + TEST_error("EVP_PKEY_CTX_set_hkdf_md"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, "salt", 4) <= 0) { + TEST_error("EVP_PKEY_CTX_set1_hkdf_salt"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set1_hkdf_key(pctx, "secret", 6) <= 0) { + TEST_error("EVP_PKEY_CTX_set1_hkdf_key"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_add1_hkdf_info(pctx, "label", 5) <= 0) { + TEST_error("EVP_PKEY_CTX_set1_hkdf_info"); +- return 0; ++ goto err; + } + if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) { + TEST_error("EVP_PKEY_derive"); +- return 0; ++ goto err; + } + + { +@@ -94,60 +104,66 @@ static int test_kdf_hkdf(void) + 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13 + }; + if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { +- return 0; ++ goto err; + } + } ++ ret = 1; ++err: + EVP_PKEY_CTX_free(pctx); +- return 1; ++ return ret; + } + + #ifndef OPENSSL_NO_SCRYPT + static int test_kdf_scrypt(void) + { ++ int ret = 0; + EVP_PKEY_CTX *pctx; + unsigned char out[64]; + size_t outlen = sizeof(out); +- pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL); + ++ if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL)) == NULL) { ++ TEST_error("EVP_PKEY_SCRYPT"); ++ goto err; ++ } + if (EVP_PKEY_derive_init(pctx) <= 0) { + TEST_error("EVP_PKEY_derive_init"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set1_pbe_pass(pctx, "password", 8) <= 0) { + TEST_error("EVP_PKEY_CTX_set1_pbe_pass"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, "NaCl", 4) <= 0) { + TEST_error("EVP_PKEY_CTX_set1_scrypt_salt"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_scrypt_N(pctx, 1024) <= 0) { + TEST_error("EVP_PKEY_CTX_set_scrypt_N"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_scrypt_r(pctx, 8) <= 0) { + TEST_error("EVP_PKEY_CTX_set_scrypt_r"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_scrypt_p(pctx, 16) <= 0) { + TEST_error("EVP_PKEY_CTX_set_scrypt_p"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 16) <= 0) { + TEST_error("EVP_PKEY_CTX_set_maxmem_bytes"); +- return 0; ++ goto err; + } + if (EVP_PKEY_derive(pctx, out, &outlen) > 0) { + TEST_error("EVP_PKEY_derive should have failed"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 10 * 1024 * 1024) <= 0) { + TEST_error("EVP_PKEY_CTX_set_maxmem_bytes"); +- return 0; ++ goto err; + } + if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) { + TEST_error("EVP_PKEY_derive"); +- return 0; ++ goto err; + } + + { +@@ -162,11 +178,13 @@ static int test_kdf_scrypt(void) + 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 + }; + if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { +- return 0; ++ goto err; + } + } ++ ret = 1; ++err: + EVP_PKEY_CTX_free(pctx); +- return 1; ++ return ret; + } + #endif + +diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt +--- openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt 2020-03-19 16:04:32.388698484 +0100 +@@ -1,5 +1,5 @@ + # +-# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved. ++# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. + # + # Licensed under the OpenSSL license (the "License"). You may not use + # this file except in compliance with the License. You can obtain a copy +@@ -15,7 +15,7 @@ + Title = TLS1 PRF tests (from NIST test vectors) + + KDF=TLS1-PRF +-Ctrl.md = md:MD5-SHA1 ++Ctrl.digest = digest:MD5-SHA1 + Ctrl.Secret = hexsecret:bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b2f1db02a96453513568d0 + Ctrl.label = seed:master secret + Ctrl.client_random = hexseed:e5acaf549cd25c22d964c0d930fa4b5261d2507fad84c33715b7b9a864020693 +@@ -23,7 +23,7 @@ Ctrl.server_random = hexseed:135e4d557fd + Output = 2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62 + + KDF=TLS1-PRF +-Ctrl.md = md:MD5-SHA1 ++Ctrl.digest = digest:MD5-SHA1 + Ctrl.Secret = hexsecret:2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62 + Ctrl.label = seed:key expansion + Ctrl.server_random = hexseed:67267e650eb32444119d222a368c191af3082888dc35afe8368e638c828874be +@@ -31,7 +31,7 @@ Ctrl.client_random = hexseed:d58a7b1cd4f + Output = 3088825988e77fce68d19f756e18e43eb7fe672433504feaf99b3c503d9091b164f166db301d70c9fc0870b4a94563907bee1a61fb786cb717576890bcc51cb9ead97e01d0a2fea99c953377b195205ff07b369589178796edc963fd80fdbe518a2fc1c35c18ae8d + + KDF=TLS1-PRF +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc + Ctrl.label = seed:master secret + Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c +@@ -39,7 +39,7 @@ Ctrl.server_random = hexseed:f6c9575ed7d + Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf + + KDF=TLS1-PRF +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf + Ctrl.label = seed:key expansion + Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868 +@@ -48,7 +48,7 @@ Output = d06139889fffac1e3a71865f504aa5d + + # As above but use long name for KDF + KDF=tls1-prf +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf + Ctrl.label = seed:key expansion + Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868 +@@ -64,7 +64,7 @@ Result = KDF_DERIVE_ERROR + + # Missing secret. + KDF=TLS1-PRF +-Ctrl.md = md:MD5-SHA1 ++Ctrl.digest = digest:MD5-SHA1 + Ctrl.Seed = hexseed:02 + Output = 03 + Result = KDF_DERIVE_ERROR +@@ -72,7 +72,7 @@ Result = KDF_DERIVE_ERROR + Title = HKDF tests (from RFC5869 test vectors) + + KDF = HKDF +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = hexsalt:000102030405060708090a0b0c + Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 +@@ -80,20 +80,20 @@ Output = 3cb25f25faacd57a90434f64d0362f2 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = hexsalt:000102030405060708090a0b0c + Output = 077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 + Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 + Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865 + + KDF = HKDF +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f + Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf + Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff +@@ -101,20 +101,20 @@ Output = b11e398dc80327a1c8e7f78c596a493 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f + Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf + Output = 06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 + Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff + Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87 + + KDF = HKDF +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = salt: + Ctrl.info = info: +@@ -122,7 +122,7 @@ Output = 8da4e775a563c18f715f802a063c5a3 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = salt: + Ctrl.info = info: +@@ -130,13 +130,13 @@ Output = 19ef24a32c717b167f33a91d6f648bd + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04 + Ctrl.info = info: + Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8 + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = hexsalt:000102030405060708090a0b0c + Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 +@@ -144,20 +144,20 @@ Output = 085a01ea1b10f36933068b56efa5ad8 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = hexsalt:000102030405060708090a0b0c + Output = 9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 + Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 + Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896 + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f + Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf + Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff +@@ -165,20 +165,20 @@ Output = 0bd770a74d1160f7c9f12cd5912a06e + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f + Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf + Output = 8adae09a2a307059478d309b26c4115a224cfaf6 + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:8adae09a2a307059478d309b26c4115a224cfaf6 + Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff + Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4 + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = salt: + Ctrl.info = info: +@@ -186,20 +186,20 @@ Output = 0ac1af7002b3d761d1e55298da9d050 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = salt: + Output = da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 + Ctrl.info = info: + Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918 + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c + Ctrl.salt = salt: + Ctrl.info = info: +@@ -207,14 +207,14 @@ Output = 2c91117204d745f3500d636a62f64f0 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c + Ctrl.salt = salt: + Output = 2adccada18779e7c2077ad2eb19d3f3e731385dd + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:2adccada18779e7c2077ad2eb19d3f3e731385dd + Ctrl.info = info: + Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 +@@ -227,27 +227,27 @@ Output = 00 + Result = KDF_DERIVE_ERROR + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.salt = salt: + Ctrl.info = info: + Output = 00 + Result = KDF_DERIVE_ERROR + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c + Ctrl.info = info: + Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c + Ctrl.salt = salt: + Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_AND_EXPAND +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c + Ctrl.salt = salt: + Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 +@@ -303,3 +303,133 @@ Ctrl.r = r:8 + Ctrl.p = p:1 + Result = INTERNAL_ERROR + ++Title = PBKDF2 tests ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:1 ++Ctrl.digest = digest:sha1 ++Output = 0c60c80f961f0e71f3a9b524af6012062fe037a6 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:1 ++Ctrl.digest = digest:sha256 ++Output = 120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:1 ++Ctrl.digest = digest:sha512 ++Output = 867f70cf1ade02cff3752599a3a53dc4af34c7a669815ae5d513554e1c8cf252c02d470a285a0501bad999bfe943c08f050235d7d68b1da55e63f73b60a57fce ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:2 ++Ctrl.digest = digest:sha1 ++Output = ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:2 ++Ctrl.digest = digest:sha256 ++Output = ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:2 ++Ctrl.digest = digest:sha512 ++Output = e1d9c16aa681708a45f5c7c4e215ceb66e011a2e9f0040713f18aefdb866d53cf76cab2868a39b9f7840edce4fef5a82be67335c77a6068e04112754f27ccf4e ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha1 ++Output = 4b007901b765489abead49d926f721d065a429c1 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha256 ++Output = c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha512 ++Output = d197b1b33db0143e018b12f3d1d1479e6cdebdcc97c5c0f87f6902e072f457b5143f30602641b3d55cd335988cb36b84376060ecd532e039b742a239434af2d5 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:passwordPASSWORDpassword ++Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha1 ++Output = 3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:passwordPASSWORDpassword ++Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha256 ++Output = 348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c635518c7dac47e9 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:passwordPASSWORDpassword ++Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha512 ++Output = 8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868c005174dc4ee71115b59f9e60cd9532fa33e0f75aefe30225c583a186cd82bd4daea9724a3d3b8 ++ ++KDF = PBKDF2 ++Ctrl.hexpass = hexpass:7061737300776f7264 ++Ctrl.hexsalt = hexsalt:7361006c74 ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha1 ++Output = 56fa6aa75548099dcc37d7f03425e0c3 ++ ++KDF = PBKDF2 ++Ctrl.hexpass = hexpass:7061737300776f7264 ++Ctrl.hexsalt = hexsalt:7361006c74 ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha256 ++Output = 89b69d0516f829893c696226650a8687 ++ ++KDF = PBKDF2 ++Ctrl.hexpass = hexpass:7061737300776f7264 ++Ctrl.hexsalt = hexsalt:7361006c74 ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha512 ++Output = 9d9e9c4cd21fe4be24d5b8244c759665 ++ ++Title = PBKDF2 tests for empty inputs ++ ++KDF = PBKDF2 ++Ctrl.pass = pass: ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:1 ++Ctrl.digest = digest:sha1 ++Output = a33dddc30478185515311f8752895d36ea4363a2 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass: ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:1 ++Ctrl.digest = digest:sha256 ++Output = f135c27993baf98773c5cdb40a5706ce6a345cde ++ ++KDF = PBKDF2 ++Ctrl.pass = pass: ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:1 ++Ctrl.digest = digest:sha512 ++Output = 00ef42cdbfc98d29db20976608e455567fdddf14 ++ +diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt +--- openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf 2020-03-19 16:04:32.389698467 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt 2020-03-19 16:04:32.389698467 +0100 +@@ -0,0 +1,305 @@ ++# ++# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. ++# ++# Licensed under the Apache License 2.0 (the "License"). You may not use ++# this file except in compliance with the License. You can obtain a copy ++# in the file LICENSE in the source distribution or at ++# https://www.openssl.org/source/license.html ++ ++# Tests start with one of these keywords ++# Cipher Decrypt Derive Digest Encoding KDF PKEYKDF MAC PBE ++# PrivPubKeyPair Sign Verify VerifyRecover ++# and continue until a blank line. Lines starting with a pound sign, ++# like this prolog, are ignored. ++ ++Title = TLS1 PRF tests (from NIST test vectors) ++ ++PKEYKDF=TLS1-PRF ++Ctrl.md = md:MD5-SHA1 ++Ctrl.Secret = hexsecret:bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b2f1db02a96453513568d0 ++Ctrl.label = seed:master secret ++Ctrl.client_random = hexseed:e5acaf549cd25c22d964c0d930fa4b5261d2507fad84c33715b7b9a864020693 ++Ctrl.server_random = hexseed:135e4d557fdf3aa6406d82975d5c606a9734c9334b42136e96990fbd5358cdb2 ++Output = 2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62 ++ ++PKEYKDF=TLS1-PRF ++Ctrl.md = md:MD5-SHA1 ++Ctrl.Secret = hexsecret:2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62 ++Ctrl.label = seed:key expansion ++Ctrl.server_random = hexseed:67267e650eb32444119d222a368c191af3082888dc35afe8368e638c828874be ++Ctrl.client_random = hexseed:d58a7b1cd4fedaa232159df652ce188f9d997e061b9bf48e83b62990440931f6 ++Output = 3088825988e77fce68d19f756e18e43eb7fe672433504feaf99b3c503d9091b164f166db301d70c9fc0870b4a94563907bee1a61fb786cb717576890bcc51cb9ead97e01d0a2fea99c953377b195205ff07b369589178796edc963fd80fdbe518a2fc1c35c18ae8d ++ ++PKEYKDF=TLS1-PRF ++Ctrl.md = md:SHA256 ++Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc ++Ctrl.label = seed:master secret ++Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c ++Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce ++Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf ++ ++PKEYKDF=TLS1-PRF ++Ctrl.md = md:SHA256 ++Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf ++Ctrl.label = seed:key expansion ++Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868 ++Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616 ++Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928 ++ ++# As above but use long name for KDF ++PKEYKDF=tls1-prf ++Ctrl.md = md:SHA256 ++Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf ++Ctrl.label = seed:key expansion ++Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868 ++Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616 ++Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928 ++ ++# Missing digest. ++PKEYKDF=TLS1-PRF ++Ctrl.Secret = hexsecret:01 ++Ctrl.Seed = hexseed:02 ++Output = 03 ++Result = KDF_DERIVE_ERROR ++ ++# Missing secret. ++PKEYKDF=TLS1-PRF ++Ctrl.md = md:MD5-SHA1 ++Ctrl.Seed = hexseed:02 ++Output = 03 ++Result = KDF_DERIVE_ERROR ++ ++Title = HKDF tests (from RFC5869 test vectors) ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = hexsalt:000102030405060708090a0b0c ++Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 ++Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = hexsalt:000102030405060708090a0b0c ++Output = 077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 ++Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 ++Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f ++Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf ++Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff ++Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f ++Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf ++Output = 06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 ++Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff ++Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = salt: ++Ctrl.info = info: ++Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = salt: ++Ctrl.info = info: ++Output = 19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04 ++Ctrl.info = info: ++Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = hexsalt:000102030405060708090a0b0c ++Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 ++Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = hexsalt:000102030405060708090a0b0c ++Output = 9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 ++Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 ++Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f ++Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf ++Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff ++Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f ++Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf ++Output = 8adae09a2a307059478d309b26c4115a224cfaf6 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:8adae09a2a307059478d309b26c4115a224cfaf6 ++Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff ++Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = salt: ++Ctrl.info = info: ++Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = salt: ++Output = da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 ++Ctrl.info = info: ++Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c ++Ctrl.salt = salt: ++Ctrl.info = info: ++Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c ++Ctrl.salt = salt: ++Output = 2adccada18779e7c2077ad2eb19d3f3e731385dd ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:2adccada18779e7c2077ad2eb19d3f3e731385dd ++Ctrl.info = info: ++Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 ++ ++PKEYKDF = HKDF ++Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c ++Ctrl.salt = salt: ++Ctrl.info = info: ++Output = 00 ++Result = KDF_DERIVE_ERROR ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.salt = salt: ++Ctrl.info = info: ++Output = 00 ++Result = KDF_DERIVE_ERROR ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c ++Ctrl.info = info: ++Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c ++Ctrl.salt = salt: ++Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_AND_EXPAND ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c ++Ctrl.salt = salt: ++Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 ++ ++Title = id-scrypt tests (from draft-josefsson-id-scrypt-kdf-03 and others) ++ ++PKEYKDF = scrypt ++Ctrl.pass = pass: ++Ctrl.salt = salt: ++Ctrl.N = N:16 ++Ctrl.r = r:1 ++Ctrl.p = p:1 ++Output = 77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906 ++ ++PKEYKDF = scrypt ++Ctrl.pass = pass:password ++Ctrl.salt = salt:NaCl ++Ctrl.N = N:1024 ++Ctrl.r = r:8 ++Ctrl.p = p:16 ++Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640 ++ ++PKEYKDF = scrypt ++Ctrl.hexpass = hexpass:70617373776f7264 ++Ctrl.salt = salt:NaCl ++Ctrl.N = N:1024 ++Ctrl.r = r:8 ++Ctrl.p = p:16 ++Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640 ++ ++PKEYKDF = scrypt ++Ctrl.pass = pass:password ++Ctrl.hexsalt = hexsalt:4e61436c ++Ctrl.N = N:1024 ++Ctrl.r = r:8 ++Ctrl.p = p:16 ++Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640 ++ ++PKEYKDF = scrypt ++Ctrl.pass = pass:pleaseletmein ++Ctrl.salt = salt:SodiumChloride ++Ctrl.N = N:16384 ++Ctrl.r = r:8 ++Ctrl.p = p:1 ++Output = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887 ++ ++# Out of memory ++PKEYKDF = scrypt ++Ctrl.pass = pass:pleaseletmein ++Ctrl.salt = salt:SodiumChloride ++Ctrl.N = N:1048576 ++Ctrl.r = r:8 ++Ctrl.p = p:1 ++Result = INTERNAL_ERROR ++ +diff -up openssl-1.1.1e/test/recipes/30-test_evp_kdf.t.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_kdf.t +--- openssl-1.1.1e/test/recipes/30-test_evp_kdf.t.evp-kdf 2020-03-19 16:04:32.390698450 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp_kdf.t 2020-03-19 16:04:32.390698450 +0100 +@@ -0,0 +1,13 @@ ++#! /usr/bin/env perl ++# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++# Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. ++# ++# Licensed under the Apache License 2.0 (the "License"). You may not use ++# this file except in compliance with the License. You can obtain a copy ++# in the file LICENSE in the source distribution or at ++# https://www.openssl.org/source/license.html ++ ++ ++use OpenSSL::Test::Simple; ++ ++simple_test("test_evp_kdf", "evp_kdf_test"); +diff -up openssl-1.1.1e/test/recipes/30-test_evp.t.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp.t +--- openssl-1.1.1e/test/recipes/30-test_evp.t.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp.t 2020-03-19 16:04:32.390698450 +0100 +@@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT data_file/ + setup("test_evp"); + + my @files = ( "evpciph.txt", "evpdigest.txt", "evpencod.txt", "evpkdf.txt", +- "evpmac.txt", "evppbe.txt", "evppkey.txt", "evppkey_ecc.txt", ++ "evppkey_kdf.txt", "evpmac.txt", "evppbe.txt", "evppkey.txt", "evppkey_ecc.txt", + "evpcase.txt", "evpccmcavs.txt" ); + + plan tests => scalar(@files); +diff -up openssl-1.1.1e/util/libcrypto.num.evp-kdf openssl-1.1.1e/util/libcrypto.num +--- openssl-1.1.1e/util/libcrypto.num.evp-kdf 2020-03-19 16:04:11.263064140 +0100 ++++ openssl-1.1.1e/util/libcrypto.num 2020-03-19 16:04:32.392698415 +0100 +@@ -4622,3 +4622,11 @@ FIPS_drbg_get_strength + FIPS_rand_strength 6380 1_1_0g EXIST::FUNCTION: + FIPS_drbg_get_blocklength 6381 1_1_0g EXIST::FUNCTION: + FIPS_drbg_init 6382 1_1_0g EXIST::FUNCTION: ++EVP_KDF_CTX_new_id 6590 1_1_1b EXIST::FUNCTION: ++EVP_KDF_CTX_free 6591 1_1_1b EXIST::FUNCTION: ++EVP_KDF_reset 6592 1_1_1b EXIST::FUNCTION: ++EVP_KDF_ctrl 6593 1_1_1b EXIST::FUNCTION: ++EVP_KDF_vctrl 6594 1_1_1b EXIST::FUNCTION: ++EVP_KDF_ctrl_str 6595 1_1_1b EXIST::FUNCTION: ++EVP_KDF_size 6596 1_1_1b EXIST::FUNCTION: ++EVP_KDF_derive 6597 1_1_1b EXIST::FUNCTION: +diff -up openssl-1.1.1e/util/private.num.evp-kdf openssl-1.1.1e/util/private.num +--- openssl-1.1.1e/util/private.num.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/util/private.num 2020-03-19 16:04:32.393698398 +0100 +@@ -21,6 +21,7 @@ CRYPTO_EX_dup + CRYPTO_EX_free datatype + CRYPTO_EX_new datatype + DTLS_timer_cb datatype ++EVP_KDF_CTX datatype + EVP_PKEY_gen_cb datatype + EVP_PKEY_METHOD datatype + EVP_PKEY_ASN1_METHOD datatype diff --git a/thirdparty/openssl/patches/openssl-1.1.1-fips-crng-test.patch b/thirdparty/openssl/patches/openssl-1.1.1-fips-crng-test.patch new file mode 100644 index 000000000..de7af086f --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-fips-crng-test.patch @@ -0,0 +1,408 @@ +diff -ruN a/crypto/rand/build.info b/crypto/rand/build.info +--- a/crypto/rand/build.info 2020-11-19 05:59:09.484421138 +0000 ++++ b/crypto/rand/build.info 2020-11-19 05:59:54.244422401 +0000 +@@ -1,6 +1,6 @@ + LIBS=../../libcrypto + SOURCE[../../libcrypto]=\ +- randfile.c rand_lib.c rand_err.c rand_egd.c \ ++ randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \ + rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c drbg_selftest.c + + INCLUDE[drbg_ctr.o]=../modes +diff -up openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test openssl-1.1.1g/crypto/rand/drbg_lib.c +--- openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test 2020-04-23 13:30:45.818390686 +0200 ++++ openssl-1.1.1g/crypto/rand/drbg_lib.c 2020-04-23 13:30:45.864389819 +0200 +@@ -67,7 +67,7 @@ static CRYPTO_THREAD_LOCAL private_drbg; + + + /* NIST SP 800-90A DRBG recommends the use of a personalization string. */ +-static const char ossl_pers_string[] = "OpenSSL NIST SP 800-90A DRBG"; ++static const char ossl_pers_string[] = DRBG_DEFAULT_PERS_STRING; + + static CRYPTO_ONCE rand_drbg_init = CRYPTO_ONCE_STATIC_INIT; + +@@ -201,8 +201,13 @@ static RAND_DRBG *rand_drbg_new(int secu + drbg->parent = parent; + + if (parent == NULL) { ++#ifdef OPENSSL_FIPS ++ drbg->get_entropy = rand_crngt_get_entropy; ++ drbg->cleanup_entropy = rand_crngt_cleanup_entropy; ++#else + drbg->get_entropy = rand_drbg_get_entropy; + drbg->cleanup_entropy = rand_drbg_cleanup_entropy; ++#endif + #ifndef RAND_DRBG_GET_RANDOM_NONCE + drbg->get_nonce = rand_drbg_get_nonce; + drbg->cleanup_nonce = rand_drbg_cleanup_nonce; +diff -up openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1g/crypto/rand/rand_crng_test.c +--- openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test 2020-04-23 13:30:45.864389819 +0200 ++++ openssl-1.1.1g/crypto/rand/rand_crng_test.c 2020-04-23 13:30:45.864389819 +0200 +@@ -0,0 +1,118 @@ ++/* ++ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++/* ++ * Implementation of the FIPS 140-2 section 4.9.2 Conditional Tests. ++ */ ++ ++#include ++#include ++#include "crypto/rand.h" ++#include "internal/thread_once.h" ++#include "rand_local.h" ++ ++static RAND_POOL *crngt_pool; ++static unsigned char crngt_prev[EVP_MAX_MD_SIZE]; ++ ++int (*crngt_get_entropy)(unsigned char *, unsigned char *, unsigned int *) ++ = &rand_crngt_get_entropy_cb; ++ ++int rand_crngt_get_entropy_cb(unsigned char *buf, unsigned char *md, ++ unsigned int *md_size) ++{ ++ int r; ++ size_t n; ++ unsigned char *p; ++ ++ n = rand_pool_acquire_entropy(crngt_pool); ++ if (n >= CRNGT_BUFSIZ) { ++ p = rand_pool_detach(crngt_pool); ++ r = EVP_Digest(p, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL); ++ if (r != 0) ++ memcpy(buf, p, CRNGT_BUFSIZ); ++ rand_pool_reattach(crngt_pool, p); ++ return r; ++ } ++ return 0; ++} ++ ++void rand_crngt_cleanup(void) ++{ ++ rand_pool_free(crngt_pool); ++ crngt_pool = NULL; ++} ++ ++int rand_crngt_init(void) ++{ ++ unsigned char buf[CRNGT_BUFSIZ]; ++ ++ if ((crngt_pool = rand_pool_new(0, 1, CRNGT_BUFSIZ, CRNGT_BUFSIZ)) == NULL) ++ return 0; ++ if (crngt_get_entropy(buf, crngt_prev, NULL)) { ++ OPENSSL_cleanse(buf, sizeof(buf)); ++ return 1; ++ } ++ rand_crngt_cleanup(); ++ return 0; ++} ++ ++static CRYPTO_ONCE rand_crngt_init_flag = CRYPTO_ONCE_STATIC_INIT; ++DEFINE_RUN_ONCE_STATIC(do_rand_crngt_init) ++{ ++ return OPENSSL_init_crypto(0, NULL) ++ && rand_crngt_init() ++ && OPENSSL_atexit(&rand_crngt_cleanup); ++} ++ ++int rand_crngt_single_init(void) ++{ ++ return RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init); ++} ++ ++size_t rand_crngt_get_entropy(RAND_DRBG *drbg, ++ unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len, ++ int prediction_resistance) ++{ ++ unsigned char buf[CRNGT_BUFSIZ], md[EVP_MAX_MD_SIZE]; ++ unsigned int sz; ++ RAND_POOL *pool; ++ size_t q, r = 0, s, t = 0; ++ int attempts = 3; ++ ++ if (!RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init)) ++ return 0; ++ ++ if ((pool = rand_pool_new(entropy, 1, min_len, max_len)) == NULL) ++ return 0; ++ ++ while ((q = rand_pool_bytes_needed(pool, 1)) > 0 && attempts-- > 0) { ++ s = q > sizeof(buf) ? sizeof(buf) : q; ++ if (!crngt_get_entropy(buf, md, &sz) ++ || memcmp(crngt_prev, md, sz) == 0 ++ || !rand_pool_add(pool, buf, s, s * 8)) ++ goto err; ++ memcpy(crngt_prev, md, sz); ++ t += s; ++ attempts++; ++ } ++ r = t; ++ *pout = rand_pool_detach(pool); ++err: ++ OPENSSL_cleanse(buf, sizeof(buf)); ++ rand_pool_free(pool); ++ return r; ++} ++ ++void rand_crngt_cleanup_entropy(RAND_DRBG *drbg, ++ unsigned char *out, size_t outlen) ++{ ++ OPENSSL_secure_clear_free(out, outlen); ++} +diff -up openssl-1.1.1g/crypto/rand/rand_local.h.crng-test openssl-1.1.1g/crypto/rand/rand_local.h +--- openssl-1.1.1g/crypto/rand/rand_local.h.crng-test 2020-04-23 13:30:45.470397250 +0200 ++++ openssl-1.1.1g/crypto/rand/rand_local.h 2020-04-23 13:30:45.864389819 +0200 +@@ -33,7 +33,15 @@ + # define MASTER_RESEED_TIME_INTERVAL (60*60) /* 1 hour */ + # define SLAVE_RESEED_TIME_INTERVAL (7*60) /* 7 minutes */ + +- ++/* ++ * The number of bytes that constitutes an atomic lump of entropy with respect ++ * to the FIPS 140-2 section 4.9.2 Conditional Tests. The size is somewhat ++ * arbitrary, the smaller the value, the less entropy is consumed on first ++ * read but the higher the probability of the test failing by accident. ++ * ++ * The value is in bytes. ++ */ ++#define CRNGT_BUFSIZ 16 + + /* + * Maximum input size for the DRBG (entropy, nonce, personalization string) +@@ -44,6 +52,8 @@ + */ + # define DRBG_MAX_LENGTH INT32_MAX + ++/* The default nonce */ ++# define DRBG_DEFAULT_PERS_STRING "OpenSSL NIST SP 800-90A DRBG" + + /* + * Maximum allocation size for RANDOM_POOL buffers +@@ -296,4 +306,22 @@ int rand_drbg_enable_locking(RAND_DRBG * + /* initializes the AES-CTR DRBG implementation */ + int drbg_ctr_init(RAND_DRBG *drbg); + ++/* ++ * Entropy call back for the FIPS 140-2 section 4.9.2 Conditional Tests. ++ * These need to be exposed for the unit tests. ++ */ ++int rand_crngt_get_entropy_cb(unsigned char *buf, unsigned char *md, ++ unsigned int *md_size); ++extern int (*crngt_get_entropy)(unsigned char *buf, unsigned char *md, ++ unsigned int *md_size); ++int rand_crngt_init(void); ++void rand_crngt_cleanup(void); ++ ++/* ++ * Expose the run once initialisation function for the unit tests because. ++ * they need to restart from scratch to validate the first block is skipped ++ * properly. ++ */ ++int rand_crngt_single_init(void); ++ + #endif +diff -up openssl-1.1.1g/include/crypto/rand.h.crng-test openssl-1.1.1g/include/crypto/rand.h +--- openssl-1.1.1g/include/crypto/rand.h.crng-test 2020-04-23 13:30:45.824390573 +0200 ++++ openssl-1.1.1g/include/crypto/rand.h 2020-04-23 13:30:45.864389819 +0200 +@@ -49,6 +49,14 @@ size_t rand_drbg_get_additional_data(RAN + + void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out); + ++/* CRNG test entropy filter callbacks. */ ++size_t rand_crngt_get_entropy(RAND_DRBG *drbg, ++ unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len, ++ int prediction_resistance); ++void rand_crngt_cleanup_entropy(RAND_DRBG *drbg, ++ unsigned char *out, size_t outlen); ++ + /* + * RAND_POOL functions + */ +diff -up openssl-1.1.1g/test/drbgtest.c.crng-test openssl-1.1.1g/test/drbgtest.c +--- openssl-1.1.1g/test/drbgtest.c.crng-test 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/test/drbgtest.c 2020-04-23 13:30:45.865389800 +0200 +@@ -150,6 +150,31 @@ static size_t kat_nonce(RAND_DRBG *drbg, + return t->noncelen; + } + ++ /* ++ * Disable CRNG testing if it is enabled. ++ * If the DRBG is ready or in an error state, this means an instantiate cycle ++ * for which the default personalisation string is used. ++ */ ++static int disable_crngt(RAND_DRBG *drbg) ++{ ++ static const char pers[] = DRBG_DEFAULT_PERS_STRING; ++ const int instantiate = drbg->state != DRBG_UNINITIALISED; ++ ++ if (drbg->get_entropy != rand_crngt_get_entropy) ++ return 1; ++ ++ if ((instantiate && !RAND_DRBG_uninstantiate(drbg)) ++ || !TEST_true(RAND_DRBG_set_callbacks(drbg, &rand_drbg_get_entropy, ++ &rand_drbg_cleanup_entropy, ++ &rand_drbg_get_nonce, ++ &rand_drbg_cleanup_nonce)) ++ || (instantiate ++ && !RAND_DRBG_instantiate(drbg, (const unsigned char *)pers, ++ sizeof(pers) - 1))) ++ return 0; ++ return 1; ++} ++ + static int uninstantiate(RAND_DRBG *drbg) + { + int ret = drbg == NULL ? 1 : RAND_DRBG_uninstantiate(drbg); +@@ -175,7 +200,8 @@ static int single_kat(DRBG_SELFTEST_DATA + if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, td->flags, NULL))) + return 0; + if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, +- kat_nonce, NULL))) { ++ kat_nonce, NULL)) ++ || !TEST_true(disable_crngt(drbg))) { + failures++; + goto err; + } +@@ -293,7 +319,8 @@ static int error_check(DRBG_SELFTEST_DAT + unsigned int reseed_counter_tmp; + int ret = 0; + +- if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL))) ++ if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL)) ++ || !TEST_true(disable_crngt(drbg))) + goto err; + + /* +@@ -740,6 +767,10 @@ static int test_rand_drbg_reseed(void) + || !TEST_ptr_eq(private->parent, master)) + return 0; + ++ /* Disable CRNG testing for the master DRBG */ ++ if (!TEST_true(disable_crngt(master))) ++ return 0; ++ + /* uninstantiate the three global DRBGs */ + RAND_DRBG_uninstantiate(private); + RAND_DRBG_uninstantiate(public); +@@ -964,7 +995,8 @@ static int test_rand_seed(void) + size_t rand_buflen; + size_t required_seed_buflen = 0; + +- if (!TEST_ptr(master = RAND_DRBG_get0_master())) ++ if (!TEST_ptr(master = RAND_DRBG_get0_master()) ++ || !TEST_true(disable_crngt(master))) + return 0; + + #ifdef OPENSSL_RAND_SEED_NONE +@@ -1013,6 +1045,95 @@ static int test_rand_add(void) + return 1; + } + ++/* ++ * A list of the FIPS DRGB types. ++ */ ++static const struct s_drgb_types { ++ int nid; ++ int flags; ++} drgb_types[] = { ++ { NID_aes_128_ctr, 0 }, ++ { NID_aes_192_ctr, 0 }, ++ { NID_aes_256_ctr, 0 }, ++}; ++ ++/* Six cases for each covers seed sizes up to 32 bytes */ ++static const size_t crngt_num_cases = 6; ++ ++static size_t crngt_case, crngt_idx; ++ ++static int crngt_entropy_cb(unsigned char *buf, unsigned char *md, ++ unsigned int *md_size) ++{ ++ size_t i, z; ++ ++ if (!TEST_int_lt(crngt_idx, crngt_num_cases)) ++ return 0; ++ /* Generate a block of unique data unless this is the duplication point */ ++ z = crngt_idx++; ++ if (z > 0 && crngt_case == z) ++ z--; ++ for (i = 0; i < CRNGT_BUFSIZ; i++) ++ buf[i] = (unsigned char)(i + 'A' + z); ++ return EVP_Digest(buf, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL); ++} ++ ++static int test_crngt(int n) ++{ ++ const struct s_drgb_types *dt = drgb_types + n / crngt_num_cases; ++ RAND_DRBG *drbg = NULL; ++ unsigned char buff[100]; ++ size_t ent; ++ int res = 0; ++ int expect; ++ ++ if (!TEST_true(rand_crngt_single_init())) ++ return 0; ++ rand_crngt_cleanup(); ++ ++ if (!TEST_ptr(drbg = RAND_DRBG_new(dt->nid, dt->flags, NULL))) ++ return 0; ++ ent = (drbg->min_entropylen + CRNGT_BUFSIZ - 1) / CRNGT_BUFSIZ; ++ crngt_case = n % crngt_num_cases; ++ crngt_idx = 0; ++ crngt_get_entropy = &crngt_entropy_cb; ++ if (!TEST_true(rand_crngt_init())) ++ goto err; ++#ifndef OPENSSL_FIPS ++ if (!TEST_true(RAND_DRBG_set_callbacks(drbg, &rand_crngt_get_entropy, ++ &rand_crngt_cleanup_entropy, ++ &rand_drbg_get_nonce, ++ &rand_drbg_cleanup_nonce))) ++ goto err; ++#endif ++ expect = crngt_case == 0 || crngt_case > ent; ++ if (!TEST_int_eq(RAND_DRBG_instantiate(drbg, NULL, 0), expect)) ++ goto err; ++ if (!expect) ++ goto fin; ++ if (!TEST_true(RAND_DRBG_generate(drbg, buff, sizeof(buff), 0, NULL, 0))) ++ goto err; ++ ++ expect = crngt_case == 0 || crngt_case > 2 * ent; ++ if (!TEST_int_eq(RAND_DRBG_reseed(drbg, NULL, 0, 0), expect)) ++ goto err; ++ if (!expect) ++ goto fin; ++ if (!TEST_true(RAND_DRBG_generate(drbg, buff, sizeof(buff), 0, NULL, 0))) ++ goto err; ++ ++fin: ++ res = 1; ++err: ++ if (!res) ++ TEST_note("DRBG %zd case %zd block %zd", n / crngt_num_cases, ++ crngt_case, crngt_idx); ++ uninstantiate(drbg); ++ RAND_DRBG_free(drbg); ++ crngt_get_entropy = &rand_crngt_get_entropy_cb; ++ return res; ++} ++ + int setup_tests(void) + { + app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL); +@@ -1025,5 +1146,6 @@ int setup_tests(void) + #if defined(OPENSSL_THREADS) + ADD_TEST(test_multi_thread); + #endif ++ ADD_ALL_TESTS(test_crngt, crngt_num_cases * OSSL_NELEM(drgb_types)); + return 1; + } diff --git a/thirdparty/openssl/patches/openssl-1.1.1-fips-curves.patch b/thirdparty/openssl/patches/openssl-1.1.1-fips-curves.patch new file mode 100644 index 000000000..2e59bcffc --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-fips-curves.patch @@ -0,0 +1,196 @@ +diff -up openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves openssl-1.1.1g/crypto/ec/ec_curve.c +--- openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves 2020-05-18 12:59:54.839643980 +0200 ++++ openssl-1.1.1g/crypto/ec/ec_curve.c 2020-05-18 12:59:54.852644093 +0200 +@@ -13,6 +13,7 @@ + #include + #include + #include ++#include + #include "internal/nelem.h" + + typedef struct { +@@ -237,6 +238,7 @@ + + typedef struct _ec_list_element_st { + int nid; ++ int fips_allowed; + const EC_CURVE_DATA *data; + const EC_METHOD *(*meth) (void); + const char *comment; +@@ -246,26 +248,26 @@ + /* prime field curves */ + /* secg curves */ + #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 +- {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, ++ {NID_secp224r1, 1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, + "NIST/SECG curve over a 224 bit prime field"}, + #else +- {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0, ++ {NID_secp224r1, 1, &_EC_NIST_PRIME_224.h, 0, + "NIST/SECG curve over a 224 bit prime field"}, + #endif +- {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, ++ {NID_secp256k1, 0, &_EC_SECG_PRIME_256K1.h, 0, + "SECG curve over a 256 bit prime field"}, + /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ +- {NID_secp384r1, &_EC_NIST_PRIME_384.h, 0, ++ {NID_secp384r1, 1, &_EC_NIST_PRIME_384.h, 0, + "NIST/SECG curve over a 384 bit prime field"}, + #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 +- {NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method, ++ {NID_secp521r1, 1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method, + "NIST/SECG curve over a 521 bit prime field"}, + #else +- {NID_secp521r1, &_EC_NIST_PRIME_521.h, 0, ++ {NID_secp521r1, 1, &_EC_NIST_PRIME_521.h, 0, + "NIST/SECG curve over a 521 bit prime field"}, + #endif + /* X9.62 curves */ +- {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, ++ {NID_X9_62_prime256v1, 1, &_EC_X9_62_PRIME_256V1.h, + #if defined(ECP_NISTZ256_ASM) + EC_GFp_nistz256_method, + #elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) +@@ -404,6 +406,10 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int + + for (i = 0; i < curve_list_length; i++) + if (curve_list[i].nid == nid) { ++ if (!curve_list[i].fips_allowed && FIPS_mode()) { ++ ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_NOT_A_NIST_PRIME); ++ return NULL; ++ } + ret = ec_group_new_from_data(curve_list[i]); + break; + } +@@ -418,19 +424,31 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int + + size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems) + { +- size_t i, min; ++ size_t i, j, num; ++ int fips_mode = FIPS_mode(); + +- if (r == NULL || nitems == 0) +- return curve_list_length; ++ num = curve_list_length; ++ if (fips_mode) ++ for (i = 0; i < curve_list_length; i++) { ++ if (!curve_list[i].fips_allowed) ++ --num; ++ } + +- min = nitems < curve_list_length ? nitems : curve_list_length; ++ if (r == NULL || nitems == 0) { ++ return num; ++ } + +- for (i = 0; i < min; i++) { +- r[i].nid = curve_list[i].nid; +- r[i].comment = curve_list[i].comment; ++ for (i = 0, j = 0; i < curve_list_length; i++) { ++ if (j >= nitems) ++ break; ++ if (!fips_mode || curve_list[i].fips_allowed) { ++ r[j].nid = curve_list[i].nid; ++ r[j].comment = curve_list[i].comment; ++ ++j; ++ } + } + +- return curve_list_length; ++ return num; + } + + /* Functions to translate between common NIST curve names and NIDs */ +diff -up openssl-1.1.1g/ssl/t1_lib.c.fips-curves openssl-1.1.1g/ssl/t1_lib.c +--- openssl-1.1.1g/ssl/t1_lib.c.fips-curves 2020-05-18 12:59:54.797643616 +0200 ++++ openssl-1.1.1g/ssl/t1_lib.c 2020-05-18 13:03:54.748725463 +0200 +@@ -678,6 +678,36 @@ static const uint16_t tls12_sigalgs[] = + #endif + }; + ++static const uint16_t tls12_fips_sigalgs[] = { ++#ifndef OPENSSL_NO_EC ++ TLSEXT_SIGALG_ecdsa_secp256r1_sha256, ++ TLSEXT_SIGALG_ecdsa_secp384r1_sha384, ++ TLSEXT_SIGALG_ecdsa_secp521r1_sha512, ++#endif ++ ++ TLSEXT_SIGALG_rsa_pss_pss_sha256, ++ TLSEXT_SIGALG_rsa_pss_pss_sha384, ++ TLSEXT_SIGALG_rsa_pss_pss_sha512, ++ TLSEXT_SIGALG_rsa_pss_rsae_sha256, ++ TLSEXT_SIGALG_rsa_pss_rsae_sha384, ++ TLSEXT_SIGALG_rsa_pss_rsae_sha512, ++ ++ TLSEXT_SIGALG_rsa_pkcs1_sha256, ++ TLSEXT_SIGALG_rsa_pkcs1_sha384, ++ TLSEXT_SIGALG_rsa_pkcs1_sha512, ++ ++#ifndef OPENSSL_NO_EC ++ TLSEXT_SIGALG_ecdsa_sha224, ++#endif ++ TLSEXT_SIGALG_rsa_pkcs1_sha224, ++#ifndef OPENSSL_NO_DSA ++ TLSEXT_SIGALG_dsa_sha224, ++ TLSEXT_SIGALG_dsa_sha256, ++ TLSEXT_SIGALG_dsa_sha384, ++ TLSEXT_SIGALG_dsa_sha512, ++#endif ++}; ++ + #ifndef OPENSSL_NO_EC + static const uint16_t suiteb_sigalgs[] = { + TLSEXT_SIGALG_ecdsa_secp256r1_sha256, +@@ -894,6 +924,8 @@ static const SIGALG_LOOKUP *tls1_get_leg + } + if (idx < 0 || idx >= (int)OSSL_NELEM(tls_default_sigalg)) + return NULL; ++ if (FIPS_mode()) /* We do not allow legacy SHA1 signatures in FIPS mode */ ++ return NULL; + if (SSL_USE_SIGALGS(s) || idx != SSL_PKEY_RSA) { + const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(tls_default_sigalg[idx]); + +@@ -954,6 +986,9 @@ size_t tls12_get_psigalgs(SSL *s, int se + } else if (s->cert->conf_sigalgs) { + *psigs = s->cert->conf_sigalgs; + return s->cert->conf_sigalgslen; ++ } else if (FIPS_mode()) { ++ *psigs = tls12_fips_sigalgs; ++ return OSSL_NELEM(tls12_fips_sigalgs); + } else { + *psigs = tls12_sigalgs; + return OSSL_NELEM(tls12_sigalgs); +@@ -973,6 +1008,9 @@ int tls_check_sigalg_curve(const SSL *s, + if (s->cert->conf_sigalgs) { + sigs = s->cert->conf_sigalgs; + siglen = s->cert->conf_sigalgslen; ++ } else if (FIPS_mode()) { ++ sigs = tls12_fips_sigalgs; ++ siglen = OSSL_NELEM(tls12_fips_sigalgs); + } else { + sigs = tls12_sigalgs; + siglen = OSSL_NELEM(tls12_sigalgs); +@@ -1617,6 +1655,8 @@ static int tls12_sigalg_allowed(const SS + if (lu->sig == NID_id_GostR3410_2012_256 + || lu->sig == NID_id_GostR3410_2012_512 + || lu->sig == NID_id_GostR3410_2001) { ++ if (FIPS_mode()) ++ return 0; + /* We never allow GOST sig algs on the server with TLSv1.3 */ + if (s->server && SSL_IS_TLS13(s)) + return 0; +@@ -2842,6 +2882,13 @@ int tls_choose_sigalg(SSL *s, int fatale + const uint16_t *sent_sigs; + size_t sent_sigslen; + ++ if (fatalerrs && FIPS_mode()) { ++ /* There are no suitable legacy algorithms in FIPS mode */ ++ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, ++ SSL_F_TLS_CHOOSE_SIGALG, ++ SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM); ++ return 0; ++ } + if ((lu = tls1_get_legacy_sigalg(s, -1)) == NULL) { + if (!fatalerrs) + return 1; diff --git a/thirdparty/openssl/patches/openssl-1.1.1-fips-dh.patch b/thirdparty/openssl/patches/openssl-1.1.1-fips-dh.patch new file mode 100644 index 000000000..ff895d565 --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-fips-dh.patch @@ -0,0 +1,2731 @@ +diff -up openssl-1.1.1g/crypto/bn/bn_const.c.fips-dh openssl-1.1.1g/crypto/bn/bn_const.c +--- openssl-1.1.1g/crypto/bn/bn_const.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/bn/bn_const.c 2020-07-17 10:36:29.245788441 +0200 +@@ -1,13 +1,17 @@ + /* +- * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved. + * +- * Licensed under the OpenSSL license (the "License"). You may not use ++ * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + + #include ++#include "crypto/bn_dh.h" ++ ++#define COPY_BN(dst, src) (dst != NULL) ? BN_copy(dst, &src) : BN_dup(&src) ++ + + /*- + * "First Oakley Default Group" from RFC2409, section 6.1. +@@ -80,33 +84,7 @@ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM + + BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn) + { +- static const unsigned char RFC3526_PRIME_1536[] = { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, +- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, +- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, +- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, +- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, +- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, +- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, +- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, +- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, +- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, +- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, +- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, +- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, +- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, +- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, +- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, +- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, +- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, +- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, +- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, +- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, +- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x23, 0x73, 0x27, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- }; +- return BN_bin2bn(RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), bn); ++ return COPY_BN(bn, _bignum_modp_1536_p); + } + + /*- +@@ -119,41 +97,7 @@ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM + + BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn) + { +- static const unsigned char RFC3526_PRIME_2048[] = { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, +- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, +- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, +- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, +- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, +- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, +- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, +- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, +- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, +- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, +- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, +- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, +- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, +- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, +- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, +- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, +- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, +- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, +- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, +- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, +- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, +- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, +- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, +- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, +- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, +- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, +- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, +- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, +- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, +- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- }; +- return BN_bin2bn(RFC3526_PRIME_2048, sizeof(RFC3526_PRIME_2048), bn); ++ return COPY_BN(bn, _bignum_modp_2048_p); + } + + /*- +@@ -166,57 +110,7 @@ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM + + BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn) + { +- static const unsigned char RFC3526_PRIME_3072[] = { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, +- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, +- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, +- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, +- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, +- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, +- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, +- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, +- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, +- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, +- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, +- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, +- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, +- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, +- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, +- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, +- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, +- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, +- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, +- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, +- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, +- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, +- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, +- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, +- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, +- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, +- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, +- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, +- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, +- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, +- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, +- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, +- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, +- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, +- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, +- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, +- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, +- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, +- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, +- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, +- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, +- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, +- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, +- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, +- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, +- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- }; +- return BN_bin2bn(RFC3526_PRIME_3072, sizeof(RFC3526_PRIME_3072), bn); ++ return COPY_BN(bn, _bignum_modp_3072_p); + } + + /*- +@@ -229,73 +123,7 @@ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM + + BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn) + { +- static const unsigned char RFC3526_PRIME_4096[] = { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, +- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, +- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, +- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, +- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, +- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, +- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, +- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, +- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, +- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, +- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, +- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, +- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, +- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, +- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, +- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, +- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, +- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, +- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, +- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, +- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, +- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, +- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, +- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, +- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, +- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, +- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, +- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, +- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, +- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, +- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, +- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, +- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, +- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, +- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, +- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, +- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, +- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, +- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, +- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, +- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, +- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, +- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, +- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, +- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, +- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, +- 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, +- 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, +- 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, +- 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, +- 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, +- 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, +- 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, +- 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, +- 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, +- 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, +- 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, +- 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, +- 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, +- 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, +- 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, +- 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- }; +- return BN_bin2bn(RFC3526_PRIME_4096, sizeof(RFC3526_PRIME_4096), bn); ++ return COPY_BN(bn, _bignum_modp_4096_p); + } + + /*- +@@ -308,105 +136,7 @@ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM + + BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn) + { +- static const unsigned char RFC3526_PRIME_6144[] = { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, +- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, +- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, +- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, +- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, +- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, +- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, +- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, +- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, +- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, +- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, +- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, +- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, +- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, +- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, +- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, +- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, +- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, +- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, +- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, +- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, +- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, +- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, +- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, +- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, +- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, +- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, +- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, +- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, +- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, +- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, +- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, +- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, +- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, +- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, +- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, +- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, +- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, +- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, +- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, +- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, +- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, +- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, +- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, +- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, +- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, +- 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, +- 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, +- 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, +- 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, +- 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, +- 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, +- 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, +- 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, +- 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, +- 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, +- 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, +- 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, +- 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, +- 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, +- 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, +- 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92, +- 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, +- 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, 0x46, 0xDE, +- 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD, +- 0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, +- 0xE5, 0xDB, 0x38, 0x2F, 0x41, 0x30, 0x01, 0xAE, +- 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, +- 0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, +- 0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, 0xED, +- 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B, +- 0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, +- 0x33, 0x20, 0x51, 0x51, 0x2B, 0xD7, 0xAF, 0x42, +- 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF, +- 0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, +- 0xF0, 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03, +- 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6, +- 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, +- 0xB5, 0xA8, 0x40, 0x31, 0x90, 0x0B, 0x1C, 0x9E, +- 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3, +- 0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, +- 0x0F, 0x1D, 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, +- 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA, +- 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, +- 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, 0x37, 0xE0, +- 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28, +- 0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, +- 0xF5, 0x50, 0xAA, 0x3D, 0x8A, 0x1F, 0xBF, 0xF0, +- 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, +- 0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, +- 0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, 0x68, +- 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE, +- 0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, +- 0xE6, 0x94, 0xF9, 0x1E, 0x6D, 0xCC, 0x40, 0x24, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- }; +- return BN_bin2bn(RFC3526_PRIME_6144, sizeof(RFC3526_PRIME_6144), bn); ++ return COPY_BN(bn, _bignum_modp_6144_p); + } + + /*- +@@ -419,135 +149,5 @@ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM + + BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn) + { +- static const unsigned char RFC3526_PRIME_8192[] = { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, +- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, +- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, +- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, +- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, +- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, +- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, +- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, +- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, +- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, +- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, +- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, +- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, +- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, +- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, +- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, +- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, +- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, +- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, +- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, +- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, +- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, +- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, +- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, +- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, +- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, +- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, +- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, +- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, +- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, +- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, +- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, +- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, +- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, +- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, +- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, +- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, +- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, +- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, +- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, +- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, +- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, +- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, +- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, +- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, +- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, +- 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, +- 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, +- 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, +- 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, +- 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, +- 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, +- 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, +- 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, +- 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, +- 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, +- 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, +- 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, +- 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, +- 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, +- 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, +- 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92, +- 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, +- 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, 0x46, 0xDE, +- 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD, +- 0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, +- 0xE5, 0xDB, 0x38, 0x2F, 0x41, 0x30, 0x01, 0xAE, +- 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, +- 0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, +- 0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, 0xED, +- 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B, +- 0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, +- 0x33, 0x20, 0x51, 0x51, 0x2B, 0xD7, 0xAF, 0x42, +- 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF, +- 0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, +- 0xF0, 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03, +- 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6, +- 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, +- 0xB5, 0xA8, 0x40, 0x31, 0x90, 0x0B, 0x1C, 0x9E, +- 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3, +- 0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, +- 0x0F, 0x1D, 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, +- 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA, +- 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, +- 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, 0x37, 0xE0, +- 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28, +- 0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, +- 0xF5, 0x50, 0xAA, 0x3D, 0x8A, 0x1F, 0xBF, 0xF0, +- 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, +- 0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, +- 0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, 0x68, +- 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE, +- 0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, +- 0xE6, 0x94, 0xF9, 0x1E, 0x6D, 0xBE, 0x11, 0x59, +- 0x74, 0xA3, 0x92, 0x6F, 0x12, 0xFE, 0xE5, 0xE4, +- 0x38, 0x77, 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C, +- 0xD8, 0xBE, 0xC4, 0xD0, 0x73, 0xB9, 0x31, 0xBA, +- 0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3, 0x00, +- 0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC, 0x47, 0xED, +- 0x25, 0x76, 0xF6, 0x93, 0x6B, 0xA4, 0x24, 0x66, +- 0x3A, 0xAB, 0x63, 0x9C, 0x5A, 0xE4, 0xF5, 0x68, +- 0x34, 0x23, 0xB4, 0x74, 0x2B, 0xF1, 0xC9, 0x78, +- 0x23, 0x8F, 0x16, 0xCB, 0xE3, 0x9D, 0x65, 0x2D, +- 0xE3, 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9, +- 0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C, 0x07, +- 0x13, 0xEB, 0x57, 0xA8, 0x1A, 0x23, 0xF0, 0xC7, +- 0x34, 0x73, 0xFC, 0x64, 0x6C, 0xEA, 0x30, 0x6B, +- 0x4B, 0xCB, 0xC8, 0x86, 0x2F, 0x83, 0x85, 0xDD, +- 0xFA, 0x9D, 0x4B, 0x7F, 0xA2, 0xC0, 0x87, 0xE8, +- 0x79, 0x68, 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A, +- 0x06, 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6, +- 0x6D, 0x2A, 0x13, 0xF8, 0x3F, 0x44, 0xF8, 0x2D, +- 0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB, 0x6A, 0x36, +- 0x45, 0x97, 0xE8, 0x99, 0xA0, 0x25, 0x5D, 0xC1, +- 0x64, 0xF3, 0x1C, 0xC5, 0x08, 0x46, 0x85, 0x1D, +- 0xF9, 0xAB, 0x48, 0x19, 0x5D, 0xED, 0x7E, 0xA1, +- 0xB1, 0xD5, 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73, +- 0xFA, 0xF3, 0x6B, 0xC3, 0x1E, 0xCF, 0xA2, 0x68, +- 0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F, 0x92, +- 0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C, 0x6C, 0xD7, +- 0x88, 0x9A, 0x00, 0x2E, 0xD5, 0xEE, 0x38, 0x2B, +- 0xC9, 0x19, 0x0D, 0xA6, 0xFC, 0x02, 0x6E, 0x47, +- 0x95, 0x58, 0xE4, 0x47, 0x56, 0x77, 0xE9, 0xAA, +- 0x9E, 0x30, 0x50, 0xE2, 0x76, 0x56, 0x94, 0xDF, +- 0xC8, 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71, +- 0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3, 0xDF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- }; +- return BN_bin2bn(RFC3526_PRIME_8192, sizeof(RFC3526_PRIME_8192), bn); ++ return COPY_BN(bn, _bignum_modp_8192_p); + } +diff -up openssl-1.1.1g/crypto/bn/bn_dh.c.fips-dh openssl-1.1.1g/crypto/bn/bn_dh.c +--- openssl-1.1.1g/crypto/bn/bn_dh.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/bn/bn_dh.c 2020-07-17 10:36:29.246788449 +0200 +@@ -1,7 +1,7 @@ + /* +- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved. + * +- * Licensed under the OpenSSL license (the "License"). You may not use ++ * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html +@@ -11,474 +11,995 @@ + #include "internal/nelem.h" + + #ifndef OPENSSL_NO_DH +-#include +-#include "crypto/bn_dh.h" +-/* DH parameters from RFC5114 */ ++# include ++# include "crypto/bn_dh.h" + + # if BN_BITS2 == 64 +-static const BN_ULONG dh1024_160_p[] = { +- 0xDF1FB2BC2E4A4371ULL, 0xE68CFDA76D4DA708ULL, 0x45BF37DF365C1A65ULL, +- 0xA151AF5F0DC8B4BDULL, 0xFAA31A4FF55BCCC0ULL, 0x4EFFD6FAE5644738ULL, +- 0x98488E9C219A7372ULL, 0xACCBDD7D90C4BD70ULL, 0x24975C3CD49B83BFULL, +- 0x13ECB4AEA9061123ULL, 0x9838EF1E2EE652C0ULL, 0x6073E28675A23D18ULL, +- 0x9A6A9DCA52D23B61ULL, 0x52C99FBCFB06A3C6ULL, 0xDE92DE5EAE5D54ECULL, +- 0xB10B8F96A080E01DULL +-}; +- +-static const BN_ULONG dh1024_160_g[] = { +- 0x855E6EEB22B3B2E5ULL, 0x858F4DCEF97C2A24ULL, 0x2D779D5918D08BC8ULL, +- 0xD662A4D18E73AFA3ULL, 0x1DBF0A0169B6A28AULL, 0xA6A24C087A091F53ULL, +- 0x909D0D2263F80A76ULL, 0xD7FBD7D3B9A92EE1ULL, 0x5E91547F9E2749F4ULL, +- 0x160217B4B01B886AULL, 0x777E690F5504F213ULL, 0x266FEA1E5C41564BULL, +- 0xD6406CFF14266D31ULL, 0xF8104DD258AC507FULL, 0x6765A442EFB99905ULL, +- 0xA4D1CBD5C3FD3412ULL +-}; +- +-static const BN_ULONG dh1024_160_q[] = { +- 0x64B7CB9D49462353ULL, 0x81A8DF278ABA4E7DULL, 0x00000000F518AA87ULL +-}; +- +-static const BN_ULONG dh2048_224_p[] = { +- 0x0AC4DFFE0C10E64FULL, 0xCF9DE5384E71B81CULL, 0x7EF363E2FFA31F71ULL, +- 0xE3FB73C16B8E75B9ULL, 0xC9B53DCF4BA80A29ULL, 0x23F10B0E16E79763ULL, +- 0xC52172E413042E9BULL, 0xBE60E69CC928B2B9ULL, 0x80CD86A1B9E587E8ULL, +- 0x315D75E198C641A4ULL, 0xCDF93ACC44328387ULL, 0x15987D9ADC0A486DULL, +- 0x7310F7121FD5A074ULL, 0x278273C7DE31EFDCULL, 0x1602E714415D9330ULL, +- 0x81286130BC8985DBULL, 0xB3BF8A3170918836ULL, 0x6A00E0A0B9C49708ULL, +- 0xC6BA0B2C8BBC27BEULL, 0xC9F98D11ED34DBF6ULL, 0x7AD5B7D0B6C12207ULL, +- 0xD91E8FEF55B7394BULL, 0x9037C9EDEFDA4DF8ULL, 0x6D3F8152AD6AC212ULL, +- 0x1DE6B85A1274A0A6ULL, 0xEB3D688A309C180EULL, 0xAF9A3C407BA1DF15ULL, +- 0xE6FA141DF95A56DBULL, 0xB54B1597B61D0A75ULL, 0xA20D64E5683B9FD1ULL, +- 0xD660FAA79559C51FULL, 0xAD107E1E9123A9D0ULL +-}; +- +-static const BN_ULONG dh2048_224_g[] = { +- 0x84B890D3191F2BFAULL, 0x81BC087F2A7065B3ULL, 0x19C418E1F6EC0179ULL, +- 0x7B5A0F1C71CFFF4CULL, 0xEDFE72FE9B6AA4BDULL, 0x81E1BCFE94B30269ULL, +- 0x566AFBB48D6C0191ULL, 0xB539CCE3409D13CDULL, 0x6AA21E7F5F2FF381ULL, +- 0xD9E263E4770589EFULL, 0x10E183EDD19963DDULL, 0xB70A8137150B8EEBULL, +- 0x051AE3D428C8F8ACULL, 0xBB77A86F0C1AB15BULL, 0x6E3025E316A330EFULL, +- 0x19529A45D6F83456ULL, 0xF180EB34118E98D1ULL, 0xB5F6C6B250717CBEULL, +- 0x09939D54DA7460CDULL, 0xE247150422EA1ED4ULL, 0xB8A762D0521BC98AULL, +- 0xF4D027275AC1348BULL, 0xC17669101999024AULL, 0xBE5E9001A8D66AD7ULL, +- 0xC57DB17C620A8652ULL, 0xAB739D7700C29F52ULL, 0xDD921F01A70C4AFAULL, +- 0xA6824A4E10B9A6F0ULL, 0x74866A08CFE4FFE3ULL, 0x6CDEBE7B89998CAFULL, +- 0x9DF30B5C8FFDAC50ULL, 0xAC4032EF4F2D9AE3ULL +-}; +- +-static const BN_ULONG dh2048_224_q[] = { +- 0xBF389A99B36371EBULL, 0x1F80535A4738CEBCULL, 0xC58D93FE99717710ULL, +- 0x00000000801C0D34ULL +-}; +- +-static const BN_ULONG dh2048_256_p[] = { +- 0xDB094AE91E1A1597ULL, 0x693877FAD7EF09CAULL, 0x6116D2276E11715FULL, +- 0xA4B54330C198AF12ULL, 0x75F26375D7014103ULL, 0xC3A3960A54E710C3ULL, +- 0xDED4010ABD0BE621ULL, 0xC0B857F689962856ULL, 0xB3CA3F7971506026ULL, +- 0x1CCACB83E6B486F6ULL, 0x67E144E514056425ULL, 0xF6A167B5A41825D9ULL, +- 0x3AD8347796524D8EULL, 0xF13C6D9A51BFA4ABULL, 0x2D52526735488A0EULL, +- 0xB63ACAE1CAA6B790ULL, 0x4FDB70C581B23F76ULL, 0xBC39A0BF12307F5CULL, +- 0xB941F54EB1E59BB8ULL, 0x6C5BFC11D45F9088ULL, 0x22E0B1EF4275BF7BULL, +- 0x91F9E6725B4758C0ULL, 0x5A8A9D306BCF67EDULL, 0x209E0C6497517ABDULL, +- 0x3BF4296D830E9A7CULL, 0x16C3D91134096FAAULL, 0xFAF7DF4561B2AA30ULL, +- 0xE00DF8F1D61957D4ULL, 0x5D2CEED4435E3B00ULL, 0x8CEEF608660DD0F2ULL, +- 0xFFBBD19C65195999ULL, 0x87A8E61DB4B6663CULL +-}; ++# define BN_DEF(lo, hi) (BN_ULONG)hi << 32 | lo ++# else ++# define BN_DEF(lo, hi) lo, hi ++# endif + +-static const BN_ULONG dh2048_256_g[] = { +- 0x664B4C0F6CC41659ULL, 0x5E2327CFEF98C582ULL, 0xD647D148D4795451ULL, +- 0x2F63078490F00EF8ULL, 0x184B523D1DB246C3ULL, 0xC7891428CDC67EB6ULL, +- 0x7FD028370DF92B52ULL, 0xB3353BBB64E0EC37ULL, 0xECD06E1557CD0915ULL, +- 0xB7D2BBD2DF016199ULL, 0xC8484B1E052588B9ULL, 0xDB2A3B7313D3FE14ULL, +- 0xD052B985D182EA0AULL, 0xA4BD1BFFE83B9C80ULL, 0xDFC967C1FB3F2E55ULL, +- 0xB5045AF2767164E1ULL, 0x1D14348F6F2F9193ULL, 0x64E67982428EBC83ULL, +- 0x8AC376D282D6ED38ULL, 0x777DE62AAAB8A862ULL, 0xDDF463E5E9EC144BULL, +- 0x0196F931C77A57F2ULL, 0xA55AE31341000A65ULL, 0x901228F8C28CBB18ULL, +- 0xBC3773BF7E8C6F62ULL, 0xBE3A6C1B0C6B47B1ULL, 0xFF4FED4AAC0BB555ULL, +- 0x10DBC15077BE463FULL, 0x07F4793A1A0BA125ULL, 0x4CA7B18F21EF2054ULL, +- 0x2E77506660EDBD48ULL, 0x3FB32C9B73134D0BULL +-}; ++/* DH parameters from RFC3526 */ + +-static const BN_ULONG dh2048_256_q[] = { +- 0xA308B0FE64F5FBD3ULL, 0x99B1A47D1EB3750BULL, 0xB447997640129DA2ULL, +- 0x8CF83642A709A097ULL ++/* ++ * "1536-bit MODP Group" from RFC3526, Section 2. ++ * ++ * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 } ++ * ++ * RFC3526 specifies a generator of 2. ++ * RFC2312 specifies a generator of 22. ++ */ ++static const BN_ULONG modp_1536_p[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xCA237327, 0xF1746C08), ++ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), ++ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), ++ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), ++ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), ++ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), ++ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), ++ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), ++ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), ++ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), ++ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), ++ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG modp_1536_q[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x6511B993, 0x78BA3604), ++ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), ++ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), ++ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), ++ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), ++ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), ++ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), ++ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), ++ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), ++ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), ++ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), ++ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF) + }; + +-/* Primes from RFC 7919 */ +-static const BN_ULONG ffdhe2048_p[] = { +- 0xFFFFFFFFFFFFFFFFULL, 0x886B423861285C97ULL, 0xC6F34A26C1B2EFFAULL, +- 0xC58EF1837D1683B2ULL, 0x3BB5FCBC2EC22005ULL, 0xC3FE3B1B4C6FAD73ULL, +- 0x8E4F1232EEF28183ULL, 0x9172FE9CE98583FFULL, 0xC03404CD28342F61ULL, +- 0x9E02FCE1CDF7E2ECULL, 0x0B07A7C8EE0A6D70ULL, 0xAE56EDE76372BB19ULL, +- 0x1D4F42A3DE394DF4ULL, 0xB96ADAB760D7F468ULL, 0xD108A94BB2C8E3FBULL, +- 0xBC0AB182B324FB61ULL, 0x30ACCA4F483A797AULL, 0x1DF158A136ADE735ULL, +- 0xE2A689DAF3EFE872ULL, 0x984F0C70E0E68B77ULL, 0xB557135E7F57C935ULL, +- 0x856365553DED1AF3ULL, 0x2433F51F5F066ED0ULL, 0xD3DF1ED5D5FD6561ULL, +- 0xF681B202AEC4617AULL, 0x7D2FE363630C75D8ULL, 0xCC939DCE249B3EF9ULL, +- 0xA9E13641146433FBULL, 0xD8B9C583CE2D3695ULL, 0xAFDC5620273D3CF1ULL, +- 0xADF85458A2BB4A9AULL, 0xFFFFFFFFFFFFFFFFULL ++/*- ++ * "2048-bit MODP Group" from RFC3526, Section 3. ++ * ++ * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 } ++ * ++ * RFC3526 specifies a generator of 2. ++ */ ++static const BN_ULONG modp_2048_p[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x8AACAA68, 0x15728E5A), ++ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), ++ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), ++ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), ++ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), ++ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), ++ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), ++ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), ++ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), ++ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), ++ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), ++ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), ++ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), ++ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), ++ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), ++ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG modp_2048_q[] = { ++ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0x45565534, 0x0AB9472D), ++ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), ++ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), ++ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), ++ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), ++ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), ++ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), ++ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), ++ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), ++ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), ++ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), ++ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), ++ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), ++ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), ++ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), ++ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + +-static const BN_ULONG ffdhe3072_p[] = { +- 0xFFFFFFFFFFFFFFFFULL, 0x25E41D2B66C62E37ULL, 0x3C1B20EE3FD59D7CULL, +- 0x0ABCD06BFA53DDEFULL, 0x1DBF9A42D5C4484EULL, 0xABC521979B0DEADAULL, +- 0xE86D2BC522363A0DULL, 0x5CAE82AB9C9DF69EULL, 0x64F2E21E71F54BFFULL, +- 0xF4FD4452E2D74DD3ULL, 0xB4130C93BC437944ULL, 0xAEFE130985139270ULL, +- 0x598CB0FAC186D91CULL, 0x7AD91D2691F7F7EEULL, 0x61B46FC9D6E6C907ULL, +- 0xBC34F4DEF99C0238ULL, 0xDE355B3B6519035BULL, 0x886B4238611FCFDCULL, +- 0xC6F34A26C1B2EFFAULL, 0xC58EF1837D1683B2ULL, 0x3BB5FCBC2EC22005ULL, +- 0xC3FE3B1B4C6FAD73ULL, 0x8E4F1232EEF28183ULL, 0x9172FE9CE98583FFULL, +- 0xC03404CD28342F61ULL, 0x9E02FCE1CDF7E2ECULL, 0x0B07A7C8EE0A6D70ULL, +- 0xAE56EDE76372BB19ULL, 0x1D4F42A3DE394DF4ULL, 0xB96ADAB760D7F468ULL, +- 0xD108A94BB2C8E3FBULL, 0xBC0AB182B324FB61ULL, 0x30ACCA4F483A797AULL, +- 0x1DF158A136ADE735ULL, 0xE2A689DAF3EFE872ULL, 0x984F0C70E0E68B77ULL, +- 0xB557135E7F57C935ULL, 0x856365553DED1AF3ULL, 0x2433F51F5F066ED0ULL, +- 0xD3DF1ED5D5FD6561ULL, 0xF681B202AEC4617AULL, 0x7D2FE363630C75D8ULL, +- 0xCC939DCE249B3EF9ULL, 0xA9E13641146433FBULL, 0xD8B9C583CE2D3695ULL, +- 0xAFDC5620273D3CF1ULL, 0xADF85458A2BB4A9AULL, 0xFFFFFFFFFFFFFFFFULL ++/*- ++ * "3072-bit MODP Group" from RFC3526, Section 4. ++ * ++ * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 } ++ * ++ * RFC3526 specifies a generator of 2. ++ */ ++static const BN_ULONG modp_3072_p[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xA93AD2CA, 0x4B82D120), ++ BN_DEF(0xE0FD108E, 0x43DB5BFC), BN_DEF(0x74E5AB31, 0x08E24FA0), ++ BN_DEF(0xBAD946E2, 0x770988C0), BN_DEF(0x7A615D6C, 0xBBE11757), ++ BN_DEF(0x177B200C, 0x521F2B18), BN_DEF(0x3EC86A64, 0xD8760273), ++ BN_DEF(0xD98A0864, 0xF12FFA06), BN_DEF(0x1AD2EE6B, 0xCEE3D226), ++ BN_DEF(0x4A25619D, 0x1E8C94E0), BN_DEF(0xDB0933D7, 0xABF5AE8C), ++ BN_DEF(0xA6E1E4C7, 0xB3970F85), BN_DEF(0x5D060C7D, 0x8AEA7157), ++ BN_DEF(0x58DBEF0A, 0xECFB8504), BN_DEF(0xDF1CBA64, 0xA85521AB), ++ BN_DEF(0x04507A33, 0xAD33170D), BN_DEF(0x8AAAC42D, 0x15728E5A), ++ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), ++ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), ++ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), ++ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), ++ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), ++ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), ++ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), ++ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), ++ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), ++ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), ++ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), ++ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), ++ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), ++ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), ++ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG modp_3072_q[] = { ++ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0x549D6965, 0x25C16890), ++ BN_DEF(0x707E8847, 0xA1EDADFE), BN_DEF(0x3A72D598, 0x047127D0), ++ BN_DEF(0x5D6CA371, 0x3B84C460), BN_DEF(0xBD30AEB6, 0x5DF08BAB), ++ BN_DEF(0x0BBD9006, 0x290F958C), BN_DEF(0x9F643532, 0x6C3B0139), ++ BN_DEF(0x6CC50432, 0xF897FD03), BN_DEF(0x0D697735, 0xE771E913), ++ BN_DEF(0x2512B0CE, 0x8F464A70), BN_DEF(0x6D8499EB, 0xD5FAD746), ++ BN_DEF(0xD370F263, 0xD9CB87C2), BN_DEF(0xAE83063E, 0x457538AB), ++ BN_DEF(0x2C6DF785, 0x767DC282), BN_DEF(0xEF8E5D32, 0xD42A90D5), ++ BN_DEF(0x82283D19, 0xD6998B86), BN_DEF(0x45556216, 0x0AB9472D), ++ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), ++ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), ++ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), ++ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), ++ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), ++ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), ++ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), ++ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), ++ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), ++ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), ++ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), ++ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), ++ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), ++ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), ++ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + +-static const BN_ULONG ffdhe4096_p[] = { +- 0xFFFFFFFFFFFFFFFFULL, 0xC68A007E5E655F6AULL, 0x4DB5A851F44182E1ULL, +- 0x8EC9B55A7F88A46BULL, 0x0A8291CDCEC97DCFULL, 0x2A4ECEA9F98D0ACCULL, +- 0x1A1DB93D7140003CULL, 0x092999A333CB8B7AULL, 0x6DC778F971AD0038ULL, +- 0xA907600A918130C4ULL, 0xED6A1E012D9E6832ULL, 0x7135C886EFB4318AULL, +- 0x87F55BA57E31CC7AULL, 0x7763CF1D55034004ULL, 0xAC7D5F42D69F6D18ULL, +- 0x7930E9E4E58857B6ULL, 0x6E6F52C3164DF4FBULL, 0x25E41D2B669E1EF1ULL, +- 0x3C1B20EE3FD59D7CULL, 0x0ABCD06BFA53DDEFULL, 0x1DBF9A42D5C4484EULL, +- 0xABC521979B0DEADAULL, 0xE86D2BC522363A0DULL, 0x5CAE82AB9C9DF69EULL, +- 0x64F2E21E71F54BFFULL, 0xF4FD4452E2D74DD3ULL, 0xB4130C93BC437944ULL, +- 0xAEFE130985139270ULL, 0x598CB0FAC186D91CULL, 0x7AD91D2691F7F7EEULL, +- 0x61B46FC9D6E6C907ULL, 0xBC34F4DEF99C0238ULL, 0xDE355B3B6519035BULL, +- 0x886B4238611FCFDCULL, 0xC6F34A26C1B2EFFAULL, 0xC58EF1837D1683B2ULL, +- 0x3BB5FCBC2EC22005ULL, 0xC3FE3B1B4C6FAD73ULL, 0x8E4F1232EEF28183ULL, +- 0x9172FE9CE98583FFULL, 0xC03404CD28342F61ULL, 0x9E02FCE1CDF7E2ECULL, +- 0x0B07A7C8EE0A6D70ULL, 0xAE56EDE76372BB19ULL, 0x1D4F42A3DE394DF4ULL, +- 0xB96ADAB760D7F468ULL, 0xD108A94BB2C8E3FBULL, 0xBC0AB182B324FB61ULL, +- 0x30ACCA4F483A797AULL, 0x1DF158A136ADE735ULL, 0xE2A689DAF3EFE872ULL, +- 0x984F0C70E0E68B77ULL, 0xB557135E7F57C935ULL, 0x856365553DED1AF3ULL, +- 0x2433F51F5F066ED0ULL, 0xD3DF1ED5D5FD6561ULL, 0xF681B202AEC4617AULL, +- 0x7D2FE363630C75D8ULL, 0xCC939DCE249B3EF9ULL, 0xA9E13641146433FBULL, +- 0xD8B9C583CE2D3695ULL, 0xAFDC5620273D3CF1ULL, 0xADF85458A2BB4A9AULL, +- 0xFFFFFFFFFFFFFFFFULL ++/*- ++ * "4096-bit MODP Group" from RFC3526, Section 5. ++ * ++ * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 } ++ * ++ * RFC3526 specifies a generator of 2. ++ */ ++static const BN_ULONG modp_4096_p[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x34063199, 0x4DF435C9), ++ BN_DEF(0x90A6C08F, 0x86FFB7DC), BN_DEF(0x8D8FDDC1, 0x93B4EA98), ++ BN_DEF(0xD5B05AA9, 0xD0069127), BN_DEF(0x2170481C, 0xB81BDD76), ++ BN_DEF(0xCEE2D7AF, 0x1F612970), BN_DEF(0x515BE7ED, 0x233BA186), ++ BN_DEF(0xA090C3A2, 0x99B2964F), BN_DEF(0x4E6BC05D, 0x287C5947), ++ BN_DEF(0x1FBECAA6, 0x2E8EFC14), BN_DEF(0x04DE8EF9, 0xDBBBC2DB), ++ BN_DEF(0x2AD44CE8, 0x2583E9CA), BN_DEF(0xB6150BDA, 0x1A946834), ++ BN_DEF(0x6AF4E23C, 0x99C32718), BN_DEF(0xBDBA5B26, 0x88719A10), ++ BN_DEF(0xA787E6D7, 0x1A723C12), BN_DEF(0xA9210801, 0x4B82D120), ++ BN_DEF(0xE0FD108E, 0x43DB5BFC), BN_DEF(0x74E5AB31, 0x08E24FA0), ++ BN_DEF(0xBAD946E2, 0x770988C0), BN_DEF(0x7A615D6C, 0xBBE11757), ++ BN_DEF(0x177B200C, 0x521F2B18), BN_DEF(0x3EC86A64, 0xD8760273), ++ BN_DEF(0xD98A0864, 0xF12FFA06), BN_DEF(0x1AD2EE6B, 0xCEE3D226), ++ BN_DEF(0x4A25619D, 0x1E8C94E0), BN_DEF(0xDB0933D7, 0xABF5AE8C), ++ BN_DEF(0xA6E1E4C7, 0xB3970F85), BN_DEF(0x5D060C7D, 0x8AEA7157), ++ BN_DEF(0x58DBEF0A, 0xECFB8504), BN_DEF(0xDF1CBA64, 0xA85521AB), ++ BN_DEF(0x04507A33, 0xAD33170D), BN_DEF(0x8AAAC42D, 0x15728E5A), ++ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), ++ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), ++ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), ++ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), ++ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), ++ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), ++ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), ++ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), ++ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), ++ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), ++ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), ++ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), ++ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), ++ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), ++ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG modp_4096_q[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x9A0318CC, 0xA6FA1AE4), ++ BN_DEF(0x48536047, 0xC37FDBEE), BN_DEF(0x46C7EEE0, 0xC9DA754C), ++ BN_DEF(0xEAD82D54, 0x68034893), BN_DEF(0x10B8240E, 0xDC0DEEBB), ++ BN_DEF(0x67716BD7, 0x8FB094B8), BN_DEF(0x28ADF3F6, 0x119DD0C3), ++ BN_DEF(0xD04861D1, 0xCCD94B27), BN_DEF(0xA735E02E, 0x143E2CA3), ++ BN_DEF(0x0FDF6553, 0x97477E0A), BN_DEF(0x826F477C, 0x6DDDE16D), ++ BN_DEF(0x156A2674, 0x12C1F4E5), BN_DEF(0x5B0A85ED, 0x0D4A341A), ++ BN_DEF(0x357A711E, 0x4CE1938C), BN_DEF(0x5EDD2D93, 0xC438CD08), ++ BN_DEF(0x53C3F36B, 0x8D391E09), BN_DEF(0x54908400, 0x25C16890), ++ BN_DEF(0x707E8847, 0xA1EDADFE), BN_DEF(0x3A72D598, 0x047127D0), ++ BN_DEF(0x5D6CA371, 0x3B84C460), BN_DEF(0xBD30AEB6, 0x5DF08BAB), ++ BN_DEF(0x0BBD9006, 0x290F958C), BN_DEF(0x9F643532, 0x6C3B0139), ++ BN_DEF(0x6CC50432, 0xF897FD03), BN_DEF(0x0D697735, 0xE771E913), ++ BN_DEF(0x2512B0CE, 0x8F464A70), BN_DEF(0x6D8499EB, 0xD5FAD746), ++ BN_DEF(0xD370F263, 0xD9CB87C2), BN_DEF(0xAE83063E, 0x457538AB), ++ BN_DEF(0x2C6DF785, 0x767DC282), BN_DEF(0xEF8E5D32, 0xD42A90D5), ++ BN_DEF(0x82283D19, 0xD6998B86), BN_DEF(0x45556216, 0x0AB9472D), ++ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), ++ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), ++ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), ++ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), ++ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), ++ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), ++ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), ++ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), ++ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), ++ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), ++ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), ++ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), ++ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), ++ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), ++ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + +-static const BN_ULONG ffdhe6144_p[] = { +- 0xFFFFFFFFFFFFFFFFULL, 0xA40E329CD0E40E65ULL, 0xA41D570D7938DAD4ULL, +- 0x62A69526D43161C1ULL, 0x3FDD4A8E9ADB1E69ULL, 0x5B3B71F9DC6B80D6ULL, +- 0xEC9D1810C6272B04ULL, 0x8CCF2DD5CACEF403ULL, 0xE49F5235C95B9117ULL, +- 0x505DC82DB854338AULL, 0x62292C311562A846ULL, 0xD72B03746AE77F5EULL, +- 0xF9C9091B462D538CULL, 0x0AE8DB5847A67CBEULL, 0xB3A739C122611682ULL, +- 0xEEAAC0232A281BF6ULL, 0x94C6651E77CAF992ULL, 0x763E4E4B94B2BBC1ULL, +- 0x587E38DA0077D9B4ULL, 0x7FB29F8C183023C3ULL, 0x0ABEC1FFF9E3A26EULL, +- 0xA00EF092350511E3ULL, 0xB855322EDB6340D8ULL, 0xA52471F7A9A96910ULL, +- 0x388147FB4CFDB477ULL, 0x9B1F5C3E4E46041FULL, 0xCDAD0657FCCFEC71ULL, +- 0xB38E8C334C701C3AULL, 0x917BDD64B1C0FD4CULL, 0x3BB454329B7624C8ULL, +- 0x23BA4442CAF53EA6ULL, 0x4E677D2C38532A3AULL, 0x0BFD64B645036C7AULL, +- 0xC68A007E5E0DD902ULL, 0x4DB5A851F44182E1ULL, 0x8EC9B55A7F88A46BULL, +- 0x0A8291CDCEC97DCFULL, 0x2A4ECEA9F98D0ACCULL, 0x1A1DB93D7140003CULL, +- 0x092999A333CB8B7AULL, 0x6DC778F971AD0038ULL, 0xA907600A918130C4ULL, +- 0xED6A1E012D9E6832ULL, 0x7135C886EFB4318AULL, 0x87F55BA57E31CC7AULL, +- 0x7763CF1D55034004ULL, 0xAC7D5F42D69F6D18ULL, 0x7930E9E4E58857B6ULL, +- 0x6E6F52C3164DF4FBULL, 0x25E41D2B669E1EF1ULL, 0x3C1B20EE3FD59D7CULL, +- 0x0ABCD06BFA53DDEFULL, 0x1DBF9A42D5C4484EULL, 0xABC521979B0DEADAULL, +- 0xE86D2BC522363A0DULL, 0x5CAE82AB9C9DF69EULL, 0x64F2E21E71F54BFFULL, +- 0xF4FD4452E2D74DD3ULL, 0xB4130C93BC437944ULL, 0xAEFE130985139270ULL, +- 0x598CB0FAC186D91CULL, 0x7AD91D2691F7F7EEULL, 0x61B46FC9D6E6C907ULL, +- 0xBC34F4DEF99C0238ULL, 0xDE355B3B6519035BULL, 0x886B4238611FCFDCULL, +- 0xC6F34A26C1B2EFFAULL, 0xC58EF1837D1683B2ULL, 0x3BB5FCBC2EC22005ULL, +- 0xC3FE3B1B4C6FAD73ULL, 0x8E4F1232EEF28183ULL, 0x9172FE9CE98583FFULL, +- 0xC03404CD28342F61ULL, 0x9E02FCE1CDF7E2ECULL, 0x0B07A7C8EE0A6D70ULL, +- 0xAE56EDE76372BB19ULL, 0x1D4F42A3DE394DF4ULL, 0xB96ADAB760D7F468ULL, +- 0xD108A94BB2C8E3FBULL, 0xBC0AB182B324FB61ULL, 0x30ACCA4F483A797AULL, +- 0x1DF158A136ADE735ULL, 0xE2A689DAF3EFE872ULL, 0x984F0C70E0E68B77ULL, +- 0xB557135E7F57C935ULL, 0x856365553DED1AF3ULL, 0x2433F51F5F066ED0ULL, +- 0xD3DF1ED5D5FD6561ULL, 0xF681B202AEC4617AULL, 0x7D2FE363630C75D8ULL, +- 0xCC939DCE249B3EF9ULL, 0xA9E13641146433FBULL, 0xD8B9C583CE2D3695ULL, +- 0xAFDC5620273D3CF1ULL, 0xADF85458A2BB4A9AULL, 0xFFFFFFFFFFFFFFFFULL ++/*- ++ * "6144-bit MODP Group" from RFC3526, Section 6. ++ * ++ * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 } ++ * ++ * RFC3526 specifies a generator of 2. ++ */ ++static const BN_ULONG modp_6144_p[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x6DCC4024, 0xE694F91E), ++ BN_DEF(0x0B7474D6, 0x12BF2D5B), BN_DEF(0x3F4860EE, 0x043E8F66), ++ BN_DEF(0x6E3C0468, 0x387FE8D7), BN_DEF(0x2EF29632, 0xDA56C9EC), ++ BN_DEF(0xA313D55C, 0xEB19CCB1), BN_DEF(0x8A1FBFF0, 0xF550AA3D), ++ BN_DEF(0xB7C5DA76, 0x06A1D58B), BN_DEF(0xF29BE328, 0xA79715EE), ++ BN_DEF(0x0F8037E0, 0x14CC5ED2), BN_DEF(0xBF48E1D8, 0xCC8F6D7E), ++ BN_DEF(0x2B4154AA, 0x4BD407B2), BN_DEF(0xFF585AC5, 0x0F1D45B7), ++ BN_DEF(0x36CC88BE, 0x23A97A7E), BN_DEF(0xBEC7E8F3, 0x59E7C97F), ++ BN_DEF(0x900B1C9E, 0xB5A84031), BN_DEF(0x46980C82, 0xD55E702F), ++ BN_DEF(0x6E74FEF6, 0xF482D7CE), BN_DEF(0xD1721D03, 0xF032EA15), ++ BN_DEF(0xC64B92EC, 0x5983CA01), BN_DEF(0x378CD2BF, 0x6FB8F401), ++ BN_DEF(0x2BD7AF42, 0x33205151), BN_DEF(0xE6CC254B, 0xDB7F1447), ++ BN_DEF(0xCED4BB1B, 0x44CE6CBA), BN_DEF(0xCF9B14ED, 0xDA3EDBEB), ++ BN_DEF(0x865A8918, 0x179727B0), BN_DEF(0x9027D831, 0xB06A53ED), ++ BN_DEF(0x413001AE, 0xE5DB382F), BN_DEF(0xAD9E530E, 0xF8FF9406), ++ BN_DEF(0x3DBA37BD, 0xC9751E76), BN_DEF(0x602646DE, 0xC1D4DCB2), ++ BN_DEF(0xD27C7026, 0x36C3FAB4), BN_DEF(0x34028492, 0x4DF435C9), ++ BN_DEF(0x90A6C08F, 0x86FFB7DC), BN_DEF(0x8D8FDDC1, 0x93B4EA98), ++ BN_DEF(0xD5B05AA9, 0xD0069127), BN_DEF(0x2170481C, 0xB81BDD76), ++ BN_DEF(0xCEE2D7AF, 0x1F612970), BN_DEF(0x515BE7ED, 0x233BA186), ++ BN_DEF(0xA090C3A2, 0x99B2964F), BN_DEF(0x4E6BC05D, 0x287C5947), ++ BN_DEF(0x1FBECAA6, 0x2E8EFC14), BN_DEF(0x04DE8EF9, 0xDBBBC2DB), ++ BN_DEF(0x2AD44CE8, 0x2583E9CA), BN_DEF(0xB6150BDA, 0x1A946834), ++ BN_DEF(0x6AF4E23C, 0x99C32718), BN_DEF(0xBDBA5B26, 0x88719A10), ++ BN_DEF(0xA787E6D7, 0x1A723C12), BN_DEF(0xA9210801, 0x4B82D120), ++ BN_DEF(0xE0FD108E, 0x43DB5BFC), BN_DEF(0x74E5AB31, 0x08E24FA0), ++ BN_DEF(0xBAD946E2, 0x770988C0), BN_DEF(0x7A615D6C, 0xBBE11757), ++ BN_DEF(0x177B200C, 0x521F2B18), BN_DEF(0x3EC86A64, 0xD8760273), ++ BN_DEF(0xD98A0864, 0xF12FFA06), BN_DEF(0x1AD2EE6B, 0xCEE3D226), ++ BN_DEF(0x4A25619D, 0x1E8C94E0), BN_DEF(0xDB0933D7, 0xABF5AE8C), ++ BN_DEF(0xA6E1E4C7, 0xB3970F85), BN_DEF(0x5D060C7D, 0x8AEA7157), ++ BN_DEF(0x58DBEF0A, 0xECFB8504), BN_DEF(0xDF1CBA64, 0xA85521AB), ++ BN_DEF(0x04507A33, 0xAD33170D), BN_DEF(0x8AAAC42D, 0x15728E5A), ++ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), ++ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), ++ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), ++ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), ++ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), ++ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), ++ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), ++ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), ++ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), ++ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), ++ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), ++ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), ++ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), ++ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), ++ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG modp_6144_q[] = { ++ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0x36E62012, 0x734A7C8F), ++ BN_DEF(0x85BA3A6B, 0x095F96AD), BN_DEF(0x1FA43077, 0x021F47B3), ++ BN_DEF(0xB71E0234, 0x1C3FF46B), BN_DEF(0x17794B19, 0x6D2B64F6), ++ BN_DEF(0xD189EAAE, 0x758CE658), BN_DEF(0xC50FDFF8, 0x7AA8551E), ++ BN_DEF(0xDBE2ED3B, 0x0350EAC5), BN_DEF(0x794DF194, 0x53CB8AF7), ++ BN_DEF(0x07C01BF0, 0x0A662F69), BN_DEF(0x5FA470EC, 0x6647B6BF), ++ BN_DEF(0x15A0AA55, 0xA5EA03D9), BN_DEF(0xFFAC2D62, 0x078EA2DB), ++ BN_DEF(0x1B66445F, 0x91D4BD3F), BN_DEF(0xDF63F479, 0x2CF3E4BF), ++ BN_DEF(0xC8058E4F, 0x5AD42018), BN_DEF(0xA34C0641, 0x6AAF3817), ++ BN_DEF(0x373A7F7B, 0xFA416BE7), BN_DEF(0xE8B90E81, 0x7819750A), ++ BN_DEF(0xE325C976, 0xACC1E500), BN_DEF(0x9BC6695F, 0x37DC7A00), ++ BN_DEF(0x95EBD7A1, 0x999028A8), BN_DEF(0xF36612A5, 0xEDBF8A23), ++ BN_DEF(0x676A5D8D, 0xA267365D), BN_DEF(0xE7CD8A76, 0x6D1F6DF5), ++ BN_DEF(0x432D448C, 0x8BCB93D8), BN_DEF(0xC813EC18, 0x583529F6), ++ BN_DEF(0xA09800D7, 0x72ED9C17), BN_DEF(0x56CF2987, 0xFC7FCA03), ++ BN_DEF(0x1EDD1BDE, 0x64BA8F3B), BN_DEF(0x3013236F, 0x60EA6E59), ++ BN_DEF(0x693E3813, 0x1B61FD5A), BN_DEF(0x9A014249, 0xA6FA1AE4), ++ BN_DEF(0x48536047, 0xC37FDBEE), BN_DEF(0x46C7EEE0, 0xC9DA754C), ++ BN_DEF(0xEAD82D54, 0x68034893), BN_DEF(0x10B8240E, 0xDC0DEEBB), ++ BN_DEF(0x67716BD7, 0x8FB094B8), BN_DEF(0x28ADF3F6, 0x119DD0C3), ++ BN_DEF(0xD04861D1, 0xCCD94B27), BN_DEF(0xA735E02E, 0x143E2CA3), ++ BN_DEF(0x0FDF6553, 0x97477E0A), BN_DEF(0x826F477C, 0x6DDDE16D), ++ BN_DEF(0x156A2674, 0x12C1F4E5), BN_DEF(0x5B0A85ED, 0x0D4A341A), ++ BN_DEF(0x357A711E, 0x4CE1938C), BN_DEF(0x5EDD2D93, 0xC438CD08), ++ BN_DEF(0x53C3F36B, 0x8D391E09), BN_DEF(0x54908400, 0x25C16890), ++ BN_DEF(0x707E8847, 0xA1EDADFE), BN_DEF(0x3A72D598, 0x047127D0), ++ BN_DEF(0x5D6CA371, 0x3B84C460), BN_DEF(0xBD30AEB6, 0x5DF08BAB), ++ BN_DEF(0x0BBD9006, 0x290F958C), BN_DEF(0x9F643532, 0x6C3B0139), ++ BN_DEF(0x6CC50432, 0xF897FD03), BN_DEF(0x0D697735, 0xE771E913), ++ BN_DEF(0x2512B0CE, 0x8F464A70), BN_DEF(0x6D8499EB, 0xD5FAD746), ++ BN_DEF(0xD370F263, 0xD9CB87C2), BN_DEF(0xAE83063E, 0x457538AB), ++ BN_DEF(0x2C6DF785, 0x767DC282), BN_DEF(0xEF8E5D32, 0xD42A90D5), ++ BN_DEF(0x82283D19, 0xD6998B86), BN_DEF(0x45556216, 0x0AB9472D), ++ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), ++ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), ++ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), ++ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), ++ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), ++ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), ++ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), ++ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), ++ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), ++ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), ++ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), ++ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), ++ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), ++ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), ++ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + +-static const BN_ULONG ffdhe8192_p[] = { +- 0xFFFFFFFFFFFFFFFFULL, 0xD68C8BB7C5C6424CULL, 0x011E2A94838FF88CULL, +- 0x0822E506A9F4614EULL, 0x97D11D49F7A8443DULL, 0xA6BBFDE530677F0DULL, +- 0x2F741EF8C1FE86FEULL, 0xFAFABE1C5D71A87EULL, 0xDED2FBABFBE58A30ULL, +- 0xB6855DFE72B0A66EULL, 0x1EFC8CE0BA8A4FE8ULL, 0x83F81D4A3F2FA457ULL, +- 0xA1FE3075A577E231ULL, 0xD5B8019488D9C0A0ULL, 0x624816CDAD9A95F9ULL, +- 0x99E9E31650C1217BULL, 0x51AA691E0E423CFCULL, 0x1C217E6C3826E52CULL, +- 0x51A8A93109703FEEULL, 0xBB7099876A460E74ULL, 0x541FC68C9C86B022ULL, +- 0x59160CC046FD8251ULL, 0x2846C0BA35C35F5CULL, 0x54504AC78B758282ULL, +- 0x29388839D2AF05E4ULL, 0xCB2C0F1CC01BD702ULL, 0x555B2F747C932665ULL, +- 0x86B63142A3AB8829ULL, 0x0B8CC3BDF64B10EFULL, 0x687FEB69EDD1CC5EULL, +- 0xFDB23FCEC9509D43ULL, 0x1E425A31D951AE64ULL, 0x36AD004CF600C838ULL, +- 0xA40E329CCFF46AAAULL, 0xA41D570D7938DAD4ULL, 0x62A69526D43161C1ULL, +- 0x3FDD4A8E9ADB1E69ULL, 0x5B3B71F9DC6B80D6ULL, 0xEC9D1810C6272B04ULL, +- 0x8CCF2DD5CACEF403ULL, 0xE49F5235C95B9117ULL, 0x505DC82DB854338AULL, +- 0x62292C311562A846ULL, 0xD72B03746AE77F5EULL, 0xF9C9091B462D538CULL, +- 0x0AE8DB5847A67CBEULL, 0xB3A739C122611682ULL, 0xEEAAC0232A281BF6ULL, +- 0x94C6651E77CAF992ULL, 0x763E4E4B94B2BBC1ULL, 0x587E38DA0077D9B4ULL, +- 0x7FB29F8C183023C3ULL, 0x0ABEC1FFF9E3A26EULL, 0xA00EF092350511E3ULL, +- 0xB855322EDB6340D8ULL, 0xA52471F7A9A96910ULL, 0x388147FB4CFDB477ULL, +- 0x9B1F5C3E4E46041FULL, 0xCDAD0657FCCFEC71ULL, 0xB38E8C334C701C3AULL, +- 0x917BDD64B1C0FD4CULL, 0x3BB454329B7624C8ULL, 0x23BA4442CAF53EA6ULL, +- 0x4E677D2C38532A3AULL, 0x0BFD64B645036C7AULL, 0xC68A007E5E0DD902ULL, +- 0x4DB5A851F44182E1ULL, 0x8EC9B55A7F88A46BULL, 0x0A8291CDCEC97DCFULL, +- 0x2A4ECEA9F98D0ACCULL, 0x1A1DB93D7140003CULL, 0x092999A333CB8B7AULL, +- 0x6DC778F971AD0038ULL, 0xA907600A918130C4ULL, 0xED6A1E012D9E6832ULL, +- 0x7135C886EFB4318AULL, 0x87F55BA57E31CC7AULL, 0x7763CF1D55034004ULL, +- 0xAC7D5F42D69F6D18ULL, 0x7930E9E4E58857B6ULL, 0x6E6F52C3164DF4FBULL, +- 0x25E41D2B669E1EF1ULL, 0x3C1B20EE3FD59D7CULL, 0x0ABCD06BFA53DDEFULL, +- 0x1DBF9A42D5C4484EULL, 0xABC521979B0DEADAULL, 0xE86D2BC522363A0DULL, +- 0x5CAE82AB9C9DF69EULL, 0x64F2E21E71F54BFFULL, 0xF4FD4452E2D74DD3ULL, +- 0xB4130C93BC437944ULL, 0xAEFE130985139270ULL, 0x598CB0FAC186D91CULL, +- 0x7AD91D2691F7F7EEULL, 0x61B46FC9D6E6C907ULL, 0xBC34F4DEF99C0238ULL, +- 0xDE355B3B6519035BULL, 0x886B4238611FCFDCULL, 0xC6F34A26C1B2EFFAULL, +- 0xC58EF1837D1683B2ULL, 0x3BB5FCBC2EC22005ULL, 0xC3FE3B1B4C6FAD73ULL, +- 0x8E4F1232EEF28183ULL, 0x9172FE9CE98583FFULL, 0xC03404CD28342F61ULL, +- 0x9E02FCE1CDF7E2ECULL, 0x0B07A7C8EE0A6D70ULL, 0xAE56EDE76372BB19ULL, +- 0x1D4F42A3DE394DF4ULL, 0xB96ADAB760D7F468ULL, 0xD108A94BB2C8E3FBULL, +- 0xBC0AB182B324FB61ULL, 0x30ACCA4F483A797AULL, 0x1DF158A136ADE735ULL, +- 0xE2A689DAF3EFE872ULL, 0x984F0C70E0E68B77ULL, 0xB557135E7F57C935ULL, +- 0x856365553DED1AF3ULL, 0x2433F51F5F066ED0ULL, 0xD3DF1ED5D5FD6561ULL, +- 0xF681B202AEC4617AULL, 0x7D2FE363630C75D8ULL, 0xCC939DCE249B3EF9ULL, +- 0xA9E13641146433FBULL, 0xD8B9C583CE2D3695ULL, 0xAFDC5620273D3CF1ULL, +- 0xADF85458A2BB4A9AULL, 0xFFFFFFFFFFFFFFFFULL ++/* ++ * "8192-bit MODP Group" from RFC3526, Section 7. ++ * ++ * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 } ++ * ++ * RFC3526 specifies a generator of 2. ++ */ ++static const BN_ULONG modp_8192_p[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x98EDD3DF, 0x60C980DD), ++ BN_DEF(0x80B96E71, 0xC81F56E8), BN_DEF(0x765694DF, 0x9E3050E2), ++ BN_DEF(0x5677E9AA, 0x9558E447), BN_DEF(0xFC026E47, 0xC9190DA6), ++ BN_DEF(0xD5EE382B, 0x889A002E), BN_DEF(0x481C6CD7, 0x4009438B), ++ BN_DEF(0xEB879F92, 0x359046F4), BN_DEF(0x1ECFA268, 0xFAF36BC3), ++ BN_DEF(0x7EE74D73, 0xB1D510BD), BN_DEF(0x5DED7EA1, 0xF9AB4819), ++ BN_DEF(0x0846851D, 0x64F31CC5), BN_DEF(0xA0255DC1, 0x4597E899), ++ BN_DEF(0x74AB6A36, 0xDF310EE0), BN_DEF(0x3F44F82D, 0x6D2A13F8), ++ BN_DEF(0xB3A278A6, 0x062B3CF5), BN_DEF(0xED5BDD3A, 0x79683303), ++ BN_DEF(0xA2C087E8, 0xFA9D4B7F), BN_DEF(0x2F8385DD, 0x4BCBC886), ++ BN_DEF(0x6CEA306B, 0x3473FC64), BN_DEF(0x1A23F0C7, 0x13EB57A8), ++ BN_DEF(0xA4037C07, 0x22222E04), BN_DEF(0xFC848AD9, 0xE3FDB8BE), ++ BN_DEF(0xE39D652D, 0x238F16CB), BN_DEF(0x2BF1C978, 0x3423B474), ++ BN_DEF(0x5AE4F568, 0x3AAB639C), BN_DEF(0x6BA42466, 0x2576F693), ++ BN_DEF(0x8AFC47ED, 0x741FA7BF), BN_DEF(0x8D9DD300, 0x3BC832B6), ++ BN_DEF(0x73B931BA, 0xD8BEC4D0), BN_DEF(0xA932DF8C, 0x38777CB6), ++ BN_DEF(0x12FEE5E4, 0x74A3926F), BN_DEF(0x6DBE1159, 0xE694F91E), ++ BN_DEF(0x0B7474D6, 0x12BF2D5B), BN_DEF(0x3F4860EE, 0x043E8F66), ++ BN_DEF(0x6E3C0468, 0x387FE8D7), BN_DEF(0x2EF29632, 0xDA56C9EC), ++ BN_DEF(0xA313D55C, 0xEB19CCB1), BN_DEF(0x8A1FBFF0, 0xF550AA3D), ++ BN_DEF(0xB7C5DA76, 0x06A1D58B), BN_DEF(0xF29BE328, 0xA79715EE), ++ BN_DEF(0x0F8037E0, 0x14CC5ED2), BN_DEF(0xBF48E1D8, 0xCC8F6D7E), ++ BN_DEF(0x2B4154AA, 0x4BD407B2), BN_DEF(0xFF585AC5, 0x0F1D45B7), ++ BN_DEF(0x36CC88BE, 0x23A97A7E), BN_DEF(0xBEC7E8F3, 0x59E7C97F), ++ BN_DEF(0x900B1C9E, 0xB5A84031), BN_DEF(0x46980C82, 0xD55E702F), ++ BN_DEF(0x6E74FEF6, 0xF482D7CE), BN_DEF(0xD1721D03, 0xF032EA15), ++ BN_DEF(0xC64B92EC, 0x5983CA01), BN_DEF(0x378CD2BF, 0x6FB8F401), ++ BN_DEF(0x2BD7AF42, 0x33205151), BN_DEF(0xE6CC254B, 0xDB7F1447), ++ BN_DEF(0xCED4BB1B, 0x44CE6CBA), BN_DEF(0xCF9B14ED, 0xDA3EDBEB), ++ BN_DEF(0x865A8918, 0x179727B0), BN_DEF(0x9027D831, 0xB06A53ED), ++ BN_DEF(0x413001AE, 0xE5DB382F), BN_DEF(0xAD9E530E, 0xF8FF9406), ++ BN_DEF(0x3DBA37BD, 0xC9751E76), BN_DEF(0x602646DE, 0xC1D4DCB2), ++ BN_DEF(0xD27C7026, 0x36C3FAB4), BN_DEF(0x34028492, 0x4DF435C9), ++ BN_DEF(0x90A6C08F, 0x86FFB7DC), BN_DEF(0x8D8FDDC1, 0x93B4EA98), ++ BN_DEF(0xD5B05AA9, 0xD0069127), BN_DEF(0x2170481C, 0xB81BDD76), ++ BN_DEF(0xCEE2D7AF, 0x1F612970), BN_DEF(0x515BE7ED, 0x233BA186), ++ BN_DEF(0xA090C3A2, 0x99B2964F), BN_DEF(0x4E6BC05D, 0x287C5947), ++ BN_DEF(0x1FBECAA6, 0x2E8EFC14), BN_DEF(0x04DE8EF9, 0xDBBBC2DB), ++ BN_DEF(0x2AD44CE8, 0x2583E9CA), BN_DEF(0xB6150BDA, 0x1A946834), ++ BN_DEF(0x6AF4E23C, 0x99C32718), BN_DEF(0xBDBA5B26, 0x88719A10), ++ BN_DEF(0xA787E6D7, 0x1A723C12), BN_DEF(0xA9210801, 0x4B82D120), ++ BN_DEF(0xE0FD108E, 0x43DB5BFC), BN_DEF(0x74E5AB31, 0x08E24FA0), ++ BN_DEF(0xBAD946E2, 0x770988C0), BN_DEF(0x7A615D6C, 0xBBE11757), ++ BN_DEF(0x177B200C, 0x521F2B18), BN_DEF(0x3EC86A64, 0xD8760273), ++ BN_DEF(0xD98A0864, 0xF12FFA06), BN_DEF(0x1AD2EE6B, 0xCEE3D226), ++ BN_DEF(0x4A25619D, 0x1E8C94E0), BN_DEF(0xDB0933D7, 0xABF5AE8C), ++ BN_DEF(0xA6E1E4C7, 0xB3970F85), BN_DEF(0x5D060C7D, 0x8AEA7157), ++ BN_DEF(0x58DBEF0A, 0xECFB8504), BN_DEF(0xDF1CBA64, 0xA85521AB), ++ BN_DEF(0x04507A33, 0xAD33170D), BN_DEF(0x8AAAC42D, 0x15728E5A), ++ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), ++ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), ++ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), ++ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), ++ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), ++ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), ++ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), ++ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), ++ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), ++ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), ++ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), ++ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), ++ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), ++ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), ++ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG modp_8192_q[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xCC76E9EF, 0xB064C06E), ++ BN_DEF(0x405CB738, 0xE40FAB74), BN_DEF(0x3B2B4A6F, 0x4F182871), ++ BN_DEF(0xAB3BF4D5, 0xCAAC7223), BN_DEF(0x7E013723, 0xE48C86D3), ++ BN_DEF(0x6AF71C15, 0xC44D0017), BN_DEF(0xA40E366B, 0x2004A1C5), ++ BN_DEF(0x75C3CFC9, 0x1AC8237A), BN_DEF(0x8F67D134, 0xFD79B5E1), ++ BN_DEF(0xBF73A6B9, 0xD8EA885E), BN_DEF(0xAEF6BF50, 0xFCD5A40C), ++ BN_DEF(0x8423428E, 0xB2798E62), BN_DEF(0xD012AEE0, 0x22CBF44C), ++ BN_DEF(0x3A55B51B, 0xEF988770), BN_DEF(0x1FA27C16, 0x369509FC), ++ BN_DEF(0xD9D13C53, 0x03159E7A), BN_DEF(0xF6ADEE9D, 0x3CB41981), ++ BN_DEF(0xD16043F4, 0xFD4EA5BF), BN_DEF(0x17C1C2EE, 0xA5E5E443), ++ BN_DEF(0x36751835, 0x9A39FE32), BN_DEF(0x0D11F863, 0x89F5ABD4), ++ BN_DEF(0x5201BE03, 0x91111702), BN_DEF(0x7E42456C, 0xF1FEDC5F), ++ BN_DEF(0xF1CEB296, 0x11C78B65), BN_DEF(0x15F8E4BC, 0x1A11DA3A), ++ BN_DEF(0x2D727AB4, 0x1D55B1CE), BN_DEF(0xB5D21233, 0x92BB7B49), ++ BN_DEF(0xC57E23F6, 0x3A0FD3DF), BN_DEF(0x46CEE980, 0x1DE4195B), ++ BN_DEF(0x39DC98DD, 0x6C5F6268), BN_DEF(0x54996FC6, 0x1C3BBE5B), ++ BN_DEF(0x897F72F2, 0xBA51C937), BN_DEF(0x36DF08AC, 0x734A7C8F), ++ BN_DEF(0x85BA3A6B, 0x095F96AD), BN_DEF(0x1FA43077, 0x021F47B3), ++ BN_DEF(0xB71E0234, 0x1C3FF46B), BN_DEF(0x17794B19, 0x6D2B64F6), ++ BN_DEF(0xD189EAAE, 0x758CE658), BN_DEF(0xC50FDFF8, 0x7AA8551E), ++ BN_DEF(0xDBE2ED3B, 0x0350EAC5), BN_DEF(0x794DF194, 0x53CB8AF7), ++ BN_DEF(0x07C01BF0, 0x0A662F69), BN_DEF(0x5FA470EC, 0x6647B6BF), ++ BN_DEF(0x15A0AA55, 0xA5EA03D9), BN_DEF(0xFFAC2D62, 0x078EA2DB), ++ BN_DEF(0x1B66445F, 0x91D4BD3F), BN_DEF(0xDF63F479, 0x2CF3E4BF), ++ BN_DEF(0xC8058E4F, 0x5AD42018), BN_DEF(0xA34C0641, 0x6AAF3817), ++ BN_DEF(0x373A7F7B, 0xFA416BE7), BN_DEF(0xE8B90E81, 0x7819750A), ++ BN_DEF(0xE325C976, 0xACC1E500), BN_DEF(0x9BC6695F, 0x37DC7A00), ++ BN_DEF(0x95EBD7A1, 0x999028A8), BN_DEF(0xF36612A5, 0xEDBF8A23), ++ BN_DEF(0x676A5D8D, 0xA267365D), BN_DEF(0xE7CD8A76, 0x6D1F6DF5), ++ BN_DEF(0x432D448C, 0x8BCB93D8), BN_DEF(0xC813EC18, 0x583529F6), ++ BN_DEF(0xA09800D7, 0x72ED9C17), BN_DEF(0x56CF2987, 0xFC7FCA03), ++ BN_DEF(0x1EDD1BDE, 0x64BA8F3B), BN_DEF(0x3013236F, 0x60EA6E59), ++ BN_DEF(0x693E3813, 0x1B61FD5A), BN_DEF(0x9A014249, 0xA6FA1AE4), ++ BN_DEF(0x48536047, 0xC37FDBEE), BN_DEF(0x46C7EEE0, 0xC9DA754C), ++ BN_DEF(0xEAD82D54, 0x68034893), BN_DEF(0x10B8240E, 0xDC0DEEBB), ++ BN_DEF(0x67716BD7, 0x8FB094B8), BN_DEF(0x28ADF3F6, 0x119DD0C3), ++ BN_DEF(0xD04861D1, 0xCCD94B27), BN_DEF(0xA735E02E, 0x143E2CA3), ++ BN_DEF(0x0FDF6553, 0x97477E0A), BN_DEF(0x826F477C, 0x6DDDE16D), ++ BN_DEF(0x156A2674, 0x12C1F4E5), BN_DEF(0x5B0A85ED, 0x0D4A341A), ++ BN_DEF(0x357A711E, 0x4CE1938C), BN_DEF(0x5EDD2D93, 0xC438CD08), ++ BN_DEF(0x53C3F36B, 0x8D391E09), BN_DEF(0x54908400, 0x25C16890), ++ BN_DEF(0x707E8847, 0xA1EDADFE), BN_DEF(0x3A72D598, 0x047127D0), ++ BN_DEF(0x5D6CA371, 0x3B84C460), BN_DEF(0xBD30AEB6, 0x5DF08BAB), ++ BN_DEF(0x0BBD9006, 0x290F958C), BN_DEF(0x9F643532, 0x6C3B0139), ++ BN_DEF(0x6CC50432, 0xF897FD03), BN_DEF(0x0D697735, 0xE771E913), ++ BN_DEF(0x2512B0CE, 0x8F464A70), BN_DEF(0x6D8499EB, 0xD5FAD746), ++ BN_DEF(0xD370F263, 0xD9CB87C2), BN_DEF(0xAE83063E, 0x457538AB), ++ BN_DEF(0x2C6DF785, 0x767DC282), BN_DEF(0xEF8E5D32, 0xD42A90D5), ++ BN_DEF(0x82283D19, 0xD6998B86), BN_DEF(0x45556216, 0x0AB9472D), ++ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), ++ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), ++ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), ++ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), ++ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), ++ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), ++ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), ++ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), ++ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), ++ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), ++ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), ++ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), ++ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), ++ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), ++ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + +-# elif BN_BITS2 == 32 +- ++/* DH parameters from RFC5114 */ + static const BN_ULONG dh1024_160_p[] = { +- 0x2E4A4371, 0xDF1FB2BC, 0x6D4DA708, 0xE68CFDA7, 0x365C1A65, 0x45BF37DF, +- 0x0DC8B4BD, 0xA151AF5F, 0xF55BCCC0, 0xFAA31A4F, 0xE5644738, 0x4EFFD6FA, +- 0x219A7372, 0x98488E9C, 0x90C4BD70, 0xACCBDD7D, 0xD49B83BF, 0x24975C3C, +- 0xA9061123, 0x13ECB4AE, 0x2EE652C0, 0x9838EF1E, 0x75A23D18, 0x6073E286, +- 0x52D23B61, 0x9A6A9DCA, 0xFB06A3C6, 0x52C99FBC, 0xAE5D54EC, 0xDE92DE5E, +- 0xA080E01D, 0xB10B8F96 ++ BN_DEF(0x2E4A4371, 0xDF1FB2BC), BN_DEF(0x6D4DA708, 0xE68CFDA7), ++ BN_DEF(0x365C1A65, 0x45BF37DF), BN_DEF(0x0DC8B4BD, 0xA151AF5F), ++ BN_DEF(0xF55BCCC0, 0xFAA31A4F), BN_DEF(0xE5644738, 0x4EFFD6FA), ++ BN_DEF(0x219A7372, 0x98488E9C), BN_DEF(0x90C4BD70, 0xACCBDD7D), ++ BN_DEF(0xD49B83BF, 0x24975C3C), BN_DEF(0xA9061123, 0x13ECB4AE), ++ BN_DEF(0x2EE652C0, 0x9838EF1E), BN_DEF(0x75A23D18, 0x6073E286), ++ BN_DEF(0x52D23B61, 0x9A6A9DCA), BN_DEF(0xFB06A3C6, 0x52C99FBC), ++ BN_DEF(0xAE5D54EC, 0xDE92DE5E), BN_DEF(0xA080E01D, 0xB10B8F96) + }; +- +-static const BN_ULONG dh1024_160_g[] = { +- 0x22B3B2E5, 0x855E6EEB, 0xF97C2A24, 0x858F4DCE, 0x18D08BC8, 0x2D779D59, +- 0x8E73AFA3, 0xD662A4D1, 0x69B6A28A, 0x1DBF0A01, 0x7A091F53, 0xA6A24C08, +- 0x63F80A76, 0x909D0D22, 0xB9A92EE1, 0xD7FBD7D3, 0x9E2749F4, 0x5E91547F, +- 0xB01B886A, 0x160217B4, 0x5504F213, 0x777E690F, 0x5C41564B, 0x266FEA1E, +- 0x14266D31, 0xD6406CFF, 0x58AC507F, 0xF8104DD2, 0xEFB99905, 0x6765A442, +- 0xC3FD3412, 0xA4D1CBD5 +-}; +- + static const BN_ULONG dh1024_160_q[] = { +- 0x49462353, 0x64B7CB9D, 0x8ABA4E7D, 0x81A8DF27, 0xF518AA87 ++ BN_DEF(0x49462353, 0x64B7CB9D), BN_DEF(0x8ABA4E7D, 0x81A8DF27), ++ (BN_ULONG)0xF518AA87 + }; +- +-static const BN_ULONG dh2048_224_p[] = { +- 0x0C10E64F, 0x0AC4DFFE, 0x4E71B81C, 0xCF9DE538, 0xFFA31F71, 0x7EF363E2, +- 0x6B8E75B9, 0xE3FB73C1, 0x4BA80A29, 0xC9B53DCF, 0x16E79763, 0x23F10B0E, +- 0x13042E9B, 0xC52172E4, 0xC928B2B9, 0xBE60E69C, 0xB9E587E8, 0x80CD86A1, +- 0x98C641A4, 0x315D75E1, 0x44328387, 0xCDF93ACC, 0xDC0A486D, 0x15987D9A, +- 0x1FD5A074, 0x7310F712, 0xDE31EFDC, 0x278273C7, 0x415D9330, 0x1602E714, +- 0xBC8985DB, 0x81286130, 0x70918836, 0xB3BF8A31, 0xB9C49708, 0x6A00E0A0, +- 0x8BBC27BE, 0xC6BA0B2C, 0xED34DBF6, 0xC9F98D11, 0xB6C12207, 0x7AD5B7D0, +- 0x55B7394B, 0xD91E8FEF, 0xEFDA4DF8, 0x9037C9ED, 0xAD6AC212, 0x6D3F8152, +- 0x1274A0A6, 0x1DE6B85A, 0x309C180E, 0xEB3D688A, 0x7BA1DF15, 0xAF9A3C40, +- 0xF95A56DB, 0xE6FA141D, 0xB61D0A75, 0xB54B1597, 0x683B9FD1, 0xA20D64E5, +- 0x9559C51F, 0xD660FAA7, 0x9123A9D0, 0xAD107E1E ++static const BN_ULONG dh1024_160_g[] = { ++ BN_DEF(0x22B3B2E5, 0x855E6EEB), BN_DEF(0xF97C2A24, 0x858F4DCE), ++ BN_DEF(0x18D08BC8, 0x2D779D59), BN_DEF(0x8E73AFA3, 0xD662A4D1), ++ BN_DEF(0x69B6A28A, 0x1DBF0A01), BN_DEF(0x7A091F53, 0xA6A24C08), ++ BN_DEF(0x63F80A76, 0x909D0D22), BN_DEF(0xB9A92EE1, 0xD7FBD7D3), ++ BN_DEF(0x9E2749F4, 0x5E91547F), BN_DEF(0xB01B886A, 0x160217B4), ++ BN_DEF(0x5504F213, 0x777E690F), BN_DEF(0x5C41564B, 0x266FEA1E), ++ BN_DEF(0x14266D31, 0xD6406CFF), BN_DEF(0x58AC507F, 0xF8104DD2), ++ BN_DEF(0xEFB99905, 0x6765A442), BN_DEF(0xC3FD3412, 0xA4D1CBD5) + }; + +-static const BN_ULONG dh2048_224_g[] = { +- 0x191F2BFA, 0x84B890D3, 0x2A7065B3, 0x81BC087F, 0xF6EC0179, 0x19C418E1, +- 0x71CFFF4C, 0x7B5A0F1C, 0x9B6AA4BD, 0xEDFE72FE, 0x94B30269, 0x81E1BCFE, +- 0x8D6C0191, 0x566AFBB4, 0x409D13CD, 0xB539CCE3, 0x5F2FF381, 0x6AA21E7F, +- 0x770589EF, 0xD9E263E4, 0xD19963DD, 0x10E183ED, 0x150B8EEB, 0xB70A8137, +- 0x28C8F8AC, 0x051AE3D4, 0x0C1AB15B, 0xBB77A86F, 0x16A330EF, 0x6E3025E3, +- 0xD6F83456, 0x19529A45, 0x118E98D1, 0xF180EB34, 0x50717CBE, 0xB5F6C6B2, +- 0xDA7460CD, 0x09939D54, 0x22EA1ED4, 0xE2471504, 0x521BC98A, 0xB8A762D0, +- 0x5AC1348B, 0xF4D02727, 0x1999024A, 0xC1766910, 0xA8D66AD7, 0xBE5E9001, +- 0x620A8652, 0xC57DB17C, 0x00C29F52, 0xAB739D77, 0xA70C4AFA, 0xDD921F01, +- 0x10B9A6F0, 0xA6824A4E, 0xCFE4FFE3, 0x74866A08, 0x89998CAF, 0x6CDEBE7B, +- 0x8FFDAC50, 0x9DF30B5C, 0x4F2D9AE3, 0xAC4032EF ++static const BN_ULONG dh2048_224_p[] = { ++ BN_DEF(0x0C10E64F, 0x0AC4DFFE), BN_DEF(0x4E71B81C, 0xCF9DE538), ++ BN_DEF(0xFFA31F71, 0x7EF363E2), BN_DEF(0x6B8E75B9, 0xE3FB73C1), ++ BN_DEF(0x4BA80A29, 0xC9B53DCF), BN_DEF(0x16E79763, 0x23F10B0E), ++ BN_DEF(0x13042E9B, 0xC52172E4), BN_DEF(0xC928B2B9, 0xBE60E69C), ++ BN_DEF(0xB9E587E8, 0x80CD86A1), BN_DEF(0x98C641A4, 0x315D75E1), ++ BN_DEF(0x44328387, 0xCDF93ACC), BN_DEF(0xDC0A486D, 0x15987D9A), ++ BN_DEF(0x1FD5A074, 0x7310F712), BN_DEF(0xDE31EFDC, 0x278273C7), ++ BN_DEF(0x415D9330, 0x1602E714), BN_DEF(0xBC8985DB, 0x81286130), ++ BN_DEF(0x70918836, 0xB3BF8A31), BN_DEF(0xB9C49708, 0x6A00E0A0), ++ BN_DEF(0x8BBC27BE, 0xC6BA0B2C), BN_DEF(0xED34DBF6, 0xC9F98D11), ++ BN_DEF(0xB6C12207, 0x7AD5B7D0), BN_DEF(0x55B7394B, 0xD91E8FEF), ++ BN_DEF(0xEFDA4DF8, 0x9037C9ED), BN_DEF(0xAD6AC212, 0x6D3F8152), ++ BN_DEF(0x1274A0A6, 0x1DE6B85A), BN_DEF(0x309C180E, 0xEB3D688A), ++ BN_DEF(0x7BA1DF15, 0xAF9A3C40), BN_DEF(0xF95A56DB, 0xE6FA141D), ++ BN_DEF(0xB61D0A75, 0xB54B1597), BN_DEF(0x683B9FD1, 0xA20D64E5), ++ BN_DEF(0x9559C51F, 0xD660FAA7), BN_DEF(0x9123A9D0, 0xAD107E1E) + }; +- + static const BN_ULONG dh2048_224_q[] = { +- 0xB36371EB, 0xBF389A99, 0x4738CEBC, 0x1F80535A, 0x99717710, 0xC58D93FE, +- 0x801C0D34 ++ BN_DEF(0xB36371EB, 0xBF389A99), BN_DEF(0x4738CEBC, 0x1F80535A), ++ BN_DEF(0x99717710, 0xC58D93FE), (BN_ULONG)0x801C0D34 + }; +- +-static const BN_ULONG dh2048_256_p[] = { +- 0x1E1A1597, 0xDB094AE9, 0xD7EF09CA, 0x693877FA, 0x6E11715F, 0x6116D227, +- 0xC198AF12, 0xA4B54330, 0xD7014103, 0x75F26375, 0x54E710C3, 0xC3A3960A, +- 0xBD0BE621, 0xDED4010A, 0x89962856, 0xC0B857F6, 0x71506026, 0xB3CA3F79, +- 0xE6B486F6, 0x1CCACB83, 0x14056425, 0x67E144E5, 0xA41825D9, 0xF6A167B5, +- 0x96524D8E, 0x3AD83477, 0x51BFA4AB, 0xF13C6D9A, 0x35488A0E, 0x2D525267, +- 0xCAA6B790, 0xB63ACAE1, 0x81B23F76, 0x4FDB70C5, 0x12307F5C, 0xBC39A0BF, +- 0xB1E59BB8, 0xB941F54E, 0xD45F9088, 0x6C5BFC11, 0x4275BF7B, 0x22E0B1EF, +- 0x5B4758C0, 0x91F9E672, 0x6BCF67ED, 0x5A8A9D30, 0x97517ABD, 0x209E0C64, +- 0x830E9A7C, 0x3BF4296D, 0x34096FAA, 0x16C3D911, 0x61B2AA30, 0xFAF7DF45, +- 0xD61957D4, 0xE00DF8F1, 0x435E3B00, 0x5D2CEED4, 0x660DD0F2, 0x8CEEF608, +- 0x65195999, 0xFFBBD19C, 0xB4B6663C, 0x87A8E61D ++static const BN_ULONG dh2048_224_g[] = { ++ BN_DEF(0x191F2BFA, 0x84B890D3), BN_DEF(0x2A7065B3, 0x81BC087F), ++ BN_DEF(0xF6EC0179, 0x19C418E1), BN_DEF(0x71CFFF4C, 0x7B5A0F1C), ++ BN_DEF(0x9B6AA4BD, 0xEDFE72FE), BN_DEF(0x94B30269, 0x81E1BCFE), ++ BN_DEF(0x8D6C0191, 0x566AFBB4), BN_DEF(0x409D13CD, 0xB539CCE3), ++ BN_DEF(0x5F2FF381, 0x6AA21E7F), BN_DEF(0x770589EF, 0xD9E263E4), ++ BN_DEF(0xD19963DD, 0x10E183ED), BN_DEF(0x150B8EEB, 0xB70A8137), ++ BN_DEF(0x28C8F8AC, 0x051AE3D4), BN_DEF(0x0C1AB15B, 0xBB77A86F), ++ BN_DEF(0x16A330EF, 0x6E3025E3), BN_DEF(0xD6F83456, 0x19529A45), ++ BN_DEF(0x118E98D1, 0xF180EB34), BN_DEF(0x50717CBE, 0xB5F6C6B2), ++ BN_DEF(0xDA7460CD, 0x09939D54), BN_DEF(0x22EA1ED4, 0xE2471504), ++ BN_DEF(0x521BC98A, 0xB8A762D0), BN_DEF(0x5AC1348B, 0xF4D02727), ++ BN_DEF(0x1999024A, 0xC1766910), BN_DEF(0xA8D66AD7, 0xBE5E9001), ++ BN_DEF(0x620A8652, 0xC57DB17C), BN_DEF(0x00C29F52, 0xAB739D77), ++ BN_DEF(0xA70C4AFA, 0xDD921F01), BN_DEF(0x10B9A6F0, 0xA6824A4E), ++ BN_DEF(0xCFE4FFE3, 0x74866A08), BN_DEF(0x89998CAF, 0x6CDEBE7B), ++ BN_DEF(0x8FFDAC50, 0x9DF30B5C), BN_DEF(0x4F2D9AE3, 0xAC4032EF) + }; + +-static const BN_ULONG dh2048_256_g[] = { +- 0x6CC41659, 0x664B4C0F, 0xEF98C582, 0x5E2327CF, 0xD4795451, 0xD647D148, +- 0x90F00EF8, 0x2F630784, 0x1DB246C3, 0x184B523D, 0xCDC67EB6, 0xC7891428, +- 0x0DF92B52, 0x7FD02837, 0x64E0EC37, 0xB3353BBB, 0x57CD0915, 0xECD06E15, +- 0xDF016199, 0xB7D2BBD2, 0x052588B9, 0xC8484B1E, 0x13D3FE14, 0xDB2A3B73, +- 0xD182EA0A, 0xD052B985, 0xE83B9C80, 0xA4BD1BFF, 0xFB3F2E55, 0xDFC967C1, +- 0x767164E1, 0xB5045AF2, 0x6F2F9193, 0x1D14348F, 0x428EBC83, 0x64E67982, +- 0x82D6ED38, 0x8AC376D2, 0xAAB8A862, 0x777DE62A, 0xE9EC144B, 0xDDF463E5, +- 0xC77A57F2, 0x0196F931, 0x41000A65, 0xA55AE313, 0xC28CBB18, 0x901228F8, +- 0x7E8C6F62, 0xBC3773BF, 0x0C6B47B1, 0xBE3A6C1B, 0xAC0BB555, 0xFF4FED4A, +- 0x77BE463F, 0x10DBC150, 0x1A0BA125, 0x07F4793A, 0x21EF2054, 0x4CA7B18F, +- 0x60EDBD48, 0x2E775066, 0x73134D0B, 0x3FB32C9B ++static const BN_ULONG dh2048_256_p[] = { ++ BN_DEF(0x1E1A1597, 0xDB094AE9), BN_DEF(0xD7EF09CA, 0x693877FA), ++ BN_DEF(0x6E11715F, 0x6116D227), BN_DEF(0xC198AF12, 0xA4B54330), ++ BN_DEF(0xD7014103, 0x75F26375), BN_DEF(0x54E710C3, 0xC3A3960A), ++ BN_DEF(0xBD0BE621, 0xDED4010A), BN_DEF(0x89962856, 0xC0B857F6), ++ BN_DEF(0x71506026, 0xB3CA3F79), BN_DEF(0xE6B486F6, 0x1CCACB83), ++ BN_DEF(0x14056425, 0x67E144E5), BN_DEF(0xA41825D9, 0xF6A167B5), ++ BN_DEF(0x96524D8E, 0x3AD83477), BN_DEF(0x51BFA4AB, 0xF13C6D9A), ++ BN_DEF(0x35488A0E, 0x2D525267), BN_DEF(0xCAA6B790, 0xB63ACAE1), ++ BN_DEF(0x81B23F76, 0x4FDB70C5), BN_DEF(0x12307F5C, 0xBC39A0BF), ++ BN_DEF(0xB1E59BB8, 0xB941F54E), BN_DEF(0xD45F9088, 0x6C5BFC11), ++ BN_DEF(0x4275BF7B, 0x22E0B1EF), BN_DEF(0x5B4758C0, 0x91F9E672), ++ BN_DEF(0x6BCF67ED, 0x5A8A9D30), BN_DEF(0x97517ABD, 0x209E0C64), ++ BN_DEF(0x830E9A7C, 0x3BF4296D), BN_DEF(0x34096FAA, 0x16C3D911), ++ BN_DEF(0x61B2AA30, 0xFAF7DF45), BN_DEF(0xD61957D4, 0xE00DF8F1), ++ BN_DEF(0x435E3B00, 0x5D2CEED4), BN_DEF(0x660DD0F2, 0x8CEEF608), ++ BN_DEF(0x65195999, 0xFFBBD19C), BN_DEF(0xB4B6663C, 0x87A8E61D) + }; +- + static const BN_ULONG dh2048_256_q[] = { +- 0x64F5FBD3, 0xA308B0FE, 0x1EB3750B, 0x99B1A47D, 0x40129DA2, 0xB4479976, +- 0xA709A097, 0x8CF83642 ++ BN_DEF(0x64F5FBD3, 0xA308B0FE), BN_DEF(0x1EB3750B, 0x99B1A47D), ++ BN_DEF(0x40129DA2, 0xB4479976), BN_DEF(0xA709A097, 0x8CF83642) ++}; ++static const BN_ULONG dh2048_256_g[] = { ++ BN_DEF(0x6CC41659, 0x664B4C0F), BN_DEF(0xEF98C582, 0x5E2327CF), ++ BN_DEF(0xD4795451, 0xD647D148), BN_DEF(0x90F00EF8, 0x2F630784), ++ BN_DEF(0x1DB246C3, 0x184B523D), BN_DEF(0xCDC67EB6, 0xC7891428), ++ BN_DEF(0x0DF92B52, 0x7FD02837), BN_DEF(0x64E0EC37, 0xB3353BBB), ++ BN_DEF(0x57CD0915, 0xECD06E15), BN_DEF(0xDF016199, 0xB7D2BBD2), ++ BN_DEF(0x052588B9, 0xC8484B1E), BN_DEF(0x13D3FE14, 0xDB2A3B73), ++ BN_DEF(0xD182EA0A, 0xD052B985), BN_DEF(0xE83B9C80, 0xA4BD1BFF), ++ BN_DEF(0xFB3F2E55, 0xDFC967C1), BN_DEF(0x767164E1, 0xB5045AF2), ++ BN_DEF(0x6F2F9193, 0x1D14348F), BN_DEF(0x428EBC83, 0x64E67982), ++ BN_DEF(0x82D6ED38, 0x8AC376D2), BN_DEF(0xAAB8A862, 0x777DE62A), ++ BN_DEF(0xE9EC144B, 0xDDF463E5), BN_DEF(0xC77A57F2, 0x0196F931), ++ BN_DEF(0x41000A65, 0xA55AE313), BN_DEF(0xC28CBB18, 0x901228F8), ++ BN_DEF(0x7E8C6F62, 0xBC3773BF), BN_DEF(0x0C6B47B1, 0xBE3A6C1B), ++ BN_DEF(0xAC0BB555, 0xFF4FED4A), BN_DEF(0x77BE463F, 0x10DBC150), ++ BN_DEF(0x1A0BA125, 0x07F4793A), BN_DEF(0x21EF2054, 0x4CA7B18F), ++ BN_DEF(0x60EDBD48, 0x2E775066), BN_DEF(0x73134D0B, 0x3FB32C9B) + }; + + /* Primes from RFC 7919 */ +- + static const BN_ULONG ffdhe2048_p[] = { +- 0xFFFFFFFF, 0xFFFFFFFF, 0x61285C97, 0x886B4238, 0xC1B2EFFA, 0xC6F34A26, +- 0x7D1683B2, 0xC58EF183, 0x2EC22005, 0x3BB5FCBC, 0x4C6FAD73, 0xC3FE3B1B, +- 0xEEF28183, 0x8E4F1232, 0xE98583FF, 0x9172FE9C, 0x28342F61, 0xC03404CD, +- 0xCDF7E2EC, 0x9E02FCE1, 0xEE0A6D70, 0x0B07A7C8, 0x6372BB19, 0xAE56EDE7, +- 0xDE394DF4, 0x1D4F42A3, 0x60D7F468, 0xB96ADAB7, 0xB2C8E3FB, 0xD108A94B, +- 0xB324FB61, 0xBC0AB182, 0x483A797A, 0x30ACCA4F, 0x36ADE735, 0x1DF158A1, +- 0xF3EFE872, 0xE2A689DA, 0xE0E68B77, 0x984F0C70, 0x7F57C935, 0xB557135E, +- 0x3DED1AF3, 0x85636555, 0x5F066ED0, 0x2433F51F, 0xD5FD6561, 0xD3DF1ED5, +- 0xAEC4617A, 0xF681B202, 0x630C75D8, 0x7D2FE363, 0x249B3EF9, 0xCC939DCE, +- 0x146433FB, 0xA9E13641, 0xCE2D3695, 0xD8B9C583, 0x273D3CF1, 0xAFDC5620, +- 0xA2BB4A9A, 0xADF85458, 0xFFFFFFFF, 0xFFFFFFFF ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x61285C97, 0x886B4238), ++ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), ++ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), ++ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), ++ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), ++ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), ++ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), ++ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), ++ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), ++ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), ++ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), ++ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), ++ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), ++ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), ++ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), ++ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG ffdhe2048_q[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x30942E4B, 0x4435A11C), ++ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), ++ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), ++ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), ++ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), ++ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), ++ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), ++ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), ++ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), ++ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), ++ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), ++ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), ++ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), ++ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), ++ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), ++ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + + static const BN_ULONG ffdhe3072_p[] = { +- 0xFFFFFFFF, 0xFFFFFFFF, 0x66C62E37, 0x25E41D2B, 0x3FD59D7C, 0x3C1B20EE, +- 0xFA53DDEF, 0x0ABCD06B, 0xD5C4484E, 0x1DBF9A42, 0x9B0DEADA, 0xABC52197, +- 0x22363A0D, 0xE86D2BC5, 0x9C9DF69E, 0x5CAE82AB, 0x71F54BFF, 0x64F2E21E, +- 0xE2D74DD3, 0xF4FD4452, 0xBC437944, 0xB4130C93, 0x85139270, 0xAEFE1309, +- 0xC186D91C, 0x598CB0FA, 0x91F7F7EE, 0x7AD91D26, 0xD6E6C907, 0x61B46FC9, +- 0xF99C0238, 0xBC34F4DE, 0x6519035B, 0xDE355B3B, 0x611FCFDC, 0x886B4238, +- 0xC1B2EFFA, 0xC6F34A26, 0x7D1683B2, 0xC58EF183, 0x2EC22005, 0x3BB5FCBC, +- 0x4C6FAD73, 0xC3FE3B1B, 0xEEF28183, 0x8E4F1232, 0xE98583FF, 0x9172FE9C, +- 0x28342F61, 0xC03404CD, 0xCDF7E2EC, 0x9E02FCE1, 0xEE0A6D70, 0x0B07A7C8, +- 0x6372BB19, 0xAE56EDE7, 0xDE394DF4, 0x1D4F42A3, 0x60D7F468, 0xB96ADAB7, +- 0xB2C8E3FB, 0xD108A94B, 0xB324FB61, 0xBC0AB182, 0x483A797A, 0x30ACCA4F, +- 0x36ADE735, 0x1DF158A1, 0xF3EFE872, 0xE2A689DA, 0xE0E68B77, 0x984F0C70, +- 0x7F57C935, 0xB557135E, 0x3DED1AF3, 0x85636555, 0x5F066ED0, 0x2433F51F, +- 0xD5FD6561, 0xD3DF1ED5, 0xAEC4617A, 0xF681B202, 0x630C75D8, 0x7D2FE363, +- 0x249B3EF9, 0xCC939DCE, 0x146433FB, 0xA9E13641, 0xCE2D3695, 0xD8B9C583, +- 0x273D3CF1, 0xAFDC5620, 0xA2BB4A9A, 0xADF85458, 0xFFFFFFFF, 0xFFFFFFFF ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x66C62E37, 0x25E41D2B), ++ BN_DEF(0x3FD59D7C, 0x3C1B20EE), BN_DEF(0xFA53DDEF, 0x0ABCD06B), ++ BN_DEF(0xD5C4484E, 0x1DBF9A42), BN_DEF(0x9B0DEADA, 0xABC52197), ++ BN_DEF(0x22363A0D, 0xE86D2BC5), BN_DEF(0x9C9DF69E, 0x5CAE82AB), ++ BN_DEF(0x71F54BFF, 0x64F2E21E), BN_DEF(0xE2D74DD3, 0xF4FD4452), ++ BN_DEF(0xBC437944, 0xB4130C93), BN_DEF(0x85139270, 0xAEFE1309), ++ BN_DEF(0xC186D91C, 0x598CB0FA), BN_DEF(0x91F7F7EE, 0x7AD91D26), ++ BN_DEF(0xD6E6C907, 0x61B46FC9), BN_DEF(0xF99C0238, 0xBC34F4DE), ++ BN_DEF(0x6519035B, 0xDE355B3B), BN_DEF(0x611FCFDC, 0x886B4238), ++ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), ++ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), ++ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), ++ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), ++ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), ++ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), ++ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), ++ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), ++ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), ++ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), ++ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), ++ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), ++ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), ++ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), ++ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG ffdhe3072_q[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xB363171B, 0x12F20E95), ++ BN_DEF(0x1FEACEBE, 0x9E0D9077), BN_DEF(0xFD29EEF7, 0x055E6835), ++ BN_DEF(0x6AE22427, 0x0EDFCD21), BN_DEF(0xCD86F56D, 0xD5E290CB), ++ BN_DEF(0x911B1D06, 0x743695E2), BN_DEF(0xCE4EFB4F, 0xAE574155), ++ BN_DEF(0x38FAA5FF, 0xB279710F), BN_DEF(0x716BA6E9, 0x7A7EA229), ++ BN_DEF(0xDE21BCA2, 0x5A098649), BN_DEF(0xC289C938, 0x577F0984), ++ BN_DEF(0x60C36C8E, 0x2CC6587D), BN_DEF(0x48FBFBF7, 0xBD6C8E93), ++ BN_DEF(0xEB736483, 0x30DA37E4), BN_DEF(0x7CCE011C, 0xDE1A7A6F), ++ BN_DEF(0xB28C81AD, 0x6F1AAD9D), BN_DEF(0x308FE7EE, 0x4435A11C), ++ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), ++ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), ++ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), ++ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), ++ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), ++ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), ++ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), ++ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), ++ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), ++ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), ++ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), ++ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), ++ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), ++ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), ++ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + + static const BN_ULONG ffdhe4096_p[] = { +- 0xFFFFFFFF, 0xFFFFFFFF, 0x5E655F6A, 0xC68A007E, 0xF44182E1, 0x4DB5A851, +- 0x7F88A46B, 0x8EC9B55A, 0xCEC97DCF, 0x0A8291CD, 0xF98D0ACC, 0x2A4ECEA9, +- 0x7140003C, 0x1A1DB93D, 0x33CB8B7A, 0x092999A3, 0x71AD0038, 0x6DC778F9, +- 0x918130C4, 0xA907600A, 0x2D9E6832, 0xED6A1E01, 0xEFB4318A, 0x7135C886, +- 0x7E31CC7A, 0x87F55BA5, 0x55034004, 0x7763CF1D, 0xD69F6D18, 0xAC7D5F42, +- 0xE58857B6, 0x7930E9E4, 0x164DF4FB, 0x6E6F52C3, 0x669E1EF1, 0x25E41D2B, +- 0x3FD59D7C, 0x3C1B20EE, 0xFA53DDEF, 0x0ABCD06B, 0xD5C4484E, 0x1DBF9A42, +- 0x9B0DEADA, 0xABC52197, 0x22363A0D, 0xE86D2BC5, 0x9C9DF69E, 0x5CAE82AB, +- 0x71F54BFF, 0x64F2E21E, 0xE2D74DD3, 0xF4FD4452, 0xBC437944, 0xB4130C93, +- 0x85139270, 0xAEFE1309, 0xC186D91C, 0x598CB0FA, 0x91F7F7EE, 0x7AD91D26, +- 0xD6E6C907, 0x61B46FC9, 0xF99C0238, 0xBC34F4DE, 0x6519035B, 0xDE355B3B, +- 0x611FCFDC, 0x886B4238, 0xC1B2EFFA, 0xC6F34A26, 0x7D1683B2, 0xC58EF183, +- 0x2EC22005, 0x3BB5FCBC, 0x4C6FAD73, 0xC3FE3B1B, 0xEEF28183, 0x8E4F1232, +- 0xE98583FF, 0x9172FE9C, 0x28342F61, 0xC03404CD, 0xCDF7E2EC, 0x9E02FCE1, +- 0xEE0A6D70, 0x0B07A7C8, 0x6372BB19, 0xAE56EDE7, 0xDE394DF4, 0x1D4F42A3, +- 0x60D7F468, 0xB96ADAB7, 0xB2C8E3FB, 0xD108A94B, 0xB324FB61, 0xBC0AB182, +- 0x483A797A, 0x30ACCA4F, 0x36ADE735, 0x1DF158A1, 0xF3EFE872, 0xE2A689DA, +- 0xE0E68B77, 0x984F0C70, 0x7F57C935, 0xB557135E, 0x3DED1AF3, 0x85636555, +- 0x5F066ED0, 0x2433F51F, 0xD5FD6561, 0xD3DF1ED5, 0xAEC4617A, 0xF681B202, +- 0x630C75D8, 0x7D2FE363, 0x249B3EF9, 0xCC939DCE, 0x146433FB, 0xA9E13641, +- 0xCE2D3695, 0xD8B9C583, 0x273D3CF1, 0xAFDC5620, 0xA2BB4A9A, 0xADF85458, +- 0xFFFFFFFF, 0xFFFFFFFF ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x5E655F6A, 0xC68A007E), ++ BN_DEF(0xF44182E1, 0x4DB5A851), BN_DEF(0x7F88A46B, 0x8EC9B55A), ++ BN_DEF(0xCEC97DCF, 0x0A8291CD), BN_DEF(0xF98D0ACC, 0x2A4ECEA9), ++ BN_DEF(0x7140003C, 0x1A1DB93D), BN_DEF(0x33CB8B7A, 0x092999A3), ++ BN_DEF(0x71AD0038, 0x6DC778F9), BN_DEF(0x918130C4, 0xA907600A), ++ BN_DEF(0x2D9E6832, 0xED6A1E01), BN_DEF(0xEFB4318A, 0x7135C886), ++ BN_DEF(0x7E31CC7A, 0x87F55BA5), BN_DEF(0x55034004, 0x7763CF1D), ++ BN_DEF(0xD69F6D18, 0xAC7D5F42), BN_DEF(0xE58857B6, 0x7930E9E4), ++ BN_DEF(0x164DF4FB, 0x6E6F52C3), BN_DEF(0x669E1EF1, 0x25E41D2B), ++ BN_DEF(0x3FD59D7C, 0x3C1B20EE), BN_DEF(0xFA53DDEF, 0x0ABCD06B), ++ BN_DEF(0xD5C4484E, 0x1DBF9A42), BN_DEF(0x9B0DEADA, 0xABC52197), ++ BN_DEF(0x22363A0D, 0xE86D2BC5), BN_DEF(0x9C9DF69E, 0x5CAE82AB), ++ BN_DEF(0x71F54BFF, 0x64F2E21E), BN_DEF(0xE2D74DD3, 0xF4FD4452), ++ BN_DEF(0xBC437944, 0xB4130C93), BN_DEF(0x85139270, 0xAEFE1309), ++ BN_DEF(0xC186D91C, 0x598CB0FA), BN_DEF(0x91F7F7EE, 0x7AD91D26), ++ BN_DEF(0xD6E6C907, 0x61B46FC9), BN_DEF(0xF99C0238, 0xBC34F4DE), ++ BN_DEF(0x6519035B, 0xDE355B3B), BN_DEF(0x611FCFDC, 0x886B4238), ++ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), ++ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), ++ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), ++ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), ++ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), ++ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), ++ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), ++ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), ++ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), ++ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), ++ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), ++ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), ++ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), ++ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), ++ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG ffdhe4096_q[] = { ++ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0x2F32AFB5, 0xE345003F), ++ BN_DEF(0xFA20C170, 0xA6DAD428), BN_DEF(0x3FC45235, 0xC764DAAD), ++ BN_DEF(0xE764BEE7, 0x054148E6), BN_DEF(0xFCC68566, 0x15276754), ++ BN_DEF(0xB8A0001E, 0x0D0EDC9E), BN_DEF(0x99E5C5BD, 0x0494CCD1), ++ BN_DEF(0xB8D6801C, 0x36E3BC7C), BN_DEF(0x48C09862, 0x5483B005), ++ BN_DEF(0x96CF3419, 0x76B50F00), BN_DEF(0x77DA18C5, 0x389AE443), ++ BN_DEF(0xBF18E63D, 0x43FAADD2), BN_DEF(0xAA81A002, 0x3BB1E78E), ++ BN_DEF(0x6B4FB68C, 0x563EAFA1), BN_DEF(0x72C42BDB, 0xBC9874F2), ++ BN_DEF(0x8B26FA7D, 0xB737A961), BN_DEF(0xB34F0F78, 0x12F20E95), ++ BN_DEF(0x1FEACEBE, 0x9E0D9077), BN_DEF(0xFD29EEF7, 0x055E6835), ++ BN_DEF(0x6AE22427, 0x0EDFCD21), BN_DEF(0xCD86F56D, 0xD5E290CB), ++ BN_DEF(0x911B1D06, 0x743695E2), BN_DEF(0xCE4EFB4F, 0xAE574155), ++ BN_DEF(0x38FAA5FF, 0xB279710F), BN_DEF(0x716BA6E9, 0x7A7EA229), ++ BN_DEF(0xDE21BCA2, 0x5A098649), BN_DEF(0xC289C938, 0x577F0984), ++ BN_DEF(0x60C36C8E, 0x2CC6587D), BN_DEF(0x48FBFBF7, 0xBD6C8E93), ++ BN_DEF(0xEB736483, 0x30DA37E4), BN_DEF(0x7CCE011C, 0xDE1A7A6F), ++ BN_DEF(0xB28C81AD, 0x6F1AAD9D), BN_DEF(0x308FE7EE, 0x4435A11C), ++ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), ++ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), ++ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), ++ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), ++ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), ++ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), ++ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), ++ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), ++ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), ++ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), ++ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), ++ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), ++ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), ++ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), ++ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + + static const BN_ULONG ffdhe6144_p[] = { +- 0xFFFFFFFF, 0xFFFFFFFF, 0xD0E40E65, 0xA40E329C, 0x7938DAD4, 0xA41D570D, +- 0xD43161C1, 0x62A69526, 0x9ADB1E69, 0x3FDD4A8E, 0xDC6B80D6, 0x5B3B71F9, +- 0xC6272B04, 0xEC9D1810, 0xCACEF403, 0x8CCF2DD5, 0xC95B9117, 0xE49F5235, +- 0xB854338A, 0x505DC82D, 0x1562A846, 0x62292C31, 0x6AE77F5E, 0xD72B0374, +- 0x462D538C, 0xF9C9091B, 0x47A67CBE, 0x0AE8DB58, 0x22611682, 0xB3A739C1, +- 0x2A281BF6, 0xEEAAC023, 0x77CAF992, 0x94C6651E, 0x94B2BBC1, 0x763E4E4B, +- 0x0077D9B4, 0x587E38DA, 0x183023C3, 0x7FB29F8C, 0xF9E3A26E, 0x0ABEC1FF, +- 0x350511E3, 0xA00EF092, 0xDB6340D8, 0xB855322E, 0xA9A96910, 0xA52471F7, +- 0x4CFDB477, 0x388147FB, 0x4E46041F, 0x9B1F5C3E, 0xFCCFEC71, 0xCDAD0657, +- 0x4C701C3A, 0xB38E8C33, 0xB1C0FD4C, 0x917BDD64, 0x9B7624C8, 0x3BB45432, +- 0xCAF53EA6, 0x23BA4442, 0x38532A3A, 0x4E677D2C, 0x45036C7A, 0x0BFD64B6, +- 0x5E0DD902, 0xC68A007E, 0xF44182E1, 0x4DB5A851, 0x7F88A46B, 0x8EC9B55A, +- 0xCEC97DCF, 0x0A8291CD, 0xF98D0ACC, 0x2A4ECEA9, 0x7140003C, 0x1A1DB93D, +- 0x33CB8B7A, 0x092999A3, 0x71AD0038, 0x6DC778F9, 0x918130C4, 0xA907600A, +- 0x2D9E6832, 0xED6A1E01, 0xEFB4318A, 0x7135C886, 0x7E31CC7A, 0x87F55BA5, +- 0x55034004, 0x7763CF1D, 0xD69F6D18, 0xAC7D5F42, 0xE58857B6, 0x7930E9E4, +- 0x164DF4FB, 0x6E6F52C3, 0x669E1EF1, 0x25E41D2B, 0x3FD59D7C, 0x3C1B20EE, +- 0xFA53DDEF, 0x0ABCD06B, 0xD5C4484E, 0x1DBF9A42, 0x9B0DEADA, 0xABC52197, +- 0x22363A0D, 0xE86D2BC5, 0x9C9DF69E, 0x5CAE82AB, 0x71F54BFF, 0x64F2E21E, +- 0xE2D74DD3, 0xF4FD4452, 0xBC437944, 0xB4130C93, 0x85139270, 0xAEFE1309, +- 0xC186D91C, 0x598CB0FA, 0x91F7F7EE, 0x7AD91D26, 0xD6E6C907, 0x61B46FC9, +- 0xF99C0238, 0xBC34F4DE, 0x6519035B, 0xDE355B3B, 0x611FCFDC, 0x886B4238, +- 0xC1B2EFFA, 0xC6F34A26, 0x7D1683B2, 0xC58EF183, 0x2EC22005, 0x3BB5FCBC, +- 0x4C6FAD73, 0xC3FE3B1B, 0xEEF28183, 0x8E4F1232, 0xE98583FF, 0x9172FE9C, +- 0x28342F61, 0xC03404CD, 0xCDF7E2EC, 0x9E02FCE1, 0xEE0A6D70, 0x0B07A7C8, +- 0x6372BB19, 0xAE56EDE7, 0xDE394DF4, 0x1D4F42A3, 0x60D7F468, 0xB96ADAB7, +- 0xB2C8E3FB, 0xD108A94B, 0xB324FB61, 0xBC0AB182, 0x483A797A, 0x30ACCA4F, +- 0x36ADE735, 0x1DF158A1, 0xF3EFE872, 0xE2A689DA, 0xE0E68B77, 0x984F0C70, +- 0x7F57C935, 0xB557135E, 0x3DED1AF3, 0x85636555, 0x5F066ED0, 0x2433F51F, +- 0xD5FD6561, 0xD3DF1ED5, 0xAEC4617A, 0xF681B202, 0x630C75D8, 0x7D2FE363, +- 0x249B3EF9, 0xCC939DCE, 0x146433FB, 0xA9E13641, 0xCE2D3695, 0xD8B9C583, +- 0x273D3CF1, 0xAFDC5620, 0xA2BB4A9A, 0xADF85458, 0xFFFFFFFF, 0xFFFFFFFF ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xD0E40E65, 0xA40E329C), ++ BN_DEF(0x7938DAD4, 0xA41D570D), BN_DEF(0xD43161C1, 0x62A69526), ++ BN_DEF(0x9ADB1E69, 0x3FDD4A8E), BN_DEF(0xDC6B80D6, 0x5B3B71F9), ++ BN_DEF(0xC6272B04, 0xEC9D1810), BN_DEF(0xCACEF403, 0x8CCF2DD5), ++ BN_DEF(0xC95B9117, 0xE49F5235), BN_DEF(0xB854338A, 0x505DC82D), ++ BN_DEF(0x1562A846, 0x62292C31), BN_DEF(0x6AE77F5E, 0xD72B0374), ++ BN_DEF(0x462D538C, 0xF9C9091B), BN_DEF(0x47A67CBE, 0x0AE8DB58), ++ BN_DEF(0x22611682, 0xB3A739C1), BN_DEF(0x2A281BF6, 0xEEAAC023), ++ BN_DEF(0x77CAF992, 0x94C6651E), BN_DEF(0x94B2BBC1, 0x763E4E4B), ++ BN_DEF(0x0077D9B4, 0x587E38DA), BN_DEF(0x183023C3, 0x7FB29F8C), ++ BN_DEF(0xF9E3A26E, 0x0ABEC1FF), BN_DEF(0x350511E3, 0xA00EF092), ++ BN_DEF(0xDB6340D8, 0xB855322E), BN_DEF(0xA9A96910, 0xA52471F7), ++ BN_DEF(0x4CFDB477, 0x388147FB), BN_DEF(0x4E46041F, 0x9B1F5C3E), ++ BN_DEF(0xFCCFEC71, 0xCDAD0657), BN_DEF(0x4C701C3A, 0xB38E8C33), ++ BN_DEF(0xB1C0FD4C, 0x917BDD64), BN_DEF(0x9B7624C8, 0x3BB45432), ++ BN_DEF(0xCAF53EA6, 0x23BA4442), BN_DEF(0x38532A3A, 0x4E677D2C), ++ BN_DEF(0x45036C7A, 0x0BFD64B6), BN_DEF(0x5E0DD902, 0xC68A007E), ++ BN_DEF(0xF44182E1, 0x4DB5A851), BN_DEF(0x7F88A46B, 0x8EC9B55A), ++ BN_DEF(0xCEC97DCF, 0x0A8291CD), BN_DEF(0xF98D0ACC, 0x2A4ECEA9), ++ BN_DEF(0x7140003C, 0x1A1DB93D), BN_DEF(0x33CB8B7A, 0x092999A3), ++ BN_DEF(0x71AD0038, 0x6DC778F9), BN_DEF(0x918130C4, 0xA907600A), ++ BN_DEF(0x2D9E6832, 0xED6A1E01), BN_DEF(0xEFB4318A, 0x7135C886), ++ BN_DEF(0x7E31CC7A, 0x87F55BA5), BN_DEF(0x55034004, 0x7763CF1D), ++ BN_DEF(0xD69F6D18, 0xAC7D5F42), BN_DEF(0xE58857B6, 0x7930E9E4), ++ BN_DEF(0x164DF4FB, 0x6E6F52C3), BN_DEF(0x669E1EF1, 0x25E41D2B), ++ BN_DEF(0x3FD59D7C, 0x3C1B20EE), BN_DEF(0xFA53DDEF, 0x0ABCD06B), ++ BN_DEF(0xD5C4484E, 0x1DBF9A42), BN_DEF(0x9B0DEADA, 0xABC52197), ++ BN_DEF(0x22363A0D, 0xE86D2BC5), BN_DEF(0x9C9DF69E, 0x5CAE82AB), ++ BN_DEF(0x71F54BFF, 0x64F2E21E), BN_DEF(0xE2D74DD3, 0xF4FD4452), ++ BN_DEF(0xBC437944, 0xB4130C93), BN_DEF(0x85139270, 0xAEFE1309), ++ BN_DEF(0xC186D91C, 0x598CB0FA), BN_DEF(0x91F7F7EE, 0x7AD91D26), ++ BN_DEF(0xD6E6C907, 0x61B46FC9), BN_DEF(0xF99C0238, 0xBC34F4DE), ++ BN_DEF(0x6519035B, 0xDE355B3B), BN_DEF(0x611FCFDC, 0x886B4238), ++ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), ++ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), ++ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), ++ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), ++ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), ++ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), ++ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), ++ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), ++ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), ++ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), ++ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), ++ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), ++ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), ++ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), ++ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG ffdhe6144_q[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x68720732, 0x5207194E), ++ BN_DEF(0xBC9C6D6A, 0xD20EAB86), BN_DEF(0x6A18B0E0, 0xB1534A93), ++ BN_DEF(0x4D6D8F34, 0x1FEEA547), BN_DEF(0xEE35C06B, 0x2D9DB8FC), ++ BN_DEF(0x63139582, 0xF64E8C08), BN_DEF(0xE5677A01, 0xC66796EA), ++ BN_DEF(0xE4ADC88B, 0x724FA91A), BN_DEF(0xDC2A19C5, 0x282EE416), ++ BN_DEF(0x8AB15423, 0x31149618), BN_DEF(0x3573BFAF, 0x6B9581BA), ++ BN_DEF(0xA316A9C6, 0x7CE4848D), BN_DEF(0x23D33E5F, 0x05746DAC), ++ BN_DEF(0x91308B41, 0x59D39CE0), BN_DEF(0x95140DFB, 0x77556011), ++ BN_DEF(0x3BE57CC9, 0xCA63328F), BN_DEF(0xCA595DE0, 0x3B1F2725), ++ BN_DEF(0x003BECDA, 0xAC3F1C6D), BN_DEF(0x0C1811E1, 0x3FD94FC6), ++ BN_DEF(0xFCF1D137, 0x855F60FF), BN_DEF(0x1A8288F1, 0x50077849), ++ BN_DEF(0x6DB1A06C, 0x5C2A9917), BN_DEF(0xD4D4B488, 0xD29238FB), ++ BN_DEF(0xA67EDA3B, 0x9C40A3FD), BN_DEF(0x2723020F, 0xCD8FAE1F), ++ BN_DEF(0xFE67F638, 0x66D6832B), BN_DEF(0xA6380E1D, 0x59C74619), ++ BN_DEF(0x58E07EA6, 0x48BDEEB2), BN_DEF(0x4DBB1264, 0x1DDA2A19), ++ BN_DEF(0x657A9F53, 0x11DD2221), BN_DEF(0x1C29951D, 0x2733BE96), ++ BN_DEF(0x2281B63D, 0x05FEB25B), BN_DEF(0x2F06EC81, 0xE345003F), ++ BN_DEF(0xFA20C170, 0xA6DAD428), BN_DEF(0x3FC45235, 0xC764DAAD), ++ BN_DEF(0xE764BEE7, 0x054148E6), BN_DEF(0xFCC68566, 0x15276754), ++ BN_DEF(0xB8A0001E, 0x0D0EDC9E), BN_DEF(0x99E5C5BD, 0x0494CCD1), ++ BN_DEF(0xB8D6801C, 0x36E3BC7C), BN_DEF(0x48C09862, 0x5483B005), ++ BN_DEF(0x96CF3419, 0x76B50F00), BN_DEF(0x77DA18C5, 0x389AE443), ++ BN_DEF(0xBF18E63D, 0x43FAADD2), BN_DEF(0xAA81A002, 0x3BB1E78E), ++ BN_DEF(0x6B4FB68C, 0x563EAFA1), BN_DEF(0x72C42BDB, 0xBC9874F2), ++ BN_DEF(0x8B26FA7D, 0xB737A961), BN_DEF(0xB34F0F78, 0x12F20E95), ++ BN_DEF(0x1FEACEBE, 0x9E0D9077), BN_DEF(0xFD29EEF7, 0x055E6835), ++ BN_DEF(0x6AE22427, 0x0EDFCD21), BN_DEF(0xCD86F56D, 0xD5E290CB), ++ BN_DEF(0x911B1D06, 0x743695E2), BN_DEF(0xCE4EFB4F, 0xAE574155), ++ BN_DEF(0x38FAA5FF, 0xB279710F), BN_DEF(0x716BA6E9, 0x7A7EA229), ++ BN_DEF(0xDE21BCA2, 0x5A098649), BN_DEF(0xC289C938, 0x577F0984), ++ BN_DEF(0x60C36C8E, 0x2CC6587D), BN_DEF(0x48FBFBF7, 0xBD6C8E93), ++ BN_DEF(0xEB736483, 0x30DA37E4), BN_DEF(0x7CCE011C, 0xDE1A7A6F), ++ BN_DEF(0xB28C81AD, 0x6F1AAD9D), BN_DEF(0x308FE7EE, 0x4435A11C), ++ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), ++ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), ++ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), ++ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), ++ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), ++ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), ++ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), ++ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), ++ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), ++ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), ++ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), ++ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), ++ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), ++ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), ++ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + + static const BN_ULONG ffdhe8192_p[] = { +- 0xFFFFFFFF, 0xFFFFFFFF, 0xC5C6424C, 0xD68C8BB7, 0x838FF88C, 0x011E2A94, +- 0xA9F4614E, 0x0822E506, 0xF7A8443D, 0x97D11D49, 0x30677F0D, 0xA6BBFDE5, +- 0xC1FE86FE, 0x2F741EF8, 0x5D71A87E, 0xFAFABE1C, 0xFBE58A30, 0xDED2FBAB, +- 0x72B0A66E, 0xB6855DFE, 0xBA8A4FE8, 0x1EFC8CE0, 0x3F2FA457, 0x83F81D4A, +- 0xA577E231, 0xA1FE3075, 0x88D9C0A0, 0xD5B80194, 0xAD9A95F9, 0x624816CD, +- 0x50C1217B, 0x99E9E316, 0x0E423CFC, 0x51AA691E, 0x3826E52C, 0x1C217E6C, +- 0x09703FEE, 0x51A8A931, 0x6A460E74, 0xBB709987, 0x9C86B022, 0x541FC68C, +- 0x46FD8251, 0x59160CC0, 0x35C35F5C, 0x2846C0BA, 0x8B758282, 0x54504AC7, +- 0xD2AF05E4, 0x29388839, 0xC01BD702, 0xCB2C0F1C, 0x7C932665, 0x555B2F74, +- 0xA3AB8829, 0x86B63142, 0xF64B10EF, 0x0B8CC3BD, 0xEDD1CC5E, 0x687FEB69, +- 0xC9509D43, 0xFDB23FCE, 0xD951AE64, 0x1E425A31, 0xF600C838, 0x36AD004C, +- 0xCFF46AAA, 0xA40E329C, 0x7938DAD4, 0xA41D570D, 0xD43161C1, 0x62A69526, +- 0x9ADB1E69, 0x3FDD4A8E, 0xDC6B80D6, 0x5B3B71F9, 0xC6272B04, 0xEC9D1810, +- 0xCACEF403, 0x8CCF2DD5, 0xC95B9117, 0xE49F5235, 0xB854338A, 0x505DC82D, +- 0x1562A846, 0x62292C31, 0x6AE77F5E, 0xD72B0374, 0x462D538C, 0xF9C9091B, +- 0x47A67CBE, 0x0AE8DB58, 0x22611682, 0xB3A739C1, 0x2A281BF6, 0xEEAAC023, +- 0x77CAF992, 0x94C6651E, 0x94B2BBC1, 0x763E4E4B, 0x0077D9B4, 0x587E38DA, +- 0x183023C3, 0x7FB29F8C, 0xF9E3A26E, 0x0ABEC1FF, 0x350511E3, 0xA00EF092, +- 0xDB6340D8, 0xB855322E, 0xA9A96910, 0xA52471F7, 0x4CFDB477, 0x388147FB, +- 0x4E46041F, 0x9B1F5C3E, 0xFCCFEC71, 0xCDAD0657, 0x4C701C3A, 0xB38E8C33, +- 0xB1C0FD4C, 0x917BDD64, 0x9B7624C8, 0x3BB45432, 0xCAF53EA6, 0x23BA4442, +- 0x38532A3A, 0x4E677D2C, 0x45036C7A, 0x0BFD64B6, 0x5E0DD902, 0xC68A007E, +- 0xF44182E1, 0x4DB5A851, 0x7F88A46B, 0x8EC9B55A, 0xCEC97DCF, 0x0A8291CD, +- 0xF98D0ACC, 0x2A4ECEA9, 0x7140003C, 0x1A1DB93D, 0x33CB8B7A, 0x092999A3, +- 0x71AD0038, 0x6DC778F9, 0x918130C4, 0xA907600A, 0x2D9E6832, 0xED6A1E01, +- 0xEFB4318A, 0x7135C886, 0x7E31CC7A, 0x87F55BA5, 0x55034004, 0x7763CF1D, +- 0xD69F6D18, 0xAC7D5F42, 0xE58857B6, 0x7930E9E4, 0x164DF4FB, 0x6E6F52C3, +- 0x669E1EF1, 0x25E41D2B, 0x3FD59D7C, 0x3C1B20EE, 0xFA53DDEF, 0x0ABCD06B, +- 0xD5C4484E, 0x1DBF9A42, 0x9B0DEADA, 0xABC52197, 0x22363A0D, 0xE86D2BC5, +- 0x9C9DF69E, 0x5CAE82AB, 0x71F54BFF, 0x64F2E21E, 0xE2D74DD3, 0xF4FD4452, +- 0xBC437944, 0xB4130C93, 0x85139270, 0xAEFE1309, 0xC186D91C, 0x598CB0FA, +- 0x91F7F7EE, 0x7AD91D26, 0xD6E6C907, 0x61B46FC9, 0xF99C0238, 0xBC34F4DE, +- 0x6519035B, 0xDE355B3B, 0x611FCFDC, 0x886B4238, 0xC1B2EFFA, 0xC6F34A26, +- 0x7D1683B2, 0xC58EF183, 0x2EC22005, 0x3BB5FCBC, 0x4C6FAD73, 0xC3FE3B1B, +- 0xEEF28183, 0x8E4F1232, 0xE98583FF, 0x9172FE9C, 0x28342F61, 0xC03404CD, +- 0xCDF7E2EC, 0x9E02FCE1, 0xEE0A6D70, 0x0B07A7C8, 0x6372BB19, 0xAE56EDE7, +- 0xDE394DF4, 0x1D4F42A3, 0x60D7F468, 0xB96ADAB7, 0xB2C8E3FB, 0xD108A94B, +- 0xB324FB61, 0xBC0AB182, 0x483A797A, 0x30ACCA4F, 0x36ADE735, 0x1DF158A1, +- 0xF3EFE872, 0xE2A689DA, 0xE0E68B77, 0x984F0C70, 0x7F57C935, 0xB557135E, +- 0x3DED1AF3, 0x85636555, 0x5F066ED0, 0x2433F51F, 0xD5FD6561, 0xD3DF1ED5, +- 0xAEC4617A, 0xF681B202, 0x630C75D8, 0x7D2FE363, 0x249B3EF9, 0xCC939DCE, +- 0x146433FB, 0xA9E13641, 0xCE2D3695, 0xD8B9C583, 0x273D3CF1, 0xAFDC5620, +- 0xA2BB4A9A, 0xADF85458, 0xFFFFFFFF, 0xFFFFFFFF ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xC5C6424C, 0xD68C8BB7), ++ BN_DEF(0x838FF88C, 0x011E2A94), BN_DEF(0xA9F4614E, 0x0822E506), ++ BN_DEF(0xF7A8443D, 0x97D11D49), BN_DEF(0x30677F0D, 0xA6BBFDE5), ++ BN_DEF(0xC1FE86FE, 0x2F741EF8), BN_DEF(0x5D71A87E, 0xFAFABE1C), ++ BN_DEF(0xFBE58A30, 0xDED2FBAB), BN_DEF(0x72B0A66E, 0xB6855DFE), ++ BN_DEF(0xBA8A4FE8, 0x1EFC8CE0), BN_DEF(0x3F2FA457, 0x83F81D4A), ++ BN_DEF(0xA577E231, 0xA1FE3075), BN_DEF(0x88D9C0A0, 0xD5B80194), ++ BN_DEF(0xAD9A95F9, 0x624816CD), BN_DEF(0x50C1217B, 0x99E9E316), ++ BN_DEF(0x0E423CFC, 0x51AA691E), BN_DEF(0x3826E52C, 0x1C217E6C), ++ BN_DEF(0x09703FEE, 0x51A8A931), BN_DEF(0x6A460E74, 0xBB709987), ++ BN_DEF(0x9C86B022, 0x541FC68C), BN_DEF(0x46FD8251, 0x59160CC0), ++ BN_DEF(0x35C35F5C, 0x2846C0BA), BN_DEF(0x8B758282, 0x54504AC7), ++ BN_DEF(0xD2AF05E4, 0x29388839), BN_DEF(0xC01BD702, 0xCB2C0F1C), ++ BN_DEF(0x7C932665, 0x555B2F74), BN_DEF(0xA3AB8829, 0x86B63142), ++ BN_DEF(0xF64B10EF, 0x0B8CC3BD), BN_DEF(0xEDD1CC5E, 0x687FEB69), ++ BN_DEF(0xC9509D43, 0xFDB23FCE), BN_DEF(0xD951AE64, 0x1E425A31), ++ BN_DEF(0xF600C838, 0x36AD004C), BN_DEF(0xCFF46AAA, 0xA40E329C), ++ BN_DEF(0x7938DAD4, 0xA41D570D), BN_DEF(0xD43161C1, 0x62A69526), ++ BN_DEF(0x9ADB1E69, 0x3FDD4A8E), BN_DEF(0xDC6B80D6, 0x5B3B71F9), ++ BN_DEF(0xC6272B04, 0xEC9D1810), BN_DEF(0xCACEF403, 0x8CCF2DD5), ++ BN_DEF(0xC95B9117, 0xE49F5235), BN_DEF(0xB854338A, 0x505DC82D), ++ BN_DEF(0x1562A846, 0x62292C31), BN_DEF(0x6AE77F5E, 0xD72B0374), ++ BN_DEF(0x462D538C, 0xF9C9091B), BN_DEF(0x47A67CBE, 0x0AE8DB58), ++ BN_DEF(0x22611682, 0xB3A739C1), BN_DEF(0x2A281BF6, 0xEEAAC023), ++ BN_DEF(0x77CAF992, 0x94C6651E), BN_DEF(0x94B2BBC1, 0x763E4E4B), ++ BN_DEF(0x0077D9B4, 0x587E38DA), BN_DEF(0x183023C3, 0x7FB29F8C), ++ BN_DEF(0xF9E3A26E, 0x0ABEC1FF), BN_DEF(0x350511E3, 0xA00EF092), ++ BN_DEF(0xDB6340D8, 0xB855322E), BN_DEF(0xA9A96910, 0xA52471F7), ++ BN_DEF(0x4CFDB477, 0x388147FB), BN_DEF(0x4E46041F, 0x9B1F5C3E), ++ BN_DEF(0xFCCFEC71, 0xCDAD0657), BN_DEF(0x4C701C3A, 0xB38E8C33), ++ BN_DEF(0xB1C0FD4C, 0x917BDD64), BN_DEF(0x9B7624C8, 0x3BB45432), ++ BN_DEF(0xCAF53EA6, 0x23BA4442), BN_DEF(0x38532A3A, 0x4E677D2C), ++ BN_DEF(0x45036C7A, 0x0BFD64B6), BN_DEF(0x5E0DD902, 0xC68A007E), ++ BN_DEF(0xF44182E1, 0x4DB5A851), BN_DEF(0x7F88A46B, 0x8EC9B55A), ++ BN_DEF(0xCEC97DCF, 0x0A8291CD), BN_DEF(0xF98D0ACC, 0x2A4ECEA9), ++ BN_DEF(0x7140003C, 0x1A1DB93D), BN_DEF(0x33CB8B7A, 0x092999A3), ++ BN_DEF(0x71AD0038, 0x6DC778F9), BN_DEF(0x918130C4, 0xA907600A), ++ BN_DEF(0x2D9E6832, 0xED6A1E01), BN_DEF(0xEFB4318A, 0x7135C886), ++ BN_DEF(0x7E31CC7A, 0x87F55BA5), BN_DEF(0x55034004, 0x7763CF1D), ++ BN_DEF(0xD69F6D18, 0xAC7D5F42), BN_DEF(0xE58857B6, 0x7930E9E4), ++ BN_DEF(0x164DF4FB, 0x6E6F52C3), BN_DEF(0x669E1EF1, 0x25E41D2B), ++ BN_DEF(0x3FD59D7C, 0x3C1B20EE), BN_DEF(0xFA53DDEF, 0x0ABCD06B), ++ BN_DEF(0xD5C4484E, 0x1DBF9A42), BN_DEF(0x9B0DEADA, 0xABC52197), ++ BN_DEF(0x22363A0D, 0xE86D2BC5), BN_DEF(0x9C9DF69E, 0x5CAE82AB), ++ BN_DEF(0x71F54BFF, 0x64F2E21E), BN_DEF(0xE2D74DD3, 0xF4FD4452), ++ BN_DEF(0xBC437944, 0xB4130C93), BN_DEF(0x85139270, 0xAEFE1309), ++ BN_DEF(0xC186D91C, 0x598CB0FA), BN_DEF(0x91F7F7EE, 0x7AD91D26), ++ BN_DEF(0xD6E6C907, 0x61B46FC9), BN_DEF(0xF99C0238, 0xBC34F4DE), ++ BN_DEF(0x6519035B, 0xDE355B3B), BN_DEF(0x611FCFDC, 0x886B4238), ++ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), ++ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), ++ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), ++ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), ++ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), ++ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), ++ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), ++ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), ++ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), ++ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), ++ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), ++ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), ++ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), ++ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), ++ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG ffdhe8192_q[] = { ++ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0xE2E32126, 0x6B4645DB), ++ BN_DEF(0x41C7FC46, 0x008F154A), BN_DEF(0x54FA30A7, 0x84117283), ++ BN_DEF(0xFBD4221E, 0xCBE88EA4), BN_DEF(0x9833BF86, 0x535DFEF2), ++ BN_DEF(0x60FF437F, 0x17BA0F7C), BN_DEF(0x2EB8D43F, 0x7D7D5F0E), ++ BN_DEF(0xFDF2C518, 0x6F697DD5), BN_DEF(0x39585337, 0x5B42AEFF), ++ BN_DEF(0x5D4527F4, 0x8F7E4670), BN_DEF(0x1F97D22B, 0xC1FC0EA5), ++ BN_DEF(0xD2BBF118, 0x50FF183A), BN_DEF(0x446CE050, 0xEADC00CA), ++ BN_DEF(0xD6CD4AFC, 0xB1240B66), BN_DEF(0x286090BD, 0x4CF4F18B), ++ BN_DEF(0x07211E7E, 0x28D5348F), BN_DEF(0x1C137296, 0x0E10BF36), ++ BN_DEF(0x84B81FF7, 0x28D45498), BN_DEF(0xB523073A, 0x5DB84CC3), ++ BN_DEF(0x4E435811, 0xAA0FE346), BN_DEF(0x237EC128, 0x2C8B0660), ++ BN_DEF(0x1AE1AFAE, 0x1423605D), BN_DEF(0xC5BAC141, 0x2A282563), ++ BN_DEF(0xE95782F2, 0x149C441C), BN_DEF(0x600DEB81, 0xE596078E), ++ BN_DEF(0x3E499332, 0xAAAD97BA), BN_DEF(0x51D5C414, 0xC35B18A1), ++ BN_DEF(0xFB258877, 0x05C661DE), BN_DEF(0xF6E8E62F, 0xB43FF5B4), ++ BN_DEF(0x64A84EA1, 0x7ED91FE7), BN_DEF(0xECA8D732, 0x0F212D18), ++ BN_DEF(0x7B00641C, 0x1B568026), BN_DEF(0x67FA3555, 0x5207194E), ++ BN_DEF(0xBC9C6D6A, 0xD20EAB86), BN_DEF(0x6A18B0E0, 0xB1534A93), ++ BN_DEF(0x4D6D8F34, 0x1FEEA547), BN_DEF(0xEE35C06B, 0x2D9DB8FC), ++ BN_DEF(0x63139582, 0xF64E8C08), BN_DEF(0xE5677A01, 0xC66796EA), ++ BN_DEF(0xE4ADC88B, 0x724FA91A), BN_DEF(0xDC2A19C5, 0x282EE416), ++ BN_DEF(0x8AB15423, 0x31149618), BN_DEF(0x3573BFAF, 0x6B9581BA), ++ BN_DEF(0xA316A9C6, 0x7CE4848D), BN_DEF(0x23D33E5F, 0x05746DAC), ++ BN_DEF(0x91308B41, 0x59D39CE0), BN_DEF(0x95140DFB, 0x77556011), ++ BN_DEF(0x3BE57CC9, 0xCA63328F), BN_DEF(0xCA595DE0, 0x3B1F2725), ++ BN_DEF(0x003BECDA, 0xAC3F1C6D), BN_DEF(0x0C1811E1, 0x3FD94FC6), ++ BN_DEF(0xFCF1D137, 0x855F60FF), BN_DEF(0x1A8288F1, 0x50077849), ++ BN_DEF(0x6DB1A06C, 0x5C2A9917), BN_DEF(0xD4D4B488, 0xD29238FB), ++ BN_DEF(0xA67EDA3B, 0x9C40A3FD), BN_DEF(0x2723020F, 0xCD8FAE1F), ++ BN_DEF(0xFE67F638, 0x66D6832B), BN_DEF(0xA6380E1D, 0x59C74619), ++ BN_DEF(0x58E07EA6, 0x48BDEEB2), BN_DEF(0x4DBB1264, 0x1DDA2A19), ++ BN_DEF(0x657A9F53, 0x11DD2221), BN_DEF(0x1C29951D, 0x2733BE96), ++ BN_DEF(0x2281B63D, 0x05FEB25B), BN_DEF(0x2F06EC81, 0xE345003F), ++ BN_DEF(0xFA20C170, 0xA6DAD428), BN_DEF(0x3FC45235, 0xC764DAAD), ++ BN_DEF(0xE764BEE7, 0x054148E6), BN_DEF(0xFCC68566, 0x15276754), ++ BN_DEF(0xB8A0001E, 0x0D0EDC9E), BN_DEF(0x99E5C5BD, 0x0494CCD1), ++ BN_DEF(0xB8D6801C, 0x36E3BC7C), BN_DEF(0x48C09862, 0x5483B005), ++ BN_DEF(0x96CF3419, 0x76B50F00), BN_DEF(0x77DA18C5, 0x389AE443), ++ BN_DEF(0xBF18E63D, 0x43FAADD2), BN_DEF(0xAA81A002, 0x3BB1E78E), ++ BN_DEF(0x6B4FB68C, 0x563EAFA1), BN_DEF(0x72C42BDB, 0xBC9874F2), ++ BN_DEF(0x8B26FA7D, 0xB737A961), BN_DEF(0xB34F0F78, 0x12F20E95), ++ BN_DEF(0x1FEACEBE, 0x9E0D9077), BN_DEF(0xFD29EEF7, 0x055E6835), ++ BN_DEF(0x6AE22427, 0x0EDFCD21), BN_DEF(0xCD86F56D, 0xD5E290CB), ++ BN_DEF(0x911B1D06, 0x743695E2), BN_DEF(0xCE4EFB4F, 0xAE574155), ++ BN_DEF(0x38FAA5FF, 0xB279710F), BN_DEF(0x716BA6E9, 0x7A7EA229), ++ BN_DEF(0xDE21BCA2, 0x5A098649), BN_DEF(0xC289C938, 0x577F0984), ++ BN_DEF(0x60C36C8E, 0x2CC6587D), BN_DEF(0x48FBFBF7, 0xBD6C8E93), ++ BN_DEF(0xEB736483, 0x30DA37E4), BN_DEF(0x7CCE011C, 0xDE1A7A6F), ++ BN_DEF(0xB28C81AD, 0x6F1AAD9D), BN_DEF(0x308FE7EE, 0x4435A11C), ++ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), ++ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), ++ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), ++ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), ++ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), ++ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), ++ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), ++ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), ++ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), ++ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), ++ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), ++ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), ++ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), ++ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), ++ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + +-# else +-# error "unsupported BN_BITS2" +-# endif +- + /* Macro to make a BIGNUM from static data */ + + # define make_dh_bn(x) extern const BIGNUM _bignum_##x; \ +@@ -489,24 +1010,42 @@ static const BN_ULONG ffdhe8192_p[] = { + + static const BN_ULONG value_2 = 2; + +-const BIGNUM _bignum_const_2 = +- { (BN_ULONG *)&value_2, 1, 1, 0, BN_FLG_STATIC_DATA }; ++const BIGNUM _bignum_const_2 = { ++ (BN_ULONG *)&value_2, 1, 1, 0, BN_FLG_STATIC_DATA ++}; + + make_dh_bn(dh1024_160_p) +-make_dh_bn(dh1024_160_g) + make_dh_bn(dh1024_160_q) ++make_dh_bn(dh1024_160_g) + make_dh_bn(dh2048_224_p) +-make_dh_bn(dh2048_224_g) + make_dh_bn(dh2048_224_q) ++make_dh_bn(dh2048_224_g) + make_dh_bn(dh2048_256_p) +-make_dh_bn(dh2048_256_g) + make_dh_bn(dh2048_256_q) ++make_dh_bn(dh2048_256_g) + + make_dh_bn(ffdhe2048_p) ++make_dh_bn(ffdhe2048_q) + make_dh_bn(ffdhe3072_p) ++make_dh_bn(ffdhe3072_q) + make_dh_bn(ffdhe4096_p) ++make_dh_bn(ffdhe4096_q) + make_dh_bn(ffdhe6144_p) ++make_dh_bn(ffdhe6144_q) + make_dh_bn(ffdhe8192_p) ++make_dh_bn(ffdhe8192_q) + ++make_dh_bn(modp_1536_p) ++make_dh_bn(modp_1536_q) ++make_dh_bn(modp_2048_p) ++make_dh_bn(modp_2048_q) ++make_dh_bn(modp_3072_p) ++make_dh_bn(modp_3072_q) ++make_dh_bn(modp_4096_p) ++make_dh_bn(modp_4096_q) ++make_dh_bn(modp_6144_p) ++make_dh_bn(modp_6144_q) ++make_dh_bn(modp_8192_p) ++make_dh_bn(modp_8192_q) + +-#endif ++#endif /* OPENSSL_NO_DH */ +diff -up openssl-1.1.1g/crypto/dh/dh_check.c.fips-dh openssl-1.1.1g/crypto/dh/dh_check.c +--- openssl-1.1.1g/crypto/dh/dh_check.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/dh/dh_check.c 2020-07-17 10:36:29.246788449 +0200 +@@ -10,6 +10,7 @@ + #include + #include "internal/cryptlib.h" + #include ++#include + #include "dh_local.h" + + # define DH_NUMBER_ITERATIONS_FOR_PRIME 64 +@@ -41,6 +42,12 @@ int DH_check_params(const DH *dh, int *r + BIGNUM *tmp = NULL; + BN_CTX *ctx = NULL; + ++ if (FIPS_mode()) { ++ int nid = dh->nid == NID_undef ? DH_get_nid(dh) : dh->nid; ++ ++ return nid != NID_undef; ++ } ++ + *ret = 0; + ctx = BN_CTX_new(); + if (ctx == NULL) +@@ -95,6 +102,7 @@ int DH_check_ex(const DH *dh) + return errflags == 0; + } + ++/* Note: according to documentation - this only checks the params */ + int DH_check(const DH *dh, int *ret) + { + int ok = 0, r; +@@ -104,6 +112,9 @@ int DH_check(const DH *dh, int *ret) + if (!DH_check_params(dh, ret)) + return 0; + ++ if (FIPS_mode()) /* we allow only well-known params */ ++ return 1; ++ + ctx = BN_CTX_new(); + if (ctx == NULL) + goto err; +@@ -177,7 +188,7 @@ int DH_check_pub_key_ex(const DH *dh, co + return errflags == 0; + } + +-int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) ++static int dh_check_pub_key_int(const DH *dh, const BIGNUM *q, const BIGNUM *pub_key, int *ret) + { + int ok = 0; + BIGNUM *tmp = NULL; +@@ -198,9 +209,9 @@ int DH_check_pub_key(const DH *dh, const + if (BN_cmp(pub_key, tmp) >= 0) + *ret |= DH_CHECK_PUBKEY_TOO_LARGE; + +- if (dh->q != NULL) { ++ if (q != NULL) { + /* Check pub_key^q == 1 mod p */ +- if (!BN_mod_exp(tmp, pub_key, dh->q, dh->p, ctx)) ++ if (!BN_mod_exp(tmp, pub_key, q, dh->p, ctx)) + goto err; + if (!BN_is_one(tmp)) + *ret |= DH_CHECK_PUBKEY_INVALID; +@@ -212,3 +223,23 @@ int DH_check_pub_key(const DH *dh, const + BN_CTX_free(ctx); + return ok; + } ++ ++int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) ++{ ++ return dh_check_pub_key_int(dh, dh->q, pub_key, ret); ++} ++ ++int dh_check_pub_key_full(const DH *dh, const BIGNUM *pub_key, int *ret) ++{ ++ BIGNUM *q = dh->q; ++ ++ if (q == NULL) { ++ if (dh_get_known_q(dh, &q) == 0) { ++ *ret |= DH_CHECK_INVALID_Q_VALUE; ++ return 0; ++ } ++ } ++ ++ return dh_check_pub_key_int(dh, q, pub_key, ret); ++} ++ +diff -up openssl-1.1.1g/crypto/dh/dh_gen.c.fips-dh openssl-1.1.1g/crypto/dh/dh_gen.c +--- openssl-1.1.1g/crypto/dh/dh_gen.c.fips-dh 2020-07-17 10:36:29.182787923 +0200 ++++ openssl-1.1.1g/crypto/dh/dh_gen.c 2020-07-17 10:36:29.246788449 +0200 +@@ -27,8 +27,7 @@ int DH_generate_parameters_ex(DH *ret, i + BN_GENCB *cb) + { + #ifdef OPENSSL_FIPS +- if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD) +- && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW)) { ++ if (FIPS_mode()) { + DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD); + return 0; + } +@@ -75,18 +74,6 @@ static int dh_builtin_genparams(DH *ret, + int g, ok = -1; + BN_CTX *ctx = NULL; + +-#ifdef OPENSSL_FIPS +- if (FIPS_selftest_failed()) { +- FIPSerr(FIPS_F_DH_BUILTIN_GENPARAMS, FIPS_R_FIPS_SELFTEST_FAILED); +- return 0; +- } +- +- if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN)) { +- DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL); +- goto err; +- } +-#endif +- + ctx = BN_CTX_new(); + if (ctx == NULL) + goto err; +diff -up openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh openssl-1.1.1g/crypto/dh/dh_key.c +--- openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh 2020-07-17 10:36:29.182787923 +0200 ++++ openssl-1.1.1g/crypto/dh/dh_key.c 2020-07-17 11:00:07.783777846 +0200 +@@ -100,10 +100,18 @@ static int generate_key(DH *dh) + BIGNUM *pub_key = NULL, *priv_key = NULL; + + #ifdef OPENSSL_FIPS +- if (FIPS_mode() +- && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) { +- DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL); +- return 0; ++ if (FIPS_mode()) { ++ if (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS) { ++ DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL); ++ return 0; ++ } ++ if (dh->nid == NID_undef) ++ dh_cache_nid(dh); ++ if (dh->nid == NID_undef || dh->length > BN_num_bits(dh->p) - 2 ++ || dh->length < 224) { ++ DHerr(DH_F_GENERATE_KEY, DH_R_NON_FIPS_METHOD); ++ return 0; ++ } + } + #endif + +@@ -139,7 +147,15 @@ static int generate_key(DH *dh) + } + + if (generate_new_key) { +- if (dh->q) { ++ if (FIPS_mode()) { ++ do { ++ if (!BN_priv_rand(priv_key, dh->length, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY)) ++ goto err; ++ if (!BN_add_word(priv_key, 1)) ++ goto err; ++ } ++ while (BN_num_bits(priv_key) > dh->length); ++ } else if (dh->q) { + do { + if (!BN_priv_rand_range(priv_key, dh->q)) + goto err; +@@ -175,6 +191,15 @@ static int generate_key(DH *dh) + } + /* We MUST free prk before any further use of priv_key */ + BN_clear_free(prk); ++ ++ if (FIPS_mode()) { ++ int check_result; ++ ++ if (!dh_check_pub_key_full(dh, pub_key, &check_result) || check_result) { ++ DHerr(DH_F_GENERATE_KEY, DH_R_INVALID_PUBKEY); ++ goto err; ++ } ++ } + } + + dh->pub_key = pub_key; +@@ -197,6 +222,7 @@ static int compute_key(unsigned char *ke + BN_CTX *ctx = NULL; + BN_MONT_CTX *mont = NULL; + BIGNUM *tmp; ++ BIGNUM *p1; + int ret = -1; + int check_result; + +@@ -243,6 +269,18 @@ static int compute_key(unsigned char *ke + DHerr(DH_F_COMPUTE_KEY, ERR_R_BN_LIB); + goto err; + } ++ ++ if (BN_is_zero(tmp) || BN_is_one(tmp) || BN_is_negative(tmp)) { ++ DHerr(DH_F_COMPUTE_KEY, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ if ((p1 = BN_CTX_get(ctx)) == NULL ++ || !BN_sub(p1, dh->p, BN_value_one()) ++ || BN_cmp(p1, tmp) <= 0) { ++ DHerr(DH_F_COMPUTE_KEY, ERR_R_BN_LIB); ++ goto err; ++ } + + ret = BN_bn2bin(tmp, key); + err: +diff -up openssl-1.1.1g/crypto/dh/dh_lib.c.fips-dh openssl-1.1.1g/crypto/dh/dh_lib.c +--- openssl-1.1.1g/crypto/dh/dh_lib.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/dh/dh_lib.c 2020-07-17 10:36:29.246788449 +0200 +@@ -8,6 +8,7 @@ + */ + + #include ++#include + #include "internal/cryptlib.h" + #include "internal/refcount.h" + #include +@@ -86,6 +87,8 @@ DH *DH_new_method(ENGINE *engine) + goto err; + } + ++ ret->nid = NID_undef; ++ + return ret; + + err: +@@ -205,7 +208,10 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNU + dh->g = g; + } + +- if (q != NULL) { ++ dh->nid = NID_undef; ++ dh_cache_nid(dh); ++ ++ if (q != NULL && dh->nid == NID_undef) { + dh->length = BN_num_bits(q); + } + +diff -up openssl-1.1.1g/crypto/dh/dh_local.h.fips-dh openssl-1.1.1g/crypto/dh/dh_local.h +--- openssl-1.1.1g/crypto/dh/dh_local.h.fips-dh 2020-07-17 10:36:28.968786163 +0200 ++++ openssl-1.1.1g/crypto/dh/dh_local.h 2020-07-17 10:36:29.246788449 +0200 +@@ -35,6 +35,7 @@ struct dh_st { + const DH_METHOD *meth; + ENGINE *engine; + CRYPTO_RWLOCK *lock; ++ int nid; + }; + + struct dh_method { +@@ -55,3 +56,10 @@ struct dh_method { + int (*generate_params) (DH *dh, int prime_len, int generator, + BN_GENCB *cb); + }; ++ ++void dh_cache_nid(DH *dh); ++/* Obtain known q value based on nid or p */ ++int dh_get_known_q(const DH *dh, BIGNUM **q); ++/* FIPS mode only check which requires nid set and looks up q based on it. */ ++int dh_check_pub_key_full(const DH *dh, const BIGNUM *pub_key, int *ret); ++ +diff -up openssl-1.1.1g/crypto/dh/dh_rfc7919.c.fips-dh openssl-1.1.1g/crypto/dh/dh_rfc7919.c +--- openssl-1.1.1g/crypto/dh/dh_rfc7919.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/dh/dh_rfc7919.c 2020-07-17 10:36:29.246788449 +0200 +@@ -7,6 +7,8 @@ + * https://www.openssl.org/source/license.html + */ + ++/* DH parameters from RFC7919 and RFC3526 */ ++ + #include + #include "internal/cryptlib.h" + #include "dh_local.h" +@@ -14,14 +16,19 @@ + #include + #include "crypto/bn_dh.h" + +-static DH *dh_param_init(const BIGNUM *p, int32_t nbits) ++static DH *dh_param_init(int nid, const BIGNUM *p, const BIGNUM *q, int32_t nbits) + { + DH *dh = DH_new(); + if (dh == NULL) + return NULL; + dh->p = (BIGNUM *)p; ++ /* ++ * We do not set q as it would enable the inefficient and ++ * unnecessary pubkey modular exponentiation check. ++ */ + dh->g = (BIGNUM *)&_bignum_const_2; + dh->length = nbits; ++ dh->nid = nid; + return dh; + } + +@@ -29,46 +36,121 @@ DH *DH_new_by_nid(int nid) + { + switch (nid) { + case NID_ffdhe2048: +- return dh_param_init(&_bignum_ffdhe2048_p, 225); ++ return dh_param_init(nid, &_bignum_ffdhe2048_p, &_bignum_ffdhe2048_q, 225); + case NID_ffdhe3072: +- return dh_param_init(&_bignum_ffdhe3072_p, 275); ++ return dh_param_init(nid, &_bignum_ffdhe3072_p, &_bignum_ffdhe3072_q, 275); + case NID_ffdhe4096: +- return dh_param_init(&_bignum_ffdhe4096_p, 325); ++ return dh_param_init(nid, &_bignum_ffdhe4096_p, &_bignum_ffdhe4096_q, 325); + case NID_ffdhe6144: +- return dh_param_init(&_bignum_ffdhe6144_p, 375); ++ return dh_param_init(nid, &_bignum_ffdhe6144_p, &_bignum_ffdhe6144_q, 375); + case NID_ffdhe8192: +- return dh_param_init(&_bignum_ffdhe8192_p, 400); ++ return dh_param_init(nid, &_bignum_ffdhe8192_p, &_bignum_ffdhe8192_q, 400); ++ case NID_modp_2048: ++ return dh_param_init(nid, &_bignum_modp_2048_p, &_bignum_modp_2048_q, 225); ++ case NID_modp_3072: ++ return dh_param_init(nid, &_bignum_modp_3072_p, &_bignum_modp_3072_q, 275); ++ case NID_modp_4096: ++ return dh_param_init(nid, &_bignum_modp_4096_p, &_bignum_modp_4096_q, 325); ++ case NID_modp_6144: ++ return dh_param_init(nid, &_bignum_modp_6144_p, &_bignum_modp_6144_q, 375); ++ case NID_modp_8192: ++ return dh_param_init(nid, &_bignum_modp_8192_p, &_bignum_modp_8192_q, 400); ++ case NID_modp_1536: ++ if (!FIPS_mode()) ++ return dh_param_init(nid, &_bignum_modp_1536_p, &_bignum_modp_1536_q, 175); ++ /* fallthrough */ + default: + DHerr(DH_F_DH_NEW_BY_NID, DH_R_INVALID_PARAMETER_NID); + return NULL; + } + } + +-int DH_get_nid(const DH *dh) ++static int dh_match_group(const DH *dh, BIGNUM **qout, int *lout) + { + int nid; ++ const BIGNUM *q; ++ int length; + + if (BN_get_word(dh->g) != 2) + return NID_undef; +- if (!BN_cmp(dh->p, &_bignum_ffdhe2048_p)) ++ ++ if (dh->nid == NID_ffdhe2048 || !BN_cmp(dh->p, &_bignum_ffdhe2048_p)) { + nid = NID_ffdhe2048; +- else if (!BN_cmp(dh->p, &_bignum_ffdhe3072_p)) ++ q = &_bignum_ffdhe2048_q; ++ length = 225; ++ } else if (dh->nid == NID_ffdhe3072 || !BN_cmp(dh->p, &_bignum_ffdhe3072_p)) { + nid = NID_ffdhe3072; +- else if (!BN_cmp(dh->p, &_bignum_ffdhe4096_p)) ++ q = &_bignum_ffdhe3072_q; ++ length = 275; ++ } else if (dh->nid == NID_ffdhe4096 || !BN_cmp(dh->p, &_bignum_ffdhe4096_p)) { + nid = NID_ffdhe4096; +- else if (!BN_cmp(dh->p, &_bignum_ffdhe6144_p)) ++ q = &_bignum_ffdhe4096_q; ++ length = 325; ++ } else if (dh->nid == NID_ffdhe6144 || !BN_cmp(dh->p, &_bignum_ffdhe6144_p)) { + nid = NID_ffdhe6144; +- else if (!BN_cmp(dh->p, &_bignum_ffdhe8192_p)) ++ q = &_bignum_ffdhe6144_q; ++ length = 375; ++ } else if (dh->nid == NID_ffdhe8192 || !BN_cmp(dh->p, &_bignum_ffdhe8192_p)) { + nid = NID_ffdhe8192; +- else ++ q = &_bignum_ffdhe8192_q; ++ length = 400; ++ } else if (dh->nid == NID_modp_2048 || !BN_cmp(dh->p, &_bignum_modp_2048_p)) { ++ nid = NID_modp_2048; ++ q = &_bignum_modp_2048_q; ++ length = 225; ++ } else if (dh->nid == NID_modp_3072 || !BN_cmp(dh->p, &_bignum_modp_3072_p)) { ++ nid = NID_modp_3072; ++ q = &_bignum_modp_3072_q; ++ length = 275; ++ } else if (dh->nid == NID_modp_4096 || !BN_cmp(dh->p, &_bignum_modp_4096_p)) { ++ nid = NID_modp_4096; ++ q = &_bignum_modp_4096_q; ++ length = 325; ++ } else if (dh->nid == NID_modp_6144 || !BN_cmp(dh->p, &_bignum_modp_6144_p)) { ++ nid = NID_modp_6144; ++ q = &_bignum_modp_6144_q; ++ length = 375; ++ } else if (dh->nid == NID_modp_8192 || !BN_cmp(dh->p, &_bignum_modp_8192_p)) { ++ nid = NID_modp_8192; ++ q = &_bignum_modp_8192_q; ++ length = 400; ++ } else if (!FIPS_mode() && (dh->nid == NID_modp_1536 || !BN_cmp(dh->p, &_bignum_modp_1536_p))) { ++ nid = NID_modp_1536; ++ q = &_bignum_modp_1536_q; ++ length = 175; ++ } else { + return NID_undef; ++ } ++ + if (dh->q != NULL) { +- BIGNUM *q = BN_dup(dh->p); ++ /* Check that q matches the known q. */ ++ if (BN_cmp(dh->q, q)) ++ return NID_undef; ++ } else if (qout != NULL) { ++ *qout = (BIGNUM *)q; ++ } + +- /* Check q = p * 2 + 1 we already know q is odd, so just shift right */ +- if (q == NULL || !BN_rshift1(q, q) || !BN_cmp(dh->q, q)) +- nid = NID_undef; +- BN_free(q); ++ if (lout != NULL) { ++ *lout = length; + } + return nid; + } ++ ++int DH_get_nid(const DH *dh) ++{ ++ if (dh->nid != NID_undef) { ++ return dh->nid; ++ } ++ return dh_match_group(dh, NULL, NULL); ++} ++ ++void dh_cache_nid(DH *dh) ++{ ++ dh->nid = dh_match_group(dh, NULL, &dh->length); ++} ++ ++int dh_get_known_q(const DH *dh, BIGNUM **q) ++{ ++ return dh_match_group(dh, q, NULL) != NID_undef; ++} ++ +diff -up openssl-1.1.1g/crypto/ec/ec_key.c.fips-dh openssl-1.1.1g/crypto/ec/ec_key.c +--- openssl-1.1.1g/crypto/ec/ec_key.c.fips-dh 2020-07-17 11:00:53.958175227 +0200 ++++ openssl-1.1.1g/crypto/ec/ec_key.c 2020-07-20 13:24:03.941107320 +0200 +@@ -280,9 +280,18 @@ int ec_key_simple_generate_key(EC_KEY *e + if (!EC_POINT_mul(eckey->group, pub_key, priv_key, NULL, NULL, ctx)) + goto err; + +- eckey->priv_key = priv_key; + eckey->pub_key = pub_key; + ++ if (FIPS_mode()) { ++ eckey->priv_key = NULL; ++ if (EC_KEY_check_key(eckey) <= 0) { ++ eckey->pub_key = NULL; ++ goto err; ++ } ++ } ++ ++ eckey->priv_key = priv_key; ++ + ok = 1; + + err: +@@ -296,8 +305,23 @@ int ec_key_simple_generate_key(EC_KEY *e + + int ec_key_simple_generate_public_key(EC_KEY *eckey) + { +- return EC_POINT_mul(eckey->group, eckey->pub_key, eckey->priv_key, NULL, ++ BIGNUM *priv_key; ++ int ret = EC_POINT_mul(eckey->group, eckey->pub_key, eckey->priv_key, NULL, + NULL, NULL); ++ ++ if (ret <= 0 || !FIPS_mode()) ++ return ret; ++ ++ /* no need to perform private key test, temporarily hide it */ ++ priv_key = eckey->priv_key; ++ eckey->priv_key = NULL; ++ ret = EC_KEY_check_key(eckey); ++ eckey->priv_key = priv_key; ++ ++ if (ret <= 0) ++ EC_POINT_set_to_infinity(eckey->group, eckey->pub_key); ++ ++ return ret; + } + + int EC_KEY_check_key(const EC_KEY *eckey) +diff -up openssl-1.1.1g/crypto/evp/p_lib.c.fips-dh openssl-1.1.1g/crypto/evp/p_lib.c +--- openssl-1.1.1g/crypto/evp/p_lib.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/evp/p_lib.c 2020-07-17 10:36:29.247788458 +0200 +@@ -540,7 +540,8 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *p + + int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) + { +- int type = DH_get0_q(key) == NULL ? EVP_PKEY_DH : EVP_PKEY_DHX; ++ int type = DH_get0_q(key) == NULL || DH_get_nid(key) != NID_undef ? ++ EVP_PKEY_DH : EVP_PKEY_DHX; + int ret = EVP_PKEY_assign(pkey, type, key); + + if (ret) +diff -up openssl-1.1.1g/crypto/objects/obj_dat.h.fips-dh openssl-1.1.1g/crypto/objects/obj_dat.h +--- openssl-1.1.1g/crypto/objects/obj_dat.h.fips-dh 2020-07-17 10:36:29.239788392 +0200 ++++ openssl-1.1.1g/crypto/objects/obj_dat.h 2020-07-17 10:36:29.247788458 +0200 +@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = { + 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */ + }; + +-#define NUM_NID 1199 ++#define NUM_NID 1205 + static const ASN1_OBJECT nid_objs[NUM_NID] = { + {"UNDEF", "undefined", NID_undef}, + {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, +@@ -2279,9 +2279,15 @@ static const ASN1_OBJECT nid_objs[NUM_NI + {"KBKDF", "kbkdf", NID_kbkdf}, + {"KRB5KDF", "krb5kdf", NID_krb5kdf}, + {"SSKDF", "sskdf", NID_sskdf}, ++ {"modp_1536", "modp_1536", NID_modp_1536}, ++ {"modp_2048", "modp_2048", NID_modp_2048}, ++ {"modp_3072", "modp_3072", NID_modp_3072}, ++ {"modp_4096", "modp_4096", NID_modp_4096}, ++ {"modp_6144", "modp_6144", NID_modp_6144}, ++ {"modp_8192", "modp_8192", NID_modp_8192}, + }; + +-#define NUM_SN 1190 ++#define NUM_SN 1196 + static const unsigned int sn_objs[NUM_SN] = { + 364, /* "AD_DVCS" */ + 419, /* "AES-128-CBC" */ +@@ -3127,6 +3133,12 @@ static const unsigned int sn_objs[NUM_SN + 506, /* "mime-mhs-bodies" */ + 505, /* "mime-mhs-headings" */ + 488, /* "mobileTelephoneNumber" */ ++ 1199, /* "modp_1536" */ ++ 1200, /* "modp_2048" */ ++ 1201, /* "modp_3072" */ ++ 1202, /* "modp_4096" */ ++ 1203, /* "modp_6144" */ ++ 1204, /* "modp_8192" */ + 136, /* "msCTLSign" */ + 135, /* "msCodeCom" */ + 134, /* "msCodeInd" */ +@@ -3475,7 +3487,7 @@ static const unsigned int sn_objs[NUM_SN + 1093, /* "x509ExtAdmission" */ + }; + +-#define NUM_LN 1190 ++#define NUM_LN 1196 + static const unsigned int ln_objs[NUM_LN] = { + 363, /* "AD Time Stamping" */ + 405, /* "ANSI X9.62" */ +@@ -4313,6 +4325,12 @@ static const unsigned int ln_objs[NUM_LN + 506, /* "mime-mhs-bodies" */ + 505, /* "mime-mhs-headings" */ + 488, /* "mobileTelephoneNumber" */ ++ 1199, /* "modp_1536" */ ++ 1200, /* "modp_2048" */ ++ 1201, /* "modp_3072" */ ++ 1202, /* "modp_4096" */ ++ 1203, /* "modp_6144" */ ++ 1204, /* "modp_8192" */ + 481, /* "nSRecord" */ + 173, /* "name" */ + 681, /* "onBasis" */ +diff -up openssl-1.1.1g/crypto/objects/objects.txt.fips-dh openssl-1.1.1g/crypto/objects/objects.txt +--- openssl-1.1.1g/crypto/objects/objects.txt.fips-dh 2020-07-17 10:36:29.239788392 +0200 ++++ openssl-1.1.1g/crypto/objects/objects.txt 2020-07-17 10:36:29.247788458 +0200 +@@ -1657,6 +1657,13 @@ id-pkinit 5 : pkInit + : ffdhe4096 + : ffdhe6144 + : ffdhe8192 ++# NIDs for RFC3526 DH parameters ++ : modp_1536 ++ : modp_2048 ++ : modp_3072 ++ : modp_4096 ++ : modp_6144 ++ : modp_8192 + + # OIDs for DSTU-4145/DSTU-7564 (http://zakon2.rada.gov.ua/laws/show/z0423-17) + +diff -up openssl-1.1.1g/crypto/objects/obj_mac.num.fips-dh openssl-1.1.1g/crypto/objects/obj_mac.num +--- openssl-1.1.1g/crypto/objects/obj_mac.num.fips-dh 2020-07-17 10:36:29.239788392 +0200 ++++ openssl-1.1.1g/crypto/objects/obj_mac.num 2020-07-17 10:36:29.248788466 +0200 +@@ -1196,3 +1196,9 @@ sshkdf 1195 + kbkdf 1196 + krb5kdf 1197 + sskdf 1198 ++modp_1536 1199 ++modp_2048 1200 ++modp_3072 1201 ++modp_4096 1202 ++modp_6144 1203 ++modp_8192 1204 +diff -up openssl-1.1.1g/doc/man3/DH_new_by_nid.pod.fips-dh openssl-1.1.1g/doc/man3/DH_new_by_nid.pod +--- openssl-1.1.1g/doc/man3/DH_new_by_nid.pod.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/doc/man3/DH_new_by_nid.pod 2020-07-17 10:36:29.248788466 +0200 +@@ -8,13 +8,15 @@ DH_new_by_nid, DH_get_nid - get or find + + #include + DH *DH_new_by_nid(int nid); +- int *DH_get_nid(const DH *dh); ++ int DH_get_nid(const DH *dh); + + =head1 DESCRIPTION + + DH_new_by_nid() creates and returns a DH structure containing named parameters + B. Currently B must be B, B, +-B, B or B. ++B, B, B, ++B, B, B, ++B, B or B. + + DH_get_nid() determines if the parameters contained in B match + any named set. It returns the NID corresponding to the matching parameters or +diff -up openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod +--- openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod 2020-07-17 10:36:29.248788466 +0200 +@@ -294,10 +294,11 @@ The EVP_PKEY_CTX_set_dh_pad() macro sets + If B is zero (the default) then no padding is performed. + + EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to +-B as defined in RFC7919. The B parameter must be B, +-B, B, B, B +-or B to clear the stored value. This macro can be called during +-parameter or key generation. ++I as defined in RFC7919 or RFC3526. The I parameter must be ++B, B, B, B, ++B, B, B, B, ++B, B, B or B to clear ++the stored value. This macro can be called during parameter or key generation. + The nid parameter and the rfc5114 parameter are mutually exclusive. + + The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are +diff -up openssl-1.1.1g/include/crypto/bn_dh.h.fips-dh openssl-1.1.1g/include/crypto/bn_dh.h +--- openssl-1.1.1g/include/crypto/bn_dh.h.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/include/crypto/bn_dh.h 2020-07-17 10:36:29.248788466 +0200 +@@ -1,7 +1,7 @@ + /* +- * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. + * +- * Licensed under the OpenSSL license (the "License"). You may not use ++ * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html +@@ -9,16 +9,35 @@ + + #define declare_dh_bn(x) \ + extern const BIGNUM _bignum_dh##x##_p; \ ++ extern const BIGNUM _bignum_dh##x##_q; \ + extern const BIGNUM _bignum_dh##x##_g; \ +- extern const BIGNUM _bignum_dh##x##_q; + + declare_dh_bn(1024_160) + declare_dh_bn(2048_224) + declare_dh_bn(2048_256) + ++extern const BIGNUM _bignum_const_2; ++ + extern const BIGNUM _bignum_ffdhe2048_p; + extern const BIGNUM _bignum_ffdhe3072_p; + extern const BIGNUM _bignum_ffdhe4096_p; + extern const BIGNUM _bignum_ffdhe6144_p; + extern const BIGNUM _bignum_ffdhe8192_p; +-extern const BIGNUM _bignum_const_2; ++extern const BIGNUM _bignum_ffdhe2048_q; ++extern const BIGNUM _bignum_ffdhe3072_q; ++extern const BIGNUM _bignum_ffdhe4096_q; ++extern const BIGNUM _bignum_ffdhe6144_q; ++extern const BIGNUM _bignum_ffdhe8192_q; ++ ++extern const BIGNUM _bignum_modp_1536_p; ++extern const BIGNUM _bignum_modp_2048_p; ++extern const BIGNUM _bignum_modp_3072_p; ++extern const BIGNUM _bignum_modp_4096_p; ++extern const BIGNUM _bignum_modp_6144_p; ++extern const BIGNUM _bignum_modp_8192_p; ++extern const BIGNUM _bignum_modp_1536_q; ++extern const BIGNUM _bignum_modp_2048_q; ++extern const BIGNUM _bignum_modp_3072_q; ++extern const BIGNUM _bignum_modp_4096_q; ++extern const BIGNUM _bignum_modp_6144_q; ++extern const BIGNUM _bignum_modp_8192_q; +diff -up openssl-1.1.1g/include/openssl/obj_mac.h.fips-dh openssl-1.1.1g/include/openssl/obj_mac.h +--- openssl-1.1.1g/include/openssl/obj_mac.h.fips-dh 2020-07-17 10:36:29.240788400 +0200 ++++ openssl-1.1.1g/include/openssl/obj_mac.h 2020-07-17 10:36:29.248788466 +0200 +@@ -5115,6 +5115,24 @@ + #define SN_ffdhe8192 "ffdhe8192" + #define NID_ffdhe8192 1130 + ++#define SN_modp_1536 "modp_1536" ++#define NID_modp_1536 1199 ++ ++#define SN_modp_2048 "modp_2048" ++#define NID_modp_2048 1200 ++ ++#define SN_modp_3072 "modp_3072" ++#define NID_modp_3072 1201 ++ ++#define SN_modp_4096 "modp_4096" ++#define NID_modp_4096 1202 ++ ++#define SN_modp_6144 "modp_6144" ++#define NID_modp_6144 1203 ++ ++#define SN_modp_8192 "modp_8192" ++#define NID_modp_8192 1204 ++ + #define SN_ISO_UA "ISO-UA" + #define NID_ISO_UA 1150 + #define OBJ_ISO_UA OBJ_member_body,804L +diff -up openssl-1.1.1g/ssl/s3_lib.c.fips-dh openssl-1.1.1g/ssl/s3_lib.c +--- openssl-1.1.1g/ssl/s3_lib.c.fips-dh 2020-07-17 10:36:29.199788063 +0200 ++++ openssl-1.1.1g/ssl/s3_lib.c 2020-07-17 10:36:29.248788466 +0200 +@@ -4858,13 +4858,51 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey + EVP_PKEY *ssl_dh_to_pkey(DH *dh) + { + EVP_PKEY *ret; ++ DH *dhp = NULL; ++ + if (dh == NULL) + return NULL; ++ ++ if (FIPS_mode() && DH_get_nid(dh) == NID_undef) { ++ int bits = DH_bits(dh); ++ BIGNUM *p, *g; ++ ++ dhp = DH_new(); ++ if (dhp == NULL) ++ return NULL; ++ g = BN_new(); ++ if (g == NULL || !BN_set_word(g, 2)) { ++ DH_free(dhp); ++ BN_free(g); ++ return NULL; ++ } ++ ++ if (bits >= 7000) ++ p = BN_get_rfc3526_prime_8192(NULL); ++ else if (bits >= 5000) ++ p = BN_get_rfc3526_prime_6144(NULL); ++ else if (bits >= 3800) ++ p = BN_get_rfc3526_prime_4096(NULL); ++ else if (bits >= 2500) ++ p = BN_get_rfc3526_prime_3072(NULL); ++ else ++ p = BN_get_rfc3526_prime_2048(NULL); ++ if (p == NULL || !DH_set0_pqg(dhp, p, NULL, g)) { ++ DH_free(dhp); ++ BN_free(p); ++ BN_free(g); ++ return NULL; ++ } ++ dh = dhp; ++ } ++ + ret = EVP_PKEY_new(); + if (EVP_PKEY_set1_DH(ret, dh) <= 0) { ++ DH_free(dhp); + EVP_PKEY_free(ret); + return NULL; + } ++ DH_free(dhp); + return ret; + } + #endif + +diff -up openssl-1.1.1h/ssl/t1_lib.c.fips-dh openssl-1.1.1h/ssl/t1_lib.c +--- openssl-1.1.1h/ssl/t1_lib.c.fips-dh 2020-11-04 14:04:41.851711629 +0100 ++++ openssl-1.1.1h/ssl/t1_lib.c 2020-11-04 14:06:06.506431652 +0100 +@@ -2470,7 +2470,7 @@ + p = BN_get_rfc3526_prime_4096(NULL); + else if (dh_secbits >= 128) + p = BN_get_rfc3526_prime_3072(NULL); +- else if (dh_secbits >= 112) ++ else if (dh_secbits >= 112 || FIPS_mode()) + p = BN_get_rfc3526_prime_2048(NULL); + else + p = BN_get_rfc2409_prime_1024(NULL); diff --git a/thirdparty/openssl/patches/openssl-1.1.1-fips-drbg-selftest.patch b/thirdparty/openssl/patches/openssl-1.1.1-fips-drbg-selftest.patch new file mode 100644 index 000000000..6adbe742a --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-fips-drbg-selftest.patch @@ -0,0 +1,587 @@ +diff -up openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest openssl-1.1.1g/crypto/fips/fips_post.c +--- openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest 2020-04-23 13:33:12.500624151 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-04-23 13:33:12.618621925 +0200 +@@ -67,12 +67,18 @@ + + # include + # include "crypto/fips.h" ++# include "crypto/rand.h" + # include "fips_locl.h" + + /* Run all selftests */ + int FIPS_selftest(void) + { + int rv = 1; ++ if (!rand_drbg_selftest()) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_TEST_FAILURE); ++ ERR_add_error_data(2, "Type=", "rand_drbg_selftest"); ++ rv = 0; ++ } + if (!FIPS_selftest_drbg()) + rv = 0; + if (!FIPS_selftest_sha1()) + +--- a/crypto/rand/build.info 2020-11-18 23:54:32.916311749 -0500 ++++ b/crypto/rand/build.info 2020-11-18 23:55:04.544312641 -0500 +@@ -1,6 +1,6 @@ + LIBS=../../libcrypto + SOURCE[../../libcrypto]=\ + randfile.c rand_lib.c rand_err.c rand_egd.c \ +- rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c ++ rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c drbg_selftest.c + + INCLUDE[drbg_ctr.o]=../modes +diff -up openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest openssl-1.1.1g/crypto/rand/drbg_selftest.c +--- openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest 2020-04-23 13:33:12.619621907 +0200 ++++ openssl-1.1.1g/crypto/rand/drbg_selftest.c 2020-04-23 13:33:12.619621907 +0200 +@@ -0,0 +1,537 @@ ++/* ++ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the OpenSSL license (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include "internal/nelem.h" ++#include ++#include ++#include ++#include ++#include "internal/thread_once.h" ++#include "crypto/rand.h" ++ ++typedef struct test_ctx_st { ++ const unsigned char *entropy; ++ size_t entropylen; ++ int entropycnt; ++ const unsigned char *nonce; ++ size_t noncelen; ++ int noncecnt; ++} TEST_CTX; ++ ++static int app_data_index = -1; ++static CRYPTO_ONCE get_index_once = CRYPTO_ONCE_STATIC_INIT; ++DEFINE_RUN_ONCE_STATIC(drbg_app_data_index_init) ++{ ++ app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL); ++ ++ return 1; ++} ++ ++enum drbg_kat_type { ++ NO_RESEED, ++ PR_FALSE, ++ PR_TRUE ++}; ++ ++enum drbg_df { ++ USE_DF, ++ NO_DF, ++ NA ++}; ++ ++struct drbg_kat_no_reseed { ++ size_t count; ++ const unsigned char *entropyin; ++ const unsigned char *nonce; ++ const unsigned char *persstr; ++ const unsigned char *addin1; ++ const unsigned char *addin2; ++ const unsigned char *retbytes; ++}; ++ ++struct drbg_kat_pr_false { ++ size_t count; ++ const unsigned char *entropyin; ++ const unsigned char *nonce; ++ const unsigned char *persstr; ++ const unsigned char *entropyinreseed; ++ const unsigned char *addinreseed; ++ const unsigned char *addin1; ++ const unsigned char *addin2; ++ const unsigned char *retbytes; ++}; ++ ++struct drbg_kat_pr_true { ++ size_t count; ++ const unsigned char *entropyin; ++ const unsigned char *nonce; ++ const unsigned char *persstr; ++ const unsigned char *entropyinpr1; ++ const unsigned char *addin1; ++ const unsigned char *entropyinpr2; ++ const unsigned char *addin2; ++ const unsigned char *retbytes; ++}; ++ ++struct drbg_kat { ++ enum drbg_kat_type type; ++ enum drbg_df df; ++ int nid; ++ ++ size_t entropyinlen; ++ size_t noncelen; ++ size_t persstrlen; ++ size_t addinlen; ++ size_t retbyteslen; ++ ++ const void *t; ++}; ++ ++/* ++ * Excerpt from test/drbg_cavs_data.c ++ * DRBG test vectors from: ++ * https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/ ++ */ ++ ++static const unsigned char kat1308_entropyin[] = { ++ 0x7c, 0x5d, 0x90, 0x70, 0x3b, 0x8a, 0xc7, 0x0f, 0x23, 0x73, 0x24, 0x9c, ++ 0xa7, 0x15, 0x41, 0x71, 0x7a, 0x31, 0xea, 0x32, 0xfc, 0x28, 0x0d, 0xd7, ++ 0x5b, 0x09, 0x01, 0x98, 0x1b, 0xe2, 0xa5, 0x53, 0xd9, 0x05, 0x32, 0x97, ++ 0xec, 0xbe, 0x86, 0xfd, 0x1c, 0x1c, 0x71, 0x4c, 0x52, 0x29, 0x9e, 0x52, ++}; ++static const unsigned char kat1308_nonce[] = {0}; ++static const unsigned char kat1308_persstr[] = { ++ 0xdc, 0x07, 0x2f, 0x68, 0xfa, 0x77, 0x03, 0x23, 0x42, 0xb0, 0xf5, 0xa2, ++ 0xd9, 0xad, 0xa1, 0xd0, 0xad, 0xa2, 0x14, 0xb4, 0xd0, 0x8e, 0xfb, 0x39, ++ 0xdd, 0xc2, 0xac, 0xfb, 0x98, 0xdf, 0x7f, 0xce, 0x4c, 0x75, 0x56, 0x45, ++ 0xcd, 0x86, 0x93, 0x74, 0x90, 0x6e, 0xf6, 0x9e, 0x85, 0x7e, 0xfb, 0xc3, ++}; ++static const unsigned char kat1308_addin0[] = { ++ 0x52, 0x25, 0xc4, 0x2f, 0x03, 0xce, 0x29, 0x71, 0xc5, 0x0b, 0xc3, 0x4e, ++ 0xad, 0x8d, 0x6f, 0x17, 0x82, 0xe1, 0xf3, 0xfd, 0xfd, 0x9b, 0x94, 0x9a, ++ 0x1d, 0xac, 0xd0, 0xd4, 0x3f, 0x2b, 0xe3, 0xab, 0x7c, 0x3d, 0x3e, 0x5a, ++ 0x68, 0xbb, 0xa4, 0x74, 0x68, 0x1a, 0xc6, 0x27, 0xff, 0xe0, 0xc0, 0x6c, ++}; ++static const unsigned char kat1308_addin1[] = { ++ 0xdc, 0x91, 0xd7, 0xb7, 0xb9, 0x94, 0x79, 0x0f, 0x06, 0xc4, 0x70, 0x19, ++ 0x33, 0x25, 0x7c, 0x96, 0x01, 0xa0, 0x62, 0xb0, 0x50, 0xe6, 0xc0, 0x3a, ++ 0x56, 0x8f, 0xc5, 0x50, 0x48, 0xc6, 0xf4, 0x49, 0xe5, 0x70, 0x16, 0x2e, ++ 0xae, 0xf2, 0x99, 0xb4, 0x2d, 0x70, 0x18, 0x16, 0xcd, 0xe0, 0x24, 0xe4, ++}; ++static const unsigned char kat1308_retbits[] = { ++ 0xde, 0xf8, 0x91, 0x1b, 0xf1, 0xe1, 0xa9, 0x97, 0xd8, 0x61, 0x84, 0xe2, ++ 0xdb, 0x83, 0x3e, 0x60, 0x45, 0xcd, 0xc8, 0x66, 0x93, 0x28, 0xc8, 0x92, ++ 0xbc, 0x25, 0xae, 0xe8, 0xb0, 0xed, 0xed, 0x16, 0x3d, 0xa5, 0xf9, 0x0f, ++ 0xb3, 0x72, 0x08, 0x84, 0xac, 0x3c, 0x3b, 0xaa, 0x5f, 0xf9, 0x7d, 0x63, ++ 0x3e, 0xde, 0x59, 0x37, 0x0e, 0x40, 0x12, 0x2b, 0xbc, 0x6c, 0x96, 0x53, ++ 0x26, 0x32, 0xd0, 0xb8, ++}; ++static const struct drbg_kat_no_reseed kat1308_t = { ++ 2, kat1308_entropyin, kat1308_nonce, kat1308_persstr, ++ kat1308_addin0, kat1308_addin1, kat1308_retbits ++}; ++static const struct drbg_kat kat1308 = { ++ NO_RESEED, NO_DF, NID_aes_256_ctr, 48, 0, 48, 48, 64, &kat1308_t ++}; ++ ++static const unsigned char kat1465_entropyin[] = { ++ 0xc9, 0x96, 0x3a, 0x15, 0x51, 0x76, 0x4f, 0xe0, 0x45, 0x82, 0x8a, 0x64, ++ 0x87, 0xbe, 0xaa, 0xc0, ++}; ++static const unsigned char kat1465_nonce[] = { ++ 0x08, 0xcd, 0x69, 0x39, 0xf8, 0x58, 0x9a, 0x85, ++}; ++static const unsigned char kat1465_persstr[] = {0}; ++static const unsigned char kat1465_entropyinreseed[] = { ++ 0x16, 0xcc, 0x35, 0x15, 0xb1, 0x17, 0xf5, 0x33, 0x80, 0x9a, 0x80, 0xc5, ++ 0x1f, 0x4b, 0x7b, 0x51, ++}; ++static const unsigned char kat1465_addinreseed[] = { ++ 0xf5, 0x3d, 0xf1, 0x2e, 0xdb, 0x28, 0x1c, 0x00, 0x7b, 0xcb, 0xb6, 0x12, ++ 0x61, 0x9f, 0x26, 0x5f, ++}; ++static const unsigned char kat1465_addin0[] = { ++ 0xe2, 0x67, 0x06, 0x62, 0x09, 0xa7, 0xcf, 0xd6, 0x84, 0x8c, 0x20, 0xf6, ++ 0x10, 0x5a, 0x73, 0x9c, ++}; ++static const unsigned char kat1465_addin1[] = { ++ 0x26, 0xfa, 0x50, 0xe1, 0xb3, 0xcb, 0x65, 0xed, 0xbc, 0x6d, 0xda, 0x18, ++ 0x47, 0x99, 0x1f, 0xeb, ++}; ++static const unsigned char kat1465_retbits[] = { ++ 0xf9, 0x47, 0xc6, 0xb0, 0x58, 0xa8, 0x66, 0x8a, 0xf5, 0x2b, 0x2a, 0x6d, ++ 0x4e, 0x24, 0x6f, 0x65, 0xbf, 0x51, 0x22, 0xbf, 0xe8, 0x8d, 0x6c, 0xeb, ++ 0xf9, 0x68, 0x7f, 0xed, 0x3b, 0xdd, 0x6b, 0xd5, 0x28, 0x47, 0x56, 0x52, ++ 0xda, 0x50, 0xf0, 0x90, 0x73, 0x95, 0x06, 0x58, 0xaf, 0x08, 0x98, 0x6e, ++ 0x24, 0x18, 0xfd, 0x2f, 0x48, 0x72, 0x57, 0xd6, 0x59, 0xab, 0xe9, 0x41, ++ 0x58, 0xdb, 0x27, 0xba, ++}; ++static const struct drbg_kat_pr_false kat1465_t = { ++ 9, kat1465_entropyin, kat1465_nonce, kat1465_persstr, ++ kat1465_entropyinreseed, kat1465_addinreseed, kat1465_addin0, ++ kat1465_addin1, kat1465_retbits ++}; ++static const struct drbg_kat kat1465 = { ++ PR_FALSE, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat1465_t ++}; ++ ++static const unsigned char kat3146_entropyin[] = { ++ 0xd7, 0x08, 0x42, 0x82, 0xc2, 0xd2, 0xd1, 0xde, 0x01, 0xb4, 0x36, 0xb3, ++ 0x7f, 0xbd, 0xd3, 0xdd, 0xb3, 0xc4, 0x31, 0x4f, 0x8f, 0xa7, 0x10, 0xf4, ++}; ++static const unsigned char kat3146_nonce[] = { ++ 0x7b, 0x9e, 0xcd, 0x49, 0x4f, 0x46, 0xa0, 0x08, 0x32, 0xff, 0x2e, 0xc3, ++ 0x50, 0x86, 0xca, 0xca, ++}; ++static const unsigned char kat3146_persstr[] = {0}; ++static const unsigned char kat3146_entropyinpr1[] = { ++ 0x68, 0xd0, 0x7b, 0xa4, 0xe7, 0x22, 0x19, 0xe6, 0xb6, 0x46, 0x6a, 0xda, ++ 0x8e, 0x67, 0xea, 0x63, 0x3f, 0xaf, 0x2f, 0x6c, 0x9d, 0x5e, 0x48, 0x15, ++}; ++static const unsigned char kat3146_addinpr1[] = { ++ 0x70, 0x0f, 0x54, 0xf4, 0x53, 0xde, 0xca, 0x61, 0x5c, 0x49, 0x51, 0xd1, ++ 0x41, 0xc4, 0xf1, 0x2f, 0x65, 0xfb, 0x7e, 0xbc, 0x9b, 0x14, 0xba, 0x90, ++ 0x05, 0x33, 0x7e, 0x64, 0xb7, 0x2b, 0xaf, 0x99, ++}; ++static const unsigned char kat3146_entropyinpr2[] = { ++ 0xeb, 0x77, 0xb0, 0xe9, 0x2d, 0x31, 0xc8, 0x66, 0xc5, 0xc4, 0xa7, 0xf7, ++ 0x6c, 0xb2, 0x74, 0x36, 0x4b, 0x25, 0x78, 0x04, 0xd8, 0xd7, 0xd2, 0x34, ++}; ++static const unsigned char kat3146_addinpr2[] = { ++ 0x05, 0xcd, 0x2a, 0x97, 0x5a, 0x5d, 0xfb, 0x98, 0xc1, 0xf1, 0x00, 0x0c, ++ 0xed, 0xe6, 0x2a, 0xba, 0xf0, 0x89, 0x1f, 0x5a, 0x4f, 0xd7, 0x48, 0xb3, ++ 0x24, 0xc0, 0x8a, 0x3d, 0x60, 0x59, 0x5d, 0xb6, ++}; ++static const unsigned char kat3146_retbits[] = { ++ 0x29, 0x94, 0xa4, 0xa8, 0x17, 0x3e, 0x62, 0x2f, 0x94, 0xdd, 0x40, 0x1f, ++ 0xe3, 0x7e, 0x77, 0xd4, 0x38, 0xbc, 0x0e, 0x49, 0x46, 0xf6, 0x0e, 0x28, ++ 0x91, 0xc6, 0x9c, 0xc4, 0xa6, 0xa1, 0xf8, 0x9a, 0x64, 0x5e, 0x99, 0x76, ++ 0xd0, 0x2d, 0xee, 0xde, 0xe1, 0x2c, 0x93, 0x29, 0x4b, 0x12, 0xcf, 0x87, ++ 0x03, 0x98, 0xb9, 0x74, 0x41, 0xdb, 0x3a, 0x49, 0x9f, 0x92, 0xd0, 0x45, ++ 0xd4, 0x30, 0x73, 0xbb, ++}; ++static const struct drbg_kat_pr_true kat3146_t = { ++ 10, kat3146_entropyin, kat3146_nonce, kat3146_persstr, ++ kat3146_entropyinpr1, kat3146_addinpr1, kat3146_entropyinpr2, ++ kat3146_addinpr2, kat3146_retbits ++}; ++static const struct drbg_kat kat3146 = { ++ PR_TRUE, USE_DF, NID_aes_192_ctr, 24, 16, 0, 32, 64, &kat3146_t ++}; ++ ++static const struct drbg_kat *drbg_test[] = { &kat1308, &kat1465, &kat3146 }; ++ ++static const size_t drbg_test_nelem = OSSL_NELEM(drbg_test); ++ ++static size_t kat_entropy(RAND_DRBG *drbg, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len, ++ int prediction_resistance) ++{ ++ TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index); ++ ++ t->entropycnt++; ++ *pout = (unsigned char *)t->entropy; ++ return t->entropylen; ++} ++ ++static size_t kat_nonce(RAND_DRBG *drbg, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len) ++{ ++ TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index); ++ ++ t->noncecnt++; ++ *pout = (unsigned char *)t->nonce; ++ return t->noncelen; ++} ++ ++/* ++ * Do a single NO_RESEED KAT: ++ * ++ * Instantiate ++ * Generate Random Bits (pr=false) ++ * Generate Random Bits (pr=false) ++ * Uninstantiate ++ * ++ * Return 0 on failure. ++ */ ++static int single_kat_no_reseed(const struct drbg_kat *td) ++{ ++ struct drbg_kat_no_reseed *data = (struct drbg_kat_no_reseed *)td->t; ++ RAND_DRBG *drbg = NULL; ++ unsigned char *buff = NULL; ++ unsigned int flags = 0; ++ int failures = 0; ++ TEST_CTX t; ++ ++ if (td->df != USE_DF) ++ flags |= RAND_DRBG_FLAG_CTR_NO_DF; ++ ++ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) ++ return 0; ++ ++ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, ++ kat_nonce, NULL)) { ++ failures++; ++ goto err; ++ } ++ memset(&t, 0, sizeof(t)); ++ t.entropy = data->entropyin; ++ t.entropylen = td->entropyinlen; ++ t.nonce = data->nonce; ++ t.noncelen = td->noncelen; ++ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); ++ ++ buff = OPENSSL_malloc(td->retbyteslen); ++ if (buff == NULL) { ++ failures++; ++ goto err; ++ } ++ ++ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen) ++ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, ++ data->addin1, td->addinlen) ++ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, ++ data->addin2, td->addinlen) ++ || memcmp(data->retbytes, buff, ++ td->retbyteslen) != 0) ++ failures++; ++ ++err: ++ OPENSSL_free(buff); ++ RAND_DRBG_uninstantiate(drbg); ++ RAND_DRBG_free(drbg); ++ return failures == 0; ++} ++ ++/*- ++ * Do a single PR_FALSE KAT: ++ * ++ * Instantiate ++ * Reseed ++ * Generate Random Bits (pr=false) ++ * Generate Random Bits (pr=false) ++ * Uninstantiate ++ * ++ * Return 0 on failure. ++ */ ++static int single_kat_pr_false(const struct drbg_kat *td) ++{ ++ struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t; ++ RAND_DRBG *drbg = NULL; ++ unsigned char *buff = NULL; ++ unsigned int flags = 0; ++ int failures = 0; ++ TEST_CTX t; ++ ++ if (td->df != USE_DF) ++ flags |= RAND_DRBG_FLAG_CTR_NO_DF; ++ ++ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) ++ return 0; ++ ++ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, ++ kat_nonce, NULL)) { ++ failures++; ++ goto err; ++ } ++ memset(&t, 0, sizeof(t)); ++ t.entropy = data->entropyin; ++ t.entropylen = td->entropyinlen; ++ t.nonce = data->nonce; ++ t.noncelen = td->noncelen; ++ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); ++ ++ buff = OPENSSL_malloc(td->retbyteslen); ++ if (buff == NULL) { ++ failures++; ++ goto err; ++ } ++ ++ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)) ++ failures++; ++ ++ t.entropy = data->entropyinreseed; ++ t.entropylen = td->entropyinlen; ++ ++ if (!RAND_DRBG_reseed(drbg, data->addinreseed, td->addinlen, 0) ++ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, ++ data->addin1, td->addinlen) ++ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, ++ data->addin2, td->addinlen) ++ || memcmp(data->retbytes, buff, ++ td->retbyteslen) != 0) ++ failures++; ++ ++err: ++ OPENSSL_free(buff); ++ RAND_DRBG_uninstantiate(drbg); ++ RAND_DRBG_free(drbg); ++ return failures == 0; ++} ++ ++/*- ++ * Do a single PR_TRUE KAT: ++ * ++ * Instantiate ++ * Generate Random Bits (pr=true) ++ * Generate Random Bits (pr=true) ++ * Uninstantiate ++ * ++ * Return 0 on failure. ++ */ ++static int single_kat_pr_true(const struct drbg_kat *td) ++{ ++ struct drbg_kat_pr_true *data = (struct drbg_kat_pr_true *)td->t; ++ RAND_DRBG *drbg = NULL; ++ unsigned char *buff = NULL; ++ unsigned int flags = 0; ++ int failures = 0; ++ TEST_CTX t; ++ ++ if (td->df != USE_DF) ++ flags |= RAND_DRBG_FLAG_CTR_NO_DF; ++ ++ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) ++ return 0; ++ ++ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, ++ kat_nonce, NULL)) { ++ failures++; ++ goto err; ++ } ++ memset(&t, 0, sizeof(t)); ++ t.nonce = data->nonce; ++ t.noncelen = td->noncelen; ++ t.entropy = data->entropyin; ++ t.entropylen = td->entropyinlen; ++ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); ++ ++ buff = OPENSSL_malloc(td->retbyteslen); ++ if (buff == NULL) { ++ failures++; ++ goto err; ++ } ++ ++ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)) ++ failures++; ++ ++ t.entropy = data->entropyinpr1; ++ t.entropylen = td->entropyinlen; ++ ++ if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1, ++ data->addin1, td->addinlen)) ++ failures++; ++ ++ t.entropy = data->entropyinpr2; ++ t.entropylen = td->entropyinlen; ++ ++ if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1, ++ data->addin2, td->addinlen) ++ || memcmp(data->retbytes, buff, ++ td->retbyteslen) != 0) ++ failures++; ++ ++err: ++ OPENSSL_free(buff); ++ RAND_DRBG_uninstantiate(drbg); ++ RAND_DRBG_free(drbg); ++ return failures == 0; ++} ++ ++static int test_kats(int i) ++{ ++ const struct drbg_kat *td = drbg_test[i]; ++ int rv = 0; ++ ++ switch (td->type) { ++ case NO_RESEED: ++ if (!single_kat_no_reseed(td)) ++ goto err; ++ break; ++ case PR_FALSE: ++ if (!single_kat_pr_false(td)) ++ goto err; ++ break; ++ case PR_TRUE: ++ if (!single_kat_pr_true(td)) ++ goto err; ++ break; ++ default: /* cant happen */ ++ goto err; ++ } ++ rv = 1; ++err: ++ return rv; ++} ++ ++/*- ++ * Do one expected-error test: ++ * ++ * Instantiate with no entropy supplied ++ * ++ * Return 0 on failure. ++ */ ++static int test_drbg_sanity(const struct drbg_kat *td) ++{ ++ struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t; ++ RAND_DRBG *drbg = NULL; ++ unsigned int flags = 0; ++ int failures = 0; ++ TEST_CTX t; ++ ++ if (td->df != USE_DF) ++ flags |= RAND_DRBG_FLAG_CTR_NO_DF; ++ ++ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) ++ return 0; ++ ++ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, ++ kat_nonce, NULL)) { ++ failures++; ++ goto err; ++ } ++ memset(&t, 0, sizeof(t)); ++ t.entropy = data->entropyin; ++ t.entropylen = 0; /* No entropy */ ++ t.nonce = data->nonce; ++ t.noncelen = td->noncelen; ++ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); ++ ++ ERR_set_mark(); ++ /* This must fail. */ ++ if (RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)) ++ failures++; ++ RAND_DRBG_uninstantiate(drbg); ++ ERR_pop_to_mark(); ++ ++err: ++ RAND_DRBG_free(drbg); ++ return failures == 0; ++} ++ ++ ++int rand_drbg_selftest(void) ++{ ++ int i; ++ ++ if (!RUN_ONCE(&get_index_once, drbg_app_data_index_init)) ++ return 0; ++ ++ for (i = 0; i < drbg_test_nelem; i++) { ++ if (test_kats(i) <= 0) ++ return 0; ++ } ++ ++ if (test_drbg_sanity(&kat1465) <= 0) ++ return 0; ++ ++ return 1; ++} +diff -up openssl-1.1.1g/include/crypto/rand.h.drbg-selftest openssl-1.1.1g/include/crypto/rand.h +--- openssl-1.1.1g/include/crypto/rand.h.drbg-selftest 2020-04-23 13:33:12.587622510 +0200 ++++ openssl-1.1.1g/include/crypto/rand.h 2020-04-23 13:33:12.619621907 +0200 +@@ -140,4 +140,9 @@ void rand_pool_cleanup(void); + */ + void rand_pool_keep_random_devices_open(int keep); + ++/* ++ * Perform the DRBG KAT selftests ++ */ ++int rand_drbg_selftest(void); ++ + #endif diff --git a/thirdparty/openssl/patches/openssl-1.1.1-fips-post-rand.patch b/thirdparty/openssl/patches/openssl-1.1.1-fips-post-rand.patch new file mode 100644 index 000000000..18a01fe07 --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-fips-post-rand.patch @@ -0,0 +1,189 @@ +diff -up openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand openssl-1.1.1e/crypto/fips/fips.c +--- openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand 2020-03-17 18:06:16.822418854 +0100 ++++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-17 18:06:16.861418172 +0100 +@@ -68,6 +68,7 @@ + + # include + # include "internal/thread_once.h" ++# include "crypto/rand.h" + + # ifndef PATH_MAX + # define PATH_MAX 1024 +@@ -76,6 +77,7 @@ + static int fips_selftest_fail = 0; + static int fips_mode = 0; + static int fips_started = 0; ++static int fips_post = 0; + + static int fips_is_owning_thread(void); + static int fips_set_owning_thread(void); +@@ -158,6 +160,11 @@ void fips_set_selftest_fail(void) + fips_selftest_fail = 1; + } + ++int fips_in_post(void) ++{ ++ return fips_post; ++} ++ + /* we implement what libfipscheck does ourselves */ + + static int +@@ -445,6 +452,8 @@ int FIPS_module_mode_set(int onoff) + } + # endif + ++ fips_post = 1; ++ + if (!FIPS_selftest()) { + fips_selftest_fail = 1; + ret = 0; +@@ -459,7 +468,12 @@ int FIPS_module_mode_set(int onoff) + goto end; + } + ++ fips_post = 0; ++ + fips_set_mode(onoff); ++ /* force RNG reseed with entropy from getrandom() on next call */ ++ rand_force_reseed(); ++ + ret = 1; + goto end; + } +diff -up openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1e/crypto/rand/drbg_lib.c +--- openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rand/drbg_lib.c 2020-03-17 18:07:35.305045521 +0100 +@@ -1009,6 +1009,20 @@ size_t rand_drbg_seedlen(RAND_DRBG *drbg + return min_entropy > min_entropylen ? min_entropy : min_entropylen; + } + ++void rand_force_reseed(void) ++{ ++ RAND_DRBG *drbg; ++ ++ drbg = RAND_DRBG_get0_master(); ++ drbg->fork_id = 0; ++ ++ drbg = RAND_DRBG_get0_private(); ++ drbg->fork_id = 0; ++ ++ drbg = RAND_DRBG_get0_public(); ++ drbg->fork_id = 0; ++} ++ + /* Implements the default OpenSSL RAND_add() method */ + static int drbg_add(const void *buf, int num, double randomness) + { +diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/crypto/rand/rand_unix.c +--- openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rand/rand_unix.c 2020-03-17 18:09:01.503537189 +0100 +@@ -17,10 +17,12 @@ + #include + #include "rand_local.h" + #include "crypto/rand.h" ++#include "crypto/fips.h" + #include + #include "internal/dso.h" + #ifdef __linux + # include ++# include + # ifdef DEVRANDOM_WAIT + # include + # include +@@ -342,7 +344,7 @@ static ssize_t sysctl_random(char *buf, + * syscall_random(): Try to get random data using a system call + * returns the number of bytes returned in buf, or < 0 on error. + */ +-static ssize_t syscall_random(void *buf, size_t buflen) ++static ssize_t syscall_random(void *buf, size_t buflen, int nonblock) + { + /* + * Note: 'buflen' equals the size of the buffer which is used by the +@@ -364,6 +366,7 @@ static ssize_t syscall_random(void *buf, + * - Linux since 3.17 with glibc 2.25 + * - FreeBSD since 12.0 (1200061) + */ ++# if 0 + # if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux) + extern int getentropy(void *buffer, size_t length) __attribute__((weak)); + +@@ -385,10 +388,10 @@ static ssize_t syscall_random(void *buf, + if (p_getentropy.p != NULL) + return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1; + # endif +- ++# endif + /* Linux supports this since version 3.17 */ +-# if defined(__linux) && defined(__NR_getrandom) +- return syscall(__NR_getrandom, buf, buflen, 0); ++# if defined(__linux) && defined(SYS_getrandom) ++ return syscall(SYS_getrandom, buf, buflen, nonblock?GRND_NONBLOCK:0); + # elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND) + return sysctl_random(buf, buflen); + # else +@@ -623,6 +626,9 @@ size_t rand_pool_acquire_entropy(RAND_PO + size_t entropy_available; + + # if defined(OPENSSL_RAND_SEED_GETRANDOM) ++ int in_post; ++ ++ for (in_post = fips_in_post(); in_post >= 0; --in_post) { + { + size_t bytes_needed; + unsigned char *buffer; +@@ -633,7 +639,7 @@ size_t rand_pool_acquire_entropy(RAND_PO + bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); + while (bytes_needed != 0 && attempts-- > 0) { + buffer = rand_pool_add_begin(pool, bytes_needed); +- bytes = syscall_random(buffer, bytes_needed); ++ bytes = syscall_random(buffer, bytes_needed, in_post); + if (bytes > 0) { + rand_pool_add_end(pool, bytes, 8 * bytes); + bytes_needed -= bytes; +@@ -668,8 +674,10 @@ size_t rand_pool_acquire_entropy(RAND_PO + int attempts = 3; + const int fd = get_random_device(i); + +- if (fd == -1) ++ if (fd == -1) { ++ OPENSSL_showfatal("Random device %s cannot be opened.\n", random_device_paths[i]); + continue; ++ } + + while (bytes_needed != 0 && attempts-- > 0) { + buffer = rand_pool_add_begin(pool, bytes_needed); +@@ -732,7 +740,9 @@ size_t rand_pool_acquire_entropy(RAND_PO + return entropy_available; + } + # endif +- ++# ifdef OPENSSL_RAND_SEED_GETRANDOM ++ } ++# endif + return rand_pool_entropy_available(pool); + # endif + } +diff -up openssl-1.1.1e/include/crypto/fips.h.fips-post-rand openssl-1.1.1e/include/crypto/fips.h +--- openssl-1.1.1e/include/crypto/fips.h.fips-post-rand 2020-03-17 18:06:16.831418696 +0100 ++++ openssl-1.1.1e/include/crypto/fips.h 2020-03-17 18:06:16.861418172 +0100 +@@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void); + int FIPS_selftest_drbg(void); + int FIPS_selftest_cmac(void); + ++int fips_in_post(void); ++ + int fips_pkey_signature_test(EVP_PKEY *pkey, + const unsigned char *tbs, int tbslen, + const unsigned char *kat, +diff -up openssl-1.1.1e/include/crypto/rand.h.fips-post-rand openssl-1.1.1e/include/crypto/rand.h +--- openssl-1.1.1e/include/crypto/rand.h.fips-post-rand 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/crypto/rand.h 2020-03-17 18:07:35.303045555 +0100 +@@ -24,6 +24,7 @@ + typedef struct rand_pool_st RAND_POOL; + + void rand_cleanup_int(void); ++void rand_force_reseed(void); + void rand_drbg_cleanup_int(void); + void drbg_delete_thread_state(void); + diff --git a/thirdparty/openssl/patches/openssl-1.1.1-fips.patch b/thirdparty/openssl/patches/openssl-1.1.1-fips.patch new file mode 100644 index 000000000..c9137caf4 --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-fips.patch @@ -0,0 +1,11655 @@ +diff -up openssl-1.1.1g/apps/pkcs12.c.fips openssl-1.1.1g/apps/pkcs12.c +--- openssl-1.1.1g/apps/pkcs12.c.fips 2020-04-23 13:26:06.975649817 +0200 ++++ openssl-1.1.1g/apps/pkcs12.c 2020-04-23 13:28:27.689995889 +0200 +@@ -123,7 +123,7 @@ int pkcs12_main(int argc, char **argv) + int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0; + int iter = PKCS12_DEFAULT_ITER, maciter = PKCS12_DEFAULT_ITER; + #ifndef OPENSSL_NO_RC2 +- int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; ++ int cert_pbe = FIPS_mode() ? NID_pbe_WithSHA1And3_Key_TripleDES_CBC : NID_pbe_WithSHA1And40BitRC2_CBC; + #else + int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; + #endif +diff -up openssl-1.1.1e/apps/speed.c.fips openssl-1.1.1e/apps/speed.c +--- openssl-1.1.1e/apps/speed.c.fips 2020-03-17 17:30:51.997567897 +0100 ++++ openssl-1.1.1e/apps/speed.c 2020-03-17 17:30:52.021567479 +0100 +@@ -1593,7 +1593,8 @@ int speed_main(int argc, char **argv) + continue; + if (strcmp(*argv, "rsa") == 0) { + for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++) +- rsa_doit[loop] = 1; ++ if (!FIPS_mode() || loop != R_RSA_512) ++ rsa_doit[loop] = 1; + continue; + } + if (found(*argv, rsa_choices, &i)) { +@@ -1603,7 +1604,9 @@ int speed_main(int argc, char **argv) + #endif + #ifndef OPENSSL_NO_DSA + if (strcmp(*argv, "dsa") == 0) { +- dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] = ++ if (!FIPS_mode()) ++ dsa_doit[R_DSA_512] = 1; ++ dsa_doit[R_DSA_1024] = + dsa_doit[R_DSA_2048] = 1; + continue; + } +@@ -1634,19 +1637,21 @@ int speed_main(int argc, char **argv) + } + if (strcmp(*argv, "ecdh") == 0) { + for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++) +- ecdh_doit[loop] = 1; ++ if(!FIPS_mode() || (loop != R_EC_X25519 && loop != R_EC_X448)) ++ ecdh_doit[loop] = 1; + continue; + } + if (found(*argv, ecdh_choices, &i)) { +- ecdh_doit[i] = 2; ++ if(!FIPS_mode() || (i != R_EC_X25519 && i != R_EC_X448)) ++ ecdh_doit[i] = 2; + continue; + } +- if (strcmp(*argv, "eddsa") == 0) { ++ if (!FIPS_mode() && strcmp(*argv, "eddsa") == 0) { + for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++) + eddsa_doit[loop] = 1; + continue; + } +- if (found(*argv, eddsa_choices, &i)) { ++ if (!FIPS_mode() && found(*argv, eddsa_choices, &i)) { + eddsa_doit[i] = 2; + continue; + } +@@ -1735,23 +1740,31 @@ int speed_main(int argc, char **argv) + /* No parameters; turn on everything. */ + if ((argc == 0) && !doit[D_EVP]) { + for (i = 0; i < ALGOR_NUM; i++) +- if (i != D_EVP) ++ if (i != D_EVP && ++ (!FIPS_mode() || (i != D_WHIRLPOOL && ++ i != D_MD2 && i != D_MD4 && ++ i != D_MD5 && i != D_MDC2 && ++ i != D_RMD160))) + doit[i] = 1; + #ifndef OPENSSL_NO_RSA + for (i = 0; i < RSA_NUM; i++) +- rsa_doit[i] = 1; ++ if (!FIPS_mode() || i != R_RSA_512) ++ rsa_doit[i] = 1; + #endif + #ifndef OPENSSL_NO_DSA + for (i = 0; i < DSA_NUM; i++) +- dsa_doit[i] = 1; ++ if (!FIPS_mode() || i != R_DSA_512) ++ dsa_doit[i] = 1; + #endif + #ifndef OPENSSL_NO_EC + for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++) + ecdsa_doit[loop] = 1; + for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++) +- ecdh_doit[loop] = 1; +- for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++) +- eddsa_doit[loop] = 1; ++ if(!FIPS_mode() || (loop != R_EC_X25519 && loop != R_EC_X448)) ++ ecdh_doit[loop] = 1; ++ if (!FIPS_mode()) ++ for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++) ++ eddsa_doit[loop] = 1; + #endif + } + for (i = 0; i < ALGOR_NUM; i++) +@@ -1799,30 +1812,46 @@ int speed_main(int argc, char **argv) + AES_set_encrypt_key(key24, 192, &aes_ks2); + AES_set_encrypt_key(key32, 256, &aes_ks3); + #ifndef OPENSSL_NO_CAMELLIA +- Camellia_set_key(key16, 128, &camellia_ks1); +- Camellia_set_key(ckey24, 192, &camellia_ks2); +- Camellia_set_key(ckey32, 256, &camellia_ks3); ++ if (doit[D_CBC_128_CML] || doit[D_CBC_192_CML] || doit[D_CBC_256_CML]) { ++ Camellia_set_key(key16, 128, &camellia_ks1); ++ Camellia_set_key(ckey24, 192, &camellia_ks2); ++ Camellia_set_key(ckey32, 256, &camellia_ks3); ++ } + #endif + #ifndef OPENSSL_NO_IDEA +- IDEA_set_encrypt_key(key16, &idea_ks); ++ if (doit[D_CBC_IDEA]) { ++ IDEA_set_encrypt_key(key16, &idea_ks); ++ } + #endif + #ifndef OPENSSL_NO_SEED +- SEED_set_key(key16, &seed_ks); ++ if (doit[D_CBC_SEED]) { ++ SEED_set_key(key16, &seed_ks); ++ } + #endif + #ifndef OPENSSL_NO_RC4 +- RC4_set_key(&rc4_ks, 16, key16); ++ if (doit[D_RC4]) { ++ RC4_set_key(&rc4_ks, 16, key16); ++ } + #endif + #ifndef OPENSSL_NO_RC2 +- RC2_set_key(&rc2_ks, 16, key16, 128); ++ if (doit[D_CBC_RC2]) { ++ RC2_set_key(&rc2_ks, 16, key16, 128); ++ } + #endif + #ifndef OPENSSL_NO_RC5 +- RC5_32_set_key(&rc5_ks, 16, key16, 12); ++ if (doit[D_CBC_RC5]) { ++ RC5_32_set_key(&rc5_ks, 16, key16, 12); ++ } + #endif + #ifndef OPENSSL_NO_BF +- BF_set_key(&bf_ks, 16, key16); ++ if (doit[D_CBC_BF]) { ++ BF_set_key(&bf_ks, 16, key16); ++ } + #endif + #ifndef OPENSSL_NO_CAST +- CAST_set_key(&cast_ks, 16, key16); ++ if (doit[D_CBC_CAST]) { ++ CAST_set_key(&cast_ks, 16, key16); ++ } + #endif + #ifndef SIGALRM + # ifndef OPENSSL_NO_DES +@@ -2120,6 +2149,7 @@ int speed_main(int argc, char **argv) + + for (i = 0; i < loopargs_len; i++) { + loopargs[i].hctx = HMAC_CTX_new(); ++ HMAC_CTX_set_flags(loopargs[i].hctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); + if (loopargs[i].hctx == NULL) { + BIO_printf(bio_err, "HMAC malloc failure, exiting..."); + exit(1); +diff -up openssl-1.1.1e/Configure.fips openssl-1.1.1e/Configure +--- openssl-1.1.1e/Configure.fips 2020-03-17 17:30:52.015567584 +0100 ++++ openssl-1.1.1e/Configure 2020-03-17 17:30:52.022567462 +0100 +@@ -319,7 +319,7 @@ $config{sdirs} = [ + "md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", "blake2", "siphash", "sm3", + "des", "aes", "rc2", "rc4", "rc5", "idea", "aria", "bf", "cast", "camellia", "seed", "sm4", "chacha", "modes", + "bn", "ec", "rsa", "dsa", "dh", "sm2", "dso", "engine", +- "buffer", "bio", "stack", "lhash", "rand", "err", ++ "buffer", "bio", "stack", "lhash", "rand", "err", "fips", + "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui", + "cms", "ts", "srp", "cmac", "ct", "async", "kdf", "store" + ]; +diff -up openssl-1.1.1e/crypto/cmac/cm_pmeth.c.fips openssl-1.1.1e/crypto/cmac/cm_pmeth.c +--- openssl-1.1.1e/crypto/cmac/cm_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/cmac/cm_pmeth.c 2020-03-17 17:30:52.022567462 +0100 +@@ -129,7 +129,7 @@ static int pkey_cmac_ctrl_str(EVP_PKEY_C + + const EVP_PKEY_METHOD cmac_pkey_meth = { + EVP_PKEY_CMAC, +- EVP_PKEY_FLAG_SIGCTX_CUSTOM, ++ EVP_PKEY_FLAG_SIGCTX_CUSTOM | EVP_PKEY_FLAG_FIPS, + pkey_cmac_init, + pkey_cmac_copy, + pkey_cmac_cleanup, +diff -up openssl-1.1.1e/crypto/dh/dh_err.c.fips openssl-1.1.1e/crypto/dh/dh_err.c +--- openssl-1.1.1e/crypto/dh/dh_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_err.c 2020-03-17 17:30:52.022567462 +0100 +@@ -25,6 +25,9 @@ static const ERR_STRING_DATA DH_str_func + {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_PEERKEY, 0), "dh_cms_set_peerkey"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_SHARED_INFO, 0), + "dh_cms_set_shared_info"}, ++ {ERR_PACK(ERR_LIB_DH, DH_F_DH_COMPUTE_KEY, 0), "DH_compute_key"}, ++ {ERR_PACK(ERR_LIB_DH, DH_F_DH_GENERATE_KEY, 0), "DH_generate_key"}, ++ {ERR_PACK(ERR_LIB_DH, DH_F_DH_GENERATE_PARAMETERS_EX, 0), "DH_generate_parameters_ex"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_DUP, 0), "DH_meth_dup"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_NEW, 0), "DH_meth_new"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_SET1_NAME, 0), "DH_meth_set1_name"}, +@@ -72,12 +75,14 @@ static const ERR_STRING_DATA DH_str_reas + {ERR_PACK(ERR_LIB_DH, 0, DH_R_INVALID_PUBKEY), "invalid public key"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_KDF_PARAMETER_ERROR), "kdf parameter error"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_KEYS_NOT_SET), "keys not set"}, ++ {ERR_PACK(ERR_LIB_DH, 0, DH_R_KEY_SIZE_TOO_SMALL), "key size too small"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_MISSING_PUBKEY), "missing pubkey"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_MODULUS_TOO_LARGE), "modulus too large"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_NOT_SUITABLE_GENERATOR), + "not suitable generator"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PARAMETERS_SET), "no parameters set"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PRIVATE_VALUE), "no private value"}, ++ {ERR_PACK(ERR_LIB_DH, 0, DH_R_NON_FIPS_METHOD), "non FIPS method"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR), + "parameter encoding error"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"}, +diff -up openssl-1.1.1e/crypto/dh/dh_gen.c.fips openssl-1.1.1e/crypto/dh/dh_gen.c +--- openssl-1.1.1e/crypto/dh/dh_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_gen.c 2020-03-17 18:03:31.005320382 +0100 +@@ -16,6 +16,9 @@ + #include "internal/cryptlib.h" + #include + #include "dh_local.h" ++#ifdef OPENSSL_FIPS ++# include ++#endif + + static int dh_builtin_genparams(DH *ret, int prime_len, int generator, + BN_GENCB *cb); +@@ -23,6 +26,13 @@ static int dh_builtin_genparams(DH *ret, + int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, + BN_GENCB *cb) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD) ++ && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW)) { ++ DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD); ++ return 0; ++ } ++#endif + if (ret->meth->generate_params) + return ret->meth->generate_params(ret, prime_len, generator, cb); + return dh_builtin_genparams(ret, prime_len, generator, cb); +@@ -65,6 +75,18 @@ static int dh_builtin_genparams(DH *ret, + int g, ok = -1; + BN_CTX *ctx = NULL; + ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_DH_BUILTIN_GENPARAMS, FIPS_R_FIPS_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN)) { ++ DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL); ++ goto err; ++ } ++#endif ++ + ctx = BN_CTX_new(); + if (ctx == NULL) + goto err; +diff -up openssl-1.1.1e/crypto/dh/dh_key.c.fips openssl-1.1.1e/crypto/dh/dh_key.c +--- openssl-1.1.1e/crypto/dh/dh_key.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_key.c 2020-03-17 18:03:52.706940641 +0100 +@@ -11,6 +11,9 @@ + #include "internal/cryptlib.h" + #include "dh_local.h" + #include "crypto/bn.h" ++#ifdef OPENSSL_FIPS ++# include ++#endif + + static int generate_key(DH *dh); + static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); +@@ -22,18 +25,32 @@ static int dh_finish(DH *dh); + + int DH_generate_key(DH *dh) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD) ++ && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) { ++ DHerr(DH_F_DH_GENERATE_KEY, DH_R_NON_FIPS_METHOD); ++ return 0; ++ } ++#endif + return dh->meth->generate_key(dh); + } + + int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD) ++ && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) { ++ DHerr(DH_F_DH_COMPUTE_KEY, DH_R_NON_FIPS_METHOD); ++ return 0; ++ } ++#endif + return dh->meth->compute_key(key, pub_key, dh); + } + + int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh) + { + int rv, pad; +- rv = dh->meth->compute_key(key, pub_key, dh); ++ rv = DH_compute_key(key, pub_key, dh); + if (rv <= 0) + return rv; + pad = BN_num_bytes(dh->p) - rv; +@@ -82,6 +99,14 @@ static int generate_key(DH *dh) + BN_MONT_CTX *mont = NULL; + BIGNUM *pub_key = NULL, *priv_key = NULL; + ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() ++ && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) { ++ DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL); ++ return 0; ++ } ++#endif ++ + if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { + DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE); + return 0; +@@ -179,6 +204,13 @@ static int compute_key(unsigned char *ke + DHerr(DH_F_COMPUTE_KEY, DH_R_MODULUS_TOO_LARGE); + goto err; + } ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() ++ && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) { ++ DHerr(DH_F_COMPUTE_KEY, DH_R_KEY_SIZE_TOO_SMALL); ++ goto err; ++ } ++#endif + + ctx = BN_CTX_new(); + if (ctx == NULL) +@@ -228,6 +260,9 @@ static int dh_bn_mod_exp(const DH *dh, B + + static int dh_init(DH *dh) + { ++#ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++#endif + dh->flags |= DH_FLAG_CACHE_MONT_P; + return 1; + } +diff -up openssl-1.1.1e/crypto/dh/dh_pmeth.c.fips openssl-1.1.1e/crypto/dh/dh_pmeth.c +--- openssl-1.1.1e/crypto/dh/dh_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_pmeth.c 2020-03-17 17:30:52.023567444 +0100 +@@ -480,7 +480,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX * + + const EVP_PKEY_METHOD dh_pkey_meth = { + EVP_PKEY_DH, +- 0, ++ EVP_PKEY_FLAG_FIPS, + pkey_dh_init, + pkey_dh_copy, + pkey_dh_cleanup, +@@ -514,7 +514,7 @@ const EVP_PKEY_METHOD dh_pkey_meth = { + + const EVP_PKEY_METHOD dhx_pkey_meth = { + EVP_PKEY_DHX, +- 0, ++ EVP_PKEY_FLAG_FIPS, + pkey_dh_init, + pkey_dh_copy, + pkey_dh_cleanup, +diff -up openssl-1.1.1e/crypto/dsa/dsa_err.c.fips openssl-1.1.1e/crypto/dsa/dsa_err.c +--- openssl-1.1.1e/crypto/dsa/dsa_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_err.c 2020-03-17 17:30:52.023567444 +0100 +@@ -16,12 +16,15 @@ + static const ERR_STRING_DATA DSA_str_functs[] = { + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSAPARAMS_PRINT, 0), "DSAparams_print"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSAPARAMS_PRINT_FP, 0), "DSAparams_print_fp"}, ++ {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_BUILTIN_KEYGEN, 0), "dsa_builtin_keygen"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_BUILTIN_PARAMGEN, 0), + "dsa_builtin_paramgen"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_BUILTIN_PARAMGEN2, 0), + "dsa_builtin_paramgen2"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_DO_SIGN, 0), "DSA_do_sign"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_DO_VERIFY, 0), "DSA_do_verify"}, ++ {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_GENERATE_KEY, 0), "DSA_generate_key"}, ++ {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_GENERATE_PARAMETERS_EX, 0), "DSA_generate_parameters_ex"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_DUP, 0), "DSA_meth_dup"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_NEW, 0), "DSA_meth_new"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_SET1_NAME, 0), "DSA_meth_set1_name"}, +@@ -51,11 +54,14 @@ static const ERR_STRING_DATA DSA_str_rea + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_INVALID_DIGEST_TYPE), + "invalid digest type"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_INVALID_PARAMETERS), "invalid parameters"}, ++ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_KEY_SIZE_INVALID), "key size invalid"}, ++ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_KEY_SIZE_TOO_SMALL), "key size too small"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MISSING_PARAMETERS), "missing parameters"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MISSING_PRIVATE_KEY), + "missing private key"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MODULUS_TOO_LARGE), "modulus too large"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NO_PARAMETERS_SET), "no parameters set"}, ++ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NON_FIPS_DSA_METHOD), "non FIPS DSA method"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_PARAMETER_ENCODING_ERROR), + "parameter encoding error"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_Q_NOT_PRIME), "q not prime"}, +diff -up openssl-1.1.1e/crypto/dsa/dsa_gen.c.fips openssl-1.1.1e/crypto/dsa/dsa_gen.c +--- openssl-1.1.1e/crypto/dsa/dsa_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_gen.c 2020-03-17 18:02:14.626656877 +0100 +@@ -22,12 +22,22 @@ + #include + #include + #include "dsa_local.h" ++#ifdef OPENSSL_FIPS ++# include ++#endif + + int DSA_generate_parameters_ex(DSA *ret, int bits, + const unsigned char *seed_in, int seed_len, + int *counter_ret, unsigned long *h_ret, + BN_GENCB *cb) + { ++# ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD) ++ && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW)) { ++ DSAerr(DSA_F_DSA_GENERATE_PARAMETERS_EX, DSA_R_NON_FIPS_DSA_METHOD); ++ return 0; ++ } ++# endif + if (ret->meth->dsa_paramgen) + return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, + counter_ret, h_ret, cb); +@@ -35,9 +45,15 @@ int DSA_generate_parameters_ex(DSA *ret, + const EVP_MD *evpmd = bits >= 2048 ? EVP_sha256() : EVP_sha1(); + size_t qbits = EVP_MD_size(evpmd) * 8; + ++# ifdef OPENSSL_FIPS ++ return dsa_builtin_paramgen2(ret, bits, qbits, evpmd, ++ seed_in, seed_len, -1, NULL, counter_ret, ++ h_ret, cb); ++# else + return dsa_builtin_paramgen(ret, bits, qbits, evpmd, + seed_in, seed_len, NULL, counter_ret, + h_ret, cb); ++# endif + } + } + +@@ -309,7 +325,7 @@ int dsa_builtin_paramgen2(DSA *ret, size + int *counter_ret, unsigned long *h_ret, + BN_GENCB *cb) + { +- int ok = -1; ++ int ok = 0; + unsigned char *seed = NULL, *seed_tmp = NULL; + unsigned char md[EVP_MAX_MD_SIZE]; + int mdsize; +@@ -332,6 +348,20 @@ int dsa_builtin_paramgen2(DSA *ret, size + goto err; + } + ++# ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_DSA_BUILTIN_PARAMGEN2, FIPS_R_FIPS_SELFTEST_FAILED); ++ goto err; ++ } ++ ++ if (FIPS_mode() && ++ (L != 2048 || N != 224) && (L != 2048 || N != 256) && ++ (L != 3072 || N != 256)) { ++ DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_KEY_SIZE_INVALID); ++ goto err; ++ } ++# endif ++ + if (evpmd == NULL) { + if (N == 160) + evpmd = EVP_sha1(); +@@ -432,9 +462,10 @@ int dsa_builtin_paramgen2(DSA *ret, size + goto err; + /* Provided seed didn't produce a prime: error */ + if (seed_in) { +- ok = 0; +- DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_Q_NOT_PRIME); +- goto err; ++ /* Different seed_out will indicate that seed_in ++ * did not generate primes. ++ */ ++ seed_in = NULL; + } + + /* do a callback call */ +@@ -520,11 +551,14 @@ int dsa_builtin_paramgen2(DSA *ret, size + if (counter >= (int)(4 * L)) + break; + } ++#if 0 ++ /* Cannot happen */ + if (seed_in) { + ok = 0; + DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS); + goto err; + } ++#endif + } + end: + if (!BN_GENCB_call(cb, 2, 1)) +@@ -595,7 +629,7 @@ int dsa_builtin_paramgen2(DSA *ret, size + BN_free(ret->g); + ret->g = BN_dup(g); + if (ret->p == NULL || ret->q == NULL || ret->g == NULL) { +- ok = -1; ++ ok = 0; + goto err; + } + if (counter_ret != NULL) +@@ -612,3 +646,53 @@ int dsa_builtin_paramgen2(DSA *ret, size + EVP_MD_CTX_free(mctx); + return ok; + } ++ ++#ifdef OPENSSL_FIPS ++ ++int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, ++ const EVP_MD *evpmd, const unsigned char *seed_in, ++ size_t seed_len, int idx, unsigned char *seed_out, ++ int *counter_ret, unsigned long *h_ret, ++ BN_GENCB *cb) ++{ ++ return dsa_builtin_paramgen2(ret, L, N, evpmd, seed_in, seed_len, ++ idx, seed_out, counter_ret, h_ret, cb); ++} ++ ++int FIPS_dsa_paramgen_check_g(DSA *dsa) ++{ ++ BN_CTX *ctx; ++ BIGNUM *tmp; ++ BN_MONT_CTX *mont = NULL; ++ int rv = -1; ++ ++ ctx = BN_CTX_new(); ++ if (ctx == NULL) ++ return -1; ++ if (BN_cmp(dsa->g, BN_value_one()) <= 0) ++ return 0; ++ if (BN_cmp(dsa->g, dsa->p) >= 0) ++ return 0; ++ BN_CTX_start(ctx); ++ tmp = BN_CTX_get(ctx); ++ if (tmp == NULL) ++ goto err; ++ if ((mont=BN_MONT_CTX_new()) == NULL) ++ goto err; ++ if (!BN_MONT_CTX_set(mont,dsa->p,ctx)) ++ goto err; ++ /* Work out g^q mod p */ ++ if (!BN_mod_exp_mont(tmp,dsa->g,dsa->q, dsa->p, ctx, mont)) ++ goto err; ++ if (!BN_cmp(tmp, BN_value_one())) ++ rv = 1; ++ else ++ rv = 0; ++ err: ++ BN_CTX_end(ctx); ++ BN_MONT_CTX_free(mont); ++ BN_CTX_free(ctx); ++ return rv; ++} ++ ++#endif +diff -up openssl-1.1.1e/crypto/dsa/dsa_key.c.fips openssl-1.1.1e/crypto/dsa/dsa_key.c +--- openssl-1.1.1e/crypto/dsa/dsa_key.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_key.c 2020-03-17 18:02:51.103018604 +0100 +@@ -13,10 +13,49 @@ + #include + #include "dsa_local.h" + ++#ifdef OPENSSL_FIPS ++# include ++# include "crypto/fips.h" ++ ++static int fips_check_dsa(DSA *dsa) ++{ ++ EVP_PKEY *pk; ++ unsigned char tbs[] = "DSA Pairwise Check Data"; ++ int ret = 0; ++ ++ if ((pk = EVP_PKEY_new()) == NULL) ++ goto err; ++ ++ EVP_PKEY_set1_DSA(pk, dsa); ++ ++ if (fips_pkey_signature_test(pk, tbs, -1, NULL, 0, NULL, 0, NULL)) ++ ret = 1; ++ ++ err: ++ if (ret == 0) { ++ FIPSerr(FIPS_F_FIPS_CHECK_DSA, FIPS_R_PAIRWISE_TEST_FAILED); ++ fips_set_selftest_fail(); ++ } ++ ++ if (pk) ++ EVP_PKEY_free(pk); ++ ++ return ret; ++} ++ ++#endif ++ + static int dsa_builtin_keygen(DSA *dsa); + + int DSA_generate_key(DSA *dsa) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD) ++ && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) { ++ DSAerr(DSA_F_DSA_GENERATE_KEY, DSA_R_NON_FIPS_DSA_METHOD); ++ return 0; ++ } ++#endif + if (dsa->meth->dsa_keygen) + return dsa->meth->dsa_keygen(dsa); + return dsa_builtin_keygen(dsa); +@@ -28,6 +67,14 @@ static int dsa_builtin_keygen(DSA *dsa) + BN_CTX *ctx = NULL; + BIGNUM *pub_key = NULL, *priv_key = NULL; + ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS_GEN)) { ++ DSAerr(DSA_F_DSA_BUILTIN_KEYGEN, DSA_R_KEY_SIZE_TOO_SMALL); ++ goto err; ++ } ++#endif ++ + if ((ctx = BN_CTX_new()) == NULL) + goto err; + +@@ -65,6 +112,13 @@ static int dsa_builtin_keygen(DSA *dsa) + + dsa->priv_key = priv_key; + dsa->pub_key = pub_key; ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !fips_check_dsa(dsa)) { ++ dsa->pub_key = NULL; ++ dsa->priv_key = NULL; ++ goto err; ++ } ++#endif + ok = 1; + + err: +diff -up openssl-1.1.1e/crypto/dsa/dsa_ossl.c.fips openssl-1.1.1e/crypto/dsa/dsa_ossl.c +--- openssl-1.1.1e/crypto/dsa/dsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_ossl.c 2020-03-19 17:11:22.037994064 +0100 +@@ -14,6 +14,9 @@ + #include + #include "dsa_local.h" + #include ++#ifdef OPENSSL_FIPS ++# include ++#endif + + static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); + static int dsa_sign_setup_no_digest(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, +@@ -77,6 +80,19 @@ static DSA_SIG *dsa_do_sign(const unsign + goto err; + } + ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_DSA_DO_SIGN, FIPS_R_FIPS_SELFTEST_FAILED); ++ return NULL; ++ } ++ ++ if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_KEY_SIZE_TOO_SMALL); ++ return NULL; ++ } ++#endif ++ + ret = DSA_SIG_new(); + if (ret == NULL) + goto err; +@@ -315,6 +331,18 @@ static int dsa_do_verify(const unsigned + DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_BAD_Q_VALUE); + return -1; + } ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_DSA_DO_VERIFY, FIPS_R_FIPS_SELFTEST_FAILED); ++ return -1; ++ } ++ ++ if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_KEY_SIZE_TOO_SMALL); ++ return -1; ++ } ++#endif + + if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) { + DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MODULUS_TOO_LARGE); +@@ -403,6 +431,9 @@ static int dsa_do_verify(const unsigned + + static int dsa_init(DSA *dsa) + { ++#ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++#endif + dsa->flags |= DSA_FLAG_CACHE_MONT_P; + return 1; + } +diff -up openssl-1.1.1e/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1e/crypto/dsa/dsa_pmeth.c +--- openssl-1.1.1e/crypto/dsa/dsa_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_pmeth.c 2020-03-17 17:30:52.025567409 +0100 +@@ -211,8 +211,8 @@ static int pkey_dsa_paramgen(EVP_PKEY_CT + BN_GENCB_free(pcb); + return 0; + } +- ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd, +- NULL, 0, NULL, NULL, NULL, pcb); ++ ret = dsa_builtin_paramgen2(dsa, dctx->nbits, dctx->qbits, dctx->pmd, ++ NULL, 0, -1, NULL, NULL, NULL, pcb); + BN_GENCB_free(pcb); + if (ret) + EVP_PKEY_assign_DSA(pkey, dsa); +@@ -241,7 +241,7 @@ static int pkey_dsa_keygen(EVP_PKEY_CTX + + const EVP_PKEY_METHOD dsa_pkey_meth = { + EVP_PKEY_DSA, +- EVP_PKEY_FLAG_AUTOARGLEN, ++ EVP_PKEY_FLAG_AUTOARGLEN | EVP_PKEY_FLAG_FIPS, + pkey_dsa_init, + pkey_dsa_copy, + pkey_dsa_cleanup, +diff -up openssl-1.1.1e/crypto/ec/ecdh_ossl.c.fips openssl-1.1.1e/crypto/ec/ecdh_ossl.c +--- openssl-1.1.1e/crypto/ec/ecdh_ossl.c.fips 2020-03-17 17:30:52.025567409 +0100 ++++ openssl-1.1.1e/crypto/ec/ecdh_ossl.c 2020-03-17 18:01:24.704530440 +0100 +@@ -19,9 +19,20 @@ + #include + #include "ec_local.h" + ++#ifdef OPENSSL_FIPS ++# include ++#endif ++ + int ossl_ecdh_compute_key(unsigned char **psec, size_t *pseclen, + const EC_POINT *pub_key, const EC_KEY *ecdh) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_ECDH_COMPUTE_KEY, FIPS_R_FIPS_SELFTEST_FAILED); ++ return -1; ++ } ++#endif ++ + if (ecdh->group->meth->ecdh_compute_key == NULL) { + ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH); + return 0; +diff -up openssl-1.1.1e/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.1e/crypto/ec/ecdsa_ossl.c +--- openssl-1.1.1e/crypto/ec/ecdsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/ec/ecdsa_ossl.c 2020-03-17 18:01:41.642234061 +0100 +@@ -14,6 +14,10 @@ + #include "crypto/bn.h" + #include "ec_local.h" + ++#ifdef OPENSSL_FIPS ++# include ++#endif ++ + int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, + unsigned char *sig, unsigned int *siglen, + const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey) +@@ -163,6 +167,13 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns + ECDSA_SIG *ret; + const BIGNUM *priv_key; + ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_OSSL_ECDSA_SIGN_SIG, FIPS_R_FIPS_SELFTEST_FAILED); ++ return NULL; ++ } ++#endif ++ + group = EC_KEY_get0_group(eckey); + priv_key = EC_KEY_get0_private_key(eckey); + +@@ -325,6 +336,13 @@ int ossl_ecdsa_verify_sig(const unsigned + const EC_GROUP *group; + const EC_POINT *pub_key; + ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_OSSL_ECDSA_VERIFY_SIG, FIPS_R_FIPS_SELFTEST_FAILED); ++ return -1; ++ } ++#endif ++ + /* check input values */ + if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || + (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) { +diff -up openssl-1.1.1e/crypto/ec/ec_key.c.fips openssl-1.1.1e/crypto/ec/ec_key.c +--- openssl-1.1.1e/crypto/ec/ec_key.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/ec/ec_key.c 2020-03-17 17:30:52.026567392 +0100 +@@ -178,14 +178,62 @@ ENGINE *EC_KEY_get0_engine(const EC_KEY + return eckey->engine; + } + ++#ifdef OPENSSL_FIPS ++ ++# include ++# include "crypto/fips.h" ++ ++static int fips_check_ec(EC_KEY *key) ++{ ++ EVP_PKEY *pk; ++ unsigned char tbs[] = "ECDSA Pairwise Check Data"; ++ int ret = 0; ++ ++ if (!EC_KEY_can_sign(key)) /* no test for non-signing keys */ ++ return 1; ++ ++ if ((pk = EVP_PKEY_new()) == NULL) ++ goto err; ++ ++ EVP_PKEY_set1_EC_KEY(pk, key); ++ ++ if (fips_pkey_signature_test(pk, tbs, -1, NULL, 0, NULL, 0, NULL)) ++ ret = 1; ++ ++ err: ++ if (ret == 0) { ++ FIPSerr(FIPS_F_FIPS_CHECK_EC, FIPS_R_PAIRWISE_TEST_FAILED); ++ fips_set_selftest_fail(); ++ } ++ if (pk) ++ EVP_PKEY_free(pk); ++ return ret; ++} ++ ++#endif ++ + int EC_KEY_generate_key(EC_KEY *eckey) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ ECerr(EC_F_EC_KEY_GENERATE_KEY, EC_R_NOT_INITIALIZED); ++ return 0; ++ } ++#endif + if (eckey == NULL || eckey->group == NULL) { + ECerr(EC_F_EC_KEY_GENERATE_KEY, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } +- if (eckey->meth->keygen != NULL) +- return eckey->meth->keygen(eckey); ++ if (eckey->meth->keygen != NULL) { ++ int rv = eckey->meth->keygen(eckey); ++ ++#ifdef OPENSSL_FIPS ++ if (rv > 0 && FIPS_mode()) { ++ rv = fips_check_ec(eckey); ++ } ++#endif ++ return rv; ++ } + ECerr(EC_F_EC_KEY_GENERATE_KEY, EC_R_OPERATION_NOT_SUPPORTED); + return 0; + } +diff -up openssl-1.1.1e/crypto/ec/ec_pmeth.c.fips openssl-1.1.1e/crypto/ec/ec_pmeth.c +--- openssl-1.1.1e/crypto/ec/ec_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/ec/ec_pmeth.c 2020-03-17 17:30:52.026567392 +0100 +@@ -438,7 +438,7 @@ static int pkey_ec_keygen(EVP_PKEY_CTX * + + const EVP_PKEY_METHOD ec_pkey_meth = { + EVP_PKEY_EC, +- 0, ++ EVP_PKEY_FLAG_FIPS, + pkey_ec_init, + pkey_ec_copy, + pkey_ec_cleanup, +diff -up openssl-1.1.1e/crypto/evp/digest.c.fips openssl-1.1.1e/crypto/evp/digest.c +--- openssl-1.1.1e/crypto/evp/digest.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/digest.c 2020-03-17 17:38:57.528093469 +0100 +@@ -14,6 +14,9 @@ + #include + #include "crypto/evp.h" + #include "evp_local.h" ++#ifdef OPENSSL_FIPS ++# include ++#endif + + /* This call frees resources associated with the context */ + int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) +@@ -66,6 +69,12 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, cons + int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) + { + EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_EVP_DIGESTINIT_EX, FIPS_R_FIPS_SELFTEST_FAILED); ++ return 0; ++ } ++#endif + #ifndef OPENSSL_NO_ENGINE + /* + * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so +@@ -119,6 +128,15 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c + } + #endif + if (ctx->digest != type) { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode()) { ++ if (!(type->flags & EVP_MD_FLAG_FIPS) ++ && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) { ++ EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_DISABLED_FOR_FIPS); ++ return 0; ++ } ++ } ++#endif + if (ctx->digest && ctx->digest->ctx_size) { + OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); + ctx->md_data = NULL; +@@ -150,6 +168,10 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c + + int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) + { ++#ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++#endif ++ + if (count == 0) + return 1; + +@@ -170,6 +192,9 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, + { + int ret; + ++#ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++#endif + OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); + ret = ctx->digest->final(ctx, md); + if (size != NULL) +diff -up openssl-1.1.1e/crypto/evp/e_aes.c.fips openssl-1.1.1e/crypto/evp/e_aes.c +--- openssl-1.1.1e/crypto/evp/e_aes.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/e_aes.c 2020-03-17 17:30:52.028567357 +0100 +@@ -397,7 +397,7 @@ static int aesni_xts_init_key(EVP_CIPHER + * This addresses Rogaway's vulnerability. + * See comment in aes_xts_init_key() below. + */ +- if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) { ++ if (CRYPTO_memcmp(key, key + bytes, bytes) == 0) { + EVPerr(EVP_F_AESNI_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS); + return 0; + } +@@ -817,7 +817,7 @@ static int aes_t4_xts_init_key(EVP_CIPHE + * This addresses Rogaway's vulnerability. + * See comment in aes_xts_init_key() below. + */ +- if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) { ++ if (CRYPTO_memcmp(key, key + bytes, bytes) == 0) { + EVPerr(EVP_F_AES_T4_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS); + return 0; + } +@@ -2833,9 +2833,9 @@ static int aes_ctr_cipher(EVP_CIPHER_CTX + return 1; + } + +-BLOCK_CIPHER_generic_pack(NID_aes, 128, 0) +- BLOCK_CIPHER_generic_pack(NID_aes, 192, 0) +- BLOCK_CIPHER_generic_pack(NID_aes, 256, 0) ++BLOCK_CIPHER_generic_pack(NID_aes, 128, EVP_CIPH_FLAG_FIPS) ++ BLOCK_CIPHER_generic_pack(NID_aes, 192, EVP_CIPH_FLAG_FIPS) ++ BLOCK_CIPHER_generic_pack(NID_aes, 256, EVP_CIPH_FLAG_FIPS) + + static int aes_gcm_cleanup(EVP_CIPHER_CTX *c) + { +@@ -2869,6 +2869,11 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX * + case EVP_CTRL_AEAD_SET_IVLEN: + if (arg <= 0) + return 0; ++# ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(c->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) ++ && arg < 12) ++ return 0; ++# endif + /* Allocate memory for IV if needed */ + if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) { + if (gctx->iv != c->iv) +@@ -3318,11 +3323,14 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX + | EVP_CIPH_CUSTOM_COPY | EVP_CIPH_CUSTOM_IV_LENGTH) + + BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM, +- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) ++ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | ++ CUSTOM_FLAGS) + BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, gcm, GCM, +- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) ++ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | ++ CUSTOM_FLAGS) + BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, gcm, GCM, +- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) ++ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | ++ CUSTOM_FLAGS) + + static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) + { +@@ -3380,7 +3388,7 @@ static int aes_xts_init_key(EVP_CIPHER_C + * BEFORE using the keys in the XTS-AES algorithm to process + * data with them." + */ +- if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) { ++ if (CRYPTO_memcmp(key, key + bytes, bytes) == 0) { + EVPerr(EVP_F_AES_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS); + return 0; + } +@@ -3484,6 +3492,14 @@ static int aes_xts_cipher(EVP_CIPHER_CTX + return 0; + if (!out || !in || len < AES_BLOCK_SIZE) + return 0; ++# ifdef OPENSSL_FIPS ++ /* Requirement of SP800-38E */ ++ if (FIPS_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) && ++ (len > (1UL << 20) * 16)) { ++ EVPerr(EVP_F_AES_XTS_CIPHER, EVP_R_TOO_LARGE); ++ return 0; ++ } ++# endif + if (xctx->stream) + (*xctx->stream) (in, out, len, + xctx->xts.key1, xctx->xts.key2, +@@ -3501,8 +3517,10 @@ static int aes_xts_cipher(EVP_CIPHER_CTX + | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ + | EVP_CIPH_CUSTOM_COPY) + +-BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS, XTS_FLAGS) +- BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, XTS_FLAGS) ++BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS, ++ EVP_CIPH_FLAG_FIPS | XTS_FLAGS) ++ BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, ++ EVP_CIPH_FLAG_FIPS | XTS_FLAGS) + + static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) + { +@@ -3772,11 +3790,11 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX + #define aes_ccm_cleanup NULL + + BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, ccm, CCM, +- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) ++ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) + BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, ccm, CCM, +- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) ++ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) + BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, ccm, CCM, +- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) ++ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) + + typedef struct { + union { +@@ -3869,7 +3887,7 @@ static int aes_wrap_cipher(EVP_CIPHER_CT + return rv ? (int)rv : -1; + } + +-#define WRAP_FLAGS (EVP_CIPH_WRAP_MODE \ ++#define WRAP_FLAGS (EVP_CIPH_WRAP_MODE | EVP_CIPH_FLAG_FIPS \ + | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ + | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1) + +diff -up openssl-1.1.1e/crypto/evp/e_des3.c.fips openssl-1.1.1e/crypto/evp/e_des3.c +--- openssl-1.1.1e/crypto/evp/e_des3.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/e_des3.c 2020-03-17 17:30:52.029567340 +0100 +@@ -211,16 +211,19 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, + # define des_ede3_cbc_cipher des_ede_cbc_cipher + # define des_ede3_ecb_cipher des_ede_ecb_cipher + BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, +- EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, +- des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) ++ EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS | ++ EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, NULL, ++ des3_ctrl) + + BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1, +- EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, +- des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) ++ EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS | ++ EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, ++ NULL, des3_ctrl) + + BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8, +- EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, +- des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) ++ EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS | ++ EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, ++ NULL, des3_ctrl) + + static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +diff -up openssl-1.1.1e/crypto/evp/e_null.c.fips openssl-1.1.1e/crypto/evp/e_null.c +--- openssl-1.1.1e/crypto/evp/e_null.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/e_null.c 2020-03-17 17:30:52.029567340 +0100 +@@ -19,7 +19,8 @@ static int null_cipher(EVP_CIPHER_CTX *c + const unsigned char *in, size_t inl); + static const EVP_CIPHER n_cipher = { + NID_undef, +- 1, 0, 0, 0, ++ 1, 0, 0, ++ EVP_CIPH_FLAG_FIPS, + null_init_key, + null_cipher, + NULL, +diff -up openssl-1.1.1e/crypto/evp/evp_enc.c.fips openssl-1.1.1e/crypto/evp/evp_enc.c +--- openssl-1.1.1e/crypto/evp/evp_enc.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_enc.c 2020-03-17 17:39:52.663129373 +0100 +@@ -17,9 +17,18 @@ + #include + #include "crypto/evp.h" + #include "evp_local.h" ++#ifdef OPENSSL_FIPS ++# include ++#endif + + int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *c) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_EVP_CIPHER_CTX_RESET, FIPS_R_FIPS_SELFTEST_FAILED); ++ return 0; ++ } ++#endif + if (c == NULL) + return 1; + if (c->cipher != NULL) { +@@ -39,6 +48,12 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX + + EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_EVP_CIPHER_CTX_NEW, FIPS_R_FIPS_SELFTEST_FAILED); ++ return NULL; ++ } ++#endif + return OPENSSL_zalloc(sizeof(EVP_CIPHER_CTX)); + } + +@@ -67,6 +82,12 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct + enc = 1; + ctx->encrypt = enc; + } ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_EVP_CIPHERINIT_EX, FIPS_R_FIPS_SELFTEST_FAILED); ++ return 0; ++ } ++#endif + #ifndef OPENSSL_NO_ENGINE + /* + * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so +@@ -136,7 +157,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct + } + ctx->key_len = cipher->key_len; + /* Preserve wrap enable flag, zero everything else */ +- ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW; ++ ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW | EVP_CIPH_FLAG_NON_FIPS_ALLOW; + if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { + if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { + ctx->cipher = NULL; +@@ -195,6 +216,18 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct + return 0; + } + } ++#ifdef OPENSSL_FIPS ++ /* After 'key' is set no further parameters changes are permissible. ++ * So only check for non FIPS enabling at this point. ++ */ ++ if (key && FIPS_mode()) { ++ if (!(ctx->cipher->flags & EVP_CIPH_FLAG_FIPS) ++ & !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) { ++ EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_DISABLED_FOR_FIPS); ++ return 0; ++ } ++ } ++#endif + + if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { + if (!ctx->cipher->init(ctx, key, iv, enc)) +diff -up openssl-1.1.1e/crypto/evp/evp_err.c.fips openssl-1.1.1e/crypto/evp/evp_err.c +--- openssl-1.1.1e/crypto/evp/evp_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_err.c 2020-03-17 17:30:52.030567322 +0100 +@@ -23,6 +23,7 @@ static const ERR_STRING_DATA EVP_str_fun + {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_T4_XTS_INIT_KEY, 0), + "aes_t4_xts_init_key"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_WRAP_CIPHER, 0), "aes_wrap_cipher"}, ++ {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_XTS_CIPHER, 0), "aes_xts_cipher"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_XTS_INIT_KEY, 0), "aes_xts_init_key"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_ALG_MODULE_INIT, 0), "alg_module_init"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_ARIA_CCM_INIT_KEY, 0), "aria_ccm_init_key"}, +@@ -186,6 +187,7 @@ static const ERR_STRING_DATA EVP_str_rea + "different key types"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DIFFERENT_PARAMETERS), + "different parameters"}, ++ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DISABLED_FOR_FIPS), "disabled for FIPS"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_LOADING_SECTION), + "error loading section"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_SETTING_FIPS_MODE), +@@ -249,6 +251,7 @@ static const ERR_STRING_DATA EVP_str_rea + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PRIVATE_KEY_ENCODE_ERROR), + "private key encode error"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"}, ++ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_TOO_LARGE), "too large"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_CIPHER), "unknown cipher"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_DIGEST), "unknown digest"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_OPTION), "unknown option"}, +@@ -274,6 +277,8 @@ static const ERR_STRING_DATA EVP_str_rea + "wrap mode not allowed"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_WRONG_FINAL_BLOCK_LENGTH), + "wrong final block length"}, ++ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE), ++ "xts data unit is too large"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DUPLICATED_KEYS), + "xts duplicated keys"}, + {0, NULL} +diff -up openssl-1.1.1e/crypto/evp/evp_lib.c.fips openssl-1.1.1e/crypto/evp/evp_lib.c +--- openssl-1.1.1e/crypto/evp/evp_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_lib.c 2020-03-17 17:30:52.030567322 +0100 +@@ -192,6 +192,9 @@ int EVP_CIPHER_impl_ctx_size(const EVP_C + int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) + { ++#ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++#endif + return ctx->cipher->do_cipher(ctx, out, in, inl); + } + +diff -up openssl-1.1.1e/crypto/evp/m_sha1.c.fips openssl-1.1.1e/crypto/evp/m_sha1.c +--- openssl-1.1.1e/crypto/evp/m_sha1.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/m_sha1.c 2020-03-17 17:30:52.030567322 +0100 +@@ -95,7 +95,7 @@ static const EVP_MD sha1_md = { + NID_sha1, + NID_sha1WithRSAEncryption, + SHA_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init, + update, + final, +@@ -145,7 +145,7 @@ static const EVP_MD sha224_md = { + NID_sha224, + NID_sha224WithRSAEncryption, + SHA224_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init224, + update224, + final224, +@@ -164,7 +164,7 @@ static const EVP_MD sha256_md = { + NID_sha256, + NID_sha256WithRSAEncryption, + SHA256_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init256, + update256, + final256, +@@ -224,7 +224,7 @@ static const EVP_MD sha512_224_md = { + NID_sha512_224, + NID_sha512_224WithRSAEncryption, + SHA224_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init512_224, + update512, + final512, +@@ -243,7 +243,7 @@ static const EVP_MD sha512_256_md = { + NID_sha512_256, + NID_sha512_256WithRSAEncryption, + SHA256_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init512_256, + update512, + final512, +@@ -262,7 +262,7 @@ static const EVP_MD sha384_md = { + NID_sha384, + NID_sha384WithRSAEncryption, + SHA384_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init384, + update384, + final384, +@@ -281,7 +281,7 @@ static const EVP_MD sha512_md = { + NID_sha512, + NID_sha512WithRSAEncryption, + SHA512_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init512, + update512, + final512, +diff -up openssl-1.1.1e/crypto/evp/m_sha3.c.fips openssl-1.1.1e/crypto/evp/m_sha3.c +--- openssl-1.1.1e/crypto/evp/m_sha3.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/m_sha3.c 2020-03-17 17:30:52.031567305 +0100 +@@ -295,7 +295,7 @@ const EVP_MD *EVP_sha3_##bitlen(void) + NID_sha3_##bitlen, \ + NID_RSA_SHA3_##bitlen, \ + bitlen / 8, \ +- EVP_MD_FLAG_DIGALGID_ABSENT, \ ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, \ + s390x_sha3_init, \ + s390x_sha3_update, \ + s390x_sha3_final, \ +@@ -308,7 +308,7 @@ const EVP_MD *EVP_sha3_##bitlen(void) + NID_sha3_##bitlen, \ + NID_RSA_SHA3_##bitlen, \ + bitlen / 8, \ +- EVP_MD_FLAG_DIGALGID_ABSENT, \ ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, \ + sha3_init, \ + sha3_update, \ + sha3_final, \ +@@ -329,7 +329,7 @@ const EVP_MD *EVP_shake##bitlen(void) + NID_shake##bitlen, \ + 0, \ + bitlen / 8, \ +- EVP_MD_FLAG_XOF, \ ++ EVP_MD_FLAG_XOF | EVP_MD_FLAG_FIPS, \ + s390x_shake_init, \ + s390x_sha3_update, \ + s390x_shake_final, \ +@@ -343,7 +343,7 @@ const EVP_MD *EVP_shake##bitlen(void) + NID_shake##bitlen, \ + 0, \ + bitlen / 8, \ +- EVP_MD_FLAG_XOF, \ ++ EVP_MD_FLAG_XOF | EVP_MD_FLAG_FIPS, \ + shake_init, \ + sha3_update, \ + sha3_final, \ +@@ -367,7 +367,7 @@ const EVP_MD *EVP_sha3_##bitlen(void) + NID_sha3_##bitlen, \ + NID_RSA_SHA3_##bitlen, \ + bitlen / 8, \ +- EVP_MD_FLAG_DIGALGID_ABSENT, \ ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, \ + sha3_init, \ + sha3_update, \ + sha3_final, \ +@@ -386,7 +386,7 @@ const EVP_MD *EVP_shake##bitlen(void) + NID_shake##bitlen, \ + 0, \ + bitlen / 8, \ +- EVP_MD_FLAG_XOF, \ ++ EVP_MD_FLAG_XOF | EVP_MD_FLAG_FIPS, \ + shake_init, \ + sha3_update, \ + sha3_final, \ +diff -up openssl-1.1.1e/crypto/evp/pmeth_lib.c.fips openssl-1.1.1e/crypto/evp/pmeth_lib.c +--- openssl-1.1.1e/crypto/evp/pmeth_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/pmeth_lib.c 2020-03-17 17:30:52.031567305 +0100 +@@ -131,7 +131,15 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKE + pmeth = ENGINE_get_pkey_meth(e, id); + else + #endif ++ { + pmeth = EVP_PKEY_meth_find(id); ++#ifdef OPENSSL_FIPS ++ if (pmeth && !(pmeth->flags & EVP_PKEY_FLAG_FIPS) && FIPS_mode()) { ++ EVPerr(EVP_F_INT_CTX_NEW, EVP_R_DISABLED_FOR_FIPS); ++ return NULL; ++ } ++#endif ++ } + + if (pmeth == NULL) { + #ifndef OPENSSL_NO_ENGINE +diff -up openssl-1.1.1e/crypto/fips/build.info.fips openssl-1.1.1e/crypto/fips/build.info +--- openssl-1.1.1e/crypto/fips/build.info.fips 2020-03-17 17:30:52.032567287 +0100 ++++ openssl-1.1.1e/crypto/fips/build.info 2020-03-17 17:30:52.032567287 +0100 +@@ -0,0 +1,15 @@ ++LIBS=../../libcrypto ++SOURCE[../../libcrypto]=\ ++ fips_aes_selftest.c fips_des_selftest.c fips_hmac_selftest.c \ ++ fips_rsa_selftest.c fips_sha_selftest.c fips.c fips_dsa_selftest.c \ ++ fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \ ++ fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \ ++ fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c \ ++ fips_dh_selftest.c fips_ers.c ++ ++PROGRAMS_NO_INST=\ ++ fips_standalone_hmac ++ ++SOURCE[fips_standalone_hmac]=fips_standalone_hmac.c ++INCLUDE[fips_standalone_hmac]=../../include ++DEPEND[fips_standalone_hmac]=../../libcrypto +diff -up openssl-1.1.1e/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_aes_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_aes_selftest.c.fips 2020-03-17 17:30:52.033567270 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_aes_selftest.c 2020-03-17 17:30:52.033567270 +0100 +@@ -0,0 +1,372 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#ifdef OPENSSL_FIPS ++# include ++# include "crypto/fips.h" ++#endif ++ ++#ifdef OPENSSL_FIPS ++static const struct { ++ const unsigned char key[16]; ++ const unsigned char plaintext[16]; ++ const unsigned char ciphertext[16]; ++} tests[] = { ++ { ++ { ++ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, ++ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F}, { ++ 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, ++ 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF}, { ++0x69, 0xC4, 0xE0, 0xD8, 0x6A, 0x7B, 0x04, 0x30, ++ 0xD8, 0xCD, 0xB7, 0x80, 0x70, 0xB4, 0xC5, 0x5A},},}; ++ ++int FIPS_selftest_aes() ++{ ++ int n; ++ int ret = 0; ++ EVP_CIPHER_CTX *ctx; ++ ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ goto err; ++ ++ for (n = 0; n < 1; ++n) { ++ unsigned char key[16]; ++ ++ memcpy(key, tests[n].key, sizeof(key)); ++ if (fips_cipher_test(ctx, EVP_aes_128_ecb(), ++ key, NULL, ++ tests[n].plaintext, ++ tests[n].ciphertext, 16) <= 0) ++ goto err; ++ } ++ ret = 1; ++ err: ++ EVP_CIPHER_CTX_free(ctx); ++ if (ret == 0) ++ FIPSerr(FIPS_F_FIPS_SELFTEST_AES, FIPS_R_SELFTEST_FAILED); ++ return ret; ++} ++ ++/* AES-CCM test data from NIST public test vectors */ ++ ++static const unsigned char ccm_key[] = { ++ 0xce, 0xb0, 0x09, 0xae, 0xa4, 0x45, 0x44, 0x51, 0xfe, 0xad, 0xf0, 0xe6, ++ 0xb3, 0x6f, 0x45, 0x55, 0x5d, 0xd0, 0x47, 0x23, 0xba, 0xa4, 0x48, 0xe8 ++}; ++ ++static const unsigned char ccm_nonce[] = { ++ 0x76, 0x40, 0x43, 0xc4, 0x94, 0x60, 0xb7 ++}; ++ ++static const unsigned char ccm_adata[] = { ++ 0x6e, 0x80, 0xdd, 0x7f, 0x1b, 0xad, 0xf3, 0xa1, 0xc9, 0xab, 0x25, 0xc7, ++ 0x5f, 0x10, 0xbd, 0xe7, 0x8c, 0x23, 0xfa, 0x0e, 0xb8, 0xf9, 0xaa, 0xa5, ++ 0x3a, 0xde, 0xfb, 0xf4, 0xcb, 0xf7, 0x8f, 0xe4 ++}; ++ ++static const unsigned char ccm_pt[] = { ++ 0xc8, 0xd2, 0x75, 0xf9, 0x19, 0xe1, 0x7d, 0x7f, 0xe6, 0x9c, 0x2a, 0x1f, ++ 0x58, 0x93, 0x9d, 0xfe, 0x4d, 0x40, 0x37, 0x91, 0xb5, 0xdf, 0x13, 0x10 ++}; ++ ++static const unsigned char ccm_ct[] = { ++ 0x8a, 0x0f, 0x3d, 0x82, 0x29, 0xe4, 0x8e, 0x74, 0x87, 0xfd, 0x95, 0xa2, ++ 0x8a, 0xd3, 0x92, 0xc8, 0x0b, 0x36, 0x81, 0xd4, 0xfb, 0xc7, 0xbb, 0xfd ++}; ++ ++static const unsigned char ccm_tag[] = { ++ 0x2d, 0xd6, 0xef, 0x1c, 0x45, 0xd4, 0xcc, 0xb7, 0x23, 0xdc, 0x07, 0x44, ++ 0x14, 0xdb, 0x50, 0x6d ++}; ++ ++int FIPS_selftest_aes_ccm(void) ++{ ++ int ret = 0; ++ unsigned char out[128], tag[16]; ++ EVP_CIPHER_CTX *ctx; ++ ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ goto err; ++ ++ memset(out, 0, sizeof(out)); ++ if (!EVP_CipherInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL, 1)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, ++ sizeof(ccm_nonce), NULL)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, ++ sizeof(ccm_tag), NULL)) ++ goto err; ++ if (!EVP_CipherInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce, 1)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, NULL, sizeof(ccm_pt)) != sizeof(ccm_pt)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, ccm_adata, sizeof(ccm_adata)) < 0) ++ goto err; ++ if (EVP_Cipher(ctx, out, ccm_pt, sizeof(ccm_pt)) != sizeof(ccm_ct)) ++ goto err; ++ ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, 16, tag)) ++ goto err; ++ if (memcmp(tag, ccm_tag, sizeof(ccm_tag)) ++ || memcmp(out, ccm_ct, sizeof(ccm_ct))) ++ goto err; ++ ++ memset(out, 0, sizeof(out)); ++ ++ if (!EVP_CipherInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL, 0)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, ++ sizeof(ccm_nonce), NULL)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, 16, tag)) ++ goto err; ++ if (!EVP_CipherInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce, 0)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, NULL, sizeof(ccm_ct)) != sizeof(ccm_ct)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, ccm_adata, sizeof(ccm_adata)) < 0) ++ goto err; ++ if (EVP_Cipher(ctx, out, ccm_ct, sizeof(ccm_ct)) != sizeof(ccm_pt)) ++ goto err; ++ ++ if (memcmp(out, ccm_pt, sizeof(ccm_pt))) ++ goto err; ++ ++ ret = 1; ++ ++ err: ++ EVP_CIPHER_CTX_free(ctx); ++ ++ if (ret == 0) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST_AES_CCM, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } else ++ return ret; ++ ++} ++ ++/* AES-GCM test data from NIST public test vectors */ ++ ++static const unsigned char gcm_key[] = { ++ 0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92, 0x1c, 0x04, 0x65, 0x66, ++ 0x5f, 0x8a, 0xe6, 0xd1, 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69, ++ 0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f ++}; ++ ++static const unsigned char gcm_iv[] = { ++ 0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0, 0x66, 0x84 ++}; ++ ++static const unsigned char gcm_pt[] = { ++ 0xf5, 0x6e, 0x87, 0x05, 0x5b, 0xc3, 0x2d, 0x0e, 0xeb, 0x31, 0xb2, 0xea, ++ 0xcc, 0x2b, 0xf2, 0xa5 ++}; ++ ++static const unsigned char gcm_aad[] = { ++ 0x4d, 0x23, 0xc3, 0xce, 0xc3, 0x34, 0xb4, 0x9b, 0xdb, 0x37, 0x0c, 0x43, ++ 0x7f, 0xec, 0x78, 0xde ++}; ++ ++static const unsigned char gcm_ct[] = { ++ 0xf7, 0x26, 0x44, 0x13, 0xa8, 0x4c, 0x0e, 0x7c, 0xd5, 0x36, 0x86, 0x7e, ++ 0xb9, 0xf2, 0x17, 0x36 ++}; ++ ++static const unsigned char gcm_tag[] = { ++ 0x67, 0xba, 0x05, 0x10, 0x26, 0x2a, 0xe4, 0x87, 0xd7, 0x37, 0xee, 0x62, ++ 0x98, 0xf7, 0x7e, 0x0c ++}; ++ ++int FIPS_selftest_aes_gcm(void) ++{ ++ int ret = 0; ++ unsigned char out[128], tag[16]; ++ EVP_CIPHER_CTX *ctx; ++ ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ goto err; ++ ++ memset(out, 0, sizeof(out)); ++ memset(tag, 0, sizeof(tag)); ++ if (!EVP_CipherInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL, 1)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, ++ sizeof(gcm_iv), NULL)) ++ goto err; ++ if (!EVP_CipherInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv, 1)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, gcm_aad, sizeof(gcm_aad)) < 0) ++ goto err; ++ if (EVP_Cipher(ctx, out, gcm_pt, sizeof(gcm_pt)) != sizeof(gcm_ct)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, NULL, 0) < 0) ++ goto err; ++ ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag)) ++ goto err; ++ ++ if (memcmp(tag, gcm_tag, 16) || memcmp(out, gcm_ct, 16)) ++ goto err; ++ ++ memset(out, 0, sizeof(out)); ++ ++ if (!EVP_CipherInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL, 0)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, ++ sizeof(gcm_iv), NULL)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag)) ++ goto err; ++ if (!EVP_CipherInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv, 0)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, gcm_aad, sizeof(gcm_aad)) < 0) ++ goto err; ++ if (EVP_Cipher(ctx, out, gcm_ct, sizeof(gcm_ct)) != sizeof(gcm_pt)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, NULL, 0) < 0) ++ goto err; ++ ++ if (memcmp(out, gcm_pt, 16)) ++ goto err; ++ ++ ret = 1; ++ ++ err: ++ EVP_CIPHER_CTX_free(ctx); ++ ++ if (ret == 0) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST_AES_GCM, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } else ++ return ret; ++ ++} ++ ++static const unsigned char XTS_128_key[] = { ++ 0xa1, 0xb9, 0x0c, 0xba, 0x3f, 0x06, 0xac, 0x35, 0x3b, 0x2c, 0x34, 0x38, ++ 0x76, 0x08, 0x17, 0x62, 0x09, 0x09, 0x23, 0x02, 0x6e, 0x91, 0x77, 0x18, ++ 0x15, 0xf2, 0x9d, 0xab, 0x01, 0x93, 0x2f, 0x2f ++}; ++ ++static const unsigned char XTS_128_i[] = { ++ 0x4f, 0xae, 0xf7, 0x11, 0x7c, 0xda, 0x59, 0xc6, 0x6e, 0x4b, 0x92, 0x01, ++ 0x3e, 0x76, 0x8a, 0xd5 ++}; ++ ++static const unsigned char XTS_128_pt[] = { ++ 0xeb, 0xab, 0xce, 0x95, 0xb1, 0x4d, 0x3c, 0x8d, 0x6f, 0xb3, 0x50, 0x39, ++ 0x07, 0x90, 0x31, 0x1c ++}; ++ ++static const unsigned char XTS_128_ct[] = { ++ 0x77, 0x8a, 0xe8, 0xb4, 0x3c, 0xb9, 0x8d, 0x5a, 0x82, 0x50, 0x81, 0xd5, ++ 0xbe, 0x47, 0x1c, 0x63 ++}; ++ ++static const unsigned char XTS_256_key[] = { ++ 0x1e, 0xa6, 0x61, 0xc5, 0x8d, 0x94, 0x3a, 0x0e, 0x48, 0x01, 0xe4, 0x2f, ++ 0x4b, 0x09, 0x47, 0x14, 0x9e, 0x7f, 0x9f, 0x8e, 0x3e, 0x68, 0xd0, 0xc7, ++ 0x50, 0x52, 0x10, 0xbd, 0x31, 0x1a, 0x0e, 0x7c, 0xd6, 0xe1, 0x3f, 0xfd, ++ 0xf2, 0x41, 0x8d, 0x8d, 0x19, 0x11, 0xc0, 0x04, 0xcd, 0xa5, 0x8d, 0xa3, ++ 0xd6, 0x19, 0xb7, 0xe2, 0xb9, 0x14, 0x1e, 0x58, 0x31, 0x8e, 0xea, 0x39, ++ 0x2c, 0xf4, 0x1b, 0x08 ++}; ++ ++static const unsigned char XTS_256_i[] = { ++ 0xad, 0xf8, 0xd9, 0x26, 0x27, 0x46, 0x4a, 0xd2, 0xf0, 0x42, 0x8e, 0x84, ++ 0xa9, 0xf8, 0x75, 0x64 ++}; ++ ++static const unsigned char XTS_256_pt[] = { ++ 0x2e, 0xed, 0xea, 0x52, 0xcd, 0x82, 0x15, 0xe1, 0xac, 0xc6, 0x47, 0xe8, ++ 0x10, 0xbb, 0xc3, 0x64, 0x2e, 0x87, 0x28, 0x7f, 0x8d, 0x2e, 0x57, 0xe3, ++ 0x6c, 0x0a, 0x24, 0xfb, 0xc1, 0x2a, 0x20, 0x2e ++}; ++ ++static const unsigned char XTS_256_ct[] = { ++ 0xcb, 0xaa, 0xd0, 0xe2, 0xf6, 0xce, 0xa3, 0xf5, 0x0b, 0x37, 0xf9, 0x34, ++ 0xd4, 0x6a, 0x9b, 0x13, 0x0b, 0x9d, 0x54, 0xf0, 0x7e, 0x34, 0xf3, 0x6a, ++ 0xf7, 0x93, 0xe8, 0x6f, 0x73, 0xc6, 0xd7, 0xdb ++}; ++ ++int FIPS_selftest_aes_xts() ++{ ++ int ret = 1; ++ EVP_CIPHER_CTX *ctx; ++ ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ goto err; ++ ++ if (fips_cipher_test(ctx, EVP_aes_128_xts(), ++ XTS_128_key, XTS_128_i, XTS_128_pt, XTS_128_ct, ++ sizeof(XTS_128_pt)) <= 0) ++ ret = 0; ++ ++ if (fips_cipher_test(ctx, EVP_aes_256_xts(), ++ XTS_256_key, XTS_256_i, XTS_256_pt, XTS_256_ct, ++ sizeof(XTS_256_pt)) <= 0) ++ ret = 0; ++ ++ EVP_CIPHER_CTX_free(ctx); ++ ++ err: ++ if (ret == 0) ++ FIPSerr(FIPS_F_FIPS_SELFTEST_AES_XTS, FIPS_R_SELFTEST_FAILED); ++ return ret; ++} ++ ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips.c.fips openssl-1.1.1e/crypto/fips/fips.c +--- openssl-1.1.1e/crypto/fips/fips.c.fips 2020-03-17 17:30:52.033567270 +0100 ++++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-17 17:30:52.033567270 +0100 +@@ -0,0 +1,526 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#define _GNU_SOURCE ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "fips_locl.h" ++ ++#ifdef OPENSSL_FIPS ++ ++# include ++# include "internal/thread_once.h" ++ ++# ifndef PATH_MAX ++# define PATH_MAX 1024 ++# endif ++ ++static int fips_selftest_fail = 0; ++static int fips_mode = 0; ++static int fips_started = 0; ++ ++static int fips_is_owning_thread(void); ++static int fips_set_owning_thread(void); ++static int fips_clear_owning_thread(void); ++ ++static CRYPTO_RWLOCK *fips_lock = NULL; ++static CRYPTO_RWLOCK *fips_owning_lock = NULL; ++static CRYPTO_ONCE fips_lock_init = CRYPTO_ONCE_STATIC_INIT; ++ ++DEFINE_RUN_ONCE_STATIC(do_fips_lock_init) ++{ ++ fips_lock = CRYPTO_THREAD_lock_new(); ++ fips_owning_lock = CRYPTO_THREAD_lock_new(); ++ return fips_lock != NULL && fips_owning_lock != NULL; ++} ++ ++# define fips_w_lock() CRYPTO_THREAD_write_lock(fips_lock) ++# define fips_w_unlock() CRYPTO_THREAD_unlock(fips_lock) ++# define fips_r_lock() CRYPTO_THREAD_read_lock(fips_lock) ++# define fips_r_unlock() CRYPTO_THREAD_unlock(fips_lock) ++ ++static void fips_set_mode(int onoff) ++{ ++ int owning_thread = fips_is_owning_thread(); ++ ++ if (fips_started) { ++ if (!owning_thread) ++ fips_w_lock(); ++ fips_mode = onoff; ++ if (!owning_thread) ++ fips_w_unlock(); ++ } ++} ++ ++int FIPS_module_mode(void) ++{ ++ int ret = 0; ++ int owning_thread = fips_is_owning_thread(); ++ ++ if (fips_started) { ++ if (!owning_thread) ++ fips_r_lock(); ++ ret = fips_mode; ++ if (!owning_thread) ++ fips_r_unlock(); ++ } ++ return ret; ++} ++ ++/* just a compat symbol - return NULL */ ++int FIPS_selftest_failed(void) ++{ ++ int ret = 0; ++ if (fips_started) { ++ int owning_thread = fips_is_owning_thread(); ++ ++ if (!owning_thread) ++ fips_r_lock(); ++ ret = fips_selftest_fail; ++ if (!owning_thread) ++ fips_r_unlock(); ++ } ++ return ret; ++} ++ ++/* Selftest failure fatal exit routine. This will be called ++ * during *any* cryptographic operation. It has the minimum ++ * overhead possible to avoid too big a performance hit. ++ */ ++ ++void FIPS_selftest_check(void) ++{ ++ if (fips_selftest_fail) { ++ OpenSSLDie(__FILE__, __LINE__, "FATAL FIPS SELFTEST FAILURE"); ++ } ++} ++ ++void fips_set_selftest_fail(void) ++{ ++ fips_selftest_fail = 1; ++} ++ ++/* we implement what libfipscheck does ourselves */ ++ ++static int ++get_library_path(const char *libname, const char *symbolname, char *path, ++ size_t pathlen) ++{ ++ Dl_info info; ++ void *dl, *sym; ++ int rv = -1; ++ ++ dl = dlopen(libname, RTLD_LAZY); ++ if (dl == NULL) { ++ return -1; ++ } ++ ++ sym = dlsym(dl, symbolname); ++ ++ if (sym != NULL && dladdr(sym, &info)) { ++ strncpy(path, info.dli_fname, pathlen - 1); ++ path[pathlen - 1] = '\0'; ++ rv = 0; ++ } ++ ++ dlclose(dl); ++ ++ return rv; ++} ++ ++static const char conv[] = "0123456789abcdef"; ++ ++static char *bin2hex(void *buf, size_t len) ++{ ++ char *hex, *p; ++ unsigned char *src = buf; ++ ++ hex = malloc(len * 2 + 1); ++ if (hex == NULL) ++ return NULL; ++ ++ p = hex; ++ ++ while (len > 0) { ++ unsigned c; ++ ++ c = *src; ++ src++; ++ ++ *p = conv[c >> 4]; ++ ++p; ++ *p = conv[c & 0x0f]; ++ ++p; ++ --len; ++ } ++ *p = '\0'; ++ return hex; ++} ++ ++# define HMAC_PREFIX "." ++# ifndef HMAC_SUFFIX ++# define HMAC_SUFFIX ".hmac" ++# endif ++# define READ_BUFFER_LENGTH 16384 ++ ++static char *make_hmac_path(const char *origpath) ++{ ++ char *path, *p; ++ const char *fn; ++ ++ path = ++ malloc(sizeof(HMAC_PREFIX) + sizeof(HMAC_SUFFIX) + strlen(origpath)); ++ if (path == NULL) { ++ return NULL; ++ } ++ ++ fn = strrchr(origpath, '/'); ++ if (fn == NULL) { ++ fn = origpath; ++ } else { ++ ++fn; ++ } ++ ++ strncpy(path, origpath, fn - origpath); ++ p = path + (fn - origpath); ++ p = stpcpy(p, HMAC_PREFIX); ++ p = stpcpy(p, fn); ++ p = stpcpy(p, HMAC_SUFFIX); ++ ++ return path; ++} ++ ++static const char hmackey[] = "orboDeJITITejsirpADONivirpUkvarP"; ++ ++static int compute_file_hmac(const char *path, void **buf, size_t *hmaclen) ++{ ++ FILE *f = NULL; ++ int rv = -1; ++ unsigned char rbuf[READ_BUFFER_LENGTH]; ++ size_t len; ++ unsigned int hlen; ++ HMAC_CTX *c; ++ ++ c = HMAC_CTX_new(); ++ if (c == NULL) ++ return rv; ++ ++ f = fopen(path, "r"); ++ ++ if (f == NULL) { ++ goto end; ++ } ++ ++ if (HMAC_Init_ex(c, hmackey, sizeof(hmackey) - 1, EVP_sha256(), NULL) <= 0) { ++ goto end; ++ } ++ ++ while ((len = fread(rbuf, 1, sizeof(rbuf), f)) != 0) { ++ if (HMAC_Update(c, rbuf, len) <= 0) { ++ goto end; ++ } ++ } ++ ++ len = sizeof(rbuf); ++ /* reuse rbuf for hmac */ ++ if (HMAC_Final(c, rbuf, &hlen) <= 0) { ++ goto end; ++ } ++ ++ *buf = malloc(hlen); ++ if (*buf == NULL) { ++ goto end; ++ } ++ ++ *hmaclen = hlen; ++ ++ memcpy(*buf, rbuf, hlen); ++ ++ rv = 0; ++ end: ++ HMAC_CTX_free(c); ++ ++ if (f) ++ fclose(f); ++ ++ return rv; ++} ++ ++static int FIPSCHECK_verify(const char *path) ++{ ++ int rv = 0; ++ FILE *hf; ++ char *hmacpath, *p; ++ char *hmac = NULL; ++ size_t n; ++ ++ hmacpath = make_hmac_path(path); ++ if (hmacpath == NULL) ++ return 0; ++ ++ hf = fopen(hmacpath, "r"); ++ if (hf == NULL) { ++ free(hmacpath); ++ return 0; ++ } ++ ++ if (getline(&hmac, &n, hf) > 0) { ++ void *buf; ++ size_t hmaclen; ++ char *hex; ++ ++ if ((p = strchr(hmac, '\n')) != NULL) ++ *p = '\0'; ++ ++ if (compute_file_hmac(path, &buf, &hmaclen) < 0) { ++ rv = -4; ++ goto end; ++ } ++ ++ if ((hex = bin2hex(buf, hmaclen)) == NULL) { ++ free(buf); ++ rv = -5; ++ goto end; ++ } ++ ++ if (strcmp(hex, hmac) != 0) { ++ rv = -1; ++ } ++ free(buf); ++ free(hex); ++ } else { ++ rv = -1; ++ } ++ ++ end: ++ free(hmac); ++ free(hmacpath); ++ fclose(hf); ++ ++ if (rv < 0) ++ return 0; ++ ++ /* check successful */ ++ return 1; ++} ++ ++static int verify_checksums(void) ++{ ++ int rv; ++ char path[PATH_MAX + 1]; ++ char *p; ++ ++ /* we need to avoid dlopening libssl, assume both libcrypto and libssl ++ are in the same directory */ ++ ++ rv = get_library_path("libcrypto.so." SHLIB_VERSION_NUMBER, ++ "FIPS_mode_set", path, sizeof(path)); ++ if (rv < 0) ++ return 0; ++ ++ rv = FIPSCHECK_verify(path); ++ if (!rv) ++ return 0; ++ ++ /* replace libcrypto with libssl */ ++ while ((p = strstr(path, "libcrypto.so")) != NULL) { ++ p = stpcpy(p, "libssl"); ++ memmove(p, p + 3, strlen(p + 2)); ++ } ++ ++ rv = FIPSCHECK_verify(path); ++ if (!rv) ++ return 0; ++ return 1; ++} ++ ++# ifndef FIPS_MODULE_PATH ++# define FIPS_MODULE_PATH "/etc/system-fips" ++# endif ++ ++int FIPS_module_installed(void) ++{ ++ int rv; ++ rv = access(FIPS_MODULE_PATH, F_OK); ++ if (rv < 0 && errno != ENOENT) ++ rv = 0; ++ ++ /* Installed == true */ ++ return !rv || FIPS_module_mode(); ++} ++ ++int FIPS_module_mode_set(int onoff) ++{ ++ int ret = 0; ++ ++ if (!RUN_ONCE(&fips_lock_init, do_fips_lock_init)) ++ return 0; ++ ++ fips_w_lock(); ++ fips_started = 1; ++ fips_set_owning_thread(); ++ ++ if (onoff) { ++ ++ fips_selftest_fail = 0; ++ ++ /* Don't go into FIPS mode twice, just so we can do automagic ++ seeding */ ++ if (FIPS_module_mode()) { ++ FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET, ++ FIPS_R_FIPS_MODE_ALREADY_SET); ++ fips_selftest_fail = 1; ++ ret = 0; ++ goto end; ++ } ++# ifdef OPENSSL_IA32_SSE2 ++ { ++ extern unsigned int OPENSSL_ia32cap_P[2]; ++ if ((OPENSSL_ia32cap_P[0] & (1 << 25 | 1 << 26)) != ++ (1 << 25 | 1 << 26)) { ++ FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET, ++ FIPS_R_UNSUPPORTED_PLATFORM); ++ fips_selftest_fail = 1; ++ ret = 0; ++ goto end; ++ } ++ } ++# endif ++ ++ if (!FIPS_selftest()) { ++ fips_selftest_fail = 1; ++ ret = 0; ++ goto end; ++ } ++ ++ if (!verify_checksums()) { ++ FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET, ++ FIPS_R_FINGERPRINT_DOES_NOT_MATCH); ++ fips_selftest_fail = 1; ++ ret = 0; ++ goto end; ++ } ++ ++ fips_set_mode(onoff); ++ ret = 1; ++ goto end; ++ } ++ fips_set_mode(0); ++ fips_selftest_fail = 0; ++ ret = 1; ++ end: ++ fips_clear_owning_thread(); ++ fips_w_unlock(); ++ return ret; ++} ++ ++static CRYPTO_THREAD_ID fips_threadid; ++static int fips_thread_set = 0; ++ ++static int fips_is_owning_thread(void) ++{ ++ int ret = 0; ++ ++ if (fips_started) { ++ CRYPTO_THREAD_read_lock(fips_owning_lock); ++ if (fips_thread_set) { ++ CRYPTO_THREAD_ID cur = CRYPTO_THREAD_get_current_id(); ++ if (CRYPTO_THREAD_compare_id(fips_threadid, cur)) ++ ret = 1; ++ } ++ CRYPTO_THREAD_unlock(fips_owning_lock); ++ } ++ return ret; ++} ++ ++int fips_set_owning_thread(void) ++{ ++ int ret = 0; ++ ++ if (fips_started) { ++ CRYPTO_THREAD_write_lock(fips_owning_lock); ++ if (!fips_thread_set) { ++ fips_threadid = CRYPTO_THREAD_get_current_id(); ++ ret = 1; ++ fips_thread_set = 1; ++ } ++ CRYPTO_THREAD_unlock(fips_owning_lock); ++ } ++ return ret; ++} ++ ++int fips_clear_owning_thread(void) ++{ ++ int ret = 0; ++ ++ if (fips_started) { ++ CRYPTO_THREAD_write_lock(fips_owning_lock); ++ if (fips_thread_set) { ++ CRYPTO_THREAD_ID cur = CRYPTO_THREAD_get_current_id(); ++ if (CRYPTO_THREAD_compare_id(fips_threadid, cur)) ++ fips_thread_set = 0; ++ } ++ CRYPTO_THREAD_unlock(fips_owning_lock); ++ } ++ return ret; ++} ++ ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c.fips 2020-03-17 17:30:52.034567253 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c 2020-03-17 17:30:52.033567270 +0100 +@@ -0,0 +1,156 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#include ++#include "crypto/fips.h" ++#include ++#include "fips_locl.h" ++ ++#ifdef OPENSSL_FIPS ++typedef struct { ++ int nid; ++ const unsigned char key[EVP_MAX_KEY_LENGTH]; ++ size_t keysize; ++ const unsigned char msg[64]; ++ size_t msgsize; ++ const unsigned char mac[32]; ++ size_t macsize; ++} CMAC_KAT; ++ ++/* from http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf */ ++static const CMAC_KAT vector[] = { ++ {NID_aes_128_cbc, /* Count = 32 from CMACGenAES128.txt */ ++ {0x77, 0xa7, 0x7f, 0xaf, 0x29, 0x0c, 0x1f, 0xa3, ++ 0x0c, 0x68, 0x3d, 0xf1, 0x6b, 0xa7, 0xa7, 0x7b,}, 128, ++ {0x02, 0x06, 0x83, 0xe1, 0xf0, 0x39, 0x2f, 0x4c, ++ 0xac, 0x54, 0x31, 0x8b, 0x60, 0x29, 0x25, 0x9e, ++ 0x9c, 0x55, 0x3d, 0xbc, 0x4b, 0x6a, 0xd9, 0x98, ++ 0xe6, 0x4d, 0x58, 0xe4, 0xe7, 0xdc, 0x2e, 0x13,}, 256, ++ {0xfb, 0xfe, 0xa4, 0x1b,}, 32}, ++ {NID_aes_192_cbc, /* Count = 23 from CMACGenAES192.txt */ ++ {0x7b, 0x32, 0x39, 0x13, 0x69, 0xaa, 0x4c, 0xa9, ++ 0x75, 0x58, 0x09, 0x5b, 0xe3, 0xc3, 0xec, 0x86, ++ 0x2b, 0xd0, 0x57, 0xce, 0xf1, 0xe3, 0x2d, 0x62,}, 192, ++ {0x0}, 0, ++ {0xe4, 0xd9, 0x34, 0x0b, 0x03, 0xe6, 0x7d, 0xef, ++ 0xd4, 0x96, 0x9c, 0xc1, 0xed, 0x37, 0x35, 0xe6,}, 128, ++ }, ++ {NID_aes_256_cbc, /* Count = 33 from CMACGenAES256.txt */ ++ {0x0b, 0x12, 0x2a, 0xc8, 0xf3, 0x4e, 0xd1, 0xfe, ++ 0x08, 0x2a, 0x36, 0x25, 0xd1, 0x57, 0x56, 0x14, ++ 0x54, 0x16, 0x7a, 0xc1, 0x45, 0xa1, 0x0b, 0xbf, ++ 0x77, 0xc6, 0xa7, 0x05, 0x96, 0xd5, 0x74, 0xf1,}, 256, ++ {0x49, 0x8b, 0x53, 0xfd, 0xec, 0x87, 0xed, 0xcb, ++ 0xf0, 0x70, 0x97, 0xdc, 0xcd, 0xe9, 0x3a, 0x08, ++ 0x4b, 0xad, 0x75, 0x01, 0xa2, 0x24, 0xe3, 0x88, ++ 0xdf, 0x34, 0x9c, 0xe1, 0x89, 0x59, 0xfe, 0x84, ++ 0x85, 0xf8, 0xad, 0x15, 0x37, 0xf0, 0xd8, 0x96, ++ 0xea, 0x73, 0xbe, 0xdc, 0x72, 0x14, 0x71, 0x3f,}, 384, ++ {0xf6, 0x2c, 0x46, 0x32, 0x9b,}, 40, ++ }, ++ {NID_des_ede3_cbc, /* Count = 41 from CMACGenTDES3.req */ ++ {0x89, 0xbc, 0xd9, 0x52, 0xa8, 0xc8, 0xab, 0x37, ++ 0x1a, 0xf4, 0x8a, 0xc7, 0xd0, 0x70, 0x85, 0xd5, ++ 0xef, 0xf7, 0x02, 0xe6, 0xd6, 0x2c, 0xdc, 0x23,}, 192, ++ {0xfa, 0x62, 0x0c, 0x1b, 0xbe, 0x97, 0x31, 0x9e, ++ 0x9a, 0x0c, 0xf0, 0x49, 0x21, 0x21, 0xf7, 0xa2, ++ 0x0e, 0xb0, 0x8a, 0x6a, 0x70, 0x9d, 0xcb, 0xd0, ++ 0x0a, 0xaf, 0x38, 0xe4, 0xf9, 0x9e, 0x75, 0x4e,}, 256, ++ {0x8f, 0x49, 0xa1, 0xb7, 0xd6, 0xaa, 0x22, 0x58,}, 64, ++ }, ++}; ++ ++int FIPS_selftest_cmac() ++{ ++ size_t n, outlen; ++ unsigned char out[32]; ++ const EVP_CIPHER *cipher; ++ CMAC_CTX *ctx = CMAC_CTX_new(); ++ const CMAC_KAT *t; ++ int rv = 1; ++ ++ for (n = 0, t = vector; n < sizeof(vector) / sizeof(vector[0]); n++, t++) { ++ cipher = EVP_get_cipherbynid(t->nid); ++ if (!cipher) { ++ rv = -1; ++ goto err; ++ } ++ if (!CMAC_Init(ctx, t->key, t->keysize / 8, cipher, 0)) { ++ rv = -1; ++ goto err; ++ } ++ if (!CMAC_Update(ctx, t->msg, t->msgsize / 8)) { ++ rv = -1; ++ goto err; ++ } ++ ++ if (!CMAC_Final(ctx, out, &outlen)) { ++ rv = -1; ++ goto err; ++ } ++ ++ if (outlen < t->macsize / 8 || memcmp(out, t->mac, t->macsize / 8)) { ++ rv = 0; ++ } ++ } ++ ++ err: ++ CMAC_CTX_free(ctx); ++ ++ if (rv == -1) { ++ rv = 0; ++ } ++ if (!rv) ++ FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC, FIPS_R_SELFTEST_FAILED); ++ ++ return rv; ++} ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_des_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_des_selftest.c.fips 2020-03-17 17:30:52.034567253 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_des_selftest.c 2020-03-17 17:30:52.034567253 +0100 +@@ -0,0 +1,133 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#ifdef OPENSSL_FIPS ++# include ++# include "crypto/fips.h" ++#endif ++#include ++ ++#ifdef OPENSSL_FIPS ++ ++static const struct { ++ const unsigned char key[16]; ++ const unsigned char plaintext[8]; ++ const unsigned char ciphertext[8]; ++} tests2[] = { ++ { ++ { ++ 0x7c, 0x4f, 0x6e, 0xf7, 0xa2, 0x04, 0x16, 0xec, ++ 0x0b, 0x6b, 0x7c, 0x9e, 0x5e, 0x19, 0xa7, 0xc4}, { ++ 0x06, 0xa7, 0xd8, 0x79, 0xaa, 0xce, 0x69, 0xef}, { ++ 0x4c, 0x11, 0x17, 0x55, 0xbf, 0xc4, 0x4e, 0xfd} ++ }, { ++ { ++ 0x5d, 0x9e, 0x01, 0xd3, 0x25, 0xc7, 0x3e, 0x34, ++ 0x01, 0x16, 0x7c, 0x85, 0x23, 0xdf, 0xe0, 0x68}, { ++ 0x9c, 0x50, 0x09, 0x0f, 0x5e, 0x7d, 0x69, 0x7e}, { ++ 0xd2, 0x0b, 0x18, 0xdf, 0xd9, 0x0d, 0x9e, 0xff},} ++}; ++ ++static const struct { ++ const unsigned char key[24]; ++ const unsigned char plaintext[8]; ++ const unsigned char ciphertext[8]; ++} tests3[] = { ++ { ++ { ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10, ++ 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0}, { ++ 0x8f, 0x8f, 0xbf, 0x9b, 0x5d, 0x48, 0xb4, 0x1c}, { ++ 0x59, 0x8c, 0xe5, 0xd3, 0x6c, 0xa2, 0xea, 0x1b},}, { ++ { ++ 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10, 0xFE, ++ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, ++ 0xED, 0x39, 0xD9, 0x50, 0xFA, 0x74, 0xBC, 0xC4}, { ++ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, { ++0x11, 0x25, 0xb0, 0x35, 0xbe, 0xa0, 0x82, 0x86},},}; ++ ++int FIPS_selftest_des() ++{ ++ int n, ret = 0; ++ EVP_CIPHER_CTX *ctx; ++ ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ goto err; ++ ++ /* Encrypt/decrypt with 2-key 3DES and compare to known answers */ ++ for (n = 0; n < 2; ++n) { ++ unsigned char plaintext[8]; ++ ++ memcpy(plaintext, tests2[n].plaintext, sizeof(plaintext)); ++ if (!fips_cipher_test(ctx, EVP_des_ede_ecb(), ++ tests2[n].key, NULL, ++ plaintext, tests2[n].ciphertext, 8)) ++ goto err; ++ } ++ ++ /* Encrypt/decrypt with 3DES and compare to known answers */ ++ for (n = 0; n < 2; ++n) { ++ if (!fips_cipher_test(ctx, EVP_des_ede3_ecb(), ++ tests3[n].key, NULL, ++ tests3[n].plaintext, tests3[n].ciphertext, 8)) ++ goto err; ++ } ++ ret = 1; ++ err: ++ EVP_CIPHER_CTX_free(ctx); ++ if (ret == 0) ++ FIPSerr(FIPS_F_FIPS_SELFTEST_DES, FIPS_R_SELFTEST_FAILED); ++ ++ return ret; ++} ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_dh_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_dh_selftest.c.fips 2020-03-17 17:30:52.038567183 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_dh_selftest.c 2020-03-17 17:30:52.038567183 +0100 +@@ -0,0 +1,180 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * Copyright (c) 2013 Red Hat, Inc. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "fips_locl.h" ++ ++#ifdef OPENSSL_FIPS ++ ++static const unsigned char dh_test_2048_p[] = { ++ 0xAE, 0xEC, 0xEE, 0x22, 0xFA, 0x3A, 0xA5, 0x22, 0xC0, 0xDE, 0x0F, 0x09, ++ 0x7E, 0x17, 0xC0, 0x05, 0xF9, 0xF1, 0xE7, 0xC6, 0x87, 0x14, 0x6D, 0x11, ++ 0xE7, 0xAE, 0xED, 0x2F, 0x72, 0x59, 0xC5, 0xA9, 0x9B, 0xB8, 0x02, 0xA5, ++ 0xF3, 0x69, 0x70, 0xD6, 0xDD, 0x90, 0xF9, 0x19, 0x79, 0xBE, 0x60, 0x8F, ++ 0x25, 0x92, 0x30, 0x1C, 0x51, 0x51, 0x38, 0x26, 0x82, 0x25, 0xE6, 0xFC, ++ 0xED, 0x65, 0x96, 0x8F, 0x57, 0xE5, 0x53, 0x8B, 0x38, 0x63, 0xC7, 0xCE, ++ 0xBC, 0x1B, 0x4D, 0x18, 0x2A, 0x5B, 0x04, 0x3F, 0x6A, 0x3C, 0x94, 0x39, ++ 0xAE, 0x36, 0xD6, 0x5E, 0x0F, 0xA2, 0xCC, 0xD0, 0xD4, 0xD5, 0xC6, 0x1E, ++ 0xF6, 0xA0, 0xF5, 0x89, 0x4E, 0xB4, 0x0B, 0xA4, 0xB3, 0x2B, 0x3D, 0xE2, ++ 0x4E, 0xE1, 0x49, 0x25, 0x99, 0x5F, 0x32, 0x16, 0x33, 0x32, 0x1B, 0x7A, ++ 0xA5, 0x5C, 0x6B, 0x34, 0x0D, 0x39, 0x99, 0xDC, 0xF0, 0x76, 0xE5, 0x5A, ++ 0xD4, 0x71, 0x00, 0xED, 0x5A, 0x73, 0xFB, 0xC8, 0x01, 0xAD, 0x99, 0xCF, ++ 0x99, 0x52, 0x7C, 0x9C, 0x64, 0xC6, 0x76, 0x40, 0x57, 0xAF, 0x59, 0xD7, ++ 0x38, 0x0B, 0x40, 0xDE, 0x33, 0x0D, 0xB8, 0x76, 0xEC, 0xA9, 0xD8, 0x73, ++ 0xF8, 0xEF, 0x26, 0x66, 0x06, 0x27, 0xDD, 0x7C, 0xA4, 0x10, 0x9C, 0xA6, ++ 0xAA, 0xF9, 0x53, 0x62, 0x73, 0x1D, 0xBA, 0x1C, 0xF1, 0x67, 0xF4, 0x35, ++ 0xED, 0x6F, 0x37, 0x92, 0xE8, 0x4F, 0x6C, 0xBA, 0x52, 0x6E, 0xA1, 0xED, ++ 0xDA, 0x9F, 0x85, 0x11, 0x82, 0x52, 0x62, 0x08, 0x44, 0xF1, 0x30, 0x03, ++ 0xC3, 0x38, 0x2C, 0x79, 0xBD, 0xD4, 0x43, 0x45, 0xEE, 0x8E, 0x50, 0xFC, ++ 0x29, 0x46, 0x9A, 0xFE, 0x54, 0x1A, 0x19, 0x8F, 0x4B, 0x84, 0x08, 0xDE, ++ 0x20, 0x62, 0x73, 0xCC, 0xDD, 0x7E, 0xF0, 0xEF, 0xA2, 0xFD, 0x86, 0x58, ++ 0x4B, 0xD8, 0x37, 0xEB ++}; ++ ++static const unsigned char dh_test_2048_g[] = { ++ 0x02 ++}; ++ ++static const unsigned char dh_test_2048_pub_key[] = { ++ 0xA0, 0x39, 0x11, 0x77, 0x9A, 0xC1, 0x30, 0x1F, 0xBE, 0x48, 0xA7, 0xAA, ++ 0xA0, 0x84, 0x54, 0x64, 0xAD, 0x1B, 0x70, 0xFA, 0x13, 0x55, 0x63, 0xD2, ++ 0x1F, 0x62, 0x32, 0x93, 0x8E, 0xC9, 0x3E, 0x09, 0xA7, 0x64, 0xE4, 0x12, ++ 0x6E, 0x1B, 0xF2, 0x92, 0x3B, 0xB9, 0xCB, 0x56, 0xEA, 0x07, 0x88, 0xB5, ++ 0xA6, 0xBC, 0x16, 0x1F, 0x27, 0xFE, 0xD8, 0xAA, 0x40, 0xB2, 0xB0, 0x2D, ++ 0x37, 0x76, 0xA6, 0xA4, 0x82, 0x2C, 0x0E, 0x22, 0x64, 0x9D, 0xCB, 0xD1, ++ 0x00, 0xB7, 0x89, 0x14, 0x72, 0x4E, 0xBE, 0x48, 0x41, 0xF8, 0xB2, 0x51, ++ 0x11, 0x09, 0x4B, 0x22, 0x01, 0x23, 0x39, 0x96, 0xE0, 0x15, 0xD7, 0x9F, ++ 0x60, 0xD1, 0xB7, 0xAE, 0xFE, 0x5F, 0xDB, 0xE7, 0x03, 0x17, 0x97, 0xA6, ++ 0x16, 0x74, 0xBD, 0x53, 0x81, 0x19, 0xC5, 0x47, 0x5E, 0xCE, 0x8D, 0xED, ++ 0x45, 0x5D, 0x3C, 0x00, 0xA0, 0x0A, 0x68, 0x6A, 0xE0, 0x8E, 0x06, 0x46, ++ 0x6F, 0xD7, 0xF9, 0xDF, 0x31, 0x7E, 0x77, 0x44, 0x0D, 0x98, 0xE0, 0xCA, ++ 0x98, 0x09, 0x52, 0x04, 0x90, 0xEA, 0x6D, 0xF4, 0x30, 0x69, 0x8F, 0xB1, ++ 0x9B, 0xC1, 0x43, 0xDB, 0xD5, 0x8D, 0xC8, 0x8E, 0xB6, 0x0B, 0x05, 0xBE, ++ 0x0E, 0xC5, 0x99, 0xC8, 0x6E, 0x4E, 0xF3, 0xCB, 0xC3, 0x5E, 0x9B, 0x53, ++ 0xF7, 0x06, 0x1C, 0x4F, 0xC7, 0xB8, 0x6E, 0x30, 0x18, 0xCA, 0x9B, 0xB9, ++ 0xBC, 0x5F, 0x17, 0x72, 0x29, 0x5A, 0xE5, 0xD9, 0x96, 0xB7, 0x0B, 0xF3, ++ 0x2D, 0x8C, 0xF1, 0xE1, 0x0E, 0x0D, 0x74, 0xD5, 0x9D, 0xF0, 0x06, 0xA9, ++ 0xB4, 0x95, 0x63, 0x76, 0x46, 0x55, 0x48, 0x82, 0x39, 0x90, 0xEF, 0x56, ++ 0x75, 0x34, 0xB8, 0x34, 0xC3, 0x18, 0x6E, 0x1E, 0xAD, 0xE3, 0x48, 0x7E, ++ 0x93, 0x2C, 0x23, 0xE7, 0xF8, 0x90, 0x73, 0xB1, 0x77, 0x80, 0x67, 0xA9, ++ 0x36, 0x9E, 0xDA, 0xD2 ++}; ++ ++static const unsigned char dh_test_2048_priv_key[] = { ++ 0x0C, 0x4B, 0x30, 0x89, 0xD1, 0xB8, 0x62, 0xCB, 0x3C, 0x43, 0x64, 0x91, ++ 0xF0, 0x91, 0x54, 0x70, 0xC5, 0x27, 0x96, 0xE3, 0xAC, 0xBE, 0xE8, 0x00, ++ 0xEC, 0x55, 0xF6, 0xCC ++}; ++ ++int FIPS_selftest_dh() ++{ ++ DH *dh = NULL; ++ int ret = 0; ++ void *pub_key_bin = NULL; ++ int len; ++ BIGNUM *p = NULL, *g = NULL, *priv_key = NULL, *tmp_pub_key = NULL; ++ const BIGNUM *pub_key; ++ ++ fips_load_key_component(p, dh_test_2048); ++ fips_load_key_component(g, dh_test_2048); ++ /* note that the private key is much shorter than normally used ++ * but still g ** priv_key > p ++ */ ++ fips_load_key_component(priv_key, dh_test_2048); ++ if ((tmp_pub_key = BN_new()) == NULL) ++ goto err; ++ ++ dh = DH_new(); ++ ++ if (dh == NULL) ++ goto err; ++ ++ DH_set0_pqg(dh, p, NULL, g); ++ DH_set0_key(dh, tmp_pub_key, priv_key); ++ ++ if (DH_generate_key(dh) <= 0) ++ goto err; ++ ++ DH_get0_key(dh, &pub_key, NULL); ++ ++ if (pub_key == NULL) ++ goto err; ++ ++ len = BN_num_bytes(pub_key); ++ if ((pub_key_bin = OPENSSL_malloc(len)) == NULL) ++ goto err; ++ BN_bn2bin(pub_key, pub_key_bin); ++ ++ if (len != sizeof(dh_test_2048_pub_key) || ++ memcmp(pub_key_bin, dh_test_2048_pub_key, len) != 0) ++ goto err; ++ ++ ret = 1; ++ ++ err: ++ if (dh) ++ DH_free(dh); ++ else { ++ BN_free(p); ++ BN_free(g); ++ BN_free(priv_key); ++ BN_free(tmp_pub_key); ++ } ++ ++ OPENSSL_free(pub_key_bin); ++ return ret; ++} ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c.fips 2020-03-17 17:30:52.040567148 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c 2020-03-17 17:30:52.039567165 +0100 +@@ -0,0 +1,406 @@ ++/* fips/rand/fips_drbg_ctr.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include "fips_rand_lcl.h" ++ ++static void inc_128(DRBG_CTR_CTX * cctx) ++{ ++ int i; ++ unsigned char c; ++ unsigned char *p = cctx->V + 15; ++ for (i = 0; i < 16; i++) { ++ c = *p; ++ c++; ++ *p = c; ++ if (c) ++ return; ++ p--; ++ } ++} ++ ++static void ctr_XOR(DRBG_CTR_CTX * cctx, const unsigned char *in, ++ size_t inlen) ++{ ++ size_t i, n; ++ /* Any zero padding will have no effect on the result as we ++ * are XORing. So just process however much input we have. ++ */ ++ ++ if (!in || !inlen) ++ return; ++ ++ if (inlen < cctx->keylen) ++ n = inlen; ++ else ++ n = cctx->keylen; ++ ++ for (i = 0; i < n; i++) ++ cctx->K[i] ^= in[i]; ++ if (inlen <= cctx->keylen) ++ return; ++ ++ n = inlen - cctx->keylen; ++ /* Should never happen */ ++ if (n > 16) ++ n = 16; ++ for (i = 0; i < 16; i++) ++ cctx->V[i] ^= in[i + cctx->keylen]; ++} ++ ++/* Process a complete block using BCC algorithm of SPP 800-90 10.4.3 */ ++ ++static void ctr_BCC_block(DRBG_CTR_CTX * cctx, unsigned char *out, ++ const unsigned char *in) ++{ ++ int i; ++ for (i = 0; i < 16; i++) ++ out[i] ^= in[i]; ++ AES_encrypt(out, out, &cctx->df_ks); ++#if 0 ++ fprintf(stderr, "BCC in+out\n"); ++ BIO_dump_fp(stderr, in, 16); ++ BIO_dump_fp(stderr, out, 16); ++#endif ++} ++ ++/* Handle several BCC operations for as much data as we need for K and X */ ++static void ctr_BCC_blocks(DRBG_CTR_CTX * cctx, const unsigned char *in) ++{ ++ ctr_BCC_block(cctx, cctx->KX, in); ++ ctr_BCC_block(cctx, cctx->KX + 16, in); ++ if (cctx->keylen != 16) ++ ctr_BCC_block(cctx, cctx->KX + 32, in); ++} ++ ++/* Initialise BCC blocks: these have the value 0,1,2 in leftmost positions: ++ * see 10.4.2 stage 7. ++ */ ++static void ctr_BCC_init(DRBG_CTR_CTX * cctx) ++{ ++ memset(cctx->KX, 0, 48); ++ memset(cctx->bltmp, 0, 16); ++ ctr_BCC_block(cctx, cctx->KX, cctx->bltmp); ++ cctx->bltmp[3] = 1; ++ ctr_BCC_block(cctx, cctx->KX + 16, cctx->bltmp); ++ if (cctx->keylen != 16) { ++ cctx->bltmp[3] = 2; ++ ctr_BCC_block(cctx, cctx->KX + 32, cctx->bltmp); ++ } ++} ++ ++/* Process several blocks into BCC algorithm, some possibly partial */ ++static void ctr_BCC_update(DRBG_CTR_CTX * cctx, ++ const unsigned char *in, size_t inlen) ++{ ++ if (!in || !inlen) ++ return; ++ /* If we have partial block handle it first */ ++ if (cctx->bltmp_pos) { ++ size_t left = 16 - cctx->bltmp_pos; ++ /* If we now have a complete block process it */ ++ if (inlen >= left) { ++ memcpy(cctx->bltmp + cctx->bltmp_pos, in, left); ++ ctr_BCC_blocks(cctx, cctx->bltmp); ++ cctx->bltmp_pos = 0; ++ inlen -= left; ++ in += left; ++ } ++ } ++ /* Process zero or more complete blocks */ ++ while (inlen >= 16) { ++ ctr_BCC_blocks(cctx, in); ++ in += 16; ++ inlen -= 16; ++ } ++ /* Copy any remaining partial block to the temporary buffer */ ++ if (inlen > 0) { ++ memcpy(cctx->bltmp + cctx->bltmp_pos, in, inlen); ++ cctx->bltmp_pos += inlen; ++ } ++} ++ ++static void ctr_BCC_final(DRBG_CTR_CTX * cctx) ++{ ++ if (cctx->bltmp_pos) { ++ memset(cctx->bltmp + cctx->bltmp_pos, 0, 16 - cctx->bltmp_pos); ++ ctr_BCC_blocks(cctx, cctx->bltmp); ++ } ++} ++ ++static void ctr_df(DRBG_CTR_CTX * cctx, ++ const unsigned char *in1, size_t in1len, ++ const unsigned char *in2, size_t in2len, ++ const unsigned char *in3, size_t in3len) ++{ ++ size_t inlen; ++ unsigned char *p = cctx->bltmp; ++ static unsigned char c80 = 0x80; ++ ++ ctr_BCC_init(cctx); ++ if (!in1) ++ in1len = 0; ++ if (!in2) ++ in2len = 0; ++ if (!in3) ++ in3len = 0; ++ inlen = in1len + in2len + in3len; ++ /* Initialise L||N in temporary block */ ++ *p++ = (inlen >> 24) & 0xff; ++ *p++ = (inlen >> 16) & 0xff; ++ *p++ = (inlen >> 8) & 0xff; ++ *p++ = inlen & 0xff; ++ /* NB keylen is at most 32 bytes */ ++ *p++ = 0; ++ *p++ = 0; ++ *p++ = 0; ++ *p = (unsigned char)((cctx->keylen + 16) & 0xff); ++ cctx->bltmp_pos = 8; ++ ctr_BCC_update(cctx, in1, in1len); ++ ctr_BCC_update(cctx, in2, in2len); ++ ctr_BCC_update(cctx, in3, in3len); ++ ctr_BCC_update(cctx, &c80, 1); ++ ctr_BCC_final(cctx); ++ /* Set up key K */ ++ AES_set_encrypt_key(cctx->KX, cctx->keylen * 8, &cctx->df_kxks); ++ /* X follows key K */ ++ AES_encrypt(cctx->KX + cctx->keylen, cctx->KX, &cctx->df_kxks); ++ AES_encrypt(cctx->KX, cctx->KX + 16, &cctx->df_kxks); ++ if (cctx->keylen != 16) ++ AES_encrypt(cctx->KX + 16, cctx->KX + 32, &cctx->df_kxks); ++#if 0 ++ fprintf(stderr, "Output of ctr_df:\n"); ++ BIO_dump_fp(stderr, cctx->KX, cctx->keylen + 16); ++#endif ++} ++ ++/* NB the no-df Update in SP800-90 specifies a constant input length ++ * of seedlen, however other uses of this algorithm pad the input with ++ * zeroes if necessary and have up to two parameters XORed together, ++ * handle both cases in this function instead. ++ */ ++ ++static void ctr_Update(DRBG_CTX *dctx, ++ const unsigned char *in1, size_t in1len, ++ const unsigned char *in2, size_t in2len, ++ const unsigned char *nonce, size_t noncelen) ++{ ++ DRBG_CTR_CTX *cctx = &dctx->d.ctr; ++ /* ks is already setup for correct key */ ++ inc_128(cctx); ++ AES_encrypt(cctx->V, cctx->K, &cctx->ks); ++ /* If keylen longer than 128 bits need extra encrypt */ ++ if (cctx->keylen != 16) { ++ inc_128(cctx); ++ AES_encrypt(cctx->V, cctx->K + 16, &cctx->ks); ++ } ++ inc_128(cctx); ++ AES_encrypt(cctx->V, cctx->V, &cctx->ks); ++ /* If 192 bit key part of V is on end of K */ ++ if (cctx->keylen == 24) { ++ memcpy(cctx->V + 8, cctx->V, 8); ++ memcpy(cctx->V, cctx->K + 24, 8); ++ } ++ ++ if (dctx->xflags & DRBG_FLAG_CTR_USE_DF) { ++ /* If no input reuse existing derived value */ ++ if (in1 || nonce || in2) ++ ctr_df(cctx, in1, in1len, nonce, noncelen, in2, in2len); ++ /* If this a reuse input in1len != 0 */ ++ if (in1len) ++ ctr_XOR(cctx, cctx->KX, dctx->seedlen); ++ } else { ++ ctr_XOR(cctx, in1, in1len); ++ ctr_XOR(cctx, in2, in2len); ++ } ++ ++ AES_set_encrypt_key(cctx->K, dctx->strength, &cctx->ks); ++#if 0 ++ fprintf(stderr, "K+V after update is:\n"); ++ BIO_dump_fp(stderr, cctx->K, cctx->keylen); ++ BIO_dump_fp(stderr, cctx->V, 16); ++#endif ++} ++ ++static int drbg_ctr_instantiate(DRBG_CTX *dctx, ++ const unsigned char *ent, size_t entlen, ++ const unsigned char *nonce, size_t noncelen, ++ const unsigned char *pers, size_t perslen) ++{ ++ DRBG_CTR_CTX *cctx = &dctx->d.ctr; ++ memset(cctx->K, 0, sizeof(cctx->K)); ++ memset(cctx->V, 0, sizeof(cctx->V)); ++ AES_set_encrypt_key(cctx->K, dctx->strength, &cctx->ks); ++ ctr_Update(dctx, ent, entlen, pers, perslen, nonce, noncelen); ++ return 1; ++} ++ ++static int drbg_ctr_reseed(DRBG_CTX *dctx, ++ const unsigned char *ent, size_t entlen, ++ const unsigned char *adin, size_t adinlen) ++{ ++ ctr_Update(dctx, ent, entlen, adin, adinlen, NULL, 0); ++ return 1; ++} ++ ++static int drbg_ctr_generate(DRBG_CTX *dctx, ++ unsigned char *out, size_t outlen, ++ const unsigned char *adin, size_t adinlen) ++{ ++ DRBG_CTR_CTX *cctx = &dctx->d.ctr; ++ if (adin && adinlen) { ++ ctr_Update(dctx, adin, adinlen, NULL, 0, NULL, 0); ++ /* This means we reuse derived value */ ++ if (dctx->xflags & DRBG_FLAG_CTR_USE_DF) { ++ adin = NULL; ++ adinlen = 1; ++ } ++ } else ++ adinlen = 0; ++ ++ for (;;) { ++ inc_128(cctx); ++ if (outlen < 16) { ++ /* Use K as temp space as it will be updated */ ++ AES_encrypt(cctx->V, cctx->K, &cctx->ks); ++ memcpy(out, cctx->K, outlen); ++ break; ++ } ++ AES_encrypt(cctx->V, out, &cctx->ks); ++ out += 16; ++ outlen -= 16; ++ if (outlen == 0) ++ break; ++ } ++ ++ ctr_Update(dctx, adin, adinlen, NULL, 0, NULL, 0); ++ ++ return 1; ++ ++} ++ ++static int drbg_ctr_uninstantiate(DRBG_CTX *dctx) ++{ ++ memset(&dctx->d.ctr, 0, sizeof(DRBG_CTR_CTX)); ++ return 1; ++} ++ ++int fips_drbg_ctr_init(DRBG_CTX *dctx) ++{ ++ DRBG_CTR_CTX *cctx = &dctx->d.ctr; ++ ++ size_t keylen; ++ ++ switch (dctx->type) { ++ case NID_aes_128_ctr: ++ keylen = 16; ++ break; ++ ++ case NID_aes_192_ctr: ++ keylen = 24; ++ break; ++ ++ case NID_aes_256_ctr: ++ keylen = 32; ++ break; ++ ++ default: ++ return -2; ++ } ++ ++ dctx->instantiate = drbg_ctr_instantiate; ++ dctx->reseed = drbg_ctr_reseed; ++ dctx->generate = drbg_ctr_generate; ++ dctx->uninstantiate = drbg_ctr_uninstantiate; ++ ++ cctx->keylen = keylen; ++ dctx->strength = keylen * 8; ++ dctx->blocklength = 16; ++ dctx->seedlen = keylen + 16; ++ ++ if (dctx->xflags & DRBG_FLAG_CTR_USE_DF) { ++ /* df initialisation */ ++ static unsigned char df_key[32] = { ++ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, ++ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, ++ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, ++ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f ++ }; ++ /* Set key schedule for df_key */ ++ AES_set_encrypt_key(df_key, dctx->strength, &cctx->df_ks); ++ ++ dctx->min_entropy = cctx->keylen; ++ dctx->max_entropy = DRBG_MAX_LENGTH; ++ dctx->min_nonce = dctx->min_entropy / 2; ++ dctx->max_nonce = DRBG_MAX_LENGTH; ++ dctx->max_pers = DRBG_MAX_LENGTH; ++ dctx->max_adin = DRBG_MAX_LENGTH; ++ } else { ++ dctx->min_entropy = dctx->seedlen; ++ dctx->max_entropy = dctx->seedlen; ++ /* Nonce not used */ ++ dctx->min_nonce = 0; ++ dctx->max_nonce = 0; ++ dctx->max_pers = dctx->seedlen; ++ dctx->max_adin = dctx->seedlen; ++ } ++ ++ dctx->max_request = 1 << 16; ++ dctx->reseed_interval = 1 << 24; ++ ++ return 1; ++} +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_hash.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_hash.c.fips 2020-03-17 17:30:52.041567130 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_hash.c 2020-03-17 17:30:52.040567148 +0100 +@@ -0,0 +1,354 @@ ++/* fips/rand/fips_drbg_hash.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++#define OPENSSL_FIPSAPI ++ ++#include ++#include ++#include ++#include ++#include "crypto/fips.h" ++#include ++#include "fips_rand_lcl.h" ++ ++/* This is Hash_df from SP 800-90 10.4.1 */ ++ ++static int hash_df(DRBG_CTX *dctx, unsigned char *out, ++ const unsigned char *in1, size_t in1len, ++ const unsigned char *in2, size_t in2len, ++ const unsigned char *in3, size_t in3len, ++ const unsigned char *in4, size_t in4len) ++{ ++ EVP_MD_CTX *mctx = dctx->d.hash.mctx; ++ unsigned char *vtmp = dctx->d.hash.vtmp; ++ unsigned char tmp[6]; ++ /* Standard only ever needs seedlen bytes which is always less than ++ * maximum permitted so no need to check length. ++ */ ++ size_t outlen = dctx->seedlen; ++ tmp[0] = 1; ++ tmp[1] = ((outlen * 8) >> 24) & 0xff; ++ tmp[2] = ((outlen * 8) >> 16) & 0xff; ++ tmp[3] = ((outlen * 8) >> 8) & 0xff; ++ tmp[4] = (outlen * 8) & 0xff; ++ if (!in1) { ++ tmp[5] = (unsigned char)in1len; ++ in1 = tmp + 5; ++ in1len = 1; ++ } ++ for (;;) { ++ if (!FIPS_digestinit(mctx, dctx->d.hash.md)) ++ return 0; ++ if (!FIPS_digestupdate(mctx, tmp, 5)) ++ return 0; ++ if (in1 && !FIPS_digestupdate(mctx, in1, in1len)) ++ return 0; ++ if (in2 && !FIPS_digestupdate(mctx, in2, in2len)) ++ return 0; ++ if (in3 && !FIPS_digestupdate(mctx, in3, in3len)) ++ return 0; ++ if (in4 && !FIPS_digestupdate(mctx, in4, in4len)) ++ return 0; ++ if (outlen < dctx->blocklength) { ++ if (!FIPS_digestfinal(mctx, vtmp, NULL)) ++ return 0; ++ memcpy(out, vtmp, outlen); ++ OPENSSL_cleanse(vtmp, dctx->blocklength); ++ return 1; ++ } else if (!FIPS_digestfinal(mctx, out, NULL)) ++ return 0; ++ ++ outlen -= dctx->blocklength; ++ if (outlen == 0) ++ return 1; ++ tmp[0]++; ++ out += dctx->blocklength; ++ } ++} ++ ++/* Add an unsigned buffer to the buf value, storing the result in buf. For ++ * this algorithm the length of input never exceeds the seed length. ++ */ ++ ++static void ctx_add_buf(DRBG_CTX *dctx, unsigned char *buf, ++ unsigned char *in, size_t inlen) ++{ ++ size_t i = inlen; ++ const unsigned char *q; ++ unsigned char c, *p; ++ p = buf + dctx->seedlen; ++ q = in + inlen; ++ ++ OPENSSL_assert(i <= dctx->seedlen); ++ ++ /* Special case: zero length, just increment buffer */ ++ if (i) ++ c = 0; ++ else ++ c = 1; ++ ++ while (i) { ++ int r; ++ p--; ++ q--; ++ r = *p + *q + c; ++ /* Carry */ ++ if (r > 0xff) ++ c = 1; ++ else ++ c = 0; ++ *p = r & 0xff; ++ i--; ++ } ++ ++ i = dctx->seedlen - inlen; ++ ++ /* If not adding whole buffer handle final carries */ ++ if (c && i) { ++ do { ++ p--; ++ c = *p; ++ c++; ++ *p = c; ++ if (c) ++ return; ++ } while (i--); ++ } ++} ++ ++/* Finalise and add hash to V */ ++ ++static int ctx_add_md(DRBG_CTX *dctx) ++{ ++ if (!FIPS_digestfinal(dctx->d.hash.mctx, dctx->d.hash.vtmp, NULL)) ++ return 0; ++ ctx_add_buf(dctx, dctx->d.hash.V, dctx->d.hash.vtmp, dctx->blocklength); ++ return 1; ++} ++ ++static int hash_gen(DRBG_CTX *dctx, unsigned char *out, size_t outlen) ++{ ++ DRBG_HASH_CTX *hctx = &dctx->d.hash; ++ if (outlen == 0) ++ return 1; ++ memcpy(hctx->vtmp, hctx->V, dctx->seedlen); ++ for (;;) { ++ FIPS_digestinit(hctx->mctx, hctx->md); ++ FIPS_digestupdate(hctx->mctx, hctx->vtmp, dctx->seedlen); ++ if (outlen < dctx->blocklength) { ++ FIPS_digestfinal(hctx->mctx, hctx->vtmp, NULL); ++ memcpy(out, hctx->vtmp, outlen); ++ return 1; ++ } else { ++ FIPS_digestfinal(hctx->mctx, out, NULL); ++ outlen -= dctx->blocklength; ++ if (outlen == 0) ++ return 1; ++ out += dctx->blocklength; ++ } ++ ctx_add_buf(dctx, hctx->vtmp, NULL, 0); ++ } ++} ++ ++static int drbg_hash_instantiate(DRBG_CTX *dctx, ++ const unsigned char *ent, size_t ent_len, ++ const unsigned char *nonce, size_t nonce_len, ++ const unsigned char *pstr, size_t pstr_len) ++{ ++ DRBG_HASH_CTX *hctx = &dctx->d.hash; ++ if (!hash_df(dctx, hctx->V, ++ ent, ent_len, nonce, nonce_len, pstr, pstr_len, NULL, 0)) ++ return 0; ++ if (!hash_df(dctx, hctx->C, ++ NULL, 0, hctx->V, dctx->seedlen, NULL, 0, NULL, 0)) ++ return 0; ++ ++#ifdef HASH_DRBG_TRACE ++ fprintf(stderr, "V+C after instantiate:\n"); ++ hexprint(stderr, hctx->V, dctx->seedlen); ++ hexprint(stderr, hctx->C, dctx->seedlen); ++#endif ++ return 1; ++} ++ ++static int drbg_hash_reseed(DRBG_CTX *dctx, ++ const unsigned char *ent, size_t ent_len, ++ const unsigned char *adin, size_t adin_len) ++{ ++ DRBG_HASH_CTX *hctx = &dctx->d.hash; ++ /* V about to be updated so use C as output instead */ ++ if (!hash_df(dctx, hctx->C, ++ NULL, 1, hctx->V, dctx->seedlen, ++ ent, ent_len, adin, adin_len)) ++ return 0; ++ memcpy(hctx->V, hctx->C, dctx->seedlen); ++ if (!hash_df(dctx, hctx->C, NULL, 0, ++ hctx->V, dctx->seedlen, NULL, 0, NULL, 0)) ++ return 0; ++#ifdef HASH_DRBG_TRACE ++ fprintf(stderr, "V+C after reseed:\n"); ++ hexprint(stderr, hctx->V, dctx->seedlen); ++ hexprint(stderr, hctx->C, dctx->seedlen); ++#endif ++ return 1; ++} ++ ++static int drbg_hash_generate(DRBG_CTX *dctx, ++ unsigned char *out, size_t outlen, ++ const unsigned char *adin, size_t adin_len) ++{ ++ DRBG_HASH_CTX *hctx = &dctx->d.hash; ++ EVP_MD_CTX *mctx = hctx->mctx; ++ unsigned char tmp[4]; ++ if (adin && adin_len) { ++ tmp[0] = 2; ++ if (!FIPS_digestinit(mctx, hctx->md)) ++ return 0; ++ if (!EVP_DigestUpdate(mctx, tmp, 1)) ++ return 0; ++ if (!EVP_DigestUpdate(mctx, hctx->V, dctx->seedlen)) ++ return 0; ++ if (!EVP_DigestUpdate(mctx, adin, adin_len)) ++ return 0; ++ if (!ctx_add_md(dctx)) ++ return 0; ++ } ++ if (!hash_gen(dctx, out, outlen)) ++ return 0; ++ ++ tmp[0] = 3; ++ if (!FIPS_digestinit(mctx, hctx->md)) ++ return 0; ++ if (!EVP_DigestUpdate(mctx, tmp, 1)) ++ return 0; ++ if (!EVP_DigestUpdate(mctx, hctx->V, dctx->seedlen)) ++ return 0; ++ ++ if (!ctx_add_md(dctx)) ++ return 0; ++ ++ ctx_add_buf(dctx, hctx->V, hctx->C, dctx->seedlen); ++ ++ tmp[0] = (dctx->reseed_counter >> 24) & 0xff; ++ tmp[1] = (dctx->reseed_counter >> 16) & 0xff; ++ tmp[2] = (dctx->reseed_counter >> 8) & 0xff; ++ tmp[3] = dctx->reseed_counter & 0xff; ++ ctx_add_buf(dctx, hctx->V, tmp, 4); ++#ifdef HASH_DRBG_TRACE ++ fprintf(stderr, "V+C after generate:\n"); ++ hexprint(stderr, hctx->V, dctx->seedlen); ++ hexprint(stderr, hctx->C, dctx->seedlen); ++#endif ++ return 1; ++} ++ ++static int drbg_hash_uninstantiate(DRBG_CTX *dctx) ++{ ++ EVP_MD_CTX_free(dctx->d.hash.mctx); ++ OPENSSL_cleanse(&dctx->d.hash, sizeof(DRBG_HASH_CTX)); ++ return 1; ++} ++ ++int fips_drbg_hash_init(DRBG_CTX *dctx) ++{ ++ const EVP_MD *md; ++ DRBG_HASH_CTX *hctx = &dctx->d.hash; ++ md = EVP_get_digestbynid(dctx->type); ++ if (!md) ++ return -2; ++ switch (dctx->type) { ++ case NID_sha1: ++ dctx->strength = 128; ++ break; ++ ++ case NID_sha224: ++ dctx->strength = 192; ++ break; ++ ++ default: ++ dctx->strength = 256; ++ break; ++ } ++ ++ dctx->instantiate = drbg_hash_instantiate; ++ dctx->reseed = drbg_hash_reseed; ++ dctx->generate = drbg_hash_generate; ++ dctx->uninstantiate = drbg_hash_uninstantiate; ++ ++ dctx->d.hash.md = md; ++ hctx->mctx = EVP_MD_CTX_new(); ++ if (hctx->mctx == NULL) ++ return -1; ++ ++ /* These are taken from SP 800-90 10.1 table 2 */ ++ ++ dctx->blocklength = EVP_MD_size(md); ++ if (dctx->blocklength > 32) ++ dctx->seedlen = 111; ++ else ++ dctx->seedlen = 55; ++ ++ dctx->min_entropy = dctx->strength / 8; ++ dctx->max_entropy = DRBG_MAX_LENGTH; ++ ++ dctx->min_nonce = dctx->min_entropy / 2; ++ dctx->max_nonce = DRBG_MAX_LENGTH; ++ ++ dctx->max_pers = DRBG_MAX_LENGTH; ++ dctx->max_adin = DRBG_MAX_LENGTH; ++ ++ dctx->max_request = 1 << 16; ++ dctx->reseed_interval = 1 << 24; ++ ++ return 1; ++} +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c.fips 2020-03-17 17:30:52.042567113 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c 2020-03-17 17:30:52.042567113 +0100 +@@ -0,0 +1,262 @@ ++/* fips/rand/fips_drbg_hmac.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "fips_rand_lcl.h" ++ ++static int drbg_hmac_update(DRBG_CTX *dctx, ++ const unsigned char *in1, size_t in1len, ++ const unsigned char *in2, size_t in2len, ++ const unsigned char *in3, size_t in3len) ++{ ++ static unsigned char c0 = 0, c1 = 1; ++ DRBG_HMAC_CTX *hmac = &dctx->d.hmac; ++ HMAC_CTX *hctx = hmac->hctx; ++ ++ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) ++ return 0; ++ if (!HMAC_Update(hctx, hmac->V, dctx->blocklength)) ++ return 0; ++ if (!HMAC_Update(hctx, &c0, 1)) ++ return 0; ++ if (in1len && !HMAC_Update(hctx, in1, in1len)) ++ return 0; ++ if (in2len && !HMAC_Update(hctx, in2, in2len)) ++ return 0; ++ if (in3len && !HMAC_Update(hctx, in3, in3len)) ++ return 0; ++ ++ if (!HMAC_Final(hctx, hmac->K, NULL)) ++ return 0; ++ ++ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) ++ return 0; ++ if (!HMAC_Update(hctx, hmac->V, dctx->blocklength)) ++ return 0; ++ ++ if (!HMAC_Final(hctx, hmac->V, NULL)) ++ return 0; ++ ++ if (!in1len && !in2len && !in3len) ++ return 1; ++ ++ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) ++ return 0; ++ if (!HMAC_Update(hctx, hmac->V, dctx->blocklength)) ++ return 0; ++ if (!HMAC_Update(hctx, &c1, 1)) ++ return 0; ++ if (in1len && !HMAC_Update(hctx, in1, in1len)) ++ return 0; ++ if (in2len && !HMAC_Update(hctx, in2, in2len)) ++ return 0; ++ if (in3len && !HMAC_Update(hctx, in3, in3len)) ++ return 0; ++ ++ if (!HMAC_Final(hctx, hmac->K, NULL)) ++ return 0; ++ ++ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) ++ return 0; ++ if (!HMAC_Update(hctx, hmac->V, dctx->blocklength)) ++ return 0; ++ ++ if (!HMAC_Final(hctx, hmac->V, NULL)) ++ return 0; ++ ++ return 1; ++ ++} ++ ++static int drbg_hmac_instantiate(DRBG_CTX *dctx, ++ const unsigned char *ent, size_t ent_len, ++ const unsigned char *nonce, size_t nonce_len, ++ const unsigned char *pstr, size_t pstr_len) ++{ ++ DRBG_HMAC_CTX *hmac = &dctx->d.hmac; ++ memset(hmac->K, 0, dctx->blocklength); ++ memset(hmac->V, 1, dctx->blocklength); ++ if (!drbg_hmac_update(dctx, ++ ent, ent_len, nonce, nonce_len, pstr, pstr_len)) ++ return 0; ++ ++#ifdef HMAC_DRBG_TRACE ++ fprintf(stderr, "K+V after instantiate:\n"); ++ hexprint(stderr, hmac->K, hmac->blocklength); ++ hexprint(stderr, hmac->V, hmac->blocklength); ++#endif ++ return 1; ++} ++ ++static int drbg_hmac_reseed(DRBG_CTX *dctx, ++ const unsigned char *ent, size_t ent_len, ++ const unsigned char *adin, size_t adin_len) ++{ ++ if (!drbg_hmac_update(dctx, ent, ent_len, adin, adin_len, NULL, 0)) ++ return 0; ++ ++#ifdef HMAC_DRBG_TRACE ++ { ++ DRBG_HMAC_CTX *hmac = &dctx->d.hmac; ++ fprintf(stderr, "K+V after reseed:\n"); ++ hexprint(stderr, hmac->K, hmac->blocklength); ++ hexprint(stderr, hmac->V, hmac->blocklength); ++ } ++#endif ++ return 1; ++} ++ ++static int drbg_hmac_generate(DRBG_CTX *dctx, ++ unsigned char *out, size_t outlen, ++ const unsigned char *adin, size_t adin_len) ++{ ++ DRBG_HMAC_CTX *hmac = &dctx->d.hmac; ++ HMAC_CTX *hctx = hmac->hctx; ++ const unsigned char *Vtmp = hmac->V; ++ if (adin_len && !drbg_hmac_update(dctx, adin, adin_len, NULL, 0, NULL, 0)) ++ return 0; ++ for (;;) { ++ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) ++ return 0; ++ if (!HMAC_Update(hctx, Vtmp, dctx->blocklength)) ++ return 0; ++ if (outlen > dctx->blocklength) { ++ if (!HMAC_Final(hctx, out, NULL)) ++ return 0; ++ Vtmp = out; ++ } else { ++ if (!HMAC_Final(hctx, hmac->V, NULL)) ++ return 0; ++ memcpy(out, hmac->V, outlen); ++ break; ++ } ++ out += dctx->blocklength; ++ outlen -= dctx->blocklength; ++ } ++ if (!drbg_hmac_update(dctx, adin, adin_len, NULL, 0, NULL, 0)) ++ return 0; ++ ++ return 1; ++} ++ ++static int drbg_hmac_uninstantiate(DRBG_CTX *dctx) ++{ ++ HMAC_CTX_free(dctx->d.hmac.hctx); ++ OPENSSL_cleanse(&dctx->d.hmac, sizeof(DRBG_HMAC_CTX)); ++ return 1; ++} ++ ++int fips_drbg_hmac_init(DRBG_CTX *dctx) ++{ ++ const EVP_MD *md = NULL; ++ DRBG_HMAC_CTX *hctx = &dctx->d.hmac; ++ dctx->strength = 256; ++ switch (dctx->type) { ++ case NID_hmacWithSHA1: ++ md = EVP_sha1(); ++ dctx->strength = 128; ++ break; ++ ++ case NID_hmacWithSHA224: ++ md = EVP_sha224(); ++ dctx->strength = 192; ++ break; ++ ++ case NID_hmacWithSHA256: ++ md = EVP_sha256(); ++ break; ++ ++ case NID_hmacWithSHA384: ++ md = EVP_sha384(); ++ break; ++ ++ case NID_hmacWithSHA512: ++ md = EVP_sha512(); ++ break; ++ ++ default: ++ dctx->strength = 0; ++ return -2; ++ } ++ dctx->instantiate = drbg_hmac_instantiate; ++ dctx->reseed = drbg_hmac_reseed; ++ dctx->generate = drbg_hmac_generate; ++ dctx->uninstantiate = drbg_hmac_uninstantiate; ++ hctx->hctx = HMAC_CTX_new(); ++ if (hctx->hctx == NULL) ++ return -1; ++ hctx->md = md; ++ dctx->blocklength = M_EVP_MD_size(md); ++ dctx->seedlen = M_EVP_MD_size(md); ++ ++ dctx->min_entropy = dctx->strength / 8; ++ dctx->max_entropy = DRBG_MAX_LENGTH; ++ ++ dctx->min_nonce = dctx->min_entropy / 2; ++ dctx->max_nonce = DRBG_MAX_LENGTH; ++ ++ dctx->max_pers = DRBG_MAX_LENGTH; ++ dctx->max_adin = DRBG_MAX_LENGTH; ++ ++ dctx->max_request = 1 << 16; ++ dctx->reseed_interval = 1 << 24; ++ ++ return 1; ++} +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_lib.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_lib.c.fips 2020-03-17 17:30:52.043567095 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_lib.c 2020-03-17 17:30:52.043567095 +0100 +@@ -0,0 +1,528 @@ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++#include ++#include ++#include ++#include ++#include "crypto/fips.h" ++#include ++#include "fips_locl.h" ++#include "fips_rand_lcl.h" ++ ++/* Support framework for SP800-90 DRBGs */ ++ ++int FIPS_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags) ++{ ++ int rv; ++ memset(dctx, 0, sizeof(DRBG_CTX)); ++ dctx->status = DRBG_STATUS_UNINITIALISED; ++ dctx->xflags = flags; ++ dctx->type = type; ++ ++ dctx->iflags = 0; ++ dctx->entropy_blocklen = 0; ++ dctx->health_check_cnt = 0; ++ dctx->health_check_interval = DRBG_HEALTH_INTERVAL; ++ ++ rv = fips_drbg_hash_init(dctx); ++ ++ if (rv == -2) ++ rv = fips_drbg_ctr_init(dctx); ++ if (rv == -2) ++ rv = fips_drbg_hmac_init(dctx); ++ ++ if (rv <= 0) { ++ if (rv == -2) ++ FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_UNSUPPORTED_DRBG_TYPE); ++ else ++ FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_ERROR_INITIALISING_DRBG); ++ } ++ ++ /* If not in test mode run selftests on DRBG of the same type */ ++ ++ if (!(dctx->xflags & DRBG_FLAG_TEST)) { ++ if (!FIPS_drbg_health_check(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_SELFTEST_FAILURE); ++ return 0; ++ } ++ } ++ ++ return rv; ++} ++ ++DRBG_CTX *FIPS_drbg_new(int type, unsigned int flags) ++{ ++ DRBG_CTX *dctx; ++ dctx = OPENSSL_malloc(sizeof(DRBG_CTX)); ++ if (!dctx) { ++ FIPSerr(FIPS_F_FIPS_DRBG_NEW, ERR_R_MALLOC_FAILURE); ++ return NULL; ++ } ++ ++ if (type == 0) { ++ memset(dctx, 0, sizeof(DRBG_CTX)); ++ dctx->type = 0; ++ dctx->status = DRBG_STATUS_UNINITIALISED; ++ return dctx; ++ } ++ ++ if (FIPS_drbg_init(dctx, type, flags) <= 0) { ++ OPENSSL_free(dctx); ++ return NULL; ++ } ++ ++ return dctx; ++} ++ ++void FIPS_drbg_free(DRBG_CTX *dctx) ++{ ++ if (dctx->uninstantiate) ++ dctx->uninstantiate(dctx); ++ /* Don't free up default DRBG */ ++ if (dctx == FIPS_get_default_drbg()) { ++ memset(dctx, 0, sizeof(DRBG_CTX)); ++ dctx->type = 0; ++ dctx->status = DRBG_STATUS_UNINITIALISED; ++ } else { ++ OPENSSL_cleanse(&dctx->d, sizeof(dctx->d)); ++ OPENSSL_free(dctx); ++ } ++} ++ ++static size_t fips_get_entropy(DRBG_CTX *dctx, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len) ++{ ++ unsigned char *tout, *p; ++ size_t bl = dctx->entropy_blocklen, rv; ++ if (!dctx->get_entropy) ++ return 0; ++ if (dctx->xflags & DRBG_FLAG_TEST || !bl) ++ return dctx->get_entropy(dctx, pout, entropy, min_len, max_len); ++ rv = dctx->get_entropy(dctx, &tout, entropy + bl, ++ min_len + bl, max_len + bl); ++ if (tout == NULL) ++ return 0; ++ *pout = tout + bl; ++ if (rv < (min_len + bl) || (rv % bl)) ++ return 0; ++ /* Compare consecutive blocks for continuous PRNG test */ ++ for (p = tout; p < tout + rv - bl; p += bl) { ++ if (!memcmp(p, p + bl, bl)) { ++ FIPSerr(FIPS_F_FIPS_GET_ENTROPY, FIPS_R_ENTROPY_SOURCE_STUCK); ++ return 0; ++ } ++ } ++ rv -= bl; ++ if (rv > max_len) ++ return max_len; ++ return rv; ++} ++ ++static void fips_cleanup_entropy(DRBG_CTX *dctx, ++ unsigned char *out, size_t olen) ++{ ++ size_t bl; ++ if (dctx->xflags & DRBG_FLAG_TEST) ++ bl = 0; ++ else ++ bl = dctx->entropy_blocklen; ++ /* Call cleanup with original arguments */ ++ dctx->cleanup_entropy(dctx, out - bl, olen + bl); ++} ++ ++int FIPS_drbg_instantiate(DRBG_CTX *dctx, ++ const unsigned char *pers, size_t perslen) ++{ ++ size_t entlen = 0, noncelen = 0; ++ unsigned char *nonce = NULL, *entropy = NULL; ++ ++#if 0 ++ /* Put here so error script picks them up */ ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, ++ FIPS_R_PERSONALISATION_STRING_TOO_LONG); ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_IN_ERROR_STATE); ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_ALREADY_INSTANTIATED); ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_ERROR_RETRIEVING_ENTROPY); ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_ERROR_RETRIEVING_NONCE); ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_INSTANTIATE_ERROR); ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_DRBG_NOT_INITIALISED); ++#endif ++ ++ int r = 0; ++ ++ if (perslen > dctx->max_pers) { ++ r = FIPS_R_PERSONALISATION_STRING_TOO_LONG; ++ goto end; ++ } ++ ++ if (!dctx->instantiate) { ++ r = FIPS_R_DRBG_NOT_INITIALISED; ++ goto end; ++ } ++ ++ if (dctx->status != DRBG_STATUS_UNINITIALISED) { ++ if (dctx->status == DRBG_STATUS_ERROR) ++ r = FIPS_R_IN_ERROR_STATE; ++ else ++ r = FIPS_R_ALREADY_INSTANTIATED; ++ goto end; ++ } ++ ++ dctx->status = DRBG_STATUS_ERROR; ++ ++ entlen = fips_get_entropy(dctx, &entropy, dctx->strength, ++ dctx->min_entropy, dctx->max_entropy); ++ ++ if (entlen < dctx->min_entropy || entlen > dctx->max_entropy) { ++ r = FIPS_R_ERROR_RETRIEVING_ENTROPY; ++ goto end; ++ } ++ ++ if (dctx->max_nonce > 0 && dctx->get_nonce) { ++ noncelen = dctx->get_nonce(dctx, &nonce, ++ dctx->strength / 2, ++ dctx->min_nonce, dctx->max_nonce); ++ ++ if (noncelen < dctx->min_nonce || noncelen > dctx->max_nonce) { ++ r = FIPS_R_ERROR_RETRIEVING_NONCE; ++ goto end; ++ } ++ ++ } ++ ++ if (!dctx->instantiate(dctx, ++ entropy, entlen, nonce, noncelen, pers, perslen)) { ++ r = FIPS_R_ERROR_INSTANTIATING_DRBG; ++ goto end; ++ } ++ ++ dctx->status = DRBG_STATUS_READY; ++ if (!(dctx->iflags & DRBG_CUSTOM_RESEED)) ++ dctx->reseed_counter = 1; ++ ++ end: ++ ++ if (entropy && dctx->cleanup_entropy) ++ fips_cleanup_entropy(dctx, entropy, entlen); ++ ++ if (nonce && dctx->cleanup_nonce) ++ dctx->cleanup_nonce(dctx, nonce, noncelen); ++ ++ if (dctx->status == DRBG_STATUS_READY) ++ return 1; ++ ++ if (r && !(dctx->iflags & DRBG_FLAG_NOERR)) ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, r); ++ ++ return 0; ++ ++} ++ ++static int drbg_reseed(DRBG_CTX *dctx, ++ const unsigned char *adin, size_t adinlen, int hcheck) ++{ ++ unsigned char *entropy = NULL; ++ size_t entlen = 0; ++ int r = 0; ++ ++#if 0 ++ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_NOT_INSTANTIATED); ++ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_ADDITIONAL_INPUT_TOO_LONG); ++#endif ++ if (dctx->status != DRBG_STATUS_READY ++ && dctx->status != DRBG_STATUS_RESEED) { ++ if (dctx->status == DRBG_STATUS_ERROR) ++ r = FIPS_R_IN_ERROR_STATE; ++ else if (dctx->status == DRBG_STATUS_UNINITIALISED) ++ r = FIPS_R_NOT_INSTANTIATED; ++ goto end; ++ } ++ ++ if (!adin) ++ adinlen = 0; ++ else if (adinlen > dctx->max_adin) { ++ r = FIPS_R_ADDITIONAL_INPUT_TOO_LONG; ++ goto end; ++ } ++ ++ dctx->status = DRBG_STATUS_ERROR; ++ /* Peform health check on all reseed operations if not a prediction ++ * resistance request and not in test mode. ++ */ ++ if (hcheck && !(dctx->xflags & DRBG_FLAG_TEST)) { ++ if (!FIPS_drbg_health_check(dctx)) { ++ r = FIPS_R_SELFTEST_FAILURE; ++ goto end; ++ } ++ } ++ ++ entlen = fips_get_entropy(dctx, &entropy, dctx->strength, ++ dctx->min_entropy, dctx->max_entropy); ++ ++ if (entlen < dctx->min_entropy || entlen > dctx->max_entropy) { ++ r = FIPS_R_ERROR_RETRIEVING_ENTROPY; ++ goto end; ++ } ++ ++ if (!dctx->reseed(dctx, entropy, entlen, adin, adinlen)) ++ goto end; ++ ++ dctx->status = DRBG_STATUS_READY; ++ if (!(dctx->iflags & DRBG_CUSTOM_RESEED)) ++ dctx->reseed_counter = 1; ++ end: ++ ++ if (entropy && dctx->cleanup_entropy) ++ fips_cleanup_entropy(dctx, entropy, entlen); ++ ++ if (dctx->status == DRBG_STATUS_READY) ++ return 1; ++ ++ if (r && !(dctx->iflags & DRBG_FLAG_NOERR)) ++ FIPSerr(FIPS_F_DRBG_RESEED, r); ++ ++ return 0; ++} ++ ++int FIPS_drbg_reseed(DRBG_CTX *dctx, ++ const unsigned char *adin, size_t adinlen) ++{ ++ return drbg_reseed(dctx, adin, adinlen, 1); ++} ++ ++static int fips_drbg_check(DRBG_CTX *dctx) ++{ ++ if (dctx->xflags & DRBG_FLAG_TEST) ++ return 1; ++ dctx->health_check_cnt++; ++ if (dctx->health_check_cnt >= dctx->health_check_interval) { ++ if (!FIPS_drbg_health_check(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_CHECK, FIPS_R_SELFTEST_FAILURE); ++ return 0; ++ } ++ } ++ return 1; ++} ++ ++int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen, ++ int prediction_resistance, ++ const unsigned char *adin, size_t adinlen) ++{ ++ int r = 0; ++ ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ if (!fips_drbg_check(dctx)) ++ return 0; ++ ++ if (dctx->status != DRBG_STATUS_READY ++ && dctx->status != DRBG_STATUS_RESEED) { ++ if (dctx->status == DRBG_STATUS_ERROR) ++ r = FIPS_R_IN_ERROR_STATE; ++ else if (dctx->status == DRBG_STATUS_UNINITIALISED) ++ r = FIPS_R_NOT_INSTANTIATED; ++ goto end; ++ } ++ ++ if (outlen > dctx->max_request) { ++ r = FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG; ++ return 0; ++ } ++ ++ if (adinlen > dctx->max_adin) { ++ r = FIPS_R_ADDITIONAL_INPUT_TOO_LONG; ++ goto end; ++ } ++ ++ if (dctx->iflags & DRBG_CUSTOM_RESEED) ++ dctx->generate(dctx, NULL, outlen, NULL, 0); ++ else if (dctx->reseed_counter >= dctx->reseed_interval) ++ dctx->status = DRBG_STATUS_RESEED; ++ ++ if (dctx->status == DRBG_STATUS_RESEED || prediction_resistance) { ++ /* If prediction resistance request don't do health check */ ++ int hcheck = prediction_resistance ? 0 : 1; ++ ++ if (!drbg_reseed(dctx, adin, adinlen, hcheck)) { ++ r = FIPS_R_RESEED_ERROR; ++ goto end; ++ } ++ adin = NULL; ++ adinlen = 0; ++ } ++ ++ if (!dctx->generate(dctx, out, outlen, adin, adinlen)) { ++ r = FIPS_R_GENERATE_ERROR; ++ dctx->status = DRBG_STATUS_ERROR; ++ goto end; ++ } ++ if (!(dctx->iflags & DRBG_CUSTOM_RESEED)) { ++ if (dctx->reseed_counter >= dctx->reseed_interval) ++ dctx->status = DRBG_STATUS_RESEED; ++ else ++ dctx->reseed_counter++; ++ } ++ ++ end: ++ if (r) { ++ if (!(dctx->iflags & DRBG_FLAG_NOERR)) ++ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, r); ++ return 0; ++ } ++ ++ return 1; ++} ++ ++int FIPS_drbg_uninstantiate(DRBG_CTX *dctx) ++{ ++ int rv; ++ if (!dctx->uninstantiate) ++ rv = 1; ++ else ++ rv = dctx->uninstantiate(dctx); ++ /* Although we'd like to cleanse here we can't because we have to ++ * test the uninstantiate really zeroes the data. ++ */ ++ memset(&dctx->d, 0, sizeof(dctx->d)); ++ dctx->status = DRBG_STATUS_UNINITIALISED; ++ /* If method has problems uninstantiating, return error */ ++ return rv; ++} ++ ++int FIPS_drbg_set_callbacks(DRBG_CTX *dctx, ++ size_t (*get_entropy) (DRBG_CTX *ctx, ++ unsigned char **pout, ++ int entropy, ++ size_t min_len, ++ size_t max_len), ++ void (*cleanup_entropy) (DRBG_CTX *ctx, ++ unsigned char *out, ++ size_t olen), ++ size_t entropy_blocklen, ++ size_t (*get_nonce) (DRBG_CTX *ctx, ++ unsigned char **pout, ++ int entropy, size_t min_len, ++ size_t max_len), ++ void (*cleanup_nonce) (DRBG_CTX *ctx, ++ unsigned char *out, ++ size_t olen)) ++{ ++ if (dctx->status != DRBG_STATUS_UNINITIALISED) ++ return 0; ++ dctx->entropy_blocklen = entropy_blocklen; ++ dctx->get_entropy = get_entropy; ++ dctx->cleanup_entropy = cleanup_entropy; ++ dctx->get_nonce = get_nonce; ++ dctx->cleanup_nonce = cleanup_nonce; ++ return 1; ++} ++ ++int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx, ++ size_t (*get_adin) (DRBG_CTX *ctx, ++ unsigned char **pout), ++ void (*cleanup_adin) (DRBG_CTX *ctx, ++ unsigned char *out, ++ size_t olen), ++ int (*rand_seed_cb) (DRBG_CTX *ctx, ++ const void *buf, ++ int num), ++ int (*rand_add_cb) (DRBG_CTX *ctx, ++ const void *buf, int num, ++ double entropy)) ++{ ++ if (dctx->status != DRBG_STATUS_UNINITIALISED) ++ return 0; ++ dctx->get_adin = get_adin; ++ dctx->cleanup_adin = cleanup_adin; ++ dctx->rand_seed_cb = rand_seed_cb; ++ dctx->rand_add_cb = rand_add_cb; ++ return 1; ++} ++ ++void *FIPS_drbg_get_app_data(DRBG_CTX *dctx) ++{ ++ return dctx->app_data; ++} ++ ++void FIPS_drbg_set_app_data(DRBG_CTX *dctx, void *app_data) ++{ ++ dctx->app_data = app_data; ++} ++ ++size_t FIPS_drbg_get_blocklength(DRBG_CTX *dctx) ++{ ++ return dctx->blocklength; ++} ++ ++int FIPS_drbg_get_strength(DRBG_CTX *dctx) ++{ ++ return dctx->strength; ++} ++ ++void FIPS_drbg_set_check_interval(DRBG_CTX *dctx, int interval) ++{ ++ dctx->health_check_interval = interval; ++} ++ ++void FIPS_drbg_set_reseed_interval(DRBG_CTX *dctx, int interval) ++{ ++ dctx->reseed_interval = interval; ++} ++ ++void FIPS_drbg_stick(int onoff) ++{ ++ /* Just backwards compatibility API call with no effect. */ ++} +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_rand.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_rand.c.fips 2020-03-17 17:30:52.044567078 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_rand.c 2020-03-17 17:30:52.044567078 +0100 +@@ -0,0 +1,185 @@ ++/* fips/rand/fips_drbg_rand.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++#include ++#include ++#include "internal/thread_once.h" ++#include ++#include ++#include ++#include ++#include "fips_rand_lcl.h" ++ ++/* Mapping of SP800-90 DRBGs to OpenSSL RAND_METHOD */ ++ ++/* Since we only have one global PRNG used at any time in OpenSSL use a global ++ * variable to store context. ++ */ ++ ++static DRBG_CTX ossl_dctx; ++ ++static CRYPTO_RWLOCK *fips_rand_lock = NULL; ++static CRYPTO_ONCE fips_rand_lock_init = CRYPTO_ONCE_STATIC_INIT; ++ ++DEFINE_RUN_ONCE_STATIC(do_fips_rand_lock_init) ++{ ++ fips_rand_lock = CRYPTO_THREAD_lock_new(); ++ return fips_rand_lock != NULL; ++} ++ ++DRBG_CTX *FIPS_get_default_drbg(void) ++{ ++ if (!RUN_ONCE(&fips_rand_lock_init, do_fips_rand_lock_init)) ++ return NULL; ++ return &ossl_dctx; ++} ++ ++static int fips_drbg_bytes(unsigned char *out, int count) ++{ ++ DRBG_CTX *dctx = &ossl_dctx; ++ int rv = 0; ++ unsigned char *adin = NULL; ++ size_t adinlen = 0; ++ CRYPTO_THREAD_write_lock(fips_rand_lock); ++ do { ++ size_t rcnt; ++ if (count > (int)dctx->max_request) ++ rcnt = dctx->max_request; ++ else ++ rcnt = count; ++ if (dctx->get_adin) { ++ adinlen = dctx->get_adin(dctx, &adin); ++ if (adinlen && !adin) { ++ FIPSerr(FIPS_F_FIPS_DRBG_BYTES, ++ FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT); ++ goto err; ++ } ++ } ++ rv = FIPS_drbg_generate(dctx, out, rcnt, 0, adin, adinlen); ++ if (adin) { ++ if (dctx->cleanup_adin) ++ dctx->cleanup_adin(dctx, adin, adinlen); ++ adin = NULL; ++ } ++ if (!rv) ++ goto err; ++ out += rcnt; ++ count -= rcnt; ++ } ++ while (count); ++ rv = 1; ++ err: ++ CRYPTO_THREAD_unlock(fips_rand_lock); ++ return rv; ++} ++ ++static int fips_drbg_pseudo(unsigned char *out, int count) ++{ ++ if (fips_drbg_bytes(out, count) <= 0) ++ return -1; ++ return 1; ++} ++ ++static int fips_drbg_status(void) ++{ ++ DRBG_CTX *dctx = &ossl_dctx; ++ int rv; ++ CRYPTO_THREAD_read_lock(fips_rand_lock); ++ rv = dctx->status == DRBG_STATUS_READY ? 1 : 0; ++ CRYPTO_THREAD_unlock(fips_rand_lock); ++ return rv; ++} ++ ++static void fips_drbg_cleanup(void) ++{ ++ DRBG_CTX *dctx = &ossl_dctx; ++ CRYPTO_THREAD_write_lock(fips_rand_lock); ++ FIPS_drbg_uninstantiate(dctx); ++ CRYPTO_THREAD_unlock(fips_rand_lock); ++} ++ ++static int fips_drbg_seed(const void *seed, int seedlen) ++{ ++ DRBG_CTX *dctx = &ossl_dctx; ++ int ret = 1; ++ CRYPTO_THREAD_write_lock(fips_rand_lock); ++ if (dctx->rand_seed_cb) ++ ret = dctx->rand_seed_cb(dctx, seed, seedlen); ++ CRYPTO_THREAD_unlock(fips_rand_lock); ++ return ret; ++} ++ ++static int fips_drbg_add(const void *seed, int seedlen, double add_entropy) ++{ ++ DRBG_CTX *dctx = &ossl_dctx; ++ int ret = 1; ++ CRYPTO_THREAD_write_lock(fips_rand_lock); ++ if (dctx->rand_add_cb) ++ ret = dctx->rand_add_cb(dctx, seed, seedlen, add_entropy); ++ CRYPTO_THREAD_unlock(fips_rand_lock); ++ return ret; ++} ++ ++static const RAND_METHOD rand_drbg_meth = { ++ fips_drbg_seed, ++ fips_drbg_bytes, ++ fips_drbg_cleanup, ++ fips_drbg_add, ++ fips_drbg_pseudo, ++ fips_drbg_status ++}; ++ ++const RAND_METHOD *FIPS_drbg_method(void) ++{ ++ return &rand_drbg_meth; ++} +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c.fips 2020-03-17 17:30:52.044567078 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c 2020-03-17 17:30:52.044567078 +0100 +@@ -0,0 +1,828 @@ ++/* fips/rand/fips_drbg_selftest.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include "fips_rand_lcl.h" ++#include "fips_locl.h" ++ ++#include "fips_drbg_selftest.h" ++ ++typedef struct { ++ int post; ++ int nid; ++ unsigned int flags; ++ ++ /* KAT data for no PR */ ++ const unsigned char *ent; ++ size_t entlen; ++ const unsigned char *nonce; ++ size_t noncelen; ++ const unsigned char *pers; ++ size_t perslen; ++ const unsigned char *adin; ++ size_t adinlen; ++ const unsigned char *entreseed; ++ size_t entreseedlen; ++ const unsigned char *adinreseed; ++ size_t adinreseedlen; ++ const unsigned char *adin2; ++ size_t adin2len; ++ const unsigned char *kat; ++ size_t katlen; ++ const unsigned char *kat2; ++ size_t kat2len; ++ ++ /* KAT data for PR */ ++ const unsigned char *ent_pr; ++ size_t entlen_pr; ++ const unsigned char *nonce_pr; ++ size_t noncelen_pr; ++ const unsigned char *pers_pr; ++ size_t perslen_pr; ++ const unsigned char *adin_pr; ++ size_t adinlen_pr; ++ const unsigned char *entpr_pr; ++ size_t entprlen_pr; ++ const unsigned char *ading_pr; ++ size_t adinglen_pr; ++ const unsigned char *entg_pr; ++ size_t entglen_pr; ++ const unsigned char *kat_pr; ++ size_t katlen_pr; ++ const unsigned char *kat2_pr; ++ size_t kat2len_pr; ++ ++} DRBG_SELFTEST_DATA; ++ ++#define make_drbg_test_data(nid, flag, pr, p) {p, nid, flag | DRBG_FLAG_TEST, \ ++ pr##_entropyinput, sizeof(pr##_entropyinput), \ ++ pr##_nonce, sizeof(pr##_nonce), \ ++ pr##_personalizationstring, sizeof(pr##_personalizationstring), \ ++ pr##_additionalinput, sizeof(pr##_additionalinput), \ ++ pr##_entropyinputreseed, sizeof(pr##_entropyinputreseed), \ ++ pr##_additionalinputreseed, sizeof(pr##_additionalinputreseed), \ ++ pr##_additionalinput2, sizeof(pr##_additionalinput2), \ ++ pr##_int_returnedbits, sizeof(pr##_int_returnedbits), \ ++ pr##_returnedbits, sizeof(pr##_returnedbits), \ ++ pr##_pr_entropyinput, sizeof(pr##_pr_entropyinput), \ ++ pr##_pr_nonce, sizeof(pr##_pr_nonce), \ ++ pr##_pr_personalizationstring, sizeof(pr##_pr_personalizationstring), \ ++ pr##_pr_additionalinput, sizeof(pr##_pr_additionalinput), \ ++ pr##_pr_entropyinputpr, sizeof(pr##_pr_entropyinputpr), \ ++ pr##_pr_additionalinput2, sizeof(pr##_pr_additionalinput2), \ ++ pr##_pr_entropyinputpr2, sizeof(pr##_pr_entropyinputpr2), \ ++ pr##_pr_int_returnedbits, sizeof(pr##_pr_int_returnedbits), \ ++ pr##_pr_returnedbits, sizeof(pr##_pr_returnedbits), \ ++ } ++ ++#define make_drbg_test_data_df(nid, pr, p) \ ++ make_drbg_test_data(nid, DRBG_FLAG_CTR_USE_DF, pr, p) ++ ++#define make_drbg_test_data_ec(curve, md, pr, p) \ ++ make_drbg_test_data((curve << 16) | md , 0, pr, p) ++ ++static DRBG_SELFTEST_DATA drbg_test[] = { ++ make_drbg_test_data_df(NID_aes_128_ctr, aes_128_use_df, 0), ++ make_drbg_test_data_df(NID_aes_192_ctr, aes_192_use_df, 0), ++ make_drbg_test_data_df(NID_aes_256_ctr, aes_256_use_df, 1), ++ make_drbg_test_data(NID_aes_128_ctr, 0, aes_128_no_df, 0), ++ make_drbg_test_data(NID_aes_192_ctr, 0, aes_192_no_df, 0), ++ make_drbg_test_data(NID_aes_256_ctr, 0, aes_256_no_df, 1), ++ make_drbg_test_data(NID_sha1, 0, sha1, 0), ++ make_drbg_test_data(NID_sha224, 0, sha224, 0), ++ make_drbg_test_data(NID_sha256, 0, sha256, 1), ++ make_drbg_test_data(NID_sha384, 0, sha384, 0), ++ make_drbg_test_data(NID_sha512, 0, sha512, 0), ++ make_drbg_test_data(NID_hmacWithSHA1, 0, hmac_sha1, 0), ++ make_drbg_test_data(NID_hmacWithSHA224, 0, hmac_sha224, 0), ++ make_drbg_test_data(NID_hmacWithSHA256, 0, hmac_sha256, 1), ++ make_drbg_test_data(NID_hmacWithSHA384, 0, hmac_sha384, 0), ++ make_drbg_test_data(NID_hmacWithSHA512, 0, hmac_sha512, 0), ++ {0, 0, 0} ++}; ++ ++typedef struct { ++ const unsigned char *ent; ++ size_t entlen; ++ int entcnt; ++ const unsigned char *nonce; ++ size_t noncelen; ++ int noncecnt; ++} TEST_ENT; ++ ++static size_t test_entropy(DRBG_CTX *dctx, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len) ++{ ++ TEST_ENT *t = FIPS_drbg_get_app_data(dctx); ++ *pout = (unsigned char *)t->ent; ++ t->entcnt++; ++ return t->entlen; ++} ++ ++static size_t test_nonce(DRBG_CTX *dctx, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len) ++{ ++ TEST_ENT *t = FIPS_drbg_get_app_data(dctx); ++ *pout = (unsigned char *)t->nonce; ++ t->noncecnt++; ++ return t->noncelen; ++} ++ ++static int fips_drbg_single_kat(DRBG_CTX *dctx, DRBG_SELFTEST_DATA * td, ++ int quick) ++{ ++ TEST_ENT t; ++ int rv = 0; ++ size_t adinlen; ++ unsigned char randout[1024]; ++ ++ /* Initial test without PR */ ++ ++ /* Instantiate DRBG with test entropy, nonce and personalisation ++ * string. ++ */ ++ ++ if (!FIPS_drbg_init(dctx, td->nid, td->flags)) ++ return 0; ++ if (!FIPS_drbg_set_callbacks(dctx, test_entropy, 0, 0, test_nonce, 0)) ++ return 0; ++ ++ FIPS_drbg_set_app_data(dctx, &t); ++ ++ t.ent = td->ent; ++ t.entlen = td->entlen; ++ t.nonce = td->nonce; ++ t.noncelen = td->noncelen; ++ t.entcnt = 0; ++ t.noncecnt = 0; ++ ++ if (!FIPS_drbg_instantiate(dctx, td->pers, td->perslen)) ++ goto err; ++ ++ /* Note for CTR without DF some additional input values ++ * ignore bytes after the keylength: so reduce adinlen ++ * to half to ensure invalid data is fed in. ++ */ ++ if (!fips_post_corrupt(FIPS_TEST_DRBG, dctx->type, &dctx->iflags)) ++ adinlen = td->adinlen / 2; ++ else ++ adinlen = td->adinlen; ++ ++ /* Generate with no PR and verify output matches expected data */ ++ if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, td->adin, adinlen)) ++ goto err; ++ ++ if (memcmp(randout, td->kat, td->katlen)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_NOPR_TEST1_FAILURE); ++ goto err2; ++ } ++ /* If abbreviated POST end of test */ ++ if (quick) { ++ rv = 1; ++ goto err; ++ } ++ /* Reseed DRBG with test entropy and additional input */ ++ t.ent = td->entreseed; ++ t.entlen = td->entreseedlen; ++ ++ if (!FIPS_drbg_reseed(dctx, td->adinreseed, td->adinreseedlen)) ++ goto err; ++ ++ /* Generate with no PR and verify output matches expected data */ ++ if (!FIPS_drbg_generate(dctx, randout, td->kat2len, 0, ++ td->adin2, td->adin2len)) ++ goto err; ++ ++ if (memcmp(randout, td->kat2, td->kat2len)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_NOPR_TEST2_FAILURE); ++ goto err2; ++ } ++ ++ FIPS_drbg_uninstantiate(dctx); ++ ++ /* Now test with PR */ ++ ++ /* Instantiate DRBG with test entropy, nonce and personalisation ++ * string. ++ */ ++ if (!FIPS_drbg_init(dctx, td->nid, td->flags)) ++ return 0; ++ if (!FIPS_drbg_set_callbacks(dctx, test_entropy, 0, 0, test_nonce, 0)) ++ return 0; ++ ++ FIPS_drbg_set_app_data(dctx, &t); ++ ++ t.ent = td->ent_pr; ++ t.entlen = td->entlen_pr; ++ t.nonce = td->nonce_pr; ++ t.noncelen = td->noncelen_pr; ++ t.entcnt = 0; ++ t.noncecnt = 0; ++ ++ if (!FIPS_drbg_instantiate(dctx, td->pers_pr, td->perslen_pr)) ++ goto err; ++ ++ /* Now generate with PR: we need to supply entropy as this will ++ * perform a reseed operation. Check output matches expected value. ++ */ ++ ++ t.ent = td->entpr_pr; ++ t.entlen = td->entprlen_pr; ++ ++ /* Note for CTR without DF some additional input values ++ * ignore bytes after the keylength: so reduce adinlen ++ * to half to ensure invalid data is fed in. ++ */ ++ if (!fips_post_corrupt(FIPS_TEST_DRBG, dctx->type, &dctx->iflags)) ++ adinlen = td->adinlen_pr / 2; ++ else ++ adinlen = td->adinlen_pr; ++ if (!FIPS_drbg_generate(dctx, randout, td->katlen_pr, 1, ++ td->adin_pr, adinlen)) ++ goto err; ++ ++ if (memcmp(randout, td->kat_pr, td->katlen_pr)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_PR_TEST1_FAILURE); ++ goto err2; ++ } ++ ++ /* Now generate again with PR: supply new entropy again. ++ * Check output matches expected value. ++ */ ++ ++ t.ent = td->entg_pr; ++ t.entlen = td->entglen_pr; ++ ++ if (!FIPS_drbg_generate(dctx, randout, td->kat2len_pr, 1, ++ td->ading_pr, td->adinglen_pr)) ++ goto err; ++ ++ if (memcmp(randout, td->kat2_pr, td->kat2len_pr)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_PR_TEST2_FAILURE); ++ goto err2; ++ } ++ /* All OK, test complete */ ++ rv = 1; ++ ++ err: ++ if (rv == 0) ++ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_SELFTEST_FAILED); ++ err2: ++ FIPS_drbg_uninstantiate(dctx); ++ ++ return rv; ++ ++} ++ ++/* Initialise a DRBG based on selftest data */ ++ ++static int do_drbg_init(DRBG_CTX *dctx, DRBG_SELFTEST_DATA * td, TEST_ENT * t) ++{ ++ ++ if (!FIPS_drbg_init(dctx, td->nid, td->flags)) ++ return 0; ++ ++ if (!FIPS_drbg_set_callbacks(dctx, test_entropy, 0, 0, test_nonce, 0)) ++ return 0; ++ ++ FIPS_drbg_set_app_data(dctx, t); ++ ++ t->ent = td->ent; ++ t->entlen = td->entlen; ++ t->nonce = td->nonce; ++ t->noncelen = td->noncelen; ++ t->entcnt = 0; ++ t->noncecnt = 0; ++ return 1; ++} ++ ++/* Initialise and instantiate DRBG based on selftest data */ ++static int do_drbg_instantiate(DRBG_CTX *dctx, DRBG_SELFTEST_DATA * td, ++ TEST_ENT * t) ++{ ++ if (!do_drbg_init(dctx, td, t)) ++ return 0; ++ if (!FIPS_drbg_instantiate(dctx, td->pers, td->perslen)) ++ return 0; ++ ++ return 1; ++} ++ ++/* This function performs extensive error checking as required by SP800-90. ++ * Induce several failure modes and check an error condition is set. ++ * This function along with fips_drbg_single_kat peforms the health checking ++ * operation. ++ */ ++ ++static int fips_drbg_error_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA * td) ++{ ++ unsigned char randout[1024]; ++ TEST_ENT t; ++ size_t i; ++ unsigned int reseed_counter_tmp; ++ unsigned char *p = (unsigned char *)dctx; ++ ++ /* Initialise DRBG */ ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ /* Don't report induced errors */ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ /* Personalisation string tests */ ++ ++ /* Test detection of too large personlisation string */ ++ ++ if (FIPS_drbg_instantiate(dctx, td->pers, dctx->max_pers + 1) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_PERSONALISATION_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ /* Entropy source tests */ ++ ++ /* Test entropy source failure detecion: i.e. returns no data */ ++ ++ t.entlen = 0; ++ ++ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ /* Try to generate output from uninstantiated DRBG */ ++ if (FIPS_drbg_generate(dctx, randout, td->katlen, 0, ++ td->adin, td->adinlen)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_GENERATE_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ /* Test insufficient entropy */ ++ ++ t.entlen = dctx->min_entropy - 1; ++ ++ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Test too much entropy */ ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ t.entlen = dctx->max_entropy + 1; ++ ++ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Nonce tests */ ++ ++ /* Test too small nonce */ ++ ++ if (dctx->min_nonce) { ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ t.noncelen = dctx->min_nonce - 1; ++ ++ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_NONCE_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ } ++ ++ /* Test too large nonce */ ++ ++ if (dctx->max_nonce) { ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ t.noncelen = dctx->max_nonce + 1; ++ ++ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_NONCE_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ } ++ ++ /* Instantiate with valid data. */ ++ if (!do_drbg_instantiate(dctx, td, &t)) ++ goto err; ++ ++ /* Check generation is now OK */ ++ if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, ++ td->adin, td->adinlen)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ /* Request too much data for one request */ ++ if (FIPS_drbg_generate(dctx, randout, dctx->max_request + 1, 0, ++ td->adin, td->adinlen)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ /* Try too large additional input */ ++ if (FIPS_drbg_generate(dctx, randout, td->katlen, 0, ++ td->adin, dctx->max_adin + 1)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ /* Check prediction resistance request fails if entropy source ++ * failure. ++ */ ++ ++ t.entlen = 0; ++ ++ if (FIPS_drbg_generate(dctx, randout, td->katlen, 1, ++ td->adin, td->adinlen)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Instantiate again with valid data */ ++ ++ if (!do_drbg_instantiate(dctx, td, &t)) ++ goto err; ++ /* Test reseed counter works */ ++ /* Save initial reseed counter */ ++ reseed_counter_tmp = dctx->reseed_counter; ++ /* Set reseed counter to beyond interval */ ++ dctx->reseed_counter = dctx->reseed_interval; ++ ++ /* Generate output and check entropy has been requested for reseed */ ++ t.entcnt = 0; ++ if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, ++ td->adin, td->adinlen)) ++ goto err; ++ if (t.entcnt != 1) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED); ++ goto err; ++ } ++ /* Check reseed counter has been reset */ ++ if (dctx->reseed_counter != reseed_counter_tmp + 1) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_RESEED_COUNTER_ERROR); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Check prediction resistance request fails if entropy source ++ * failure. ++ */ ++ ++ t.entlen = 0; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ if (FIPS_drbg_generate(dctx, randout, td->katlen, 1, ++ td->adin, td->adinlen)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ if (!do_drbg_instantiate(dctx, td, &t)) ++ goto err; ++ /* Test reseed counter works */ ++ /* Save initial reseed counter */ ++ reseed_counter_tmp = dctx->reseed_counter; ++ /* Set reseed counter to beyond interval */ ++ dctx->reseed_counter = dctx->reseed_interval; ++ ++ /* Generate output and check entropy has been requested for reseed */ ++ t.entcnt = 0; ++ if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, ++ td->adin, td->adinlen)) ++ goto err; ++ if (t.entcnt != 1) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED); ++ goto err; ++ } ++ /* Check reseed counter has been reset */ ++ if (dctx->reseed_counter != reseed_counter_tmp + 1) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_RESEED_COUNTER_ERROR); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Explicit reseed tests */ ++ ++ /* Test explicit reseed with too large additional input */ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ if (FIPS_drbg_reseed(dctx, td->adin, dctx->max_adin + 1) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ /* Test explicit reseed with entropy source failure */ ++ ++ t.entlen = 0; ++ ++ if (FIPS_drbg_reseed(dctx, td->adin, td->adinlen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Test explicit reseed with too much entropy */ ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ t.entlen = dctx->max_entropy + 1; ++ ++ if (FIPS_drbg_reseed(dctx, td->adin, td->adinlen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Test explicit reseed with too little entropy */ ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ t.entlen = dctx->min_entropy - 1; ++ ++ if (FIPS_drbg_reseed(dctx, td->adin, td->adinlen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ p = (unsigned char *)&dctx->d; ++ /* Standard says we have to check uninstantiate really zeroes ++ * the data... ++ */ ++ for (i = 0; i < sizeof(dctx->d); i++) { ++ if (*p != 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_UNINSTANTIATE_ZEROISE_ERROR); ++ goto err; ++ } ++ p++; ++ } ++ ++ return 1; ++ ++ err: ++ /* A real error as opposed to an induced one: underlying function will ++ * indicate the error. ++ */ ++ if (!(dctx->iflags & DRBG_FLAG_NOERR)) ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_FUNCTION_ERROR); ++ FIPS_drbg_uninstantiate(dctx); ++ return 0; ++ ++} ++ ++int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags) ++{ ++ DRBG_SELFTEST_DATA *td; ++ flags |= DRBG_FLAG_TEST; ++ for (td = drbg_test; td->nid != 0; td++) { ++ if (td->nid == nid && td->flags == flags) { ++ if (!fips_drbg_single_kat(dctx, td, 0)) ++ return 0; ++ return fips_drbg_error_check(dctx, td); ++ } ++ } ++ return 0; ++} ++ ++int FIPS_drbg_health_check(DRBG_CTX *dctx) ++{ ++ int rv; ++ DRBG_CTX *tctx = NULL; ++ tctx = FIPS_drbg_new(0, 0); ++ fips_post_started(FIPS_TEST_DRBG, dctx->type, &dctx->xflags); ++ if (!tctx) ++ return 0; ++ rv = fips_drbg_kat(tctx, dctx->type, dctx->xflags); ++ if (tctx) ++ FIPS_drbg_free(tctx); ++ if (rv) ++ fips_post_success(FIPS_TEST_DRBG, dctx->type, &dctx->xflags); ++ else ++ fips_post_failed(FIPS_TEST_DRBG, dctx->type, &dctx->xflags); ++ if (!rv) ++ dctx->status = DRBG_STATUS_ERROR; ++ else ++ dctx->health_check_cnt = 0; ++ return rv; ++} ++ ++int FIPS_selftest_drbg(void) ++{ ++ DRBG_CTX *dctx; ++ DRBG_SELFTEST_DATA *td; ++ int rv = 1; ++ dctx = FIPS_drbg_new(0, 0); ++ if (!dctx) ++ return 0; ++ for (td = drbg_test; td->nid != 0; td++) { ++ if (td->post != 1) ++ continue; ++ if (!fips_post_started(FIPS_TEST_DRBG, td->nid, &td->flags)) ++ return 1; ++ if (!fips_drbg_single_kat(dctx, td, 1)) { ++ fips_post_failed(FIPS_TEST_DRBG, td->nid, &td->flags); ++ rv = 0; ++ continue; ++ } ++ if (!fips_post_success(FIPS_TEST_DRBG, td->nid, &td->flags)) ++ return 0; ++ } ++ FIPS_drbg_free(dctx); ++ return rv; ++} ++ ++int FIPS_selftest_drbg_all(void) ++{ ++ DRBG_CTX *dctx; ++ DRBG_SELFTEST_DATA *td; ++ int rv = 1; ++ dctx = FIPS_drbg_new(0, 0); ++ if (!dctx) ++ return 0; ++ for (td = drbg_test; td->nid != 0; td++) { ++ if (!fips_post_started(FIPS_TEST_DRBG, td->nid, &td->flags)) ++ return 1; ++ if (!fips_drbg_single_kat(dctx, td, 0)) { ++ fips_post_failed(FIPS_TEST_DRBG, td->nid, &td->flags); ++ rv = 0; ++ continue; ++ } ++ if (!fips_drbg_error_check(dctx, td)) { ++ fips_post_failed(FIPS_TEST_DRBG, td->nid, &td->flags); ++ rv = 0; ++ continue; ++ } ++ if (!fips_post_success(FIPS_TEST_DRBG, td->nid, &td->flags)) ++ return 0; ++ } ++ FIPS_drbg_free(dctx); ++ return rv; ++} +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h +--- openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h.fips 2020-03-17 17:30:52.045567061 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h 2020-03-17 17:30:52.045567061 +0100 +@@ -0,0 +1,1791 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++/* Selftest and health check data for the SP800-90 DRBG */ ++ ++#define __fips_constseg ++ ++/* AES-128 use df PR */ ++__fips_constseg static const unsigned char aes_128_use_df_pr_entropyinput[] = { ++ 0x61, 0x52, 0x7c, 0xe3, 0x23, 0x7d, 0x0a, 0x07, 0x10, 0x0c, 0x50, 0x33, ++ 0xc8, 0xdb, 0xff, 0x12 ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_pr_nonce[] = { ++ 0x51, 0x0d, 0x85, 0x77, 0xed, 0x22, 0x97, 0x28 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_pr_personalizationstring[] = { ++ 0x59, 0x9f, 0xbb, 0xcd, 0xd5, 0x25, 0x69, 0xb5, 0xcb, 0xb5, 0x03, 0xfe, ++ 0xd7, 0xd7, 0x01, 0x67 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_pr_additionalinput[] = { ++ 0xef, 0x88, 0x76, 0x01, 0xaf, 0x3c, 0xfe, 0x8b, 0xaf, 0x26, 0x06, 0x9e, ++ 0x9a, 0x47, 0x08, 0x76 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_pr_entropyinputpr[] = { ++ 0xe2, 0x76, 0xf9, 0xf6, 0x3a, 0xba, 0x10, 0x9f, 0xbf, 0x47, 0x0e, 0x51, ++ 0x09, 0xfb, 0xa3, 0xb6 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_pr_int_returnedbits[] = { ++ 0xd4, 0x98, 0x8a, 0x46, 0x80, 0x4c, 0xdb, 0xa3, 0x59, 0x02, 0x57, 0x52, ++ 0x66, 0x1c, 0xea, 0x5b ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_pr_additionalinput2[] = { ++ 0x88, 0x8c, 0x91, 0xd6, 0xbe, 0x56, 0x6e, 0x08, 0x9a, 0x62, 0x2b, 0x11, ++ 0x3f, 0x5e, 0x31, 0x06 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_pr_entropyinputpr2[] = { ++ 0xc0, 0x5c, 0x6b, 0x98, 0x01, 0x0d, 0x58, 0x18, 0x51, 0x18, 0x96, 0xae, ++ 0xa7, 0xe3, 0xa8, 0x67 ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_pr_returnedbits[] = { ++ 0xcf, 0x01, 0xac, 0x22, 0x31, 0x06, 0x8e, 0xfc, 0xce, 0x56, 0xea, 0x24, ++ 0x0f, 0x38, 0x43, 0xc6 ++}; ++ ++/* AES-128 use df No PR */ ++__fips_constseg static const unsigned char aes_128_use_df_entropyinput[] = { ++ 0x1f, 0x8e, 0x34, 0x82, 0x0c, 0xb7, 0xbe, 0xc5, 0x01, 0x3e, 0xd0, 0xa3, ++ 0x9d, 0x7d, 0x1c, 0x9b ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_nonce[] = { ++ 0xd5, 0x4d, 0xbd, 0x4a, 0x93, 0x7f, 0xb8, 0x96 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_personalizationstring[] = { ++ 0xab, 0xd6, 0x3f, 0x04, 0xfe, 0x27, 0x6b, 0x2d, 0xd7, 0xc3, 0x1c, 0xf3, ++ 0x38, 0x66, 0xba, 0x1b ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_additionalinput[] = { ++ 0xfe, 0xf4, 0x09, 0xa8, 0xb7, 0x73, 0x27, 0x9c, 0x5f, 0xa7, 0xea, 0x46, ++ 0xb5, 0xe2, 0xb2, 0x41 ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_int_returnedbits[] = { ++ 0x42, 0xe4, 0x4e, 0x7b, 0x27, 0xdd, 0xcb, 0xbc, 0x0a, 0xcf, 0xa6, 0x67, ++ 0xe7, 0x57, 0x11, 0xb4 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_entropyinputreseed[] = { ++ 0x14, 0x26, 0x69, 0xd9, 0xf3, 0x65, 0x03, 0xd6, 0x6b, 0xb9, 0x44, 0x0b, ++ 0xc7, 0xc4, 0x9e, 0x39 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_additionalinputreseed[] = { ++ 0x55, 0x2e, 0x60, 0x9a, 0x05, 0x72, 0x8a, 0xa8, 0xef, 0x22, 0x81, 0x5a, ++ 0xc8, 0x93, 0xfa, 0x84 ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_additionalinput2[] = { ++ 0x3c, 0x40, 0xc8, 0xc4, 0x16, 0x0c, 0x21, 0xa4, 0x37, 0x2c, 0x8f, 0xa5, ++ 0x06, 0x0c, 0x15, 0x2c ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_returnedbits[] = { ++ 0xe1, 0x3e, 0x99, 0x98, 0x86, 0x67, 0x0b, 0x63, 0x7b, 0xbe, 0x3f, 0x88, ++ 0x46, 0x81, 0xc7, 0x19 ++}; ++ ++/* AES-192 use df PR */ ++__fips_constseg static const unsigned char aes_192_use_df_pr_entropyinput[] = { ++ 0x2b, 0x4e, 0x8b, 0xe1, 0xf1, 0x34, 0x80, 0x56, 0x81, 0xf9, 0x74, 0xec, ++ 0x17, 0x44, 0x2a, 0xf1, 0x14, 0xb0, 0xbf, 0x97, 0x39, 0xb7, 0x04, 0x7d ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_pr_nonce[] = { ++ 0xd6, 0x9d, 0xeb, 0x14, 0x4e, 0x6c, 0x30, 0x1e, 0x39, 0x55, 0x73, 0xd0, ++ 0xd1, 0x80, 0x78, 0xfa ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_pr_personalizationstring[] = { ++ 0xfc, 0x43, 0x4a, 0xf8, 0x9a, 0x55, 0xb3, 0x53, 0x83, 0xe2, 0x18, 0x16, ++ 0x0c, 0xdc, 0xcd, 0x5e, 0x4f, 0xa0, 0x03, 0x01, 0x2b, 0x9f, 0xe4, 0xd5, ++ 0x7d, 0x49, 0xf0, 0x41, 0x9e, 0x3d, 0x99, 0x04 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_pr_additionalinput[] = { ++ 0x5e, 0x9f, 0x49, 0x6f, 0x21, 0x8b, 0x1d, 0x32, 0xd5, 0x84, 0x5c, 0xac, ++ 0xaf, 0xdf, 0xe4, 0x79, 0x9e, 0xaf, 0xa9, 0x82, 0xd0, 0xf8, 0x4f, 0xcb, ++ 0x69, 0x10, 0x0a, 0x7e, 0x81, 0x57, 0xb5, 0x36 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_pr_entropyinputpr[] = { ++ 0xd4, 0x81, 0x0c, 0xd7, 0x66, 0x39, 0xec, 0x42, 0x53, 0x87, 0x41, 0xa5, ++ 0x1e, 0x7d, 0x80, 0x91, 0x8e, 0xbb, 0xed, 0xac, 0x14, 0x02, 0x1a, 0xd5 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_pr_int_returnedbits[] = { ++ 0xdf, 0x1d, 0x39, 0x45, 0x7c, 0x9b, 0xc6, 0x2b, 0x7d, 0x8c, 0x93, 0xe9, ++ 0x19, 0x30, 0x6b, 0x67 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_pr_additionalinput2[] = { ++ 0x00, 0x71, 0x27, 0x4e, 0xd3, 0x14, 0xf1, 0x20, 0x7f, 0x4a, 0x41, 0x32, ++ 0x2a, 0x97, 0x11, 0x43, 0x8f, 0x4a, 0x15, 0x7b, 0x9b, 0x51, 0x79, 0xda, ++ 0x49, 0x3d, 0xde, 0xe8, 0xbc, 0x93, 0x91, 0x99 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_pr_entropyinputpr2[] = { ++ 0x90, 0xee, 0x76, 0xa1, 0x45, 0x8d, 0xb7, 0x40, 0xb0, 0x11, 0xbf, 0xd0, ++ 0x65, 0xd7, 0x3c, 0x7c, 0x4f, 0x20, 0x3f, 0x4e, 0x11, 0x9d, 0xb3, 0x5e ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_pr_returnedbits[] = { ++ 0x24, 0x3b, 0x20, 0xa4, 0x37, 0x66, 0xba, 0x72, 0x39, 0x3f, 0xcf, 0x3c, ++ 0x7e, 0x1a, 0x2b, 0x83 ++}; ++ ++/* AES-192 use df No PR */ ++__fips_constseg static const unsigned char aes_192_use_df_entropyinput[] = { ++ 0x8d, 0x74, 0xa4, 0x50, 0x1a, 0x02, 0x68, 0x0c, 0x2a, 0x69, 0xc4, 0x82, ++ 0x3b, 0xbb, 0xda, 0x0e, 0x7f, 0x77, 0xa3, 0x17, 0x78, 0x57, 0xb2, 0x7b ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_nonce[] = { ++ 0x75, 0xd5, 0x1f, 0xac, 0xa4, 0x8d, 0x42, 0x78, 0xd7, 0x69, 0x86, 0x9d, ++ 0x77, 0xd7, 0x41, 0x0e ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_personalizationstring[] = { ++ 0x4e, 0x33, 0x41, 0x3c, 0x9c, 0xc2, 0xd2, 0x53, 0xaf, 0x90, 0xea, 0xcf, ++ 0x19, 0x50, 0x1e, 0xe6, 0x6f, 0x63, 0xc8, 0x32, 0x22, 0xdc, 0x07, 0x65, ++ 0x9c, 0xd3, 0xf8, 0x30, 0x9e, 0xed, 0x35, 0x70 ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_additionalinput[] = { ++ 0x5d, 0x8b, 0x8c, 0xc1, 0xdf, 0x0e, 0x02, 0x78, 0xfb, 0x19, 0xb8, 0x69, ++ 0x78, 0x4e, 0x9c, 0x52, 0xbc, 0xc7, 0x20, 0xc9, 0xe6, 0x5e, 0x77, 0x22, ++ 0x28, 0x3d, 0x0c, 0x9e, 0x68, 0xa8, 0x45, 0xd7 ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_int_returnedbits[] = { ++ 0xd5, 0xe7, 0x08, 0xc5, 0x19, 0x99, 0xd5, 0x31, 0x03, 0x0a, 0x74, 0xb6, ++ 0xb7, 0xed, 0xe9, 0xea ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_entropyinputreseed[] = { ++ 0x9c, 0x26, 0xda, 0xf1, 0xac, 0xd9, 0x5a, 0xd6, 0xa8, 0x65, 0xf5, 0x02, ++ 0x8f, 0xdc, 0xa2, 0x09, 0x54, 0xa6, 0xe2, 0xa4, 0xde, 0x32, 0xe0, 0x01 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_additionalinputreseed[] = { ++ 0x9b, 0x90, 0xb0, 0x3a, 0x0e, 0x3a, 0x80, 0x07, 0x4a, 0xf4, 0xda, 0x76, ++ 0x28, 0x30, 0x3c, 0xee, 0x54, 0x1b, 0x94, 0x59, 0x51, 0x43, 0x56, 0x77, ++ 0xaf, 0x88, 0xdd, 0x63, 0x89, 0x47, 0x06, 0x65 ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_additionalinput2[] = { ++ 0x3c, 0x11, 0x64, 0x7a, 0x96, 0xf5, 0xd8, 0xb8, 0xae, 0xd6, 0x70, 0x4e, ++ 0x16, 0x96, 0xde, 0xe9, 0x62, 0xbc, 0xee, 0x28, 0x2f, 0x26, 0xa6, 0xf0, ++ 0x56, 0xef, 0xa3, 0xf1, 0x6b, 0xa1, 0xb1, 0x77 ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_returnedbits[] = { ++ 0x0b, 0xe2, 0x56, 0x03, 0x1e, 0xdb, 0x2c, 0x6d, 0x7f, 0x1b, 0x15, 0x58, ++ 0x1a, 0xf9, 0x13, 0x28 ++}; ++ ++/* AES-256 use df PR */ ++__fips_constseg static const unsigned char aes_256_use_df_pr_entropyinput[] = { ++ 0x61, 0x68, 0xfc, 0x1a, 0xf0, 0xb5, 0x95, 0x6b, 0x85, 0x09, 0x9b, 0x74, ++ 0x3f, 0x13, 0x78, 0x49, 0x3b, 0x85, 0xec, 0x93, 0x13, 0x3b, 0xa9, 0x4f, ++ 0x96, 0xab, 0x2c, 0xe4, 0xc8, 0x8f, 0xdd, 0x6a ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_pr_nonce[] = { ++ 0xad, 0xd2, 0xbb, 0xba, 0xb7, 0x65, 0x89, 0xc3, 0x21, 0x6c, 0x55, 0x33, ++ 0x2b, 0x36, 0xff, 0xa4 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_pr_personalizationstring[] = { ++ 0x6e, 0xca, 0xe7, 0x20, 0x72, 0xd3, 0x84, 0x5a, 0x32, 0xd3, 0x4b, 0x24, ++ 0x72, 0xc4, 0x63, 0x2b, 0x9d, 0x12, 0x24, 0x0c, 0x23, 0x26, 0x8e, 0x83, ++ 0x16, 0x37, 0x0b, 0xd1, 0x06, 0x4f, 0x68, 0x6d ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_pr_additionalinput[] = { ++ 0x7e, 0x08, 0x4a, 0xbb, 0xe3, 0x21, 0x7c, 0xc9, 0x23, 0xd2, 0xf8, 0xb0, ++ 0x73, 0x98, 0xba, 0x84, 0x74, 0x23, 0xab, 0x06, 0x8a, 0xe2, 0x22, 0xd3, ++ 0x7b, 0xce, 0x9b, 0xd2, 0x4a, 0x76, 0xb8, 0xde ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_pr_entropyinputpr[] = { ++ 0x0b, 0x23, 0xaf, 0xdf, 0xf1, 0x62, 0xd7, 0xd3, 0x43, 0x97, 0xf8, 0x77, ++ 0x04, 0xa8, 0x42, 0x20, 0xbd, 0xf6, 0x0f, 0xc1, 0x17, 0x2f, 0x9f, 0x54, ++ 0xbb, 0x56, 0x17, 0x86, 0x68, 0x0e, 0xba, 0xa9 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_pr_int_returnedbits[] = { ++ 0x31, 0x8e, 0xad, 0xaf, 0x40, 0xeb, 0x6b, 0x74, 0x31, 0x46, 0x80, 0xc7, ++ 0x17, 0xab, 0x3c, 0x7a ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_pr_additionalinput2[] = { ++ 0x94, 0x6b, 0xc9, 0x9f, 0xab, 0x8d, 0xc5, 0xec, 0x71, 0x88, 0x1d, 0x00, ++ 0x8c, 0x89, 0x68, 0xe4, 0xc8, 0x07, 0x77, 0x36, 0x17, 0x6d, 0x79, 0x78, ++ 0xc7, 0x06, 0x4e, 0x99, 0x04, 0x28, 0x29, 0xc3 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_pr_entropyinputpr2[] = { ++ 0xbf, 0x6c, 0x59, 0x2a, 0x0d, 0x44, 0x0f, 0xae, 0x9a, 0x5e, 0x03, 0x73, ++ 0xd8, 0xa6, 0xe1, 0xcf, 0x25, 0x61, 0x38, 0x24, 0x86, 0x9e, 0x53, 0xe8, ++ 0xa4, 0xdf, 0x56, 0xf4, 0x06, 0x07, 0x9c, 0x0f ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_pr_returnedbits[] = { ++ 0x22, 0x4a, 0xb4, 0xb8, 0xb6, 0xee, 0x7d, 0xb1, 0x9e, 0xc9, 0xf9, 0xa0, ++ 0xd9, 0xe2, 0x97, 0x00 ++}; ++ ++/* AES-256 use df No PR */ ++__fips_constseg static const unsigned char aes_256_use_df_entropyinput[] = { ++ 0xa5, 0x3e, 0x37, 0x10, 0x17, 0x43, 0x91, 0x93, 0x59, 0x1e, 0x47, 0x50, ++ 0x87, 0xaa, 0xdd, 0xd5, 0xc1, 0xc3, 0x86, 0xcd, 0xca, 0x0d, 0xdb, 0x68, ++ 0xe0, 0x02, 0xd8, 0x0f, 0xdc, 0x40, 0x1a, 0x47 ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_nonce[] = { ++ 0xa9, 0x4d, 0xa5, 0x5a, 0xfd, 0xc5, 0x0c, 0xe5, 0x1c, 0x9a, 0x3b, 0x8a, ++ 0x4c, 0x44, 0x84, 0x40 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_personalizationstring[] = { ++ 0x8b, 0x52, 0xa2, 0x4a, 0x93, 0xc3, 0x4e, 0xa7, 0x1e, 0x1c, 0xa7, 0x05, ++ 0xeb, 0x82, 0x9b, 0xa6, 0x5d, 0xe4, 0xd4, 0xe0, 0x7f, 0xa3, 0xd8, 0x6b, ++ 0x37, 0x84, 0x5f, 0xf1, 0xc7, 0xd5, 0xf6, 0xd2 ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_additionalinput[] = { ++ 0x20, 0xf4, 0x22, 0xed, 0xf8, 0x5c, 0xa1, 0x6a, 0x01, 0xcf, 0xbe, 0x5f, ++ 0x8d, 0x6c, 0x94, 0x7f, 0xae, 0x12, 0xa8, 0x57, 0xdb, 0x2a, 0xa9, 0xbf, ++ 0xc7, 0xb3, 0x65, 0x81, 0x80, 0x8d, 0x0d, 0x46 ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_int_returnedbits[] = { ++ 0x4e, 0x44, 0xfd, 0xf3, 0x9e, 0x29, 0xa2, 0xb8, 0x0f, 0x5d, 0x6c, 0xe1, ++ 0x28, 0x0c, 0x3b, 0xc1 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_entropyinputreseed[] = { ++ 0xdd, 0x40, 0xe5, 0x98, 0x7b, 0x27, 0x16, 0x73, 0x15, 0x68, 0xd2, 0x76, ++ 0xbf, 0x0c, 0x67, 0x15, 0x75, 0x79, 0x03, 0xd3, 0xde, 0xde, 0x91, 0x46, ++ 0x42, 0xdd, 0xd4, 0x67, 0xc8, 0x79, 0xc8, 0x1e ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_additionalinputreseed[] = { ++ 0x7f, 0xd8, 0x1f, 0xbd, 0x2a, 0xb5, 0x1c, 0x11, 0x5d, 0x83, 0x4e, 0x99, ++ 0xf6, 0x5c, 0xa5, 0x40, 0x20, 0xed, 0x38, 0x8e, 0xd5, 0x9e, 0xe0, 0x75, ++ 0x93, 0xfe, 0x12, 0x5e, 0x5d, 0x73, 0xfb, 0x75 ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_additionalinput2[] = { ++ 0xcd, 0x2c, 0xff, 0x14, 0x69, 0x3e, 0x4c, 0x9e, 0xfd, 0xfe, 0x26, 0x0d, ++ 0xe9, 0x86, 0x00, 0x49, 0x30, 0xba, 0xb1, 0xc6, 0x50, 0x57, 0x77, 0x2a, ++ 0x62, 0x39, 0x2c, 0x3b, 0x74, 0xeb, 0xc9, 0x0d ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_returnedbits[] = { ++ 0x4f, 0x78, 0xbe, 0xb9, 0x4d, 0x97, 0x8c, 0xe9, 0xd0, 0x97, 0xfe, 0xad, ++ 0xfa, 0xfd, 0x35, 0x5e ++}; ++ ++/* AES-128 no df PR */ ++__fips_constseg static const unsigned char aes_128_no_df_pr_entropyinput[] = { ++ 0x9a, 0x25, 0x65, 0x10, 0x67, 0xd5, 0xb6, 0x6b, 0x70, 0xa1, 0xb3, 0xa4, ++ 0x43, 0x95, 0x80, 0xc0, 0x84, 0x0a, 0x79, 0xb0, 0x88, 0x74, 0xf2, 0xbf, ++ 0x31, 0x6c, 0x33, 0x38, 0x0b, 0x00, 0xb2, 0x5a ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_pr_nonce[] = { ++ 0x78, 0x47, 0x6b, 0xf7, 0x90, 0x8e, 0x87, 0xf1 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_pr_personalizationstring[] = { ++ 0xf7, 0x22, 0x1d, 0x3a, 0xbe, 0x1d, 0xca, 0x32, 0x1b, 0xbd, 0x87, 0x0c, ++ 0x51, 0x24, 0x19, 0xee, 0xa3, 0x23, 0x09, 0x63, 0x33, 0x3d, 0xa8, 0x0c, ++ 0x1c, 0xfa, 0x42, 0x89, 0xcc, 0x6f, 0xa0, 0xa8 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_pr_additionalinput[] = { ++ 0xc9, 0xe0, 0x80, 0xbf, 0x8c, 0x45, 0x58, 0x39, 0xff, 0x00, 0xab, 0x02, ++ 0x4c, 0x3e, 0x3a, 0x95, 0x9b, 0x80, 0xa8, 0x21, 0x2a, 0xee, 0xba, 0x73, ++ 0xb1, 0xd9, 0xcf, 0x28, 0xf6, 0x8f, 0x9b, 0x12 ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_pr_entropyinputpr[] = { ++ 0x4c, 0xa8, 0xc5, 0xf0, 0x59, 0x9e, 0xa6, 0x8d, 0x26, 0x53, 0xd7, 0x8a, ++ 0xa9, 0xd8, 0xf7, 0xed, 0xb2, 0xf9, 0x12, 0x42, 0xe1, 0xe5, 0xbd, 0xe7, ++ 0xe7, 0x1d, 0x74, 0x99, 0x00, 0x9d, 0x31, 0x3e ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_pr_int_returnedbits[] = { ++ 0xe2, 0xac, 0x20, 0xf0, 0x80, 0xe7, 0xbc, 0x7e, 0x9c, 0x7b, 0x65, 0x71, ++ 0xaf, 0x19, 0x32, 0x16 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_pr_additionalinput2[] = { ++ 0x32, 0x7f, 0x38, 0x8b, 0x73, 0x0a, 0x78, 0x83, 0xdc, 0x30, 0xbe, 0x9f, ++ 0x10, 0x1f, 0xf5, 0x1f, 0xca, 0x00, 0xb5, 0x0d, 0xd6, 0x9d, 0x60, 0x83, ++ 0x51, 0x54, 0x7d, 0x38, 0x23, 0x3a, 0x52, 0x50 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_pr_entropyinputpr2[] = { ++ 0x18, 0x61, 0x53, 0x56, 0xed, 0xed, 0xd7, 0x20, 0xfb, 0x71, 0x04, 0x7a, ++ 0xb2, 0xac, 0xc1, 0x28, 0xcd, 0xf2, 0xc2, 0xfc, 0xaa, 0xb1, 0x06, 0x07, ++ 0xe9, 0x46, 0x95, 0x02, 0x48, 0x01, 0x78, 0xf9 ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_pr_returnedbits[] = { ++ 0x29, 0xc8, 0x1b, 0x15, 0xb1, 0xd1, 0xc2, 0xf6, 0x71, 0x86, 0x68, 0x33, ++ 0x57, 0x82, 0x33, 0xaf ++}; ++ ++/* AES-128 no df No PR */ ++__fips_constseg static const unsigned char aes_128_no_df_entropyinput[] = { ++ 0xc9, 0xc5, 0x79, 0xbc, 0xe8, 0xc5, 0x19, 0xd8, 0xbc, 0x66, 0x73, 0x67, ++ 0xf6, 0xd3, 0x72, 0xaa, 0xa6, 0x16, 0xb8, 0x50, 0xb7, 0x47, 0x3a, 0x42, ++ 0xab, 0xf4, 0x16, 0xb2, 0x96, 0xd2, 0xb6, 0x60 ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_nonce[] = { ++ 0x5f, 0xbf, 0x97, 0x0c, 0x4b, 0xa4, 0x87, 0x13 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_personalizationstring[] = { ++ 0xce, 0xfb, 0x7b, 0x3f, 0xd4, 0x6b, 0x29, 0x0d, 0x69, 0x06, 0xff, 0xbb, ++ 0xf2, 0xe5, 0xc6, 0x6c, 0x0a, 0x10, 0xa0, 0xcf, 0x1a, 0x48, 0xc7, 0x8b, ++ 0x3c, 0x16, 0x88, 0xed, 0x50, 0x13, 0x81, 0xce ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_additionalinput[] = { ++ 0x4b, 0x22, 0x46, 0x18, 0x02, 0x7b, 0xd2, 0x1b, 0x22, 0x42, 0x7c, 0x37, ++ 0xd9, 0xf6, 0xe8, 0x9b, 0x12, 0x30, 0x5f, 0xe9, 0x90, 0xe8, 0x08, 0x24, ++ 0x4f, 0x06, 0x66, 0xdb, 0x19, 0x2b, 0x13, 0x95 ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_int_returnedbits[] = { ++ 0x2e, 0x96, 0x70, 0x64, 0xfa, 0xdf, 0xdf, 0x57, 0xb5, 0x82, 0xee, 0xd6, ++ 0xed, 0x3e, 0x65, 0xc2 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_entropyinputreseed[] = { ++ 0x26, 0xc0, 0x72, 0x16, 0x3a, 0x4b, 0xb7, 0x99, 0xd4, 0x07, 0xaf, 0x66, ++ 0x62, 0x36, 0x96, 0xa4, 0x51, 0x17, 0xfa, 0x07, 0x8b, 0x17, 0x5e, 0xa1, ++ 0x2f, 0x3c, 0x10, 0xe7, 0x90, 0xd0, 0x46, 0x00 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_additionalinputreseed[] = { ++ 0x83, 0x39, 0x37, 0x7b, 0x02, 0x06, 0xd2, 0x12, 0x13, 0x8d, 0x8b, 0xf2, ++ 0xf0, 0xf6, 0x26, 0xeb, 0xa4, 0x22, 0x7b, 0xc2, 0xe7, 0xba, 0x79, 0xe4, ++ 0x3b, 0x77, 0x5d, 0x4d, 0x47, 0xb2, 0x2d, 0xb4 ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_additionalinput2[] = { ++ 0x0b, 0xb9, 0x67, 0x37, 0xdb, 0x83, 0xdf, 0xca, 0x81, 0x8b, 0xf9, 0x3f, ++ 0xf1, 0x11, 0x1b, 0x2f, 0xf0, 0x61, 0xa6, 0xdf, 0xba, 0xa3, 0xb1, 0xac, ++ 0xd3, 0xe6, 0x09, 0xb8, 0x2c, 0x6a, 0x67, 0xd6 ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_returnedbits[] = { ++ 0x1e, 0xa7, 0xa4, 0xe4, 0xe1, 0xa6, 0x7c, 0x69, 0x9a, 0x44, 0x6c, 0x36, ++ 0x81, 0x37, 0x19, 0xd4 ++}; ++ ++/* AES-192 no df PR */ ++__fips_constseg static const unsigned char aes_192_no_df_pr_entropyinput[] = { ++ 0x9d, 0x2c, 0xd2, 0x55, 0x66, 0xea, 0xe0, 0xbe, 0x18, 0xb7, 0x76, 0xe7, ++ 0x73, 0x35, 0xd8, 0x1f, 0xad, 0x3a, 0xe3, 0x81, 0x0e, 0x92, 0xd0, 0x61, ++ 0xc9, 0x12, 0x26, 0xf6, 0x1c, 0xdf, 0xfe, 0x47, 0xaa, 0xfe, 0x7d, 0x5a, ++ 0x17, 0x1f, 0x8d, 0x9a ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_pr_nonce[] = { ++ 0x44, 0x82, 0xed, 0xe8, 0x4c, 0x28, 0x5a, 0x14, 0xff, 0x88, 0x8d, 0x19, ++ 0x61, 0x5c, 0xee, 0x0f ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_pr_personalizationstring[] = { ++ 0x47, 0xd7, 0x9b, 0x99, 0xaa, 0xcb, 0xe7, 0xd2, 0x57, 0x66, 0x2c, 0xe1, ++ 0x78, 0xd6, 0x2c, 0xea, 0xa3, 0x23, 0x5f, 0x2a, 0xc1, 0x3a, 0xf0, 0xa4, ++ 0x20, 0x3b, 0xfa, 0x07, 0xd5, 0x05, 0x02, 0xe4, 0x57, 0x01, 0xb6, 0x10, ++ 0x57, 0x2e, 0xe7, 0x55 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_pr_additionalinput[] = { ++ 0x4b, 0x74, 0x0b, 0x40, 0xce, 0x6b, 0xc2, 0x6a, 0x24, 0xb4, 0xf3, 0xad, ++ 0x7a, 0xa5, 0x7a, 0xa2, 0x15, 0xe2, 0xc8, 0x61, 0x15, 0xc6, 0xb7, 0x85, ++ 0x69, 0x11, 0xad, 0x7b, 0x14, 0xd2, 0xf6, 0x12, 0xa1, 0x95, 0x5d, 0x3f, ++ 0xe2, 0xd0, 0x0c, 0x2f ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_pr_entropyinputpr[] = { ++ 0x0c, 0x9c, 0xad, 0x05, 0xee, 0xae, 0x48, 0x23, 0x89, 0x59, 0xa1, 0x94, ++ 0xd7, 0xd8, 0x75, 0xd5, 0x54, 0x93, 0xc7, 0x4a, 0xd9, 0x26, 0xde, 0xeb, ++ 0xba, 0xb0, 0x7e, 0x30, 0x1d, 0x5f, 0x69, 0x40, 0x9c, 0x3b, 0x17, 0x58, ++ 0x1d, 0x30, 0xb3, 0x78 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_pr_int_returnedbits[] = { ++ 0xf7, 0x93, 0xb0, 0x6d, 0x77, 0x83, 0xd5, 0x38, 0x01, 0xe1, 0x52, 0x40, ++ 0x7e, 0x3e, 0x0c, 0x26 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_pr_additionalinput2[] = { ++ 0xbc, 0x4b, 0x37, 0x44, 0x1c, 0xc5, 0x45, 0x5f, 0x8f, 0x51, 0x62, 0x8a, ++ 0x85, 0x30, 0x1d, 0x7c, 0xe4, 0xcf, 0xf7, 0x44, 0xce, 0x32, 0x3e, 0x57, ++ 0x95, 0xa4, 0x2a, 0xdf, 0xfd, 0x9e, 0x38, 0x41, 0xb3, 0xf6, 0xc5, 0xee, ++ 0x0c, 0x4b, 0xee, 0x6e ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_pr_entropyinputpr2[] = { ++ 0xec, 0xaf, 0xf6, 0x4f, 0xb1, 0xa0, 0x54, 0xb5, 0x5b, 0xe3, 0x46, 0xb0, ++ 0x76, 0x5a, 0x7c, 0x3f, 0x7b, 0x94, 0x69, 0x21, 0x51, 0x02, 0xe5, 0x9f, ++ 0x04, 0x59, 0x02, 0x98, 0xc6, 0x43, 0x2c, 0xcc, 0x26, 0x4c, 0x87, 0x6b, ++ 0x8e, 0x0a, 0x83, 0xdf ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_pr_returnedbits[] = { ++ 0x74, 0x45, 0xfb, 0x53, 0x84, 0x96, 0xbe, 0xff, 0x15, 0xcc, 0x41, 0x91, ++ 0xb9, 0xa1, 0x21, 0x68 ++}; ++ ++/* AES-192 no df No PR */ ++__fips_constseg static const unsigned char aes_192_no_df_entropyinput[] = { ++ 0x3c, 0x7d, 0xb5, 0xe0, 0x54, 0xd9, 0x6e, 0x8c, 0xa9, 0x86, 0xce, 0x4e, ++ 0x6b, 0xaf, 0xeb, 0x2f, 0xe7, 0x75, 0xe0, 0x8b, 0xa4, 0x3b, 0x07, 0xfe, ++ 0xbe, 0x33, 0x75, 0x93, 0x80, 0x27, 0xb5, 0x29, 0x47, 0x8b, 0xc7, 0x28, ++ 0x94, 0xc3, 0x59, 0x63 ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_nonce[] = { ++ 0x43, 0xf1, 0x7d, 0xb8, 0xc3, 0xfe, 0xd0, 0x23, 0x6b, 0xb4, 0x92, 0xdb, ++ 0x29, 0xfd, 0x45, 0x71 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_personalizationstring[] = { ++ 0x9f, 0x24, 0x29, 0x99, 0x9e, 0x01, 0xab, 0xe9, 0x19, 0xd8, 0x23, 0x08, ++ 0xb7, 0xd6, 0x7e, 0x8c, 0xc0, 0x9e, 0x7f, 0x6e, 0x5b, 0x33, 0x20, 0x96, ++ 0x0b, 0x23, 0x2c, 0xa5, 0x6a, 0xf8, 0x1b, 0x04, 0x26, 0xdb, 0x2e, 0x2b, ++ 0x3b, 0x88, 0xce, 0x35 ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_additionalinput[] = { ++ 0x94, 0xe9, 0x7c, 0x3d, 0xa7, 0xdb, 0x60, 0x83, 0x1f, 0x98, 0x3f, 0x0b, ++ 0x88, 0x59, 0x57, 0x51, 0x88, 0x9f, 0x76, 0x49, 0x9f, 0xa6, 0xda, 0x71, ++ 0x1d, 0x0d, 0x47, 0x16, 0x63, 0xc5, 0x68, 0xe4, 0x5d, 0x39, 0x69, 0xb3, ++ 0x3e, 0xbe, 0xd4, 0x8e ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_int_returnedbits[] = { ++ 0xf9, 0xd7, 0xad, 0x69, 0xab, 0x8f, 0x23, 0x56, 0x70, 0x17, 0x4f, 0x2a, ++ 0x45, 0xe7, 0x4a, 0xc5 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_entropyinputreseed[] = { ++ 0xa6, 0x71, 0x6a, 0x3d, 0xba, 0xd1, 0xe8, 0x66, 0xa6, 0xef, 0xb2, 0x0e, ++ 0xa8, 0x9c, 0xaa, 0x4e, 0xaf, 0x17, 0x89, 0x50, 0x00, 0xda, 0xa1, 0xb1, ++ 0x0b, 0xa4, 0xd9, 0x35, 0x89, 0xc8, 0xe5, 0xb0, 0xd9, 0xb7, 0xc4, 0x33, ++ 0x9b, 0xcb, 0x7e, 0x75 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_additionalinputreseed[] = { ++ 0x27, 0x21, 0xfc, 0xc2, 0xbd, 0xf3, 0x3c, 0xce, 0xc3, 0xca, 0xc1, 0x01, ++ 0xe0, 0xff, 0x93, 0x12, 0x7d, 0x54, 0x42, 0xe3, 0x9f, 0x03, 0xdf, 0x27, ++ 0x04, 0x07, 0x3c, 0x53, 0x7f, 0xa8, 0x66, 0xc8, 0x97, 0x4b, 0x61, 0x40, ++ 0x5d, 0x7a, 0x25, 0x79 ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_additionalinput2[] = { ++ 0x2d, 0x8e, 0x16, 0x5d, 0x0b, 0x9f, 0xeb, 0xaa, 0xd6, 0xec, 0x28, 0x71, ++ 0x7c, 0x0b, 0xc1, 0x1d, 0xd4, 0x44, 0x19, 0x47, 0xfd, 0x1d, 0x7c, 0xe5, ++ 0xf3, 0x27, 0xe1, 0xb6, 0x72, 0x0a, 0xe0, 0xec, 0x0e, 0xcd, 0xef, 0x1a, ++ 0x91, 0x6a, 0xe3, 0x5f ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_returnedbits[] = { ++ 0xe5, 0xda, 0xb8, 0xe0, 0x63, 0x59, 0x5a, 0xcc, 0x3d, 0xdc, 0x9f, 0xe8, ++ 0x66, 0x67, 0x2c, 0x92 ++}; ++ ++/* AES-256 no df PR */ ++__fips_constseg static const unsigned char aes_256_no_df_pr_entropyinput[] = { ++ 0x15, 0xc7, 0x5d, 0xcb, 0x41, 0x4b, 0x16, 0x01, 0x3a, 0xd1, 0x44, 0xe8, ++ 0x22, 0x32, 0xc6, 0x9c, 0x3f, 0xe7, 0x43, 0xf5, 0x9a, 0xd3, 0xea, 0xf2, ++ 0xd7, 0x4e, 0x6e, 0x6a, 0x55, 0x73, 0x40, 0xef, 0x89, 0xad, 0x0d, 0x03, ++ 0x96, 0x7e, 0x78, 0x81, 0x2f, 0x91, 0x1b, 0x44, 0xb0, 0x02, 0xba, 0x1c ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_pr_nonce[] = { ++ 0xdc, 0xe4, 0xd4, 0x27, 0x7a, 0x90, 0xd7, 0x99, 0x43, 0xa1, 0x3c, 0x30, ++ 0xcc, 0x4b, 0xee, 0x2e ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_pr_personalizationstring[] = { ++ 0xe3, 0xe6, 0xb9, 0x11, 0xe4, 0x7a, 0xa4, 0x40, 0x6b, 0xf8, 0x73, 0xf7, ++ 0x7e, 0xec, 0xc7, 0xb9, 0x97, 0xbf, 0xf8, 0x25, 0x7b, 0xbe, 0x11, 0x9b, ++ 0x5b, 0x6a, 0x0c, 0x2e, 0x2b, 0x01, 0x51, 0xcd, 0x41, 0x4b, 0x6b, 0xac, ++ 0x31, 0xa8, 0x0b, 0xf7, 0xe6, 0x59, 0x42, 0xb8, 0x03, 0x0c, 0xf8, 0x06 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_pr_additionalinput[] = { ++ 0x6a, 0x9f, 0x00, 0x91, 0xae, 0xfe, 0xcf, 0x84, 0x99, 0xce, 0xb1, 0x40, ++ 0x6d, 0x5d, 0x33, 0x28, 0x84, 0xf4, 0x8c, 0x63, 0x4c, 0x7e, 0xbd, 0x2c, ++ 0x80, 0x76, 0xee, 0x5a, 0xaa, 0x15, 0x07, 0x31, 0xd8, 0xbb, 0x8c, 0x69, ++ 0x9d, 0x9d, 0xbc, 0x7e, 0x49, 0xae, 0xec, 0x39, 0x6b, 0xd1, 0x1f, 0x7e ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_pr_entropyinputpr[] = { ++ 0xf3, 0xb9, 0x75, 0x9c, 0xbd, 0x88, 0xea, 0xa2, 0x50, 0xad, 0xd6, 0x16, ++ 0x1a, 0x12, 0x3c, 0x86, 0x68, 0xaf, 0x6f, 0xbe, 0x19, 0xf2, 0xee, 0xcc, ++ 0xa5, 0x70, 0x84, 0x53, 0x50, 0xcb, 0x9f, 0x14, 0xa9, 0xe5, 0xee, 0xb9, ++ 0x48, 0x45, 0x40, 0xe2, 0xc7, 0xc9, 0x9a, 0x74, 0xff, 0x8c, 0x99, 0x1f ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_pr_int_returnedbits[] = { ++ 0x2e, 0xf2, 0x45, 0x4c, 0x62, 0x2e, 0x0a, 0xb9, 0x6b, 0xa2, 0xfd, 0x56, ++ 0x79, 0x60, 0x93, 0xcf ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_pr_additionalinput2[] = { ++ 0xaf, 0x69, 0x20, 0xe9, 0x3b, 0x37, 0x9d, 0x3f, 0xb4, 0x80, 0x02, 0x7a, ++ 0x25, 0x7d, 0xb8, 0xde, 0x71, 0xc5, 0x06, 0x0c, 0xb4, 0xe2, 0x8f, 0x35, ++ 0xd8, 0x14, 0x0d, 0x7f, 0x76, 0x63, 0x4e, 0xb5, 0xee, 0xe9, 0x6f, 0x34, ++ 0xc7, 0x5f, 0x56, 0x14, 0x4a, 0xe8, 0x73, 0x95, 0x5b, 0x1c, 0xb9, 0xcb ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_pr_entropyinputpr2[] = { ++ 0xe5, 0xb0, 0x2e, 0x7e, 0x52, 0x30, 0xe3, 0x63, 0x82, 0xb6, 0x44, 0xd3, ++ 0x25, 0x19, 0x05, 0x24, 0x9a, 0x9f, 0x5f, 0x27, 0x6a, 0x29, 0xab, 0xfa, ++ 0x07, 0xa2, 0x42, 0x0f, 0xc5, 0xa8, 0x94, 0x7c, 0x17, 0x7b, 0x85, 0x83, ++ 0x0c, 0x25, 0x0e, 0x63, 0x0b, 0xe9, 0x12, 0x60, 0xcd, 0xef, 0x80, 0x0f ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_pr_returnedbits[] = { ++ 0x5e, 0xf2, 0x26, 0xef, 0x9f, 0x58, 0x5d, 0xd5, 0x4a, 0x10, 0xfe, 0xa7, ++ 0x2d, 0x5f, 0x4a, 0x46 ++}; ++ ++/* AES-256 no df No PR */ ++__fips_constseg static const unsigned char aes_256_no_df_entropyinput[] = { ++ 0xfb, 0xcf, 0x1b, 0x61, 0x16, 0x89, 0x78, 0x23, 0xf5, 0xd8, 0x96, 0xe3, ++ 0x4e, 0x64, 0x0b, 0x29, 0x9a, 0x3f, 0xf8, 0xa5, 0xed, 0xf2, 0xfe, 0xdb, ++ 0x16, 0xca, 0x7f, 0x10, 0xfa, 0x5e, 0x18, 0x76, 0x2c, 0x63, 0x5e, 0x96, ++ 0xcf, 0xb3, 0xd6, 0xfc, 0xaf, 0x99, 0x39, 0x28, 0x9c, 0x61, 0xe8, 0xb3 ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_nonce[] = { ++ 0x12, 0x96, 0xf0, 0x52, 0xf3, 0x8d, 0x81, 0xcf, 0xde, 0x86, 0xf2, 0x99, ++ 0x43, 0x96, 0xb9, 0xf0 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_personalizationstring[] = { ++ 0x63, 0x0d, 0x78, 0xf5, 0x90, 0x8e, 0x32, 0x47, 0xb0, 0x4d, 0x37, 0x60, ++ 0x09, 0x96, 0xbc, 0xbf, 0x97, 0x7a, 0x62, 0x14, 0x45, 0xbd, 0x8d, 0xcc, ++ 0x69, 0xfb, 0x03, 0xe1, 0x80, 0x1c, 0xc7, 0xe2, 0x2a, 0xf9, 0x37, 0x3f, ++ 0x66, 0x4d, 0x62, 0xd9, 0x10, 0xe0, 0xad, 0xc8, 0x9a, 0xf0, 0xa8, 0x6d ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_additionalinput[] = { ++ 0x36, 0xc6, 0x13, 0x60, 0xbb, 0x14, 0xad, 0x22, 0xb0, 0x38, 0xac, 0xa6, ++ 0x18, 0x16, 0x93, 0x25, 0x86, 0xb7, 0xdc, 0xdc, 0x36, 0x98, 0x2b, 0xf9, ++ 0x68, 0x33, 0xd3, 0xc6, 0xff, 0xce, 0x8d, 0x15, 0x59, 0x82, 0x76, 0xed, ++ 0x6f, 0x8d, 0x49, 0x74, 0x2f, 0xda, 0xdc, 0x1f, 0x17, 0xd0, 0xde, 0x17 ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_int_returnedbits[] = { ++ 0x16, 0x2f, 0x8e, 0x3f, 0x21, 0x7a, 0x1c, 0x20, 0x56, 0xd1, 0x92, 0xf6, ++ 0xd2, 0x25, 0x75, 0x0e ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_entropyinputreseed[] = { ++ 0x91, 0x79, 0x76, 0xee, 0xe0, 0xcf, 0x9e, 0xc2, 0xd5, 0xd4, 0x23, 0x9b, ++ 0x12, 0x8c, 0x7e, 0x0a, 0xb7, 0xd2, 0x8b, 0xd6, 0x7c, 0xa3, 0xc6, 0xe5, ++ 0x0e, 0xaa, 0xc7, 0x6b, 0xae, 0x0d, 0xfa, 0x53, 0x06, 0x79, 0xa1, 0xed, ++ 0x4d, 0x6a, 0x0e, 0xd8, 0x9d, 0xbe, 0x1b, 0x31, 0x93, 0x7b, 0xec, 0xfb ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_additionalinputreseed[] = { ++ 0xd2, 0x46, 0x50, 0x22, 0x10, 0x14, 0x63, 0xf7, 0xea, 0x0f, 0xb9, 0x7e, ++ 0x0d, 0xe1, 0x94, 0x07, 0xaf, 0x09, 0x44, 0x31, 0xea, 0x64, 0xa4, 0x18, ++ 0x5b, 0xf9, 0xd8, 0xc2, 0xfa, 0x03, 0x47, 0xc5, 0x39, 0x43, 0xd5, 0x3b, ++ 0x62, 0x86, 0x64, 0xea, 0x2c, 0x73, 0x8c, 0xae, 0x9d, 0x98, 0x98, 0x29 ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_additionalinput2[] = { ++ 0x8c, 0xab, 0x18, 0xf8, 0xc3, 0xec, 0x18, 0x5c, 0xb3, 0x1e, 0x9d, 0xbe, ++ 0x3f, 0x03, 0xb4, 0x00, 0x98, 0x9d, 0xae, 0xeb, 0xf4, 0x94, 0xf8, 0x42, ++ 0x8f, 0xe3, 0x39, 0x07, 0xe1, 0xc9, 0xad, 0x0b, 0x1f, 0xed, 0xc0, 0xba, ++ 0xf6, 0xd1, 0xec, 0x27, 0x86, 0x7b, 0xd6, 0x55, 0x9b, 0x60, 0xa5, 0xc6 ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_returnedbits[] = { ++ 0xef, 0xd2, 0xd8, 0x5c, 0xdc, 0x62, 0x25, 0x9f, 0xaa, 0x1e, 0x2c, 0x67, ++ 0xf6, 0x02, 0x32, 0xe2 ++}; ++ ++/* SHA-1 PR */ ++__fips_constseg static const unsigned char sha1_pr_entropyinput[] = { ++ 0xd2, 0x36, 0xa5, 0x27, 0x31, 0x73, 0xdd, 0x11, 0x4f, 0x93, 0xbd, 0xe2, ++ 0x31, 0xa5, 0x91, 0x13 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_nonce[] = { ++ 0xb5, 0xb3, 0x60, 0xef, 0xf7, 0x63, 0x31, 0xf3 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_personalizationstring[] = { ++ 0xd4, 0xbb, 0x02, 0x10, 0xb2, 0x71, 0xdb, 0x81, 0xd6, 0xf0, 0x42, 0x60, ++ 0xda, 0xea, 0x77, 0x52 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_additionalinput[] = { ++ 0x4d, 0xd2, 0x6c, 0x87, 0xfb, 0x2c, 0x4f, 0xa6, 0x8d, 0x16, 0x63, 0x22, ++ 0x6a, 0x51, 0xe3, 0xf8 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_entropyinputpr[] = { ++ 0xc9, 0x83, 0x9e, 0x16, 0xf6, 0x1c, 0x0f, 0xb2, 0xec, 0x60, 0x31, 0xa9, ++ 0xcb, 0xa9, 0x36, 0x7a ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_int_returnedbits[] = { ++ 0xa8, 0x13, 0x4f, 0xf4, 0x31, 0x02, 0x44, 0xe3, 0xd3, 0x3d, 0x61, 0x9e, ++ 0xe5, 0xc6, 0x3e, 0x89, 0xb5, 0x9b, 0x0f, 0x35 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_additionalinput2[] = { ++ 0xf9, 0xe8, 0xd2, 0x72, 0x13, 0x34, 0x95, 0x6f, 0x15, 0x49, 0x47, 0x99, ++ 0x16, 0x03, 0x19, 0x47 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_entropyinputpr2[] = { ++ 0x4e, 0x8c, 0x49, 0x9b, 0x4a, 0x5c, 0x9b, 0x9c, 0x3a, 0xee, 0xfb, 0xd2, ++ 0xae, 0xcd, 0x8c, 0xc4 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_returnedbits[] = { ++ 0x50, 0xb4, 0xb4, 0xcd, 0x68, 0x57, 0xfc, 0x2e, 0xc1, 0x52, 0xcc, 0xf6, ++ 0x68, 0xa4, 0x81, 0xed, 0x7e, 0xe4, 0x1d, 0x87 ++}; ++ ++/* SHA-1 No PR */ ++__fips_constseg static const unsigned char sha1_entropyinput[] = { ++ 0xa9, 0x47, 0x1b, 0x29, 0x2d, 0x1c, 0x05, 0xdf, 0x76, 0xd0, 0x62, 0xf9, ++ 0xe2, 0x7f, 0x4c, 0x7b ++}; ++ ++__fips_constseg static const unsigned char sha1_nonce[] = { ++ 0x53, 0x23, 0x24, 0xe3, 0xec, 0x0c, 0x54, 0x14 ++}; ++ ++__fips_constseg static const unsigned char sha1_personalizationstring[] = { ++ 0x7a, 0x87, 0xa1, 0xac, 0x1c, 0xfd, 0xab, 0xae, 0xf7, 0xd6, 0xfb, 0x76, ++ 0x28, 0xec, 0x6d, 0xca ++}; ++ ++__fips_constseg static const unsigned char sha1_additionalinput[] = { ++ 0xfc, 0x92, 0x35, 0xd6, 0x7e, 0xb7, 0x24, 0x65, 0xfd, 0x12, 0x27, 0x35, ++ 0xc0, 0x72, 0xca, 0x28 ++}; ++ ++__fips_constseg static const unsigned char sha1_int_returnedbits[] = { ++ 0x57, 0x88, 0x82, 0xe5, 0x25, 0xa5, 0x2c, 0x4a, 0x06, 0x20, 0x6c, 0x72, ++ 0x55, 0x61, 0xdd, 0x90, 0x71, 0x9f, 0x95, 0xea ++}; ++ ++__fips_constseg static const unsigned char sha1_entropyinputreseed[] = { ++ 0x69, 0xa5, 0x40, 0x62, 0x98, 0x47, 0x56, 0x73, 0x4a, 0x8f, 0x60, 0x96, ++ 0xd6, 0x99, 0x27, 0xed ++}; ++ ++__fips_constseg static const unsigned char sha1_additionalinputreseed[] = { ++ 0xe5, 0x40, 0x4e, 0xbd, 0x50, 0x00, 0xf5, 0x15, 0xa6, 0xee, 0x45, 0xda, ++ 0x84, 0x3d, 0xd4, 0xc0 ++}; ++ ++__fips_constseg static const unsigned char sha1_additionalinput2[] = { ++ 0x11, 0x51, 0x14, 0xf0, 0x09, 0x1b, 0x4e, 0x56, 0x0d, 0xe9, 0xf6, 0x1e, ++ 0x52, 0x65, 0xcd, 0x96 ++}; ++ ++__fips_constseg static const unsigned char sha1_returnedbits[] = { ++ 0xa1, 0x9c, 0x94, 0x6e, 0x29, 0xe1, 0x33, 0x0d, 0x32, 0xd6, 0xaa, 0xce, ++ 0x71, 0x3f, 0x52, 0x72, 0x8b, 0x42, 0xa8, 0xd7 ++}; ++ ++/* SHA-224 PR */ ++__fips_constseg static const unsigned char sha224_pr_entropyinput[] = { ++ 0x12, 0x69, 0x32, 0x4f, 0x83, 0xa6, 0xf5, 0x14, 0xe3, 0x49, 0x3e, 0x75, ++ 0x3e, 0xde, 0xad, 0xa1, 0x29, 0xc3, 0xf3, 0x19, 0x20, 0xb5, 0x4c, 0xd9 ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_nonce[] = { ++ 0x6a, 0x78, 0xd0, 0xeb, 0xbb, 0x5a, 0xf0, 0xee, 0xe8, 0xc3, 0xba, 0x71 ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_personalizationstring[] = { ++ 0xd5, 0xb8, 0xb6, 0xbc, 0xc1, 0x5b, 0x60, 0x31, 0x3c, 0xf5, 0xe5, 0xc0, ++ 0x8e, 0x52, 0x7a, 0xbd, 0xea, 0x47, 0xa9, 0x5f, 0x8f, 0xf9, 0x8b, 0xae ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_additionalinput[] = { ++ 0x1f, 0x55, 0xec, 0xae, 0x16, 0x12, 0x84, 0xba, 0x84, 0x16, 0x19, 0x88, ++ 0x8e, 0xb8, 0x33, 0x25, 0x54, 0xff, 0xca, 0x79, 0xaf, 0x07, 0x25, 0x50 ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_entropyinputpr[] = { ++ 0x92, 0xa3, 0x32, 0xa8, 0x9a, 0x0a, 0x58, 0x7c, 0x1d, 0x5a, 0x7e, 0xe1, ++ 0xb2, 0x73, 0xab, 0x0e, 0x16, 0x79, 0x23, 0xd3, 0x29, 0x89, 0x81, 0xe1 ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_int_returnedbits[] = { ++ 0xf3, 0x38, 0x91, 0x40, 0x37, 0x7a, 0x51, 0x72, 0x42, 0x74, 0x78, 0x0a, ++ 0x69, 0xfd, 0xa6, 0x44, 0x43, 0x45, 0x6c, 0x0c, 0x5a, 0x19, 0xff, 0xf1, ++ 0x54, 0x60, 0xee, 0x6a ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_additionalinput2[] = { ++ 0x75, 0xf3, 0x04, 0x25, 0xdd, 0x36, 0xa8, 0x37, 0x46, 0xae, 0x0c, 0x52, ++ 0x05, 0x79, 0x4c, 0x26, 0xdb, 0xe9, 0x71, 0x16, 0x4c, 0x0a, 0xf2, 0x60 ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_entropyinputpr2[] = { ++ 0xea, 0xc5, 0x03, 0x0a, 0x4f, 0xb0, 0x38, 0x8d, 0x23, 0xd4, 0xc8, 0x77, ++ 0xe2, 0x6d, 0x9c, 0x0b, 0x44, 0xf7, 0x2d, 0x5b, 0xbf, 0x5d, 0x2a, 0x11 ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_returnedbits[] = { ++ 0x60, 0x50, 0x2b, 0xe7, 0x86, 0xd8, 0x26, 0x73, 0xe3, 0x1d, 0x95, 0x20, ++ 0xb3, 0x2c, 0x32, 0x1c, 0xf5, 0xce, 0x57, 0xa6, 0x67, 0x2b, 0xdc, 0x4e, ++ 0xdd, 0x11, 0x4c, 0xc4 ++}; ++ ++/* SHA-224 No PR */ ++__fips_constseg static const unsigned char sha224_entropyinput[] = { ++ 0xb2, 0x1c, 0x77, 0x4d, 0xf6, 0xd3, 0xb6, 0x40, 0xb7, 0x30, 0x3e, 0x29, ++ 0xb0, 0x85, 0x1c, 0xbe, 0x4a, 0xea, 0x6b, 0x5a, 0xb5, 0x8a, 0x97, 0xeb ++}; ++ ++__fips_constseg static const unsigned char sha224_nonce[] = { ++ 0x42, 0x02, 0x0a, 0x1c, 0x98, 0x9a, 0x77, 0x9e, 0x9f, 0x80, 0xba, 0xe0 ++}; ++ ++__fips_constseg static const unsigned char sha224_personalizationstring[] = { ++ 0x98, 0xb8, 0x04, 0x41, 0xfc, 0xc1, 0x5d, 0xc5, 0xe9, 0xb9, 0x08, 0xda, ++ 0xf9, 0xfa, 0x0d, 0x90, 0xce, 0xdf, 0x1d, 0x10, 0xa9, 0x8d, 0x50, 0x0c ++}; ++ ++__fips_constseg static const unsigned char sha224_additionalinput[] = { ++ 0x9a, 0x8d, 0x39, 0x49, 0x42, 0xd5, 0x0b, 0xae, 0xe1, 0xaf, 0xb7, 0x00, ++ 0x02, 0xfa, 0x96, 0xb1, 0xa5, 0x1d, 0x2d, 0x25, 0x78, 0xee, 0x83, 0x3f ++}; ++ ++__fips_constseg static const unsigned char sha224_int_returnedbits[] = { ++ 0xe4, 0xf5, 0x53, 0x79, 0x5a, 0x97, 0x58, 0x06, 0x08, 0xba, 0x7b, 0xfa, ++ 0xf0, 0x83, 0x05, 0x8c, 0x22, 0xc0, 0xc9, 0xdb, 0x15, 0xe7, 0xde, 0x20, ++ 0x55, 0x22, 0x9a, 0xad ++}; ++ ++__fips_constseg static const unsigned char sha224_entropyinputreseed[] = { ++ 0x67, 0x09, 0x48, 0xaa, 0x07, 0x16, 0x99, 0x89, 0x7f, 0x6d, 0xa0, 0xe5, ++ 0x8f, 0xdf, 0xbc, 0xdb, 0xfe, 0xe5, 0x6c, 0x7a, 0x95, 0x4a, 0x66, 0x17 ++}; ++ ++__fips_constseg static const unsigned char sha224_additionalinputreseed[] = { ++ 0x0f, 0x4b, 0x1c, 0x6f, 0xb7, 0xe3, 0x47, 0xe5, 0x5d, 0x7d, 0x38, 0xd6, ++ 0x28, 0x9b, 0xeb, 0x55, 0x63, 0x09, 0x3e, 0x7c, 0x56, 0xea, 0xf8, 0x19 ++}; ++ ++__fips_constseg static const unsigned char sha224_additionalinput2[] = { ++ 0x2d, 0x26, 0x7c, 0x37, 0xe4, 0x7a, 0x28, 0x5e, 0x5a, 0x3c, 0xaf, 0x3d, ++ 0x5a, 0x8e, 0x55, 0xa2, 0x1a, 0x6e, 0xc0, 0xe5, 0xf6, 0x21, 0xd3, 0xf6 ++}; ++ ++__fips_constseg static const unsigned char sha224_returnedbits[] = { ++ 0x4d, 0x83, 0x35, 0xdf, 0x67, 0xa9, 0xfc, 0x17, 0xda, 0x70, 0xcc, 0x8b, ++ 0x7f, 0x77, 0xae, 0xa2, 0x5f, 0xb9, 0x7e, 0x74, 0x4c, 0x26, 0xc1, 0x7a, ++ 0x3b, 0xa7, 0x5c, 0x93 ++}; ++ ++/* SHA-256 PR */ ++__fips_constseg static const unsigned char sha256_pr_entropyinput[] = { ++ 0xce, 0x49, 0x00, 0x7a, 0x56, 0xe3, 0x67, 0x8f, 0xe1, 0xb6, 0xa7, 0xd4, ++ 0x4f, 0x08, 0x7a, 0x1b, 0x01, 0xf4, 0xfa, 0x6b, 0xef, 0xb7, 0xe5, 0xeb, ++ 0x07, 0x3d, 0x11, 0x0d, 0xc8, 0xea, 0x2b, 0xfe ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_nonce[] = { ++ 0x73, 0x41, 0xc8, 0x92, 0x94, 0xe2, 0xc5, 0x5f, 0x93, 0xfd, 0x39, 0x5d, ++ 0x2b, 0x91, 0x4d, 0x38 ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_personalizationstring[] = { ++ 0x50, 0x6d, 0x01, 0x01, 0x07, 0x5a, 0x80, 0x35, 0x7a, 0x56, 0x1a, 0x56, ++ 0x2f, 0x9a, 0x0b, 0x35, 0xb2, 0xb1, 0xc9, 0xe5, 0xca, 0x69, 0x61, 0x48, ++ 0xff, 0xfb, 0x0f, 0xd9, 0x4b, 0x79, 0x1d, 0xba ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_additionalinput[] = { ++ 0x20, 0xb8, 0xdf, 0x44, 0x77, 0x5a, 0xb8, 0xd3, 0xbf, 0xf6, 0xcf, 0xac, ++ 0x5e, 0xa6, 0x96, 0x62, 0x73, 0x44, 0x40, 0x4a, 0x30, 0xfb, 0x38, 0xa5, ++ 0x7b, 0x0d, 0xe4, 0x0d, 0xc6, 0xe4, 0x9a, 0x1f ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_entropyinputpr[] = { ++ 0x04, 0xc4, 0x65, 0xf4, 0xd3, 0xbf, 0x83, 0x4b, 0xab, 0xc8, 0x41, 0xa8, ++ 0xc2, 0xe0, 0x44, 0x63, 0x77, 0x4c, 0x6f, 0x6c, 0x49, 0x46, 0xff, 0x94, ++ 0x17, 0xea, 0xe6, 0x1a, 0x9d, 0x5e, 0x66, 0x78 ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_int_returnedbits[] = { ++ 0x07, 0x4d, 0xac, 0x9b, 0x86, 0xca, 0x4a, 0xaa, 0x6e, 0x7a, 0x03, 0xa2, ++ 0x5d, 0x10, 0xea, 0x0b, 0xf9, 0x83, 0xcc, 0xd1, 0xfc, 0xe2, 0x07, 0xc7, ++ 0x06, 0x34, 0x60, 0x6f, 0x83, 0x94, 0x99, 0x76 ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_additionalinput2[] = { ++ 0x89, 0x4e, 0x45, 0x8c, 0x11, 0xf9, 0xbc, 0x5b, 0xac, 0x74, 0x8b, 0x4b, ++ 0x5f, 0xf7, 0x19, 0xf3, 0xf5, 0x24, 0x54, 0x14, 0xd1, 0x15, 0xb1, 0x43, ++ 0x12, 0xa4, 0x5f, 0xd4, 0xec, 0xfc, 0xcd, 0x09 ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_entropyinputpr2[] = { ++ 0x0e, 0xeb, 0x1f, 0xd7, 0xfc, 0xd1, 0x9d, 0xd4, 0x05, 0x36, 0x8b, 0xb2, ++ 0xfb, 0xe4, 0xf4, 0x51, 0x0c, 0x87, 0x9b, 0x02, 0x44, 0xd5, 0x92, 0x4d, ++ 0x44, 0xfe, 0x1a, 0x03, 0x43, 0x56, 0xbd, 0x86 ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_returnedbits[] = { ++ 0x02, 0xaa, 0xb6, 0x1d, 0x7e, 0x2a, 0x40, 0x03, 0x69, 0x2d, 0x49, 0xa3, ++ 0x41, 0xe7, 0x44, 0x0b, 0xaf, 0x7b, 0x85, 0xe4, 0x5f, 0x53, 0x3b, 0x64, ++ 0xbc, 0x89, 0xc8, 0x82, 0xd4, 0x78, 0x37, 0xa2 ++}; ++ ++/* SHA-256 No PR */ ++__fips_constseg static const unsigned char sha256_entropyinput[] = { ++ 0x5b, 0x1b, 0xec, 0x4d, 0xa9, 0x38, 0x74, 0x5a, 0x34, 0x0b, 0x7b, 0xc5, ++ 0xe5, 0xd7, 0x66, 0x7c, 0xbc, 0x82, 0xb9, 0x0e, 0x2d, 0x1f, 0x92, 0xd7, ++ 0xc1, 0xbc, 0x67, 0x69, 0xec, 0x6b, 0x03, 0x3c ++}; ++ ++__fips_constseg static const unsigned char sha256_nonce[] = { ++ 0xa4, 0x0c, 0xd8, 0x9c, 0x61, 0xd8, 0xc3, 0x54, 0xfe, 0x53, 0xc9, 0xe5, ++ 0x5d, 0x6f, 0x6d, 0x35 ++}; ++ ++__fips_constseg static const unsigned char sha256_personalizationstring[] = { ++ 0x22, 0x5e, 0x62, 0x93, 0x42, 0x83, 0x78, 0x24, 0xd8, 0x40, 0x8c, 0xde, ++ 0x6f, 0xf9, 0xa4, 0x7a, 0xc5, 0xa7, 0x3b, 0x88, 0xa3, 0xee, 0x42, 0x20, ++ 0xfd, 0x61, 0x56, 0xc6, 0x4c, 0x13, 0x41, 0x9c ++}; ++ ++__fips_constseg static const unsigned char sha256_additionalinput[] = { ++ 0xbf, 0x74, 0x5b, 0xf6, 0xc5, 0x64, 0x5e, 0x99, 0x34, 0x8f, 0xbc, 0xa4, ++ 0xe2, 0xbd, 0xd8, 0x85, 0x26, 0x37, 0xea, 0xba, 0x4f, 0xf2, 0x9a, 0x9a, ++ 0x66, 0xfc, 0xdf, 0x63, 0x26, 0x26, 0x19, 0x87 ++}; ++ ++__fips_constseg static const unsigned char sha256_int_returnedbits[] = { ++ 0xb3, 0xc6, 0x07, 0x07, 0xd6, 0x75, 0xf6, 0x2b, 0xd6, 0x21, 0x96, 0xf1, ++ 0xae, 0xdb, 0x2b, 0xac, 0x25, 0x2a, 0xae, 0xae, 0x41, 0x72, 0x03, 0x5e, ++ 0xbf, 0xd3, 0x64, 0xbc, 0x59, 0xf9, 0xc0, 0x76 ++}; ++ ++__fips_constseg static const unsigned char sha256_entropyinputreseed[] = { ++ 0xbf, 0x20, 0x33, 0x56, 0x29, 0xa8, 0x37, 0x04, 0x1f, 0x78, 0x34, 0x3d, ++ 0x81, 0x2a, 0xc9, 0x86, 0xc6, 0x7a, 0x2f, 0x88, 0x5e, 0xd5, 0xbe, 0x34, ++ 0x46, 0x20, 0xa4, 0x35, 0xeb, 0xc7, 0xe2, 0x9d ++}; ++ ++__fips_constseg static const unsigned char sha256_additionalinputreseed[] = { ++ 0x9b, 0xae, 0x2d, 0x2d, 0x61, 0xa4, 0x89, 0xeb, 0x43, 0x46, 0xa7, 0xda, ++ 0xef, 0x40, 0xca, 0x4a, 0x99, 0x11, 0x41, 0xdc, 0x5c, 0x94, 0xe9, 0xac, ++ 0xd4, 0xd0, 0xe6, 0xbd, 0xfb, 0x03, 0x9c, 0xa8 ++}; ++ ++__fips_constseg static const unsigned char sha256_additionalinput2[] = { ++ 0x23, 0xaa, 0x0c, 0xbd, 0x28, 0x33, 0xe2, 0x51, 0xfc, 0x71, 0xd2, 0x15, ++ 0x1f, 0x76, 0xfd, 0x0d, 0xe0, 0xb7, 0xb5, 0x84, 0x75, 0x5b, 0xbe, 0xf3, ++ 0x5c, 0xca, 0xc5, 0x30, 0xf2, 0x75, 0x1f, 0xda ++}; ++ ++__fips_constseg static const unsigned char sha256_returnedbits[] = { ++ 0x90, 0x3c, 0xc1, 0x10, 0x8c, 0x12, 0x01, 0xc6, 0xa6, 0x3a, 0x0f, 0x4d, ++ 0xb6, 0x3a, 0x4f, 0x41, 0x9c, 0x61, 0x75, 0x84, 0xe9, 0x74, 0x75, 0xfd, ++ 0xfe, 0xf2, 0x1f, 0x43, 0xd8, 0x5e, 0x24, 0xa3 ++}; ++ ++/* SHA-384 PR */ ++__fips_constseg static const unsigned char sha384_pr_entropyinput[] = { ++ 0x71, 0x9d, 0xb2, 0x5a, 0x71, 0x6d, 0x04, 0xe9, 0x1e, 0xc7, 0x92, 0x24, ++ 0x6e, 0x12, 0x33, 0xa9, 0x52, 0x64, 0x31, 0xef, 0x71, 0xeb, 0x22, 0x55, ++ 0x28, 0x97, 0x06, 0x6a, 0xc0, 0x0c, 0xa0, 0x7e ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_nonce[] = { ++ 0xf5, 0x0d, 0xfa, 0xb0, 0xec, 0x6a, 0x7c, 0xd6, 0xbd, 0x9b, 0x05, 0xfd, ++ 0x38, 0x3e, 0x2e, 0x56 ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_personalizationstring[] = { ++ 0x74, 0xac, 0x7e, 0x6d, 0xb1, 0xa4, 0xe7, 0x21, 0xd1, 0x1e, 0x6e, 0x96, ++ 0x6d, 0x4d, 0x53, 0x46, 0x82, 0x96, 0x6e, 0xcf, 0xaa, 0x81, 0x8d, 0x7d, ++ 0x9e, 0xe1, 0x0f, 0x15, 0xea, 0x41, 0xbf, 0xe3 ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_additionalinput[] = { ++ 0xda, 0x95, 0xd4, 0xd0, 0xb8, 0x11, 0xd3, 0x49, 0x27, 0x5d, 0xa9, 0x39, ++ 0x68, 0xf3, 0xa8, 0xe9, 0x5d, 0x19, 0x8a, 0x2b, 0x66, 0xe8, 0x69, 0x06, ++ 0x7c, 0x9e, 0x03, 0xa1, 0x8b, 0x26, 0x2d, 0x6e ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_entropyinputpr[] = { ++ 0x49, 0xdf, 0x44, 0x00, 0xe4, 0x1c, 0x75, 0x0b, 0x26, 0x5a, 0x59, 0x64, ++ 0x1f, 0x4e, 0xb1, 0xb2, 0x13, 0xf1, 0x22, 0x4e, 0xb4, 0x6d, 0x9a, 0xcc, ++ 0xa0, 0x48, 0xe6, 0xcf, 0x1d, 0xd1, 0x92, 0x0d ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_int_returnedbits[] = { ++ 0xc8, 0x52, 0xae, 0xbf, 0x04, 0x3c, 0x27, 0xb7, 0x78, 0x18, 0xaa, 0x8f, ++ 0xff, 0xcf, 0xa4, 0xf1, 0xcc, 0xe7, 0x68, 0xfa, 0x22, 0xa2, 0x13, 0x45, ++ 0xe8, 0xdd, 0x87, 0xe6, 0xf2, 0x6e, 0xdd, 0xc7, 0x52, 0x90, 0x9f, 0x7b, ++ 0xfa, 0x61, 0x2d, 0x9d, 0x9e, 0xcf, 0x98, 0xac, 0x52, 0x40, 0xce, 0xaf ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_additionalinput2[] = { ++ 0x61, 0x7c, 0x03, 0x9a, 0x3e, 0x50, 0x57, 0x60, 0xc5, 0x83, 0xc9, 0xb2, ++ 0xd1, 0x87, 0x85, 0x66, 0x92, 0x5d, 0x84, 0x0e, 0x53, 0xfb, 0x70, 0x03, ++ 0x72, 0xfd, 0xba, 0xae, 0x9c, 0x8f, 0xf8, 0x18 ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_entropyinputpr2[] = { ++ 0xf8, 0xeb, 0x89, 0xb1, 0x8d, 0x78, 0xbe, 0x21, 0xe0, 0xbb, 0x9d, 0xb7, ++ 0x95, 0x0e, 0xd9, 0x46, 0x0c, 0x8c, 0xe2, 0x63, 0xb7, 0x9d, 0x67, 0x90, ++ 0xbd, 0xc7, 0x0b, 0xa5, 0xce, 0xb2, 0x65, 0x81 ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_returnedbits[] = { ++ 0xe6, 0x9f, 0xfe, 0x68, 0xd6, 0xb5, 0x79, 0xf1, 0x06, 0x5f, 0xa3, 0xbb, ++ 0x23, 0x85, 0xd8, 0xf0, 0x29, 0x5a, 0x68, 0x9e, 0xf5, 0xf4, 0xa6, 0x12, ++ 0xe0, 0x9a, 0xe2, 0xac, 0x00, 0x1d, 0x98, 0x26, 0xfc, 0x53, 0x95, 0x53, ++ 0xe4, 0x3e, 0x17, 0xd5, 0x08, 0x0b, 0x70, 0x3d, 0x67, 0x99, 0xac, 0x66 ++}; ++ ++/* SHA-384 No PR */ ++__fips_constseg static const unsigned char sha384_entropyinput[] = { ++ 0x07, 0x15, 0x27, 0x2a, 0xaf, 0x74, 0x24, 0x37, 0xbc, 0xd5, 0x14, 0x69, ++ 0xce, 0x11, 0xff, 0xa2, 0x6b, 0xb8, 0x05, 0x67, 0x34, 0xf8, 0xbd, 0x6d, ++ 0x6a, 0xcc, 0xcd, 0x60, 0xa3, 0x68, 0xca, 0xf4 ++}; ++ ++__fips_constseg static const unsigned char sha384_nonce[] = { ++ 0x70, 0x17, 0xc2, 0x5b, 0x5d, 0x22, 0x0b, 0x06, 0x15, 0x54, 0x78, 0x77, ++ 0x44, 0xaf, 0x2f, 0x09 ++}; ++ ++__fips_constseg static const unsigned char sha384_personalizationstring[] = { ++ 0x89, 0x39, 0x28, 0xb0, 0x60, 0xeb, 0x3d, 0xdc, 0x55, 0x75, 0x86, 0xeb, ++ 0xae, 0xa2, 0x8f, 0xbc, 0x1b, 0x75, 0xd4, 0xe1, 0x0f, 0xaa, 0x38, 0xca, ++ 0x62, 0x8b, 0xcb, 0x2c, 0x26, 0xf6, 0xbc, 0xb1 ++}; ++ ++__fips_constseg static const unsigned char sha384_additionalinput[] = { ++ 0x30, 0x2b, 0x42, 0x35, 0xef, 0xda, 0x40, 0x55, 0x28, 0xc6, 0x95, 0xfb, ++ 0x54, 0x01, 0x62, 0xd7, 0x87, 0x14, 0x48, 0x6d, 0x90, 0x4c, 0xa9, 0x02, ++ 0x54, 0x40, 0x22, 0xc8, 0x66, 0xa5, 0x48, 0x48 ++}; ++ ++__fips_constseg static const unsigned char sha384_int_returnedbits[] = { ++ 0x82, 0xc4, 0xa1, 0x9c, 0x21, 0xd2, 0xe7, 0xa5, 0xa6, 0xf6, 0x5f, 0x04, ++ 0x5c, 0xc7, 0x31, 0x9d, 0x8d, 0x59, 0x74, 0x50, 0x19, 0x89, 0x2f, 0x63, ++ 0xd5, 0xb7, 0x7e, 0xeb, 0x15, 0xe3, 0x70, 0x83, 0xa1, 0x24, 0x59, 0xfa, ++ 0x2c, 0x56, 0xf6, 0x88, 0x3a, 0x92, 0x93, 0xa1, 0xfb, 0x79, 0xc1, 0x7a ++}; ++ ++__fips_constseg static const unsigned char sha384_entropyinputreseed[] = { ++ 0x39, 0xa6, 0xe8, 0x5c, 0x82, 0x17, 0x71, 0x26, 0x57, 0x4f, 0x9f, 0xc2, ++ 0x55, 0xff, 0x5c, 0x9b, 0x53, 0x1a, 0xd1, 0x5f, 0xbc, 0x62, 0xe4, 0x27, ++ 0x2d, 0x32, 0xf0, 0xe4, 0x52, 0x8c, 0xc5, 0x0c ++}; ++ ++__fips_constseg static const unsigned char sha384_additionalinputreseed[] = { ++ 0x8d, 0xcb, 0x8d, 0xce, 0x08, 0xea, 0x80, 0xe8, 0x9b, 0x61, 0xa8, 0x0f, ++ 0xaf, 0x49, 0x20, 0x9e, 0x74, 0xcb, 0x57, 0x80, 0x42, 0xb0, 0x84, 0x5e, ++ 0x30, 0x2a, 0x67, 0x08, 0xf4, 0xe3, 0x40, 0x22 ++}; ++ ++__fips_constseg static const unsigned char sha384_additionalinput2[] = { ++ 0x7c, 0x8f, 0xc2, 0xae, 0x22, 0x4a, 0xd6, 0xf6, 0x05, 0xa4, 0x7a, 0xea, ++ 0xbb, 0x25, 0xd0, 0xb7, 0x5a, 0xd6, 0xcf, 0x9d, 0xf3, 0x6c, 0xe2, 0xb2, ++ 0x4e, 0xb4, 0xbd, 0xf4, 0xe5, 0x40, 0x80, 0x94 ++}; ++ ++__fips_constseg static const unsigned char sha384_returnedbits[] = { ++ 0x9e, 0x7e, 0xfb, 0x59, 0xbb, 0xaa, 0x3c, 0xf7, 0xe1, 0xf8, 0x76, 0xdd, ++ 0x63, 0x5f, 0xaf, 0x23, 0xd6, 0x64, 0x61, 0xc0, 0x9a, 0x09, 0x47, 0xc9, ++ 0x33, 0xdf, 0x6d, 0x55, 0x91, 0x34, 0x79, 0x70, 0xc4, 0x99, 0x6e, 0x54, ++ 0x09, 0x64, 0x21, 0x1a, 0xbd, 0x1e, 0x80, 0x40, 0x34, 0xad, 0xfa, 0xd7 ++}; ++ ++/* SHA-512 PR */ ++__fips_constseg static const unsigned char sha512_pr_entropyinput[] = { ++ 0x13, 0xf7, 0x61, 0x75, 0x65, 0x28, 0xa2, 0x59, 0x13, 0x5a, 0x4a, 0x4f, ++ 0x56, 0x60, 0x8c, 0x53, 0x7d, 0xb0, 0xbd, 0x06, 0x4f, 0xed, 0xcc, 0xd2, ++ 0xa2, 0xb5, 0xfd, 0x5b, 0x3a, 0xab, 0xec, 0x28 ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_nonce[] = { ++ 0xbe, 0xa3, 0x91, 0x93, 0x1d, 0xc3, 0x31, 0x3a, 0x23, 0x33, 0x50, 0x67, ++ 0x88, 0xc7, 0xa2, 0xc4 ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_personalizationstring[] = { ++ 0x1f, 0x59, 0x4d, 0x7b, 0xe6, 0x46, 0x91, 0x48, 0xc1, 0x25, 0xfa, 0xff, ++ 0x89, 0x12, 0x77, 0x35, 0xdf, 0x3e, 0xf4, 0x80, 0x5f, 0xd9, 0xb0, 0x07, ++ 0x22, 0x41, 0xdd, 0x48, 0x78, 0x6b, 0x77, 0x2b ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_additionalinput[] = { ++ 0x30, 0xff, 0x63, 0x6f, 0xac, 0xd9, 0x84, 0x39, 0x6f, 0xe4, 0x99, 0xce, ++ 0x91, 0x7d, 0x7e, 0xc8, 0x58, 0xf2, 0x12, 0xc3, 0xb6, 0xad, 0xda, 0x22, ++ 0x04, 0xa0, 0xd2, 0x21, 0xfe, 0xf2, 0x95, 0x1d ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_entropyinputpr[] = { ++ 0x64, 0x54, 0x13, 0xec, 0x4f, 0x77, 0xda, 0xb2, 0x92, 0x2e, 0x52, 0x80, ++ 0x11, 0x10, 0xc2, 0xf8, 0xe6, 0xa7, 0xcd, 0x4b, 0xfc, 0x32, 0x2e, 0x9e, ++ 0xeb, 0xbb, 0xb1, 0xbf, 0x15, 0x5c, 0x73, 0x08 ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_int_returnedbits[] = { ++ 0xef, 0x1e, 0xdc, 0x0a, 0xa4, 0x36, 0x91, 0x9c, 0x3d, 0x27, 0x97, 0x50, ++ 0x8d, 0x36, 0x29, 0x8d, 0xce, 0x6a, 0x0c, 0xf7, 0x21, 0xc0, 0x91, 0xae, ++ 0x0c, 0x96, 0x72, 0xbd, 0x52, 0x81, 0x58, 0xfc, 0x6d, 0xe5, 0xf7, 0xa5, ++ 0xfd, 0x5d, 0xa7, 0x58, 0x68, 0xc8, 0x99, 0x58, 0x8e, 0xc8, 0xce, 0x95, ++ 0x01, 0x7d, 0xff, 0xa4, 0xc8, 0xf7, 0x63, 0xfe, 0x5f, 0x69, 0x83, 0x53, ++ 0xe2, 0xc6, 0x8b, 0xc3 ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_additionalinput2[] = { ++ 0xe6, 0x9b, 0xc4, 0x88, 0x34, 0xca, 0xea, 0x29, 0x2f, 0x98, 0x05, 0xa4, ++ 0xd3, 0xc0, 0x7b, 0x11, 0xe8, 0xbb, 0x75, 0xf2, 0xbd, 0x29, 0xb7, 0x40, ++ 0x25, 0x7f, 0xc1, 0xb7, 0xb1, 0xf1, 0x25, 0x61 ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_entropyinputpr2[] = { ++ 0x23, 0x6d, 0xff, 0xde, 0xfb, 0xd1, 0xba, 0x33, 0x18, 0xe6, 0xbe, 0xb5, ++ 0x48, 0x77, 0x6d, 0x7f, 0xa7, 0xe1, 0x4d, 0x48, 0x1e, 0x3c, 0xa7, 0x34, ++ 0x1a, 0xc8, 0x60, 0xdb, 0x8f, 0x99, 0x15, 0x99 ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_returnedbits[] = { ++ 0x70, 0x27, 0x31, 0xdb, 0x92, 0x70, 0x21, 0xfe, 0x16, 0xb6, 0xc8, 0x51, ++ 0x34, 0x87, 0x65, 0xd0, 0x4e, 0xfd, 0xfe, 0x68, 0xec, 0xac, 0xdc, 0x93, ++ 0x41, 0x38, 0x92, 0x90, 0xb4, 0x94, 0xf9, 0x0d, 0xa4, 0xf7, 0x4e, 0x80, ++ 0x92, 0x67, 0x48, 0x40, 0xa7, 0x08, 0xc7, 0xbc, 0x66, 0x00, 0xfd, 0xf7, ++ 0x4c, 0x8b, 0x17, 0x6e, 0xd1, 0x8f, 0x9b, 0xf3, 0x6f, 0xf6, 0x34, 0xdd, ++ 0x67, 0xf7, 0x68, 0xdd ++}; ++ ++/* SHA-512 No PR */ ++__fips_constseg static const unsigned char sha512_entropyinput[] = { ++ 0xb6, 0x0b, 0xb7, 0xbc, 0x84, 0x56, 0xf6, 0x12, 0xaf, 0x45, 0x67, 0x17, ++ 0x7c, 0xd1, 0xb2, 0x78, 0x2b, 0xa0, 0xf2, 0xbe, 0xb6, 0x6d, 0x8b, 0x56, ++ 0xc6, 0xbc, 0x4d, 0xe1, 0xf7, 0xbe, 0xce, 0xbd ++}; ++ ++__fips_constseg static const unsigned char sha512_nonce[] = { ++ 0x9d, 0xed, 0xc0, 0xe5, 0x5a, 0x98, 0x6a, 0xcb, 0x51, 0x7d, 0x76, 0x31, ++ 0x5a, 0x64, 0xf0, 0xf7 ++}; ++ ++__fips_constseg static const unsigned char sha512_personalizationstring[] = { ++ 0xc2, 0x6d, 0xa3, 0xc3, 0x06, 0x74, 0xe5, 0x01, 0x5c, 0x10, 0x17, 0xc7, ++ 0xaf, 0x83, 0x9d, 0x59, 0x8d, 0x2d, 0x29, 0x38, 0xc5, 0x59, 0x70, 0x8b, ++ 0x46, 0x48, 0x2d, 0xcf, 0x36, 0x7d, 0x59, 0xc0 ++}; ++ ++__fips_constseg static const unsigned char sha512_additionalinput[] = { ++ 0xec, 0x8c, 0xd4, 0xf7, 0x61, 0x6e, 0x0d, 0x95, 0x79, 0xb7, 0x28, 0xad, ++ 0x5f, 0x69, 0x74, 0x5f, 0x2d, 0x36, 0x06, 0x8a, 0x6b, 0xac, 0x54, 0x97, ++ 0xc4, 0xa1, 0x12, 0x85, 0x0a, 0xdf, 0x4b, 0x34 ++}; ++ ++__fips_constseg static const unsigned char sha512_int_returnedbits[] = { ++ 0x84, 0x2f, 0x1f, 0x68, 0x6a, 0xa3, 0xad, 0x1e, 0xfb, 0xf4, 0x15, 0xbd, ++ 0xde, 0x38, 0xd4, 0x30, 0x80, 0x51, 0xe9, 0xd3, 0xc7, 0x20, 0x88, 0xe9, ++ 0xf5, 0xcc, 0xdf, 0x57, 0x5c, 0x47, 0x2f, 0x57, 0x3c, 0x5f, 0x13, 0x56, ++ 0xcc, 0xc5, 0x4f, 0x84, 0xf8, 0x10, 0x41, 0xd5, 0x7e, 0x58, 0x6e, 0x19, ++ 0x19, 0x9e, 0xaf, 0xc2, 0x22, 0x58, 0x41, 0x50, 0x79, 0xc2, 0xd8, 0x04, ++ 0x28, 0xd4, 0x39, 0x9a ++}; ++ ++__fips_constseg static const unsigned char sha512_entropyinputreseed[] = { ++ 0xfa, 0x7f, 0x46, 0x51, 0x83, 0x62, 0x98, 0x16, 0x9a, 0x19, 0xa2, 0x49, ++ 0xa9, 0xe6, 0x4a, 0xd8, 0x85, 0xe7, 0xd4, 0x3b, 0x2c, 0x82, 0xc5, 0x82, ++ 0xbf, 0x11, 0xf9, 0x9e, 0xbc, 0xd0, 0x01, 0xee ++}; ++ ++__fips_constseg static const unsigned char sha512_additionalinputreseed[] = { ++ 0xb9, 0x12, 0xe0, 0x4f, 0xf7, 0xa7, 0xc4, 0xd8, 0xd0, 0x8e, 0x99, 0x29, ++ 0x7c, 0x9a, 0xe9, 0xcf, 0xc4, 0x6c, 0xf8, 0xc3, 0xa7, 0x41, 0x83, 0xd6, ++ 0x2e, 0xfa, 0xb8, 0x5e, 0x8e, 0x6b, 0x78, 0x20 ++}; ++ ++__fips_constseg static const unsigned char sha512_additionalinput2[] = { ++ 0xd7, 0x07, 0x52, 0xb9, 0x83, 0x2c, 0x03, 0x71, 0xee, 0xc9, 0xc0, 0x85, ++ 0xe1, 0x57, 0xb2, 0xcd, 0x3a, 0xf0, 0xc9, 0x34, 0x24, 0x41, 0x1c, 0x42, ++ 0x99, 0xb2, 0x84, 0xe9, 0x17, 0xd2, 0x76, 0x92 ++}; ++ ++__fips_constseg static const unsigned char sha512_returnedbits[] = { ++ 0x36, 0x17, 0x5d, 0x98, 0x2b, 0x65, 0x25, 0x8e, 0xc8, 0x29, 0xdf, 0x27, ++ 0x05, 0x36, 0x26, 0x12, 0x8a, 0x68, 0x74, 0x27, 0x37, 0xd4, 0x7f, 0x32, ++ 0xb1, 0x12, 0xd6, 0x85, 0x83, 0xeb, 0x2e, 0xa0, 0xed, 0x4b, 0xb5, 0x7b, ++ 0x6f, 0x39, 0x3c, 0x71, 0x77, 0x02, 0x12, 0xcc, 0x2c, 0x3a, 0x8e, 0x63, ++ 0xdf, 0x4a, 0xbd, 0x6f, 0x6e, 0x2e, 0xed, 0x0a, 0x85, 0xa5, 0x2f, 0xa2, ++ 0x68, 0xde, 0x42, 0xb5 ++}; ++ ++/* HMAC SHA-1 PR */ ++__fips_constseg static const unsigned char hmac_sha1_pr_entropyinput[] = { ++ 0x26, 0x5f, 0x36, 0x14, 0xff, 0x3d, 0x83, 0xfa, 0x73, 0x5e, 0x75, 0xdc, ++ 0x2c, 0x18, 0x17, 0x1b ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_nonce[] = { ++ 0xc8, 0xe3, 0x57, 0xa5, 0x7b, 0x74, 0x86, 0x6e ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha1_pr_personalizationstring[] = { ++ 0x6e, 0xdb, 0x0d, 0xfe, 0x7d, 0xac, 0x79, 0xd0, 0xa5, 0x3a, 0x48, 0x85, ++ 0x80, 0xe2, 0x7f, 0x2a ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_additionalinput[] = { ++ 0x31, 0xcd, 0x5e, 0x43, 0xdc, 0xfb, 0x7a, 0x79, 0xca, 0x88, 0xde, 0x1f, ++ 0xd7, 0xbb, 0x42, 0x09 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_entropyinputpr[] = { ++ 0x7c, 0x23, 0x95, 0x38, 0x00, 0x95, 0xc1, 0x78, 0x1f, 0x8f, 0xd7, 0x63, ++ 0x23, 0x87, 0x2a, 0xed ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_int_returnedbits[] = { ++ 0xbb, 0x34, 0xe7, 0x93, 0xa3, 0x02, 0x2c, 0x4a, 0xd0, 0x89, 0xda, 0x7f, ++ 0xed, 0xf4, 0x4c, 0xde, 0x17, 0xec, 0xe5, 0x6c ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_additionalinput2[] = { ++ 0x49, 0xbc, 0x2d, 0x2c, 0xb7, 0x32, 0xcb, 0x20, 0xdf, 0xf5, 0x77, 0x58, ++ 0xa0, 0x4b, 0x93, 0x6e ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_entropyinputpr2[] = { ++ 0x3c, 0xaa, 0xb0, 0x21, 0x42, 0xb0, 0xdd, 0x34, 0xf0, 0x16, 0x7f, 0x0c, ++ 0x0f, 0xff, 0x2e, 0xaf ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_returnedbits[] = { ++ 0x8e, 0xcb, 0xa3, 0x64, 0xb2, 0xb8, 0x33, 0x6c, 0x64, 0x3b, 0x78, 0x16, ++ 0x99, 0x35, 0xc8, 0x30, 0xcb, 0x3e, 0xa0, 0xd8 ++}; ++ ++/* HMAC SHA-1 No PR */ ++__fips_constseg static const unsigned char hmac_sha1_entropyinput[] = { ++ 0x32, 0x9a, 0x2a, 0x87, 0x7b, 0x89, 0x7c, 0xf6, 0xcb, 0x95, 0xd5, 0x40, ++ 0x17, 0xfe, 0x47, 0x70 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_nonce[] = { ++ 0x16, 0xd8, 0xe0, 0xc7, 0x52, 0xcf, 0x4a, 0x25 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_personalizationstring[] = { ++ 0x35, 0x35, 0xa9, 0xa5, 0x40, 0xbe, 0x9b, 0xd1, 0x56, 0xdd, 0x44, 0x00, ++ 0x72, 0xf7, 0xd3, 0x5e ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_additionalinput[] = { ++ 0x1b, 0x2c, 0x84, 0x2d, 0x4a, 0x89, 0x8f, 0x69, 0x19, 0xf1, 0xf3, 0xdb, ++ 0xbb, 0xe3, 0xaa, 0xea ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_int_returnedbits[] = { ++ 0xcf, 0xfa, 0x7d, 0x72, 0x0f, 0xe6, 0xc7, 0x96, 0xa0, 0x69, 0x31, 0x11, ++ 0x9b, 0x0b, 0x1a, 0x20, 0x1f, 0x3f, 0xaa, 0xd1 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_entropyinputreseed[] = { ++ 0x90, 0x75, 0x15, 0x04, 0x95, 0xf1, 0xba, 0x81, 0x0c, 0x37, 0x94, 0x6f, ++ 0x86, 0x52, 0x6d, 0x9c ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_additionalinputreseed[] = { ++ 0x5b, 0x40, 0xba, 0x5f, 0x17, 0x70, 0xf0, 0x4b, 0xdf, 0xc9, 0x97, 0x92, ++ 0x79, 0xc5, 0x82, 0x28 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_additionalinput2[] = { ++ 0x97, 0xc8, 0x80, 0x90, 0xb3, 0xaa, 0x6e, 0x60, 0xea, 0x83, 0x7a, 0xe3, ++ 0x8a, 0xca, 0xa4, 0x7f ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_returnedbits[] = { ++ 0x90, 0xbd, 0x05, 0x56, 0x6d, 0xb5, 0x22, 0xd5, 0xb9, 0x5a, 0x29, 0x2d, ++ 0xe9, 0x0b, 0xe1, 0xac, 0xde, 0x27, 0x0b, 0xb0 ++}; ++ ++/* HMAC SHA-224 PR */ ++__fips_constseg static const unsigned char hmac_sha224_pr_entropyinput[] = { ++ 0x17, 0x32, 0x2b, 0x2e, 0x6f, 0x1b, 0x9c, 0x6d, 0x31, 0xe0, 0x34, 0x07, ++ 0xcf, 0xed, 0xf6, 0xb6, 0x5a, 0x76, 0x4c, 0xbc, 0x62, 0x85, 0x01, 0x90 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_nonce[] = { ++ 0x38, 0xbf, 0x5f, 0x20, 0xb3, 0x68, 0x2f, 0x43, 0x61, 0x05, 0x8f, 0x23 ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha224_pr_personalizationstring[] = { ++ 0xc0, 0xc9, 0x45, 0xac, 0x8d, 0x27, 0x77, 0x08, 0x0b, 0x17, 0x6d, 0xed, ++ 0xc1, 0x7d, 0xd5, 0x07, 0x9d, 0x6e, 0xf8, 0x23, 0x2a, 0x22, 0x13, 0xbd ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_additionalinput[] = { ++ 0xa4, 0x3c, 0xe7, 0x3b, 0xea, 0x19, 0x45, 0x32, 0xc2, 0x83, 0x6d, 0x21, ++ 0x8a, 0xc0, 0xee, 0x67, 0x45, 0xde, 0x13, 0x7d, 0x9d, 0x61, 0x00, 0x3b ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_entropyinputpr[] = { ++ 0x15, 0x05, 0x74, 0x4a, 0x7f, 0x8d, 0x5c, 0x60, 0x16, 0xe5, 0x7b, 0xad, ++ 0xf5, 0x41, 0x8f, 0x55, 0x60, 0xc4, 0x09, 0xee, 0x1e, 0x11, 0x81, 0xab ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_int_returnedbits[] = { ++ 0x6f, 0xf5, 0x9a, 0xe2, 0x54, 0x53, 0x30, 0x3d, 0x5a, 0x27, 0x29, 0x38, ++ 0x27, 0xf2, 0x0d, 0x05, 0xe9, 0x26, 0xcb, 0x16, 0xc3, 0x51, 0x5f, 0x13, ++ 0x41, 0xfe, 0x99, 0xf2 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_additionalinput2[] = { ++ 0x73, 0x81, 0x88, 0x84, 0x8f, 0xed, 0x6f, 0x10, 0x9f, 0x93, 0xbf, 0x17, ++ 0x35, 0x7c, 0xef, 0xd5, 0x8d, 0x26, 0xa6, 0x7a, 0xe8, 0x09, 0x36, 0x4f ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_entropyinputpr2[] = { ++ 0xe6, 0xcf, 0xcf, 0x7e, 0x12, 0xe5, 0x43, 0xd2, 0x38, 0xd8, 0x24, 0x6f, ++ 0x5a, 0x37, 0x68, 0xbf, 0x4f, 0xa0, 0xff, 0xd5, 0x61, 0x8a, 0x93, 0xe0 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_returnedbits[] = { ++ 0xaf, 0xf9, 0xd8, 0x19, 0x91, 0x30, 0x82, 0x6f, 0xa9, 0x1e, 0x9d, 0xd7, ++ 0xf3, 0x50, 0xe0, 0xc7, 0xd5, 0x64, 0x96, 0x7d, 0x4c, 0x4d, 0x78, 0x03, ++ 0x6d, 0xd8, 0x9e, 0x72 ++}; ++ ++/* HMAC SHA-224 No PR */ ++__fips_constseg static const unsigned char hmac_sha224_entropyinput[] = { ++ 0x11, 0x82, 0xfd, 0xd9, 0x42, 0xf4, 0xfa, 0xc8, 0xf2, 0x41, 0xe6, 0x54, ++ 0x01, 0xae, 0x22, 0x6e, 0xc6, 0xaf, 0xaf, 0xd0, 0xa6, 0xb2, 0xe2, 0x6d ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_nonce[] = { ++ 0xa9, 0x48, 0xd7, 0x92, 0x39, 0x7e, 0x2a, 0xdc, 0x30, 0x1f, 0x0e, 0x2b ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha224_personalizationstring[] = { ++ 0x11, 0xd5, 0xf4, 0xbd, 0x67, 0x8c, 0x31, 0xcf, 0xa3, 0x3f, 0x1e, 0x6b, ++ 0xa8, 0x07, 0x02, 0x0b, 0xc8, 0x2e, 0x6c, 0x64, 0x41, 0x5b, 0xc8, 0x37 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_additionalinput[] = { ++ 0x68, 0x18, 0xc2, 0x06, 0xeb, 0x3e, 0x04, 0x95, 0x44, 0x5e, 0xfb, 0xe6, ++ 0x41, 0xc1, 0x5c, 0xcc, 0x40, 0x2f, 0xb7, 0xd2, 0x0f, 0xf3, 0x6b, 0xe7 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_int_returnedbits[] = { ++ 0x7f, 0x45, 0xc7, 0x5d, 0x32, 0xe6, 0x17, 0x60, 0xba, 0xdc, 0xb8, 0x42, ++ 0x1b, 0x9c, 0xf1, 0xfa, 0x3b, 0x4d, 0x29, 0x54, 0xc6, 0x90, 0xff, 0x5c, ++ 0xcd, 0xd6, 0xa9, 0xcc ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_entropyinputreseed[] = { ++ 0xc4, 0x8e, 0x37, 0x95, 0x69, 0x53, 0x28, 0xd7, 0x37, 0xbb, 0x70, 0x95, ++ 0x1c, 0x07, 0x1d, 0xd9, 0xb7, 0xe6, 0x1b, 0xbb, 0xfe, 0x41, 0xeb, 0xc9 ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha224_additionalinputreseed[] = { ++ 0x53, 0x17, 0xa1, 0x6a, 0xfa, 0x77, 0x47, 0xb0, 0x95, 0x56, 0x9a, 0x20, ++ 0x57, 0xde, 0x5c, 0x89, 0x9f, 0x7f, 0xe2, 0xde, 0x17, 0x3a, 0x50, 0x23 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_additionalinput2[] = { ++ 0x3a, 0x32, 0xf9, 0x85, 0x0c, 0xc1, 0xed, 0x76, 0x2d, 0xdf, 0x40, 0xc3, ++ 0x06, 0x22, 0x66, 0xd4, 0x9a, 0x9a, 0xff, 0x5a, 0x7e, 0x7a, 0xf3, 0x96 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_returnedbits[] = { ++ 0x43, 0xb4, 0x57, 0x5c, 0x38, 0x25, 0x9d, 0xae, 0xec, 0x96, 0xd1, 0x85, ++ 0x3a, 0x84, 0x8d, 0xfe, 0x68, 0xd5, 0x0e, 0x5c, 0x8f, 0x65, 0xa5, 0x4e, ++ 0x45, 0x84, 0xa8, 0x94 ++}; ++ ++/* HMAC SHA-256 PR */ ++__fips_constseg static const unsigned char hmac_sha256_pr_entropyinput[] = { ++ 0x4d, 0xb0, 0x43, 0xd8, 0x34, 0x4b, 0x10, 0x70, 0xb1, 0x8b, 0xed, 0xea, ++ 0x07, 0x92, 0x9f, 0x6c, 0x79, 0x31, 0xaf, 0x81, 0x29, 0xeb, 0x6e, 0xca, ++ 0x32, 0x48, 0x28, 0xe7, 0x02, 0x5d, 0xa6, 0xa6 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_nonce[] = { ++ 0x3a, 0xae, 0x15, 0xa9, 0x99, 0xdc, 0xe4, 0x67, 0x34, 0x3b, 0x70, 0x15, ++ 0xaa, 0xd3, 0x30, 0x9a ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha256_pr_personalizationstring[] = { ++ 0x13, 0x1d, 0x24, 0x04, 0xb0, 0x18, 0x81, 0x15, 0x21, 0x51, 0x2a, 0x24, ++ 0x52, 0x61, 0xbe, 0x64, 0x82, 0x6b, 0x55, 0x2f, 0xe2, 0xf1, 0x40, 0x7d, ++ 0x71, 0xd8, 0x01, 0x86, 0x15, 0xb7, 0x8b, 0xb5 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_additionalinput[] = { ++ 0x8f, 0xa6, 0x54, 0x5f, 0xb1, 0xd0, 0xd8, 0xc3, 0xe7, 0x0c, 0x15, 0xa9, ++ 0x23, 0x6e, 0xfe, 0xfb, 0x93, 0xf7, 0x3a, 0xbd, 0x59, 0x01, 0xfa, 0x18, ++ 0x8e, 0xe9, 0x1a, 0xa9, 0x78, 0xfc, 0x79, 0x0b ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_entropyinputpr[] = { ++ 0xcf, 0x24, 0xb9, 0xeb, 0xb3, 0xd4, 0xcd, 0x17, 0x37, 0x38, 0x75, 0x79, ++ 0x15, 0xcb, 0x2d, 0x75, 0x51, 0xf1, 0xcc, 0xaa, 0x32, 0xa4, 0xa7, 0x36, ++ 0x7c, 0x5c, 0xe4, 0x47, 0xf1, 0x3e, 0x1d, 0xe5 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_int_returnedbits[] = { ++ 0x52, 0x42, 0xfa, 0xeb, 0x85, 0xe0, 0x30, 0x22, 0x79, 0x00, 0x16, 0xb2, ++ 0x88, 0x2f, 0x14, 0x6a, 0xb7, 0xfc, 0xb7, 0x53, 0xdc, 0x4a, 0x12, 0xef, ++ 0x54, 0xd6, 0x33, 0xe9, 0x20, 0xd6, 0xfd, 0x56 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_additionalinput2[] = { ++ 0xf4, 0xf6, 0x49, 0xa1, 0x2d, 0x64, 0x2b, 0x30, 0x58, 0xf8, 0xbd, 0xb8, ++ 0x75, 0xeb, 0xbb, 0x5e, 0x1c, 0x9b, 0x81, 0x6a, 0xda, 0x14, 0x86, 0x6e, ++ 0xd0, 0xda, 0x18, 0xb7, 0x88, 0xfb, 0x59, 0xf3 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_entropyinputpr2[] = { ++ 0x21, 0xcd, 0x6e, 0x46, 0xad, 0x99, 0x07, 0x17, 0xb4, 0x3d, 0x76, 0x0a, ++ 0xff, 0x5b, 0x52, 0x50, 0x78, 0xdf, 0x1f, 0x24, 0x06, 0x0d, 0x3f, 0x74, ++ 0xa9, 0xc9, 0x37, 0xcf, 0xd8, 0x26, 0x25, 0x91 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_returnedbits[] = { ++ 0xa7, 0xaf, 0x2f, 0x29, 0xe0, 0x3a, 0x72, 0x95, 0x96, 0x1c, 0xa9, 0xf0, ++ 0x4a, 0x17, 0x4d, 0x66, 0x06, 0x10, 0xbf, 0x39, 0x89, 0x88, 0xb8, 0x91, ++ 0x37, 0x18, 0x99, 0xcf, 0x8c, 0x53, 0x3b, 0x7e ++}; ++ ++/* HMAC SHA-256 No PR */ ++__fips_constseg static const unsigned char hmac_sha256_entropyinput[] = { ++ 0x96, 0xb7, 0x53, 0x22, 0x1e, 0x52, 0x2a, 0x96, 0xb1, 0x15, 0x3c, 0x35, ++ 0x5a, 0x8b, 0xd3, 0x4a, 0xa6, 0x6c, 0x83, 0x0a, 0x7d, 0xa3, 0x23, 0x3d, ++ 0x43, 0xa1, 0x07, 0x2c, 0x2d, 0xe3, 0x81, 0xcc ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_nonce[] = { ++ 0xf1, 0xac, 0x97, 0xcb, 0x5e, 0x06, 0x48, 0xd2, 0x94, 0xbe, 0x15, 0x2e, ++ 0xc7, 0xfc, 0xc2, 0x01 ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha256_personalizationstring[] = { ++ 0x98, 0xc5, 0x1e, 0x35, 0x5e, 0x89, 0x0d, 0xce, 0x64, 0x6d, 0x18, 0xa7, ++ 0x5a, 0xc6, 0xf3, 0xe7, 0xd6, 0x9e, 0xc0, 0xea, 0xb7, 0x3a, 0x8d, 0x65, ++ 0xb8, 0xeb, 0x10, 0xd7, 0x57, 0x18, 0xa0, 0x32 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_additionalinput[] = { ++ 0x1b, 0x10, 0xaf, 0xac, 0xd0, 0x65, 0x95, 0xad, 0x04, 0xad, 0x03, 0x1c, ++ 0xe0, 0x40, 0xd6, 0x3e, 0x1c, 0x46, 0x53, 0x39, 0x7c, 0xe2, 0xbc, 0xda, ++ 0x8c, 0xa2, 0x33, 0xa7, 0x9a, 0x26, 0xd3, 0x27 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_int_returnedbits[] = { ++ 0xba, 0x61, 0x0e, 0x55, 0xfe, 0x11, 0x8a, 0x9e, 0x0f, 0x80, 0xdf, 0x1d, ++ 0x03, 0x0a, 0xfe, 0x15, 0x94, 0x28, 0x4b, 0xba, 0xf4, 0x9f, 0x51, 0x25, ++ 0x88, 0xe5, 0x4e, 0xfb, 0xaf, 0xce, 0x69, 0x90 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_entropyinputreseed[] = { ++ 0x62, 0x7f, 0x1e, 0x6b, 0xe8, 0x8e, 0xe1, 0x35, 0x7d, 0x9b, 0x4f, 0xc7, ++ 0xec, 0xc8, 0xac, 0xef, 0x6b, 0x13, 0x9e, 0x05, 0x56, 0xc1, 0x08, 0xf9, ++ 0x2f, 0x0f, 0x27, 0x9c, 0xd4, 0x15, 0xed, 0x2d ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha256_additionalinputreseed[] = { ++ 0xc7, 0x76, 0x6e, 0xa9, 0xd2, 0xb2, 0x76, 0x40, 0x82, 0x25, 0x2c, 0xb3, ++ 0x6f, 0xac, 0xe9, 0x74, 0xef, 0x8f, 0x3c, 0x8e, 0xcd, 0xf1, 0xbf, 0xb3, ++ 0x49, 0x77, 0x34, 0x88, 0x52, 0x36, 0xe6, 0x2e ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_additionalinput2[] = { ++ 0x8d, 0xb8, 0x0c, 0xd1, 0xbf, 0x70, 0xf6, 0x19, 0xc3, 0x41, 0x80, 0x9f, ++ 0xe1, 0xa5, 0xa4, 0x1f, 0x2c, 0x26, 0xb1, 0xe5, 0xd8, 0xeb, 0xbe, 0xf8, ++ 0xdf, 0x88, 0x6a, 0x89, 0xd6, 0x05, 0xd8, 0x9d ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_returnedbits[] = { ++ 0x43, 0x12, 0x2a, 0x2c, 0x40, 0x53, 0x2e, 0x7c, 0x66, 0x34, 0xac, 0xc3, ++ 0x43, 0xe3, 0xe0, 0x6a, 0xfc, 0xfa, 0xea, 0x87, 0x21, 0x1f, 0xe2, 0x26, ++ 0xc4, 0xf9, 0x09, 0x9a, 0x0d, 0x6e, 0x7f, 0xe0 ++}; ++ ++/* HMAC SHA-384 PR */ ++__fips_constseg static const unsigned char hmac_sha384_pr_entropyinput[] = { ++ 0x69, 0x81, 0x98, 0x88, 0x44, 0xf5, 0xd6, 0x2e, 0x00, 0x08, 0x3b, 0xc5, ++ 0xfb, 0xd7, 0x8e, 0x6f, 0x23, 0xf8, 0x6d, 0x09, 0xd6, 0x85, 0x49, 0xd1, ++ 0xf8, 0x6d, 0xa4, 0x58, 0x54, 0xfd, 0x88, 0xa9 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_nonce[] = { ++ 0x6e, 0x38, 0x81, 0xca, 0xb7, 0xe8, 0x6e, 0x66, 0x49, 0x8a, 0xb2, 0x59, ++ 0xee, 0x16, 0xc9, 0xde ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha384_pr_personalizationstring[] = { ++ 0xfe, 0x4c, 0xd9, 0xf4, 0x78, 0x3b, 0x08, 0x41, 0x8d, 0x8f, 0x55, 0xc4, ++ 0x43, 0x56, 0xb6, 0x12, 0x36, 0x6b, 0x30, 0xb7, 0x5e, 0xe1, 0xb9, 0x47, ++ 0x04, 0xb1, 0x4e, 0xa9, 0x00, 0xa1, 0x52, 0xa1 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_additionalinput[] = { ++ 0x89, 0xe9, 0xcc, 0x8f, 0x27, 0x3c, 0x26, 0xd1, 0x95, 0xc8, 0x7d, 0x0f, ++ 0x5b, 0x1a, 0xf0, 0x78, 0x39, 0x56, 0x6f, 0xa4, 0x23, 0xe7, 0xd1, 0xda, ++ 0x7c, 0x66, 0x33, 0xa0, 0x90, 0xc9, 0x92, 0x88 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_entropyinputpr[] = { ++ 0xbe, 0x3d, 0x7c, 0x0d, 0xca, 0xda, 0x7c, 0x49, 0xb8, 0x12, 0x36, 0xc0, ++ 0xdb, 0xad, 0x35, 0xa8, 0xc7, 0x0b, 0x2a, 0x2c, 0x69, 0x6d, 0x25, 0x56, ++ 0x63, 0x82, 0x11, 0x3e, 0xa7, 0x33, 0x70, 0x72 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_int_returnedbits[] = { ++ 0x82, 0x3d, 0xe6, 0x54, 0x80, 0x42, 0xf8, 0xba, 0x90, 0x4f, 0x06, 0xa6, ++ 0xd2, 0x7f, 0xbf, 0x79, 0x7c, 0x12, 0x7d, 0xa6, 0xa2, 0x66, 0xe8, 0xa6, ++ 0xc0, 0xd6, 0x4a, 0x55, 0xbf, 0xd8, 0x0a, 0xc5, 0xf8, 0x03, 0x88, 0xdd, ++ 0x8e, 0x87, 0xd1, 0x5a, 0x48, 0x26, 0x72, 0x2a, 0x8e, 0xcf, 0xee, 0xba ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_additionalinput2[] = { ++ 0x8f, 0xff, 0xd9, 0x84, 0xbb, 0x85, 0x3a, 0x66, 0xa1, 0x21, 0xce, 0xb2, ++ 0x3a, 0x3a, 0x17, 0x22, 0x19, 0xae, 0xc7, 0xb6, 0x63, 0x81, 0xd5, 0xff, ++ 0x0d, 0xc8, 0xe1, 0xaf, 0x57, 0xd2, 0xcb, 0x60 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_entropyinputpr2[] = { ++ 0xd7, 0xfb, 0xc9, 0xe8, 0xe2, 0xf2, 0xaa, 0x4c, 0xb8, 0x51, 0x2f, 0xe1, ++ 0x22, 0xba, 0xf3, 0xda, 0x0a, 0x19, 0x76, 0x71, 0x57, 0xb2, 0x1d, 0x94, ++ 0x09, 0x69, 0x6c, 0xd3, 0x97, 0x51, 0x81, 0x87 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_returnedbits[] = { ++ 0xe6, 0x19, 0x28, 0xa8, 0x21, 0xce, 0x5e, 0xdb, 0x24, 0x79, 0x8c, 0x76, ++ 0x5d, 0x73, 0xb2, 0xdf, 0xac, 0xef, 0x85, 0xa7, 0x3b, 0x19, 0x09, 0x8b, ++ 0x7f, 0x98, 0x28, 0xa9, 0x93, 0xd8, 0x7a, 0xad, 0x55, 0x8b, 0x24, 0x9d, ++ 0xe6, 0x98, 0xfe, 0x47, 0xd5, 0x48, 0xc1, 0x23, 0xd8, 0x1d, 0x62, 0x75 ++}; ++ ++/* HMAC SHA-384 No PR */ ++__fips_constseg static const unsigned char hmac_sha384_entropyinput[] = { ++ 0xc3, 0x56, 0x2b, 0x1d, 0xc2, 0xbb, 0xa8, 0xf0, 0xae, 0x1b, 0x0d, 0xd3, ++ 0x5a, 0x6c, 0xda, 0x57, 0x8e, 0xa5, 0x8a, 0x0d, 0x6c, 0x4b, 0x18, 0xb1, ++ 0x04, 0x3e, 0xb4, 0x99, 0x35, 0xc4, 0xc0, 0x5f ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_nonce[] = { ++ 0xc5, 0x49, 0x1e, 0x66, 0x27, 0x92, 0xbe, 0xec, 0xb5, 0x1e, 0x4b, 0xb1, ++ 0x38, 0xe3, 0xeb, 0x62 ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha384_personalizationstring[] = { ++ 0xbe, 0xe7, 0x6b, 0x57, 0xde, 0x88, 0x11, 0x96, 0x9b, 0x6e, 0xea, 0xe5, ++ 0x63, 0x83, 0x4c, 0xb6, 0x8d, 0x66, 0xaa, 0x1f, 0x8b, 0x54, 0xe7, 0x62, ++ 0x6d, 0x5a, 0xfc, 0xbf, 0x97, 0xba, 0xcd, 0x77 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_additionalinput[] = { ++ 0xe5, 0x28, 0x5f, 0x43, 0xf5, 0x83, 0x6e, 0x0a, 0x83, 0x5c, 0xe3, 0x81, ++ 0x03, 0xf2, 0xf8, 0x78, 0x00, 0x7c, 0x95, 0x87, 0x16, 0xd6, 0x6c, 0x58, ++ 0x33, 0x6c, 0x53, 0x35, 0x0d, 0x66, 0xe3, 0xce ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_int_returnedbits[] = { ++ 0xe2, 0x1f, 0xf3, 0xda, 0x0d, 0x19, 0x99, 0x87, 0xc4, 0x90, 0xa2, 0x31, ++ 0xca, 0x2a, 0x89, 0x58, 0x43, 0x44, 0xb8, 0xde, 0xcf, 0xa4, 0xbe, 0x3b, ++ 0x53, 0x26, 0x22, 0x31, 0x76, 0x41, 0x22, 0xb5, 0xa8, 0x70, 0x2f, 0x4b, ++ 0x64, 0x95, 0x4d, 0x48, 0x96, 0x35, 0xe6, 0xbd, 0x3c, 0x34, 0xdb, 0x1b ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_entropyinputreseed[] = { ++ 0x77, 0x61, 0xba, 0xbc, 0xf2, 0xc1, 0xf3, 0x4b, 0x86, 0x65, 0xfd, 0x48, ++ 0x0e, 0x3c, 0x02, 0x5e, 0xa2, 0x7a, 0x6b, 0x7c, 0xed, 0x21, 0x5e, 0xf9, ++ 0xcd, 0xcd, 0x77, 0x07, 0x2b, 0xbe, 0xc5, 0x5c ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha384_additionalinputreseed[] = { ++ 0x18, 0x24, 0x5f, 0xc6, 0x84, 0xd1, 0x67, 0xc3, 0x9a, 0x11, 0xa5, 0x8c, ++ 0x07, 0x39, 0x21, 0x83, 0x4d, 0x04, 0xc4, 0x6a, 0x28, 0x19, 0xcf, 0x92, ++ 0x21, 0xd9, 0x9e, 0x41, 0x72, 0x6c, 0x9e, 0x63 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_additionalinput2[] = { ++ 0x96, 0x67, 0x41, 0x28, 0x9b, 0xb7, 0x92, 0x8d, 0x64, 0x3b, 0xe4, 0xcf, ++ 0x7e, 0xaa, 0x1e, 0xb1, 0x4b, 0x1d, 0x09, 0x56, 0x67, 0x9c, 0xc6, 0x6d, ++ 0x3b, 0xe8, 0x91, 0x9d, 0xe1, 0x8a, 0xb7, 0x32 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_returnedbits[] = { ++ 0xe3, 0x59, 0x61, 0x38, 0x92, 0xec, 0xe2, 0x3c, 0xff, 0xb7, 0xdb, 0x19, ++ 0x0f, 0x5b, 0x93, 0x68, 0x0d, 0xa4, 0x94, 0x40, 0x72, 0x0b, 0xe0, 0xed, ++ 0x4d, 0xcd, 0x68, 0xa0, 0x1e, 0xfe, 0x67, 0xb2, 0xfa, 0x21, 0x56, 0x74, ++ 0xa4, 0xad, 0xcf, 0xb7, 0x60, 0x66, 0x2e, 0x40, 0xde, 0x82, 0xca, 0xfb ++}; ++ ++/* HMAC SHA-512 PR */ ++__fips_constseg static const unsigned char hmac_sha512_pr_entropyinput[] = { ++ 0xaa, 0x9e, 0x45, 0x67, 0x0e, 0x00, 0x2a, 0x67, 0x98, 0xd6, 0xda, 0x0b, ++ 0x0f, 0x17, 0x7e, 0xac, 0xfd, 0x27, 0xc4, 0xca, 0x84, 0xdf, 0xde, 0xba, ++ 0x85, 0xd9, 0xbe, 0x8f, 0xf3, 0xff, 0x91, 0x4d ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_nonce[] = { ++ 0x8c, 0x49, 0x2f, 0x58, 0x1e, 0x7a, 0xda, 0x4b, 0x7e, 0x8a, 0x30, 0x7b, ++ 0x86, 0xea, 0xaf, 0xa2 ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha512_pr_personalizationstring[] = { ++ 0x71, 0xe1, 0xbb, 0xad, 0xa7, 0x4b, 0x2e, 0x31, 0x3b, 0x0b, 0xec, 0x24, ++ 0x99, 0x38, 0xbc, 0xaa, 0x05, 0x4c, 0x46, 0x44, 0xfa, 0xad, 0x8e, 0x02, ++ 0xc1, 0x7e, 0xad, 0xec, 0x54, 0xa6, 0xd0, 0xad ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_additionalinput[] = { ++ 0x3d, 0x6e, 0xa6, 0xa8, 0x29, 0x2a, 0xb2, 0xf5, 0x98, 0x42, 0xe4, 0x92, ++ 0x78, 0x22, 0x67, 0xfd, 0x1b, 0x15, 0x1e, 0x29, 0xaa, 0x71, 0x3c, 0x3c, ++ 0xe7, 0x05, 0x20, 0xa9, 0x29, 0xc6, 0x75, 0x71 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_entropyinputpr[] = { ++ 0xab, 0xb9, 0x16, 0xd8, 0x55, 0x35, 0x54, 0xb7, 0x97, 0x3f, 0x94, 0xbc, ++ 0x2f, 0x7c, 0x70, 0xc7, 0xd0, 0xed, 0xb7, 0x4b, 0xf7, 0xf6, 0x6c, 0x03, ++ 0x0c, 0xb0, 0x03, 0xd8, 0xbb, 0x71, 0xd9, 0x10 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_int_returnedbits[] = { ++ 0x8e, 0xd3, 0xfd, 0x52, 0x9e, 0x83, 0x08, 0x49, 0x18, 0x6e, 0x23, 0x56, ++ 0x5c, 0x45, 0x93, 0x34, 0x05, 0xe2, 0x98, 0x8f, 0x0c, 0xd4, 0x32, 0x0c, ++ 0xfd, 0xda, 0x5f, 0x92, 0x3a, 0x8c, 0x81, 0xbd, 0xf6, 0x6c, 0x55, 0xfd, ++ 0xb8, 0x20, 0xce, 0x8d, 0x97, 0x27, 0xe8, 0xe8, 0xe0, 0xb3, 0x85, 0x50, ++ 0xa2, 0xc2, 0xb2, 0x95, 0x1d, 0x48, 0xd3, 0x7b, 0x4b, 0x78, 0x13, 0x35, ++ 0x05, 0x17, 0xbe, 0x0d ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_additionalinput2[] = { ++ 0xc3, 0xfc, 0x95, 0xaa, 0x69, 0x06, 0xae, 0x59, 0x41, 0xce, 0x26, 0x08, ++ 0x29, 0x6d, 0x45, 0xda, 0xe8, 0xb3, 0x6c, 0x95, 0x60, 0x0f, 0x70, 0x2c, ++ 0x10, 0xba, 0x38, 0x8c, 0xcf, 0x29, 0x99, 0xaa ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_entropyinputpr2[] = { ++ 0x3b, 0x9a, 0x25, 0xce, 0xd7, 0xf9, 0x5c, 0xd1, 0x3a, 0x3e, 0xaa, 0x71, ++ 0x14, 0x3e, 0x19, 0xe8, 0xce, 0xe6, 0xfe, 0x51, 0x84, 0xe9, 0x1b, 0xfe, ++ 0x3f, 0xa7, 0xf2, 0xfd, 0x76, 0x5f, 0x6a, 0xe7 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_returnedbits[] = { ++ 0xb7, 0x82, 0xa9, 0x57, 0x81, 0x67, 0x53, 0xb5, 0xa1, 0xe9, 0x3d, 0x35, ++ 0xf9, 0xe4, 0x97, 0xbe, 0xa6, 0xca, 0xf1, 0x01, 0x13, 0x09, 0xe7, 0x21, ++ 0xc0, 0xed, 0x93, 0x5d, 0x4b, 0xf4, 0xeb, 0x8d, 0x53, 0x25, 0x8a, 0xc4, ++ 0xb1, 0x6f, 0x6e, 0x37, 0xcd, 0x2e, 0xac, 0x39, 0xb2, 0xb6, 0x99, 0xa3, ++ 0x82, 0x00, 0xb0, 0x21, 0xf0, 0xc7, 0x2f, 0x4c, 0x73, 0x92, 0xfd, 0x00, ++ 0xb6, 0xaf, 0xbc, 0xd3 ++}; ++ ++/* HMAC SHA-512 No PR */ ++__fips_constseg static const unsigned char hmac_sha512_entropyinput[] = { ++ 0x6e, 0x85, 0xe6, 0x25, 0x96, 0x29, 0xa7, 0x52, 0x5b, 0x60, 0xba, 0xaa, ++ 0xde, 0xdb, 0x36, 0x0a, 0x51, 0x9a, 0x15, 0xae, 0x6e, 0x18, 0xd3, 0xfe, ++ 0x39, 0xb9, 0x4a, 0x96, 0xf8, 0x77, 0xcb, 0x95 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_nonce[] = { ++ 0xe0, 0xa6, 0x5d, 0x08, 0xc3, 0x7c, 0xae, 0x25, 0x2e, 0x80, 0xd1, 0x3e, ++ 0xd9, 0xaf, 0x43, 0x3c ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha512_personalizationstring[] = { ++ 0x53, 0x99, 0x52, 0x5f, 0x11, 0xa9, 0x64, 0x66, 0x20, 0x5e, 0x1b, 0x5f, ++ 0x42, 0xb3, 0xf4, 0xda, 0xed, 0xbb, 0x63, 0xc1, 0x23, 0xaf, 0xd0, 0x01, ++ 0x90, 0x3b, 0xd0, 0x78, 0xe4, 0x0b, 0xa7, 0x20 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_additionalinput[] = { ++ 0x85, 0x90, 0x80, 0xd3, 0x98, 0xf1, 0x53, 0x6d, 0x68, 0x15, 0x8f, 0xe5, ++ 0x60, 0x3f, 0x17, 0x29, 0x55, 0x8d, 0x33, 0xb1, 0x45, 0x64, 0x64, 0x8d, ++ 0x50, 0x21, 0x89, 0xae, 0xf6, 0xfd, 0x32, 0x73 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_int_returnedbits[] = { ++ 0x28, 0x56, 0x30, 0x6f, 0xf4, 0xa1, 0x48, 0xe0, 0xc9, 0xf5, 0x75, 0x90, ++ 0xcc, 0xfb, 0xdf, 0xdf, 0x71, 0x3d, 0x0a, 0x9a, 0x03, 0x65, 0x3b, 0x18, ++ 0x61, 0xe3, 0xd1, 0xda, 0xcc, 0x4a, 0xfe, 0x55, 0x38, 0xf8, 0x21, 0x6b, ++ 0xfa, 0x18, 0x01, 0x42, 0x39, 0x2f, 0x99, 0x53, 0x38, 0x15, 0x82, 0x34, ++ 0xc5, 0x93, 0x92, 0xbc, 0x4d, 0x75, 0x1a, 0x5f, 0x21, 0x27, 0xcc, 0xa1, ++ 0xb1, 0x57, 0x69, 0xe8 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_entropyinputreseed[] = { ++ 0x8c, 0x52, 0x7e, 0x77, 0x72, 0x3f, 0xa3, 0x04, 0x97, 0x10, 0x9b, 0x41, ++ 0xbd, 0xe8, 0xff, 0x89, 0xed, 0x80, 0xe3, 0xbd, 0xaa, 0x12, 0x2d, 0xca, ++ 0x75, 0x82, 0x36, 0x77, 0x88, 0xcd, 0xa6, 0x73 ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha512_additionalinputreseed[] = { ++ 0x7e, 0x32, 0xe3, 0x69, 0x69, 0x07, 0x34, 0xa2, 0x16, 0xa2, 0x5d, 0x1a, ++ 0x10, 0x91, 0xd3, 0xe2, 0x21, 0xa2, 0xa3, 0xdd, 0xcd, 0x0c, 0x09, 0x86, ++ 0x11, 0xe1, 0x50, 0xff, 0x5c, 0xb7, 0xeb, 0x5c ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_additionalinput2[] = { ++ 0x7f, 0x78, 0x66, 0xd8, 0xfb, 0x67, 0xcf, 0x8d, 0x8c, 0x08, 0x30, 0xa5, ++ 0xf8, 0x7d, 0xcf, 0x44, 0x59, 0xce, 0xf8, 0xdf, 0x58, 0xd3, 0x60, 0xcb, ++ 0xa8, 0x60, 0xb9, 0x07, 0xc4, 0xb1, 0x95, 0x48 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_returnedbits[] = { ++ 0xdf, 0xa7, 0x36, 0xd4, 0xdc, 0x5d, 0x4d, 0x31, 0xad, 0x69, 0x46, 0x9f, ++ 0xf1, 0x7c, 0xd7, 0x3b, 0x4f, 0x55, 0xf2, 0xd7, 0xb9, 0x9d, 0xad, 0x7a, ++ 0x79, 0x08, 0x59, 0xa5, 0xdc, 0x74, 0xf5, 0x9b, 0x73, 0xd2, 0x13, 0x25, ++ 0x0b, 0x81, 0x08, 0x08, 0x25, 0xfb, 0x39, 0xf2, 0xf0, 0xa3, 0xa4, 0x8d, ++ 0xef, 0x05, 0x9e, 0xb8, 0xc7, 0x52, 0xe4, 0x0e, 0x42, 0xaa, 0x7c, 0x79, ++ 0xc2, 0xd6, 0xfd, 0xa5 ++}; +diff -up openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c 2020-03-17 17:30:52.046567043 +0100 +@@ -0,0 +1,195 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#include ++#include ++#include "crypto/fips.h" ++#include ++#include ++#include ++#include "fips_locl.h" ++ ++#ifdef OPENSSL_FIPS ++ ++static const unsigned char dsa_test_2048_p[] = { ++ 0xa8, 0x53, 0x78, 0xd8, 0xfd, 0x3f, 0x8d, 0x72, 0xec, 0x74, 0x18, 0x08, ++ 0x0d, 0xa2, 0x13, 0x17, 0xe4, 0x3e, 0xc4, 0xb6, 0x2b, 0xa8, 0xc8, 0x62, ++ 0x3b, 0x7e, 0x4d, 0x04, 0x44, 0x1d, 0xd1, 0xa0, 0x65, 0x86, 0x62, 0x59, ++ 0x64, 0x93, 0xca, 0x8e, 0x9e, 0x8f, 0xbb, 0x7e, 0x34, 0xaa, 0xdd, 0xb6, ++ 0x2e, 0x5d, 0x67, 0xb6, 0xd0, 0x9a, 0x6e, 0x61, 0xb7, 0x69, 0xe7, 0xc3, ++ 0x52, 0xaa, 0x2b, 0x10, 0xe2, 0x0c, 0xa0, 0x63, 0x69, 0x63, 0xb5, 0x52, ++ 0x3e, 0x86, 0x47, 0x0d, 0xec, 0xbb, 0xed, 0xa0, 0x27, 0xe7, 0x97, 0xe7, ++ 0xb6, 0x76, 0x35, 0xd4, 0xd4, 0x9c, 0x30, 0x70, 0x0e, 0x74, 0xaf, 0x8a, ++ 0x0f, 0xf1, 0x56, 0xa8, 0x01, 0xaf, 0x57, 0xa2, 0x6e, 0x70, 0x78, 0xf1, ++ 0xd8, 0x2f, 0x74, 0x90, 0x8e, 0xcb, 0x6d, 0x07, 0xe7, 0x0b, 0x35, 0x03, ++ 0xee, 0xd9, 0x4f, 0xa3, 0x2c, 0xf1, 0x7a, 0x7f, 0xc3, 0xd6, 0xcf, 0x40, ++ 0xdc, 0x7b, 0x00, 0x83, 0x0e, 0x6a, 0x25, 0x66, 0xdc, 0x07, 0x3e, 0x34, ++ 0x33, 0x12, 0x51, 0x7c, 0x6a, 0xa5, 0x15, 0x2b, 0x4b, 0xfe, 0xcd, 0x2e, ++ 0x55, 0x1f, 0xee, 0x34, 0x63, 0x18, 0xa1, 0x53, 0x42, 0x3c, 0x99, 0x6b, ++ 0x0d, 0x5d, 0xcb, 0x91, 0x02, 0xae, 0xdd, 0x38, 0x79, 0x86, 0x16, 0xf1, ++ 0xf1, 0xe0, 0xd6, 0xc4, 0x03, 0x52, 0x5b, 0x1f, 0x9b, 0x3d, 0x4d, 0xc7, ++ 0x66, 0xde, 0x2d, 0xfc, 0x4a, 0x56, 0xd7, 0xb8, 0xba, 0x59, 0x63, 0xd6, ++ 0x0f, 0x3e, 0x16, 0x31, 0x88, 0x70, 0xad, 0x43, 0x69, 0x52, 0xe5, 0x57, ++ 0x65, 0x37, 0x4e, 0xab, 0x85, 0xe8, 0xec, 0x17, 0xd6, 0xb9, 0xa4, 0x54, ++ 0x7b, 0x9b, 0x5f, 0x27, 0x52, 0xf3, 0x10, 0x5b, 0xe8, 0x09, 0xb2, 0x3a, ++ 0x2c, 0x8d, 0x74, 0x69, 0xdb, 0x02, 0xe2, 0x4d, 0x59, 0x23, 0x94, 0xa7, ++ 0xdb, 0xa0, 0x69, 0xe9 ++}; ++ ++static const unsigned char dsa_test_2048_q[] = { ++ 0xd2, 0x77, 0x04, 0x4e, 0x50, 0xf5, 0xa4, 0xe3, 0xf5, 0x10, 0xa5, 0x0a, ++ 0x0b, 0x84, 0xfd, 0xff, 0xbc, 0xa0, 0x47, 0xed, 0x27, 0x60, 0x20, 0x56, ++ 0x74, 0x41, 0xa0, 0xa5 ++}; ++ ++static const unsigned char dsa_test_2048_g[] = { ++ 0x13, 0xd7, 0x54, 0xe2, 0x1f, 0xd2, 0x41, 0x65, 0x5d, 0xa8, 0x91, 0xc5, ++ 0x22, 0xa6, 0x5a, 0x72, 0xa8, 0x9b, 0xdc, 0x64, 0xec, 0x9b, 0x54, 0xa8, ++ 0x21, 0xed, 0x4a, 0x89, 0x8b, 0x49, 0x0e, 0x0c, 0x4f, 0xcb, 0x72, 0x19, ++ 0x2a, 0x4a, 0x20, 0xf5, 0x41, 0xf3, 0xf2, 0x92, 0x53, 0x99, 0xf0, 0xba, ++ 0xec, 0xf9, 0x29, 0xaa, 0xfb, 0xf7, 0x9d, 0xfe, 0x43, 0x32, 0x39, 0x3b, ++ 0x32, 0xcd, 0x2e, 0x2f, 0xcf, 0x27, 0x2f, 0x32, 0xa6, 0x27, 0x43, 0x4a, ++ 0x0d, 0xf2, 0x42, 0xb7, 0x5b, 0x41, 0x4d, 0xf3, 0x72, 0x12, 0x1e, 0x53, ++ 0xa5, 0x53, 0xf2, 0x22, 0xf8, 0x36, 0xb0, 0x00, 0xf0, 0x16, 0x48, 0x5b, ++ 0x6b, 0xd0, 0x89, 0x84, 0x51, 0x80, 0x1d, 0xcd, 0x8d, 0xe6, 0x4c, 0xd5, ++ 0x36, 0x56, 0x96, 0xff, 0xc5, 0x32, 0xd5, 0x28, 0xc5, 0x06, 0x62, 0x0a, ++ 0x94, 0x2a, 0x03, 0x05, 0x04, 0x6d, 0x8f, 0x18, 0x76, 0x34, 0x1f, 0x1e, ++ 0x57, 0x0b, 0xc3, 0x97, 0x4b, 0xa6, 0xb9, 0xa4, 0x38, 0xe9, 0x70, 0x23, ++ 0x02, 0xa2, 0xe6, 0xe6, 0x7b, 0xfd, 0x06, 0xd3, 0x2b, 0xc6, 0x79, 0x96, ++ 0x22, 0x71, 0xd7, 0xb4, 0x0c, 0xd7, 0x2f, 0x38, 0x6e, 0x64, 0xe0, 0xd7, ++ 0xef, 0x86, 0xca, 0x8c, 0xa5, 0xd1, 0x42, 0x28, 0xdc, 0x2a, 0x4f, 0x16, ++ 0xe3, 0x18, 0x98, 0x86, 0xb5, 0x99, 0x06, 0x74, 0xf4, 0x20, 0x0f, 0x3a, ++ 0x4c, 0xf6, 0x5a, 0x3f, 0x0d, 0xdb, 0xa1, 0xfa, 0x67, 0x2d, 0xff, 0x2f, ++ 0x5e, 0x14, 0x3d, 0x10, 0xe4, 0xe9, 0x7a, 0xe8, 0x4f, 0x6d, 0xa0, 0x95, ++ 0x35, 0xd5, 0xb9, 0xdf, 0x25, 0x91, 0x81, 0xa7, 0x9b, 0x63, 0xb0, 0x69, ++ 0xe9, 0x49, 0x97, 0x2b, 0x02, 0xba, 0x36, 0xb3, 0x58, 0x6a, 0xab, 0x7e, ++ 0x45, 0xf3, 0x22, 0xf8, 0x2e, 0x4e, 0x85, 0xca, 0x3a, 0xb8, 0x55, 0x91, ++ 0xb3, 0xc2, 0xa9, 0x66 ++}; ++ ++static const unsigned char dsa_test_2048_pub_key[] = { ++ 0x24, 0x52, 0xf3, 0xcc, 0xbe, 0x9e, 0xd5, 0xca, 0x7d, 0xc7, 0x4c, 0x60, ++ 0x2b, 0x99, 0x22, 0x6e, 0x8f, 0x2f, 0xab, 0x38, 0xe7, 0xd7, 0xdd, 0xfb, ++ 0x75, 0x53, 0x9b, 0x17, 0x15, 0x5e, 0x9f, 0xcf, 0xd1, 0xab, 0xa5, 0x64, ++ 0xeb, 0x85, 0x35, 0xd8, 0x12, 0xc9, 0xc2, 0xdc, 0xf9, 0x72, 0x84, 0x44, ++ 0x1b, 0xc4, 0x82, 0x24, 0x36, 0x24, 0xc7, 0xf4, 0x57, 0x58, 0x0c, 0x1c, ++ 0x38, 0xa5, 0x7c, 0x46, 0xc4, 0x57, 0x39, 0x24, 0x70, 0xed, 0xb5, 0x2c, ++ 0xb5, 0xa6, 0xe0, 0x3f, 0xe6, 0x28, 0x7b, 0xb6, 0xf4, 0x9a, 0x42, 0xa2, ++ 0x06, 0x5a, 0x05, 0x4f, 0x03, 0x08, 0x39, 0xdf, 0x1f, 0xd3, 0x14, 0x9c, ++ 0x4c, 0xa0, 0x53, 0x1d, 0xd8, 0xca, 0x8a, 0xaa, 0x9c, 0xc7, 0x33, 0x71, ++ 0x93, 0x38, 0x73, 0x48, 0x33, 0x61, 0x18, 0x22, 0x45, 0x45, 0xe8, 0x8c, ++ 0x80, 0xff, 0xd8, 0x76, 0x5d, 0x74, 0x36, 0x03, 0x33, 0xcc, 0xab, 0x99, ++ 0x72, 0x77, 0x9b, 0x65, 0x25, 0xa6, 0x5b, 0xdd, 0x0d, 0x10, 0xc6, 0x75, ++ 0xc1, 0x09, 0xbb, 0xd3, 0xe5, 0xbe, 0x4d, 0x72, 0xef, 0x6e, 0xba, 0x6e, ++ 0x43, 0x8d, 0x52, 0x26, 0x23, 0x7d, 0xb8, 0x88, 0x37, 0x9c, 0x5f, 0xcc, ++ 0x47, 0xa3, 0x84, 0x7f, 0xf6, 0x37, 0x11, 0xba, 0xed, 0x6d, 0x03, 0xaf, ++ 0xe8, 0x1e, 0x69, 0x4a, 0x41, 0x3b, 0x68, 0x0b, 0xd3, 0x8a, 0xb4, 0x90, ++ 0x3f, 0x83, 0x70, 0xa7, 0x07, 0xef, 0x55, 0x1d, 0x49, 0x41, 0x02, 0x6d, ++ 0x95, 0x79, 0xd6, 0x91, 0xde, 0x8e, 0xda, 0xa1, 0x61, 0x05, 0xeb, 0x9d, ++ 0xba, 0x3c, 0x2f, 0x4c, 0x1b, 0xec, 0x50, 0x82, 0x75, 0xaa, 0x02, 0x07, ++ 0xe2, 0x51, 0xb5, 0xec, 0xcb, 0x28, 0x6a, 0x4b, 0x01, 0xd4, 0x49, 0xd3, ++ 0x0a, 0xcb, 0x67, 0x37, 0x17, 0xa0, 0xd2, 0xfb, 0x3b, 0x50, 0xc8, 0x93, ++ 0xf7, 0xda, 0xb1, 0x4f ++}; ++ ++static const unsigned char dsa_test_2048_priv_key[] = { ++ 0x0c, 0x4b, 0x30, 0x89, 0xd1, 0xb8, 0x62, 0xcb, 0x3c, 0x43, 0x64, 0x91, ++ 0xf0, 0x91, 0x54, 0x70, 0xc5, 0x27, 0x96, 0xe3, 0xac, 0xbe, 0xe8, 0x00, ++ 0xec, 0x55, 0xf6, 0xcc ++}; ++ ++int FIPS_selftest_dsa() ++{ ++ DSA *dsa = NULL; ++ EVP_PKEY *pk = NULL; ++ int ret = 0; ++ BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub_key = NULL, *priv_key = NULL; ++ ++ fips_load_key_component(p, dsa_test_2048); ++ fips_load_key_component(q, dsa_test_2048); ++ fips_load_key_component(g, dsa_test_2048); ++ fips_load_key_component(pub_key, dsa_test_2048); ++ fips_load_key_component(priv_key, dsa_test_2048); ++ ++ dsa = DSA_new(); ++ ++ if (dsa == NULL) ++ goto err; ++ ++ DSA_set0_pqg(dsa, p, q, g); ++ ++ DSA_set0_key(dsa, pub_key, priv_key); ++ ++ if ((pk = EVP_PKEY_new()) == NULL) ++ goto err; ++ ++ EVP_PKEY_assign_DSA(pk, dsa); ++ ++ if (!fips_pkey_signature_test(pk, NULL, 0, ++ NULL, 0, EVP_sha256(), 0, "DSA SHA256")) ++ goto err; ++ ret = 1; ++ ++ err: ++ if (pk) ++ EVP_PKEY_free(pk); ++ else if (dsa) ++ DSA_free(dsa); ++ else { ++ BN_free(p); ++ BN_free(q); ++ BN_free(g); ++ BN_free(pub_key); ++ BN_free(priv_key); ++ } ++ return ret; ++} ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c 2020-03-17 17:30:52.046567043 +0100 +@@ -0,0 +1,242 @@ ++/* fips/ecdh/fips_ecdh_selftest.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project 2011. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ * ++ */ ++ ++#define OPENSSL_FIPSAPI ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#ifdef OPENSSL_FIPS ++ ++# include "fips_locl.h" ++ ++static const unsigned char p256_qcavsx[] = { ++ 0x52, 0xc6, 0xa5, 0x75, 0xf3, 0x04, 0x98, 0xb3, 0x29, 0x66, 0x0c, 0x62, ++ 0x18, 0x60, 0x55, 0x41, 0x59, 0xd4, 0x60, 0x85, 0x99, 0xc1, 0x51, 0x13, ++ 0x6f, 0x97, 0x85, 0x93, 0x33, 0x34, 0x07, 0x50 ++}; ++ ++static const unsigned char p256_qcavsy[] = { ++ 0x6f, 0x69, 0x24, 0xeb, 0xe9, 0x3b, 0xa7, 0xcc, 0x47, 0x17, 0xaa, 0x3f, ++ 0x70, 0xfc, 0x10, 0x73, 0x0a, 0xcd, 0x21, 0xee, 0x29, 0x19, 0x1f, 0xaf, ++ 0xb4, 0x1c, 0x1e, 0xc2, 0x8e, 0x97, 0x81, 0x6e ++}; ++ ++static const unsigned char p256_qiutx[] = { ++ 0x71, 0x46, 0x88, 0x08, 0x92, 0x21, 0x1b, 0x10, 0x21, 0x74, 0xff, 0x0c, ++ 0x94, 0xde, 0x34, 0x7c, 0x86, 0x74, 0xbe, 0x67, 0x41, 0x68, 0xd4, 0xc1, ++ 0xe5, 0x75, 0x63, 0x9c, 0xa7, 0x46, 0x93, 0x6f ++}; ++ ++static const unsigned char p256_qiuty[] = { ++ 0x33, 0x40, 0xa9, 0x6a, 0xf5, 0x20, 0xb5, 0x9e, 0xfc, 0x60, 0x1a, 0xae, ++ 0x3d, 0xf8, 0x21, 0xd2, 0xa7, 0xca, 0x52, 0x34, 0xb9, 0x5f, 0x27, 0x75, ++ 0x6c, 0x81, 0xbe, 0x32, 0x4d, 0xba, 0xbb, 0xf8 ++}; ++ ++static const unsigned char p256_qiutd[] = { ++ 0x1a, 0x48, 0x55, 0x6b, 0x11, 0xbe, 0x92, 0xd4, 0x1c, 0xd7, 0x45, 0xc3, ++ 0x82, 0x81, 0x51, 0xf1, 0x23, 0x40, 0xb7, 0x83, 0xfd, 0x01, 0x6d, 0xbc, ++ 0xa1, 0x66, 0xaf, 0x0a, 0x03, 0x23, 0xcd, 0xc8 ++}; ++ ++static const unsigned char p256_ziut[] = { ++ 0x77, 0x2a, 0x1e, 0x37, 0xee, 0xe6, 0x51, 0x02, 0x71, 0x40, 0xf8, 0x6a, ++ 0x36, 0xf8, 0x65, 0x61, 0x2b, 0x18, 0x71, 0x82, 0x23, 0xe6, 0xf2, 0x77, ++ 0xce, 0xec, 0xb8, 0x49, 0xc7, 0xbf, 0x36, 0x4f ++}; ++ ++typedef struct { ++ int curve; ++ const unsigned char *x1; ++ size_t x1len; ++ const unsigned char *y1; ++ size_t y1len; ++ const unsigned char *d1; ++ size_t d1len; ++ const unsigned char *x2; ++ size_t x2len; ++ const unsigned char *y2; ++ size_t y2len; ++ const unsigned char *z; ++ size_t zlen; ++} ECDH_SELFTEST_DATA; ++ ++# define make_ecdh_test(nid, pr) { nid, \ ++ pr##_qiutx, sizeof(pr##_qiutx), \ ++ pr##_qiuty, sizeof(pr##_qiuty), \ ++ pr##_qiutd, sizeof(pr##_qiutd), \ ++ pr##_qcavsx, sizeof(pr##_qcavsx), \ ++ pr##_qcavsy, sizeof(pr##_qcavsy), \ ++ pr##_ziut, sizeof(pr##_ziut) } ++ ++static ECDH_SELFTEST_DATA test_ecdh_data[] = { ++ make_ecdh_test(NID_X9_62_prime256v1, p256), ++}; ++ ++int FIPS_selftest_ecdh(void) ++{ ++ EC_KEY *ec1 = NULL, *ec2 = NULL; ++ const EC_POINT *ecp = NULL; ++ BIGNUM *x = NULL, *y = NULL, *d = NULL; ++ unsigned char *ztmp = NULL; ++ int rv = 1; ++ size_t i; ++ ++ for (i = 0; i < sizeof(test_ecdh_data) / sizeof(ECDH_SELFTEST_DATA); i++) { ++ ECDH_SELFTEST_DATA *ecd = test_ecdh_data + i; ++ if (!fips_post_started(FIPS_TEST_ECDH, ecd->curve, 0)) ++ continue; ++ ztmp = OPENSSL_malloc(ecd->zlen); ++ ++ x = BN_bin2bn(ecd->x1, ecd->x1len, x); ++ y = BN_bin2bn(ecd->y1, ecd->y1len, y); ++ d = BN_bin2bn(ecd->d1, ecd->d1len, d); ++ ++ if (!x || !y || !d || !ztmp) { ++ rv = 0; ++ goto err; ++ } ++ ++ ec1 = EC_KEY_new_by_curve_name(ecd->curve); ++ if (!ec1) { ++ rv = 0; ++ goto err; ++ } ++ EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH); ++ ++ if (!EC_KEY_set_public_key_affine_coordinates(ec1, x, y)) { ++ rv = 0; ++ goto err; ++ } ++ ++ if (!EC_KEY_set_private_key(ec1, d)) { ++ rv = 0; ++ goto err; ++ } ++ ++ x = BN_bin2bn(ecd->x2, ecd->x2len, x); ++ y = BN_bin2bn(ecd->y2, ecd->y2len, y); ++ ++ if (!x || !y) { ++ rv = 0; ++ goto err; ++ } ++ ++ ec2 = EC_KEY_new_by_curve_name(ecd->curve); ++ if (!ec2) { ++ rv = 0; ++ goto err; ++ } ++ EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH); ++ ++ if (!EC_KEY_set_public_key_affine_coordinates(ec2, x, y)) { ++ rv = 0; ++ goto err; ++ } ++ ++ ecp = EC_KEY_get0_public_key(ec2); ++ if (!ecp) { ++ rv = 0; ++ goto err; ++ } ++ ++ if (!ECDH_compute_key(ztmp, ecd->zlen, ecp, ec1, 0)) { ++ rv = 0; ++ goto err; ++ } ++ ++ if (!fips_post_corrupt(FIPS_TEST_ECDH, ecd->curve, NULL)) ++ ztmp[0] ^= 0x1; ++ ++ if (memcmp(ztmp, ecd->z, ecd->zlen)) { ++ fips_post_failed(FIPS_TEST_ECDH, ecd->curve, 0); ++ rv = 0; ++ } else if (!fips_post_success(FIPS_TEST_ECDH, ecd->curve, 0)) ++ goto err; ++ ++ EC_KEY_free(ec1); ++ ec1 = NULL; ++ EC_KEY_free(ec2); ++ ec2 = NULL; ++ OPENSSL_free(ztmp); ++ ztmp = NULL; ++ } ++ ++ err: ++ ++ if (x) ++ BN_clear_free(x); ++ if (y) ++ BN_clear_free(y); ++ if (d) ++ BN_clear_free(d); ++ if (ec1) ++ EC_KEY_free(ec1); ++ if (ec2) ++ EC_KEY_free(ec2); ++ if (ztmp) ++ OPENSSL_free(ztmp); ++ ++ return rv; ++ ++} ++ ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c 2020-03-17 17:30:52.046567043 +0100 +@@ -0,0 +1,166 @@ ++/* fips/ecdsa/fips_ecdsa_selftest.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project 2011. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ * ++ */ ++ ++#define OPENSSL_FIPSAPI ++ ++#include ++#include ++#include ++#include ++#include ++#include "crypto/fips.h" ++#include ++#include ++#include ++ ++#ifdef OPENSSL_FIPS ++ ++static const char P_256_name[] = "ECDSA P-256"; ++ ++static const unsigned char P_256_d[] = { ++ 0x51, 0xbd, 0x06, 0xa1, 0x1c, 0xda, 0xe2, 0x12, 0x99, 0xc9, 0x52, 0x3f, ++ 0xea, 0xa4, 0xd2, 0xd1, 0xf4, 0x7f, 0xd4, 0x3e, 0xbd, 0xf8, 0xfc, 0x87, ++ 0xdc, 0x82, 0x53, 0x21, 0xee, 0xa0, 0xdc, 0x64 ++}; ++ ++static const unsigned char P_256_qx[] = { ++ 0x23, 0x89, 0xe0, 0xf4, 0x69, 0xe0, 0x49, 0xe5, 0xc7, 0xe5, 0x40, 0x6e, ++ 0x8f, 0x25, 0xdd, 0xad, 0x11, 0x16, 0x14, 0x9b, 0xab, 0x44, 0x06, 0x31, ++ 0xbf, 0x5e, 0xa6, 0x44, 0xac, 0x86, 0x00, 0x07 ++}; ++ ++static const unsigned char P_256_qy[] = { ++ 0xb3, 0x05, 0x0d, 0xd0, 0xdc, 0xf7, 0x40, 0xe6, 0xf9, 0xd8, 0x6d, 0x7b, ++ 0x63, 0xca, 0x97, 0xe6, 0x12, 0xf9, 0xd4, 0x18, 0x59, 0xbe, 0xb2, 0x5e, ++ 0x4a, 0x6a, 0x77, 0x23, 0xf4, 0x11, 0x9d, 0xeb ++}; ++ ++typedef struct { ++ int curve; ++ const char *name; ++ const unsigned char *x; ++ size_t xlen; ++ const unsigned char *y; ++ size_t ylen; ++ const unsigned char *d; ++ size_t dlen; ++} EC_SELFTEST_DATA; ++ ++# define make_ecdsa_test(nid, pr) { nid, pr##_name, \ ++ pr##_qx, sizeof(pr##_qx), \ ++ pr##_qy, sizeof(pr##_qy), \ ++ pr##_d, sizeof(pr##_d)} ++ ++static EC_SELFTEST_DATA test_ec_data[] = { ++ make_ecdsa_test(NID_X9_62_prime256v1, P_256), ++}; ++ ++int FIPS_selftest_ecdsa() ++{ ++ EC_KEY *ec = NULL; ++ BIGNUM *x = NULL, *y = NULL, *d = NULL; ++ EVP_PKEY *pk = NULL; ++ int rv = 0; ++ size_t i; ++ ++ for (i = 0; i < sizeof(test_ec_data) / sizeof(EC_SELFTEST_DATA); i++) { ++ EC_SELFTEST_DATA *ecd = test_ec_data + i; ++ ++ x = BN_bin2bn(ecd->x, ecd->xlen, x); ++ y = BN_bin2bn(ecd->y, ecd->ylen, y); ++ d = BN_bin2bn(ecd->d, ecd->dlen, d); ++ ++ if (!x || !y || !d) ++ goto err; ++ ++ ec = EC_KEY_new_by_curve_name(ecd->curve); ++ if (!ec) ++ goto err; ++ ++ if (!EC_KEY_set_public_key_affine_coordinates(ec, x, y)) ++ goto err; ++ ++ if (!EC_KEY_set_private_key(ec, d)) ++ goto err; ++ ++ if ((pk = EVP_PKEY_new()) == NULL) ++ goto err; ++ ++ EVP_PKEY_assign_EC_KEY(pk, ec); ++ ++ if (!fips_pkey_signature_test(pk, NULL, 0, ++ NULL, 0, EVP_sha256(), 0, ecd->name)) ++ goto err; ++ } ++ ++ rv = 1; ++ ++ err: ++ ++ if (x) ++ BN_clear_free(x); ++ if (y) ++ BN_clear_free(y); ++ if (d) ++ BN_clear_free(d); ++ if (pk) ++ EVP_PKEY_free(pk); ++ else if (ec) ++ EC_KEY_free(ec); ++ ++ return rv; ++ ++} ++ ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_err.h.fips openssl-1.1.1e/crypto/fips/fips_err.h +--- openssl-1.1.1e/crypto/fips/fips_err.h.fips 2020-03-17 17:30:52.047567026 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_err.h 2020-03-17 17:30:52.047567026 +0100 +@@ -0,0 +1,197 @@ ++/* crypto/fips_err.h */ ++/* ==================================================================== ++ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ * ++ * This product includes cryptographic software written by Eric Young ++ * (eay@cryptsoft.com). This product includes software written by Tim ++ * Hudson (tjh@cryptsoft.com). ++ * ++ */ ++ ++/* ++ * NOTE: this file was auto generated by the mkerr.pl script: any changes ++ * made to it will be overwritten when the script next updates this file, ++ * only reason strings will be preserved. ++ */ ++ ++#include ++#include ++#include ++ ++/* BEGIN ERROR CODES */ ++#ifndef OPENSSL_NO_ERR ++ ++# define ERR_FUNC(func) ERR_PACK(ERR_LIB_FIPS,func,0) ++# define ERR_REASON(reason) ERR_PACK(ERR_LIB_FIPS,0,reason) ++ ++static ERR_STRING_DATA FIPS_str_functs[] = { ++ {ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "dh_builtin_genparams"}, ++ {ERR_FUNC(FIPS_F_DRBG_RESEED), "drbg_reseed"}, ++ {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN2), "dsa_builtin_paramgen2"}, ++ {ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"}, ++ {ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"}, ++ {ERR_FUNC(FIPS_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"}, ++ {ERR_FUNC(FIPS_F_EVP_CIPHER_CTX_NEW), "EVP_CIPHER_CTX_new"}, ++ {ERR_FUNC(FIPS_F_EVP_CIPHER_CTX_RESET), "EVP_CIPHER_CTX_reset"}, ++ {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "fips_check_dsa"}, ++ {ERR_FUNC(FIPS_F_FIPS_CHECK_EC), "fips_check_ec"}, ++ {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "fips_check_rsa"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_BYTES), "fips_drbg_bytes"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_CHECK), "fips_drbg_check"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_CPRNG_TEST), "fips_drbg_cprng_test"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_ERROR_CHECK), "fips_drbg_error_check"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_GENERATE), "FIPS_drbg_generate"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_INIT), "FIPS_drbg_init"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_INSTANTIATE), "FIPS_drbg_instantiate"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_NEW), "FIPS_drbg_new"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_RESEED), "FIPS_drbg_reseed"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_SINGLE_KAT), "FIPS_DRBG_SINGLE_KAT"}, ++ {ERR_FUNC(FIPS_F_FIPS_GET_ENTROPY), "fips_get_entropy"}, ++ {ERR_FUNC(FIPS_F_FIPS_MODULE_MODE_SET), "FIPS_module_mode_set"}, ++ {ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"}, ++ {ERR_FUNC(FIPS_F_FIPS_RAND_BYTES), "FIPS_rand_bytes"}, ++ {ERR_FUNC(FIPS_F_FIPS_RAND_SEED), "FIPS_rand_seed"}, ++ {ERR_FUNC(FIPS_F_FIPS_RAND_SET_METHOD), "FIPS_rand_set_method"}, ++ {ERR_FUNC(FIPS_F_FIPS_RAND_STATUS), "FIPS_rand_status"}, ++ {ERR_FUNC(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN), "fips_rsa_builtin_keygen"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST), "FIPS_selftest"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES), "FIPS_selftest_aes"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_CCM), "FIPS_selftest_aes_ccm"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_GCM), "FIPS_selftest_aes_gcm"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_XTS), "FIPS_selftest_aes_xts"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_CMAC), "FIPS_selftest_cmac"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DES), "FIPS_selftest_des"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_ECDSA), "FIPS_selftest_ecdsa"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_HMAC), "FIPS_selftest_hmac"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA1), "FIPS_selftest_sha1"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA2), "FIPS_selftest_sha2"}, ++ {ERR_FUNC(FIPS_F_OSSL_ECDSA_SIGN_SIG), "ossl_ecdsa_sign_sig"}, ++ {ERR_FUNC(FIPS_F_OSSL_ECDSA_VERIFY_SIG), "ossl_ecdsa_verify_sig"}, ++ {ERR_FUNC(FIPS_F_RSA_BUILTIN_KEYGEN), "rsa_builtin_keygen"}, ++ {ERR_FUNC(FIPS_F_RSA_OSSL_INIT), "rsa_ossl_init"}, ++ {ERR_FUNC(FIPS_F_RSA_OSSL_PRIVATE_DECRYPT), "rsa_ossl_private_decrypt"}, ++ {ERR_FUNC(FIPS_F_RSA_OSSL_PRIVATE_ENCRYPT), "rsa_ossl_private_encrypt"}, ++ {ERR_FUNC(FIPS_F_RSA_OSSL_PUBLIC_DECRYPT), "rsa_ossl_public_decrypt"}, ++ {ERR_FUNC(FIPS_F_RSA_OSSL_PUBLIC_ENCRYPT), "rsa_ossl_public_encrypt"}, ++ {0, NULL} ++}; ++ ++static ERR_STRING_DATA FIPS_str_reasons[] = { ++ {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED), ++ "additional input error undetected"}, ++ {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_TOO_LONG), ++ "additional input too long"}, ++ {ERR_REASON(FIPS_R_ALREADY_INSTANTIATED), "already instantiated"}, ++ {ERR_REASON(FIPS_R_DRBG_NOT_INITIALISED), "drbg not initialised"}, ++ {ERR_REASON(FIPS_R_DRBG_STUCK), "drbg stuck"}, ++ {ERR_REASON(FIPS_R_ENTROPY_ERROR_UNDETECTED), "entropy error undetected"}, ++ {ERR_REASON(FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED), ++ "entropy not requested for reseed"}, ++ {ERR_REASON(FIPS_R_ENTROPY_SOURCE_STUCK), "entropy source stuck"}, ++ {ERR_REASON(FIPS_R_ERROR_INITIALISING_DRBG), "error initialising drbg"}, ++ {ERR_REASON(FIPS_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"}, ++ {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT), ++ "error retrieving additional input"}, ++ {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ENTROPY), "error retrieving entropy"}, ++ {ERR_REASON(FIPS_R_ERROR_RETRIEVING_NONCE), "error retrieving nonce"}, ++ {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH), ++ "fingerprint does not match"}, ++ {ERR_REASON(FIPS_R_FIPS_MODE_ALREADY_SET), "fips mode already set"}, ++ {ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED), "fips selftest failed"}, ++ {ERR_REASON(FIPS_R_FUNCTION_ERROR), "function error"}, ++ {ERR_REASON(FIPS_R_GENERATE_ERROR), "generate error"}, ++ {ERR_REASON(FIPS_R_GENERATE_ERROR_UNDETECTED), ++ "generate error undetected"}, ++ {ERR_REASON(FIPS_R_INSTANTIATE_ERROR), "instantiate error"}, ++ {ERR_REASON(FIPS_R_INTERNAL_ERROR), "internal error"}, ++ {ERR_REASON(FIPS_R_INVALID_KEY_LENGTH), "invalid key length"}, ++ {ERR_REASON(FIPS_R_IN_ERROR_STATE), "in error state"}, ++ {ERR_REASON(FIPS_R_KEY_TOO_SHORT), "key too short"}, ++ {ERR_REASON(FIPS_R_NONCE_ERROR_UNDETECTED), "nonce error undetected"}, ++ {ERR_REASON(FIPS_R_NON_FIPS_METHOD), "non fips method"}, ++ {ERR_REASON(FIPS_R_NOPR_TEST1_FAILURE), "nopr test1 failure"}, ++ {ERR_REASON(FIPS_R_NOPR_TEST2_FAILURE), "nopr test2 failure"}, ++ {ERR_REASON(FIPS_R_NOT_INSTANTIATED), "not instantiated"}, ++ {ERR_REASON(FIPS_R_PAIRWISE_TEST_FAILED), "pairwise test failed"}, ++ {ERR_REASON(FIPS_R_PERSONALISATION_ERROR_UNDETECTED), ++ "personalisation error undetected"}, ++ {ERR_REASON(FIPS_R_PERSONALISATION_STRING_TOO_LONG), ++ "personalisation string too long"}, ++ {ERR_REASON(FIPS_R_PR_TEST1_FAILURE), "pr test1 failure"}, ++ {ERR_REASON(FIPS_R_PR_TEST2_FAILURE), "pr test2 failure"}, ++ {ERR_REASON(FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED), ++ "request length error undetected"}, ++ {ERR_REASON(FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG), ++ "request too large for drbg"}, ++ {ERR_REASON(FIPS_R_RESEED_COUNTER_ERROR), "reseed counter error"}, ++ {ERR_REASON(FIPS_R_RESEED_ERROR), "reseed error"}, ++ {ERR_REASON(FIPS_R_SELFTEST_FAILED), "selftest failed"}, ++ {ERR_REASON(FIPS_R_SELFTEST_FAILURE), "selftest failure"}, ++ {ERR_REASON(FIPS_R_TEST_FAILURE), "test failure"}, ++ {ERR_REASON(FIPS_R_UNINSTANTIATE_ERROR), "uninstantiate error"}, ++ {ERR_REASON(FIPS_R_UNINSTANTIATE_ZEROISE_ERROR), ++ "uninstantiate zeroise error"}, ++ {ERR_REASON(FIPS_R_UNSUPPORTED_DRBG_TYPE), "unsupported drbg type"}, ++ {ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM), "unsupported platform"}, ++ {0, NULL} ++}; ++ ++#endif ++ ++int ERR_load_FIPS_strings(void) ++{ ++#ifndef OPENSSL_NO_ERR ++ ++ if (ERR_func_error_string(FIPS_str_functs[0].error) == NULL) { ++ ERR_load_strings(0, FIPS_str_functs); ++ ERR_load_strings(0, FIPS_str_reasons); ++ } ++#endif ++ return 1; ++} +diff -up openssl-1.1.1e/crypto/fips/fips_ers.c.fips openssl-1.1.1e/crypto/fips/fips_ers.c +--- openssl-1.1.1e/crypto/fips/fips_ers.c.fips 2020-03-17 17:30:52.047567026 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_ers.c 2020-03-17 17:30:52.047567026 +0100 +@@ -0,0 +1,7 @@ ++#include ++ ++#ifdef OPENSSL_FIPS ++# include "fips_err.h" ++#else ++static void *dummy = &dummy; ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c.fips 2020-03-17 17:30:52.047567026 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c 2020-03-17 17:30:52.047567026 +0100 +@@ -0,0 +1,134 @@ ++/* ==================================================================== ++ * Copyright (c) 2005 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#ifdef OPENSSL_FIPS ++# include ++#endif ++#include ++ ++#ifdef OPENSSL_FIPS ++typedef struct { ++ const EVP_MD *(*alg) (void); ++ const char *key, *iv; ++ unsigned char kaval[EVP_MAX_MD_SIZE]; ++} HMAC_KAT; ++ ++static const HMAC_KAT vector[] = { ++ {EVP_sha1, ++ /* from http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf */ ++ "0123456789:;<=>?@ABC", ++ "Sample #2", ++ {0x09, 0x22, 0xd3, 0x40, 0x5f, 0xaa, 0x3d, 0x19, ++ 0x4f, 0x82, 0xa4, 0x58, 0x30, 0x73, 0x7d, 0x5c, ++ 0xc6, 0xc7, 0x5d, 0x24} ++ }, ++ {EVP_sha224, ++ /* just keep extending the above... */ ++ "0123456789:;<=>?@ABC", ++ "Sample #2", ++ {0xdd, 0xef, 0x0a, 0x40, 0xcb, 0x7d, 0x50, 0xfb, ++ 0x6e, 0xe6, 0xce, 0xa1, 0x20, 0xba, 0x26, 0xaa, ++ 0x08, 0xf3, 0x07, 0x75, 0x87, 0xb8, 0xad, 0x1b, ++ 0x8c, 0x8d, 0x12, 0xc7} ++ }, ++ {EVP_sha256, ++ "0123456789:;<=>?@ABC", ++ "Sample #2", ++ {0xb8, 0xf2, 0x0d, 0xb5, 0x41, 0xea, 0x43, 0x09, ++ 0xca, 0x4e, 0xa9, 0x38, 0x0c, 0xd0, 0xe8, 0x34, ++ 0xf7, 0x1f, 0xbe, 0x91, 0x74, 0xa2, 0x61, 0x38, ++ 0x0d, 0xc1, 0x7e, 0xae, 0x6a, 0x34, 0x51, 0xd9} ++ }, ++ {EVP_sha384, ++ "0123456789:;<=>?@ABC", ++ "Sample #2", ++ {0x08, 0xbc, 0xb0, 0xda, 0x49, 0x1e, 0x87, 0xad, ++ 0x9a, 0x1d, 0x6a, 0xce, 0x23, 0xc5, 0x0b, 0xf6, ++ 0xb7, 0x18, 0x06, 0xa5, 0x77, 0xcd, 0x49, 0x04, ++ 0x89, 0xf1, 0xe6, 0x23, 0x44, 0x51, 0x51, 0x9f, ++ 0x85, 0x56, 0x80, 0x79, 0x0c, 0xbd, 0x4d, 0x50, ++ 0xa4, 0x5f, 0x29, 0xe3, 0x93, 0xf0, 0xe8, 0x7f} ++ }, ++ {EVP_sha512, ++ "0123456789:;<=>?@ABC", ++ "Sample #2", ++ {0x80, 0x9d, 0x44, 0x05, 0x7c, 0x5b, 0x95, 0x41, ++ 0x05, 0xbd, 0x04, 0x13, 0x16, 0xdb, 0x0f, 0xac, ++ 0x44, 0xd5, 0xa4, 0xd5, 0xd0, 0x89, 0x2b, 0xd0, ++ 0x4e, 0x86, 0x64, 0x12, 0xc0, 0x90, 0x77, 0x68, ++ 0xf1, 0x87, 0xb7, 0x7c, 0x4f, 0xae, 0x2c, 0x2f, ++ 0x21, 0xa5, 0xb5, 0x65, 0x9a, 0x4f, 0x4b, 0xa7, ++ 0x47, 0x02, 0xa3, 0xde, 0x9b, 0x51, 0xf1, 0x45, ++ 0xbd, 0x4f, 0x25, 0x27, 0x42, 0x98, 0x99, 0x05} ++ }, ++}; ++ ++int FIPS_selftest_hmac() ++{ ++ int n; ++ unsigned int outlen; ++ unsigned char out[EVP_MAX_MD_SIZE]; ++ const EVP_MD *md; ++ const HMAC_KAT *t; ++ ++ for (n = 0, t = vector; n < sizeof(vector) / sizeof(vector[0]); n++, t++) { ++ md = (*t->alg) (); ++ HMAC(md, t->key, strlen(t->key), ++ (const unsigned char *)t->iv, strlen(t->iv), out, &outlen); ++ ++ if (memcmp(out, t->kaval, outlen)) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ } ++ return 1; ++} ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_locl.h.fips openssl-1.1.1e/crypto/fips/fips_locl.h +--- openssl-1.1.1e/crypto/fips/fips_locl.h.fips 2020-03-17 17:30:52.048567008 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_locl.h 2020-03-17 17:30:52.048567008 +0100 +@@ -0,0 +1,71 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#ifdef OPENSSL_FIPS ++ ++# ifdef __cplusplus ++extern "C" { ++# endif ++ ++# define FIPS_MAX_CIPHER_TEST_SIZE 32 ++# define fips_load_key_component(comp, pre) \ ++ comp = BN_bin2bn(pre##_##comp, sizeof(pre##_##comp), NULL); \ ++ if (!comp) \ ++ goto err ++ ++# define fips_post_started(id, subid, ex) 1 ++# define fips_post_success(id, subid, ex) 1 ++# define fips_post_failed(id, subid, ex) 1 ++# define fips_post_corrupt(id, subid, ex) 1 ++# define fips_post_status() 1 ++ ++# ifdef __cplusplus ++} ++# endif ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_post.c.fips openssl-1.1.1e/crypto/fips/fips_post.c +--- openssl-1.1.1e/crypto/fips/fips_post.c.fips 2020-03-17 17:30:52.048567008 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_post.c 2020-03-17 17:30:52.048567008 +0100 +@@ -0,0 +1,224 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#define OPENSSL_FIPSAPI ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#ifdef OPENSSL_FIPS ++ ++/* Power on self test (POST) support functions */ ++ ++# include ++# include "crypto/fips.h" ++# include "fips_locl.h" ++ ++/* Run all selftests */ ++int FIPS_selftest(void) ++{ ++ int rv = 1; ++ if (!FIPS_selftest_drbg()) ++ rv = 0; ++ if (!FIPS_selftest_sha1()) ++ rv = 0; ++ if (!FIPS_selftest_sha2()) ++ rv = 0; ++ if (!FIPS_selftest_sha3()) ++ rv = 0; ++ if (!FIPS_selftest_hmac()) ++ rv = 0; ++ if (!FIPS_selftest_cmac()) ++ rv = 0; ++ if (!FIPS_selftest_aes()) ++ rv = 0; ++ if (!FIPS_selftest_aes_ccm()) ++ rv = 0; ++ if (!FIPS_selftest_aes_gcm()) ++ rv = 0; ++ if (!FIPS_selftest_aes_xts()) ++ rv = 0; ++ if (!FIPS_selftest_des()) ++ rv = 0; ++ if (!FIPS_selftest_rsa()) ++ rv = 0; ++ if (!FIPS_selftest_ecdsa()) ++ rv = 0; ++ if (!FIPS_selftest_dsa()) ++ rv = 0; ++ if (!FIPS_selftest_dh()) ++ rv = 0; ++ if (!FIPS_selftest_ecdh()) ++ rv = 0; ++ return rv; ++} ++ ++/* Generalized public key test routine. Signs and verifies the data ++ * supplied in tbs using mesage digest md and setting option digest ++ * flags md_flags. If the 'kat' parameter is not NULL it will ++ * additionally check the signature matches it: a known answer test ++ * The string "fail_str" is used for identification purposes in case ++ * of failure. If "pkey" is NULL just perform a message digest check. ++ */ ++ ++int fips_pkey_signature_test(EVP_PKEY *pkey, ++ const unsigned char *tbs, int tbslen, ++ const unsigned char *kat, unsigned int katlen, ++ const EVP_MD *digest, unsigned int flags, ++ const char *fail_str) ++{ ++ int ret = 0; ++ unsigned char sigtmp[256], *sig = sigtmp; ++ size_t siglen = sizeof(sigtmp); ++ EVP_MD_CTX *mctx; ++ EVP_PKEY_CTX *pctx; ++ ++ if (digest == NULL) ++ digest = EVP_sha256(); ++ ++ mctx = EVP_MD_CTX_new(); ++ ++ if ((EVP_PKEY_id(pkey) == EVP_PKEY_RSA) ++ && (RSA_size(EVP_PKEY_get0_RSA(pkey)) > sizeof(sigtmp))) { ++ sig = OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pkey))); ++ siglen = RSA_size(EVP_PKEY_get0_RSA(pkey)); ++ } ++ if (!sig || ! mctx) { ++ EVP_MD_CTX_free(mctx); ++ FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST, ERR_R_MALLOC_FAILURE); ++ return 0; ++ } ++ ++ if (tbslen == -1) ++ tbslen = strlen((char *)tbs); ++ ++ if (EVP_DigestSignInit(mctx, &pctx, digest, NULL, pkey) <= 0) ++ goto error; ++ ++ if (flags == EVP_MD_CTX_FLAG_PAD_PSS) { ++ EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING); ++ EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, 0); ++ } ++ ++ if (EVP_DigestSignUpdate(mctx, tbs, tbslen) <= 0) ++ goto error; ++ ++ if (EVP_DigestSignFinal(mctx, sig, &siglen) <= 0) ++ goto error; ++ ++ if (kat && ((siglen != katlen) || memcmp(kat, sig, katlen))) ++ goto error; ++ ++ if (EVP_DigestVerifyInit(mctx, &pctx, digest, NULL, pkey) <= 0) ++ goto error; ++ ++ if (flags == EVP_MD_CTX_FLAG_PAD_PSS) { ++ EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING); ++ EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, 0); ++ } ++ ++ if (EVP_DigestVerifyUpdate(mctx, tbs, tbslen) <= 0) ++ goto error; ++ ++ ret = EVP_DigestVerifyFinal(mctx, sig, siglen); ++ ++ error: ++ if (sig != sigtmp) ++ OPENSSL_free(sig); ++ EVP_MD_CTX_free(mctx); ++ if (ret <= 0) { ++ FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST, FIPS_R_TEST_FAILURE); ++ if (fail_str) ++ ERR_add_error_data(2, "Type=", fail_str); ++ return 0; ++ } ++ return 1; ++} ++ ++/* Generalized symmetric cipher test routine. Encrypt data, verify result ++ * against known answer, decrypt and compare with original plaintext. ++ */ ++ ++int fips_cipher_test(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ++ const unsigned char *key, ++ const unsigned char *iv, ++ const unsigned char *plaintext, ++ const unsigned char *ciphertext, int len) ++{ ++ unsigned char pltmp[FIPS_MAX_CIPHER_TEST_SIZE]; ++ unsigned char citmp[FIPS_MAX_CIPHER_TEST_SIZE]; ++ ++ OPENSSL_assert(len <= FIPS_MAX_CIPHER_TEST_SIZE); ++ memset(pltmp, 0, FIPS_MAX_CIPHER_TEST_SIZE); ++ memset(citmp, 0, FIPS_MAX_CIPHER_TEST_SIZE); ++ ++ if (EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 1) <= 0) ++ return 0; ++ if (EVP_Cipher(ctx, citmp, plaintext, len) <= 0) ++ return 0; ++ if (memcmp(citmp, ciphertext, len)) ++ return 0; ++ if (EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 0) <= 0) ++ return 0; ++ if (EVP_Cipher(ctx, pltmp, citmp, len) <= 0) ++ return 0; ++ if (memcmp(pltmp, plaintext, len)) ++ return 0; ++ return 1; ++} ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.1e/crypto/fips/fips_rand_lcl.h +--- openssl-1.1.1e/crypto/fips/fips_rand_lcl.h.fips 2020-03-17 17:30:52.048567008 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_rand_lcl.h 2020-03-17 17:30:52.048567008 +0100 +@@ -0,0 +1,203 @@ ++/* fips/rand/fips_rand_lcl.h */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++typedef struct drbg_hash_ctx_st DRBG_HASH_CTX; ++typedef struct drbg_hmac_ctx_st DRBG_HMAC_CTX; ++typedef struct drbg_ctr_ctx_st DRBG_CTR_CTX; ++ ++/* 888 bits from 10.1 table 2 */ ++#define HASH_PRNG_MAX_SEEDLEN 111 ++ ++struct drbg_hash_ctx_st { ++ const EVP_MD *md; ++ EVP_MD_CTX *mctx; ++ unsigned char V[HASH_PRNG_MAX_SEEDLEN]; ++ unsigned char C[HASH_PRNG_MAX_SEEDLEN]; ++ /* Temporary value storage: should always exceed max digest length */ ++ unsigned char vtmp[HASH_PRNG_MAX_SEEDLEN]; ++}; ++ ++struct drbg_hmac_ctx_st { ++ const EVP_MD *md; ++ HMAC_CTX *hctx; ++ unsigned char K[EVP_MAX_MD_SIZE]; ++ unsigned char V[EVP_MAX_MD_SIZE]; ++}; ++ ++struct drbg_ctr_ctx_st { ++ AES_KEY ks; ++ size_t keylen; ++ unsigned char K[32]; ++ unsigned char V[16]; ++ /* Temp variables used by derivation function */ ++ AES_KEY df_ks; ++ AES_KEY df_kxks; ++ /* Temporary block storage used by ctr_df */ ++ unsigned char bltmp[16]; ++ size_t bltmp_pos; ++ unsigned char KX[48]; ++}; ++ ++/* DRBG internal flags */ ++ ++/* Functions shouldn't call err library */ ++#define DRBG_FLAG_NOERR 0x1 ++/* Custom reseed checking */ ++#define DRBG_CUSTOM_RESEED 0x2 ++ ++/* DRBG status values */ ++/* not initialised */ ++#define DRBG_STATUS_UNINITIALISED 0 ++/* ok and ready to generate random bits */ ++#define DRBG_STATUS_READY 1 ++/* reseed required */ ++#define DRBG_STATUS_RESEED 2 ++/* fatal error condition */ ++#define DRBG_STATUS_ERROR 3 ++ ++/* A default maximum length: larger than any reasonable value used in pratice */ ++ ++#define DRBG_MAX_LENGTH 0x7ffffff0 ++/* Maximum DRBG block length: all md sizes are bigger than cipher blocks sizes ++ * so use max digest length. ++ */ ++#define DRBG_MAX_BLOCK EVP_MAX_MD_SIZE ++ ++#define DRBG_HEALTH_INTERVAL (1 << 24) ++ ++/* DRBG context structure */ ++ ++struct drbg_ctx_st { ++ /* First types common to all implementations */ ++ /* DRBG type: a NID for the underlying algorithm */ ++ int type; ++ /* Various external flags */ ++ unsigned int xflags; ++ /* Various internal use only flags */ ++ unsigned int iflags; ++ /* Used for periodic health checks */ ++ int health_check_cnt, health_check_interval; ++ ++ /* The following parameters are setup by mechanism drbg_init() call */ ++ int strength; ++ size_t blocklength; ++ size_t max_request; ++ ++ size_t min_entropy, max_entropy; ++ size_t min_nonce, max_nonce; ++ size_t max_pers, max_adin; ++ unsigned int reseed_counter; ++ unsigned int reseed_interval; ++ size_t seedlen; ++ int status; ++ /* Application data: typically used by test get_entropy */ ++ void *app_data; ++ /* Implementation specific structures */ ++ union { ++ DRBG_HASH_CTX hash; ++ DRBG_HMAC_CTX hmac; ++ DRBG_CTR_CTX ctr; ++ } d; ++ /* Initialiase PRNG and setup callbacks below */ ++ int (*init) (DRBG_CTX *ctx, int nid, int security, unsigned int flags); ++ /* Intantiate PRNG */ ++ int (*instantiate) (DRBG_CTX *ctx, ++ const unsigned char *ent, size_t entlen, ++ const unsigned char *nonce, size_t noncelen, ++ const unsigned char *pers, size_t perslen); ++ /* reseed */ ++ int (*reseed) (DRBG_CTX *ctx, ++ const unsigned char *ent, size_t entlen, ++ const unsigned char *adin, size_t adinlen); ++ /* generat output */ ++ int (*generate) (DRBG_CTX *ctx, ++ unsigned char *out, size_t outlen, ++ const unsigned char *adin, size_t adinlen); ++ /* uninstantiate */ ++ int (*uninstantiate) (DRBG_CTX *ctx); ++ ++ /* Entropy source block length */ ++ size_t entropy_blocklen; ++ ++ /* entropy gathering function */ ++ size_t (*get_entropy) (DRBG_CTX *ctx, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len); ++ /* Indicates we have finished with entropy buffer */ ++ void (*cleanup_entropy) (DRBG_CTX *ctx, unsigned char *out, size_t olen); ++ ++ /* nonce gathering function */ ++ size_t (*get_nonce) (DRBG_CTX *ctx, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len); ++ /* Indicates we have finished with nonce buffer */ ++ void (*cleanup_nonce) (DRBG_CTX *ctx, unsigned char *out, size_t olen); ++ ++ /* Callbacks used when called through RAND interface */ ++ /* Get any additional input for generate */ ++ size_t (*get_adin) (DRBG_CTX *ctx, unsigned char **pout); ++ void (*cleanup_adin) (DRBG_CTX *ctx, unsigned char *out, size_t olen); ++ /* Callback for RAND_seed(), RAND_add() */ ++ int (*rand_seed_cb) (DRBG_CTX *ctx, const void *buf, int num); ++ int (*rand_add_cb) (DRBG_CTX *ctx, ++ const void *buf, int num, double entropy); ++}; ++ ++int fips_drbg_ctr_init(DRBG_CTX *dctx); ++int fips_drbg_hash_init(DRBG_CTX *dctx); ++int fips_drbg_hmac_init(DRBG_CTX *dctx); ++int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags); ++int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out); ++ ++#define FIPS_digestinit EVP_DigestInit ++#define FIPS_digestupdate EVP_DigestUpdate ++#define FIPS_digestfinal EVP_DigestFinal ++#define M_EVP_MD_size EVP_MD_size +diff -up openssl-1.1.1e/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1e/crypto/fips/fips_rand_lib.c +--- openssl-1.1.1e/crypto/fips/fips_rand_lib.c.fips 2020-03-17 17:30:52.049566991 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_rand_lib.c 2020-03-17 17:30:52.049566991 +0100 +@@ -0,0 +1,234 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++/* If we don't define _XOPEN_SOURCE_EXTENDED, struct timeval won't ++ be defined and gettimeofday() won't be declared with strict compilers ++ like DEC C in ANSI C mode. */ ++#ifndef _XOPEN_SOURCE_EXTENDED ++# define _XOPEN_SOURCE_EXTENDED 1 ++#endif ++ ++#include ++#include ++#include ++#include ++#include "crypto/fips.h" ++#include ++#include "e_os.h" ++ ++#if !(defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS)) ++# include ++#endif ++#if defined(OPENSSL_SYS_VXWORKS) ++# include ++#endif ++#ifndef OPENSSL_SYS_WIN32 ++# ifdef OPENSSL_UNISTD ++# include OPENSSL_UNISTD ++# else ++# include ++# endif ++#endif ++ ++/* FIPS API for PRNG use. Similar to RAND functionality but without ++ * ENGINE and additional checking for non-FIPS rand methods. ++ */ ++ ++static const RAND_METHOD *fips_rand_meth = NULL; ++static int fips_approved_rand_meth = 0; ++static int fips_rand_bits = 0; ++ ++/* Allows application to override number of bits and uses non-FIPS methods */ ++void FIPS_rand_set_bits(int nbits) ++{ ++ fips_rand_bits = nbits; ++} ++ ++int FIPS_rand_set_method(const RAND_METHOD *meth) ++{ ++ if (!fips_rand_bits) { ++ if (meth == FIPS_drbg_method()) ++ fips_approved_rand_meth = 1; ++ else { ++ fips_approved_rand_meth = 0; ++ if (FIPS_module_mode()) { ++ FIPSerr(FIPS_F_FIPS_RAND_SET_METHOD, FIPS_R_NON_FIPS_METHOD); ++ return 0; ++ } ++ } ++ } ++ fips_rand_meth = meth; ++ return 1; ++} ++ ++const RAND_METHOD *FIPS_rand_get_method(void) ++{ ++ return fips_rand_meth; ++} ++ ++void FIPS_rand_reset(void) ++{ ++ if (fips_rand_meth && fips_rand_meth->cleanup) ++ fips_rand_meth->cleanup(); ++} ++ ++int FIPS_rand_seed(const void *buf, int num) ++{ ++ if (!fips_approved_rand_meth && FIPS_module_mode()) { ++ FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD); ++ return 0; ++ } ++ if (fips_rand_meth && fips_rand_meth->seed) ++ fips_rand_meth->seed(buf, num); ++ return 1; ++} ++ ++int FIPS_rand_bytes(unsigned char *buf, int num) ++{ ++ if (!fips_approved_rand_meth && FIPS_module_mode()) { ++ FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD); ++ return 0; ++ } ++ if (fips_rand_meth && fips_rand_meth->bytes) ++ return fips_rand_meth->bytes(buf, num); ++ return 0; ++} ++ ++int FIPS_rand_status(void) ++{ ++ if (!fips_approved_rand_meth && FIPS_module_mode()) { ++ FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD); ++ return 0; ++ } ++ if (fips_rand_meth && fips_rand_meth->status) ++ return fips_rand_meth->status(); ++ return 0; ++} ++ ++/* Return instantiated strength of PRNG. For DRBG this is an internal ++ * parameter. Any other type of PRNG is not approved and returns 0 in ++ * FIPS mode and maximum 256 outside FIPS mode. ++ */ ++ ++int FIPS_rand_strength(void) ++{ ++ if (fips_rand_bits) ++ return fips_rand_bits; ++ if (fips_approved_rand_meth == 1) ++ return FIPS_drbg_get_strength(FIPS_get_default_drbg()); ++ else if (fips_approved_rand_meth == 0) { ++ if (FIPS_module_mode()) ++ return 0; ++ else ++ return 256; ++ } ++ return 0; ++} ++ ++void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr) ++{ ++# ifdef OPENSSL_SYS_WIN32 ++ FILETIME ft; ++# elif defined(OPENSSL_SYS_VXWORKS) ++ struct timespec ts; ++# else ++ struct timeval tv; ++# endif ++ ++# ifndef GETPID_IS_MEANINGLESS ++ unsigned long pid; ++# endif ++ ++# ifdef OPENSSL_SYS_WIN32 ++ GetSystemTimeAsFileTime(&ft); ++ buf[0] = (unsigned char)(ft.dwHighDateTime & 0xff); ++ buf[1] = (unsigned char)((ft.dwHighDateTime >> 8) & 0xff); ++ buf[2] = (unsigned char)((ft.dwHighDateTime >> 16) & 0xff); ++ buf[3] = (unsigned char)((ft.dwHighDateTime >> 24) & 0xff); ++ buf[4] = (unsigned char)(ft.dwLowDateTime & 0xff); ++ buf[5] = (unsigned char)((ft.dwLowDateTime >> 8) & 0xff); ++ buf[6] = (unsigned char)((ft.dwLowDateTime >> 16) & 0xff); ++ buf[7] = (unsigned char)((ft.dwLowDateTime >> 24) & 0xff); ++# elif defined(OPENSSL_SYS_VXWORKS) ++ clock_gettime(CLOCK_REALTIME, &ts); ++ buf[0] = (unsigned char)(ts.tv_sec & 0xff); ++ buf[1] = (unsigned char)((ts.tv_sec >> 8) & 0xff); ++ buf[2] = (unsigned char)((ts.tv_sec >> 16) & 0xff); ++ buf[3] = (unsigned char)((ts.tv_sec >> 24) & 0xff); ++ buf[4] = (unsigned char)(ts.tv_nsec & 0xff); ++ buf[5] = (unsigned char)((ts.tv_nsec >> 8) & 0xff); ++ buf[6] = (unsigned char)((ts.tv_nsec >> 16) & 0xff); ++ buf[7] = (unsigned char)((ts.tv_nsec >> 24) & 0xff); ++# else ++ gettimeofday(&tv, NULL); ++ buf[0] = (unsigned char)(tv.tv_sec & 0xff); ++ buf[1] = (unsigned char)((tv.tv_sec >> 8) & 0xff); ++ buf[2] = (unsigned char)((tv.tv_sec >> 16) & 0xff); ++ buf[3] = (unsigned char)((tv.tv_sec >> 24) & 0xff); ++ buf[4] = (unsigned char)(tv.tv_usec & 0xff); ++ buf[5] = (unsigned char)((tv.tv_usec >> 8) & 0xff); ++ buf[6] = (unsigned char)((tv.tv_usec >> 16) & 0xff); ++ buf[7] = (unsigned char)((tv.tv_usec >> 24) & 0xff); ++# endif ++ buf[8] = (unsigned char)(*pctr & 0xff); ++ buf[9] = (unsigned char)((*pctr >> 8) & 0xff); ++ buf[10] = (unsigned char)((*pctr >> 16) & 0xff); ++ buf[11] = (unsigned char)((*pctr >> 24) & 0xff); ++ ++ (*pctr)++; ++ ++# ifndef GETPID_IS_MEANINGLESS ++ pid = (unsigned long)getpid(); ++ buf[12] = (unsigned char)(pid & 0xff); ++ buf[13] = (unsigned char)((pid >> 8) & 0xff); ++ buf[14] = (unsigned char)((pid >> 16) & 0xff); ++ buf[15] = (unsigned char)((pid >> 24) & 0xff); ++# endif ++} ++ +diff -up openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c.fips 2020-03-17 17:30:52.049566991 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c 2020-03-17 17:30:52.049566991 +0100 +@@ -0,0 +1,338 @@ ++/* ==================================================================== ++ * Copyright (c) 2003-2007 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#ifdef OPENSSL_FIPS ++# include ++# include "crypto/fips.h" ++#endif ++#include ++#include ++#include ++#include ++#include "fips_locl.h" ++ ++#ifdef OPENSSL_FIPS ++ ++static int setrsakey(RSA *key) ++{ ++ static const unsigned char keydata_n[] = { ++ 0x00, 0xc9, 0xd5, 0x6d, 0x9d, 0x90, 0xdb, 0x43, 0xd6, 0x02, 0xed, 0x96, 0x88, 0x13, 0x8a, ++ 0xb2, 0xbf, 0x6e, 0xa1, 0x06, 0x10, 0xb2, 0x78, 0x37, 0xa7, 0x14, 0xa8, 0xff, 0xdd, 0x00, ++ 0xdd, 0xb4, 0x93, 0xa0, 0x45, 0xcc, 0x96, 0x90, 0xed, 0xad, 0xa9, 0xdd, 0xc4, 0xd6, 0xca, ++ 0x0c, 0xf0, 0xed, 0x4f, 0x72, 0x5e, 0x21, 0x49, 0x9a, 0x18, 0x12, 0x15, 0x8f, 0x90, 0x5a, ++ 0xdb, 0xb6, 0x33, 0x99, 0xa3, 0xe6, 0xb4, 0xf0, 0xc4, 0x97, 0x21, 0x26, 0xbb, 0xe3, 0xba, ++ 0xf2, 0xff, 0xa0, 0x72, 0xda, 0x89, 0x63, 0x8e, 0x8b, 0x3e, 0x08, 0x9d, 0x92, 0x2a, 0xbe, ++ 0x16, 0xe1, 0x43, 0x15, 0xfc, 0x57, 0xc7, 0x1f, 0x09, 0x11, 0x67, 0x1c, 0xa9, 0x96, 0xd1, ++ 0x8b, 0x3e, 0x80, 0x93, 0xc1, 0x59, 0xd0, 0x6d, 0x39, 0xf2, 0xac, 0x95, 0xcc, 0x10, 0x75, ++ 0xe9, 0x31, 0x24, 0xd1, 0x43, 0xaf, 0x68, 0x52, 0x4b, 0xe7, 0x16, 0xd7, 0x49, 0x65, 0x6f, ++ 0x26, 0xc0, 0x86, 0xad, 0xc0, 0x07, 0x0a, 0xc1, 0xe1, 0x2f, 0x87, 0x85, 0x86, 0x3b, 0xdc, ++ 0x5a, 0x99, 0xbe, 0xe9, 0xf9, 0xb9, 0xe9, 0x82, 0x27, 0x51, 0x04, 0x15, 0xab, 0x06, 0x0e, ++ 0x76, 0x5a, 0x28, 0x8d, 0x92, 0xbd, 0xc5, 0xb5, 0x7b, 0xa8, 0xdf, 0x4e, 0x47, 0xa2, 0xc1, ++ 0xe7, 0x52, 0xbf, 0x47, 0xf7, 0x62, 0xe0, 0x3a, 0x6f, 0x4d, 0x6a, 0x4d, 0x4e, 0xd4, 0xb9, ++ 0x59, 0x69, 0xfa, 0xb2, 0x14, 0xc1, 0xee, 0xe6, 0x2f, 0x95, 0xcd, 0x94, 0x72, 0xae, 0xe4, ++ 0xdb, 0x18, 0x9a, 0xc4, 0xcd, 0x70, 0xbd, 0xee, 0x31, 0x16, 0xb7, 0x49, 0x65, 0xac, 0x40, ++ 0x19, 0x0e, 0xb5, 0x6d, 0x83, 0xf1, 0x36, 0xbb, 0x08, 0x2f, 0x2e, 0x4e, 0x92, 0x62, 0xa4, ++ 0xff, 0x50, 0xdb, 0x20, 0x45, 0xa2, 0xeb, 0x16, 0x7a, 0xf2, 0xd5, 0x28, 0xc1, 0xfd, 0x4e, ++ 0x03, 0x71 ++ }; ++ ++ static const unsigned char keydata_e[] = { 0x01, 0x00, 0x01 }; ++ ++ static const unsigned char keydata_d[] = { ++ 0x36, 0x27, 0x3d, 0xb1, 0xf9, 0x1b, 0xdb, 0xa7, 0xa0, 0x41, 0x7f, 0x12, 0x23, 0xac, 0x23, ++ 0x29, 0x99, 0xd5, 0x3a, 0x7b, 0x60, 0x67, 0x41, 0x07, 0x63, 0x53, 0xb4, 0xd2, 0xe7, 0x58, ++ 0x95, 0x0a, 0xc7, 0x05, 0xf3, 0x4e, 0xb2, 0xb4, 0x12, 0xd4, 0x70, 0xdc, 0x4f, 0x85, 0x06, ++ 0xd3, 0xdd, 0xd8, 0x63, 0x27, 0x3e, 0x67, 0x31, 0x21, 0x24, 0x39, 0x04, 0xbc, 0x06, 0xa4, ++ 0xcc, 0xce, 0x2b, 0x7a, 0xfe, 0x7b, 0xad, 0xde, 0x11, 0x6e, 0xa3, 0xa5, 0xe6, 0x04, 0x53, ++ 0x0e, 0xa3, 0x4e, 0x2d, 0xb4, 0x8f, 0x31, 0xbf, 0xca, 0x75, 0x25, 0x52, 0x02, 0x85, 0xde, ++ 0x3d, 0xb2, 0x72, 0x43, 0xb2, 0x89, 0x8a, 0x9a, 0x34, 0x41, 0x26, 0x3f, 0x9a, 0x67, 0xbe, ++ 0xa4, 0x96, 0x7b, 0x0e, 0x75, 0xba, 0xa6, 0x93, 0xd5, 0xb8, 0xd8, 0xb8, 0x57, 0xf2, 0x4b, ++ 0x0f, 0x14, 0x81, 0xd1, 0x57, 0x4e, 0xf6, 0x45, 0x4c, 0xa6, 0x3b, 0xd0, 0x70, 0xca, 0xd3, ++ 0x9d, 0x55, 0xde, 0x22, 0x05, 0xe7, 0x8e, 0x28, 0x4d, 0xee, 0x11, 0xcf, 0xb6, 0x67, 0x76, ++ 0x09, 0xd3, 0xe3, 0x3c, 0x13, 0xf9, 0x99, 0x34, 0x10, 0x7b, 0xec, 0x81, 0x38, 0xf0, 0xb6, ++ 0x34, 0x9c, 0x9b, 0x50, 0x6f, 0x0b, 0x91, 0x81, 0x4d, 0x89, 0x94, 0x04, 0x7b, 0xf0, 0x3c, ++ 0xf4, 0xb1, 0xb2, 0x00, 0x48, 0x8d, 0x5a, 0x8f, 0x88, 0x9e, 0xc5, 0xab, 0x3a, 0x9e, 0x44, ++ 0x3f, 0x54, 0xe7, 0xd9, 0x6e, 0x47, 0xaa, 0xa1, 0xbd, 0x40, 0x46, 0x31, 0xf9, 0xf0, 0x34, ++ 0xb6, 0x04, 0xe1, 0x2b, 0x5b, 0x73, 0x86, 0xdd, 0x3a, 0x92, 0x1b, 0x71, 0xc7, 0x3f, 0x32, ++ 0xe5, 0xc3, 0xc2, 0xab, 0xa1, 0x7e, 0xbf, 0xa4, 0x52, 0xa0, 0xb0, 0x68, 0x90, 0xd1, 0x20, ++ 0x12, 0x79, 0xe9, 0xd7, 0xc9, 0x40, 0xba, 0xf2, 0x19, 0xc7, 0xa5, 0x00, 0x92, 0x86, 0x0d, ++ 0x01 ++ }; ++ ++ static const unsigned char keydata_p[] = { ++ 0x00, 0xfc, 0x5c, 0x6e, 0x16, 0xce, 0x1f, 0x03, 0x7b, 0xcd, 0xf7, 0xb3, 0x72, 0xb2, 0x8f, ++ 0x16, 0x72, 0xb8, 0x56, 0xae, 0xf7, 0xcd, 0x67, 0xd8, 0x4e, 0x7d, 0x07, 0xaf, 0xd5, 0x43, ++ 0x26, 0xc3, 0x35, 0xbe, 0x43, 0x8f, 0x4e, 0x2f, 0x1c, 0x43, 0x4e, 0x6b, 0xd2, 0xb2, 0xec, ++ 0x52, 0x6d, 0x97, 0x52, 0x2b, 0xcc, 0x5c, 0x3a, 0x6b, 0xf4, 0x14, 0xc6, 0x74, 0xda, 0x66, ++ 0x38, 0x1c, 0x7a, 0x3f, 0x84, 0x2f, 0xe3, 0xf9, 0x5a, 0xb8, 0x65, 0x69, 0x46, 0x06, 0xa3, ++ 0x37, 0x79, 0xb2, 0xa1, 0x5b, 0x58, 0xed, 0x5e, 0xa7, 0x5f, 0x8c, 0x65, 0x66, 0xbb, 0xd1, ++ 0x24, 0x36, 0xe6, 0x37, 0xa7, 0x3d, 0x49, 0x77, 0x8a, 0x8c, 0x34, 0xd8, 0x69, 0x29, 0xf3, ++ 0x4d, 0x58, 0x22, 0xb0, 0x51, 0x24, 0xb6, 0x40, 0xa8, 0x86, 0x59, 0x0a, 0xb7, 0xba, 0x5c, ++ 0x97, 0xda, 0x57, 0xe8, 0x36, 0xda, 0x7a, 0x9c, 0xad ++ }; ++ ++ static const unsigned char keydata_q[] = { ++ 0x00, 0xcc, 0xbe, 0x7b, 0x09, 0x69, 0x06, 0xee, 0x45, 0xbf, 0x88, 0x47, 0x38, 0xa8, 0xf8, ++ 0x17, 0xe5, 0xb6, 0xba, 0x67, 0x55, 0xe3, 0xe8, 0x05, 0x8b, 0xb8, 0xe2, 0x53, 0xd6, 0x8e, ++ 0xef, 0x2c, 0xe7, 0x4f, 0x4a, 0xf7, 0x4e, 0x26, 0x8d, 0x85, 0x0b, 0x3f, 0xec, 0xc3, 0x1c, ++ 0xd4, 0xeb, 0xec, 0x6a, 0xc8, 0x72, 0x2a, 0x25, 0x7d, 0xfd, 0xa6, 0x77, 0x96, 0xf0, 0x1e, ++ 0xcd, 0x28, 0x57, 0xf8, 0x37, 0x30, 0x75, 0x6b, 0xbd, 0xd4, 0x7b, 0x0c, 0x87, 0xc5, 0x6c, ++ 0x87, 0x40, 0xa5, 0xbb, 0x27, 0x2c, 0x78, 0xc9, 0x74, 0x5a, 0x54, 0x5b, 0x0b, 0x30, 0x6f, ++ 0x44, 0x4a, 0xfa, 0x71, 0xe4, 0x21, 0x61, 0x66, 0xf9, 0xee, 0x65, 0xde, 0x7c, 0x04, 0xd7, ++ 0xfd, 0xa9, 0x15, 0x5b, 0x7f, 0xe2, 0x7a, 0xba, 0x69, 0x86, 0x72, 0xa6, 0x06, 0x8d, 0x9b, ++ 0x90, 0x55, 0x60, 0x9e, 0x4c, 0x5d, 0xa9, 0xb6, 0x55 ++ }; ++ ++ static const unsigned char keydata_dmp1[] = { ++ 0x7a, 0xd6, 0x12, 0xd0, 0x0e, 0xec, 0x91, 0xa9, 0x85, 0x8b, 0xf8, 0x50, 0xf0, 0x11, 0x2e, ++ 0x00, 0x11, 0x32, 0x40, 0x60, 0x66, 0x1f, 0x11, 0xee, 0xc2, 0x75, 0x27, 0x65, 0x4b, 0x16, ++ 0x67, 0x16, 0x95, 0xd2, 0x14, 0xc3, 0x1d, 0xb3, 0x48, 0x1f, 0xb7, 0xe4, 0x0b, 0x2b, 0x74, ++ 0xc3, 0xdb, 0x50, 0x27, 0xf9, 0x85, 0x3a, 0xfa, 0xa9, 0x08, 0x23, 0xc1, 0x65, 0x3d, 0x34, ++ 0x3a, 0xc8, 0x56, 0x7a, 0x65, 0x45, 0x36, 0x6e, 0xae, 0x2a, 0xce, 0x9f, 0x43, 0x43, 0xd7, ++ 0x10, 0xe9, 0x9e, 0x18, 0xf4, 0xa4, 0x35, 0xda, 0x8a, 0x6b, 0xb0, 0x3f, 0xdd, 0x53, 0xe3, ++ 0xa8, 0xc5, 0x4e, 0x79, 0x9d, 0x1f, 0x51, 0x8c, 0xa2, 0xca, 0x66, 0x3c, 0x6a, 0x2a, 0xff, ++ 0x8e, 0xd2, 0xf3, 0xb7, 0xcb, 0x82, 0xda, 0xde, 0x2c, 0xe6, 0xd2, 0x8c, 0xb3, 0xad, 0xb6, ++ 0x4c, 0x95, 0x55, 0x76, 0xbd, 0xc9, 0xc8, 0xd1 ++ }; ++ ++ static const unsigned char keydata_dmq1[] = { ++ 0x00, 0x83, 0x23, 0x1d, 0xbb, 0x11, 0x42, 0x17, 0x2b, 0x25, 0x5a, 0x2c, 0x03, 0xe6, 0x75, ++ 0xc1, 0x18, 0xa8, 0xc9, 0x0b, 0x96, 0xbf, 0xba, 0xc4, 0x92, 0x91, 0x80, 0xa5, 0x22, 0x2f, ++ 0xba, 0x91, 0x90, 0x36, 0x01, 0x56, 0x15, 0x00, 0x2c, 0x74, 0xa2, 0x97, 0xf7, 0x15, 0xa1, ++ 0x49, 0xdf, 0x32, 0x35, 0xd2, 0xdd, 0x0c, 0x91, 0xa6, 0xf8, 0xe7, 0xbe, 0x81, 0x36, 0x9b, ++ 0x03, 0xdc, 0x6b, 0x3b, 0xd8, 0x5d, 0x79, 0x57, 0xe0, 0xe6, 0x4f, 0x49, 0xdf, 0x4c, 0x5c, ++ 0x0e, 0xe5, 0x21, 0x41, 0x95, 0xfd, 0xad, 0xff, 0x9a, 0x3e, 0xa0, 0xf9, 0x0f, 0x59, 0x9e, ++ 0x6a, 0xa7, 0x7b, 0x71, 0xa7, 0x24, 0x9a, 0x36, 0x52, 0xae, 0x97, 0x20, 0xc1, 0x5e, 0x78, ++ 0xd9, 0x47, 0x8b, 0x1e, 0x67, 0xf2, 0xaf, 0x98, 0xe6, 0x2d, 0xef, 0x10, 0xd7, 0xf1, 0xab, ++ 0x49, 0xee, 0xe5, 0x4b, 0x7e, 0xae, 0x1f, 0x1d, 0x61 ++ }; ++ ++ static const unsigned char keydata_iqmp[] = { ++ 0x23, 0x96, 0xc1, 0x91, 0x17, 0x5e, 0x0a, 0x83, 0xd2, 0xdc, 0x7b, 0x69, 0xb2, 0x59, 0x1d, ++ 0x33, 0x58, 0x52, 0x3f, 0x18, 0xc7, 0x09, 0x50, 0x1c, 0xb9, 0xa1, 0xbb, 0x4c, 0xa2, 0x38, ++ 0x40, 0x4c, 0x9a, 0x8e, 0xfe, 0x9c, 0x90, 0x92, 0xd0, 0x71, 0x9f, 0x89, 0x99, 0x50, 0x91, ++ 0x1f, 0x34, 0x8b, 0x74, 0x53, 0x11, 0x11, 0x4a, 0x70, 0xe2, 0xf7, 0x30, 0xd8, 0x8c, 0x80, ++ 0xe1, 0xcc, 0x9f, 0xf1, 0x63, 0x17, 0x1a, 0x7d, 0x67, 0x29, 0x4c, 0xcb, 0x4e, 0x74, 0x7b, ++ 0xe0, 0x3e, 0x9e, 0x2f, 0xf4, 0x67, 0x8f, 0xec, 0xb9, 0x5c, 0x00, 0x1e, 0x7e, 0xa2, 0x7b, ++ 0x92, 0xc9, 0x6f, 0x4c, 0xe4, 0x0e, 0xf9, 0x48, 0x63, 0xcd, 0x50, 0x22, 0x5d, 0xbf, 0xb6, ++ 0x9d, 0x01, 0x33, 0x6a, 0xf4, 0x50, 0xbe, 0x86, 0x98, 0x4f, 0xca, 0x3f, 0x3a, 0xfa, 0xcf, ++ 0x07, 0x40, 0xc4, 0xaa, 0xad, 0xae, 0xbe, 0xbf ++ }; ++ ++ int rv = 0; ++ BIGNUM *n = NULL, *e = NULL, *d = NULL, *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; ++ ++ fips_load_key_component(n, keydata); ++ fips_load_key_component(e, keydata); ++ fips_load_key_component(d, keydata); ++ fips_load_key_component(p, keydata); ++ fips_load_key_component(q, keydata); ++ fips_load_key_component(dmp1, keydata); ++ fips_load_key_component(dmq1, keydata); ++ fips_load_key_component(iqmp, keydata); ++ ++ RSA_set0_key(key, n, e, d); ++ RSA_set0_factors(key, p, q); ++ RSA_set0_crt_params(key, dmp1, dmq1, iqmp); ++ ++ rv = 1; ++err: ++ if (!rv) { ++ BN_free(n); ++ BN_free(e); ++ BN_free(d); ++ BN_free(p); ++ BN_free(q); ++ BN_free(dmp1); ++ BN_free(dmq1); ++ BN_free(iqmp); ++ } ++ return rv; ++} ++ ++/* Known Answer Test (KAT) data for the above RSA private key signing ++ * kat_tbs. ++ */ ++ ++static const unsigned char kat_tbs[] = ++ "OpenSSL FIPS 140-2 Public Key RSA KAT"; ++ ++static const unsigned char kat_RSA_PSS_SHA256[] = { ++ 0x38, 0xDA, 0x99, 0x51, 0x26, 0x38, 0xC6, 0x7F, 0xC4, 0x81, 0x57, 0x19, ++ 0x35, 0xC6, 0xF6, 0x1E, 0x90, 0x47, 0x20, 0x55, 0x47, 0x56, 0x26, 0xE9, ++ 0xF2, 0xA8, 0x39, 0x6C, 0xD5, 0xCD, 0xCB, 0x55, 0xFC, 0x0C, 0xC5, 0xCB, ++ 0xF7, 0x40, 0x17, 0x3B, 0xCF, 0xE4, 0x05, 0x03, 0x3B, 0xA0, 0xB2, 0xC9, ++ 0x0D, 0x5E, 0x48, 0x3A, 0xE9, 0xAD, 0x28, 0x71, 0x7D, 0x8F, 0x89, 0x16, ++ 0x59, 0x93, 0x35, 0xDC, 0x4D, 0x7B, 0xDF, 0x84, 0xE4, 0x68, 0xAA, 0x33, ++ 0xAA, 0xDC, 0x66, 0x50, 0xC8, 0xA9, 0x32, 0x12, 0xDC, 0xC6, 0x90, 0x49, ++ 0x0B, 0x75, 0xFF, 0x9B, 0x95, 0x00, 0x9A, 0x90, 0xE0, 0xD4, 0x0E, 0x67, ++ 0xAB, 0x3C, 0x47, 0x36, 0xC5, 0x2E, 0x1C, 0x46, 0xF0, 0x2D, 0xD3, 0x8B, ++ 0x42, 0x08, 0xDE, 0x0D, 0xB6, 0x2C, 0x86, 0xB0, 0x35, 0x71, 0x18, 0x6B, ++ 0x89, 0x67, 0xC0, 0x05, 0xAD, 0xF4, 0x1D, 0x62, 0x4E, 0x75, 0xEC, 0xD6, ++ 0xC2, 0xDB, 0x07, 0xB0, 0xB6, 0x8D, 0x15, 0xAD, 0xCD, 0xBF, 0xF5, 0x60, ++ 0x76, 0xAE, 0x48, 0xB8, 0x77, 0x7F, 0xC5, 0x01, 0xD9, 0x29, 0xBB, 0xD6, ++ 0x17, 0xA2, 0x20, 0x5A, 0xC0, 0x4A, 0x3B, 0x34, 0xC8, 0xB9, 0x39, 0xCF, ++ 0x06, 0x89, 0x95, 0x6F, 0xC7, 0xCA, 0xC4, 0xE4, 0x43, 0xDF, 0x5A, 0x23, ++ 0xE2, 0x89, 0xA3, 0x38, 0x78, 0x31, 0x38, 0xC6, 0xA4, 0x6F, 0x5F, 0x73, ++ 0x5A, 0xE5, 0x9E, 0x09, 0xE7, 0x6F, 0xD4, 0xF8, 0x3E, 0xB7, 0xB0, 0x56, ++ 0x9A, 0xF3, 0x65, 0xF0, 0xC2, 0xA6, 0x8A, 0x08, 0xBA, 0x44, 0xAC, 0x97, ++ 0xDE, 0xB4, 0x16, 0x83, 0xDF, 0xE3, 0xEE, 0x71, 0xFA, 0xF9, 0x51, 0x50, ++ 0x14, 0xDC, 0xFD, 0x6A, 0x82, 0x20, 0x68, 0x64, 0x7D, 0x4E, 0x82, 0x68, ++ 0xD7, 0x45, 0xFA, 0x6A, 0xE4, 0xE5, 0x29, 0x3A, 0x70, 0xFB, 0xE4, 0x62, ++ 0x2B, 0x31, 0xB9, 0x7D ++}; ++ ++static const unsigned char kat_RSA_SHA256[] = { ++ 0xC2, 0xB1, 0x97, 0x00, 0x9A, 0xE5, 0x80, 0x6A, 0xE2, 0x51, 0x68, 0xB9, ++ 0x7A, 0x0C, 0xF2, 0xB4, 0x77, 0xED, 0x15, 0x0C, 0x4E, 0xE1, 0xDC, 0xFF, ++ 0x8E, 0xBC, 0xDE, 0xC7, 0x9A, 0x96, 0xF1, 0x47, 0x45, 0x24, 0x9D, 0x6F, ++ 0xA6, 0xF3, 0x1D, 0x0D, 0x35, 0x4C, 0x1A, 0xF3, 0x58, 0x2C, 0x6C, 0x06, ++ 0xD6, 0x22, 0x37, 0x77, 0x8C, 0x33, 0xE5, 0x07, 0x53, 0x93, 0x28, 0xCF, ++ 0x67, 0xFA, 0xC4, 0x1F, 0x1B, 0x24, 0xDB, 0x4C, 0xC5, 0x2A, 0x51, 0xA2, ++ 0x60, 0x15, 0x8C, 0x54, 0xB4, 0x30, 0xE2, 0x24, 0x47, 0x86, 0xF2, 0xF8, ++ 0x6C, 0xD6, 0x12, 0x59, 0x2C, 0x74, 0x9A, 0x37, 0xF3, 0xC4, 0xA2, 0xD5, ++ 0x4E, 0x1F, 0x77, 0xF0, 0x27, 0xCE, 0x77, 0xF8, 0x4A, 0x79, 0x03, 0xBE, ++ 0xC8, 0x06, 0x2D, 0xA7, 0xA6, 0x46, 0xF5, 0x55, 0x79, 0xD7, 0x5C, 0xC6, ++ 0x5B, 0xB1, 0x00, 0x4E, 0x7C, 0xD9, 0x11, 0x85, 0xE0, 0xB1, 0x4D, 0x2D, ++ 0x13, 0xD7, 0xAC, 0xEA, 0x64, 0xD1, 0xAC, 0x8F, 0x8D, 0x8F, 0xEA, 0x42, ++ 0x7F, 0xF9, 0xB7, 0x7D, 0x2C, 0x68, 0x49, 0x07, 0x7A, 0x74, 0xEF, 0xB4, ++ 0xC9, 0x97, 0x16, 0x5C, 0x6C, 0x6E, 0x5C, 0x09, 0x2E, 0x8E, 0x13, 0x2E, ++ 0x1A, 0x8D, 0xA6, 0x0C, 0x6E, 0x0C, 0x1C, 0x0F, 0xCC, 0xB2, 0x78, 0x8A, ++ 0x07, 0xFC, 0x5C, 0xC2, 0xF5, 0x65, 0xEC, 0xAB, 0x8B, 0x3C, 0xCA, 0x91, ++ 0x6F, 0x84, 0x7C, 0x21, 0x0E, 0xB8, 0xDA, 0x7B, 0x6C, 0xF7, 0xDF, 0xAB, ++ 0x7E, 0x15, 0xFD, 0x85, 0x0B, 0x33, 0x9B, 0x6A, 0x3A, 0xC3, 0xEF, 0x65, ++ 0x04, 0x6E, 0xB2, 0xAC, 0x98, 0xFD, 0xEB, 0x02, 0xF5, 0xC0, 0x0B, 0x5E, ++ 0xCB, 0xD4, 0x83, 0x82, 0x18, 0x1B, 0xDA, 0xB4, 0xCD, 0xE8, 0x71, 0x6B, ++ 0x1D, 0xB5, 0x4F, 0xE9, 0xD6, 0x43, 0xA0, 0x0A, 0x14, 0xA0, 0xE7, 0x5D, ++ 0x47, 0x9D, 0x18, 0xD7 ++}; ++ ++static int fips_rsa_encrypt_test(RSA *rsa, const unsigned char *plaintext, ++ int ptlen) ++{ ++ unsigned char *ctbuf = NULL, *ptbuf = NULL; ++ int ret = 0; ++ int len; ++ ++ ctbuf = OPENSSL_malloc(RSA_size(rsa)); ++ if (!ctbuf) ++ goto err; ++ ++ len = RSA_public_encrypt(ptlen, plaintext, ctbuf, rsa, RSA_PKCS1_PADDING); ++ if (len <= 0) ++ goto err; ++ /* Check ciphertext doesn't match plaintext */ ++ if (len >= ptlen && !memcmp(plaintext, ctbuf, ptlen)) ++ goto err; ++ ++ ptbuf = OPENSSL_malloc(RSA_size(rsa)); ++ if (!ptbuf) ++ goto err; ++ ++ len = RSA_private_decrypt(len, ctbuf, ptbuf, rsa, RSA_PKCS1_PADDING); ++ if (len != ptlen) ++ goto err; ++ if (memcmp(ptbuf, plaintext, len)) ++ goto err; ++ ++ ret = 1; ++ ++ err: ++ if (ctbuf) ++ OPENSSL_free(ctbuf); ++ if (ptbuf) ++ OPENSSL_free(ptbuf); ++ return ret; ++} ++ ++int FIPS_selftest_rsa() ++{ ++ int ret = 0; ++ RSA *key; ++ EVP_PKEY *pk = NULL; ++ ++ if ((key = RSA_new()) == NULL) ++ goto err; ++ ++ if (!setrsakey(key)) ++ goto err; ++ ++ if ((pk = EVP_PKEY_new()) == NULL) ++ goto err; ++ ++ EVP_PKEY_set1_RSA(pk, key); ++ ++ if (!fips_pkey_signature_test(pk, kat_tbs, sizeof(kat_tbs) - 1, ++ kat_RSA_SHA256, sizeof(kat_RSA_SHA256), ++ EVP_sha256(), EVP_MD_CTX_FLAG_PAD_PKCS1, ++ "RSA SHA256 PKCS#1")) ++ goto err; ++ ++ if (!fips_pkey_signature_test(pk, kat_tbs, sizeof(kat_tbs) - 1, ++ kat_RSA_PSS_SHA256, ++ sizeof(kat_RSA_PSS_SHA256), EVP_sha256(), ++ EVP_MD_CTX_FLAG_PAD_PSS, "RSA SHA256 PSS")) ++ goto err; ++ ++ if (!fips_rsa_encrypt_test(key, kat_tbs, sizeof(kat_tbs) - 1)) ++ goto err; ++ ++ ret = 1; ++ ++ err: ++ if (pk) ++ EVP_PKEY_free(pk); ++ if (key) ++ RSA_free(key); ++ return ret; ++} ++ ++#endif /* def OPENSSL_FIPS */ +diff -up openssl-1.1.1e/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_sha_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_sha_selftest.c.fips 2020-03-17 17:30:52.050566973 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_sha_selftest.c 2020-03-17 17:30:52.050566973 +0100 +@@ -0,0 +1,223 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#ifdef OPENSSL_FIPS ++# include ++#endif ++#include ++#include ++ ++#ifdef OPENSSL_FIPS ++static const char test[][60] = { ++ "", ++ "abc", ++ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" ++}; ++ ++static const unsigned char ret[][SHA_DIGEST_LENGTH] = { ++ {0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d, 0x32, 0x55, ++ 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90, 0xaf, 0xd8, 0x07, 0x09}, ++ {0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a, 0xba, 0x3e, ++ 0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c, 0x9c, 0xd0, 0xd8, 0x9d}, ++ {0x84, 0x98, 0x3e, 0x44, 0x1c, 0x3b, 0xd2, 0x6e, 0xba, 0xae, ++ 0x4a, 0xa1, 0xf9, 0x51, 0x29, 0xe5, 0xe5, 0x46, 0x70, 0xf1}, ++}; ++ ++int FIPS_selftest_sha1() ++{ ++ int n; ++ ++ for (n = 0; n < sizeof(test) / sizeof(test[0]); ++n) { ++ unsigned char md[SHA_DIGEST_LENGTH]; ++ ++ EVP_Digest(test[n], strlen(test[n]), md, NULL, ++ EVP_sha1(), NULL); ++ if (memcmp(md, ret[n], sizeof md)) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST_SHA1, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ } ++ return 1; ++} ++ ++static const unsigned char msg_sha256[] = ++ { 0xfa, 0x48, 0x59, 0x2a, 0xe1, 0xae, 0x1f, 0x30, ++ 0xfc ++}; ++ ++static const unsigned char dig_sha256[] = ++ { 0xf7, 0x26, 0xd8, 0x98, 0x47, 0x91, 0x68, 0x5b, ++ 0x9e, 0x39, 0xb2, 0x58, 0xbb, 0x75, 0xbf, 0x01, ++ 0x17, 0x0c, 0x84, 0x00, 0x01, 0x7a, 0x94, 0x83, ++ 0xf3, 0x0b, 0x15, 0x84, 0x4b, 0x69, 0x88, 0x8a ++}; ++ ++static const unsigned char msg_sha512[] = ++ { 0x37, 0xd1, 0x35, 0x9d, 0x18, 0x41, 0xe9, 0xb7, ++ 0x6d, 0x9a, 0x13, 0xda, 0x5f, 0xf3, 0xbd ++}; ++ ++static const unsigned char dig_sha512[] = ++ { 0x11, 0x13, 0xc4, 0x19, 0xed, 0x2b, 0x1d, 0x16, ++ 0x11, 0xeb, 0x9b, 0xbe, 0xf0, 0x7f, 0xcf, 0x44, ++ 0x8b, 0xd7, 0x57, 0xbd, 0x8d, 0xa9, 0x25, 0xb0, ++ 0x47, 0x25, 0xd6, 0x6c, 0x9a, 0x54, 0x7f, 0x8f, ++ 0x0b, 0x53, 0x1a, 0x10, 0x68, 0x32, 0x03, 0x38, ++ 0x82, 0xc4, 0x87, 0xc4, 0xea, 0x0e, 0xd1, 0x04, ++ 0xa9, 0x98, 0xc1, 0x05, 0xa3, 0xf3, 0xf8, 0xb1, ++ 0xaf, 0xbc, 0xd9, 0x78, 0x7e, 0xee, 0x3d, 0x43 ++}; ++ ++int FIPS_selftest_sha2(void) ++{ ++ unsigned char md[SHA512_DIGEST_LENGTH]; ++ ++ EVP_Digest(msg_sha256, sizeof(msg_sha256), md, NULL, EVP_sha256(), NULL); ++ if (memcmp(dig_sha256, md, sizeof(dig_sha256))) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST_SHA2, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ EVP_Digest(msg_sha512, sizeof(msg_sha512), md, NULL, EVP_sha512(), NULL); ++ if (memcmp(dig_sha512, md, sizeof(dig_sha512))) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST_SHA2, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ return 1; ++} ++ ++static const unsigned char msg_sha3_256[] = { ++ 0xa1, 0xd7, 0xce, 0x51, 0x04, 0xeb, 0x25, 0xd6, ++ 0x13, 0x1b, 0xb8, 0xf6, 0x6e, 0x1f, 0xb1, 0x3f, ++ 0x35, 0x23 ++}; ++ ++static const unsigned char dig_sha3_256[] = { ++ 0xee, 0x90, 0x62, 0xf3, 0x97, 0x20, 0xb8, 0x21, ++ 0xb8, 0x8b, 0xe5, 0xe6, 0x46, 0x21, 0xd7, 0xe0, ++ 0xca, 0x02, 0x6a, 0x9f, 0xe7, 0x24, 0x8d, 0x78, ++ 0x15, 0x0b, 0x14, 0xbd, 0xba, 0xa4, 0x0b, 0xed ++}; ++ ++static const unsigned char msg_sha3_512[] = { ++ 0x13, 0x3b, 0x49, 0x7b, 0x00, 0x93, 0x27, 0x73, ++ 0xa5, 0x3b, 0xa9, 0xbf, 0x8e, 0x61, 0xd5, 0x9f, ++ 0x05, 0xf4 ++}; ++ ++static const unsigned char dig_sha3_512[] = { ++ 0x78, 0x39, 0x64, 0xa1, 0xcf, 0x41, 0xd6, 0xd2, ++ 0x10, 0xa8, 0xd7, 0xc8, 0x1c, 0xe6, 0x97, 0x0a, ++ 0xa6, 0x2c, 0x90, 0x53, 0xcb, 0x89, 0xe1, 0x5f, ++ 0x88, 0x05, 0x39, 0x57, 0xec, 0xf6, 0x07, 0xf4, ++ 0x2a, 0xf0, 0x88, 0x04, 0xe7, 0x6f, 0x2f, 0xbd, ++ 0xbb, 0x31, 0x80, 0x9c, 0x9e, 0xef, 0xc6, 0x0e, ++ 0x23, 0x3d, 0x66, 0x24, 0x36, 0x7a, 0x3b, 0x9c, ++ 0x30, 0xf8, 0xee, 0x5f, 0x65, 0xbe, 0x56, 0xac ++}; ++ ++static const unsigned char msg_shake_128[] = { ++ 0x43, 0xbd, 0xb1, 0x1e, 0xac, 0x71, 0x03, 0x1f, ++ 0x02, 0xa1, 0x1c, 0x15, 0xa1, 0x88, 0x5f, 0xa4, ++ 0x28, 0x98 ++}; ++ ++static const unsigned char dig_shake_128[] = { ++ 0xde, 0x68, 0x02, 0x7d, 0xa1, 0x30, 0x66, 0x3a, ++ 0x73, 0x98, 0x0e, 0x35, 0x25, 0xb8, 0x8c, 0x75 ++}; ++ ++static const unsigned char msg_shake_256[] = { ++ 0x8f, 0x84, 0xa3, 0x7d, 0xbd, 0x44, 0xd0, 0xf6, ++ 0x95, 0x36, 0xc5, 0xf4, 0x44, 0x6b, 0xa3, 0x23, ++ 0x9b, 0xfc ++}; ++ ++static const unsigned char dig_shake_256[] = { ++ 0x05, 0xca, 0x83, 0x5e, 0x0c, 0xdb, 0xfa, 0xf5, ++ 0x95, 0xc6, 0x86, 0x7e, 0x2d, 0x9d, 0xb9, 0x3f, ++ 0xca, 0x9c, 0x8b, 0xc6, 0x65, 0x02, 0x2e, 0xdd, ++ 0x6f, 0xe7, 0xb3, 0xda, 0x5e, 0x07, 0xc4, 0xcf ++}; ++ ++int FIPS_selftest_sha3(void) ++{ ++ unsigned char md[SHA512_DIGEST_LENGTH]; ++ ++ EVP_Digest(msg_sha3_256, sizeof(msg_sha3_256), md, NULL, EVP_sha3_256(), NULL); ++ if (memcmp(dig_sha3_256, md, sizeof(dig_sha3_256))) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ EVP_Digest(msg_sha3_512, sizeof(msg_sha3_512), md, NULL, EVP_sha3_512(), NULL); ++ if (memcmp(dig_sha3_512, md, sizeof(dig_sha3_512))) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ EVP_Digest(msg_shake_128, sizeof(msg_shake_128), md, NULL, EVP_shake128(), NULL); ++ if (memcmp(dig_shake_128, md, sizeof(dig_shake_128))) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ EVP_Digest(msg_shake_256, sizeof(msg_shake_256), md, NULL, EVP_shake256(), NULL); ++ if (memcmp(dig_shake_256, md, sizeof(dig_shake_256))) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ return 1; ++} ++ ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c +--- openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c.fips 2020-03-17 17:30:52.050566973 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c 2020-03-17 17:30:52.050566973 +0100 +@@ -0,0 +1,127 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++int main(int argc, char **argv) ++{ ++#ifdef OPENSSL_FIPS ++ static char key[] = "orboDeJITITejsirpADONivirpUkvarP"; ++ int n, binary = 0; ++ ++ if (argc < 2) { ++ fprintf(stderr, "%s []+\n", argv[0]); ++ exit(1); ++ } ++ ++ n = 1; ++ if (!strcmp(argv[n], "-binary")) { ++ n++; ++ binary = 1; /* emit binary fingerprint... */ ++ } ++ ++ for (; n < argc; ++n) { ++ FILE *f = fopen(argv[n], "rb"); ++ HMAC_CTX *hmac_ctx; ++ unsigned char mac[EVP_MAX_MD_SIZE]; ++ unsigned int len; ++ unsigned int i; ++ ++ if (!f) { ++ perror(argv[n]); ++ exit(2); ++ } ++ hmac_ctx = HMAC_CTX_new(); ++ if (!hmac_ctx) ++ exit(3); ++ ++ if (HMAC_Init_ex(hmac_ctx, key, strlen(key), EVP_sha256(), NULL) <= 0) { ++ fprintf(stderr, "HMAC SHA256 initialization failed.\n"); ++ exit(4); ++ } ++ ++ for (;;) { ++ unsigned char buf[1024]; ++ size_t l = fread(buf, 1, sizeof buf, f); ++ ++ if (l == 0) { ++ if (ferror(f)) { ++ perror(argv[n]); ++ exit(3); ++ } else ++ break; ++ } ++ if (HMAC_Update(hmac_ctx, buf, l) <= 0) { ++ fprintf(stderr, "HMAC_Update() failed.\n"); ++ exit(4); ++ } ++ } ++ if (HMAC_Final(hmac_ctx, mac, &len) <= 0) { ++ fprintf(stderr, "HMAC_Final() failed.\n"); ++ exit(4); ++ } ++ ++ if (binary) { ++ fwrite(mac, len, 1, stdout); ++ break; /* ... for single(!) file */ ++ } ++ ++/* printf("HMAC-SHA1(%s)= ",argv[n]); */ ++ for (i = 0; i < len; ++i) ++ printf("%02x", mac[i]); ++ printf("\n"); ++ } ++#endif ++ return 0; ++} +diff -up openssl-1.1.1e/crypto/hmac/hmac.c.fips openssl-1.1.1e/crypto/hmac/hmac.c +--- openssl-1.1.1e/crypto/hmac/hmac.c.fips 2020-03-17 17:30:52.050566973 +0100 ++++ openssl-1.1.1e/crypto/hmac/hmac.c 2020-03-17 17:38:16.969802663 +0100 +@@ -44,6 +44,13 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo + return 0; + + if (key != NULL) { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(EVP_MD_flags(md) & EVP_MD_FLAG_FIPS) ++ && (!EVP_MD_CTX_test_flags(ctx->md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) ++ || !EVP_MD_CTX_test_flags(ctx->i_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) ++ || !EVP_MD_CTX_test_flags(ctx->o_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW))) ++ goto err; ++#endif + reset = 1; + + j = EVP_MD_block_size(md); +diff -up openssl-1.1.1e/crypto/hmac/hm_pmeth.c.fips openssl-1.1.1e/crypto/hmac/hm_pmeth.c +--- openssl-1.1.1e/crypto/hmac/hm_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/hmac/hm_pmeth.c 2020-03-17 17:30:52.051566956 +0100 +@@ -180,7 +180,7 @@ static int pkey_hmac_ctrl_str(EVP_PKEY_C + + const EVP_PKEY_METHOD hmac_pkey_meth = { + EVP_PKEY_HMAC, +- 0, ++ EVP_PKEY_FLAG_FIPS, + pkey_hmac_init, + pkey_hmac_copy, + pkey_hmac_cleanup, +diff -up openssl-1.1.1e/include/crypto/fips.h.fips openssl-1.1.1e/include/crypto/fips.h +--- openssl-1.1.1e/include/crypto/fips.h.fips 2020-03-17 17:30:52.051566956 +0100 ++++ openssl-1.1.1e/include/crypto/fips.h 2020-03-17 17:30:52.051566956 +0100 +@@ -0,0 +1,98 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++ ++#ifndef OPENSSL_FIPS ++# error FIPS is disabled. ++#endif ++ ++#ifdef OPENSSL_FIPS ++ ++int FIPS_module_mode_set(int onoff); ++int FIPS_module_mode(void); ++int FIPS_module_installed(void); ++int FIPS_selftest_sha1(void); ++int FIPS_selftest_sha2(void); ++int FIPS_selftest_sha3(void); ++int FIPS_selftest_aes_ccm(void); ++int FIPS_selftest_aes_gcm(void); ++int FIPS_selftest_aes_xts(void); ++int FIPS_selftest_aes(void); ++int FIPS_selftest_des(void); ++int FIPS_selftest_rsa(void); ++int FIPS_selftest_dsa(void); ++int FIPS_selftest_ecdsa(void); ++int FIPS_selftest_ecdh(void); ++int FIPS_selftest_dh(void); ++void FIPS_drbg_stick(int onoff); ++int FIPS_selftest_hmac(void); ++int FIPS_selftest_drbg(void); ++int FIPS_selftest_cmac(void); ++ ++int fips_pkey_signature_test(EVP_PKEY *pkey, ++ const unsigned char *tbs, int tbslen, ++ const unsigned char *kat, ++ unsigned int katlen, ++ const EVP_MD *digest, ++ unsigned int md_flags, const char *fail_str); ++ ++int fips_cipher_test(EVP_CIPHER_CTX *ctx, ++ const EVP_CIPHER *cipher, ++ const unsigned char *key, ++ const unsigned char *iv, ++ const unsigned char *plaintext, ++ const unsigned char *ciphertext, int len); ++ ++void fips_set_selftest_fail(void); ++ ++void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr); ++ ++#endif +diff -up openssl-1.1.1e/crypto/o_fips.c.fips openssl-1.1.1e/crypto/o_fips.c +--- openssl-1.1.1e/crypto/o_fips.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/o_fips.c 2020-03-17 17:30:52.052566939 +0100 +@@ -8,17 +8,28 @@ + */ + + #include "internal/cryptlib.h" ++#include "crypto/fips.h" + + int FIPS_mode(void) + { ++#ifdef OPENSSL_FIPS ++ return FIPS_module_mode(); ++#else + /* This version of the library does not support FIPS mode. */ + return 0; ++#endif + } + + int FIPS_mode_set(int r) + { ++#ifdef OPENSSL_FIPS ++ if (r && FIPS_module_mode()) /* can be implicitly initialized by OPENSSL_init() */ ++ return 1; ++ return FIPS_module_mode_set(r); ++#else + if (r == 0) + return 1; + CRYPTOerr(CRYPTO_F_FIPS_MODE_SET, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED); + return 0; ++#endif + } +diff -up openssl-1.1.1e/crypto/o_init.c.fips openssl-1.1.1e/crypto/o_init.c +--- openssl-1.1.1e/crypto/o_init.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/o_init.c 2020-03-17 17:30:52.052566939 +0100 +@@ -7,8 +7,69 @@ + * https://www.openssl.org/source/license.html + */ + ++/* for secure_getenv */ ++#define _GNU_SOURCE + #include "e_os.h" + #include ++#ifdef OPENSSL_FIPS ++# include ++# include ++# include ++# include ++# include ++# include ++# include ++# include ++# include "crypto/fips.h" ++ ++# define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled" ++ ++static void init_fips_mode(void) ++{ ++ char buf[2] = "0"; ++ int fd; ++ ++ if (secure_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) { ++ buf[0] = '1'; ++ } else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0) { ++ while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR) ; ++ close(fd); ++ } ++ ++ if (buf[0] != '1' && !FIPS_module_installed()) ++ return; ++ ++ /* Ensure the selftests always run */ ++ /* XXX: TO SOLVE - premature initialization due to selftests */ ++ FIPS_mode_set(1); ++ ++ /* Failure reading the fips mode switch file means just not ++ * switching into FIPS mode. We would break too many things ++ * otherwise.. ++ */ ++ ++ if (buf[0] != '1') { ++ /* drop down to non-FIPS mode if it is not requested */ ++ FIPS_mode_set(0); ++ } else { ++ /* abort if selftest failed */ ++ FIPS_selftest_check(); ++ } ++} ++ ++/* ++ * Perform FIPS module power on selftest and automatic FIPS mode switch. ++ */ ++ ++void __attribute__ ((constructor)) OPENSSL_init_library(void) ++{ ++ static int done = 0; ++ if (done) ++ return; ++ done = 1; ++ init_fips_mode(); ++} ++#endif + + /* + * Perform any essential OpenSSL initialization operations. Currently does +diff -up openssl-1.1.1e/crypto/rand/rand_lib.c.fips openssl-1.1.1e/crypto/rand/rand_lib.c +--- openssl-1.1.1e/crypto/rand/rand_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rand/rand_lib.c 2020-03-17 17:35:56.471259207 +0100 +@@ -16,6 +16,10 @@ + #include "internal/thread_once.h" + #include "rand_local.h" + #include "e_os.h" ++#ifdef OPENSSL_FIPS ++# include ++# include ++#endif + + #ifndef OPENSSL_NO_ENGINE + /* non-NULL if default_RAND_meth is ENGINE-provided */ +@@ -961,3 +965,15 @@ int RAND_status(void) + return meth->status(); + return 0; + } ++ ++#ifdef OPENSSL_FIPS ++void RAND_set_fips_drbg_type(int type, int flags) ++{ /* just a stub for ABI compatibility */ ++} ++ ++int RAND_init_fips(void) ++{ ++ /* just a stub for ABI compatibility */ ++ return 1; ++} ++#endif +diff -up openssl-1.1.1e/crypto/rsa/rsa_crpt.c.fips openssl-1.1.1e/crypto/rsa/rsa_crpt.c +--- openssl-1.1.1e/crypto/rsa/rsa_crpt.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_crpt.c 2020-03-17 17:30:52.055566886 +0100 +@@ -27,24 +27,52 @@ int RSA_size(const RSA *r) + int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, + RSA *rsa, int padding) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) ++ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_PUBLIC_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD); ++ return -1; ++ } ++#endif + return rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding); + } + + int RSA_private_encrypt(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, ++ RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); ++ return -1; ++ } ++#endif + return rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding); + } + + int RSA_private_decrypt(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) ++ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_PRIVATE_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD); ++ return -1; ++ } ++#endif + return rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding); + } + + int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, + RSA *rsa, int padding) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, ++ RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); ++ return -1; ++ } ++#endif + return rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding); + } + +diff -up openssl-1.1.1e/crypto/rsa/rsa_err.c.fips openssl-1.1.1e/crypto/rsa/rsa_err.c +--- openssl-1.1.1e/crypto/rsa/rsa_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_err.c 2020-03-17 17:30:52.055566886 +0100 +@@ -16,6 +16,8 @@ + static const ERR_STRING_DATA RSA_str_functs[] = { + {ERR_PACK(ERR_LIB_RSA, RSA_F_CHECK_PADDING_MD, 0), "check_padding_md"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_ENCODE_PKCS1, 0), "encode_pkcs1"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_FIPS_RSA_BUILTIN_KEYGEN, 0), ++ "fips_rsa_builtin_keygen"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_INT_RSA_VERIFY, 0), "int_rsa_verify"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_OLD_RSA_PRIV_DECODE, 0), + "old_rsa_priv_decode"}, +@@ -32,6 +34,9 @@ static const ERR_STRING_DATA RSA_str_fun + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CHECK_KEY_EX, 0), "RSA_check_key_ex"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_DECRYPT, 0), "rsa_cms_decrypt"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_VERIFY, 0), "rsa_cms_verify"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_GENERATE_KEY_EX, 0), "RSA_generate_key_ex"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_GENERATE_MULTI_PRIME_KEY, 0), ++ "RSA_generate_multi_prime_key"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_ITEM_VERIFY, 0), "rsa_item_verify"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_METH_DUP, 0), "RSA_meth_dup"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_METH_NEW, 0), "RSA_meth_new"}, +@@ -90,9 +95,13 @@ static const ERR_STRING_DATA RSA_str_fun + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRINT_FP, 0), "RSA_print_fp"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIV_DECODE, 0), "rsa_priv_decode"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIV_ENCODE, 0), "rsa_priv_encode"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_DECRYPT, 0), "RSA_private_decrypt"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_ENCRYPT, 0), "RSA_private_encrypt"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PSS_GET_PARAM, 0), "rsa_pss_get_param"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PSS_TO_CTX, 0), "rsa_pss_to_ctx"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUB_DECODE, 0), "rsa_pub_decode"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUBLIC_DECRYPT, 0), "RSA_public_decrypt"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUBLIC_ENCRYPT, 0), "RSA_public_encrypt"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SETUP_BLINDING, 0), "RSA_setup_blinding"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN, 0), "RSA_sign"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN_ASN1_OCTET_STRING, 0), +@@ -102,6 +111,8 @@ static const ERR_STRING_DATA RSA_str_fun + "RSA_verify_ASN1_OCTET_STRING"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, 0), + "RSA_verify_PKCS1_PSS_mgf1"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_DEFAULT_METHOD, 0), "RSA_set_default_method"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_METHOD, 0), "RSA_set_method"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_SETUP_TBUF, 0), "setup_tbuf"}, + {0, NULL} + }; +@@ -183,6 +194,7 @@ static const ERR_STRING_DATA RSA_str_rea + "mp exponent not congruent to d"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MP_R_NOT_PRIME), "mp r not prime"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NO_PUBLIC_EXPONENT), "no public exponent"}, ++ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NON_FIPS_RSA_METHOD), "non FIPS rsa method"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NULL_BEFORE_BLOCK_MISSING), + "null before block missing"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES), +@@ -191,6 +203,8 @@ static const ERR_STRING_DATA RSA_str_rea + "n does not equal p q"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OAEP_DECODING_ERROR), + "oaep decoding error"}, ++ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE), ++ "operation not allowed in FIPS mode"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), + "operation not supported for this keytype"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PADDING_CHECK_FAILED), +@@ -226,6 +240,8 @@ static const ERR_STRING_DATA RSA_str_rea + "unsupported mask algorithm"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_MASK_PARAMETER), + "unsupported mask parameter"}, ++ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_PARAMETERS), ++ "unsupported parameters"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_SIGNATURE_TYPE), + "unsupported signature type"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_VALUE_MISSING), "value missing"}, +diff -up openssl-1.1.1e/crypto/rsa/rsa_gen.c.fips openssl-1.1.1e/crypto/rsa/rsa_gen.c +--- openssl-1.1.1e/crypto/rsa/rsa_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_gen.c 2020-03-17 17:33:55.560367363 +0100 +@@ -18,6 +18,76 @@ + #include "internal/cryptlib.h" + #include + #include "rsa_local.h" ++#ifdef OPENSSL_FIPS ++# include ++# include "crypto/fips.h" ++ ++int fips_check_rsa(RSA *rsa) ++{ ++ const unsigned char tbs[] = "RSA Pairwise Check Data"; ++ unsigned char *ctbuf = NULL, *ptbuf = NULL; ++ int len, ret = 0; ++ EVP_PKEY *pk; ++ ++ if ((pk = EVP_PKEY_new()) == NULL) ++ goto err; ++ ++ EVP_PKEY_set1_RSA(pk, rsa); ++ ++ /* Perform pairwise consistency signature test */ ++ if (!fips_pkey_signature_test(pk, tbs, -1, ++ NULL, 0, EVP_sha256(), ++ EVP_MD_CTX_FLAG_PAD_PKCS1, NULL) ++ || !fips_pkey_signature_test(pk, tbs, -1, NULL, 0, EVP_sha256(), ++ EVP_MD_CTX_FLAG_PAD_PSS, NULL)) ++ goto err; ++ /* Now perform pairwise consistency encrypt/decrypt test */ ++ ctbuf = OPENSSL_malloc(RSA_size(rsa)); ++ if (!ctbuf) ++ goto err; ++ ++ len = ++ RSA_public_encrypt(sizeof(tbs) - 1, tbs, ctbuf, rsa, ++ RSA_PKCS1_PADDING); ++ if (len <= 0) ++ goto err; ++ /* Check ciphertext doesn't match plaintext */ ++ if ((len == (sizeof(tbs) - 1)) && !memcmp(tbs, ctbuf, len)) ++ goto err; ++ ptbuf = OPENSSL_malloc(RSA_size(rsa)); ++ ++ if (!ptbuf) ++ goto err; ++ len = RSA_private_decrypt(len, ctbuf, ptbuf, rsa, RSA_PKCS1_PADDING); ++ if (len != (sizeof(tbs) - 1)) ++ goto err; ++ if (memcmp(ptbuf, tbs, len)) ++ goto err; ++ ++ ret = 1; ++ ++ if (!ptbuf) ++ goto err; ++ ++ err: ++ if (ret == 0) { ++ fips_set_selftest_fail(); ++ FIPSerr(FIPS_F_FIPS_CHECK_RSA, FIPS_R_PAIRWISE_TEST_FAILED); ++ } ++ ++ if (ctbuf) ++ OPENSSL_free(ctbuf); ++ if (ptbuf) ++ OPENSSL_free(ptbuf); ++ if (pk) ++ EVP_PKEY_free(pk); ++ ++ return ret; ++} ++ ++static int fips_rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, ++ BN_GENCB *cb); ++#endif + + static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value, + BN_GENCB *cb); +@@ -31,6 +101,13 @@ static int rsa_builtin_keygen(RSA *rsa, + */ + int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) ++ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_GENERATE_KEY_EX, RSA_R_NON_FIPS_RSA_METHOD); ++ return 0; ++ } ++#endif + if (rsa->meth->rsa_keygen != NULL) + return rsa->meth->rsa_keygen(rsa, bits, e_value, cb); + +@@ -41,6 +118,13 @@ int RSA_generate_key_ex(RSA *rsa, int bi + int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, + BIGNUM *e_value, BN_GENCB *cb) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) ++ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_GENERATE_MULTI_PRIME_KEY, RSA_R_NON_FIPS_RSA_METHOD); ++ return 0; ++ } ++#endif + /* multi-prime is only supported with the builtin key generation */ + if (rsa->meth->rsa_multi_prime_keygen != NULL) { + return rsa->meth->rsa_multi_prime_keygen(rsa, bits, primes, +@@ -57,10 +141,285 @@ int RSA_generate_multi_prime_key(RSA *rs + else + return 0; + } +- ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode()) { ++ if (primes != 2) { ++ RSAerr(RSA_F_RSA_GENERATE_MULTI_PRIME_KEY, RSA_R_UNSUPPORTED_PARAMETERS); ++ return 0; ++ } ++ return fips_rsa_builtin_keygen(rsa, bits, e_value, cb); ++ } ++#endif + return rsa_builtin_keygen(rsa, bits, primes, e_value, cb); + } + ++#ifdef OPENSSL_FIPS ++static int fips_rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, ++ BN_GENCB *cb) ++{ ++ BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp; ++ BN_CTX *ctx = NULL; ++ int ok = -1; ++ int i; ++ int n = 0; ++ int test = 0; ++ int pbits = bits / 2; ++ unsigned long error = 0; ++ ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN, FIPS_R_FIPS_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ if (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS ++ || (getenv("OPENSSL_ENFORCE_MODULUS_BITS") && bits < 2048)) { ++ FIPSerr(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN, FIPS_R_KEY_TOO_SHORT); ++ return 0; ++ } ++ if ((pbits & 0xFF) != 0) { ++ FIPSerr(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN, FIPS_R_INVALID_KEY_LENGTH); ++ return 0; ++ } ++ ++ ctx = BN_CTX_new(); ++ if (ctx == NULL) ++ goto err; ++ BN_CTX_start(ctx); ++ r0 = BN_CTX_get(ctx); ++ r1 = BN_CTX_get(ctx); ++ r2 = BN_CTX_get(ctx); ++ r3 = BN_CTX_get(ctx); ++ ++ if (r3 == NULL) ++ goto err; ++ ++ /* We need the RSA components non-NULL */ ++ if (!rsa->n && ((rsa->n = BN_new()) == NULL)) ++ goto err; ++ if (!rsa->d && ((rsa->d = BN_secure_new()) == NULL)) ++ goto err; ++ if (!rsa->e && ((rsa->e = BN_new()) == NULL)) ++ goto err; ++ if (!rsa->p && ((rsa->p = BN_secure_new()) == NULL)) ++ goto err; ++ if (!rsa->q && ((rsa->q = BN_secure_new()) == NULL)) ++ goto err; ++ if (!rsa->dmp1 && ((rsa->dmp1 = BN_secure_new()) == NULL)) ++ goto err; ++ if (!rsa->dmq1 && ((rsa->dmq1 = BN_secure_new()) == NULL)) ++ goto err; ++ if (!rsa->iqmp && ((rsa->iqmp = BN_secure_new()) == NULL)) ++ goto err; ++ ++ if (!BN_set_word(r0, RSA_F4)) ++ goto err; ++ if (BN_cmp(e_value, r0) < 0 || BN_num_bits(e_value) > 256) { ++ ok = 0; /* we set our own err */ ++ RSAerr(RSA_F_FIPS_RSA_BUILTIN_KEYGEN, RSA_R_BAD_E_VALUE); ++ goto err; ++ } ++ ++ /* prepare approximate minimum p and q */ ++ if (!BN_set_word(r0, 0xB504F334)) ++ goto err; ++ if (!BN_lshift(r0, r0, pbits - 32)) ++ goto err; ++ ++ /* prepare minimum p and q difference */ ++ if (!BN_one(r3)) ++ goto err; ++ if (!BN_lshift(r3, r3, pbits - 100)) ++ goto err; ++ ++ BN_copy(rsa->e, e_value); ++ ++ if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q)) ++ test = 1; ++ ++ BN_set_flags(r0, BN_FLG_CONSTTIME); ++ BN_set_flags(r1, BN_FLG_CONSTTIME); ++ BN_set_flags(r2, BN_FLG_CONSTTIME); ++ BN_set_flags(rsa->p, BN_FLG_CONSTTIME); ++ BN_set_flags(rsa->q, BN_FLG_CONSTTIME); ++ ++ retry: ++ /* generate p and q */ ++ for (i = 0; i < 5 * pbits; i++) { ++ ploop: ++ if (!test) ++ if (!BN_rand(rsa->p, pbits, 0, 1)) ++ goto err; ++ if (BN_cmp(rsa->p, r0) < 0) { ++ if (test) ++ goto err; ++ goto ploop; ++ } ++ ++ if (!BN_sub(r2, rsa->p, BN_value_one())) ++ goto err; ++ ERR_set_mark(); ++ if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) { ++ /* GCD == 1 since inverse exists */ ++ int r; ++ r = BN_is_prime_fasttest_ex(rsa->p, pbits > 1024 ? 4 : 5, ctx, 0, ++ cb); ++ if (r == -1 || (test && r <= 0)) ++ goto err; ++ if (r > 0) ++ break; ++ } else { ++ error = ERR_peek_last_error(); ++ if (ERR_GET_LIB(error) == ERR_LIB_BN ++ && ERR_GET_REASON(error) == BN_R_NO_INVERSE) { ++ /* GCD != 1 */ ++ ERR_pop_to_mark(); ++ } else { ++ goto err; ++ } ++ } ++ if (!BN_GENCB_call(cb, 2, n++)) ++ goto err; ++ } ++ ++ if (!BN_GENCB_call(cb, 3, 0)) ++ goto err; ++ ++ if (i >= 5 * pbits) ++ /* prime not found */ ++ goto err; ++ ++ for (i = 0; i < 5 * pbits; i++) { ++ qloop: ++ if (!test) ++ if (!BN_rand(rsa->q, pbits, 0, 1)) ++ goto err; ++ if (BN_cmp(rsa->q, r0) < 0) { ++ if (test) ++ goto err; ++ goto qloop; ++ } ++ if (!BN_sub(r2, rsa->q, rsa->p)) ++ goto err; ++ if (BN_ucmp(r2, r3) <= 0) { ++ if (test) ++ goto err; ++ goto qloop; ++ } ++ ++ if (!BN_sub(r2, rsa->q, BN_value_one())) ++ goto err; ++ ERR_set_mark(); ++ if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) { ++ /* GCD == 1 since inverse exists */ ++ int r; ++ r = BN_is_prime_fasttest_ex(rsa->q, pbits > 1024 ? 4 : 5, ctx, 0, ++ cb); ++ if (r == -1 || (test && r <= 0)) ++ goto err; ++ if (r > 0) ++ break; ++ } else { ++ error = ERR_peek_last_error(); ++ if (ERR_GET_LIB(error) == ERR_LIB_BN ++ && ERR_GET_REASON(error) == BN_R_NO_INVERSE) { ++ /* GCD != 1 */ ++ ERR_pop_to_mark(); ++ } else { ++ goto err; ++ } ++ } ++ if (!BN_GENCB_call(cb, 2, n++)) ++ goto err; ++ } ++ ++ if (!BN_GENCB_call(cb, 3, 1)) ++ goto err; ++ ++ if (i >= 5 * pbits) ++ /* prime not found */ ++ goto err; ++ ++ if (test) { ++ /* do not try to calculate the remaining key values */ ++ BN_clear(rsa->n); ++ ok = 1; ++ goto err; ++ } ++ ++ if (BN_cmp(rsa->p, rsa->q) < 0) { ++ tmp = rsa->p; ++ rsa->p = rsa->q; ++ rsa->q = tmp; ++ } ++ ++ /* calculate n */ ++ if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx)) ++ goto err; ++ ++ /* calculate d */ ++ if (!BN_sub(r1, rsa->p, BN_value_one())) ++ goto err; /* p-1 */ ++ if (!BN_sub(r2, rsa->q, BN_value_one())) ++ goto err; /* q-1 */ ++ ++ /* note that computing gcd is not safe to timing attacks */ ++ if (!BN_gcd(r0, r1, r2, ctx)) ++ goto err; ++ ++ { ++ if (!BN_div(r0, NULL, r1, r0, ctx)) ++ goto err; ++ ++ if (!BN_mul(r0, r0, r2, ctx)) /* lcm(p-1, q-1) */ ++ goto err; ++ ++ if (!BN_mod_inverse(rsa->d, rsa->e, r0, ctx)) /* d */ ++ goto err; ++ } ++ ++ if (BN_num_bits(rsa->d) < pbits) ++ goto retry; /* d is too small */ ++ ++ { ++ BIGNUM *d = BN_new(); ++ ++ if (d == NULL) ++ goto err; ++ BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); ++ ++ if (/* calculate d mod (p-1) */ ++ !BN_mod(rsa->dmp1, d, r1, ctx) ++ /* calculate d mod (q-1) */ ++ || !BN_mod(rsa->dmq1, d, r2, ctx)) { ++ BN_free(d); ++ goto err; ++ } ++ /* We MUST free d before any further use of rsa->d */ ++ BN_free(d); ++ } ++ ++ /* calculate inverse of q mod p */ ++ if (!BN_mod_inverse(rsa->iqmp, rsa->q, rsa->p, ctx)) ++ goto err; ++ ++ if (!fips_check_rsa(rsa)) ++ goto err; ++ ++ ok = 1; ++ err: ++ if (ok == -1) { ++ RSAerr(RSA_F_FIPS_RSA_BUILTIN_KEYGEN, ERR_LIB_BN); ++ ok = 0; ++ } ++ if (ctx != NULL) { ++ BN_CTX_end(ctx); ++ BN_CTX_free(ctx); ++ } ++ ++ return ok; ++} ++#endif ++ + static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value, + BN_GENCB *cb) + { +diff -up openssl-1.1.1e/crypto/rsa/rsa_lib.c.fips openssl-1.1.1e/crypto/rsa/rsa_lib.c +--- openssl-1.1.1e/crypto/rsa/rsa_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_lib.c 2020-03-17 17:30:52.056566869 +0100 +@@ -34,6 +34,12 @@ int RSA_set_method(RSA *rsa, const RSA_M + * to deal with which ENGINE it comes from. + */ + const RSA_METHOD *mtmp; ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD)) { ++ RSAerr(RSA_F_RSA_SET_METHOD, RSA_R_NON_FIPS_RSA_METHOD); ++ return 0; ++ } ++#endif + mtmp = rsa->meth; + if (mtmp->finish) + mtmp->finish(rsa); +@@ -66,7 +72,6 @@ RSA *RSA_new_method(ENGINE *engine) + + ret->meth = RSA_get_default_method(); + #ifndef OPENSSL_NO_ENGINE +- ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW; + if (engine) { + if (!ENGINE_init(engine)) { + RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); +@@ -84,8 +89,19 @@ RSA *RSA_new_method(ENGINE *engine) + } + } + #endif ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(ret->meth->flags & RSA_FLAG_FIPS_METHOD)) { ++ RSAerr(RSA_F_RSA_NEW_METHOD, RSA_R_NON_FIPS_RSA_METHOD); ++# ifndef OPENSSL_NO_ENGINE ++ if (ret->engine) ++ ENGINE_finish(ret->engine); ++# endif ++ OPENSSL_free(ret); ++ return NULL; ++ } ++#endif + +- ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW; ++ ret->flags = ret->meth->flags; + if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) { + goto err; + } +diff -up openssl-1.1.1e/crypto/rsa/rsa_ossl.c.fips openssl-1.1.1e/crypto/rsa/rsa_ossl.c +--- openssl-1.1.1e/crypto/rsa/rsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_ossl.c 2020-03-17 17:34:32.289726964 +0100 +@@ -12,6 +12,10 @@ + #include "rsa_local.h" + #include "internal/constant_time.h" + ++#ifdef OPENSSL_FIPS ++# include ++#endif ++ + static int rsa_ossl_public_encrypt(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding); + static int rsa_ossl_private_encrypt(int flen, const unsigned char *from, +@@ -47,6 +51,12 @@ static const RSA_METHOD *default_RSA_met + + void RSA_set_default_method(const RSA_METHOD *meth) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD)) { ++ RSAerr(RSA_F_RSA_SET_DEFAULT_METHOD, RSA_R_NON_FIPS_RSA_METHOD); ++ return; ++ } ++#endif + default_RSA_meth = meth; + } + +@@ -73,6 +83,22 @@ static int rsa_ossl_public_encrypt(int f + unsigned char *buf = NULL; + BN_CTX *ctx = NULL; + ++# ifdef OPENSSL_FIPS ++ if (FIPS_mode()) { ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_RSA_OSSL_PUBLIC_ENCRYPT, ++ FIPS_R_FIPS_SELFTEST_FAILED); ++ goto err; ++ } ++ ++ if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { ++ RSAerr(RSA_F_RSA_OSSL_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL); ++ return -1; ++ } ++ } ++# endif ++ + if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { + RSAerr(RSA_F_RSA_OSSL_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE); + return -1; +@@ -246,6 +272,22 @@ static int rsa_ossl_private_encrypt(int + BIGNUM *unblind = NULL; + BN_BLINDING *blinding = NULL; + ++# ifdef OPENSSL_FIPS ++ if (FIPS_mode()) { ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_RSA_OSSL_PRIVATE_ENCRYPT, ++ FIPS_R_FIPS_SELFTEST_FAILED); ++ return -1; ++ } ++ ++ if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { ++ RSAerr(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL); ++ return -1; ++ } ++ } ++# endif ++ + if ((ctx = BN_CTX_new()) == NULL) + goto err; + BN_CTX_start(ctx); +@@ -380,6 +422,22 @@ static int rsa_ossl_private_decrypt(int + BIGNUM *unblind = NULL; + BN_BLINDING *blinding = NULL; + ++# ifdef OPENSSL_FIPS ++ if (FIPS_mode()) { ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_RSA_OSSL_PRIVATE_DECRYPT, ++ FIPS_R_FIPS_SELFTEST_FAILED); ++ return -1; ++ } ++ ++ if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { ++ RSAerr(RSA_F_RSA_OSSL_PRIVATE_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL); ++ return -1; ++ } ++ } ++# endif ++ + if ((ctx = BN_CTX_new()) == NULL) + goto err; + BN_CTX_start(ctx); +@@ -507,6 +565,22 @@ static int rsa_ossl_public_decrypt(int f + unsigned char *buf = NULL; + BN_CTX *ctx = NULL; + ++# ifdef OPENSSL_FIPS ++ if (FIPS_mode()) { ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_RSA_OSSL_PUBLIC_DECRYPT, ++ FIPS_R_FIPS_SELFTEST_FAILED); ++ goto err; ++ } ++ ++ if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { ++ RSAerr(RSA_F_RSA_OSSL_PUBLIC_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL); ++ return -1; ++ } ++ } ++# endif ++ + if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { + RSAerr(RSA_F_RSA_OSSL_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE); + return -1; +diff -up openssl-1.1.1e/crypto/rsa/rsa_pmeth.c.fips openssl-1.1.1e/crypto/rsa/rsa_pmeth.c +--- openssl-1.1.1e/crypto/rsa/rsa_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_pmeth.c 2020-03-17 17:30:52.056566869 +0100 +@@ -756,7 +756,7 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX + + const EVP_PKEY_METHOD rsa_pkey_meth = { + EVP_PKEY_RSA, +- EVP_PKEY_FLAG_AUTOARGLEN, ++ EVP_PKEY_FLAG_AUTOARGLEN | EVP_PKEY_FLAG_FIPS, + pkey_rsa_init, + pkey_rsa_copy, + pkey_rsa_cleanup, +@@ -838,7 +838,7 @@ static int pkey_pss_init(EVP_PKEY_CTX *c + + const EVP_PKEY_METHOD rsa_pss_pkey_meth = { + EVP_PKEY_RSA_PSS, +- EVP_PKEY_FLAG_AUTOARGLEN, ++ EVP_PKEY_FLAG_AUTOARGLEN | EVP_PKEY_FLAG_FIPS, + pkey_rsa_init, + pkey_rsa_copy, + pkey_rsa_cleanup, +diff -up openssl-1.1.1e/crypto/rsa/rsa_sign.c.fips openssl-1.1.1e/crypto/rsa/rsa_sign.c +--- openssl-1.1.1e/crypto/rsa/rsa_sign.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_sign.c 2020-03-17 17:30:52.057566851 +0100 +@@ -73,6 +73,13 @@ int RSA_sign(int type, const unsigned ch + unsigned char *tmps = NULL; + const unsigned char *encoded = NULL; + ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) ++ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_SIGN, RSA_R_NON_FIPS_RSA_METHOD); ++ return 0; ++ } ++#endif + if (rsa->meth->rsa_sign) { + return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa); + } +@@ -100,8 +107,9 @@ int RSA_sign(int type, const unsigned ch + RSAerr(RSA_F_RSA_SIGN, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); + goto err; + } +- encrypt_len = RSA_private_encrypt(encoded_len, encoded, sigret, rsa, +- RSA_PKCS1_PADDING); ++ /* NB: call underlying method directly to avoid FIPS blocking */ ++ encrypt_len = rsa->meth->rsa_priv_enc ? rsa->meth->rsa_priv_enc(encoded_len, encoded, sigret, rsa, ++ RSA_PKCS1_PADDING) : 0; + if (encrypt_len <= 0) + goto err; + +diff -up openssl-1.1.1e/crypto/sha/sha256.c.fips openssl-1.1.1e/crypto/sha/sha256.c +--- openssl-1.1.1e/crypto/sha/sha256.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/sha/sha256.c 2020-03-17 17:30:52.057566851 +0100 +@@ -18,6 +18,9 @@ + + int SHA224_Init(SHA256_CTX *c) + { ++# ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++# endif + memset(c, 0, sizeof(*c)); + c->h[0] = 0xc1059ed8UL; + c->h[1] = 0x367cd507UL; +@@ -33,6 +36,9 @@ int SHA224_Init(SHA256_CTX *c) + + int SHA256_Init(SHA256_CTX *c) + { ++# ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++# endif + memset(c, 0, sizeof(*c)); + c->h[0] = 0x6a09e667UL; + c->h[1] = 0xbb67ae85UL; +diff -up openssl-1.1.1e/crypto/sha/sha512.c.fips openssl-1.1.1e/crypto/sha/sha512.c +--- openssl-1.1.1e/crypto/sha/sha512.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/sha/sha512.c 2020-03-17 17:30:52.057566851 +0100 +@@ -98,6 +98,9 @@ int sha512_256_init(SHA512_CTX *c) + + int SHA384_Init(SHA512_CTX *c) + { ++# ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++# endif + c->h[0] = U64(0xcbbb9d5dc1059ed8); + c->h[1] = U64(0x629a292a367cd507); + c->h[2] = U64(0x9159015a3070dd17); +@@ -116,6 +119,9 @@ int SHA384_Init(SHA512_CTX *c) + + int SHA512_Init(SHA512_CTX *c) + { ++# ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++# endif + c->h[0] = U64(0x6a09e667f3bcc908); + c->h[1] = U64(0xbb67ae8584caa73b); + c->h[2] = U64(0x3c6ef372fe94f82b); +diff -up openssl-1.1.1e/crypto/sha/sha_local.h.fips openssl-1.1.1e/crypto/sha/sha_local.h +--- openssl-1.1.1e/crypto/sha/sha_local.h.fips 2020-03-17 17:30:51.766571925 +0100 ++++ openssl-1.1.1e/crypto/sha/sha_local.h 2020-03-17 17:31:00.996410998 +0100 +@@ -52,6 +52,9 @@ void sha1_block_data_order(SHA_CTX *c, c + + int HASH_INIT(SHA_CTX *c) + { ++#if defined(OPENSSL_FIPS) ++ FIPS_selftest_check(); ++#endif + memset(c, 0, sizeof(*c)); + c->h0 = INIT_DATA_h0; + c->h1 = INIT_DATA_h1; +diff -up openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod.fips openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod +--- openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod 2020-03-17 17:31:00.996410998 +0100 +@@ -30,8 +30,10 @@ B is the length of the prime p to + For lengths under 2048 bits, the length of q is 160 bits; for lengths + greater than or equal to 2048 bits, the length of q is set to 256 bits. + +-If B is NULL, the primes will be generated at random. +-If B is less than the length of q, an error is returned. ++If B is NULL, or it does not generate primes, the primes will be ++generated at random. ++If B is less than the length of q, an error is returned ++if old DSA parameter generation method is used as a backend. + + DSA_generate_parameters_ex() places the iteration count in + *B and a counter used for finding a generator in +diff -up openssl-1.1.1e/include/openssl/crypto.h.fips openssl-1.1.1e/include/openssl/crypto.h +--- openssl-1.1.1e/include/openssl/crypto.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/crypto.h 2020-03-17 17:31:00.997410980 +0100 +@@ -331,6 +331,11 @@ int OPENSSL_isservice(void); + int FIPS_mode(void); + int FIPS_mode_set(int r); + ++# ifdef OPENSSL_FIPS ++/* die if FIPS selftest failed */ ++void FIPS_selftest_check(void); ++# endif ++ + void OPENSSL_init(void); + # ifdef OPENSSL_SYS_UNIX + void OPENSSL_fork_prepare(void); +diff -up openssl-1.1.1e/include/openssl/dherr.h.fips openssl-1.1.1e/include/openssl/dherr.h +--- openssl-1.1.1e/include/openssl/dherr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dherr.h 2020-03-17 17:31:00.998410963 +0100 +@@ -36,6 +36,9 @@ int ERR_load_DH_strings(void); + # define DH_F_DH_CMS_DECRYPT 114 + # define DH_F_DH_CMS_SET_PEERKEY 115 + # define DH_F_DH_CMS_SET_SHARED_INFO 116 ++# define DH_F_DH_COMPUTE_KEY 203 ++# define DH_F_DH_GENERATE_KEY 202 ++# define DH_F_DH_GENERATE_PARAMETERS_EX 201 + # define DH_F_DH_METH_DUP 117 + # define DH_F_DH_METH_NEW 118 + # define DH_F_DH_METH_SET1_NAME 119 +@@ -73,12 +76,14 @@ int ERR_load_DH_strings(void); + # define DH_R_INVALID_PARAMETER_NID 114 + # define DH_R_INVALID_PUBKEY 102 + # define DH_R_KDF_PARAMETER_ERROR 112 ++# define DH_R_KEY_SIZE_TOO_SMALL 201 + # define DH_R_KEYS_NOT_SET 108 + # define DH_R_MISSING_PUBKEY 125 + # define DH_R_MODULUS_TOO_LARGE 103 + # define DH_R_NOT_SUITABLE_GENERATOR 120 + # define DH_R_NO_PARAMETERS_SET 107 + # define DH_R_NO_PRIVATE_VALUE 100 ++# define DH_R_NON_FIPS_METHOD 202 + # define DH_R_PARAMETER_ENCODING_ERROR 105 + # define DH_R_PEER_KEY_ERROR 111 + # define DH_R_SHARED_INFO_ERROR 113 +diff -up openssl-1.1.1e/include/openssl/dh.h.fips openssl-1.1.1e/include/openssl/dh.h +--- openssl-1.1.1e/include/openssl/dh.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dh.h 2020-03-17 17:31:00.998410963 +0100 +@@ -31,6 +31,7 @@ extern "C" { + # endif + + # define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024 ++# define OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN 2048 + + # define DH_FLAG_CACHE_MONT_P 0x01 + +diff -up openssl-1.1.1e/include/openssl/dsaerr.h.fips openssl-1.1.1e/include/openssl/dsaerr.h +--- openssl-1.1.1e/include/openssl/dsaerr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dsaerr.h 2020-03-17 17:31:00.999410945 +0100 +@@ -29,8 +29,11 @@ int ERR_load_DSA_strings(void); + */ + # define DSA_F_DSAPARAMS_PRINT 100 + # define DSA_F_DSAPARAMS_PRINT_FP 101 ++# define DSA_F_DSA_BUILTIN_KEYGEN 202 + # define DSA_F_DSA_BUILTIN_PARAMGEN 125 + # define DSA_F_DSA_BUILTIN_PARAMGEN2 126 ++# define DSA_F_DSA_GENERATE_KEY 201 ++# define DSA_F_DSA_GENERATE_PARAMETERS_EX 200 + # define DSA_F_DSA_DO_SIGN 112 + # define DSA_F_DSA_DO_VERIFY 113 + # define DSA_F_DSA_METH_DUP 127 +@@ -60,10 +63,13 @@ int ERR_load_DSA_strings(void); + # define DSA_R_DECODE_ERROR 104 + # define DSA_R_INVALID_DIGEST_TYPE 106 + # define DSA_R_INVALID_PARAMETERS 112 ++# define DSA_R_KEY_SIZE_INVALID 201 ++# define DSA_R_KEY_SIZE_TOO_SMALL 202 + # define DSA_R_MISSING_PARAMETERS 101 + # define DSA_R_MISSING_PRIVATE_KEY 111 + # define DSA_R_MODULUS_TOO_LARGE 103 + # define DSA_R_NO_PARAMETERS_SET 107 ++# define DSA_R_NON_FIPS_DSA_METHOD 200 + # define DSA_R_PARAMETER_ENCODING_ERROR 105 + # define DSA_R_Q_NOT_PRIME 113 + # define DSA_R_SEED_LEN_SMALL 110 +diff -up openssl-1.1.1e/include/openssl/dsa.h.fips openssl-1.1.1e/include/openssl/dsa.h +--- openssl-1.1.1e/include/openssl/dsa.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dsa.h 2020-03-17 17:31:01.000410928 +0100 +@@ -31,6 +31,7 @@ extern "C" { + # endif + + # define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024 ++# define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS_GEN 2048 + + # define DSA_FLAG_CACHE_MONT_P 0x01 + # if OPENSSL_API_COMPAT < 0x10100000L +diff -up openssl-1.1.1e/include/openssl/evperr.h.fips openssl-1.1.1e/include/openssl/evperr.h +--- openssl-1.1.1e/include/openssl/evperr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/evperr.h 2020-03-17 17:31:01.000410928 +0100 +@@ -24,14 +24,15 @@ int ERR_load_EVP_strings(void); + * EVP function codes. + */ + # define EVP_F_AESNI_INIT_KEY 165 +-# define EVP_F_AESNI_XTS_INIT_KEY 207 ++# define EVP_F_AESNI_XTS_INIT_KEY 233 + # define EVP_F_AES_GCM_CTRL 196 + # define EVP_F_AES_INIT_KEY 133 + # define EVP_F_AES_OCB_CIPHER 169 + # define EVP_F_AES_T4_INIT_KEY 178 +-# define EVP_F_AES_T4_XTS_INIT_KEY 208 ++# define EVP_F_AES_T4_XTS_INIT_KEY 234 + # define EVP_F_AES_WRAP_CIPHER 170 +-# define EVP_F_AES_XTS_INIT_KEY 209 ++# define EVP_F_AES_XTS_CIPHER 229 ++# define EVP_F_AES_XTS_INIT_KEY 235 + # define EVP_F_ALG_MODULE_INIT 177 + # define EVP_F_ARIA_CCM_INIT_KEY 175 + # define EVP_F_ARIA_GCM_CTRL 197 +@@ -142,6 +143,7 @@ int ERR_load_EVP_strings(void); + # define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 + # define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 + # define EVP_R_DECODE_ERROR 114 ++# define EVP_R_DISABLED_FOR_FIPS 200 + # define EVP_R_DIFFERENT_KEY_TYPES 101 + # define EVP_R_DIFFERENT_PARAMETERS 153 + # define EVP_R_ERROR_LOADING_SECTION 165 +@@ -185,6 +187,7 @@ int ERR_load_EVP_strings(void); + # define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 + # define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 + # define EVP_R_PUBLIC_KEY_NOT_RSA 106 ++# define EVP_R_TOO_LARGE 201 + # define EVP_R_UNKNOWN_CIPHER 160 + # define EVP_R_UNKNOWN_DIGEST 161 + # define EVP_R_UNKNOWN_OPTION 169 +@@ -200,6 +203,7 @@ int ERR_load_EVP_strings(void); + # define EVP_R_UNSUPPORTED_SALT_TYPE 126 + # define EVP_R_WRAP_MODE_NOT_ALLOWED 170 + # define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 +-# define EVP_R_XTS_DUPLICATED_KEYS 183 ++# define EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE 191 ++# define EVP_R_XTS_DUPLICATED_KEYS 192 + + #endif +diff -up openssl-1.1.1e/include/openssl/evp.h.fips openssl-1.1.1e/include/openssl/evp.h +--- openssl-1.1.1e/include/openssl/evp.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/evp.h 2020-03-17 17:31:01.001410911 +0100 +@@ -1324,6 +1324,9 @@ void EVP_PKEY_asn1_set_security_bits(EVP + */ + # define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4 + ++/* Downstream modification, large value to avoid conflict */ ++# define EVP_PKEY_FLAG_FIPS 0x4000 ++ + const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); + EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags); + void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, +diff -up openssl-1.1.1e/include/openssl/fips.h.fips openssl-1.1.1e/include/openssl/fips.h +--- openssl-1.1.1e/include/openssl/fips.h.fips 2020-03-17 17:31:01.002410893 +0100 ++++ openssl-1.1.1e/include/openssl/fips.h 2020-03-17 17:31:01.002410893 +0100 +@@ -0,0 +1,187 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#include ++#include ++ ++#ifndef OPENSSL_FIPS ++# error FIPS is disabled. ++#endif ++ ++#ifdef OPENSSL_FIPS ++ ++# ifdef __cplusplus ++extern "C" { ++# endif ++ ++ int FIPS_selftest(void); ++ int FIPS_selftest_failed(void); ++ int FIPS_selftest_drbg_all(void); ++ ++ int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, ++ const EVP_MD *evpmd, const unsigned char *seed_in, ++ size_t seed_len, int idx, unsigned char *seed_out, ++ int *counter_ret, unsigned long *h_ret, ++ BN_GENCB *cb); ++ int FIPS_dsa_paramgen_check_g(DSA *dsa); ++ ++/* BEGIN ERROR CODES */ ++/* The following lines are auto generated by the script mkerr.pl. Any changes ++ * made after this point may be overwritten when the script is next run. ++ */ ++ int ERR_load_FIPS_strings(void); ++ ++/* Error codes for the FIPS functions. */ ++ ++/* Function codes. */ ++# define FIPS_F_DH_BUILTIN_GENPARAMS 100 ++# define FIPS_F_DRBG_RESEED 121 ++# define FIPS_F_DSA_BUILTIN_PARAMGEN2 107 ++# define FIPS_F_DSA_DO_SIGN 102 ++# define FIPS_F_DSA_DO_VERIFY 103 ++# define FIPS_F_EVP_CIPHER_CTX_NEW 137 ++# define FIPS_F_EVP_CIPHER_CTX_RESET 122 ++# define FIPS_F_ECDH_COMPUTE_KEY 123 ++# define FIPS_F_EVP_CIPHERINIT_EX 124 ++# define FIPS_F_EVP_DIGESTINIT_EX 125 ++# define FIPS_F_FIPS_CHECK_DSA 104 ++# define FIPS_F_FIPS_CHECK_EC 142 ++# define FIPS_F_FIPS_CHECK_RSA 106 ++# define FIPS_F_FIPS_DRBG_BYTES 131 ++# define FIPS_F_FIPS_DRBG_CHECK 146 ++# define FIPS_F_FIPS_DRBG_CPRNG_TEST 132 ++# define FIPS_F_FIPS_DRBG_ERROR_CHECK 136 ++# define FIPS_F_FIPS_DRBG_GENERATE 134 ++# define FIPS_F_FIPS_DRBG_INIT 135 ++# define FIPS_F_FIPS_DRBG_INSTANTIATE 138 ++# define FIPS_F_FIPS_DRBG_NEW 139 ++# define FIPS_F_FIPS_DRBG_RESEED 140 ++# define FIPS_F_FIPS_DRBG_SINGLE_KAT 141 ++# define FIPS_F_FIPS_GET_ENTROPY 147 ++# define FIPS_F_FIPS_MODULE_MODE_SET 108 ++# define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 109 ++# define FIPS_F_FIPS_RAND_BYTES 114 ++# define FIPS_F_FIPS_RAND_SEED 128 ++# define FIPS_F_FIPS_RAND_SET_METHOD 126 ++# define FIPS_F_FIPS_RAND_STATUS 127 ++# define FIPS_F_FIPS_RSA_BUILTIN_KEYGEN 101 ++# define FIPS_F_FIPS_SELFTEST 150 ++# define FIPS_F_FIPS_SELFTEST_AES 110 ++# define FIPS_F_FIPS_SELFTEST_AES_CCM 145 ++# define FIPS_F_FIPS_SELFTEST_AES_GCM 129 ++# define FIPS_F_FIPS_SELFTEST_AES_XTS 144 ++# define FIPS_F_FIPS_SELFTEST_CMAC 130 ++# define FIPS_F_FIPS_SELFTEST_DES 111 ++# define FIPS_F_FIPS_SELFTEST_DSA 112 ++# define FIPS_F_FIPS_SELFTEST_ECDSA 133 ++# define FIPS_F_FIPS_SELFTEST_HMAC 113 ++# define FIPS_F_FIPS_SELFTEST_SHA1 115 ++# define FIPS_F_FIPS_SELFTEST_SHA2 105 ++# define FIPS_F_OSSL_ECDSA_SIGN_SIG 143 ++# define FIPS_F_OSSL_ECDSA_VERIFY_SIG 148 ++# define FIPS_F_RSA_BUILTIN_KEYGEN 116 ++# define FIPS_F_RSA_OSSL_INIT 149 ++# define FIPS_F_RSA_OSSL_PRIVATE_DECRYPT 117 ++# define FIPS_F_RSA_OSSL_PRIVATE_ENCRYPT 118 ++# define FIPS_F_RSA_OSSL_PUBLIC_DECRYPT 119 ++# define FIPS_F_RSA_OSSL_PUBLIC_ENCRYPT 120 ++ ++/* Reason codes. */ ++# define FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED 150 ++# define FIPS_R_ADDITIONAL_INPUT_TOO_LONG 125 ++# define FIPS_R_ALREADY_INSTANTIATED 134 ++# define FIPS_R_DRBG_NOT_INITIALISED 152 ++# define FIPS_R_DRBG_STUCK 103 ++# define FIPS_R_ENTROPY_ERROR_UNDETECTED 104 ++# define FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED 105 ++# define FIPS_R_ENTROPY_SOURCE_STUCK 142 ++# define FIPS_R_ERROR_INITIALISING_DRBG 115 ++# define FIPS_R_ERROR_INSTANTIATING_DRBG 127 ++# define FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT 124 ++# define FIPS_R_ERROR_RETRIEVING_ENTROPY 122 ++# define FIPS_R_ERROR_RETRIEVING_NONCE 140 ++# define FIPS_R_FINGERPRINT_DOES_NOT_MATCH 110 ++# define FIPS_R_FIPS_MODE_ALREADY_SET 102 ++# define FIPS_R_FIPS_SELFTEST_FAILED 106 ++# define FIPS_R_FUNCTION_ERROR 116 ++# define FIPS_R_GENERATE_ERROR 137 ++# define FIPS_R_GENERATE_ERROR_UNDETECTED 118 ++# define FIPS_R_INSTANTIATE_ERROR 119 ++# define FIPS_R_INTERNAL_ERROR 121 ++# define FIPS_R_INVALID_KEY_LENGTH 109 ++# define FIPS_R_IN_ERROR_STATE 123 ++# define FIPS_R_KEY_TOO_SHORT 108 ++# define FIPS_R_NONCE_ERROR_UNDETECTED 149 ++# define FIPS_R_NON_FIPS_METHOD 100 ++# define FIPS_R_NOPR_TEST1_FAILURE 145 ++# define FIPS_R_NOPR_TEST2_FAILURE 146 ++# define FIPS_R_NOT_INSTANTIATED 126 ++# define FIPS_R_PAIRWISE_TEST_FAILED 107 ++# define FIPS_R_PERSONALISATION_ERROR_UNDETECTED 128 ++# define FIPS_R_PERSONALISATION_STRING_TOO_LONG 129 ++# define FIPS_R_PR_TEST1_FAILURE 147 ++# define FIPS_R_PR_TEST2_FAILURE 148 ++# define FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED 130 ++# define FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG 131 ++# define FIPS_R_RESEED_COUNTER_ERROR 132 ++# define FIPS_R_RESEED_ERROR 133 ++# define FIPS_R_SELFTEST_FAILED 101 ++# define FIPS_R_SELFTEST_FAILURE 135 ++# define FIPS_R_TEST_FAILURE 117 ++# define FIPS_R_UNINSTANTIATE_ERROR 141 ++# define FIPS_R_UNINSTANTIATE_ZEROISE_ERROR 138 ++# define FIPS_R_UNSUPPORTED_DRBG_TYPE 139 ++# define FIPS_R_UNSUPPORTED_PLATFORM 113 ++ ++# ifdef __cplusplus ++} ++# endif ++#endif +diff -up openssl-1.1.1e/include/openssl/fips_rand.h.fips openssl-1.1.1e/include/openssl/fips_rand.h +--- openssl-1.1.1e/include/openssl/fips_rand.h.fips 2020-03-17 17:31:01.003410876 +0100 ++++ openssl-1.1.1e/include/openssl/fips_rand.h 2020-03-17 17:31:01.003410876 +0100 +@@ -0,0 +1,145 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#ifndef HEADER_FIPS_RAND_H ++# define HEADER_FIPS_RAND_H ++ ++# include ++# include ++# include ++# include ++ ++# ifdef OPENSSL_FIPS ++ ++# ifdef __cplusplus ++extern "C" { ++# endif ++ typedef struct drbg_ctx_st DRBG_CTX; ++/* DRBG external flags */ ++/* Flag for CTR mode only: use derivation function ctr_df */ ++# define DRBG_FLAG_CTR_USE_DF 0x1 ++/* PRNG is in test state */ ++# define DRBG_FLAG_TEST 0x2 ++ ++ DRBG_CTX *FIPS_drbg_new(int type, unsigned int flags); ++ int FIPS_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags); ++ int FIPS_drbg_instantiate(DRBG_CTX *dctx, ++ const unsigned char *pers, size_t perslen); ++ int FIPS_drbg_reseed(DRBG_CTX *dctx, const unsigned char *adin, ++ size_t adinlen); ++ int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen, ++ int prediction_resistance, ++ const unsigned char *adin, size_t adinlen); ++ ++ int FIPS_drbg_uninstantiate(DRBG_CTX *dctx); ++ void FIPS_drbg_free(DRBG_CTX *dctx); ++ ++ int FIPS_drbg_set_callbacks(DRBG_CTX *dctx, ++ size_t (*get_entropy) (DRBG_CTX *ctx, ++ unsigned char **pout, ++ int entropy, ++ size_t min_len, ++ size_t max_len), ++ void (*cleanup_entropy) (DRBG_CTX *ctx, ++ unsigned char *out, ++ size_t olen), ++ size_t entropy_blocklen, ++ size_t (*get_nonce) (DRBG_CTX *ctx, ++ unsigned char **pout, ++ int entropy, ++ size_t min_len, ++ size_t max_len), ++ void (*cleanup_nonce) (DRBG_CTX *ctx, ++ unsigned char *out, ++ size_t olen)); ++ ++ int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx, ++ size_t (*get_adin) (DRBG_CTX *ctx, ++ unsigned char ++ **pout), ++ void (*cleanup_adin) (DRBG_CTX *ctx, ++ unsigned char *out, ++ size_t olen), ++ int (*rand_seed_cb) (DRBG_CTX *ctx, ++ const void *buf, ++ int num), ++ int (*rand_add_cb) (DRBG_CTX *ctx, ++ const void *buf, ++ int num, ++ double entropy)); ++ ++ void *FIPS_drbg_get_app_data(DRBG_CTX *ctx); ++ void FIPS_drbg_set_app_data(DRBG_CTX *ctx, void *app_data); ++ size_t FIPS_drbg_get_blocklength(DRBG_CTX *dctx); ++ int FIPS_drbg_get_strength(DRBG_CTX *dctx); ++ void FIPS_drbg_set_check_interval(DRBG_CTX *dctx, int interval); ++ void FIPS_drbg_set_reseed_interval(DRBG_CTX *dctx, int interval); ++ ++ int FIPS_drbg_health_check(DRBG_CTX *dctx); ++ ++ DRBG_CTX *FIPS_get_default_drbg(void); ++ const RAND_METHOD *FIPS_drbg_method(void); ++ ++ int FIPS_rand_set_method(const RAND_METHOD *meth); ++ const RAND_METHOD *FIPS_rand_get_method(void); ++ ++ void FIPS_rand_set_bits(int nbits); ++ ++ int FIPS_rand_strength(void); ++ ++/* 1.0.0 compat functions */ ++ int FIPS_rand_seed(const void *buf, int num); ++ int FIPS_rand_bytes(unsigned char *out, int outlen); ++ void FIPS_rand_reset(void); ++ int FIPS_rand_status(void); ++# ifdef __cplusplus ++} ++# endif ++# endif ++#endif +diff -up openssl-1.1.1e/include/openssl/opensslconf.h.in.fips openssl-1.1.1e/include/openssl/opensslconf.h.in +--- openssl-1.1.1e/include/openssl/opensslconf.h.in.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/opensslconf.h.in 2020-03-17 17:31:01.003410876 +0100 +@@ -150,6 +150,11 @@ extern "C" { + + #define RC4_INT {- $config{rc4_int} -} + ++/* Always build FIPS module */ ++#ifndef OPENSSL_FIPS ++# define OPENSSL_FIPS ++#endif ++ + #ifdef __cplusplus + } + #endif +diff -up openssl-1.1.1e/include/openssl/randerr.h.fips openssl-1.1.1e/include/openssl/randerr.h +--- openssl-1.1.1e/include/openssl/randerr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/randerr.h 2020-03-17 17:31:01.004410858 +0100 +@@ -38,6 +38,7 @@ int ERR_load_RAND_strings(void); + # define RAND_F_RAND_DRBG_SET 104 + # define RAND_F_RAND_DRBG_SET_DEFAULTS 121 + # define RAND_F_RAND_DRBG_UNINSTANTIATE 118 ++# define RAND_F_RAND_INIT_FIPS 200 + # define RAND_F_RAND_LOAD_FILE 111 + # define RAND_F_RAND_POOL_ACQUIRE_ENTROPY 122 + # define RAND_F_RAND_POOL_ADD 103 +diff -up openssl-1.1.1e/include/openssl/rand.h.fips openssl-1.1.1e/include/openssl/rand.h +--- openssl-1.1.1e/include/openssl/rand.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/rand.h 2020-03-17 17:31:01.004410858 +0100 +@@ -69,6 +69,11 @@ DEPRECATEDIN_1_1_0(void RAND_screen(void + DEPRECATEDIN_1_1_0(int RAND_event(UINT, WPARAM, LPARAM)) + # endif + ++# ifdef OPENSSL_FIPS ++/* just stubs for API compatibility */ ++void RAND_set_fips_drbg_type(int type, int flags); ++int RAND_init_fips(void); ++# endif + + #ifdef __cplusplus + } +diff -up openssl-1.1.1e/include/openssl/rsaerr.h.fips openssl-1.1.1e/include/openssl/rsaerr.h +--- openssl-1.1.1e/include/openssl/rsaerr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/rsaerr.h 2020-03-17 17:31:01.005410841 +0100 +@@ -25,6 +25,7 @@ int ERR_load_RSA_strings(void); + */ + # define RSA_F_CHECK_PADDING_MD 140 + # define RSA_F_ENCODE_PKCS1 146 ++# define RSA_F_FIPS_RSA_BUILTIN_KEYGEN 206 + # define RSA_F_INT_RSA_VERIFY 145 + # define RSA_F_OLD_RSA_PRIV_DECODE 147 + # define RSA_F_PKEY_PSS_INIT 165 +@@ -39,6 +40,8 @@ int ERR_load_RSA_strings(void); + # define RSA_F_RSA_CHECK_KEY_EX 160 + # define RSA_F_RSA_CMS_DECRYPT 159 + # define RSA_F_RSA_CMS_VERIFY 158 ++# define RSA_F_RSA_GENERATE_KEY_EX 204 ++# define RSA_F_RSA_GENERATE_MULTI_PRIME_KEY 207 + # define RSA_F_RSA_ITEM_VERIFY 148 + # define RSA_F_RSA_METH_DUP 161 + # define RSA_F_RSA_METH_NEW 162 +@@ -76,10 +79,16 @@ int ERR_load_RSA_strings(void); + # define RSA_F_RSA_PRINT_FP 116 + # define RSA_F_RSA_PRIV_DECODE 150 + # define RSA_F_RSA_PRIV_ENCODE 138 ++# define RSA_F_RSA_PRIVATE_DECRYPT 200 ++# define RSA_F_RSA_PRIVATE_ENCRYPT 201 + # define RSA_F_RSA_PSS_GET_PARAM 151 + # define RSA_F_RSA_PSS_TO_CTX 155 + # define RSA_F_RSA_PUB_DECODE 139 ++# define RSA_F_RSA_PUBLIC_DECRYPT 202 ++# define RSA_F_RSA_PUBLIC_ENCRYPT 203 + # define RSA_F_RSA_SETUP_BLINDING 136 ++# define RSA_F_RSA_SET_DEFAULT_METHOD 205 ++# define RSA_F_RSA_SET_METHOD 204 + # define RSA_F_RSA_SIGN 117 + # define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 + # define RSA_F_RSA_VERIFY 119 +@@ -137,10 +146,12 @@ int ERR_load_RSA_strings(void); + # define RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D 169 + # define RSA_R_MP_R_NOT_PRIME 170 + # define RSA_R_NO_PUBLIC_EXPONENT 140 ++# define RSA_R_NON_FIPS_RSA_METHOD 200 + # define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 + # define RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES 172 + # define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 + # define RSA_R_OAEP_DECODING_ERROR 121 ++# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 201 + # define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 + # define RSA_R_PADDING_CHECK_FAILED 114 + # define RSA_R_PKCS_DECODING_ERROR 159 +@@ -160,6 +171,7 @@ int ERR_load_RSA_strings(void); + # define RSA_R_UNSUPPORTED_LABEL_SOURCE 163 + # define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153 + # define RSA_R_UNSUPPORTED_MASK_PARAMETER 154 ++# define RSA_R_UNSUPPORTED_PARAMETERS 202 + # define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155 + # define RSA_R_VALUE_MISSING 147 + # define RSA_R_WRONG_SIGNATURE_LENGTH 119 +diff -up openssl-1.1.1e/ssl/s3_lib.c.fips openssl-1.1.1e/ssl/s3_lib.c +--- openssl-1.1.1e/ssl/s3_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/ssl/s3_lib.c 2020-03-17 17:31:01.007410806 +0100 +@@ -43,7 +43,7 @@ static SSL_CIPHER tls13_ciphers[] = { + SSL_AEAD, + TLS1_3_VERSION, TLS1_3_VERSION, + 0, 0, +- SSL_HIGH, ++ SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256, + 128, + 128, +@@ -58,7 +58,7 @@ static SSL_CIPHER tls13_ciphers[] = { + SSL_AEAD, + TLS1_3_VERSION, TLS1_3_VERSION, + 0, 0, +- SSL_HIGH, ++ SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA384, + 256, + 256, +@@ -92,7 +92,7 @@ static SSL_CIPHER tls13_ciphers[] = { + SSL_AEAD, + TLS1_3_VERSION, TLS1_3_VERSION, + 0, 0, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256, + 128, + 128, +@@ -634,7 +634,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 128, + 128, +@@ -650,7 +650,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 256, + 256, +@@ -666,7 +666,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 128, + 128, +@@ -682,7 +682,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 256, + 256, +@@ -794,7 +794,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 128, + 128, +@@ -810,7 +810,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 256, + 256, +@@ -890,7 +890,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 128, + 128, +@@ -906,7 +906,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 256, + 256, +diff -up openssl-1.1.1e/ssl/ssl_ciph.c.fips openssl-1.1.1e/ssl/ssl_ciph.c +--- openssl-1.1.1e/ssl/ssl_ciph.c.fips 2020-03-17 17:30:52.017567549 +0100 ++++ openssl-1.1.1e/ssl/ssl_ciph.c 2020-03-17 17:31:01.008410788 +0100 +@@ -387,7 +387,7 @@ int ssl_load_ciphers(void) + } + } + /* Make sure we can access MD5 and SHA1 */ +- if (!ossl_assert(ssl_digest_methods[SSL_MD_MD5_IDX] != NULL)) ++ if (!FIPS_mode() && !ossl_assert(ssl_digest_methods[SSL_MD_MD5_IDX] != NULL)) + return 0; + if (!ossl_assert(ssl_digest_methods[SSL_MD_SHA1_IDX] != NULL)) + return 0; +@@ -559,6 +559,9 @@ int ssl_cipher_get_evp(const SSL_SESSION + s->ssl_version < TLS1_VERSION) + return 1; + ++ if (FIPS_mode()) ++ return 1; ++ + if (c->algorithm_enc == SSL_RC4 && + c->algorithm_mac == SSL_MD5 && + (evp = EVP_get_cipherbyname("RC4-HMAC-MD5"))) +@@ -667,6 +670,8 @@ static void ssl_cipher_collect_ciphers(c + /* drop those that use any of that is not available */ + if (c == NULL || !c->valid) + continue; ++ if (FIPS_mode() && !(c->algo_strength & SSL_FIPS)) ++ continue; + if ((c->algorithm_mkey & disabled_mkey) || + (c->algorithm_auth & disabled_auth) || + (c->algorithm_enc & disabled_enc) || +@@ -1671,7 +1676,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + * to the resulting precedence to the STACK_OF(SSL_CIPHER). + */ + for (curr = head; curr != NULL; curr = curr->next) { +- if (curr->active) { ++ if (curr->active ++ && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS)) { + if (!sk_SSL_CIPHER_push(cipherstack, curr->cipher)) { + OPENSSL_free(co_list); + sk_SSL_CIPHER_free(cipherstack); +diff -up openssl-1.1.1e/ssl/ssl_init.c.fips openssl-1.1.1e/ssl/ssl_init.c +--- openssl-1.1.1e/ssl/ssl_init.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/ssl/ssl_init.c 2020-03-17 17:31:01.009410771 +0100 +@@ -27,6 +27,10 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_bas + fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " + "Adding SSL ciphers and digests\n"); + #endif ++#ifdef OPENSSL_FIPS ++ if (!FIPS_mode()) { ++#endif ++ + #ifndef OPENSSL_NO_DES + EVP_add_cipher(EVP_des_cbc()); + EVP_add_cipher(EVP_des_ede3_cbc()); +@@ -87,6 +91,31 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_bas + EVP_add_digest(EVP_sha256()); + EVP_add_digest(EVP_sha384()); + EVP_add_digest(EVP_sha512()); ++#ifdef OPENSSL_FIPS ++ } else { ++# ifndef OPENSSL_NO_DES ++ EVP_add_cipher(EVP_des_ede3_cbc()); ++# endif ++ EVP_add_cipher(EVP_aes_128_cbc()); ++ EVP_add_cipher(EVP_aes_192_cbc()); ++ EVP_add_cipher(EVP_aes_256_cbc()); ++ EVP_add_cipher(EVP_aes_128_gcm()); ++ EVP_add_cipher(EVP_aes_256_gcm()); ++ EVP_add_cipher(EVP_aes_128_ccm()); ++ EVP_add_cipher(EVP_aes_256_ccm()); ++# ifndef OPENSSL_NO_MD5 ++ /* needed even in the FIPS mode for TLS-1.0 */ ++ EVP_add_digest(EVP_md5_sha1()); ++# endif ++ EVP_add_digest(EVP_sha1()); /* RSA with sha1 */ ++ EVP_add_digest_alias(SN_sha1, "ssl3-sha1"); ++ EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA); ++ EVP_add_digest(EVP_sha224()); ++ EVP_add_digest(EVP_sha256()); ++ EVP_add_digest(EVP_sha384()); ++ EVP_add_digest(EVP_sha512()); ++ } ++#endif + #ifndef OPENSSL_NO_COMP + # ifdef OPENSSL_INIT_DEBUG + fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " +diff -up openssl-1.1.1e/ssl/ssl_lib.c.fips openssl-1.1.1e/ssl/ssl_lib.c +--- openssl-1.1.1e/ssl/ssl_lib.c.fips 2020-03-17 17:30:52.018567531 +0100 ++++ openssl-1.1.1e/ssl/ssl_lib.c 2020-03-17 17:31:01.011410736 +0100 +@@ -2970,6 +2970,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m + if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL)) + return NULL; + ++ if (FIPS_mode() && (meth->version < TLS1_VERSION)) { ++ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE); ++ return NULL; ++ } ++ + if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) { + SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); + goto err; +@@ -3026,13 +3031,17 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m + if (ret->param == NULL) + goto err; + +- if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { +- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); +- goto err2; +- } +- if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) { +- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); +- goto err2; ++ if (!FIPS_mode()) { ++ if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { ++ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); ++ goto err2; ++ } ++ if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) { ++ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); ++ goto err2; ++ } ++ } else { ++ ret->min_proto_version = TLS1_VERSION; + } + + if ((ret->ca_names = sk_X509_NAME_new_null()) == NULL) +diff -up openssl-1.1.1e/ssl/ssl_local.h.fips openssl-1.1.1e/ssl/ssl_local.h +--- openssl-1.1.1e/ssl/ssl_local.h.fips 2020-03-17 17:30:51.842570600 +0100 ++++ openssl-1.1.1e/ssl/ssl_local.h 2020-03-17 17:31:10.740241108 +0100 +@@ -1516,6 +1516,7 @@ typedef struct tls_group_info_st { + # define TLS_CURVE_PRIME 0x0 + # define TLS_CURVE_CHAR2 0x1 + # define TLS_CURVE_CUSTOM 0x2 ++# define TLS_CURVE_FIPS 0x80 + + typedef struct cert_pkey_st CERT_PKEY; + +diff -up openssl-1.1.1e/ssl/t1_lib.c.fips openssl-1.1.1e/ssl/t1_lib.c +--- openssl-1.1.1e/ssl/t1_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/ssl/t1_lib.c 2020-03-17 17:31:10.741241091 +0100 +@@ -159,11 +159,11 @@ static const TLS_GROUP_INFO nid_list[] = + {NID_secp192k1, 80, TLS_CURVE_PRIME}, /* secp192k1 (18) */ + {NID_X9_62_prime192v1, 80, TLS_CURVE_PRIME}, /* secp192r1 (19) */ + {NID_secp224k1, 112, TLS_CURVE_PRIME}, /* secp224k1 (20) */ +- {NID_secp224r1, 112, TLS_CURVE_PRIME}, /* secp224r1 (21) */ ++ {NID_secp224r1, 112, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp224r1 (21) */ + {NID_secp256k1, 128, TLS_CURVE_PRIME}, /* secp256k1 (22) */ +- {NID_X9_62_prime256v1, 128, TLS_CURVE_PRIME}, /* secp256r1 (23) */ +- {NID_secp384r1, 192, TLS_CURVE_PRIME}, /* secp384r1 (24) */ +- {NID_secp521r1, 256, TLS_CURVE_PRIME}, /* secp521r1 (25) */ ++ {NID_X9_62_prime256v1, 128, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp256r1 (23) */ ++ {NID_secp384r1, 192, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp384r1 (24) */ ++ {NID_secp521r1, 256, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp521r1 (25) */ + {NID_brainpoolP256r1, 128, TLS_CURVE_PRIME}, /* brainpoolP256r1 (26) */ + {NID_brainpoolP384r1, 192, TLS_CURVE_PRIME}, /* brainpoolP384r1 (27) */ + {NID_brainpoolP512r1, 256, TLS_CURVE_PRIME}, /* brainpool512r1 (28) */ +@@ -258,6 +258,8 @@ int tls_curve_allowed(SSL *s, uint16_t c + if (cinfo->flags & TLS_CURVE_CHAR2) + return 0; + # endif ++ if (FIPS_mode() && !(cinfo->flags & TLS_CURVE_FIPS)) ++ return 0; + ctmp[0] = curve >> 8; + ctmp[1] = curve & 0xff; + return ssl_security(s, op, cinfo->secbits, cinfo->nid, (void *)ctmp); +diff -up openssl-1.1.1e/test/dsatest.c.fips openssl-1.1.1e/test/dsatest.c +--- openssl-1.1.1e/test/dsatest.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/dsatest.c 2020-03-17 17:31:10.741241091 +0100 +@@ -24,41 +24,42 @@ + #ifndef OPENSSL_NO_DSA + static int dsa_cb(int p, int n, BN_GENCB *arg); + +-/* +- * seed, out_p, out_q, out_g are taken from the updated Appendix 5 to FIPS +- * PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 +- */ + static unsigned char seed[20] = { +- 0xd5, 0x01, 0x4e, 0x4b, 0x60, 0xef, 0x2b, 0xa8, 0xb6, 0x21, 0x1b, 0x40, +- 0x62, 0xba, 0x32, 0x24, 0xe0, 0x42, 0x7d, 0xd3, ++ 0x02, 0x47, 0x11, 0x92, 0x11, 0x88, 0xC8, 0xFB, 0xAF, 0x48, 0x4C, 0x62, ++ 0xDF, 0xA5, 0xBE, 0xA0, 0xA4, 0x3C, 0x56, 0xE3, + }; + + static unsigned char out_p[] = { +- 0x8d, 0xf2, 0xa4, 0x94, 0x49, 0x22, 0x76, 0xaa, +- 0x3d, 0x25, 0x75, 0x9b, 0xb0, 0x68, 0x69, 0xcb, +- 0xea, 0xc0, 0xd8, 0x3a, 0xfb, 0x8d, 0x0c, 0xf7, +- 0xcb, 0xb8, 0x32, 0x4f, 0x0d, 0x78, 0x82, 0xe5, +- 0xd0, 0x76, 0x2f, 0xc5, 0xb7, 0x21, 0x0e, 0xaf, +- 0xc2, 0xe9, 0xad, 0xac, 0x32, 0xab, 0x7a, 0xac, +- 0x49, 0x69, 0x3d, 0xfb, 0xf8, 0x37, 0x24, 0xc2, +- 0xec, 0x07, 0x36, 0xee, 0x31, 0xc8, 0x02, 0x91, ++ 0xAC, 0xCB, 0x1E, 0x63, 0x60, 0x69, 0x0C, 0xFB, 0x06, 0x19, 0x68, 0x3E, ++ 0xA5, 0x01, 0x5A, 0xA2, 0x15, 0x5C, 0xE2, 0x99, 0x2D, 0xD5, 0x30, 0x99, ++ 0x7E, 0x5F, 0x8D, 0xE2, 0xF7, 0xC6, 0x2E, 0x8D, 0xA3, 0x9F, 0x58, 0xAD, ++ 0xD6, 0xA9, 0x7D, 0x0E, 0x0D, 0x95, 0x53, 0xA6, 0x71, 0x3A, 0xDE, 0xAB, ++ 0xAC, 0xE9, 0xF4, 0x36, 0x55, 0x9E, 0xB9, 0xD6, 0x93, 0xBF, 0xF3, 0x18, ++ 0x1C, 0x14, 0x7B, 0xA5, 0x42, 0x2E, 0xCD, 0x00, 0xEB, 0x35, 0x3B, 0x1B, ++ 0xA8, 0x51, 0xBB, 0xE1, 0x58, 0x42, 0x85, 0x84, 0x22, 0xA7, 0x97, 0x5E, ++ 0x99, 0x6F, 0x38, 0x20, 0xBD, 0x9D, 0xB6, 0xD9, 0x33, 0x37, 0x2A, 0xFD, ++ 0xBB, 0xD4, 0xBC, 0x0C, 0x2A, 0x67, 0xCB, 0x9F, 0xBB, 0xDF, 0xF9, 0x93, ++ 0xAA, 0xD6, 0xF0, 0xD6, 0x95, 0x0B, 0x5D, 0x65, 0x14, 0xD0, 0x18, 0x9D, ++ 0xC6, 0xAF, 0xF0, 0xC6, 0x37, 0x7C, 0xF3, 0x5F, + }; + + static unsigned char out_q[] = { +- 0xc7, 0x73, 0x21, 0x8c, 0x73, 0x7e, 0xc8, 0xee, +- 0x99, 0x3b, 0x4f, 0x2d, 0xed, 0x30, 0xf4, 0x8e, +- 0xda, 0xce, 0x91, 0x5f, ++ 0xE3, 0x8E, 0x5E, 0x6D, 0xBF, 0x2B, 0x79, 0xF8, 0xC5, 0x4B, 0x89, 0x8B, ++ 0xBA, 0x2D, 0x91, 0xC3, 0x6C, 0x80, 0xAC, 0x87, + }; + + static unsigned char out_g[] = { +- 0x62, 0x6d, 0x02, 0x78, 0x39, 0xea, 0x0a, 0x13, +- 0x41, 0x31, 0x63, 0xa5, 0x5b, 0x4c, 0xb5, 0x00, +- 0x29, 0x9d, 0x55, 0x22, 0x95, 0x6c, 0xef, 0xcb, +- 0x3b, 0xff, 0x10, 0xf3, 0x99, 0xce, 0x2c, 0x2e, +- 0x71, 0xcb, 0x9d, 0xe5, 0xfa, 0x24, 0xba, 0xbf, +- 0x58, 0xe5, 0xb7, 0x95, 0x21, 0x92, 0x5c, 0x9c, +- 0xc4, 0x2e, 0x9f, 0x6f, 0x46, 0x4b, 0x08, 0x8c, +- 0xc5, 0x72, 0xaf, 0x53, 0xe6, 0xd7, 0x88, 0x02, ++ 0x42, 0x4A, 0x04, 0x4E, 0x79, 0xB4, 0x99, 0x7F, 0xFD, 0x58, 0x36, 0x2C, ++ 0x1B, 0x5F, 0x18, 0x7E, 0x0D, 0xCC, 0xAB, 0x81, 0xC9, 0x5D, 0x10, 0xCE, ++ 0x4E, 0x80, 0x7E, 0x58, 0xB4, 0x34, 0x3F, 0xA7, 0x45, 0xC7, 0xAA, 0x36, ++ 0x24, 0x42, 0xA9, 0x3B, 0xE8, 0x0E, 0x04, 0x02, 0x2D, 0xFB, 0xA6, 0x13, ++ 0xB9, 0xB5, 0x15, 0xA5, 0x56, 0x07, 0x35, 0xE4, 0x03, 0xB6, 0x79, 0x7C, ++ 0x62, 0xDD, 0xDF, 0x3F, 0x71, 0x3A, 0x9D, 0x8B, 0xC4, 0xF6, 0xE7, 0x1D, ++ 0x52, 0xA8, 0xA9, 0x43, 0x1D, 0x33, 0x51, 0x88, 0x39, 0xBD, 0x73, 0xE9, ++ 0x5F, 0xBE, 0x82, 0x49, 0x27, 0xE6, 0xB5, 0x53, 0xC1, 0x38, 0xAC, 0x2F, ++ 0x6D, 0x97, 0x6C, 0xEB, 0x67, 0xC1, 0x5F, 0x67, 0xF8, 0x35, 0x05, 0x5E, ++ 0xD5, 0x68, 0x80, 0xAA, 0x96, 0xCA, 0x0B, 0x8A, 0xE6, 0xF1, 0xB1, 0x41, ++ 0xC6, 0x75, 0x94, 0x0A, 0x0A, 0x2A, 0xFA, 0x29, + }; + + static const unsigned char str1[] = "12345678901234567890"; +@@ -79,11 +80,11 @@ static int dsa_test(void) + + BN_GENCB_set(cb, dsa_cb, NULL); + if (!TEST_ptr(dsa = DSA_new()) +- || !TEST_true(DSA_generate_parameters_ex(dsa, 512, seed, 20, ++ || !TEST_true(DSA_generate_parameters_ex(dsa, 1024, seed, 20, + &counter, &h, cb))) + goto end; + +- if (!TEST_int_eq(counter, 105)) ++ if (!TEST_int_eq(counter, 239)) + goto end; + if (!TEST_int_eq(h, 2)) + goto end; +diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt.fips openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt +--- openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt 2020-03-17 17:31:10.742241073 +0100 +@@ -1206,6 +1206,7 @@ Key = 0000000000000000000000000000000000 + IV = 00000000000000000000000000000000 + Plaintext = 0000000000000000000000000000000000000000000000000000000000000000 + Ciphertext = 917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e ++Result = KEY_SET_ERROR + + Cipher = aes-128-xts + Key = 1111111111111111111111111111111122222222222222222222222222222222 +diff -up openssl-1.1.1e/util/libcrypto.num.fips openssl-1.1.1e/util/libcrypto.num +--- openssl-1.1.1e/util/libcrypto.num.fips 2020-03-17 17:31:10.744241038 +0100 ++++ openssl-1.1.1e/util/libcrypto.num 2020-03-17 17:32:37.851722261 +0100 +@@ -4590,3 +4590,38 @@ X509_ALGOR_copy + X509_REQ_set0_signature 4545 1_1_1h EXIST::FUNCTION: + X509_REQ_set1_signature_algo 4546 1_1_1h EXIST::FUNCTION: + EC_KEY_decoded_from_explicit_params 4547 1_1_1h EXIST::FUNCTION:EC ++FIPS_drbg_reseed 6348 1_1_0g EXIST::FUNCTION: ++FIPS_selftest_check 6349 1_1_0g EXIST::FUNCTION: ++FIPS_rand_set_method 6350 1_1_0g EXIST::FUNCTION: ++FIPS_get_default_drbg 6351 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_set_reseed_interval 6352 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_set_app_data 6353 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_method 6354 1_1_0g EXIST::FUNCTION: ++FIPS_rand_status 6355 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_instantiate 6356 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_set_callbacks 6357 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_new 6358 1_1_0g EXIST::FUNCTION: ++FIPS_dsa_paramgen_check_g 6359 1_1_0g EXIST::FUNCTION: ++FIPS_selftest 6360 1_1_0g EXIST::FUNCTION: ++FIPS_rand_set_bits 6361 1_1_0g EXIST::FUNCTION: ++FIPS_rand_bytes 6362 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_get_app_data 6363 1_1_0g EXIST::FUNCTION: ++FIPS_selftest_failed 6364 1_1_0g EXIST::FUNCTION: ++FIPS_dsa_builtin_paramgen2 6365 1_1_0g EXIST::FUNCTION: ++FIPS_rand_reset 6366 1_1_0g EXIST::FUNCTION: ++ERR_load_FIPS_strings 6367 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_generate 6368 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_uninstantiate 6369 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_set_check_interval 6370 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_free 6371 1_1_0g EXIST::FUNCTION: ++FIPS_selftest_drbg_all 6372 1_1_0g EXIST::FUNCTION: ++FIPS_rand_get_method 6373 1_1_0g EXIST::FUNCTION: ++RAND_set_fips_drbg_type 6374 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_health_check 6375 1_1_0g EXIST::FUNCTION: ++RAND_init_fips 6376 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_set_rand_callbacks 6377 1_1_0g EXIST::FUNCTION: ++FIPS_rand_seed 6378 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_get_strength 6379 1_1_0g EXIST::FUNCTION: ++FIPS_rand_strength 6380 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_get_blocklength 6381 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_init 6382 1_1_0g EXIST::FUNCTION: diff --git a/thirdparty/openssl/patches/openssl-1.1.1-kdf-selftest.patch b/thirdparty/openssl/patches/openssl-1.1.1-kdf-selftest.patch new file mode 100644 index 000000000..3cb3718a6 --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-kdf-selftest.patch @@ -0,0 +1,170 @@ +diff -up openssl-1.1.1g/crypto/fips/build.info.kdf-selftest openssl-1.1.1g/crypto/fips/build.info +--- openssl-1.1.1g/crypto/fips/build.info.kdf-selftest 2020-06-03 16:08:36.274849058 +0200 ++++ openssl-1.1.1g/crypto/fips/build.info 2020-06-03 16:11:05.609079372 +0200 +@@ -5,7 +5,7 @@ SOURCE[../../libcrypto]=\ + fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \ + fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \ + fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c \ +- fips_dh_selftest.c fips_ers.c ++ fips_dh_selftest.c fips_kdf_selftest.c fips_ers.c + + PROGRAMS_NO_INST=\ + fips_standalone_hmac +diff -up openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c +--- openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest 2020-06-03 16:08:36.337849577 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c 2020-06-03 16:08:36.337849577 +0200 +@@ -0,0 +1,117 @@ ++/* ++ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include ++#include "crypto/fips.h" ++ ++#include ++#include ++ ++#ifdef OPENSSL_FIPS ++int FIPS_selftest_pbkdf2(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ unsigned char out[32]; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2)) == NULL) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ goto err; ++ } ++ ++ { ++ const unsigned char expected[sizeof(out)] = { ++ 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3, ++ 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0, ++ 0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf, ++ 0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43 ++ }; ++ if (memcmp(out, expected, sizeof(expected))) { ++ goto err; ++ } ++ } ++ ret = 1; ++ ++err: ++ if (!ret) ++ FIPSerr(FIPS_F_FIPS_SELFTEST_PBKDF2, FIPS_R_SELFTEST_FAILED); ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++/* Test vector from RFC 8009 (AES Encryption with HMAC-SHA2 for Kerberos ++ * 5) appendix A. */ ++int FIPS_selftest_kbkdf(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ char *label = "prf", *prf_input = "test"; ++ static unsigned char input_key[] = { ++ 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28, ++ 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C, ++ }; ++ static unsigned char output[] = { ++ 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE, ++ 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86, ++ 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B, ++ 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95, ++ }; ++ unsigned char result[sizeof(output)] = { 0 }; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, label, strlen(label)) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, prf_input, strlen(prf_input)) <= 0) { ++ goto err; ++ } ++ ret = EVP_KDF_derive(kctx, result, sizeof(result)) > 0 ++ && memcmp(result, output, sizeof(output)) == 0; ++err: ++ ++ if (!ret) ++ FIPSerr(FIPS_F_FIPS_SELFTEST_KBKDF, FIPS_R_SELFTEST_FAILED); ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++int FIPS_selftest_kdf(void) ++{ ++ return FIPS_selftest_pbkdf2() && FIPS_selftest_kbkdf(); ++} ++ ++#endif +diff -up openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_post.c +--- openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest 2020-06-03 16:08:36.332849536 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-06-03 16:08:36.338849585 +0200 +@@ -111,6 +111,8 @@ int FIPS_selftest(void) + rv = 0; + if (!FIPS_selftest_ecdh()) + rv = 0; ++ if (!FIPS_selftest_kdf()) ++ rv = 0; + return rv; + } + +diff -up openssl-1.1.1g/include/crypto/fips.h.kdf-selftest openssl-1.1.1g/include/crypto/fips.h +--- openssl-1.1.1g/include/crypto/fips.h.kdf-selftest 2020-06-03 16:08:36.330849519 +0200 ++++ openssl-1.1.1g/include/crypto/fips.h 2020-06-03 16:08:36.338849585 +0200 +@@ -72,6 +72,9 @@ void FIPS_drbg_stick(int onoff); + int FIPS_selftest_hmac(void); + int FIPS_selftest_drbg(void); + int FIPS_selftest_cmac(void); ++int FIPS_selftest_kbkdf(void); ++int FIPS_selftest_pbkdf2(void); ++int FIPS_selftest_kdf(void); + + int fips_in_post(void); + +diff -up openssl-1.1.1g/include/openssl/fips.h.kdf-selftest openssl-1.1.1g/include/openssl/fips.h +--- openssl-1.1.1g/include/openssl/fips.h.kdf-selftest 2020-06-03 16:08:36.282849124 +0200 ++++ openssl-1.1.1g/include/openssl/fips.h 2020-06-03 16:08:36.338849585 +0200 +@@ -123,6 +123,8 @@ extern "C" { + # define FIPS_F_FIPS_SELFTEST_DSA 112 + # define FIPS_F_FIPS_SELFTEST_ECDSA 133 + # define FIPS_F_FIPS_SELFTEST_HMAC 113 ++# define FIPS_F_FIPS_SELFTEST_KBKDF 151 ++# define FIPS_F_FIPS_SELFTEST_PBKDF2 152 + # define FIPS_F_FIPS_SELFTEST_SHA1 115 + # define FIPS_F_FIPS_SELFTEST_SHA2 105 + # define FIPS_F_OSSL_ECDSA_SIGN_SIG 143 diff --git a/thirdparty/openssl/patches/openssl-1.1.1-krb5-kdf.patch b/thirdparty/openssl/patches/openssl-1.1.1-krb5-kdf.patch new file mode 100644 index 000000000..249a5c53b --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-krb5-kdf.patch @@ -0,0 +1,3030 @@ +diff -up openssl-1.1.1d/crypto/err/openssl.txt.krb5-kdf openssl-1.1.1d/crypto/err/openssl.txt +--- openssl-1.1.1d/crypto/err/openssl.txt.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 ++++ openssl-1.1.1d/crypto/err/openssl.txt 2019-11-14 15:07:05.342094129 +0100 +@@ -821,6 +821,11 @@ EVP_F_S390X_AES_GCM_CTRL:201:s390x_aes_g + EVP_F_SCRYPT_ALG:228:scrypt_alg + EVP_F_UPDATE:173:update + KDF_F_HKDF_EXTRACT:112:HKDF_Extract ++KDF_F_KBKDF_CTRL:134:kbkdf_ctrl ++KDF_F_KBKDF_CTRL_STR:135:kbkdf_ctrl_str ++KDF_F_KBKDF_DERIVE:136:kbkdf_derive ++KDF_F_KBKDF_NEW:137:kbkdf_new ++KDF_F_KDF_CIPHER2CTRL:138:kdf_cipher2ctrl + KDF_F_KDF_HKDF_DERIVE:113:kdf_hkdf_derive + KDF_F_KDF_HKDF_NEW:114:kdf_hkdf_new + KDF_F_KDF_HKDF_SIZE:115:kdf_hkdf_size +@@ -840,6 +845,8 @@ KDF_F_KDF_SSHKDF_NEW:133:kdf_sshkdf_new + KDF_F_KDF_TLS1_PRF_CTRL_STR:125:kdf_tls1_prf_ctrl_str + KDF_F_KDF_TLS1_PRF_DERIVE:126:kdf_tls1_prf_derive + KDF_F_KDF_TLS1_PRF_NEW:127:kdf_tls1_prf_new ++KDF_F_KRB5KDF:139:KRB5KDF ++KDF_F_KRB5KDF_DERIVE:140:krb5kdf_derive + KDF_F_PBKDF2_SET_MEMBUF:128:pbkdf2_set_membuf + KDF_F_PKEY_HKDF_CTRL_STR:103:pkey_hkdf_ctrl_str + KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive +@@ -853,6 +860,9 @@ KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tl + KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive + KDF_F_PKEY_TLS1_PRF_INIT:110:pkey_tls1_prf_init + KDF_F_SCRYPT_SET_MEMBUF:129:scrypt_set_membuf ++KDF_F_SSKDF_DERIVE:141:sskdf_derive ++KDF_F_SSKDF_NEW:142:sskdf_new ++KDF_F_SSKDF_SIZE:143:sskdf_size + KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg + OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object + OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid +@@ -2325,7 +2335,13 @@ EVP_R_UNSUPPORTED_SALT_TYPE:126:unsuppor + EVP_R_WRAP_MODE_NOT_ALLOWED:170:wrap mode not allowed + EVP_R_WRONG_FINAL_BLOCK_LENGTH:109:wrong final block length + EVP_R_XTS_DUPLICATED_KEYS:183:xts duplicated keys ++KDF_R_FAILED_TO_GENERATE_KEY:118:failed to generate key ++KDF_R_INVALID_CIPHER:116:invalid cipher ++KDF_R_INVALID_CONSTANT_LENGTH:119:invalid constant length + KDF_R_INVALID_DIGEST:100:invalid digest ++KDF_R_INVALID_SEED_LENGTH:117:invalid seed length ++KDF_R_MISSING_CIPHER:120:missing cipher ++KDF_R_MISSING_CONSTANT:121:missing constant + KDF_R_MISSING_ITERATION_COUNT:109:missing iteration count + KDF_R_MISSING_KEY:104:missing key + KDF_R_MISSING_MESSAGE_DIGEST:105:missing message digest +@@ -2340,6 +2356,7 @@ KDF_R_MISSING_XCGHASH:115:missing xcghas + KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type + KDF_R_VALUE_ERROR:108:value error + KDF_R_VALUE_MISSING:102:value missing ++KDF_R_WRONG_FINAL_BLOCK_LENGTH:120:wrong final block length + KDF_R_WRONG_OUTPUT_BUFFER_SIZE:112:wrong output buffer size + OBJ_R_OID_EXISTS:102:oid exists + OBJ_R_UNKNOWN_NID:101:unknown nid +diff -up openssl-1.1.1d/crypto/evp/kdf_lib.c.krb5-kdf openssl-1.1.1d/crypto/evp/kdf_lib.c +--- openssl-1.1.1d/crypto/evp/kdf_lib.c.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 ++++ openssl-1.1.1d/crypto/evp/kdf_lib.c 2019-11-14 15:07:05.342094129 +0100 +@@ -31,6 +31,9 @@ static const EVP_KDF_METHOD *standard_me + &tls1_prf_kdf_meth, + &hkdf_kdf_meth, + &sshkdf_kdf_meth, ++ &kb_kdf_meth, ++ &krb5kdf_kdf_meth, ++ &ss_kdf_meth + }; + + DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, +diff -up openssl-1.1.1d/include/crypto/evp.h.krb5-kdf openssl-1.1.1d/include/crypto/evp.h +--- openssl-1.1.1d/include/crypto/evp.h.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 ++++ openssl-1.1.1d/include/crypto/evp.h 2019-11-14 15:07:05.342094129 +0100 +@@ -130,6 +130,9 @@ extern const EVP_KDF_METHOD scrypt_kdf_m + extern const EVP_KDF_METHOD tls1_prf_kdf_meth; + extern const EVP_KDF_METHOD hkdf_kdf_meth; + extern const EVP_KDF_METHOD sshkdf_kdf_meth; ++extern const EVP_KDF_METHOD kb_kdf_meth; ++extern const EVP_KDF_METHOD krb5kdf_kdf_meth; ++extern const EVP_KDF_METHOD ss_kdf_meth; + + struct evp_md_st { + int type; +diff -up openssl-1.1.1d/crypto/kdf/build.info.krb5-kdf openssl-1.1.1d/crypto/kdf/build.info +--- openssl-1.1.1d/crypto/kdf/build.info.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 ++++ openssl-1.1.1d/crypto/kdf/build.info 2019-11-14 15:07:05.342094129 +0100 +@@ -1,3 +1,3 @@ + LIBS=../../libcrypto + SOURCE[../../libcrypto]=\ +- tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c ++ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c kbkdf.c krb5kdf.c sskdf.c +diff -up openssl-1.1.1d/crypto/kdf/kbkdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/kbkdf.c +--- openssl-1.1.1d/crypto/kdf/kbkdf.c.krb5-kdf 2019-11-14 15:07:05.343094112 +0100 ++++ openssl-1.1.1d/crypto/kdf/kbkdf.c 2019-11-18 17:21:58.326635901 +0100 +@@ -0,0 +1,540 @@ ++/* ++ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 2019 Red Hat, Inc. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++/* ++ * This implements https://csrc.nist.gov/publications/detail/sp/800-108/final ++ * section 5.1 ("counter mode") and section 5.2 ("feedback mode") in both HMAC ++ * and CMAC. That document does not name the KDFs it defines; the name is ++ * derived from ++ * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Key-Derivation ++ * ++ * Note that section 5.3 ("double-pipeline mode") is not implemented, though ++ * it would be possible to do so in the future. ++ * ++ * These versions all assume the counter is used. It would be relatively ++ * straightforward to expose a configuration handle should the need arise. ++ * ++ * Variable names attempt to match those of SP800-108. ++ */ ++ ++#include ++#include ++#include ++ ++#include ++#include ++#include ++#include ++ ++#include "internal/numbers.h" ++#include "internal/cryptlib.h" ++#include "crypto/evp.h" ++#include "kdf_local.h" ++ ++#include "e_os.h" ++ ++#ifdef MIN ++# undef MIN ++#endif ++#define MIN(a, b) ((a) < (b)) ? (a) : (b) ++ ++typedef struct { ++ int mac_type; ++ union { ++ HMAC_CTX *hmac; ++ CMAC_CTX *cmac; ++ } m; ++} MAC_CTX; ++ ++/* Our context structure. */ ++struct evp_kdf_impl_st { ++ int mode; ++ ++ MAC_CTX *ctx_init; ++ ++ const EVP_CIPHER *cipher; ++ const EVP_MD *md; ++ ++ /* Names are lowercased versions of those found in SP800-108. */ ++ unsigned char *ki; ++ size_t ki_len; ++ unsigned char *label; ++ size_t label_len; ++ unsigned char *context; ++ size_t context_len; ++ unsigned char *iv; ++ size_t iv_len; ++}; ++ ++static MAC_CTX *EVP_MAC_CTX_new(int mac_type) ++{ ++ MAC_CTX *ctx; ++ ++ ctx = OPENSSL_zalloc(sizeof(*ctx)); ++ if (ctx == NULL) ++ return NULL; ++ ++ ctx->mac_type = mac_type; ++ if (mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { ++ if ((ctx->m.hmac = HMAC_CTX_new()) == NULL) ++ goto err; ++ } else { ++ if ((ctx->m.cmac = CMAC_CTX_new()) == NULL) ++ goto err; ++ } ++ return ctx; ++ ++err: ++ OPENSSL_free(ctx); ++ return NULL; ++} ++ ++static void EVP_MAC_CTX_free(MAC_CTX *ctx) ++{ ++ if (ctx == NULL) ++ return; ++ ++ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) ++ HMAC_CTX_free(ctx->m.hmac); ++ else ++ CMAC_CTX_free(ctx->m.cmac); ++ OPENSSL_free(ctx); ++} ++ ++static MAC_CTX *EVP_MAC_CTX_dup(MAC_CTX *sctx) ++{ ++ MAC_CTX *ctx; ++ ++ ctx = OPENSSL_zalloc(sizeof(*sctx)); ++ if (ctx == NULL) ++ return NULL; ++ ++ ctx->mac_type = sctx->mac_type; ++ if (sctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { ++ if ((ctx->m.hmac = HMAC_CTX_new()) == NULL ++ || HMAC_CTX_copy(ctx->m.hmac, sctx->m.hmac) <= 0) ++ goto err; ++ } else { ++ if ((ctx->m.cmac = CMAC_CTX_new()) == NULL ++ || CMAC_CTX_copy(ctx->m.cmac, sctx->m.cmac) <= 0) ++ goto err; ++ } ++ return ctx; ++ ++err: ++ EVP_MAC_CTX_free(ctx); ++ return NULL; ++} ++ ++static size_t EVP_MAC_size(MAC_CTX *ctx) ++{ ++ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { ++ const EVP_MD *md; ++ ++ if (ctx->m.hmac == NULL) ++ return 0; ++ if ((md = HMAC_CTX_get_md(ctx->m.hmac)) == NULL) ++ return 0; ++ return (size_t)EVP_MD_size(md); ++ } else { ++ const EVP_CIPHER_CTX *cctx; ++ ++ if (ctx->m.cmac == NULL) ++ return 0; ++ if ((cctx = CMAC_CTX_get0_cipher_ctx(ctx->m.cmac)) == NULL) ++ return 0; ++ return EVP_CIPHER_CTX_block_size(cctx); ++ } ++} ++ ++static int EVP_MAC_update(MAC_CTX *ctx, const unsigned char *data, ++ size_t datalen) ++{ ++ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) ++ return HMAC_Update(ctx->m.hmac, data, datalen); ++ else ++ return CMAC_Update(ctx->m.cmac, data, datalen); ++} ++ ++static int EVP_MAC_final(MAC_CTX *ctx, unsigned char *out, ++ size_t *outl, size_t outsize) ++{ ++ if (outsize != EVP_MAC_size(ctx)) ++ /* we do not cope with anything else */ ++ return 0; ++ ++ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { ++ unsigned int intsize = (unsigned int)outsize; ++ int ret; ++ ++ ret = HMAC_Final(ctx->m.hmac, out, &intsize); ++ if (outl != NULL) ++ *outl = intsize; ++ return ret; ++ } else { ++ size_t size = outsize; ++ int ret; ++ ++ ret = CMAC_Final(ctx->m.cmac, out, &size); ++ if (outl != NULL) ++ *outl = size; ++ return ret; ++ } ++} ++ ++static int evp_mac_init(MAC_CTX *ctx, const EVP_MD *md, ++ const EVP_CIPHER *cipher, unsigned char *key, size_t keylen) ++{ ++ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { ++ if (md == NULL) ++ return 0; ++ return HMAC_Init_ex(ctx->m.hmac, key, (int)keylen, md, NULL); ++ } else { ++ if (cipher == NULL) ++ return 0; ++ return CMAC_Init(ctx->m.cmac, key, keylen, cipher, NULL); ++ } ++} ++ ++static void kbkdf_reset(EVP_KDF_IMPL *ctx); ++ ++/* Not all platforms have htobe32(). */ ++static uint32_t be32(uint32_t host) ++{ ++ uint32_t big = 0; ++ const union { ++ long one; ++ char little; ++ } is_endian = { 1 }; ++ ++ if (!is_endian.little) ++ return host; ++ ++ big |= (host & 0xff000000) >> 24; ++ big |= (host & 0x00ff0000) >> 8; ++ big |= (host & 0x0000ff00) << 8; ++ big |= (host & 0x000000ff) << 24; ++ return big; ++} ++ ++static EVP_KDF_IMPL *kbkdf_new(void) ++{ ++ EVP_KDF_IMPL *ctx; ++ ++ ctx = OPENSSL_zalloc(sizeof(*ctx)); ++ if (ctx == NULL) { ++ KDFerr(KDF_F_KBKDF_NEW, ERR_R_MALLOC_FAILURE); ++ return NULL; ++ } ++ ++ return ctx; ++} ++ ++static void kbkdf_free(EVP_KDF_IMPL *ctx) ++{ ++ kbkdf_reset(ctx); ++ OPENSSL_free(ctx); ++} ++ ++static void kbkdf_reset(EVP_KDF_IMPL *ctx) ++{ ++ EVP_MAC_CTX_free(ctx->ctx_init); ++ OPENSSL_clear_free(ctx->context, ctx->context_len); ++ OPENSSL_clear_free(ctx->label, ctx->label_len); ++ OPENSSL_clear_free(ctx->ki, ctx->ki_len); ++ OPENSSL_clear_free(ctx->iv, ctx->iv_len); ++ memset(ctx, 0, sizeof(*ctx)); ++} ++ ++/* SP800-108 section 5.1 or section 5.2 depending on mode. */ ++static int derive(MAC_CTX *ctx_init, int mode, unsigned char *iv, ++ size_t iv_len, unsigned char *label, size_t label_len, ++ unsigned char *context, size_t context_len, ++ unsigned char *k_i, size_t h, uint32_t l, unsigned char *ko, ++ size_t ko_len) ++{ ++ int ret = 0; ++ MAC_CTX *ctx = NULL; ++ size_t written = 0, to_write, k_i_len = iv_len; ++ const unsigned char zero = 0; ++ uint32_t counter, i; ++ ++ /* Setup K(0) for feedback mode. */ ++ if (iv_len > 0) ++ memcpy(k_i, iv, iv_len); ++ ++ for (counter = 1; written < ko_len; counter++) { ++ i = be32(counter); ++ ++ ctx = EVP_MAC_CTX_dup(ctx_init); ++ if (ctx == NULL) ++ goto done; ++ ++ /* Perform feedback, if appropriate. */ ++ if (mode == EVP_KDF_KB_MODE_FEEDBACK && !EVP_MAC_update(ctx, k_i, k_i_len)) ++ goto done; ++ ++ if (!EVP_MAC_update(ctx, (unsigned char *)&i, 4) ++ || !EVP_MAC_update(ctx, label, label_len) ++ || !EVP_MAC_update(ctx, &zero, 1) ++ || !EVP_MAC_update(ctx, context, context_len) ++ || !EVP_MAC_update(ctx, (unsigned char *)&l, 4) ++ || !EVP_MAC_final(ctx, k_i, NULL, h)) ++ goto done; ++ ++ to_write = ko_len - written; ++ memcpy(ko + written, k_i, MIN(to_write, h)); ++ written += h; ++ ++ k_i_len = h; ++ EVP_MAC_CTX_free(ctx); ++ ctx = NULL; ++ } ++ ++ ret = 1; ++done: ++ EVP_MAC_CTX_free(ctx); ++ return ret; ++} ++ ++static int kbkdf_derive(EVP_KDF_IMPL *ctx, unsigned char *key, size_t keylen) ++{ ++ int ret = 0; ++ unsigned char *k_i = NULL; ++ uint32_t l = be32(keylen * 8); ++ size_t h = 0; ++ ++ /* label, context, and iv are permitted to be empty. Check everything ++ * else. */ ++ if (ctx->ctx_init == NULL ++ || evp_mac_init(ctx->ctx_init, ctx->md, ctx->cipher, ctx->ki, ctx->ki_len) <= 0) { ++ if (ctx->ki_len == 0 || ctx->ki == NULL) { ++ KDFerr(KDF_F_KBKDF_DERIVE, KDF_R_MISSING_KEY); ++ return 0; ++ } ++ /* Could either be missing MAC or missing message digest or missing ++ * cipher - arbitrarily, I pick this one. */ ++ KDFerr(KDF_F_KBKDF_DERIVE, KDF_R_MISSING_PARAMETER); ++ return 0; ++ } ++ ++ h = EVP_MAC_size(ctx->ctx_init); ++ if (h == 0) ++ goto done; ++ if (ctx->iv_len != 0 && ctx->iv_len != h) { ++ KDFerr(KDF_F_KBKDF_DERIVE, KDF_R_INVALID_SEED_LENGTH); ++ goto done; ++ } ++ ++ k_i = OPENSSL_zalloc(h); ++ if (k_i == NULL) ++ goto done; ++ ++ ret = derive(ctx->ctx_init, ctx->mode, ctx->iv, ctx->iv_len, ctx->label, ++ ctx->label_len, ctx->context, ctx->context_len, k_i, h, l, ++ key, keylen); ++done: ++ if (ret != 1) ++ OPENSSL_cleanse(key, keylen); ++ OPENSSL_clear_free(k_i, h); ++ return ret; ++} ++ ++static size_t kbkdf_size(EVP_KDF_IMPL *ctx) ++{ ++ return UINT32_MAX/8; ++} ++ ++static int kbkdf_parse_buffer_arg(unsigned char **dst, size_t *dst_len, ++ va_list args) ++{ ++ const unsigned char *p; ++ size_t len; ++ ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ OPENSSL_clear_free(*dst, *dst_len); ++ if (len == 0) { ++ *dst = NULL; ++ *dst_len = 0; ++ return 1; ++ } ++ ++ *dst = OPENSSL_memdup(p, len); ++ if (*dst == NULL) ++ return 0; ++ ++ *dst_len = len; ++ return 1; ++} ++ ++static int kbkdf_ctrl(EVP_KDF_IMPL *ctx, int cmd, va_list args) ++{ ++ int t; ++ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_MD: ++ ctx->md = va_arg(args, const EVP_MD *); ++ if (ctx->md == NULL) ++ return 0; ++ ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_CIPHER: ++ ctx->cipher = va_arg(args, const EVP_CIPHER *); ++ if (ctx->cipher == NULL) ++ return 0; ++ ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_KEY: ++ return kbkdf_parse_buffer_arg(&ctx->ki, ++ &ctx->ki_len, args); ++ ++ case EVP_KDF_CTRL_SET_SALT: ++ return kbkdf_parse_buffer_arg(&ctx->label, ++ &ctx->label_len, args); ++ ++ case EVP_KDF_CTRL_SET_KB_INFO: ++ return kbkdf_parse_buffer_arg(&ctx->context, ++ &ctx->context_len, args); ++ ++ case EVP_KDF_CTRL_SET_KB_SEED: ++ return kbkdf_parse_buffer_arg(&ctx->iv, ++ &ctx->iv_len, args); ++ ++ case EVP_KDF_CTRL_SET_KB_MODE: ++ t = va_arg(args, int); ++ if (t != EVP_KDF_KB_MODE_COUNTER && t != EVP_KDF_KB_MODE_FEEDBACK ) { ++ KDFerr(KDF_F_KBKDF_CTRL, KDF_R_VALUE_ERROR); ++ return 0; ++ } ++ ctx->mode = t; ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_KB_MAC_TYPE: ++ t = va_arg(args, int); ++ if (t != EVP_KDF_KB_MAC_TYPE_HMAC && t != EVP_KDF_KB_MAC_TYPE_CMAC ) { ++ KDFerr(KDF_F_KBKDF_CTRL, KDF_R_VALUE_ERROR); ++ return 0; ++ } ++ ++ if (ctx->ctx_init != NULL) { ++ EVP_MAC_CTX_free(ctx->ctx_init); ++ } ++ ctx->ctx_init = EVP_MAC_CTX_new(t); ++ if (ctx->ctx_init == NULL) { ++ KDFerr(KDF_F_KBKDF_CTRL, ERR_R_MALLOC_FAILURE); ++ return 0; ++ } ++ return 1; ++ ++ default: ++ return -2; ++ ++ } ++} ++ ++static int kbkdf_ctrl_str(EVP_KDF_IMPL *ctx, const char *type, ++ const char *value) ++{ ++ if (value == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_VALUE_MISSING); ++ return 0; ++ } ++ ++ if (strcmp(type, "digest") == 0) ++ return kdf_md2ctrl(ctx, kbkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); ++ /* alias, for historical reasons */ ++ if (strcmp(type, "md") == 0) ++ return kdf_md2ctrl(ctx, kbkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); ++ ++ if (strcmp(type, "cipher") == 0) ++ return kdf_cipher2ctrl(ctx, kbkdf_ctrl, EVP_KDF_CTRL_SET_CIPHER, value); ++ ++ if (strcmp(type, "key") == 0) ++ return kdf_str2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_KEY, value); ++ ++ if (strcmp(type, "hexkey") == 0) ++ return kdf_hex2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_KEY, value); ++ ++ if (strcmp(type, "salt") == 0) ++ return kdf_str2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_SALT, value); ++ ++ if (strcmp(type, "hexsalt") == 0) ++ return kdf_hex2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_SALT, value); ++ ++ if (strcmp(type, "info") == 0) ++ return kdf_str2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_KB_INFO, value); ++ ++ if (strcmp(type, "hexinfo") == 0) ++ return kdf_hex2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_KB_INFO, value); ++ ++ if (strcmp(type, "seed") == 0) ++ return kdf_str2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_KB_SEED, value); ++ ++ if (strcmp(type, "hexseed") == 0) ++ return kdf_hex2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_KB_SEED, value); ++ ++ if (strcmp(type, "mode") == 0) { ++ int mode; ++ ++ if (strcasecmp(value, "counter") == 0) { ++ mode = EVP_KDF_KB_MODE_COUNTER; ++ } else if (strcasecmp(value, "feedback") == 0) { ++ mode = EVP_KDF_KB_MODE_FEEDBACK; ++ } else { ++ KDFerr(KDF_F_KBKDF_CTRL_STR, KDF_R_VALUE_ERROR); ++ return 0; ++ } ++ ++ return call_ctrl(kbkdf_ctrl, ctx, EVP_KDF_CTRL_SET_KB_MODE, ++ mode); ++ } ++ ++ if (strcmp(type, "mac_type") == 0) { ++ int mac_type; ++ ++ if (strcasecmp(value, "hmac") == 0) { ++ mac_type = EVP_KDF_KB_MAC_TYPE_HMAC; ++ } else if (strcasecmp(value, "cmac") == 0) { ++ mac_type = EVP_KDF_KB_MAC_TYPE_CMAC; ++ } else { ++ KDFerr(KDF_F_KBKDF_CTRL_STR, KDF_R_VALUE_ERROR); ++ return 0; ++ } ++ ++ return call_ctrl(kbkdf_ctrl, ctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, ++ mac_type); ++ } ++ ++ KDFerr(KDF_F_KBKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); ++ return -2; ++} ++ ++const EVP_KDF_METHOD kb_kdf_meth = { ++ EVP_KDF_KB, ++ kbkdf_new, ++ kbkdf_free, ++ kbkdf_reset, ++ kbkdf_ctrl, ++ kbkdf_ctrl_str, ++ kbkdf_size, ++ kbkdf_derive, ++}; ++ +diff -up openssl-1.1.1d/crypto/kdf/kdf_err.c.krb5-kdf openssl-1.1.1d/crypto/kdf/kdf_err.c +--- openssl-1.1.1d/crypto/kdf/kdf_err.c.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 ++++ openssl-1.1.1d/crypto/kdf/kdf_err.c 2019-11-14 15:07:05.343094112 +0100 +@@ -15,6 +15,11 @@ + + static const ERR_STRING_DATA KDF_str_functs[] = { + {ERR_PACK(ERR_LIB_KDF, KDF_F_HKDF_EXTRACT, 0), "HKDF_Extract"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KBKDF_CTRL, 0), "kbkdf_ctrl"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KBKDF_CTRL_STR, 0), "kbkdf_ctrl_str"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KBKDF_DERIVE, 0), "kbkdf_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KBKDF_NEW, 0), "kbkdf_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_CIPHER2CTRL, 0), "kdf_cipher2ctrl"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_DERIVE, 0), "kdf_hkdf_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_NEW, 0), "kdf_hkdf_new"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_SIZE, 0), "kdf_hkdf_size"}, +@@ -41,6 +46,8 @@ static const ERR_STRING_DATA KDF_str_fun + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_DERIVE, 0), + "kdf_tls1_prf_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_NEW, 0), "kdf_tls1_prf_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KRB5KDF, 0), "KRB5KDF"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KRB5KDF_DERIVE, 0), "krb5kdf_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PBKDF2_SET_MEMBUF, 0), "pbkdf2_set_membuf"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"}, +@@ -59,12 +66,22 @@ static const ERR_STRING_DATA KDF_str_fun + "pkey_tls1_prf_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_INIT, 0), "pkey_tls1_prf_init"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_SCRYPT_SET_MEMBUF, 0), "scrypt_set_membuf"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_SSKDF_DERIVE, 0), "sskdf_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_SSKDF_NEW, 0), "sskdf_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_SSKDF_SIZE, 0), "sskdf_size"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_TLS1_PRF_ALG, 0), "tls1_prf_alg"}, + {0, NULL} + }; + + static const ERR_STRING_DATA KDF_str_reasons[] = { ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_FAILED_TO_GENERATE_KEY), ++ "failed to generate key"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_CIPHER), "invalid cipher"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_CONSTANT_LENGTH), "invalid constant length"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_DIGEST), "invalid digest"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_SEED_LENGTH), "invalid seed length"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_CIPHER), "missing cipher"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_CONSTANT), "missing constant"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_ITERATION_COUNT), + "missing iteration count"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_KEY), "missing key"}, +@@ -82,6 +99,8 @@ static const ERR_STRING_DATA KDF_str_rea + "unknown parameter type"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_ERROR), "value error"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_WRONG_FINAL_BLOCK_LENGTH), ++ "wrong final block length"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_WRONG_OUTPUT_BUFFER_SIZE), + "wrong output buffer size"}, + {0, NULL} +diff -up openssl-1.1.1d/crypto/kdf/kdf_local.h.krb5-kdf openssl-1.1.1d/crypto/kdf/kdf_local.h +--- openssl-1.1.1d/crypto/kdf/kdf_local.h.krb5-kdf 2019-11-14 15:07:05.313094646 +0100 ++++ openssl-1.1.1d/crypto/kdf/kdf_local.h 2019-11-14 15:07:05.344094093 +0100 +@@ -19,4 +19,6 @@ int kdf_hex2ctrl(EVP_KDF_IMPL *impl, + int kdf_md2ctrl(EVP_KDF_IMPL *impl, + int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), + int cmd, const char *md_name); +- ++int kdf_cipher2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *cipher_name); +diff -up openssl-1.1.1d/crypto/kdf/kdf_util.c.krb5-kdf openssl-1.1.1d/crypto/kdf/kdf_util.c +--- openssl-1.1.1d/crypto/kdf/kdf_util.c.krb5-kdf 2019-11-14 15:07:05.313094646 +0100 ++++ openssl-1.1.1d/crypto/kdf/kdf_util.c 2019-11-14 15:07:05.344094093 +0100 +@@ -71,3 +71,16 @@ int kdf_md2ctrl(EVP_KDF_IMPL *impl, + return call_ctrl(ctrl, impl, cmd, md); + } + ++/* Pass a cipher to a ctrl */ ++int kdf_cipher2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *cipher_name) ++{ ++ const EVP_CIPHER *cipher; ++ ++ if (cipher_name == NULL || (cipher = EVP_get_cipherbyname(cipher_name)) == NULL) { ++ KDFerr(KDF_F_KDF_CIPHER2CTRL, KDF_R_INVALID_CIPHER); ++ return 0; ++ } ++ return call_ctrl(ctrl, impl, cmd, cipher); ++} +diff -up openssl-1.1.1d/crypto/kdf/krb5kdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/krb5kdf.c +--- openssl-1.1.1d/crypto/kdf/krb5kdf.c.krb5-kdf 2019-11-14 15:07:05.344094093 +0100 ++++ openssl-1.1.1d/crypto/kdf/krb5kdf.c 2019-11-18 17:18:13.056604404 +0100 +@@ -0,0 +1,423 @@ ++/* ++ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the OpenSSL license (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include ++ ++#include ++#include ++#include ++ ++#include "internal/cryptlib.h" ++#include "crypto/evp.h" ++#include "kdf_local.h" ++ ++/* KRB5 KDF defined in RFC 3961, Section 5.1 */ ++ ++static int KRB5KDF(const EVP_CIPHER *cipher, ++ const unsigned char *key, size_t key_len, ++ const unsigned char *constant, size_t constant_len, ++ unsigned char *okey, size_t okey_len); ++ ++struct evp_kdf_impl_st { ++ const EVP_CIPHER *cipher; ++ unsigned char *key; ++ size_t key_len; ++ unsigned char *constant; ++ size_t constant_len; ++}; ++ ++static void krb5kdf_reset(EVP_KDF_IMPL *ctx); ++ ++static EVP_KDF_IMPL *krb5kdf_new(void) ++{ ++ EVP_KDF_IMPL *ctx; ++ ++ if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) ++ KDFerr(KDF_F_KBKDF_NEW, ERR_R_MALLOC_FAILURE); ++ return ctx; ++} ++ ++static void krb5kdf_free(EVP_KDF_IMPL *ctx) ++{ ++ krb5kdf_reset(ctx); ++ OPENSSL_free(ctx); ++} ++ ++static void krb5kdf_reset(EVP_KDF_IMPL *ctx) ++{ ++ OPENSSL_clear_free(ctx->key, ctx->key_len); ++ OPENSSL_clear_free(ctx->constant, ctx->constant_len); ++ memset(ctx, 0, sizeof(*ctx)); ++} ++ ++static int krb5kdf_derive(EVP_KDF_IMPL *ctx, unsigned char *key, ++ size_t keylen) ++{ ++ if (ctx->cipher == NULL) { ++ KDFerr(KDF_F_KRB5KDF_DERIVE, KDF_R_MISSING_CIPHER); ++ return 0; ++ } ++ if (ctx->key == NULL) { ++ KDFerr(KDF_F_KRB5KDF_DERIVE, KDF_R_MISSING_KEY); ++ return 0; ++ } ++ if (ctx->constant == NULL) { ++ KDFerr(KDF_F_KRB5KDF_DERIVE, KDF_R_MISSING_CONSTANT); ++ return 0; ++ } ++ return KRB5KDF(ctx->cipher, ctx->key, ctx->key_len, ++ ctx->constant, ctx->constant_len, ++ key, keylen); ++} ++ ++static size_t krb5kdf_size(EVP_KDF_IMPL *ctx) ++{ ++ if (ctx->cipher != NULL) ++ return EVP_CIPHER_key_length(ctx->cipher); ++ else ++ return EVP_MAX_KEY_LENGTH; ++} ++ ++ ++static int krb5kdf_parse_buffer_arg(unsigned char **dst, size_t *dst_len, ++ va_list args) ++{ ++ const unsigned char *p; ++ size_t len; ++ ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ OPENSSL_clear_free(*dst, *dst_len); ++ if (len == 0) { ++ *dst = NULL; ++ *dst_len = 0; ++ return 1; ++ } ++ ++ *dst = OPENSSL_memdup(p, len); ++ if (*dst == NULL) ++ return 0; ++ ++ *dst_len = len; ++ return 1; ++} ++ ++static int krb5kdf_ctrl(EVP_KDF_IMPL *ctx, int cmd, va_list args) ++{ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_CIPHER: ++ ctx->cipher = va_arg(args, const EVP_CIPHER *); ++ if (ctx->cipher == NULL) ++ return 0; ++ ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_KEY: ++ return krb5kdf_parse_buffer_arg(&ctx->key, ++ &ctx->key_len, args); ++ ++ case EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT: ++ return krb5kdf_parse_buffer_arg(&ctx->constant, ++ &ctx->constant_len, args); ++ default: ++ return -2; ++ ++ } ++} ++ ++static int krb5kdf_ctrl_str(EVP_KDF_IMPL *ctx, const char *type, ++ const char *value) ++{ ++ if (value == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_VALUE_MISSING); ++ return 0; ++ } ++ ++ if (strcmp(type, "cipher") == 0) ++ return kdf_cipher2ctrl(ctx, krb5kdf_ctrl, EVP_KDF_CTRL_SET_CIPHER, value); ++ ++ if (strcmp(type, "key") == 0) ++ return kdf_str2ctrl(ctx, krb5kdf_ctrl, ++ EVP_KDF_CTRL_SET_KEY, value); ++ ++ if (strcmp(type, "hexkey") == 0) ++ return kdf_hex2ctrl(ctx, krb5kdf_ctrl, ++ EVP_KDF_CTRL_SET_KEY, value); ++ ++ if (strcmp(type, "constant") == 0) ++ return kdf_str2ctrl(ctx, krb5kdf_ctrl, ++ EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT, value); ++ ++ if (strcmp(type, "hexconstant") == 0) ++ return kdf_hex2ctrl(ctx, krb5kdf_ctrl, ++ EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT, value); ++ ++ KDFerr(KDF_F_KBKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); ++ return -2; ++} ++ ++ ++#ifndef OPENSSL_NO_DES ++/* ++ * DES3 is a special case, it requires a random-to-key function and its ++ * input truncated to 21 bytes of the 24 produced by the cipher. ++ * See RFC3961 6.3.1 ++ */ ++static int fixup_des3_key(unsigned char *key) ++{ ++ unsigned char *cblock; ++ int i, j; ++ ++ for (i = 2; i >= 0; i--) { ++ cblock = &key[i * 8]; ++ memmove(cblock, &key[i * 7], 7); ++ cblock[7] = 0; ++ for (j = 0; j < 7; j++) ++ cblock[7] |= (cblock[j] & 1) << (j + 1); ++ DES_set_odd_parity((DES_cblock *)cblock); ++ } ++ ++ /* fail if keys are such that triple des degrades to single des */ ++ if (CRYPTO_memcmp(&key[0], &key[8], 8) == 0 || ++ CRYPTO_memcmp(&key[8], &key[16], 8) == 0) { ++ return 0; ++ } ++ ++ return 1; ++} ++#endif ++ ++/* ++ * N-fold(K) where blocksize is N, and constant_len is K ++ * Note: Here |= denotes concatenation ++ * ++ * L = lcm(N,K) ++ * R = L/K ++ * ++ * for r: 1 -> R ++ * s |= constant rot 13*(r-1)) ++ * ++ * block = 0 ++ * for k: 1 -> K ++ * block += s[N(k-1)..(N-1)k] (one's complement addition) ++ * ++ * Optimizing for space we compute: ++ * for each l in L-1 -> 0: ++ * s[l] = (constant rot 13*(l/K))[l%k] ++ * block[l % N] += s[l] (with carry) ++ * finally add carry if any ++ */ ++static void n_fold(unsigned char *block, unsigned int blocksize, ++ const unsigned char *constant, size_t constant_len) ++{ ++ unsigned int tmp, gcd, remainder, lcm, carry; ++ int b, l; ++ ++ if (constant_len == blocksize) { ++ memcpy(block, constant, constant_len); ++ return; ++ } ++ ++ /* Least Common Multiple of lengths: LCM(a,b)*/ ++ gcd = blocksize; ++ remainder = constant_len; ++ /* Calculate Great Common Divisor first GCD(a,b) */ ++ while (remainder != 0) { ++ tmp = gcd % remainder; ++ gcd = remainder; ++ remainder = tmp; ++ } ++ /* resulting a is the GCD, LCM(a,b) = |a*b|/GCD(a,b) */ ++ lcm = blocksize * constant_len / gcd; ++ ++ /* now spread out the bits */ ++ memset(block, 0, blocksize); ++ ++ /* last to first to be able to bring carry forward */ ++ carry = 0; ++ for (l = lcm - 1; l >= 0; l--) { ++ unsigned int rotbits, rshift, rbyte; ++ ++ /* destination byte in block is l % N */ ++ b = l % blocksize; ++ /* Our virtual s buffer is R = L/K long (K = constant_len) */ ++ /* So we rotate backwards from R-1 to 0 (none) rotations */ ++ rotbits = 13 * (l / constant_len); ++ /* find the byte on s where rotbits falls onto */ ++ rbyte = l - (rotbits / 8); ++ /* calculate how much shift on that byte */ ++ rshift = rotbits & 0x07; ++ /* rbyte % constant_len gives us the unrotated byte in the ++ * constant buffer, get also the previous byte then ++ * appropriately shift them to get the rotated byte we need */ ++ tmp = (constant[(rbyte-1) % constant_len] << (8 - rshift) ++ | constant[rbyte % constant_len] >> rshift) ++ & 0xff; ++ /* add with carry to any value placed by previous passes */ ++ tmp += carry + block[b]; ++ block[b] = tmp & 0xff; ++ /* save any carry that may be left */ ++ carry = tmp >> 8; ++ } ++ ++ /* if any carry is left at the end, add it through the number */ ++ for (b = blocksize - 1; b >= 0 && carry != 0; b--) { ++ carry += block[b]; ++ block[b] = carry & 0xff; ++ carry >>= 8; ++ } ++} ++ ++static int cipher_init(EVP_CIPHER_CTX *ctx, ++ const EVP_CIPHER *cipher, ++ const unsigned char *key, size_t key_len) ++{ ++ int klen, ret; ++ ++ ret = EVP_EncryptInit_ex(ctx, cipher, NULL, key, NULL); ++ if (!ret) ++ goto out; ++ /* set the key len for the odd variable key len cipher */ ++ klen = EVP_CIPHER_CTX_key_length(ctx); ++ if (key_len != (size_t)klen) { ++ ret = EVP_CIPHER_CTX_set_key_length(ctx, key_len); ++ if (!ret) ++ goto out; ++ } ++ /* we never want padding, either the length requested is a multiple of ++ * the cipher block size or we are passed a cipher that can cope with ++ * partial blocks via techniques like cipher text stealing */ ++ ret = EVP_CIPHER_CTX_set_padding(ctx, 0); ++ if (!ret) ++ goto out; ++ ++out: ++ return ret; ++} ++ ++static int KRB5KDF(const EVP_CIPHER *cipher, ++ const unsigned char *key, size_t key_len, ++ const unsigned char *constant, size_t constant_len, ++ unsigned char *okey, size_t okey_len) ++{ ++ EVP_CIPHER_CTX *ctx = NULL; ++ unsigned char block[EVP_MAX_BLOCK_LENGTH * 2]; ++ unsigned char *plainblock, *cipherblock; ++ size_t blocksize; ++ size_t cipherlen; ++ size_t osize; ++ int des3_no_fixup = 0; ++ int ret; ++ ++ if (key_len != okey_len) { ++ /* special case for 3des, where the caller may be requesting ++ * the random raw key, instead of the fixed up key */ ++ if (EVP_CIPHER_nid(cipher) == NID_des_ede3_cbc && ++ key_len == 24 && okey_len == 21) { ++ des3_no_fixup = 1; ++ } else { ++ KDFerr(KDF_F_KRB5KDF, KDF_R_WRONG_OUTPUT_BUFFER_SIZE); ++ return 0; ++ } ++ } ++ ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ return 0; ++ ++ ret = cipher_init(ctx, cipher, key, key_len); ++ if (!ret) ++ goto out; ++ ++ /* Initialize input block */ ++ blocksize = EVP_CIPHER_CTX_block_size(ctx); ++ ++ if (constant_len == 0 || constant_len > blocksize) { ++ KDFerr(KDF_F_KRB5KDF, KDF_R_INVALID_CONSTANT_LENGTH); ++ ret = 0; ++ goto out; ++ } ++ ++ n_fold(block, blocksize, constant, constant_len); ++ plainblock = block; ++ cipherblock = block + EVP_MAX_BLOCK_LENGTH; ++ ++ for (osize = 0; osize < okey_len; osize += cipherlen) { ++ int olen; ++ ++ ret = EVP_EncryptUpdate(ctx, cipherblock, &olen, ++ plainblock, blocksize); ++ if (!ret) ++ goto out; ++ cipherlen = olen; ++ ret = EVP_EncryptFinal_ex(ctx, cipherblock, &olen); ++ if (!ret) ++ goto out; ++ if (olen != 0) { ++ KDFerr(KDF_F_KRB5KDF, KDF_R_WRONG_FINAL_BLOCK_LENGTH); ++ ret = 0; ++ goto out; ++ } ++ ++ /* write cipherblock out */ ++ if (cipherlen > okey_len - osize) ++ cipherlen = okey_len - osize; ++ memcpy(okey + osize, cipherblock, cipherlen); ++ ++ if (okey_len > osize + cipherlen) { ++ /* we need to reinitialize cipher context per spec */ ++ ret = EVP_CIPHER_CTX_reset(ctx); ++ if (!ret) ++ goto out; ++ ret = cipher_init(ctx, cipher, key, key_len); ++ if (!ret) ++ goto out; ++ ++ /* also swap block offsets so last ciphertext becomes new ++ * plaintext */ ++ plainblock = cipherblock; ++ if (cipherblock == block) { ++ cipherblock += EVP_MAX_BLOCK_LENGTH; ++ } else { ++ cipherblock = block; ++ } ++ } ++ } ++ ++#ifndef OPENSSL_NO_DES ++ if (EVP_CIPHER_nid(cipher) == NID_des_ede3_cbc && !des3_no_fixup) { ++ ret = fixup_des3_key(okey); ++ if (!ret) { ++ KDFerr(KDF_F_KRB5KDF, KDF_R_FAILED_TO_GENERATE_KEY); ++ goto out; ++ } ++ } ++#endif ++ ++ ret = 1; ++ ++out: ++ EVP_CIPHER_CTX_free(ctx); ++ OPENSSL_cleanse(block, EVP_MAX_BLOCK_LENGTH * 2); ++ return ret; ++} ++ ++const EVP_KDF_METHOD krb5kdf_kdf_meth = { ++ EVP_KDF_KRB5KDF, ++ krb5kdf_new, ++ krb5kdf_free, ++ krb5kdf_reset, ++ krb5kdf_ctrl, ++ krb5kdf_ctrl_str, ++ krb5kdf_size, ++ krb5kdf_derive, ++}; ++ +diff -up openssl-1.1.1d/crypto/kdf/sshkdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/sshkdf.c +--- openssl-1.1.1d/crypto/kdf/sshkdf.c.krb5-kdf 2019-11-14 15:07:05.327094396 +0100 ++++ openssl-1.1.1d/crypto/kdf/sshkdf.c 2019-11-18 17:18:25.343388314 +0100 +@@ -12,6 +12,7 @@ + #include + #include + #include ++#include "internal/numbers.h" + #include "internal/cryptlib.h" + #include "crypto/evp.h" + #include "kdf_local.h" +@@ -68,6 +69,12 @@ static int kdf_sshkdf_parse_buffer_arg(u + p = va_arg(args, const unsigned char *); + len = va_arg(args, size_t); + OPENSSL_clear_free(*dst, *dst_len); ++ if (len == 0) { ++ *dst = NULL; ++ *dst_len = 0; ++ return 1; ++ } ++ + *dst = OPENSSL_memdup(p, len); + if (*dst == NULL) + return 0; +diff -up openssl-1.1.1d/crypto/kdf/sskdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/sskdf.c +--- openssl-1.1.1d/crypto/kdf/sskdf.c.krb5-kdf 2019-11-14 15:07:05.344094093 +0100 ++++ openssl-1.1.1d/crypto/kdf/sskdf.c 2019-11-18 17:21:40.349952802 +0100 +@@ -0,0 +1,255 @@ ++/* ++ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++/* ++ * Refer to https://csrc.nist.gov/publications/detail/sp/800-56c/rev-1/final ++ * Section 4.1. ++ * ++ * The Single Step KDF algorithm is given by: ++ * ++ * Result(0) = empty bit string (i.e., the null string). ++ * For i = 1 to reps, do the following: ++ * Increment counter by 1. ++ * Result(i) = Result(i – 1) || H(counter || Z || FixedInfo). ++ * DKM = LeftmostBits(Result(reps), L)) ++ * ++ * NOTES: ++ * Z is a shared secret required to produce the derived key material. ++ * counter is a 4 byte buffer. ++ * FixedInfo is a bit string containing context specific data. ++ * DKM is the output derived key material. ++ * L is the required size of the DKM. ++ * reps = [L / H_outputBits] ++ * H(x) is the auxiliary function that can be either a hash, HMAC or KMAC. ++ * This backported version supports only a hash. ++ * H_outputBits is the length of the output of the auxiliary function H(x). ++ * ++ * Currently there is not a comprehensive list of test vectors for this ++ * algorithm, especially for H(x) = HMAC and H(x) = KMAC. ++ * Test vectors for H(x) = Hash are indirectly used by CAVS KAS tests. ++ */ ++#include ++#include ++#include ++#include ++#include ++#include ++#include "internal/cryptlib.h" ++#include "crypto/evp.h" ++#include "kdf_local.h" ++ ++struct evp_kdf_impl_st { ++ const EVP_MD *md; /* H(x) = hash */ ++ unsigned char *secret; ++ size_t secret_len; ++ unsigned char *info; ++ size_t info_len; ++}; ++ ++#define SSKDF_MAX_INLEN (1<<30) ++ ++/* ++ * Refer to https://csrc.nist.gov/publications/detail/sp/800-56c/rev-1/final ++ * Section 4. One-Step Key Derivation using H(x) = hash(x) ++ */ ++static int SSKDF_hash_kdm(const EVP_MD *kdf_md, ++ const unsigned char *z, size_t z_len, ++ const unsigned char *info, size_t info_len, ++ unsigned char *derived_key, size_t derived_key_len) ++{ ++ int ret = 0, hlen; ++ size_t counter, out_len, len = derived_key_len; ++ unsigned char c[4]; ++ unsigned char mac[EVP_MAX_MD_SIZE]; ++ unsigned char *out = derived_key; ++ EVP_MD_CTX *ctx = NULL, *ctx_init = NULL; ++ ++ if (z_len > SSKDF_MAX_INLEN || info_len > SSKDF_MAX_INLEN ++ || derived_key_len > SSKDF_MAX_INLEN ++ || derived_key_len == 0) ++ return 0; ++ ++ hlen = EVP_MD_size(kdf_md); ++ if (hlen <= 0) ++ return 0; ++ out_len = (size_t)hlen; ++ ++ ctx = EVP_MD_CTX_create(); ++ ctx_init = EVP_MD_CTX_create(); ++ if (ctx == NULL || ctx_init == NULL) ++ goto end; ++ ++ if (!EVP_DigestInit(ctx_init, kdf_md)) ++ goto end; ++ ++ for (counter = 1;; counter++) { ++ c[0] = (unsigned char)((counter >> 24) & 0xff); ++ c[1] = (unsigned char)((counter >> 16) & 0xff); ++ c[2] = (unsigned char)((counter >> 8) & 0xff); ++ c[3] = (unsigned char)(counter & 0xff); ++ ++ if (!(EVP_MD_CTX_copy_ex(ctx, ctx_init) ++ && EVP_DigestUpdate(ctx, c, sizeof(c)) ++ && EVP_DigestUpdate(ctx, z, z_len) ++ && EVP_DigestUpdate(ctx, info, info_len))) ++ goto end; ++ if (len >= out_len) { ++ if (!EVP_DigestFinal_ex(ctx, out, NULL)) ++ goto end; ++ out += out_len; ++ len -= out_len; ++ if (len == 0) ++ break; ++ } else { ++ if (!EVP_DigestFinal_ex(ctx, mac, NULL)) ++ goto end; ++ memcpy(out, mac, len); ++ break; ++ } ++ } ++ ret = 1; ++end: ++ EVP_MD_CTX_destroy(ctx); ++ EVP_MD_CTX_destroy(ctx_init); ++ OPENSSL_cleanse(mac, sizeof(mac)); ++ return ret; ++} ++ ++static EVP_KDF_IMPL *sskdf_new(void) ++{ ++ EVP_KDF_IMPL *impl; ++ ++ if ((impl = OPENSSL_zalloc(sizeof(*impl))) == NULL) ++ KDFerr(KDF_F_SSKDF_NEW, ERR_R_MALLOC_FAILURE); ++ return impl; ++} ++ ++static void sskdf_reset(EVP_KDF_IMPL *impl) ++{ ++ OPENSSL_clear_free(impl->secret, impl->secret_len); ++ OPENSSL_clear_free(impl->info, impl->info_len); ++ memset(impl, 0, sizeof(*impl)); ++} ++ ++static void sskdf_free(EVP_KDF_IMPL *impl) ++{ ++ sskdf_reset(impl); ++ OPENSSL_free(impl); ++} ++ ++static int sskdf_set_buffer(va_list args, unsigned char **out, size_t *out_len) ++{ ++ const unsigned char *p; ++ size_t len; ++ ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ OPENSSL_clear_free(*out, *out_len); ++ if (len == 0) { ++ *out = NULL; ++ *out_len = 0; ++ return 1; ++ } ++ ++ *out = OPENSSL_memdup(p, len); ++ if (*out == NULL) ++ return 0; ++ ++ *out_len = len; ++ return 1; ++} ++ ++static int sskdf_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) ++{ ++ const EVP_MD *md; ++ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_KEY: ++ return sskdf_set_buffer(args, &impl->secret, &impl->secret_len); ++ ++ case EVP_KDF_CTRL_SET_SSKDF_INFO: ++ return sskdf_set_buffer(args, &impl->info, &impl->info_len); ++ ++ case EVP_KDF_CTRL_SET_MD: ++ md = va_arg(args, const EVP_MD *); ++ if (md == NULL) ++ return 0; ++ ++ impl->md = md; ++ return 1; ++ ++ default: ++ return -2; ++ } ++} ++ ++static int sskdf_ctrl_str(EVP_KDF_IMPL *impl, const char *type, ++ const char *value) ++{ ++ if (strcmp(type, "secret") == 0 || strcmp(type, "key") == 0) ++ return kdf_str2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_KEY, ++ value); ++ ++ if (strcmp(type, "hexsecret") == 0 || strcmp(type, "hexkey") == 0) ++ return kdf_hex2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_KEY, ++ value); ++ ++ if (strcmp(type, "info") == 0) ++ return kdf_str2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_SSKDF_INFO, ++ value); ++ ++ if (strcmp(type, "hexinfo") == 0) ++ return kdf_hex2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_SSKDF_INFO, ++ value); ++ ++ if (strcmp(type, "digest") == 0) ++ return kdf_md2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_MD, value); ++ ++ return -2; ++} ++ ++static size_t sskdf_size(EVP_KDF_IMPL *impl) ++{ ++ int len; ++ ++ if (impl->md == NULL) { ++ KDFerr(KDF_F_SSKDF_SIZE, KDF_R_MISSING_MESSAGE_DIGEST); ++ return 0; ++ } ++ len = EVP_MD_size(impl->md); ++ return (len <= 0) ? 0 : (size_t)len; ++} ++ ++static int sskdf_derive(EVP_KDF_IMPL *impl, unsigned char *key, size_t keylen) ++{ ++ if (impl->secret == NULL) { ++ KDFerr(KDF_F_SSKDF_DERIVE, KDF_R_MISSING_SECRET); ++ return 0; ++ } ++ ++ /* H(x) = hash */ ++ if (impl->md == NULL) { ++ KDFerr(KDF_F_SSKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); ++ return 0; ++ } ++ return SSKDF_hash_kdm(impl->md, impl->secret, impl->secret_len, ++ impl->info, impl->info_len, key, keylen); ++} ++ ++const EVP_KDF_METHOD ss_kdf_meth = { ++ EVP_KDF_SS, ++ sskdf_new, ++ sskdf_free, ++ sskdf_reset, ++ sskdf_ctrl, ++ sskdf_ctrl_str, ++ sskdf_size, ++ sskdf_derive ++}; +diff -up openssl-1.1.1d/crypto/objects/obj_dat.h.krb5-kdf openssl-1.1.1d/crypto/objects/obj_dat.h +--- openssl-1.1.1d/crypto/objects/obj_dat.h.krb5-kdf 2019-11-14 15:07:05.322094485 +0100 ++++ openssl-1.1.1d/crypto/objects/obj_dat.h 2019-11-14 15:07:05.345094076 +0100 +@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = { + 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */ + }; + +-#define NUM_NID 1196 ++#define NUM_NID 1199 + static const ASN1_OBJECT nid_objs[NUM_NID] = { + {"UNDEF", "undefined", NID_undef}, + {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, +@@ -2276,9 +2276,12 @@ static const ASN1_OBJECT nid_objs[NUM_NI + {"hmacWithSHA512-224", "hmacWithSHA512-224", NID_hmacWithSHA512_224, 8, &so[7745]}, + {"hmacWithSHA512-256", "hmacWithSHA512-256", NID_hmacWithSHA512_256, 8, &so[7753]}, + {"SSHKDF", "sshkdf", NID_sshkdf}, ++ {"KBKDF", "kbkdf", NID_kbkdf}, ++ {"KRB5KDF", "krb5kdf", NID_krb5kdf}, ++ {"SSKDF", "sskdf", NID_sskdf}, + }; + +-#define NUM_SN 1187 ++#define NUM_SN 1190 + static const unsigned int sn_objs[NUM_SN] = { + 364, /* "AD_DVCS" */ + 419, /* "AES-128-CBC" */ +@@ -2442,7 +2445,9 @@ static const unsigned int sn_objs[NUM_SN + 183, /* "ISO-US" */ + 645, /* "ITU-T" */ + 646, /* "JOINT-ISO-ITU-T" */ ++ 1196, /* "KBKDF" */ + 773, /* "KISA" */ ++ 1197, /* "KRB5KDF" */ + 1063, /* "KxANY" */ + 1039, /* "KxDHE" */ + 1041, /* "KxDHE-PSK" */ +@@ -2557,6 +2562,7 @@ static const unsigned int sn_objs[NUM_SN + 100, /* "SN" */ + 1006, /* "SNILS" */ + 1195, /* "SSHKDF" */ ++ 1198, /* "SSKDF" */ + 16, /* "ST" */ + 143, /* "SXNetID" */ + 1062, /* "SipHash" */ +@@ -3469,7 +3475,7 @@ static const unsigned int sn_objs[NUM_SN + 1093, /* "x509ExtAdmission" */ + }; + +-#define NUM_LN 1187 ++#define NUM_LN 1190 + static const unsigned int ln_objs[NUM_LN] = { + 363, /* "AD Time Stamping" */ + 405, /* "ANSI X9.62" */ +@@ -4262,8 +4268,10 @@ static const unsigned int ln_objs[NUM_LN + 957, /* "jurisdictionCountryName" */ + 955, /* "jurisdictionLocalityName" */ + 956, /* "jurisdictionStateOrProvinceName" */ ++ 1196, /* "kbkdf" */ + 150, /* "keyBag" */ + 773, /* "kisa" */ ++ 1197, /* "krb5kdf" */ + 1063, /* "kx-any" */ + 1039, /* "kx-dhe" */ + 1041, /* "kx-dhe-psk" */ +@@ -4612,6 +4620,7 @@ static const unsigned int ln_objs[NUM_LN + 1133, /* "sm4-ecb" */ + 1135, /* "sm4-ofb" */ + 1195, /* "sshkdf" */ ++ 1198, /* "sskdf" */ + 16, /* "stateOrProvinceName" */ + 660, /* "streetAddress" */ + 498, /* "subtreeMaximumQuality" */ +diff -up openssl-1.1.1d/crypto/objects/objects.txt.krb5-kdf openssl-1.1.1d/crypto/objects/objects.txt +--- openssl-1.1.1d/crypto/objects/objects.txt.krb5-kdf 2019-11-14 15:07:05.322094485 +0100 ++++ openssl-1.1.1d/crypto/objects/objects.txt 2019-11-14 15:07:05.345094076 +0100 +@@ -1603,6 +1603,15 @@ secg-scheme 14 3 : dhSinglePass-cofactor + # NID for SSHKDF + : SSHKDF : sshkdf + ++# NID for KBKDF ++ : KBKDF : kbkdf ++ ++# NID for KRB5KDF ++ : KRB5KDF : krb5kdf ++ ++# NID for SSKDF ++ : SSKDF : sskdf ++ + # RFC 4556 + 1 3 6 1 5 2 3 : id-pkinit + id-pkinit 4 : pkInitClientAuth : PKINIT Client Auth +diff -up openssl-1.1.1d/crypto/objects/obj_mac.num.krb5-kdf openssl-1.1.1d/crypto/objects/obj_mac.num +--- openssl-1.1.1d/crypto/objects/obj_mac.num.krb5-kdf 2019-11-14 15:07:05.322094485 +0100 ++++ openssl-1.1.1d/crypto/objects/obj_mac.num 2019-11-14 15:07:05.346094058 +0100 +@@ -1193,3 +1193,6 @@ magma_mac 1192 + hmacWithSHA512_224 1193 + hmacWithSHA512_256 1194 + sshkdf 1195 ++kbkdf 1196 ++krb5kdf 1197 ++sskdf 1198 +diff -up openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod.krb5-kdf openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod +--- openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod.krb5-kdf 2019-11-14 15:07:05.314094628 +0100 ++++ openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod 2019-11-14 15:07:05.346094058 +0100 +@@ -140,7 +140,14 @@ The value string is expected to be a dec + This control expects one argument: C + + For MAC implementations that use a message digest as an underlying computation +-algorithm, this control set what the digest algorithm should be. ++algorithm, this control sets what the digest algorithm should be. ++ ++=item B ++ ++This control expects one argument: C ++ ++For MAC implementations that use a cipher as an underlying computation ++algorithm, this control sets what the cipher algorithm should be. + + EVP_KDF_ctrl_str() type string: "md" + +diff -up openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod.krb5-kdf openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod +--- openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod.krb5-kdf 2019-11-14 15:07:05.346094058 +0100 ++++ openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod 2019-11-14 15:07:05.346094058 +0100 +@@ -0,0 +1,173 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_KB - The Key-Based EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++The EVP_KDF_KB algorithm implements the Key-Based key derivation function ++(KBKDF). KBKDF derives a key from repeated application of a keyed MAC to an ++input secret (and other optional values). ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it can be used with the ++EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++This control expects one argument: C ++ ++Sets the mode for the KBKDF operation. There are two supported modes: ++ ++=over 4 ++ ++=item B ++ ++The counter mode of KBKDF should be used. This is the default. ++ ++=item B ++ ++The feedback mode of KBKDF should be used. ++ ++=back ++ ++=item B ++ ++This control expects one argument: C ++ ++Sets the mac type for the KBKDF operation. There are two supported mac types: ++ ++=over 4 ++ ++=item B ++ ++The HMAC with the digest set by B should be used as the mac. ++ ++=item B ++ ++The CMAC with the cipher set by B should be used as the mac. ++ ++=back ++ ++=item B ++ ++=item B ++ ++=item B ++ ++=item B ++ ++These controls work as described in L. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++It is used only in the feedback mode and the length must be the same ++as the block length of the cipher in CMAC or the size of the digest in HMAC. ++ ++=back ++ ++The controls B, B, ++B, and B ++correspond to KI, Label, Context, and IV (respectively) in SP800-108. ++As in that document, salt, info, and seed are optional and may be ++omitted. ++ ++Depending on whether mac is CMAC or HMAC, either digest or cipher is ++required (respectively) and the other is unused. ++ ++=head1 NOTES ++ ++A context for KBKDF can be obtained by calling: ++ ++ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB); ++ ++The output length of an KBKDF is specified via the C ++parameter to the L function. ++ ++Note that currently OpenSSL only implements counter and feedback modes. Other ++variants may be supported in the future. ++ ++=head1 EXAMPLES ++ ++This example derives 10 bytes using COUNTER-HMAC-SHA256, with KI "secret", ++Label "label", and Context "context". ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char out[10]; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB); ++ ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", strlen("secret")); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "label", strlen("label")); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, "context", strlen("context")); ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) ++ error("EVP_KDF_derive"); ++ ++ EVP_KDF_CTX_free(kctx); ++ ++This example derives 10 bytes using FEEDBACK-CMAC-AES256, with KI "secret", ++Label "label", Context "context", and IV "sixteen bytes iv". ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char out[10]; ++ unsigned char *iv = "sixteen bytes iv"; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB); ++ ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_aes_256_cbc()); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_CMAC); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MODE, EVP_KDF_KB_MODE_FEEDBACK); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", strlen("secret")); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "label", strlen("label")); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, "context", strlen("context")); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_SEED, iv, strlen(iv)); ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) ++ error("EVP_KDF_derive"); ++ ++ EVP_KDF_CTX_free(kctx); ++ ++=head1 CONFORMING TO ++ ++NIST SP800-108, IETF RFC 6803, IETF RFC 8009. ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 HISTORY ++ ++This functionality was added to OpenSSL 3.0. ++ ++=head1 COPYRIGHT ++ ++Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. ++Copyright 2019 Red Hat, Inc. ++ ++Licensed under the Apache License 2.0 (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod.krb5-kdf openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod +--- openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod.krb5-kdf 2019-11-14 15:07:05.346094058 +0100 ++++ openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod 2019-11-14 15:07:05.346094058 +0100 +@@ -0,0 +1,107 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_KRB5KDF - The RFC3961 Krb5 KDF EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++Support for computing the B KDF through the B API. ++ ++The B algorithm implements the key derivation function defined ++in RFC 3961, section 5.1 and is used by Krb5 to derive session keys. ++Three inputs are required to perform key derivation: a cipher, (for example ++AES-128-CBC), the initial key, and a constant. ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it can be used with the ++EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++=item B ++ ++These controls work as described in L. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++This control sets the I value for the KDF. ++If a value is already set, the contents are replaced. ++ ++=back ++ ++ ++=head1 NOTES ++ ++A context for KRB5KDF can be obtained by calling: ++ ++ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_KRB5KDF); ++ ++The output length of the KRB5KDF derivation is specified via the I ++parameter to the L function, and MUST match the key ++length for the chosen cipher or an error is returned. Moreover the ++I's length must not exceed the block size of the cipher. ++Since the KRB5KDF output length depends on the chosen cipher, calling ++L to obtain the requisite length returns the correct length ++only after the cipher is set. Prior to that B is returned. ++The caller must allocate a buffer of the correct length for the chosen ++cipher, and pass that buffer to the L function along ++with that length. ++ ++=head1 EXAMPLES ++ ++This example derives a key using the AES-128-CBC cipher: ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char key[16] = "01234..."; ++ unsigned char constant[] = "I'm a constant"; ++ unsigned char out[16]; ++ size_t outlen = sizeof(out); ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_KRB5KDF); ++ ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_aes_128_cbc()); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, key, (size_t)16); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT, constant, strlen(constant)); ++ if (EVP_KDF_derive(kctx, out, outlen) <= 0) ++ /* Error */ ++ EVP_KDF_CTX_free(kctx); ++ ++=head1 CONFORMING TO ++ ++RFC 3961 ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 HISTORY ++ ++This functionality was added to OpenSSL 3.0. ++ ++=head1 COPYRIGHT ++ ++Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the OpenSSL license (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut ++ +diff -up openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod.krb5-kdf openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod +--- openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod.krb5-kdf 2019-11-14 15:07:05.346094058 +0100 ++++ openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod 2019-11-14 15:07:05.346094058 +0100 +@@ -0,0 +1,146 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_SS - The Single Step / One Step EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++The EVP_KDF_SS algorithm implements the Single Step key derivation function (SSKDF). ++SSKDF derives a key using input such as a shared secret key (that was generated ++during the execution of a key establishment scheme) and fixedinfo. ++SSKDF is also informally referred to as 'Concat KDF'. ++ ++=head2 Auxilary function ++ ++The implementation uses a selectable auxiliary function H, which can be in the ++backported version only a: ++ ++=over 4 ++ ++=item B ++ ++=back ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it ++can be used with the EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++This control works as described in L. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++The shared secret used for key derivation. This control sets the secret. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "secret" ++ ++The value string is used as is. ++ ++=item "hexsecret" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++An optional value for fixedinfo, also known as otherinfo. This control sets the fixedinfo. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "info" ++ ++The value string is used as is. ++ ++=item "hexinfo" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=back ++ ++=head1 NOTES ++ ++A context for SSKDF can be obtained by calling: ++ ++EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS); ++ ++The output length of an SSKDF is specified via the C ++parameter to the L function. ++ ++=head1 EXAMPLE ++ ++This example derives 10 bytes using H(x) = SHA-256, with the secret key "secret" ++and fixedinfo value "label": ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char out[10]; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS); ++ ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ error("EVP_KDF_CTRL_SET_MD"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", (size_t)6) <= 0) { ++ error("EVP_KDF_CTRL_SET_KEY"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, "label", (size_t)5) <= 0) { ++ error("EVP_KDF_CTRL_SET_SSKDF_INFO"); ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ error("EVP_KDF_derive"); ++ } ++ ++ EVP_KDF_CTX_free(kctx); ++ ++=head1 CONFORMING TO ++ ++NIST SP800-56Cr1. ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 HISTORY ++ ++This functionality was added to OpenSSL 3.0.0. ++ ++=head1 COPYRIGHT ++ ++Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. Copyright ++(c) 2019, Oracle and/or its affiliates. All rights reserved. ++ ++Licensed under the Apache License 2.0 (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1d/include/openssl/kdferr.h.krb5-kdf openssl-1.1.1d/include/openssl/kdferr.h +--- openssl-1.1.1d/include/openssl/kdferr.h.krb5-kdf 2019-11-14 15:07:05.323094468 +0100 ++++ openssl-1.1.1d/include/openssl/kdferr.h 2019-11-14 15:07:05.347094040 +0100 +@@ -24,6 +24,11 @@ int ERR_load_KDF_strings(void); + * KDF function codes. + */ + # define KDF_F_HKDF_EXTRACT 112 ++# define KDF_F_KBKDF_CTRL 134 ++# define KDF_F_KBKDF_CTRL_STR 135 ++# define KDF_F_KBKDF_DERIVE 136 ++# define KDF_F_KBKDF_NEW 137 ++# define KDF_F_KDF_CIPHER2CTRL 138 + # define KDF_F_KDF_HKDF_DERIVE 113 + # define KDF_F_KDF_HKDF_NEW 114 + # define KDF_F_KDF_HKDF_SIZE 115 +@@ -43,6 +48,8 @@ int ERR_load_KDF_strings(void); + # define KDF_F_KDF_TLS1_PRF_CTRL_STR 125 + # define KDF_F_KDF_TLS1_PRF_DERIVE 126 + # define KDF_F_KDF_TLS1_PRF_NEW 127 ++# define KDF_F_KRB5KDF 139 ++# define KDF_F_KRB5KDF_DERIVE 140 + # define KDF_F_PBKDF2_SET_MEMBUF 128 + # define KDF_F_PKEY_HKDF_CTRL_STR 103 + # define KDF_F_PKEY_HKDF_DERIVE 102 +@@ -56,12 +63,21 @@ int ERR_load_KDF_strings(void); + # define KDF_F_PKEY_TLS1_PRF_DERIVE 101 + # define KDF_F_PKEY_TLS1_PRF_INIT 110 + # define KDF_F_SCRYPT_SET_MEMBUF 129 ++# define KDF_F_SSKDF_DERIVE 141 ++# define KDF_F_SSKDF_NEW 142 ++# define KDF_F_SSKDF_SIZE 143 + # define KDF_F_TLS1_PRF_ALG 111 + + /* + * KDF reason codes. + */ ++# define KDF_R_FAILED_TO_GENERATE_KEY 118 ++# define KDF_R_INVALID_CIPHER 116 ++# define KDF_R_INVALID_CONSTANT_LENGTH 119 + # define KDF_R_INVALID_DIGEST 100 ++# define KDF_R_INVALID_SEED_LENGTH 117 ++# define KDF_R_MISSING_CIPHER 120 ++# define KDF_R_MISSING_CONSTANT 121 + # define KDF_R_MISSING_ITERATION_COUNT 109 + # define KDF_R_MISSING_KEY 104 + # define KDF_R_MISSING_MESSAGE_DIGEST 105 +@@ -76,6 +92,7 @@ int ERR_load_KDF_strings(void); + # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 + # define KDF_R_VALUE_ERROR 108 + # define KDF_R_VALUE_MISSING 102 ++# define KDF_R_WRONG_FINAL_BLOCK_LENGTH 122 + # define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112 + + #endif +diff -up openssl-1.1.1d/include/openssl/kdf.h.krb5-kdf openssl-1.1.1d/include/openssl/kdf.h +--- openssl-1.1.1d/include/openssl/kdf.h.krb5-kdf 2019-11-14 15:07:05.323094468 +0100 ++++ openssl-1.1.1d/include/openssl/kdf.h 2019-11-14 15:07:05.347094040 +0100 +@@ -21,6 +21,9 @@ extern "C" { + # define EVP_KDF_TLS1_PRF NID_tls1_prf + # define EVP_KDF_HKDF NID_hkdf + # define EVP_KDF_SSHKDF NID_sshkdf ++# define EVP_KDF_KB NID_kbkdf ++# define EVP_KDF_KRB5KDF NID_krb5kdf ++# define EVP_KDF_SS NID_sskdf + + EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id); + void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); +@@ -51,6 +54,13 @@ int EVP_KDF_derive(EVP_KDF_CTX *ctx, uns + # define EVP_KDF_CTRL_SET_SSHKDF_XCGHASH 0x10 /* unsigned char *, size_t */ + # define EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID 0x11 /* unsigned char *, size_t */ + # define EVP_KDF_CTRL_SET_SSHKDF_TYPE 0x12 /* int */ ++# define EVP_KDF_CTRL_SET_KB_MODE 0x13 /* int */ ++# define EVP_KDF_CTRL_SET_KB_MAC_TYPE 0x14 /* int */ ++# define EVP_KDF_CTRL_SET_CIPHER 0x15 /* EVP_CIPHER * */ ++# define EVP_KDF_CTRL_SET_KB_INFO 0x16 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_KB_SEED 0x17 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT 0x18 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_SSKDF_INFO 0x19 /* unsigned char *, size_t */ + + # define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0 + # define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1 +@@ -63,6 +73,12 @@ int EVP_KDF_derive(EVP_KDF_CTX *ctx, uns + #define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV 69 + #define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI 70 + ++#define EVP_KDF_KB_MODE_COUNTER 0 ++#define EVP_KDF_KB_MODE_FEEDBACK 1 ++ ++#define EVP_KDF_KB_MAC_TYPE_HMAC 0 ++#define EVP_KDF_KB_MAC_TYPE_CMAC 1 ++ + /**** The legacy PKEY-based KDF API follows. ****/ + + # define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL) +diff -up openssl-1.1.1d/include/openssl/obj_mac.h.krb5-kdf openssl-1.1.1d/include/openssl/obj_mac.h +--- openssl-1.1.1d/include/openssl/obj_mac.h.krb5-kdf 2019-11-14 15:07:05.323094468 +0100 ++++ openssl-1.1.1d/include/openssl/obj_mac.h 2019-11-14 15:07:05.347094040 +0100 +@@ -4974,6 +4974,18 @@ + #define LN_sshkdf "sshkdf" + #define NID_sshkdf 1203 + ++#define SN_kbkdf "KBKDF" ++#define LN_kbkdf "kbkdf" ++#define NID_kbkdf 1204 ++ ++#define SN_krb5kdf "KRB5KDF" ++#define LN_krb5kdf "krb5kdf" ++#define NID_krb5kdf 1205 ++ ++#define SN_sskdf "SSKDF" ++#define LN_sskdf "sskdf" ++#define NID_sskdf 1206 ++ + #define SN_id_pkinit "id-pkinit" + #define NID_id_pkinit 1031 + #define OBJ_id_pkinit 1L,3L,6L,1L,5L,2L,3L +diff -up openssl-1.1.1d/test/evp_kdf_test.c.krb5-kdf openssl-1.1.1d/test/evp_kdf_test.c +--- openssl-1.1.1d/test/evp_kdf_test.c.krb5-kdf 2019-11-14 15:07:05.315094610 +0100 ++++ openssl-1.1.1d/test/evp_kdf_test.c 2019-11-14 15:07:05.348094022 +0100 +@@ -225,13 +225,358 @@ err: + } + #endif + ++/* ++ * KBKDF test vectors from RFC 6803 (Camellia Encryption for Kerberos 5) ++ * section 10. ++ */ ++static int test_kdf_kbkdf_6803_128(void) ++{ ++ int ret = 0, i; ++ EVP_KDF_CTX *kctx; ++ static unsigned char input_key[] = { ++ 0x57, 0xD0, 0x29, 0x72, 0x98, 0xFF, 0xD9, 0xD3, ++ 0x5D, 0xE5, 0xA4, 0x7F, 0xB4, 0xBD, 0xE2, 0x4B, ++ }; ++ static unsigned char constants[][5] = { ++ { 0x00, 0x00, 0x00, 0x02, 0x99 }, ++ { 0x00, 0x00, 0x00, 0x02, 0xaa }, ++ { 0x00, 0x00, 0x00, 0x02, 0x55 }, ++ }; ++ static unsigned char outputs[][16] = { ++ {0xD1, 0x55, 0x77, 0x5A, 0x20, 0x9D, 0x05, 0xF0, ++ 0x2B, 0x38, 0xD4, 0x2A, 0x38, 0x9E, 0x5A, 0x56}, ++ {0x64, 0xDF, 0x83, 0xF8, 0x5A, 0x53, 0x2F, 0x17, ++ 0x57, 0x7D, 0x8C, 0x37, 0x03, 0x57, 0x96, 0xAB}, ++ {0x3E, 0x4F, 0xBD, 0xF3, 0x0F, 0xB8, 0x25, 0x9C, ++ 0x42, 0x5C, 0xB6, 0xC9, 0x6F, 0x1F, 0x46, 0x35} ++ }; ++ static unsigned char iv[16] = { 0 }; ++ unsigned char result[16] = { 0 }; ++ ++ for (i = 0; i < 3; i++) { ++ ret = 0; ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { ++ TEST_error("EVP_KDF_KB"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_CMAC) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_MAC_TYPE"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MODE, EVP_KDF_KB_MODE_FEEDBACK) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_MODE"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_camellia_128_cbc()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_CIPHER"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, constants[i], sizeof(constants[i])) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_SEED, iv, sizeof(iv)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_SEED"); ++ goto err; ++ } ++ ret = TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0) ++ && TEST_mem_eq(result, sizeof(result), outputs[i], ++ sizeof(outputs[i])); ++err: ++ EVP_KDF_CTX_free(kctx); ++ if (ret != 1) ++ return ret; ++ } ++ return ret; ++} ++ ++static int test_kdf_kbkdf_6803_256(void) ++{ ++ int ret = 0, i; ++ EVP_KDF_CTX *kctx; ++ static unsigned char input_key[] = { ++ 0xB9, 0xD6, 0x82, 0x8B, 0x20, 0x56, 0xB7, 0xBE, ++ 0x65, 0x6D, 0x88, 0xA1, 0x23, 0xB1, 0xFA, 0xC6, ++ 0x82, 0x14, 0xAC, 0x2B, 0x72, 0x7E, 0xCF, 0x5F, ++ 0x69, 0xAF, 0xE0, 0xC4, 0xDF, 0x2A, 0x6D, 0x2C, ++ }; ++ static unsigned char constants[][5] = { ++ { 0x00, 0x00, 0x00, 0x02, 0x99 }, ++ { 0x00, 0x00, 0x00, 0x02, 0xaa }, ++ { 0x00, 0x00, 0x00, 0x02, 0x55 }, ++ }; ++ static unsigned char outputs[][32] = { ++ {0xE4, 0x67, 0xF9, 0xA9, 0x55, 0x2B, 0xC7, 0xD3, ++ 0x15, 0x5A, 0x62, 0x20, 0xAF, 0x9C, 0x19, 0x22, ++ 0x0E, 0xEE, 0xD4, 0xFF, 0x78, 0xB0, 0xD1, 0xE6, ++ 0xA1, 0x54, 0x49, 0x91, 0x46, 0x1A, 0x9E, 0x50, ++ }, ++ {0x41, 0x2A, 0xEF, 0xC3, 0x62, 0xA7, 0x28, 0x5F, ++ 0xC3, 0x96, 0x6C, 0x6A, 0x51, 0x81, 0xE7, 0x60, ++ 0x5A, 0xE6, 0x75, 0x23, 0x5B, 0x6D, 0x54, 0x9F, ++ 0xBF, 0xC9, 0xAB, 0x66, 0x30, 0xA4, 0xC6, 0x04, ++ }, ++ {0xFA, 0x62, 0x4F, 0xA0, 0xE5, 0x23, 0x99, 0x3F, ++ 0xA3, 0x88, 0xAE, 0xFD, 0xC6, 0x7E, 0x67, 0xEB, ++ 0xCD, 0x8C, 0x08, 0xE8, 0xA0, 0x24, 0x6B, 0x1D, ++ 0x73, 0xB0, 0xD1, 0xDD, 0x9F, 0xC5, 0x82, 0xB0, ++ }, ++ }; ++ static unsigned char iv[16] = { 0 }; ++ unsigned char result[32] = { 0 }; ++ ++ for (i = 0; i < 3; i++) { ++ ret = 0; ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { ++ TEST_error("EVP_KDF_KB"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_CMAC) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_MAC_TYPE"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MODE, EVP_KDF_KB_MODE_FEEDBACK) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_MODE"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_camellia_256_cbc()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_CIPHER"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, constants[i], sizeof(constants[i])) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_SEED, iv, sizeof(iv)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_SEED"); ++ goto err; ++ } ++ ret = TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0) ++ && TEST_mem_eq(result, sizeof(result), outputs[i], ++ sizeof(outputs[i])); ++err: ++ EVP_KDF_CTX_free(kctx); ++ if (ret != 1) ++ return ret; ++ } ++ return ret; ++} ++ ++/* Two test vectors from RFC 8009 (AES Encryption with HMAC-SHA2 for Kerberos ++ * 5) appendix A. */ ++static int test_kdf_kbkdf_8009_prf1(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ char *label = "prf", *prf_input = "test"; ++ static unsigned char input_key[] = { ++ 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28, ++ 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C, ++ }; ++ static unsigned char output[] = { ++ 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE, ++ 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86, ++ 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B, ++ 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95, ++ }; ++ unsigned char result[sizeof(output)] = { 0 }; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { ++ TEST_error("EVP_KDF_KB"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_MAC_TYPE"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MD"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, label, strlen(label)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, prf_input, strlen(prf_input)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_INFO"); ++ goto err; ++ } ++ ret = TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0) ++ && TEST_mem_eq(result, sizeof(result), output, ++ sizeof(output)); ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++static int test_kdf_kbkdf_8009_prf2(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ char *label = "prf", *prf_input = "test"; ++ static unsigned char input_key[] = { ++ 0x6D, 0x40, 0x4D, 0x37, 0xFA, 0xF7, 0x9F, 0x9D, ++ 0xF0, 0xD3, 0x35, 0x68, 0xD3, 0x20, 0x66, 0x98, ++ 0x00, 0xEB, 0x48, 0x36, 0x47, 0x2E, 0xA8, 0xA0, ++ 0x26, 0xD1, 0x6B, 0x71, 0x82, 0x46, 0x0C, 0x52, ++ }; ++ static unsigned char output[] = { ++ 0x98, 0x01, 0xF6, 0x9A, 0x36, 0x8C, 0x2B, 0xF6, ++ 0x75, 0xE5, 0x95, 0x21, 0xE1, 0x77, 0xD9, 0xA0, ++ 0x7F, 0x67, 0xEF, 0xE1, 0xCF, 0xDE, 0x8D, 0x3C, ++ 0x8D, 0x6F, 0x6A, 0x02, 0x56, 0xE3, 0xB1, 0x7D, ++ 0xB3, 0xC1, 0xB6, 0x2A, 0xD1, 0xB8, 0x55, 0x33, ++ 0x60, 0xD1, 0x73, 0x67, 0xEB, 0x15, 0x14, 0xD2, ++ }; ++ unsigned char result[sizeof(output)] = { 0 }; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { ++ TEST_error("EVP_KDF_KB"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_MAC_TYPE"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha384()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MD"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, label, strlen(label)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, prf_input, strlen(prf_input)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_INFO"); ++ goto err; ++ } ++ ret = TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0) ++ && TEST_mem_eq(result, sizeof(result), output, ++ sizeof(output)); ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++static int test_kdf_krb5kdf(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ unsigned char out[16]; ++ static unsigned char key[] = { ++ 0x42, 0x26, 0x3C, 0x6E, 0x89, 0xF4, 0xFC, 0x28, ++ 0xB8, 0xDF, 0x68, 0xEE, 0x09, 0x79, 0x9F, 0x15 ++ }; ++ static unsigned char constant[] = { ++ 0x00, 0x00, 0x00, 0x02, 0x99 ++ }; ++ static const unsigned char expected[sizeof(out)] = { ++ 0x34, 0x28, 0x0A, 0x38, 0x2B, 0xC9, 0x27, 0x69, ++ 0xB2, 0xDA, 0x2F, 0x9E, 0xF0, 0x66, 0x85, 0x4B ++ }; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KRB5KDF)) == NULL) { ++ TEST_error("EVP_KDF_KRB5KDF"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_aes_128_cbc()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_CIPHER"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, key, sizeof(key)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT, constant, sizeof(constant)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT"); ++ goto err; ++ } ++ ++ ret = ++ TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0) ++ && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)); ++ ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++static int test_kdf_ss_hash(void) ++{ ++ EVP_KDF_CTX *kctx; ++ const unsigned char z[] = { ++ 0x6d,0xbd,0xc2,0x3f,0x04,0x54,0x88,0xe4,0x06,0x27,0x57,0xb0,0x6b,0x9e, ++ 0xba,0xe1,0x83,0xfc,0x5a,0x59,0x46,0xd8,0x0d,0xb9,0x3f,0xec,0x6f,0x62, ++ 0xec,0x07,0xe3,0x72,0x7f,0x01,0x26,0xae,0xd1,0x2c,0xe4,0xb2,0x62,0xf4, ++ 0x7d,0x48,0xd5,0x42,0x87,0xf8,0x1d,0x47,0x4c,0x7c,0x3b,0x18,0x50,0xe9 ++ }; ++ const unsigned char other[] = { ++ 0xa1,0xb2,0xc3,0xd4,0xe5,0x43,0x41,0x56,0x53,0x69,0x64,0x3c,0x83,0x2e, ++ 0x98,0x49,0xdc,0xdb,0xa7,0x1e,0x9a,0x31,0x39,0xe6,0x06,0xe0,0x95,0xde, ++ 0x3c,0x26,0x4a,0x66,0xe9,0x8a,0x16,0x58,0x54,0xcd,0x07,0x98,0x9b,0x1e, ++ 0xe0,0xec,0x3f,0x8d,0xbe ++ }; ++ const unsigned char expected[] = { ++ 0xa4,0x62,0xde,0x16,0xa8,0x9d,0xe8,0x46,0x6e,0xf5,0x46,0x0b,0x47,0xb8 ++ }; ++ unsigned char out[14]; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS); ++ ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha224()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MD"); ++ return 0; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ return 0; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other, ++ sizeof(other)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SSKDF_INFO"); ++ return 0; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ TEST_error("EVP_KDF_derive"); ++ return 0; ++ } ++ ++ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) ++ return 0; ++ ++ EVP_KDF_CTX_free(kctx); ++ return 1; ++} ++ + int setup_tests(void) + { ++ ADD_TEST(test_kdf_kbkdf_6803_128); ++ ADD_TEST(test_kdf_kbkdf_6803_256); ++ ADD_TEST(test_kdf_kbkdf_8009_prf1); ++ ADD_TEST(test_kdf_kbkdf_8009_prf2); + ADD_TEST(test_kdf_tls1_prf); + ADD_TEST(test_kdf_hkdf); + ADD_TEST(test_kdf_pbkdf2); + #ifndef OPENSSL_NO_SCRYPT + ADD_TEST(test_kdf_scrypt); + #endif ++ ADD_TEST(test_kdf_krb5kdf); ++ ADD_TEST(test_kdf_ss_hash); + return 1; + } +diff -up openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt.krb5-kdf openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt +--- openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt.krb5-kdf 2019-11-14 15:07:05.327094396 +0100 ++++ openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt 2019-11-14 15:07:05.349094005 +0100 +@@ -5286,3 +5286,559 @@ Ctrl.hexsession_id = hexsession_id:a4ebd + Ctrl.type = type:A + Output = FF + Result = KDF_MISMATCH ++ ++Title = KRB5KDF tests (from RFC 3961 test vectors and krb5 sources) ++ ++#RFC3961 ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92 ++Ctrl.hexconstant = hexconstant:0000000155 ++Output = 925179d04591a79b5d3192c4a7e9c289b049c71f6ee604cd ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:5e13d31c70ef765746578531cb51c15bf11ca82c97cee9f2 ++Ctrl.hexconstant = hexconstant:00000001aa ++Output = 9e58e5a146d9942a101c469845d67a20e3c4259ed913f207 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:98e6fd8a04a4b6859b75a176540b9752bad3ecd610a252bc ++Ctrl.hexconstant = hexconstant:0000000155 ++Output = 13fef80d763e94ec6d13fd2ca1d085070249dad39808eabf ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:622aec25a2fe2cad7094680b7c64940280084c1a7cec92b5 ++Ctrl.hexconstant = hexconstant:00000001aa ++Output = f8dfbf04b097e6d9dc0702686bcb3489d91fd9a4516b703e ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:d3f8298ccb166438dcb9b93ee5a7629286a491f838f802fb ++Ctrl.hexconstant = hexconstant:6b65726265726f73 ++Output = 2370da575d2a3da864cebfdc5204d56df779a7df43d9da43 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:c1081649ada74362e6a1459d01dfd30d67c2234c940704da ++Ctrl.hexconstant = hexconstant:0000000155 ++Output = 348057ec98fdc48016161c2a4c7a943e92ae492c989175f7 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:5d154af238f46713155719d55e2f1f790dd661f279a7917c ++Ctrl.hexconstant = hexconstant:00000001aa ++Output = a8808ac267dada3dcbe9a7c84626fbc761c294b01315e5c1 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:798562e049852f57dc8c343ba17f2ca1d97394efc8adc443 ++Ctrl.hexconstant = hexconstant:0000000155 ++Output = c813f88a3be3b334f75425ce9175fbe3c8493b89c8703b49 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:26dce334b545292f2feab9a8701a89a4b99eb9942cecd016 ++Ctrl.hexconstant = hexconstant:00000001aa ++Output = f48ffd6e83f83e7354e694fd252cf83bfe58f7d5ba37ec5d ++ ++#Krb5 sources ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E ++Ctrl.hexconstant = hexconstant:0000000299 ++Output = F78C496D16E6C2DAE0E0B6C24057A84C0426AEEF26FD6DCE ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E ++Ctrl.hexconstant = hexconstant:00000002AA ++Output = 5B5723D0B634CB684C3EBA5264E9A70D52E683231AD3C4CE ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E ++Ctrl.hexconstant = hexconstant:0000000255 ++Output = A77C94980E9B7345A81525C423A737CE67F4CD91B6B3DA45 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:AES-128-CBC ++Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15 ++Ctrl.hexconstant = hexconstant:0000000299 ++Output = 34280A382BC92769B2DA2F9EF066854B ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:AES-128-CBC ++Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15 ++Ctrl.hexconstant = hexconstant:00000002AA ++Output = 5B14FC4E250E14DDF9DCCF1AF6674F53 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:AES-128-CBC ++Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15 ++Ctrl.hexconstant = hexconstant:0000000255 ++Output = 4ED31063621684F09AE8D89991AF3E8F ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:AES-256-CBC ++Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161 ++Ctrl.hexconstant = hexconstant:0000000299 ++Output = BFAB388BDCB238E9F9C98D6A878304F04D30C82556375AC507A7A852790F4674 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:AES-256-CBC ++Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161 ++Ctrl.hexconstant = hexconstant:00000002AA ++Output = C7CFD9CD75FE793A586A542D87E0D1396F1134A104BB1A9190B8C90ADA3DDF37 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:AES-256-CBC ++Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161 ++Ctrl.hexconstant = hexconstant:0000000255 ++Output = 97151B4C76945063E2EB0529DC067D97D7BBA90776D8126D91F34F3101AEA8BA ++ ++#Same as the first but with no "fixup" ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92 ++Ctrl.hexconstant = hexconstant:0000000155 ++Output = 935079d14490a75c3093c4a6e8c3b049c71e6ee705 ++ ++#There are currently no official test vectors for Single Step KDF ++#https://github.com/patrickfav/singlestep-kdf/wiki/NIST-SP-800-56C-Rev1:-Non-Official-Test-Vectors ++Title = Single Step KDF tests ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:d09a6b1a472f930db4f5e6b967900744 ++Ctrl.hexinfo = hexinfo:b117255ab5f1b6b96fc434b0 ++Output = b5a3c52e97ae6e8c5069954354eab3c7 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:343666c0dd34b756e70f759f14c304f5 ++Ctrl.hexinfo = hexinfo:722b28448d7eab85491bce09 ++Output = 1003b650ddd3f0891a15166db5ec881d ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:b84acf03ab08652dd7f82fa956933261 ++Ctrl.hexinfo = hexinfo:3d8773ec068c86053a918565 ++Output = 1635dcd1ce698f736831b4badb68ab2b ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:8cc24ca3f1d1a8b34783780b79890430 ++Ctrl.hexinfo = hexinfo:f08d4f2d9a8e6d7105c0bc16 ++Output = b8e716fb84a420aed4812cd76d9700ee ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:b616905a6f7562cd2689142ce21e42a3 ++Ctrl.hexinfo = hexinfo:ead310159a909da87e7b4b40 ++Output = 1b9201358c50fe5d5d42907c4a9fce78 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:3f57fd3fd56199b3eb33890f7ee28180 ++Ctrl.hexinfo = hexinfo:7a5056ba4fdb034c7cb6c4fe ++Output = e51ebd30a8c4b8449b0fb29d9adc11af ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:fb9fb108d104e9f662d6593fc84cde69 ++Ctrl.hexinfo = hexinfo:5faf29211c1bdbf1b2696a7c ++Output = 7a3a7e670656e48c390cdd7c51e167e0 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:237a39981794f4516dccffc3dda28396 ++Ctrl.hexinfo = hexinfo:62ed9528d104c241e0f66275 ++Output = 0c26fc9e90e1c5c5f943428301682045 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:b9b6c45f7279218fa09894e06366a3a1 ++Ctrl.hexinfo = hexinfo:0f384339670aaed4b89ecb7e ++Output = ee5fad414e32fad5d52a2bf61a7f6c72 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:08b7140e2cd0a4abd79171e4d5a71cad ++Ctrl.hexinfo = hexinfo:099211f0d8a2e02dbb5958c0 ++Output = 6162f5142e057efafd2c4f2bad5985a1 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a2 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f4853 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493d ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759a ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac704 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbe ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf1050 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f3 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8b ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f22 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f227688 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abf ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d480d ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d480d9192 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:d7e6 ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 31e798e9931b612a3ad1b9b1008faa8c ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:4646779d ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 139f68bcca879b490e268e569087d04d ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:d9811c81d4c6 ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 914dc4f09cb633a76e6c389e04c64485 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:8838f9d99ec46f09 ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 4f07dfb6f7a5bf348689e08b2e29c948 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:3e0939b33f34e779f30e ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = b42c7a98c23be19d1187ff960e87557f ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:f36230cacca4d245d303058c ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 50f2068d8010d355d56c5e34aaffbc67 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:7005d32c3d4284c73c3aefc70438 ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 66fd712ccf5462bbd41e89041ea7ea26 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:c01c83150b7734f8dbd6efd6f54d7365 ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 5c5edb0ceda9cd0c7f1f3d9e239c67d5 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:9949 ++Output = 33c83f54ed00fb1bccd2113e88550941 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:17144da6 ++Output = a999c28961424cab35ec06015e8c376a ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:dffdee1062eb ++Output = 4101ad50e626ed6f957bff926dfbb7db ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:9f365043e23b4648 ++Output = 4d3e4b971b88771f229df9f564984832 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:a885a0c4567ddc4f96da ++Output = bebbc30f5a83df5e9c9b57db33c0c879 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:c9d86183295bfe4c3d85f0fd ++Output = 87c947e45407db63eb94cbaa02d14e94 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:825fadce46964236a486732c5dad ++Output = 192370a85ff78e3c0245129d9b398558 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:5c0b5eb3ac9f342347d73d7a521723aa ++Output = c7b7634fd809383e87c4b1b3e728be56 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:8d7a4e7d5cf34b3f74873b862aeb33b7 ++Output = 6a5594f402f74f69 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:9b208e7ee1e641fac1dff48fc1beb2d2 ++Output = 556ed67e24ac0c7c46cc432da8bdb23c ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:4d2572539fed433211da28c8a0eebac3 ++Output = 5a4054c59c5b92814025578f43c1b79fe84968fc284e240b ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:4e1e70c9886819a31bc29a537911add9 ++Output = ddbfc440449aab4131c6d8aec08ce1496f2702241d0e27cc155c5c7c3cda75b5 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:68f144c952528e540c686dc353b766f2 ++Output = 59ed66bb6f54a9688a0b891d0b2ea6743621d9e1b5cc098cf3a55e6f864f9af8a95e4d945d2f987f ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:b66c9d507c9f837fbe60b6675fdbf38b ++Output = c282787ddf421a72fc88811be81b08d0d6ab66c92d1011974aa58335a6bbbd62e9e982bfae5929865ea1d517247089d2 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:34e730b49e46c7ed2fb25975a4cccd2d ++Output = 39e76e6571cb00740260b9070accbdcc4a492c295cbef33d9e37dac21e5e9d07e0f12dc7063d2172641475d4e08b8e3712fb26a10c8376b8 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:e340d87e2d7adbc1b95ec2dbdc3b82be ++Output = a660c0037a53f76f1e7667043f5869348ad07ac0e272e615ce31f16d4ab90d4b35fe5c370c0010ce79aff45682c6fb8b97f9a05b7d40b5af3c62999a10df9c6d ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA256 ++Ctrl.hexsecret = hexsecret:afc4e154498d4770aa8365f6903dc83b ++Ctrl.hexinfo = hexinfo:662af20379b29d5ef813e655 ++Output = f0b80d6ae4c1e19e2105a37024e35dc6 ++ ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA512 ++Ctrl.hexsecret = hexsecret:108cf63318555c787fa578731dd4f037 ++Ctrl.hexinfo = hexinfo:53191b1dd3f94d83084d61d6 ++Output = 0ad475c1826da3007637970c8b92b993 ++ ++Title = SSKDF Test vectors from RFC 8636 Section 8 (With precoumputed ASN.1 info) ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ++Ctrl.hexinfo = hexinfo:307e300a06082b06010502030601a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020112a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb ++Output = e6ab38c9413e035bb079201ed0b6b73d8d49a814a737c04ee6649614206f73ad ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA256 ++Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ++Ctrl.hexinfo = hexinfo:307e300a06082b06010502030602a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020112a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb ++Output = 77ef4e48c420ae3fec75109d7981697eed5d295c90c62564f7bfd101fa9bc1d5 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA512 ++Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ++Ctrl.hexinfo = hexinfo:307e300a06082b06010502030603a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020110a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb ++Output = d3c78b78d75313e9a926f75dfb012363fa17fa01db diff --git a/thirdparty/openssl/patches/openssl-1.1.1-linux-random.patch b/thirdparty/openssl/patches/openssl-1.1.1-linux-random.patch new file mode 100644 index 000000000..5d2408195 --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-linux-random.patch @@ -0,0 +1,12 @@ +diff -ruN a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c +--- a/crypto/rand/rand_unix.c 2020-11-20 01:53:34.690443389 +0000 ++++ b/crypto/rand/rand_unix.c 2020-11-20 01:54:04.674444235 +0000 +@@ -22,7 +22,7 @@ + #include "internal/dso.h" + #if defined(__linux) && !defined(OPENSSL_SYS_UEFI) + # include +-# include ++#include + # ifdef DEVRANDOM_WAIT + # include + # include diff --git a/thirdparty/openssl/patches/openssl-1.1.1-rewire-fips-drbg.patch b/thirdparty/openssl/patches/openssl-1.1.1-rewire-fips-drbg.patch new file mode 100644 index 000000000..4d04d37d5 --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-rewire-fips-drbg.patch @@ -0,0 +1,170 @@ +diff -up openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_lib.c +--- openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_drbg_lib.c 2020-06-22 13:32:47.675852917 +0200 +@@ -337,6 +337,19 @@ static int drbg_reseed(DRBG_CTX *dctx, + int FIPS_drbg_reseed(DRBG_CTX *dctx, + const unsigned char *adin, size_t adinlen) + { ++ int len = (int)adinlen; ++ ++ if (len < 0 || (size_t)len != adinlen) { ++ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_ADDITIONAL_INPUT_TOO_LONG); ++ return 0; ++ } ++ RAND_seed(adin, len); ++ return 1; ++} ++ ++int FIPS_drbg_reseed_internal(DRBG_CTX *dctx, ++ const unsigned char *adin, size_t adinlen) ++{ + return drbg_reseed(dctx, adin, adinlen, 1); + } + +@@ -358,6 +371,19 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, u + int prediction_resistance, + const unsigned char *adin, size_t adinlen) + { ++ int len = (int)outlen; ++ ++ if (len < 0 || (size_t)len != outlen) { ++ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG); ++ return 0; ++ } ++ return RAND_bytes(out, len); ++} ++ ++int FIPS_drbg_generate_internal(DRBG_CTX *dctx, unsigned char *out, size_t outlen, ++ int prediction_resistance, ++ const unsigned char *adin, size_t adinlen) ++{ + int r = 0; + + if (FIPS_selftest_failed()) { +diff -up openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_rand.c +--- openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_drbg_rand.c 2020-06-22 13:32:47.675852917 +0200 +@@ -57,6 +57,8 @@ + #include + #include + #include ++#define FIPS_DRBG_generate FIPS_DRBG_generate_internal ++#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal + #include + #include "fips_rand_lcl.h" + +diff -up openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c +--- openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg 2020-06-22 13:32:47.612852927 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c 2020-06-22 13:32:47.675852917 +0200 +@@ -55,6 +55,8 @@ + #include + #include + #include ++#define FIPS_DRBG_generate FIPS_DRBG_generate_internal ++#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal + #include + #include "fips_rand_lcl.h" + #include "fips_locl.h" +diff -up openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_post.c +--- openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-06-22 13:32:47.675852917 +0200 +@@ -79,8 +79,6 @@ int FIPS_selftest(void) + ERR_add_error_data(2, "Type=", "rand_drbg_selftest"); + rv = 0; + } +- if (!FIPS_selftest_drbg()) +- rv = 0; + if (!FIPS_selftest_sha1()) + rv = 0; + if (!FIPS_selftest_sha2()) +diff -up openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_rand_lib.c +--- openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.613852927 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_rand_lib.c 2020-06-22 13:36:28.722817967 +0200 +@@ -120,6 +120,7 @@ void FIPS_rand_reset(void) + + int FIPS_rand_seed(const void *buf, int num) + { ++#if 0 + if (!fips_approved_rand_meth && FIPS_module_mode()) { + FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD); + return 0; +@@ -127,10 +128,15 @@ int FIPS_rand_seed(const void *buf, int + if (fips_rand_meth && fips_rand_meth->seed) + fips_rand_meth->seed(buf, num); + return 1; ++#else ++ RAND_seed(buf, num); ++ return 1; ++#endif + } + + int FIPS_rand_bytes(unsigned char *buf, int num) + { ++#if 0 + if (!fips_approved_rand_meth && FIPS_module_mode()) { + FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD); + return 0; +@@ -138,10 +144,14 @@ int FIPS_rand_bytes(unsigned char *buf, + if (fips_rand_meth && fips_rand_meth->bytes) + return fips_rand_meth->bytes(buf, num); + return 0; ++#else ++ return RAND_bytes(buf, num); ++#endif + } + + int FIPS_rand_status(void) + { ++#if 0 + if (!fips_approved_rand_meth && FIPS_module_mode()) { + FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD); + return 0; +@@ -149,6 +159,9 @@ int FIPS_rand_status(void) + if (fips_rand_meth && fips_rand_meth->status) + return fips_rand_meth->status(); + return 0; ++#else ++ return RAND_status(); ++#endif + } + + /* Return instantiated strength of PRNG. For DRBG this is an internal +diff -up openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips.h +--- openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200 ++++ openssl-1.1.1g/include/openssl/fips.h 2020-06-22 13:32:47.675852917 +0200 +@@ -64,6 +64,11 @@ extern "C" { + + int FIPS_selftest(void); + int FIPS_selftest_failed(void); ++ ++ /* ++ * This function is deprecated as it performs selftest of the old FIPS drbg ++ * implementation that is not validated. ++ */ + int FIPS_selftest_drbg_all(void); + + int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, +diff -up openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips_rand.h +--- openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg 2020-06-22 13:32:47.617852926 +0200 ++++ openssl-1.1.1g/include/openssl/fips_rand.h 2020-06-22 13:32:47.675852917 +0200 +@@ -60,6 +60,20 @@ + # ifdef __cplusplus + extern "C" { + # endif ++ ++/* ++ * IMPORTANT NOTE: ++ * All functions in this header file are deprecated and should not be used ++ * as they use the old FIPS_drbg implementation that is not FIPS validated ++ * anymore. ++ * To provide backwards compatibility for applications that need FIPS compliant ++ * RNG number generation and use FIPS_drbg_generate, this function was ++ * re-wired to call the FIPS validated DRBG instance instead through ++ * the RAND_bytes() call. ++ * ++ * All these functions will be removed in future. ++ */ ++ + typedef struct drbg_ctx_st DRBG_CTX; + /* DRBG external flags */ + /* Flag for CTR mode only: use derivation function ctr_df */ diff --git a/thirdparty/openssl/patches/openssl-1.1.1-seclevel.patch b/thirdparty/openssl/patches/openssl-1.1.1-seclevel.patch new file mode 100644 index 000000000..c6751a543 --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-seclevel.patch @@ -0,0 +1,160 @@ +diff -up openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel openssl-1.1.1g/crypto/x509/x509_vfy.c +--- openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/x509/x509_vfy.c 2020-06-05 17:16:54.835536823 +0200 +@@ -3225,6 +3225,7 @@ static int build_chain(X509_STORE_CTX *c + } + + static const int minbits_table[] = { 80, 112, 128, 192, 256 }; ++static const int minbits_digest_table[] = { 80, 80, 128, 192, 256 }; + static const int NUM_AUTH_LEVELS = OSSL_NELEM(minbits_table); + + /* +@@ -3276,6 +3277,11 @@ static int check_sig_level(X509_STORE_CT + + if (!X509_get_signature_info(cert, NULL, NULL, &secbits, NULL)) + return 0; +- +- return secbits >= minbits_table[level - 1]; ++ /* ++ * Allow SHA1 in SECLEVEL 2 in non-FIPS mode or when the magic ++ * disable SHA1 flag is not set. ++ */ ++ if ((ctx->param->flags & 0x40000000) || FIPS_mode()) ++ return secbits >= minbits_table[level - 1]; ++ return secbits >= minbits_digest_table[level - 1]; + } +diff -up openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod +--- openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod 2020-06-04 15:48:01.608178833 +0200 +@@ -81,8 +81,10 @@ using MD5 for the MAC is also prohibited + + =item B + +-Security level set to 112 bits of security. As a result RSA, DSA and DH keys +-shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. ++Security level set to 112 bits of security with the exception of SHA1 allowed ++for signatures. ++As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys ++shorter than 224 bits are prohibited. + In addition to the level 1 exclusions any cipher suite using RC4 is also + prohibited. SSL version 3 is also not allowed. Compression is disabled. + +diff -up openssl-1.1.1g/ssl/ssl_cert.c.seclevel openssl-1.1.1g/ssl/ssl_cert.c +--- openssl-1.1.1g/ssl/ssl_cert.c.seclevel 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/ssl/ssl_cert.c 2020-06-05 17:10:11.842198401 +0200 +@@ -27,6 +27,7 @@ + static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, + int op, int bits, int nid, void *other, + void *ex); ++static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx); + + static CRYPTO_ONCE ssl_x509_store_ctx_once = CRYPTO_ONCE_STATIC_INIT; + static volatile int ssl_x509_store_ctx_idx = -1; +@@ -396,7 +397,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_ + X509_VERIFY_PARAM_set_auth_level(param, SSL_get_security_level(s)); + + /* Set suite B flags if needed */ +- X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s)); ++ X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s) | sha1_disable(s, NULL)); + if (!X509_STORE_CTX_set_ex_data + (ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s)) { + goto end; +@@ -953,12 +954,33 @@ static int ssl_security_default_callback + return 0; + break; + default: ++ /* allow SHA1 in SECLEVEL 2 in non FIPS mode */ ++ if (nid == NID_sha1 && minbits == 112 && !sha1_disable(s, ctx)) ++ break; + if (bits < minbits) + return 0; + } + return 1; + } + ++static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx) ++{ ++ unsigned long ret = 0x40000000; /* a magical internal value used by X509_VERIFY_PARAM */ ++ const CERT *c; ++ ++ if (FIPS_mode()) ++ return ret; ++ ++ if (ctx != NULL) { ++ c = ctx->cert; ++ } else { ++ c = s->cert; ++ } ++ if (tls1_cert_sigalgs_have_sha1(c)) ++ return 0; ++ return ret; ++} ++ + int ssl_security(const SSL *s, int op, int bits, int nid, void *other) + { + return s->cert->sec_cb(s, NULL, op, bits, nid, other, s->cert->sec_ex); +diff -up openssl-1.1.1g/ssl/ssl_local.h.seclevel openssl-1.1.1g/ssl/ssl_local.h +--- openssl-1.1.1g/ssl/ssl_local.h.seclevel 2020-06-04 15:48:01.602178783 +0200 ++++ openssl-1.1.1g/ssl/ssl_local.h 2020-06-05 17:02:22.666313410 +0200 +@@ -2576,6 +2576,7 @@ __owur int tls1_save_sigalgs(SSL *s, PAC + __owur int tls1_process_sigalgs(SSL *s); + __owur int tls1_set_peer_legacy_sigalg(SSL *s, const EVP_PKEY *pkey); + __owur int tls1_lookup_md(const SIGALG_LOOKUP *lu, const EVP_MD **pmd); ++int tls1_cert_sigalgs_have_sha1(const CERT *c); + __owur size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs); + # ifndef OPENSSL_NO_EC + __owur int tls_check_sigalg_curve(const SSL *s, int curve); +diff -up openssl-1.1.1g/ssl/t1_lib.c.seclevel openssl-1.1.1g/ssl/t1_lib.c +--- openssl-1.1.1g/ssl/t1_lib.c.seclevel 2020-06-04 15:48:01.654179221 +0200 ++++ openssl-1.1.1g/ssl/t1_lib.c 2020-06-05 17:02:40.268459157 +0200 +@@ -2145,6 +2145,36 @@ int tls1_set_sigalgs(CERT *c, const int + return 0; + } + ++static int tls1_sigalgs_have_sha1(const uint16_t *sigalgs, size_t sigalgslen) ++{ ++ size_t i; ++ ++ for (i = 0; i < sigalgslen; i++, sigalgs++) { ++ const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(*sigalgs); ++ ++ if (lu == NULL) ++ continue; ++ if (lu->hash == NID_sha1) ++ return 1; ++ } ++ return 0; ++} ++ ++ ++int tls1_cert_sigalgs_have_sha1(const CERT *c) ++{ ++ if (c->client_sigalgs != NULL) { ++ if (tls1_sigalgs_have_sha1(c->client_sigalgs, c->client_sigalgslen)) ++ return 1; ++ } ++ if (c->conf_sigalgs != NULL) { ++ if (tls1_sigalgs_have_sha1(c->conf_sigalgs, c->conf_sigalgslen)) ++ return 1; ++ return 0; ++ } ++ return 1; ++} ++ + static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid) + { + int sig_nid, use_pc_sigalgs = 0; +diff -up openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel openssl-1.1.1g/test/recipes/25-test_verify.t +--- openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/test/recipes/25-test_verify.t 2020-06-04 15:48:01.608178833 +0200 +@@ -346,8 +346,8 @@ ok(verify("ee-pss-sha1-cert", "sslserver + ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], ), + "CA with PSS signature using SHA256"); + +-ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), +- "Reject PSS signature using SHA1 and auth level 2"); ++ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "3"), ++ "Reject PSS signature using SHA1 and auth level 3"); + + ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), + "PSS signature using SHA256 and auth level 2"); diff --git a/thirdparty/openssl/patches/openssl-1.1.1-ssh-kdf.patch b/thirdparty/openssl/patches/openssl-1.1.1-ssh-kdf.patch new file mode 100644 index 000000000..1bf71c4cd --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-ssh-kdf.patch @@ -0,0 +1,5612 @@ +commit 1e662a43f0420cfdc40d01cd70c27fa1c220a57e +Author: Simo Sorce +Date: Wed Sep 19 16:23:45 2018 -0400 + + Implement SSH KDF + + SSH's KDF is defined in RFC 4253 in Section 7.2 + + Signed-off-by: Simo Sorce + + Reviewed-by: Paul Dale + Reviewed-by: Matt Caswell + (Merged from https://github.com/openssl/openssl/pull/7290) + +diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt +index ae67dac7f6..e7ed2f8d63 100644 +--- a/crypto/err/openssl.txt ++++ b/crypto/err/openssl.txt +@@ -828,6 +828,10 @@ KDF_F_KDF_SCRYPT_CTRL_UINT32:121:kdf_scrypt_ctrl_uint32 + KDF_F_KDF_SCRYPT_CTRL_UINT64:122:kdf_scrypt_ctrl_uint64 + KDF_F_KDF_SCRYPT_DERIVE:123:kdf_scrypt_derive + KDF_F_KDF_SCRYPT_NEW:124:kdf_scrypt_new ++KDF_F_KDF_SSHKDF_CTRL:130:kdf_sshkdf_ctrl ++KDF_F_KDF_SSHKDF_CTRL_STR:131:kdf_sshkdf_ctrl_str ++KDF_F_KDF_SSHKDF_DERIVE:132:kdf_sshkdf_derive ++KDF_F_KDF_SSHKDF_NEW:133:kdf_sshkdf_new + KDF_F_KDF_TLS1_PRF_CTRL_STR:125:kdf_tls1_prf_ctrl_str + KDF_F_KDF_TLS1_PRF_DERIVE:126:kdf_tls1_prf_derive + KDF_F_KDF_TLS1_PRF_NEW:127:kdf_tls1_prf_new +@@ -2320,6 +2324,9 @@ KDF_R_MISSING_PASS:110:missing pass + KDF_R_MISSING_SALT:111:missing salt + KDF_R_MISSING_SECRET:107:missing secret + KDF_R_MISSING_SEED:106:missing seed ++KDF_R_MISSING_SESSION_ID:113:missing session id ++KDF_R_MISSING_TYPE:114:missing type ++KDF_R_MISSING_XCGHASH:115:missing xcghash + KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type + KDF_R_VALUE_ERROR:108:value error + KDF_R_VALUE_MISSING:102:value missing +diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c +index 05f5cec3a9..811fe727f6 100644 +--- a/crypto/evp/kdf_lib.c ++++ b/crypto/evp/kdf_lib.c +@@ -29,7 +29,8 @@ static const EVP_KDF_METHOD *standard_methods[] = { + &scrypt_kdf_meth, + #endif + &tls1_prf_kdf_meth, +- &hkdf_kdf_meth ++ &hkdf_kdf_meth, ++ &sshkdf_kdf_meth, + }; + + DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, +diff --git a/include/crypto/evp.h b/include/crypto/evp.h +index a109e561b3..8c313c65ac 100644 +--- a/include/crypto/evp.h ++++ b/include/crypto/evp.h +@@ -129,6 +129,7 @@ extern const EVP_KDF_METHOD pbkdf2_kdf_meth; + extern const EVP_KDF_METHOD scrypt_kdf_meth; + extern const EVP_KDF_METHOD tls1_prf_kdf_meth; + extern const EVP_KDF_METHOD hkdf_kdf_meth; ++extern const EVP_KDF_METHOD sshkdf_kdf_meth; + + struct evp_md_st { + int type; +diff --git a/crypto/kdf/build.info b/crypto/kdf/build.info +index dce960e9e1..f483c779dd 100644 +--- a/crypto/kdf/build.info ++++ b/crypto/kdf/build.info +@@ -1,3 +1,3 @@ + LIBS=../../libcrypto + SOURCE[../../libcrypto]=\ +- tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c ++ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c +diff --git a/crypto/kdf/kdf_err.c b/crypto/kdf/kdf_err.c +index b2a0c0ebfc..b4678775dd 100644 +--- a/crypto/kdf/kdf_err.c ++++ b/crypto/kdf/kdf_err.c +@@ -31,6 +31,11 @@ static const ERR_STRING_DATA KDF_str_functs[] = { + "kdf_scrypt_ctrl_uint64"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_DERIVE, 0), "kdf_scrypt_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_NEW, 0), "kdf_scrypt_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SSHKDF_CTRL, 0), "kdf_sshkdf_ctrl"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SSHKDF_CTRL_STR, 0), ++ "kdf_sshkdf_ctrl_str"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SSHKDF_DERIVE, 0), "kdf_sshkdf_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SSHKDF_NEW, 0), "kdf_sshkdf_new"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_CTRL_STR, 0), + "kdf_tls1_prf_ctrl_str"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_DERIVE, 0), +@@ -70,6 +75,9 @@ static const ERR_STRING_DATA KDF_str_reasons[] = { + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SALT), "missing salt"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SECRET), "missing secret"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SEED), "missing seed"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SESSION_ID), "missing session id"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_TYPE), "missing type"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_XCGHASH), "missing xcghash"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNKNOWN_PARAMETER_TYPE), + "unknown parameter type"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_ERROR), "value error"}, +diff --git a/crypto/kdf/sshkdf.c b/crypto/kdf/sshkdf.c +new file mode 100644 +index 0000000000..24f37cbed4 +--- /dev/null ++++ b/crypto/kdf/sshkdf.c +@@ -0,0 +1,288 @@ ++/* ++ * Copyright 2018-2018 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the OpenSSL license (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include "internal/cryptlib.h" ++#include "crypto/evp.h" ++#include "kdf_local.h" ++ ++/* See RFC 4253, Section 7.2 */ ++ ++static void kdf_sshkdf_reset(EVP_KDF_IMPL *impl); ++static int SSHKDF(const EVP_MD *evp_md, ++ const unsigned char *key, size_t key_len, ++ const unsigned char *xcghash, size_t xcghash_len, ++ const unsigned char *session_id, size_t session_id_len, ++ char type, unsigned char *okey, size_t okey_len); ++ ++struct evp_kdf_impl_st { ++ const EVP_MD *md; ++ unsigned char *key; /* K */ ++ size_t key_len; ++ unsigned char *xcghash; /* H */ ++ size_t xcghash_len; ++ char type; /* X */ ++ unsigned char *session_id; ++ size_t session_id_len; ++}; ++ ++static EVP_KDF_IMPL *kdf_sshkdf_new(void) ++{ ++ EVP_KDF_IMPL *impl; ++ ++ if ((impl = OPENSSL_zalloc(sizeof(*impl))) == NULL) ++ KDFerr(KDF_F_KDF_SSHKDF_NEW, ERR_R_MALLOC_FAILURE); ++ return impl; ++} ++ ++static void kdf_sshkdf_free(EVP_KDF_IMPL *impl) ++{ ++ kdf_sshkdf_reset(impl); ++ OPENSSL_free(impl); ++} ++ ++static void kdf_sshkdf_reset(EVP_KDF_IMPL *impl) ++{ ++ OPENSSL_clear_free(impl->key, impl->key_len); ++ OPENSSL_clear_free(impl->xcghash, impl->xcghash_len); ++ OPENSSL_clear_free(impl->session_id, impl->session_id_len); ++ memset(impl, 0, sizeof(*impl)); ++} ++ ++static int kdf_sshkdf_parse_buffer_arg(unsigned char **dst, size_t *dst_len, ++ va_list args) ++{ ++ const unsigned char *p; ++ size_t len; ++ ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ OPENSSL_clear_free(*dst, *dst_len); ++ *dst = OPENSSL_memdup(p, len); ++ if (*dst == NULL) ++ return 0; ++ ++ *dst_len = len; ++ return 1; ++} ++ ++static int kdf_sshkdf_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) ++{ ++ int t; ++ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_MD: ++ impl->md = va_arg(args, const EVP_MD *); ++ if (impl->md == NULL) ++ return 0; ++ ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_KEY: ++ return kdf_sshkdf_parse_buffer_arg(&impl->key, ++ &impl->key_len, args); ++ ++ case EVP_KDF_CTRL_SET_SSHKDF_XCGHASH: ++ return kdf_sshkdf_parse_buffer_arg(&impl->xcghash, ++ &impl->xcghash_len, args); ++ ++ case EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID: ++ return kdf_sshkdf_parse_buffer_arg(&impl->session_id, ++ &impl->session_id_len, args); ++ ++ case EVP_KDF_CTRL_SET_SSHKDF_TYPE: ++ t = va_arg(args, int); ++ if (t < 65 || t > 70) { ++ KDFerr(KDF_F_KDF_SSHKDF_CTRL, KDF_R_VALUE_ERROR); ++ return 0; ++ } ++ ++ impl->type = (char)t; ++ return 1; ++ ++ default: ++ return -2; ++ ++ } ++} ++ ++static int kdf_sshkdf_ctrl_str(EVP_KDF_IMPL *impl, const char *type, ++ const char *value) ++{ ++ if (value == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_VALUE_MISSING); ++ return 0; ++ } ++ ++ if (strcmp(type, "md") == 0) ++ return kdf_md2ctrl(impl, kdf_sshkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); ++ ++ if (strcmp(type, "key") == 0) ++ return kdf_str2ctrl(impl, kdf_sshkdf_ctrl, ++ EVP_KDF_CTRL_SET_KEY, value); ++ ++ if (strcmp(type, "hexkey") == 0) ++ return kdf_hex2ctrl(impl, kdf_sshkdf_ctrl, ++ EVP_KDF_CTRL_SET_KEY, value); ++ ++ if (strcmp(type, "xcghash") == 0) ++ return kdf_str2ctrl(impl, kdf_sshkdf_ctrl, ++ EVP_KDF_CTRL_SET_SSHKDF_XCGHASH, value); ++ ++ if (strcmp(type, "hexxcghash") == 0) ++ return kdf_hex2ctrl(impl, kdf_sshkdf_ctrl, ++ EVP_KDF_CTRL_SET_SSHKDF_XCGHASH, value); ++ ++ if (strcmp(type, "session_id") == 0) ++ return kdf_str2ctrl(impl, kdf_sshkdf_ctrl, ++ EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID, value); ++ ++ if (strcmp(type, "hexsession_id") == 0) ++ return kdf_hex2ctrl(impl, kdf_sshkdf_ctrl, ++ EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID, value); ++ ++ if (strcmp(type, "type") == 0) { ++ if (strlen(value) != 1) { ++ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_VALUE_ERROR); ++ return 0; ++ } ++ ++ return call_ctrl(kdf_sshkdf_ctrl, impl, EVP_KDF_CTRL_SET_SSHKDF_TYPE, ++ (int)value[0]); ++ } ++ ++ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); ++ return -2; ++} ++ ++static size_t kdf_sshkdf_size(EVP_KDF_IMPL *impl) ++{ ++ return SIZE_MAX; ++} ++ ++static int kdf_sshkdf_derive(EVP_KDF_IMPL *impl, unsigned char *key, ++ size_t keylen) ++{ ++ if (impl->md == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); ++ return 0; ++ } ++ if (impl->key == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_KEY); ++ return 0; ++ } ++ if (impl->xcghash == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_XCGHASH); ++ return 0; ++ } ++ if (impl->session_id == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_SESSION_ID); ++ return 0; ++ } ++ if (impl->type == 0) { ++ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_TYPE); ++ return 0; ++ } ++ return SSHKDF(impl->md, impl->key, impl->key_len, ++ impl->xcghash, impl->xcghash_len, ++ impl->session_id, impl->session_id_len, ++ impl->type, key, keylen); ++} ++ ++const EVP_KDF_METHOD sshkdf_kdf_meth = { ++ EVP_KDF_SSHKDF, ++ kdf_sshkdf_new, ++ kdf_sshkdf_free, ++ kdf_sshkdf_reset, ++ kdf_sshkdf_ctrl, ++ kdf_sshkdf_ctrl_str, ++ kdf_sshkdf_size, ++ kdf_sshkdf_derive, ++}; ++ ++static int SSHKDF(const EVP_MD *evp_md, ++ const unsigned char *key, size_t key_len, ++ const unsigned char *xcghash, size_t xcghash_len, ++ const unsigned char *session_id, size_t session_id_len, ++ char type, unsigned char *okey, size_t okey_len) ++{ ++ EVP_MD_CTX *md = NULL; ++ unsigned char digest[EVP_MAX_MD_SIZE]; ++ unsigned int dsize = 0; ++ size_t cursize = 0; ++ int ret = 0; ++ ++ md = EVP_MD_CTX_new(); ++ if (md == NULL) ++ return 0; ++ ++ if (!EVP_DigestInit_ex(md, evp_md, NULL)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, key, key_len)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, xcghash, xcghash_len)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, &type, 1)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, session_id, session_id_len)) ++ goto out; ++ ++ if (!EVP_DigestFinal_ex(md, digest, &dsize)) ++ goto out; ++ ++ if (okey_len < dsize) { ++ memcpy(okey, digest, okey_len); ++ ret = 1; ++ goto out; ++ } ++ ++ memcpy(okey, digest, dsize); ++ ++ for (cursize = dsize; cursize < okey_len; cursize += dsize) { ++ ++ if (!EVP_DigestInit_ex(md, evp_md, NULL)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, key, key_len)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, xcghash, xcghash_len)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, okey, cursize)) ++ goto out; ++ ++ if (!EVP_DigestFinal_ex(md, digest, &dsize)) ++ goto out; ++ ++ if (okey_len < cursize + dsize) { ++ memcpy(okey + cursize, digest, okey_len - cursize); ++ ret = 1; ++ goto out; ++ } ++ ++ memcpy(okey + cursize, digest, dsize); ++ } ++ ++ ret = 1; ++ ++out: ++ EVP_MD_CTX_free(md); ++ OPENSSL_cleanse(digest, EVP_MAX_MD_SIZE); ++ return ret; ++} ++ +diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h +index 9ab1a14b9e..81646fda52 100644 +--- a/crypto/objects/obj_dat.h ++++ b/crypto/objects/obj_dat.h +@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = { + 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */ + }; + +-#define NUM_NID 1195 ++#define NUM_NID 1196 + static const ASN1_OBJECT nid_objs[NUM_NID] = { + {"UNDEF", "undefined", NID_undef}, + {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, +@@ -2275,9 +2275,10 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { + {"magma-mac", "magma-mac", NID_magma_mac}, + {"hmacWithSHA512-224", "hmacWithSHA512-224", NID_hmacWithSHA512_224, 8, &so[7745]}, + {"hmacWithSHA512-256", "hmacWithSHA512-256", NID_hmacWithSHA512_256, 8, &so[7753]}, ++ {"SSHKDF", "sshkdf", NID_sshkdf}, + }; + +-#define NUM_SN 1186 ++#define NUM_SN 1187 + static const unsigned int sn_objs[NUM_SN] = { + 364, /* "AD_DVCS" */ + 419, /* "AES-128-CBC" */ +@@ -2555,6 +2556,7 @@ static const unsigned int sn_objs[NUM_SN] = { + 167, /* "SMIME-CAPS" */ + 100, /* "SN" */ + 1006, /* "SNILS" */ ++ 1195, /* "SSHKDF" */ + 16, /* "ST" */ + 143, /* "SXNetID" */ + 1062, /* "SipHash" */ +@@ -3467,7 +3469,7 @@ static const unsigned int sn_objs[NUM_SN] = { + 1093, /* "x509ExtAdmission" */ + }; + +-#define NUM_LN 1186 ++#define NUM_LN 1187 + static const unsigned int ln_objs[NUM_LN] = { + 363, /* "AD Time Stamping" */ + 405, /* "ANSI X9.62" */ +@@ -4609,6 +4611,7 @@ static const unsigned int ln_objs[NUM_LN] = { + 1139, /* "sm4-ctr" */ + 1133, /* "sm4-ecb" */ + 1135, /* "sm4-ofb" */ ++ 1195, /* "sshkdf" */ + 16, /* "stateOrProvinceName" */ + 660, /* "streetAddress" */ + 498, /* "subtreeMaximumQuality" */ +diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num +index 1b6a9c61a1..231c18384a 100644 +--- a/crypto/objects/obj_mac.num ++++ b/crypto/objects/obj_mac.num +@@ -1192,3 +1192,4 @@ magma_cfb 1191 + magma_mac 1192 + hmacWithSHA512_224 1193 + hmacWithSHA512_256 1194 ++sshkdf 1195 +diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt +index 6dbc41ce37..5ded88e525 100644 +--- a/crypto/objects/objects.txt ++++ b/crypto/objects/objects.txt +@@ -1600,6 +1600,9 @@ secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme + # NID for HKDF + : HKDF : hkdf + ++# NID for SSHKDF ++ : SSHKDF : sshkdf ++ + # RFC 4556 + 1 3 6 1 5 2 3 : id-pkinit + id-pkinit 4 : pkInitClientAuth : PKINIT Client Auth +diff --git a/doc/man7/EVP_KDF_SSHKDF.pod b/doc/man7/EVP_KDF_SSHKDF.pod +new file mode 100644 +index 0000000000..9c9734e7c3 +--- /dev/null ++++ b/doc/man7/EVP_KDF_SSHKDF.pod +@@ -0,0 +1,175 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_SSHKDF - The SSHKDF EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++Support for computing the B KDF through the B API. ++ ++The EVP_KDF_SSHKDF algorithm implements the SSHKDF key derivation function. ++It is defined in RFC 4253, section 7.2 and is used by SSH to derive IVs, ++encryption keys and integrity keys. ++Five inputs are required to perform key derivation: The hashing function ++(for example SHA256), the Initial Key, the Exchange Hash, the Session ID, ++and the derivation key type. ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it ++can be used with the EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++=item B ++ ++These controls work as described in L. ++ ++=item B ++ ++=item B ++ ++These controls expect two arguments: C, C ++ ++They set the respective values to the first B bytes of the buffer ++B. If a value is already set, the contents are replaced. ++ ++EVP_KDF_ctrl_str() takes two type strings for these controls: ++ ++=over 4 ++ ++=item "xcghash" ++ ++=item "session_id" ++ ++The value string is used as is. ++ ++=item "hexxcghash" ++ ++=item "hexsession_id" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control expects one argument: C ++ ++Sets the type for the SSHHKDF operation. There are six supported types: ++ ++=over 4 ++ ++=item EVP_KDF_SSHKDF_TYPE_ININITAL_IV_CLI_TO_SRV ++ ++The Initial IV from client to server. ++A single char of value 65 (ASCII char 'A'). ++ ++=item EVP_KDF_SSHKDF_TYPE_ININITAL_IV_SRV_TO_CLI ++ ++The Initial IV from server to client ++A single char of value 66 (ASCII char 'B'). ++ ++=item EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV ++ ++The Encryption Key from client to server ++A single char of value 67 (ASCII char 'C'). ++ ++=item EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI ++ ++The Encryption Key from server to client ++A single char of value 68 (ASCII char 'D'). ++ ++=item EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV ++ ++The Integrity Key from client to server ++A single char of value 69 (ASCII char 'E'). ++ ++=item EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI ++ ++The Integrity Key from client to server ++A single char of value 70 (ASCII char 'F'). ++ ++=back ++ ++EVP_KDF_ctrl_str() type string: "type" ++ ++The value is a string of length one character. The only valid values ++are the numerical values of the ASCII caracters: "A" (65) to "F" (70). ++ ++=back ++ ++=head1 NOTES ++ ++A context for SSHKDF can be obtained by calling: ++ ++ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF); ++ ++The output length of the SSHKDF derivation is specified via the C ++parameter to the L function. ++Since the SSHKDF output length is variable, calling L ++to obtain the requisite length is not meaningful. The caller must ++allocate a buffer of the desired length, and pass that buffer to the ++L function along with the desired length. ++ ++=head1 EXAMPLE ++ ++This example derives an 8 byte IV using SHA-256 with a 1K "key" and appropriate ++"xcghash" and "session_id" values: ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char key[1024] = "01234..."; ++ unsigned char xcghash[32] = "012345..."; ++ unsigned char session_id[32] = "012345..."; ++ unsigned char out[8]; ++ size_t outlen = sizeof(out); ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF); ++ ++ if (EVP_KDF_CTX_set_md(kctx, EVP_sha256()) <= 0) ++ /* Error */ ++ if (EVP_KDF_CTX_set1_key(kctx, key, 1024) <= 0) ++ /* Error */ ++ if (EVP_KDF_CTX_set1_sshkdf_xcghash(kctx, xcghash, 32) <= 0) ++ /* Error */ ++ if (EVP_KDF_CTX_set1_sshkdf_session_id(kctx, session_id, 32) <= 0) ++ /* Error */ ++ if (EVP_KDF_CTX_set_sshkdf_type(kctx, ++ EVP_KDF_SSHKDF_TYPE_ININITAL_IV_CLI_TO_SRV) <= 0) ++ /* Error */ ++ if (EVP_KDF_derive(kctx, out, &outlen) <= 0) ++ /* Error */ ++ ++ ++=head1 CONFORMING TO ++ ++RFC 4253 ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 COPYRIGHT ++ ++Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the OpenSSL license (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut ++ +diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h +index 16caed5273..362ab14cff 100644 +--- a/include/openssl/kdf.h ++++ b/include/openssl/kdf.h +@@ -20,6 +20,7 @@ extern "C" { + # define EVP_KDF_SCRYPT NID_id_scrypt + # define EVP_KDF_TLS1_PRF NID_tls1_prf + # define EVP_KDF_HKDF NID_hkdf ++# define EVP_KDF_SSHKDF NID_sshkdf + + EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id); + void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); +@@ -47,11 +48,20 @@ int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); + # define EVP_KDF_CTRL_SET_SCRYPT_N 0x0d /* uint64_t */ + # define EVP_KDF_CTRL_SET_SCRYPT_R 0x0e /* uint32_t */ + # define EVP_KDF_CTRL_SET_SCRYPT_P 0x0f /* uint32_t */ ++# define EVP_KDF_CTRL_SET_SSHKDF_XCGHASH 0x10 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID 0x11 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_SSHKDF_TYPE 0x12 /* int */ + + # define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0 + # define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1 + # define EVP_KDF_HKDF_MODE_EXPAND_ONLY 2 + ++#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV 65 ++#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_SRV_TO_CLI 66 ++#define EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV 67 ++#define EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI 68 ++#define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV 69 ++#define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI 70 + + /**** The legacy PKEY-based KDF API follows. ****/ + +diff --git a/include/openssl/kdferr.h b/include/openssl/kdferr.h +index 0191f2b21d..ff13ccb649 100644 +--- a/include/openssl/kdferr.h ++++ b/include/openssl/kdferr.h +@@ -32,6 +32,10 @@ int ERR_load_KDF_strings(void); + # define KDF_F_KDF_SCRYPT_CTRL_UINT64 122 + # define KDF_F_KDF_SCRYPT_DERIVE 123 + # define KDF_F_KDF_SCRYPT_NEW 124 ++# define KDF_F_KDF_SSHKDF_CTRL 130 ++# define KDF_F_KDF_SSHKDF_CTRL_STR 131 ++# define KDF_F_KDF_SSHKDF_DERIVE 132 ++# define KDF_F_KDF_SSHKDF_NEW 133 + # define KDF_F_KDF_TLS1_PRF_CTRL_STR 125 + # define KDF_F_KDF_TLS1_PRF_DERIVE 126 + # define KDF_F_KDF_TLS1_PRF_NEW 127 +@@ -62,6 +66,9 @@ int ERR_load_KDF_strings(void); + # define KDF_R_MISSING_SALT 111 + # define KDF_R_MISSING_SECRET 107 + # define KDF_R_MISSING_SEED 106 ++# define KDF_R_MISSING_SESSION_ID 113 ++# define KDF_R_MISSING_TYPE 114 ++# define KDF_R_MISSING_XCGHASH 115 + # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 + # define KDF_R_VALUE_ERROR 108 + # define KDF_R_VALUE_MISSING 102 +diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h +index 31fad4640f..baf2bd8db4 100644 +--- a/include/openssl/obj_mac.h ++++ b/include/openssl/obj_mac.h +@@ -4970,6 +4970,10 @@ + #define LN_hkdf "hkdf" + #define NID_hkdf 1036 + ++#define SN_sshkdf "SSHKDF" ++#define LN_sshkdf "sshkdf" ++#define NID_sshkdf 1203 ++ + #define SN_id_pkinit "id-pkinit" + #define NID_id_pkinit 1031 + #define OBJ_id_pkinit 1L,3L,6L,1L,5L,2L,3L +diff --git a/test/recipes/30-test_evp_data/evpkdf.txt b/test/recipes/30-test_evp_data/evpkdf.txt +index 285c4311a6..7f2dcd2291 100644 +--- a/test/recipes/30-test_evp_data/evpkdf.txt ++++ b/test/recipes/30-test_evp_data/evpkdf.txt +@@ -433,3 +433,4856 @@ Ctrl.iter = iter:1 + Ctrl.digest = digest:sha512 + Output = 00ef42cdbfc98d29db20976608e455567fdddf14 + ++Title = SSHKDF tests (from NIST CAVS 14.1 test vectors) ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:A ++Output = e2f627c0b43f1ac1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:B ++Output = 58471445f342b181 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:C ++Output = 1ca9d310f86d51f6cb8e7007cb2b220d55c5281ce680b533 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:D ++Output = 2c60df8603d34cc1dbb03c11f725a44b44008851c73d6844 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:E ++Output = 472eb8a26166ae6aa8e06868e45c3b26e6eeed06 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:F ++Output = e3e2fdb9d7bc21165a3dbe47e1eceb7764390bab ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 ++Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 ++Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a ++Ctrl.type = type:A ++Output = 55a1015757de84cb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 ++Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 ++Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a ++Ctrl.type = type:B ++Output = 7e57f61d5735f4fb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 ++Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 ++Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a ++Ctrl.type = type:C ++Output = dd1c24bde1af845e82207541e3e173aec822fb904a94ae3c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 ++Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 ++Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a ++Ctrl.type = type:D ++Output = cbbfdc9442af6db7f8c4dcaa4b0b5d0163e0e204476aa2a0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 ++Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 ++Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a ++Ctrl.type = type:E ++Output = e153e04886c0dc446dde9a9b3b13efb77151764d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 ++Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 ++Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a ++Ctrl.type = type:F ++Output = c8e4f61bd6b5abb2c6e06eca7b302349435e4842 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 ++Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 ++Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd ++Ctrl.type = type:A ++Output = 054eaf5d7dea31e7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 ++Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 ++Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd ++Ctrl.type = type:B ++Output = 6ce586c127da010f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 ++Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 ++Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd ++Ctrl.type = type:C ++Output = 7907bf3d7c58ce72714b2adb1a14f156194b14378a4a7c49 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 ++Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 ++Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd ++Ctrl.type = type:D ++Output = c34757dc104e7b811f6550bbc3888e1d4297578fd88b2ca5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 ++Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 ++Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd ++Ctrl.type = type:E ++Output = e463e05ef70e61f994ee3cd20d504cb6eddb9b1a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 ++Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 ++Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd ++Ctrl.type = type:F ++Output = 676cf1dfc887e122353eead2b1e644f9d9def944 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 ++Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 ++Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 ++Ctrl.type = type:A ++Output = bc4b5164911bc87b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 ++Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 ++Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 ++Ctrl.type = type:B ++Output = d791c5986b27257e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 ++Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 ++Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 ++Ctrl.type = type:C ++Output = de8e99bb3f60ccf0583712528aa3dd0418fdb90d0a588012 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 ++Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 ++Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 ++Ctrl.type = type:D ++Output = f37f75a685f1eaf4fd270b946d84734e96aa3b4ed130afc6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 ++Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 ++Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 ++Ctrl.type = type:E ++Output = 658f04b0f59aab071b9e11ec9ff187ee10e80254 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 ++Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 ++Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 ++Ctrl.type = type:F ++Output = b030809222ff7a12b0df35072d67f314ab1d5eda ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff ++Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 ++Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d ++Ctrl.type = type:A ++Output = 7a74ec799ef16865 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff ++Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 ++Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d ++Ctrl.type = type:B ++Output = 6e544fc6db0ca1ba ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff ++Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 ++Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d ++Ctrl.type = type:C ++Output = 658226b1b10b2033fa88838b619572b18e81e80c76507918 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff ++Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 ++Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d ++Ctrl.type = type:D ++Output = 327298c8660685efcb01c5c0df49faebb15c0e93b0f6c65d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff ++Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 ++Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d ++Ctrl.type = type:E ++Output = 6b618a10aeaa12c9a8d2bcb10e975605582c00e5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff ++Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 ++Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d ++Ctrl.type = type:F ++Output = 6d4ce50da9de90d6f746e812a2e74bcd921f5612 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 ++Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f ++Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a ++Ctrl.type = type:A ++Output = b655839abcb1a7b8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 ++Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f ++Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a ++Ctrl.type = type:B ++Output = 98f9ec980831a8bc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 ++Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f ++Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a ++Ctrl.type = type:C ++Output = 31a63b64cfa8b6a12ba165096dad8d127cd3f3b67698b670 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 ++Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f ++Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a ++Ctrl.type = type:D ++Output = 8bd79633967b92f0039a38a2d421e12840ea5c31b43c4e90 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 ++Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f ++Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a ++Ctrl.type = type:E ++Output = 37eccade73b422d1108e390eaa28c646b554a721 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 ++Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f ++Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a ++Ctrl.type = type:F ++Output = 013a20fc8f53ef08aae0a836b9410153a877983a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef ++Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 ++Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 ++Ctrl.type = type:A ++Output = 12f6c3ac60d6ee3b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef ++Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 ++Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 ++Ctrl.type = type:B ++Output = 536d106e00aec6fd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef ++Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 ++Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 ++Ctrl.type = type:C ++Output = 26b8ec66854d0f0aa98f6888be628ebc75900c3738d47894 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef ++Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 ++Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 ++Ctrl.type = type:D ++Output = d5d3b3817214eeb3bf292dffc77daeab062ac7fcd2e3a2bd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef ++Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 ++Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 ++Ctrl.type = type:E ++Output = 014613aef22194307bc0678f6edd1ccff240adfa ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef ++Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 ++Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 ++Ctrl.type = type:F ++Output = 5057b4cc2c300f7546d358a75daf58233b71da1a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 ++Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 ++Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 ++Ctrl.type = type:A ++Output = d160f91f36027ff9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 ++Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 ++Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 ++Ctrl.type = type:B ++Output = 0d02ec310663bbcc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 ++Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 ++Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 ++Ctrl.type = type:C ++Output = 03b66f451ad93a01914dd3372d980bea3de94993e176ea01 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 ++Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 ++Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 ++Ctrl.type = type:D ++Output = c2db767cbbdf2f839eb2f37ada87a041d220b9f58842d0db ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 ++Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 ++Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 ++Ctrl.type = type:E ++Output = 0b2944c26dcf4cc877cdc55c4e9b1b8155e3874b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 ++Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 ++Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 ++Ctrl.type = type:F ++Output = f7977d574c7d9e4f34ecd6b405c765963f0dfe57 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 ++Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 ++Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 ++Ctrl.type = type:A ++Output = e4387818ab7f4fa6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 ++Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 ++Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 ++Ctrl.type = type:B ++Output = 1daabebcc8a064df ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 ++Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 ++Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 ++Ctrl.type = type:C ++Output = 9fffad3aec53cd719c1d500850c2f38d8eea04606f78b402 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 ++Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 ++Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 ++Ctrl.type = type:D ++Output = 6b196bce2aa2bd912ffd67a94fc42dec1051376f73ec3ce2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 ++Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 ++Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 ++Ctrl.type = type:E ++Output = beab583906e6bed005558c102a5b5fd6ee71485f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 ++Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 ++Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 ++Ctrl.type = type:F ++Output = 105140594b5b9061de7ff2afac09bce81b75d6c6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d ++Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 ++Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c ++Ctrl.type = type:A ++Output = ef982c8fd0fd464f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d ++Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 ++Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c ++Ctrl.type = type:B ++Output = 845ad3ba4d359326 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d ++Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 ++Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c ++Ctrl.type = type:C ++Output = d9e516001b6b1a17268e507fa6e13f6bc9c3ded0020ef841 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d ++Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 ++Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c ++Ctrl.type = type:D ++Output = d57d2f3c25b536442d8c7f36d62778d06fb6e7d4b5c7ab76 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d ++Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 ++Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c ++Ctrl.type = type:E ++Output = f0b75425b271eb82645b1f1424b2a838dbcf6f98 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d ++Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 ++Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c ++Ctrl.type = type:F ++Output = cdf59b2327588ffd18becfc0e5bb526014101401 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 ++Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.type = type:A ++Output = 79c9195e683ae10750960cb55c4d4c0b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 ++Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.type = type:B ++Output = ef00b448ab9fd6523bb5143a0a818750 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 ++Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.type = type:C ++Output = 51c8b4aaf5e42443be0aa3c50aa7e1dd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 ++Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.type = type:D ++Output = 4153a587397fb14dc3faad028fdb7ecc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 ++Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.type = type:E ++Output = d23e36347052a1cfb4a7789df48627e8a31345c7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 ++Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.type = type:F ++Output = c1286e92655912d923154c460702a31424bd6b01 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 ++Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e ++Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 ++Ctrl.type = type:A ++Output = 739ad52e454ba3457735b7c5304c6578 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 ++Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e ++Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 ++Ctrl.type = type:B ++Output = 3bd9f9d9f06aa521d2f53e40fc5d9f90 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 ++Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e ++Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 ++Ctrl.type = type:C ++Output = 335cd2813bebd3d5e1dda4c1e14c23de ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 ++Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e ++Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 ++Ctrl.type = type:D ++Output = fd25c5ae649645d8c0cfff0d4d8e7a47 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 ++Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e ++Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 ++Ctrl.type = type:E ++Output = 90e89773d04623553d4d298e6aa75781d8a6544b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 ++Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e ++Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 ++Ctrl.type = type:F ++Output = 86a3f05a5f844b23d787cccbda37a3d773a4d049 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde ++Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 ++Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e ++Ctrl.type = type:A ++Output = d2d06d589e6e696556e3d44d7d05decb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde ++Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 ++Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e ++Ctrl.type = type:B ++Output = 14e3a886b715206e837b70fe7c02b941 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde ++Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 ++Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e ++Ctrl.type = type:C ++Output = 98625cf9741819273a0d6852ca7ab592 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde ++Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 ++Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e ++Ctrl.type = type:D ++Output = a7b273f04d537856015e06075c94c398 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde ++Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 ++Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e ++Ctrl.type = type:E ++Output = 3e1afa980d05ec30e9a55331ac301c10305999e2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde ++Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 ++Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e ++Ctrl.type = type:F ++Output = b993c4254669c7a51ed713ddaf7174fd5296fe57 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 ++Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 ++Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d ++Ctrl.type = type:A ++Output = d9c0ed6b7fbf066d4f3cff7d2585ef5b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 ++Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 ++Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d ++Ctrl.type = type:B ++Output = da13833aa2c086e5d76595132f4e5fc6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 ++Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 ++Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d ++Ctrl.type = type:C ++Output = 9e27400587b646397a7655be0e5763ec ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 ++Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 ++Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d ++Ctrl.type = type:D ++Output = 91b95d5cce7f2aec14776f49f652a305 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 ++Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 ++Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d ++Ctrl.type = type:E ++Output = a97dc9a99e37c983a4922cd2ecdfa394b71141ce ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 ++Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 ++Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d ++Ctrl.type = type:F ++Output = 173d846f9790c742ca86af4bff5f965c6088a05b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 ++Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 ++Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a ++Ctrl.type = type:A ++Output = 6fa496847cda7367cb32b8be9aae3f85 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 ++Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 ++Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a ++Ctrl.type = type:B ++Output = 702ac8636520b7c6169ddc660781de9f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 ++Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 ++Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a ++Ctrl.type = type:C ++Output = 6ffd703180af7c2207d5fa9e467272e3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 ++Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 ++Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a ++Ctrl.type = type:D ++Output = 7ae5281e377f230dcc9854cf995f663d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 ++Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 ++Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a ++Ctrl.type = type:E ++Output = fbcb152df7a3f12a8f174f9ca31bb31b124ae3c2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 ++Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 ++Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a ++Ctrl.type = type:F ++Output = 3f0c57fbccfb7306cff23bdaf69d70a8a394b34b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f ++Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b ++Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc ++Ctrl.type = type:A ++Output = 7e37ea52156fad1903709e1d3229721f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f ++Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b ++Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc ++Ctrl.type = type:B ++Output = c15569583de413e08293bf1689a9afe8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f ++Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b ++Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc ++Ctrl.type = type:C ++Output = 0c85227539f5e328c64172280759d9bf ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f ++Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b ++Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc ++Ctrl.type = type:D ++Output = 3dbc42d9e7128e861b87781546cedc8e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f ++Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b ++Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc ++Ctrl.type = type:E ++Output = 1ec0d15e38ea1b48da963837dbf30cef855a92c7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f ++Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b ++Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc ++Ctrl.type = type:F ++Output = eea8ea042a079fcf8416a8b244fafab35adeca8a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 ++Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 ++Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a ++Ctrl.type = type:A ++Output = f2faef6e274814ed7ca544484ac21a3a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 ++Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 ++Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a ++Ctrl.type = type:B ++Output = 3ca9bc0f3c65c257fa160a4d1c5e3520 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 ++Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 ++Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a ++Ctrl.type = type:C ++Output = fcdf0545b51aca6515bccf6ed0ecb582 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 ++Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 ++Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a ++Ctrl.type = type:D ++Output = 86ea895a310c3bbd1aac209b2362d58a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 ++Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 ++Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a ++Ctrl.type = type:E ++Output = 12a4f2b749e2bf88c1f8437e5ff61de761fd48b3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 ++Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 ++Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a ++Ctrl.type = type:F ++Output = a3a9276a120db379ec780e434879a54935db954d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e ++Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 ++Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 ++Ctrl.type = type:A ++Output = e53f2f61d8919e097cb99627fe668385 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e ++Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 ++Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 ++Ctrl.type = type:B ++Output = cea80fd8dc06654ed80b0ec150835537 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e ++Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 ++Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 ++Ctrl.type = type:C ++Output = d5ba475e737bed349b8931ba38d426e9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e ++Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 ++Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 ++Ctrl.type = type:D ++Output = f3ea92b4f365ab2fb8403ad8ecd2d17c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e ++Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 ++Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 ++Ctrl.type = type:E ++Output = 41fa718884738fd6fd9ee9fd5af05f0de9400952 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e ++Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 ++Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 ++Ctrl.type = type:F ++Output = 91395bbd90abb140d0984ed5e77836590bf44695 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 ++Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a ++Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c ++Ctrl.type = type:A ++Output = 04d3c0a3f5e33ae373c637ef45897779 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 ++Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a ++Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c ++Ctrl.type = type:B ++Output = c5a45bfbf6d7c14c5d3a953b4848e433 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 ++Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a ++Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c ++Ctrl.type = type:C ++Output = 3a16d0da2f785e2c325b45109778910a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 ++Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a ++Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c ++Ctrl.type = type:D ++Output = 902b38dd6c759945e671c1de7d99e918 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 ++Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a ++Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c ++Ctrl.type = type:E ++Output = b573244de3127f6aa5457e792219dc89defaaecd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 ++Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a ++Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c ++Ctrl.type = type:F ++Output = 6cd221005dd1f0de4f472f48d15e61dcc2e91e99 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 ++Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 ++Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b ++Ctrl.type = type:A ++Output = 5f9deaf2ee4f05af0a8a813ef6bb9549 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 ++Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 ++Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b ++Ctrl.type = type:B ++Output = a2ea4b795f9c9de1d786d0c771df2b84 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 ++Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 ++Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b ++Ctrl.type = type:C ++Output = 13f828f8f1e5532a04f138681bc8259d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 ++Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 ++Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b ++Ctrl.type = type:D ++Output = 7231ce5fd725391e058cd78815f44625 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 ++Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 ++Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b ++Ctrl.type = type:E ++Output = 937b7e16ed0b2324203cdae904fc55cbe25067a1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 ++Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 ++Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b ++Ctrl.type = type:F ++Output = d7536b911dc79d5953455ba6e15cb5fec7c14025 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 ++Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.type = type:A ++Output = 9fff6c6a6d1f5c31 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 ++Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.type = type:B ++Output = 8e0ae78c64d2fe2a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 ++Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.type = type:C ++Output = 9044f963ffb56b94556a38aac5398a7072ffba60258500be ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 ++Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.type = type:D ++Output = a861a317ea42b050901aff367b5a1d0abd5c497c77311ba2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 ++Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.type = type:E ++Output = 43225d64b6da6f070925ad1c8b7ac88893f9a7cba0dfc55ddea42eec ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 ++Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.type = type:F ++Output = eb31db29bbafca2773f815fa478d927943288588e371ae9ba0414d98 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f ++Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d ++Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 ++Ctrl.type = type:A ++Output = bf2d6e03ba930c71 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f ++Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d ++Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 ++Ctrl.type = type:B ++Output = ff14fadc19a0bd8a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f ++Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d ++Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 ++Ctrl.type = type:C ++Output = 34a70734eaebeb8608cbb91098fa13326f37ccc5d408584d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f ++Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d ++Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 ++Ctrl.type = type:D ++Output = f993da8f2e840b836c8980fa2d780a1b4eeef77046988eed ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f ++Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d ++Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 ++Ctrl.type = type:E ++Output = a274441c86dd146cfab25d87344bd5a880d374d300aa8e1fe4919378 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f ++Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d ++Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 ++Ctrl.type = type:F ++Output = 7774dc48324cca24901bedc37224cb291d6202fb6b5e1d9315a9bd10 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e ++Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 ++Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b ++Ctrl.type = type:A ++Output = 75bc82b271311f53 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e ++Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 ++Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b ++Ctrl.type = type:B ++Output = 602d69e77b8c30b3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e ++Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 ++Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b ++Ctrl.type = type:C ++Output = e0c8856a26b2f4804e98809d5b81cdb360b43884a33d4fef ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e ++Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 ++Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b ++Ctrl.type = type:D ++Output = e661555415bcab0b1f2d4b4387cda213cdd93f8458a2ace4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e ++Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 ++Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b ++Ctrl.type = type:E ++Output = a368f66127573c79e2d936032f75c3d11c0131455eb9b6c5384582de ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e ++Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 ++Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b ++Ctrl.type = type:F ++Output = 779f09f514bdf7ed4a01788f10146367ce2ddf2aacebb961524c002a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e ++Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b ++Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 ++Ctrl.type = type:A ++Output = 386bc0b99215c8fa ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e ++Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b ++Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 ++Ctrl.type = type:B ++Output = c793dba9a68f70a4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e ++Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b ++Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 ++Ctrl.type = type:C ++Output = 3dcaea7c946c2de76811482556299aa9bf96c8eef11fb2d6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e ++Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b ++Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 ++Ctrl.type = type:D ++Output = fd078ef65922006809729f9533c8742e9f973f7ff37ba987 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e ++Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b ++Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 ++Ctrl.type = type:E ++Output = 83a1924fa5f7ceffeba7f519ac51a86a2746a93eb194db51a4596ca1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e ++Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b ++Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 ++Ctrl.type = type:F ++Output = e16507d1bbd53b41f9bb2f0f21b5112eb6cd1eb0489fb5e754212390 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 ++Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b ++Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 ++Ctrl.type = type:A ++Output = 0e764ebe0d523aae ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 ++Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b ++Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 ++Ctrl.type = type:B ++Output = 24bd2eff86c2a8dc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 ++Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b ++Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 ++Ctrl.type = type:C ++Output = 26c01e3d56c1b928f65aaa1b6a15f5b8d41de187b4bb5fdc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 ++Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b ++Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 ++Ctrl.type = type:D ++Output = e0cc3bdb6d69d10893eeb73b892d746acea151f24247fd9c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 ++Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b ++Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 ++Ctrl.type = type:E ++Output = bf442ba6ec794f20584528686cedbaa568c13b895f642fe5cb3542bb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 ++Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b ++Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 ++Ctrl.type = type:F ++Output = 65ab453e5ffd1b5e1540aa547766d7c177204c319642f93059bdf257 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 ++Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 ++Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff ++Ctrl.type = type:A ++Output = 45799bbb09fd8804 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 ++Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 ++Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff ++Ctrl.type = type:B ++Output = b787b009f3313be0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 ++Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 ++Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff ++Ctrl.type = type:C ++Output = c4cbb547c997e8fddb9e56ef5df91327766668a43a958a8e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 ++Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 ++Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff ++Ctrl.type = type:D ++Output = b55b7cca0a0363b84b40b79366b87db7c440dec5bf89e952 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 ++Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 ++Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff ++Ctrl.type = type:E ++Output = 9c6399e5f4db0fc7652268d7423230ee5ffc0a210c26568dc5c0ab7d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 ++Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 ++Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff ++Ctrl.type = type:F ++Output = 9824301c33daae0f1b75eb472d6f0b4ef2cea0b2f61e204b6aefb0bd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e ++Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df ++Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 ++Ctrl.type = type:A ++Output = 2958928e5fd3c6e4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e ++Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df ++Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 ++Ctrl.type = type:B ++Output = aa91bee1a3b3374c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e ++Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df ++Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 ++Ctrl.type = type:C ++Output = 6fdac559eb1d6af7fc7fbaa4f9a15fd4145b97b9418518d9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e ++Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df ++Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 ++Ctrl.type = type:D ++Output = 5a8271402756f7eac59f09b5020f7b05f6475fc3a2e2b482 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e ++Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df ++Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 ++Ctrl.type = type:E ++Output = 910de4a4a437cab056f7c38037f0196c524464237c5e332e79564a90 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e ++Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df ++Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 ++Ctrl.type = type:F ++Output = 0bfa6ed5dc8ab0fc1bb9feb966d7107137ebf3f754ac71c2a16a9c22 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c ++Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 ++Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 ++Ctrl.type = type:A ++Output = 82204d79e13252f1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c ++Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 ++Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 ++Ctrl.type = type:B ++Output = a76ff923488c7bd3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c ++Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 ++Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 ++Ctrl.type = type:C ++Output = 8ba3bd224890bdd4dd07d2a5a98e5efcd95d82c66583d098 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c ++Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 ++Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 ++Ctrl.type = type:D ++Output = a04a3844933ca1bb45848bc1a7626e4c50dc46aa5376d027 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c ++Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 ++Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 ++Ctrl.type = type:E ++Output = 393f2f152d6c6d063f284cadd1fd9d700928188b7fea31f74b44fbc6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c ++Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 ++Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 ++Ctrl.type = type:F ++Output = f27f2cd72b22e1719f91b912d6c9d180985121d32bd217e348cd2003 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 ++Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 ++Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 ++Ctrl.type = type:A ++Output = f843e3c6a1621998 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 ++Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 ++Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 ++Ctrl.type = type:B ++Output = 128b2d8968cfaad5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 ++Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 ++Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 ++Ctrl.type = type:C ++Output = d6c4d2685753580dea2c6a6eb6add592011356eb9e868d44 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 ++Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 ++Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 ++Ctrl.type = type:D ++Output = 92af60f4858f3d14efaac039130389ab9ae1237f0da09a29 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 ++Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 ++Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 ++Ctrl.type = type:E ++Output = a37af93c8f25e145def1c5397bec2ee2119cc0e0bd4854fe23b2e3d1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 ++Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 ++Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 ++Ctrl.type = type:F ++Output = d44def5fcec300da5913ca109c0fd7a2c2cbcedd2c3e3216c5cb0d95 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a ++Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 ++Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e ++Ctrl.type = type:A ++Output = 4276fab65090b420 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a ++Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 ++Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e ++Ctrl.type = type:B ++Output = 00303ca4f9a5a6f8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a ++Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 ++Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e ++Ctrl.type = type:C ++Output = 3d67892281e9c6ed6535d7ae69e832f6723afd545763bd3d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a ++Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 ++Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e ++Ctrl.type = type:D ++Output = 5a5844e6c47eacc172e0012044037668a653758b96310350 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a ++Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 ++Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e ++Ctrl.type = type:E ++Output = 4783fb6e98db788f6594c2b82e751528590c41780adce2ffba234290 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a ++Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 ++Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e ++Ctrl.type = type:F ++Output = 7c60752b0b5a0f0027507ecd88e6af2b78e462a98459bf0511152663 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 ++Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.type = type:A ++Output = 2512664639690af9f64afd16d9ccf3d3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 ++Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.type = type:B ++Output = c13223796f394c6d1ffd18c22c09f27a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 ++Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.type = type:C ++Output = 7be659a7cbeda28722315d96444a5c98 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 ++Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.type = type:D ++Output = bdfbd698c518aa45c35d7afd7bd91150 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 ++Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.type = type:E ++Output = dd38b79b081713ac3007ffd88d5cd67f43fbb36c983e0fc1cd273d84 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 ++Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.type = type:F ++Output = edf713ecfb21b9e9c2d9d04c882d5ded433dcf459ff5b0fe7cd45bb1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 ++Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc ++Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e ++Ctrl.type = type:A ++Output = f3064d3f3ed09eefd34731a2c60c1a80 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 ++Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc ++Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e ++Ctrl.type = type:B ++Output = 1f7f508d9c4cf1004a220f26e0e6c184 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 ++Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc ++Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e ++Ctrl.type = type:C ++Output = 2ad48a77fa12fcb5d3d3e98d5bb87d76 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 ++Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc ++Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e ++Ctrl.type = type:D ++Output = 0433db7fd40d9d0dc9df6e9eed8059e4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 ++Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc ++Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e ++Ctrl.type = type:E ++Output = b07884f15910c6a083143ef9bda115d05c9e4c4057c1987c4f78a1b6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 ++Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc ++Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e ++Ctrl.type = type:F ++Output = f838da7b26311dbd529f742d901709229482cea9d7ac9f0c2cd14200 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 ++Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 ++Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 ++Ctrl.type = type:A ++Output = d8c60bf582892d2cd03956774614b9f1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 ++Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 ++Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 ++Ctrl.type = type:B ++Output = bac1bef6d6dd92de55bc174c9db77a54 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 ++Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 ++Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 ++Ctrl.type = type:C ++Output = bdf96d88d7ac4f0daa62d29948a5c891 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 ++Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 ++Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 ++Ctrl.type = type:D ++Output = ef0dbe568b4f3fbcb8b2665ed7ed0f8d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 ++Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 ++Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 ++Ctrl.type = type:E ++Output = 315d50a1b29f9d556c983432b98bf437893c1a892cf69880353d9797 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 ++Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 ++Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 ++Ctrl.type = type:F ++Output = 612e3ac6651f9c7d99c532da0820f079292d9b33d36b684198665f5e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b ++Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a ++Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f ++Ctrl.type = type:A ++Output = e0d36ac1de6cc8514d25ff824bfaaa37 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b ++Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a ++Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f ++Ctrl.type = type:B ++Output = 58c896b4d1a9507e7da2234a1a538d78 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b ++Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a ++Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f ++Ctrl.type = type:C ++Output = 5966df5cb582234585b4c4312318f829 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b ++Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a ++Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f ++Ctrl.type = type:D ++Output = 40d8bdab78c9dac2b2d14d1c8bd41405 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b ++Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a ++Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f ++Ctrl.type = type:E ++Output = 1af4707570794ff6c718c817ccb9fca5edf22a3a8d493a861633fb7a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b ++Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a ++Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f ++Ctrl.type = type:F ++Output = 4e6edd5d86f0a3b92595fb2d4f0f9b0f0ed1e850c84014224270bcbc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 ++Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 ++Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d ++Ctrl.type = type:A ++Output = d30b7efda77a1008d78487fb1c9df511 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 ++Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 ++Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d ++Ctrl.type = type:B ++Output = 498b3d9f14446a028d1aed8bc4748e34 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 ++Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 ++Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d ++Ctrl.type = type:C ++Output = f4909273c39ef8819b353cde80f57cc9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 ++Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 ++Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d ++Ctrl.type = type:D ++Output = b31337a6ecd02f4beb9bf4af12ea4e11 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 ++Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 ++Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d ++Ctrl.type = type:E ++Output = 6f3da7bb4b64ad3e1171083a62eca5e755563e639594b848243760d8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 ++Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 ++Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d ++Ctrl.type = type:F ++Output = e88506aa4a4ffa33675c4a296abf91e24450a496e56f8465e9a7525c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 ++Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 ++Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c ++Ctrl.type = type:A ++Output = c5cbb653102d99457c33c88921b5dbe4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 ++Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 ++Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c ++Ctrl.type = type:B ++Output = dd9b1c786c7f739832629f7666e4e21e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 ++Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 ++Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c ++Ctrl.type = type:C ++Output = c33d08d706ffac1811f157526b08086f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 ++Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 ++Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c ++Ctrl.type = type:D ++Output = 5750b617b71a239d99fc412796f6d986 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 ++Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 ++Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c ++Ctrl.type = type:E ++Output = 4c2edee4688119e17723fede94d81c141cb2dd632dde5e223fcd12c2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 ++Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 ++Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c ++Ctrl.type = type:F ++Output = b48103cd81397bed3bf618b2ef30a44ea806b0ad07aa098a8a33273e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de ++Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 ++Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba ++Ctrl.type = type:A ++Output = c8bc1d232edd620e0282af630d596a6c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de ++Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 ++Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba ++Ctrl.type = type:B ++Output = 6a90269aab1a3e3612eec97a45db11e1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de ++Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 ++Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba ++Ctrl.type = type:C ++Output = ebb8a6227e789d33fa072355cb2851ac ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de ++Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 ++Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba ++Ctrl.type = type:D ++Output = 9662ff73b11bd2978ffceb7545f6054e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de ++Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 ++Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba ++Ctrl.type = type:E ++Output = 9eb35f9a8a6155b81b8dda117f5d631cc4eddea4b4912147513bc4ec ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de ++Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 ++Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba ++Ctrl.type = type:F ++Output = 3e137e015973e21c37a8de81cc812683d506fc35699114b31c06797e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 ++Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 ++Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e ++Ctrl.type = type:A ++Output = cc22a730c15abf9628f749fac9d3f935 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 ++Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 ++Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e ++Ctrl.type = type:B ++Output = 188c477061a597384b1d1e417dc04f7d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 ++Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 ++Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e ++Ctrl.type = type:C ++Output = b309760dd9f0d65c6edcdee3a3457c33 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 ++Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 ++Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e ++Ctrl.type = type:D ++Output = 1b8674f603a78f16fb979d6db70f6795 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 ++Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 ++Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e ++Ctrl.type = type:E ++Output = d881ac0cf62ecff2eb7d3c8284cfd4b95e003c435f6a3121ab0c65b0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 ++Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 ++Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e ++Ctrl.type = type:F ++Output = 9a7560e7976c7fb0153fc94e51a7dead3b7f8954d1efa7ed6be77858 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 ++Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd ++Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c ++Ctrl.type = type:A ++Output = b842e2900a8c1f7d7c3fa465d46142fa ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 ++Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd ++Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c ++Ctrl.type = type:B ++Output = 5e96f771c176fafd18d4aa0bc07dc5d5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 ++Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd ++Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c ++Ctrl.type = type:C ++Output = fe5fca0a03e6f8ac95ba4e882c64fb8c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 ++Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd ++Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c ++Ctrl.type = type:D ++Output = b952b4e6f2010ebdac7ee10adb90f9ef ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 ++Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd ++Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c ++Ctrl.type = type:E ++Output = 819db930507c1f8e1617dc74e78de9f4abb02b7089d764cb20d14c56 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 ++Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd ++Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c ++Ctrl.type = type:F ++Output = 79be1ec6ce722e98bca50a25bbca581318b6227c9fd346d67602958f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 ++Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 ++Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c ++Ctrl.type = type:A ++Output = 4d40be7041ac4c74d56d53855fead94f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 ++Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 ++Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c ++Ctrl.type = type:B ++Output = 501781a04c919226a9e2dd6d7a880568 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 ++Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 ++Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c ++Ctrl.type = type:C ++Output = fe183f0e31d4bf9ebc9364e19e422385 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 ++Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 ++Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c ++Ctrl.type = type:D ++Output = f12c0da703e5bedb2921a0e1795eb62f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 ++Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 ++Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c ++Ctrl.type = type:E ++Output = 1d34b1ae23af48c25db971fe0f95c2fdb4e269ca435b90e0e22ee720 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 ++Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 ++Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c ++Ctrl.type = type:F ++Output = b77dce4e2211c8e2b4fba841ba45d7f136323999ed9a4d306fa411a8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e ++Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.type = type:A ++Output = 41ff2ead1683f1e6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e ++Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.type = type:B ++Output = e619ecfd9edb50cd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e ++Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.type = type:C ++Output = 4a6314d2f7511bf88fad39fb6892f3f218cafd530e72fe43 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e ++Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.type = type:D ++Output = 084c15fb7f99c65ff134eeb407cee5d540c341dea45a42a5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e ++Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.type = type:E ++Output = 41ec5a94fecce7707ea156a6ad29239a891621adacbedb8be70675008d6f9274 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e ++Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.type = type:F ++Output = 47d3c20aba60981e47b30533623613ff1cacbcf1642fb4ad86ee712f2aed9af8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f ++Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 ++Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed ++Ctrl.type = type:A ++Output = 99bae6531508705f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f ++Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 ++Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed ++Ctrl.type = type:B ++Output = f25786f02f199737 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f ++Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 ++Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed ++Ctrl.type = type:C ++Output = 97621bf882266f905da78cf193fc31f642acbb60957c41b7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f ++Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 ++Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed ++Ctrl.type = type:D ++Output = ad98a86a2386280912efea50f790e800a7758f7dade5d77e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f ++Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 ++Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed ++Ctrl.type = type:E ++Output = f92d052d3cdf34dfc69bc60a489c3a3553f4356596c191931d08fa20551273b3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f ++Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 ++Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed ++Ctrl.type = type:F ++Output = 147a771445123f846d8ae514d7ff9b3c93b2bceb7c7c9500942161b8e2d0110f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 ++Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 ++Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 ++Ctrl.type = type:A ++Output = 93da642974d71e52 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 ++Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 ++Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 ++Ctrl.type = type:B ++Output = df2035ad67457151 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 ++Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 ++Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 ++Ctrl.type = type:C ++Output = 42067bb0535da6701232a0f39ac7f436535af346c4786af5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 ++Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 ++Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 ++Ctrl.type = type:D ++Output = 08a0181a6c373d39540409dafb1b4e2359bc249af33bcfe0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 ++Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 ++Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 ++Ctrl.type = type:E ++Output = c043b5aece7cd2685c6dfb3788d7a562d6622d20f6d7e07b38aeb47c649dd99c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 ++Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 ++Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 ++Ctrl.type = type:F ++Output = cbe67a93ac758d9f2a6ff580bad5a44bb1a1062c9e20d5c974decb7aa2b0faa0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c ++Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 ++Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 ++Ctrl.type = type:A ++Output = 320e807fab2b10f0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c ++Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 ++Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 ++Ctrl.type = type:B ++Output = 7b8f91be4dcd59b1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c ++Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 ++Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 ++Ctrl.type = type:C ++Output = dec6e67a94b3ddfcd32a24d6026c6951d00b6f4402d32c1a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c ++Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 ++Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 ++Ctrl.type = type:D ++Output = 2ef3cea4588ad928ac3e8874f3e1f613f2d50787495acc32 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c ++Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 ++Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 ++Ctrl.type = type:E ++Output = 72f93537328eebeec1b5ca88fedb41bf4d9c6279e4fe8d13c38da72a39739ed8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c ++Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 ++Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 ++Ctrl.type = type:F ++Output = 55dcf2c322b9c94686edbf9314d7c93bd9651e2ebc64f1a299d7176577d65b32 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 ++Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 ++Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e ++Ctrl.type = type:A ++Output = f4dbc41aa23e1621 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 ++Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 ++Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e ++Ctrl.type = type:B ++Output = e53b40c511180817 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 ++Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 ++Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e ++Ctrl.type = type:C ++Output = 70fed9412989cf5de908ad429cb92065fd5ccc081477abba ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 ++Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 ++Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e ++Ctrl.type = type:D ++Output = 3afdb0b4b4bc13e8731bb92e541b7d82a0b20d8878ce184b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 ++Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 ++Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e ++Ctrl.type = type:E ++Output = 59937f257aeef0806038543ced541990e5c2243881818edf2c522a54b64e9e93 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 ++Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 ++Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e ++Ctrl.type = type:F ++Output = 187532105293274b841918e3ab51f5dd0453d4331e85f4e06b775dbce4979cdd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 ++Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 ++Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 ++Ctrl.type = type:A ++Output = 3cc220d5bb9b5346 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 ++Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 ++Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 ++Ctrl.type = type:B ++Output = 051e3c79aede7e41 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 ++Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 ++Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 ++Ctrl.type = type:C ++Output = 44c2b4725965ee9a2bce58d38e2e9a778263c415b21a25be ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 ++Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 ++Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 ++Ctrl.type = type:D ++Output = d5de7a801956b934d820f9aa51bf1dae2a7aec7ce5ce4e50 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 ++Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 ++Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 ++Ctrl.type = type:E ++Output = 7d2039a6505e3220535fde0ff71464f3971580f50711356760b225fc3053fc19 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 ++Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 ++Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 ++Ctrl.type = type:F ++Output = b0972348a031ef2e87d42611e53cf0c4782d759ecdcc1390318eb11e1925ac35 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 ++Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 ++Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 ++Ctrl.type = type:A ++Output = cdb047beecd92d84 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 ++Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 ++Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 ++Ctrl.type = type:B ++Output = ef378e894d8f675e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 ++Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 ++Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 ++Ctrl.type = type:C ++Output = 23ee42a437801e87348b3999bde76147a8731e318db57752 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 ++Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 ++Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 ++Ctrl.type = type:D ++Output = a3f50e3d14498f15e1f111cc929648011d6abfb58e90df1c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 ++Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 ++Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 ++Ctrl.type = type:E ++Output = fb6a020561e46e521344cb671a50175afd63ded91eedaa1b2879c3a63761674d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 ++Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 ++Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 ++Ctrl.type = type:F ++Output = 567a79e7c4b10d62a420ce2ea740661c08d9459ed636ecb4edebcedb17b0baba ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 ++Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df ++Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 ++Ctrl.type = type:A ++Output = 1f9e7ad5592ac73d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 ++Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df ++Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 ++Ctrl.type = type:B ++Output = 15b254fe3510dd77 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 ++Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df ++Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 ++Ctrl.type = type:C ++Output = 88eadd5802e1a748284684438eb1b1bdc9b20ea30c59950d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 ++Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df ++Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 ++Ctrl.type = type:D ++Output = 277c2c4ad3d4a3bec4bdc5329bb5f9d4e39aa06b1e115e77 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 ++Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df ++Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 ++Ctrl.type = type:E ++Output = 090d2f273a690ed1d67dd9919c34385b18a661f8657b84bef6832f2396771979 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 ++Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df ++Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 ++Ctrl.type = type:F ++Output = 1f3082fa5ac8ec565595c4c5b8a7ddbba88ed4936fca913bba6a8715dc856f30 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 ++Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 ++Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 ++Ctrl.type = type:A ++Output = 3aa08d67c81310b7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 ++Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 ++Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 ++Ctrl.type = type:B ++Output = cf46596878a17a87 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 ++Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 ++Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 ++Ctrl.type = type:C ++Output = 871db438b8b33c2102ddab0c1f7be51ee4c2cbdf52a01a58 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 ++Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 ++Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 ++Ctrl.type = type:D ++Output = 04ac13599b84c22be0f1e5f7b96def31598e6ad36be412e8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 ++Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 ++Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 ++Ctrl.type = type:E ++Output = f00c83a8afb5d1793749d4aae825b80e67ccd7f67e08f572222ccf42126ea2f0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 ++Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 ++Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 ++Ctrl.type = type:F ++Output = df0570749d67136095b0dda6d461676b7eeb9a386f126306d436cab16dfd1b3c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 ++Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f ++Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 ++Ctrl.type = type:A ++Output = fad800cbf8975a01 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 ++Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f ++Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 ++Ctrl.type = type:B ++Output = 679a118bda1f15a9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 ++Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f ++Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 ++Ctrl.type = type:C ++Output = 5193e9b3b10b7939b79b967b98e6cf3396758eaf8263edf2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 ++Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f ++Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 ++Ctrl.type = type:D ++Output = 3f5de8bec6d737836d3a91480ac76c19d0a90bc146f02d5c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 ++Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f ++Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 ++Ctrl.type = type:E ++Output = ce7be4fffd0ffd09ff45889d10c7be0edf922422d01cb71b737c6149bb1a2d05 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 ++Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f ++Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 ++Ctrl.type = type:F ++Output = 60f413c9bcc42dcf0acc53d513dd8bc703f7e5d668f4e043f13028dcf40880b2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 ++Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.type = type:A ++Output = 81f0330ef6f05361b3823bfded6e1de9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 ++Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.type = type:B ++Output = 3f6fd2065eeb2b0b1d93195a1fed48a5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 ++Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.type = type:C ++Output = c35471034e6fd6547613178e23435f21 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 ++Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.type = type:D ++Output = 7e9d79032090d99f98b015634dd9f462 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 ++Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.type = type:E ++Output = 24ee559ad7ce712b685d0b2271e443c17ab1d1dceb5a360569d25d5dc243002f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 ++Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.type = type:F ++Output = c3419c2b966235869d714ba5ac48ddb7d9e35c8c19aac73422337a373453607e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 ++Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 ++Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc ++Ctrl.type = type:A ++Output = 36730bae8de5cb98898d6b4a00b37058 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 ++Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 ++Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc ++Ctrl.type = type:B ++Output = 5dfe446a83f40e8358d28cb97df8f340 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 ++Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 ++Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc ++Ctrl.type = type:C ++Output = 495b7afed0872b761437728e9e94e2b8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 ++Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 ++Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc ++Ctrl.type = type:D ++Output = c1474b3925bec36f0b7f6cc698e949c8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 ++Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 ++Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc ++Ctrl.type = type:E ++Output = b730f8df6a0697645be261169486c32a11612229276cbac5d8b3669afb2e4262 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 ++Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 ++Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc ++Ctrl.type = type:F ++Output = 14a5ea98245fb058978b82a3cb092b1cca7ce0109a4f98c16e1529579d58b819 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc ++Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 ++Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 ++Ctrl.type = type:A ++Output = 32d20a3f5e92b20fe100f4f41a1ad53c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc ++Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 ++Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 ++Ctrl.type = type:B ++Output = c3a3ff57f99187ba011fd422100af577 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc ++Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 ++Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 ++Ctrl.type = type:C ++Output = 8517903c49d5a59ad8ef7cd8591c6b5e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc ++Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 ++Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 ++Ctrl.type = type:D ++Output = a5ad201101a617f1cd5b3a2baa3b27f7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc ++Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 ++Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 ++Ctrl.type = type:E ++Output = 16747a23fddd72f785c5d61dfb81a5a38555f5d8ff1dc5ae4fb423b82adfe05b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc ++Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 ++Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 ++Ctrl.type = type:F ++Output = b1b1bba896b0fd75a90187eae6cdf744d23884caa5f4ca979ced327ca1239771 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 ++Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 ++Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d ++Ctrl.type = type:A ++Output = b5c636c93e002f1fac0b78eb423d92cf ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 ++Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 ++Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d ++Ctrl.type = type:B ++Output = 64d82bef35e924abf030fe42cda10e81 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 ++Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 ++Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d ++Ctrl.type = type:C ++Output = 76a1b8b85d0ea49c68f30d7448155901 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 ++Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 ++Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d ++Ctrl.type = type:D ++Output = f136e09324b1ef12b92bf35d5b3dd8e2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 ++Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 ++Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d ++Ctrl.type = type:E ++Output = 77abc45165b126f9127d59fbe655140cd3f768cd0498c29aa69cb5d65f7b0d50 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 ++Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 ++Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d ++Ctrl.type = type:F ++Output = d43f93faf692f59bc96fd480fb336033c94ee237ceece69691ffaa64bdd7fcc1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 ++Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 ++Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 ++Ctrl.type = type:A ++Output = 3b3c4416d3121a6838dd3f94a84b6ec6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 ++Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 ++Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 ++Ctrl.type = type:B ++Output = e0af22a9184e5cea74f3e90faf5212ba ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 ++Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 ++Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 ++Ctrl.type = type:C ++Output = a3a7a9e48cc09a927e2d6eddd7647368 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 ++Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 ++Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 ++Ctrl.type = type:D ++Output = b9411d2870e885e223a6b414ae6ac813 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 ++Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 ++Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 ++Ctrl.type = type:E ++Output = 7f11812c28229fd8e39367b8885045313fea6322f22a69b6436caa4fb6c2d915 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 ++Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 ++Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 ++Ctrl.type = type:F ++Output = 4fc39e2a1e7038f2664a48986e8227c213e577eafea082f46cb08d087e642fe4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b ++Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 ++Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 ++Ctrl.type = type:A ++Output = b71bd280b230b6fb9b326a3544ab9c90 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b ++Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 ++Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 ++Ctrl.type = type:B ++Output = ca38c1b5940e1417fb8caa6ab6deaf18 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b ++Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 ++Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 ++Ctrl.type = type:C ++Output = 5d02347e16760101a3689bf0087ed947 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b ++Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 ++Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 ++Ctrl.type = type:D ++Output = 2fb5e0eb5552f7e26ad9651bd22f1666 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b ++Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 ++Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 ++Ctrl.type = type:E ++Output = b7b7c4292a73e7d378284b12b318e0cd3ad714904b4ef9c83d44ee06ff49b1e1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b ++Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 ++Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 ++Ctrl.type = type:F ++Output = c9884e71b158f2255fb204733e888bc5b2ee38a5493de9d0ef6700949159ac6a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc ++Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 ++Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a ++Ctrl.type = type:A ++Output = 88af3bdb49bd8e9d24489efc95dea1c1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc ++Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 ++Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a ++Ctrl.type = type:B ++Output = 5cf41e1d43f797c16a30e070f2f37dd4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc ++Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 ++Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a ++Ctrl.type = type:C ++Output = 7cc48e0f8b4bdd63f76e41ba411d7f37 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc ++Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 ++Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a ++Ctrl.type = type:D ++Output = 37d942416267be06cd1ff9498dcf1e6e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc ++Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 ++Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a ++Ctrl.type = type:E ++Output = c3c8b48e228a3a671ae8c48aa4e4f1fe32c1ad4d5ae48c904836d13e7350f72e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc ++Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 ++Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a ++Ctrl.type = type:F ++Output = 605f7d3b3f28a8967402ba67ff916a61b0a4e9b736665c5e911fb33f60dc16fe ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 ++Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 ++Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 ++Ctrl.type = type:A ++Output = 7b91adc6eb48a6f82a8990efd2537903 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 ++Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 ++Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 ++Ctrl.type = type:B ++Output = 814c8fb54a535b38d4c2301aa49ad702 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 ++Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 ++Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 ++Ctrl.type = type:C ++Output = 3ec64c8571c7c7f39a9f37c0e1053324 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 ++Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 ++Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 ++Ctrl.type = type:D ++Output = 846d40dc45123f2710e27bd3140070c8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 ++Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 ++Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 ++Ctrl.type = type:E ++Output = c2199b9bd701c2f4ee82a145adc28f3e8fac0af8dd43cb7f3da173681bcad2e0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 ++Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 ++Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 ++Ctrl.type = type:F ++Output = 49f5fb8862a4f01900f9f76d6146f181483428beadb000d4f5097adf59c5eb99 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad ++Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 ++Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 ++Ctrl.type = type:A ++Output = 50afb2f3b8a3bc466b3a68f04da0d56c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad ++Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 ++Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 ++Ctrl.type = type:B ++Output = b8672a8cc59ee1316fb9a2c0a82ffd73 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad ++Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 ++Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 ++Ctrl.type = type:C ++Output = d854cbdb8f7544b796f982e4973d4de9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad ++Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 ++Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 ++Ctrl.type = type:D ++Output = bd6bde82c451ee39069d0794f7000f38 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad ++Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 ++Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 ++Ctrl.type = type:E ++Output = 270794ec70fcd9d742aad66c54001b4c218ae8cca813453560a9aeaacc6909ec ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad ++Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 ++Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 ++Ctrl.type = type:F ++Output = e967df7571a0eb82f59ddfead22c617beeefa25ce4afd80ac8320bc2635c70d0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 ++Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 ++Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 ++Ctrl.type = type:A ++Output = ebb3d10f461d8697a064461822f34507 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 ++Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 ++Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 ++Ctrl.type = type:B ++Output = bb95f9cbed695529fd7977281332100b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 ++Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 ++Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 ++Ctrl.type = type:C ++Output = da1318a6a34224cc86c9afa41991db4b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 ++Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 ++Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 ++Ctrl.type = type:D ++Output = 091f8fa87a01c5768de8d663ba8bf9d7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 ++Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 ++Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 ++Ctrl.type = type:E ++Output = cc09127a759000f3bd9724fbf5285cd680ee323ffc19cf2f495403f896587317 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 ++Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 ++Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 ++Ctrl.type = type:F ++Output = a3ceddafc49f7c0131ce2965945c3892be6605b465877bc0637685612ede242b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 ++Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.type = type:A ++Output = d31c16f67b17bc69 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 ++Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.type = type:B ++Output = 675340f27269e7ae ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 ++Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.type = type:C ++Output = 2ffed577a90d29872ea59f3782c3b406908d7394ff63c9d7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 ++Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.type = type:D ++Output = fae751987c1fa8665e4387e410297db58ff69b260a8fe85f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 ++Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.type = type:E ++Output = ff2db5975edf3824325b257455791869434c6af47fb0c8145253c2695abfd2b8c980565ad20e6b9313ba44ee488bafb0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 ++Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.type = type:F ++Output = 85a9463cd653c7619d4dc85006406d6ed3364220419ca13810301be0f0389d932ddeaebb0e504a0849e2e73a7d087db2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b ++Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e ++Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 ++Ctrl.type = type:A ++Output = 93323451441b761f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b ++Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e ++Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 ++Ctrl.type = type:B ++Output = 3dbfdc2364807ecc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b ++Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e ++Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 ++Ctrl.type = type:C ++Output = c699e3488f825fb24c5e2adc699ec83a5d8fce339fa0e9b0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b ++Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e ++Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 ++Ctrl.type = type:D ++Output = a250b13da0716f2d4440cc4cac01a2d591002ebfaada9758 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b ++Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e ++Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 ++Ctrl.type = type:E ++Output = 76966a1b7d5f250eea3696077a373b9421e8294dd7cb0aedd172cf9c6879ef34c9deb9c208f11c5d4b6fd713b576894d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b ++Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e ++Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 ++Ctrl.type = type:F ++Output = 28a66e21fe7f8a070fe40ecf68a64f2a35a46b84ac38810902639906611053832179d5c07a8422993496059af67f585f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a ++Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 ++Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 ++Ctrl.type = type:A ++Output = b0db344b1e2e98d3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a ++Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 ++Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 ++Ctrl.type = type:B ++Output = 29fcd6a7d317f527 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a ++Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 ++Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 ++Ctrl.type = type:C ++Output = 156f9d4c58d7783959e785af3fefb133662009b93891bff7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a ++Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 ++Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 ++Ctrl.type = type:D ++Output = c4bc4471e2c7f04dbef9100977e222f4156a7118a122f6cd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a ++Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 ++Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 ++Ctrl.type = type:E ++Output = 5878fdbf693638430e31b287ad8cfab560d952d7a828167bd0454e0c8aa14274c7c0c1921a31575f77fd80144e6d2999 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a ++Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 ++Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 ++Ctrl.type = type:F ++Output = 1fdb34ae9d2f12363350dd5aeefe728066500a083668ac2d48af671d7651a67acdf9b7a0581b922e67278d53f0b2fb17 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 ++Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 ++Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e ++Ctrl.type = type:A ++Output = c828150149eb433a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 ++Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 ++Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e ++Ctrl.type = type:B ++Output = 45636e088875de58 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 ++Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 ++Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e ++Ctrl.type = type:C ++Output = 75da9408e65f61dac9dafa496675214b0d84b0e66feb68fe ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 ++Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 ++Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e ++Ctrl.type = type:D ++Output = cb7897fdeb2c235be5812d1959cb55907ff02a9cf6c76c17 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 ++Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 ++Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e ++Ctrl.type = type:E ++Output = 13a8062561c28c1bc678a019b22da95aa462f82cfff6268876ffe2fddc86536fa4d19bdc15d90c1cff4d37e69f1fc021 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 ++Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 ++Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e ++Ctrl.type = type:F ++Output = 69437ec44d764caeb89faebf7b8577b433677abcb0c58f166a5e5724a4eb293d335004d412c983d4c7aca4df1b8328fd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 ++Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b ++Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a ++Ctrl.type = type:A ++Output = b669e05aa9706468 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 ++Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b ++Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a ++Ctrl.type = type:B ++Output = 57f943111ca01b15 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 ++Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b ++Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a ++Ctrl.type = type:C ++Output = e9aa354b6b85f357d6f982fcc18a6ca797bd7a125e786f8a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 ++Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b ++Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a ++Ctrl.type = type:D ++Output = 199d2b244689bfc4f807f225a7130a069c8a181f5b20d32a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 ++Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b ++Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a ++Ctrl.type = type:E ++Output = 69b55cc82d0429979a3832a3be35483596ff1d26a0c1a62944695764f0eb85c3467528be225db2f516e79f23c0c7c23c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 ++Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b ++Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a ++Ctrl.type = type:F ++Output = 6e06df643269751dfc9c8decefe466e1ab2ab99466661aa6f0dfab223c3b9bebcaed4c19cbc4109dfacda81cc8f902eb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 ++Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 ++Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b ++Ctrl.type = type:A ++Output = b2ada53484907db5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 ++Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 ++Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b ++Ctrl.type = type:B ++Output = 89224486fcb33030 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 ++Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 ++Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b ++Ctrl.type = type:C ++Output = 38ccc00303d5aaf748f3c11d986b99f9bf36049a6f7ea92f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 ++Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 ++Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b ++Ctrl.type = type:D ++Output = f8a7a4b2e1d28c6a38e120a2cb876ed49f454ea2aabc3a99 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 ++Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 ++Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b ++Ctrl.type = type:E ++Output = 9f42ab15d0b041019960ff6a5a12e209c427dc334434126399fb8850ec8feda957b74f1976b4c8a97906d7d64c5c2a83 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 ++Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 ++Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b ++Ctrl.type = type:F ++Output = d383bedd3b80ddc470db9b819893e85dfab9e359e40bc77576e23ed8c5e73beecefb511ccdf1eb66416c271be5f90199 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 ++Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 ++Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 ++Ctrl.type = type:A ++Output = bac9e6c9553bba95 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 ++Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 ++Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 ++Ctrl.type = type:B ++Output = f29bdc017028a9ca ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 ++Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 ++Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 ++Ctrl.type = type:C ++Output = 840f7e966d633f57bf6cfb3e6aa6bb1435bbea5822c9db0c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 ++Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 ++Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 ++Ctrl.type = type:D ++Output = f78b485e49bf72584e45de78fbd75392e3e0b1ce2a57e7a3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 ++Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 ++Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 ++Ctrl.type = type:E ++Output = 9dcadff513667aee5e2fda86c4a198db4252a9311635d3659db957570e448f3689444dd3e10d6097a07dba923db349ba ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 ++Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 ++Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 ++Ctrl.type = type:F ++Output = 5e7915ea90a0d81e3c2ada00c85890b6defbb64f45ac4f0e75b22cf6187978e630f356207c97362862389a1ef99fb51a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd ++Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e ++Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 ++Ctrl.type = type:A ++Output = 11811427eaa92d61 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd ++Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e ++Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 ++Ctrl.type = type:B ++Output = c13f22e0bd66a551 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd ++Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e ++Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 ++Ctrl.type = type:C ++Output = 2b9c9c8ecae95d75472495363ca2d46dc79babdb2e0fda40 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd ++Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e ++Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 ++Ctrl.type = type:D ++Output = f466d9b9871c1482c699a5d9f8636a041adb60920c6af855 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd ++Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e ++Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 ++Ctrl.type = type:E ++Output = 1ecda0252461bd08960c54ba7c570e80715780e5e99ca0f754a3d451409ed2df928daab91ed6b4044fcc68bd5f907c96 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd ++Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e ++Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 ++Ctrl.type = type:F ++Output = 202e4e3dda18306c7fa518ea849cf3a4788dbc5305f71267ba69fe8920d3b18d9fc59853a4d03b18480269698e24c190 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 ++Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 ++Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 ++Ctrl.type = type:A ++Output = 86183fd862bf42af ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 ++Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 ++Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 ++Ctrl.type = type:B ++Output = 04e146b085c71253 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 ++Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 ++Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 ++Ctrl.type = type:C ++Output = c4364d4e0e38fe4c5fc2b2a3ad42e49a57106ffa962f4c5e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 ++Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 ++Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 ++Ctrl.type = type:D ++Output = b9d1549032bf336c8708f13d8f5d281d696b8bddc296e709 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 ++Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 ++Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 ++Ctrl.type = type:E ++Output = c7ee72c40b26fce673ff23edea3265dfeb7b7f6fd66362bbc91548fac1819a08682c65c7d69d5e54e1c48b05e7233adc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 ++Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 ++Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 ++Ctrl.type = type:F ++Output = 8b52078a6d45dfaa051193da8f9c8a18bfd0c058e7be145d0c4b5b677eec54a01f9e2a20c997e9c0a1ede9576800cfe5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 ++Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 ++Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 ++Ctrl.type = type:A ++Output = 54f4be4a33dfa102 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 ++Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 ++Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 ++Ctrl.type = type:B ++Output = bbb084483803aab4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 ++Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 ++Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 ++Ctrl.type = type:C ++Output = 466a038b3a5c0d72cf19cf33e5a551437933dad54bfed655 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 ++Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 ++Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 ++Ctrl.type = type:D ++Output = 44e09698e473edc642256e99bfbfbeab1db3e254d64a3ab7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 ++Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 ++Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 ++Ctrl.type = type:E ++Output = 8e35d767e738c4282ec1925ba5d59dad723b7220c10ae8b69c9eb3da124ac1bea8195f5ecc1c3b03953938cd1e0e190b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 ++Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 ++Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 ++Ctrl.type = type:F ++Output = 63e5c62c4e6f2700bfa5927ca2e730101c12a684808ddd6cf5f9da2bad3b49ba3d05d4f88a3a91f341ad2b63952e7db0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a ++Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.type = type:A ++Output = e46fdb8c912658c34b7d509f6acc1111 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a ++Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.type = type:B ++Output = 959c339aaff2e2ed46da46c5286ddf3b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a ++Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.type = type:C ++Output = a1cb0f9c7349d6443494df14b4bd9aad ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a ++Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.type = type:D ++Output = cdcd2c2ccbda238e184058b76757ed5d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a ++Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.type = type:E ++Output = 026ae927b4a5b63a513c02faac55534dae5c219779f08e239f67df78c52be743aab628607e5a103127450ea51833eb84 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a ++Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.type = type:F ++Output = 759fd6bd386f4825e644521edfce4187a7104ea7380f2c6c5e283f205c7c025be46c5ee73bc54a956f268c2031026bf6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db ++Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 ++Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 ++Ctrl.type = type:A ++Output = a433ac21ceda36a9d98abec722b2a5e7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db ++Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 ++Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 ++Ctrl.type = type:B ++Output = ed580c2c7890d5f3da87870d71d96300 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db ++Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 ++Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 ++Ctrl.type = type:C ++Output = b310304108476a31154febce2bfcf44e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db ++Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 ++Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 ++Ctrl.type = type:D ++Output = 63d729b0e32d9d7efe7efdc6111489b7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db ++Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 ++Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 ++Ctrl.type = type:E ++Output = 7443a278e0c47e4004ba1c534dfa5c460670d2dd4459a6dc7251664da187f633208f6c06470f6aed6148820187f35a25 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db ++Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 ++Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 ++Ctrl.type = type:F ++Output = 37500b699935ab38b9185018d3676f221dcd6643ba4cf3dccf8ede7ba2f0513c27ad2324158ae98df4e7fb52ffb96526 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e ++Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a ++Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd ++Ctrl.type = type:A ++Output = 8ad38b03467ef0cac638f93b156e1c05 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e ++Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a ++Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd ++Ctrl.type = type:B ++Output = c9a867164cad7619621c2390039db88f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e ++Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a ++Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd ++Ctrl.type = type:C ++Output = 28d6e6a69e686b3b2ca02c7595b6a565 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e ++Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a ++Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd ++Ctrl.type = type:D ++Output = a3486f9014731b15530dba7498d4b2ff ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e ++Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a ++Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd ++Ctrl.type = type:E ++Output = 9640b7d6c1351a44dcd430f9728083949adbd8f3c47f1c7358b41d99730f0eeef9f8634cc99207b8d998c8aeb0085e4c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e ++Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a ++Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd ++Ctrl.type = type:F ++Output = cef923f7cbc47534d9a6da613eea02117b19800995f66df9e49291203ad15e5d29cc08df86200bf09ca091b37cc45432 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b ++Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 ++Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 ++Ctrl.type = type:A ++Output = 1e2fd838058e4569de0699e57eb9bb30 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b ++Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 ++Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 ++Ctrl.type = type:B ++Output = d338052b2288e99bfdd16b5df26e3d3c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b ++Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 ++Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 ++Ctrl.type = type:C ++Output = 020c58037db045fc2a20a9b12e34205d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b ++Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 ++Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 ++Ctrl.type = type:D ++Output = b1e7b4361aaea7f9656151723c21b9a2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b ++Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 ++Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 ++Ctrl.type = type:E ++Output = 67d80666ba420d07153530859fed5a3a2f4b6decd37575714d4826f41a96a1638b89399cdd752af7f6ffd3db0214f0c1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b ++Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 ++Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 ++Ctrl.type = type:F ++Output = c3fb2ab670e39885cbb98a4609d69a90afd37d383512ad222d63c9c6f1009e2a42065a232ab5b39f55247f8bf9e6ab2c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 ++Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 ++Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 ++Ctrl.type = type:A ++Output = 6e9bb7681d56457fd93aea6d40860dd9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 ++Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 ++Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 ++Ctrl.type = type:B ++Output = 5d19ce6c6b16c5f2179753a7abdff3e4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 ++Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 ++Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 ++Ctrl.type = type:C ++Output = c550416e8ea0608a09051cfffe0494e7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 ++Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 ++Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 ++Ctrl.type = type:D ++Output = 33c9f3f03de395cef067684cb5b95200 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 ++Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 ++Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 ++Ctrl.type = type:E ++Output = 99071b0615bdec08d040e731828028fac9a16d367b86d2d1302b607cd39ac9678ae7f9f87eb619fe2ba75d54da3b07d1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 ++Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 ++Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 ++Ctrl.type = type:F ++Output = a11fc539c46d9314645e1f7517e19794a6ba4bf7d7d5a6f71bcb4621bfdedeae3bbcaa62fb638d994d1f21d14f5777d7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df ++Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 ++Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 ++Ctrl.type = type:A ++Output = 876692595fbf1239e03b1eb28890cedf ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df ++Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 ++Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 ++Ctrl.type = type:B ++Output = 438afd7eae8454675ed5964122fcbb9e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df ++Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 ++Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 ++Ctrl.type = type:C ++Output = b9cc0e2718c5853e0aebb43409fcaaef ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df ++Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 ++Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 ++Ctrl.type = type:D ++Output = 8def9f93e633ac2d28a7c5b76567a4cb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df ++Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 ++Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 ++Ctrl.type = type:E ++Output = 3d80ed20f0703857154bda8531b12b96cf73aedfc662df6faf277321be6e38c904bfbd5f9206607684ac331dfc92bbbb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df ++Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 ++Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 ++Ctrl.type = type:F ++Output = 736e77ad5a8fac835795ab08522d834e34a4cbc48439db2845cb1d8636a4dcfd49a7ac5413713a8177c277eead96a0ff ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 ++Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 ++Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 ++Ctrl.type = type:A ++Output = c84a4fcd4ade28805b032174428a6f27 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 ++Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 ++Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 ++Ctrl.type = type:B ++Output = 27b0de69f3bc7d79d2f6b54101f3e10f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 ++Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 ++Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 ++Ctrl.type = type:C ++Output = 3200c39e6ed260f4f345cbd0c88cac1a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 ++Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 ++Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 ++Ctrl.type = type:D ++Output = 7b9e506a1baede9b80dff09253a9ab88 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 ++Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 ++Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 ++Ctrl.type = type:E ++Output = 3c860ae21a5dab865eb560ed9ddf51775d3b6603e4e06285cf5e9273115a77d8d5ddfb977fd21c0a70c35798a5ef596e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 ++Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 ++Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 ++Ctrl.type = type:F ++Output = c53cfa0836ac21bb13c58ed15ddf593e8e01c7437587112ba013058d411d262d87a5e56c098b69146d9019803206ef91 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 ++Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc ++Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 ++Ctrl.type = type:A ++Output = e34b595f755ff42a33126d8efabe1ec0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 ++Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc ++Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 ++Ctrl.type = type:B ++Output = a873f52aa3b91a8dd019be8358c04de6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 ++Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc ++Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 ++Ctrl.type = type:C ++Output = fce5c490a769fbd4aa31b0f5c7aad86b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 ++Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc ++Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 ++Ctrl.type = type:D ++Output = d36a9b7d2c63675d2b250d5a97b0e628 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 ++Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc ++Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 ++Ctrl.type = type:E ++Output = 92c8f89f84575cebb9c37be3a488d0b0312a12d9253dbada7db1318f5a193d4f8f75a212a75c1123bca89d5de43cbf08 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 ++Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc ++Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 ++Ctrl.type = type:F ++Output = 16dcf1bd1aa4d5d6edc2d2b23792872f53767d6b2589e4700469a9bbbbb659c1c8716393fe1ed717833f491cd32d874b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa ++Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 ++Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 ++Ctrl.type = type:A ++Output = bbdc47242c877cc70585a5d9f0b8067d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa ++Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 ++Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 ++Ctrl.type = type:B ++Output = 6dcc6458af049a81a6d3139c2725f67d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa ++Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 ++Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 ++Ctrl.type = type:C ++Output = f788d0b9ea5373031d44972fad39d8e6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa ++Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 ++Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 ++Ctrl.type = type:D ++Output = e939b1367ea35c67ea990988c3c0c474 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa ++Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 ++Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 ++Ctrl.type = type:E ++Output = 069629f693b4d291ea6f16355eb4c57eef7824217d22651af095aadac27a789314fee4e86efa9bc63085a8ebfc606548 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa ++Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 ++Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 ++Ctrl.type = type:F ++Output = 731107905e3b9b36ba3dca504b35f1a51e75e2a3ee2595ade882c21410d439ec1ec31fbc62e64362a5fddc0f39e76da0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 ++Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 ++Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc ++Ctrl.type = type:A ++Output = 8e1af4ce3b9aa9f1e7493775f8846ac0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 ++Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 ++Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc ++Ctrl.type = type:B ++Output = 1796cee0aeb39eb1fbbaeaf15d600832 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 ++Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 ++Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc ++Ctrl.type = type:C ++Output = 7a7485045a2f8cc86f82c8486f8e9f59 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 ++Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 ++Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc ++Ctrl.type = type:D ++Output = 00a9d893e8c14aa3a316163d50d83378 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 ++Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 ++Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc ++Ctrl.type = type:E ++Output = 46133b1cbab3e04043a1b336db99575183d5be76f9d56556493a8d4a8da37a020ae379ff2d470a99ca7e9d2b1cf85cb4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 ++Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 ++Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc ++Ctrl.type = type:F ++Output = 9221abcc3db5a557cca60408e65528e937cc3673b548c350924cd9e6387de526f5cb35a0bbe4020c47318b59d1a0527d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd ++Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.type = type:A ++Output = 0e2693ade0524af8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd ++Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.type = type:B ++Output = b13144de02295bb8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd ++Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.type = type:C ++Output = 7e4a721fb7379ebb423306464d57db46afa3cca10a1d7feb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd ++Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.type = type:D ++Output = bb84123b1fac400e0df4767d78d011427e1edd4d4c934b95 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd ++Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.type = type:E ++Output = 00fb0a45c650dd9c95666b0c7fcea8c98f0562f61b862054ee400aec875dbbc2bdef4806c09217709a5050569312efe3af513e7aa733c72457abe1607ac01c13 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd ++Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.type = type:F ++Output = 70a8005e711fb96dea5991cb68831b9e86005821b45ceaf958c13d5c87cbd2953d0877c267796edf8c7fb3d768bb26b74e542f40bf9ac9f6a9d217077e85f511 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 ++Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 ++Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 ++Ctrl.type = type:A ++Output = c75c77791f7b67c2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 ++Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 ++Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 ++Ctrl.type = type:B ++Output = dae1e8bfab1b4b7e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 ++Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 ++Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 ++Ctrl.type = type:C ++Output = 0e79f5b685ebe77ae6d62c344a5dd0f53502523a28e2b408 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 ++Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 ++Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 ++Ctrl.type = type:D ++Output = c5ec1aae5d26c2c5fe769576eb1b75c53d3dc67d452dca1c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 ++Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 ++Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 ++Ctrl.type = type:E ++Output = 6bc4e5d6049c69a8ffbf93c7617b6a168bd0f14d71471d199b81729250117272ad102772761a8c0b5d5240e589e48a4f85ab8c3e1bd030327e7c87428ee44d13 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 ++Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 ++Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 ++Ctrl.type = type:F ++Output = ce109babe86778542856e3934be12decd239120a4dcb948a0154c4cb7b8ac0a4a3cbd682698086123e6c0481ee351bd9fedfba58d37f7814ba9c2b584f6cfedf ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 ++Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f ++Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 ++Ctrl.type = type:A ++Output = 6a71fc98f044591d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 ++Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f ++Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 ++Ctrl.type = type:B ++Output = 9f1a35a5c79014c0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 ++Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f ++Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 ++Ctrl.type = type:C ++Output = 377901cc72e4c06e30e27b03902f65c4a58b9d3f5cf43431 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 ++Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f ++Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 ++Ctrl.type = type:D ++Output = 82a9db94ea5c15dff736c3074a34951e828c8dfa3fef8596 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 ++Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f ++Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 ++Ctrl.type = type:E ++Output = b3ce0202c966df307a0729a4bb3fcd0ee55d4c521a144ecd285a470830f60685b2d751883d85ccd29fcc2481f3f442fdedd58d17528e8c4fb28473ee5e539706 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 ++Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f ++Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 ++Ctrl.type = type:F ++Output = c1ab7227f919cbda46cd6ac2bd4bb2ee5bd586cc55c7c1cb067df4c9a23209f716ff5e97ed76ebbc0354d683c5369937ca8db4cecf9e6c40886a186d9c4e2366 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 ++Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 ++Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 ++Ctrl.type = type:A ++Output = 3832bf21b907daa3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 ++Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 ++Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 ++Ctrl.type = type:B ++Output = 4e04d7787ba7fa68 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 ++Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 ++Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 ++Ctrl.type = type:C ++Output = d7be949edcfe4e4b877de1cc6a861fa721e137bf3dd1bb27 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 ++Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 ++Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 ++Ctrl.type = type:D ++Output = 5361fc87e24ec3031d97f0099766ac9ff7b8f91ea87666de ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 ++Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 ++Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 ++Ctrl.type = type:E ++Output = 40a6897606035ebb04907fa15e1545a8973b9b09423f3786be4bcb8db9e4561e0385bcf1e3c0cece5a788e9852ed1da56963f36bad78fede21405ce3ea92a3b8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 ++Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 ++Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 ++Ctrl.type = type:F ++Output = 727f9bade9334f97486f479c88614ce96b8cbc803a544fbfaf5fcaf0499a1b8edeb59daa1a824ca9b165879c63d9f0b6464bcd3121fb1ad29b38864fbaac7741 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f ++Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 ++Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 ++Ctrl.type = type:A ++Output = 3f077a02dc957eb1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f ++Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 ++Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 ++Ctrl.type = type:B ++Output = 3cc158e348e64a0a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f ++Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 ++Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 ++Ctrl.type = type:C ++Output = 8770fb6792c2fc16a60c9f45c8d40db684fe52de7c60b482 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f ++Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 ++Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 ++Ctrl.type = type:D ++Output = d417a07f1070a2e628424fa990ef436f137725a7cde43f1b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f ++Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 ++Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 ++Ctrl.type = type:E ++Output = 20b810e4f6a540724f269194e37969a10e340d45c557eabe72c41f08a9fad85ab44a9c362e7fc5eea9ed5dd9b84cc837d2aaa46ee71b355cb1dfefa8dc544d1e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f ++Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 ++Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 ++Ctrl.type = type:F ++Output = acd292ab652b49c7c2a5a35b93c31a71eeef8a629cbc6b1c782994ebc7566f7b0ae536cc0ccfe881bfd8cbfaff391fe23568fa5692198f188deff0c6d0808160 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 ++Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 ++Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 ++Ctrl.type = type:A ++Output = 7cf213cec41701ff ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 ++Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 ++Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 ++Ctrl.type = type:B ++Output = 81a44f6f95fff954 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 ++Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 ++Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 ++Ctrl.type = type:C ++Output = e1610d85ea2c24b4af18076c2d7dc0c3f3b3bf1c8df232a4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 ++Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 ++Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 ++Ctrl.type = type:D ++Output = db146cbf4923693449b857fa927d112f3c8bd1bac73f618a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 ++Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 ++Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 ++Ctrl.type = type:E ++Output = fac257f4544a0aa77659642c33a421cf27b2216a57399ff8ff48baab37519ce9c27f93bf447a02b3c10d9f9c6201745ed6ae28a13ff85e949e0e8048bf31e0c8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 ++Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 ++Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 ++Ctrl.type = type:F ++Output = 8532a1014a5a2feba5730823b0fb1781a7782a73f95a97697aedf60997e6cdf5107387be820b74c0e43e8caf42e83bbc703c6cd9d37b0e720aeacc115ce4633e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 ++Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 ++Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 ++Ctrl.type = type:A ++Output = c5dffc4eb99a1c36 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 ++Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 ++Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 ++Ctrl.type = type:B ++Output = 13cb7467ddf8ea7d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 ++Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 ++Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 ++Ctrl.type = type:C ++Output = 4d77a9a1a36500d9ea0389e3813a201fb9b30751d1fcf0b3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 ++Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 ++Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 ++Ctrl.type = type:D ++Output = a0e4ec099492c752b98013d2176af6e601eeef3cdc2029a9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 ++Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 ++Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 ++Ctrl.type = type:E ++Output = b4035effa78e6da307f4c096226150e5cab92794192bba492ff8576da3fdbbfdc87fbf79721de0e8f38647261dcad096fd536c4f724f09782a4b684902a4b979 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 ++Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 ++Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 ++Ctrl.type = type:F ++Output = eae8776eddb75cd4d14d2db129172bab92f0c8d2c8a439d4b63824c23e7481af502a45d2ebee77f3a801d658b59f6cbbdb797f479787ae4d5839b7ddf49ff908 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f ++Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a ++Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 ++Ctrl.type = type:A ++Output = 31ef8e737ec154c0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f ++Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a ++Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 ++Ctrl.type = type:B ++Output = c0bb41f2c51a0503 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f ++Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a ++Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 ++Ctrl.type = type:C ++Output = 3f9058812f36f302dc5ada7de8f4271c435dfe4589f22a00 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f ++Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a ++Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 ++Ctrl.type = type:D ++Output = b342a447abcb67f6819a19b8b300946c89739fabd049a6e0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f ++Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a ++Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 ++Ctrl.type = type:E ++Output = a5d70cb0a3e351be09b9600c9b97f2781236bf549209a1fbf3304af145af0941c6cd9923f1f30cec946e8dea96332d284e01a4d8bcc90721fe2e515504073cb8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f ++Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a ++Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 ++Ctrl.type = type:F ++Output = dbc3ea086a49e220306cbe57b942d9409cbd205dec20c7b79fd6998906d173bcb2bc2eb5b7eea4c1d84f3926836bd15e0565a17af735596050d6161d9682f2e7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 ++Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c ++Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 ++Ctrl.type = type:A ++Output = 19d6bc79713a4622 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 ++Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c ++Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 ++Ctrl.type = type:B ++Output = 7de9caf89d325dcd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 ++Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c ++Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 ++Ctrl.type = type:C ++Output = 1d5391d658abb9ec1b8df32cbf1db9a302a1301984ab06d4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 ++Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c ++Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 ++Ctrl.type = type:D ++Output = 5d37dab50814543d8d8674f4f491d73d21973f20844c96a7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 ++Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c ++Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 ++Ctrl.type = type:E ++Output = 3e882ae390a64c34f509bc9845df581987ae2524b2ff92d9243580168f32fa68750f3f732c8c5544c98fc585582fe743efbf55dd6c487fb5f9ffac1a156fa31c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 ++Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c ++Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 ++Ctrl.type = type:F ++Output = ce4bcf9cabe7ee7c0e216e64e5427ebd38cb41ba9e9a6d9ae441ca47d9278347a59afdf758ae7f7fd667ed3830bf9a33d7badfd40e2112580af514da9464a6d1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 ++Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 ++Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 ++Ctrl.type = type:A ++Output = 93fbb01815b63533 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 ++Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 ++Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 ++Ctrl.type = type:B ++Output = aea76dfe77a87471 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 ++Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 ++Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 ++Ctrl.type = type:C ++Output = 73a55e25a0a8ec0899c1074bf0845fefd84e42f741897a3f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 ++Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 ++Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 ++Ctrl.type = type:D ++Output = fead3a851502aa3c58734065eeaf3e63ed4c59c8f450bb1a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 ++Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 ++Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 ++Ctrl.type = type:E ++Output = 55bde99a692820ad809eb0a62311f8f3e9469ba2ee4d782d5432628ca52d829b9c5bffc41b58232363f97c5dab603268b1997fbe9b9b34ab2aca3da27467b0c8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 ++Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 ++Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 ++Ctrl.type = type:F ++Output = 756f65746c861f0985f3dd7d2f08004897ccb22be2f1d3b4791ca0c51d5ee0da776dd03d7dfb7f4db6c6cd37899871e63d75f7f60dff8348c313e99409ad2db5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb ++Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.type = type:A ++Output = a626c34c0a74b56262110185a34cd810 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb ++Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.type = type:B ++Output = 223d6fc57263da9ad61dad9759454e0f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb ++Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.type = type:C ++Output = 7c803e07506969666f446400b2372eee ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb ++Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.type = type:D ++Output = 4ad705fbc9e89c03c15f9dbbf34981df ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb ++Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.type = type:E ++Output = 36cac32cab8b943cd9d2142559c467593bfaf30d0be71560245c8b38a5671901a858ccc637b0ef6966a2bbfb1a7f51f2cf6d52c4165ca000d52bd908405c305f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb ++Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.type = type:F ++Output = 67d42301ce629c0f2a34b9dfb24ec60c138b4edc71f7123bb0db9447b3c915ebd8c54d3b20af04e30b484be3a2d4136f5d5c46f9c56de189b91fec78ecd53e1c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a ++Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 ++Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 ++Ctrl.type = type:A ++Output = 8ebbf0e9afd9f108498f1543104ba8e2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a ++Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 ++Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 ++Ctrl.type = type:B ++Output = 38bfe6bed75f77675fa36d76b63816a4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a ++Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 ++Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 ++Ctrl.type = type:C ++Output = f759f0ad2d72980f6b12f0fb317222f3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a ++Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 ++Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 ++Ctrl.type = type:D ++Output = 39f294ec25afb520f5d7f1064b7078c9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a ++Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 ++Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 ++Ctrl.type = type:E ++Output = ff2ad139997ff26e7f4393e49d57d5fc973ddb6225d8f4b5fe990e46b9943772f0d33aa98d01089ff0aeb5740bd388ada35dc44240180c99e522c817dedfc2cd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a ++Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 ++Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 ++Ctrl.type = type:F ++Output = a670c9583c71f403207a192700d5e4fd7a007b60a4617b7f93708399a0cb771af08b9e5f4237e6975f055d6f0a4d91523fa0805013df6ae4a19f077646f1cd4b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 ++Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 ++Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 ++Ctrl.type = type:A ++Output = f68353f802d39a43c728641e44087cc5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 ++Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 ++Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 ++Ctrl.type = type:B ++Output = 23c2377f826f77519871941b62cb9fdd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 ++Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 ++Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 ++Ctrl.type = type:C ++Output = c92b86a099e2605037d531746a6af7cb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 ++Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 ++Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 ++Ctrl.type = type:D ++Output = 1517de253a5b9f7d9c4c3f234b27392e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 ++Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 ++Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 ++Ctrl.type = type:E ++Output = be48a82cd246cf4d6ddb397a39f1ed62d98b5265e75190624a523033796d05046d63e0810b4b7a6efe9b834cb043871203638557063968910ad1cfa0abe62bb1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 ++Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 ++Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 ++Ctrl.type = type:F ++Output = 0c9af3775d5dc49a1b9b85fa18420ce1ca10d5159f83f9e078c217289688639dbce5f85665f866d8f93b2c6823bc7b2655830d8bb51fba945ce6eac2b0e6ce8a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda ++Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 ++Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 ++Ctrl.type = type:A ++Output = 7b802a74d216a41f7708c597b9053223 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda ++Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 ++Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 ++Ctrl.type = type:B ++Output = 355223971bed70b804d191b64cde39e6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda ++Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 ++Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 ++Ctrl.type = type:C ++Output = 925f2b036ac2682e20f022377499c3e1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda ++Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 ++Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 ++Ctrl.type = type:D ++Output = 37ae2bbbb1603c07d5274fc8f57126dc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda ++Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 ++Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 ++Ctrl.type = type:E ++Output = 8b36c7e175797bf7bbb079ac5d06e6f7f62fc5a957e0fefab7df565eb72ae0586dbebad978975aaa35846de667b44b7174315b2b932f0be538fba76b92531019 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda ++Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 ++Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 ++Ctrl.type = type:F ++Output = 388ef310bce13188df3fd6285576041754a281548fcc6a212e0de564db661640320130e4df4a6ff31162edaa7ced5b7f05f3456f674ee8be0b03424142058795 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 ++Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 ++Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 ++Ctrl.type = type:A ++Output = efeb5305eda69b0bd6999b4a27479667 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 ++Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 ++Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 ++Ctrl.type = type:B ++Output = 806fca9189c02e7ec2a6459387b03506 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 ++Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 ++Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 ++Ctrl.type = type:C ++Output = 9e542282d0db345a6ba20eba7c5de531 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 ++Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 ++Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 ++Ctrl.type = type:D ++Output = 41e7962b57a67f75072f15a5ba405d15 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 ++Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 ++Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 ++Ctrl.type = type:E ++Output = 7bf8f25fd155e41d1dc85cc814704dd8732275b3a53dc1b8c6b330c08f307b5c0da31606cb7eaa1b37b2721f4a1bf70a6885c30d17d7acd32fcc894768fe4106 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 ++Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 ++Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 ++Ctrl.type = type:F ++Output = 66b8f8c1a38120c73cc55950455a69c426fda44b9c66c3becaf259dd57a620e5ed3a749a486d05eab52c289f489581cb655865d4388a81e79b06bd105e3ae858 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce ++Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 ++Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b ++Ctrl.type = type:A ++Output = 8f6ac18ff5300849be34602630bb4102 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce ++Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 ++Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b ++Ctrl.type = type:B ++Output = f2b45df2508656758529a1f4679839fd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce ++Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 ++Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b ++Ctrl.type = type:C ++Output = 3356d58f61bcca506058e0990c9821f5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce ++Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 ++Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b ++Ctrl.type = type:D ++Output = 78495438a5326cca5351a239545941c1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce ++Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 ++Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b ++Ctrl.type = type:E ++Output = dcfc5d099f5040513f76b012ab62ee45d5d8271aec9cbbdd1e1f7e0806f363d21c2eca730f9489ee70fbc7490a1901587b1d418c0e4f429c8098cd793c6d285c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce ++Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 ++Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b ++Ctrl.type = type:F ++Output = a75817465c73517bd7884dcd230464583ae491ae5e39330873cd7a967188022cad63e712c7ec261abdb34c01bddd8989dfce8f5d8a8cdbdcc305429b3fd93c76 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 ++Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 ++Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 ++Ctrl.type = type:A ++Output = 4fa1b8c53d25f7c1adb4810c46b48ae7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 ++Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 ++Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 ++Ctrl.type = type:B ++Output = 3c453d0f50b7f41826e74e5cce5b5996 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 ++Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 ++Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 ++Ctrl.type = type:C ++Output = 22f47a00a5de0f56b3e586357eeebe57 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 ++Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 ++Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 ++Ctrl.type = type:D ++Output = 8d32d1945e93c4982bd106567f8e481f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 ++Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 ++Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 ++Ctrl.type = type:E ++Output = 9eefe581b1514160f81c94193d374d8f85879136e9ae494c487119b1974aac3e143948f656c1c1e837ff1368ef0d997cd3ca9f46c71056269eb8a1da8daf5678 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 ++Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 ++Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 ++Ctrl.type = type:F ++Output = 8dd76f59e6692ff642894ee1bb147f3e1490cac944af29de6b2b5abcc4ab9eb41d236e9cd2f40cf83935097f307a246d7b35005dd302bacfe7e4fed37d2f46e9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 ++Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 ++Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 ++Ctrl.type = type:A ++Output = f335b3ab270d7e686c5e023b3a2da75b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 ++Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 ++Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 ++Ctrl.type = type:B ++Output = 857c9245c67bad84b7377c424c5e7e7a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 ++Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 ++Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 ++Ctrl.type = type:C ++Output = 1c44ef56440f5856bdfd951305fd81e4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 ++Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 ++Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 ++Ctrl.type = type:D ++Output = 8d3496ac631bb3588abbb13d4ae2dc2d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 ++Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 ++Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 ++Ctrl.type = type:E ++Output = ac7899494cfcebbdaa8ee7c343a0a458228a0a5e59730c928e9c8775487e57c3a5f34fdb72c1b3b57cc35e0356e4b7c6a56368e74c68a017538a5b484886ec81 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 ++Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 ++Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 ++Ctrl.type = type:F ++Output = d32d849b488594d0b8efce91604296393b2240121f2ed51fb7c0bb5b371c33775d184ffaf3028306bc8040b21887f6885e5916ae158ef74a3ba09a1f30654f1a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 ++Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa ++Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 ++Ctrl.type = type:A ++Output = 5aa8ed531557a1dc934ed667029e062f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 ++Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa ++Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 ++Ctrl.type = type:B ++Output = 11a810c69785949d5a0ef6eeff960fb4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 ++Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa ++Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 ++Ctrl.type = type:C ++Output = 54e9402e4f85b08c271b2a9f15d56c75 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 ++Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa ++Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 ++Ctrl.type = type:D ++Output = 838209e0ebe7626cf6482f25c7774bfd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 ++Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa ++Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 ++Ctrl.type = type:E ++Output = bc62048ddb762ac50336ae0e91a402cc78e73472fe180756a4686299967d2904318b8ad1b8dc622edd75e9ff0e74f7fcb8a1f8acb86e2567a5167084c648c7ef ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 ++Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa ++Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 ++Ctrl.type = type:F ++Output = 4e9644a01a3fe6c3f4f5aceddb00e2584e277354aee6392a1a5aef05024d37fcf25ff46fdd8fe52e7d1dd9a96e77328aadf44b8fc92ac22a14f63d64ad0db621 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e ++Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 ++Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 ++Ctrl.type = type:A ++Output = 77cb432c67bf0ae658aa4e34376d01b5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e ++Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 ++Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 ++Ctrl.type = type:B ++Output = f55c74d112746001d8908edd347d7e69 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e ++Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 ++Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 ++Ctrl.type = type:C ++Output = 34a48ab90890b385198ea6bf8c50c3f6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e ++Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 ++Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 ++Ctrl.type = type:D ++Output = f2b6046d3439c50a9000a63909146abc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e ++Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 ++Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 ++Ctrl.type = type:E ++Output = 70357486ca57c93418c6705b731b054bc41be03289c25a5ed29a937732807ae10a3604486c53d1f2431411808d87bfbaa6b25971fa2e4ec3719b5d2622aed2ff ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e ++Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 ++Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 ++Ctrl.type = type:F ++Output = 4e6428f7a87455bdef6026cdf68a2f6d93d6cda5145d6bca60ee4eb2d6248b399f6568c65ec92cee8d9b0c7fd83053c91c5be72bf96b5904080624a348243899 ++ ++Title = SSHKDF test error conditions ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:A ++Output = FF ++Result = KDF_DERIVE_ERROR ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:A ++Output = FF ++Result = KDF_DERIVE_ERROR ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:A ++Output = FF ++Result = KDF_DERIVE_ERROR ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Output = FF ++Result = KDF_DERIVE_ERROR ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:X ++Output = FF ++Result = KDF_CTRL_ERROR ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:A ++Output = FF ++Result = KDF_MISMATCH +From 148cc5ee246e108b1e7332035037bab53574b0a9 Mon Sep 17 00:00:00 2001 +From: Simo Sorce +Date: Thu, 18 Apr 2019 08:26:29 -0400 +Subject: [PATCH] Change the digest string from "md" to "digest" + +Conform to other modules which were changed at the last minute and this +discrepancy was not noticed. +Retain "md" as an alias so not to break 3rd party backports/tests scripts. + +Signed-off-by: Simo Sorce +--- + crypto/kdf/sshkdf.c | 3 +++ + test/recipes/20-test_kdf.t | 2 +- + 2 files changed, 4 insertions(+), 1 deletion(-) + mode change 100644 => 100755 test/recipes/20-test_kdf.t + +diff --git a/crypto/kdf/sshkdf.c b/crypto/kdf/sshkdf.c +index 300e1adbb23..f585e8a0d6d 100644 +--- a/crypto/kdf/sshkdf.c ++++ b/crypto/kdf/sshkdf.c +@@ -125,6 +125,9 @@ static int kdf_sshkdf_ctrl_str(EVP_KDF_IMPL *impl, const char *type, + return 0; + } + ++ if (strcmp(type, "digest") == 0) ++ return kdf_md2ctrl(impl, kdf_sshkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); ++ /* alias, for historical reasons */ + if (strcmp(type, "md") == 0) + return kdf_md2ctrl(impl, kdf_sshkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); + diff --git a/thirdparty/openssl/patches/openssl-1.1.1-version-override.patch b/thirdparty/openssl/patches/openssl-1.1.1-version-override.patch new file mode 100644 index 000000000..ff69bdbc6 --- /dev/null +++ b/thirdparty/openssl/patches/openssl-1.1.1-version-override.patch @@ -0,0 +1,12 @@ +diff -up openssl-1.1.1g/include/openssl/opensslv.h.version-override openssl-1.1.1g/include/openssl/opensslv.h +--- openssl-1.1.1g/include/openssl/opensslv.h.version-override 2020-04-23 13:29:37.802673513 +0200 ++++ openssl-1.1.1g/include/openssl/opensslv.h 2020-04-23 13:30:13.064008458 +0200 +@@ -40,7 +40,7 @@ extern "C" { + * major minor fix final patch/beta) + */ + # define OPENSSL_VERSION_NUMBER 0x1010108fL +-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1h 22 Sep 2020" ++# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1h FIPS 22 Sep 2020" + + /*- + * The macros below are to be used for shared library (.so, .dll, ...) diff --git a/thirdparty/openssl/zimbra-openssl/debian/changelog b/thirdparty/openssl/zimbra-openssl/debian/changelog index 10d493116..2fcfd1279 100644 --- a/thirdparty/openssl/zimbra-openssl/debian/changelog +++ b/thirdparty/openssl/zimbra-openssl/debian/changelog @@ -1,3 +1,15 @@ +zimbra-openssl (VERSION-1zimbra8.7b3ZAPPEND) unstable; urgency=medium + + * Upgraded openssl to 1.1.1h + + -- Zimbra Packaging Services Fri, 04 Dec 2020 05:12:55 +0000 + +zimbra-openssl (VERSION-1zimbra8.7b3ZAPPEND) unstable; urgency=medium + + * Upgraded openssl to 1.1.1g + + -- Zimbra Packaging Services Fri, 28 Aug 2020 05:12:55 +0000 + zimbra-openssl (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium * Bug 106869: Updated openssl. diff --git a/thirdparty/openssl/zimbra-openssl/debian/patches/series b/thirdparty/openssl/zimbra-openssl/debian/patches/series index b5b92c7e1..43bf990dd 100644 --- a/thirdparty/openssl/zimbra-openssl/debian/patches/series +++ b/thirdparty/openssl/zimbra-openssl/debian/patches/series @@ -1 +1,16 @@ -ipv6.patch +openssl-1.1.1-fips.patch +openssl-1.1.1-version-override.patch +openssl-1.1.1-seclevel.patch +openssl-1.1.1-fips-post-rand.patch +openssl-1.1.1-evp-kdf.patch +openssl-1.1.1-ssh-kdf.patch +openssl-1.1.1-krb5-kdf.patch +openssl-1.1.1-edk2-build.patch +openssl-1.1.1-ec-curve.patch +openssl-1.1.1-fips-curves.patch +openssl-1.1.1-fips-drbg-selftest.patch +openssl-1.1.1-fips-dh.patch +openssl-1.1.1-kdf-selftest.patch +openssl-1.1.1-rewire-fips-drbg.patch +openssl-1.1.1-fips-crng-test.patch +openssl-1.1.1-linux-random.patch diff --git a/thirdparty/openssl/zimbra-openssl/debian/rules b/thirdparty/openssl/zimbra-openssl/debian/rules index b91caebba..16bdea926 100755 --- a/thirdparty/openssl/zimbra-openssl/debian/rules +++ b/thirdparty/openssl/zimbra-openssl/debian/rules @@ -11,7 +11,7 @@ export DEB_LDFLAGS_MAINT_APPEND="-LOZCL -ROZCL -Wl,-rpath,OZCL" override_dh_auto_configure: ./Configure no-idea enable-ec_nistp_64_gcc_128 no-mdc2 no-rc5 no-ssl2 \ no-hw --prefix=OZC --libdir=lib --openssldir=OZCE/ssl \ - shared fips --with-fipslibdir=/usr/local/ssl/fips-2.0/lib/ linux-x86_64 -g -O2 -DOPENSSL_NO_HEARTBEATS + shared linux-x86_64 -g -O2 -DOPENSSL_NO_HEARTBEATS override_dh_auto_build: LD_RUN_PATH=OZCL make depend @@ -22,5 +22,10 @@ override_dh_strip: dh_strip -pzimbra-openssl --dbg-package=zimbra-openssl-dbg dh_strip -Nzimbra-openssl-lib -Nzimbra-openssl +override_dh_shlibdeps: + dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info + override_dh_auto_install: - LD_RUN_PATH=OZCL $(MAKE) INSTALL_PREFIX=$$(pwd)/debian/tmp MANDIR="OZCS/man" LIBS="" install + LD_RUN_PATH=OZCL $(MAKE) DESTDIR=$$(pwd)/debian/tmp MANDIR="OZCS/man" LIBS="" install + export LD_LIBRARY_PATH="$$(pwd)/debian/tmpOZCL" && crypto/fips/fips_standalone_hmac $$(pwd)/debian/tmpOZCL/libcrypto.so.1.1 >$$(pwd)/debian/tmpOZCL/.libcrypto.so.1.1.hmac + export LD_LIBRARY_PATH="$$(pwd)/debian/tmpOZCL" && crypto/fips/fips_standalone_hmac $$(pwd)/debian/tmpOZCL/libssl.so.1.1 >$$(pwd)/debian/tmpOZCL/.libssl.so.1.1.hmac diff --git a/thirdparty/openssl/zimbra-openssl/debian/zimbra-openssl-lib.install b/thirdparty/openssl/zimbra-openssl/debian/zimbra-openssl-lib.install index fe8d26c24..d7617c20d 100644 --- a/thirdparty/openssl/zimbra-openssl/debian/zimbra-openssl-lib.install +++ b/thirdparty/openssl/zimbra-openssl/debian/zimbra-openssl-lib.install @@ -1,2 +1,6 @@ -opt/zimbra/common/lib/*.so.*.*.* -opt/zimbra/common/lib/engines +opt/zimbra/common/lib/*.so.* +opt/zimbra/common/lib/engines-1.1 +opt/zimbra/common/lib/libcrypto.a +opt/zimbra/common/lib/libssl.a +opt/zimbra/common/lib/.libcrypto.so.*.hmac +opt/zimbra/common/lib/.libssl.so.*.hmac diff --git a/thirdparty/openssl/zimbra-openssl/rpm/SPECS/openssl.spec b/thirdparty/openssl/zimbra-openssl/rpm/SPECS/openssl.spec index 90852eadb..d5928321a 100644 --- a/thirdparty/openssl/zimbra-openssl/rpm/SPECS/openssl.spec +++ b/thirdparty/openssl/zimbra-openssl/rpm/SPECS/openssl.spec @@ -1,10 +1,25 @@ Summary: Zimbra's Secure Socket Layer build Name: zimbra-openssl Version: VERSION -Release: 1zimbra8.7b2ZAPPEND +Release: 1zimbra8.7b3ZAPPEND License: OpenSSL Source: %{name}-%{version}.tar.gz -Patch: ipv6.patch +Patch0: openssl-1.1.1-fips.patch +Patch1: openssl-1.1.1-version-override.patch +Patch2: openssl-1.1.1-seclevel.patch +Patch3: openssl-1.1.1-fips-post-rand.patch +Patch4: openssl-1.1.1-evp-kdf.patch +Patch5: openssl-1.1.1-ssh-kdf.patch +Patch6: openssl-1.1.1-krb5-kdf.patch +Patch7: openssl-1.1.1-edk2-build.patch +patch8: openssl-1.1.1-ec-curve.patch +Patch9: openssl-1.1.1-fips-curves.patch +Patch10: openssl-1.1.1-fips-drbg-selftest.patch +Patch11: openssl-1.1.1-fips-dh.patch +Patch12: openssl-1.1.1-kdf-selftest.patch +Patch13: openssl-1.1.1-rewire-fips-drbg.patch +Patch14: openssl-1.1.1-fips-crng-test.patch +Patch15: openssl-1.1.1-linux-random.patch Requires: zimbra-openssl-libs = %{version}-%{release}, perl, perl-core AutoReqProv: no URL: https://www.openssl.org/source @@ -12,7 +27,13 @@ URL: https://www.openssl.org/source %description The Zimbra OpenSSL build allows for secure communication between various processes. +%define debug_package %{nil} + %changelog +* Fri Dec 04 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Upgraded openssl to 1.1.1h +* Fri Aug 28 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Upgraded openssl to 1.1.1g * Fri Jul 28 2017 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND - Bug 106869: Updated openssl. * Fri May 01 2015 Zimbra Packaging Services - VERSION-1zimbra8.7b1ZAPPEND @@ -20,17 +41,41 @@ The Zimbra OpenSSL build allows for secure communication between various process %prep %setup -n openssl-%{version} -%patch -p1 +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 %build ./Configure no-idea enable-ec_nistp_64_gcc_128 no-mdc2 no-rc5 no-ssl2 \ no-hw --prefix=OZC --libdir=lib --openssldir=OZCE/ssl \ - shared fips --with-fipslibdir=/usr/local/ssl/fips-2.0/lib/ linux-x86_64 -g -O2 -DOPENSSL_NO_HEARTBEATS + shared linux-x86_64 -g -O2 -DOPENSSL_NO_HEARTBEATS LD_RUN_PATH=OZCL make depend LD_RUN_PATH=OZCL make all +%define __spec_install_post \ + %{?__debug_package:%{__debug_install_post}} \ + %{__arch_install_post} \ + %{__os_install_post} \ + export LD_LIBRARY_PATH="${RPM_BUILD_ROOT}OZCL" && crypto/fips/fips_standalone_hmac ${RPM_BUILD_ROOT}OZCL/libcrypto.so.1.1 >${RPM_BUILD_ROOT}OZCL/.libcrypto.so.1.1.hmac \ + export LD_LIBRARY_PATH="${RPM_BUILD_ROOT}OZCL" && crypto/fips/fips_standalone_hmac ${RPM_BUILD_ROOT}OZCL/libssl.so.1.1 >${RPM_BUILD_ROOT}OZCL/.libssl.so.1.1.hmac \ + unset LD_LIBRARY_PATH \ +%{nil} + %install -LD_RUN_PATH=OZCL make INSTALL_PREFIX=${RPM_BUILD_ROOT} MANDIR="OZCS/man" LIBS="" install -chmod u+w ${RPM_BUILD_ROOT}OZCL/lib* ${RPM_BUILD_ROOT}OZCL/engines/*.so +LD_RUN_PATH=OZCL make DESTDIR=${RPM_BUILD_ROOT} MANDIR="OZCS/man" LIBS="" install +chmod u+w ${RPM_BUILD_ROOT}OZCL/lib* ${RPM_BUILD_ROOT}OZCL/engines-1.1/*.so %package libs Summary: SSL Libaries @@ -59,17 +104,17 @@ OZCS %dir /opt/zimbra %dir OZC %dir OZCL -%dir OZCL/engines +%dir OZCL/engines-1.1 %attr(555,-,-) OZCL/libssl.so.* %attr(555,-,-) OZCL/libcrypto.so.* -%attr(555,-,-) OZCL/engines/*.so +%attr(555,-,-) OZCL/engines-1.1/*.so +%attr(555,-,-) OZCL/libcrypto.a +%attr(555,-,-) OZCL/libssl.a +%attr(0644,-,-) OZCL/.libcrypto.so.*.hmac +%attr(0644,-,-) OZCL/.libssl.so.*.hmac %files devel %defattr(-,root,root) OZCL/*.so OZCI OZCL/pkgconfig - -%changelog -* Wed May 20 2015 Zimbra Packaging Services -- initial packaging diff --git a/thirdparty/perl-archive-zip/zimbra-perl-archive-zip/debian/changelog b/thirdparty/perl-archive-zip/zimbra-perl-archive-zip/debian/changelog index 7c71debe7..8621da6de 100644 --- a/thirdparty/perl-archive-zip/zimbra-perl-archive-zip/debian/changelog +++ b/thirdparty/perl-archive-zip/zimbra-perl-archive-zip/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-compress-raw-zlib + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-archive-zip/zimbra-perl-archive-zip/debian/control b/thirdparty/perl-archive-zip/zimbra-perl-archive-zip/debian/control index dfc953263..77bb32dbb 100644 --- a/thirdparty/perl-archive-zip/zimbra-perl-archive-zip/debian/control +++ b/thirdparty/perl-archive-zip/zimbra-perl-archive-zip/debian/control @@ -2,12 +2,12 @@ Source: zimbra-perl-MODNORMNAME Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-compress-raw-zlib +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-compress-raw-zlib (>= 2.093-1zimbra8.7b1ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/MODNAME Package: zimbra-perl-MODNORMNAME Architecture: all -Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-compress-raw-zlib +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-compress-raw-zlib (>= 2.093-1zimbra8.7b1ZAPPEND) Description: Archive::Zip - Provide an interface to ZIP archive files Perl interface to Zip archive files diff --git a/thirdparty/perl-archive-zip/zimbra-perl-archive-zip/rpm/SPECS/archive-zip.spec b/thirdparty/perl-archive-zip/zimbra-perl-archive-zip/rpm/SPECS/archive-zip.spec index 96560a2b0..5748f4afb 100644 --- a/thirdparty/perl-archive-zip/zimbra-perl-archive-zip/rpm/SPECS/archive-zip.spec +++ b/thirdparty/perl-archive-zip/zimbra-perl-archive-zip/rpm/SPECS/archive-zip.spec @@ -1,19 +1,23 @@ Summary: Archive::Zip - Provide an interface to ZIP archive files Name: zimbra-perl-MODNORMNAME Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-compress-raw-zlib -Requires: zimbra-perl-base, zimbra-perl-compress-raw-zlib +BuildRequires: zimbra-perl-base, zimbra-perl-compress-raw-zlib >= 2.093-1zimbra8.7b1ZAPPEND +Requires: zimbra-perl-base, zimbra-perl-compress-raw-zlib >= 2.093-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: https://metacpan.org/release/MODNAME %description Perl interface to Zip archive files +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-compress-raw-zlib + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-bit-vector/zimbra-perl-bit-vector/debian/changelog b/thirdparty/perl-bit-vector/zimbra-perl-bit-vector/debian/changelog index 7c71debe7..1882531a9 100644 --- a/thirdparty/perl-bit-vector/zimbra-perl-bit-vector/debian/changelog +++ b/thirdparty/perl-bit-vector/zimbra-perl-bit-vector/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Upgraded dependency carp-clan to 6.08 + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-bit-vector/zimbra-perl-bit-vector/debian/control b/thirdparty/perl-bit-vector/zimbra-perl-bit-vector/debian/control index 1f22b3414..c4cbaf731 100644 --- a/thirdparty/perl-bit-vector/zimbra-perl-bit-vector/debian/control +++ b/thirdparty/perl-bit-vector/zimbra-perl-bit-vector/debian/control @@ -2,12 +2,12 @@ Source: zimbra-perl-MODNORMNAME Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-carp-clan +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-carp-clan (>= 6.08-1zimbra8.7b1ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/MODNAME Package: zimbra-perl-MODNORMNAME Architecture: all -Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-carp-clan +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-carp-clan (>= 6.08-1zimbra8.7b1ZAPPEND) Description: Bit::Vector - Efficient bit vector, set of integers and "big int" math library Efficient base class implementing bit vectors diff --git a/thirdparty/perl-bit-vector/zimbra-perl-bit-vector/rpm/SPECS/bit-vector.spec b/thirdparty/perl-bit-vector/zimbra-perl-bit-vector/rpm/SPECS/bit-vector.spec index afb7bc9f2..220b5478b 100644 --- a/thirdparty/perl-bit-vector/zimbra-perl-bit-vector/rpm/SPECS/bit-vector.spec +++ b/thirdparty/perl-bit-vector/zimbra-perl-bit-vector/rpm/SPECS/bit-vector.spec @@ -1,19 +1,23 @@ Summary: Bit::Vector - Efficient bit vector, set of integers and "big int" math library Name: zimbra-perl-MODNORMNAME Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-carp-clan -Requires: zimbra-perl-base, zimbra-perl-carp-clan +BuildRequires: zimbra-perl-base, zimbra-perl-carp-clan >= 6.08-1zimbra8.7b1ZAPPEND +Requires: zimbra-perl-base, zimbra-perl-carp-clan >= 6.08-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: https://metacpan.org/release/MODNAME %description Efficient base class implementing bit vectors +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency carp-clan to 6.08 + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-carp-clan/Makefile b/thirdparty/perl-carp-clan/Makefile index 427f69592..a8a5fa1e1 100644 --- a/thirdparty/perl-carp-clan/Makefile +++ b/thirdparty/perl-carp-clan/Makefile @@ -8,7 +8,7 @@ pname_lc := carp-clan pfile := $(pname)-$(pvers).tar.gz psrc_file := $(SRC_DIR)/$(pfile) -purl := https://cpan.metacpan.org/authors/id/S/ST/STBEY/$(pfile) +purl := https://www.cpan.org/modules/by-module/Carp/$(pfile) zname := zimbra-perl-$(pname_lc) zspec := $(pname_lc).spec diff --git a/thirdparty/perl-carp-clan/zimbra-perl-carp-clan/debian/changelog b/thirdparty/perl-carp-clan/zimbra-perl-carp-clan/debian/changelog index 7c71debe7..84726a847 100644 --- a/thirdparty/perl-carp-clan/zimbra-perl-carp-clan/debian/changelog +++ b/thirdparty/perl-carp-clan/zimbra-perl-carp-clan/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low + + * Upgraded carp-clan to 6.08 + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-carp-clan/zimbra-perl-carp-clan/rpm/SPECS/carp-clan.spec b/thirdparty/perl-carp-clan/zimbra-perl-carp-clan/rpm/SPECS/carp-clan.spec index 75b589a51..2b395cde1 100644 --- a/thirdparty/perl-carp-clan/zimbra-perl-carp-clan/rpm/SPECS/carp-clan.spec +++ b/thirdparty/perl-carp-clan/zimbra-perl-carp-clan/rpm/SPECS/carp-clan.spec @@ -18,6 +18,10 @@ it a number of levels to skip on the calling stack, you give it a pattern to characterize the package names of the "clan" of modules which shall never be blamed for any error. +%changelog +* Tue Apr 21 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgraded carp-clan to 6.08 + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-compress-raw-bzip2/zimbra-perl-compress-raw-bzip2/debian/changelog b/thirdparty/perl-compress-raw-bzip2/zimbra-perl-compress-raw-bzip2/debian/changelog index ac54468f0..768429d9a 100644 --- a/thirdparty/perl-compress-raw-bzip2/zimbra-perl-compress-raw-bzip2/debian/changelog +++ b/thirdparty/perl-compress-raw-bzip2/zimbra-perl-compress-raw-bzip2/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-compress-raw-bzip2 (VERSION-ITERATIONZAPPEND) unstable; urgency=low + + * Upgraded Compress-Raw-Bzip2 to 2.093 + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-compress-raw-bzip2 (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-compress-raw-bzip2/zimbra-perl-compress-raw-bzip2/rpm/SPECS/compress-raw-bzip2.spec b/thirdparty/perl-compress-raw-bzip2/zimbra-perl-compress-raw-bzip2/rpm/SPECS/compress-raw-bzip2.spec index 49694584e..693e3f88d 100644 --- a/thirdparty/perl-compress-raw-bzip2/zimbra-perl-compress-raw-bzip2/rpm/SPECS/compress-raw-bzip2.spec +++ b/thirdparty/perl-compress-raw-bzip2/zimbra-perl-compress-raw-bzip2/rpm/SPECS/compress-raw-bzip2.spec @@ -15,6 +15,10 @@ URL: https://metacpan.org/release/Compress-Raw-Bzip2 Compress-Raw-Bzip2 provides the interface to the bzip2 library for the modules IO::Compress::Bzip2 and IO::Compress::Bunzip2 +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgraded Compress-Raw-Bzip2 to 2.093 + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-compress-raw-zlib/zimbra-perl-compress-raw-zlib/debian/changelog b/thirdparty/perl-compress-raw-zlib/zimbra-perl-compress-raw-zlib/debian/changelog index 64fc5a457..cf8dd965c 100644 --- a/thirdparty/perl-compress-raw-zlib/zimbra-perl-compress-raw-zlib/debian/changelog +++ b/thirdparty/perl-compress-raw-zlib/zimbra-perl-compress-raw-zlib/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-compress-raw-zlib (VERSION-ITERATIONZAPPEND) unstable; urgency=low + + * Upgraded Compress-Raw-Zlib to 2.093 + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-compress-raw-zlib (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-compress-raw-zlib/zimbra-perl-compress-raw-zlib/rpm/SPECS/compress-raw-zlib.spec b/thirdparty/perl-compress-raw-zlib/zimbra-perl-compress-raw-zlib/rpm/SPECS/compress-raw-zlib.spec index aade7da9b..686a5f51d 100644 --- a/thirdparty/perl-compress-raw-zlib/zimbra-perl-compress-raw-zlib/rpm/SPECS/compress-raw-zlib.spec +++ b/thirdparty/perl-compress-raw-zlib/zimbra-perl-compress-raw-zlib/rpm/SPECS/compress-raw-zlib.spec @@ -14,6 +14,10 @@ URL: https://metacpan.org/release/Compress-Raw-Zlib %description This module provides a Perl interface to the zlib compression library. +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgraded Compress-Raw-Zlib to 2.093 + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-config-inifiles/zimbra-perl-config-inifiles/debian/changelog b/thirdparty/perl-config-inifiles/zimbra-perl-config-inifiles/debian/changelog index 7c71debe7..0f0828780 100644 --- a/thirdparty/perl-config-inifiles/zimbra-perl-config-inifiles/debian/changelog +++ b/thirdparty/perl-config-inifiles/zimbra-perl-config-inifiles/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-list-moreutils + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-config-inifiles/zimbra-perl-config-inifiles/debian/control b/thirdparty/perl-config-inifiles/zimbra-perl-config-inifiles/debian/control index 06c9b331f..44d0e3894 100644 --- a/thirdparty/perl-config-inifiles/zimbra-perl-config-inifiles/debian/control +++ b/thirdparty/perl-config-inifiles/zimbra-perl-config-inifiles/debian/control @@ -2,13 +2,13 @@ Source: zimbra-perl-MODNORMNAME Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-list-moreutils +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-list-moreutils (>= 0.428-1zimbra8.7b1ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/MODNAME Package: zimbra-perl-MODNORMNAME Architecture: all -Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-list-moreutils +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-list-moreutils (>= 0.428-1zimbra8.7b1ZAPPEND) Description: Config::IniFiles - A module for reading .ini-style configuration files Config::IniFiles provides a way to have readable configuration files outside your Perl script. Configurations can be imported (inherited, diff --git a/thirdparty/perl-config-inifiles/zimbra-perl-config-inifiles/rpm/SPECS/config-inifiles.spec b/thirdparty/perl-config-inifiles/zimbra-perl-config-inifiles/rpm/SPECS/config-inifiles.spec index a3d5adbf1..471242cd8 100644 --- a/thirdparty/perl-config-inifiles/zimbra-perl-config-inifiles/rpm/SPECS/config-inifiles.spec +++ b/thirdparty/perl-config-inifiles/zimbra-perl-config-inifiles/rpm/SPECS/config-inifiles.spec @@ -1,13 +1,13 @@ Summary: Config::IniFiles - A module for reading .ini-style configuration files Name: zimbra-perl-MODNORMNAME Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-list-moreutils -Requires: zimbra-perl-base, zimbra-perl-list-moreutils +BuildRequires: zimbra-perl-base, zimbra-perl-list-moreutils >= 0.428-1zimbra8.7b1ZAPPEND +Requires: zimbra-perl-base, zimbra-perl-list-moreutils >= 0.428-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: https://metacpan.org/release/MODNAME @@ -17,6 +17,10 @@ outside your Perl script. Configurations can be imported (inherited, stacked,...), sections can be grouped, and settings can be accessed from a tied hash. +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-list-moreutils + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-crypt-openssl-random/zimbra-perl-crypt-openssl-random/debian/changelog b/thirdparty/perl-crypt-openssl-random/zimbra-perl-crypt-openssl-random/debian/changelog index 7242e296f..497e665fb 100644 --- a/thirdparty/perl-crypt-openssl-random/zimbra-perl-crypt-openssl-random/debian/changelog +++ b/thirdparty/perl-crypt-openssl-random/zimbra-perl-crypt-openssl-random/debian/changelog @@ -1,3 +1,15 @@ +zimbra-perl-crypt-openssl-random (VERSION-1zimbra8.7b3ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1h + + -- Zimbra Packaging Services Fri, 02 Dec 2020 22:26:24 +0000 + +zimbra-perl-crypt-openssl-random (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1g + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-perl-crypt-openssl-random (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-crypt-openssl-random/zimbra-perl-crypt-openssl-random/debian/control b/thirdparty/perl-crypt-openssl-random/zimbra-perl-crypt-openssl-random/debian/control index 081608ab0..3193785e3 100644 --- a/thirdparty/perl-crypt-openssl-random/zimbra-perl-crypt-openssl-random/debian/control +++ b/thirdparty/perl-crypt-openssl-random/zimbra-perl-crypt-openssl-random/debian/control @@ -2,7 +2,7 @@ Source: zimbra-perl-crypt-openssl-random Section: perl Priority: optional Maintainer: Zimbra -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-openssl-dev +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-openssl-dev (>= 1.1.1h-1zimbra8.7b3ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/Crypt-OpenSSL-Random diff --git a/thirdparty/perl-crypt-openssl-random/zimbra-perl-crypt-openssl-random/rpm/SPECS/crypt-openssl-random.spec b/thirdparty/perl-crypt-openssl-random/zimbra-perl-crypt-openssl-random/rpm/SPECS/crypt-openssl-random.spec index 274f24dc3..80ad639de 100644 --- a/thirdparty/perl-crypt-openssl-random/zimbra-perl-crypt-openssl-random/rpm/SPECS/crypt-openssl-random.spec +++ b/thirdparty/perl-crypt-openssl-random/zimbra-perl-crypt-openssl-random/rpm/SPECS/crypt-openssl-random.spec @@ -1,11 +1,11 @@ Summary: Zimbra's Crypt::OpenSSL::Random build Name: zimbra-perl-crypt-openssl-random Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b3ZAPPEND License: GPL-2 Source: %{name}-%{version}.tar.gz -BuildRequires: zimbra-perl-base, zimbra-openssl-devel -Requires: zimbra-perl-base, zimbra-openssl-libs +BuildRequires: zimbra-perl-base, zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND +Requires: zimbra-perl-base, zimbra-openssl-libs >= 1.1.1h-1zimbra8.7b3ZAPPEND AutoReqProv: no URL: http://search.cpan.org/dist/Crypt-OpenSSL-Random/ @@ -16,6 +16,12 @@ The Zimbra Crypt::OpenSSL::Random build %define debug_package %{nil} +%changelog +* Fri Dec 02 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Upgraded dependency openssl to 1.1.1h +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency openssl to 1.1.1g + %prep %setup -n Crypt-OpenSSL-Random-%{version} diff --git a/thirdparty/perl-crypt-openssl-rsa/Makefile b/thirdparty/perl-crypt-openssl-rsa/Makefile index 7059e74ab..65b4aab0f 100644 --- a/thirdparty/perl-crypt-openssl-rsa/Makefile +++ b/thirdparty/perl-crypt-openssl-rsa/Makefile @@ -7,7 +7,7 @@ pname := Crypt-OpenSSL-RSA pname_lc := crypt-openssl-rsa pfile := $(pname)-$(pvers).tar.gz psrc_file := $(SRC_DIR)/$(pfile) -purl := https://cpan.metacpan.org/authors/id/P/PE/PERLER/$(pfile) +purl := https://cpan.metacpan.org/authors/id/T/TO/TODDR/$(pfile) zname := zimbra-perl-$(pname_lc) zspec := $(pname_lc).spec diff --git a/thirdparty/perl-crypt-openssl-rsa/zimbra-perl-crypt-openssl-rsa/debian/changelog b/thirdparty/perl-crypt-openssl-rsa/zimbra-perl-crypt-openssl-rsa/debian/changelog index 2e7918998..d4aeffac8 100644 --- a/thirdparty/perl-crypt-openssl-rsa/zimbra-perl-crypt-openssl-rsa/debian/changelog +++ b/thirdparty/perl-crypt-openssl-rsa/zimbra-perl-crypt-openssl-rsa/debian/changelog @@ -1,3 +1,15 @@ +zimbra-perl-crypt-openssl-rsa (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1h + + -- Zimbra Packaging Services Fri, 02 Dec 2020 22:26:24 +0000 + +zimbra-perl-crypt-openssl-rsa (VERSION-ITERATIONZAPPEND) unstable; urgency=medium + + * Upgraded perl-crypt-openssl-rsa to 0.31 + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-perl-crypt-openssl-rsa (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-crypt-openssl-rsa/zimbra-perl-crypt-openssl-rsa/debian/control b/thirdparty/perl-crypt-openssl-rsa/zimbra-perl-crypt-openssl-rsa/debian/control index ff4906f1a..8a2c3f5fe 100644 --- a/thirdparty/perl-crypt-openssl-rsa/zimbra-perl-crypt-openssl-rsa/debian/control +++ b/thirdparty/perl-crypt-openssl-rsa/zimbra-perl-crypt-openssl-rsa/debian/control @@ -2,7 +2,7 @@ Source: zimbra-perl-crypt-openssl-rsa Section: perl Priority: optional Maintainer: Zimbra -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-openssl-dev +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-openssl-dev (>= 1.1.1h-1zimbra8.7b3ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/Crypt-OpenSSL-RSA diff --git a/thirdparty/perl-crypt-openssl-rsa/zimbra-perl-crypt-openssl-rsa/rpm/SPECS/crypt-openssl-rsa.spec b/thirdparty/perl-crypt-openssl-rsa/zimbra-perl-crypt-openssl-rsa/rpm/SPECS/crypt-openssl-rsa.spec index a8436678b..fa33b2931 100644 --- a/thirdparty/perl-crypt-openssl-rsa/zimbra-perl-crypt-openssl-rsa/rpm/SPECS/crypt-openssl-rsa.spec +++ b/thirdparty/perl-crypt-openssl-rsa/zimbra-perl-crypt-openssl-rsa/rpm/SPECS/crypt-openssl-rsa.spec @@ -1,11 +1,11 @@ Summary: Zimbra's Crypt::OpenSSL::RSA build Name: zimbra-perl-crypt-openssl-rsa Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2 Source: %{name}-%{version}.tar.gz -BuildRequires: zimbra-perl-base, zimbra-openssl-devel -Requires: zimbra-perl-base, zimbra-openssl-libs +BuildRequires: zimbra-perl-base, zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND +Requires: zimbra-perl-base, zimbra-openssl-libs >= 1.1.1h-1zimbra8.7b3ZAPPEND AutoReqProv: no URL: http://search.cpan.org/dist/Crypt-OpenSSL-RSA/ @@ -16,6 +16,12 @@ The Zimbra Crypt::OpenSSL::RSA build %define debug_package %{nil} +%changelog +* Fri Dec 02 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency openssl to 1.1.1h +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgraded perl-crypt-openssl-rsa to 0.31 + %prep %setup -n Crypt-OpenSSL-RSA-%{version} diff --git a/thirdparty/perl-date-calc/zimbra-perl-date-calc/debian/changelog b/thirdparty/perl-date-calc/zimbra-perl-date-calc/debian/changelog index 7c71debe7..013bd8f2a 100644 --- a/thirdparty/perl-date-calc/zimbra-perl-date-calc/debian/changelog +++ b/thirdparty/perl-date-calc/zimbra-perl-date-calc/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-bit-vector + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-date-calc/zimbra-perl-date-calc/debian/control b/thirdparty/perl-date-calc/zimbra-perl-date-calc/debian/control index b0ac68787..47272d33a 100644 --- a/thirdparty/perl-date-calc/zimbra-perl-date-calc/debian/control +++ b/thirdparty/perl-date-calc/zimbra-perl-date-calc/debian/control @@ -2,12 +2,12 @@ Source: zimbra-perl-MODNORMNAME Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-bit-vector +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-bit-vector (>= 7.4-1zimbra8.7b2ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/MODNAME Package: zimbra-perl-MODNORMNAME Architecture: all -Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-bit-vector +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-bit-vector (>= 7.4-1zimbra8.7b2ZAPPEND) Description: Date::Calc - Gregorian calendar date calculations Gregorian calendar date calculations diff --git a/thirdparty/perl-date-calc/zimbra-perl-date-calc/rpm/SPECS/date-calc.spec b/thirdparty/perl-date-calc/zimbra-perl-date-calc/rpm/SPECS/date-calc.spec index 21f08dc50..2281a59b3 100644 --- a/thirdparty/perl-date-calc/zimbra-perl-date-calc/rpm/SPECS/date-calc.spec +++ b/thirdparty/perl-date-calc/zimbra-perl-date-calc/rpm/SPECS/date-calc.spec @@ -1,19 +1,23 @@ Summary: Date::Calc - Gregorian calendar date calculations Name: zimbra-perl-MODNORMNAME Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-bit-vector -Requires: zimbra-perl-base, zimbra-perl-bit-vector +BuildRequires: zimbra-perl-base, zimbra-perl-bit-vector >= 7.4-1zimbra8.7b2ZAPPEND +Requires: zimbra-perl-base, zimbra-perl-bit-vector >= 7.4-1zimbra8.7b2ZAPPEND AutoReqProv: no URL: https://metacpan.org/release/MODNAME %description Gregorian calendar date calculations +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-bit-vector + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-dbd-mysql/Makefile b/thirdparty/perl-dbd-mysql/Makefile index e690d1eac..19f2242f2 100644 --- a/thirdparty/perl-dbd-mysql/Makefile +++ b/thirdparty/perl-dbd-mysql/Makefile @@ -8,7 +8,7 @@ pname_lc := dbd-mysql pfile := $(pname)-$(pvers).tar.gz psrc_file := $(SRC_DIR)/$(pfile) -purl := https://cpan.metacpan.org/authors/id/M/MI/MICHIELB/$(pfile) +purl := https://www.cpan.org/modules/by-module/DBD/$(pfile) zname := zimbra-perl-$(pname_lc) zspec := $(pname_lc).spec diff --git a/thirdparty/perl-dbd-mysql/zimbra-perl-dbd-mysql/debian/changelog b/thirdparty/perl-dbd-mysql/zimbra-perl-dbd-mysql/debian/changelog index ae5d901ec..f1b41b8ef 100644 --- a/thirdparty/perl-dbd-mysql/zimbra-perl-dbd-mysql/debian/changelog +++ b/thirdparty/perl-dbd-mysql/zimbra-perl-dbd-mysql/debian/changelog @@ -1,3 +1,15 @@ +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b4ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1h + + -- Zimbra Packaging Services Fri, 02 Dec 2020 22:26:24 +0000 + +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b3ZAPPEND) unstable; urgency=medium + + * Upgraded perl-dbd-mysql to 4.050 + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low * Bug-107311: Updated perl-dbd-mysql version. diff --git a/thirdparty/perl-dbd-mysql/zimbra-perl-dbd-mysql/debian/control b/thirdparty/perl-dbd-mysql/zimbra-perl-dbd-mysql/debian/control index e22ca79d2..89df1fc68 100644 --- a/thirdparty/perl-dbd-mysql/zimbra-perl-dbd-mysql/debian/control +++ b/thirdparty/perl-dbd-mysql/zimbra-perl-dbd-mysql/debian/control @@ -2,7 +2,7 @@ Source: zimbra-perl-MODNORMNAME Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-openssl-dev, +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-openssl-dev (>= 1.1.1h-1zimbra8.7b3ZAPPEND), zimbra-mariadb-dev, zimbra-perl-dbi Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/MODNAME @@ -10,7 +10,7 @@ Homepage: https://metacpan.org/release/MODNAME Package: zimbra-perl-MODNORMNAME Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, - zimbra-perl-dbi, zimbra-mariadb-lib + zimbra-perl-dbi, zimbra-mariadb-lib (>= 10.1.25-1zimbra8.7b3ZAPPEND) Description: DBD::mysql - MySQL driver for the Perl5 Database Interface (DBI) DBD::mysql is the Perl5 Database Interface driver for the MySQL database. In other words: DBD::mysql is an interface between the Perl programming diff --git a/thirdparty/perl-dbd-mysql/zimbra-perl-dbd-mysql/rpm/SPECS/dbd-mysql.spec b/thirdparty/perl-dbd-mysql/zimbra-perl-dbd-mysql/rpm/SPECS/dbd-mysql.spec index aa9dd3d84..09d0faf08 100644 --- a/thirdparty/perl-dbd-mysql/zimbra-perl-dbd-mysql/rpm/SPECS/dbd-mysql.spec +++ b/thirdparty/perl-dbd-mysql/zimbra-perl-dbd-mysql/rpm/SPECS/dbd-mysql.spec @@ -1,14 +1,14 @@ Summary: DBD::mysql - MySQL driver for the Perl5 Database Interface (DBI) Name: zimbra-perl-MODNORMNAME Version: VERSION -Release: 1zimbra8.7b2ZAPPEND +Release: 1zimbra8.7b4ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages BuildRequires: zimbra-perl-base, zimbra-perl-dbi, zimbra-mariadb-devel -BuildRequires: zimbra-openssl-devel -Requires: zimbra-perl-base, zimbra-perl-dbi, zimbra-mariadb-libs +BuildRequires: zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND +Requires: zimbra-perl-base, zimbra-perl-dbi, zimbra-mariadb-libs >= 10.1.25-1zimbra8.7b3ZAPPEND AutoReqProv: no URL: https://metacpan.org/release/MODNAME @@ -20,6 +20,10 @@ database management system. Most functions provided by this programming API are supported. %changelog +* Fri Dec 02 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b4ZAPPEND +- Upgraded dependency openssl to 1.1.1h +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Upgraded perl-dbd-mysql to 4.050 * Thu Sep 7 2017 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND - Bug-107311: Updated perl-dbd-mysql version. * Wed Sep 9 2015 Zimbra Packaging Services - VERSION-1zimbra8.7b1ZAPPEND diff --git a/thirdparty/perl-http-cookies/zimbra-perl-http-cookies/debian/changelog b/thirdparty/perl-http-cookies/zimbra-perl-http-cookies/debian/changelog index 96b7a2fc4..ee79eb3ed 100644 --- a/thirdparty/perl-http-cookies/zimbra-perl-http-cookies/debian/changelog +++ b/thirdparty/perl-http-cookies/zimbra-perl-http-cookies/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-http-cookies (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-http-message + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-http-cookies (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-http-cookies/zimbra-perl-http-cookies/debian/control b/thirdparty/perl-http-cookies/zimbra-perl-http-cookies/debian/control index 99f4eed8b..7a8130e66 100644 --- a/thirdparty/perl-http-cookies/zimbra-perl-http-cookies/debian/control +++ b/thirdparty/perl-http-cookies/zimbra-perl-http-cookies/debian/control @@ -2,14 +2,14 @@ Source: zimbra-perl-http-cookies Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-http-date, zimbra-perl-http-message +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-http-date, zimbra-perl-http-message (>= 6.11-1zimbra8.7b2ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/HTTP-Cookies Package: zimbra-perl-http-cookies Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-http-date, - zimbra-perl-http-message + zimbra-perl-http-message (>= 6.11-1zimbra8.7b2ZAPPEND) Description: HTTP::Cookies - HTTP cookie jars This class is for objects that represent a "cookie jar" -- that is, a database of all the HTTP cookies that a given LWP::UserAgent object diff --git a/thirdparty/perl-http-cookies/zimbra-perl-http-cookies/rpm/SPECS/http-cookies.spec b/thirdparty/perl-http-cookies/zimbra-perl-http-cookies/rpm/SPECS/http-cookies.spec index 6eb24b0b7..0e11a6cf1 100644 --- a/thirdparty/perl-http-cookies/zimbra-perl-http-cookies/rpm/SPECS/http-cookies.spec +++ b/thirdparty/perl-http-cookies/zimbra-perl-http-cookies/rpm/SPECS/http-cookies.spec @@ -1,13 +1,13 @@ Summary: HTTP::Cookies - HTTP cookie jars Name: zimbra-perl-http-cookies Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-http-date, zimbra-perl-http-message -Requires: zimbra-perl-base, zimbra-perl-http-date, zimbra-perl-http-message +BuildRequires: zimbra-perl-base, zimbra-perl-http-date, zimbra-perl-http-message >= 6.11-1zimbra8.7b2ZAPPEND +Requires: zimbra-perl-base, zimbra-perl-http-date, zimbra-perl-http-message >= 6.11-1zimbra8.7b2ZAPPEND AutoReqProv: no URL: https://metacpan.org/release/HTTP-Cookies @@ -16,6 +16,10 @@ This class is for objects that represent a "cookie jar" -- that is, a database of all the HTTP cookies that a given LWP::UserAgent object knows about. +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-http-message + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-http-daemon/zimbra-perl-http-daemon/debian/changelog b/thirdparty/perl-http-daemon/zimbra-perl-http-daemon/debian/changelog index 109e093a6..388833bff 100644 --- a/thirdparty/perl-http-daemon/zimbra-perl-http-daemon/debian/changelog +++ b/thirdparty/perl-http-daemon/zimbra-perl-http-daemon/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-http-daemon (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-http-message + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-http-daemon (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-http-daemon/zimbra-perl-http-daemon/debian/control b/thirdparty/perl-http-daemon/zimbra-perl-http-daemon/debian/control index 3faf32d9e..a68e5a6a1 100644 --- a/thirdparty/perl-http-daemon/zimbra-perl-http-daemon/debian/control +++ b/thirdparty/perl-http-daemon/zimbra-perl-http-daemon/debian/control @@ -2,7 +2,7 @@ Source: zimbra-perl-http-daemon Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-http-date, zimbra-perl-http-message, +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-http-date, zimbra-perl-http-message (>= 6.11-1zimbra8.7b2ZAPPEND), zimbra-perl-lwp-mediatypes Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/HTTP-Daemon @@ -10,7 +10,7 @@ Homepage: https://metacpan.org/release/HTTP-Daemon Package: zimbra-perl-http-daemon Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-http-date, - zimbra-perl-http-message, zimbra-perl-lwp-mediatypes + zimbra-perl-http-message (>= 6.11-1zimbra8.7b2ZAPPEND), zimbra-perl-lwp-mediatypes Description: HTTP::Daemon - a simple http server class Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests. The HTTP::Daemon is a subclass of diff --git a/thirdparty/perl-http-daemon/zimbra-perl-http-daemon/rpm/SPECS/http-daemon.spec b/thirdparty/perl-http-daemon/zimbra-perl-http-daemon/rpm/SPECS/http-daemon.spec index c66a38443..bd66e9a7a 100644 --- a/thirdparty/perl-http-daemon/zimbra-perl-http-daemon/rpm/SPECS/http-daemon.spec +++ b/thirdparty/perl-http-daemon/zimbra-perl-http-daemon/rpm/SPECS/http-daemon.spec @@ -1,13 +1,13 @@ Summary: HTTP::Daemon - a simple http server class Name: zimbra-perl-http-daemon Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-http-date, zimbra-perl-http-message, zimbra-perl-lwp-mediatypes -Requires: zimbra-perl-base, zimbra-perl-http-date, zimbra-perl-http-message, zimbra-perl-lwp-mediatypes +BuildRequires: zimbra-perl-base, zimbra-perl-http-date, zimbra-perl-http-message >= 6.11-1zimbra8.7b2ZAPPEND, zimbra-perl-lwp-mediatypes +Requires: zimbra-perl-base, zimbra-perl-http-date, zimbra-perl-http-message >= 6.11-1zimbra8.7b2ZAPPEND, zimbra-perl-lwp-mediatypes AutoReqProv: no URL: https://metacpan.org/release/HTTP-Daemon @@ -17,6 +17,10 @@ on a socket for incoming requests. The HTTP::Daemon is a subclass of IO::Socket::INET, so you can perform socket operations directly on it too. +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-http-message + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-http-message/zimbra-perl-http-message/debian/changelog b/thirdparty/perl-http-message/zimbra-perl-http-message/debian/changelog index be65cd576..f26f62580 100644 --- a/thirdparty/perl-http-message/zimbra-perl-http-message/debian/changelog +++ b/thirdparty/perl-http-message/zimbra-perl-http-message/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-http-message (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-io-compress + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-http-message (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-http-message/zimbra-perl-http-message/debian/control b/thirdparty/perl-http-message/zimbra-perl-http-message/debian/control index a387e5923..13c8599d9 100644 --- a/thirdparty/perl-http-message/zimbra-perl-http-message/debian/control +++ b/thirdparty/perl-http-message/zimbra-perl-http-message/debian/control @@ -2,14 +2,14 @@ Source: zimbra-perl-http-message Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-io-compress, zimbra-perl-uri, +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-io-compress (>= 2.093-1zimbra8.7b1ZAPPEND), zimbra-perl-uri, zimbra-perl-http-date, zimbra-perl-io-html, zimbra-perl-encode-locale, zimbra-perl-lwp-mediatypes Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/HTTP-Message Package: zimbra-perl-http-message Architecture: all -Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-io-compress, zimbra-perl-uri, +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-io-compress (>= 2.093-1zimbra8.7b1ZAPPEND), zimbra-perl-uri, zimbra-perl-http-date, zimbra-perl-io-html, zimbra-perl-encode-locale, zimbra-perl-lwp-mediatypes Description: HTTP-Message The HTTP-Message distribution contains classes useful for representing the diff --git a/thirdparty/perl-http-message/zimbra-perl-http-message/rpm/SPECS/http-message.spec b/thirdparty/perl-http-message/zimbra-perl-http-message/rpm/SPECS/http-message.spec index 6398c2eb4..cd9ec19c8 100644 --- a/thirdparty/perl-http-message/zimbra-perl-http-message/rpm/SPECS/http-message.spec +++ b/thirdparty/perl-http-message/zimbra-perl-http-message/rpm/SPECS/http-message.spec @@ -1,15 +1,15 @@ Summary: HTTP-Message Name: zimbra-perl-http-message Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-io-compress, zimbra-perl-uri +BuildRequires: zimbra-perl-base, zimbra-perl-io-compress >= 2.093-1zimbra8.7b1ZAPPEND, zimbra-perl-uri BuildRequires: zimbra-perl-http-date, zimbra-perl-io-html BuildRequires: zimbra-perl-encode-locale, zimbra-perl-lwp-mediatypes -Requires: zimbra-perl-base, zimbra-perl-io-compress, zimbra-perl-uri +Requires: zimbra-perl-base, zimbra-perl-io-compress >= 2.093-1zimbra8.7b1ZAPPEND, zimbra-perl-uri Requires: zimbra-perl-http-date, zimbra-perl-io-html Requires: zimbra-perl-encode-locale, zimbra-perl-lwp-mediatypes AutoReqProv: no @@ -20,6 +20,10 @@ The HTTP-Message distribution contains classes useful for representing the messages passed in HTTP style communication. These are classes representing requests, responses and the headers contained within them. +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-io-compress + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-http-negotiate/zimbra-perl-http-negotiate/debian/changelog b/thirdparty/perl-http-negotiate/zimbra-perl-http-negotiate/debian/changelog index b2ce61ade..36e45b6f6 100644 --- a/thirdparty/perl-http-negotiate/zimbra-perl-http-negotiate/debian/changelog +++ b/thirdparty/perl-http-negotiate/zimbra-perl-http-negotiate/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-http-negotiate (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-http-message + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-http-negotiate (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-http-negotiate/zimbra-perl-http-negotiate/debian/control b/thirdparty/perl-http-negotiate/zimbra-perl-http-negotiate/debian/control index e8abf252e..9fa5b134b 100644 --- a/thirdparty/perl-http-negotiate/zimbra-perl-http-negotiate/debian/control +++ b/thirdparty/perl-http-negotiate/zimbra-perl-http-negotiate/debian/control @@ -2,13 +2,13 @@ Source: zimbra-perl-http-negotiate Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-http-message +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-http-message (>= 6.11-1zimbra8.7b2ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/HTTP-Negotiate Package: zimbra-perl-http-negotiate Architecture: all -Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-http-message +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-http-message (>= 6.11-1zimbra8.7b2ZAPPEND) Description: HTTP::Negotiate - choose a variant to serve This module provides a complete implementation of the HTTP content negotiation algorithm specified in draft-ietf-http-v11-spec-00.ps diff --git a/thirdparty/perl-http-negotiate/zimbra-perl-http-negotiate/rpm/SPECS/http-negotiate.spec b/thirdparty/perl-http-negotiate/zimbra-perl-http-negotiate/rpm/SPECS/http-negotiate.spec index d529cb566..4e50b1434 100644 --- a/thirdparty/perl-http-negotiate/zimbra-perl-http-negotiate/rpm/SPECS/http-negotiate.spec +++ b/thirdparty/perl-http-negotiate/zimbra-perl-http-negotiate/rpm/SPECS/http-negotiate.spec @@ -1,13 +1,13 @@ Summary: HTTP::Negotiate - choose a variant to serve Name: zimbra-perl-http-negotiate Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-http-message -Requires: zimbra-perl-base, zimbra-perl-http-message +BuildRequires: zimbra-perl-base, zimbra-perl-http-message >= 6.11-1zimbra8.7b2ZAPPEND +Requires: zimbra-perl-base, zimbra-perl-http-message >= 6.11-1zimbra8.7b2ZAPPEND AutoReqProv: no URL: https://metacpan.org/release/HTTP-Negotiate @@ -17,6 +17,10 @@ negotiation algorithm specified in draft-ietf-http-v11-spec-00.ps chapter 12. Content negotiation allows for the selection of a preferred content representation based upon attributes of the negotiable variants and the value of the various Accept* header fields in the request. + +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-http-message %define debug_package %{nil} diff --git a/thirdparty/perl-innotop/zimbra-perl-innotop/debian/changelog b/thirdparty/perl-innotop/zimbra-perl-innotop/debian/changelog index 7c71debe7..fffeac184 100644 --- a/thirdparty/perl-innotop/zimbra-perl-innotop/debian/changelog +++ b/thirdparty/perl-innotop/zimbra-perl-innotop/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-dbd-mysql + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-innotop/zimbra-perl-innotop/debian/control b/thirdparty/perl-innotop/zimbra-perl-innotop/debian/control index 96991ebe9..69c5cb23c 100644 --- a/thirdparty/perl-innotop/zimbra-perl-innotop/debian/control +++ b/thirdparty/perl-innotop/zimbra-perl-innotop/debian/control @@ -2,7 +2,7 @@ Source: zimbra-perl-MODNORMNAME Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-dbd-mysql, +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-dbd-mysql (>= 4.043-1zimbra8.7b2ZAPPEND), zimbra-perl-term-readkey Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/MODNAME @@ -10,7 +10,7 @@ Homepage: https://metacpan.org/release/MODNAME Package: zimbra-perl-MODNORMNAME Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, - zimbra-perl-dbd-mysql, zimbra-perl-term-readkey + zimbra-perl-dbd-mysql (>= 4.043-1zimbra8.7b2ZAPPEND), zimbra-perl-term-readkey Description: innotop - mariadb monitor innotop monitors MySQL/MariaDB servers. Each of its modes shows you a different aspect of what's happening in the server. For example, there's a mode for monitoring diff --git a/thirdparty/perl-innotop/zimbra-perl-innotop/rpm/SPECS/innotop.spec b/thirdparty/perl-innotop/zimbra-perl-innotop/rpm/SPECS/innotop.spec index ad63aa001..cb1d34b18 100644 --- a/thirdparty/perl-innotop/zimbra-perl-innotop/rpm/SPECS/innotop.spec +++ b/thirdparty/perl-innotop/zimbra-perl-innotop/rpm/SPECS/innotop.spec @@ -1,14 +1,14 @@ Summary: innotop - mariadb monitor Name: zimbra-perl-MODNORMNAME Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b4ZAPPEND License: GPL-2 Source: %{name}-%{version}.tar.gz Patch0: inno.patch Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-dbd-mysql, zimbra-perl-term-readkey -Requires: zimbra-perl-base, zimbra-perl-dbd-mysql, zimbra-perl-term-readkey +BuildRequires: zimbra-perl-base, zimbra-perl-dbd-mysql >= 4.050-1zimbra8.7b4ZAPPEND, zimbra-perl-term-readkey +Requires: zimbra-perl-base, zimbra-perl-dbd-mysql >= 4.050-1zimbra8.7b4ZAPPEND, zimbra-perl-term-readkey AutoReqProv: no URL: https://github.com/innotop/innotop @@ -18,6 +18,14 @@ aspect of what's happening in the server. For example, there's a mode for monit replication, one for queries, and one for transactions. innotop refreshes its data periodically, so you see an updating view. +%changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b4ZAPPEND +- Updated dependency perl-dbd-mysql +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Updated dependency zimbra-perl-dbd-mysql +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-dbd-mysql + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-io-compress/zimbra-perl-io-compress/debian/changelog b/thirdparty/perl-io-compress/zimbra-perl-io-compress/debian/changelog index 7a2b1e166..c8ab4a475 100644 --- a/thirdparty/perl-io-compress/zimbra-perl-io-compress/debian/changelog +++ b/thirdparty/perl-io-compress/zimbra-perl-io-compress/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-io-compress (VERSION-ITERATIONZAPPEND) unstable; urgency=low + + * Upgraded IO-Compress to 2.093 + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-io-compress (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-io-compress/zimbra-perl-io-compress/debian/control b/thirdparty/perl-io-compress/zimbra-perl-io-compress/debian/control index cfff83a18..b8f0047a0 100644 --- a/thirdparty/perl-io-compress/zimbra-perl-io-compress/debian/control +++ b/thirdparty/perl-io-compress/zimbra-perl-io-compress/debian/control @@ -2,13 +2,13 @@ Source: zimbra-perl-io-compress Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-compress-raw-bzip2, zimbra-perl-compress-raw-zlib +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-compress-raw-bzip2 (>= 2.093-1zimbra8.7b1ZAPPEND), zimbra-perl-compress-raw-zlib (>= 2.093-1zimbra8.7b1ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/IO-Compress Package: zimbra-perl-io-compress Architecture: all -Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-compress-raw-bzip2, zimbra-perl-compress-raw-zlib +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-compress-raw-bzip2 (>= 2.093-1zimbra8.7b1ZAPPEND), zimbra-perl-compress-raw-zlib (>= 2.093-1zimbra8.7b1ZAPPEND) Description: IO-Compress This distribution provides a Perl interface to allow reading and writing of compressed data created with the zlib and bzip2 libraries. diff --git a/thirdparty/perl-io-compress/zimbra-perl-io-compress/rpm/SPECS/io-compress.spec b/thirdparty/perl-io-compress/zimbra-perl-io-compress/rpm/SPECS/io-compress.spec index 9caab0be2..5a1fc22b2 100644 --- a/thirdparty/perl-io-compress/zimbra-perl-io-compress/rpm/SPECS/io-compress.spec +++ b/thirdparty/perl-io-compress/zimbra-perl-io-compress/rpm/SPECS/io-compress.spec @@ -6,8 +6,8 @@ License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-compress-raw-bzip2, zimbra-perl-compress-raw-zlib -Requires: zimbra-perl-base, zimbra-perl-compress-raw-bzip2, zimbra-perl-compress-raw-zlib +BuildRequires: zimbra-perl-base, zimbra-perl-compress-raw-bzip2 >= 2.093-1zimbra8.7b1ZAPPEND, zimbra-perl-compress-raw-zlib >= 2.093-1zimbra8.7b1ZAPPEND +Requires: zimbra-perl-base, zimbra-perl-compress-raw-bzip2 >= 2.093-1zimbra8.7b1ZAPPEND, zimbra-perl-compress-raw-zlib >= 2.093-1zimbra8.7b1ZAPPEND AutoReqProv: no URL: https://metacpan.org/release/IO-Compress @@ -15,6 +15,10 @@ URL: https://metacpan.org/release/IO-Compress This distribution provides a Perl interface to allow reading and writing of compressed data created with the zlib and bzip2 libraries. +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgraded IO-Compress to 2.093 + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-io-socket-ssl/zimbra-perl-io-socket-ssl/debian/changelog b/thirdparty/perl-io-socket-ssl/zimbra-perl-io-socket-ssl/debian/changelog index b3ab81958..5403dd852 100644 --- a/thirdparty/perl-io-socket-ssl/zimbra-perl-io-socket-ssl/debian/changelog +++ b/thirdparty/perl-io-socket-ssl/zimbra-perl-io-socket-ssl/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-io-socket-ssl (VERSION-ITERATIONZAPPEND) unstable; urgency=low + + * Upgraded IO-Socket-SSL to 2.068 + + -- Zimbra Packaging Services Tue, 21 Apr 2020 00:00:00 +0000 + zimbra-perl-io-socket-ssl (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-io-socket-ssl/zimbra-perl-io-socket-ssl/rpm/SPECS/io-socket-ssl.spec b/thirdparty/perl-io-socket-ssl/zimbra-perl-io-socket-ssl/rpm/SPECS/io-socket-ssl.spec index 9b7058bf9..cd2117c44 100644 --- a/thirdparty/perl-io-socket-ssl/zimbra-perl-io-socket-ssl/rpm/SPECS/io-socket-ssl.spec +++ b/thirdparty/perl-io-socket-ssl/zimbra-perl-io-socket-ssl/rpm/SPECS/io-socket-ssl.spec @@ -1,14 +1,14 @@ Summary: SSL sockets with IO::Socket interface Name: zimbra-perl-io-socket-ssl Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b3ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-mozilla-ca, zimbra-perl-net-ssleay +BuildRequires: zimbra-perl-base, zimbra-perl-mozilla-ca, zimbra-perl-net-ssleay >= 1.88-1zimbra8.7b2ZAPPEND BuildRequires: zimbra-perl-io-socket-ip -Requires: zimbra-perl-base, zimbra-perl-mozilla-ca, zimbra-perl-net-ssleay +Requires: zimbra-perl-base, zimbra-perl-mozilla-ca, zimbra-perl-net-ssleay >= 1.88-1zimbra8.7b2ZAPPEND Requires: zimbra-perl-io-socket-ip AutoReqProv: no URL: https://metacpan.org/release/IO-Socket-SSL @@ -20,6 +20,14 @@ providing secure defaults whenever possible. This way, existing applications can be made SSL-aware without much effort, at least if you do blocking I/O and don't use select or poll. +%changelogA +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Updated dependency zimbra-perl-net-ssleay +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated zimbra-perl-net-ssleay +* Tue Apr 21 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgraded IO-Socket-SSL to 2.068 + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-libwww/zimbra-perl-libwww/debian/changelog b/thirdparty/perl-libwww/zimbra-perl-libwww/debian/changelog index 957949a4a..48270a9b7 100644 --- a/thirdparty/perl-libwww/zimbra-perl-libwww/debian/changelog +++ b/thirdparty/perl-libwww/zimbra-perl-libwww/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-libwww (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependencies zimbra-perl-http-cookies,zimbra-perl-http-daemon,zimbra-perl-http-negotiate,zimbra-perl-http-message,zimbra-perl-net-http + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-libwww (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-libwww/zimbra-perl-libwww/debian/control b/thirdparty/perl-libwww/zimbra-perl-libwww/debian/control index d7e3f851c..ccd050c7a 100644 --- a/thirdparty/perl-libwww/zimbra-perl-libwww/debian/control +++ b/thirdparty/perl-libwww/zimbra-perl-libwww/debian/control @@ -3,18 +3,18 @@ Section: perl Priority: optional Maintainer: Zimbra Packaging Services Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-encode-locale, zimbra-perl-file-listing, - zimbra-perl-http-cookies, zimbra-perl-http-daemon, zimbra-perl-http-date, - zimbra-perl-http-negotiate, zimbra-perl-http-message, zimbra-perl-lwp-mediatypes, - zimbra-perl-uri, zimbra-perl-net-http, zimbra-perl-www-robotrules, zimbra-perl-html-parser + zimbra-perl-http-cookies (>= 6.01-1zimbra8.7b2ZAPPEND), zimbra-perl-http-daemon (>= 6.01-1zimbra8.7b2ZAPPEND), zimbra-perl-http-date, + zimbra-perl-http-negotiate (>= 6.01-1zimbra8.7b2ZAPPEND), zimbra-perl-http-message (>= 6.11-1zimbra8.7b2ZAPPEND), zimbra-perl-lwp-mediatypes, + zimbra-perl-uri, zimbra-perl-net-http (>= 6.09-1zimbra8.7b2ZAPPEND), zimbra-perl-www-robotrules, zimbra-perl-html-parser Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/libwww-perl Package: zimbra-perl-libwww Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-encode-locale, - zimbra-perl-file-listing, zimbra-perl-http-cookies, zimbra-perl-http-daemon, - zimbra-perl-http-date, zimbra-perl-http-negotiate, zimbra-perl-http-message, - zimbra-perl-lwp-mediatypes, zimbra-perl-uri, zimbra-perl-net-http, + zimbra-perl-file-listing, zimbra-perl-http-cookies (>= 6.01-1zimbra8.7b2ZAPPEND), zimbra-perl-http-daemon (>= 6.01-1zimbra8.7b2ZAPPEND), + zimbra-perl-http-date, zimbra-perl-http-negotiate (>= 6.01-1zimbra8.7b2ZAPPEND), zimbra-perl-http-message (>= 6.11-1zimbra8.7b2ZAPPEND), + zimbra-perl-lwp-mediatypes, zimbra-perl-uri, zimbra-perl-net-http (>= 6.09-1zimbra8.7b2ZAPPEND), zimbra-perl-www-robotrules, zimbra-perl-html-parser Description: libwww - The World-Wide Web library for Perl The libwww-perl collection is a set of Perl modules which provides a diff --git a/thirdparty/perl-libwww/zimbra-perl-libwww/rpm/SPECS/libwww.spec b/thirdparty/perl-libwww/zimbra-perl-libwww/rpm/SPECS/libwww.spec index 9d761721f..9d6d6c491 100644 --- a/thirdparty/perl-libwww/zimbra-perl-libwww/rpm/SPECS/libwww.spec +++ b/thirdparty/perl-libwww/zimbra-perl-libwww/rpm/SPECS/libwww.spec @@ -1,19 +1,19 @@ Summary: libwww - The World-Wide Web library for Perl Name: zimbra-perl-libwww Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b4ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages BuildRequires: zimbra-perl-base, zimbra-perl-encode-locale, zimbra-perl-file-listing -BuildRequires: zimbra-perl-http-cookies, zimbra-perl-http-daemon, zimbra-perl-http-date -BuildRequires: zimbra-perl-http-negotiate, zimbra-perl-http-message, zimbra-perl-lwp-mediatypes -BuildRequires: zimbra-perl-uri, zimbra-perl-net-http, zimbra-perl-www-robotrules, zimbra-perl-html-parser +BuildRequires: zimbra-perl-http-cookies >= 6.01-1zimbra8.7b2ZAPPEND, zimbra-perl-http-daemon >= 6.01-1zimbra8.7b2ZAPPEND, zimbra-perl-http-date +BuildRequires: zimbra-perl-http-negotiate >= 6.01-1zimbra8.7b2ZAPPEND, zimbra-perl-http-message >= 6.11-1zimbra8.7b2ZAPPEND, zimbra-perl-lwp-mediatypes +BuildRequires: zimbra-perl-uri, zimbra-perl-net-http >= 6.09-1zimbra8.7b4ZAPPEND, zimbra-perl-www-robotrules, zimbra-perl-html-parser Requires: zimbra-perl-base, zimbra-perl-encode-locale, zimbra-perl-file-listing -Requires: zimbra-perl-http-cookies, zimbra-perl-http-daemon, zimbra-perl-http-date -Requires: zimbra-perl-http-negotiate, zimbra-perl-http-message, zimbra-perl-lwp-mediatypes -Requires: zimbra-perl-uri, zimbra-perl-net-http, zimbra-perl-www-robotrules, zimbra-perl-html-parser +Requires: zimbra-perl-http-cookies >= 6.01-1zimbra8.7b2ZAPPEND, zimbra-perl-http-daemon >= 6.01-1zimbra8.7b2ZAPPEND, zimbra-perl-http-date +Requires: zimbra-perl-http-negotiate >= 6.01-1zimbra8.7b2ZAPPEND, zimbra-perl-http-message >= 6.11-1zimbra8.7b2ZAPPEND, zimbra-perl-lwp-mediatypes +Requires: zimbra-perl-uri, zimbra-perl-net-http >= 6.09-1zimbra8.7b4ZAPPEND, zimbra-perl-www-robotrules, zimbra-perl-html-parser AutoReqProv: no URL: https://metacpan.org/release/libwww-perl @@ -25,6 +25,14 @@ and functions that allow you to write WWW clients. The library also contain modules that are of more general use and even classes that help you implement simple HTTP servers. +%changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b4ZAPPEND +- Updated dependency zimbra-perl-net-http +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Updated dependency zimbra-perl-net-http +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependencies zimbra-perl-http-cookies,zimbra-perl-http-daemon,zimbra-perl-http-negotiate,zimbra-perl-http-message,zimbra-perl-net-http + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-list-moreutils/zimbra-perl-list-moreutils/debian/changelog b/thirdparty/perl-list-moreutils/zimbra-perl-list-moreutils/debian/changelog index 7c71debe7..32bbfcb81 100644 --- a/thirdparty/perl-list-moreutils/zimbra-perl-list-moreutils/debian/changelog +++ b/thirdparty/perl-list-moreutils/zimbra-perl-list-moreutils/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low + + * Upgraded List-MoreUtils to 0.428 + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-list-moreutils/zimbra-perl-list-moreutils/rpm/SPECS/list-moreutils.spec b/thirdparty/perl-list-moreutils/zimbra-perl-list-moreutils/rpm/SPECS/list-moreutils.spec index f144c423f..ef69bee2f 100644 --- a/thirdparty/perl-list-moreutils/zimbra-perl-list-moreutils/rpm/SPECS/list-moreutils.spec +++ b/thirdparty/perl-list-moreutils/zimbra-perl-list-moreutils/rpm/SPECS/list-moreutils.spec @@ -15,6 +15,10 @@ URL: https://metacpan.org/release/MODNAME List::MoreUtils provides functions missing from the core List::Util module +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgraded List-MoreUtils to 0.428 + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-lwp-protocol-https/zimbra-perl-lwp-protocol-https/debian/changelog b/thirdparty/perl-lwp-protocol-https/zimbra-perl-lwp-protocol-https/debian/changelog index 7a6132c48..199d518ff 100644 --- a/thirdparty/perl-lwp-protocol-https/zimbra-perl-lwp-protocol-https/debian/changelog +++ b/thirdparty/perl-lwp-protocol-https/zimbra-perl-lwp-protocol-https/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-lwp-protocol-https (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependencies zimbra-perl-libwww,zimbra-perl-net-http,zimbra-perl-io-socket-ssl + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-lwp-protocol-https (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-lwp-protocol-https/zimbra-perl-lwp-protocol-https/debian/control b/thirdparty/perl-lwp-protocol-https/zimbra-perl-lwp-protocol-https/debian/control index bfb8926d2..df91c0fd9 100644 --- a/thirdparty/perl-lwp-protocol-https/zimbra-perl-lwp-protocol-https/debian/control +++ b/thirdparty/perl-lwp-protocol-https/zimbra-perl-lwp-protocol-https/debian/control @@ -2,15 +2,15 @@ Source: zimbra-perl-lwp-protocol-https Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-libwww, zimbra-perl-net-http, - zimbra-perl-io-socket-ssl, zimbra-perl-mozilla-ca +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-libwww (>= 6.13-1zimbra8.7b2ZAPPEND), zimbra-perl-net-http (>= 6.09-1zimbra8.7b2ZAPPEND), + zimbra-perl-io-socket-ssl (>= 2.068-1zimbra8.7b1ZAPPEND), zimbra-perl-mozilla-ca Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/LWP-Protocol-https Package: zimbra-perl-lwp-protocol-https Architecture: all -Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-libwww, - zimbra-perl-net-http, zimbra-perl-io-socket-ssl, zimbra-perl-mozilla-ca +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-libwww (>= 6.13-1zimbra8.7b2ZAPPEND), + zimbra-perl-net-http (>= 6.09-1zimbra8.7b2ZAPPEND), zimbra-perl-io-socket-ssl (>= 2.068-1zimbra8.7b1ZAPPEND), zimbra-perl-mozilla-ca Description: LWP::Protocol::https - Provide https support for LWP::UserAgent The LWP::Protocol::https module provides support for using https schemed URLs with LWP. This module is a plug-in to the LWP protocol handling, so diff --git a/thirdparty/perl-lwp-protocol-https/zimbra-perl-lwp-protocol-https/rpm/SPECS/lwp-protocol-https.spec b/thirdparty/perl-lwp-protocol-https/zimbra-perl-lwp-protocol-https/rpm/SPECS/lwp-protocol-https.spec index a7d12292f..8647f1bb6 100644 --- a/thirdparty/perl-lwp-protocol-https/zimbra-perl-lwp-protocol-https/rpm/SPECS/lwp-protocol-https.spec +++ b/thirdparty/perl-lwp-protocol-https/zimbra-perl-lwp-protocol-https/rpm/SPECS/lwp-protocol-https.spec @@ -1,15 +1,15 @@ Summary: LWP::Protocol::https - Provide https support for LWP::UserAgent Name: zimbra-perl-lwp-protocol-https Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b4ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-libwww, zimbra-perl-net-http -BuildRequires: zimbra-perl-io-socket-ssl, zimbra-perl-mozilla-ca -Requires: zimbra-perl-base, zimbra-perl-libwww, zimbra-perl-net-http -Requires: zimbra-perl-io-socket-ssl, zimbra-perl-mozilla-ca +BuildRequires: zimbra-perl-base, zimbra-perl-libwww >= 6.13-1zimbra8.7b4ZAPPEND, zimbra-perl-net-http >= 6.09-1zimbra8.7b4ZAPPEND +BuildRequires: zimbra-perl-io-socket-ssl >= 2.068-1zimbra8.7b3ZAPPEND, zimbra-perl-mozilla-ca +Requires: zimbra-perl-base, zimbra-perl-libwww >= 6.13-1zimbra8.7b4ZAPPEND, zimbra-perl-net-http >= 6.09-1zimbra8.7b4ZAPPEND +Requires: zimbra-perl-io-socket-ssl >= 2.068-1zimbra8.7b3ZAPPEND, zimbra-perl-mozilla-ca AutoReqProv: no URL: https://metacpan.org/release/LWP-Protocol-https @@ -19,6 +19,14 @@ URLs with LWP. This module is a plug-in to the LWP protocol handling, so you don't use it directly. Once the module is installed LWP is able to access sites using HTTP over SSL/TLS. +%changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b4ZAPPEND +- Updated dependencies zimbra-perl-libwww,zimbra-perl-net-http,zimbra-perl-io-socket-ssl +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Updated dependencies zimbra-perl-libwww,zimbra-perl-net-http,zimbra-perl-io-socket-ssl +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependencies zimbra-perl-libwww,zimbra-perl-net-http,zimbra-perl-io-socket-ssl + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-mail-dkim/Makefile b/thirdparty/perl-mail-dkim/Makefile index a6a852e20..64726e4b7 100644 --- a/thirdparty/perl-mail-dkim/Makefile +++ b/thirdparty/perl-mail-dkim/Makefile @@ -26,7 +26,7 @@ setup: pkgadd: $(PKG_EXTRACT) zimbra-perl-base zimbra-perl-crypt-openssl-rsa \ - zimbra-perl-digest-sha1 zimbra-perl-net-dns zimbra-perl-mailtools + zimbra-perl-digest-sha1 zimbra-perl-net-dns zimbra-perl-mailtools zimbra-openssl-$(PKG_DEV) pkgrm: pkgrm% pkgrm%: @@ -42,6 +42,7 @@ build_rpm: $(replace-perl-modinfo) $(specfile) && \ $(MKDIR) BUILD BUILDROOT RPMS SOURCES SRPMS && \ $(CP) $(psrc_file) SOURCES/$(zname)-$(pvers).tar.gz && \ + $(CP) $(PKG_ROOT)/patches/*.patch SOURCES/ && \ $(PKG_BUILD) $(specfile) build_deb: z_tgz = $(zname)_$(pvers).orig.tar.gz @@ -52,6 +53,7 @@ build_deb: $(replace-pathinfo) debian/rules && \ $(replace-perl-modinfo) debian/changelog debian/control debian/copyright debian/watch && \ $(CP) $(psrc_file) ../$(z_tgz) && \ + $(CP) $(PKG_ROOT)/patches/*.patch debian/patches/ && \ $(TAR) xfz ../$(z_tgz) --strip-components=1 && \ $(PKG_BUILD) diff --git a/thirdparty/perl-mail-dkim/patches/public_key.patch b/thirdparty/perl-mail-dkim/patches/public_key.patch new file mode 100644 index 000000000..471fca0ef --- /dev/null +++ b/thirdparty/perl-mail-dkim/patches/public_key.patch @@ -0,0 +1,30 @@ +diff -ruN a/t/public_key.t b/t/public_key.t +--- a/t/public_key.t 2020-04-24 13:54:58.331676829 +0000 ++++ b/t/public_key.t 2020-04-24 14:02:29.659689565 +0000 +@@ -12,21 +12,21 @@ + # + my $pubkey = Mail::DKIM::PublicKey->fetch( + Protocol => "dns", +- Selector => "test1", +- Domain => "messiah.edu", ++ Selector => "key1", ++ Domain => "test.authmilter.org", + ); + ok($pubkey, "public key exists"); + + # +-# this public key is "NXDOMAIN" ++# this public key is "NXDOMAIN" + # + $pubkey = Mail::DKIM::PublicKey->fetch( + Protocol => "dns", + Selector => "nonexistent", +- Domain => "messiah.edu", ++ Domain => "messiah.edu", + ); + ok(!$pubkey, "public key should not exist"); +-ok($@ =~ /^NXDOMAIN$/, "reason given is NXDOMAIN"); ++ok($@ =~ /^NXDOMAIN$/, "reason given is NXDOMAIN"); + + SKIP: + { diff --git a/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/debian/changelog b/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/debian/changelog index 7c71debe7..0d0b195d9 100644 --- a/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/debian/changelog +++ b/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/debian/changelog @@ -1,3 +1,15 @@ +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b3ZAPPEND) unstable; urgency=medium + + * Updated dependency zimbra-perl-crypt-openssl-rsa + + -- Zimbra Packaging Services Sat, 05 Dec 2020 22:26:24 +0000 + +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Updated dependency zimbra-perl-crypt-openssl-rsa + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/debian/control b/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/debian/control index b494562cc..1a94cd742 100644 --- a/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/debian/control +++ b/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/debian/control @@ -2,14 +2,14 @@ Source: zimbra-perl-MODNORMNAME Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-crypt-openssl-rsa, +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-crypt-openssl-rsa (>= 0.31-1zimbra8.7b2ZAPPEND), zimbra-perl-digest-sha1, zimbra-perl-net-dns, zimbra-perl-mailtools Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/MODNAME Package: zimbra-perl-MODNORMNAME Architecture: all -Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-crypt-openssl-rsa, +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-crypt-openssl-rsa (>= 0.31-1zimbra8.7b2ZAPPEND), zimbra-perl-digest-sha1, zimbra-perl-net-dns, zimbra-perl-mailtools Description: Mail::DKIM - Signs/verifies Internet mail with DKIM/DomainKey signatures This module implements the various components of the DKIM and DomainKeys diff --git a/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/debian/patches/series b/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/debian/patches/series new file mode 100644 index 000000000..175bbddc7 --- /dev/null +++ b/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/debian/patches/series @@ -0,0 +1 @@ +public_key.patch diff --git a/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/rpm/SPECS/mail-dkim.spec b/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/rpm/SPECS/mail-dkim.spec index acd01aeff..09bcd326b 100644 --- a/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/rpm/SPECS/mail-dkim.spec +++ b/thirdparty/perl-mail-dkim/zimbra-perl-mail-dkim/rpm/SPECS/mail-dkim.spec @@ -1,14 +1,15 @@ Summary: Mail::DKIM - Signs/verifies Internet mail with DKIM/DomainKey signatures Name: zimbra-perl-MODNORMNAME Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b3ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz +Patch0: public_key.patch Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-crypt-openssl-rsa zimbra-perl-digest-sha1 +BuildRequires: zimbra-perl-base, zimbra-perl-crypt-openssl-rsa >= 0.31-1zimbra8.7b2ZAPPEND, zimbra-perl-digest-sha1 BuildRequires: zimbra-perl-net-dns zimbra-perl-mailtools -Requires: zimbra-perl-base, zimbra-perl-crypt-openssl-rsa zimbra-perl-digest-sha1 +Requires: zimbra-perl-base, zimbra-perl-crypt-openssl-rsa >= 0.31-1zimbra8.7b2ZAPPEND, zimbra-perl-digest-sha1 Requires: zimbra-perl-net-dns zimbra-perl-mailtools AutoReqProv: no URL: https://metacpan.org/release/MODNAME @@ -22,8 +23,15 @@ RFC4870, for DomainKeys %define debug_package %{nil} +%changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Updated dependency zimbra-perl-crypt-openssl-rsa +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-crypt-openssl-rsa + %prep %setup -n MODNAME-%{version} +%patch0 -p1 %build perl -I OZCL/perl5 Makefile.PL INSTALL_BASE=OZC \ diff --git a/thirdparty/perl-mail-spamassassin/zimbra-perl-mail-spamassassin/debian/changelog b/thirdparty/perl-mail-spamassassin/zimbra-perl-mail-spamassassin/debian/changelog index 90ab4dedb..b04c1adb2 100644 --- a/thirdparty/perl-mail-spamassassin/zimbra-perl-mail-spamassassin/debian/changelog +++ b/thirdparty/perl-mail-spamassassin/zimbra-perl-mail-spamassassin/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.8b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-io-compress + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-MODNORMNAME (VERSION-1zimbra8.8b1ZAPPEND) unstable; urgency=low * Upgraded spamAssasin to 3.4.4 diff --git a/thirdparty/perl-mail-spamassassin/zimbra-perl-mail-spamassassin/debian/control b/thirdparty/perl-mail-spamassassin/zimbra-perl-mail-spamassassin/debian/control index 0144a11f9..6b445cccd 100644 --- a/thirdparty/perl-mail-spamassassin/zimbra-perl-mail-spamassassin/debian/control +++ b/thirdparty/perl-mail-spamassassin/zimbra-perl-mail-spamassassin/debian/control @@ -3,7 +3,7 @@ Section: perl Priority: optional Maintainer: Zimbra Packaging Services Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-digest-sha1, - zimbra-perl-net-dns, zimbra-perl-html-parser, zimbra-perl-io-compress, + zimbra-perl-net-dns, zimbra-perl-html-parser, zimbra-perl-io-compress (>= 2.093-1zimbra8.7b1ZAPPEND), zimbra-perl-mail-spf, zimbra-perl-mail-dkim, zimbra-perl-netaddr-ip, zimbra-perl-net-cidr-lite, zimbra-perl-encode-detect Standards-Version: 3.9.5 @@ -13,7 +13,7 @@ Package: zimbra-perl-MODNORMNAME Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-digest-sha1, - zimbra-perl-net-dns, zimbra-perl-html-parser, zimbra-perl-io-compress, + zimbra-perl-net-dns, zimbra-perl-html-parser, zimbra-perl-io-compress (>= 2.093-1zimbra8.7b1ZAPPEND), zimbra-perl-mail-spf, zimbra-perl-mail-dkim, zimbra-perl-netaddr-ip, zimbra-perl-net-cidr-lite, zimbra-perl-encode-detect, zimbra-mta-base Description: Mail::SpamAssassin - Spam detector and markup engine diff --git a/thirdparty/perl-mail-spamassassin/zimbra-perl-mail-spamassassin/rpm/SPECS/mail-spamassassin.spec b/thirdparty/perl-mail-spamassassin/zimbra-perl-mail-spamassassin/rpm/SPECS/mail-spamassassin.spec index 1d3e8845b..4704ac5ab 100644 --- a/thirdparty/perl-mail-spamassassin/zimbra-perl-mail-spamassassin/rpm/SPECS/mail-spamassassin.spec +++ b/thirdparty/perl-mail-spamassassin/zimbra-perl-mail-spamassassin/rpm/SPECS/mail-spamassassin.spec @@ -1,18 +1,18 @@ Summary: Mail::SpamAssassin - Spam detector and markup engine Name: zimbra-perl-MODNORMNAME Version: VERSION -Release: 1zimbra8.8b1ZAPPEND +Release: 1zimbra8.8b4ZAPPEND License: Apache-2.0 Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages BuildRequires: zimbra-perl-base, zimbra-perl-digest-sha1, zimbra-perl-net-dns -BuildRequires: zimbra-perl-html-parser, zimbra-perl-io-compress, zimbra-perl-mail-spf -BuildRequires: zimbra-perl-mail-dkim, zimbra-perl-netaddr-ip, zimbra-perl-net-cidr-lite +BuildRequires: zimbra-perl-html-parser, zimbra-perl-io-compress >= 2.093-1zimbra8.7b1ZAPPEND, zimbra-perl-mail-spf +BuildRequires: zimbra-perl-mail-dkim >= 0.40-1zimbra8.7b3ZAPPEND, zimbra-perl-netaddr-ip, zimbra-perl-net-cidr-lite BuildRequires: zimbra-perl-encode-detect Requires: zimbra-perl-base, zimbra-perl-digest-sha1, zimbra-perl-net-dns -Requires: zimbra-perl-html-parser, zimbra-perl-io-compress, zimbra-perl-mail-spf -Requires: zimbra-perl-mail-dkim, zimbra-perl-netaddr-ip, zimbra-perl-net-cidr-lite +Requires: zimbra-perl-html-parser, zimbra-perl-io-compress >= 2.093-1zimbra8.7b1ZAPPEND, zimbra-perl-mail-spf +Requires: zimbra-perl-mail-dkim >= 0.40-1zimbra8.7b3ZAPPEND, zimbra-perl-netaddr-ip, zimbra-perl-net-cidr-lite Requires: zimbra-perl-encode-detect, zimbra-mta-base AutoReqProv: no URL: https://metacpan.org/release/MODNAME @@ -23,6 +23,12 @@ including text analysis, internet-based realtime blacklists, statistical analysis, and internet-based hashing algorithms. %changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.8b4ZAPPEND +- Updated dependency zimbra-perl-mail-dkim +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.8b3ZAPPEND +- Updated dependency zimbra-perl-mail-dkim +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.8b2ZAPPEND +- Updated dependency zimbra-perl-io-compress * Mon Mar 16 2020 Zimbra Packaging Services - VERSION-1zimbra8.8b1ZAPPEND -Upgraded to 3.4.4 * Fri Jul 7 2017 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND diff --git a/thirdparty/perl-net-http/zimbra-perl-net-http/debian/changelog b/thirdparty/perl-net-http/zimbra-perl-net-http/debian/changelog index 52cff7728..5eeb0442f 100644 --- a/thirdparty/perl-net-http/zimbra-perl-net-http/debian/changelog +++ b/thirdparty/perl-net-http/zimbra-perl-net-http/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-net-http (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-io-socket-ssl + + -- Zimbra Packaging Services Tue, 21 Apr 2020 00:00:00 +0000 + zimbra-perl-net-http (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-net-http/zimbra-perl-net-http/debian/control b/thirdparty/perl-net-http/zimbra-perl-net-http/debian/control index f0d855ad4..41d9ba0ef 100644 --- a/thirdparty/perl-net-http/zimbra-perl-net-http/debian/control +++ b/thirdparty/perl-net-http/zimbra-perl-net-http/debian/control @@ -2,13 +2,13 @@ Source: zimbra-perl-net-http Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-uri, zimbra-perl-io-socket-ssl +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-uri, zimbra-perl-io-socket-ssl (>= 2.068-1zimbra8.7b1ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/Net-HTTP Package: zimbra-perl-net-http Architecture: all -Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-uri, zimbra-perl-io-socket-ssl +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, zimbra-perl-uri, zimbra-perl-io-socket-ssl (>= 2.068-1zimbra8.7b1ZAPPEND) Description: Net::HTTP - Low-level HTTP connection (client) The Net::HTTP class is a low-level HTTP client. An instance of the Net::HTTP class represents a connection to an HTTP server. The HTTP diff --git a/thirdparty/perl-net-http/zimbra-perl-net-http/rpm/SPECS/net-http.spec b/thirdparty/perl-net-http/zimbra-perl-net-http/rpm/SPECS/net-http.spec index 23fd442dd..76a6d8f4c 100644 --- a/thirdparty/perl-net-http/zimbra-perl-net-http/rpm/SPECS/net-http.spec +++ b/thirdparty/perl-net-http/zimbra-perl-net-http/rpm/SPECS/net-http.spec @@ -1,13 +1,13 @@ Summary: Net::HTTP - Low-level HTTP connection (client) Name: zimbra-perl-net-http Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b4ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-uri, zimbra-perl-io-socket-ssl -Requires: zimbra-perl-base, zimbra-perl-uri, zimbra-perl-io-socket-ssl +BuildRequires: zimbra-perl-base, zimbra-perl-uri, zimbra-perl-io-socket-ssl >= 2.068-1zimbra8.7b3ZAPPEND +Requires: zimbra-perl-base, zimbra-perl-uri, zimbra-perl-io-socket-ssl >= 2.068-1zimbra8.7b3ZAPPEND AutoReqProv: no URL: https://metacpan.org/release/Net-HTTP @@ -17,6 +17,15 @@ Net::HTTP class represents a connection to an HTTP server. The HTTP protocol is described in RFC 2616. The Net::HTTP class supports HTTP/1.0 and HTTP/1.1 + +%changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b4ZAPPEND +- Updated dependency perl-io-socket-ssl for perl-net-http +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Updated dependency perl-io-socket-ssl for perl-net-http +* Tue Apr 21 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-io-socket-ssl + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-net-server/zimbra-perl-net-server/debian/changelog b/thirdparty/perl-net-server/zimbra-perl-net-server/debian/changelog index 4919bc9e2..3170c4b3d 100644 --- a/thirdparty/perl-net-server/zimbra-perl-net-server/debian/changelog +++ b/thirdparty/perl-net-server/zimbra-perl-net-server/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-net-server (VERSION-ITERATIONZAPPEND) unstable; urgency=low + + * Upgraded Net-Server to 2.009 + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-net-server (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-net-server/zimbra-perl-net-server/rpm/SPECS/net-server.spec b/thirdparty/perl-net-server/zimbra-perl-net-server/rpm/SPECS/net-server.spec index 2d6322ec0..0097c21da 100644 --- a/thirdparty/perl-net-server/zimbra-perl-net-server/rpm/SPECS/net-server.spec +++ b/thirdparty/perl-net-server/zimbra-perl-net-server/rpm/SPECS/net-server.spec @@ -21,6 +21,10 @@ number of preforked children (Net::Server::PreForkSimple), or as a managed preforking server which maintains the number of children based on server load (Net::Server::PreFork). +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgraded Net-Server to 2.009 + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-net-ssleay/Makefile b/thirdparty/perl-net-ssleay/Makefile index 0b0fbe627..34dcaa875 100644 --- a/thirdparty/perl-net-ssleay/Makefile +++ b/thirdparty/perl-net-ssleay/Makefile @@ -8,7 +8,7 @@ pname_lc := net-ssleay pfile := $(pname)-$(pvers).tar.gz psrc_file := $(SRC_DIR)/$(pfile) -purl := https://cpan.metacpan.org/authors/id/M/MI/MIKEM/$(pfile) +purl := https://cpan.metacpan.org/authors/id/C/CH/CHRISN//$(pfile) zname := zimbra-perl-$(pname_lc) zspec := $(pname_lc).spec diff --git a/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/debian/changelog b/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/debian/changelog index c2aebb644..ea25ddfaa 100644 --- a/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/debian/changelog +++ b/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/debian/changelog @@ -1,3 +1,15 @@ +zimbra-perl-net-ssleay (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Updated dependency openssl to 1.1.1h + + -- Zimbra Packaging Services Fri, 02 Dec 2020 22:26:24 +0000 + +zimbra-perl-net-ssleay (VERSION-ITERATIONZAPPEND) unstable; urgency=medium + + * Upgraded to 1.88 and updated dependency openssl to 1.1.1g + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-perl-net-ssleay (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/debian/control b/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/debian/control index ec153035b..b0b809bda 100644 --- a/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/debian/control +++ b/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/debian/control @@ -2,7 +2,7 @@ Source: zimbra-perl-net-ssleay Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-openssl-dev +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-openssl-dev (>= 1.1.1h-1zimbra8.7b3ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/Net-SSLeay diff --git a/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/debian/rules b/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/debian/rules index 06fbb7ebe..f1f689813 100755 --- a/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/debian/rules +++ b/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/debian/rules @@ -27,3 +27,6 @@ override_dh_auto_install: dh_auto_install rm -f $(CURDIR)/debian/$(shell dh_listpackages)/OZCL/perl5/$(PERL_ARCHNAME)/perllocal.pod rm -f $(CURDIR)/debian/$(shell dh_listpackages)/OZCL/perl5/$(PERL_ARCHNAME)/auto/*/*/.packlist + +override_dh_shlibdeps: + dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info diff --git a/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/rpm/SPECS/net-ssleay.spec b/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/rpm/SPECS/net-ssleay.spec index 2a1827466..fb018be2b 100644 --- a/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/rpm/SPECS/net-ssleay.spec +++ b/thirdparty/perl-net-ssleay/zimbra-perl-net-ssleay/rpm/SPECS/net-ssleay.spec @@ -1,13 +1,13 @@ Summary: Perl extension for using OpenSSL Name: zimbra-perl-net-ssleay Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: Artistic 2.0 Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-openssl-devel -Requires: zimbra-perl-base, zimbra-openssl-libs +BuildRequires: zimbra-perl-base, zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND +Requires: zimbra-perl-base, zimbra-openssl-libs >= 1.1.1h-1zimbra8.7b3ZAPPEND AutoReqProv: no URL: https://metacpan.org/release/Net-SSLeay @@ -21,6 +21,12 @@ The Net::SSLeay module basically comprises: %define debug_package %{nil} +%changelog +* Fri Dec 02 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency openssl to 1.1.1h +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgraded to 1.88 and updated dependency openssl to 1.1.1g + %prep %setup -n Net-SSLeay-%{version} diff --git a/thirdparty/perl-soap-lite/zimbra-perl-soap-lite/debian/changelog b/thirdparty/perl-soap-lite/zimbra-perl-soap-lite/debian/changelog index 7c71debe7..75eaecef6 100644 --- a/thirdparty/perl-soap-lite/zimbra-perl-soap-lite/debian/changelog +++ b/thirdparty/perl-soap-lite/zimbra-perl-soap-lite/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependencies zimbra-perl-io-compress,zimbra-perl-io-socket-ssl,zimbra-perl-lwp-protocol-https,zimbra-perl-libwww,zimbra-perl-xml-parser + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-soap-lite/zimbra-perl-soap-lite/debian/control b/thirdparty/perl-soap-lite/zimbra-perl-soap-lite/debian/control index ddfc5df56..8c621e49f 100644 --- a/thirdparty/perl-soap-lite/zimbra-perl-soap-lite/debian/control +++ b/thirdparty/perl-soap-lite/zimbra-perl-soap-lite/debian/control @@ -3,18 +3,18 @@ Section: perl Priority: optional Maintainer: Zimbra Packaging Services Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-class-inspector, - zimbra-perl-io-compress, zimbra-perl-io-sessiondata, zimbra-perl-io-socket-ssl, - zimbra-perl-lwp-protocol-https, zimbra-perl-libwww, zimbra-perl-task-weaken, - zimbra-perl-uri, zimbra-perl-xml-parser, zimbra-perl-mime-tools + zimbra-perl-io-compress (>= 2.093-1zimbra8.7b1ZAPPEND), zimbra-perl-io-sessiondata, zimbra-perl-io-socket-ssl (>= 2.068-1zimbra8.7b1ZAPPEND), + zimbra-perl-lwp-protocol-https (>= 6.06-1zimbra8.7b2ZAPPEND), zimbra-perl-libwww (>= 6.13-1zimbra8.7b2ZAPPEND), zimbra-perl-task-weaken, + zimbra-perl-uri, zimbra-perl-xml-parser (>= 2.44-1zimbra8.7b2ZAPPEND), zimbra-perl-mime-tools Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/MODNAME Package: zimbra-perl-MODNORMNAME Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, - zimbra-perl-class-inspector, zimbra-perl-io-compress, zimbra-perl-io-sessiondata, - zimbra-perl-io-socket-ssl, zimbra-perl-lwp-protocol-https, zimbra-perl-libwww, - zimbra-perl-task-weaken, zimbra-perl-uri, zimbra-perl-xml-parser, zimbra-perl-mime-tools + zimbra-perl-class-inspector, zimbra-perl-io-compress (>= 2.093-1zimbra8.7b1ZAPPEND), zimbra-perl-io-sessiondata, + zimbra-perl-io-socket-ssl (>= 2.068-1zimbra8.7b1ZAPPEND), zimbra-perl-lwp-protocol-https (>= 6.06-1zimbra8.7b2ZAPPEND), zimbra-perl-libwww (>= 6.13-1zimbra8.7b2ZAPPEND), + zimbra-perl-task-weaken, zimbra-perl-uri, zimbra-perl-xml-parser (>= 2.44-1zimbra8.7b2ZAPPEND), zimbra-perl-mime-tools Description: SOAP::Lite - Perl's Web Services Toolkit SOAP::Lite is a collection of Perl modules which provides a simple and lightweight interface to the Simple Object Access Protocol (SOAP) both diff --git a/thirdparty/perl-soap-lite/zimbra-perl-soap-lite/rpm/SPECS/soap-lite.spec b/thirdparty/perl-soap-lite/zimbra-perl-soap-lite/rpm/SPECS/soap-lite.spec index 09915e041..f1bef0391 100644 --- a/thirdparty/perl-soap-lite/zimbra-perl-soap-lite/rpm/SPECS/soap-lite.spec +++ b/thirdparty/perl-soap-lite/zimbra-perl-soap-lite/rpm/SPECS/soap-lite.spec @@ -1,20 +1,20 @@ Summary: SOAP::Lite - Perl's Web Services Toolkit Name: zimbra-perl-MODNORMNAME Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b4ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-class-inspector, zimbra-perl-io-compress -BuildRequires: zimbra-perl-io-sessiondata, zimbra-perl-io-socket-ssl -BuildRequires: zimbra-perl-lwp-protocol-https, zimbra-perl-libwww -BuildRequires: zimbra-perl-task-weaken, zimbra-perl-uri, zimbra-perl-xml-parser +BuildRequires: zimbra-perl-base, zimbra-perl-class-inspector, zimbra-perl-io-compress >= 2.093-1zimbra8.7b1ZAPPEND +BuildRequires: zimbra-perl-io-sessiondata, zimbra-perl-io-socket-ssl >= 2.068-1zimbra8.7b3ZAPPEND +BuildRequires: zimbra-perl-lwp-protocol-https >= 6.06-1zimbra8.7b4ZAPPEND, zimbra-perl-libwww >= 6.13-1zimbra8.7b4ZAPPEND +BuildRequires: zimbra-perl-task-weaken, zimbra-perl-uri, zimbra-perl-xml-parser >= 2.44-1zimbra8.7b4ZAPPEND BuildRequires: zimbra-perl-mime-tools, zimbra-perl-xml-parser-lite -Requires: zimbra-perl-base, zimbra-perl-class-inspector, zimbra-perl-io-compress -Requires: zimbra-perl-io-sessiondata, zimbra-perl-io-socket-ssl -Requires: zimbra-perl-lwp-protocol-https, zimbra-perl-libwww -Requires: zimbra-perl-task-weaken, zimbra-perl-uri, zimbra-perl-xml-parser +Requires: zimbra-perl-base, zimbra-perl-class-inspector, zimbra-perl-io-compress >= 2.093-1zimbra8.7b1ZAPPEND +Requires: zimbra-perl-io-sessiondata, zimbra-perl-io-socket-ssl >= 2.068-1zimbra8.7b3ZAPPEND +Requires: zimbra-perl-lwp-protocol-https >= 6.06-1zimbra8.7b4ZAPPEND, zimbra-perl-libwww >= 6.13-1zimbra8.7b4ZAPPEND +Requires: zimbra-perl-task-weaken, zimbra-perl-uri, zimbra-perl-xml-parser >= 2.44-1zimbra8.7b4ZAPPEND Requires: zimbra-perl-mime-tools, zimbra-perl-xml-parser-lite AutoReqProv: no URL: https://metacpan.org/release/MODNAME @@ -24,6 +24,14 @@ SOAP::Lite is a collection of Perl modules which provides a simple and lightweight interface to the Simple Object Access Protocol (SOAP) both on client and server side. +%changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b4ZAPPEND +- Updated dependencies perl-io-socket-ssl, perl-lwp-protocol-https, perl-libwww, perl-xml-parser +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Updated dependencies perl-io-socket-ssl, perl-lwp-protocol-https, perl-libwww, perl-xml-parser +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependencies zimbra-perl-io-compress,zimbra-perl-io-socket-ssl,zimbra-perl-lwp-protocol-https,zimbra-perl-libwww,zimbra-perl-xml-parser + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-swatchdog/zimbra-perl-swatchdog/debian/changelog b/thirdparty/perl-swatchdog/zimbra-perl-swatchdog/debian/changelog index 7c71debe7..c274aeb49 100644 --- a/thirdparty/perl-swatchdog/zimbra-perl-swatchdog/debian/changelog +++ b/thirdparty/perl-swatchdog/zimbra-perl-swatchdog/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency perl-date-calc + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-swatchdog/zimbra-perl-swatchdog/debian/control b/thirdparty/perl-swatchdog/zimbra-perl-swatchdog/debian/control index 9bc254358..5cc3c4ab1 100644 --- a/thirdparty/perl-swatchdog/zimbra-perl-swatchdog/debian/control +++ b/thirdparty/perl-swatchdog/zimbra-perl-swatchdog/debian/control @@ -2,7 +2,7 @@ Source: zimbra-perl-MODNORMNAME Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-date-calc, +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-date-calc (>= 6.4-1zimbra8.7b2ZAPPEND), zimbra-perl-file-tail, zimbra-perl-date-manip, zimbra-perl-timedate Standards-Version: 3.9.5 Homepage: http://sourceforge.net/projects/swatch/ @@ -10,7 +10,7 @@ Homepage: http://sourceforge.net/projects/swatch/ Package: zimbra-perl-MODNORMNAME Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, - zimbra-perl-base, zimbra-perl-date-calc, zimbra-perl-file-tail, + zimbra-perl-base, zimbra-perl-date-calc (>= 6.4-1zimbra8.7b2ZAPPEND), zimbra-perl-file-tail, zimbra-perl-date-manip, zimbra-perl-timedate Description: swatchdog - Simple Log Watcher swatchdog.pl started out as swatch, the "simple watchdog" for activity diff --git a/thirdparty/perl-swatchdog/zimbra-perl-swatchdog/rpm/SPECS/swatchdog.spec b/thirdparty/perl-swatchdog/zimbra-perl-swatchdog/rpm/SPECS/swatchdog.spec index 80ffc4302..ae9f6a5c7 100644 --- a/thirdparty/perl-swatchdog/zimbra-perl-swatchdog/rpm/SPECS/swatchdog.spec +++ b/thirdparty/perl-swatchdog/zimbra-perl-swatchdog/rpm/SPECS/swatchdog.spec @@ -1,14 +1,14 @@ Summary: swatchdog - Simple Log Watcher Name: zimbra-perl-MODNORMNAME Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2 Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-date-calc, zimbra-perl-file-tail +BuildRequires: zimbra-perl-base, zimbra-perl-date-calc >= 6.4-1zimbra8.7b2ZAPPEND, zimbra-perl-file-tail BuildRequires: zimbra-perl-date-manip, zimbra-perl-timedate -Requires: zimbra-perl-base, zimbra-perl-date-calc, zimbra-perl-file-tail +Requires: zimbra-perl-base, zimbra-perl-date-calc >= 6.4-1zimbra8.7b2ZAPPEND, zimbra-perl-file-tail Requires: zimbra-perl-date-manip, zimbra-perl-timedate AutoReqProv: no URL: http://sourceforge.net/projects/swatch/ @@ -20,6 +20,10 @@ been evolving into a utility that can monitor just about any type of log. The name has been changed to satisfy a request made by the old Swiss watch company. +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency perl-date-calc + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-timedate/Makefile b/thirdparty/perl-timedate/Makefile index 34a77e715..28939a96d 100644 --- a/thirdparty/perl-timedate/Makefile +++ b/thirdparty/perl-timedate/Makefile @@ -40,6 +40,7 @@ build_rpm: $(replace-pathinfo) $(specfile) && \ $(MKDIR) BUILD BUILDROOT RPMS SOURCES SRPMS && \ $(CP) $(psrc_file) SOURCES/$(zname)-$(pvers).tar.gz && \ + $(CP) $(PKG_ROOT)/patches/*.patch SOURCES/ && \ $(PKG_BUILD) $(specfile) build_deb: z_tgz = $(zname)_$(pvers).orig.tar.gz diff --git a/thirdparty/perl-timedate/patches/timedate.patch b/thirdparty/perl-timedate/patches/timedate.patch new file mode 100644 index 000000000..8c5a83b31 --- /dev/null +++ b/thirdparty/perl-timedate/patches/timedate.patch @@ -0,0 +1,24 @@ +diff -ruN a/t/date.t b/t/date.t +--- a/t/date.t 2020-04-24 13:43:04.875656697 +0000 ++++ b/t/date.t 2020-04-24 13:43:25.543657280 +0000 +@@ -177,7 +177,7 @@ + + $x = time2str("%a %b %e %T %Y %Z",$time,'GMT'); + +- printf "%-40s\t%s\n", $_,$x,"\n"; ++ printf "%-40s\t%s\n", $_, $x; + + $y = str2time($x); + +diff -ruN a/t/getdate.t b/t/getdate.t +--- a/t/getdate.t 2020-04-24 13:46:19.035662176 +0000 ++++ b/t/getdate.t 2020-04-24 13:46:47.951662992 +0000 +@@ -156,7 +156,7 @@ + !; + + require Time::Local; +-my $offset = Time::Local::timegm(0,0,0,1,0,70); ++my $offset = Time::Local::timegm(0,0,0,1,0,1970); + + @data = split(/\n/, $data); + diff --git a/thirdparty/perl-timedate/zimbra-perl-timedate/rpm/SPECS/timedate.spec b/thirdparty/perl-timedate/zimbra-perl-timedate/rpm/SPECS/timedate.spec index 2520a10c2..298dbb8aa 100644 --- a/thirdparty/perl-timedate/zimbra-perl-timedate/rpm/SPECS/timedate.spec +++ b/thirdparty/perl-timedate/zimbra-perl-timedate/rpm/SPECS/timedate.spec @@ -2,6 +2,7 @@ Summary: TimeDate - Date formatting subroutines Name: zimbra-perl-timedate Version: VERSION Release: ITERATIONZAPPEND +Patch0: timedate.patch License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services @@ -18,6 +19,7 @@ Date formatting subroutines %prep %setup -n TimeDate-%{version} +%patch0 -p1 %build perl -I OZCL/perl5 Makefile.PL INSTALL_BASE=OZC \ diff --git a/thirdparty/perl-xml-parser/zimbra-perl-xml-parser/debian/changelog b/thirdparty/perl-xml-parser/zimbra-perl-xml-parser/debian/changelog index 7c71debe7..95304eb6c 100644 --- a/thirdparty/perl-xml-parser/zimbra-perl-xml-parser/debian/changelog +++ b/thirdparty/perl-xml-parser/zimbra-perl-xml-parser/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-libwww + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-xml-parser/zimbra-perl-xml-parser/debian/control b/thirdparty/perl-xml-parser/zimbra-perl-xml-parser/debian/control index aa6d620b6..aae3996af 100644 --- a/thirdparty/perl-xml-parser/zimbra-perl-xml-parser/debian/control +++ b/thirdparty/perl-xml-parser/zimbra-perl-xml-parser/debian/control @@ -2,13 +2,13 @@ Source: zimbra-perl-MODNORMNAME Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, libexpat1-dev, zimbra-perl-libwww +Build-Depends: debhelper (>= 9), zimbra-perl-base, libexpat1-dev, zimbra-perl-libwww (>= 6.13-1zimbra8.7b2ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/MODNAME Package: zimbra-perl-MODNORMNAME Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, libexpat1, - zimbra-perl-libwww + zimbra-perl-libwww (>= 6.13-1zimbra8.7b2ZAPPEND) Description: XML::Parser - A perl module for parsing XML documents This is a Perl extension interface to James Clark's XML parser, expat diff --git a/thirdparty/perl-xml-parser/zimbra-perl-xml-parser/rpm/SPECS/xml-parser.spec b/thirdparty/perl-xml-parser/zimbra-perl-xml-parser/rpm/SPECS/xml-parser.spec index d38c5277b..822527508 100644 --- a/thirdparty/perl-xml-parser/zimbra-perl-xml-parser/rpm/SPECS/xml-parser.spec +++ b/thirdparty/perl-xml-parser/zimbra-perl-xml-parser/rpm/SPECS/xml-parser.spec @@ -1,19 +1,27 @@ Summary: XML::Parser - A perl module for parsing XML documents Name: zimbra-perl-MODNORMNAME Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b4ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, expat-devel, zimbra-perl-libwww -Requires: zimbra-perl-base, expat, zimbra-perl-libwww +BuildRequires: zimbra-perl-base, expat-devel, zimbra-perl-libwww >= 6.13-1zimbra8.7b4ZAPPEND +Requires: zimbra-perl-base, expat, zimbra-perl-libwww >= 6.13-1zimbra8.7b4ZAPPEND AutoReqProv: no URL: https://metacpan.org/release/MODNAME %description This is a Perl extension interface to James Clark's XML parser, expat +%changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b4ZAPPEND +- Updated zimbra-perl-libwww +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Updated zimbra-perl-libwww +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-libwww + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-xml-sax-expat/zimbra-perl-xml-sax-expat/debian/changelog b/thirdparty/perl-xml-sax-expat/zimbra-perl-xml-sax-expat/debian/changelog index 7c71debe7..26283f6fc 100644 --- a/thirdparty/perl-xml-sax-expat/zimbra-perl-xml-sax-expat/debian/changelog +++ b/thirdparty/perl-xml-sax-expat/zimbra-perl-xml-sax-expat/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-xml-parser + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-xml-sax-expat/zimbra-perl-xml-sax-expat/debian/control b/thirdparty/perl-xml-sax-expat/zimbra-perl-xml-sax-expat/debian/control index cc107ddfc..afdf63b0e 100644 --- a/thirdparty/perl-xml-sax-expat/zimbra-perl-xml-sax-expat/debian/control +++ b/thirdparty/perl-xml-sax-expat/zimbra-perl-xml-sax-expat/debian/control @@ -3,14 +3,14 @@ Section: perl Priority: optional Maintainer: Zimbra Packaging Services Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-xml-sax, - zimbra-perl-xml-parser + zimbra-perl-xml-parser (>= 2.44-1zimbra8.7b2ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/MODNAME Package: zimbra-perl-MODNORMNAME Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, - zimbra-perl-xml-sax, zimbra-perl-xml-parser + zimbra-perl-xml-sax, zimbra-perl-xml-parser (>= 2.44-1zimbra8.7b2ZAPPEND) Description: XML::SAX::Expat - SAX2 Driver for Expat (XML::Parser) This is an implementation of a SAX2 driver sitting on top of Expat (XML::Parser) diff --git a/thirdparty/perl-xml-sax-expat/zimbra-perl-xml-sax-expat/rpm/SPECS/xml-sax-expat.spec b/thirdparty/perl-xml-sax-expat/zimbra-perl-xml-sax-expat/rpm/SPECS/xml-sax-expat.spec index 2b5c353b0..d8ecd5dfa 100644 --- a/thirdparty/perl-xml-sax-expat/zimbra-perl-xml-sax-expat/rpm/SPECS/xml-sax-expat.spec +++ b/thirdparty/perl-xml-sax-expat/zimbra-perl-xml-sax-expat/rpm/SPECS/xml-sax-expat.spec @@ -1,13 +1,13 @@ Summary: XML::SAX::Expat - SAX2 Driver for Expat (XML::Parser) Name: zimbra-perl-MODNORMNAME Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b4ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-xml-sax, zimbra-perl-xml-parser -Requires: zimbra-perl-base, zimbra-perl-xml-sax, zimbra-perl-xml-parser +BuildRequires: zimbra-perl-base, zimbra-perl-xml-sax, zimbra-perl-xml-parser >= 2.44-1zimbra8.7b4ZAPPEND +Requires: zimbra-perl-base, zimbra-perl-xml-sax, zimbra-perl-xml-parser >= 2.44-1zimbra8.7b4ZAPPEND AutoReqProv: no URL: https://metacpan.org/release/MODNAME @@ -15,6 +15,14 @@ URL: https://metacpan.org/release/MODNAME This is an implementation of a SAX2 driver sitting on top of Expat (XML::Parser) +%changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b4ZAPPEND +- Updated dependency zimbra-perl-xml-parser +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Updated dependency zimbra-perl-xml-parser +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-xml-parser + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-xml-simple/zimbra-perl-xml-simple/debian/changelog b/thirdparty/perl-xml-simple/zimbra-perl-xml-simple/debian/changelog index 7c71debe7..c0f1d28ae 100644 --- a/thirdparty/perl-xml-simple/zimbra-perl-xml-simple/debian/changelog +++ b/thirdparty/perl-xml-simple/zimbra-perl-xml-simple/debian/changelog @@ -1,3 +1,9 @@ +zimbra-perl-MODNORMNAME (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-xml-sax-expat + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-perl-MODNORMNAME (VERSION-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/thirdparty/perl-xml-simple/zimbra-perl-xml-simple/debian/control b/thirdparty/perl-xml-simple/zimbra-perl-xml-simple/debian/control index 30443e4f7..56547c463 100644 --- a/thirdparty/perl-xml-simple/zimbra-perl-xml-simple/debian/control +++ b/thirdparty/perl-xml-simple/zimbra-perl-xml-simple/debian/control @@ -2,13 +2,13 @@ Source: zimbra-perl-MODNORMNAME Section: perl Priority: optional Maintainer: Zimbra Packaging Services -Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-xml-sax-expat +Build-Depends: debhelper (>= 9), zimbra-perl-base, zimbra-perl-xml-sax-expat (>= 0.51-1zimbra8.7b2ZAPPEND) Standards-Version: 3.9.5 Homepage: https://metacpan.org/release/MODNAME Package: zimbra-perl-MODNORMNAME Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, zimbra-perl-base, - zimbra-perl-xml-sax-expat + zimbra-perl-xml-sax-expat (>= 0.51-1zimbra8.7b2ZAPPEND) Description: XML::Simple - Easily read/write XML (esp config files) Easily read/write XML (esp config files) diff --git a/thirdparty/perl-xml-simple/zimbra-perl-xml-simple/rpm/SPECS/xml-simple.spec b/thirdparty/perl-xml-simple/zimbra-perl-xml-simple/rpm/SPECS/xml-simple.spec index 6507259d9..41a5a199a 100644 --- a/thirdparty/perl-xml-simple/zimbra-perl-xml-simple/rpm/SPECS/xml-simple.spec +++ b/thirdparty/perl-xml-simple/zimbra-perl-xml-simple/rpm/SPECS/xml-simple.spec @@ -1,19 +1,27 @@ Summary: XML::Simple - Easily read/write XML (esp config files) Name: zimbra-perl-MODNORMNAME Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b3ZAPPEND License: GPL+ or Artistic Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services Group: Development/Languages -BuildRequires: zimbra-perl-base, zimbra-perl-xml-sax-expat -Requires: zimbra-perl-base, zimbra-perl-xml-sax-expat +BuildRequires: zimbra-perl-base, zimbra-perl-xml-sax-expat >= 0.51-1zimbra8.7b4ZAPPEND +Requires: zimbra-perl-base, zimbra-perl-xml-sax-expat >= 0.51-1zimbra8.7b4ZAPPEND AutoReqProv: no URL: https://metacpan.org/release/MODNAME %description Easily read/write XML (esp config files) +%changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Updated dependency zimbra-perl-xml-sax-expat +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded perl-xml-simple to 2.25 +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-xml-sax-expat + %define debug_package %{nil} %prep diff --git a/thirdparty/perl-zmq-libzmq3/Makefile b/thirdparty/perl-zmq-libzmq3/Makefile index 83e503aad..034dc607f 100644 --- a/thirdparty/perl-zmq-libzmq3/Makefile +++ b/thirdparty/perl-zmq-libzmq3/Makefile @@ -45,6 +45,7 @@ build_rpm: $(replace-pathinfo) $(specfile) && \ $(MKDIR) BUILD BUILDROOT RPMS SOURCES SRPMS && \ $(CP) $(psrc_file) SOURCES/$(zname)-$(pvers).tar.gz && \ + $(CP) $(PKG_ROOT)/patches/*.patch SOURCES/ && \ $(PKG_BUILD) $(specfile) build_deb: z_tgz = $(zname)_$(pvers).orig.tar.gz diff --git a/thirdparty/perl-zmq-libzmq3/patches/libzmq3.patch b/thirdparty/perl-zmq-libzmq3/patches/libzmq3.patch new file mode 100644 index 000000000..08fcc6eef --- /dev/null +++ b/thirdparty/perl-zmq-libzmq3/patches/libzmq3.patch @@ -0,0 +1,21 @@ +diff -ruN a/Makefile.PL b/Makefile.PL +--- a/Makefile.PL 2020-04-24 13:29:48.791634233 +0000 ++++ b/Makefile.PL 2020-04-24 13:30:27.439635323 +0000 +@@ -17,7 +17,7 @@ + all_from 'lib/ZMQ/LibZMQ3.pm'; + + # Detect libzmq, and display it for sanity +-do 'tools/detect_zmq.pl'; ++do './tools/detect_zmq.pl'; + print "Detected the following ZMQ settings:\n"; + foreach my $env (qw(ZMQ_HOME ZMQ_H ZMQ_INCLUDES ZMQ_LIBS ZMQ_TRACE)) { + printf " + %s = %s\n", $env, exists $ENV{$env} ? $ENV{$env} : "(null)"; +@@ -192,7 +192,7 @@ + homepage "https://github.com/lestrrat/p5-ZMQ"; + bugtracker "https://github.com/lestrrat/p5-ZMQ/issues"; + +-do 'tools/genfiles.pl'; ++do './tools/genfiles.pl'; + WriteAll; + + if ($^O eq 'darwin' && -f "Makefile") { diff --git a/thirdparty/perl-zmq-libzmq3/zimbra-perl-zmq-libzmq3/rpm/SPECS/zmq-libzmq3.spec b/thirdparty/perl-zmq-libzmq3/zimbra-perl-zmq-libzmq3/rpm/SPECS/zmq-libzmq3.spec index 9c1ee34c4..40d767d4a 100644 --- a/thirdparty/perl-zmq-libzmq3/zimbra-perl-zmq-libzmq3/rpm/SPECS/zmq-libzmq3.spec +++ b/thirdparty/perl-zmq-libzmq3/zimbra-perl-zmq-libzmq3/rpm/SPECS/zmq-libzmq3.spec @@ -4,6 +4,7 @@ Version: VERSION Release: ITERATIONZAPPEND License: Artistic 2.0 Source: %{name}-%{version}.tar.gz +Patch0: libzmq3.patch Packager: Zimbra Packaging Services Group: Development/Languages BuildRequires: zimbra-perl-base, zimbra-zeromq-devel, zimbra-perl-zmq-constants @@ -23,6 +24,7 @@ use this module. %prep %setup -n ZMQ-LibZMQ3-%{version} +%patch0 -p1 %build # Notes/Workarounds: diff --git a/thirdparty/pflogsumm/zimbra-pflogsumm/debian/changelog b/thirdparty/pflogsumm/zimbra-pflogsumm/debian/changelog index e99fc5047..b738d6164 100644 --- a/thirdparty/pflogsumm/zimbra-pflogsumm/debian/changelog +++ b/thirdparty/pflogsumm/zimbra-pflogsumm/debian/changelog @@ -1,3 +1,9 @@ +zimbra-pflogsumm (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-date-calc + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-pflogsumm (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/pflogsumm/zimbra-pflogsumm/debian/control b/thirdparty/pflogsumm/zimbra-pflogsumm/debian/control index c9dfc8aad..29eeda29c 100644 --- a/thirdparty/pflogsumm/zimbra-pflogsumm/debian/control +++ b/thirdparty/pflogsumm/zimbra-pflogsumm/debian/control @@ -11,7 +11,7 @@ Package: zimbra-pflogsumm Priority: optional Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-base, - zimbra-perl-base, zimbra-perl-date-calc + zimbra-perl-base, zimbra-perl-date-calc (>= 6.4-1zimbra8.7b2ZAPPEND) Description: Postfix Log Entry Summarizer pflogsumm.pl is designed to provide an over-view of postfix activity, with just enough detail to give the administrator diff --git a/thirdparty/pflogsumm/zimbra-pflogsumm/rpm/SPECS/pflogsumm.spec b/thirdparty/pflogsumm/zimbra-pflogsumm/rpm/SPECS/pflogsumm.spec index 2ab0c18c1..f0ce48bd0 100644 --- a/thirdparty/pflogsumm/zimbra-pflogsumm/rpm/SPECS/pflogsumm.spec +++ b/thirdparty/pflogsumm/zimbra-pflogsumm/rpm/SPECS/pflogsumm.spec @@ -1,11 +1,11 @@ Summary: Postfix Log Entry Summarizer Name: zimbra-pflogsumm Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2 Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services -Requires: zimbra-base, zimbra-perl-base, zimbra-perl-date-calc +Requires: zimbra-base, zimbra-perl-base, zimbra-perl-date-calc >= 6.4-1zimbra8.7b2ZAPPEND AutoReqProv: no URL: http://jimsun.linxnet.com/postfix_contrib.html @@ -14,6 +14,10 @@ pflogsumm.pl is designed to provide an over-view of postfix activity, with just enough detail to give the administrator a "heads up" for potential trouble spots. +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-date-calc + %define debug_package %{nil} %prep diff --git a/thirdparty/php/zimbra-php/debian/changelog b/thirdparty/php/zimbra-php/debian/changelog index b892b9838..cc959e123 100644 --- a/thirdparty/php/zimbra-php/debian/changelog +++ b/thirdparty/php/zimbra-php/debian/changelog @@ -1,3 +1,9 @@ +zimbra-php (VERSION-1zimbra8.7b4ZAPPEND) unstable; urgency=medium + + * Updated dependency zimbra-aspell-libs. + + -- Zimbra Packaging Services Fri, 24 Apr 2020 13:12:55 +0000 + zimbra-php (VERSION-1zimbra8.7b3ZAPPEND) unstable; urgency=medium * Updated PHP version. diff --git a/thirdparty/php/zimbra-php/debian/control b/thirdparty/php/zimbra-php/debian/control index 75b00cefb..db8efd2ae 100644 --- a/thirdparty/php/zimbra-php/debian/control +++ b/thirdparty/php/zimbra-php/debian/control @@ -1,7 +1,7 @@ Source: zimbra-php Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), zimbra-httpd-dev, zimbra-libxml2-dev, - zimbra-aspell-dev, zimbra-aspell, + zimbra-aspell-dev (>= 0.60.8-1zimbra8.7b1ZAPPEND), zimbra-aspell (>= 0.60.8-1zimbra8.7b1ZAPPEND), libz-dev Section: utils Priority: optional diff --git a/thirdparty/php/zimbra-php/rpm/SPECS/php.spec b/thirdparty/php/zimbra-php/rpm/SPECS/php.spec index 7e7aecd7a..62cac39ca 100644 --- a/thirdparty/php/zimbra-php/rpm/SPECS/php.spec +++ b/thirdparty/php/zimbra-php/rpm/SPECS/php.spec @@ -1,15 +1,15 @@ Summary: Zimbra's PHP build Name: zimbra-php Version: VERSION -Release: 1zimbra8.7b3ZAPPEND +Release: 1zimbra8.7b6ZAPPEND License: BSD Source: %{name}-%{version}.tar.bz2 BuildRequires: zlib-devel -BuildRequires: zimbra-httpd-devel -BuildRequires: zimbra-aspell-devel -BuildRequires: zimbra-aspell +BuildRequires: zimbra-httpd-devel >= 2.4.38-1zimbra8.7b3ZAPPEND +BuildRequires: zimbra-aspell-devel >= 0.60.8-1zimbra8.7b1ZAPPEND +BuildRequires: zimbra-aspell >= 0.60.8-1zimbra8.7b1ZAPPEND BuildRequires: zimbra-libxml2-devel -Requires: zimbra-aspell-libs +Requires: zimbra-aspell-libs >= 0.60.8-1zimbra8.7b1ZAPPEND Requires: zimbra-libxml2-libs Requires: zlib, zimbra-spell-base AutoReqProv: no @@ -19,6 +19,12 @@ URL: http://php.net The Zimbra PHP build %changelog +* Mon Nov 30 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b6ZAPPEND +- Updated zimbra-httpd. +* Mon Nov 30 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b5ZAPPEND +- Updated zimbra-httpd. +* Fri Apr 24 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b4ZAPPEND +-Updated dependency zimbra-aspell-libs. * Wed Feb 08 2019 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND -Updated PHP version. * Wed Jul 28 2017 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND diff --git a/thirdparty/postfix/zimbra-postfix/debian/changelog b/thirdparty/postfix/zimbra-postfix/debian/changelog index d2ba2bcf5..cf86a3a3e 100644 --- a/thirdparty/postfix/zimbra-postfix/debian/changelog +++ b/thirdparty/postfix/zimbra-postfix/debian/changelog @@ -1,3 +1,15 @@ +zimbra-postfix (VERSION-1zimbra8.7b3ZAPPEND) unstable; urgency=medium + + * Updated openssl, mariadb, cyrus-sasl, openldap, lmdb + + -- Zimbra Packaging Services Sat, 05 Dec 2020 22:26:24 +0000 + +zimbra-postfix (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded postfix to 3.5.6 + + -- Zimbra Packaging Services Mon, 20 Jul 2020 22:26:24 +0000 + zimbra-postfix (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/postfix/zimbra-postfix/debian/control b/thirdparty/postfix/zimbra-postfix/debian/control index b8ec161f0..a496a9d99 100644 --- a/thirdparty/postfix/zimbra-postfix/debian/control +++ b/thirdparty/postfix/zimbra-postfix/debian/control @@ -1,7 +1,7 @@ Source: zimbra-postfix Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), - zimbra-openldap-dev, zimbra-cyrus-sasl-dev, zimbra-openssl-dev, - zimbra-mariadb-dev, zimbra-lmdb-dev, libpcre3-dev + zimbra-openldap-dev (>= 2.4.49-1zimbra8.8b4ZAPPEND), zimbra-cyrus-sasl-dev (>= 2.1.26-1zimbra8.7b3ZAPPEND), zimbra-openssl-dev (>= 1.1.1h-1zimbra8.7b3ZAPPEND), + zimbra-mariadb-dev, zimbra-lmdb-dev (>= 2.4.49-1zimbra8.8b4ZAPPEND), libpcre3-dev Section: utils Priority: optional Maintainer: Zimbra Packaging Services diff --git a/thirdparty/postfix/zimbra-postfix/debian/patches/series b/thirdparty/postfix/zimbra-postfix/debian/patches/series index f488fa8fb..a40dfc3cb 100644 --- a/thirdparty/postfix/zimbra-postfix/debian/patches/series +++ b/thirdparty/postfix/zimbra-postfix/debian/patches/series @@ -2,4 +2,3 @@ postfix-main-cf-zimbra.patch stop-warning.patch postfix-ldap.patch lmdb-default.patch -pass-ip-address.patch diff --git a/thirdparty/postfix/zimbra-postfix/debian/rules b/thirdparty/postfix/zimbra-postfix/debian/rules index f7e2ac56b..d463ab3ee 100755 --- a/thirdparty/postfix/zimbra-postfix/debian/rules +++ b/thirdparty/postfix/zimbra-postfix/debian/rules @@ -53,3 +53,8 @@ override_dh_auto_install: rm -f mailq ln -s sendmail mailq ln -s sendmail newaliases + mkdir -p $$(pwd)/debian/tmpOZC/lib + cp -r /opt/zimbra/common/lib/libmariadb.so.3 $$(pwd)/debian/tmpOZC/lib/ + +override_dh_shlibdeps: + dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info diff --git a/thirdparty/postfix/zimbra-postfix/debian/zimbra-postfix.install b/thirdparty/postfix/zimbra-postfix/debian/zimbra-postfix.install index e8db6ff4e..ed6ba026c 100644 --- a/thirdparty/postfix/zimbra-postfix/debian/zimbra-postfix.install +++ b/thirdparty/postfix/zimbra-postfix/debian/zimbra-postfix.install @@ -2,3 +2,4 @@ opt/zimbra/common/conf opt/zimbra/common/libexec opt/zimbra/common/sbin opt/zimbra/common/share +opt/zimbra/common/lib diff --git a/thirdparty/postfix/zimbra-postfix/rpm/SPECS/postfix.spec b/thirdparty/postfix/zimbra-postfix/rpm/SPECS/postfix.spec index f2c34d959..cf3348430 100644 --- a/thirdparty/postfix/zimbra-postfix/rpm/SPECS/postfix.spec +++ b/thirdparty/postfix/zimbra-postfix/rpm/SPECS/postfix.spec @@ -1,37 +1,44 @@ Summary: Zimbra's Postfix build Name: zimbra-postfix Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b3ZAPPEND License: IPL-1.0 Source: %{name}-%{version}.tar.gz -BuildRequires: zimbra-openldap-devel -BuildRequires: zimbra-cyrus-sasl-devel -BuildRequires: zimbra-openssl-devel +BuildRequires: zimbra-openldap-devel >= 2.4.49-1zimbra8.8b4ZAPPEND +BuildRequires: zimbra-cyrus-sasl-devel >= 2.1.26-1zimbra8.7b3ZAPPEND +BuildRequires: zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND BuildRequires: zimbra-mariadb-devel -BuildRequires: zimbra-lmdb-devel +BuildRequires: zimbra-lmdb-devel >= 2.4.49-1zimbra8.8b4ZAPPEND BuildRequires: pcre-devel -Requires: pcre -Requires: zimbra-openldap-libs, zimbra-mta-base -Requires: zimbra-cyrus-sasl, zimbra-mariadb -Requires: zimbra-lmdb-libs, zimbra-openssl-libs +Requires: pcre, libicu +Requires: zimbra-openldap-libs >= 2.4.49-1zimbra8.8b4ZAPPEND, zimbra-mta-base +Requires: zimbra-cyrus-sasl >= 2.1.26-1zimbra8.7b3ZAPPEND, zimbra-mariadb +Requires: zimbra-lmdb-libs >= 2.4.49-1zimbra8.8b4ZAPPEND, zimbra-openssl-libs >= 1.1.1h-1zimbra8.7b3ZAPPEND Patch0: postfix-main-cf-zimbra.patch Patch1: stop-warning.patch Patch2: postfix-ldap.patch Patch3: lmdb-default.patch -Patch4: pass-ip-address.patch AutoReqProv: no URL: https://www.postfix.org/ %description The Zimbra Postfix build +%define debug_package %{nil} + +%changelog +* Sat Dec 05 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b3ZAPPEND +- Updated openldap, cyrus-sasl, openssl, lmdb +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded postfix to 3.5.6 + %prep %setup -n postfix-%{version} %patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 -%patch4 -p1 +#%patch4 -p1 %build LDFLAGS="-Wl,-rpath,OZCL"; export LDFLAGS; \ @@ -73,6 +80,8 @@ rm -f newaliases rm -f mailq ln -s sendmail mailq ln -s sendmail newaliases +mkdir -p ${RPM_BUILD_ROOT}OZC/lib +cp -r /opt/zimbra/common/lib/libmariadb.so.3 ${RPM_BUILD_ROOT}OZC/lib/ %files %defattr(-,root,root) @@ -80,6 +89,7 @@ ln -s sendmail newaliases OZCLE OZC/sbin OZCS +OZC/lib %post -p /bin/bash /bin/chgrp postdrop /opt/zimbra/common/sbin/postdrop @@ -89,5 +99,10 @@ OZCS /bin/chown -f zimbra:zimbra /opt/zimbra/common/conf/master.cf /bin/chown -f zimbra:zimbra /opt/zimbra/common/conf/main.cf if [ "$1" -ge "2" ]; then - /opt/zimbra/libexec/configrewrite mta + USER=$(whoami) + if [ "$USER" = "zimbra" ]; then + /opt/zimbra/libexec/configrewrite mta + else + su - zimbra -c "/opt/zimbra/libexec/configrewrite mta" + fi fi diff --git a/thirdparty/prepflog/zimbra-prepflog/debian/changelog b/thirdparty/prepflog/zimbra-prepflog/debian/changelog index 364d03794..008629cdc 100644 --- a/thirdparty/prepflog/zimbra-prepflog/debian/changelog +++ b/thirdparty/prepflog/zimbra-prepflog/debian/changelog @@ -1,3 +1,9 @@ +zimbra-prepflog (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-date-calc + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-prepflog (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/prepflog/zimbra-prepflog/debian/control b/thirdparty/prepflog/zimbra-prepflog/debian/control index 79f481b85..3aaefe885 100644 --- a/thirdparty/prepflog/zimbra-prepflog/debian/control +++ b/thirdparty/prepflog/zimbra-prepflog/debian/control @@ -11,7 +11,7 @@ Package: zimbra-prepflog Priority: optional Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, zimbra-base, - zimbra-perl-base, zimbra-perl-date-calc + zimbra-perl-base, zimbra-perl-date-calc (>= 6.4-1zimbra8.7b2ZAPPEND) Description: prepflog.pl - Pre-processor for pflogsumm The script sanitizes mail log files that are to be passed to pflogsumm or awstats disregarding the lines relating to the re-injection of messages into postfix. I diff --git a/thirdparty/prepflog/zimbra-prepflog/rpm/SPECS/prepflog.spec b/thirdparty/prepflog/zimbra-prepflog/rpm/SPECS/prepflog.spec index 845988944..bdcabf619 100644 --- a/thirdparty/prepflog/zimbra-prepflog/rpm/SPECS/prepflog.spec +++ b/thirdparty/prepflog/zimbra-prepflog/rpm/SPECS/prepflog.spec @@ -1,11 +1,11 @@ Summary: prepflog.pl - Pre-processor for pflogsumm Name: zimbra-prepflog Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: GPL-2 Source: %{name}-%{version}.tar.gz Packager: Zimbra Packaging Services -Requires: zimbra-base, zimbra-perl-base, zimbra-perl-date-calc +Requires: zimbra-base, zimbra-perl-base, zimbra-perl-date-calc >= 6.4-1zimbra8.7b2ZAPPEND AutoReqProv: no URL: http://www.voipsupport.it/pmwiki/pmwiki.php?n=Linux.PrePflog @@ -18,6 +18,10 @@ party virus checker. If your postfix setup requires additional content filters resulting in 3 or more passages of the same message through postfix, this script will not work for you. +%changelog +* Sat Apr 25 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Updated dependency zimbra-perl-date-calc + %define debug_package %{nil} %prep diff --git a/thirdparty/spamassassin-rules/zimbra-spamassassin-rules/debian/changelog b/thirdparty/spamassassin-rules/zimbra-spamassassin-rules/debian/changelog index 71b9adf38..9ba94c640 100644 --- a/thirdparty/spamassassin-rules/zimbra-spamassassin-rules/debian/changelog +++ b/thirdparty/spamassassin-rules/zimbra-spamassassin-rules/debian/changelog @@ -1,3 +1,8 @@ +zimbra-spamassassin-rules (1.0.0-1zimbra8.8b2ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-perl-mail-spamassassin + + -- Zimbra Packaging Services Mon, 27 Apr 2020 00:00:00 +0000 zimbra-spamassassin-rules (1.0.0-1zimbra8.8b1ZAPPEND) unstable; urgency=low * Upgraded spamAssasin to 3.4.4 diff --git a/thirdparty/spamassassin-rules/zimbra-spamassassin-rules/debian/control b/thirdparty/spamassassin-rules/zimbra-spamassassin-rules/debian/control index 512ea53ab..8c904c52d 100644 --- a/thirdparty/spamassassin-rules/zimbra-spamassassin-rules/debian/control +++ b/thirdparty/spamassassin-rules/zimbra-spamassassin-rules/debian/control @@ -8,6 +8,6 @@ Standards-Version: 3.9.5 Package: zimbra-spamassassin-rules Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, - zimbra-mta-base, zimbra-perl-mail-spamassassin (>= 3.4.4-1zimbra8.8b1ZAPPEND) + zimbra-mta-base, zimbra-perl-mail-spamassassin (>= 3.4.4-1zimbra8.8b2ZAPPEND) Description: Default ruleset for SpamAssassin Default ruleset for SpamAssassin diff --git a/thirdparty/spamassassin-rules/zimbra-spamassassin-rules/rpm/SPECS/spamassassin-rules.spec b/thirdparty/spamassassin-rules/zimbra-spamassassin-rules/rpm/SPECS/spamassassin-rules.spec index 36fa56098..a8727d8a3 100644 --- a/thirdparty/spamassassin-rules/zimbra-spamassassin-rules/rpm/SPECS/spamassassin-rules.spec +++ b/thirdparty/spamassassin-rules/zimbra-spamassassin-rules/rpm/SPECS/spamassassin-rules.spec @@ -1,9 +1,9 @@ Summary: Default ruleset for SpamAssassin Name: zimbra-spamassassin-rules Version: 1.0.0 -Release: 1zimbra8.8b1ZAPPEND +Release: 1zimbra8.8b4ZAPPEND License: Apache-2.0 -Requires: zimbra-mta-base, zimbra-perl-mail-spamassassin >= 3.4.4-1zimbra8.8b1ZAPPEND +Requires: zimbra-mta-base, zimbra-perl-mail-spamassassin >= 3.4.4-1zimbra8.8b4ZAPPEND Packager: Zimbra Packaging Services Group: Development/Languages AutoReqProv: no @@ -14,12 +14,19 @@ AutoReqProv: no Default ruleset for SpamAssassin %changelog -* Wed Apr 1 2020 Zimbra Packaging Services - VERSION-1zimbra8.8b1ZAPPEND +* Sat Dec 05 2020 Zimbra Packaging Services - 1.0.0-1zimbra8.8b4ZAPPEND +- Updated spamassassin with zimbra-perl-mail-dkim +* Thu Sep 10 2020 Zimbra Packaging Services - 1.0.0-1zimbra8.8b3ZAPPEND +- Updated zimbra-perl-mail-spamassassin +* Mon Apr 27 2020 Zimbra Packaging Services - 1.0.0-1zimbra8.8b2ZAPPEND +-Updated dependency zimbra-perl-mail-spamassassin +* Wed Apr 1 2020 Zimbra Packaging Services - 1.0.0-1zimbra8.8b1ZAPPEND -Upgraded spamAssasin to 3.4.4 %install mkdir -p ${RPM_BUILD_ROOT}/opt/zimbra/data/spamassassin/rules cp ../../../rules/updates_spamassassin_org/* ${RPM_BUILD_ROOT}/opt/zimbra/data/spamassassin/rules/ +rm -rf ${RPM_BUILD_ROOT}/opt/zimbra/data/spamassassin/rules/user_prefs.template %files %defattr(-,zimbra,zimbra) diff --git a/thirdparty/unbound/patches/log-facility.patch b/thirdparty/unbound/patches/log-facility.patch index cdac64476..e50a2575c 100644 --- a/thirdparty/unbound/patches/log-facility.patch +++ b/thirdparty/unbound/patches/log-facility.patch @@ -1,11 +1,12 @@ ---- unbound-1.5.3/util/log.c.orig 2015-06-24 15:37:40.055684534 -0500 -+++ unbound-1.5.3/util/log.c 2015-06-24 15:37:47.379684290 -0500 -@@ -113,7 +113,7 @@ - if(use_syslog) { - /* do not delay opening until first write, because we may +diff -ruN a/util/log.c b/util/log.c +--- a/util/log.c 2020-09-10 09:24:42.170106496 +0000 ++++ b/util/log.c 2020-09-10 09:25:33.946107957 +0000 +@@ -118,7 +118,7 @@ * chroot and no longer be able to access dev/log and so on */ -- openlog(ident, LOG_NDELAY, LOG_DAEMON); + /* the facility is LOG_DAEMON by default, but + * --with-syslog-facility=LOCAL[0-7] can override it */ +- openlog(ident, LOG_NDELAY, UB_SYSLOG_FACILITY); + openlog(ident, LOG_NDELAY, LOG_LOCAL0); logging_to_syslog = 1; - lock_quick_unlock(&log_lock); + lock_basic_unlock(&log_lock); return; diff --git a/thirdparty/unbound/zimbra-unbound/debian/changelog b/thirdparty/unbound/zimbra-unbound/debian/changelog index 2697ca1b6..1444f4d92 100644 --- a/thirdparty/unbound/zimbra-unbound/debian/changelog +++ b/thirdparty/unbound/zimbra-unbound/debian/changelog @@ -1,3 +1,15 @@ +zimbra-unbound (VERSION-1zimbra8.7b2ZAPPEND) unstable; urgency=medium + + * Upgraded dependency openssl to 1.1.1h + + -- Zimbra Packaging Services Fri, 02 Dec 2020 22:26:24 +0000 + +zimbra-unbound (VERSION-ITERATIONZAPPEND) unstable; urgency=medium + + * Upgraded to 1.110 and updated dependency openssl to 1.1.1g + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-unbound (VERSION-ITERATIONZAPPEND) unstable; urgency=medium * Initial Release. diff --git a/thirdparty/unbound/zimbra-unbound/debian/control b/thirdparty/unbound/zimbra-unbound/debian/control index 7a2dd7826..1960ddbe7 100644 --- a/thirdparty/unbound/zimbra-unbound/debian/control +++ b/thirdparty/unbound/zimbra-unbound/debian/control @@ -1,6 +1,6 @@ Source: zimbra-unbound Build-Depends: debhelper (>= 9), m4, dpkg-dev (>= 1.15.7), libexpat1-dev, - zimbra-openssl-dev + zimbra-openssl-dev (>= 1.1.1h-1zimbra8.7b3ZAPPEND) Section: utils Priority: optional Maintainer: Zimbra Packaging Services diff --git a/thirdparty/unbound/zimbra-unbound/debian/rules b/thirdparty/unbound/zimbra-unbound/debian/rules index a7102026c..9ab8afe45 100755 --- a/thirdparty/unbound/zimbra-unbound/debian/rules +++ b/thirdparty/unbound/zimbra-unbound/debian/rules @@ -22,3 +22,6 @@ override_dh_strip: override_dh_auto_install: make install DESTDIR=$$(pwd)/debian/tmp + +override_dh_shlibdeps: + dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info diff --git a/thirdparty/unbound/zimbra-unbound/debian/zimbra-unbound-lib.install b/thirdparty/unbound/zimbra-unbound/debian/zimbra-unbound-lib.install index c5b058b7d..3aeccf2b9 100644 --- a/thirdparty/unbound/zimbra-unbound/debian/zimbra-unbound-lib.install +++ b/thirdparty/unbound/zimbra-unbound/debian/zimbra-unbound-lib.install @@ -1 +1,2 @@ opt/zimbra/common/lib/*.so.* +opt/zimbra/common/lib/pkgconfig/libunbound.pc diff --git a/thirdparty/unbound/zimbra-unbound/rpm/SPECS/unbound.spec b/thirdparty/unbound/zimbra-unbound/rpm/SPECS/unbound.spec index 7524b2173..c794f6e9a 100644 --- a/thirdparty/unbound/zimbra-unbound/rpm/SPECS/unbound.spec +++ b/thirdparty/unbound/zimbra-unbound/rpm/SPECS/unbound.spec @@ -1,12 +1,12 @@ Summary: Zimbra's Unbound build Name: zimbra-unbound Version: VERSION -Release: ITERATIONZAPPEND +Release: 1zimbra8.7b2ZAPPEND License: BSD Source: %{name}-%{version}.tar.gz Patch0: log-facility.patch -BuildRequires: expat-devel, zimbra-openssl-devel -Requires: expat, zimbra-openssl-libs +BuildRequires: expat-devel, zimbra-openssl-devel >= 1.1.1h-1zimbra8.7b3ZAPPEND +Requires: expat, zimbra-openssl-libs >= 1.1.1h-1zimbra8.7b3ZAPPEND Requires: zimbra-unbound-libs = %{version}-%{release} AutoReqProv: no URL: https://www.unbound.net/ @@ -14,6 +14,14 @@ URL: https://www.unbound.net/ %description The Zimbra Unbound build +%define debug_package %{nil} + +%changelog +* Fri Dec 02 2020 Zimbra Packaging Services - VERSION-1zimbra8.7b2ZAPPEND +- Upgraded dependency openssl to 1.1.1h +* Thu Sep 10 2020 Zimbra Packaging Services - VERSION-ITERATIONZAPPEND +- Upgraded to 1.110 and updated dependency openssl to 1.1.1g + %prep %setup -n unbound-%{version} %patch0 -p1 @@ -57,6 +65,7 @@ OZCS %files libs %defattr(-,root,root) OZCL/*.so.* +OZC/lib/pkgconfig/libunbound.pc %files devel %defattr(-,root,root) diff --git a/versions.def b/versions.def index de51c5f1d..c67474a99 100644 --- a/versions.def +++ b/versions.def @@ -4,9 +4,9 @@ AMAVISD_VERSION := 2.10.1 APR_VERSION := 1.5.2 -APR_UTIL_VERSION := 1.5.4 +APR_UTIL_VERSION := 1.6.1 -ASPELL_VERSION := 0.60.7-rc1 +ASPELL_VERSION := 0.60.8 ASPELL-AR_VERSION := 1.2-0 ASPELL-AR_NORM := 1.2.0 ASPELL-DA_VERSION := 1.4.42-1 @@ -90,7 +90,7 @@ LIBTOOL_VERSION := 2.2.6b LOGWATCH_AMAVIS := 1.51.03 LOGWATCH_POSTFIX := 1.40.01 -MEMCACHED_VERSION := 1.4.37 +MEMCACHED_VERSION := 1.6.5 MARIADB_VERSION := 10.1.25 @@ -99,7 +99,7 @@ MAVEN_VERSION := 3.3.9 NGINX_VERSION := 1.7.1 NGINX_HTTP_KEEPALIVE := 19755fc0e22aa7d7ac2198f78b297951d31ea1dc -OPENSSL_VERSION := 1.0.2t +OPENSSL_VERSION := 1.1.1h PFLOGSUMM_VERSION := 1.1.5 @@ -109,7 +109,7 @@ PHP_VERSION := 7.3.1 PNG_VERSION := 1.6.23 -POSTFIX_VERSION := 3.1.1 +POSTFIX_VERSION := 3.5.6 POSTSRSD_VERSION := 1.3 @@ -121,11 +121,11 @@ SENDMAIL_VERSION := 8.15.2 SODIUM_VERSION := 1.0.6 -SNMP_VERSION := 5.7.3 +SNMP_VERSION := 5.8 TCMALLOC_VERSION := 2.4 -UNBOUND_VERSION := 1.5.9 +UNBOUND_VERSION := 1.11.0 XML_VERSION := 2.9.4 diff --git a/zimbra/apache-components/zimbra-apache-components/debian/changelog b/zimbra/apache-components/zimbra-apache-components/debian/changelog index baf564578..43c9f744c 100644 --- a/zimbra/apache-components/zimbra-apache-components/debian/changelog +++ b/zimbra/apache-components/zimbra-apache-components/debian/changelog @@ -1,3 +1,9 @@ +zimbra-apache-components (2.0.1-1zimbra8.8b1ZAPPEND) unstable; urgency=low + + * Updated dependency zimbra-php + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-apache-components (2.0.0-1zimbra8.8b1ZAPPEND) unstable; urgency=low * Php 7.3.1 diff --git a/zimbra/apache-components/zimbra-apache-components/debian/control b/zimbra/apache-components/zimbra-apache-components/debian/control index 21bf7f1e4..b8a3aba8a 100644 --- a/zimbra/apache-components/zimbra-apache-components/debian/control +++ b/zimbra/apache-components/zimbra-apache-components/debian/control @@ -8,7 +8,7 @@ Standards-Version: 3.9.5 Package: zimbra-apache-components Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, - zimbra-apache-base, zimbra-httpd (>= 2.4.38-1zimbra8.7b1ZAPPEND), zimbra-php (>= 7.3.1-1zimbra8.7b3ZAPPEND) + zimbra-apache-base, zimbra-httpd (>= 2.4.38-1zimbra8.7b1ZAPPEND), zimbra-php (>= 7.3.1-1zimbra8.7b4ZAPPEND) Description: Zimbra components for apache package Zimbra apache components pulls in all the packages used by zimbra-apache diff --git a/zimbra/apache-components/zimbra-apache-components/rpm/SPECS/apache-components.spec b/zimbra/apache-components/zimbra-apache-components/rpm/SPECS/apache-components.spec index f76d8c7d9..42e583ea2 100644 --- a/zimbra/apache-components/zimbra-apache-components/rpm/SPECS/apache-components.spec +++ b/zimbra/apache-components/zimbra-apache-components/rpm/SPECS/apache-components.spec @@ -1,9 +1,9 @@ Summary: Zimbra components for apache package Name: zimbra-apache-components -Version: 2.0.0 -Release: 1zimbra8.8b1ZAPPEND +Version: 2.0.3 +Release: 1zimbra8.8b1ZAPPEND License: GPL-2 -Requires: zimbra-apache-base, zimbra-httpd >= 2.4.38-1zimbra8.7b1ZAPPEND, zimbra-php >= 7.3.1-1zimbra8.7b3ZAPPEND +Requires: zimbra-apache-base, zimbra-httpd >= 2.4.38-1zimbra8.7b3ZAPPEND, zimbra-php >= 7.3.1-1zimbra8.7b6ZAPPEND Packager: Zimbra Packaging Services Group: Development/Languages AutoReqProv: no @@ -15,6 +15,12 @@ Zimbra apache components pulls in all the packages used by zimbra-apache %changelog +* Sat Dec 05 2020 Zimbra Packaging Services - 2.0.3 +- Updated zimbra-httpd and zimbra-php +* Thu Sep 10 2020 Zimbra Packaging Services - 2.0.2 +- Updated zimbra-httpd +* Sat Apr 25 2020 Zimbra Packaging Services - 2.0.1 +- Updated dependency zimbra-php * Mon Mar 25 2019 Zimbra Packaging Services - 2.0.0 - Updated PHP package. diff --git a/zimbra/core-components/zimbra-core-components/debian/changelog b/zimbra/core-components/zimbra-core-components/debian/changelog index 07e0924e1..ece2ff8e3 100644 --- a/zimbra/core-components/zimbra-core-components/debian/changelog +++ b/zimbra/core-components/zimbra-core-components/debian/changelog @@ -1,3 +1,13 @@ +zimbra-core-components (3.0.0-1zimbra8.8b1ZAPPEND) unstable; urgency=low + + * Updated Updated zimbra-perl,zimbra-pflogsumm,zimbra-prepflog and zimbra-perl-innotop + + -- Zimbra Packaging Services Tue, 28 Apr 2020 00:00:00 +0000 +zimbra-core-components (2.0.4-1zimbra8.8b1ZAPPEND) unstable; urgency=low + + * Updated Updated zimbra-perl,zimbra-pflogsumm,zimbra-prepflog and zimbra-perl-innotop + + -- Zimbra Packaging Services Tue, 28 Apr 2020 00:00:00 +0000 zimbra-core-components (2.0.3-1zimbra8.8b1ZAPPEND) unstable; urgency=low * Updated zimbra-osl package. diff --git a/zimbra/core-components/zimbra-core-components/debian/control b/zimbra/core-components/zimbra-core-components/debian/control index 03d4347f6..ae3d23356 100644 --- a/zimbra/core-components/zimbra-core-components/debian/control +++ b/zimbra/core-components/zimbra-core-components/debian/control @@ -8,10 +8,10 @@ Standards-Version: 3.9.5 Package: zimbra-core-components Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, - zimbra-base, zimbra-os-requirements, zimbra-perl, zimbra-pflogsumm, + zimbra-base, zimbra-os-requirements, zimbra-perl (>= 1.0.4-1zimbra8.7b1ZAPPEND), zimbra-pflogsumm (>= 1.1.5-1zimbra8.7b2ZAPPEND), zimbra-openssl (>= 1.0.2t-1zimbra8.7b2ZAPPEND), zimbra-curl, zimbra-cyrus-sasl, zimbra-rsync, - zimbra-mariadb-lib (>= 10.1.25-1zimbra8.7b1ZAPPEND), zimbra-openldap-client, zimbra-prepflog, - zimbra-tcmalloc-lib, zimbra-perl-innotop, zimbra-openjdk (>= 13.0.1-1zimbra8.8b1ZAPPEND), + zimbra-mariadb-lib (>= 10.1.25-1zimbra8.7b1ZAPPEND), zimbra-openldap-client, zimbra-prepflog (>= 0.4.1-1zimbra8.7b2ZAPPEND), + zimbra-tcmalloc-lib, zimbra-perl-innotop (>= 1.9.1-1zimbra8.7b2ZAPPEND), zimbra-openjdk (>= 13.0.1-1zimbra8.8b1ZAPPEND), zimbra-openjdk-cacerts, zimbra-osl (>= 2.0.0-1zimbra9.0b1ZAPPEND), zimbra-amavis-logwatch, zimbra-postfix-logwatch, zimbra-rrdtool Description: Zimbra components for core package diff --git a/zimbra/core-components/zimbra-core-components/rpm/SPECS/core-components.spec b/zimbra/core-components/zimbra-core-components/rpm/SPECS/core-components.spec index 2356f18d2..42a78d062 100644 --- a/zimbra/core-components/zimbra-core-components/rpm/SPECS/core-components.spec +++ b/zimbra/core-components/zimbra-core-components/rpm/SPECS/core-components.spec @@ -1,14 +1,19 @@ Summary: Zimbra components for core package Name: zimbra-core-components -Version: 2.0.3 +Version: 3.0.7 Release: 1zimbra8.8b1ZAPPEND License: GPL-2 -Requires: zimbra-base, zimbra-os-requirements, zimbra-perl, zimbra-pflogsumm -Requires: zimbra-openssl >= 1.0.2t-1zimbra8.7b2ZAPPEND,zimbra-curl, zimbra-cyrus-sasl, zimbra-rsync -Requires: zimbra-mariadb-libs >= 10.1.25-1zimbra8.7b1ZAPPEND, zimbra-openldap-client, zimbra-osl >= 2.0.0-1zimbra9.0b1ZAPPEND -Requires: zimbra-prepflog, zimbra-tcmalloc-libs, zimbra-perl-innotop -Requires: zimbra-openjdk >= 13.0.1-1zimbra8.8b1ZAPPEND, zimbra-openjdk-cacerts, zimbra-amavis-logwatch -Requires: zimbra-postfix-logwatch, zimbra-rrdtool +Requires: zimbra-base, zimbra-os-requirements, zimbra-perl >= 1.0.6-1zimbra8.7b1ZAPPEND +Requires: zimbra-pflogsumm >= 1.1.5-1zimbra8.7b2ZAPPEND +Requires: zimbra-openssl >= 1.1.1k-1zimbra8.7b4ZAPPEND, zimbra-curl >= 7.49.1-1zimbra8.7b3ZAPPEND +Requires: zimbra-cyrus-sasl >= 2.1.26-1zimbra8.7b3ZAPPEND, zimbra-rsync +Requires: zimbra-mariadb-libs >= 10.1.25-1zimbra8.7b3ZAPPEND +Requires: zimbra-openldap-client >= 2.4.59-1zimbra8.8b4ZAPPEND, zimbra-osl >= 2.0.0-1zimbra9.0b1ZAPPEND +Requires: zimbra-prepflog >= 0.4.1-1zimbra8.7b2ZAPPEND, zimbra-tcmalloc-libs +Requires: zimbra-perl-innotop >= 1.9.1-1zimbra8.7b4ZAPPEND +Requires: zimbra-openjdk >= 13.0.1-1zimbra8.8b1ZAPPEND, zimbra-openjdk-cacerts >= 1.0.6-1zimbra8.7b1ZAPPEND +Requires: zimbra-amavis-logwatch +Requires: zimbra-postfix-logwatch >= 1.40.03-1zimbra8.7b1ZAPPEND, zimbra-rrdtool Packager: Zimbra Packaging Services Group: Development/Languages AutoReqProv: no @@ -16,6 +21,18 @@ AutoReqProv: no %define debug_package %{nil} %changelog +* Tue Aug 24 2021 Zimbra Packaging Services - 3.0.7 +- Upgraded openjdk-cacerts +* Tue Aug 17 2021 Zimbra Packaging Services - 3.0.6 +- Upgraded openldap to 2.4.59 +* Sun Dec 06 2020 Zimbra Packaging Services - 3.0.2 +- Updated openssl,curl,perl,perl-innotop,cyrus-sasl,mariadb,openldap +* Sun Dec 06 2020 Zimbra Packaging Services - 2.0.6 +- Updated openssl,curl,perl,perl-innotop,cyrus-sasl,mariadb,openldap +* Thu Sep 10 2020 Zimbra Packaging Services - 2.0.5 +- Updated openssl,curl,perl,perl-innotop,cyrus-sasl,mariadb,openldap +* Tue Apr 28 2020 Zimbra Packaging Services - 2.0.4 +- Updated zimbra-perl,zimbra-pflogsumm,zimbra-prepflog and zimbra-perl-innotop * Tue Apr 07 2020 Zimbra Packaging Services - 2.0.3 - Update zimbra osl * Tue Mar 31 2020 Zimbra Packaging Services - 2.0.2 diff --git a/zimbra/dnscache-components/zimbra-dnscache-components/debian/changelog b/zimbra/dnscache-components/zimbra-dnscache-components/debian/changelog index dec82a9b8..a163fef28 100644 --- a/zimbra/dnscache-components/zimbra-dnscache-components/debian/changelog +++ b/zimbra/dnscache-components/zimbra-dnscache-components/debian/changelog @@ -1,3 +1,15 @@ +zimbra-dnscache-components (1.0.2-1zimbra8.7b1ZAPPEND) unstable; urgency=medium + + * Updated dependency zimbra-unbound + + -- Zimbra Packaging Services Sat, 05 Dec 2020 22:26:24 +0000 + +zimbra-dnscache-components (1.0.1-1zimbra8.7b1ZAPPEND) unstable; urgency=medium + + * Updated dependency zimbra-unbound + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-dnscache-components (1.0.0-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/zimbra/dnscache-components/zimbra-dnscache-components/debian/control b/zimbra/dnscache-components/zimbra-dnscache-components/debian/control index 668e8f64c..a7a1da703 100644 --- a/zimbra/dnscache-components/zimbra-dnscache-components/debian/control +++ b/zimbra/dnscache-components/zimbra-dnscache-components/debian/control @@ -8,7 +8,7 @@ Standards-Version: 3.9.5 Package: zimbra-dnscache-components Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, - zimbra-dnscache-base, zimbra-unbound + zimbra-dnscache-base, zimbra-unbound (>= 1.11.0-1zimbra8.7b2ZAPPEND) Description: Zimbra components for dnscache package Zimbra dnscache components pulls in all the packages used by zimbra-dnscache diff --git a/zimbra/dnscache-components/zimbra-dnscache-components/rpm/SPECS/dnscache-components.spec b/zimbra/dnscache-components/zimbra-dnscache-components/rpm/SPECS/dnscache-components.spec index 03438d7b9..eb8baa273 100644 --- a/zimbra/dnscache-components/zimbra-dnscache-components/rpm/SPECS/dnscache-components.spec +++ b/zimbra/dnscache-components/zimbra-dnscache-components/rpm/SPECS/dnscache-components.spec @@ -1,15 +1,21 @@ Summary: Zimbra components for dnscache package Name: zimbra-dnscache-components -Version: 1.0.0 -Release: ITERATIONZAPPEND +Version: 1.0.2 +Release: 1zimbra8.7b1ZAPPEND License: GPL-2 -Requires: zimbra-dnscache-base, zimbra-unbound +Requires: zimbra-dnscache-base, zimbra-unbound >= 1.11.0-1zimbra8.7b2ZAPPEND Packager: Zimbra Packaging Services Group: Development/Languages AutoReqProv: no %define debug_package %{nil} +%changelog +* Sat Dec 05 2020 Zimbra Packaging Services - 1.0.2 +- Updated zimbra-unbound +* Thu Sep 10 2020 Zimbra Packaging Services - 1.0.1 +- Updated zimbra-unbound + %description Zimbra dnscache components pulls in all the packages used by zimbra-dnscache diff --git a/zimbra/ldap-components/zimbra-ldap-components/debian/changelog b/zimbra/ldap-components/zimbra-ldap-components/debian/changelog index 1fbab353b..5962dbcb8 100644 --- a/zimbra/ldap-components/zimbra-ldap-components/debian/changelog +++ b/zimbra/ldap-components/zimbra-ldap-components/debian/changelog @@ -1,3 +1,21 @@ +zimbra-ldap-components (1.0.6-1zimbra8.8b1ZAPPEND) unstable; urgency=medium + + * Updated openldap with openssl 1.1.1h + + -- Zimbra Packaging Services Sat, 05 Dec 2020 22:26:24 +0000 + +zimbra-ldap-components (1.0.5-1zimbra8.8b1ZAPPEND) unstable; urgency=medium + + * Updated openldap with openssl 1.1.1g + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + +zimbra-ldap-components (1.0.4-1zimbra8.8b1ZAPPEND) unstable; urgency=low + + * Fixed ZBUG-1441 in openldap + + -- Zimbra Packaging Services Tue, 09 Jun 2020 00:00:00 +0000 + zimbra-ldap-components (1.0.3-1zimbra8.8b1ZAPPEND) unstable; urgency=low * Updated openldap 2.4.49 diff --git a/zimbra/ldap-components/zimbra-ldap-components/debian/control b/zimbra/ldap-components/zimbra-ldap-components/debian/control index d7c42c2c2..2cb1b0161 100644 --- a/zimbra/ldap-components/zimbra-ldap-components/debian/control +++ b/zimbra/ldap-components/zimbra-ldap-components/debian/control @@ -8,7 +8,7 @@ Standards-Version: 3.9.5 Package: zimbra-ldap-components Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, - zimbra-ldap-base, zimbra-lmdb (>= 2.4.46-1zimbra8.7b3ZAPPEND), zimbra-openldap-server (>= 2.4.49-1zimbra8.8b1ZAPPEND) + zimbra-ldap-base, zimbra-lmdb (>= 2.4.49-1zimbra8.8b4ZAPPEND), zimbra-openldap-server (>= 2.4.49-1zimbra8.8b4ZAPPEND) Description: Zimbra components for ldap package Zimbra ldap components pulls in all the packages used by zimbra-ldap diff --git a/zimbra/ldap-components/zimbra-ldap-components/rpm/SPECS/ldap-components.spec b/zimbra/ldap-components/zimbra-ldap-components/rpm/SPECS/ldap-components.spec index 1686c09d3..3d2ac19c2 100644 --- a/zimbra/ldap-components/zimbra-ldap-components/rpm/SPECS/ldap-components.spec +++ b/zimbra/ldap-components/zimbra-ldap-components/rpm/SPECS/ldap-components.spec @@ -1,10 +1,10 @@ Summary: Zimbra components for ldap package Name: zimbra-ldap-components -Version: 1.0.3 +Version: 1.0.6 Release: ITERATIONZAPPEND License: GPL-2 -Requires: zimbra-ldap-base, zimbra-lmdb >= 2.4.46-1zimbra8.7b3ZAPPEND -Requires: zimbra-openldap-server >= 2.4.49-1zimbra8.8b1ZAPPEND +Requires: zimbra-ldap-base, zimbra-lmdb >= 2.4.49-1zimbra8.8b4ZAPPEND +Requires: zimbra-openldap-server >= 2.4.49-1zimbra8.8b4ZAPPEND Packager: Zimbra Packaging Services Group: Development/Languages AutoReqProv: no @@ -16,6 +16,12 @@ Zimbra ldap components pulls in all the packages used by zimbra-ldap %changelog +* Sat Dec 05 2020 Zimbra Packaging Services - 1.0.6 +- Updated openldap with openssl 1.1.h +* Thu Sep 10 2020 Zimbra Packaging Services - 1.0.5 +- Updated openldap with openssl 1.1.1g +* Tue Jun 09 2020 Zimbra Packaging Services - 1.0.4 +- Fixed ZBUG-1441 in openldap * Tue Mar 17 2020 Zimbra Packaging Services - 1.0.3 - Updated openldap to 2.4.49 * Tue Sep 18 2018 Zimbra Packaging Services - 1.0.2 diff --git a/zimbra/mta-components/zimbra-mta-components/debian/changelog b/zimbra/mta-components/zimbra-mta-components/debian/changelog index bb02834c4..a772f748a 100644 --- a/zimbra/mta-components/zimbra-mta-components/debian/changelog +++ b/zimbra/mta-components/zimbra-mta-components/debian/changelog @@ -1,3 +1,9 @@ +zimbra-mta-components (1.0.8-1zimbra8.8b1ZAPPEND) unstable; urgency=low + + * Updated dependencies zimbra-perl-mail-spamassassin, zimbra-spamassassin-rules + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-mta-components (1.0.7-1zimbra8.8b1ZAPPEND) unstable; urgency=low * Updated zimbra-clamav, zimbra-perl-mail-spamassassin, zimbra-spamassassin-rules packages diff --git a/zimbra/mta-components/zimbra-mta-components/debian/control b/zimbra/mta-components/zimbra-mta-components/debian/control index 5cc893d20..91be454f5 100644 --- a/zimbra/mta-components/zimbra-mta-components/debian/control +++ b/zimbra/mta-components/zimbra-mta-components/debian/control @@ -11,8 +11,8 @@ Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, sqlite3, zimbra-mta-base, zimbra-altermime, zimbra-amavisd, zimbra-clamav (>= 0.102.2-1zimbra8.8b1ZAPPEND), zimbra-clamav-db, zimbra-cluebringer, zimbra-mariadb (>= 10.1.25-1zimbra8.7b1ZAPPEND), - zimbra-opendkim, zimbra-perl-mail-spamassassin (>= 3.4.4-1zimbra8.8b1ZAPPEND), zimbra-postfix, - zimbra-spamassassin-rules (>= 1.0.0-1zimbra8.8b1ZAPPEND) + zimbra-opendkim, zimbra-perl-mail-spamassassin (>= 3.4.4-1zimbra8.8b2ZAPPEND), zimbra-postfix, + zimbra-spamassassin-rules (>= 1.0.0-1zimbra8.8b2ZAPPEND) Description: Zimbra components for MTA package Zimbra mta components pulls in all the packages used by zimbra-mta diff --git a/zimbra/mta-components/zimbra-mta-components/rpm/SPECS/mta-components.spec b/zimbra/mta-components/zimbra-mta-components/rpm/SPECS/mta-components.spec index 24ce064d7..3a9eb3795 100644 --- a/zimbra/mta-components/zimbra-mta-components/rpm/SPECS/mta-components.spec +++ b/zimbra/mta-components/zimbra-mta-components/rpm/SPECS/mta-components.spec @@ -1,13 +1,14 @@ Summary: Zimbra components for MTA package Name: zimbra-mta-components -Version: 1.0.7 +Version: 1.0.10 Release: 1zimbra8.8b1ZAPPEND License: GPL-2 Requires: sqlite, zimbra-mta-base, zimbra-altermime, zimbra-amavisd -Requires: zimbra-clamav >= 0.102.2-1zimbra8.8b1ZAPPEND, zimbra-clamav-db -Requires: zimbra-cluebringer, zimbra-mariadb >= 10.1.25-1zimbra8.7b1ZAPPEND -Requires: zimbra-opendkim, zimbra-perl-mail-spamassassin >= 3.4.4-1zimbra8.8b1ZAPPEND, zimbra-postfix -Requires: zimbra-spamassassin-rules >= 1.0.0-1zimbra8.8b1ZAPPEND +Requires: zimbra-clamav >= 0.102.2-1zimbra8.8b3ZAPPEND, zimbra-clamav-db +Requires: zimbra-cluebringer, zimbra-mariadb >= 10.1.25-1zimbra8.7b3ZAPPEND +Requires: zimbra-opendkim >= 2.10.3-1zimbra8.7b4ZAPPEND, zimbra-perl-mail-spamassassin >= 3.4.4-1zimbra8.8b4ZAPPEND +Requires: zimbra-postfix >= 3.5.6-1zimbra8.7b3ZAPPEND +Requires: zimbra-spamassassin-rules >= 1.0.0-1zimbra8.8b4ZAPPEND Packager: Zimbra Packaging Services Group: Development/Languages AutoReqProv: no @@ -19,6 +20,12 @@ Zimbra mta components pulls in all the packages used by zimbra-mta %changelog +* Sat Dec 05 2020 Zimbra Packaging Services - 1.0.10 +- Updated perl-mail-spamassassin,spamassassin-rules,opendkim,clamav,postfix,mariadb +* Thu Sep 10 2020 Zimbra Packaging Services - 1.0.9 +- Updated perl-mail-spamassassin,spamassassin-rules,opendkim,clamav,postfix,mariadb +* Sat Apr 25 2020 Zimbra Packaging Services - 1.0.8 +- Updated dependencies zimbra-perl-mail-spamassassin, zimbra-spamassassin-rules * Tue Apr 14 2020 Zimbra Packaging Services - 1.0.7 - Updated zimbra-clamav, zimbra-perl-mail-spamassassin, zimbra-spamassassin-rules packages * Wed Apr 1 2020 Zimbra Packaging Services - 1.0.6 diff --git a/zimbra/perl/zimbra-perl/debian/changelog b/zimbra/perl/zimbra-perl/debian/changelog index abeded06a..aa5165c10 100644 --- a/zimbra/perl/zimbra-perl/debian/changelog +++ b/zimbra/perl/zimbra-perl/debian/changelog @@ -1,3 +1,12 @@ +zimbra-perl (1.0.4-1zimbra8.7b1ZAPPEND) unstable; urgency=low + + * Updated archive-zip,bit-vector,carp-clan,compress-raw-bzip2,compress-raw-zlib,config-inifiles,date-calc + * Updated dbd-mysql,http-cookies,http-daemon,http-message,http-negotiate,innotop + * Updated io-compress,io-socket-ssl,libwww,list-moreutils,lwp-protocol-https + * Updated net-http,net-server,soap-lite,swatchdog,xml-parser,xml-sax-expat,xml-simple + + -- Zimbra Packaging Services Mon, 27 Apr 2020 00:00:00 +0000 + zimbra-perl (1.0.3-1zimbra8.7b1ZAPPEND) unstable; urgency=low * Updated perl-dbd-mysql. diff --git a/zimbra/perl/zimbra-perl/debian/control b/zimbra/perl/zimbra-perl/debian/control index 0a716e73e..b8cf45ca7 100644 --- a/zimbra/perl/zimbra-perl/debian/control +++ b/zimbra/perl/zimbra-perl/debian/control @@ -7,31 +7,31 @@ Standards-Version: 3.9.5 Package: zimbra-perl Architecture: all -Depends: zimbra-perl-base, zimbra-perl-archive-zip, zimbra-perl-berkeleydb, - zimbra-perl-bit-vector, zimbra-perl-cache-fastmmap, zimbra-perl-canary-stability, - zimbra-perl-carp-clan, zimbra-perl-class-inspector, zimbra-perl-compress-raw-bzip2, - zimbra-perl-compress-raw-zlib, zimbra-perl-config-inifiles, zimbra-perl-convert-asn1, +Depends: zimbra-perl-base, zimbra-perl-archive-zip (>= 1.53-1zimbra8.7b2ZAPPEND), zimbra-perl-berkeleydb, + zimbra-perl-bit-vector (>= 7.4-1zimbra8.7b2ZAPPEND), zimbra-perl-cache-fastmmap, zimbra-perl-canary-stability, + zimbra-perl-carp-clan (>= 6.08-1zimbra8.7b1ZAPPEND), zimbra-perl-class-inspector, zimbra-perl-compress-raw-bzip2 (>= 2.093-1zimbra8.7b1ZAPPEND), + zimbra-perl-compress-raw-zlib (>= 2.093-1zimbra8.7b1ZAPPEND), zimbra-perl-config-inifiles (>= 2.86-1zimbra8.7b2ZAPPEND), zimbra-perl-convert-asn1, zimbra-perl-convert-binhex, zimbra-perl-convert-tnef, zimbra-perl-convert-uulib, zimbra-perl-crypt-openssl-random, zimbra-perl-crypt-openssl-rsa, zimbra-perl-crypt-saltedhash, - zimbra-perl-data-uuid, zimbra-perl-date-calc, zimbra-perl-date-manip, zimbra-perl-dbd-mysql (>= 4.043-1zimbra8.7b2ZAPPEND), + zimbra-perl-data-uuid, zimbra-perl-date-calc (>= 6.4-1zimbra8.7b2ZAPPEND), zimbra-perl-date-manip, zimbra-perl-dbd-mysql (>= 4.043-1zimbra8.7b2ZAPPEND), zimbra-perl-dbd-sqlite, zimbra-perl-db-file, zimbra-perl-dbi, zimbra-perl-digest-hmac, zimbra-perl-digest-sha1, zimbra-perl-email-date-format, zimbra-perl-encode-detect, zimbra-perl-encode-locale, zimbra-perl-error, zimbra-perl-exporter-tiny, zimbra-perl-zmq-libzmq3, zimbra-perl-file-grep, zimbra-perl-file-libmagic, zimbra-perl-file-listing, zimbra-perl-filesys-df, zimbra-perl-file-tail, - zimbra-perl-geography-countries, zimbra-perl-html-parser, zimbra-perl-http-cookies, zimbra-perl-http-daemon, - zimbra-perl-http-date, zimbra-perl-http-message, zimbra-perl-http-negotiate, zimbra-perl-innotop, - zimbra-perl-io-compress, zimbra-perl-io-html, zimbra-perl-io-sessiondata, zimbra-perl-io-socket-inet6, - zimbra-perl-io-socket-ip, zimbra-perl-io-socket-ssl, zimbra-perl-io-stringy, zimbra-perl-ip-country, zimbra-perl-json-pp, - zimbra-perl-libwww, zimbra-perl-list-moreutils, zimbra-perl-lwp-mediatypes, zimbra-perl-lwp-protocol-https, + zimbra-perl-geography-countries, zimbra-perl-html-parser, zimbra-perl-http-cookies (>= 6.01-1zimbra8.7b2ZAPPEND), zimbra-perl-http-daemon (>= 6.01-1zimbra8.7b2ZAPPEND), + zimbra-perl-http-date, zimbra-perl-http-message (>= 6.11-1zimbra8.7b2ZAPPEND), zimbra-perl-http-negotiate (>= 6.01-1zimbra8.7b2ZAPPEND), zimbra-perl-innotop (>= 1.9.1-1zimbra8.7b2ZAPPEND), + zimbra-perl-io-compress (>= 2.093-1zimbra8.7b1ZAPPEND), zimbra-perl-io-html, zimbra-perl-io-sessiondata, zimbra-perl-io-socket-inet6, + zimbra-perl-io-socket-ip, zimbra-perl-io-socket-ssl (>= 2.068-1zimbra8.7b1ZAPPEND), zimbra-perl-io-stringy, zimbra-perl-ip-country, zimbra-perl-json-pp, + zimbra-perl-libwww (>= 6.13-1zimbra8.7b2ZAPPEND), zimbra-perl-list-moreutils (>= 0.428-1zimbra8.7b1ZAPPEND), zimbra-perl-lwp-mediatypes, zimbra-perl-lwp-protocol-https (>= 6.06-1zimbra8.7b2ZAPPEND), zimbra-perl-mail-dkim, zimbra-perl-mail-spf, zimbra-perl-mailtools, zimbra-perl-math-bigint, zimbra-perl-mime-lite, zimbra-perl-mime-tools, zimbra-perl-mime-types, zimbra-perl-mozilla-ca, zimbra-perl-netaddr-ip, zimbra-perl-net-cidr, zimbra-perl-net-cidr-lite, zimbra-perl-net-dns, zimbra-perl-net-dns-resolver-programmable, - zimbra-perl-net-http, zimbra-perl-net-ldap, zimbra-perl-net-ldapapi, zimbra-perl-net-libidn, zimbra-perl-net-server, - zimbra-perl-net-ssleay, zimbra-perl-parent, zimbra-perl-proc-processtable, zimbra-perl-soap-lite, zimbra-perl-socket, - zimbra-perl-socket-linux, zimbra-perl-swatchdog, zimbra-perl-task-weaken, zimbra-perl-term-readkey, zimbra-perl-timedate, + zimbra-perl-net-http (>= 6.09-1zimbra8.7b2ZAPPEND), zimbra-perl-net-ldap, zimbra-perl-net-ldapapi, zimbra-perl-net-libidn, zimbra-perl-net-server (>= 2.009-1zimbra8.7b1ZAPPEND), + zimbra-perl-net-ssleay, zimbra-perl-parent, zimbra-perl-proc-processtable, zimbra-perl-soap-lite (>= 1.19-1zimbra8.7b2ZAPPEND), zimbra-perl-socket, + zimbra-perl-socket-linux, zimbra-perl-swatchdog (>= 3.2.4-1zimbra8.7b2ZAPPEND), zimbra-perl-task-weaken, zimbra-perl-term-readkey, zimbra-perl-timedate, zimbra-perl-unix-getrusage, zimbra-perl-unix-syslog, zimbra-perl-uri, zimbra-perl-www-robotrules, - zimbra-perl-xml-namespacesupport, zimbra-perl-xml-parser, zimbra-perl-xml-parser-lite, zimbra-perl-xml-sax, - zimbra-perl-xml-sax-base, zimbra-perl-xml-sax-expat, zimbra-perl-xml-simple, zimbra-perl-zmq-constants, + zimbra-perl-xml-namespacesupport, zimbra-perl-xml-parser (>= 2.44-1zimbra8.7b2ZAPPEND), zimbra-perl-xml-parser-lite, zimbra-perl-xml-sax, + zimbra-perl-xml-sax-base, zimbra-perl-xml-sax-expat (>= 0.51-1zimbra8.7b2ZAPPEND), zimbra-perl-xml-simple (>= 2.20-1zimbra8.7b2ZAPPEND), zimbra-perl-zmq-constants, Description: Zimbra Perl Zimbra Perl is a meta package that can be used to install most all of the Zimbra required perl modules. The current sole exception is diff --git a/zimbra/perl/zimbra-perl/rpm/SPECS/perl.spec b/zimbra/perl/zimbra-perl/rpm/SPECS/perl.spec index 279042830..88e1b2394 100644 --- a/zimbra/perl/zimbra-perl/rpm/SPECS/perl.spec +++ b/zimbra/perl/zimbra-perl/rpm/SPECS/perl.spec @@ -1,35 +1,63 @@ Summary: Zimbra Perl Name: zimbra-perl -Version: 1.0.3 +Version: 1.0.6 Release: 1zimbra8.7b1ZAPPEND License: GPL-2 Packager: Zimbra Packaging Services Group: Development/Languages -Requires: zimbra-perl-base, zimbra-perl-archive-zip, zimbra-perl-berkeleydb -Requires: zimbra-perl-bit-vector, zimbra-perl-cache-fastmmap, zimbra-perl-canary-stability -Requires: zimbra-perl-carp-clan, zimbra-perl-class-inspector, zimbra-perl-compress-raw-bzip2 -Requires: zimbra-perl-compress-raw-zlib, zimbra-perl-config-inifiles, zimbra-perl-convert-asn1 +Requires: zimbra-perl-base, zimbra-perl-archive-zip >= 1.53-1zimbra8.7b2ZAPPEND, zimbra-perl-berkeleydb +Requires: zimbra-perl-bit-vector >= 7.4-1zimbra8.7b2ZAPPEND, zimbra-perl-cache-fastmmap +Requires: zimbra-perl-canary-stability +Requires: zimbra-perl-carp-clan >= 6.08-1zimbra8.7b1ZAPPEND, zimbra-perl-class-inspector +Requires: zimbra-perl-compress-raw-bzip2 >= 2.093-1zimbra8.7b1ZAPPEND +Requires: zimbra-perl-compress-raw-zlib >= 2.093-1zimbra8.7b1ZAPPEND +Requires: zimbra-perl-config-inifiles >= 2.86-1zimbra8.7b2ZAPPEND, zimbra-perl-convert-asn1 Requires: zimbra-perl-convert-binhex, zimbra-perl-convert-tnef, zimbra-perl-convert-uulib -Requires: zimbra-perl-crypt-openssl-random, zimbra-perl-crypt-openssl-rsa, zimbra-perl-crypt-saltedhash -Requires: zimbra-perl-data-uuid, zimbra-perl-date-calc, zimbra-perl-date-manip, zimbra-perl-dbd-mysql >= 4.043-1zimbra8.7b2ZAPPEND +Requires: zimbra-perl-crypt-openssl-random >= 0.11-1zimbra8.7b3ZAPPEND +Requires: zimbra-perl-crypt-openssl-rsa >= 0.31-1zimbra8.7b2ZAPPEND +Requires: zimbra-perl-crypt-saltedhash +Requires: zimbra-perl-data-uuid, zimbra-perl-date-calc >= 6.4-1zimbra8.7b2ZAPPEND +Requires: zimbra-perl-date-manip +Requires: zimbra-perl-dbd-mysql >= 4.050-1zimbra8.7b4ZAPPEND Requires: zimbra-perl-dbd-sqlite, zimbra-perl-db-file, zimbra-perl-dbi, zimbra-perl-digest-hmac Requires: zimbra-perl-digest-sha1, zimbra-perl-email-date-format, zimbra-perl-encode-detect Requires: zimbra-perl-encode-locale, zimbra-perl-error, zimbra-perl-exporter-tiny, zimbra-perl-zmq-libzmq3 Requires: zimbra-perl-file-grep, zimbra-perl-file-libmagic, zimbra-perl-file-listing, zimbra-perl-filesys-df -Requires: zimbra-perl-file-tail, zimbra-perl-geography-countries, zimbra-perl-html-parser, zimbra-perl-http-cookies -Requires: zimbra-perl-http-daemon, zimbra-perl-http-date, zimbra-perl-http-message, zimbra-perl-http-negotiate, zimbra-perl-innotop -Requires: zimbra-perl-io-compress, zimbra-perl-io-html, zimbra-perl-io-sessiondata, zimbra-perl-io-socket-inet6 -Requires: zimbra-perl-io-socket-ip, zimbra-perl-io-socket-ssl, zimbra-perl-io-stringy, zimbra-perl-ip-country, zimbra-perl-json-pp -Requires: zimbra-perl-libwww, zimbra-perl-list-moreutils, zimbra-perl-lwp-mediatypes, zimbra-perl-lwp-protocol-https -Requires: zimbra-perl-mail-dkim, zimbra-perl-mail-spf, zimbra-perl-mailtools, zimbra-perl-math-bigint, zimbra-perl-mime-lite -Requires: zimbra-perl-mime-tools, zimbra-perl-mime-types, zimbra-perl-mozilla-ca, zimbra-perl-netaddr-ip -Requires: zimbra-perl-net-cidr, zimbra-perl-net-cidr-lite, zimbra-perl-net-dns, zimbra-perl-net-dns-resolver-programmable -Requires: zimbra-perl-net-http, zimbra-perl-net-ldap, zimbra-perl-net-ldapapi, zimbra-perl-net-libidn, zimbra-perl-net-server -Requires: zimbra-perl-net-ssleay, zimbra-perl-parent, zimbra-perl-proc-processtable, zimbra-perl-soap-lite, zimbra-perl-socket -Requires: zimbra-perl-socket-linux, zimbra-perl-swatchdog, zimbra-perl-task-weaken, zimbra-perl-term-readkey, zimbra-perl-timedate +Requires: zimbra-perl-file-tail, zimbra-perl-geography-countries, zimbra-perl-html-parser +Requires: zimbra-perl-http-cookies >= 6.01-1zimbra8.7b2ZAPPEND +Requires: zimbra-perl-http-daemon >= 6.01-1zimbra8.7b2ZAPPEND, zimbra-perl-http-date +Requires: zimbra-perl-http-message >= 6.11-1zimbra8.7b2ZAPPEND +Requires: zimbra-perl-http-negotiate >= 6.01-1zimbra8.7b2ZAPPEND +Requires: zimbra-perl-innotop >= 1.9.1-1zimbra8.7b4ZAPPEND +Requires: zimbra-perl-io-compress >= 2.093-1zimbra8.7b1ZAPPEND +Requires: zimbra-perl-io-html, zimbra-perl-io-sessiondata, zimbra-perl-io-socket-inet6 +Requires: zimbra-perl-io-socket-ip, zimbra-perl-io-socket-ssl >= 2.068-1zimbra8.7b3ZAPPEND +Requires: zimbra-perl-io-stringy, zimbra-perl-ip-country +Requires: zimbra-perl-json-pp +Requires: zimbra-perl-libwww >= 6.13-1zimbra8.7b4ZAPPEND +Requires: zimbra-perl-list-moreutils >= 0.428-1zimbra8.7b1ZAPPEND, zimbra-perl-lwp-mediatypes +Requires: zimbra-perl-lwp-protocol-https >= 6.06-1zimbra8.7b4ZAPPEND +Requires: zimbra-perl-mail-dkim >= 0.40-1zimbra8.7b3ZAPPEND, zimbra-perl-mail-spf +Requires: zimbra-perl-mailtools, zimbra-perl-math-bigint +Requires: zimbra-perl-mime-lite +Requires: zimbra-perl-mime-tools, zimbra-perl-mime-types, zimbra-perl-mozilla-ca +Requires: zimbra-perl-netaddr-ip +Requires: zimbra-perl-net-cidr, zimbra-perl-net-cidr-lite, zimbra-perl-net-dns +Requires: zimbra-perl-net-dns-resolver-programmable +Requires: zimbra-perl-net-http >= 6.09-1zimbra8.7b4ZAPPEND, zimbra-perl-net-ldap, zimbra-perl-net-ldapapi +Requires: zimbra-perl-net-libidn +Requires: zimbra-perl-net-server >= 2.009-1zimbra8.7b1ZAPPEND +Requires: zimbra-perl-net-ssleay >= 1.88-1zimbra8.7b2ZAPPEND, zimbra-perl-parent +Requires: zimbra-perl-proc-processtable +Requires: zimbra-perl-soap-lite >= 1.19-1zimbra8.7b4ZAPPEND, zimbra-perl-socket +Requires: zimbra-perl-socket-linux, zimbra-perl-swatchdog >= 3.2.4-1zimbra8.7b2ZAPPEND +Requires: zimbra-perl-task-weaken, zimbra-perl-term-readkey, zimbra-perl-timedate Requires: zimbra-perl-unix-getrusage, zimbra-perl-unix-syslog, zimbra-perl-uri, zimbra-perl-www-robotrules -Requires: zimbra-perl-xml-namespacesupport, zimbra-perl-xml-parser, zimbra-perl-xml-parser-lite, zimbra-perl-xml-sax -Requires: zimbra-perl-xml-sax-base, zimbra-perl-xml-sax-expat, zimbra-perl-xml-simple, zimbra-perl-zmq-constants +Requires: zimbra-perl-xml-namespacesupport, zimbra-perl-xml-parser >= 2.44-1zimbra8.7b4ZAPPEND +Requires: zimbra-perl-xml-parser-lite, zimbra-perl-xml-sax +Requires: zimbra-perl-xml-sax-base, zimbra-perl-xml-sax-expat >= 0.51-1zimbra8.7b4ZAPPEND +Requires: zimbra-perl-xml-simple >= 2.25-1zimbra8.7b3ZAPPEND +Requires: zimbra-perl-zmq-constants AutoReqProv: no %define debug_package %{nil} @@ -40,6 +68,19 @@ of the Zimbra required perl modules. The current sole exception is the Mail::SpamAssassin module, as that is for MTA nodes only %changelog +* Sun Dec 06 2020 Zimbra Packaging Services - 1.0.6 +- Updated perl-net-ssleay, perl-dbd-mysql, perl-crypt-openssl-random, perl-crypt-openssl-rsa, perl-io-socket-ssl +- Updated perl-net-http, perl-libwww, perl-lwp-protocol-https, perl-xml-parser, perl-soap-lite, perl-xml-sax-expat +- Updated perl-xml-simple, perl-mail-dkim, perl-innotop +* Thu Sep 10 2020 Zimbra Packaging Services - 1.0.5 +- Updated perl-net-ssleay, perl-dbd-mysql, perl-crypt-openssl-random, perl-crypt-openssl-rsa, perl-io-socket-ssl +- Updated perl-net-http, perl-libwww, perl-lwp-protocol-https, perl-xml-parser, perl-soap-lite, perl-xml-sax-expat +- Updated perl-xml-simple, perl-mail-dkim, perl-innotop +* Thu Apr 27 2020 Zimbra Packaging Services - 1.0.4 +- Updated archive-zip,bit-vector,carp-clan,compress-raw-bzip2,compress-raw-zlib,config-inifiles,date-calc +- Updated dbd-mysql,http-cookies,http-daemon,http-message,http-negotiate,innotop +- Updated io-compress,io-socket-ssl,libwww,list-moreutils,lwp-protocol-https +- Updated net-http,net-server,soap-lite,swatchdog,xml-parser,xml-sax-expat,xml-simple * Thu Sep 7 2017 Zimbra Packaging Services - 1.0.3 - Updated perl-dbd-mysql * Fri Sep 22 2016 Zimbra Packaging Services - 1.0.2 diff --git a/zimbra/proxy-components/zimbra-proxy-components/debian/changelog b/zimbra/proxy-components/zimbra-proxy-components/debian/changelog index d79d7af19..9b650c8e6 100644 --- a/zimbra/proxy-components/zimbra-proxy-components/debian/changelog +++ b/zimbra/proxy-components/zimbra-proxy-components/debian/changelog @@ -1,3 +1,15 @@ +zimbra-proxy-components (1.0.6-1zimbra8.8b1ZAPPEND) unstable; urgency=low + + * Updated zimbra-nginx package to 1.19.0 + + -- Zimbra Packaging Services Sat, 05 Dec 2020 17:48:22 +0000 + +zimbra-proxy-components (1.0.5-1zimbra8.8b1ZAPPEND) unstable; urgency=low + + * Updated zimbra-nginx package + + -- Zimbra Packaging Services Mon, 19 Oct 2020 17:48:22 +0000 + zimbra-proxy-components (1.0.4-1zimbra8.8b1ZAPPEND) unstable; urgency=low * Updated zimbra-nginx package diff --git a/zimbra/proxy-components/zimbra-proxy-components/debian/control b/zimbra/proxy-components/zimbra-proxy-components/debian/control index fbd66e2ee..f97781b45 100644 --- a/zimbra/proxy-components/zimbra-proxy-components/debian/control +++ b/zimbra/proxy-components/zimbra-proxy-components/debian/control @@ -8,7 +8,7 @@ Standards-Version: 3.9.5 Package: zimbra-proxy-components Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, - zimbra-proxy-base, zimbra-nginx (>= 1.7.1-1zimbra8.8b1ZAPPEND) + zimbra-proxy-base, zimbra-nginx (>= 1.19.0-1zimbra8.8b1ZAPPEND) Description: Zimbra components for proxy package Zimbra proxy components pulls in all the packages used by zimbra-proxy diff --git a/zimbra/proxy-components/zimbra-proxy-components/rpm/SPECS/proxy-components.spec b/zimbra/proxy-components/zimbra-proxy-components/rpm/SPECS/proxy-components.spec index c7a487bc9..dcbdea9ed 100644 --- a/zimbra/proxy-components/zimbra-proxy-components/rpm/SPECS/proxy-components.spec +++ b/zimbra/proxy-components/zimbra-proxy-components/rpm/SPECS/proxy-components.spec @@ -1,9 +1,9 @@ Summary: Zimbra components for proxy package Name: zimbra-proxy-components -Version: 1.0.4 +Version: 1.0.6 Release: 1zimbra8.8b1ZAPPEND License: GPL-2 -Requires: zimbra-proxy-base, zimbra-nginx >= 1.7.1-1zimbra8.8b1ZAPPEND +Requires: zimbra-proxy-base, zimbra-nginx >= 1.19.0-1zimbra8.8b1ZAPPEND Packager: Zimbra Packaging Services Group: Development/Languages AutoReqProv: no @@ -11,6 +11,10 @@ AutoReqProv: no %define debug_package %{nil} %changelog +* Sat Dec 05 2020 Zimbra Packaging Services - 1.0.6 +- Updated zimbra-nginx package to 1.19.0 +* Mon Oct 19 2020 Zimbra Packaging Services - 1.0.5 +- Updated zimbra-nginx package * Tue Mar 17 2020 Zimbra Packaging Services - 1.0.4 - Updated zimbra-nginx package * Tue Feb 12 2019 Zimbra Packaging Services - 1.0.3 diff --git a/zimbra/snmp-components/zimbra-snmp-components/debian/changelog b/zimbra/snmp-components/zimbra-snmp-components/debian/changelog index 62d20f708..de8c9f011 100644 --- a/zimbra/snmp-components/zimbra-snmp-components/debian/changelog +++ b/zimbra/snmp-components/zimbra-snmp-components/debian/changelog @@ -1,3 +1,9 @@ +zimbra-snmp-components (1.0.1-ITERATIONZAPPEND) unstable; urgency=low + + * Updated zimbra-net-snmp + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-snmp-components (1.0.0-ITERATIONZAPPEND) unstable; urgency=low * Initial Release. diff --git a/zimbra/snmp-components/zimbra-snmp-components/debian/control b/zimbra/snmp-components/zimbra-snmp-components/debian/control index dece00a0c..86437578f 100644 --- a/zimbra/snmp-components/zimbra-snmp-components/debian/control +++ b/zimbra/snmp-components/zimbra-snmp-components/debian/control @@ -8,7 +8,7 @@ Standards-Version: 3.9.5 Package: zimbra-snmp-components Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, - zimbra-snmp-base, zimbra-net-snmp + zimbra-snmp-base, zimbra-net-snmp (>= 5.8-1zimbra8.7b1ZAPPEND) Description: Zimbra components for snmp package Zimbra snmp components pulls in all the packages used by zimbra-snmp diff --git a/zimbra/snmp-components/zimbra-snmp-components/rpm/SPECS/snmp-components.spec b/zimbra/snmp-components/zimbra-snmp-components/rpm/SPECS/snmp-components.spec index ba4f5a481..c963e2a81 100644 --- a/zimbra/snmp-components/zimbra-snmp-components/rpm/SPECS/snmp-components.spec +++ b/zimbra/snmp-components/zimbra-snmp-components/rpm/SPECS/snmp-components.spec @@ -1,9 +1,9 @@ Summary: Zimbra components for snmp package Name: zimbra-snmp-components -Version: 1.0.0 +Version: 1.0.3 Release: ITERATIONZAPPEND License: GPL-2 -Requires: zimbra-snmp-base, zimbra-net-snmp +Requires: zimbra-snmp-base, zimbra-net-snmp >= 5.8-1zimbra8.7b3ZAPPEND Packager: Zimbra Packaging Services Group: Development/Languages AutoReqProv: no @@ -14,4 +14,12 @@ AutoReqProv: no Zimbra snmp components pulls in all the packages used by zimbra-snmp +%changelog +* Sat Dec 05 2020 Zimbra Packaging Services - 1.0.3 +- Updated zimbra-net-snmp to 5.8-1zimbra8.7b3 +* Thu Sep 10 2020 Zimbra Packaging Services - 1.0.2 +- Updated zimbra-net-snmp +* Sat Apr 25 2020 Zimbra Packaging Services - 1.0.1 +- Updated zimbra-net-snmp + %files diff --git a/zimbra/spell-components/zimbra-spell-components/debian/changelog b/zimbra/spell-components/zimbra-spell-components/debian/changelog index 03f49214a..4dbe1ace5 100644 --- a/zimbra/spell-components/zimbra-spell-components/debian/changelog +++ b/zimbra/spell-components/zimbra-spell-components/debian/changelog @@ -1,3 +1,9 @@ +zimbra-spell-components (2.0.1-1zimbra8.8b1ZAPPEND) unstable; urgency=low + + * Updated zimbra-aspell and zimbra-php + + -- Zimbra Packaging Services Sat, 25 Apr 2020 00:00:00 +0000 + zimbra-spell-components (2.0.0-1zimbra8.8b1ZAPPEND) unstable; urgency=low * Php upgrade diff --git a/zimbra/spell-components/zimbra-spell-components/debian/control b/zimbra/spell-components/zimbra-spell-components/debian/control index 379be394f..065312190 100644 --- a/zimbra/spell-components/zimbra-spell-components/debian/control +++ b/zimbra/spell-components/zimbra-spell-components/debian/control @@ -8,11 +8,11 @@ Standards-Version: 3.9.5 Package: zimbra-spell-components Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, - zimbra-spell-base, zimbra-aspell-ar, zimbra-aspell-da, zimbra-aspell-de, - zimbra-aspell-en, zimbra-aspell-es, zimbra-aspell-fr, zimbra-aspell-hi, - zimbra-aspell-hu, zimbra-aspell-it, zimbra-aspell-nl, zimbra-aspell-pl, - zimbra-aspell-pt-br, zimbra-aspell-ru, zimbra-aspell-sv, zimbra-httpd, - zimbra-php (>= 7.3.1-1zimbra8.7b3ZAPPEND), zimbra-aspell-zimbra + zimbra-spell-base, zimbra-aspell-ar (>= 1.2.0-1zimbra8.7b2ZAPPEND), zimbra-aspell-da (>= 1.4.42.1-1zimbra8.7b2ZAPPEND), zimbra-aspell-de (>= 20030222.1-1zimbra8.7b2ZAPPEND), + zimbra-aspell-en (>= 7.1.0-1zimbra8.7b2ZAPPEND), zimbra-aspell-es (>= 1.11.2-1zimbra8.7b2ZAPPEND), zimbra-aspell-fr (>= 0.50.3-1zimbra8.7b2ZAPPEND), zimbra-aspell-hi (>= 0.02.0-1zimbra8.7b2ZAPPEND), + zimbra-aspell-hu (>= 0.99.4.2.0-1zimbra8.7b2ZAPPEND), zimbra-aspell-it (>= 2.2.20050523.0-1zimbra8.7b2ZAPPEND), zimbra-aspell-nl (>= 0.50.2-1zimbra8.7b2ZAPPEND), zimbra-aspell-pl (>= 6.0.20061121.0-1zimbra8.7b2ZAPPEND), + zimbra-aspell-pt-br (>= 20090702.0-1zimbra8.7b2ZAPPEND), zimbra-aspell-ru (>= 0.99f7.1-1zimbra8.7b2ZAPPEND), zimbra-aspell-sv (>= 0.51.0-1zimbra8.7b2ZAPPEND), zimbra-httpd, + zimbra-php (>= 7.3.1-1zimbra8.7b4ZAPPEND), zimbra-aspell-zimbra (>= 1.0.0-1zimbra8.7b2ZAPPEND) Description: Zimbra components for spell package Zimbra spell components pulls in all the packages used by zimbra-spell diff --git a/zimbra/spell-components/zimbra-spell-components/rpm/SPECS/spell-components.spec b/zimbra/spell-components/zimbra-spell-components/rpm/SPECS/spell-components.spec index 30f2d0459..e0f2b4f3b 100644 --- a/zimbra/spell-components/zimbra-spell-components/rpm/SPECS/spell-components.spec +++ b/zimbra/spell-components/zimbra-spell-components/rpm/SPECS/spell-components.spec @@ -1,13 +1,16 @@ Summary: Zimbra components for spell package Name: zimbra-spell-components -Version: 2.0.0 +Version: 2.0.3 Release: 1zimbra8.8b1ZAPPEND License: GPL-2 -Requires: zimbra-spell-base, zimbra-aspell-ar, zimbra-aspell-da, zimbra-aspell-de -Requires: zimbra-aspell-en, zimbra-aspell-es, zimbra-aspell-fr, zimbra-aspell-hi -Requires: zimbra-aspell-hu, zimbra-aspell-it, zimbra-aspell-nl, zimbra-aspell-pl -Requires: zimbra-aspell-pt-br, zimbra-aspell-ru, zimbra-aspell-sv, zimbra-httpd >= 2.4.38-1zimbra8.7b1ZAPPEND -Requires: zimbra-php >= 7.3.1-1zimbra8.7b3ZAPPEND, zimbra-aspell-zimbra +Requires: zimbra-spell-base, zimbra-aspell-ar >= 1.2.0-1zimbra8.7b2ZAPPEND, zimbra-aspell-da >= 1.4.42.1-1zimbra8.7b2ZAPPEND +Requires: zimbra-aspell-de >= 20030222.1-1zimbra8.7b2ZAPPEND +Requires: zimbra-aspell-en >= 7.1.0-1zimbra8.7b2ZAPPEND, zimbra-aspell-es >= 1.11.2-1zimbra8.7b2ZAPPEND, zimbra-aspell-fr >= 0.50.3-1zimbra8.7b2ZAPPEND +Requires: zimbra-aspell-hi >= 0.02.0-1zimbra8.7b2ZAPPEND, zimbra-aspell-hu >= 0.99.4.2.0-1zimbra8.7b2ZAPPEND, zimbra-aspell-it >= 2.2.20050523.0-1zimbra8.7b2ZAPPEND +Requires: zimbra-aspell-nl >= 0.50.2-1zimbra8.7b2ZAPPEND, zimbra-aspell-pl >= 6.0.20061121.0-1zimbra8.7b2ZAPPEND, zimbra-aspell-pt-br >= 20090702.0-1zimbra8.7b2ZAPPEND +Requires: zimbra-aspell-ru >= 0.99f7.1-1zimbra8.7b2ZAPPEND, zimbra-aspell-sv >= 0.51.0-1zimbra8.7b2ZAPPEND +Requires: zimbra-httpd >= 2.4.38-1zimbra8.7b3ZAPPEND +Requires: zimbra-php >= 7.3.1-1zimbra8.7b6ZAPPEND, zimbra-aspell-zimbra >= 1.0.0-1zimbra8.7b2ZAPPEND Packager: Zimbra Packaging Services Group: Development/Languages AutoReqProv: no @@ -19,6 +22,12 @@ Zimbra spell components pulls in all the packages used by zimbra-spell %changelog +* Sat Dec 05 2020 Zimbra Packaging Services - 2.0.3 +- Updated dependency zimbra-httpd and zimbra-php +* Thu Sep 10 2020 Zimbra Packaging Services - 2.0.2 +- Updated dependency zimbra-httpd +* Sat Apr 25 2020 Zimbra Packaging Services - 2.0.1 +- Updated zimbra-aspell and zimbra-php * Mon Mar 25 2019 Zimbra Packaging Services - 2.0.0 - Updated PHP package. diff --git a/zimbra/store-components/zimbra-store-components/debian/changelog b/zimbra/store-components/zimbra-store-components/debian/changelog index 36b0bf703..7827fd267 100644 --- a/zimbra/store-components/zimbra-store-components/debian/changelog +++ b/zimbra/store-components/zimbra-store-components/debian/changelog @@ -1,3 +1,15 @@ +zimbra-store-components (1.0.3-1zimbra8.7b1ZAPPEND) unstable; urgency=medium + + * Updated zimbra-mariadb package + + -- Zimbra Packaging Services Sat, 05 Dec 2020 22:26:24 +0000 + +zimbra-store-components (1.0.2-1zimbra8.7b1ZAPPEND) unstable; urgency=medium + + * Updated zimbra-mariadb package + + -- Zimbra Packaging Services Thu, 17 Sep 2020 22:26:24 +0000 + zimbra-store-components (1.0.1-1zimbra8.7b1ZAPPEND) unstable; urgency=low * Updated zimbra-mariadb package. diff --git a/zimbra/store-components/zimbra-store-components/debian/control b/zimbra/store-components/zimbra-store-components/debian/control index 47108285b..6a1845df6 100644 --- a/zimbra/store-components/zimbra-store-components/debian/control +++ b/zimbra/store-components/zimbra-store-components/debian/control @@ -8,7 +8,7 @@ Standards-Version: 3.9.5 Package: zimbra-store-components Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, - zimbra-store-base, zimbra-mariadb (>= 10.1.25-1zimbra8.7b1ZAPPEND) + zimbra-store-base, zimbra-mariadb (>= 10.1.25-1zimbra8.7b3ZAPPEND) Description: Zimbra components for store package Zimbra store components pulls in all the packages used by zimbra-store diff --git a/zimbra/store-components/zimbra-store-components/rpm/SPECS/store-components.spec b/zimbra/store-components/zimbra-store-components/rpm/SPECS/store-components.spec index 5f8e26f6a..5115238f1 100644 --- a/zimbra/store-components/zimbra-store-components/rpm/SPECS/store-components.spec +++ b/zimbra/store-components/zimbra-store-components/rpm/SPECS/store-components.spec @@ -1,9 +1,9 @@ Summary: Zimbra components for store package Name: zimbra-store-components -Version: 1.0.1 +Version: 1.0.3 Release: 1zimbra8.7b1ZAPPEND License: GPL-2 -Requires: zimbra-store-base, zimbra-mariadb >= 10.1.25-1zimbra8.7b1ZAPPEND +Requires: zimbra-store-base, zimbra-mariadb >= 10.1.25-1zimbra8.7b3ZAPPEND Packager: Zimbra Packaging Services Group: Development/Languages AutoReqProv: no @@ -15,6 +15,10 @@ Zimbra store components pulls in all the packages used by zimbra-store %changelog +* Sat Dec 05 2020 Zimbra Packaging Services - 1.0.3 +- Updated zimbra-mariadb package +* Thu Sep 10 2020 Zimbra Packaging Services - 1.0.2 +- Updated zimbra-mariadb package * Mon Jul 24 2017 Zimbra Packaging Services - 1.0.1 - Updated zimbra-mariadb package * Wed Sep 09 2015 Zimbra Packaging Services - 1.0.0