PR#47: Rebase to upstream release 3.1.1 - rpms/openssl

rpms / openssl

#47 Rebase to upstream release 3.1.1

Merged 8 months ago by dbelyavs. Opened 9 months ago by saprasad.

rpms/ saprasad/openssl rawhide into rawhide

Adding changes to patch files from source-git sync

Sahana Prasad • 9 months ago

1eb7adc

Rebase to upstream release 3.1.1

Sahana Prasad • 9 months ago

9409bc7

.gitignore

file modified

		`@@ -58,3 +58,4 @@`
		`/openssl-3.0.7-hobbled.tar.gz`
		`/openssl-3.0.8-hobbled.tar.gz`
		`/openssl-3.0.8.tar.gz`
		`+ /openssl-3.1.1.tar.gz`

0004-Override-default-paths-for-the-CA-directory-tree.patch

file modified

+24 -20

		`@@ -1,21 +1,21 @@`
		`- From 6790960076742a9053c624e26fbb87fcd5789e27 Mon Sep 17 00:00:00 2001`
		`- From: Tomas Mraz <tmraz@fedoraproject.org>`
		`- Date: Thu, 24 Sep 2020 09:17:26 +0200`
		`- Subject: Override default paths for the CA directory tree`
		`+ From 7a65ee33793fa8a28c0dfc94e6872ce92f408b15 Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:27 +0200`
		`+ Subject: [PATCH 04/35]`
		`+ 0004-Override-default-paths-for-the-CA-directory-tree.patch`

		`- Also add default section to load crypto-policies configuration`
		`- for TLS.`
		`-`
		`- It needs to be reverted before running tests.`
		`-`
		`- (was openssl-1.1.1-conf-paths.patch)`
		`+ Patch-name: 0004-Override-default-paths-for-the-CA-directory-tree.patch`
		`+ Patch-id: 4`
		`+ Patch-status: \|`
		`+ # Override default paths for the CA directory tree`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`---`
		`apps/CA.pl.in \| 2 +-`
		`- apps/openssl.cnf \| 20 ++++++++++++++++++--`
		`- 2 files changed, 19 insertions(+), 3 deletions(-)`
		`+ apps/openssl.cnf \| 13 +++++++++++--`
		`+ 2 files changed, 12 insertions(+), 3 deletions(-)`

		`diff --git a/apps/CA.pl.in b/apps/CA.pl.in`
		`- index c0afb96716..d6a5fabd16 100644`
		`+ index f029470005..729f104a7e 100644`
		`--- a/apps/CA.pl.in`
		`+++ b/apps/CA.pl.in`
		`@@ -29,7 +29,7 @@ my $X509 = "$openssl x509";`
		`@@ -27,10 +27,11 @@`
		`my $CAKEY = "cakey.pem";`
		`my $CAREQ = "careq.pem";`
		`my $CACERT = "cacert.pem";`
		`- diff -up openssl-3.0.0-alpha16/apps/openssl.cnf.default-tls openssl-3.0.0-alpha16/apps/openssl.cnf`
		`- --- openssl-3.0.0-alpha16/apps/openssl.cnf.default-tls 2021-07-06 13:41:39.204978272 +0200`
		`- +++ openssl-3.0.0-alpha16/apps/openssl.cnf 2021-07-06 13:49:50.362857683 +0200`
		`- @@ -53,6 +53,8 @@ tsa_policy3 = 1.2.3.4.5.7`
		`+ diff --git a/apps/openssl.cnf b/apps/openssl.cnf`
		`+ index 8141ab20cd..3956235fda 100644`
		`+ --- a/apps/openssl.cnf`
		`+ +++ b/apps/openssl.cnf`
		`+ @@ -52,6 +52,8 @@ tsa_policy3 = 1.2.3.4.5.7`

		`[openssl_init]`
		`providers = provider_sect`
		`@@ -39,7 +40,7 @@`

		`# List of providers to load`
		`[provider_sect]`
		`- @@ -64,6 +66,13 @@ default = default_sect`
		`+ @@ -71,6 +73,13 @@ default = default_sect`
		`[default_sect]`
		`# activate = 1`

		`@@ -53,7 +54,7 @@`

		`####################################################################`
		`[ ca ]`
		`- @@ -72,7 +81,7 @@ default_ca = CA_default # The default c`
		`+ @@ -79,7 +88,7 @@ default_ca = CA_default # The default ca section`
		`####################################################################`
		`[ CA_default ]`

		`@@ -62,7 +63,7 @@`
		`certs = $dir/certs # Where the issued certs are kept`
		`crl_dir = $dir/crl # Where the issued crl are kept`
		`database = $dir/index.txt # database index file.`
		`- @@ -304,7 +313,7 @@ default_tsa = tsa_config1 # the default`
		`+ @@ -311,7 +320,7 @@ default_tsa = tsa_config1 # the default TSA section`
		`[ tsa_config1 ]`

		`# These are used by the TSA reply generation only.`
		`@@ -71,3 +72,6 @@`
		`serial = $dir/tsaserial # The current serial number (mandatory)`
		`crypto_device = builtin # OpenSSL engine to use for signing`
		`signer_cert = $dir/tsacert.pem # The TSA signing certificate`
		`+ --`
		`+ 2.41.0`
		`+`

0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch

file modified

+83 -77

		`@@ -1,25 +1,30 @@`
		`- From 736d709ec194b3a763e004696df22792c62a11fc Mon Sep 17 00:00:00 2001`
		`- From: Tomas Mraz <tmraz@fedoraproject.org>`
		`- Date: Thu, 24 Sep 2020 10:16:46 +0200`
		`- Subject: Add support for PROFILE=SYSTEM system default cipherlist`
		`+ From 66b728801f141c9db8e647ab02421c83694ade79 Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:27 +0200`
		`+ Subject: [PATCH 07/35]`
		`+ 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch`

		`- (was openssl-1.1.1-system-cipherlist.patch)`
		`+ Patch-name: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch`
		`+ Patch-id: 7`
		`+ Patch-status: \|`
		`+ # Add support for PROFILE=SYSTEM system default cipherlist`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`---`
		`Configurations/unix-Makefile.tmpl \| 5 ++`
		`- Configure \| 10 +++-`
		`+ Configure \| 11 +++-`
		`doc/man1/openssl-ciphers.pod.in \| 9 ++++`
		`include/openssl/ssl.h.in \| 5 ++`
		`- ssl/ssl_ciph.c \| 88 +++++++++++++++++++++++++++----`
		`+ ssl/ssl_ciph.c \| 87 +++++++++++++++++++++++++++----`
		`ssl/ssl_lib.c \| 4 +-`
		`test/cipherlist_test.c \| 2 +`
		`util/libcrypto.num \| 1 +`
		`8 files changed, 110 insertions(+), 14 deletions(-)`

		`diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl`
		`- index 9f369edf0e..c52389f831 100644`
		`+ index f29cdc7f38..c0df026de3 100644`
		`--- a/Configurations/unix-Makefile.tmpl`
		`+++ b/Configurations/unix-Makefile.tmpl`
		`- @@ -269,6 +269,10 @@ MANDIR=$(INSTALLTOP)/share/man`
		`+ @@ -315,6 +315,10 @@ MANDIR=$(INSTALLTOP)/share/man`
		`DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME)`
		`HTMLDIR=$(DOCDIR)/html`

		`@@ -30,7 +35,7 @@`
		`# MANSUFFIX is for the benefit of anyone who may want to have a suffix`
		`# appended after the manpage file section number. "ssl" is popular,`
		`# resulting in files such as config.5ssl rather than config.5.`
		`- @@ -292,6 +296,7 @@ CC=$(CROSS_COMPILE){- $config{CC} -}`
		`+ @@ -338,6 +342,7 @@ CC=$(CROSS_COMPILE){- $config{CC} -}`
		`CXX={- $config{CXX} ? "\$(CROSS_COMPILE)$config{CXX}" : '' -}`
		`CPPFLAGS={- our $cppflags1 = join(" ",`
		`(map { "-D".$_} @{$config{CPPDEFINES}}),`
		`@@ -38,11 +43,54 @@`
		`(map { "-I".$_} @{$config{CPPINCLUDES}}),`
		`@{$config{CPPFLAGS}}) -}`
		`CFLAGS={- join(' ', @{$config{CFLAGS}}) -}`
		`+ diff --git a/Configure b/Configure`
		`+ index 456995240b..93be83be94 100755`
		`+ --- a/Configure`
		`+ +++ b/Configure`
		`+ @@ -27,7 +27,7 @@ use OpenSSL::config;`
		`+ my $orig_death_handler = $SIG{__DIE__};`
		`+ $SIG{__DIE__} = \&death_handler;`
		`+`
		`+ -my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx\|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib\|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";`
		`+ +my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx\|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib\|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";`
		`+`
		`+ my $banner = <<"EOF";`
		`+`
		`+ @@ -61,6 +61,10 @@ EOF`
		`+ # given with --prefix.`
		`+ # This becomes the value of OPENSSLDIR in Makefile and in C.`
		`+ # (Default: PREFIX/ssl)`
		`+ +#`
		`+ +# --system-ciphers-file A file to read cipher string from when the PROFILE=SYSTEM`
		`+ +# cipher is specified (default).`
		`+ +#`
		`+ # --banner=".." Output specified text instead of default completion banner`
		`+ #`
		`+ # -w Don't wait after showing a Configure warning`
		`+ @@ -387,6 +391,7 @@ $config{prefix}="";`
		`+ $config{openssldir}="";`
		`+ $config{processor}="";`
		`+ $config{libdir}="";`
		`+ +$config{system_ciphers_file}="";`
		`+ my $auto_threads=1; # enable threads automatically? true by default`
		`+ my $default_ranlib;`
		`+`
		`+ @@ -989,6 +994,10 @@ while (@argvcopy)`
		`+ die "FIPS key too long (64 bytes max)\n"`
		`+ if length $1 > 64;`
		`+ }`
		`+ + elsif (/^--system-ciphers-file=(.*)$/)`
		`+ + {`
		`+ + $config{system_ciphers_file}=$1;`
		`+ + }`
		`+ elsif (/^--banner=(.*)$/)`
		`+ {`
		`+ $banner = $1 . "\n";`
		`diff --git a/doc/man1/openssl-ciphers.pod.in b/doc/man1/openssl-ciphers.pod.in`
		`- index b4ed3e51d5..2122e6bdfd 100644`
		`+ index 658730ec53..04e66bcebe 100644`
		`--- a/doc/man1/openssl-ciphers.pod.in`
		`+++ b/doc/man1/openssl-ciphers.pod.in`
		`- @@ -187,6 +187,15 @@ As of OpenSSL 1.0.0, the B<ALL> cipher suites are sensibly ordered by default.`
		`+ @@ -186,6 +186,15 @@ As of OpenSSL 1.0.0, the B<ALL> cipher suites are sensibly ordered by default.`

		`The cipher suites not enabled by B<ALL>, currently B<eNULL>.`

		`@@ -59,10 +107,10 @@`

		`"High" encryption cipher suites. This currently means those with key lengths`
		`diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in`
		`- index f9a61609e4..c6f95fed3f 100644`
		`+ index f03f52fbd8..0b6de603e2 100644`
		`--- a/include/openssl/ssl.h.in`
		`+++ b/include/openssl/ssl.h.in`
		`- @@ -209,6 +209,11 @@ extern "C" {`
		`+ @@ -208,6 +208,11 @@ extern "C" {`
		`* throwing out anonymous and unencrypted ciphersuites! (The latter are not`
		`* actually enabled by ALL, but "ALL:RSA" would enable some of them.)`
		`*/`
		`@@ -75,10 +123,10 @@`
		`/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */`
		`# define SSL_SENT_SHUTDOWN 1`
		`diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c`
		`- index b1d3f7919e..f7cc7fed48 100644`
		`+ index 93de9cf8fd..a5e60e8839 100644`
		`--- a/ssl/ssl_ciph.c`
		`+++ b/ssl/ssl_ciph.c`
		`- @@ -1411,6 +1411,53 @@ int SSL_set_ciphersuites(SSL s, const char str)`
		`+ @@ -1443,6 +1443,53 @@ int SSL_set_ciphersuites(SSL s, const char str)`
		`return ret;`
		`}`

		`@@ -132,7 +180,7 @@`
		`STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`STACK_OF(SSL_CIPHER) *tls13_ciphersuites,`
		`STACK_OF(SSL_CIPHER) **cipher_list,`
		`- @@ -1425,15 +1472,25 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`+ @@ -1457,15 +1504,25 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`CIPHER_ORDER co_list = NULL, head = NULL, tail = NULL, curr;`
		`const SSL_CIPHER **ca_list = NULL;`
		`const SSL_METHOD *ssl_method = ctx->method;`
		`@@ -153,14 +201,14 @@`
		`if (rule_str == NULL \|\| cipher_list == NULL \|\| cipher_list_by_id == NULL)`
		`- return NULL;`
		`+ goto err;`
		`-`
		`+`
		`if (!check_suiteb_cipher_list(ssl_method, c, &rule_str))`
		`- return NULL;`
		`+ goto err;`

		`/*`
		`* To reduce the work to do we only want to process the compiled`
		`- @@ -1456,7 +1513,7 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`+ @@ -1487,7 +1544,7 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`co_list = OPENSSL_malloc(sizeof(co_list) num_of_ciphers);`
		`if (co_list == NULL) {`
		`ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);`
		`@@ -169,7 +217,7 @@`
		`}`

		`ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,`
		`- @@ -1522,8 +1579,7 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`+ @@ -1553,8 +1610,7 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`* in force within each class`
		`*/`
		`if (!ssl_cipher_strength_sort(&head, &tail)) {`
		`@@ -179,7 +227,7 @@`
		`}`

		`/*`
		`- @@ -1568,9 +1624,8 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`+ @@ -1598,9 +1654,8 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;`
		`ca_list = OPENSSL_malloc(sizeof(ca_list) num_of_alias_max);`
		`if (ca_list == NULL) {`
		`@@ -190,7 +238,7 @@`
		`}`
		`ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,`
		`disabled_mkey, disabled_auth, disabled_enc,`
		`- @@ -1596,8 +1651,7 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`+ @@ -1626,8 +1681,7 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`OPENSSL_free(ca_list); /* Not needed anymore */`

		`if (!ok) { /* Rule processing failure */`
		`@@ -200,7 +248,7 @@`
		`}`

		`/*`
		`- @@ -1605,10 +1659,13 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`+ @@ -1635,10 +1689,13 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`* if we cannot get one.`
		`*/`
		`if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {`
		`@@ -216,7 +264,7 @@`
		`/* Add TLSv1.3 ciphers first - we always prefer those if possible */`
		`for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) {`
		`const SSL_CIPHER *sslc = sk_SSL_CIPHER_value(tls13_ciphersuites, i);`
		`- @@ -1656,6 +1714,14 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`+ @@ -1690,6 +1747,14 @@ STACK_OF(SSL_CIPHER) ssl_create_cipher_list(SSL_CTX ctx,`
		`*cipher_list = cipherstack;`

		`return cipherstack;`
		`@@ -232,10 +280,10 @@`

		`char SSL_CIPHER_description(const SSL_CIPHER cipher, char *buf, int len)`
		`diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c`
		`- index d14d5819ba..48d491219a 100644`
		`+ index f12ad6d034..a059bcd83b 100644`
		`--- a/ssl/ssl_lib.c`
		`+++ b/ssl/ssl_lib.c`
		`- @@ -660,7 +660,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX ctx, const SSL_METHOD meth)`
		`+ @@ -661,7 +661,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX ctx, const SSL_METHOD meth)`
		`ctx->tls13_ciphersuites,`
		`&(ctx->cipher_list),`
		`&(ctx->cipher_list_by_id),`
		`@@ -244,7 +292,7 @@`
		`if ((sk == NULL) \|\| (sk_SSL_CIPHER_num(sk) <= 0)) {`
		`ERR_raise(ERR_LIB_SSL, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);`
		`return 0;`
		`- @@ -3193,7 +3193,7 @@ SSL_CTX SSL_CTX_new_ex(OSSL_LIB_CTX libctx, const char *propq,`
		`+ @@ -3286,7 +3286,7 @@ SSL_CTX SSL_CTX_new_ex(OSSL_LIB_CTX libctx, const char *propq,`
		`if (!ssl_create_cipher_list(ret,`
		`ret->tls13_ciphersuites,`
		`&ret->cipher_list, &ret->cipher_list_by_id,`
		`@@ -254,10 +302,10 @@`
		`ERR_raise(ERR_LIB_SSL, SSL_R_LIBRARY_HAS_NO_CIPHERS);`
		`goto err2;`
		`diff --git a/test/cipherlist_test.c b/test/cipherlist_test.c`
		`- index 380f0727fc..6922a87c30 100644`
		`+ index 2d166e2b46..4ff2aa12d6 100644`
		`--- a/test/cipherlist_test.c`
		`+++ b/test/cipherlist_test.c`
		`- @@ -244,7 +244,9 @@ end:`
		`+ @@ -246,7 +246,9 @@ end:`

		`int setup_tests(void)`
		`{`
		`@@ -268,56 +316,14 @@`
		`ADD_TEST(test_default_cipherlist_clear);`
		`return 1;`
		`diff --git a/util/libcrypto.num b/util/libcrypto.num`
		`- index 404a706fab..e81fa9ec3e 100644`
		`+ index 406392a7d9..9cb8a4dda2 100644`
		`--- a/util/libcrypto.num`
		`+++ b/util/libcrypto.num`
		`- @@ -5282,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION:`
		`- OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:`
		`- OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:`
		`- OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP`
		`+ @@ -5435,3 +5435,4 @@ EVP_MD_CTX_dup 5562 3_1_0 EXIST::FUNCTION:`
		`+ EVP_CIPHER_CTX_dup 5563 3_1_0 EXIST::FUNCTION:`
		`+ BN_are_coprime 5564 3_1_0 EXIST::FUNCTION:`
		`+ OSSL_CMP_MSG_update_recipNonce 5565 3_0_9 EXIST::FUNCTION:CMP`
		`+ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:`
		`--`
		`- 2.26.2`
		`+ 2.41.0`

		`- diff -up openssl-3.0.0-beta1/Configure.sys-default openssl-3.0.0-beta1/Configure`
		`- --- openssl-3.0.0-beta1/Configure.sys-default 2021-06-29 11:47:58.978144386 +0200`
		`- +++ openssl-3.0.0-beta1/Configure 2021-06-29 11:52:01.631126260 +0200`
		`- @@ -27,7 +27,7 @@ use OpenSSL::config;`
		`- my $orig_death_handler = $SIG{__DIE__};`
		`- $SIG{__DIE__} = \&death_handler;`
		`-`
		`- -my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx\|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib\|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";`
		`- +my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx\|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib\|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";`
		`-`
		`- my $banner = <<"EOF";`
		`-`
		`- @@ -61,6 +61,10 @@ EOF`
		`- # given with --prefix.`
		`- # This becomes the value of OPENSSLDIR in Makefile and in C.`
		`- # (Default: PREFIX/ssl)`
		`- +#`
		`- +# --system-ciphers-file A file to read cipher string from when the PROFILE=SYSTEM`
		`- +# cipher is specified (default).`
		`- +#`
		`- # --banner=".." Output specified text instead of default completion banner`
		`- #`
		`- # -w Don't wait after showing a Configure warning`
		`- @@ -385,6 +389,7 @@ $config{prefix}="";`
		`- $config{openssldir}="";`
		`- $config{processor}="";`
		`- $config{libdir}="";`
		`- +$config{system_ciphers_file}="";`
		`- my $auto_threads=1; # enable threads automatically? true by default`
		`- my $default_ranlib;`
		`-`
		`- @@ -987,6 +992,10 @@ while (@argvcopy)`
		`- die "FIPS key too long (64 bytes max)\n"`
		`- if length $1 > 64;`
		`- }`
		`- + elsif (/^--system-ciphers-file=(.*)$/)`
		`- + {`
		`- + $config{system_ciphers_file}=$1;`
		`- + }`
		`- elsif (/^--banner=(.*)$/)`
		`- {`
		`- $banner = $1 . "\n";`

0008-Add-FIPS_mode-compatibility-macro.patch

file modified

+23 -17

		`@@ -1,20 +1,22 @@`
		`- From 5b2ec9a54037d7b007324bf53e067e73511cdfe4 Mon Sep 17 00:00:00 2001`
		`- From: Tomas Mraz <tmraz@fedoraproject.org>`
		`- Date: Thu, 26 Nov 2020 14:00:16 +0100`
		`- Subject: Add FIPS_mode() compatibility macro`
		`+ From 8e29a10b39a649d751870eb1fd1b8c388e66acc3 Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:27 +0200`
		`+ Subject: [PATCH 08/35] 0008-Add-FIPS_mode-compatibility-macro.patch`

		`- The macro calls EVP_default_properties_is_fips_enabled() on the`
		`- default context.`
		`+ Patch-name: 0008-Add-FIPS_mode-compatibility-macro.patch`
		`+ Patch-id: 8`
		`+ Patch-status: \|`
		`+ # Add FIPS_mode() compatibility macro`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`---`
		`- include/openssl/crypto.h.in \| 1 +`
		`- include/openssl/fips.h \| 25 +++++++++++++++++++++++++`
		`- test/property_test.c \| 13 +++++++++++++`
		`- 3 files changed, 39 insertions(+)`
		`+ include/openssl/fips.h \| 26 ++++++++++++++++++++++++++`
		`+ test/property_test.c \| 14 ++++++++++++++`
		`+ 2 files changed, 40 insertions(+)`
		`create mode 100644 include/openssl/fips.h`

		`diff --git a/include/openssl/fips.h b/include/openssl/fips.h`
		`new file mode 100644`
		`- index 0000000000..c64f0f8e8f`
		`+ index 0000000000..4162cbf88e`
		`--- /dev/null`
		`+++ b/include/openssl/fips.h`
		`@@ -0,0 +1,26 @@`
		`@@ -44,13 +46,14 @@`
		`+}`
		`+# endif`
		`+#endif`
		`- diff -up openssl-3.0.0-beta1/test/property_test.c.fips-macro openssl-3.0.0-beta1/test/property_test.c`
		`- --- openssl-3.0.0-beta1/test/property_test.c.fips-macro 2021-06-29 12:14:58.851557698 +0200`
		`- +++ openssl-3.0.0-beta1/test/property_test.c 2021-06-29 12:17:14.630143832 +0200`
		`- @@ -488,6 +488,19 @@ static int test_property_list_to_string(`
		`+ diff --git a/test/property_test.c b/test/property_test.c`
		`+ index 45b1db3e85..8894c1c1cb 100644`
		`+ --- a/test/property_test.c`
		`+ +++ b/test/property_test.c`
		`+ @@ -677,6 +677,19 @@ static int test_property_list_to_string(int i)`
		`return ret;`
		`}`
		`-`
		`+`
		`+#include <openssl/fips.h>`
		`+static int test_downstream_FIPS_mode(void)`
		`+{`
		`@@ -67,7 +70,7 @@`
		`int setup_tests(void)`
		`{`
		`ADD_TEST(test_property_string);`
		`- @@ -500,6 +512,7 @@ int setup_tests(void)`
		`+ @@ -690,6 +703,7 @@ int setup_tests(void)`
		`ADD_TEST(test_property);`
		`ADD_TEST(test_query_cache_stochastic);`
		`ADD_TEST(test_fips_mode);`
		`@@ -75,3 +78,6 @@`
		`ADD_ALL_TESTS(test_property_list_to_string, OSSL_NELEM(to_string_tests));`
		`return 1;`
		`}`
		`+ --`
		`+ 2.41.0`
		`+`

0009-Add-Kernel-FIPS-mode-flag-support.patch

file modified

+36 -21

		`@@ -1,9 +1,25 @@`
		`- diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha13/crypto/context.c`
		`- --- openssl-3.0.0-alpha13/crypto/context.c.kernel-fips 2021-03-16 00:09:55.814826432 +0100`
		`- +++ openssl-3.0.0-alpha13/crypto/context.c 2021-03-16 00:15:55.129043811 +0100`
		`- @@ -12,11 +12,46 @@`
		`- #include "crypto/ctype.h"`
		`- #include "crypto/rand.h"`
		`+ From aa3aebf132959e7e44876042efaf9ff24ffe0f2b Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:27 +0200`
		`+ Subject: [PATCH 09/35] 0009-Add-Kernel-FIPS-mode-flag-support.patch`
		`+`
		`+ Patch-name: 0009-Add-Kernel-FIPS-mode-flag-support.patch`
		`+ Patch-id: 9`
		`+ Patch-status: \|`
		`+ # Add check to see if fips flag is enabled in kernel`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ crypto/context.c \| 36 ++++++++++++++++++++++++++++++++++++`
		`+ include/internal/provider.h \| 3 +++`
		`+ 2 files changed, 39 insertions(+)`
		`+`
		`+ diff --git a/crypto/context.c b/crypto/context.c`
		`+ index e294ea1512..51002ba79a 100644`
		`+ --- a/crypto/context.c`
		`+ +++ b/crypto/context.c`
		`+ @@ -16,6 +16,41 @@`
		`+ #include "internal/provider.h"`
		`+ #include "crypto/context.h"`

		`+# include <sys/types.h>`
		`+# include <sys/stat.h>`
		`@@ -11,11 +27,6 @@`
		`+# include <unistd.h>`
		`+# include <openssl/evp.h>`
		`+`
		`- struct ossl_lib_ctx_onfree_list_st {`
		`- ossl_lib_ctx_onfree_fn *fn;`
		`- struct ossl_lib_ctx_onfree_list_st *next;`
		`- };`
		`-`
		`+# define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled"`
		`+`
		`+static int kernel_fips_flag;`
		`@@ -46,20 +57,21 @@`
		`+`
		`+`
		`struct ossl_lib_ctx_st {`
		`- CRYPTO_RWLOCK *lock;`
		`- CRYPTO_EX_DATA data;`
		`- @@ -121,6 +170,7 @@ static CRYPTO_THREAD_LOCAL default_conte`
		`+ CRYPTO_RWLOCK lock, rand_crngt_lock;`
		`+ OSSL_EX_DATA_GLOBAL global;`
		`+ @@ -336,6 +371,7 @@ static int default_context_inited = 0;`

		`DEFINE_RUN_ONCE_STATIC(default_context_do_init)`
		`{`
		`+ read_kernel_fips_flag();`
		`- return CRYPTO_THREAD_init_local(&default_context_thread_local, NULL)`
		`- && context_init(&default_context_int);`
		`- }`
		`- diff -up openssl-3.0.1/include/internal/provider.h.embed-fips openssl-3.0.1/include/internal/provider.h`
		`- --- openssl-3.0.1/include/internal/provider.h.embed-fips 2022-01-11 13:13:08.323238760 +0100`
		`- +++ openssl-3.0.1/include/internal/provider.h 2022-01-11 13:13:43.522558909 +0100`
		`- @@ -110,6 +110,9 @@ int ossl_provider_init_as_child(OSSL_LIB`
		`+ if (!CRYPTO_THREAD_init_local(&default_context_thread_local, NULL))`
		`+ goto err;`
		`+`
		`+ diff --git a/include/internal/provider.h b/include/internal/provider.h`
		`+ index 18937f84c7..1446bf7afb 100644`
		`+ --- a/include/internal/provider.h`
		`+ +++ b/include/internal/provider.h`
		`+ @@ -112,6 +112,9 @@ int ossl_provider_init_as_child(OSSL_LIB_CTX *ctx,`
		`const OSSL_DISPATCH *in);`
		`void ossl_provider_deinit_child(OSSL_LIB_CTX *ctx);`

		`@@ -69,3 +81,6 @@`
		`# ifdef __cplusplus`
		`}`
		`# endif`
		`+ --`
		`+ 2.41.0`
		`+`

0010-Add-changes-to-ectest-and-eccurve.patch

file modified

+53 -32

		`@@ -1,10 +1,29 @@`
		`- diff -up ./crypto/ec/ec_curve.c.remove-ec ./crypto/ec/ec_curve.c`
		`- --- ./crypto/ec/ec_curve.c.remove-ec 2023-03-13 16:50:09.278933578 +0100`
		`- +++ ./crypto/ec/ec_curve.c 2023-03-21 12:38:57.696531941 +0100`
		`- @@ -32,38 +32,6 @@ typedef struct {`
		`+ From 37fae351c6fef272baf383469181aecfcac87592 Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:27 +0200`
		`+ Subject: [PATCH 10/35] 0010-Add-changes-to-ectest-and-eccurve.patch`
		`+`
		`+ Patch-name: 0010-Add-changes-to-ectest-and-eccurve.patch`
		`+ Patch-id: 10`
		`+ Patch-status: \|`
		`+ # Instead of replacing ectest.c and ec_curve.c, add the changes as a patch so`
		`+ # that new modifications made to these files by upstream are not lost.`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ crypto/ec/ec_curve.c \| 844 -------------------------------------------`
		`+ test/ectest.c \| 174 +--------`
		`+ 2 files changed, 8 insertions(+), 1010 deletions(-)`
		`+`
		`+ diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c`
		`+ index b5b2f3342d..d32a768fe6 100644`
		`+ --- a/crypto/ec/ec_curve.c`
		`+ +++ b/crypto/ec/ec_curve.c`
		`+ @@ -30,38 +30,6 @@ typedef struct {`
		`+ } EC_CURVE_DATA;`
		`+`
		`/* the nist prime curves */`
		`- static const struct {`
		`- EC_CURVE_DATA h;`
		`+ -static const struct {`
		`+ - EC_CURVE_DATA h;`
		`- unsigned char data[20 + 24 * 6];`
		`-} _EC_NIST_PRIME_192 = {`
		`- {`
		`@@ -35,11 +54,9 @@`
		`- }`
		`-};`
		`-`
		`- -static const struct {`
		`- - EC_CURVE_DATA h;`
		`+ static const struct {`
		`+ EC_CURVE_DATA h;`
		`unsigned char data[20 + 28 * 6];`
		`- } _EC_NIST_PRIME_224 = {`
		`- {`
		`@@ -200,187 +168,6 @@ static const struct {`
		`}`
		`};`
		`@@ -228,10 +245,12 @@`
		`static const struct {`
		`EC_CURVE_DATA h;`
		`unsigned char data[20 + 32 * 6];`
		`- @@ -423,294 +210,6 @@ static const struct {`
		`+ @@ -421,294 +208,6 @@ static const struct {`
		`+`
		`+ #ifndef FIPS_MODULE`
		`/* the secg prime curves (minus the nist and x9.62 prime curves) */`
		`- static const struct {`
		`- EC_CURVE_DATA h;`
		`+ -static const struct {`
		`+ - EC_CURVE_DATA h;`
		`- unsigned char data[20 + 14 * 6];`
		`-} _EC_SECG_PRIME_112R1 = {`
		`- {`
		`@@ -518,11 +537,9 @@`
		`- }`
		`-};`
		`-`
		`- -static const struct {`
		`- - EC_CURVE_DATA h;`
		`+ static const struct {`
		`+ EC_CURVE_DATA h;`
		`unsigned char data[0 + 32 * 6];`
		`- } _EC_SECG_PRIME_256K1 = {`
		`- {`
		`@@ -745,102 +244,6 @@ static const struct {`
		`}`
		`};`
		`@@ -626,10 +643,12 @@`
		`#endif /* FIPS_MODULE */`

		`#ifndef OPENSSL_NO_EC2M`
		`- @@ -2238,198 +1641,6 @@ static const struct {`
		`+ @@ -2236,198 +1639,6 @@ static const struct {`
		`+ */`
		`+`
		`#ifndef FIPS_MODULE`
		`- static const struct {`
		`- EC_CURVE_DATA h;`
		`+ -static const struct {`
		`+ - EC_CURVE_DATA h;`
		`- unsigned char data[0 + 20 * 6];`
		`-} _EC_brainpoolP160r1 = {`
		`- {`
		`@@ -820,12 +839,10 @@`
		`- }`
		`-};`
		`-`
		`- -static const struct {`
		`- - EC_CURVE_DATA h;`
		`+ static const struct {`
		`+ EC_CURVE_DATA h;`
		`unsigned char data[0 + 32 * 6];`
		`- } _EC_brainpoolP256r1 = {`
		`- {`
		`- @@ -2854,8 +2065,6 @@ static const ec_list_element curve_list[`
		`+ @@ -2854,8 +2065,6 @@ static const ec_list_element curve_list[] = {`
		`"NIST/SECG curve over a 521 bit prime field"},`

		`/* X9.62 curves */`
		`@@ -834,7 +851,7 @@`
		`{NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h,`
		`# if defined(ECP_NISTZ256_ASM)`
		`EC_GFp_nistz256_method,`
		`- @@ -2899,25 +2108,6 @@ static const ec_list_element curve_list[`
		`+ @@ -2899,25 +2108,6 @@ static const ec_list_element curve_list[] = {`
		`static const ec_list_element curve_list[] = {`
		`/* prime field curves */`
		`/* secg curves */`
		`@@ -860,7 +877,7 @@`
		`# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128`
		`{NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,`
		`"NIST/SECG curve over a 224 bit prime field"},`
		`- @@ -2945,18 +2135,6 @@ static const ec_list_element curve_list[`
		`+ @@ -2945,18 +2135,6 @@ static const ec_list_element curve_list[] = {`
		`# endif`
		`"NIST/SECG curve over a 521 bit prime field"},`
		`/* X9.62 curves */`
		`@@ -879,7 +896,7 @@`
		`{NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h,`
		`# if defined(ECP_NISTZ256_ASM)`
		`EC_GFp_nistz256_method,`
		`- @@ -3053,22 +2231,12 @@ static const ec_list_element curve_list[`
		`+ @@ -3053,22 +2231,12 @@ static const ec_list_element curve_list[] = {`
		`{NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, 0,`
		`"X9.62 curve over a 163 bit binary field"},`
		`# endif`
		`@@ -902,7 +919,7 @@`
		`# ifndef OPENSSL_NO_EC2M`
		`/* IPSec curves */`
		`{NID_ipsec3, &_EC_IPSEC_155_ID3.h, 0,`
		`- @@ -3079,18 +2247,6 @@ static const ec_list_element curve_list[`
		`+ @@ -3079,18 +2247,6 @@ static const ec_list_element curve_list[] = {`
		`"\tNot suitable for ECDSA.\n\tQuestionable extension field!"},`
		`# endif`
		`/* brainpool curves */`
		`@@ -921,9 +938,10 @@`
		`{NID_brainpoolP256r1, &_EC_brainpoolP256r1.h, 0,`
		`"RFC 5639 curve over a 256 bit prime field"},`
		`{NID_brainpoolP256t1, &_EC_brainpoolP256t1.h, 0,`
		`- diff -up ./test/ectest.c.remove-ec ./test/ectest.c`
		`- --- ./test/ectest.c.remove-ec 2023-03-13 18:39:30.544642912 +0100`
		`- +++ ./test/ectest.c 2023-03-20 07:27:26.403212965 +0100`
		`+ diff --git a/test/ectest.c b/test/ectest.c`
		`+ index afef85b0e6..4890b0555e 100644`
		`+ --- a/test/ectest.c`
		`+ +++ b/test/ectest.c`
		`@@ -175,184 +175,26 @@ static int prime_field_tests(void)`
		`\|\| !TEST_ptr(p = BN_new())`
		`\|\| !TEST_ptr(a = BN_new())`
		`@@ -1125,3 +1143,6 @@`
		`ADD_ALL_TESTS(cardinality_test, crv_len);`
		`ADD_TEST(prime_field_tests);`
		`#ifndef OPENSSL_NO_EC2M`
		`+ --`
		`+ 2.41.0`
		`+`

0011-Remove-EC-curves.patch

file modified

+51 -25

		`@@ -1,7 +1,26 @@`
		`- diff -up ./apps/speed.c.ec-curves ./apps/speed.c`
		`- --- ./apps/speed.c.ec-curves 2023-03-14 04:44:12.545437892 +0100`
		`- +++ ./apps/speed.c 2023-03-14 04:48:28.606729067 +0100`
		`- @@ -366,7 +366,7 @@ static double ffdh_results[FFDH_NUM][1];`
		`+ From e65f698d59fc71300d3e49492f9ef899b7209e5f Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 11/35] 0011-Remove-EC-curves.patch`
		`+`
		`+ Patch-name: 0011-Remove-EC-curves.patch`
		`+ Patch-id: 11`
		`+ Patch-status: \|`
		`+ # remove unsupported EC curves`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ apps/speed.c \| 8 +---`
		`+ crypto/evp/ec_support.c \| 76 ------------------------------------`
		`+ test/acvp_test.inc \| 9 -----`
		`+ test/ecdsatest.h \| 17 --------`
		`+ test/recipes/15-test_genec.t \| 27 -------------`
		`+ 5 files changed, 1 insertion(+), 136 deletions(-)`
		`+`
		`+ diff --git a/apps/speed.c b/apps/speed.c`
		`+ index cace25eda1..d527f12f18 100644`
		`+ --- a/apps/speed.c`
		`+ +++ b/apps/speed.c`
		`+ @@ -385,7 +385,7 @@ static double ffdh_results[FFDH_NUM][1]; /* 1 op: derivation */`
		`#endif /* OPENSSL_NO_DH */`

		`enum ec_curves_t {`
		`@@ -10,7 +29,7 @@`
		`#ifndef OPENSSL_NO_EC2M`
		`R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571,`
		`R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571,`
		`- @@ -376,8 +376,6 @@ enum ec_curves_t {`
		`+ @@ -395,8 +395,6 @@ enum ec_curves_t {`
		`};`
		`/* list of ecdsa curves */`
		`static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = {`
		`@@ -19,7 +38,7 @@`
		`{"ecdsap224", R_EC_P224},`
		`{"ecdsap256", R_EC_P256},`
		`{"ecdsap384", R_EC_P384},`
		`- @@ -404,8 +402,6 @@ static const OPT_PAIR ecdsa_choices[ECDS`
		`+ @@ -423,8 +421,6 @@ static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = {`
		`enum { R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM };`
		`/* list of ecdh curves, extension of \|ecdsa_choices\| list above */`
		`static const OPT_PAIR ecdh_choices[EC_NUM] = {`
		`@@ -28,7 +47,7 @@`
		`{"ecdhp224", R_EC_P224},`
		`{"ecdhp256", R_EC_P256},`
		`{"ecdhp384", R_EC_P384},`
		`- @@ -1422,8 +1418,6 @@ int speed_main(int argc, char **argv)`
		`+ @@ -1442,8 +1438,6 @@ int speed_main(int argc, char **argv)`
		`*/`
		`static const EC_CURVE ec_curves[EC_NUM] = {`
		`/* Prime Curves */`
		`@@ -37,9 +56,10 @@`
		`{"nistp224", NID_secp224r1, 224},`
		`{"nistp256", NID_X9_62_prime256v1, 256},`
		`{"nistp384", NID_secp384r1, 384},`
		`- diff -up ./crypto/evp/ec_support.c.ec-curves ./crypto/evp/ec_support.c`
		`- --- ./crypto/evp/ec_support.c.ec-curves 2023-03-14 06:22:41.542310442 +0100`
		`- +++ ./crypto/evp/ec_support.c 2023-03-21 11:24:18.378451683 +0100`
		`+ diff --git a/crypto/evp/ec_support.c b/crypto/evp/ec_support.c`
		`+ index 1ec10143d2..8fe774140f 100644`
		`+ --- a/crypto/evp/ec_support.c`
		`+ +++ b/crypto/evp/ec_support.c`
		`@@ -20,89 +20,15 @@ typedef struct ec_name2nid_st {`
		`static const EC_NAME2NID curve_list[] = {`
		`/* prime field curves */`
		`@@ -130,7 +150,7 @@`
		`{"brainpoolP256r1", NID_brainpoolP256r1 },`
		`{"brainpoolP256t1", NID_brainpoolP256t1 },`
		`{"brainpoolP320r1", NID_brainpoolP320r1 },`
		`- @@ -111,8 +37,6 @@ static const EC_NAME2NID curve_list[] =`
		`+ @@ -111,8 +37,6 @@ static const EC_NAME2NID curve_list[] = {`
		`{"brainpoolP384t1", NID_brainpoolP384t1 },`
		`{"brainpoolP512r1", NID_brainpoolP512r1 },`
		`{"brainpoolP512t1", NID_brainpoolP512t1 },`
		`@@ -139,13 +159,15 @@`
		`};`

		`const char *OSSL_EC_curve_nid2name(int nid)`
		`- diff -up ./test/acvp_test.inc.ec-curves ./test/acvp_test.inc`
		`- --- ./test/acvp_test.inc.ec-curves 2023-03-14 06:38:20.563712586 +0100`
		`- +++ ./test/acvp_test.inc 2023-03-14 06:39:01.631080059 +0100`
		`- @@ -212,15 +212,6 @@ static const unsigned char ecdsa_sigver_`
		`+ diff --git a/test/acvp_test.inc b/test/acvp_test.inc`
		`+ index ad11d3ae1e..894a0bff9d 100644`
		`+ --- a/test/acvp_test.inc`
		`+ +++ b/test/acvp_test.inc`
		`+ @@ -211,15 +211,6 @@ static const unsigned char ecdsa_sigver_s1[] = {`
		`+ 0xB1, 0xAC,`
		`};`
		`static const struct ecdsa_sigver_st ecdsa_sigver_data[] = {`
		`- {`
		`+ - {`
		`- "SHA-1",`
		`- "P-192",`
		`- ITM(ecdsa_sigver_msg0),`
		`@@ -154,13 +176,13 @@`
		`- ITM(ecdsa_sigver_s0),`
		`- PASS,`
		`- },`
		`- - {`
		`+ {`
		`"SHA2-512",`
		`"P-521",`
		`- ITM(ecdsa_sigver_msg1),`
		`- diff -up ./test/ecdsatest.h.ec-curves ./test/ecdsatest.h`
		`- --- ./test/ecdsatest.h.ec-curves 2023-03-14 04:49:16.148154472 +0100`
		`- +++ ./test/ecdsatest.h 2023-03-14 04:51:01.376096037 +0100`
		`+ diff --git a/test/ecdsatest.h b/test/ecdsatest.h`
		`+ index 63fe319025..06b5c0aac5 100644`
		`+ --- a/test/ecdsatest.h`
		`+ +++ b/test/ecdsatest.h`
		`@@ -32,23 +32,6 @@ typedef struct {`
		`} ecdsa_cavs_kat_t;`

		`@@ -185,10 +207,11 @@`
		`/* prime KATs from NIST CAVP */`
		`{NID_secp224r1, NID_sha224,`
		`"699325d6fc8fbbb4981a6ded3c3a54ad2e4e3db8a5669201912064c64e700c139248cdc1"`
		`- diff -up ./test/recipes/15-test_genec.t.ec-curves ./test/recipes/15-test_genec.t`
		`- --- ./test/recipes/15-test_genec.t.ec-curves 2023-03-14 04:51:45.215488277 +0100`
		`- +++ ./test/recipes/15-test_genec.t 2023-03-21 11:26:58.613885435 +0100`
		`- @@ -41,37 +41,11 @@ plan skip_all => "This test is unsupport`
		`+ diff --git a/test/recipes/15-test_genec.t b/test/recipes/15-test_genec.t`
		`+ index 2dfed387ca..c733b68f83 100644`
		`+ --- a/test/recipes/15-test_genec.t`
		`+ +++ b/test/recipes/15-test_genec.t`
		`+ @@ -41,37 +41,11 @@ plan skip_all => "This test is unsupported in a no-ec build"`
		`if disabled("ec");`

		`my @prime_curves = qw(`
		`@@ -234,3 +257,6 @@`
		`P-224`
		`P-256`
		`P-384`
		`+ --`
		`+ 2.41.0`
		`+`

0012-Disable-explicit-ec.patch

file modified

+114 -87

		`@@ -1,7 +1,27 @@`
		`- diff -up openssl-3.0.1/crypto/ec/ec_asn1.c.disable_explicit_ec openssl-3.0.1/crypto/ec/ec_asn1.c`
		`- --- openssl-3.0.1/crypto/ec/ec_asn1.c.disable_explicit_ec 2022-03-22 13:10:45.718077845 +0100`
		`- +++ openssl-3.0.1/crypto/ec/ec_asn1.c 2022-03-22 13:12:46.626599016 +0100`
		`- @@ -895,6 +895,12 @@ EC_GROUP d2i_ECPKParameters(EC_GROUP *`
		`+ From 91bdd9b816b22bc1464ec323f3272b866b24114d Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 12/35] 0012-Disable-explicit-ec.patch`
		`+`
		`+ Patch-name: 0012-Disable-explicit-ec.patch`
		`+ Patch-id: 12`
		`+ Patch-status: \|`
		`+ # Disable explicit EC curves`
		`+ # https://bugzilla.redhat.com/show_bug.cgi?id=2066412`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ crypto/ec/ec_asn1.c \| 11 ++++++++++`
		`+ crypto/ec/ec_lib.c \| 6 +++++`
		`+ test/ectest.c \| 22 ++++++++++---------`
		`+ test/endecode_test.c \| 20 ++++++++---------`
		`+ .../30-test_evp_data/evppkey_ecdsa.txt \| 12 ----------`
		`+ 5 files changed, 39 insertions(+), 32 deletions(-)`
		`+`
		`+ diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c`
		`+ index 7a0b35a594..d19d57344e 100644`
		`+ --- a/crypto/ec/ec_asn1.c`
		`+ +++ b/crypto/ec/ec_asn1.c`
		`+ @@ -905,6 +905,12 @@ EC_GROUP d2i_ECPKParameters(EC_GROUP a, const unsigned char *in, long len)`
		`if (params->type == ECPKPARAMETERS_TYPE_EXPLICIT)`
		`group->decoded_from_explicit_params = 1;`

		`@@ -14,7 +34,7 @@`
		`if (a) {`
		`EC_GROUP_free(*a);`
		`*a = group;`
		`- @@ -954,6 +959,11 @@ EC_KEY d2i_ECPrivateKey(EC_KEY *a, con`
		`+ @@ -964,6 +970,11 @@ EC_KEY d2i_ECPrivateKey(EC_KEY a, const unsigned char *in, long len)`
		`goto err;`
		`}`

		`@@ -26,10 +46,11 @@`
		`ret->version = priv_key->version;`

		`if (priv_key->privateKey) {`
		`- diff -up openssl-3.0.9/crypto/ec/ec_lib.c.noec openssl-3.0.9/crypto/ec/ec_lib.c`
		`- --- openssl-3.0.9/crypto/ec/ec_lib.c.noec 2023-07-27 10:32:52.870910095 +0200`
		`- +++ openssl-3.0.9/crypto/ec/ec_lib.c 2023-07-27 10:35:18.029151181 +0200`
		`- @@ -1728,6 +1728,11 @@ EC_GROUP *EC_GROUP_new_from_params(const`
		`+ diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c`
		`+ index a84e088c19..6c37bf78ae 100644`
		`+ --- a/crypto/ec/ec_lib.c`
		`+ +++ b/crypto/ec/ec_lib.c`
		`+ @@ -1724,6 +1724,11 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[],`
		`goto err;`
		`}`
		`if (named_group == group) {`
		`@@ -41,7 +62,7 @@`
		`/*`
		`* If we did not find a named group then the encoding should be explicit`
		`* if it was specified`
		`- @@ -1743,6 +1748,7 @@ EC_GROUP *EC_GROUP_new_from_params(const`
		`+ @@ -1739,6 +1744,7 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[],`
		`goto err;`
		`}`
		`EC_GROUP_set_asn1_flag(group, OPENSSL_EC_EXPLICIT_CURVE);`
		`@@ -49,10 +70,75 @@`
		`} else {`
		`EC_GROUP_free(group);`
		`group = named_group;`
		`- diff -up openssl-3.0.1/test/endecode_test.c.disable_explicit_ec openssl-3.0.1/test/endecode_test.c`
		`- --- openssl-3.0.1/test/endecode_test.c.disable_explicit_ec 2022-03-21 16:55:46.005558779 +0100`
		`- +++ openssl-3.0.1/test/endecode_test.c 2022-03-21 16:56:12.636792762 +0100`
		`- @@ -57,7 +57,7 @@ static BN_CTX *bnctx = NULL;`
		`+ diff --git a/test/ectest.c b/test/ectest.c`
		`+ index 4890b0555e..e11aec5b3b 100644`
		`+ --- a/test/ectest.c`
		`+ +++ b/test/ectest.c`
		`+ @@ -2301,10 +2301,11 @@ static int do_test_custom_explicit_fromdata(EC_GROUP group, BN_CTX ctx,`
		`+ if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))`
		`+ \|\| !TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL))`
		`+ \|\| !TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0)`
		`+ - \|\| !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkeyparam,`
		`+ + \|\| !TEST_int_le(EVP_PKEY_fromdata(pctx, &pkeyparam,`
		`+ EVP_PKEY_KEY_PARAMETERS, params), 0))`
		`+ goto err;`
		`+ -`
		`+ +/* As creating the key should fail, the rest of the test is pointless */`
		`+ +# if 0`
		`+ /- Check that all the set values are retrievable -/`
		`+`
		`+ /* There should be no match to a group name since the generator changed */`
		`+ @@ -2433,6 +2434,7 @@ static int do_test_custom_explicit_fromdata(EC_GROUP group, BN_CTX ctx,`
		`+ #endif`
		`+ )`
		`+ goto err;`
		`+ +#endif`
		`+ ret = 1;`
		`+ err:`
		`+ BN_free(order_out);`
		`+ @@ -2714,21 +2716,21 @@ static int custom_params_test(int id)`
		`+`
		`+ /* Compute keyexchange in both directions */`
		`+ if (!TEST_ptr(pctx1 = EVP_PKEY_CTX_new(pkey1, NULL))`
		`+ - \|\| !TEST_int_eq(EVP_PKEY_derive_init(pctx1), 1)`
		`+ - \|\| !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx1, pkey2), 1)`
		`+ + \|\| !TEST_int_le(EVP_PKEY_derive_init(pctx1), 0)`
		`+ +/* \|\| !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx1, pkey2), 1)`
		`+ \|\| !TEST_int_eq(EVP_PKEY_derive(pctx1, NULL, &sslen), 1)`
		`+ \|\| !TEST_int_gt(bsize, sslen)`
		`+ - \|\| !TEST_int_eq(EVP_PKEY_derive(pctx1, buf1, &sslen), 1))`
		`+ + \|\| !TEST_int_eq(EVP_PKEY_derive(pctx1, buf1, &sslen), 1)*/)`
		`+ goto err;`
		`+ if (!TEST_ptr(pctx2 = EVP_PKEY_CTX_new(pkey2, NULL))`
		`+ - \|\| !TEST_int_eq(EVP_PKEY_derive_init(pctx2), 1)`
		`+ - \|\| !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx2, pkey1), 1)`
		`+ + \|\| !TEST_int_le(EVP_PKEY_derive_init(pctx2), 1)`
		`+ +/* \|\| !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx2, pkey1), 1)`
		`+ \|\| !TEST_int_eq(EVP_PKEY_derive(pctx2, NULL, &t), 1)`
		`+ \|\| !TEST_int_gt(bsize, t)`
		`+ \|\| !TEST_int_le(sslen, t)`
		`+ - \|\| !TEST_int_eq(EVP_PKEY_derive(pctx2, buf2, &t), 1))`
		`+ + \|\| !TEST_int_eq(EVP_PKEY_derive(pctx2, buf2, &t), 1) */)`
		`+ goto err;`
		`+ -`
		`+ +#if 0`
		`+ /* Both sides should expect the same shared secret */`
		`+ if (!TEST_mem_eq(buf1, sslen, buf2, t))`
		`+ goto err;`
		`+ @@ -2780,7 +2782,7 @@ static int custom_params_test(int id)`
		`+ /* compare with previous result */`
		`+ \|\| !TEST_mem_eq(buf1, t, buf2, sslen))`
		`+ goto err;`
		`+ -`
		`+ +#endif`
		`+ ret = 1;`
		`+`
		`+ err:`
		`+ diff --git a/test/endecode_test.c b/test/endecode_test.c`
		`+ index 14648287eb..9a437d8c64 100644`
		`+ --- a/test/endecode_test.c`
		`+ +++ b/test/endecode_test.c`
		`+ @@ -62,7 +62,7 @@ static BN_CTX *bnctx = NULL;`
		`static OSSL_PARAM_BLD *bld_prime_nc = NULL;`
		`static OSSL_PARAM_BLD *bld_prime = NULL;`
		`static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;`
		`@@ -61,7 +147,7 @@`

		`# ifndef OPENSSL_NO_EC2M`
		`static OSSL_PARAM_BLD *bld_tri_nc = NULL;`
		`- @@ -990,9 +990,9 @@ IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")`
		`+ @@ -1009,9 +1009,9 @@ IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")`
		`DOMAIN_KEYS(ECExplicitPrimeNamedCurve);`
		`IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC", 1)`
		`IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")`
		`@@ -74,7 +160,7 @@`
		`# ifndef OPENSSL_NO_EC2M`
		`DOMAIN_KEYS(ECExplicitTriNamedCurve);`
		`IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC", 1)`
		`- @@ -1318,7 +1318,7 @@ int setup_tests(void)`
		`+ @@ -1352,7 +1352,7 @@ int setup_tests(void)`
		`\|\| !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)`
		`\|\| !create_ec_explicit_prime_params(bld_prime)`
		`\|\| !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))`
		`@@ -83,7 +169,7 @@`
		`# ifndef OPENSSL_NO_EC2M`
		`\|\| !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())`
		`\|\| !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())`
		`- @@ -1346,7 +1346,7 @@ int setup_tests(void)`
		`+ @@ -1380,7 +1380,7 @@ int setup_tests(void)`
		`TEST_info("Generating EC keys...");`
		`MAKE_DOMAIN_KEYS(EC, "EC", EC_params);`
		`MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);`
		`@@ -92,7 +178,7 @@`
		`# ifndef OPENSSL_NO_EC2M`
		`MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);`
		`MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);`
		`- @@ -1389,8 +1389,8 @@ int setup_tests(void)`
		`+ @@ -1423,8 +1423,8 @@ int setup_tests(void)`
		`ADD_TEST_SUITE_LEGACY(EC);`
		`ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);`
		`ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);`
		`@@ -103,7 +189,7 @@`
		`# ifndef OPENSSL_NO_EC2M`
		`ADD_TEST_SUITE(ECExplicitTriNamedCurve);`
		`ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);`
		`- @@ -1427,7 +1427,7 @@ void cleanup_tests(void)`
		`+ @@ -1461,7 +1461,7 @@ void cleanup_tests(void)`
		`{`
		`#ifndef OPENSSL_NO_EC`
		`OSSL_PARAM_free(ec_explicit_prime_params_nc);`
		`@@ -112,7 +198,7 @@`
		`OSSL_PARAM_BLD_free(bld_prime_nc);`
		`OSSL_PARAM_BLD_free(bld_prime);`
		`# ifndef OPENSSL_NO_EC2M`
		`- @@ -1449,7 +1449,7 @@ void cleanup_tests(void)`
		`+ @@ -1483,7 +1483,7 @@ void cleanup_tests(void)`
		`#ifndef OPENSSL_NO_EC`
		`FREE_DOMAIN_KEYS(EC);`
		`FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);`
		`@@ -121,10 +207,11 @@`
		`# ifndef OPENSSL_NO_EC2M`
		`FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);`
		`FREE_DOMAIN_KEYS(ECExplicitTri2G);`
		`- diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_ecdsa.txt.disable_explicit_ec openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_ecdsa.txt`
		`- --- openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_ecdsa.txt.disable_explicit_ec 2022-03-25 11:20:50.920949208 +0100`
		`- +++ openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_ecdsa.txt 2022-03-25 11:21:13.177147598 +0100`
		`- @@ -121,18 +121,6 @@ AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEB`
		`+ diff --git a/test/recipes/30-test_evp_data/evppkey_ecdsa.txt b/test/recipes/30-test_evp_data/evppkey_ecdsa.txt`
		`+ index ec3c032aba..584ecee0eb 100644`
		`+ --- a/test/recipes/30-test_evp_data/evppkey_ecdsa.txt`
		`+ +++ b/test/recipes/30-test_evp_data/evppkey_ecdsa.txt`
		`+ @@ -133,18 +133,6 @@ AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBG0wawIBAQQgiUTxtr5vLVjj`
		`3ev1gTwRBduzqqlwd54AUSgI+pjttW8zrWNitO8H1sf59MPWOESKxNtZ1+Nl`
		`-----END PRIVATE KEY-----`

		`@@ -143,66 +230,6 @@`
		`PrivateKey = B-163`
		`-----BEGIN PRIVATE KEY-----`
		`MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDnQW0mLiHVha/jqFznX/K`
		`- diff -up openssl-3.0.9/test/ectest.c.noec openssl-3.0.9/test/ectest.c`
		`- --- openssl-3.0.9/test/ectest.c.noec 2023-07-27 11:30:24.078979261 +0200`
		`- +++ openssl-3.0.9/test/ectest.c 2023-07-27 11:35:12.335576107 +0200`
		`- @@ -2301,10 +2301,11 @@ static int do_test_custom_explicit_fromd`
		`- if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))`
		`- \|\| !TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL))`
		`- \|\| !TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0)`
		`- - \|\| !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkeyparam,`
		`- + \|\| !TEST_int_le(EVP_PKEY_fromdata(pctx, &pkeyparam,`
		`- EVP_PKEY_KEY_PARAMETERS, params), 0))`
		`- goto err;`
		`- -`
		`- +/* As creating the key should fail, the rest of the test is pointless */`
		`- +# if 0`
		`- /- Check that all the set values are retrievable -/`
		`-`
		`- /* There should be no match to a group name since the generator changed */`
		`- @@ -2433,6 +2434,7 @@ static int do_test_custom_explicit_fromd`
		`- #endif`
		`- )`
		`- goto err;`
		`- +#endif`
		`- ret = 1;`
		`- err:`
		`- BN_free(order_out);`
		`- @@ -2714,21 +2716,21 @@ static int custom_params_test(int id)`
		`-`
		`- /* Compute keyexchange in both directions */`
		`- if (!TEST_ptr(pctx1 = EVP_PKEY_CTX_new(pkey1, NULL))`
		`- - \|\| !TEST_int_eq(EVP_PKEY_derive_init(pctx1), 1)`
		`- - \|\| !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx1, pkey2), 1)`
		`- + \|\| !TEST_int_le(EVP_PKEY_derive_init(pctx1), 0)`
		`- +/* \|\| !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx1, pkey2), 1)`
		`- \|\| !TEST_int_eq(EVP_PKEY_derive(pctx1, NULL, &sslen), 1)`
		`- \|\| !TEST_int_gt(bsize, sslen)`
		`- - \|\| !TEST_int_eq(EVP_PKEY_derive(pctx1, buf1, &sslen), 1))`
		`- + \|\| !TEST_int_eq(EVP_PKEY_derive(pctx1, buf1, &sslen), 1)*/)`
		`- goto err;`
		`- if (!TEST_ptr(pctx2 = EVP_PKEY_CTX_new(pkey2, NULL))`
		`- - \|\| !TEST_int_eq(EVP_PKEY_derive_init(pctx2), 1)`
		`- - \|\| !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx2, pkey1), 1)`
		`- + \|\| !TEST_int_le(EVP_PKEY_derive_init(pctx2), 1)`
		`- +/* \|\| !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx2, pkey1), 1)`
		`- \|\| !TEST_int_eq(EVP_PKEY_derive(pctx2, NULL, &t), 1)`
		`- \|\| !TEST_int_gt(bsize, t)`
		`- \|\| !TEST_int_le(sslen, t)`
		`- - \|\| !TEST_int_eq(EVP_PKEY_derive(pctx2, buf2, &t), 1))`
		`- + \|\| !TEST_int_eq(EVP_PKEY_derive(pctx2, buf2, &t), 1) */)`
		`- goto err;`
		`- -`
		`- +#if 0`
		`- /* Both sides should expect the same shared secret */`
		`- if (!TEST_mem_eq(buf1, sslen, buf2, t))`
		`- goto err;`
		`- @@ -2780,7 +2782,7 @@ static int custom_params_test(int id)`
		`- /* compare with previous result */`
		`- \|\| !TEST_mem_eq(buf1, t, buf2, sslen))`
		`- goto err;`
		`- -`
		`- +#endif`
		`- ret = 1;`
		`-`
		`- err:`
		`+ --`
		`+ 2.41.0`
		`+`

0013-skipped-tests-EC-curves.patch

file modified

+34 -12

		`@@ -1,7 +1,24 @@`
		`- diff -up ./test/recipes/15-test_ec.t.skip-tests ./test/recipes/15-test_ec.t`
		`- --- ./test/recipes/15-test_ec.t.skip-tests 2023-03-14 13:42:38.865508269 +0100`
		`- +++ ./test/recipes/15-test_ec.t 2023-03-14 13:43:36.237021635 +0100`
		`- @@ -90,7 +90,7 @@ subtest 'Ed448 conversions -- public key`
		`+ From 9ede2b1e13f72db37718853faff74b4429084d59 Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 13/35] 0013-skipped-tests-EC-curves.patch`
		`+`
		`+ Patch-name: 0013-skipped-tests-EC-curves.patch`
		`+ Patch-id: 13`
		`+ Patch-status: \|`
		`+ # Skipped tests from former 0011-Remove-EC-curves.patch`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ test/recipes/15-test_ec.t \| 2 +-`
		`+ test/recipes/65-test_cmp_protect.t \| 2 +-`
		`+ test/recipes/65-test_cmp_vfy.t \| 2 +-`
		`+ 3 files changed, 3 insertions(+), 3 deletions(-)`
		`+`
		`+ diff --git a/test/recipes/15-test_ec.t b/test/recipes/15-test_ec.t`
		`+ index 0638d626e7..c0efd77649 100644`
		`+ --- a/test/recipes/15-test_ec.t`
		`+ +++ b/test/recipes/15-test_ec.t`
		`+ @@ -90,7 +90,7 @@ subtest 'Ed448 conversions -- public key' => sub {`

		`subtest 'Check loading of fips and non-fips keys' => sub {`
		`plan skip_all => "FIPS is disabled"`
		`@@ -10,10 +27,11 @@`

		`plan tests => 2;`

		`- diff -up ./test/recipes/65-test_cmp_protect.t.skip-tests ./test/recipes/65-test_cmp_protect.t`
		`- --- ./test/recipes/65-test_cmp_protect.t.skip-tests 2023-03-14 10:13:11.342056559 +0100`
		`- +++ ./test/recipes/65-test_cmp_protect.t 2023-03-14 10:14:42.643873496 +0100`
		`- @@ -27,7 +27,7 @@ plan skip_all => "This test is not suppo`
		`+ diff --git a/test/recipes/65-test_cmp_protect.t b/test/recipes/65-test_cmp_protect.t`
		`+ index 631603df7c..4cb2ffebbc 100644`
		`+ --- a/test/recipes/65-test_cmp_protect.t`
		`+ +++ b/test/recipes/65-test_cmp_protect.t`
		`+ @@ -27,7 +27,7 @@ plan skip_all => "This test is not supported in a no-cmp build"`
		`plan skip_all => "This test is not supported in a shared library build on Windows"`
		`if $^O eq 'MSWin32' && !disabled("shared");`

		`@@ -22,10 +40,11 @@`

		`my @basic_cmd = ("cmp_protect_test",`
		`data_file("server.pem"),`
		`- diff -up ./test/recipes/65-test_cmp_vfy.t.skip-tests ./test/recipes/65-test_cmp_vfy.t`
		`- --- ./test/recipes/65-test_cmp_vfy.t.skip-tests 2023-03-14 10:13:38.106296042 +0100`
		`- +++ ./test/recipes/65-test_cmp_vfy.t 2023-03-14 10:16:56.496071178 +0100`
		`- @@ -27,7 +27,7 @@ plan skip_all => "This test is not suppo`
		`+ diff --git a/test/recipes/65-test_cmp_vfy.t b/test/recipes/65-test_cmp_vfy.t`
		`+ index f722800e27..26a01786bb 100644`
		`+ --- a/test/recipes/65-test_cmp_vfy.t`
		`+ +++ b/test/recipes/65-test_cmp_vfy.t`
		`+ @@ -27,7 +27,7 @@ plan skip_all => "This test is not supported in a no-cmp build"`
		`plan skip_all => "This test is not supported in a no-ec build"`
		`if disabled("ec");`

		`@@ -34,3 +53,6 @@`

		`my @basic_cmd = ("cmp_vfy_test",`
		`data_file("server.crt"), data_file("client.crt"),`
		`+ --`
		`+ 2.41.0`
		`+`

0024-load-legacy-prov.patch

file modified

+35 -17

		`@@ -1,6 +1,22 @@`
		`- diff -up openssl-3.0.0/apps/openssl.cnf.legacy-prov openssl-3.0.0/apps/openssl.cnf`
		`- --- openssl-3.0.0/apps/openssl.cnf.legacy-prov 2021-09-09 12:06:40.895793297 +0200`
		`- +++ openssl-3.0.0/apps/openssl.cnf 2021-09-09 12:12:33.947482500 +0200`
		`+ From 69636828729ecc287863366dcdd6548dee78c7a4 Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 14/35] 0024-load-legacy-prov.patch`
		`+`
		`+ Patch-name: 0024-load-legacy-prov.patch`
		`+ Patch-id: 24`
		`+ Patch-status: \|`
		`+ # Instructions to load legacy provider in openssl.cnf`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ apps/openssl.cnf \| 37 +++++++++++++++----------------------`
		`+ doc/man5/config.pod \| 8 ++++++++`
		`+ 2 files changed, 23 insertions(+), 22 deletions(-)`
		`+`
		`+ diff --git a/apps/openssl.cnf b/apps/openssl.cnf`
		`+ index 3956235fda..bddb6bc029 100644`
		`+ --- a/apps/openssl.cnf`
		`+ +++ b/apps/openssl.cnf`
		`@@ -42,36 +42,29 @@ tsa_policy1 = 1.2.3.4.1`
		`tsa_policy2 = 1.2.3.4.5.6`
		`tsa_policy3 = 1.2.3.4.5.7`
		`@@ -19,11 +35,6 @@`
		`ssl_conf = ssl_module`

		`-# List of providers to load`
		`- -[provider_sect]`
		`- -default = default_sect`
		`- -# The fips section name should match the section name inside the`
		`- -# included fipsmodule.cnf.`
		`- -# fips = fips_sect`
		`+# Uncomment the sections that start with ## below to enable the legacy provider.`
		`+# Loading the legacy provider enables support for the following algorithms:`
		`+# Hashing Algorithms / Message Digests: MD2, MD4, MDC2, WHIRLPOOL, RIPEMD160`
		`@@ -32,7 +43,13 @@`
		`+# In general it is not recommended to use the above mentioned algorithms for`
		`+# security critical operations, as they are cryptographically weak or vulnerable`
		`+# to side-channel attacks and as such have been deprecated.`
		`-`
		`+ +`
		`+ [provider_sect]`
		`+ default = default_sect`
		`+ -# The fips section name should match the section name inside the`
		`+ -# included fipsmodule.cnf.`
		`+ -# fips = fips_sect`
		`+ -`
		`-# If no providers are activated explicitly, the default one is activated implicitly.`
		`-# See man 7 OSSL_PROVIDER-default for more details.`
		`-#`
		`@@ -41,13 +58,10 @@`
		`-# becomes unavailable in openssl. As a consequence applications depending on`
		`-# OpenSSL may not work correctly which could lead to significant system`
		`-# problems including inability to remotely access the system.`
		`- -[default_sect]`
		`- -# activate = 1`
		`- +[provider_sect]`
		`- +default = default_sect`
		`+##legacy = legacy_sect`
		`+##`
		`- +[default_sect]`
		`+ [default_sect]`
		`+ -# activate = 1`
		`+activate = 1`
		`+`
		`+##[legacy_sect]`
		`@@ -55,9 +69,10 @@`

		`[ ssl_module ]`

		`- diff -up openssl-3.0.0/doc/man5/config.pod.legacy-prov openssl-3.0.0/doc/man5/config.pod`
		`- --- openssl-3.0.0/doc/man5/config.pod.legacy-prov 2021-09-09 12:09:38.079040853 +0200`
		`- +++ openssl-3.0.0/doc/man5/config.pod 2021-09-09 12:11:56.646224876 +0200`
		`+ diff --git a/doc/man5/config.pod b/doc/man5/config.pod`
		`+ index 8d312c661f..714a10437b 100644`
		`+ --- a/doc/man5/config.pod`
		`+ +++ b/doc/man5/config.pod`
		`@@ -273,6 +273,14 @@ significant.`
		`All parameters in the section as well as sub-sections are made`
		`available to the provider.`
		`@@ -73,3 +88,6 @@`
		`=head3 Default provider and its activation`

		`If no providers are activated explicitly, the default one is activated implicitly.`
		`+ --`
		`+ 2.41.0`
		`+`

0031-tmp-Fix-test-names.patch

file modified

-12

		`@@ -1,15 +1,3 @@`
		`- diff -up openssl-3.0.0/test/recipes/90-test_sslapi.t.beldmit openssl-3.0.0/test/recipes/90-test_sslapi.t`
		`- --- openssl-3.0.0/test/recipes/90-test_sslapi.t.beldmit 2021-09-22 11:56:49.452507975 +0200`
		`- +++ openssl-3.0.0/test/recipes/90-test_sslapi.t 2021-09-22 11:57:19.371764742 +0200`
		`- @@ -40,7 +40,7 @@ unless ($no_fips) {`
		`- "recipes",`
		`- "90-test_sslapi_data",`
		`- "dhparams.pem")])),`
		`- - "running sslapitest");`
		`- + "running sslapitest - FIPS");`
		`- }`
		`-`
		`- unlink $tmpfilename;`
		`diff --git a/test/sslapitest.c b/test/sslapitest.c`
		`index e95d2657f46c..7af0eab3fce0 100644`
		`--- a/test/sslapitest.c`

0032-Force-fips.patch

file modified

+29 -147

		`@@ -1,12 +1,21 @@`
		`- #Note: provider_conf_activate() is introduced in downstream only. It is a rewrite`
		`- #(partial) of the function provider_conf_load() under the 'if (activate) section.`
		`- #If there is any change to this section, after deleting it in provider_conf_load()`
		`- #ensure that you also add those changes to the provider_conf_activate() function.`
		`- #additionally please add this check for cnf explicitly as shown below.`
		`- #'ok = cnf ? provider_conf_params(prov, NULL, NULL, value, cnf) : 1;'`
		`- diff -up openssl-3.0.1/crypto/provider_conf.c.fipsact openssl-3.0.1/crypto/provider_conf.c`
		`- --- openssl-3.0.1/crypto/provider_conf.c.fipsact 2022-05-12 12:44:31.199034948 +0200`
		`- +++ openssl-3.0.1/crypto/provider_conf.c 2022-05-12 12:49:17.468318373 +0200`
		`+ From 8c6dffe2347fc801a2b285d79dd99b8739414bc3 Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 16/35] 0032-Force-fips.patch`
		`+`
		`+ Patch-name: 0032-Force-fips.patch`
		`+ Patch-id: 32`
		`+ Patch-status: \|`
		`+ # We load FIPS provider and set FIPS properties implicitly`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ crypto/provider_conf.c \| 13 ++++++++++++-`
		`+ 1 file changed, 12 insertions(+), 1 deletion(-)`
		`+`
		`+ diff --git a/crypto/provider_conf.c b/crypto/provider_conf.c`
		`+ index 058fb58837..ad0b29c954 100644`
		`+ --- a/crypto/provider_conf.c`
		`+ +++ b/crypto/provider_conf.c`
		`@@ -10,6 +10,7 @@`
		`#include <string.h>`
		`#include <openssl/trace.h>`
		`@@ -15,151 +24,21 @@`
		`#include <openssl/conf.h>`
		`#include <openssl/safestack.h>`
		`#include <openssl/provider.h>`
		`- @@ -136,58 +136,18 @@ static int prov_already_activated(const`
		`- return 0;`
		`- }`
		`-`
		`- -static int provider_conf_load(OSSL_LIB_CTX libctx, const char name,`
		`- - const char value, const CONF cnf)`
		`- +static int provider_conf_activate(OSSL_LIB_CTX libctx,const char name,`
		`- + const char value, const char path,`
		`- + int soft, const CONF *cnf)`
		`- {`
		`- - int i;`
		`- - STACK_OF(CONF_VALUE) *ecmds;`
		`- - int soft = 0;`
		`- - OSSL_PROVIDER prov = NULL, actual = NULL;`
		`- - const char *path = NULL;`
		`- - long activate = 0;`
		`- int ok = 0;`
		`- -`
		`- - name = skip_dot(name);`
		`- - OSSL_TRACE1(CONF, "Configuring provider %s\n", name);`
		`- - /* Value is a section containing PROVIDER commands */`
		`- - ecmds = NCONF_get_section(cnf, value);`
		`- -`
		`- - if (!ecmds) {`
		`- - ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_PROVIDER_SECTION_ERROR,`
		`- - "section=%s not found", value);`
		`- - return 0;`
		`- - }`
		`- -`
		`- - /* Find the needed data first */`
		`- - for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) {`
		`- - CONF_VALUE *ecmd = sk_CONF_VALUE_value(ecmds, i);`
		`- - const char *confname = skip_dot(ecmd->name);`
		`- - const char *confvalue = ecmd->value;`
		`- -`
		`- - OSSL_TRACE2(CONF, "Provider command: %s = %s\n",`
		`- - confname, confvalue);`
		`- -`
		`- - /* First handle some special pseudo confs */`
		`- -`
		`- - /* Override provider name to use */`
		`- - if (strcmp(confname, "identity") == 0)`
		`- - name = confvalue;`
		`- - else if (strcmp(confname, "soft_load") == 0)`
		`- - soft = 1;`
		`- - /* Load a dynamic PROVIDER */`
		`- - else if (strcmp(confname, "module") == 0)`
		`- - path = confvalue;`
		`- - else if (strcmp(confname, "activate") == 0)`
		`- - activate = 1;`
		`- - }`
		`- -`
		`- - if (activate) {`
		`- - PROVIDER_CONF_GLOBAL *pcgbl`
		`- - = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX,`
		`- - &provider_conf_ossl_ctx_method);`
		`- + OSSL_PROVIDER prov = NULL, actual = NULL;`
		`- + PROVIDER_CONF_GLOBAL *pcgbl`
		`- + = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX,`
		`- + &provider_conf_ossl_ctx_method);`
		`-`
		`- if (pcgbl == NULL \|\| !CRYPTO_THREAD_write_lock(pcgbl->lock)) {`
		`- - ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR);`
		`- + ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR);`
		`- return 0;`
		`- }`
		`- if (!prov_already_activated(name, pcgbl->activated_providers)) {`
		`- @@ -216,7 +176,7 @@ static int provider_conf_load(OSSL_LIB_C`
		`- if (path != NULL)`
		`- ossl_provider_set_module_path(prov, path);`
		`+ @@ -169,7 +170,7 @@ static int provider_conf_activate(OSSL_LIB_CTX libctx, const char name,`
		`+ if (path != NULL)`
		`+ ossl_provider_set_module_path(prov, path);`

		`- - ok = provider_conf_params(prov, NULL, NULL, value, cnf);`
		`- + ok = cnf ? provider_conf_params(prov, NULL, NULL, value, cnf) : 1;`
		`-`
		`- if (ok) {`
		`- if (!ossl_provider_activate(prov, 1, 0)) {`
		`- @@ -244,8 +204,59 @@ static int provider_conf_load(OSSL_LIB_C`
		`- }`
		`- if (!ok)`
		`- ossl_provider_free(prov);`
		`- + } else { /* No reason to activate the provider twice, returning OK */`
		`- + ok = 1;`
		`- }`
		`- CRYPTO_THREAD_unlock(pcgbl->lock);`
		`- + return ok;`
		`- +}`
		`- +`
		`- +static int provider_conf_load(OSSL_LIB_CTX libctx, const char name,`
		`- + const char value, const CONF cnf)`
		`- +{`
		`- + int i;`
		`- + STACK_OF(CONF_VALUE) *ecmds;`
		`- + int soft = 0;`
		`- + const char *path = NULL;`
		`- + long activate = 0;`
		`- + int ok = 0;`
		`- +`
		`- + name = skip_dot(name);`
		`- + OSSL_TRACE1(CONF, "Configuring provider %s\n", name);`
		`- + /* Value is a section containing PROVIDER commands */`
		`- + ecmds = NCONF_get_section(cnf, value);`
		`- +`
		`- + if (!ecmds) {`
		`- + ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_PROVIDER_SECTION_ERROR,`
		`- + "section=%s not found", value);`
		`- + return 0;`
		`- + }`
		`- +`
		`- + /* Find the needed data first */`
		`- + for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) {`
		`- + CONF_VALUE *ecmd = sk_CONF_VALUE_value(ecmds, i);`
		`- + const char *confname = skip_dot(ecmd->name);`
		`- + const char *confvalue = ecmd->value;`
		`- +`
		`- + OSSL_TRACE2(CONF, "Provider command: %s = %s\n",`
		`- + confname, confvalue);`
		`- +`
		`- + /* First handle some special pseudo confs */`
		`- +`
		`- + /* Override provider name to use */`
		`- + if (strcmp(confname, "identity") == 0)`
		`- + name = confvalue;`
		`- + else if (strcmp(confname, "soft_load") == 0)`
		`- + soft = 1;`
		`- + /* Load a dynamic PROVIDER */`
		`- + else if (strcmp(confname, "module") == 0)`
		`- + path = confvalue;`
		`- + else if (strcmp(confname, "activate") == 0)`
		`- + activate = 1;`
		`- + }`
		`- +`
		`- + if (activate) {`
		`- + ok = provider_conf_activate(libctx, name, value, path, soft, cnf);`
		`- } else {`
		`- OSSL_PROVIDER_INFO entry;`
		`+ - ok = provider_conf_params(prov, NULL, NULL, value, cnf);`
		`+ + ok = cnf ? provider_conf_params(prov, NULL, NULL, value, cnf) : 1;`

		`- @@ -306,6 +317,19 @@ static int provider_conf_init(CONF_IMODU`
		`+ if (ok) {`
		`+ if (!ossl_provider_activate(prov, 1, 0)) {`
		`+ @@ -309,6 +310,16 @@ static int provider_conf_init(CONF_IMODULE md, const CONF cnf)`
		`return 0;`
		`}`

		`+ if (ossl_get_kernel_fips_flag() != 0) { /* XXX from provider_conf_load */`
		`+ OSSL_LIB_CTX libctx = NCONF_get0_libctx((CONF )cnf);`
		`- + PROVIDER_CONF_GLOBAL *pcgbl`
		`- + = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX,`
		`- + &provider_conf_ossl_ctx_method);`
		`+ if (provider_conf_activate(libctx, "fips", NULL, NULL, 0, NULL) != 1)`
		`+ return 0;`
		`+ if (provider_conf_activate(libctx, "base", NULL, NULL, 0, NULL) != 1)`
		`@@ -171,3 +50,6 @@`
		`return 1;`
		`}`

		`+ --`
		`+ 2.41.0`
		`+`

0033-FIPS-embed-hmac.patch

file modified

+92 -54

		`@@ -1,9 +1,32 @@`
		`- diff -up openssl-3.0.7/providers/fips/self_test.c.embed-hmac openssl-3.0.7/providers/fips/self_test.c`
		`- --- openssl-3.0.7/providers/fips/self_test.c.embed-hmac 2023-01-05 10:03:44.864869710 +0100`
		`- +++ openssl-3.0.7/providers/fips/self_test.c 2023-01-05 10:15:17.041606472 +0100`
		`- @@ -172,11 +172,27 @@ DEP_FINI_ATTRIBUTE void cleanup(void)`
		`+ From 538665f6c210f876bf2733afe63460b36f2c9929 Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 17/35] 0033-FIPS-embed-hmac.patch`
		`+`
		`+ Patch-name: 0033-FIPS-embed-hmac.patch`
		`+ Patch-id: 33`
		`+ Patch-status: \|`
		`+ # Embed HMAC into the fips.so`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ providers/fips/self_test.c \| 69 ++++++++++++++++++++++++---`
		`+ test/fipsmodule.cnf \| 2 +`
		`+ test/recipes/00-prep_fipsmodule_cnf.t \| 2 +-`
		`+ test/recipes/01-test_fipsmodule_cnf.t \| 2 +-`
		`+ test/recipes/03-test_fipsinstall.t \| 2 +-`
		`+ test/recipes/30-test_defltfips.t \| 2 +-`
		`+ test/recipes/80-test_ssl_new.t \| 2 +-`
		`+ test/recipes/90-test_sslapi.t \| 2 +-`
		`+ 8 files changed, 70 insertions(+), 13 deletions(-)`
		`+ create mode 100644 test/fipsmodule.cnf`
		`+`
		`+ diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c`
		`+ index 10804d9f59..ef56002854 100644`
		`+ --- a/providers/fips/self_test.c`
		`+ +++ b/providers/fips/self_test.c`
		`+ @@ -231,11 +231,27 @@ err:`
		`+ return ok;`
		`}`
		`- #endif`

		`+#define HMAC_LEN 32`
		`+/*`
		`@@ -29,7 +52,7 @@`
		`static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex_cb,`
		`unsigned char *expected, size_t expected_len,`
		`OSSL_LIB_CTX libctx, OSSL_SELF_TEST ev,`
		`- @@ -189,9 +205,20 @@ static int verify_integrity(OSSL_CORE_BI`
		`+ @@ -248,12 +264,23 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex`
		`EVP_MAC *mac = NULL;`
		`EVP_MAC_CTX *ctx = NULL;`
		`OSSL_PARAM params[2], *p = params;`
		`@@ -39,6 +62,9 @@`
		`+ unsigned long paddr;`
		`+ unsigned long off = 0;`

		`+ if (!integrity_self_test(ev, libctx))`
		`+ goto err;`
		`+`
		`OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC);`

		`+ if (!dladdr1 ((const void *)fips_hmac_container,`
		`@@ -50,7 +76,7 @@`
		`mac = EVP_MAC_fetch(libctx, MAC_NAME, NULL);`
		`if (mac == NULL)`
		`goto err;`
		`- @@ -205,13 +233,42 @@ static int verify_integrity(OSSL_CORE_BI`
		`+ @@ -267,13 +294,42 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex`
		`if (!EVP_MAC_init(ctx, fixed_key, sizeof(fixed_key), params))`
		`goto err;`

		`@@ -58,12 +84,12 @@`
		`- status = read_ex_cb(bio, buf, sizeof(buf), &bytes_read);`
		`+ while ((off + INTEGRITY_BUF_SIZE) <= paddr) {`
		`+ status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read);`
		`- if (status != 1)`
		`- break;`
		`- if (!EVP_MAC_update(ctx, buf, bytes_read))`
		`- goto err;`
		`+ + if (status != 1)`
		`+ + break;`
		`+ + if (!EVP_MAC_update(ctx, buf, bytes_read))`
		`+ + goto err;`
		`+ off += bytes_read;`
		`- }`
		`+ + }`
		`+`
		`+ if (off + INTEGRITY_BUF_SIZE > paddr) {`
		`+ int delta = paddr - off;`
		`@@ -85,17 +111,17 @@`
		`+`
		`+ while (bytes_read > 0) {`
		`+ status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read);`
		`- + if (status != 1)`
		`- + break;`
		`- + if (!EVP_MAC_update(ctx, buf, bytes_read))`
		`- + goto err;`
		`+ if (status != 1)`
		`+ break;`
		`+ if (!EVP_MAC_update(ctx, buf, bytes_read))`
		`+ goto err;`
		`+ off += bytes_read;`
		`- + }`
		`+ }`
		`+`
		`if (!EVP_MAC_final(ctx, out, &out_len, sizeof(out)))`
		`goto err;`

		`- @@ -285,8 +342,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS`
		`+ @@ -349,8 +405,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)`
		`CRYPTO_THREAD_unlock(fips_state_lock);`
		`}`

		`@@ -105,7 +131,7 @@`
		`ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CONFIG_DATA);`
		`goto end;`
		`}`
		`- @@ -305,8 +361,9 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS`
		`+ @@ -359,8 +414,9 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)`
		`if (ev == NULL)`
		`goto end;`

		`@@ -117,18 +143,27 @@`
		`if (module_checksum == NULL) {`
		`ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CONFIG_DATA);`
		`goto end;`
		`- @@ -356,7 +413,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS`
		`- ok = 1;`
		`+ @@ -434,7 +490,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)`
		`end:`
		`+ EVP_RAND_free(testrand);`
		`OSSL_SELF_TEST_free(ev);`
		`- OPENSSL_free(module_checksum);`
		`OPENSSL_free(indicator_checksum);`

		`if (st != NULL) {`
		`- diff -ruN openssl-3.0.0/test/recipes/00-prep_fipsmodule_cnf.t openssl-3.0.0-xxx/test/recipes/00-prep_fipsmodule_cnf.t`
		`- --- openssl-3.0.0/test/recipes/00-prep_fipsmodule_cnf.t 2021-09-07 13:46:32.000000000 +0200`
		`- +++ openssl-3.0.0-xxx/test/recipes/00-prep_fipsmodule_cnf.t 2021-11-18 09:39:53.386817874 +0100`
		`- @@ -20,7 +20,7 @@`
		`+ diff --git a/test/fipsmodule.cnf b/test/fipsmodule.cnf`
		`+ new file mode 100644`
		`+ index 0000000000..f05d0dedbe`
		`+ --- /dev/null`
		`+ +++ b/test/fipsmodule.cnf`
		`+ @@ -0,0 +1,2 @@`
		`+ +[fips_sect]`
		`+ +activate = 1`
		`+ diff --git a/test/recipes/00-prep_fipsmodule_cnf.t b/test/recipes/00-prep_fipsmodule_cnf.t`
		`+ index 4e3a6d85e8..e8255ba974 100644`
		`+ --- a/test/recipes/00-prep_fipsmodule_cnf.t`
		`+ +++ b/test/recipes/00-prep_fipsmodule_cnf.t`
		`+ @@ -20,7 +20,7 @@ use lib srctop_dir('Configurations');`
		`use lib bldtop_dir('.');`
		`use platform;`

		`@@ -137,10 +172,11 @@`
		`plan skip_all => "FIPS module config file only supported in a fips build"`
		`if $no_check;`

		`- diff -ruN openssl-3.0.0/test/recipes/01-test_fipsmodule_cnf.t openssl-3.0.0-xxx/test/recipes/01-test_fipsmodule_cnf.t`
		`- --- openssl-3.0.0/test/recipes/01-test_fipsmodule_cnf.t 2021-09-07 13:46:32.000000000 +0200`
		`- +++ openssl-3.0.0-xxx/test/recipes/01-test_fipsmodule_cnf.t 2021-11-18 09:59:02.315619486 +0100`
		`- @@ -23,7 +23,7 @@`
		`+ diff --git a/test/recipes/01-test_fipsmodule_cnf.t b/test/recipes/01-test_fipsmodule_cnf.t`
		`+ index ce594817d5..00cebacff8 100644`
		`+ --- a/test/recipes/01-test_fipsmodule_cnf.t`
		`+ +++ b/test/recipes/01-test_fipsmodule_cnf.t`
		`+ @@ -23,7 +23,7 @@ use lib srctop_dir('Configurations');`
		`use lib bldtop_dir('.');`
		`use platform;`

		`@@ -149,22 +185,24 @@`
		`plan skip_all => "Test only supported in a fips build"`
		`if $no_check;`
		`plan tests => 1;`
		`- diff -ruN openssl-3.0.0/test/recipes/03-test_fipsinstall.t openssl-3.0.0-xxx/test/recipes/03-test_fipsinstall.t`
		`- --- openssl-3.0.0/test/recipes/03-test_fipsinstall.t 2021-09-07 13:46:32.000000000 +0200`
		`- +++ openssl-3.0.0-xxx/test/recipes/03-test_fipsinstall.t 2021-11-18 09:59:55.365072074 +0100`
		`- @@ -22,7 +22,7 @@`
		`+ diff --git a/test/recipes/03-test_fipsinstall.t b/test/recipes/03-test_fipsinstall.t`
		`+ index b8b136d110..8242f4ebc3 100644`
		`+ --- a/test/recipes/03-test_fipsinstall.t`
		`+ +++ b/test/recipes/03-test_fipsinstall.t`
		`+ @@ -22,7 +22,7 @@ use lib srctop_dir('Configurations');`
		`use lib bldtop_dir('.');`
		`use platform;`

		`-plan skip_all => "Test only supported in a fips build" if disabled("fips");`
		`+plan skip_all => "Test only supported in a fips build" if 1;`

		`- plan tests => 29;`
		`-`
		`- diff -ruN openssl-3.0.0/test/recipes/30-test_defltfips.t openssl-3.0.0-xxx/test/recipes/30-test_defltfips.t`
		`- --- openssl-3.0.0/test/recipes/30-test_defltfips.t 2021-09-07 13:46:32.000000000 +0200`
		`- +++ openssl-3.0.0-xxx/test/recipes/30-test_defltfips.t 2021-11-18 10:22:54.179659682 +0100`
		`- @@ -21,7 +21,7 @@`
		`+ # Compatible options for pedantic FIPS compliance`
		`+ my @pedantic_okay =`
		`+ diff --git a/test/recipes/30-test_defltfips.t b/test/recipes/30-test_defltfips.t`
		`+ index 426bd660d1..6dc514936b 100644`
		`+ --- a/test/recipes/30-test_defltfips.t`
		`+ +++ b/test/recipes/30-test_defltfips.t`
		`+ @@ -21,7 +21,7 @@ BEGIN {`
		`use lib srctop_dir('Configurations');`
		`use lib bldtop_dir('.');`

		`@@ -173,10 +211,11 @@`

		`plan tests =>`
		`($no_fips ? 1 : 5);`
		`- diff -ruN openssl-3.0.0/test/recipes/80-test_ssl_new.t openssl-3.0.0-xxx/test/recipes/80-test_ssl_new.t`
		`- --- openssl-3.0.0/test/recipes/80-test_ssl_new.t 2021-09-07 13:46:32.000000000 +0200`
		`- +++ openssl-3.0.0-xxx/test/recipes/80-test_ssl_new.t 2021-11-18 10:18:53.391721164 +0100`
		`- @@ -23,7 +23,7 @@`
		`+ diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t`
		`+ index 0c6d6402d9..e45f9cb560 100644`
		`+ --- a/test/recipes/80-test_ssl_new.t`
		`+ +++ b/test/recipes/80-test_ssl_new.t`
		`+ @@ -27,7 +27,7 @@ setup("test_ssl_new");`
		`use lib srctop_dir('Configurations');`
		`use lib bldtop_dir('.');`

		`@@ -185,20 +224,19 @@`

		`$ENV{TEST_CERTS_DIR} = srctop_dir("test", "certs");`

		`- diff -ruN openssl-3.0.0/test/recipes/90-test_sslapi.t openssl-3.0.0-xxx/test/recipes/90-test_sslapi.t`
		`- --- openssl-3.0.0/test/recipes/90-test_sslapi.t 2021-11-18 10:32:17.734196705 +0100`
		`- +++ openssl-3.0.0-xxx/test/recipes/90-test_sslapi.t 2021-11-18 10:18:30.695538445 +0100`
		`- @@ -18,7 +18,7 @@`
		`+ diff --git a/test/recipes/90-test_sslapi.t b/test/recipes/90-test_sslapi.t`
		`+ index 9e9e32b51e..1a1a7159b5 100644`
		`+ --- a/test/recipes/90-test_sslapi.t`
		`+ +++ b/test/recipes/90-test_sslapi.t`
		`+ @@ -17,7 +17,7 @@ setup("test_sslapi");`
		`use lib srctop_dir('Configurations');`
		`use lib bldtop_dir('.');`

		`-my $no_fips = disabled('fips') \|\| ($ENV{NO_FIPS} // 0);`
		`+my $no_fips = 1; #disabled('fips') \|\| ($ENV{NO_FIPS} // 0);`
		`+ my $fipsmodcfg_filename = "fipsmodule.cnf";`
		`+ my $fipsmodcfg = bldtop_file("test", $fipsmodcfg_filename);`

		`- plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build"`
		`- if alldisabled(grep { $_ ne "ssl3" } available_protocols("tls"));`
		`- --- /dev/null 2021-11-16 15:27:32.915000000 +0100`
		`- +++ openssl-3.0.0/test/fipsmodule.cnf 2021-11-18 11:15:34.538060408 +0100`
		`- @@ -0,0 +1,2 @@`
		`- +[fips_sect]`
		`- +activate = 1`
		`+ --`
		`+ 2.41.0`
		`+`

0034.fipsinstall_disable.patch

file modified

+227 -160

		`@@ -1,7 +1,27 @@`
		`- diff -up openssl-3.0.0/apps/fipsinstall.c.xxx openssl-3.0.0/apps/fipsinstall.c`
		`- --- openssl-3.0.0/apps/fipsinstall.c.xxx 2021-11-22 13:09:28.232560235 +0100`
		`- +++ openssl-3.0.0/apps/fipsinstall.c 2021-11-22 13:12:22.272058910 +0100`
		`- @@ -311,6 +311,9 @@ int fipsinstall_main(int argc, char **ar`
		`+ From a9825123e7ab3474d2794a5706d9bed047959c9c Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 18/35] 0034.fipsinstall_disable.patch`
		`+`
		`+ Patch-name: 0034.fipsinstall_disable.patch`
		`+ Patch-id: 34`
		`+ Patch-status: \|`
		`+ # Comment out fipsinstall command-line utility`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ apps/fipsinstall.c \| 3 +`
		`+ doc/man1/openssl-fipsinstall.pod.in \| 272 +---------------------------`
		`+ doc/man1/openssl.pod \| 4 -`
		`+ doc/man5/config.pod \| 1 -`
		`+ doc/man5/fips_config.pod \| 104 +----------`
		`+ doc/man7/OSSL_PROVIDER-FIPS.pod \| 1 -`
		`+ 6 files changed, 10 insertions(+), 375 deletions(-)`
		`+`
		`+ diff --git a/apps/fipsinstall.c b/apps/fipsinstall.c`
		`+ index e1ef645b60..db92cb5fb2 100644`
		`+ --- a/apps/fipsinstall.c`
		`+ +++ b/apps/fipsinstall.c`
		`+ @@ -375,6 +375,9 @@ int fipsinstall_main(int argc, char **argv)`
		`EVP_MAC *mac = NULL;`
		`CONF *conf = NULL;`

		`@@ -11,160 +31,11 @@`
		`if ((opts = sk_OPENSSL_STRING_new_null()) == NULL)`
		`goto end;`

		`- diff -up openssl-3.0.0/doc/man1/openssl.pod.xxx openssl-3.0.0/doc/man1/openssl.pod`
		`- --- openssl-3.0.0/doc/man1/openssl.pod.xxx 2021-11-22 13:18:51.081406990 +0100`
		`- +++ openssl-3.0.0/doc/man1/openssl.pod 2021-11-22 13:19:02.897508738 +0100`
		`- @@ -158,10 +158,6 @@ Engine (loadable module) information and`
		`-`
		`- Error Number to Error String Conversion.`
		`-`
		`- -=item B<fipsinstall>`
		`- -`
		`- -FIPS configuration installation.`
		`- -`
		`- =item B<gendsa>`
		`-`
		`- Generation of DSA Private Key from Parameters. Superseded by`
		`- diff -up openssl-3.0.0/doc/man5/config.pod.xxx openssl-3.0.0/doc/man5/config.pod`
		`- --- openssl-3.0.0/doc/man5/config.pod.xxx 2021-11-22 13:24:51.359509501 +0100`
		`- +++ openssl-3.0.0/doc/man5/config.pod 2021-11-22 13:26:02.360121820 +0100`
		`- @@ -573,7 +573,6 @@ configuration files using that syntax wi`
		`- =head1 SEE ALSO`
		`-`
		`- L<openssl-x509(1)>, L<openssl-req(1)>, L<openssl-ca(1)>,`
		`- -L<openssl-fipsinstall(1)>,`
		`- L<ASN1_generate_nconf(3)>,`
		`- L<EVP_set_default_properties(3)>,`
		`- L<CONF_modules_load(3)>,`
		`- diff -up openssl-3.0.0/doc/man5/fips_config.pod.xxx openssl-3.0.0/doc/man5/fips_config.pod`
		`- --- openssl-3.0.0/doc/man5/fips_config.pod.xxx 2021-11-22 13:21:13.812636065 +0100`
		`- +++ openssl-3.0.0/doc/man5/fips_config.pod 2021-11-22 13:24:12.278172847 +0100`
		`- @@ -6,106 +6,10 @@ fips_config - OpenSSL FIPS configuration`
		`-`
		`- =head1 DESCRIPTION`
		`-`
		`- -A separate configuration file, using the OpenSSL L<config(5)> syntax,`
		`- -is used to hold information about the FIPS module. This includes a digest`
		`- -of the shared library file, and status about the self-testing.`
		`- -This data is used automatically by the module itself for two`
		`- -purposes:`
		`- -`
		`- -=over 4`
		`- -`
		`- -=item - Run the startup FIPS self-test known answer tests (KATS).`
		`- -`
		`- -This is normally done once, at installation time, but may also be set up to`
		`- -run each time the module is used.`
		`- -`
		`- -=item - Verify the module's checksum.`
		`- -`
		`- -This is done each time the module is used.`
		`- -`
		`- -=back`
		`- -`
		`- -This file is generated by the L<openssl-fipsinstall(1)> program, and`
		`- -used internally by the FIPS module during its initialization.`
		`- -`
		`- -The following options are supported. They should all appear in a section`
		`- -whose name is identified by the B<fips> option in the B<providers>`
		`- -section, as described in L<config(5)/Provider Configuration Module>.`
		`- -`
		`- -=over 4`
		`- -`
		`- -=item B<activate>`
		`- -`
		`- -If present, the module is activated. The value assigned to this name is not`
		`- -significant.`
		`- -`
		`- -=item B<install-version>`
		`- -`
		`- -A version number for the fips install process. Should be 1.`
		`- -`
		`- -=item B<conditional-errors>`
		`- -`
		`- -The FIPS module normally enters an internal error mode if any self test fails.`
		`- -Once this error mode is active, no services or cryptographic algorithms are`
		`- -accessible from this point on.`
		`- -Continuous tests are a subset of the self tests (e.g., a key pair test during key`
		`- -generation, or the CRNG output test).`
		`- -Setting this value to C<0> allows the error mode to not be triggered if any`
		`- -continuous test fails. The default value of C<1> will trigger the error mode.`
		`- -Regardless of the value, the operation (e.g., key generation) that called the`
		`- -continuous test will return an error code if its continuous test fails. The`
		`- -operation may then be retried if the error mode has not been triggered.`
		`- -`
		`- -=item B<security-checks>`
		`- -`
		`- -This indicates if run-time checks related to enforcement of security parameters`
		`- -such as minimum security strength of keys and approved curve names are used.`
		`- -A value of '1' will perform the checks, otherwise if the value is '0' the checks`
		`- -are not performed and FIPS compliance must be done by procedures documented in`
		`- -the relevant Security Policy.`
		`- -`
		`- -=item B<module-mac>`
		`- -`
		`- -The calculated MAC of the FIPS provider file.`
		`- -`
		`- -=item B<install-status>`
		`- -`
		`- -An indicator that the self-tests were successfully run.`
		`- -This should only be written after the module has`
		`- -successfully passed its self tests during installation.`
		`- -If this field is not present, then the self tests will run when the module`
		`- -loads.`
		`- -`
		`- -=item B<install-mac>`
		`- -`
		`- -A MAC of the value of the B<install-status> option, to prevent accidental`
		`- -changes to that value.`
		`- -It is written-to at the same time as B<install-status> is updated.`
		`- -`
		`- -=back`
		`- -`
		`- -For example:`
		`- -`
		`- - [fips_sect]`
		`- - activate = 1`
		`- - install-version = 1`
		`- - conditional-errors = 1`
		`- - security-checks = 1`
		`- - module-mac = 41:D0:FA:C2:5D:41:75:CD:7D:C3:90:55:6F:A4:DC`
		`- - install-mac = FE:10:13:5A:D3:B4:C7:82:1B:1E:17:4C:AC:84:0C`
		`- - install-status = INSTALL_SELF_TEST_KATS_RUN`
		`- -`
		`- -=head1 NOTES`
		`- -`
		`- -When using the FIPS provider, it is recommended that the`
		`- -B<config_diagnostics> option is enabled to prevent accidental use of`
		`- -non-FIPS validated algorithms via broken or mistaken configuration.`
		`- -See L<config(5)>.`
		`- -`
		`- -=head1 SEE ALSO`
		`- -`
		`- -L<config(5)>`
		`- -L<openssl-fipsinstall(1)>`
		`- +This command is disabled in Red Hat Enterprise Linux. The FIPS provider is`
		`- +automatically loaded when the system is booted in FIPS mode, or when the`
		`- +environment variable B<OPENSSL_FORCE_FIPS_MODE> is set. See the documentation`
		`- +for more information.`
		`-`
		`- =head1 HISTORY`
		`-`
		`- diff -up openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod.xxx openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod`
		`- --- openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod.xxx 2021-11-22 13:18:13.850086386 +0100`
		`- +++ openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod 2021-11-22 13:18:24.607179038 +0100`
		`- @@ -388,7 +388,6 @@ A simple self test callback is shown bel`
		`-`
		`- =head1 SEE ALSO`
		`-`
		`- -L<openssl-fipsinstall(1)>,`
		`- L<fips_config(5)>,`
		`- L<OSSL_SELF_TEST_set_callback(3)>,`
		`- L<OSSL_SELF_TEST_new(3)>,`
		`- diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in`
		`- --- openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac 2022-01-11 13:26:33.279906225 +0100`
		`- +++ openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in 2022-01-11 13:33:18.757994419 +0100`
		`- @@ -8,236 +8,11 @@ openssl-fipsinstall - perform FIPS confi`
		`+ diff --git a/doc/man1/openssl-fipsinstall.pod.in b/doc/man1/openssl-fipsinstall.pod.in`
		`+ index b1768b7f91..b6b00e27d8 100644`
		`+ --- a/doc/man1/openssl-fipsinstall.pod.in`
		`+ +++ b/doc/man1/openssl-fipsinstall.pod.in`
		`+ @@ -8,275 +8,9 @@ openssl-fipsinstall - perform FIPS configuration installation`
		`=head1 SYNOPSIS`

		`B<openssl fipsinstall>`
		`@@ -179,14 +50,18 @@`
		`-[B<-macopt> I<nm>:I<v>]`
		`-[B<-noout>]`
		`-[B<-quiet>]`
		`+ -[B<-pedantic>]`
		`-[B<-no_conditional_errors>]`
		`-[B<-no_security_checks>]`
		`+ -[B<-ems_check>]`
		`+ -[B<-no_drbg_truncated_digests>]`
		`-[B<-self_test_onload>]`
		`+ -[B<-self_test_oninstall>]`
		`-[B<-corrupt_desc> I<selftest_description>]`
		`-[B<-corrupt_type> I<selftest_type>]`
		`-[B<-config> I<parent_config>]`
		`-`
		`- =head1 DESCRIPTION`
		`+ -`
		`+ -=head1 DESCRIPTION`
		`-`
		`-This command is used to generate a FIPS module configuration file.`
		`-This configuration file can be used each time a FIPS module is loaded`
		`@@ -315,6 +190,14 @@`
		`-`
		`-Disable logging of the self tests.`
		`-`
		`+ -=item B<-pedantic>`
		`+ -`
		`+ -Configure the module so that it is strictly FIPS compliant rather`
		`+ -than being backwards compatible. This enables conditional errors,`
		`+ -security checks etc. Note that any previous configuration options will`
		`+ -be overwritten and any subsequent configuration options that violate`
		`+ -FIPS compliance will result in an error.`
		`+ -`
		`-=item B<-no_conditional_errors>`
		`-`
		`-Configure the module to not enter an error state if a conditional self test`
		`@@ -324,6 +207,20 @@`
		`-`
		`-Configure the module to not perform run-time security checks as described above.`
		`-`
		`+ -Enabling the configuration option "no-fips-securitychecks" provides another way to`
		`+ -turn off the check at compile time.`
		`+ -`
		`+ -=item B<-ems_check>`
		`+ -`
		`+ -Configure the module to enable a run-time Extended Master Secret (EMS) check`
		`+ -when using the TLS1_PRF KDF algorithm. This check is disabled by default.`
		`+ -See RFC 7627 for information related to EMS.`
		`+ -`
		`+ -=item B<-no_drbg_truncated_digests>`
		`+ -`
		`+ -Configure the module to not allow truncated digests to be used with Hash and`
		`+ -HMAC DRBGs. See FIPS 140-3 IG D.R for details.`
		`+ -`
		`-=item B<-self_test_onload>`
		`-`
		`-Do not write the two fields related to the "test status indicator" and`
		`@@ -334,6 +231,14 @@`
		`-could possibly then add the 2 fields into the configuration using some other`
		`-mechanism.`
		`-`
		`+ -This is the default.`
		`+ -`
		`+ -=item B<-self_test_oninstall>`
		`+ -`
		`+ -The converse of B<-self_test_oninstall>. The two fields related to the`
		`+ -"test status indicator" and "MAC status indicator" are written to the`
		`+ -output configuration file.`
		`+ -`
		`-=item B<-quiet>`
		`-`
		`-Do not output pass/fail messages. Implies B<-noout>.`
		`@@ -369,6 +274,11 @@`
		`-For normal usage the base configuration file should use the default provider`
		`-when generating the fips configuration file.`
		`-`
		`+ -The B<-self_test_oninstall> option was added and the`
		`+ -B<-self_test_onload> option was made the default in OpenSSL 3.1.`
		`+ -`
		`+ -The command and all remaining options were added in OpenSSL 3.0.`
		`+ -`
		`-=head1 EXAMPLES`
		`-`
		`-Calculate the mac of a FIPS module F<fips.so> and run a FIPS self test`
		`@@ -404,3 +314,160 @@`

		`=head1 COPYRIGHT`

		`+ diff --git a/doc/man1/openssl.pod b/doc/man1/openssl.pod`
		`+ index d9c22a580f..d5ec3b9a6a 100644`
		`+ --- a/doc/man1/openssl.pod`
		`+ +++ b/doc/man1/openssl.pod`
		`+ @@ -135,10 +135,6 @@ Engine (loadable module) information and manipulation.`
		`+`
		`+ Error Number to Error String Conversion.`
		`+`
		`+ -=item B<fipsinstall>`
		`+ -`
		`+ -FIPS configuration installation.`
		`+ -`
		`+ =item B<gendsa>`
		`+`
		`+ Generation of DSA Private Key from Parameters. Superseded by`
		`+ diff --git a/doc/man5/config.pod b/doc/man5/config.pod`
		`+ index 714a10437b..bd05736220 100644`
		`+ --- a/doc/man5/config.pod`
		`+ +++ b/doc/man5/config.pod`
		`+ @@ -573,7 +573,6 @@ configuration files using that syntax will have to be modified.`
		`+ =head1 SEE ALSO`
		`+`
		`+ L<openssl-x509(1)>, L<openssl-req(1)>, L<openssl-ca(1)>,`
		`+ -L<openssl-fipsinstall(1)>,`
		`+ L<ASN1_generate_nconf(3)>,`
		`+ L<EVP_set_default_properties(3)>,`
		`+ L<CONF_modules_load(3)>,`
		`+ diff --git a/doc/man5/fips_config.pod b/doc/man5/fips_config.pod`
		`+ index 2255464304..1c15e32a5c 100644`
		`+ --- a/doc/man5/fips_config.pod`
		`+ +++ b/doc/man5/fips_config.pod`
		`+ @@ -6,106 +6,10 @@ fips_config - OpenSSL FIPS configuration`
		`+`
		`+ =head1 DESCRIPTION`
		`+`
		`+ -A separate configuration file, using the OpenSSL L<config(5)> syntax,`
		`+ -is used to hold information about the FIPS module. This includes a digest`
		`+ -of the shared library file, and status about the self-testing.`
		`+ -This data is used automatically by the module itself for two`
		`+ -purposes:`
		`+ -`
		`+ -=over 4`
		`+ -`
		`+ -=item - Run the startup FIPS self-test known answer tests (KATS).`
		`+ -`
		`+ -This is normally done once, at installation time, but may also be set up to`
		`+ -run each time the module is used.`
		`+ -`
		`+ -=item - Verify the module's checksum.`
		`+ -`
		`+ -This is done each time the module is used.`
		`+ -`
		`+ -=back`
		`+ -`
		`+ -This file is generated by the L<openssl-fipsinstall(1)> program, and`
		`+ -used internally by the FIPS module during its initialization.`
		`+ -`
		`+ -The following options are supported. They should all appear in a section`
		`+ -whose name is identified by the B<fips> option in the B<providers>`
		`+ -section, as described in L<config(5)/Provider Configuration Module>.`
		`+ -`
		`+ -=over 4`
		`+ -`
		`+ -=item B<activate>`
		`+ -`
		`+ -If present, the module is activated. The value assigned to this name is not`
		`+ -significant.`
		`+ -`
		`+ -=item B<install-version>`
		`+ -`
		`+ -A version number for the fips install process. Should be 1.`
		`+ -`
		`+ -=item B<conditional-errors>`
		`+ -`
		`+ -The FIPS module normally enters an internal error mode if any self test fails.`
		`+ -Once this error mode is active, no services or cryptographic algorithms are`
		`+ -accessible from this point on.`
		`+ -Continuous tests are a subset of the self tests (e.g., a key pair test during key`
		`+ -generation, or the CRNG output test).`
		`+ -Setting this value to C<0> allows the error mode to not be triggered if any`
		`+ -continuous test fails. The default value of C<1> will trigger the error mode.`
		`+ -Regardless of the value, the operation (e.g., key generation) that called the`
		`+ -continuous test will return an error code if its continuous test fails. The`
		`+ -operation may then be retried if the error mode has not been triggered.`
		`+ -`
		`+ -=item B<security-checks>`
		`+ -`
		`+ -This indicates if run-time checks related to enforcement of security parameters`
		`+ -such as minimum security strength of keys and approved curve names are used.`
		`+ -A value of '1' will perform the checks, otherwise if the value is '0' the checks`
		`+ -are not performed and FIPS compliance must be done by procedures documented in`
		`+ -the relevant Security Policy.`
		`+ -`
		`+ -=item B<module-mac>`
		`+ -`
		`+ -The calculated MAC of the FIPS provider file.`
		`+ -`
		`+ -=item B<install-status>`
		`+ -`
		`+ -An indicator that the self-tests were successfully run.`
		`+ -This should only be written after the module has`
		`+ -successfully passed its self tests during installation.`
		`+ -If this field is not present, then the self tests will run when the module`
		`+ -loads.`
		`+ -`
		`+ -=item B<install-mac>`
		`+ -`
		`+ -A MAC of the value of the B<install-status> option, to prevent accidental`
		`+ -changes to that value.`
		`+ -It is written-to at the same time as B<install-status> is updated.`
		`+ -`
		`+ -=back`
		`+ -`
		`+ -For example:`
		`+ -`
		`+ - [fips_sect]`
		`+ - activate = 1`
		`+ - install-version = 1`
		`+ - conditional-errors = 1`
		`+ - security-checks = 1`
		`+ - module-mac = 41:D0:FA:C2:5D:41:75:CD:7D:C3:90:55:6F:A4:DC`
		`+ - install-mac = FE:10:13:5A:D3:B4:C7:82:1B:1E:17:4C:AC:84:0C`
		`+ - install-status = INSTALL_SELF_TEST_KATS_RUN`
		`+ -`
		`+ -=head1 NOTES`
		`+ -`
		`+ -When using the FIPS provider, it is recommended that the`
		`+ -B<config_diagnostics> option is enabled to prevent accidental use of`
		`+ -non-FIPS validated algorithms via broken or mistaken configuration.`
		`+ -See L<config(5)>.`
		`+ -`
		`+ -=head1 SEE ALSO`
		`+ -`
		`+ -L<config(5)>`
		`+ -L<openssl-fipsinstall(1)>`
		`+ +This command is disabled in Red Hat Enterprise Linux. The FIPS provider is`
		`+ +automatically loaded when the system is booted in FIPS mode, or when the`
		`+ +environment variable B<OPENSSL_FORCE_FIPS_MODE> is set. See the documentation`
		`+ +for more information.`
		`+`
		`+ =head1 HISTORY`
		`+`
		`+ diff --git a/doc/man7/OSSL_PROVIDER-FIPS.pod b/doc/man7/OSSL_PROVIDER-FIPS.pod`
		`+ index 4f908888ba..ef00247770 100644`
		`+ --- a/doc/man7/OSSL_PROVIDER-FIPS.pod`
		`+ +++ b/doc/man7/OSSL_PROVIDER-FIPS.pod`
		`+ @@ -444,7 +444,6 @@ want to operate in a FIPS approved manner. The algorithms are:`
		`+`
		`+ =head1 SEE ALSO`
		`+`
		`+ -L<openssl-fipsinstall(1)>,`
		`+ L<fips_config(5)>,`
		`+ L<OSSL_SELF_TEST_set_callback(3)>,`
		`+ L<OSSL_SELF_TEST_new(3)>,`
		`+ --`
		`+ 2.41.0`
		`+`

0035-speed-skip-unavailable-dgst.patch

file modified

+22 -4

		`@@ -1,7 +1,22 @@`
		`- diff -up openssl-3.0.0/apps/speed.c.beldmit openssl-3.0.0/apps/speed.c`
		`- --- openssl-3.0.0/apps/speed.c.beldmit 2021-12-21 15:14:04.210431584 +0100`
		`- +++ openssl-3.0.0/apps/speed.c 2021-12-21 15:46:05.554085125 +0100`
		`- @@ -547,6 +547,9 @@ static int EVP_MAC_loop(int algindex, vo`
		`+ From 213f38dc580d39f2cb46592b5e6db585fc6a650f Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 19/35] 0035-speed-skip-unavailable-dgst.patch`
		`+`
		`+ Patch-name: 0035-speed-skip-unavailable-dgst.patch`
		`+ Patch-id: 35`
		`+ Patch-status: \|`
		+ # Skip unavailable algorithms running `openssl speed`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ apps/speed.c \| 3 +++`
		`+ 1 file changed, 3 insertions(+)`
		`+`
		`+ diff --git a/apps/speed.c b/apps/speed.c`
		`+ index d527f12f18..2ff3eb53bd 100644`
		`+ --- a/apps/speed.c`
		`+ +++ b/apps/speed.c`
		`+ @@ -610,6 +610,9 @@ static int EVP_MAC_loop(int algindex, void *args)`
		`for (count = 0; COND(c[algindex][testnum]); count++) {`
		`size_t outl;`

		`@@ -11,3 +26,6 @@`
		`if (!EVP_MAC_init(mctx, NULL, 0, NULL)`
		`\|\| !EVP_MAC_update(mctx, buf, lengths[testnum])`
		`\|\| !EVP_MAC_final(mctx, mac, &outl, sizeof(mac)))`
		`+ --`
		`+ 2.41.0`
		`+`

0044-FIPS-140-3-keychecks.patch

file modified

+61 -55

		`@@ -1,7 +1,24 @@`
		`- diff -up openssl-3.0.1/crypto/dh/dh_key.c.fips3 openssl-3.0.1/crypto/dh/dh_key.c`
		`- --- openssl-3.0.1/crypto/dh/dh_key.c.fips3 2022-07-18 16:01:41.159543735 +0200`
		`- +++ openssl-3.0.1/crypto/dh/dh_key.c 2022-07-18 16:24:30.251388248 +0200`
		`- @@ -43,6 +43,9 @@ int ossl_dh_compute_key(unsigned char *k`
		`+ From bdf751d87be5dfb3164264ebcdbc0c0374d3eabf Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 20/35] 0044-FIPS-140-3-keychecks.patch`
		`+`
		`+ Patch-name: 0044-FIPS-140-3-keychecks.patch`
		`+ Patch-id: 44`
		`+ Patch-status: \|`
		`+ # Extra public/private key checks required by FIPS-140-3`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ crypto/dh/dh_key.c \| 28 ++++++++++++`
		`+ crypto/rsa/rsa_gen.c \| 44 ++++++++-----------`
		`+ .../implementations/exchange/ecdh_exch.c \| 19 ++++++++`
		`+ 3 files changed, 65 insertions(+), 26 deletions(-)`
		`+`
		`+ diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c`
		`+ index 4e9705beef..cb9e641f54 100644`
		`+ --- a/crypto/dh/dh_key.c`
		`+ +++ b/crypto/dh/dh_key.c`
		`+ @@ -43,6 +43,9 @@ int ossl_dh_compute_key(unsigned char key, const BIGNUM pub_key, DH *dh)`
		`BN_MONT_CTX *mont = NULL;`
		`BIGNUM z = NULL, pminus1;`
		`int ret = -1;`
		`@@ -11,7 +28,7 @@`

		`if (BN_num_bits(dh->params.p) > OPENSSL_DH_MAX_MODULUS_BITS) {`
		`ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_LARGE);`
		`- @@ -54,6 +57,13 @@ int ossl_dh_compute_key(unsigned char *k`
		`+ @@ -54,6 +57,13 @@ int ossl_dh_compute_key(unsigned char key, const BIGNUM pub_key, DH *dh)`
		`return 0;`
		`}`

		`@@ -59,54 +76,10 @@`
		`dh->dirty_cnt++;`
		`ok = 1;`
		`err:`
		`- diff -up openssl-3.0.1/crypto/ec/ec_key.c.fips3 openssl-3.0.1/crypto/ec/ec_key.c`
		`- diff -up openssl-3.0.1/providers/implementations/exchange/ecdh_exch.c.fips3 openssl-3.0.1/providers/implementations/exchange/ecdh_exch.c`
		`- --- openssl-3.0.1/providers/implementations/exchange/ecdh_exch.c.fips3 2022-07-25 13:42:46.814952053 +0200`
		`- +++ openssl-3.0.1/providers/implementations/exchange/ecdh_exch.c 2022-07-25 13:52:12.292065706 +0200`
		`- @@ -488,6 +488,25 @@ int ecdh_plain_derive(void *vpecdhctx, u`
		`- }`
		`-`
		`- ppubkey = EC_KEY_get0_public_key(pecdhctx->peerk);`
		`- +#ifdef FIPS_MODULE`
		`- + {`
		`- + BN_CTX *bn_ctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(privk));`
		`- + int check = 0;`
		`- +`
		`- + if (bn_ctx == NULL) {`
		`- + ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);`
		`- + goto end;`
		`- + }`
		`- +`
		`- + check = ossl_ec_key_public_check(pecdhctx->peerk, bn_ctx);`
		`- + BN_CTX_free(bn_ctx);`
		`- +`
		`- + if (check <= 0) {`
		`- + ERR_raise(ERR_LIB_PROV, EC_R_INVALID_PEER_KEY);`
		`- + goto end;`
		`- + }`
		`- + }`
		`- +#endif`
		`-`
		`- retlen = ECDH_compute_key(secret, size, ppubkey, privk, NULL);`
		`-`
		`- diff -up openssl-3.0.1/crypto/ec/ec_key.c.fips3 openssl-3.0.1/crypto/ec/ec_key.c`
		`- --- openssl-3.0.1/crypto/ec/ec_key.c.fips3 2022-07-25 14:03:34.420222507 +0200`
		`- +++ openssl-3.0.1/crypto/ec/ec_key.c 2022-07-25 14:09:00.728164294 +0200`
		`- @@ -336,6 +336,11 @@ static int ec_generate_key(EC_KEY *eckey`
		`-`
		`- OSSL_SELF_TEST_get_callback(eckey->libctx, &cb, &cbarg);`
		`- ok = ecdsa_keygen_pairwise_test(eckey, cb, cbarg);`
		`- +`
		`- +#ifdef FIPS_MODULE`
		`- + ok &= ossl_ec_key_public_check(eckey, ctx);`
		`- + ok &= ossl_ec_key_pairwise_check(eckey, ctx);`
		`- +#endif /* FIPS_MODULE */`
		`- }`
		`- err:`
		`- /* Step (9): If there is an error return an invalid keypair. */`
		`- diff -up openssl-3.0.1/crypto/rsa/rsa_gen.c.fips3 openssl-3.0.1/crypto/rsa/rsa_gen.c`
		`- --- openssl-3.0.1/crypto/rsa/rsa_gen.c.fips3 2022-07-25 17:02:17.807271297 +0200`
		`- +++ openssl-3.0.1/crypto/rsa/rsa_gen.c 2022-07-25 17:18:24.931959649 +0200`
		`+ diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c`
		`+ index e0d139d312..de9cedb64b 100644`
		`+ --- a/crypto/rsa/rsa_gen.c`
		`+ +++ b/crypto/rsa/rsa_gen.c`
		`@@ -23,6 +23,7 @@`
		`#include <time.h>`
		`#include "internal/cryptlib.h"`
		`@@ -115,7 +88,7 @@`
		`#include <openssl/self_test.h>`
		`#include "prov/providercommon.h"`
		`#include "rsa_local.h"`
		`- @@ -476,52 +476,43 @@ static int rsa_keygen(OSSL_LIB_CTX *libc`
		`+ @@ -478,52 +479,43 @@ static int rsa_keygen(OSSL_LIB_CTX libctx, RSA rsa, int bits, int primes,`
		`static int rsa_keygen_pairwise_test(RSA rsa, OSSL_CALLBACK cb, void *cbarg)`
		`{`
		`int ret = 0;`
		`@@ -143,13 +116,13 @@`
		`OSSL_SELF_TEST_DESC_PCT_RSA_PKCS1);`

		`- ciphertxt_len = RSA_size(rsa);`
		`- + signature_len = RSA_size(rsa);`
		`- /*`
		`- * RSA_private_encrypt() and RSA_private_decrypt() requires the 'to'`
		`- * parameter to be a maximum of RSA_size() - allocate space for both.`
		`- */`
		`- ciphertxt = OPENSSL_zalloc(ciphertxt_len * 2);`
		`- if (ciphertxt == NULL)`
		`+ + signature_len = RSA_size(rsa);`
		`+ signature = OPENSSL_zalloc(signature_len);`
		`+ if (signature == NULL)`
		`goto err;`
		`@@ -185,3 +158,36 @@`

		`return ret;`
		`}`
		`+ diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c`
		`+ index 43caedb6df..73873f9758 100644`
		`+ --- a/providers/implementations/exchange/ecdh_exch.c`
		`+ +++ b/providers/implementations/exchange/ecdh_exch.c`
		`+ @@ -489,6 +489,25 @@ int ecdh_plain_derive(void vpecdhctx, unsigned char secret,`
		`+ }`
		`+`
		`+ ppubkey = EC_KEY_get0_public_key(pecdhctx->peerk);`
		`+ +#ifdef FIPS_MODULE`
		`+ + {`
		`+ + BN_CTX *bn_ctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(privk));`
		`+ + int check = 0;`
		`+ +`
		`+ + if (bn_ctx == NULL) {`
		`+ + ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);`
		`+ + goto end;`
		`+ + }`
		`+ +`
		`+ + check = ossl_ec_key_public_check(pecdhctx->peerk, bn_ctx);`
		`+ + BN_CTX_free(bn_ctx);`
		`+ +`
		`+ + if (check <= 0) {`
		`+ + ERR_raise(ERR_LIB_PROV, EC_R_INVALID_PEER_KEY);`
		`+ + goto end;`
		`+ + }`
		`+ + }`
		`+ +#endif`
		`+`
		`+ retlen = ECDH_compute_key(secret, size, ppubkey, privk, NULL);`
		`+`
		`+ --`
		`+ 2.41.0`
		`+`

0045-FIPS-services-minimize.patch

file modified

+335 -307

		`@@ -1,7 +1,64 @@`
		`- diff -up openssl-3.0.1/providers/common/capabilities.c.fipsmin3 openssl-3.0.1/providers/common/capabilities.c`
		`- --- openssl-3.0.1/providers/common/capabilities.c.fipsmin3 2022-05-05 17:11:36.146638536 +0200`
		`- +++ openssl-3.0.1/providers/common/capabilities.c 2022-05-05 17:12:00.138848787 +0200`
		`- @@ -186,9 +186,9 @@ static const OSSL_PARAM param_group_list`
		`+ From 8da97ba910507ea36fecd374ab896f80d150a7e7 Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 21/35] 0045-FIPS-services-minimize.patch`
		`+`
		`+ Patch-name: 0045-FIPS-services-minimize.patch`
		`+ Patch-id: 45`
		`+ Patch-status: \|`
		`+ # Minimize fips services`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ apps/ecparam.c \| 3 ++`
		`+ apps/req.c \| 2 +-`
		`+ providers/common/capabilities.c \| 2 +-`
		`+ providers/fips/fipsprov.c \| 45 +++++++++++--------`
		`+ providers/fips/self_test_data.inc \| 12 +++--`
		`+ providers/implementations/signature/rsa_sig.c \| 13 ++++++`
		`+ ssl/ssl_ciph.c \| 3 ++`
		`+ test/acvp_test.c \| 2 +`
		`+ test/endecode_test.c \| 4 ++`
		`+ test/evp_libctx_test.c \| 9 +++-`
		`+ test/recipes/15-test_gendsa.t \| 2 +-`
		`+ test/recipes/20-test_cli_fips.t \| 3 +-`
		`+ test/recipes/30-test_evp.t \| 16 +++----`
		`+ .../30-test_evp_data/evpmac_common.txt \| 22 +++++++++`
		`+ test/recipes/80-test_cms.t \| 22 ++++-----`
		`+ test/recipes/80-test_ssl_old.t \| 2 +-`
		`+ 16 files changed, 112 insertions(+), 50 deletions(-)`
		`+`
		`+ diff --git a/apps/ecparam.c b/apps/ecparam.c`
		`+ index 9e9ad13683..fc125a45c9 100644`
		`+ --- a/apps/ecparam.c`
		`+ +++ b/apps/ecparam.c`
		`+ @@ -79,6 +79,9 @@ static int list_builtin_curves(BIO *out)`
		`+ const char *comment = curves[n].comment;`
		`+ const char *sname = OBJ_nid2sn(curves[n].nid);`
		`+`
		`+ + if ((curves[n].nid == NID_secp256k1) && EVP_default_properties_is_fips_enabled(NULL))`
		`+ + continue;`
		`+ +`
		`+ if (comment == NULL)`
		`+ comment = "CURVE DESCRIPTION NOT AVAILABLE";`
		`+ if (sname == NULL)`
		`+ diff --git a/apps/req.c b/apps/req.c`
		`+ index 23757044ab..5916914978 100644`
		`+ --- a/apps/req.c`
		`+ +++ b/apps/req.c`
		`+ @@ -266,7 +266,7 @@ int req_main(int argc, char **argv)`
		`+ unsigned long chtype = MBSTRING_ASC, reqflag = 0;`
		`+`
		`+ #ifndef OPENSSL_NO_DES`
		`+ - cipher = (EVP_CIPHER *)EVP_des_ede3_cbc();`
		`+ + cipher = (EVP_CIPHER *)EVP_aes_256_cbc();`
		`+ #endif`
		`+`
		`+ prog = opt_init(argc, argv, req_options);`
		`+ diff --git a/providers/common/capabilities.c b/providers/common/capabilities.c`
		`+ index ed37e76969..eb836dfa6a 100644`
		`+ --- a/providers/common/capabilities.c`
		`+ +++ b/providers/common/capabilities.c`
		`+ @@ -186,9 +186,9 @@ static const OSSL_PARAM param_group_list[][10] = {`
		`TLS_GROUP_ENTRY("brainpoolP256r1", "brainpoolP256r1", "EC", 25),`
		`TLS_GROUP_ENTRY("brainpoolP384r1", "brainpoolP384r1", "EC", 26),`
		`TLS_GROUP_ENTRY("brainpoolP512r1", "brainpoolP512r1", "EC", 27),`
		`@@ -12,19 +69,12 @@`
		`# endif /* OPENSSL_NO_EC */`
		`# ifndef OPENSSL_NO_DH`
		`/* Security bit values for FFDHE groups are as per RFC 7919 */`
		`- diff -up openssl-3.0.1/providers/fips/fipsprov.c.fipsmin2 openssl-3.0.1/providers/fips/fipsprov.c`
		`- --- openssl-3.0.1/providers/fips/fipsprov.c.fipsmin2 2022-05-05 11:42:58.596848856 +0200`
		`- +++ openssl-3.0.1/providers/fips/fipsprov.c 2022-05-05 11:55:42.997562712 +0200`
		`- @@ -54,7 +54,6 @@ static void fips_deinit_casecmp(void);`
		`-`
		`- #define ALGC(NAMES, FUNC, CHECK) { { NAMES, FIPS_DEFAULT_PROPERTIES, FUNC }, CHECK }`
		`- #define ALG(NAMES, FUNC) ALGC(NAMES, FUNC, NULL)`
		`- -`
		`- extern OSSL_FUNC_core_thread_start_fn *c_thread_start;`
		`- int FIPS_security_check_enabled(OSSL_LIB_CTX *libctx);`
		`-`
		`- @@ -191,13 +190,13 @@ static int fips_get_params(void *provctx`
		`- &fips_prov_ossl_ctx_method);`
		`+ diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c`
		`+ index 518226dfc6..73bb96dece 100644`
		`+ --- a/providers/fips/fipsprov.c`
		`+ +++ b/providers/fips/fipsprov.c`
		`+ @@ -199,13 +199,13 @@ static int fips_get_params(void *provctx, OSSL_PARAM params[])`
		`+ OSSL_LIB_CTX_FIPS_PROV_INDEX);`

		`p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME);`
		`- if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "OpenSSL FIPS Provider"))`
		`@@ -40,7 +90,7 @@`
		`return 0;`
		`p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_STATUS);`
		`if (p != NULL && !OSSL_PARAM_set_int(p, ossl_prov_is_running()))`
		`- @@ -281,10 +280,11 @@ static const OSSL_ALGORITHM fips_digests`
		`+ @@ -298,10 +298,11 @@ static const OSSL_ALGORITHM fips_digests[] = {`
		`* KECCAK-KMAC-128 and KECCAK-KMAC-256 as hashes are mostly useful for`
		`* KMAC128 and KMAC256.`
		`*/`
		`@@ -54,19 +104,19 @@`
		`{ NULL, NULL, NULL }`
		`};`

		`- @@ -343,8 +343,9 @@ static const OSSL_ALGORITHM_CAPABLE fips`
		`+ @@ -360,8 +361,9 @@ static const OSSL_ALGORITHM_CAPABLE fips_ciphers[] = {`
		`ALGC(PROV_NAMES_AES_256_CBC_HMAC_SHA256, ossl_aes256cbc_hmac_sha256_functions,`
		`ossl_cipher_capable_aes_cbc_hmac_sha256),`
		`#ifndef OPENSSL_NO_DES`
		`- - ALG(PROV_NAMES_DES_EDE3_ECB, ossl_tdes_ede3_ecb_functions),`
		`- - ALG(PROV_NAMES_DES_EDE3_CBC, ossl_tdes_ede3_cbc_functions),`
		`+ - UNAPPROVED_ALG(PROV_NAMES_DES_EDE3_ECB, ossl_tdes_ede3_ecb_functions),`
		`+ - UNAPPROVED_ALG(PROV_NAMES_DES_EDE3_CBC, ossl_tdes_ede3_cbc_functions),`
		`+ /* We don't certify 3DES in our FIPS provider */`
		`+ /* ALG(PROV_NAMES_DES_EDE3_ECB, ossl_tdes_ede3_ecb_functions),`
		`+ ALG(PROV_NAMES_DES_EDE3_CBC, ossl_tdes_ede3_cbc_functions), */`
		`#endif /* OPENSSL_NO_DES */`
		`{ { NULL, NULL, NULL }, NULL }`
		`};`
		`- @@ -356,8 +357,9 @@ static const OSSL_ALGORITHM fips_macs[]`
		`+ @@ -373,8 +375,9 @@ static const OSSL_ALGORITHM fips_macs[] = {`
		`#endif`
		`{ PROV_NAMES_GMAC, FIPS_DEFAULT_PROPERTIES, ossl_gmac_functions },`
		`{ PROV_NAMES_HMAC, FIPS_DEFAULT_PROPERTIES, ossl_hmac_functions },`
		`@@ -78,7 +128,7 @@`
		`{ NULL, NULL, NULL }`
		`};`

		`- @@ -392,8 +394,9 @@ static const OSSL_ALGORITHM fips_keyexch`
		`+ @@ -409,8 +412,9 @@ static const OSSL_ALGORITHM fips_keyexch[] = {`
		`#endif`
		`#ifndef OPENSSL_NO_EC`
		`{ PROV_NAMES_ECDH, FIPS_DEFAULT_PROPERTIES, ossl_ecdh_keyexch_functions },`
		`@@ -90,7 +140,7 @@`
		`#endif`
		`{ PROV_NAMES_TLS1_PRF, FIPS_DEFAULT_PROPERTIES,`
		`ossl_kdf_tls1_prf_keyexch_functions },`
		`- @@ -403,12 +406,14 @@ static const OSSL_ALGORITHM fips_keyexch`
		`+ @@ -420,13 +424,14 @@ static const OSSL_ALGORITHM fips_keyexch[] = {`

		`static const OSSL_ALGORITHM fips_signature[] = {`
		`#ifndef OPENSSL_NO_DSA`
		`@@ -100,15 +150,16 @@`
		`#endif`
		`{ PROV_NAMES_RSA, FIPS_DEFAULT_PROPERTIES, ossl_rsa_signature_functions },`
		`#ifndef OPENSSL_NO_EC`
		`- - { PROV_NAMES_ED25519, FIPS_DEFAULT_PROPERTIES, ossl_ed25519_signature_functions },`
		`- - { PROV_NAMES_ED448, FIPS_DEFAULT_PROPERTIES, ossl_ed448_signature_functions },`
		`+ - { PROV_NAMES_ED25519, FIPS_UNAPPROVED_PROPERTIES,`
		`+ - ossl_ed25519_signature_functions },`
		`+ - { PROV_NAMES_ED448, FIPS_UNAPPROVED_PROPERTIES, ossl_ed448_signature_functions },`
		`+ /* We don't certify Edwards curves in our FIPS provider */`
		`+ /* { PROV_NAMES_ED25519, FIPS_DEFAULT_PROPERTIES, ossl_ed25519_signature_functions },`
		`+ { PROV_NAMES_ED448, FIPS_DEFAULT_PROPERTIES, ossl_ed448_signature_functions }, */`
		`{ PROV_NAMES_ECDSA, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_signature_functions },`
		`#endif`
		`{ PROV_NAMES_HMAC, FIPS_DEFAULT_PROPERTIES,`
		`- @@ -438,8 +443,9 @@ static const OSSL_ALGORITHM fips_keymgmt`
		`+ @@ -456,8 +461,9 @@ static const OSSL_ALGORITHM fips_keymgmt[] = {`
		`PROV_DESCS_DHX },`
		`#endif`
		`#ifndef OPENSSL_NO_DSA`
		`@@ -120,7 +171,7 @@`
		`#endif`
		`{ PROV_NAMES_RSA, FIPS_DEFAULT_PROPERTIES, ossl_rsa_keymgmt_functions,`
		`PROV_DESCS_RSA },`
		`- @@ -448,14 +454,15 @@ static const OSSL_ALGORITHM fips_keymgmt`
		`+ @@ -466,14 +472,15 @@ static const OSSL_ALGORITHM fips_keymgmt[] = {`
		`#ifndef OPENSSL_NO_EC`
		`{ PROV_NAMES_EC, FIPS_DEFAULT_PROPERTIES, ossl_ec_keymgmt_functions,`
		`PROV_DESCS_EC },`
		`@@ -130,18 +181,19 @@`
		`PROV_DESCS_X25519 },`
		`{ PROV_NAMES_X448, FIPS_DEFAULT_PROPERTIES, ossl_x448_keymgmt_functions,`
		`PROV_DESCS_X448 },`
		`- { PROV_NAMES_ED25519, FIPS_DEFAULT_PROPERTIES, ossl_ed25519_keymgmt_functions,`
		`+ { PROV_NAMES_ED25519, FIPS_UNAPPROVED_PROPERTIES, ossl_ed25519_keymgmt_functions,`
		`PROV_DESCS_ED25519 },`
		`- { PROV_NAMES_ED448, FIPS_DEFAULT_PROPERTIES, ossl_ed448_keymgmt_functions,`
		`+ { PROV_NAMES_ED448, FIPS_UNAPPROVED_PROPERTIES, ossl_ed448_keymgmt_functions,`
		`- PROV_DESCS_ED448 },`
		`+ PROV_DESCS_ED448 }, */`
		`#endif`
		`{ PROV_NAMES_TLS1_PRF, FIPS_DEFAULT_PROPERTIES, ossl_kdf_keymgmt_functions,`
		`PROV_DESCS_TLS1_PRF_SIGN },`
		`- diff -up openssl-3.0.1/providers/fips/self_test_data.inc.fipsmin3 openssl-3.0.1/providers/fips/self_test_data.inc`
		`- --- openssl-3.0.1/providers/fips/self_test_data.inc.fipsmin3 2022-05-05 12:36:32.335069046 +0200`
		`- +++ openssl-3.0.1/providers/fips/self_test_data.inc 2022-05-05 12:40:02.427966128 +0200`
		`- @@ -171,6 +171,7 @@ static const ST_KAT_DIGEST st_kat_digest`
		`+ diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc`
		`+ index 2057378d3d..e0fdc0daa4 100644`
		`+ --- a/providers/fips/self_test_data.inc`
		`+ +++ b/providers/fips/self_test_data.inc`
		`+ @@ -177,6 +177,7 @@ static const ST_KAT_DIGEST st_kat_digest_tests[] =`
		`/- CIPHER TEST DATA /`

		`/* DES3 test data */`
		`@@ -149,7 +201,7 @@`
		`static const unsigned char des_ede3_cbc_pt[] = {`
		`0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,`
		`0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,`
		`- @@ -191,7 +192,7 @@ static const unsigned char des_ede3_cbc_`
		`+ @@ -197,7 +198,7 @@ static const unsigned char des_ede3_cbc_ct[] = {`
		`0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,`
		`0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7`
		`};`
		`@@ -158,23 +210,7 @@`
		`/* AES-256 GCM test data */`
		`static const unsigned char aes_256_gcm_key[] = {`
		`0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c,`
		`- @@ -235,6 +236,7 @@ static const unsigned char aes_128_ecb_c`
		`- };`
		`-`
		`- static const ST_KAT_CIPHER st_kat_cipher_tests[] = {`
		`- +#if 0`
		`- #ifndef OPENSSL_NO_DES`
		`- {`
		`- {`
		`- @@ -248,6 +250,7 @@ static const ST_KAT_CIPHER st_kat_cipher`
		`- ITM(des_ede3_cbc_iv),`
		`- },`
		`- #endif`
		`- +#endif`
		`- {`
		`- {`
		`- OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,`
		`- @@ -1424,8 +1427,9 @@ static const ST_KAT_PARAM ecdsa_bin_key[`
		`+ @@ -1454,8 +1455,9 @@ static const ST_KAT_PARAM ecdsa_bin_key[] = {`
		`# endif /* OPENSSL_NO_EC2M */`
		`#endif /* OPENSSL_NO_EC */`

		`@@ -185,7 +221,7 @@`
		`static const unsigned char dsa_p[] = {`
		`0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,`
		`0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,`
		`- @@ -1549,8 +1553,8 @@ static const ST_KAT_PARAM dsa_key[] = {`
		`+ @@ -1589,8 +1591,8 @@ static const ST_KAT_PARAM dsa_key[] = {`
		`ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dsa_priv),`
		`ST_KAT_PARAM_END()`
		`};`
		`@@ -193,10 +229,10 @@`
		`-`
		`+#endif`
		`+#endif`
		`- static const ST_KAT_SIGN st_kat_sign_tests[] = {`
		`- {`
		`- OSSL_SELF_TEST_DESC_SIGN_RSA,`
		`- @@ -1583,6 +1587,7 @@ static const ST_KAT_SIGN st_kat_sign_tes`
		`+ /* Hash DRBG inputs for signature KATs */`
		`+ static const unsigned char sig_kat_entropyin[] = {`
		`+ 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,`
		`+ @@ -1642,6 +1644,7 @@ static const ST_KAT_SIGN st_kat_sign_tests[] = {`
		`},`
		`# endif`
		`#endif /* OPENSSL_NO_EC */`
		`@@ -204,17 +240,56 @@`
		`#ifndef OPENSSL_NO_DSA`
		`{`
		`OSSL_SELF_TEST_DESC_SIGN_DSA,`
		`- @@ -1595,6 +1600,7 @@ static const ST_KAT_SIGN st_kat_sign_tes`
		`- */`
		`+ @@ -1654,6 +1657,7 @@ static const ST_KAT_SIGN st_kat_sign_tests[] = {`
		`+ ITM(dsa_expected_sig)`
		`},`
		`#endif /* OPENSSL_NO_DSA */`
		`+#endif`
		`};`

		`static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {`
		`- diff -up openssl-3.0.1/test/acvp_test.c.fipsmin2 openssl-3.0.1/test/acvp_test.c`
		`- --- openssl-3.0.1/test/acvp_test.c.fipsmin2 2022-05-05 11:42:58.597848865 +0200`
		`- +++ openssl-3.0.1/test/acvp_test.c 2022-05-05 11:43:30.141126336 +0200`
		`+ diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c`
		`+ index cd5de6bd51..07824e558c 100644`
		`+ --- a/providers/implementations/signature/rsa_sig.c`
		`+ +++ b/providers/implementations/signature/rsa_sig.c`
		`+ @@ -777,6 +777,19 @@ static int rsa_verify(void vprsactx, const unsigned char sig, size_t siglen,`
		`+ {`
		`+ PROV_RSA_CTX prsactx = (PROV_RSA_CTX )vprsactx;`
		`+ size_t rslen;`
		`+ +# ifdef FIPS_MODULE`
		`+ + size_t rsabits = RSA_bits(prsactx->rsa);`
		`+ +`
		`+ + if (rsabits < 2048) {`
		`+ + if (rsabits != 1024`
		`+ + && rsabits != 1280`
		`+ + && rsabits != 1536`
		`+ + && rsabits != 1792) {`
		`+ + ERR_raise(ERR_LIB_FIPS, PROV_R_INVALID_KEY_LENGTH);`
		`+ + return 0;`
		`+ + }`
		`+ + }`
		`+ +# endif`
		`+`
		`+ if (!ossl_prov_is_running())`
		`+ return 0;`
		`+ diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c`
		`+ index a5e60e8839..f9af07d12b 100644`
		`+ --- a/ssl/ssl_ciph.c`
		`+ +++ b/ssl/ssl_ciph.c`
		`+ @@ -356,6 +356,9 @@ int ssl_load_ciphers(SSL_CTX *ctx)`
		`+ ctx->disabled_mkey_mask = 0;`
		`+ ctx->disabled_auth_mask = 0;`
		`+`
		`+ + if (EVP_default_properties_is_fips_enabled(ctx->libctx))`
		`+ + ctx->disabled_mkey_mask \|= SSL_kRSA \| SSL_kRSAPSK;`
		`+ +`
		`+ /*`
		`+ * We ignore any errors from the fetches below. They are expected to fail`
		`+ * if theose algorithms are not available.`
		`+ diff --git a/test/acvp_test.c b/test/acvp_test.c`
		`+ index fee880d441..13d7a0ea8b 100644`
		`+ --- a/test/acvp_test.c`
		`+ +++ b/test/acvp_test.c`
		`@@ -1476,6 +1476,7 @@ int setup_tests(void)`
		`OSSL_NELEM(dh_safe_prime_keyver_data));`
		`#endif /* OPENSSL_NO_DH */`
		`@@ -231,9 +306,43 @@`

		`#ifndef OPENSSL_NO_EC`
		`ADD_ALL_TESTS(ecdsa_keygen_test, OSSL_NELEM(ecdsa_keygen_data));`
		`- diff -up openssl-3.0.1/test/evp_libctx_test.c.fipsmin3 openssl-3.0.1/test/evp_libctx_test.c`
		`- --- openssl-3.0.1/test/evp_libctx_test.c.fipsmin3 2022-05-05 14:18:46.370911817 +0200`
		`- +++ openssl-3.0.1/test/evp_libctx_test.c 2022-05-05 14:30:02.117911993 +0200`
		`+ diff --git a/test/endecode_test.c b/test/endecode_test.c`
		`+ index 9a437d8c64..53385028fc 100644`
		`+ --- a/test/endecode_test.c`
		`+ +++ b/test/endecode_test.c`
		`+ @@ -1407,6 +1407,7 @@ int setup_tests(void)`
		`+ * so no legacy tests.`
		`+ */`
		`+ #endif`
		`+ + if (is_fips == 0) {`
		`+ #ifndef OPENSSL_NO_DSA`
		`+ ADD_TEST_SUITE(DSA);`
		`+ ADD_TEST_SUITE_PARAMS(DSA);`
		`+ @@ -1417,6 +1418,7 @@ int setup_tests(void)`
		`+ ADD_TEST_SUITE_PROTECTED_PVK(DSA);`
		`+ # endif`
		`+ #endif`
		`+ + }`
		`+ #ifndef OPENSSL_NO_EC`
		`+ ADD_TEST_SUITE(EC);`
		`+ ADD_TEST_SUITE_PARAMS(EC);`
		`+ @@ -1431,10 +1433,12 @@ int setup_tests(void)`
		`+ ADD_TEST_SUITE(ECExplicitTri2G);`
		`+ ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);`
		`+ # endif`
		`+ + if (is_fips == 0) {`
		`+ ADD_TEST_SUITE(ED25519);`
		`+ ADD_TEST_SUITE(ED448);`
		`+ ADD_TEST_SUITE(X25519);`
		`+ ADD_TEST_SUITE(X448);`
		`+ + }`
		`+ /*`
		`+ * ED25519, ED448, X25519 and X448 have no support for`
		`+ * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.`
		`+ diff --git a/test/evp_libctx_test.c b/test/evp_libctx_test.c`
		`+ index 2448c35a14..a7913cda4c 100644`
		`+ --- a/test/evp_libctx_test.c`
		`+ +++ b/test/evp_libctx_test.c`
		`@@ -21,6 +21,7 @@`
		`*/`
		`#include "internal/deprecated.h"`
		`@@ -242,8 +351,7 @@`
		`#include <openssl/evp.h>`
		`#include <openssl/provider.h>`
		`#include <openssl/dsa.h>`
		`- @@ -725,8 +726,10 @@ int setup_tests(void)`
		`- if (!test_get_libctx(&libctx, &nullprov, config_file, &libprov, prov_name))`
		`+ @@ -726,7 +727,9 @@ int setup_tests(void)`
		`return 0;`

		`#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DH)`
		`@@ -254,7 +362,7 @@`
		`#endif`
		`#ifndef OPENSSL_NO_DH`
		`ADD_ALL_TESTS(test_dh_safeprime_param_keygen, 3 * 3 * 3);`
		`- @@ -746,7 +750,9 @@ int setup_tests(void)`
		`+ @@ -746,7 +749,9 @@ int setup_tests(void)`
		`ADD_TEST(kem_invalid_keytype);`
		`#endif`
		`#ifndef OPENSSL_NO_DES`
		`@@ -265,9 +373,10 @@`
		`#endif`
		`return 1;`
		`}`
		`- diff -up openssl-3.0.1/test/recipes/15-test_gendsa.t.fipsmin3 openssl-3.0.1/test/recipes/15-test_gendsa.t`
		`- --- openssl-3.0.1/test/recipes/15-test_gendsa.t.fipsmin3 2022-05-05 13:46:00.631590335 +0200`
		`- +++ openssl-3.0.1/test/recipes/15-test_gendsa.t 2022-05-05 13:46:06.999644496 +0200`
		`+ diff --git a/test/recipes/15-test_gendsa.t b/test/recipes/15-test_gendsa.t`
		`+ index b495b08bda..69bd299521 100644`
		`+ --- a/test/recipes/15-test_gendsa.t`
		`+ +++ b/test/recipes/15-test_gendsa.t`
		`@@ -24,7 +24,7 @@ use lib bldtop_dir('.');`
		`plan skip_all => "This test is unsupported in a no-dsa build"`
		`if disabled("dsa");`
		`@@ -277,10 +386,11 @@`

		`plan tests =>`
		`($no_fips ? 0 : 2) # FIPS related tests`
		`- diff -up openssl-3.0.1/test/recipes/20-test_cli_fips.t.fipsmin3 openssl-3.0.1/test/recipes/20-test_cli_fips.t`
		`- --- openssl-3.0.1/test/recipes/20-test_cli_fips.t.fipsmin3 2022-05-05 13:47:55.217564900 +0200`
		`- +++ openssl-3.0.1/test/recipes/20-test_cli_fips.t 2022-05-05 13:48:02.824629600 +0200`
		`- @@ -207,8 +207,7 @@ SKIP: {`
		`+ diff --git a/test/recipes/20-test_cli_fips.t b/test/recipes/20-test_cli_fips.t`
		`+ index 6d3c5ba1bb..2ba47b5fca 100644`
		`+ --- a/test/recipes/20-test_cli_fips.t`
		`+ +++ b/test/recipes/20-test_cli_fips.t`
		`+ @@ -273,8 +273,7 @@ SKIP: {`
		`}`

		`SKIP : {`
		`@@ -290,141 +400,44 @@`

		`subtest DSA => sub {`
		`my $testtext_prefix = 'DSA';`
		`- diff -up openssl-3.0.1/test/recipes/80-test_cms.t.fipsmin3 openssl-3.0.1/test/recipes/80-test_cms.t`
		`- --- openssl-3.0.1/test/recipes/80-test_cms.t.fipsmin3 2022-05-05 13:55:05.257292637 +0200`
		`- +++ openssl-3.0.1/test/recipes/80-test_cms.t 2022-05-05 13:58:35.307150750 +0200`
		`- @@ -95,7 +95,7 @@ my @smime_pkcs7_tests = (`
		`- \&final_compare`
		`- ],`
		`-`
		`- - [ "signed content DER format, DSA key",`
		`- + [ "signed content DER format, DSA key, no Red Hat FIPS",`
		`- [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",`
		`- "-signer", catfile($smdir, "smdsa1.pem"), "-out", "{output}.cms" ],`
		`- [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",`
		`- @@ -103,7 +103,7 @@ my @smime_pkcs7_tests = (`
		`- \&final_compare`
		`- ],`
		`-`
		`- - [ "signed detached content DER format, DSA key",`
		`- + [ "signed detached content DER format, DSA key, no Red Hat FIPS",`
		`- [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",`
		`- "-signer", catfile($smdir, "smdsa1.pem"), "-out", "{output}.cms" ],`
		`- [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",`
		`- @@ -112,7 +112,7 @@ my @smime_pkcs7_tests = (`
		`- \&final_compare`
		`- ],`
		`-`
		`- - [ "signed detached content DER format, add RSA signer (with DSA existing)",`
		`- + [ "signed detached content DER format, add RSA signer (with DSA existing), no Red Hat FIPS",`
		`- [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",`
		`- "-signer", catfile($smdir, "smdsa1.pem"), "-out", "{output}.cms" ],`
		`- [ "{cmd1}", @prov, "-resign", "-in", "{output}.cms", "-inform", "DER", "-outform", "DER",`
		`- @@ -123,7 +123,7 @@ my @smime_pkcs7_tests = (`
		`- \&final_compare`
		`- ],`
		`-`
		`- - [ "signed content test streaming BER format, DSA key",`
		`- + [ "signed content test streaming BER format, DSA key, no Red Hat FIPS",`
		`- [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",`
		`- "-nodetach", "-stream",`
		`- "-signer", catfile($smdir, "smdsa1.pem"), "-out", "{output}.cms" ],`
		`- @@ -132,7 +132,7 @@ my @smime_pkcs7_tests = (`
		`- \&final_compare`
		`- ],`
		`-`
		`- - [ "signed content test streaming BER format, 2 DSA and 2 RSA keys",`
		`- + [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, no Red Hat FIPS",`
		`- [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",`
		`- "-nodetach", "-stream",`
		`- "-signer", $smrsa1,`
		`- @@ -145,7 +145,7 @@ my @smime_pkcs7_tests = (`
		`- \&final_compare`
		`- ],`
		`-`
		`- - [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",`
		`- + [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes, no Red Hat FIPS",`
		`- [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",`
		`- "-noattr", "-nodetach", "-stream",`
		`- "-signer", $smrsa1,`
		`- @@ -175,7 +175,7 @@ my @smime_pkcs7_tests = (`
		`- \&zero_compare`
		`- ],`
		`-`
		`- - [ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",`
		`- + [ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys, no Red Hat FIPS",`
		`- [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-nodetach",`
		`- "-signer", $smrsa1,`
		`- "-signer", catfile($smdir, "smrsa2.pem"),`
		`- @@ -187,7 +187,7 @@ my @smime_pkcs7_tests = (`
		`- \&final_compare`
		`- ],`
		`-`
		`- - [ "signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys",`
		`- + [ "signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys, no Red Hat FIPS",`
		`- [ "{cmd1}", @prov, "-sign", "-in", $smcont,`
		`- "-signer", $smrsa1,`
		`- "-signer", catfile($smdir, "smrsa2.pem"),`
		`- @@ -247,7 +247,7 @@ my @smime_pkcs7_tests = (`
		`-`
		`- my @smime_cms_tests = (`
		`-`
		`- - [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",`
		`- + [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid, no Red Hat FIPS",`
		`- [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",`
		`- "-nodetach", "-keyid",`
		`- "-signer", $smrsa1,`
		`- @@ -260,7 +260,7 @@ my @smime_cms_tests = (`
		`- \&final_compare`
		`- ],`
		`-`
		`- - [ "signed content test streaming PEM format, 2 DSA and 2 RSA keys",`
		`- + [ "signed content test streaming PEM format, 2 DSA and 2 RSA keys, no Red Hat FIPS",`
		`- [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",`
		`- "-signer", $smrsa1,`
		`- "-signer", catfile($smdir, "smrsa2.pem"),`
		`- @@ -370,7 +370,7 @@ my @smime_cms_tests = (`
		`- \&final_compare`
		`- ],`
		`-`
		`- - [ "encrypted content test streaming PEM format, triple DES key",`
		`- + [ "encrypted content test streaming PEM format, triple DES key, no Red Hat FIPS",`
		`- [ "{cmd1}", @prov, "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",`
		`- "-des3", "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617",`
		`- "-stream", "-out", "{output}.cms" ],`
		`- diff -up openssl-3.0.1/test/recipes/30-test_evp.t.fipsmin3 openssl-3.0.1/test/recipes/30-test_evp.t`
		`- --- openssl-3.0.1/test/recipes/30-test_evp.t.fipsmin3 2022-05-05 14:43:04.276857033 +0200`
		`- +++ openssl-3.0.1/test/recipes/30-test_evp.t 2022-05-05 14:43:35.975138234 +0200`
		`- @@ -43,7 +43,6 @@ my @files = qw(`
		`+ diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t`
		`+ index 9d7040ced2..3be2549cb5 100644`
		`+ --- a/test/recipes/30-test_evp.t`
		`+ +++ b/test/recipes/30-test_evp.t`
		`+ @@ -42,10 +42,8 @@ my @files = qw(`
		`evpciph_aes_cts.txt`
		`evpciph_aes_wrap.txt`
		`evpciph_aes_stitched.txt`
		`- evpciph_des3_common.txt`
		`evpkdf_hkdf.txt`
		`+ evpkdf_kbkdf_counter.txt`
		`+ - evpkdf_kbkdf_kmac.txt`
		`evpkdf_pbkdf1.txt`
		`evpkdf_pbkdf2.txt`
		`- @@ -66,12 +65,6 @@ push @files, qw(`
		`+ evpkdf_ss.txt`
		`+ @@ -65,12 +63,6 @@ push @files, qw(`
		`+ evppkey_ffdhe.txt`
		`evppkey_dh.txt`
		`) unless $no_dh;`
		`- push @files, qw(`
		`+ -push @files, qw(`
		`- evpkdf_x942_des.txt`
		`- evpmac_cmac_des.txt`
		`- ) unless $no_des;`
		`-push @files, qw(evppkey_dsa.txt) unless $no_dsa;`
		`-push @files, qw(evppkey_ecx.txt) unless $no_ec;`
		`- -push @files, qw(`
		`+ push @files, qw(`
		`evppkey_ecc.txt`
		`evppkey_ecdh.txt`
		`- evppkey_ecdsa.txt`
		`- @@ -91,6 +84,7 @@ my @defltfiles = qw(`
		`+ @@ -91,6 +83,8 @@ my @defltfiles = qw(`
		`evpciph_cast5.txt`
		`evpciph_chacha.txt`
		`evpciph_des.txt`
		`+ evpciph_des3_common.txt`
		`+ + evpkdf_kbkdf_kmac.txt`
		`evpciph_idea.txt`
		`evpciph_rc2.txt`
		`evpciph_rc4.txt`
		`- @@ -117,6 +111,12 @@ my @defltfiles = qw(`
		`+ @@ -118,6 +112,12 @@ my @defltfiles = qw(`
		`evppkey_kdf_tls1_prf.txt`
		`evppkey_rsa.txt`
		`);`
		`@@ -437,18 +450,19 @@`
		`push @defltfiles, qw(evppkey_brainpool.txt) unless $no_ec;`
		`push @defltfiles, qw(evppkey_sm2.txt) unless $no_sm2;`

		`- diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evpmac_common.txt.fipsmin3 openssl-3.0.1/test/recipes/30-test_evp_data/evpmac_common.txt`
		`- --- openssl-3.0.1/test/recipes/30-test_evp_data/evpmac_common.txt.fipsmin3 2022-05-05 14:46:32.721700697 +0200`
		`- +++ openssl-3.0.1/test/recipes/30-test_evp_data/evpmac_common.txt 2022-05-05 14:51:40.205418897 +0200`
		`- @@ -328,6 +328,7 @@ Input = 68F2E77696CE7AE8E2CA4EC588E54100`
		`- Output = 00BDA1B7E87608BCBF470F12157F4C07`
		`-`
		`+ diff --git a/test/recipes/30-test_evp_data/evpmac_common.txt b/test/recipes/30-test_evp_data/evpmac_common.txt`
		`+ index 93195df97c..315413cd9b 100644`
		`+ --- a/test/recipes/30-test_evp_data/evpmac_common.txt`
		`+ +++ b/test/recipes/30-test_evp_data/evpmac_common.txt`
		`+ @@ -340,6 +340,7 @@ IV = 7AE8E2CA4EC500012E58495C`
		`+ Input = 68F2E77696CE7AE8E2CA4EC588E541002E58495C08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D0007`
		`+ Result = MAC_INIT_ERROR`

		`+Availablein = default`
		`Title = KMAC Tests (From NIST)`
		`MAC = KMAC128`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`- @@ -338,12 +339,14 @@ Ctrl = xof:0`
		`+ @@ -350,12 +351,14 @@ Ctrl = xof:0`
		`OutputSize = 32`
		`BlockSize = 168`

		`@@ -463,7 +477,7 @@`
		`MAC = KMAC128`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7`
		`- @@ -351,6 +354,7 @@ Custom = "My Tagged Application"`
		`+ @@ -363,6 +366,7 @@ Custom = "My Tagged Application"`
		`Output = 1F5B4E6CCA02209E0DCB5CA635B89A15E271ECC760071DFD805FAA38F9729230`
		`Ctrl = size:32`

		`@@ -471,7 +485,7 @@`
		`MAC = KMAC256`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 00010203`
		`- @@ -359,12 +363,14 @@ Output = 20C570C31346F703C9AC36C61C03CB6`
		`+ @@ -371,12 +375,14 @@ Output = 20C570C31346F703C9AC36C61C03CB64C3970D0CFC787E9B79599D273A68D2F7F69D4CC`
		`OutputSize = 64`
		`BlockSize = 136`

		`@@ -486,7 +500,7 @@`
		`MAC = KMAC256`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7`
		`- @@ -374,12 +380,14 @@ Ctrl = size:64`
		`+ @@ -386,12 +392,14 @@ Ctrl = size:64`

		`Title = KMAC XOF Tests (From NIST)`

		`@@ -501,7 +515,7 @@`
		`MAC = KMAC128`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 00010203`
		`- @@ -387,6 +395,7 @@ Custom = "My Tagged Application"`
		`+ @@ -399,6 +407,7 @@ Custom = "My Tagged Application"`
		`Output = 31A44527B4ED9F5C6101D11DE6D26F0620AA5C341DEF41299657FE9DF1A3B16C`
		`XOF = 1`

		`@@ -509,7 +523,7 @@`
		`MAC = KMAC128`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7`
		`- @@ -395,6 +404,7 @@ Output = 47026C7CD793084AA0283C253EF6584`
		`+ @@ -407,6 +416,7 @@ Output = 47026C7CD793084AA0283C253EF658490C0DB61438B8326FE9BDDF281B83AE0F`
		`XOF = 1`
		`Ctrl = size:32`

		`@@ -517,7 +531,7 @@`
		`MAC = KMAC256`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 00010203`
		`- @@ -402,6 +412,7 @@ Custom = "My Tagged Application"`
		`+ @@ -414,6 +424,7 @@ Custom = "My Tagged Application"`
		`Output = 1755133F1534752AAD0748F2C706FB5C784512CAB835CD15676B16C0C6647FA96FAA7AF634A0BF8FF6DF39374FA00FAD9A39E322A7C92065A64EB1FB0801EB2B`
		`XOF = 1`

		`@@ -525,7 +539,7 @@`
		`MAC = KMAC256`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7`
		`- @@ -409,6 +420,7 @@ Custom = ""`
		`+ @@ -421,6 +432,7 @@ Custom = ""`
		`Output = FF7B171F1E8A2B24683EED37830EE797538BA8DC563F6DA1E667391A75EDC02CA633079F81CE12A25F45615EC89972031D18337331D24CEB8F8CA8E6A19FD98B`
		`XOF = 1`

		`@@ -533,7 +547,7 @@`
		`MAC = KMAC256`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7`
		`- @@ -419,6 +431,7 @@ XOF = 1`
		`+ @@ -431,6 +443,7 @@ XOF = 1`

		`Title = KMAC long customisation string (from NIST ACVP)`

		`@@ -541,7 +555,7 @@`
		`MAC = KMAC256`
		`Key = 9743DBF93102FAF11227B154B8ACD16CF142671F7AA16C559A393A38B4CEF461ED29A6A328D7379C99718790E38B54CA25E9E831CBEA463EE704D1689F94629AB795DF0C77F756DA743309C0E054596BA2D9CC1768ACF7CD351D9A7EB1ABD0A3`
		`Input = BA63AC9C711F143CCE7FF92D0322649D1BE437D805FD225C0A2879A008373EC3BCCDB09971FAD2BCE5F4347AF7E5238EF01A90ED34193D6AFC1D`
		`- @@ -429,12 +442,14 @@ XOF = 1`
		`+ @@ -441,12 +454,14 @@ XOF = 1`

		`Title = KMAC XOF Tests via ctrl (From NIST)`

		`@@ -556,7 +570,7 @@`
		`MAC = KMAC128`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 00010203`
		`- @@ -442,6 +457,7 @@ Custom = "My Tagged Application"`
		`+ @@ -454,6 +469,7 @@ Custom = "My Tagged Application"`
		`Output = 31A44527B4ED9F5C6101D11DE6D26F0620AA5C341DEF41299657FE9DF1A3B16C`
		`Ctrl = xof:1`

		`@@ -564,7 +578,7 @@`
		`MAC = KMAC128`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7`
		`- @@ -450,6 +466,7 @@ Output = 47026C7CD793084AA0283C253EF6584`
		`+ @@ -462,6 +478,7 @@ Output = 47026C7CD793084AA0283C253EF658490C0DB61438B8326FE9BDDF281B83AE0F`
		`Ctrl = xof:1`
		`Ctrl = size:32`

		`@@ -572,7 +586,7 @@`
		`MAC = KMAC256`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 00010203`
		`- @@ -457,6 +474,7 @@ Custom = "My Tagged Application"`
		`+ @@ -469,6 +486,7 @@ Custom = "My Tagged Application"`
		`Output = 1755133F1534752AAD0748F2C706FB5C784512CAB835CD15676B16C0C6647FA96FAA7AF634A0BF8FF6DF39374FA00FAD9A39E322A7C92065A64EB1FB0801EB2B`
		`Ctrl = xof:1`

		`@@ -580,7 +594,7 @@`
		`MAC = KMAC256`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7`
		`- @@ -464,6 +482,7 @@ Custom = ""`
		`+ @@ -476,6 +494,7 @@ Custom = ""`
		`Output = FF7B171F1E8A2B24683EED37830EE797538BA8DC563F6DA1E667391A75EDC02CA633079F81CE12A25F45615EC89972031D18337331D24CEB8F8CA8E6A19FD98B`
		`Ctrl = xof:1`

		`@@ -588,7 +602,7 @@`
		`MAC = KMAC256`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7`
		`- @@ -474,6 +493,7 @@ Ctrl = xof:1`
		`+ @@ -486,6 +505,7 @@ Ctrl = xof:1`

		`Title = KMAC long customisation string via ctrl (from NIST ACVP)`

		`@@ -596,7 +610,7 @@`
		`MAC = KMAC256`
		`Key = 9743DBF93102FAF11227B154B8ACD16CF142671F7AA16C559A393A38B4CEF461ED29A6A328D7379C99718790E38B54CA25E9E831CBEA463EE704D1689F94629AB795DF0C77F756DA743309C0E054596BA2D9CC1768ACF7CD351D9A7EB1ABD0A3`
		`Input = BA63AC9C711F143CCE7FF92D0322649D1BE437D805FD225C0A2879A008373EC3BCCDB09971FAD2BCE5F4347AF7E5238EF01A90ED34193D6AFC1D`
		`- @@ -484,6 +504,7 @@ Ctrl = xof:1`
		`+ @@ -496,6 +516,7 @@ Ctrl = xof:1`

		`Title = KMAC long customisation string negative test`

		`@@ -604,7 +618,7 @@`
		`MAC = KMAC128`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7`
		`- @@ -492,6 +513,7 @@ Result = MAC_INIT_ERROR`
		`+ @@ -504,6 +525,7 @@ Result = MAC_INIT_ERROR`

		`Title = KMAC output is too large`

		`@@ -612,10 +626,114 @@`
		`MAC = KMAC256`
		`Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F`
		`Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7`
		`- diff -up openssl-3.0.1/test/recipes/80-test_ssl_old.t.fipsmin3 openssl-3.0.1/test/recipes/80-test_ssl_old.t`
		`- --- openssl-3.0.1/test/recipes/80-test_ssl_old.t.fipsmin3 2022-05-05 16:02:59.745500635 +0200`
		`- +++ openssl-3.0.1/test/recipes/80-test_ssl_old.t 2022-05-05 16:10:24.071348890 +0200`
		`- @@ -426,7 +426,7 @@ sub testssl {`
		`+ diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t`
		`+ index 40dd585c18..cbec426137 100644`
		`+ --- a/test/recipes/80-test_cms.t`
		`+ +++ b/test/recipes/80-test_cms.t`
		`+ @@ -96,7 +96,7 @@ my @smime_pkcs7_tests = (`
		`+ \&final_compare`
		`+ ],`
		`+`
		`+ - [ "signed content DER format, DSA key",`
		`+ + [ "signed content DER format, DSA key, no Red Hat FIPS",`
		`+ [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",`
		`+ "-signer", catfile($smdir, "smdsa1.pem"), "-out", "{output}.cms" ],`
		`+ [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",`
		`+ @@ -104,7 +104,7 @@ my @smime_pkcs7_tests = (`
		`+ \&final_compare`
		`+ ],`
		`+`
		`+ - [ "signed detached content DER format, DSA key",`
		`+ + [ "signed detached content DER format, DSA key, no Red Hat FIPS",`
		`+ [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",`
		`+ "-signer", catfile($smdir, "smdsa1.pem"), "-out", "{output}.cms" ],`
		`+ [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",`
		`+ @@ -113,7 +113,7 @@ my @smime_pkcs7_tests = (`
		`+ \&final_compare`
		`+ ],`
		`+`
		`+ - [ "signed detached content DER format, add RSA signer (with DSA existing)",`
		`+ + [ "signed detached content DER format, add RSA signer (with DSA existing), no Red Hat FIPS",`
		`+ [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",`
		`+ "-signer", catfile($smdir, "smdsa1.pem"), "-out", "{output}.cms" ],`
		`+ [ "{cmd1}", @prov, "-resign", "-in", "{output}.cms", "-inform", "DER", "-outform", "DER",`
		`+ @@ -124,7 +124,7 @@ my @smime_pkcs7_tests = (`
		`+ \&final_compare`
		`+ ],`
		`+`
		`+ - [ "signed content test streaming BER format, DSA key",`
		`+ + [ "signed content test streaming BER format, DSA key, no Red Hat FIPS",`
		`+ [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",`
		`+ "-nodetach", "-stream",`
		`+ "-signer", catfile($smdir, "smdsa1.pem"), "-out", "{output}.cms" ],`
		`+ @@ -133,7 +133,7 @@ my @smime_pkcs7_tests = (`
		`+ \&final_compare`
		`+ ],`
		`+`
		`+ - [ "signed content test streaming BER format, 2 DSA and 2 RSA keys",`
		`+ + [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, no Red Hat FIPS",`
		`+ [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",`
		`+ "-nodetach", "-stream",`
		`+ "-signer", $smrsa1,`
		`+ @@ -146,7 +146,7 @@ my @smime_pkcs7_tests = (`
		`+ \&final_compare`
		`+ ],`
		`+`
		`+ - [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",`
		`+ + [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes, no Red Hat FIPS",`
		`+ [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",`
		`+ "-noattr", "-nodetach", "-stream",`
		`+ "-signer", $smrsa1,`
		`+ @@ -176,7 +176,7 @@ my @smime_pkcs7_tests = (`
		`+ \&zero_compare`
		`+ ],`
		`+`
		`+ - [ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",`
		`+ + [ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys, no Red Hat FIPS",`
		`+ [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-nodetach",`
		`+ "-signer", $smrsa1,`
		`+ "-signer", catfile($smdir, "smrsa2.pem"),`
		`+ @@ -188,7 +188,7 @@ my @smime_pkcs7_tests = (`
		`+ \&final_compare`
		`+ ],`
		`+`
		`+ - [ "signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys",`
		`+ + [ "signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys, no Red Hat FIPS",`
		`+ [ "{cmd1}", @prov, "-sign", "-in", $smcont,`
		`+ "-signer", $smrsa1,`
		`+ "-signer", catfile($smdir, "smrsa2.pem"),`
		`+ @@ -248,7 +248,7 @@ my @smime_pkcs7_tests = (`
		`+`
		`+ my @smime_cms_tests = (`
		`+`
		`+ - [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",`
		`+ + [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid, no Red Hat FIPS",`
		`+ [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",`
		`+ "-nodetach", "-keyid",`
		`+ "-signer", $smrsa1,`
		`+ @@ -261,7 +261,7 @@ my @smime_cms_tests = (`
		`+ \&final_compare`
		`+ ],`
		`+`
		`+ - [ "signed content test streaming PEM format, 2 DSA and 2 RSA keys",`
		`+ + [ "signed content test streaming PEM format, 2 DSA and 2 RSA keys, no Red Hat FIPS",`
		`+ [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",`
		`+ "-signer", $smrsa1,`
		`+ "-signer", catfile($smdir, "smrsa2.pem"),`
		`+ @@ -371,7 +371,7 @@ my @smime_cms_tests = (`
		`+ \&final_compare`
		`+ ],`
		`+`
		`+ - [ "encrypted content test streaming PEM format, triple DES key",`
		`+ + [ "encrypted content test streaming PEM format, triple DES key, no Red Hat FIPS",`
		`+ [ "{cmd1}", @prov, "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",`
		`+ "-des3", "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617",`
		`+ "-stream", "-out", "{output}.cms" ],`
		`+ diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t`
		`+ index 50b74a1e29..e2dcb68fb5 100644`
		`+ --- a/test/recipes/80-test_ssl_old.t`
		`+ +++ b/test/recipes/80-test_ssl_old.t`
		`+ @@ -436,7 +436,7 @@ sub testssl {`
		`my @exkeys = ();`
		`my $ciphers = '-PSK:-SRP:@SECLEVEL=0';`

		`@@ -624,96 +742,6 @@`
		`push @exkeys, "-s_cert", "certD.ss", "-s_key", $Dkey;`
		`}`

		`- diff -up openssl-3.0.1/test/endecode_test.c.fipsmin3 openssl-3.0.1/test/endecode_test.c`
		`- --- openssl-3.0.1/test/endecode_test.c.fipsmin3 2022-05-06 16:25:57.296926271 +0200`
		`- +++ openssl-3.0.1/test/endecode_test.c 2022-05-06 16:27:42.712850840 +0200`
		`- @@ -1387,6 +1387,7 @@ int setup_tests(void)`
		`- * so no legacy tests.`
		`- */`
		`- #endif`
		`- + if (is_fips == 0) {`
		`- #ifndef OPENSSL_NO_DSA`
		`- ADD_TEST_SUITE(DSA);`
		`- ADD_TEST_SUITE_PARAMS(DSA);`
		`- @@ -1397,6 +1398,7 @@ int setup_tests(void)`
		`- ADD_TEST_SUITE_PROTECTED_PVK(DSA);`
		`- # endif`
		`- #endif`
		`- + }`
		`- #ifndef OPENSSL_NO_EC`
		`- ADD_TEST_SUITE(EC);`
		`- ADD_TEST_SUITE_PARAMS(EC);`
		`- @@ -1411,10 +1413,12 @@ int setup_tests(void)`
		`- ADD_TEST_SUITE(ECExplicitTri2G);`
		`- ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);`
		`- # endif`
		`- + if (is_fips == 0) {`
		`- ADD_TEST_SUITE(ED25519);`
		`- ADD_TEST_SUITE(ED448);`
		`- ADD_TEST_SUITE(X25519);`
		`- ADD_TEST_SUITE(X448);`
		`- + }`
		`- /*`
		`- * ED25519, ED448, X25519 and X448 have no support for`
		`- * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.`
		`- diff -up openssl-3.0.1/apps/req.c.dfc openssl-3.0.1/apps/req.c`
		`- --- openssl-3.0.1/apps/req.c.dfc 2022-05-12 13:31:21.957638329 +0200`
		`- +++ openssl-3.0.1/apps/req.c 2022-05-12 13:31:49.587984867 +0200`
		`- @@ -266,7 +266,7 @@ int req_main(int argc, char **argv)`
		`- unsigned long chtype = MBSTRING_ASC, reqflag = 0;`
		`-`
		`- #ifndef OPENSSL_NO_DES`
		`- - cipher = (EVP_CIPHER *)EVP_des_ede3_cbc();`
		`- + cipher = (EVP_CIPHER *)EVP_aes_256_cbc();`
		`- #endif`
		`-`
		`- prog = opt_init(argc, argv, req_options);`
		`- diff -up openssl-3.0.1/apps/ecparam.c.fips_list_curves openssl-3.0.1/apps/ecparam.c`
		`- --- openssl-3.0.1/apps/ecparam.c.fips_list_curves 2022-05-19 11:46:22.682519422 +0200`
		`- +++ openssl-3.0.1/apps/ecparam.c 2022-05-19 11:50:44.559828701 +0200`
		`- @@ -79,6 +79,9 @@ static int list_builtin_curves(BIO *out)`
		`- const char *comment = curves[n].comment;`
		`- const char *sname = OBJ_nid2sn(curves[n].nid);`
		`-`
		`- + if ((curves[n].nid == NID_secp256k1) && EVP_default_properties_is_fips_enabled(NULL))`
		`- + continue;`
		`- +`
		`- if (comment == NULL)`
		`- comment = "CURVE DESCRIPTION NOT AVAILABLE";`
		`- if (sname == NULL)`
		`- diff -up openssl-3.0.1/ssl/ssl_ciph.c.nokrsa openssl-3.0.1/ssl/ssl_ciph.c`
		`- --- openssl-3.0.1/ssl/ssl_ciph.c.nokrsa 2022-05-19 13:32:32.536708638 +0200`
		`- +++ openssl-3.0.1/ssl/ssl_ciph.c 2022-05-19 13:42:29.734002959 +0200`
		`- @@ -356,6 +356,9 @@ int ssl_load_ciphers(SSL_CTX *ctx)`
		`- ctx->disabled_mkey_mask = 0;`
		`- ctx->disabled_auth_mask = 0;`
		`-`
		`- + if (EVP_default_properties_is_fips_enabled(ctx->libctx))`
		`- + ctx->disabled_mkey_mask \|= SSL_kRSA \| SSL_kRSAPSK;`
		`- +`
		`- /*`
		`- * We ignore any errors from the fetches below. They are expected to fail`
		`- * if theose algorithms are not available.`
		`- diff -up openssl-3.0.1/providers/implementations/signature/rsa_sig.c.fipskeylen openssl-3.0.1/providers/implementations/signature/rsa_sig.c`
		`- --- openssl-3.0.1/providers/implementations/signature/rsa_sig.c.fipskeylen 2022-05-23 14:58:07.764281242 +0200`
		`- +++ openssl-3.0.1/providers/implementations/signature/rsa_sig.c 2022-05-23 15:10:29.327993616 +0200`
		`- @@ -770,6 +770,19 @@ static int rsa_verify(void *vprsactx, co`
		`- {`
		`- PROV_RSA_CTX prsactx = (PROV_RSA_CTX )vprsactx;`
		`- size_t rslen;`
		`- +# ifdef FIPS_MODULE`
		`- + size_t rsabits = RSA_bits(prsactx->rsa);`
		`- +`
		`- + if (rsabits < 2048) {`
		`- + if (rsabits != 1024`
		`- + && rsabits != 1280`
		`- + && rsabits != 1536`
		`- + && rsabits != 1792) {`
		`- + ERR_raise(ERR_LIB_FIPS, PROV_R_INVALID_KEY_LENGTH);`
		`- + return 0;`
		`- + }`
		`- + }`
		`- +# endif`
		`-`
		`- if (!ossl_prov_is_running())`
		`- return 0;`
		`+ --`
		`+ 2.41.0`
		`+`

0047-FIPS-early-KATS.patch

file modified

+28 -10

		`@@ -1,7 +1,22 @@`
		`- diff -up openssl-3.0.1/providers/fips/self_test.c.earlykats openssl-3.0.1/providers/fips/self_test.c`
		`- --- openssl-3.0.1/providers/fips/self_test.c.earlykats 2022-01-19 13:10:00.635830783 +0100`
		`- +++ openssl-3.0.1/providers/fips/self_test.c 2022-01-19 13:11:43.309342656 +0100`
		`- @@ -362,6 +362,16 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS`
		`+ From 0242c0317b7c7874148c456aaab1e8eeb156d7c1 Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 22/35] 0047-FIPS-early-KATS.patch`
		`+`
		`+ Patch-name: 0047-FIPS-early-KATS.patch`
		`+ Patch-id: 47`
		`+ Patch-status: \|`
		`+ # Execute KATS before HMAC verification`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ providers/fips/self_test.c \| 22 ++++++++++------------`
		`+ 1 file changed, 10 insertions(+), 12 deletions(-)`
		`+`
		`+ diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c`
		`+ index ef56002854..062d9df84a 100644`
		`+ --- a/providers/fips/self_test.c`
		`+ +++ b/providers/fips/self_test.c`
		`+ @@ -414,6 +414,16 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)`
		`if (ev == NULL)`
		`goto end;`

		`@@ -18,11 +33,10 @@`
		`module_checksum = fips_hmac_container;`
		`checksum_len = sizeof(fips_hmac_container);`

		`- @@ -411,18 +421,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS`
		`- kats_already_passed = 1;`
		`+ @@ -464,18 +474,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)`
		`}`
		`}`
		`- -`
		`+`
		`- /*`
		`- * Only runs the KAT's during installation OR on_demand().`
		`- * NOTE: If the installation option 'self_test_onload' is chosen then this`
		`@@ -34,6 +48,10 @@`
		`- goto end;`
		`- }`
		`- }`
		`- ok = 1;`
		`- end:`
		`- OSSL_SELF_TEST_free(ev);`
		`+ -`
		`+ /* Verify that the RNG has been restored properly */`
		`+ testrand = EVP_RAND_fetch(st->libctx, "TEST-RAND", NULL);`
		`+ if (testrand == NULL`
		`+ --`
		`+ 2.41.0`
		`+`

0049-Allow-disabling-of-SHA1-signatures.patch

file modified

+98 -45

		`@@ -1,4 +1,4 @@`
		`- From b4f8964ad1903e24cd2ee07f42ce97c3047f4af4 Mon Sep 17 00:00:00 2001`
		`+ From 51d52096122cc73413d55aac06d5e0641f58ffcb Mon Sep 17 00:00:00 2001`
		`From: Clemens Lang <cllang@redhat.com>`
		`Date: Mon, 21 Feb 2022 17:24:44 +0100`
		`Subject: [PATCH] Allow disabling of SHA1 signatures`
		`@@ -40,21 +40,69 @@`
		`implementation does not know that it is signing a SHA1 hash (it could be`
		`signing arbitrary data).`
		`---`
		`+ crypto/context.c \| 14 ++++`
		`crypto/evp/evp_cnf.c \| 13 +++`
		`- crypto/evp/m_sigver.c \| 85 +++++++++++++++++++`
		`+ crypto/evp/m_sigver.c \| 79 +++++++++++++++++++`
		`crypto/evp/pmeth_lib.c \| 15 ++++`
		`doc/man5/config.pod \| 13 +++`
		`+ include/crypto/context.h \| 3 +`
		`include/internal/cryptlib.h \| 3 +-`
		`include/internal/sslconf.h \| 4 +`
		`providers/common/securitycheck.c \| 20 +++++`
		`- providers/common/securitycheck_default.c \| 9 +-`
		`+ providers/common/securitycheck_default.c \| 9 ++-`
		`providers/implementations/signature/dsa_sig.c \| 11 ++-`
		`.../implementations/signature/ecdsa_sig.c \| 4 +`
		`providers/implementations/signature/rsa_sig.c \| 20 ++++-`
		`ssl/t1_lib.c \| 8 ++`
		`util/libcrypto.num \| 2 +`
		`- 13 files changed, 198 insertions(+), 9 deletions(-)`
		`+ 15 files changed, 209 insertions(+), 9 deletions(-)`

		`+ diff --git a/crypto/context.c b/crypto/context.c`
		`+ index e294ea1512..ab6abf44ab 100644`
		`+ --- a/crypto/context.c`
		`+ +++ b/crypto/context.c`
		`+ @@ -43,6 +43,8 @@ struct ossl_lib_ctx_st {`
		`+ void *fips_prov;`
		`+ #endif`
		`+`
		`+ + void *legacy_digest_signatures;`
		`+ +`
		`+ unsigned int ischild:1;`
		`+ };`
		`+`
		`+ @@ -171,6 +173,10 @@ static int context_init(OSSL_LIB_CTX *ctx)`
		`+ goto err;`
		`+ #endif`
		`+`
		`+ + ctx->legacy_digest_signatures = ossl_ctx_legacy_digest_signatures_new(ctx);`
		`+ + if (ctx->legacy_digest_signatures == NULL)`
		`+ + goto err;`
		`+ +`
		`+ /* Low priority. */`
		`+ #ifndef FIPS_MODULE`
		`+ ctx->child_provider = ossl_child_prov_ctx_new(ctx);`
		`+ @@ -299,6 +305,11 @@ static void context_deinit_objs(OSSL_LIB_CTX *ctx)`
		`+ }`
		`+ #endif`
		`+`
		`+ + if (ctx->legacy_digest_signatures != NULL) {`
		`+ + ossl_ctx_legacy_digest_signatures_free(ctx->legacy_digest_signatures);`
		`+ + ctx->legacy_digest_signatures = NULL;`
		`+ + }`
		`+ +`
		`+ /* Low priority. */`
		`+ #ifndef FIPS_MODULE`
		`+ if (ctx->child_provider != NULL) {`
		`+ @@ -589,6 +600,9 @@ void ossl_lib_ctx_get_data(OSSL_LIB_CTX ctx, int index)`
		`+ return ctx->fips_prov;`
		`+ #endif`
		`+`
		`+ + case OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES_INDEX:`
		`+ + return ctx->legacy_digest_signatures;`
		`+ +`
		`+ default:`
		`+ return NULL;`
		`+ }`
		`diff --git a/crypto/evp/evp_cnf.c b/crypto/evp/evp_cnf.c`
		`index 0e7fe64cf9..b9d3b6d226 100644`
		`--- a/crypto/evp/evp_cnf.c`
		`@@ -87,18 +135,20 @@`
		`ERR_raise_data(ERR_LIB_EVP, EVP_R_UNKNOWN_OPTION,`
		`"name=%s, value=%s", oval->name, oval->value);`
		`diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c`
		`- index 76a6814b42..8da2183ce0 100644`
		`+ index 630d339c35..6e4e9f5ae7 100644`
		`--- a/crypto/evp/m_sigver.c`
		`+++ b/crypto/evp/m_sigver.c`
		`- @@ -16,6 +16,79 @@`
		`+ @@ -15,6 +15,73 @@`
		`+ #include "internal/provider.h"`
		`#include "internal/numbers.h" /* includes SIZE_MAX */`
		`#include "evp_local.h"`
		`-`
		`+ +#include "crypto/context.h"`
		`+ +`
		`+typedef struct ossl_legacy_digest_signatures_st {`
		`+ int allowed;`
		`+} OSSL_LEGACY_DIGEST_SIGNATURES;`
		`+`
		`- +static void ossl_ctx_legacy_digest_signatures_free(void *vldsigs)`
		`+ +void ossl_ctx_legacy_digest_signatures_free(void *vldsigs)`
		`+{`
		`+ OSSL_LEGACY_DIGEST_SIGNATURES *ldsigs = vldsigs;`
		`+`
		`@@ -107,7 +157,7 @@`
		`+ }`
		`+}`
		`+`
		`- +static void ossl_ctx_legacy_digest_signatures_new(OSSL_LIB_CTX ctx)`
		`+ +void ossl_ctx_legacy_digest_signatures_new(OSSL_LIB_CTX ctx)`
		`+{`
		`+ OSSL_LEGACY_DIGEST_SIGNATURES* ldsigs = OPENSSL_zalloc(sizeof(OSSL_LEGACY_DIGEST_SIGNATURES));`
		`+ /* Warning: This patch differs from the same patch in CentOS and RHEL here,`
		`@@ -117,12 +167,6 @@`
		`+ return ldsigs;`
		`+}`
		`+`
		`- +static const OSSL_LIB_CTX_METHOD ossl_ctx_legacy_digest_signatures_method = {`
		`- + OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY,`
		`- + ossl_ctx_legacy_digest_signatures_new,`
		`- + ossl_ctx_legacy_digest_signatures_free,`
		`- +};`
		`- +`
		`+static OSSL_LEGACY_DIGEST_SIGNATURES *ossl_ctx_legacy_digest_signatures(`
		`+ OSSL_LIB_CTX *libctx, int loadconfig)`
		`+{`
		`@@ -131,8 +175,7 @@`
		`+ return NULL;`
		`+#endif`
		`+`
		`- + return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES,`
		`- + &ossl_ctx_legacy_digest_signatures_method);`
		`+ + return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES_INDEX);`
		`+}`
		`+`
		`+int ossl_ctx_legacy_digest_signatures_allowed(OSSL_LIB_CTX *libctx, int loadconfig)`
		`@@ -166,11 +209,10 @@`
		`+ ldsigs->allowed = allow;`
		`+ return 1;`
		`+}`
		`- +`
		`+`
		`#ifndef FIPS_MODULE`

		`- static int update(EVP_MD_CTX ctx, const void data, size_t datalen)`
		`- @@ -258,6 +331,18 @@ static int do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`+ @@ -251,6 +318,18 @@ static int do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`}`
		`}`

		`@@ -190,7 +232,7 @@`
		`if (signature->digest_verify_init == NULL) {`
		`ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);`
		`diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c`
		`- index 2b9c6c2351..3c5a1e6f5d 100644`
		`+ index ce6e1a1ccb..003926247b 100644`
		`--- a/crypto/evp/pmeth_lib.c`
		`+++ b/crypto/evp/pmeth_lib.c`
		`@@ -33,6 +33,7 @@`
		`@@ -201,7 +243,7 @@`
		`#include "evp_local.h"`

		`#ifndef FIPS_MODULE`
		`- @@ -946,6 +947,20 @@ static int evp_pkey_ctx_set_md(EVP_PKEY_CTX ctx, const EVP_MD md,`
		`+ @@ -958,6 +959,20 @@ static int evp_pkey_ctx_set_md(EVP_PKEY_CTX ctx, const EVP_MD md,`
		`return -2;`
		`}`

		`@@ -223,7 +265,7 @@`
		`return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, 0, (void *)(md));`

		`diff --git a/doc/man5/config.pod b/doc/man5/config.pod`
		`- index 77a8055e81..0c9110d28a 100644`
		`+ index 8d312c661f..979683e0a5 100644`
		`--- a/doc/man5/config.pod`
		`+++ b/doc/man5/config.pod`
		`@@ -296,6 +296,19 @@ Within the algorithm properties section, the following names have meaning:`
		`@@ -246,8 +288,19 @@`
		`=item B<fips_mode> (deprecated)`

		`The value is a boolean that can be B<yes> or B<no>. If the value is`
		`+ diff --git a/include/crypto/context.h b/include/crypto/context.h`
		`+ index cc06c71be8..e9f74a414d 100644`
		`+ --- a/include/crypto/context.h`
		`+ +++ b/include/crypto/context.h`
		`+ @@ -39,3 +39,6 @@ void ossl_rand_crng_ctx_free(void *);`
		`+ void ossl_thread_event_ctx_free(void *);`
		`+ void ossl_fips_prov_ossl_ctx_free(void *);`
		`+ void ossl_release_default_drbg_ctx(void);`
		`+ +`
		`+ +void ossl_ctx_legacy_digest_signatures_new(OSSL_LIB_CTX );`
		`+ +void ossl_ctx_legacy_digest_signatures_free(void *);`
		`diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h`
		`- index 1291299b6e..e234341e6a 100644`
		`+ index ac50eb3bbd..3b115cc7df 100644`
		`--- a/include/internal/cryptlib.h`
		`+++ b/include/internal/cryptlib.h`
		`@@ -168,7 +168,8 @@ typedef struct ossl_ex_data_global_st {`
		`@@ -255,11 +308,11 @@`
		`# define OSSL_LIB_CTX_BIO_CORE_INDEX 17`
		`# define OSSL_LIB_CTX_CHILD_PROVIDER_INDEX 18`
		`-# define OSSL_LIB_CTX_MAX_INDEXES 19`
		`- +# define OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES 19`
		`+ +# define OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES_INDEX 19`
		`+# define OSSL_LIB_CTX_MAX_INDEXES 20`

		`- # define OSSL_LIB_CTX_METHOD_LOW_PRIORITY -1`
		`- # define OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY 0`
		`+ OSSL_LIB_CTX ossl_lib_ctx_get_concrete(OSSL_LIB_CTX ctx);`
		`+ int ossl_lib_ctx_is_default(OSSL_LIB_CTX *ctx);`
		`diff --git a/include/internal/sslconf.h b/include/internal/sslconf.h`
		`index fd7f7e3331..05464b0655 100644`
		`--- a/include/internal/sslconf.h`
		`@@ -318,7 +371,7 @@`
		`return 1;`
		`}`
		`diff --git a/providers/common/securitycheck_default.c b/providers/common/securitycheck_default.c`
		`- index de7f0d3a0a..ce54a94fbc 100644`
		`+ index 246323493e..2ca7a59f39 100644`
		`--- a/providers/common/securitycheck_default.c`
		`+++ b/providers/common/securitycheck_default.c`
		`@@ -15,6 +15,7 @@`
		`@@ -329,7 +382,7 @@`

		`/* Disable the security checks in the default provider */`
		`int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx)`
		`- @@ -23,9 +24,10 @@ int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx)`
		`+ @@ -29,9 +30,10 @@ int ossl_tls1_prf_ems_check_enabled(OSSL_LIB_CTX *libctx)`
		`}`

		`int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX ctx, const EVP_MD md,`
		`@@ -341,7 +394,7 @@`

		`static const OSSL_ITEM name_to_nid[] = {`
		`{ NID_md5, OSSL_DIGEST_NAME_MD5 },`
		`- @@ -36,8 +38,11 @@ int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX ctx, const EVP_MD md,`
		`+ @@ -42,8 +44,11 @@ int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX ctx, const EVP_MD md,`
		`{ NID_ripemd160, OSSL_DIGEST_NAME_RIPEMD160 },`
		`};`

		`@@ -355,10 +408,10 @@`
		`return mdnid;`
		`}`
		`diff --git a/providers/implementations/signature/dsa_sig.c b/providers/implementations/signature/dsa_sig.c`
		`- index 28fd7c498e..fa3822f39f 100644`
		`+ index 70d0ea5d24..3c482e0181 100644`
		`--- a/providers/implementations/signature/dsa_sig.c`
		`+++ b/providers/implementations/signature/dsa_sig.c`
		`- @@ -124,12 +124,17 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx,`
		`+ @@ -123,12 +123,17 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx,`
		`mdprops = ctx->propq;`

		`if (mdname != NULL) {`
		`@@ -396,10 +449,10 @@`
		`sha1_allowed);`
		`if (md_nid < 0) {`
		`diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c`
		`- index 325e855333..bea397f0c1 100644`
		`+ index cd5de6bd51..25a51df878 100644`
		`--- a/providers/implementations/signature/rsa_sig.c`
		`+++ b/providers/implementations/signature/rsa_sig.c`
		`- @@ -26,6 +26,7 @@`
		`+ @@ -25,6 +25,7 @@`
		`#include "internal/cryptlib.h"`
		`#include "internal/nelem.h"`
		`#include "internal/sizes.h"`
		`@@ -407,7 +460,7 @@`
		`#include "crypto/rsa.h"`
		`#include "prov/providercommon.h"`
		`#include "prov/implementations.h"`
		`- @@ -34,6 +35,7 @@`
		`+ @@ -33,6 +34,7 @@`
		`#include "prov/securitycheck.h"`

		`#define RSA_DEFAULT_DIGEST_NAME OSSL_DIGEST_NAME_SHA1`
		`@@ -415,7 +468,7 @@`

		`static OSSL_FUNC_signature_newctx_fn rsa_newctx;`
		`static OSSL_FUNC_signature_sign_init_fn rsa_sign_init;`
		`- @@ -289,10 +291,15 @@ static int rsa_setup_md(PROV_RSA_CTX ctx, const char mdname,`
		`+ @@ -302,10 +304,15 @@ static int rsa_setup_md(PROV_RSA_CTX ctx, const char mdname,`

		`if (mdname != NULL) {`
		`EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);`
		`@@ -433,7 +486,7 @@`

		`if (md == NULL`
		`\|\| md_nid <= 0`
		`- @@ -1348,8 +1355,15 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])`
		`+ @@ -1370,8 +1377,15 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])`
		`prsactx->pad_mode = pad_mode;`

		`if (prsactx->md == NULL && pmdname == NULL`
		`@@ -451,7 +504,7 @@`
		`if (pmgf1mdname != NULL`
		`&& !rsa_setup_mgf1_md(prsactx, pmgf1mdname, pmgf1mdprops))`
		`diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c`
		`- index 41fddf22a7..dcd487ec2e 100644`
		`+ index e6f4bcc045..8bc550ea5b 100644`
		`--- a/ssl/t1_lib.c`
		`+++ b/ssl/t1_lib.c`
		`@@ -20,6 +20,7 @@`
		`@@ -462,7 +515,7 @@`
		`#include "internal/nelem.h"`
		`#include "internal/sizes.h"`
		`#include "internal/tlsgroups.h"`
		`- @@ -1145,11 +1146,13 @@ int ssl_setup_sig_algs(SSL_CTX *ctx)`
		`+ @@ -1151,11 +1152,13 @@ int ssl_setup_sig_algs(SSL_CTX *ctx)`
		`= OPENSSL_malloc(sizeof(lu) OSSL_NELEM(sigalg_lookup_tbl));`
		`EVP_PKEY *tmpkey = EVP_PKEY_new();`
		`int ret = 0;`
		`@@ -476,7 +529,7 @@`
		`for (i = 0, lu = sigalg_lookup_tbl;`
		`i < OSSL_NELEM(sigalg_lookup_tbl); lu++, i++) {`
		`EVP_PKEY_CTX *pctx;`
		`- @@ -1169,6 +1172,11 @@ int ssl_setup_sig_algs(SSL_CTX *ctx)`
		`+ @@ -1175,6 +1178,11 @@ int ssl_setup_sig_algs(SSL_CTX *ctx)`
		`cache[i].enabled = 0;`
		`continue;`
		`}`
		`@@ -489,15 +542,15 @@`
		`if (!EVP_PKEY_set_type(tmpkey, lu->sig)) {`
		`cache[i].enabled = 0;`
		`diff --git a/util/libcrypto.num b/util/libcrypto.num`
		`- index 10b4e57d79..2d3c363bb0 100644`
		`+ index 9cb8a4dda2..feb660d030 100644`
		`--- a/util/libcrypto.num`
		`+++ b/util/libcrypto.num`
		`- @@ -5426,3 +5426,5 @@ ASN1_item_d2i_ex 5552 3_0_0 EXIST::FUNCTION:`
		`- OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:`
		`- OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP`
		`+ @@ -5436,3 +5436,5 @@ EVP_CIPHER_CTX_dup 5563 3_1_0 EXIST::FUNCTION:`
		`+ BN_are_coprime 5564 3_1_0 EXIST::FUNCTION:`
		`+ OSSL_CMP_MSG_update_recipNonce 5565 3_0_9 EXIST::FUNCTION:CMP`
		`ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:`
		`+ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:`
		`+ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:`
		`--`
		`- 2.35.1`
		`+ 2.40.1`

0049-Selectively-disallow-SHA1-signatures.patch

file removed

-491

		`@@ -1,491 +0,0 @@`
		`- From e738d17c45869eda31cb94f2832e65ec7cf8afa9 Mon Sep 17 00:00:00 2001`
		`- From: Clemens Lang <cllang@redhat.com>`
		`- Date: Wed, 17 Aug 2022 12:56:29 -0400`
		`- Subject: [PATCH] Selectively disallow SHA1 signatures`
		`-`
		`- For RHEL 9.0, we want to phase out SHA1. One of the steps to do that is`
		`- disabling SHA1 signatures. Introduce a new configuration option in the`
		`- alg_section named 'rh-allow-sha1-signatures'. This option defaults to`
		`- false. If set to false (or unset), any signature creation or`
		`- verification operations that involve SHA1 as digest will fail.`
		`-`
		`- This also affects TLS, where the signature_algorithms extension of any`
		`- ClientHello message sent by OpenSSL will no longer include signatures`
		`- with the SHA1 digest if rh-allow-sha1-signatures is false. For servers`
		`- that request a client certificate, the same also applies for`
		`- CertificateRequest messages sent by them.`
		`-`
		`- For signatures created using the EVP_PKEY API, this is a best-effort`
		`- check that will deny signatures in cases where the digest algorithm is`
		`- known. This means, for example, that that following steps will still`
		`- work:`
		`-`
		`- $> openssl dgst -sha1 -binary -out sha1 infile`
		`- $> openssl pkeyutl -inkey key.pem -sign -in sha1 -out sha1sig`
		`- $> openssl pkeyutl -inkey key.pem -verify -sigfile sha1sig -in sha1`
		`-`
		`- whereas these will not:`
		`-`
		`- $> openssl dgst -sha1 -binary -out sha1 infile`
		`- $> openssl pkeyutl -inkey kem.pem -sign -in sha1 -out sha1sig -pkeyopt digest:sha1`
		`- $> openssl pkeyutl -inkey kem.pem -verify -sigfile sha1sig -in sha1 -pkeyopt digest:sha1`
		`-`
		`- This happens because in the first case, OpenSSL's signature`
		`- implementation does not know that it is signing a SHA1 hash (it could be`
		`- signing arbitrary data).`
		`-`
		`- Resolves: rhbz#2031742`
		`-`
		`- Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>`
		`- ---`
		`- crypto/evp/evp_cnf.c \| 13 ++++`
		`- crypto/evp/m_sigver.c \| 77 +++++++++++++++++++`
		`- crypto/evp/pmeth_lib.c \| 15 ++++`
		`- doc/man5/config.pod \| 11 +++`
		`- include/internal/cryptlib.h \| 3 +-`
		`- include/internal/sslconf.h \| 4 +`
		`- providers/common/securitycheck.c \| 20 +++++`
		`- providers/common/securitycheck_default.c \| 9 ++-`
		`- providers/implementations/signature/dsa_sig.c \| 11 ++-`
		`- .../implementations/signature/ecdsa_sig.c \| 4 +`
		`- providers/implementations/signature/rsa_sig.c \| 20 ++++-`
		`- ssl/t1_lib.c \| 8 ++`
		`- util/libcrypto.num \| 2 +`
		`- 13 files changed, 188 insertions(+), 9 deletions(-)`
		`-`
		`- diff --git a/crypto/evp/evp_cnf.c b/crypto/evp/evp_cnf.c`
		`- index 0e7fe64cf92e4b73b3bf873895e73fa9646df86d..b9d3b6d226ca07a65d972bb8505b7976a0d02572 100644`
		`- --- a/crypto/evp/evp_cnf.c`
		`- +++ b/crypto/evp/evp_cnf.c`
		`- @@ -10,6 +10,7 @@`
		`- #include <stdio.h>`
		`- #include <openssl/crypto.h>`
		`- #include "internal/cryptlib.h"`
		`- +#include "internal/sslconf.h"`
		`- #include <openssl/conf.h>`
		`- #include <openssl/x509.h>`
		`- #include <openssl/x509v3.h>`
		`- @@ -57,6 +58,18 @@ static int alg_module_init(CONF_IMODULE md, const CONF cnf)`
		`- ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);`
		`- return 0;`
		`- }`
		`- + } else if (strcmp(oval->name, "rh-allow-sha1-signatures") == 0) {`
		`- + int m;`
		`- +`
		`- + /* Detailed error already reported. */`
		`- + if (!X509V3_get_value_bool(oval, &m))`
		`- + return 0;`
		`- +`
		`- + if (!ossl_ctx_legacy_digest_signatures_allowed_set(`
		`- + NCONF_get0_libctx((CONF *)cnf), m > 0, 0)) {`
		`- + ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);`
		`- + return 0;`
		`- + }`
		`- } else {`
		`- ERR_raise_data(ERR_LIB_EVP, EVP_R_UNKNOWN_OPTION,`
		`- "name=%s, value=%s", oval->name, oval->value);`
		`- diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c`
		`- index 76a6814b424bec3479bdf61374f0178b9cd96ded..4b2f1fcfb886661d98460c240d542df2ccd5df13 100644`
		`- --- a/crypto/evp/m_sigver.c`
		`- +++ b/crypto/evp/m_sigver.c`
		`- @@ -16,6 +16,71 @@`
		`- #include "internal/numbers.h" /* includes SIZE_MAX */`
		`- #include "evp_local.h"`
		`-`
		`- +typedef struct ossl_legacy_digest_signatures_st {`
		`- + int allowed;`
		`- +} OSSL_LEGACY_DIGEST_SIGNATURES;`
		`- +`
		`- +static void ossl_ctx_legacy_digest_signatures_free(void *vldsigs)`
		`- +{`
		`- + OSSL_LEGACY_DIGEST_SIGNATURES *ldsigs = vldsigs;`
		`- +`
		`- + if (ldsigs != NULL) {`
		`- + OPENSSL_free(ldsigs);`
		`- + }`
		`- +}`
		`- +`
		`- +static void ossl_ctx_legacy_digest_signatures_new(OSSL_LIB_CTX ctx)`
		`- +{`
		`- + return OPENSSL_zalloc(sizeof(OSSL_LEGACY_DIGEST_SIGNATURES));`
		`- +}`
		`- +`
		`- +static const OSSL_LIB_CTX_METHOD ossl_ctx_legacy_digest_signatures_method = {`
		`- + OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY,`
		`- + ossl_ctx_legacy_digest_signatures_new,`
		`- + ossl_ctx_legacy_digest_signatures_free,`
		`- +};`
		`- +`
		`- +static OSSL_LEGACY_DIGEST_SIGNATURES *ossl_ctx_legacy_digest_signatures(`
		`- + OSSL_LIB_CTX *libctx, int loadconfig)`
		`- +{`
		`- +#ifndef FIPS_MODULE`
		`- + if (loadconfig && !OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL))`
		`- + return 0;`
		`- +#endif`
		`- +`
		`- + return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES,`
		`- + &ossl_ctx_legacy_digest_signatures_method);`
		`- +}`
		`- +`
		`- +int ossl_ctx_legacy_digest_signatures_allowed(OSSL_LIB_CTX *libctx, int loadconfig)`
		`- +{`
		`- + OSSL_LEGACY_DIGEST_SIGNATURES *ldsigs`
		`- + = ossl_ctx_legacy_digest_signatures(libctx, loadconfig);`
		`- +`
		`- +#ifndef FIPS_MODULE`
		`- + if (ossl_safe_getenv("OPENSSL_ENABLE_SHA1_SIGNATURES") != NULL)`
		`- + /* used in tests */`
		`- + return 1;`
		`- +#endif`
		`- +`
		`- + return ldsigs != NULL ? ldsigs->allowed : 0;`
		`- +}`
		`- +`
		`- +int ossl_ctx_legacy_digest_signatures_allowed_set(OSSL_LIB_CTX *libctx, int allow,`
		`- + int loadconfig)`
		`- +{`
		`- + OSSL_LEGACY_DIGEST_SIGNATURES *ldsigs`
		`- + = ossl_ctx_legacy_digest_signatures(libctx, loadconfig);`
		`- +`
		`- + if (ldsigs == NULL) {`
		`- + ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);`
		`- + return 0;`
		`- + }`
		`- +`
		`- + ldsigs->allowed = allow;`
		`- + return 1;`
		`- +}`
		`- +`
		`- #ifndef FIPS_MODULE`
		`-`
		`- static int update(EVP_MD_CTX ctx, const void data, size_t datalen)`
		`- @@ -258,6 +323,18 @@ static int do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`- }`
		`- }`
		`-`
		`- + if (ctx->reqdigest != NULL`
		`- + && !EVP_PKEY_is_a(locpctx->pkey, SN_hmac)`
		`- + && !EVP_PKEY_is_a(locpctx->pkey, SN_tls1_prf)`
		`- + && !EVP_PKEY_is_a(locpctx->pkey, SN_hkdf)) {`
		`- + int mdnid = EVP_MD_nid(ctx->reqdigest);`
		`- + if (!ossl_ctx_legacy_digest_signatures_allowed(locpctx->libctx, 0)`
		`- + && (mdnid == NID_sha1 \|\| mdnid == NID_md5_sha1)) {`
		`- + ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);`
		`- + goto err;`
		`- + }`
		`- + }`
		`- +`
		`- if (ver) {`
		`- if (signature->digest_verify_init == NULL) {`
		`- ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);`
		`- diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c`
		`- index da367ed05fbe42abb328c6e23cafe99e76d26819..ee6edf1e85e71cdbe58bf7e9f443425dce100e43 100644`
		`- --- a/crypto/evp/pmeth_lib.c`
		`- +++ b/crypto/evp/pmeth_lib.c`
		`- @@ -33,6 +33,7 @@`
		`- #include "internal/ffc.h"`
		`- #include "internal/numbers.h"`
		`- #include "internal/provider.h"`
		`- +#include "internal/sslconf.h"`
		`- #include "evp_local.h"`
		`-`
		`- #ifndef FIPS_MODULE`
		`- @@ -946,6 +947,20 @@ static int evp_pkey_ctx_set_md(EVP_PKEY_CTX ctx, const EVP_MD md,`
		`- return -2;`
		`- }`
		`-`
		`- + if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)`
		`- + && md != NULL`
		`- + && ctx->pkey != NULL`
		`- + && !EVP_PKEY_is_a(ctx->pkey, SN_hmac)`
		`- + && !EVP_PKEY_is_a(ctx->pkey, SN_tls1_prf)`
		`- + && !EVP_PKEY_is_a(ctx->pkey, SN_hkdf)) {`
		`- + int mdnid = EVP_MD_nid(md);`
		`- + if ((mdnid == NID_sha1 \|\| mdnid == NID_md5_sha1)`
		`- + && !ossl_ctx_legacy_digest_signatures_allowed(ctx->libctx, 0)) {`
		`- + ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);`
		`- + return -1;`
		`- + }`
		`- + }`
		`- +`
		`- if (fallback)`
		`- return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, 0, (void *)(md));`
		`-`
		`- diff --git a/doc/man5/config.pod b/doc/man5/config.pod`
		`- index a84113287c3d0edf6c67726aee7d8abb87401445..f1536258470563b4fe74f8d1e3db6d73ed316341 100644`
		`- --- a/doc/man5/config.pod`
		`- +++ b/doc/man5/config.pod`
		`- @@ -304,6 +304,17 @@ Within the algorithm properties section, the following names have meaning:`
		`- The value may be anything that is acceptable as a property query`
		`- string for EVP_set_default_properties().`
		`-`
		`- +=item B<rh-allow-sha1-signatures>`
		`- +`
		`- +The value is a boolean that can be B<yes> or B<no>. If the value is not set,`
		`- +it behaves as if it was set to B<no>.`
		`- +`
		`- +When set to B<no>, any attempt to create or verify a signature with a SHA1`
		`- +digest will fail. For compatibility with older versions of OpenSSL, set this`
		`- +option to B<yes>. This setting also affects TLS, where signature algorithms`
		`- +that use SHA1 as digest will no longer be supported if this option is set to`
		`- +B<no>.`
		`- +`
		`- =item B<fips_mode> (deprecated)`
		`-`
		`- The value is a boolean that can be B<yes> or B<no>. If the value is`
		`- diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h`
		`- index 934d4b089c209a16b01a364da0f528afd4d12475..45346d7d0b0c91eae4a9d4466ed314c0873cf6f6 100644`
		`- --- a/include/internal/cryptlib.h`
		`- +++ b/include/internal/cryptlib.h`
		`- @@ -168,7 +168,8 @@ typedef struct ossl_ex_data_global_st {`
		`- # define OSSL_LIB_CTX_PROVIDER_CONF_INDEX 16`
		`- # define OSSL_LIB_CTX_BIO_CORE_INDEX 17`
		`- # define OSSL_LIB_CTX_CHILD_PROVIDER_INDEX 18`
		`- -# define OSSL_LIB_CTX_MAX_INDEXES 19`
		`- +# define OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES 19`
		`- +# define OSSL_LIB_CTX_MAX_INDEXES 20`
		`-`
		`- # define OSSL_LIB_CTX_METHOD_LOW_PRIORITY -1`
		`- # define OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY 0`
		`- diff --git a/include/internal/sslconf.h b/include/internal/sslconf.h`
		`- index fd7f7e333183dde57a283dab7372f9afb38c0eb4..05464b0655b20da2035f6781f44ac577e895fc8a 100644`
		`- --- a/include/internal/sslconf.h`
		`- +++ b/include/internal/sslconf.h`
		`- @@ -18,4 +18,8 @@ int conf_ssl_name_find(const char name, size_t idx);`
		`- void conf_ssl_get_cmd(const SSL_CONF_CMD cmd, size_t idx, char *cmdstr,`
		`- char **arg);`
		`-`
		`- +/* Methods to support disabling all signatures with legacy digests */`
		`- +int ossl_ctx_legacy_digest_signatures_allowed(OSSL_LIB_CTX *libctx, int loadconfig);`
		`- +int ossl_ctx_legacy_digest_signatures_allowed_set(OSSL_LIB_CTX *libctx, int allow,`
		`- + int loadconfig);`
		`- #endif`
		`- diff --git a/providers/common/securitycheck.c b/providers/common/securitycheck.c`
		`- index 446ad6b4c11cf8dcad9dcb86df38816eff4bf772..9e47f5655957e661fa4f66f5e67a78c6c7d2fe5b 100644`
		`- --- a/providers/common/securitycheck.c`
		`- +++ b/providers/common/securitycheck.c`
		`- @@ -19,6 +19,7 @@`
		`- #include <openssl/core_names.h>`
		`- #include <openssl/obj_mac.h>`
		`- #include "prov/securitycheck.h"`
		`- +#include "internal/sslconf.h"`
		`-`
		`- /*`
		`- * FIPS requires a minimum security strength of 112 bits (for encryption or`
		`- @@ -235,6 +236,15 @@ int ossl_digest_get_approved_nid_with_sha1(OSSL_LIB_CTX ctx, const EVP_MD md,`
		`- mdnid = -1; /* disallowed by security checks */`
		`- }`
		`- # endif /* OPENSSL_NO_FIPS_SECURITYCHECKS */`
		`- +`
		`- +#ifndef FIPS_MODULE`
		`- + if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))`
		`- + /* SHA1 is globally disabled, check whether we want to locally allow`
		`- + * it. */`
		`- + if (mdnid == NID_sha1 && !sha1_allowed)`
		`- + mdnid = -1;`
		`- +#endif`
		`- +`
		`- return mdnid;`
		`- }`
		`-`
		`- @@ -244,5 +254,15 @@ int ossl_digest_is_allowed(OSSL_LIB_CTX ctx, const EVP_MD md)`
		`- if (ossl_securitycheck_enabled(ctx))`
		`- return ossl_digest_get_approved_nid(md) != NID_undef;`
		`- # endif /* OPENSSL_NO_FIPS_SECURITYCHECKS */`
		`- +`
		`- +#ifndef FIPS_MODULE`
		`- + {`
		`- + int mdnid = EVP_MD_nid(md);`
		`- + if ((mdnid == NID_sha1 \|\| mdnid == NID_md5_sha1)`
		`- + && !ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))`
		`- + return 0;`
		`- + }`
		`- +#endif`
		`- +`
		`- return 1;`
		`- }`
		`- diff --git a/providers/common/securitycheck_default.c b/providers/common/securitycheck_default.c`
		`- index de7f0d3a0a5718bd06a55d3d92236c27ffb7d0d5..ce54a94fbc9b3f48052c0bd5acf5b0aa349c4e91 100644`
		`- --- a/providers/common/securitycheck_default.c`
		`- +++ b/providers/common/securitycheck_default.c`
		`- @@ -15,6 +15,7 @@`
		`- #include <openssl/obj_mac.h>`
		`- #include "prov/securitycheck.h"`
		`- #include "internal/nelem.h"`
		`- +#include "internal/sslconf.h"`
		`-`
		`- /* Disable the security checks in the default provider */`
		`- int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx)`
		`- @@ -23,9 +24,10 @@ int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx)`
		`- }`
		`-`
		`- int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX ctx, const EVP_MD md,`
		`- - ossl_unused int sha1_allowed)`
		`- + int sha1_allowed)`
		`- {`
		`- int mdnid;`
		`- + int ldsigs_allowed;`
		`-`
		`- static const OSSL_ITEM name_to_nid[] = {`
		`- { NID_md5, OSSL_DIGEST_NAME_MD5 },`
		`- @@ -36,8 +38,11 @@ int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX ctx, const EVP_MD md,`
		`- { NID_ripemd160, OSSL_DIGEST_NAME_RIPEMD160 },`
		`- };`
		`-`
		`- - mdnid = ossl_digest_get_approved_nid_with_sha1(ctx, md, 1);`
		`- + ldsigs_allowed = ossl_ctx_legacy_digest_signatures_allowed(ctx, 0);`
		`- + mdnid = ossl_digest_get_approved_nid_with_sha1(ctx, md, sha1_allowed \|\| ldsigs_allowed);`
		`- if (mdnid == NID_undef)`
		`- mdnid = ossl_digest_md_to_nid(md, name_to_nid, OSSL_NELEM(name_to_nid));`
		`- + if (mdnid == NID_md5_sha1 && !ldsigs_allowed)`
		`- + mdnid = -1;`
		`- return mdnid;`
		`- }`
		`- diff --git a/providers/implementations/signature/dsa_sig.c b/providers/implementations/signature/dsa_sig.c`
		`- index 28fd7c498e9922b6fabd1fafa452afe7ca3734ec..fa3822f39fd14a16c761b316e276c68868f35c7d 100644`
		`- --- a/providers/implementations/signature/dsa_sig.c`
		`- +++ b/providers/implementations/signature/dsa_sig.c`
		`- @@ -124,12 +124,17 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx,`
		`- mdprops = ctx->propq;`
		`-`
		`- if (mdname != NULL) {`
		`- - int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);`
		`- WPACKET pkt;`
		`- EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);`
		`- - int md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md,`
		`- - sha1_allowed);`
		`- + int md_nid;`
		`- size_t mdname_len = strlen(mdname);`
		`- +#ifdef FIPS_MODULE`
		`- + int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);`
		`- +#else`
		`- + int sha1_allowed = 0;`
		`- +#endif`
		`- + md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md,`
		`- + sha1_allowed);`
		`-`
		`- if (md == NULL \|\| md_nid < 0) {`
		`- if (md == NULL)`
		`- diff --git a/providers/implementations/signature/ecdsa_sig.c b/providers/implementations/signature/ecdsa_sig.c`
		`- index 865d49d1004f0031c82c24c218828a7d9c7269c6..99b228e82c408171bb2458244d2cf763e32a19fb 100644`
		`- --- a/providers/implementations/signature/ecdsa_sig.c`
		`- +++ b/providers/implementations/signature/ecdsa_sig.c`
		`- @@ -237,7 +237,11 @@ static int ecdsa_setup_md(PROV_ECDSA_CTX ctx, const char mdname,`
		`- "%s could not be fetched", mdname);`
		`- return 0;`
		`- }`
		`- +#ifdef FIPS_MODULE`
		`- sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);`
		`- +#else`
		`- + sha1_allowed = 0;`
		`- +#endif`
		`- md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md,`
		`- sha1_allowed);`
		`- if (md_nid < 0) {`
		`- diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c`
		`- index 7023a866131e38c214ac7326fdd83274dab81833..f66d7705c35add553694c5808b51d5696f678ee7 100644`
		`- --- a/providers/implementations/signature/rsa_sig.c`
		`- +++ b/providers/implementations/signature/rsa_sig.c`
		`- @@ -25,6 +25,7 @@`
		`- #include "internal/cryptlib.h"`
		`- #include "internal/nelem.h"`
		`- #include "internal/sizes.h"`
		`- +#include "internal/sslconf.h"`
		`- #include "crypto/rsa.h"`
		`- #include "prov/providercommon.h"`
		`- #include "prov/implementations.h"`
		`- @@ -33,6 +34,7 @@`
		`- #include "prov/securitycheck.h"`
		`-`
		`- #define RSA_DEFAULT_DIGEST_NAME OSSL_DIGEST_NAME_SHA1`
		`- +#define RSA_DEFAULT_DIGEST_NAME_NONLEGACY OSSL_DIGEST_NAME_SHA2_256`
		`-`
		`- static OSSL_FUNC_signature_newctx_fn rsa_newctx;`
		`- static OSSL_FUNC_signature_sign_init_fn rsa_sign_init;`
		`- @@ -288,10 +290,15 @@ static int rsa_setup_md(PROV_RSA_CTX ctx, const char mdname,`
		`-`
		`- if (mdname != NULL) {`
		`- EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);`
		`- + int md_nid;`
		`- + size_t mdname_len = strlen(mdname);`
		`- +#ifdef FIPS_MODULE`
		`- int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);`
		`- - int md_nid = ossl_digest_rsa_sign_get_md_nid(ctx->libctx, md,`
		`- +#else`
		`- + int sha1_allowed = 0;`
		`- +#endif`
		`- + md_nid = ossl_digest_rsa_sign_get_md_nid(ctx->libctx, md,`
		`- sha1_allowed);`
		`- - size_t mdname_len = strlen(mdname);`
		`-`
		`- if (md == NULL`
		`- \|\| md_nid <= 0`
		`- @@ -1347,8 +1354,15 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])`
		`- prsactx->pad_mode = pad_mode;`
		`-`
		`- if (prsactx->md == NULL && pmdname == NULL`
		`- - && pad_mode == RSA_PKCS1_PSS_PADDING)`
		`- + && pad_mode == RSA_PKCS1_PSS_PADDING) {`
		`- pmdname = RSA_DEFAULT_DIGEST_NAME;`
		`- +#ifndef FIPS_MODULE`
		`- + if (!ossl_ctx_legacy_digest_signatures_allowed(prsactx->libctx, 0)) {`
		`- + pmdname = RSA_DEFAULT_DIGEST_NAME_NONLEGACY;`
		`- + }`
		`- +#endif`
		`- + }`
		`- +`
		`-`
		`- if (pmgf1mdname != NULL`
		`- && !rsa_setup_mgf1_md(prsactx, pmgf1mdname, pmgf1mdprops))`
		`- diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c`
		`- index 51c2283db915d792fa3020a2d7cbdc0d91fc9dca..89c1dd31c72271b1923ab972e3d3359b6c8e1a03 100644`
		`- --- a/ssl/t1_lib.c`
		`- +++ b/ssl/t1_lib.c`
		`- @@ -20,6 +20,7 @@`
		`- #include <openssl/bn.h>`
		`- #include <openssl/provider.h>`
		`- #include <openssl/param_build.h>`
		`- +#include "internal/sslconf.h"`
		`- #include "internal/nelem.h"`
		`- #include "internal/sizes.h"`
		`- #include "internal/tlsgroups.h"`
		`- @@ -1150,11 +1151,13 @@ int ssl_setup_sig_algs(SSL_CTX *ctx)`
		`- = OPENSSL_malloc(sizeof(lu) OSSL_NELEM(sigalg_lookup_tbl));`
		`- EVP_PKEY *tmpkey = EVP_PKEY_new();`
		`- int ret = 0;`
		`- + int ldsigs_allowed;`
		`-`
		`- if (cache == NULL \|\| tmpkey == NULL)`
		`- goto err;`
		`-`
		`- ERR_set_mark();`
		`- + ldsigs_allowed = ossl_ctx_legacy_digest_signatures_allowed(ctx->libctx, 0);`
		`- for (i = 0, lu = sigalg_lookup_tbl;`
		`- i < OSSL_NELEM(sigalg_lookup_tbl); lu++, i++) {`
		`- EVP_PKEY_CTX *pctx;`
		`- @@ -1174,6 +1177,11 @@ int ssl_setup_sig_algs(SSL_CTX *ctx)`
		`- cache[i].enabled = 0;`
		`- continue;`
		`- }`
		`- + if ((lu->hash == NID_sha1 \|\| lu->hash == NID_md5_sha1)`
		`- + && !ldsigs_allowed) {`
		`- + cache[i].enabled = 0;`
		`- + continue;`
		`- + }`
		`-`
		`- if (!EVP_PKEY_set_type(tmpkey, lu->sig)) {`
		`- cache[i].enabled = 0;`
		`- diff --git a/util/libcrypto.num b/util/libcrypto.num`
		`- index 4e729be97d7b31b4caf0c3bab06dbce908dc2628..2ad515028ac6522e43cdb48794ba2cc96de56049 100644`
		`- --- a/util/libcrypto.num`
		`- +++ b/util/libcrypto.num`
		`- @@ -5429,3 +5429,5 @@ OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:`
		`- OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:`
		`- OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP`
		`- ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:`
		`- +ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:`
		`- +ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:`
		`- --`
		`- 2.39.1`
		`-`

0051-Support-different-R_BITS-lengths-for-KBKDF.patch

file removed

-2151

		`@@ -1,2151 +0,0 @@`
		`- From 0e9a265e42890699dfce82f1ff6905de6aafbd41 Mon Sep 17 00:00:00 2001`
		`- From: Patrick Uiterwijk <puiterwijk@redhat.com>`
		`- Date: Thu, 18 Nov 2021 10:47:14 +0100`
		`- Subject: [PATCH] Support different R_BITS lengths for KBKDF`
		`-`
		`- Reviewed-by: Tomas Mraz <tomas@openssl.org>`
		`- Reviewed-by: Paul Dale <pauli@openssl.org>`
		`- (Merged from https://github.com/openssl/openssl/pull/17063)`
		`- ---`
		`- doc/man7/EVP_KDF-KB.pod \| 7 +`
		`- include/openssl/core_names.h \| 1 +`
		`- providers/implementations/kdfs/kbkdf.c \| 30 +-`
		`- test/evp_kdf_test.c \| 47 +-`
		`- test/evp_test.c \| 6 +`
		`- test/recipes/30-test_evp.t \| 1 +`
		`- .../30-test_evp_data/evpkdf_kbkdf_counter.txt \| 1843 +++++++++++++++++`
		`- 7 files changed, 1924 insertions(+), 11 deletions(-)`
		`- create mode 100644 test/recipes/30-test_evp_data/evpkdf_kbkdf_counter.txt`
		`-`
		`- diff --git a/doc/man7/EVP_KDF-KB.pod b/doc/man7/EVP_KDF-KB.pod`
		`- index d4fad66f7654..a67268afa7d5 100644`
		`- --- a/doc/man7/EVP_KDF-KB.pod`
		`- +++ b/doc/man7/EVP_KDF-KB.pod`
		`- @@ -58,6 +58,13 @@ Set to B<0> to disable use of the optional Fixed Input data 'zero separator'`
		`- (see SP800-108) that is placed between the Label and Context.`
		`- The default value of B<1> will be used if unspecified.`
		`-`
		`- +=item "r" (B<OSSL_KDF_PARAM_KBKDF_R>) <integer>`
		`- +`
		`- +Set the fixed value 'r', indicating the length of the counter in bits.`
		`- +`
		`- +Supported values are B<8>, B<16>, B<24>, and B<32>.`
		`- +The default value of B<32> will be used if unspecified.`
		`- +`
		`- =back`
		`-`
		`- Depending on whether mac is CMAC or HMAC, either digest or cipher is required`
		`- diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h`
		`- index b549dae9167c..78418dc6e0a2 100644`
		`- --- a/include/openssl/core_names.h`
		`- +++ b/include/openssl/core_names.h`
		`- @@ -217,6 +217,7 @@ extern "C" {`
		`- #define OSSL_KDF_PARAM_PKCS12_ID "id" /* int */`
		`- #define OSSL_KDF_PARAM_KBKDF_USE_L "use-l" /* int */`
		`- #define OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR "use-separator" /* int */`
		`- +#define OSSL_KDF_PARAM_KBKDF_R "r" /* int */`
		`- #define OSSL_KDF_PARAM_X942_ACVPINFO "acvp-info"`
		`- #define OSSL_KDF_PARAM_X942_PARTYUINFO "partyu-info"`
		`- #define OSSL_KDF_PARAM_X942_PARTYVINFO "partyv-info"`
		`- diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c`
		`- index 01f7f0d4fd2e..a81cc6e0c0d6 100644`
		`- --- a/providers/implementations/kdfs/kbkdf.c`
		`- +++ b/providers/implementations/kdfs/kbkdf.c`
		`- @@ -60,6 +60,7 @@ typedef struct {`
		`- EVP_MAC_CTX *ctx_init;`
		`-`
		`- /* Names are lowercased versions of those found in SP800-108. */`
		`- + int r;`
		`- unsigned char *ki;`
		`- size_t ki_len;`
		`- unsigned char *label;`
		`- @@ -100,6 +101,7 @@ static uint32_t be32(uint32_t host)`
		`-`
		`- static void init(KBKDF *ctx)`
		`- {`
		`- + ctx->r = 32;`
		`- ctx->use_l = 1;`
		`- ctx->use_separator = 1;`
		`- }`
		`- @@ -152,7 +154,7 @@ static int derive(EVP_MAC_CTX ctx_init, kbkdf_mode mode, unsigned char iv,`
		`- size_t iv_len, unsigned char *label, size_t label_len,`
		`- unsigned char *context, size_t context_len,`
		`- unsigned char *k_i, size_t h, uint32_t l, int has_separator,`
		`- - unsigned char *ko, size_t ko_len)`
		`- + unsigned char *ko, size_t ko_len, int r)`
		`- {`
		`- int ret = 0;`
		`- EVP_MAC_CTX *ctx = NULL;`
		`- @@ -186,7 +188,7 @@ static int derive(EVP_MAC_CTX ctx_init, kbkdf_mode mode, unsigned char iv,`
		`- if (mode == FEEDBACK && !EVP_MAC_update(ctx, k_i, k_i_len))`
		`- goto done;`
		`-`
		`- - if (!EVP_MAC_update(ctx, (unsigned char *)&i, 4)`
		`- + if (!EVP_MAC_update(ctx, 4 - (r / 8) + (unsigned char *)&i, r / 8)`
		`- \|\| !EVP_MAC_update(ctx, label, label_len)`
		`- \|\| (has_separator && !EVP_MAC_update(ctx, &zero, 1))`
		`- \|\| !EVP_MAC_update(ctx, context, context_len)`
		`- @@ -217,6 +219,7 @@ static int kbkdf_derive(void vctx, unsigned char key, size_t keylen,`
		`- unsigned char *k_i = NULL;`
		`- uint32_t l = 0;`
		`- size_t h = 0;`
		`- + uint64_t counter_max;`
		`-`
		`- if (!ossl_prov_is_running() \|\| !kbkdf_set_ctx_params(ctx, params))`
		`- return 0;`
		`- @@ -248,6 +251,15 @@ static int kbkdf_derive(void vctx, unsigned char key, size_t keylen,`
		`- goto done;`
		`- }`
		`-`
		`- + if (ctx->mode == COUNTER) {`
		`- + /* Fail if keylen is too large for r */`
		`- + counter_max = (uint64_t)1 << (uint64_t)ctx->r;`
		`- + if ((uint64_t)(keylen / h) >= counter_max) {`
		`- + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);`
		`- + goto done;`
		`- + }`
		`- + }`
		`- +`
		`- if (ctx->use_l != 0)`
		`- l = be32(keylen * 8);`
		`-`
		`- @@ -257,7 +269,7 @@ static int kbkdf_derive(void vctx, unsigned char key, size_t keylen,`
		`-`
		`- ret = derive(ctx->ctx_init, ctx->mode, ctx->iv, ctx->iv_len, ctx->label,`
		`- ctx->label_len, ctx->context, ctx->context_len, k_i, h, l,`
		`- - ctx->use_separator, key, keylen);`
		`- + ctx->use_separator, key, keylen, ctx->r);`
		`- done:`
		`- if (ret != 1)`
		`- OPENSSL_cleanse(key, keylen);`
		`- @@ -328,6 +340,17 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])`
		`- if (p != NULL && !OSSL_PARAM_get_int(p, &ctx->use_l))`
		`- return 0;`
		`-`
		`- + p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KBKDF_R);`
		`- + if (p != NULL) {`
		`- + int new_r = 0;`
		`- +`
		`- + if (!OSSL_PARAM_get_int(p, &new_r))`
		`- + return 0;`
		`- + if (new_r != 8 && new_r != 16 && new_r != 24 && new_r != 32)`
		`- + return 0;`
		`- + ctx->r = new_r;`
		`- + }`
		`- +`
		`- p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR);`
		`- if (p != NULL && !OSSL_PARAM_get_int(p, &ctx->use_separator))`
		`- return 0;`
		`- @@ -354,6 +377,7 @@ static const OSSL_PARAM kbkdf_settable_ctx_params(ossl_unused void ctx,`
		`- OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),`
		`- OSSL_PARAM_int(OSSL_KDF_PARAM_KBKDF_USE_L, NULL),`
		`- OSSL_PARAM_int(OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR, NULL),`
		`- + OSSL_PARAM_int(OSSL_KDF_PARAM_KBKDF_R, NULL),`
		`- OSSL_PARAM_END,`
		`- };`
		`- return known_settable_ctx_params;`
		`- diff --git a/test/evp_kdf_test.c b/test/evp_kdf_test.c`
		`- index 7fde5ea4111c..173d8cb8b87b 100644`
		`- --- a/test/evp_kdf_test.c`
		`- +++ b/test/evp_kdf_test.c`
		`- @@ -1068,9 +1068,9 @@ static int test_kdf_kbkdf_6803_256(void)`
		`- #endif`
		`-`
		`- static OSSL_PARAM construct_kbkdf_params(char digest, char mac, unsigned char key,`
		`- - size_t keylen, char salt, char info)`
		`- + size_t keylen, char salt, char info, int *r)`
		`- {`
		`- - OSSL_PARAM params = OPENSSL_malloc(sizeof(OSSL_PARAM) 7);`
		`- + OSSL_PARAM params = OPENSSL_malloc(sizeof(OSSL_PARAM) 8);`
		`- OSSL_PARAM *p = params;`
		`-`
		`- if (params == NULL)`
		`- @@ -1088,6 +1088,8 @@ static OSSL_PARAM construct_kbkdf_params(char digest, char *mac, unsigned char`
		`- OSSL_KDF_PARAM_SALT, salt, strlen(salt));`
		`- *p++ = OSSL_PARAM_construct_octet_string(`
		`- OSSL_KDF_PARAM_INFO, info, strlen(info));`
		`- + *p++ = OSSL_PARAM_construct_int(`
		`- + OSSL_KDF_PARAM_KBKDF_R, r);`
		`- *p = OSSL_PARAM_construct_end();`
		`-`
		`- return params;`
		`- @@ -1100,8 +1102,9 @@ static int test_kdf_kbkdf_invalid_digest(void)`
		`- OSSL_PARAM *params;`
		`-`
		`- static unsigned char key[] = {0x01};`
		`- + int r = 32;`
		`-`
		`- - params = construct_kbkdf_params("blah", "HMAC", key, 1, "prf", "test");`
		`- + params = construct_kbkdf_params("blah", "HMAC", key, 1, "prf", "test", &r);`
		`- if (!TEST_ptr(params))`
		`- return 0;`
		`-`
		`- @@ -1122,8 +1125,9 @@ static int test_kdf_kbkdf_invalid_mac(void)`
		`- OSSL_PARAM *params;`
		`-`
		`- static unsigned char key[] = {0x01};`
		`- + int r = 32;`
		`-`
		`- - params = construct_kbkdf_params("sha256", "blah", key, 1, "prf", "test");`
		`- + params = construct_kbkdf_params("sha256", "blah", key, 1, "prf", "test", &r);`
		`- if (!TEST_ptr(params))`
		`- return 0;`
		`-`
		`- @@ -1137,6 +1141,30 @@ static int test_kdf_kbkdf_invalid_mac(void)`
		`- return ret;`
		`- }`
		`-`
		`- +static int test_kdf_kbkdf_invalid_r(void)`
		`- +{`
		`- + int ret;`
		`- + EVP_KDF_CTX *kctx;`
		`- + OSSL_PARAM *params;`
		`- +`
		`- + static unsigned char key[] = {0x01};`
		`- + int r = 31;`
		`- +`
		`- + params = construct_kbkdf_params("sha256", "HMAC", key, 1, "prf", "test", &r);`
		`- + if (!TEST_ptr(params))`
		`- + return 0;`
		`- +`
		`- + /* Negative test case - derive should fail */`
		`- + kctx = get_kdfbyname("KBKDF");`
		`- + ret = TEST_ptr(kctx)`
		`- + && TEST_false(EVP_KDF_CTX_set_params(kctx, params));`
		`- +`
		`- + EVP_KDF_CTX_free(kctx);`
		`- + OPENSSL_free(params);`
		`- + return ret;`
		`- +}`
		`- +`
		`- +`
		`- static int test_kdf_kbkdf_empty_key(void)`
		`- {`
		`- int ret;`
		`- @@ -1145,8 +1173,9 @@ static int test_kdf_kbkdf_empty_key(void)`
		`-`
		`- static unsigned char key[] = {0x01};`
		`- unsigned char result[32] = { 0 };`
		`- + int r = 32;`
		`-`
		`- - params = construct_kbkdf_params("sha256", "HMAC", key, 0, "prf", "test");`
		`- + params = construct_kbkdf_params("sha256", "HMAC", key, 0, "prf", "test", &r);`
		`- if (!TEST_ptr(params))`
		`- return 0;`
		`-`
		`- @@ -1169,8 +1198,9 @@ static int test_kdf_kbkdf_1byte_key(void)`
		`-`
		`- static unsigned char key[] = {0x01};`
		`- unsigned char result[32] = { 0 };`
		`- + int r = 32;`
		`-`
		`- - params = construct_kbkdf_params("sha256", "HMAC", key, 1, "prf", "test");`
		`- + params = construct_kbkdf_params("sha256", "HMAC", key, 1, "prf", "test", &r);`
		`- if (!TEST_ptr(params))`
		`- return 0;`
		`-`
		`- @@ -1191,8 +1221,9 @@ static int test_kdf_kbkdf_zero_output_size(void)`
		`-`
		`- static unsigned char key[] = {0x01};`
		`- unsigned char result[32] = { 0 };`
		`- + int r = 32;`
		`-`
		`- - params = construct_kbkdf_params("sha256", "HMAC", key, 1, "prf", "test");`
		`- + params = construct_kbkdf_params("sha256", "HMAC", key, 1, "prf", "test", &r);`
		`- if (!TEST_ptr(params))`
		`- return 0;`
		`-`
		`- @@ -1298,7 +1329,6 @@ static int test_kdf_kbkdf_8009_prf2(void)`
		`- * Test vector taken from`
		`- * https://csrc.nist.gov/CSRC/media/Projects/`
		`- * Cryptographic-Algorithm-Validation-Program/documents/KBKDF800-108/CounterMode.zip`
		`- - * Note: Only 32 bit counter is supported ([RLEN=32_BITS])`
		`- */`
		`- static int test_kdf_kbkdf_fixedinfo(void)`
		`- {`
		`- @@ -1628,6 +1658,7 @@ int setup_tests(void)`
		`- #endif`
		`- ADD_TEST(test_kdf_kbkdf_invalid_digest);`
		`- ADD_TEST(test_kdf_kbkdf_invalid_mac);`
		`- + ADD_TEST(test_kdf_kbkdf_invalid_r);`
		`- ADD_TEST(test_kdf_kbkdf_zero_output_size);`
		`- ADD_TEST(test_kdf_kbkdf_empty_key);`
		`- ADD_TEST(test_kdf_kbkdf_1byte_key);`
		`- diff --git a/test/evp_test.c b/test/evp_test.c`
		`- index 70996195f0cb..6ae862b04403 100644`
		`- --- a/test/evp_test.c`
		`- +++ b/test/evp_test.c`
		`- @@ -2639,6 +2639,12 @@ static int kdf_test_ctrl(EVP_TEST t, EVP_KDF_CTX kctx,`
		`- TEST_info("skipping, '%s' is disabled", p);`
		`- t->skip = 1;`
		`- }`
		`- + if (p != NULL`
		`- + && (strcmp(name, "mac") == 0)`
		`- + && is_mac_disabled(p)) {`
		`- + TEST_info("skipping, '%s' is disabled", p);`
		`- + t->skip = 1;`
		`- + }`
		`- OPENSSL_free(name);`
		`- return 1;`
		`- }`
		`- diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t`
		`- index 7ae546e1d70c..7b976c0a1b5e 100644`
		`- --- a/test/recipes/30-test_evp.t`
		`- +++ b/test/recipes/30-test_evp.t`
		`- @@ -45,6 +45,7 @@ my @files = qw(`
		`- evpciph_aes_wrap.txt`
		`- evpciph_aes_stitched.txt`
		`- evpkdf_hkdf.txt`
		`- + evpkdf_kbkdf_counter.txt`
		`- evpkdf_pbkdf1.txt`
		`- evpkdf_pbkdf2.txt`
		`- evpkdf_ss.txt`
		`- diff --git a/test/recipes/30-test_evp_data/evpkdf_kbkdf_counter.txt b/test/recipes/30-test_evp_data/evpkdf_kbkdf_counter.txt`
		`- new file mode 100644`
		`- index 000000000000..04ab8ff0fad7`
		`- --- /dev/null`
		`- +++ b/test/recipes/30-test_evp_data/evpkdf_kbkdf_counter.txt`
		`- @@ -0,0 +1,1843 @@`
		`- +#`
		`- +# Copyright 2021-2021 The OpenSSL Project Authors. All Rights Reserved.`
		`- +#`
		`- +# Licensed under the Apache License 2.0 (the "License"). You may not use`
		`- +# this file except in compliance with the License. You can obtain a copy`
		`- +# in the file LICENSE in the source distribution or at`
		`- +# https://www.openssl.org/source/license.html`
		`- +`
		`- +# Tests start with one of these keywords`
		`- +# Cipher Decrypt Derive Digest Encoding KDF MAC PBE`
		`- +# PrivPubKeyPair Sign Verify VerifyRecover`
		`- +# and continue until a blank line. Lines starting with a pound sign are ignored.`
		`- +`
		`- +Title = KBKDF tests`
		`- +`
		`- +# Test vectors taken from`
		`- +# https://csrc.nist.gov/CSRC/media/Projects/`
		`- +# Cryptographic-Algorithm-Validation-Program/documents/KBKDF800-108/CounterMode.zip`
		`- +`
		`- +`
		`- +# [PRF=CMAC_AES128]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=8_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:dff1e50ac0b69dc40f1051d46c2b069c`
		`- +Ctrl.hexinfo = hexinfo:c16e6e02c5a3dcc8d78b9ac1306877761310455b4e41469951d9e6c2245a064b33fd8c3b01203a7824485bf0a64060c4648b707d2607935699316ea5`
		`- +Output = 8be8f0869b3c0ba97b71863d1b9f7813`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:682e814d872397eba71170a693514904`
		`- +Ctrl.hexinfo = hexinfo:e323cdfa7873a0d72cd86ffb4468744f097db60498f7d0e3a43bafd2d1af675e4a88338723b1236199705357c47bf1d89b2f4617a340980e6331625c`
		`- +Output = dac9b6ca405749cfb065a0f1e42c7c4224d3d5db32fdafe9dee6ca193316f2c7`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:7aa9973481d560f3be217ac3341144d8`
		`- +Ctrl.hexinfo = hexinfo:46f88b5af7fb9e29262dd4e010143a0a9c465c627450ec74ab7251889529193e995c4b56ff55bc2fc8992a0df1ee8056f6816b7614fba4c12d3be1a5`
		`- +Output = 1746ae4f09903f74bfbe1b8ae2b79d74576a3b09`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:e91e0d06ab23a4e495bbcc430efddcaf`
		`- +Ctrl.hexinfo = hexinfo:24acb8e9227b180f2ccebea48051cbdbcd1be2bf94400d1e92945fe9b887585a295f46c469036107697813a3e12c45ae2ffde9a940f8f8c181018a93`
		`- +Output = e81ef2483729d4165aaa4866c17f26496e6c6924e2fe34f608efef0c35835f86df29a1e19ce166a8`
		`- +`
		`- +`
		`- +# [PRF=CMAC_AES128]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=16_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:30ec5f6fa1def33cff008178c4454211`
		`- +Ctrl.hexinfo = hexinfo:c95e7b1d4f2570259abfc05bb00730f0284c3bb9a61d07259848a1cb57c81d8a6c3382c500bf801dfc8f70726b082cf4c3fa34386c1e7bf0e5471438`
		`- +Output = 00018fff9574994f5c4457f461c7a67e`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:145c9e9365041f075ebde8ce26aa2149`
		`- +Ctrl.hexinfo = hexinfo:0d39b1c9c34d95b5b521971828c81d9f2dbdbc4af2ddd14f628721117e5c39faa030522b93cc07beb8f142fe36f674942453ec5518ca46c3e6842a73`
		`- +Output = 8a204ce7eab882fae3e2b8317fe431dba16dabb8fe5235525e7b61135e1b3c16`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:6f3f8cbf40d2a694274cfa2eb2f265a3`
		`- +Ctrl.hexinfo = hexinfo:e7b88baa4a2c22b3d78f41d509996c95468c8cb834b035dd5e09e0a455da254b8b5687a1433861751d2dd603f69b2d4ba4ae47776335d37c98b44b4b`
		`- +Output = d147f1c78121c583cbcb9d4b0d3767a357bd7232`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:5e534bea459e54c58a6942abfd4df8ab`
		`- +Ctrl.hexinfo = hexinfo:e9a5cc15d223aaa74abd122983b2a10512199b9cc87663fd8a62d417cef53770264fc51f683890fe42da2df7be0f60898c5b09d5c4932137b6b1e06e`
		`- +Output = 92480eb4860123ceda76f1e6bf2668520bea49ed72bb900ae50725bb8cfcdb733af1a9de71fe1af5`
		`- +`
		`- +`
		`- +# [PRF=CMAC_AES128]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=24_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:ca1cf43e5ccd512cc719a2f9de41734c`
		`- +Ctrl.hexinfo = hexinfo:e3884ac963196f02ddd09fc04c20c88b60faa775b5ef6feb1faf8c5e098b5210e2b4e45d62cc0bf907fd68022ee7b15631b5c8daf903d99642c5b831`
		`- +Output = 1cb2b12326cc5ec1eba248167f0efd58`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:1bfaf4cd6efd25a132e2a1d41b124465`
		`- +Ctrl.hexinfo = hexinfo:b933cfbb223ea65ed0e8db822f83be64ee21d3b9ca1eb0bc32f9d77f145a3e4ed4e2cc72cb3d93ea44824ab81eefdf71bbdb62067e0eb34a79914e4f`
		`- +Output = 75f4d20c558d71646ec062d2ca75369a218cedb7104be3abf27026af003e98f3`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:80168f187848a68b0b82a7ef43b4eedc`
		`- +Ctrl.hexinfo = hexinfo:9357281df7665ae5ae961fe5f93a3124416cab3deb11583429c5e529af3fc71094aad560cbc279168fe1c3327787f91a414acfff063832bcd78ed1b5`
		`- +Output = be4517c9e6de96929e655a08f5b6d5bb77364f85`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:26fa0e32e7e08f9b157ebae9f579710f`
		`- +Ctrl.hexinfo = hexinfo:ceab805efbe0c50a8aef62e59d95e7a54daa74ed86aa9b1ae8abf68b985b5af4b0ee150e83e6c063b59c7bf813ede9826af149237aed85b415898fa8`
		`- +Output = f1d9138afcc3db6001eb54c4da567a5db3659fc0ed48e664a0408946bcee0742127c17cabf348c7a`
		`- +`
		`- +`
		`- +# [PRF=CMAC_AES128]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=32_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:c10b152e8c97b77e18704e0f0bd38305`
		`- +Ctrl.hexinfo = hexinfo:98cd4cbbbebe15d17dc86e6dbad800a2dcbd64f7c7ad0e78e9cf94ffdba89d03e97eadf6c4f7b806caf52aa38f09d0eb71d71f497bcc6906b48d36c4`
		`- +Output = 26faf61908ad9ee881b8305c221db53f`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:695f1b1a16c949cea51cdf2554ec9d42`
		`- +Ctrl.hexinfo = hexinfo:4fce5942832a390aa1cbe8a0bf9d202cb799e986c9d6b51f45e4d597a6b57f06a4ebfec6467335d116b7f5f9c5b954062f661820f5db2a5bbb3e0625`
		`- +Output = d34b601ec18c34dfa0f9e0b7523e218bdddb9befe8d08b6c0202d75ace0dba89`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:b523ae21fc36bc58cc46e5a3cda97493`
		`- +Ctrl.hexinfo = hexinfo:8dbe6d4d9b09b2eabd165b6e6e97e3bc782f8335cb1ea04ad0403affd88a5071db5f36ce2e84ab296261730b2226a9189d867991fbd4ff86f43a3cfb`
		`- +Output = 530211df01975dd6c08064c34105f88a6007f2b2`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES128`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:b2fcf854b1029888aeb0274ca09bb21a`
		`- +Ctrl.hexinfo = hexinfo:a6b84baae7a6ceb1d63ed704757500c510c0a8bdc22d2f42af09f79c815f37f33b67dad0b30f428fc1e2d355f7f91f65acbedd2fdd5b8c38dd890407`
		`- +Output = fe4c2c0242c5a295c008aeb87ae0815171de6173773292347f4f5ec07185c3f860b5667c199aad55`
		`- +`
		`- +`
		`- +# [PRF=CMAC_AES192]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=8_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:53d1705caab7b06886e2dbb53eea349aa7419a034e2d92b9`
		`- +Ctrl.hexinfo = hexinfo:b120f7ce30235784664deae3c40723ca0539b4521b9aece43501366cc5df1d9ea163c602702d0974665277c8a7f6a057733d66f928eb7548cf43e374`
		`- +Output = eae32661a323f6d06d0116bb739bd76a`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:d10046bb18c3f363e87f4e57b961b294d4edf2ca91dc3e38`
		`- +Ctrl.hexinfo = hexinfo:2d043069de979bffb1be38a3cef2869dc07d5d3e99bde2e2204f10138081743f423f0c0b1aec0735a25bc61a8e2936dec6a25bb0ae105ab46caf8a2a`
		`- +Output = 8991a58882a0488bb5478996f2893989adb66d08d5030ad90f6ce5fdfca7754b`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:bf0abb70098d6c203074f1bce3d7468116cd1e5e8e618f20`
		`- +Ctrl.hexinfo = hexinfo:d9ce030a48668ada6c67a2ac163515ec22383c4b5332e18d06901bacbb63dd649c683cfd4fee2f33346817b23cb4c734060a1c727b0c72c12448f4f9`
		`- +Output = ecd1eef152b5835376f1a4324cd968bcb0cf850a`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:8725918ca07ad8e108473e5ffdf43eb1cf5c44baf0bd1cec`
		`- +Ctrl.hexinfo = hexinfo:f4a57b84a881cf282aac5402cfa8fc4ede0db6f8e902d5c0c41c4712077306484e626e3ffc4129d9b43b46cbb6c53d2838a811dc8aedad7253cf94d4`
		`- +Output = 5a795fd0d7661968c478860b526cca40eb8702083fdbff3ff8adfa697e795398ca7106bc950fbb45`
		`- +`
		`- +`
		`- +# [PRF=CMAC_AES192]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=16_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:d7e8eefc503a39e70d931f16645958ad06fb789f0cbc518b`
		`- +Ctrl.hexinfo = hexinfo:b10ea2d67904a8b3b7ce5eef7d9ee49768e8deb3506ee74a2ad8dd8661146fde74137a8f6dfc69a370945d15335e0d6403fa029da19d34140c7e3da0`
		`- +Output = 95278b8883852f6676c587507b0aa162`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:5e6695d7c3f5b156c7b457c8c2b801ba2ae30c9c8a36ee61`
		`- +Ctrl.hexinfo = hexinfo:1406756f40efb8e29d5455d2da4bf1993b3c3901d67ec90934895f5de7845f573ae8a0dc8a6ad77d80da29e81329440d61d63dda8eaa7851bc7a172d`
		`- +Output = 72046d5eed909f6ab25810ead446ace7422fd87e6bd496ff2e84b115b8e0d27e`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:e3b88f40c9974410955820a8f8392701e9c67cc6efd3b0ff`
		`- +Ctrl.hexinfo = hexinfo:a520f36b6b60dfce34dc1d1f6b16132efa82566efa49f3140113fbc59e309c40db42962c06123721f122f433fa417ce3319bca9c58b4184fd8c7be8f`
		`- +Output = 134b6236a80c257591cc1437ab007b3fa4bd7191`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:51574d47f2f1d202a30252823b52ba7858b729d5ed4c92f7`
		`- +Ctrl.hexinfo = hexinfo:0819c17dd3f9a68493a958c46152d04ba450043908a0016b99cc124d5e75b0d11e7c26f27365609c110eee7f8baa88a7d99fecc690e617150f93bd6c`
		`- +Output = c46db4cd822e9841408fba79932d6c748bc7ab17421ed1ad188aed327c2a0d694e380c0cade8b37f`
		`- +`
		`- +`
		`- +# [PRF=CMAC_AES192]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=24_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:f7c1e0682a12f1f17d23dc8af5c463b8aa28f87ed82fad22`
		`- +Ctrl.hexinfo = hexinfo:890ec4966a8ac3fd635bd264a4c726c87341611c6e282766b7ffe621080d0c00ac9cf8e2784a80166303505f820b2a309e9c3a463d2e3fd4814e3af5`
		`- +Output = a71b0cbe30331fdbb63f8d51249ae50b`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:3eeed1560e17aaffe9f6ca9d81815b89a6879a56ebe4182a`
		`- +Ctrl.hexinfo = hexinfo:a643378a557af69ce2c606bc623a04b568a848207534d25bfa22664f9148997a6b4c00f4624b5100b4eb01857240b119876c3a86c1e8b02335475939`
		`- +Output = 8a1dc0f616353bf3ecf5553d7a7651e9ea6d884a32172d3391ad342bfaf60785`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:c984c3f65cdc32e7503678764a9e84292a1f50e335167a36`
		`- +Ctrl.hexinfo = hexinfo:0061cd40f9eef84d6c8b04e0142d70aa50d4690e0a1de8e3ff5f5cea10cd2d28281eb1df90c519b8b51f7aa0d63a313ebbf80538b54dd11a66115be6`
		`- +Output = afe93ae91930261344e30ef9e1718e76f74225d9`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:993305e59f34a94f62931fd7662bb5b73c77d8d4bc6a33ba`
		`- +Ctrl.hexinfo = hexinfo:fcceb2d7ac6a68717c2490ec95bebea484c4930d156683c43164dc53bff0bafcbfb31e920109927ef08e12f66f258b6f8ba284908faee7d3376e1bac`
		`- +Output = 40e358cfdeee0286d152fcb4626ff22e67eea3b65d8750a273001b67645804cbf613832201b0a9ba`
		`- +`
		`- +`
		`- +# [PRF=CMAC_AES192]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=32_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:f4267280cb8667c2cf82bb37f389da6391f58cc74deba0cc`
		`- +Ctrl.hexinfo = hexinfo:34abbc9f7b12622309a827de5abfdd51fb5bb824838fcde88ca7bc5f3953abdcb445147f13e809e294f75e6d4e3f13b66e47f2dfc881ed392e3a1bf6`
		`- +Output = 2d1b4b5694b6741b2ed9c02c05474225`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:dc866a038c4f78f22d46caca65892bcdb15c1eb49b275827`
		`- +Ctrl.hexinfo = hexinfo:b4a123bad4890c7a791f5e192bd8b6e9c8c3620329f99249f11e1eb517a5b27b9e5b047a6591b45f6fff53e6d04b32d82e052af2eb8519bd21c10f93`
		`- +Output = 731a2e23ab2e58551490254041ee8fabd9c5a1918d76307f1048535be0763b20`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:dd5e0f1a30b0b722b00626ee663df29601af58082708e18c`
		`- +Ctrl.hexinfo = hexinfo:b7c6eb48c80b071080fd07a827d0bfdc781599862084f7ffd968a4cbff0be9a6adef5ea206aa8af4d8a85705953e33cd7c4cbb69969c73698f54c6b8`
		`- +Output = 84e1ca286776cda0784c4fc48b054384ca565d17`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES192`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:d64c598436507f4d05d7ebe780092996f281901dc9c8612f`
		`- +Ctrl.hexinfo = hexinfo:0ea737cfca2560856917f3a2ff5e2175930d0719bba85a9c8d8cb311a0a1b8caf8ffe03e9a86ab17046670011c9fec5c5cd697d9cd931f615cdfe649`
		`- +Output = 3c26968bd3997c653f79bb725c36d784b590d18a64678cf312abe8a57b2891c27282e37b6a49cd73`
		`- +`
		`- +`
		`- +# [PRF=CMAC_AES256]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=8_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:aeb7201d055f754212b3e497bd0b25789a49e51da9f363df414a0f80e6f4e42c`
		`- +Ctrl.hexinfo = hexinfo:11ec30761780d4c44acb1f26ca1eb770f87c0e74505e15b7e456b019ce0c38103c4d14afa1de71d340db51410596627512cf199fffa20ef8c5f4841e`
		`- +Output = 2a9e2fe078bd4f5d3076d14d46f39fb2`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:5402c978955128558789bee7b571465174a60582a7640037387f99ac16683173`
		`- +Ctrl.hexinfo = hexinfo:5c7eb447481c2884a5398449eaecbb8b55f1f1981ba0fd187818d8b3581b430c3da52ab83d444e003625ff36fcbd160c67b18d85b6c9d00da1a15d15`
		`- +Output = f22a4686abe599c2194d21fc9071ffceb023dd9b24c13f05a3d44cfc77fec44a`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:cac968a8ffd81c73948bdfb48bf8a29c1378517d3be294df9a8a80724075bdbd`
		`- +Ctrl.hexinfo = hexinfo:08817bcd560edf810aa004194c817e455fb66bbc3b84fef1d66df2d1cebb3403c24231fa822f130c5d8fe886217122dcab15cb725197bbcbeb8010f5`
		`- +Output = 651c43e113b32026b204119af394301f0cb9831c`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:9debd1762a9643e967dbc174f2040e177b8053afb0829189a81fed94f8c365ee`
		`- +Ctrl.hexinfo = hexinfo:6c4e1e3fdd7f5c97d58bcdda792642cbd271d6968f6a8e368013d88763d0b306c832b7ab46b84d099596972d12220a4e9c81f82d6f5003d18b93c595`
		`- +Output = 2518a44ea347e924b03a7b4c966ec4e4bd76c1456d09096be9387638c2737faeebba4e2b921b19db`
		`- +`
		`- +`
		`- +# [PRF=CMAC_AES256]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=16_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:4df60800bf8e2f6055c5ad6be43ee3deb54e2a445bc88a576e111b9f7f66756f`
		`- +Ctrl.hexinfo = hexinfo:962adcaf12764c87dad298dbd9ae234b1ff37fed24baee0649562d466a80c0dcf0a65f04fe5b477fd00db6767199fa4d1b26c68158c8e656e740ab4d`
		`- +Output = eca99d4894cdda31fe355b82059a845c`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:4c30b96d9beff5cc3c37527694eeec8207fae2c13ef295556919a7a46e5b90c1`
		`- +Ctrl.hexinfo = hexinfo:86e1ad34bd7a998281a822129a23102f799812864cf5349f3f21cec7729f83ad8c8aa6517fafcc9521cde887686629048159ed3f15c01408984f547e`
		`- +Output = 815fe232e0e89f7eeaa87c3ba5007694a43c1577657ccb3018076c5a5c035d95`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:e508ce78aca2cc50c80a6cbdb2b178f8ee5e315dad71ddfa700eb6cf503239b3`
		`- +Ctrl.hexinfo = hexinfo:28c47ddd23d349e3b30bf97975c5fa591f2158e001dae3faa154d93c615c89fc7449c901a2585e618f68a0b2cbd3f35f53424d5ea015cbf7e8e09f68`
		`- +Output = 6bc69b4c11aa7c04ac3c03baa44daeac4a047992`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:ee0a0f88b3b441826264de7a31b890a66edf7c2a28d0286eab285846b586fb8e`
		`- +Ctrl.hexinfo = hexinfo:1ea9771ab763056260d885073e80e835e20e5d7ca9659fdf5dd3b7f2ae6286608f8bc7a6728e41346c55544942b1bf06642fb6a6738fb5b7f0128f9c`
		`- +Output = 5484f170b6602b505e9e6ccffccf2262b55c3554728244bba94daff0adbc619400b33f38013a2293`
		`- +`
		`- +`
		`- +# [PRF=CMAC_AES256]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=24_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:1612a40daa7fce6c6788b3b71311188ffb850613fd81d0e87a891831348e2f28`
		`- +Ctrl.hexinfo = hexinfo:1696438fcdf9a85284759b2604b64d7ea76199514709e711ecde5a505b5f27ae38d154aba14322481ddc9fd9169364b991460a0c9a05c7fcb2d099c9`
		`- +Output = d101f4f2b5e239bae881cb488995bd52`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:77b50e24b859725d1cab531c885a6e60e7d5b0432f37408185ae688dffa5f6a5`
		`- +Ctrl.hexinfo = hexinfo:0b2c907499cddaa1fcfb02002ab8b9756c5f1f9fea482d79b8a6aa9fa2fb48e69df94dca4cb6f2e90a462678279ddaacc482fdd76581996b43974a22`
		`- +Output = c2a02b3743d506cdc1a41d4c2ae4c67610c5d607df0c26cbf7f4fe2198cb35f1`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:18a5c3e669967b42e9a29bad8fe86699f2b5d496ff767cd3171d1c7195ecef59`
		`- +Ctrl.hexinfo = hexinfo:33231c50326592c25ec3eee2c61a3ad4c8a23c098dd83eafe5db411d0948eb122bb6eb7a1d04d2dbcd0b98d0b70b7ff305bb3ef6ac9d4e8e3f7ecd4f`
		`- +Output = e80afb5cd274cb5fa4952aa95177ae83337f4c8f`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:0b589e556b7583f0fa9144868603b59262f457dee1e887ffc0e39968218959b9`
		`- +Ctrl.hexinfo = hexinfo:1b95b940e0b950a58f09ea09941b80852cb29838940bb146dc3db0ddcd87f72ee28813c09fcef773e95438c0ed3dbcf29e78de0c78377561c5869d5f`
		`- +Output = 260aef65eefd58816fe1a77120d047548b00c475c25178a2a33d4c801d49e8a0fb830513d0b3ff17`
		`- +`
		`- +`
		`- +# [PRF=CMAC_AES256]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=32_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:d0b1b3b70b2393c48ca05159e7e28cbeadea93f28a7cdae964e5136070c45d5c`
		`- +Ctrl.hexinfo = hexinfo:dd2f151a3f173492a6fbbb602189d51ddf8ef79fc8e96b8fcbe6dabe73a35b48104f9dff2d63d48786d2b3af177091d646a9efae005bdfacb61a1214`
		`- +Output = 8c449fb474d1c1d4d2a33827103b656a`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:d54b6fd94f7cf98fd955517f937e9927f9536caebe148fba1818c1ba46bba3a4`
		`- +Ctrl.hexinfo = hexinfo:94c4a0c69526196c1377cebf0a2ae0fb4b57797c61bea8eeb0518ca08652d14a5e1bd1b116b1794ac8a476acbdbbcd4f6142d7b8515bad09ec72f7af`
		`- +Output = 2e1efed4aef3fdd324e098c0a07c0d97f8fd2c748a996ce29861ca042474daea`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:99f212241a343c1c8c2104ca6d28062413d985c21e6bba27fde0c622e2e4e6b7`
		`- +Ctrl.hexinfo = hexinfo:af8dc1cb7d1f82ca834628c20f0fc81920eb3ff3f75d3f4e3000593e9c15872479711d99d1b7be794f58d80a31bb112219dc16e6354111ab1161e21d`
		`- +Output = 7f778c625bf0d083169a51584f6683f24af7c35e`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.cipher = cipher:AES256`
		`- +Ctrl.mac = mac:CMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:dabde95d751ff1c132bd49f80f4ee347bf39218cf8bfec61bc3ad865d9aa1182`
		`- +Ctrl.hexinfo = hexinfo:55da554307ed756764d4e97febb77ce85391b53225ee09417ad57def48ead090e3d1e7c2ed04f02462a6324ea0163b18f86201c69db27fd50b4c42c5`
		`- +Output = 5cc29221cfa6f3a4ded7afeef5a59c05bac787fc5e98a35ee0c96ba582b05c42f758966566084f69`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA1]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=8_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:00a39bd547fb88b2d98727cf64c195c61e1cad6c`
		`- +Ctrl.hexinfo = hexinfo:98132c1ffaf59ae5cbc0a3133d84c551bb97e0c75ecaddfc30056f6876f59803009bffc7d75c4ed46f40b8f80426750d15bc1ddb14ac5dcb69a68242`
		`- +Output = 0611e1903609b47ad7a5fc2c82e47702`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:1ee222f5cdd60b0ae956eeeaa838c51bd767672c`
		`- +Ctrl.hexinfo = hexinfo:4b10500ba5c9391da83d2ef78d01bcdccda32ff6f242960323324474b9d0685d99dc9143ac6d667a5b46dcc89784b3a4af7a7684b01efee41b144f48`
		`- +Output = 806e342013853083a3f7294c63a9ec9a6dba75b256c62fac1e480ef26276cd4b`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:0e71d9e9c9e951978ada75c831d627dd5d3b4c59`
		`- +Ctrl.hexinfo = hexinfo:08b6f69698e8eb6c8c63953abd3538531d722cc4e9ca7ffcb68abba4dd4b027b3787efa107902ace8abb54549bede4ffdadabec3f282865b2166d46e`
		`- +Output = 86137b96ec15b7954fdc5df8d371ee2d8016e97a`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:f0e5ad280b3465e719afdf86377bbcda59f5c59b`
		`- +Ctrl.hexinfo = hexinfo:231b6d83f0194499f27848108fd1fcdcf9520e67522cf54486fb919a839532d165019388242ce373a89ce644d7818e7415f5730a0b743595ab19add4`
		`- +Output = 9a9ddd19818bb085d24e48ee99d6e628235a422fb2ae383282b7bbbf0e5f5edf42d7237b8ed6aa1d`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA1]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=16_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:a510fe5ad1640d345a6dbba65d629c2a2fedd1ae`
		`- +Ctrl.hexinfo = hexinfo:9953de43418a85aa8db2278a1e380e83fb1e47744d902e8f0d1b3053f185bbcc734d12f219576e75477d7f7b799b7afed1a4847730be8fd2ef3f342e`
		`- +Output = c00707a18c57acdb84f17ef05a322da2`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:abec6c894ae9df32e5afdf5d06a0434e8940ca71`
		`- +Ctrl.hexinfo = hexinfo:9a6574a0ea1123ab9580906f8a2c4a0ecba9a8a84079c37a6e283ad4d4e957c3d16db66ae4be99e688b221c359a8dd2505868beb6a49fd7ce6c35df4`
		`- +Output = 5b37675aec199c7d08435ef6321cf6235c12453a4530072d4a73ba0ad34634a5`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:df4e835a2f201a3d0f840eab38a18adf72adf9eb`
		`- +Ctrl.hexinfo = hexinfo:84c6ca541d24a8b419037b9657ee4e0d5ef96d8b198355940a30b09bf8784e81d3b93558de21c46f04aec4afd610c3b230d17473c80b47b5004955e7`
		`- +Output = 1202915544844b1f913caab512c582735bf76fed`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:cbe1d2895640dcd1545e60e04ce9d995707ec539`
		`- +Ctrl.hexinfo = hexinfo:c80d735ec5fd0bf811a4a71c55e99373f83f4111194ec24a8e9fe24ef03f56ed15b4e135e02488d96dba8c0d60c26592df55a492691cf3b7eced40d1`
		`- +Output = 1fd5a183be95c2d909deed31d686417d5c08bb88e6f75b150df330c8e7703bb8ccdffacb3e9ee3ff`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA1]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=24_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:928c170199473291bf719a1985a13673afb8f298`
		`- +Ctrl.hexinfo = hexinfo:f54388503cde2bf544db4c9510ff7a2759ba9b4e66da3baf41c90ce796d5ea7045bc27424afb03e137abfafe95158954c832090abdba02d86bab569d`
		`- +Output = 8c01160c72c925178d616a5c953df0a7`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:df7ecebec20e14be6db5d46af2769fe4e4ed689c`
		`- +Ctrl.hexinfo = hexinfo:308ec6953d4945f075d37932d5dd335c7de0d2e7899a8321724a50b52240191fcdf991520c47a25b04ce6eecc835e4265b623c68d687afc615f74ae5`
		`- +Output = c2129eeb33ee6783b6b187e5ae884f8f5bd78ca224e5e01c04a68ecef376ea38`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:2539c58bba8ae61be8b867b767ad698eb1f52a0b`
		`- +Ctrl.hexinfo = hexinfo:9f6de21c93176f8814e9290a40149f749f946d376eb65f888eddcc4a24a58dbdbb3222fb53487e0abb08efff6d6a43511b18c40f489abe4013647273`
		`- +Output = 20bc5ab8c27dd3f6f6fa5485f2eed8bd8b8b3d35`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:66002f224106971edc62a7c6957931b2097aabc3`
		`- +Ctrl.hexinfo = hexinfo:f5fe599fac3bac5b10a4296b0783e2fc78cb498347ff3f74e2d9d230dfb6653e1a274e7bc37f0319eac2b0b48533b7be9d3633eed32101837ee460ff`
		`- +Output = c195b9139fee020eda70b8a161aef28474977412c0612afafe23b16b1594871548b5889b38e0cf2a`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA1]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=32_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:f7591733c856593565130975351954d0155abf3c`
		`- +Ctrl.hexinfo = hexinfo:8e347ef55d5f5e99eab6de706b51de7ce004f3882889e259ff4e5cff102167a5a4bd711578d4ce17dd9abe56e51c1f2df950e2fc812ec1b217ca08d6`
		`- +Output = 34fe44b0d8c41b93f5fa64fb96f00e5b`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:c1efb8d25affc61ed060d994fcd5017c2adfc388`
		`- +Ctrl.hexinfo = hexinfo:b92fc055057fec71b9c53e7c44872423a57ed186d6ba66d980fecd1253bf71479320b7bf38d505ef79ca4d62d78ca662642cdcedb99503ea04c1dbe8`
		`- +Output = 8db784cf90b573b06f9b7c7dca63a1ea16d93ee7d70ff9d87fa2558e83dc4eaa`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:e02ba5d5c410e855bbd13f840124273e6b864237`
		`- +Ctrl.hexinfo = hexinfo:b14e227b4438f973d671141c6246acdc794eee91bc7efd1d5ff02a7b8fb044009fb6f1f0f64f35365fb1098e1995a34f8b70a71ed0265ed17ae7ae40`
		`- +Output = f077c2d5d36a658031c74ef5a66aa48b4456530a`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA1`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:693adb9037184627ad300f176985bd379f388a95`
		`- +Ctrl.hexinfo = hexinfo:7f09570c2d9304ec743ab845a8761c126c18f5cf72358eada2b5d1deb43dc6a0f4ff8f933bef7af0bcfacb33fa07f8ca04a06afe231835d5075996be`
		`- +Output = 52f55f51010e9bd78e4f58cab274ecafa561bd4e0f20da84f0303a1e5ff9bebc514361ec6df5c77e`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA224]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=8_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:7e2f7a5ab3e82ef927a005308456823da473787bf33d18a864aca63f`
		`- +Ctrl.hexinfo = hexinfo:b35695a6e23a765105b87756468d442a53a60cd4225186dc94221c06c5d6f1e98462135656ebca90468a939f29112b811413567d498df9867914d94c`
		`- +Output = 10ba5c6ea609da8fa8abe8be552c97a1`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:667f72fc660e32943de386af9670c78e975c838cae91dca97f4f8508`
		`- +Ctrl.hexinfo = hexinfo:e713e8c38e92c8ba0f0791cc4a0d00c98d8dda8f3137a775104e7aa65b5f04fed12ee78a88262b2931717b7ac5624162fd5f0307f4faef038dcc210c`
		`- +Output = 835b343242a489249eec3cd56384ea2a5b295e29a4430fec2aae0c8b9fa36d20`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:3344fb80fd655b16f08c78150516cbbc009fbdf1b510905f9113d275`
		`- +Ctrl.hexinfo = hexinfo:dc2aa42084d645baeb822c0c1d9b8e200737e9a2c7dcd922d8f056d6c02552295d95a488758919724207eebb4c21887f71b51a2a7ce98827cf7af4bb`
		`- +Output = e281d09a31c57d053f0c2f902792c8bbb9a0f443`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:eb9386450d7b2da5492da5b139cf4b0b951a5b0c7d40c22ae2c20677`
		`- +Ctrl.hexinfo = hexinfo:bd8b73969e3e2d7a943b937c3bffe3a9199d1cf27e289bb10c3b88696a5ae36b3b868b4fc6a20ca93dd0b328f3351f71ce656bb558fa33c74741398d`
		`- +Output = bc902dfba79fb4084339b6666c7f72b9f47675229dc24ec61068bb05082717eead35647ff147d7de`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA224]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=16_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:093b2ce84c6175d1723fbe94b9ee963b6251d018fcf8c05c2e3e9b0b`
		`- +Ctrl.hexinfo = hexinfo:083e114aca1f97166551b03f27b135c0c802294aa4845a46170b26ec0549cb59c70a85557a3fc3a37d23eed6947d50f10c15baf5c52a7b918ca80bf5`
		`- +Output = 94ced61c3665616d4a368f83a7283648`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:ffb5c9d920522477cb2ecf16ae1e075587b7598348e019df85ca3d43`
		`- +Ctrl.hexinfo = hexinfo:252743519ab4e03f8bb0ed137e2d315aac5010b951645c7626c6f5a77c4a6c4e0b0b4030abf937141f7142bcd702678b15d2d4e8850e0570ec782c79`
		`- +Output = 3d1813da0322201ed45ac2aaf3542843913bb32fd832a33a5dc94bad964bfe56`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:7f0ea811340cddbbf261d0260b0c98dec790133cffd2b04b8f8be2b1`
		`- +Ctrl.hexinfo = hexinfo:0a744543acddf7d8c0a205372a0450e32631a33bb89ad2e3bb2d9766c248ab755fec152a6da866ef50baeab607d88e5177042056970013aa18f9fb1e`
		`- +Output = e55120e7848cf61254159e79c2ac47a9a906a73c`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:6e237178c4884e13470b6b4848b40389d9856311735da4eefa2f6f38`
		`- +Ctrl.hexinfo = hexinfo:9cd9f9ad88471668f3b25515851fff63d3a886b8c6cf371eae159bab58f997b83eda5815567a142c4264978d8f24d24fe2d513c0eeaff983b86fdbd8`
		`- +Output = 1e6638ea717338cfeb7dea373785c3c763bd5e509358e4940e9a4e4fd0a3e0347973858bc20243b8`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA224]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=24_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:f09e65e8de7500847b43bd95e6c3506e01aadd484e9699b027897542`
		`- +Ctrl.hexinfo = hexinfo:c20f6188517b2ca10086b9f7f8d6f2d38d66f24193c037008d035f361c6bd74db26aef588a87aa8a1c3cdad2ba0207f7e7b39def0df797c4cb3bf614`
		`- +Output = 73d30c2af54744eb1efb70429f8e303a`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:6079eafeba179a915e194b14e12ffee1e2bad56a62077897a4654e4b`
		`- +Ctrl.hexinfo = hexinfo:87686603814d619107aabfab85b4c4fe38ae1a5c2a4d78df12119871b8a4f85d583e7d842ee15e7fe03f61dd02b10784838ed163dc67cca43586d628`
		`- +Output = d888a21e1a698654fa46288509ae7a28dc7b05e6fc696a909451c2437097056b`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:2efe2905a1b7e1993da0316f2a747be1e91415ca1e6ad14d04341fee`
		`- +Ctrl.hexinfo = hexinfo:4d283c0f6d209379facd8a26aa889780863cf6a81893dc3bd2c928a7f8d922ced9c829bf627d2c556441d0d41a1eb00c0deea78349429de56a275f04`
		`- +Output = ec162b6ff6413f5eae9336fd489fab538d042db8`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:0b15638489d3ac7729a7db82797754e7a7c8d52da0cf3638a27a1a9c`
		`- +Ctrl.hexinfo = hexinfo:90988848764dacc6eeba817e0b74086b1233bca9d573717b8e3dd3bd23a532aac7db8b196e4c4702f54cc71bb8882dc776b0317457803a632b429776`
		`- +Output = 481293e1e621ad8bab5c9f5090594bb2507a1456ee8ffc30db159cb5b02d69110c3e5270880bf4a7`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA224]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=32_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:f5cb7cc6207f5920dd60155ddb68c3fbbdf5104365305d2c1abcd311`
		`- +Ctrl.hexinfo = hexinfo:4e5ac7539803da89581ee088c7d10235a10536360054b72b8e9f18f77c25af01019b290656b60428024ce01fccf49022d831941407e6bd27ff9e2d28`
		`- +Output = 0adbaab43edd532b560a322c84ac540e`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:992815121d88ffb26c337606723c02ef317713086e2cfbbd37e1a167`
		`- +Ctrl.hexinfo = hexinfo:152d974eb2719b9027d32054a327312361125959df9d96a1832e2056c2571d4f1cf45f6e8f6544c87f15861cef627d2f16e9b0b4ab799bb3362f4aae`
		`- +Output = 475eda3a32d569932e043db64dbf0e9bb0945b54dcdfa203be1a28524c147075`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:2eabb6b922c24326ef9ae3c192dfd341caf57efe15dd649772a2ac3b`
		`- +Ctrl.hexinfo = hexinfo:c75f6f5a1561aab39ea0e22702a6cf7dba3ca4dd9f046bb0abea2d3284168fd9fb39ff725523a660d21f8c2ade03d18d4273c52fb6f22c9e39d6bc2e`
		`- +Output = ae50acebe308a1cf1747b9b178a0720748fa5fe5`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA224`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:9b75e7fa216c884037c7d6953092ed335c4efd88ca57a742d6ac3221`
		`- +Ctrl.hexinfo = hexinfo:12bea97865df99315259ff620302432ecafc9dce2619e87dfb4979410456a524434315dd3920e2b1aa1c79d5e07132a758a7b7b71ef10bcf1bb877f3`
		`- +Output = 60071bd0ceea0fe0f879223b940d3de7dde02ca6858f8450fb9c0032e49f968ef9cd9b5703163dbc`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA256]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=8_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:3edc6b5b8f7aadbd713732b482b8f979286e1ea3b8f8f99c30c884cfe3349b83`
		`- +Ctrl.hexinfo = hexinfo:98e9988bb4cc8b34d7922e1c68ad692ba2a1d9ae15149571675f17a77ad49e80c8d2a85e831a26445b1f0ff44d7084a17206b4896c8112daad18605a`
		`- +Output = 6c037652990674a07844732d0ad985f9`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:f109513435d72f14863660dfc027118e47e13995ad44a02415c9c8f63d38675c`
		`- +Ctrl.hexinfo = hexinfo:53696208d6f42909136a575010e135e142e31f631d72386a631cc704e5ad4049a889422cd6da7f1805e59a273c6f4fa986bc3082952fca658979f1b0`
		`- +Output = 1aaf080fd51b37585ea464a9c617bc3ab859cc78cbe1f2d5d557148ee36821a0`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:6ed1b41a1fc2ca8c7e09d5bccc410661683ec29d41a0fd01dd820a2e824ff672`
		`- +Ctrl.hexinfo = hexinfo:f6dc72adbd8ad4ea91259b61237a042a02546f37d58d933d3efadc54a5e1936a8faf70c33e707c473125bd5006b7dfa6883c04bf27cf53010e1d10bc`
		`- +Output = 4090ee711fa361f03267a6ff2a5ace977c8c1db5`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:63a657fb6c5bacb9a124d3e7db8bbb7d42bfdfaf8f04cb6359cd888c70669652`
		`- +Ctrl.hexinfo = hexinfo:2697b6ec112cab4d6f1714c991c17d44fb36a0b6ef0b0f5451619ab248950f56f403215c78711aa563683ced05be7246f32574fa294f162dbbeb3dee`
		`- +Output = 1992e75756fa64734d5caecc5f6420fcb28b8b90421eee97dc8b6140ce18518405688bea489d2aaa`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA256]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=16_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:743434c930fe923c350ec202bef28b768cd6062cf233324e21a86c31f9406583`
		`- +Ctrl.hexinfo = hexinfo:9bdb8a454bd55ab30ced3fd420fde6d946252c875bfe986ed34927c7f7f0b106dab9cc85b4c702804965eb24c37ad883a8f695587a7b6094d3335bbc`
		`- +Output = 19c8a56db1d2a9afb793dc96fbde4c31`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:365592398d23d31f2cac8bf6211f1ad5f52608efcdc5997b144ea6ded3866cf6`
		`- +Ctrl.hexinfo = hexinfo:07dce524556d3f68d2d91d4c15c9c6212635e0df1aef54938490db46f98737064d6a5624d7f938c263af01e632c45d9fe7a871b67f7d4bf110796eb4`
		`- +Output = 5624c6911dc1b08e090c8c95347adf17895b696aae211932cde3ec8227fcbea8`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:c104e187e344668997b7bd9c8cdf097320518dd7dbcb541c414418b55b58cbb2`
		`- +Ctrl.hexinfo = hexinfo:32f6bd59840c61909f2f92f98f54bd238083577e33c3d071c1abe4c694bd87c1ad235eb9a2d272b3dc67c955574d5e6cad84615120476d6e7e04f51f`
		`- +Output = 1b5d9e60aa909aeb973e76d9bf6be208327bb096`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:d4349c26108719debacc04e166a09063ffb5e17bcbaf8738dc2618aa7d1e97ae`
		`- +Ctrl.hexinfo = hexinfo:da1f5ed45ead428689b0ecca9dbc2569e76953cda0df085499cca6d5949d8995e1e42bbdc94b0dd78c164867c364a64c894de85294ad89d267ff443d`
		`- +Output = 00550ae0f29a2373269af175e7f829ec32c3d05099a39f8c0e02caa00b68afb7457669334383ffb2`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA256]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=24_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:388e93e0273e62f086f52f6f5369d9e4626d143dce3b6afc7caf2c6e7344276b`
		`- +Ctrl.hexinfo = hexinfo:697bb34b3fbe6853864cac3e1bc6c8c44a4335565479403d949fcbb5e2c1795f9a3849df743389d1a99fe75ef566e6227c591104122a6477dd8e8c8e`
		`- +Output = d697442b3dd51f96cae949586357b9a6`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:f5207566ad012002ae6f2b501f0c24180228345889c20616d043b868a76d015a`
		`- +Ctrl.hexinfo = hexinfo:f36dbc8d1dfda60d4ba05214f8773aaa9f01944150bca68812d0d8deb5492f3f68f09809ba5e8b89e9dca86c70f6f353b3d5f49ef27e2fd01cfa911d`
		`- +Output = 0faed440796a0685a24a1c5e1cacde566c7a1a4189885229251c6308a53c3f6e`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:e2758918edcf15d957a556055602d283dbdf9c95b6025a3cddf1eeac1e0ac889`
		`- +Ctrl.hexinfo = hexinfo:eda2f792580d6129b43e7b89c661786a29ab502ec6198f4a2bec6d0ffca1a75b8807d4313e7bf769a94fbf4b41c4cc309358a211105312c05818d8f3`
		`- +Output = 67e3273b2cfa4c663377f5841606679aee420dce`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:c9063598d6cf8660300073b5c25603baf3ade910c182deea15d8107d6f6be295`
		`- +Ctrl.hexinfo = hexinfo:22d27eec90c2dd4ae5cf4a705abecfd781b9051ba512b048ea9499364b791e9cdf63215db43680dacffe6f19d77fc93f8a46d84dd52146389d9ec308`
		`- +Output = f3a5b521b435a8c83eaf2d264b5b1a6dcc32c21b4897511203f97f01f2a691eef080b4cd7ca4fc38`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA256]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=32_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:dd1d91b7d90b2bd3138533ce92b272fbf8a369316aefe242e659cc0ae238afe0`
		`- +Ctrl.hexinfo = hexinfo:01322b96b30acd197979444e468e1c5c6859bf1b1cf951b7e725303e237e46b864a145fab25e517b08f8683d0315bb2911d80a0e8aba17f3b413faac`
		`- +Output = 10621342bfb0fd40046c0e29f2cfdbf0`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:e204d6d466aad507ffaf6d6dab0a5b26152c9e21e764370464e360c8fbc765c6`
		`- +Ctrl.hexinfo = hexinfo:7b03b98d9f94b899e591f3ef264b71b193fba7043c7e953cde23bc5384bc1a6293580115fae3495fd845dadbd02bd6455cf48d0f62b33e62364a3a80`
		`- +Output = 770dfab6a6a4a4bee0257ff335213f78d8287b4fd537d5c1fffa956910e7c779`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:dc60338d884eecb72975c603c27b360605011756c697c4fc388f5176ef81efb1`
		`- +Ctrl.hexinfo = hexinfo:44d7aa08feba26093c14979c122c2437c3117b63b78841cd10a4bc5ed55c56586ad8986d55307dca1d198edcffbc516a8fbe6152aa428cdd800c062d`
		`- +Output = 29ac07dccf1f28d506cd623e6e3fc2fa255bd60b`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA256`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:c4bedbddb66493e7c7259a3bbbc25f8c7e0ca7fe284d92d431d9cd99a0d214ac`
		`- +Ctrl.hexinfo = hexinfo:1c69c54766791e315c2cc5c47ecd3ffab87d0d273dd920e70955814c220eacace6a5946542da3dfe24ff626b4897898cafb7db83bdff3c14fa46fd4b`
		`- +Output = 1da47638d6c9c4d04d74d4640bbd42ab814d9e8cc22f4326695239f96b0693f12d0dd1152cf44430`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA384]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=8_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:0be1999848a7a14a555649048fcadf2f644304d163190dc9b23a21b80e3c8c373515d6267d9c5cfd31b560ffd6a2cd5c`
		`- +Ctrl.hexinfo = hexinfo:11340cfbdb40f20f84cac4b8455bdd76c730adcecd0484af9011bacd46e22ff2d87755dfb4d5ba7217c37cb83259bdbe0983cc716adc2e6c826ed53c`
		`- +Output = c2ea7454de25afb27065f4676a392385`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:218f47301a3adf39a4e1ddc25a1df2b7db53d7780c207f47ab4cefcaa960ed82cb6cbc34b97b4c332d52ca81cc40cb9a`
		`- +Ctrl.hexinfo = hexinfo:60dcb116d7cfd3cca7315c9dc7e9650f886b67d9fbcd98c226239a0f66eff075da23c6cb750a2129ae71b9582934f57423a815249cac2c61f958b35d`
		`- +Output = 26b01d94c4dd51a9c8b54f78647257f9e937a8d67dffa78f85749cdfb22db620`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:426c4facbacecb654555bc9843f9864a53e14c9a5e19600abf57b03cf8b6f825f71191eaaf3cfd70961314acbf1e6e29`
		`- +Ctrl.hexinfo = hexinfo:d224dc52dd16bde3391fab24fa875b695d63215e182efa970537904f4cd1d7f929f87c17fa97bd490f10cfc3bb80353ea4a4bb403f79e18677c39d29`
		`- +Output = 431c73810e9fe4f4982202f55eb5f0212f302142`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:522a72c006a6b77911915c78952dd61848725a4b0789b2cfce3b29d947d9faa145417740c0365bd81a860a600012543b`
		`- +Ctrl.hexinfo = hexinfo:4a3cd102c4b95fe193660c4c174f02c725207449b785edb8fa8c4404f01a25bef3238637d3bae370758332c678deb578322e031ec3970876600196d2`
		`- +Output = 2f5d52226949aecfe6359561a5fdd87a843457019e24faacacedd34177cda6cba18cc78cc8c78cef`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA384]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=16_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:26ef897e4b617b597f766ec8d8ccf44c543e790a7d218f029dcb4a3695ae2caccce9d3e935f6741581f2f53e49cd46f8`
		`- +Ctrl.hexinfo = hexinfo:bc2c728f9dc6db426dd4e85fdb493826a31fec0607644209f9bf2264b6401b5db3004c1a76aa08d93f08d3d9e2ba434b682e480004fb0d9271a8e8cd`
		`- +Output = a43d31f07f0ee484455ae11805803f60`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:269cce234dd4783067ceaa04a70deb1c9700acf705548495767c22f78493851ca9c699077a002874caacb760106016c6`
		`- +Ctrl.hexinfo = hexinfo:f64bfb4bdaac81b5801d2f9f08bc2e4d009990b67290fd49b3730c3a145696447aceae6a82f7508a19c396a548c9c33d943dab82b2538c18b8eee871`
		`- +Output = ab4182261c5d9c0d23a26477f14a507dd7f5e9550d04f48de29e644ed55f3406`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:ec71de96c9520386f9d11bebe474bae0c0549e2b2e8fda6b2336050ee3acbec38bc57d56e6422d3cd493ead69772a059`
		`- +Ctrl.hexinfo = hexinfo:4313d1efba21dded84ce12bf80b1be54400619d3bb1987f18bf85400e335103969e77c819a5360cf1dd3f4addb6b8eec0199508c75adfe2cfc067dc8`
		`- +Output = 8e37ecc86dcb5ee7cf48d8a07f06c47cdce624cc`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:afe2d3a4746792908aca8ece67ba8562382000b4e26122414b3ef2e120511bae68448955cf186be87caf69eaced47e87`
		`- +Ctrl.hexinfo = hexinfo:1f6dd0b17fed7f479c4f62927291a95292a4e232441c30ffcaa1d347543e50db939360bb37976eacb911f76c38ad8cce12a0c263875bbcd7f6011ffd`
		`- +Output = 17b671ca433cea81384b03b69c26a55257085cdfa48e6d8529431464bd439a881de560294afb0073`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA384]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=24_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:4fab4f1e3512b5f443ec31d2f6425d5f0fc13a5f82c83f72788a48a1bd499495ff18fb7acc0d4c1666c99db12e28f725`
		`- +Ctrl.hexinfo = hexinfo:f0f010f99fbd8ec1bd0f23cd12bb41b2b8acb8713bb031f927e439f616e6ae27aed3f5582f8206893deea1204df125cedce35ce2b01b32bcefb388fd`
		`- +Output = c3c263b5aa6d0cfe5304a7c9d21a44ba`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:af3cd100d14dcb5e63f8915eced4b59477936c48e0e2b9232449a97d53d3eddf9e00bf44a8f2370c38a13434c13e0977`
		`- +Ctrl.hexinfo = hexinfo:81f178f11615309844af84e163ff694f1936f7528aba6f0e60d41b4afac87e9dd48fbb5aebe534733f576950484aab15b386b468a055a1e0be8982c0`
		`- +Output = 0b52be4ebd8b2116df895a42317ac78808993673c99da6391f0eee13cc8470fa`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:fc3ba84439d8b7ead37ac6c825e088fc80152788bbc9c68569213dd6189d5fd552c37ab73b3d53ee9809a485194fb3cd`
		`- +Ctrl.hexinfo = hexinfo:df5728d5d146898b68d8713aa8053d03db52b7227d502d3effcd51a22d52ecd9175a4b01d2f27ecfc8abf02c1dd80f5c90a5e01396c1107dddb02226`
		`- +Output = 87ff36ca26778fcaf4f9209d38095c55c40f5e22`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:08d867a61b13cd8c79d3a1cbec3493925ece900e06993063bc0dfe0247cd059ba50a5fb6afc65ac469793817a1f2dfee`
		`- +Ctrl.hexinfo = hexinfo:af0c83a659267869bd7cde387bf1c29c9c0ff3c6cabf512c73fd671748e4e9e49218de9350fc0dde27839eb1e2878f900689abeb7b540c70203e5a95`
		`- +Output = 3fef69d875b9b6047c33f295619f6e7c7125c875d55409500100f71bee6551d511327fbde607ac41`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA384]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=32_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:216ed044769c4c3908188ece61601af8819c30f501d12995df608e06f5e0e607ab54f542ee2da41906dfdb4971f20f9d`
		`- +Ctrl.hexinfo = hexinfo:638e9506a2c7be69ea346b84629a010c0e225b7548f508162c89f29c1ddbfd70472c2b58e7dc8aa6a5b06602f1c8ed4948cda79c62708218e26ac0e2`
		`- +Output = d4b144bb40c7cabed13963d7d4318e72`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:8fca201473433f2dc8f6ae51e48de1a5654ce687e711d2d65f0dc5da6fee9a6a3db9d8535d3e4455ab53d35850c88272`
		`- +Ctrl.hexinfo = hexinfo:195bd88aa2d4211912334fe2fd9bd24522f7d9fb08e04747609bc34f2538089a9d28bbc70b2e1336c3643753cec6e5cd3f246caa915e3c3a6b94d3b6`
		`- +Output = f51ac86b0f462388d189ed0197ef99c2ff3a65816d8442e5ea304397b98dd11f`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:bc3157b8932e88d1b1cf8e4622137010a242d3527b1d23d6d9c0db9cc9edfc20e5135de823977bf4defafae44d6cdab6`
		`- +Ctrl.hexinfo = hexinfo:b42a8e43cc2d4e5c69ee5e4f6b19ff6b8071d26bab4dfe45650b92b1f47652d25162d4b61441d8448c54918ae568ae2fb53091c624dbfffacee51d88`
		`- +Output = 91314bdf542162031643247d6507838eaba50f1a`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA384`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:582f968a54b8797b9ea8c655b42e397adb73d773b1984b1e1c429cd597b8015d2f91d59e4136a9d523bf6491a4733c7a`
		`- +Ctrl.hexinfo = hexinfo:e6d3c193eff34e34f8b7b00e66565aeb01f63206bb27e27aa281592afc06ae1ec5b7eb97a39684ce773d7c3528f2667c1f5d428406e78ce4cf39f652`
		`- +Output = 691726c111e5030b5f9657069107861ecc18bc5835a814c3d2e5092c901cb1fb6c1a7cd3eb0be2a7`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA512]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=8_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:6ea2c385bb3e7bbafc2225cee1d3ee103ce300c1fdf033d0c1e99c57e6a596e037020838e857c0434040b58a5ca5410be672b888ef9955bdd54eb6a67416ff6a`
		`- +Ctrl.hexinfo = hexinfo:be119901ed8679b243508b97663f35da322774d7d2012d6557da6657c1176a115ebc73b0f1bfa1dba6b8c3b124f0a47cff2998b230c955b0ea809784`
		`- +Output = e0755fa6f116ef7a8e8361f47fd57511`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:0ef984d7b4ee76f5c9e080b27f45ccab4ac2362c4cafa68198786b18e239d0f69ee62148373643ad9aa42474700348ef651fee9973130a42e76b7e7633eba1e9`
		`- +Ctrl.hexinfo = hexinfo:56ece7c14c1fc5467f8316f3a931a7ddfa490969f442d7a132f3755809f6ca11dbc9c6493a541c244c32be6656e13ef2868cb79415b807b3882f00d2`
		`- +Output = 19aa765affdd3cc7294b2c97e1bd5adc368523a3283c387d0719761e938f83db`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:a35728d4ec0d7e94019a45d52264e5cd63c7540c21e30a9882d8d531cbb510edaa78e42c03994c18d8efcf7f826a1a9fdbbbacc55c640e7b532cc08e0615a093`
		`- +Ctrl.hexinfo = hexinfo:f501cc527bad6fe5d8e4f1f0f53d416ab17235f380f7e0d1c90dca18206af1fb1d977551e2e0e25c1fe41a8f825fbae2c07c94b768e98ad5ab8ddb2e`
		`- +Output = 54cf238101418ce050eee03aae0c39c4602ab838`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:8`
		`- +Ctrl.hexkey = hexkey:baed493b0294c9a5dbbe4547a30f0602c6124cedb549b45cff0ee4f3689a7ae5b695e5ecdfebf611bba1174e5e3a8824383e555daef396dc58c2842f77d5a674`
		`- +Ctrl.hexinfo = hexinfo:1371182cb0725416b1eccf4ac9fb20cf4e0f77e7d006a531e0ab2b2b46e0859473dad9dcae65ba5eb902228787dae19e735d002c919a4b74012f8904`
		`- +Output = 09bb55c9f3cee604f4bc5544a802be8b02b34b99f7928ceee696221975f947905f1b5979d9d4c2a1`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA512]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=16_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:bb0c55c7201ceb2e1369a6c49e2cdc1ae5e4cd1d64638105072c3a9172b2fa6a127c4d6d55132585fb2644b5ae3cf9d347875e0d0bf80945eaabef3b4319605e`
		`- +Ctrl.hexinfo = hexinfo:89bf925033f00635c100e2c88a98ad9f08cd6a002b934617d4ebfffc0fe9bca1d19bd942da3704da127c7493cc62c67f507c415e4cb67d7d0be70005`
		`- +Output = 05efd62522beb9bfff6492ecd24501a7`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:393eb889e9c2f251b95aa147d53e4cd029fd0391110be9c6b2f8ba32857864847c448a9a591686de88da7486d0a0f0f8c927560fa8f79c30e66a7efaacaa638f`
		`- +Ctrl.hexinfo = hexinfo:116bf7f9e5eb884c86cd0d3a2b33d41de7735677e6bd727e83fbde5c8113de56bf84c9f80610db760ae2df73f4f0db9df0cc1655ea9bc98bb06beeda`
		`- +Output = 212e4e4057a6871e166e7563205833bc7f01e86c724b6a61166d9311c55b5044`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:eeec4383a808fae57f24a7a5eb6157cca66483a613590c89ed39f59617ea97fcfa7cdfc83ba8140fa0d8542263d6423a9bcca70e11addb7a646f194ff0878cac`
		`- +Ctrl.hexinfo = hexinfo:b2565a20171eef1eaa04728e6c369405b251062bbd0a2b9171c8c6fedf0ff783691db787f153bbf5167301808f768a03df0deec99f2b9efb90cab571`
		`- +Output = 4f31b7bcd54c74d8a7d31aca187b8736f0a59db7`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:16`
		`- +Ctrl.hexkey = hexkey:62690d8ef259d175911d8eb52a331af29a8e3b797c4b315a67fa5cd1b00e585b2f7d97341284d0fcaa15a080732f7958e3b33e938e730623d1e651dbea9b2233`
		`- +Ctrl.hexinfo = hexinfo:266535b58de26ed62f936bc7147c8c3b31ee0c1bb92c5ef63699ac7225e01cec5afd2e6e39cf095882324c7dc94b0daa2befc50f790da0547d7c6184`
		`- +Output = 9336a88737d9ae01b5c43be5789c8545689557aad295ea3c03d2a2e0143603365fea1656175c20bf`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA512]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=24_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:d10933b0683f6787c33eccea1c311b8444270504fb3980bfd56443ba4068722184c31541d9174f71068b7789440bc34cec456e115067f9c65a5f2883c6868204`
		`- +Ctrl.hexinfo = hexinfo:dcb2ea8d715821d6393bd49a3e35f69a6c2519edb614f80fbc3f7ae1d65ff4a04c499e75d08819a09092ddaadba510e03cb2ac898804590dbd61fb7e`
		`- +Output = 876d73040d03d569e2fcae33b241d98e`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:44e6e9abd8572a19ba127dfa2ca6a1b53beaef8c19a1ec5b67f1f6f7919671cd80ade7ded7c0f096525936ef427b152339de915f024964ca9ea908a120e2553a`
		`- +Ctrl.hexinfo = hexinfo:c2884a0c3ea2ff5b0bc848698f49f2c59eff511d77caddba897dec7714a0984e54f330dd9e9fdca9c033dfbc36d3293eca0ce7601e316463966ad4fd`
		`- +Output = b294537440bec490953bf6e9a77c4510536916b84a5a2f45b5bf9f76666d8f12`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:a39131ca2f8df817ea2f155aac72d58a696d915b66b7cbe172a0f48a407aa8af0edbaea051eb027fe8fcc435cc7f160feeb57bd39a39d94104fe35167dac1aae`
		`- +Ctrl.hexinfo = hexinfo:52b6d1f6381fc3dd44baf1c9d36f0c313e58bf4fdb936b78103afdb90373079de90e4bb7d7089e65e0aef23f2a34df5198b8392aac705eb998c1f8cd`
		`- +Output = e707c910b4db3a648815fcad5ca7af18e5354c2e`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:24`
		`- +Ctrl.hexkey = hexkey:af5a39f0303b11bca55584ce24162dabd1625aed14ce54f9e407866e03efb24b12a36e164f96faf36bc92a08acd194285107173fb84caef787672d6471028459`
		`- +Ctrl.hexinfo = hexinfo:1cd84829b89d3149948967494aece985f1df3d7ec7735e8cc468bb3e6fdb50964d32dcde5521a82402577371047bf77e34714437e9d213561055b9db`
		`- +Output = a0e81b336a6f4ab395aada28314d8ba96b9216ae389b01aaec158e166239e554a217e69f603988fb`
		`- +`
		`- +`
		`- +# [PRF=HMAC_SHA512]`
		`- +# [CTRLOCATION=BEFORE_FIXED]`
		`- +# [RLEN=32_BITS]`
		`- +`
		`- +# COUNT=0`
		`- +# L = 128`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:dd5dbd45593ee2ac139748e7645b450f223d2ff297b73fd71cbcebe71d41653c950b88500de5322d99ef18dfdd30428294c4b3094f4c954334e593bd982ec614`
		`- +Ctrl.hexinfo = hexinfo:b50b0c963c6b3034b8cf19cd3f5c4ebe4f4985af0c03e575db62e6fdf1ecfe4f28b95d7ce16df85843246e1557ce95bb26cc9a21974bbd2eb69e8355`
		`- +Output = e5993bf9bd2aa1c45746042e12598155`
		`- +`
		`- +# COUNT=10`
		`- +# L = 256`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:5be2bf7f5e2527e15fe65cde4507d98ba55457006867de9e4f36645bcff4ca38754f92898b1c5544718102593b8c26d45d1fceaea27d97ede9de8b9ebfe88093`
		`- +Ctrl.hexinfo = hexinfo:004b13c1f628cb7a00d9498937bf437b71fe196cc916c47d298fa296c6b86188073543bbc66b7535eb17b5cf43c37944b6ca1225298a9e563413e5bb`
		`- +Output = cee0c11be2d8110b808f738523e718447d785878bbb783fb081a055160590072`
		`- +`
		`- +# COUNT=20`
		`- +# L = 160`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:9dd03864a31aa4156ca7a12000f541680ce0a5f4775eef1088ac13368200b447a78d0bf14416a1d583c54b0f11200ff4a8983dd775ce9c0302d262483e300ae6`
		`- +Ctrl.hexinfo = hexinfo:037369f142d669fca9e87e9f37ae8f2c8d506b753fdfe8a3b72f75cac1c50fa1f8620883b8dcb8dcc67adcc95e70aa624adb9fe1b2cb396692b0d2e8`
		`- +Output = 96e8d1bc01dc95c0bf42c3c38fc54c090373ced4`
		`- +`
		`- +# COUNT=30`
		`- +# L = 320`
		`- +KDF = KBKDF`
		`- +Ctrl.mode = mode:COUNTER`
		`- +Ctrl.digest = digest:SHA512`
		`- +Ctrl.mac = mac:HMAC`
		`- +Ctrl.use-l = use-l:0`
		`- +Ctrl.use-separator = use-separator:0`
		`- +Ctrl.r = r:32`
		`- +Ctrl.hexkey = hexkey:a9f4a2c5af839867f5db5a1e520ab3cca72a166ca60de512fd7fe7e64cf94f92cf1d8b636175f293e003275e021018c3f0ede495997a505ec9a2afeb0495be57`
		`- +Ctrl.hexinfo = hexinfo:8e9db3335779db688bcfe096668d9c3bc64e193e3529c430e68d09d56c837dd6c0f94678f121a68ee1feea4735da85a49d34a5290aa39f7b40de435f`
		`- +Output = 6db880daac98b078ee389a2164252ded61322d661e2b49247ea921e544675d8f17af2bf66dd40d81`
		`- +`

0052-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch

file removed

-207

		`@@ -1,207 +0,0 @@`
		`- From b9e2912acb72837b2fdef5cd8f96dc4e0d2a8fea Mon Sep 17 00:00:00 2001`
		`- From: Clemens Lang <cllang@redhat.com>`
		`- Date: Tue, 1 Mar 2022 15:44:18 +0100`
		`- Subject: [PATCH 23/38] Allow SHA1 in seclevel 2 if rh-allow-sha1-signatures =`
		`- yes`
		`-`
		`- References: rhbz#2055796`
		`- ---`
		`- crypto/x509/x509_vfy.c \| 19 ++++++++++-`
		`- doc/man5/config.pod \| 7 +++-`
		`- ssl/t1_lib.c \| 64 ++++++++++++++++++++++++++++-------`
		`- test/recipes/25-test_verify.t \| 7 ++--`
		`- 4 files changed, 79 insertions(+), 18 deletions(-)`
		`-`
		`- diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c`
		`- index 9384f1da9bad9e104550ff270d9ae8dc61da073d..859d5caf4529e193336022bc8a4bdd640df26066 100644`
		`- --- a/crypto/x509/x509_vfy.c`
		`- +++ b/crypto/x509/x509_vfy.c`
		`- @@ -25,6 +25,7 @@`
		`- #include <openssl/objects.h>`
		`- #include <openssl/core_names.h>`
		`- #include "internal/dane.h"`
		`- +#include "internal/sslconf.h"`
		`- #include "crypto/x509.h"`
		`- #include "x509_local.h"`
		`-`
		`- @@ -3430,14 +3431,30 @@ static int check_sig_level(X509_STORE_CTX ctx, X509 cert)`
		`- {`
		`- int secbits = -1;`
		`- int level = ctx->param->auth_level;`
		`- + int nid;`
		`- + OSSL_LIB_CTX *libctx = NULL;`
		`-`
		`- if (level <= 0)`
		`- return 1;`
		`- if (level > NUM_AUTH_LEVELS)`
		`- level = NUM_AUTH_LEVELS;`
		`-`
		`- - if (!X509_get_signature_info(cert, NULL, NULL, &secbits, NULL))`
		`- + if (ctx->libctx)`
		`- + libctx = ctx->libctx;`
		`- + else if (cert->libctx)`
		`- + libctx = cert->libctx;`
		`- + else`
		`- + libctx = OSSL_LIB_CTX_get0_global_default();`
		`- +`
		`- + if (!X509_get_signature_info(cert, &nid, NULL, &secbits, NULL))`
		`- return 0;`
		`-`
		`- + if (nid == NID_sha1`
		`- + && ossl_ctx_legacy_digest_signatures_allowed(libctx, 0)`
		`- + && ctx->param->auth_level < 3)`
		`- + /* When rh-allow-sha1-signatures = yes and security level <= 2,`
		`- + * explicitly allow SHA1 for backwards compatibility. */`
		`- + return 1;`
		`- +`
		`- return secbits >= minbits_table[level - 1];`
		`- }`
		`- diff --git a/doc/man5/config.pod b/doc/man5/config.pod`
		`- index f7ac6a743b44c786cf18ccf2ed28105855ceb3ac..f850075d2d0da73e2ab8fc402b1884d3ef6254a8 100644`
		`- --- a/doc/man5/config.pod`
		`- +++ b/doc/man5/config.pod`
		`- @@ -313,7 +313,12 @@ When set to B<no>, any attempt to create or verify a signature with a SHA1`
		`- digest will fail. For compatibility with older versions of OpenSSL, set this`
		`- option to B<yes>. This setting also affects TLS, where signature algorithms`
		`- that use SHA1 as digest will no longer be supported if this option is set to`
		`- -B<no>.`
		`- +B<no>. Note that enabling B<rh-allow-sha1-signatures> will allow TLS signature`
		`- +algorithms that use SHA1 in security level 2, despite the definition of`
		`- +security level 2 of 112 bits of security, which SHA1 does not meet. Because`
		`- +TLS 1.1 or lower use MD5-SHA1 as pseudorandom function (PRF) to derive key`
		`- +material, disabling B<rh-allow-sha1-signatures> requires the use of TLS 1.2 or`
		`- +newer.`
		`-`
		`- =item B<fips_mode> (deprecated)`
		`-`
		`- diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c`
		`- index 89c1dd31c72271b1923ab972e3d3359b6c8e1a03..831e594c00f1c048c9cd920b6c7e62cd6d7a06ed 100644`
		`- --- a/ssl/t1_lib.c`
		`- +++ b/ssl/t1_lib.c`
		`- @@ -20,6 +20,7 @@`
		`- #include <openssl/bn.h>`
		`- #include <openssl/provider.h>`
		`- #include <openssl/param_build.h>`
		`- +#include "crypto/x509.h"`
		`- #include "internal/sslconf.h"`
		`- #include "internal/nelem.h"`
		`- #include "internal/sizes.h"`
		`- @@ -1566,19 +1567,27 @@ int tls12_check_peer_sigalg(SSL s, uint16_t sig, EVP_PKEY pkey)`
		`- SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_UNKNOWN_DIGEST);`
		`- return 0;`
		`- }`
		`- - /*`
		`- - * Make sure security callback allows algorithm. For historical`
		`- - * reasons we have to pass the sigalg as a two byte char array.`
		`- - */`
		`- - sigalgstr[0] = (sig >> 8) & 0xff;`
		`- - sigalgstr[1] = sig & 0xff;`
		`- - secbits = sigalg_security_bits(s->ctx, lu);`
		`- - if (secbits == 0 \|\|`
		`- - !ssl_security(s, SSL_SECOP_SIGALG_CHECK, secbits,`
		`- - md != NULL ? EVP_MD_get_type(md) : NID_undef,`
		`- - (void *)sigalgstr)) {`
		`- - SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_WRONG_SIGNATURE_TYPE);`
		`- - return 0;`
		`- +`
		`- + if (lu->hash == NID_sha1`
		`- + && ossl_ctx_legacy_digest_signatures_allowed(s->ctx->libctx, 0)`
		`- + && SSL_get_security_level(s) < 3) {`
		`- + /* when rh-allow-sha1-signatures = yes and security level <= 2,`
		`- + * explicitly allow SHA1 for backwards compatibility */`
		`- + } else {`
		`- + /*`
		`- + * Make sure security callback allows algorithm. For historical`
		`- + * reasons we have to pass the sigalg as a two byte char array.`
		`- + */`
		`- + sigalgstr[0] = (sig >> 8) & 0xff;`
		`- + sigalgstr[1] = sig & 0xff;`
		`- + secbits = sigalg_security_bits(s->ctx, lu);`
		`- + if (secbits == 0 \|\|`
		`- + !ssl_security(s, SSL_SECOP_SIGALG_CHECK, secbits,`
		`- + md != NULL ? EVP_MD_get_type(md) : NID_undef,`
		`- + (void *)sigalgstr)) {`
		`- + SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_WRONG_SIGNATURE_TYPE);`
		`- + return 0;`
		`- + }`
		`- }`
		`- /* Store the sigalg the peer uses */`
		`- s->s3.tmp.peer_sigalg = lu;`
		`- @@ -2116,6 +2125,14 @@ static int tls12_sigalg_allowed(const SSL s, int op, const SIGALG_LOOKUP lu)`
		`- }`
		`- }`
		`-`
		`- + if (lu->hash == NID_sha1`
		`- + && ossl_ctx_legacy_digest_signatures_allowed(s->ctx->libctx, 0)`
		`- + && SSL_get_security_level(s) < 3) {`
		`- + /* when rh-allow-sha1-signatures = yes and security level <= 2,`
		`- + * explicitly allow SHA1 for backwards compatibility */`
		`- + return 1;`
		`- + }`
		`- +`
		`- /* Finally see if security callback allows it */`
		`- secbits = sigalg_security_bits(s->ctx, lu);`
		`- sigalgstr[0] = (lu->sigalg >> 8) & 0xff;`
		`- @@ -2985,6 +3002,8 @@ static int ssl_security_cert_sig(SSL s, SSL_CTX ctx, X509 *x, int op)`
		`- {`
		`- /* Lookup signature algorithm digest */`
		`- int secbits, nid, pknid;`
		`- + OSSL_LIB_CTX *libctx = NULL;`
		`- +`
		`- /* Don't check signature if self signed */`
		`- if ((X509_get_extension_flags(x) & EXFLAG_SS) != 0)`
		`- return 1;`
		`- @@ -2993,6 +3012,25 @@ static int ssl_security_cert_sig(SSL s, SSL_CTX ctx, X509 *x, int op)`
		`- /* If digest NID not defined use signature NID */`
		`- if (nid == NID_undef)`
		`- nid = pknid;`
		`- +`
		`- + if (x && x->libctx)`
		`- + libctx = x->libctx;`
		`- + else if (ctx && ctx->libctx)`
		`- + libctx = ctx->libctx;`
		`- + else if (s && s->ctx && s->ctx->libctx)`
		`- + libctx = s->ctx->libctx;`
		`- + else`
		`- + libctx = OSSL_LIB_CTX_get0_global_default();`
		`- +`
		`- + if (nid == NID_sha1`
		`- + && ossl_ctx_legacy_digest_signatures_allowed(libctx, 0)`
		`- + && ((s != NULL && SSL_get_security_level(s) < 3)`
		`- + \|\| (ctx != NULL && SSL_CTX_get_security_level(ctx) < 3)`
		`- + ))`
		`- + /* When rh-allow-sha1-signatures = yes and security level <= 2,`
		`- + * explicitly allow SHA1 for backwards compatibility. */`
		`- + return 1;`
		`- +`
		`- if (s)`
		`- return ssl_security(s, op, secbits, nid, x);`
		`- else`
		`- diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t`
		`- index 2a4c36e86daff04f87ad4726a9fb359d958189bf..309cda877d15ff18f5e492c05372f5c9f1393525 100644`
		`- --- a/test/recipes/25-test_verify.t`
		`- +++ b/test/recipes/25-test_verify.t`
		`- @@ -29,7 +29,7 @@ sub verify {`
		`- run(app([@args]));`
		`- }`
		`-`
		`- -plan tests => 164;`
		`- +plan tests => 163;`
		`-`
		`- # Canonical success`
		`- ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),`
		`- @@ -419,8 +419,9 @@ ok(verify("ee-pss-sha1-cert", "", ["root-cert"], ["ca-cert"], "-auth_level", "0"`
		`- ok(verify("ee-pss-sha256-cert", "", ["root-cert"], ["ca-cert"], ),`
		`- "CA with PSS signature using SHA256");`
		`-`
		`- -ok(!verify("ee-pss-sha1-cert", "", ["root-cert"], ["ca-cert"], "-auth_level", "1"),`
		`- - "Reject PSS signature using SHA1 and auth level 1");`
		`- +## rh-allow-sha1-signatures=yes allows this to pass despite -auth_level 1`
		`- +#ok(!verify("ee-pss-sha1-cert", "", ["root-cert"], ["ca-cert"], "-auth_level", "1"),`
		`- +# "Reject PSS signature using SHA1 and auth level 1");`
		`-`
		`- ok(verify("ee-pss-sha256-cert", "", ["root-cert"], ["ca-cert"], "-auth_level", "2"),`
		`- "PSS signature using SHA256 and auth level 2");`
		`- --`
		`- 2.39.1`
		`-`

0053-Add-SHA1-probes.patch

file removed

-238

		`@@ -1,238 +0,0 @@`
		`- From 428369896db1656af748a67bb36fba039e7b39ad Mon Sep 17 00:00:00 2001`
		`- From: Clemens Lang <cllang@redhat.com>`
		`- Date: Mon, 25 Apr 2022 15:21:46 +0200`
		`- Subject: [PATCH] Instrument SHA-1 signatures with USDT probes`
		`-`
		`- In order to discover remaining uses of SHA-1 in signatures without`
		`- forcefully breaking the code paths, add USDT probes that can be queried`
		`- with systemtap at runtime.`
		`-`
		`- This should allow identifying components that still use SHA-1 signatures`
		`- in production so that they can be transitioned to more modern hash`
		`- algorithms.`
		`- ---`
		`- crypto/evp/m_sigver.c \| 13 +++++++++----`
		`- crypto/evp/pmeth_lib.c \| 13 +++++++++----`
		`- crypto/x509/x509_vfy.c \| 6 +++++-`
		`- providers/common/securitycheck.c \| 22 +++++++++++++++-------`
		`- providers/common/securitycheck_default.c \| 13 +++++++++++--`
		`- ssl/t1_lib.c \| 8 +++++++-`
		`- 6 files changed, 56 insertions(+), 19 deletions(-)`
		`-`
		`- diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c`
		`- index 8da2183ce0..c17cdfa5d5 100644`
		`- --- a/crypto/evp/m_sigver.c`
		`- +++ b/crypto/evp/m_sigver.c`
		`- @@ -16,6 +16,8 @@`
		`- #include "internal/numbers.h" /* includes SIZE_MAX */`
		`- #include "evp_local.h"`
		`-`
		`- +#include <sys/sdt.h>`
		`- +`
		`- typedef struct ossl_legacy_digest_signatures_st {`
		`- int allowed;`
		`- } OSSL_LEGACY_DIGEST_SIGNATURES;`
		`- @@ -336,10 +338,13 @@ static int do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`- && !EVP_PKEY_is_a(locpctx->pkey, SN_tls1_prf)`
		`- && !EVP_PKEY_is_a(locpctx->pkey, SN_hkdf)) {`
		`- int mdnid = EVP_MD_nid(ctx->reqdigest);`
		`- - if (!ossl_ctx_legacy_digest_signatures_allowed(locpctx->libctx, 0)`
		`- - && (mdnid == NID_sha1 \|\| mdnid == NID_md5_sha1)) {`
		`- - ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);`
		`- - goto err;`
		`- + if (mdnid == NID_sha1 \|\| mdnid == NID_md5_sha1) {`
		`- + if (!ossl_ctx_legacy_digest_signatures_allowed(locpctx->libctx, 0)) {`
		`- + ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);`
		`- + goto err;`
		`- + } else {`
		`- + DTRACE_PROBE1(libcrypto, fedora_do_sigver_init_1, mdnid);`
		`- + }`
		`- }`
		`- }`
		`-`
		`- diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c`
		`- index b96f148c0d..54fcf24945 100644`
		`- --- a/crypto/evp/pmeth_lib.c`
		`- +++ b/crypto/evp/pmeth_lib.c`
		`- @@ -37,6 +37,8 @@`
		`- #include "internal/sslconf.h"`
		`- #include "evp_local.h"`
		`-`
		`- +#include <sys/sdt.h>`
		`- +`
		`- #ifndef FIPS_MODULE`
		`-`
		`- static int evp_pkey_ctx_store_cached_data(EVP_PKEY_CTX *ctx,`
		`- @@ -956,10 +958,13 @@ static int evp_pkey_ctx_set_md(EVP_PKEY_CTX ctx, const EVP_MD md,`
		`- && !EVP_PKEY_is_a(ctx->pkey, SN_tls1_prf)`
		`- && !EVP_PKEY_is_a(ctx->pkey, SN_hkdf)) {`
		`- int mdnid = EVP_MD_nid(md);`
		`- - if ((mdnid == NID_sha1 \|\| mdnid == NID_md5_sha1)`
		`- - && !ossl_ctx_legacy_digest_signatures_allowed(ctx->libctx, 0)) {`
		`- - ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);`
		`- - return -1;`
		`- + if (mdnid == NID_sha1 \|\| mdnid == NID_md5_sha1) {`
		`- + if (!ossl_ctx_legacy_digest_signatures_allowed(ctx->libctx, 0)) {`
		`- + ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);`
		`- + return -1;`
		`- + } else {`
		`- + DTRACE_PROBE1(libcrypto, fedora_evp_pkey_ctx_set_md_1, mdnid);`
		`- + }`
		`- }`
		`- }`
		`-`
		`- diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c`
		`- index bf0c608839..78638ce80e 100644`
		`- --- a/crypto/x509/x509_vfy.c`
		`- +++ b/crypto/x509/x509_vfy.c`
		`- @@ -29,6 +29,8 @@`
		`- #include "crypto/x509.h"`
		`- #include "x509_local.h"`
		`-`
		`- +#include <sys/sdt.h>`
		`- +`
		`- /* CRL score values */`
		`-`
		`- #define CRL_SCORE_NOCRITICAL 0x100 /* No unhandled critical extensions */`
		`- @@ -3462,11 +3464,13 @@ static int check_sig_level(X509_STORE_CTX ctx, X509 cert)`
		`-`
		`- if ((nid == NID_sha1 \|\| nid == NID_md5_sha1)`
		`- && ossl_ctx_legacy_digest_signatures_allowed(libctx, 0)`
		`- - && ctx->param->auth_level < 2)`
		`- + && ctx->param->auth_level < 2) {`
		`- + DTRACE_PROBE1(libcrypto, fedora_check_sig_level_1, nid);`
		`- /* When rh-allow-sha1-signatures = yes and security level <= 1,`
		`- * explicitly allow SHA1 for backwards compatibility. Also allow`
		`- * MD5-SHA1 because TLS 1.0 is still supported, which uses it. */`
		`- return 1;`
		`- + }`
		`-`
		`- return secbits >= minbits_table[level - 1];`
		`- }`
		`- diff --git a/providers/common/securitycheck.c b/providers/common/securitycheck.c`
		`- index e534ad0a5f..bf496450cf 100644`
		`- --- a/providers/common/securitycheck.c`
		`- +++ b/providers/common/securitycheck.c`
		`- @@ -21,6 +21,8 @@`
		`- #include "prov/securitycheck.h"`
		`- #include "internal/sslconf.h"`
		`-`
		`- +#include <sys/sdt.h>`
		`- +`
		`- /*`
		`- * FIPS requires a minimum security strength of 112 bits (for encryption or`
		`- * signing), and for legacy purposes 80 bits (for decryption or verifying).`
		`- @@ -238,11 +240,14 @@ int ossl_digest_get_approved_nid_with_sha1(OSSL_LIB_CTX ctx, const EVP_MD md,`
		`- # endif /* OPENSSL_NO_FIPS_SECURITYCHECKS */`
		`-`
		`- #ifndef FIPS_MODULE`
		`- - if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))`
		`- - /* SHA1 is globally disabled, check whether we want to locally allow`
		`- - * it. */`
		`- - if (mdnid == NID_sha1 && !sha1_allowed)`
		`- + if (mdnid == NID_sha1 && !sha1_allowed) {`
		`- + if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))`
		`- + /* SHA1 is globally disabled, check whether we want to locally allow`
		`- + * it. */`
		`- mdnid = -1;`
		`- + else`
		`- + DTRACE_PROBE1(libcrypto, fedora_ossl_digest_get_approved_nid_with_sha1_1, mdnid);`
		`- + }`
		`- #endif`
		`-`
		`- return mdnid;`
		`- @@ -258,9 +263,12 @@ int ossl_digest_is_allowed(OSSL_LIB_CTX ctx, const EVP_MD md)`
		`- #ifndef FIPS_MODULE`
		`- {`
		`- int mdnid = EVP_MD_nid(md);`
		`- - if ((mdnid == NID_sha1 \|\| mdnid == NID_md5_sha1)`
		`- - && !ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))`
		`- - return 0;`
		`- + if (mdnid == NID_sha1 \|\| mdnid == NID_md5_sha1) {`
		`- + if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))`
		`- + return 0;`
		`- + else`
		`- + DTRACE_PROBE1(libcrypto, fedora_ossl_digest_is_allowed_1, mdnid);`
		`- + }`
		`- }`
		`- #endif`
		`-`
		`- diff --git a/providers/common/securitycheck_default.c b/providers/common/securitycheck_default.c`
		`- index ce54a94fbc..2d21e4a7df 100644`
		`- --- a/providers/common/securitycheck_default.c`
		`- +++ b/providers/common/securitycheck_default.c`
		`- @@ -17,6 +17,8 @@`
		`- #include "internal/nelem.h"`
		`- #include "internal/sslconf.h"`
		`-`
		`- +#include <sys/sdt.h>`
		`- +`
		`- /* Disable the security checks in the default provider */`
		`- int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx)`
		`- {`
		`- @@ -40,9 +42,16 @@ int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX ctx, const EVP_MD md,`
		`-`
		`- ldsigs_allowed = ossl_ctx_legacy_digest_signatures_allowed(ctx, 0);`
		`- mdnid = ossl_digest_get_approved_nid_with_sha1(ctx, md, sha1_allowed \|\| ldsigs_allowed);`
		`- + if (mdnid == NID_sha1)`
		`- + /* This will only happen if SHA1 is allowed, otherwise mdnid is -1. */`
		`- + DTRACE_PROBE1(libcrypto, fedora_ossl_digest_rsa_sign_get_md_nid_1, mdnid);`
		`- if (mdnid == NID_undef)`
		`- mdnid = ossl_digest_md_to_nid(md, name_to_nid, OSSL_NELEM(name_to_nid));`
		`- - if (mdnid == NID_md5_sha1 && !ldsigs_allowed)`
		`- - mdnid = -1;`
		`- + if (mdnid == NID_md5_sha1) {`
		`- + if (ldsigs_allowed)`
		`- + DTRACE_PROBE1(libcrypto, fedora_ossl_digest_rsa_sign_get_md_nid_2, mdnid);`
		`- + else`
		`- + mdnid = -1;`
		`- + }`
		`- return mdnid;`
		`- }`
		`- diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c`
		`- index 0b50266b69..d05e696a28 100644`
		`- --- a/ssl/t1_lib.c`
		`- +++ b/ssl/t1_lib.c`
		`- @@ -28,6 +28,8 @@`
		`- #include "ssl_local.h"`
		`- #include <openssl/ct.h>`
		`-`
		`- +#include <sys/sdt.h>`
		`- +`
		`- static const SIGALG_LOOKUP find_sig_alg(SSL s, X509 x, EVP_PKEY pkey);`
		`- static int tls12_sigalg_allowed(const SSL s, int op, const SIGALG_LOOKUP lu);`
		`-`
		`- @@ -1569,6 +1571,7 @@ int tls12_check_peer_sigalg(SSL s, uint16_t sig, EVP_PKEY pkey)`
		`- /* When rh-allow-sha1-signatures = yes and security level <= 1,`
		`- * explicitly allow SHA1 for backwards compatibility. Also allow`
		`- * MD5-SHA1 because TLS 1.0 is still supported, which uses it. */`
		`- + DTRACE_PROBE1(libssl, fedora_tls12_check_peer_sigalg_1, lu->hash);`
		`- } else {`
		`- /*`
		`- * Make sure security callback allows algorithm. For historical`
		`- @@ -2122,6 +2125,7 @@ static int tls12_sigalg_allowed(const SSL s, int op, const SIGALG_LOOKUP lu)`
		`- /* When rh-allow-sha1-signatures = yes and security level <= 1,`
		`- * explicitly allow SHA1 for backwards compatibility. Also allow`
		`- * MD5-SHA1 because TLS 1.0 is still supported, which uses it. */`
		`- + DTRACE_PROBE1(libssl, fedora_tls12_sigalg_allowed_1, lu->hash);`
		`- return 1;`
		`- }`
		`-`
		`- @@ -3020,11 +3024,13 @@ static int ssl_security_cert_sig(SSL s, SSL_CTX ctx, X509 *x, int op)`
		`- && ossl_ctx_legacy_digest_signatures_allowed(libctx, 0)`
		`- && ((s != NULL && SSL_get_security_level(s) < 2)`
		`- \|\| (ctx != NULL && SSL_CTX_get_security_level(ctx) < 2)`
		`- - ))`
		`- + )) {`
		`- /* When rh-allow-sha1-signatures = yes and security level <= 1,`
		`- * explicitly allow SHA1 for backwards compatibility. Also allow`
		`- * MD5-SHA1 because TLS 1.0 is still supported, which uses it. */`
		`- + DTRACE_PROBE1(libssl, fedora_ssl_security_cert_sig_1, nid);`
		`- return 1;`
		`- + }`
		`-`
		`- if (s)`
		`- return ssl_security(s, op, secbits, nid, x);`
		`- --`
		`- 2.35.1`
		`-`

0056-strcasecmp.patch

file modified

+45 -21

		`@@ -1,19 +1,26 @@`
		`- diff -up openssl-3.0.3/util/libcrypto.num.locale openssl-3.0.3/util/libcrypto.num`
		`- --- openssl-3.0.3/util/libcrypto.num.locale 2022-06-01 12:35:52.667498724 +0200`
		`- +++ openssl-3.0.3/util/libcrypto.num 2022-06-01 12:36:08.112633093 +0200`
		`- @@ -5425,6 +5425,8 @@ ASN1_item_d2i_ex`
		`- OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:`
		`- OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:`
		`- OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP`
		`- +OPENSSL_strcasecmp ? 3_0_1 EXIST::FUNCTION:`
		`- +OPENSSL_strncasecmp ? 3_0_1 EXIST::FUNCTION:`
		`- ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:`
		`- ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:`
		`- ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:`
		`- diff -up openssl-3.0.7/crypto/o_str.c.cmp openssl-3.0.7/crypto/o_str.c`
		`- --- openssl-3.0.7/crypto/o_str.c.cmp 2022-11-25 12:50:22.449760653 +0100`
		`- +++ openssl-3.0.7/crypto/o_str.c 2022-11-25 12:51:19.416350584 +0100`
		`- @@ -342,7 +342,12 @@ int openssl_strerror_r(int errnum, char`
		`+ From 8545e0c4c38934fda47b701043dd5ce89c99fe81 Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 25/35] 0056-strcasecmp.patch`
		`+`
		`+ Patch-name: 0056-strcasecmp.patch`
		`+ Patch-id: 56`
		`+ Patch-status: \|`
		`+ # https://github.com/openssl/openssl/pull/18103`
		`+ # The patch is incorporated in 3.0.3 but we provide this function since 3.0.1`
		`+ # so the patch should persist`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ crypto/o_str.c \| 14 ++++++++++++--`
		`+ test/recipes/01-test_symbol_presence.t \| 1 +`
		`+ util/libcrypto.num \| 2 ++`
		`+ 3 files changed, 15 insertions(+), 2 deletions(-)`
		`+`
		`+ diff --git a/crypto/o_str.c b/crypto/o_str.c`
		`+ index 3354ce0927..95b9538471 100644`
		`+ --- a/crypto/o_str.c`
		`+ +++ b/crypto/o_str.c`
		`+ @@ -342,7 +342,12 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen)`
		`#endif`
		`}`

		`@@ -27,7 +34,7 @@`
		`{`
		`int t;`

		`- @@ -352,7 +354,12 @@ int OPENSSL_strcasecmp(const char *s1, c`
		`+ @@ -352,7 +357,12 @@ int OPENSSL_strcasecmp(const char s1, const char s2)`
		`return t;`
		`}`

		`@@ -41,10 +48,11 @@`
		`{`
		`int t;`
		`size_t i;`
		`- diff -up openssl-3.0.7/test/recipes/01-test_symbol_presence.t.cmp openssl-3.0.7/test/recipes/01-test_symbol_presence.t`
		`- --- openssl-3.0.7/test/recipes/01-test_symbol_presence.t.cmp 2022-11-25 18:19:05.669769076 +0100`
		`- +++ openssl-3.0.7/test/recipes/01-test_symbol_presence.t 2022-11-25 18:31:20.993392678 +0100`
		`- @@ -77,6 +80,7 @@ foreach my $libname (@libnames) {`
		`+ diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t`
		`+ index 5530ade0ad..238a8d762e 100644`
		`+ --- a/test/recipes/01-test_symbol_presence.t`
		`+ +++ b/test/recipes/01-test_symbol_presence.t`
		`+ @@ -77,6 +77,7 @@ foreach my $libname (@libnames) {`
		`s\| .*\|\|;`
		`# Drop OpenSSL dynamic version information if there is any`
		`s\|\@\@.+$\|\|;`
		`@@ -52,3 +60,19 @@`
		`# Return the result`
		`$_`
		`}`
		`+ diff --git a/util/libcrypto.num b/util/libcrypto.num`
		`+ index feb660d030..639074c5d0 100644`
		`+ --- a/util/libcrypto.num`
		`+ +++ b/util/libcrypto.num`
		`+ @@ -5435,6 +5435,8 @@ EVP_MD_CTX_dup 5562 3_1_0 EXIST::FUNCTION:`
		`+ EVP_CIPHER_CTX_dup 5563 3_1_0 EXIST::FUNCTION:`
		`+ BN_are_coprime 5564 3_1_0 EXIST::FUNCTION:`
		`+ OSSL_CMP_MSG_update_recipNonce 5565 3_0_9 EXIST::FUNCTION:CMP`
		`+ +OPENSSL_strcasecmp ? 3_0_1 EXIST::FUNCTION:`
		`+ +OPENSSL_strncasecmp ? 3_0_1 EXIST::FUNCTION:`
		`+ ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:`
		`+ ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:`
		`+ ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:`
		`+ --`
		`+ 2.41.0`
		`+`

0058-FIPS-limit-rsa-encrypt.patch

file modified

+116 -87

		`@@ -1,6 +1,27 @@`
		`- diff -up openssl-3.0.1/providers/common/securitycheck.c.rsaenc openssl-3.0.1/providers/common/securitycheck.c`
		`- --- openssl-3.0.1/providers/common/securitycheck.c.rsaenc 2022-06-24 17:14:33.634692729 +0200`
		`- +++ openssl-3.0.1/providers/common/securitycheck.c 2022-06-24 17:16:08.966540605 +0200`
		`+ From 7a6ade7947ceea6ca367afa0427f61a9505e37a5 Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 26/35] 0058-FIPS-limit-rsa-encrypt.patch`
		`+`
		`+ Patch-name: 0058-FIPS-limit-rsa-encrypt.patch`
		`+ Patch-id: 58`
		`+ Patch-status: \|`
		`+ # https://github.com/openssl/openssl/pull/18175`
		`+ # Patch57: 0057-strcasecmp-fix.patch`
		`+ # https://bugzilla.redhat.com/show_bug.cgi?id=2053289`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ providers/common/securitycheck.c \| 1 +`
		`+ .../implementations/asymciphers/rsa_enc.c \| 35 +++++++++++`
		`+ .../30-test_evp_data/evppkey_rsa_common.txt \| 58 ++++++++++++++++++-`
		`+ test/recipes/80-test_cms.t \| 5 +-`
		`+ test/recipes/80-test_ssl_old.t \| 27 +++++++--`
		`+ 5 files changed, 118 insertions(+), 8 deletions(-)`
		`+`
		`+ diff --git a/providers/common/securitycheck.c b/providers/common/securitycheck.c`
		`+ index e534ad0a5f..c017c658e5 100644`
		`+ --- a/providers/common/securitycheck.c`
		`+ +++ b/providers/common/securitycheck.c`
		`@@ -27,6 +27,7 @@`
		`* Set protect = 1 for encryption or signing operations, or 0 otherwise. See`
		`* https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf.`
		`@@ -9,10 +30,11 @@`
		`int ossl_rsa_check_key(OSSL_LIB_CTX ctx, const RSA rsa, int operation)`
		`{`
		`int protect = 0;`
		`- diff -up openssl-3.0.1/providers/implementations/asymciphers/rsa_enc.c.no_bad_pad openssl-3.0.1/providers/implementations/asymciphers/rsa_enc.c`
		`- --- openssl-3.0.1/providers/implementations/asymciphers/rsa_enc.c.no_bad_pad 2022-05-02 16:04:47.000091901 +0200`
		`- +++ openssl-3.0.1/providers/implementations/asymciphers/rsa_enc.c 2022-05-02 16:14:50.922443581 +0200`
		`- @@ -132,6 +132,17 @@ static int rsa_decrypt_init(void *vprsac`
		`+ diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c`
		`+ index d865968058..9cd8904131 100644`
		`+ --- a/providers/implementations/asymciphers/rsa_enc.c`
		`+ +++ b/providers/implementations/asymciphers/rsa_enc.c`
		`+ @@ -132,6 +132,17 @@ static int rsa_decrypt_init(void vprsactx, void vrsa,`
		`return rsa_init(vprsactx, vrsa, params, EVP_PKEY_OP_DECRYPT);`
		`}`

		`@@ -30,7 +52,7 @@`
		`static int rsa_encrypt(void vprsactx, unsigned char out, size_t *outlen,`
		`size_t outsize, const unsigned char *in, size_t inlen)`
		`{`
		`- @@ -141,6 +152,18 @@ static int rsa_encrypt(void *vprsactx, u`
		`+ @@ -141,6 +152,18 @@ static int rsa_encrypt(void vprsactx, unsigned char out, size_t *outlen,`
		`if (!ossl_prov_is_running())`
		`return 0;`

		`@@ -49,7 +71,7 @@`
		`if (out == NULL) {`
		`size_t len = RSA_size(prsactx->rsa);`

		`- @@ -202,6 +220,18 @@ static int rsa_decrypt(void *vprsactx, u`
		`+ @@ -204,6 +227,18 @@ static int rsa_decrypt(void vprsactx, unsigned char out, size_t *outlen,`
		`if (!ossl_prov_is_running())`
		`return 0;`

		`@@ -68,75 +90,11 @@`
		`if (prsactx->pad_mode == RSA_PKCS1_WITH_TLS_PADDING) {`
		`if (out == NULL) {`
		`*outlen = SSL_MAX_MASTER_KEY_LENGTH;`
		`- diff -up openssl-3.0.1/test/recipes/80-test_cms.t.no_bad_pad openssl-3.0.1/test/recipes/80-test_cms.t`
		`- --- openssl-3.0.1/test/recipes/80-test_cms.t.no_bad_pad 2022-05-02 17:04:07.610782138 +0200`
		`- +++ openssl-3.0.1/test/recipes/80-test_cms.t 2022-05-02 17:06:03.595814620 +0200`
		`- @@ -232,7 +232,7 @@ my @smime_pkcs7_tests = (`
		`- \&final_compare`
		`- ],`
		`-`
		`- - [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",`
		`- + [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients, no Red Hat FIPS",`
		`- [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,`
		`- "-aes256", "-stream", "-out", "{output}.cms",`
		`- $smrsa1,`
		`- @@ -865,5 +865,8 @@ sub check_availability {`
		`- return "$tnam: skipped, DSA disabled\n"`
		`- if ($no_dsa && $tnam =~ / DSA/);`
		`-`
		`- + return "$tnam: skipped, Red Hat FIPS\n"`
		`- + if ($tnam =~ /no Red Hat FIPS/);`
		`- +`
		`- return "";`
		`- }`
		`- diff -up openssl-3.0.1/test/recipes/80-test_ssl_old.t.no_bad_pad openssl-3.0.1/test/recipes/80-test_ssl_old.t`
		`- --- openssl-3.0.1/test/recipes/80-test_ssl_old.t.no_bad_pad 2022-05-02 17:26:37.962838053 +0200`
		`- +++ openssl-3.0.1/test/recipes/80-test_ssl_old.t 2022-05-02 17:34:20.297950449 +0200`
		`- @@ -483,6 +483,18 @@ sub testssl {`
		`- # the default choice if TLSv1.3 enabled`
		`- my $flag = $protocol eq "-tls1_3" ? "" : $protocol;`
		`- my $ciphersuites = "";`
		`- + my %redhat_skip_cipher = map {$_ => 1} qw(`
		`- +AES256-GCM-SHA384:@SECLEVEL=0`
		`- +AES256-CCM8:@SECLEVEL=0`
		`- +AES256-CCM:@SECLEVEL=0`
		`- +AES128-GCM-SHA256:@SECLEVEL=0`
		`- +AES128-CCM8:@SECLEVEL=0`
		`- +AES128-CCM:@SECLEVEL=0`
		`- +AES256-SHA256:@SECLEVEL=0`
		`- +AES128-SHA256:@SECLEVEL=0`
		`- +AES256-SHA:@SECLEVEL=0`
		`- +AES128-SHA:@SECLEVEL=0`
		`- + );`
		`- foreach my $cipher (@{$ciphersuites{$protocol}}) {`
		`- if ($protocol eq "-ssl3" && $cipher =~ /ECDH/ ) {`
		`- note "*****SKIPPING $protocol $cipher";`
		`- @@ -494,11 +506,16 @@ sub testssl {`
		`- } else {`
		`- $cipher = $cipher.':@SECLEVEL=0';`
		`- }`
		`- - ok(run(test([@ssltest, @exkeys, "-cipher",`
		`- - $cipher,`
		`- - "-ciphersuites", $ciphersuites,`
		`- - $flag \|\| ()])),`
		`- - "Testing $cipher");`
		`- + if ($provider eq "fips" && exists $redhat_skip_cipher{$cipher}) {`
		`- + note "*****SKIPPING $cipher in Red Hat FIPS mode";`
		`- + ok(1);`
		`- + } else {`
		`- + ok(run(test([@ssltest, @exkeys, "-cipher",`
		`- + $cipher,`
		`- + "-ciphersuites", $ciphersuites,`
		`- + $flag \|\| ()])),`
		`- + "Testing $cipher");`
		`- + }`
		`- }`
		`- }`
		`- next if $protocol eq "-tls1_3";`
		`- diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fipskeylen openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt`
		`- --- openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fipskeylen 2022-06-16 14:26:19.383530498 +0200`
		`- +++ openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt 2022-06-16 14:39:53.637777701 +0200`
		`- @@ -263,13 +263,13 @@ Input = 64b0e9f9892371110c40ba5739dc0974`
		`+ diff --git a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt`
		`+ index 8680797b90..95d5d51102 100644`
		`+ --- a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt`
		`+ +++ b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt`
		`+ @@ -248,13 +248,13 @@ Input = 64b0e9f9892371110c40ba5739dc0974002aa6e6160b481447c6819947c2d3b537a6e377`
		Output = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef

		`# RSA decrypt`
		`@@ -152,7 +110,7 @@`
		`Decrypt = RSA-2048`
		Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C701ABF2D4CC67003471A187900B05AA812BD25ED05C675DFC8C97A24A7BF49BD6214992CAD766D05A9A2B57B74F26A737E0237B8B76C45F1F226A836D7CFBC75BA999BDBE48DBC09227AA46C88F21DCCBA7840141AD5A5D71FD122E6BD6AC3E564780DFE623FC1CA9B995A6037BF0BBD43B205A84AC5444F34202C05CE9113087176432476576DE6FFFF9A52EA57C08BE3EC2F49676CB8E12F762AC71FA3C321E00AC988910C85FF52F93825666CE0D40FFAA0592078919D4493F46D95CCF76364C6D57760DD0B64805F9AFC76A2365A5575CA301D5103F0EA76CB9A79
		`Output = "Hello World"`
		`- @@ -665,36 +666,42 @@ vcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mN`
		`+ @@ -619,36 +619,42 @@ vcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mNXb79cyY+NygUJ0OBgWbtfdY2`
		`h90qjKHS9PvY4Q==`
		`-----END PRIVATE KEY-----`

		`@@ -195,7 +153,7 @@`
		`Decrypt=RSA-OAEP-1`
		`Ctrl = rsa_padding_mode:oaep`
		`Ctrl = rsa_mgf1_md:sha1`
		`- @@ -719,36 +726,42 @@ SwGNdhGLJDiac1Dsg2sAY6IXISNv2O222JtR5+64`
		`+ @@ -673,36 +679,42 @@ SwGNdhGLJDiac1Dsg2sAY6IXISNv2O222JtR5+64e2EbcTLLfqc1bCMVHB53UVB8`
		`eG2e4XlBcKjI6A==`
		`-----END PRIVATE KEY-----`

		`@@ -238,7 +196,7 @@`
		`Decrypt=RSA-OAEP-2`
		`Ctrl = rsa_padding_mode:oaep`
		`Ctrl = rsa_mgf1_md:sha1`
		`- @@ -773,36 +786,42 @@ iUGx07dw5a0x7jc7KKzaaf+bb0D+V4ufGvuFg2+W`
		`+ @@ -727,36 +739,42 @@ iUGx07dw5a0x7jc7KKzaaf+bb0D+V4ufGvuFg2+WJ9N6z/c8J3nmNLsmARwsj38z`
		`Ya4qnqZe1onjY5o=`
		`-----END PRIVATE KEY-----`

		`@@ -281,7 +239,7 @@`
		`Decrypt=RSA-OAEP-3`
		`Ctrl = rsa_padding_mode:oaep`
		`Ctrl = rsa_mgf1_md:sha1`
		`- @@ -827,36 +846,42 @@ s/XkIiO6MDAcQabYfLtw4wy308Z9JUc9sfbL8D4/`
		`+ @@ -781,36 +799,42 @@ s/XkIiO6MDAcQabYfLtw4wy308Z9JUc9sfbL8D4/kSbj6XloJ5qGWywrQmUkz8Uq`
		`aD0x7TDrmEvkEro=`
		`-----END PRIVATE KEY-----`

		`@@ -324,7 +282,7 @@`
		`Decrypt=RSA-OAEP-4`
		`Ctrl = rsa_padding_mode:oaep`
		`Ctrl = rsa_mgf1_md:sha1`
		`- @@ -881,36 +906,42 @@ OPlAQGLrhaQpJFILOPW7iGoBlvSLuNzqYP2SzAJ/`
		`+ @@ -835,36 +859,42 @@ OPlAQGLrhaQpJFILOPW7iGoBlvSLuNzqYP2SzAJ/GOeBWKNKXF1fhgoPbAQHGn0B`
		`MSwGUGLx60i3nRyDyw==`
		`-----END PRIVATE KEY-----`

		`@@ -367,7 +325,7 @@`
		`Decrypt=RSA-OAEP-5`
		`Ctrl = rsa_padding_mode:oaep`
		`Ctrl = rsa_mgf1_md:sha1`
		`- @@ -935,36 +966,42 @@ xT1F29tenZbQ/s9Cdd8JdLxKBza0p0wyaQU++2hq`
		`+ @@ -889,36 +919,42 @@ xT1F29tenZbQ/s9Cdd8JdLxKBza0p0wyaQU++2hqziQG4iyeBY3bSuVAYnri/bCC`
		`Yejn5Ly8mU2q+jBcRQ==`
		`-----END PRIVATE KEY-----`

		`@@ -410,7 +368,7 @@`
		`Decrypt=RSA-OAEP-6`
		`Ctrl = rsa_padding_mode:oaep`
		`Ctrl = rsa_mgf1_md:sha1`
		`- @@ -989,36 +1026,42 @@ tu4XIedy0DiaVZw9PN+VUNRXxGsDe3RkGx1SFmr4`
		`+ @@ -943,36 +979,42 @@ tu4XIedy0DiaVZw9PN+VUNRXxGsDe3RkGx1SFmr4ohPIOWIGzfukQi8Y1vYdvLXS`
		`FMlxv0gq65dqc3DC`
		`-----END PRIVATE KEY-----`

		`@@ -453,7 +411,7 @@`
		`Decrypt=RSA-OAEP-7`
		`Ctrl = rsa_padding_mode:oaep`
		`Ctrl = rsa_mgf1_md:sha1`
		`- @@ -1043,36 +1086,42 @@ njraT2MgdSwJ2AX/fR8a4NAXru7pzvoNfdf/d15E`
		`+ @@ -997,36 +1039,42 @@ njraT2MgdSwJ2AX/fR8a4NAXru7pzvoNfdf/d15EtXgyL2QF1iEdoZUZZmqof9xM`
		`2MiPa249Z+lh3Luj0A==`
		`-----END PRIVATE KEY-----`

		`@@ -496,7 +454,7 @@`
		`Decrypt=RSA-OAEP-8`
		`Ctrl = rsa_padding_mode:oaep`
		`Ctrl = rsa_mgf1_md:sha1`
		`- @@ -1103,36 +1152,42 @@ Z7CDuaemy2HkLbNiuMmJbbcGTgKtWuYVh9oVtGSc`
		`+ @@ -1057,36 +1105,42 @@ Z7CDuaemy2HkLbNiuMmJbbcGTgKtWuYVh9oVtGSckFlJCf6zfby2VL63Jo7IAeWo`
		`tKo5Eb69iFQvBb4=`
		`-----END PRIVATE KEY-----`

		`@@ -539,3 +497,74 @@`
		`Decrypt=RSA-OAEP-9`
		`Ctrl = rsa_padding_mode:oaep`
		`Ctrl = rsa_mgf1_md:sha1`
		`+ diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t`
		`+ index cbec426137..9ba7fbeed2 100644`
		`+ --- a/test/recipes/80-test_cms.t`
		`+ +++ b/test/recipes/80-test_cms.t`
		`+ @@ -233,7 +233,7 @@ my @smime_pkcs7_tests = (`
		`+ \&final_compare`
		`+ ],`
		`+`
		`+ - [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",`
		`+ + [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients, no Red Hat FIPS",`
		`+ [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,`
		`+ "-aes256", "-stream", "-out", "{output}.cms",`
		`+ $smrsa1,`
		`+ @@ -1022,6 +1022,9 @@ sub check_availability {`
		`+ return "$tnam: skipped, DSA disabled\n"`
		`+ if ($no_dsa && $tnam =~ / DSA/);`
		`+`
		`+ + return "$tnam: skipped, Red Hat FIPS\n"`
		`+ + if ($tnam =~ /no Red Hat FIPS/);`
		`+ +`
		`+ return "";`
		`+ }`
		`+`
		`+ diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t`
		`+ index e2dcb68fb5..0775112b40 100644`
		`+ --- a/test/recipes/80-test_ssl_old.t`
		`+ +++ b/test/recipes/80-test_ssl_old.t`
		`+ @@ -493,6 +493,18 @@ sub testssl {`
		`+ # the default choice if TLSv1.3 enabled`
		`+ my $flag = $protocol eq "-tls1_3" ? "" : $protocol;`
		`+ my $ciphersuites = "";`
		`+ + my %redhat_skip_cipher = map {$_ => 1} qw(`
		`+ +AES256-GCM-SHA384:@SECLEVEL=0`
		`+ +AES256-CCM8:@SECLEVEL=0`
		`+ +AES256-CCM:@SECLEVEL=0`
		`+ +AES128-GCM-SHA256:@SECLEVEL=0`
		`+ +AES128-CCM8:@SECLEVEL=0`
		`+ +AES128-CCM:@SECLEVEL=0`
		`+ +AES256-SHA256:@SECLEVEL=0`
		`+ +AES128-SHA256:@SECLEVEL=0`
		`+ +AES256-SHA:@SECLEVEL=0`
		`+ +AES128-SHA:@SECLEVEL=0`
		`+ + );`
		`+ foreach my $cipher (@{$ciphersuites{$protocol}}) {`
		`+ if ($protocol eq "-ssl3" && $cipher =~ /ECDH/ ) {`
		`+ note "*****SKIPPING $protocol $cipher";`
		`+ @@ -504,11 +516,16 @@ sub testssl {`
		`+ } else {`
		`+ $cipher = $cipher.':@SECLEVEL=0';`
		`+ }`
		`+ - ok(run(test([@ssltest, @exkeys, "-cipher",`
		`+ - $cipher,`
		`+ - "-ciphersuites", $ciphersuites,`
		`+ - $flag \|\| ()])),`
		`+ - "Testing $cipher");`
		`+ + if ($provider eq "fips" && exists $redhat_skip_cipher{$cipher}) {`
		`+ + note "*****SKIPPING $cipher in Red Hat FIPS mode";`
		`+ + ok(1);`
		`+ + } else {`
		`+ + ok(run(test([@ssltest, @exkeys, "-cipher",`
		`+ + $cipher,`
		`+ + "-ciphersuites", $ciphersuites,`
		`+ + $flag \|\| ()])),`
		`+ + "Testing $cipher");`
		`+ + }`
		`+ }`
		`+ }`
		`+ next if $protocol eq "-tls1_3";`
		`+ --`
		`+ 2.41.0`
		`+`

0060-FIPS-KAT-signature-tests.patch

file removed

-420

		`@@ -1,420 +0,0 @@`
		`- diff -up openssl-3.0.1/crypto/ec/ec_backend.c.fips_kat_signature openssl-3.0.1/crypto/ec/ec_backend.c`
		`- --- openssl-3.0.1/crypto/ec/ec_backend.c.fips_kat_signature 2022-04-04 15:49:24.786455707 +0200`
		`- +++ openssl-3.0.1/crypto/ec/ec_backend.c 2022-04-04 16:06:13.250271963 +0200`
		`- @@ -393,6 +393,10 @@ int ossl_ec_key_fromdata(EC_KEY *ec, con`
		`- const OSSL_PARAM param_priv_key = NULL, param_pub_key = NULL;`
		`- BN_CTX *ctx = NULL;`
		`- BIGNUM *priv_key = NULL;`
		`- +#ifdef FIPS_MODULE`
		`- + const OSSL_PARAM *param_sign_kat_k = NULL;`
		`- + BIGNUM *sign_kat_k = NULL;`
		`- +#endif`
		`- unsigned char *pub_key = NULL;`
		`- size_t pub_key_len;`
		`- const EC_GROUP *ecg = NULL;`
		`- @@ -408,7 +412,10 @@ int ossl_ec_key_fromdata(EC_KEY *ec, con`
		`- if (include_private)`
		`- param_priv_key =`
		`- OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);`
		`- -`
		`- +#ifdef FIPS_MODULE`
		`- + param_sign_kat_k =`
		`- + OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_REDHAT_SIGN_KAT_K);`
		`- +#endif`
		`- ctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(ec));`
		`- if (ctx == NULL)`
		`- goto err;`
		`- @@ -481,6 +489,17 @@ int ossl_ec_key_fromdata(EC_KEY *ec, con`
		`- && !EC_KEY_set_public_key(ec, pub_point))`
		`- goto err;`
		`-`
		`- +#ifdef FIPS_MODULE`
		`- + if (param_sign_kat_k) {`
		`- + if ((sign_kat_k = BN_secure_new()) == NULL)`
		`- + goto err;`
		`- + BN_set_flags(sign_kat_k, BN_FLG_CONSTTIME);`
		`- +`
		`- + if (!OSSL_PARAM_get_BN(param_sign_kat_k, &sign_kat_k))`
		`- + goto err;`
		`- + ec->sign_kat_k = sign_kat_k;`
		`- + }`
		`- +#endif`
		`- ok = 1;`
		`-`
		`- err:`
		`- diff -up openssl-3.0.1/crypto/ec/ecdsa_ossl.c.fips_kat_signature openssl-3.0.1/crypto/ec/ecdsa_ossl.c`
		`- --- openssl-3.0.1/crypto/ec/ecdsa_ossl.c.fips_kat_signature 2022-04-04 17:01:35.725323127 +0200`
		`- +++ openssl-3.0.1/crypto/ec/ecdsa_ossl.c 2022-04-04 17:03:42.000427050 +0200`
		`- @@ -20,6 +20,10 @@`
		`- #include "crypto/bn.h"`
		`- #include "ec_local.h"`
		`-`
		`- +#ifdef FIPS_MODULE`
		`- +extern int REDHAT_FIPS_signature_st;`
		`- +#endif`
		`- +`
		`- int ossl_ecdsa_sign_setup(EC_KEY eckey, BN_CTX ctx_in, BIGNUM **kinvp,`
		`- BIGNUM **rp)`
		`- {`
		`- @@ -126,6 +130,11 @@ static int ecdsa_sign_setup(EC_KEY *ecke`
		`- goto err;`
		`-`
		`- do {`
		`- +#ifdef FIPS_MODULE`
		`- + if (REDHAT_FIPS_signature_st && eckey->sign_kat_k != NULL) {`
		`- + BN_copy(k, eckey->sign_kat_k);`
		`- + } else {`
		`- +#endif`
		`- /* get random k */`
		`- do {`
		`- if (dgst != NULL) {`
		`- @@ -141,7 +150,9 @@ static int ecdsa_sign_setup(EC_KEY *ecke`
		`- }`
		`- }`
		`- } while (BN_is_zero(k));`
		`- -`
		`- +#ifdef FIPS_MODULE`
		`- + }`
		`- +#endif`
		`- /* compute r the x-coordinate of generator * k */`
		`- if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) {`
		`- ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB);`
		`- diff -up openssl-3.0.1/crypto/ec/ec_key.c.fips_kat_signature openssl-3.0.1/crypto/ec/ec_key.c`
		`- --- openssl-3.0.1/crypto/ec/ec_key.c.fips_kat_signature 2022-04-04 13:48:52.231172299 +0200`
		`- +++ openssl-3.0.1/crypto/ec/ec_key.c 2022-04-04 14:00:35.077368605 +0200`
		`- @@ -97,6 +97,9 @@ void EC_KEY_free(EC_KEY *r)`
		`- EC_GROUP_free(r->group);`
		`- EC_POINT_free(r->pub_key);`
		`- BN_clear_free(r->priv_key);`
		`- +#ifdef FIPS_MODULE`
		`- + BN_clear_free(r->sign_kat_k);`
		`- +#endif`
		`- OPENSSL_free(r->propq);`
		`-`
		`- OPENSSL_clear_free((void *)r, sizeof(EC_KEY));`
		`- diff -up openssl-3.0.1/crypto/ec/ec_local.h.fips_kat_signature openssl-3.0.1/crypto/ec/ec_local.h`
		`- --- openssl-3.0.1/crypto/ec/ec_local.h.fips_kat_signature 2022-04-04 13:46:57.576161867 +0200`
		`- +++ openssl-3.0.1/crypto/ec/ec_local.h 2022-04-04 13:48:07.827780835 +0200`
		`- @@ -298,6 +298,9 @@ struct ec_key_st {`
		`- #ifndef FIPS_MODULE`
		`- CRYPTO_EX_DATA ex_data;`
		`- #endif`
		`- +#ifdef FIPS_MODULE`
		`- + BIGNUM *sign_kat_k;`
		`- +#endif`
		`- CRYPTO_RWLOCK *lock;`
		`- OSSL_LIB_CTX *libctx;`
		`- char *propq;`
		`- diff -up openssl-3.0.1/include/openssl/core_names.h.fips_kat_signature openssl-3.0.1/include/openssl/core_names.h`
		`- --- openssl-3.0.1/include/openssl/core_names.h.fips_kat_signature 2022-04-04 14:06:15.717370014 +0200`
		`- +++ openssl-3.0.1/include/openssl/core_names.h 2022-04-04 14:07:35.376071229 +0200`
		`- @@ -293,6 +293,7 @@ extern "C" {`
		`- #define OSSL_PKEY_PARAM_DIST_ID "distid"`
		`- #define OSSL_PKEY_PARAM_PUB_KEY "pub"`
		`- #define OSSL_PKEY_PARAM_PRIV_KEY "priv"`
		`- +#define OSSL_PKEY_PARAM_REDHAT_SIGN_KAT_K "rh_sign_kat_k"`
		`-`
		`- /* Diffie-Hellman/DSA Parameters */`
		`- #define OSSL_PKEY_PARAM_FFC_P "p"`
		`- diff -up openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c.fips_kat_signature openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c`
		`- --- openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c.fips_kat_signature 2022-04-04 14:21:03.043180906 +0200`
		`- +++ openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c 2022-04-04 14:38:33.949406645 +0200`
		`- @@ -530,7 +530,8 @@ end:`
		`- # define EC_IMEXPORTABLE_PUBLIC_KEY \`
		`- OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0)`
		`- # define EC_IMEXPORTABLE_PRIVATE_KEY \`
		`- - OSSL_PARAM_BN(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0)`
		`- + OSSL_PARAM_BN(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0), \`
		`- + OSSL_PARAM_BN(OSSL_PKEY_PARAM_REDHAT_SIGN_KAT_K, NULL, 0)`
		`- # define EC_IMEXPORTABLE_OTHER_PARAMETERS \`
		`- OSSL_PARAM_int(OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, NULL), \`
		`- OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC, NULL)`
		`- diff -up openssl-3.0.1/providers/fips/self_test_kats.c.kat openssl-3.0.1/providers/fips/self_test_kats.c`
		`- --- openssl-3.0.1/providers/fips/self_test_kats.c.kat 2022-05-10 15:10:32.502185265 +0200`
		`- +++ openssl-3.0.1/providers/fips/self_test_kats.c 2022-05-10 15:13:21.465653720 +0200`
		`- @@ -17,6 +17,8 @@`
		`- #include "self_test.h"`
		`- #include "self_test_data.inc"`
		`-`
		`- +int REDHAT_FIPS_signature_st = 0;`
		`- +`
		`- static int self_test_digest(const ST_KAT_DIGEST t, OSSL_SELF_TEST st,`
		`- OSSL_LIB_CTX *libctx)`
		`- {`
		`- @@ -446,6 +448,7 @@ static int self_test_sign(const ST_KAT_S`
		`- EVP_PKEY *pkey = NULL;`
		`- unsigned char sig[256];`
		`- BN_CTX *bnctx = NULL;`
		`- + BIGNUM *K = NULL;`
		`- size_t siglen = sizeof(sig);`
		`- static const unsigned char dgst[] = {`
		`- 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,`
		`- @@ -462,6 +465,9 @@ static int self_test_sign(const ST_KAT_S`
		`- bnctx = BN_CTX_new_ex(libctx);`
		`- if (bnctx == NULL)`
		`- goto err;`
		`- + K = BN_CTX_get(bnctx);`
		`- + if (K == NULL \|\| BN_bin2bn(dgst, sizeof(dgst), K) == NULL)`
		`- + goto err;`
		`-`
		`- bld = OSSL_PARAM_BLD_new();`
		`- if (bld == NULL)`
		`- @@ -469,6 +475,9 @@ static int self_test_sign(const ST_KAT_S`
		`-`
		`- if (!add_params(bld, t->key, bnctx))`
		`- goto err;`
		`- + /* set K for ECDSA KAT tests */`
		`- + if (!OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_REDHAT_SIGN_KAT_K, K))`
		`- + goto err;`
		`- params = OSSL_PARAM_BLD_to_param(bld);`
		`-`
		`- /* Create a EVP_PKEY_CTX to load the DSA key into */`
		`- @@ -689,11 +698,13 @@ static int self_test_kas(OSSL_SELF_TEST`
		`- static int self_test_signatures(OSSL_SELF_TEST st, OSSL_LIB_CTX libctx)`
		`- {`
		`- int i, ret = 1;`
		`- + REDHAT_FIPS_signature_st = 1;`
		`-`
		`- for (i = 0; i < (int)OSSL_NELEM(st_kat_sign_tests); ++i) {`
		`- if (!self_test_sign(&st_kat_sign_tests[i], st, libctx))`
		`- ret = 0;`
		`- }`
		`- + REDHAT_FIPS_signature_st = 0;`
		`- return ret;`
		`- }`
		`-`
		`- diff -up openssl-3.0.1/providers/fips/self_test_data.inc.kat openssl-3.0.1/providers/fips/self_test_data.inc`
		`- --- openssl-3.0.1/providers/fips/self_test_data.inc.kat 2022-05-16 17:37:34.962807400 +0200`
		`- +++ openssl-3.0.1/providers/fips/self_test_data.inc 2022-05-16 17:48:10.709376779 +0200`
		`- @@ -1399,7 +1399,151 @@ static const ST_KAT_PARAM ecdsa_prime_ke`
		`- ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_prime_priv),`
		`- ST_KAT_PARAM_END()`
		`- };`
		`- +static const unsigned char ec224r1_kat_sig[] = {`
		`- +0x30, 0x3c, 0x02, 0x1c, 0x2f, 0x24, 0x30, 0x96, 0x3b, 0x39, 0xe0, 0xab, 0xe2, 0x5a, 0x6f, 0xe0,`
		`- +0x40, 0x7e, 0x19, 0x30, 0x6e, 0x6a, 0xfd, 0x7a, 0x2b, 0x5d, 0xaa, 0xc2, 0x34, 0x6c, 0xc8, 0xce,`
		`- +0x02, 0x1c, 0x47, 0xe1, 0xac, 0xfd, 0xb4, 0xb8, 0x2b, 0x8c, 0x49, 0xb6, 0x36, 0xcd, 0xdd, 0x22,`
		`- +0x2a, 0x2d, 0x29, 0x64, 0x70, 0x61, 0xc3, 0x3e, 0x18, 0x51, 0xec, 0xf2, 0xad, 0x3c`
		`- +};`
		`-`
		`- +static const char ecd_prime_curve_name384[] = "secp384r1";`
		`- +/*`
		`- +priv:`
		`- + 58:12:2b:94:be:29:23:13:83:f5:c4:20:e8:22:34:`
		`- + 54:73:49:91:10:05:e9:10:e9:d7:2d:72:9c:5e:6a:`
		`- + ba:8f:6d:d6:e4:a7:eb:e0:ae:e3:d4:c9:aa:33:87:`
		`- + 4c:91:87`
		`- +pub:`
		`- + 04:d1:86:8b:f5:c4:a2:f7:a5:92:e6:85:2a:d2:92:`
		`- + 81:97:0a:8d:fa:09:3f:84:6c:17:43:03:43:49:23:`
		`- + 77:c4:31:f4:0a:a4:de:87:ac:5c:c0:d1:bc:e4:43:`
		`- + 7f:8d:44:e1:3b:5f:bc:27:c8:79:0f:d0:31:9f:a7:`
		`- + 6d:de:fb:f7:da:19:40:fd:aa:83:dc:69:ce:a6:f3:`
		`- + 4d:65:20:1c:66:82:80:03:f7:7b:2e:f3:b3:7c:1f:`
		`- + 11:f2:a3:bf:e8:0e:88`
		`- +*/`
		`- +static const unsigned char ecd_prime_priv384[] = {`
		`- + 0x58, 0x12, 0x2b, 0x94, 0xbe, 0x29, 0x23, 0x13, 0x83, 0xf5, 0xc4, 0x20, 0xe8, 0x22, 0x34,`
		`- + 0x54, 0x73, 0x49, 0x91, 0x10, 0x05, 0xe9, 0x10, 0xe9, 0xd7, 0x2d, 0x72, 0x9c, 0x5e, 0x6a,`
		`- + 0xba, 0x8f, 0x6d, 0xd6, 0xe4, 0xa7, 0xeb, 0xe0, 0xae, 0xe3, 0xd4, 0xc9, 0xaa, 0x33, 0x87,`
		`- + 0x4c, 0x91, 0x87`
		`- +};`
		`- +static const unsigned char ecd_prime_pub384[] = {`
		`- + 0x04, 0xd1, 0x86, 0x8b, 0xf5, 0xc4, 0xa2, 0xf7, 0xa5, 0x92, 0xe6, 0x85, 0x2a, 0xd2, 0x92,`
		`- + 0x81, 0x97, 0x0a, 0x8d, 0xfa, 0x09, 0x3f, 0x84, 0x6c, 0x17, 0x43, 0x03, 0x43, 0x49, 0x23,`
		`- + 0x77, 0xc4, 0x31, 0xf4, 0x0a, 0xa4, 0xde, 0x87, 0xac, 0x5c, 0xc0, 0xd1, 0xbc, 0xe4, 0x43,`
		`- + 0x7f, 0x8d, 0x44, 0xe1, 0x3b, 0x5f, 0xbc, 0x27, 0xc8, 0x79, 0x0f, 0xd0, 0x31, 0x9f, 0xa7,`
		`- + 0x6d, 0xde, 0xfb, 0xf7, 0xda, 0x19, 0x40, 0xfd, 0xaa, 0x83, 0xdc, 0x69, 0xce, 0xa6, 0xf3,`
		`- + 0x4d, 0x65, 0x20, 0x1c, 0x66, 0x82, 0x80, 0x03, 0xf7, 0x7b, 0x2e, 0xf3, 0xb3, 0x7c, 0x1f,`
		`- + 0x11, 0xf2, 0xa3, 0xbf, 0xe8, 0x0e, 0x88`
		`- +};`
		`- +static const ST_KAT_PARAM ecdsa_prime_key384[] = {`
		`- + ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_prime_curve_name384),`
		`- + ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_prime_pub384),`
		`- + ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_prime_priv384),`
		`- + ST_KAT_PARAM_END()`
		`- +};`
		`- +static const unsigned char ec384r1_kat_sig[] = {`
		`- +0x30, 0x65, 0x02, 0x30, 0x1a, 0xd5, 0x57, 0x1b, 0x28, 0x0f, 0xf1, 0x68, 0x66, 0x68, 0x8a, 0x98,`
		`- +0xe3, 0x9c, 0xce, 0x7f, 0xa7, 0x68, 0xdc, 0x84, 0x5a, 0x65, 0xdc, 0x2b, 0x5d, 0x7e, 0xf3, 0x9b,`
		`- +0xa0, 0x40, 0xe8, 0x7a, 0x02, 0xc7, 0x82, 0xe0, 0x0c, 0x81, 0xa5, 0xda, 0x55, 0x27, 0xbf, 0x79,`
		`- +0xee, 0x72, 0xc2, 0x14, 0x02, 0x31, 0x00, 0xd1, 0x9d, 0x67, 0xda, 0x5a, 0xd2, 0x58, 0x68, 0xe7,`
		`- +0x71, 0x08, 0xb2, 0xa4, 0xe4, 0xe8, 0x74, 0xb4, 0x0a, 0x3d, 0x76, 0x49, 0x31, 0x17, 0x6e, 0x33,`
		`- +0x16, 0xf0, 0x00, 0x1f, 0x3c, 0x1f, 0xf9, 0x7c, 0xdb, 0x93, 0x49, 0x9c, 0x7d, 0xb3, 0xd3, 0x30,`
		`- +0x98, 0x81, 0x6f, 0xb0, 0xc9, 0x30, 0x2f`
		`- +};`
		`- +static const char ecd_prime_curve_name521[] = "secp521r1";`
		`- +/*`
		`- +priv:`
		`- + 00:44:0f:96:31:a9:87:f2:5f:be:a0:bc:ef:0c:ae:`
		`- + 58:cc:5f:f8:44:9e:89:86:7e:bf:db:ce:cb:0e:20:`
		`- + 10:4a:11:ec:0b:51:1d:e4:91:ca:c6:40:fb:c6:69:`
		`- + ad:68:33:9e:c8:f5:c4:c6:a5:93:a8:4d:a9:a9:a2:`
		`- + af:fe:6d:cb:c2:3b`
		`- +pub:`
		`- + 04:01:5f:58:a9:40:0c:ee:9b:ed:4a:f4:7a:3c:a3:`
		`- + 89:c2:f3:7e:2c:f4:b5:53:80:ae:33:7d:36:d1:b5:`
		`- + 18:bd:ef:a9:48:00:ea:88:ee:00:5c:ca:07:08:b5:`
		`- + 67:4a:c3:2b:10:c6:07:b0:c2:45:37:b7:1d:e3:6c:`
		`- + e1:bf:2c:44:18:4a:aa:01:af:75:40:6a:e3:f5:b2:`
		`- + 7f:d1:9d:1b:8b:29:1f:91:4d:db:93:bf:bd:8c:b7:`
		`- + 6a:8d:4b:2c:36:2a:6b:ab:54:9d:7b:31:99:a4:de:`
		`- + c9:10:c4:f4:a3:f4:6d:94:97:62:16:a5:34:65:1f:`
		`- + 42:cd:8b:9e:e6:db:14:5d:a9:8d:19:95:8d`
		`- +*/`
		`- +static const unsigned char ecd_prime_priv521[] = {`
		`- + 0x00, 0x44, 0x0f, 0x96, 0x31, 0xa9, 0x87, 0xf2, 0x5f, 0xbe, 0xa0, 0xbc, 0xef, 0x0c, 0xae,`
		`- + 0x58, 0xcc, 0x5f, 0xf8, 0x44, 0x9e, 0x89, 0x86, 0x7e, 0xbf, 0xdb, 0xce, 0xcb, 0x0e, 0x20,`
		`- + 0x10, 0x4a, 0x11, 0xec, 0x0b, 0x51, 0x1d, 0xe4, 0x91, 0xca, 0xc6, 0x40, 0xfb, 0xc6, 0x69,`
		`- + 0xad, 0x68, 0x33, 0x9e, 0xc8, 0xf5, 0xc4, 0xc6, 0xa5, 0x93, 0xa8, 0x4d, 0xa9, 0xa9, 0xa2,`
		`- + 0xaf, 0xfe, 0x6d, 0xcb, 0xc2, 0x3b`
		`- +};`
		`- +static const unsigned char ecd_prime_pub521[] = {`
		`- + 0x04, 0x01, 0x5f, 0x58, 0xa9, 0x40, 0x0c, 0xee, 0x9b, 0xed, 0x4a, 0xf4, 0x7a, 0x3c, 0xa3,`
		`- + 0x89, 0xc2, 0xf3, 0x7e, 0x2c, 0xf4, 0xb5, 0x53, 0x80, 0xae, 0x33, 0x7d, 0x36, 0xd1, 0xb5,`
		`- + 0x18, 0xbd, 0xef, 0xa9, 0x48, 0x00, 0xea, 0x88, 0xee, 0x00, 0x5c, 0xca, 0x07, 0x08, 0xb5,`
		`- + 0x67, 0x4a, 0xc3, 0x2b, 0x10, 0xc6, 0x07, 0xb0, 0xc2, 0x45, 0x37, 0xb7, 0x1d, 0xe3, 0x6c,`
		`- + 0xe1, 0xbf, 0x2c, 0x44, 0x18, 0x4a, 0xaa, 0x01, 0xaf, 0x75, 0x40, 0x6a, 0xe3, 0xf5, 0xb2,`
		`- + 0x7f, 0xd1, 0x9d, 0x1b, 0x8b, 0x29, 0x1f, 0x91, 0x4d, 0xdb, 0x93, 0xbf, 0xbd, 0x8c, 0xb7,`
		`- + 0x6a, 0x8d, 0x4b, 0x2c, 0x36, 0x2a, 0x6b, 0xab, 0x54, 0x9d, 0x7b, 0x31, 0x99, 0xa4, 0xde,`
		`- + 0xc9, 0x10, 0xc4, 0xf4, 0xa3, 0xf4, 0x6d, 0x94, 0x97, 0x62, 0x16, 0xa5, 0x34, 0x65, 0x1f,`
		`- + 0x42, 0xcd, 0x8b, 0x9e, 0xe6, 0xdb, 0x14, 0x5d, 0xa9, 0x8d, 0x19, 0x95, 0x8d`
		`- +};`
		`- +static const ST_KAT_PARAM ecdsa_prime_key521[] = {`
		`- + ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_prime_curve_name521),`
		`- + ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_prime_pub521),`
		`- + ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_prime_priv521),`
		`- + ST_KAT_PARAM_END()`
		`- +};`
		`- +static const unsigned char ec521r1_kat_sig[] = {`
		`- +0x30, 0x81, 0x88, 0x02, 0x42, 0x00, 0xdf, 0x64, 0x9c, 0xc8, 0x5b, 0xdd, 0x0b, 0x7f, 0x69, 0x7e,`
		`- +0xdb, 0x83, 0x58, 0x67, 0x63, 0x43, 0xb7, 0xfa, 0x40, 0x29, 0xde, 0xb9, 0xde, 0xe9, 0x96, 0x65,`
		`- +0xe6, 0x8e, 0xf4, 0xeb, 0xd0, 0xe9, 0x6a, 0xd3, 0x27, 0x6c, 0x4d, 0x60, 0x47, 0x9c, 0x62, 0xb8,`
		`- +0x6c, 0xc1, 0x36, 0x19, 0x65, 0xff, 0xab, 0xcf, 0x24, 0xa3, 0xde, 0xd1, 0x4b, 0x1b, 0xdd, 0x89,`
		`- +0xcf, 0xf8, 0x72, 0x7b, 0x92, 0xbc, 0x02, 0x02, 0x42, 0x01, 0xf8, 0x07, 0x77, 0xb8, 0xcb, 0xa2,`
		`- +0xe2, 0x1f, 0x53, 0x9a, 0x7c, 0x16, 0xb5, 0x8e, 0xad, 0xe3, 0xc3, 0xac, 0xb7, 0xb2, 0x51, 0x8f,`
		`- +0xf9, 0x09, 0x65, 0x43, 0xf8, 0xd8, 0x3c, 0xe3, 0x5c, 0x4a, 0x5e, 0x3d, 0x6f, 0xb7, 0xbb, 0x5a,`
		`- +0x92, 0x69, 0xec, 0x71, 0xa2, 0x35, 0xe5, 0x29, 0x17, 0xaf, 0xc9, 0x69, 0xa7, 0xaa, 0x94, 0xf9,`
		`- +0xf9, 0x50, 0x87, 0x7b, 0x5d, 0x87, 0xe3, 0xd6, 0x3f, 0xb6, 0x6e`
		`- +};`
		`- +static const char ecd_prime_curve_name256[] = "prime256v1";`
		`- +/*`
		`- +priv:`
		`- + 84:88:11:3f:a9:c9:9e:23:72:8b:40:cb:a2:b1:88:`
		`- + 01:1e:92:48:af:13:2d:9b:33:8e:6d:43:40:30:c7:`
		`- + 30:fa`
		`- +pub:`
		`- + 04:22:58:b6:f9:01:3b:8c:a6:9b:9f:ae:75:fc:73:`
		`- + cf:1b:f0:81:dc:55:a3:cc:5d:81:46:85:06:32:34:`
		`- + 99:0d:c5:7e:a1:95:bb:21:73:33:40:4b:35:17:f6:`
		`- + 8e:26:61:46:94:2c:4c:ac:9b:20:f8:08:72:25:74:`
		`- + 98:66:c4:63:a6`
		`- +*/`
		`- +static const unsigned char ecd_prime_priv256[] = {`
		`- + 0x84, 0x88, 0x11, 0x3f, 0xa9, 0xc9, 0x9e, 0x23, 0x72, 0x8b, 0x40, 0xcb, 0xa2, 0xb1, 0x88,`
		`- + 0x01, 0x1e, 0x92, 0x48, 0xaf, 0x13, 0x2d, 0x9b, 0x33, 0x8e, 0x6d, 0x43, 0x40, 0x30, 0xc7,`
		`- + 0x30, 0xfa`
		`- +};`
		`- +static const unsigned char ecd_prime_pub256[] = {`
		`- + 0x04, 0x22, 0x58, 0xb6, 0xf9, 0x01, 0x3b, 0x8c, 0xa6, 0x9b, 0x9f, 0xae, 0x75, 0xfc, 0x73,`
		`- + 0xcf, 0x1b, 0xf0, 0x81, 0xdc, 0x55, 0xa3, 0xcc, 0x5d, 0x81, 0x46, 0x85, 0x06, 0x32, 0x34,`
		`- + 0x99, 0x0d, 0xc5, 0x7e, 0xa1, 0x95, 0xbb, 0x21, 0x73, 0x33, 0x40, 0x4b, 0x35, 0x17, 0xf6,`
		`- + 0x8e, 0x26, 0x61, 0x46, 0x94, 0x2c, 0x4c, 0xac, 0x9b, 0x20, 0xf8, 0x08, 0x72, 0x25, 0x74,`
		`- + 0x98, 0x66, 0xc4, 0x63, 0xa6`
		`- +};`
		`- +static const ST_KAT_PARAM ecdsa_prime_key256[] = {`
		`- + ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_prime_curve_name256),`
		`- + ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_prime_pub256),`
		`- + ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_prime_priv256),`
		`- + ST_KAT_PARAM_END()`
		`- +};`
		`- +static const unsigned char ec256v1_kat_sig[] = {`
		`- +0x30, 0x46, 0x02, 0x21, 0x00, 0xc9, 0x11, 0x27, 0x06, 0x51, 0x2b, 0x50, 0x8c, 0x6b, 0xc0, 0xa6,`
		`- +0x85, 0xaa, 0xf4, 0x66, 0x0d, 0xe4, 0x54, 0x0a, 0x10, 0xb6, 0x9f, 0x87, 0xfc, 0xa2, 0xbc, 0x8f,`
		`- +0x3c, 0x58, 0xb4, 0xe9, 0x41, 0x02, 0x21, 0x00, 0xc9, 0x72, 0x94, 0xa9, 0xdd, 0x52, 0xca, 0x21,`
		`- +0x82, 0x66, 0x7a, 0x68, 0xcb, 0x1e, 0x3b, 0x12, 0x71, 0x4d, 0x56, 0xb5, 0xb7, 0xdd, 0xca, 0x2b,`
		`- +0x18, 0xa3, 0xa7, 0x08, 0x0d, 0xfa, 0x9c, 0x66`
		`- +};`
		`- # ifndef OPENSSL_NO_EC2M`
		`- static const char ecd_bin_curve_name[] = "sect233r1";`
		`- static const unsigned char ecd_bin_priv[] = {`
		`- @@ -1571,8 +1715,42 @@ static const ST_KAT_SIGN st_kat_sign_tes`
		`- ecdsa_prime_key,`
		`- /*`
		`- * The ECDSA signature changes each time due to it using a random k.`
		`- - * So there is no expected KAT for this case.`
		`- + * We provide this value in our build`
		`- + */`
		`- + ITM(ec224r1_kat_sig)`
		`- + },`
		`- + {`
		`- + OSSL_SELF_TEST_DESC_SIGN_ECDSA,`
		`- + "EC",`
		`- + "SHA-256",`
		`- + ecdsa_prime_key384,`
		`- + /*`
		`- + * The ECDSA signature changes each time due to it using a random k.`
		`- + * We provide this value in our build`
		`- + */`
		`- + ITM(ec384r1_kat_sig)`
		`- + },`
		`- + {`
		`- + OSSL_SELF_TEST_DESC_SIGN_ECDSA,`
		`- + "EC",`
		`- + "SHA-256",`
		`- + ecdsa_prime_key521,`
		`- + /*`
		`- + * The ECDSA signature changes each time due to it using a random k.`
		`- + * We provide this value in our build`
		`- + */`
		`- + ITM(ec521r1_kat_sig)`
		`- + },`
		`- + {`
		`- + OSSL_SELF_TEST_DESC_SIGN_ECDSA,`
		`- + "EC",`
		`- + "SHA-256",`
		`- + ecdsa_prime_key256,`
		`- + /*`
		`- + * The ECDSA signature changes each time due to it using a random k.`
		`- + * We provide this value in our build`
		`- */`
		`- + ITM(ec256v1_kat_sig)`
		`- },`
		`- # ifndef OPENSSL_NO_EC2M`
		`- {`
		`- diff -up openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c.fipskat openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c`
		`- --- openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c.fipskat 2022-05-30 14:48:53.180999124 +0200`
		`- +++ openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c 2022-05-30 14:58:52.841286228 +0200`
		`- @@ -44,6 +44,10 @@`
		`- #define S390X_OFF_RN(n) (4 * n)`
		`- #define S390X_OFF_Y(n) (4 * n)`
		`-`
		`- +#ifdef FIPS_MODULE`
		`- +extern int REDHAT_FIPS_signature_st;`
		`- +#endif`
		`- +`
		`- static int ec_GFp_s390x_nistp_mul(const EC_GROUP group, EC_POINT r,`
		`- const BIGNUM *scalar,`
		`- size_t num, const EC_POINT *points[],`
		`- @@ -183,11 +187,21 @@ static ECDSA_SIG *ecdsa_s390x_nistp_sign`
		`- * because kdsa instruction constructs an in-range, invertible nonce`
		`- * internally implementing counter-measures for RNG weakness.`
		`- */`
		`- +#ifdef FIPS_MODULE`
		`- + if (REDHAT_FIPS_signature_st && eckey->sign_kat_k != NULL) {`
		`- + BN_bn2binpad(eckey->sign_kat_k, param + S390X_OFF_RN(len), len);`
		`- + /* Turns KDSA internal nonce-generation off. */`
		`- + fc \|= S390X_KDSA_D;`
		`- + } else {`
		`- +#endif`
		`- if (RAND_priv_bytes_ex(eckey->libctx, param + S390X_OFF_RN(len),`
		`- (size_t)len, 0) != 1) {`
		`- ERR_raise(ERR_LIB_EC, EC_R_RANDOM_NUMBER_GENERATION_FAILED);`
		`- goto ret;`
		`- }`
		`- +#ifdef FIPS_MODULE`
		`- + }`
		`- +#endif`
		`- } else {`
		`- /* Reconstruct k = (k^-1)^-1. */`
		`- if (ossl_ec_group_do_inverse_ord(group, k, kinv, NULL) == 0`

0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch

file modified

-848

		`@@ -568,851 +568,3 @@`

		`SKIP: {`
		`skip "No IPv4 available on this machine", 4`
		`- diff -up openssl-3.0.5/test/smime-certs/smdh.pem.0061 openssl-3.0.5/test/smime-certs/smdh.pem`
		`- --- openssl-3.0.5/test/smime-certs/smdh.pem.0061 2022-09-02 14:17:15.331436663 +0200`
		`- +++ openssl-3.0.5/test/smime-certs/smdh.pem 2022-09-02 14:17:15.347436804 +0200`
		`- @@ -1,47 +1,47 @@`
		`- -----BEGIN PRIVATE KEY-----`
		`- -MIICXAIBADCCAjUGByqGSM4+AgEwggIoAoIBAQCB6AUA/1eXRh+iLWHXe+lUl6e+`
		`- -+460tAIIpsQ1jw1ZaTmlH9SlrWSBNVRVHwDuBW7vA+lKgBvDpCIjmhRbgrZIGwcZ`
		`- -6ruCYy5KF/B3AW5MApC9QCDaVrG6Hb7NfpMgwuUIKvvvOMrrvn4r5Oxtsx9rORTE`
		`- -bdS33MuZCOIbodjs5u+e/2hhssOwgUTMASDwXppJTyeMwAAZ+p78ByrSULP6yYdP`
		`- -PTh8sK1begDG6YTSKE3VqYNg1yaE5tQvCQ0U2L4qZ8JqexAVHbR8LA8MNhtA1pma`
		`- -Zj4q2WNAEevpprIIRXgJEZY278nPlvVeoKfOef9RBHgQ6ZTnZ1Et5iLMCwYHAoIB`
		`- -AFVgJaHfnBVJYfaQh1NyoVZJ5xX6UvvL5xEKUwwEMgs8JSOzp2UI+KRDpy9KbNH7`
		`- -93Kwa2d8Q7ynciDiCmd1ygF4CJKb4ZOwjWjpZ4DedHr0XokGhyBCyjaBxOi3i4tP`
		`- -EFO8YHs5B/yOZHzcpTfs2VxJqIm3KF8q0Ify9PWDAsgo+d21/+eye60FHjF9o2/D`
		`- -l3NRlOhUhHNGykfqFgKEEEof3/3c6r5BS0oRXdsu6dx/y2/v8j9aJoHfyGHkswxr`
		`- -ULSBxJENOBB89C+GET6yhbxV1e4SFwzHnXgG8bWXwk7bea6ZqXbHq0pT3kUiQeKe`
		`- -assXKqRBAG9NLbQ3mmx8RFkCHQDIVBWPf6VwBa2s1CAcsIziVJ8qr/KAKx9DZ3h5`
		`- -BB4CHAF3VZBAC/TB85J4PzsLJ+VrOWr0c8kQlYUR9rw=`
		`- +MIICXQIBADCCAjUGByqGSM4+AgEwggIoAoIBAQCCyx9ZhD6HY5xgusGDrJZJ+FdT`
		`- +e9OxD/p9DQNKqoLyJ10TAUXuycozVqDAD4v1wsOAPH0TDOX9Ns87PXgTbd6DpSJt`
		`- +F1ZLW+1pklZs2m0cLl4raOe8CZGHkSgia0wC40LAg/u/JZ6NAG2YSiFEtjbkf81l`
		`- +pvL0946LiHfHklMtSOkK3H9PkGB/KrXMITRR2P1u78AzTvc2YL7iLlCu6mV2g6v4`
		`- +ieeWprywTaZ8gp3NBMjyuRJniGCQ52jPfOvT32w/sBTIfUO+95u/eEHrTP4K+vTk`
		`- +VS3wLo5ypgrveRdALKvqkHe0qfNr5VQRk2Pt6ReH35kjiUPLZCccgJr9h80hAoIB`
		`- +AE50cpgSJBYr9+5dj+fJJcXf/KX9rttlBXyveUP+vbSm/oW443/IksO3oLMy1Raq`
		`- +tHTDBhtNrH7rSK6CDStKrMkgHsjTYkZOU85vCdrVi3UZBz0GiYO/8kQ8aLeTe3LB`
		`- +7QB0kkkUgZ7etsnNxEkz9WQwohTvGBHBFNDKDqWadP9BpNrFoDCYojit7GOZPQgt`
		`- +eEiCO8D9xu0sEXT8ZdRqWcmkTfeMRojrzxt0LpT/vUKHGsBFmUN7kH4Hy9z2LJxB`
		`- +DrYYkV3LSAweuUQKBocNI7bbbOvPByUvHVMfJBrBmwIJI3vc3091njOH53zATNNv`
		`- +ta+9S7L4zNsvbg8RtJyH8i4CHQCY12PTXj6Ipxbqq4d1Q+AoUqnN/H9lAS46teXv`
		`- +BB8CHQCGE6pxpX5lWcH6+TGLDoLo3T5L2/5KTd0tRNdj`
		`- -----END PRIVATE KEY-----`
		`- -----BEGIN CERTIFICATE-----`
		`- -MIIFmDCCBICgAwIBAgIUWlJkHZZ2eZgkGCHFtcMAjlLdDH8wDQYJKoZIhvcNAQEL`
		`- +MIIFljCCBH6gAwIBAgIUMNF4DNf+H6AXGApe99UrJWFcAnwwDQYJKoZIhvcNAQEL`
		`- BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV`
		`- -BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxNFoYDzIxMjIw`
		`- -NTA5MTUzMzE0WjBEMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91`
		`- -cDEdMBsGA1UEAwwUVGVzdCBTL01JTUUgRUUgREggIzEwggNCMIICNQYHKoZIzj4C`
		`- -ATCCAigCggEBAIHoBQD/V5dGH6ItYdd76VSXp777jrS0AgimxDWPDVlpOaUf1KWt`
		`- -ZIE1VFUfAO4Fbu8D6UqAG8OkIiOaFFuCtkgbBxnqu4JjLkoX8HcBbkwCkL1AINpW`
		`- -sbodvs1+kyDC5Qgq++84yuu+fivk7G2zH2s5FMRt1Lfcy5kI4huh2Ozm757/aGGy`
		`- -w7CBRMwBIPBemklPJ4zAABn6nvwHKtJQs/rJh089OHywrVt6AMbphNIoTdWpg2DX`
		`- -JoTm1C8JDRTYvipnwmp7EBUdtHwsDww2G0DWmZpmPirZY0AR6+mmsghFeAkRljbv`
		`- -yc+W9V6gp855/1EEeBDplOdnUS3mIswLBgcCggEAVWAlod+cFUlh9pCHU3KhVknn`
		`- -FfpS+8vnEQpTDAQyCzwlI7OnZQj4pEOnL0ps0fv3crBrZ3xDvKdyIOIKZ3XKAXgI`
		`- -kpvhk7CNaOlngN50evReiQaHIELKNoHE6LeLi08QU7xgezkH/I5kfNylN+zZXEmo`
		`- -ibcoXyrQh/L09YMCyCj53bX/57J7rQUeMX2jb8OXc1GU6FSEc0bKR+oWAoQQSh/f`
		`- -/dzqvkFLShFd2y7p3H/Lb+/yP1omgd/IYeSzDGtQtIHEkQ04EHz0L4YRPrKFvFXV`
		`- -7hIXDMedeAbxtZfCTtt5rpmpdserSlPeRSJB4p5qyxcqpEEAb00ttDeabHxEWQId`
		`- -AMhUFY9/pXAFrazUIBywjOJUnyqv8oArH0NneHkDggEFAAKCAQBigH0Mp4jUMSfK`
		`- -yOhKlEfyZ/hj/EImsUYW4+u8xjBN+ruOJUTJ06Mtgw3g2iLkhQoO9NROqvC9rdLj`
		`- -+j3e+1QWm9EDNKQAa4nUp8/W+XZ5KkQWudmtaojEXD1+kd44ieNLtPGuVnPtDGO4`
		`- -zPf04IUq7tDGbMDMMn6YXvW6f28lR3gF5vvVIsnjsd/Lau6orzmNSrymXegsEsFR`
		`- -Q7hT+/tPoAtro6Hx9rBrYb/0OCiRe4YuYrFKkC0aaJfUQepVyuVMSTxxKTzq8T06`
		`- -M8SBITlmkPFZJHyGzV/+a72hpJsAa0BaDnpxH3cFpEMzeYG1XQK461zexoIYN3ub`
		`- -i3xNPUzPo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNVHQ4E`
		`- -FgQULayIqKcWHtUH4pFolI6dKxycIG8wHwYDVR0jBBgwFoAUFcETIWviVV+nah1X`
		`- -INbP86lzZFkwDQYJKoZIhvcNAQELBQADggEBAKjKvvJ6Vc9HiQXACqqRZnekz2gO`
		`- -ue71nsXXDr2+y4PPpgcDzgtO3vhQc7Akv6Uyca9LY7w/X+temP63yxdLpKXTV19w`
		`- -Or0p4VEvTZ8AttMjFh4Hl8caVYk/J4TIudSXLIfKROP6sFu5GOw7W3xpBkL5Zio6`
		`- -3dqe6xAYK0woNQPDfj5yOAlqj1Ohth81JywW5h2g8GfLtNe62coAqwjMJT+ExHfU`
		`- -EkF/beSqRGOvXwyhSxFpe7HVjUMgrgdfoZnNsoPmpH3eTiF4BjamGWI1+Z0o+RHa`
		`- -oPwN+cCzbDsi9uTQJO1D5S697heX00zzzU/KSW7djNzKv55vm24znuFkXTM=`
		`- +BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MzM0NloXDTMyMDMz`
		`- +MTE0MzM0NlowRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx`
		`- +HTAbBgNVBAMMFFRlc3QgUy9NSU1FIEVFIERIICMxMIIDQjCCAjUGByqGSM4+AgEw`
		`- +ggIoAoIBAQCCyx9ZhD6HY5xgusGDrJZJ+FdTe9OxD/p9DQNKqoLyJ10TAUXuycoz`
		`- +VqDAD4v1wsOAPH0TDOX9Ns87PXgTbd6DpSJtF1ZLW+1pklZs2m0cLl4raOe8CZGH`
		`- +kSgia0wC40LAg/u/JZ6NAG2YSiFEtjbkf81lpvL0946LiHfHklMtSOkK3H9PkGB/`
		`- +KrXMITRR2P1u78AzTvc2YL7iLlCu6mV2g6v4ieeWprywTaZ8gp3NBMjyuRJniGCQ`
		`- +52jPfOvT32w/sBTIfUO+95u/eEHrTP4K+vTkVS3wLo5ypgrveRdALKvqkHe0qfNr`
		`- +5VQRk2Pt6ReH35kjiUPLZCccgJr9h80hAoIBAE50cpgSJBYr9+5dj+fJJcXf/KX9`
		`- +rttlBXyveUP+vbSm/oW443/IksO3oLMy1RaqtHTDBhtNrH7rSK6CDStKrMkgHsjT`
		`- +YkZOU85vCdrVi3UZBz0GiYO/8kQ8aLeTe3LB7QB0kkkUgZ7etsnNxEkz9WQwohTv`
		`- +GBHBFNDKDqWadP9BpNrFoDCYojit7GOZPQgteEiCO8D9xu0sEXT8ZdRqWcmkTfeM`
		`- +Rojrzxt0LpT/vUKHGsBFmUN7kH4Hy9z2LJxBDrYYkV3LSAweuUQKBocNI7bbbOvP`
		`- +ByUvHVMfJBrBmwIJI3vc3091njOH53zATNNvta+9S7L4zNsvbg8RtJyH8i4CHQCY`
		`- +12PTXj6Ipxbqq4d1Q+AoUqnN/H9lAS46teXvA4IBBQACggEAJP4Vy6vcIa7jLa93`
		`- +DWeT0pxe4zeYXxRWbvS7reLoZcBIhH253/QfXj+0UhcjtAa5A2X519anBuetUern`
		`- +ecBmHO9vAj9F7J6feK+pUxE8cl793gmWzcGijMXCuRorW7GZ3XBTuQbWaJLtxB4a`
		`- +rS54+CFMUfqR5coxGrraGPGjR9P6YCpJgWL74yxiQVzjEdwPLEz/0ehKeDkSvuj8`
		`- +Ixe06fY0eA9sfxx7+4lm2Jhw7XaIfguo8mgrfWjBzkkT2mcAHss/fdKcXNYrg+A+`
		`- +xgApPiyuy7S4YkQSsdV5Ns8UFttBCuojzEuWQ49fMZcv/rIHSHSxpbg2Sdka+d6h`
		`- +wOQHK6NgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYE`
		`- +FLG7SOccVVRWmPw87GRrYH/NCegTMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaI`
		`- +qSTm5bZsMA0GCSqGSIb3DQEBCwUAA4IBAQB9J2dIIbIAiB8ToXJcyO7HRPhdWC/Y`
		`- +TE8cqeL+JiWNvIMB9fl2gOx6gj2h+yEr3lCpK/XDoWOs576UScS/vvs6fOjFHfkb`
		`- +L4i9nHXD2KizXkM2hr9FzTRXd9c3XXLyB9t1z38qcpOMxoxAbnH8hWLQDPjFdArC`
		`- +KWIqK/Vqxz4ZcIveM9GcVf78FU2DbQF4pwHjO9TsG7AbXiV4PXyJK75W5okAbZmQ`
		`- +EmMmVXEJdXSOS4prP8DCW/LYJ5UddsVZba2BCHD3c1c2YTA4GsP3ZMoXvQoyj0L2`
		`- +/xazs/AS373Of6H0s00itRTFABxve1I7kE5dQdc3oZjn6A/DbfjYUmr5`
		`- -----END CERTIFICATE-----`
		`- diff -up openssl-3.0.5/test/smime-certs/smdsa1.pem.0061 openssl-3.0.5/test/smime-certs/smdsa1.pem`
		`- --- openssl-3.0.5/test/smime-certs/smdsa1.pem.0061 2022-09-02 14:17:15.326436618 +0200`
		`- +++ openssl-3.0.5/test/smime-certs/smdsa1.pem 2022-09-02 14:17:15.346436795 +0200`
		`- @@ -1,47 +1,47 @@`
		`- -----BEGIN PRIVATE KEY-----`
		`- -MIICXQIBADCCAjYGByqGSM44BAEwggIpAoIBAQCg5xGADjdINCKODDX6yq3w8vQ1`
		`- -i0SuHnFvPc5gHMLIxJhDp3cLJ5eJmcHZ07WflsMgSxD2Wd5lX5Q9uxtv78/erv5t`
		`- -4INbA4D+QSkxb4SWNurRBQj5LuoGhFMpCubDYSxiKkTJ4pmOEbsjnlGLiN5R1jAa`
		`- -kOxI+l/rPAQlIUMCHSF6xXgd62fUdEAnRYj46Lgw+FWKAKNhcH7rOLA7k4JnYCLg`
		`- -c9HnYvwxlpoV+SHi+QXSrcrtMBNCmIgIONI5uNuBnZq6jjHE/Wg1+D4wGxOZl+/S`
		`- -8EP8eXSDD+1Sni2Jk38etU+laS0pVV9lh6sV3zV28YXVZl01CHUfwH+3w/XJAh0A`
		`- -mkjrU1XrCahV9d78Rklpd4fK3K53+X5MeTgNLQKCAQEAoA32HKvIhx6wvmT9huaw`
		`- -V6wj7hT99kjzQjZqbvLENW9bbAgOdPzZzusqZmZMgGdDr94oYz1/MhmAKNY4lQv7`
		`- -ioJmtded5hhS6GDg3Oj4IYiJ9trAQ/ATrDrSi3sQAZ3Pvip7j4oljvsQBmAj3KKR`
		`- -CnZ2/FeRyjSS3cUey89GE2N2DQbHEmuG/F8aDmUhLNusZm6nXs2Y1W7+kQRwswBL`
		`- -5H4Oo6NaSUc8dl7HWEeWoS8BE7G4JFCXBQwwgInOJINyQlknxMSpv7dwxp32SgdL`
		`- -QldkaQkHAEg0QqYb2Hv/xHfVhn9vTpGJQyWvnT5RvbXSGdTk1CTlZTrUAGmbHOwX`
		`- -ygQeAhwE9yuqObvNXzUTN+PY2rg00PzdyJw3XJAUrmlY`
		`- +MIICZQIBADCCAjkGByqGSM44BAEwggIsAoIBAQCQfLlNdehPnTrGIMhw4rk0uua6`
		`- +k1nCG3zcyfXli17BdB2k0HBPaTA3a3ZHfOt1Awy0Uu0wZ3gdPr9z0I64hnJXIGou`
		`- +zIanZ7nYRImHtX5JMFbXeyxo1Owd2Zs3oEk9nQUoUsMxvmYC/ghPL5Zx1pPxcHCO`
		`- +wzWxoG4yZMjimXOc1/W7zvK/4/g/Cz9fItD3zdcydfgM/hK0/CeYQ21xfhqf4mjK`
		`- +v9plnCcWgToGI+7H8VK80MFbkO2QKRz3vP1/TjK6PRm9sEeB5b10+SvGv2j2w+CC`
		`- +0fXL4s6n7PtBlm/bww8xL1/Az8kwejUcII1Dc8uNwwISwGbwaGBvl7IHpm21AiEA`
		`- +rodZi+nCKZdTL8IgCjX3n0DuhPRkVQPjz/B6VweLW9MCggEAfimkUNwnsGFp7mKM`
		`- +zJKhHoQkMB1qJzyIHjDzQ/J1xjfoF6i27afw1/WKboND5eseZhlhA2TO5ZJB6nGx`
		`- +DOE9lVQxYVml++cQj6foHh1TVJAgGl4mWuveW/Rz+NEhpK4zVeEsfMrbkBypPByy`
		`- +xzF1Z49t568xdIo+e8jLI8FjEdXOIUg4ehB3NY6SL8r4oJ49j/sJWfHcDoWH/LK9`
		`- +ZaBF8NpflJe3F40S8RDvM8j2HC+y2Q4QyKk1DXGiH+7yQLGWzr3M73kC3UBnnH0h`
		`- +Hxb7ISDCT7dCw/lH1nCbVFBOM0ASI26SSsFSXQrvD2kryRcTZ0KkyyhhoPODWpU+`
		`- +TQMsxQQjAiEAkolGvb/76X3vm5Ov09ezqyBYt9cdj/FLH7DyMkxO7X0=`
		`- -----END PRIVATE KEY-----`
		`- -----BEGIN CERTIFICATE-----`
		`- -MIIFmjCCBIKgAwIBAgIUUoOmJmXAY29/2rWY0wJphQ5/pzUwDQYJKoZIhvcNAQEL`
		`- +MIIFmzCCBIOgAwIBAgIUWGMqmBZZ1ykguVDk2Whn+2uKMA0wDQYJKoZIhvcNAQEL`
		`- BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV`
		`- -BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxNFoYDzIxMjIw`
		`- -NTA5MTUzMzE0WjBFMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91`
		`- -cDEeMBwGA1UEAwwVVGVzdCBTL01JTUUgRUUgRFNBICMxMIIDQzCCAjYGByqGSM44`
		`- -BAEwggIpAoIBAQCg5xGADjdINCKODDX6yq3w8vQ1i0SuHnFvPc5gHMLIxJhDp3cL`
		`- -J5eJmcHZ07WflsMgSxD2Wd5lX5Q9uxtv78/erv5t4INbA4D+QSkxb4SWNurRBQj5`
		`- -LuoGhFMpCubDYSxiKkTJ4pmOEbsjnlGLiN5R1jAakOxI+l/rPAQlIUMCHSF6xXgd`
		`- -62fUdEAnRYj46Lgw+FWKAKNhcH7rOLA7k4JnYCLgc9HnYvwxlpoV+SHi+QXSrcrt`
		`- -MBNCmIgIONI5uNuBnZq6jjHE/Wg1+D4wGxOZl+/S8EP8eXSDD+1Sni2Jk38etU+l`
		`- -aS0pVV9lh6sV3zV28YXVZl01CHUfwH+3w/XJAh0AmkjrU1XrCahV9d78Rklpd4fK`
		`- -3K53+X5MeTgNLQKCAQEAoA32HKvIhx6wvmT9huawV6wj7hT99kjzQjZqbvLENW9b`
		`- -bAgOdPzZzusqZmZMgGdDr94oYz1/MhmAKNY4lQv7ioJmtded5hhS6GDg3Oj4IYiJ`
		`- -9trAQ/ATrDrSi3sQAZ3Pvip7j4oljvsQBmAj3KKRCnZ2/FeRyjSS3cUey89GE2N2`
		`- -DQbHEmuG/F8aDmUhLNusZm6nXs2Y1W7+kQRwswBL5H4Oo6NaSUc8dl7HWEeWoS8B`
		`- -E7G4JFCXBQwwgInOJINyQlknxMSpv7dwxp32SgdLQldkaQkHAEg0QqYb2Hv/xHfV`
		`- -hn9vTpGJQyWvnT5RvbXSGdTk1CTlZTrUAGmbHOwXygOCAQUAAoIBACGS7hCpTL0g`
		`- -lx9C1Bwz5xfVd0mwCqx9UGiH8Bf4lRsSagL0Irwvnjz++WH1vecZa2bWsYsPhQ+D`
		`- -KDzaCo20CYln4IFEPgY0fSE+KTF1icFj/mD+MgxWgsgKoTI120ENPGHqHpKkv0Uv`
		`- -OlwTImU4BxxkctZ5273XEv3VPQE8COGnXgqt7NBazU/O7vibFm0iaEsVjHFHYcoo`
		`- -+sMcm3F2E/gvR9IJGaGPeCk0sMW8qloPzErWIugx/OGqM7fni2cIcZwGdju52O+l`
		`- -cLV0tZdgC7eTbVDMLspyuiYME+zvEzRwCQF/GqcCDSn68zxJv/zSNZ9XxOgZaBfs`
		`- -Na7e8YGATiujYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMB0GA1Ud`
		`- -DgQWBBSFVrWPZrHzhHUg0MMEAAKwQIfsazAfBgNVHSMEGDAWgBQVwRMha+JVX6dq`
		`- -HVcg1s/zqXNkWTANBgkqhkiG9w0BAQsFAAOCAQEAbm49FB+eyeX7OBUC/akhnkFw`
		`- -cDXqw7Fl2OibRK+g/08zp4CruwJdb72j5+pTmG+9SF7tGyQBfHFf1+epa3ZiIc+0`
		`- -UzFf2xQBMyHjesL19cTe4i176dHz8pCxx9OEow0GlZVV85+Anev101NskKVNNVA7`
		`- -YnB2xKQWgf8HORh66XVCk54xMcd99ng8xQ8vhZC6KckVbheQgdPp7gUAcDgxH2Yo`
		`- -JF8jHQlsWNcCGURDldP6FQ49TGWHj24IGjnjGapWxMUjvCz+kV6sGW/OIYu+MM9w`
		`- -FMIOyEdUUtKowWT6eXwrITup3T6pspPTicbK61ZCPuxMvP2JBFGZsqat+F5g+w==`
		`- +BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MjA0OFoXDTMyMDMz`
		`- +MTE0MjA0OFowRTELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx`
		`- +HjAcBgNVBAMMFVRlc3QgUy9NSU1FIEVFIERTQSAjMTCCA0YwggI5BgcqhkjOOAQB`
		`- +MIICLAKCAQEAkHy5TXXoT506xiDIcOK5NLrmupNZwht83Mn15YtewXQdpNBwT2kw`
		`- +N2t2R3zrdQMMtFLtMGd4HT6/c9COuIZyVyBqLsyGp2e52ESJh7V+STBW13ssaNTs`
		`- +HdmbN6BJPZ0FKFLDMb5mAv4ITy+WcdaT8XBwjsM1saBuMmTI4plznNf1u87yv+P4`
		`- +Pws/XyLQ983XMnX4DP4StPwnmENtcX4an+Joyr/aZZwnFoE6BiPux/FSvNDBW5Dt`
		`- +kCkc97z9f04yuj0ZvbBHgeW9dPkrxr9o9sPggtH1y+LOp+z7QZZv28MPMS9fwM/J`
		`- +MHo1HCCNQ3PLjcMCEsBm8Ghgb5eyB6ZttQIhAK6HWYvpwimXUy/CIAo1959A7oT0`
		`- +ZFUD48/welcHi1vTAoIBAH4ppFDcJ7Bhae5ijMySoR6EJDAdaic8iB4w80PydcY3`
		`- +6Beotu2n8Nf1im6DQ+XrHmYZYQNkzuWSQepxsQzhPZVUMWFZpfvnEI+n6B4dU1SQ`
		`- +IBpeJlrr3lv0c/jRIaSuM1XhLHzK25AcqTwcsscxdWePbeevMXSKPnvIyyPBYxHV`
		`- +ziFIOHoQdzWOki/K+KCePY/7CVnx3A6Fh/yyvWWgRfDaX5SXtxeNEvEQ7zPI9hwv`
		`- +stkOEMipNQ1xoh/u8kCxls69zO95At1AZ5x9IR8W+yEgwk+3QsP5R9Zwm1RQTjNA`
		`- +EiNukkrBUl0K7w9pK8kXE2dCpMsoYaDzg1qVPk0DLMUDggEFAAKCAQAZdJAANu5E`
		`- +hkGOJDo2KTBmX7EQMR98gTRFZu/B/W19bHDhm9qc792PLPkV487QAgkMEItSOv0P`
		`- +faeSYgbUe7d1aBXzqSdCwzq4WIxLNj2eQkZk6UffDg0csTvymTvnFHWyDUwRmvjH`
		`- ++35r95r1jgBeSUQMJxoe2kwZ4DHdkCpIp5z7NA44DvclY/X+BgcZ1jJNClC3BFOy`
		`- +HQaLmY452mgnS+k7zfFhsUJn5lkpfVFY6Ml7Y5AFG3Dvf2rWdGBrVUwsBP8sVJCx`
		`- +ITcg6nyGJZuOeK3VITqrcgjZr9odkf/Hg7OzN+a1B+Z6u3Ld5BKrduBqN/EKxxyd`
		`- +GNJst42JrNFIo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNV`
		`- +HQ4EFgQU0dBhM47Fpn83rw6nGqMcq5q3DqwwHwYDVR0jBBgwFoAUyZFTCmN7FluL`
		`- +vUTwdoipJObltmwwDQYJKoZIhvcNAQELBQADggEBAC3W5L4plRWiaX03PncMHnaL`
		`- +sp48+2jJen4avzNpRZF/bTQ621x/KLWelbMzBTMxU6jtU1LwCvsiOTSenUZ6W5vq`
		`- +TGy6nwkMUrBN0nHmymVz5v40VBLtc2/5xF9UBZ1GMnmYko+d7VHBD6qu4hpi6OD1`
		`- +3Z2kxCRaZ87y3IbVnl6zqdqxDxKCj4Ca+TT6AApm/MYVwpuvCVmuXrBBvJYTFFeZ`
		`- +2J90jHlQep2rAaZu41oiIlmQUEf9flV0iPYjj+Pqdzr9ovWVbqt7l1WKOBDYdzJW`
		`- +fQ8TvFSExkDQsDc0nkkLIfJBFUFuOpNmODvq+Ac8AGUBnl/Z3pAV4KVnnobIXHw=`
		`- -----END CERTIFICATE-----`
		`- diff -up openssl-3.0.5/test/smime-certs/smdsa2.pem.0061 openssl-3.0.5/test/smime-certs/smdsa2.pem`
		`- --- openssl-3.0.5/test/smime-certs/smdsa2.pem.0061 2022-09-02 14:17:15.332436671 +0200`
		`- +++ openssl-3.0.5/test/smime-certs/smdsa2.pem 2022-09-02 14:17:15.347436804 +0200`
		`- @@ -1,47 +1,47 @@`
		`- -----BEGIN PRIVATE KEY-----`
		`- -MIICXQIBADCCAjYGByqGSM44BAEwggIpAoIBAQCg5xGADjdINCKODDX6yq3w8vQ1`
		`- -i0SuHnFvPc5gHMLIxJhDp3cLJ5eJmcHZ07WflsMgSxD2Wd5lX5Q9uxtv78/erv5t`
		`- -4INbA4D+QSkxb4SWNurRBQj5LuoGhFMpCubDYSxiKkTJ4pmOEbsjnlGLiN5R1jAa`
		`- -kOxI+l/rPAQlIUMCHSF6xXgd62fUdEAnRYj46Lgw+FWKAKNhcH7rOLA7k4JnYCLg`
		`- -c9HnYvwxlpoV+SHi+QXSrcrtMBNCmIgIONI5uNuBnZq6jjHE/Wg1+D4wGxOZl+/S`
		`- -8EP8eXSDD+1Sni2Jk38etU+laS0pVV9lh6sV3zV28YXVZl01CHUfwH+3w/XJAh0A`
		`- -mkjrU1XrCahV9d78Rklpd4fK3K53+X5MeTgNLQKCAQEAoA32HKvIhx6wvmT9huaw`
		`- -V6wj7hT99kjzQjZqbvLENW9bbAgOdPzZzusqZmZMgGdDr94oYz1/MhmAKNY4lQv7`
		`- -ioJmtded5hhS6GDg3Oj4IYiJ9trAQ/ATrDrSi3sQAZ3Pvip7j4oljvsQBmAj3KKR`
		`- -CnZ2/FeRyjSS3cUey89GE2N2DQbHEmuG/F8aDmUhLNusZm6nXs2Y1W7+kQRwswBL`
		`- -5H4Oo6NaSUc8dl7HWEeWoS8BE7G4JFCXBQwwgInOJINyQlknxMSpv7dwxp32SgdL`
		`- -QldkaQkHAEg0QqYb2Hv/xHfVhn9vTpGJQyWvnT5RvbXSGdTk1CTlZTrUAGmbHOwX`
		`- -ygQeAhwmRauZi+nQ3kQ+GSKD7JCwv8XkD9NObMGlW018`
		`- +MIICZAIBADCCAjkGByqGSM44BAEwggIsAoIBAQCQfLlNdehPnTrGIMhw4rk0uua6`
		`- +k1nCG3zcyfXli17BdB2k0HBPaTA3a3ZHfOt1Awy0Uu0wZ3gdPr9z0I64hnJXIGou`
		`- +zIanZ7nYRImHtX5JMFbXeyxo1Owd2Zs3oEk9nQUoUsMxvmYC/ghPL5Zx1pPxcHCO`
		`- +wzWxoG4yZMjimXOc1/W7zvK/4/g/Cz9fItD3zdcydfgM/hK0/CeYQ21xfhqf4mjK`
		`- +v9plnCcWgToGI+7H8VK80MFbkO2QKRz3vP1/TjK6PRm9sEeB5b10+SvGv2j2w+CC`
		`- +0fXL4s6n7PtBlm/bww8xL1/Az8kwejUcII1Dc8uNwwISwGbwaGBvl7IHpm21AiEA`
		`- +rodZi+nCKZdTL8IgCjX3n0DuhPRkVQPjz/B6VweLW9MCggEAfimkUNwnsGFp7mKM`
		`- +zJKhHoQkMB1qJzyIHjDzQ/J1xjfoF6i27afw1/WKboND5eseZhlhA2TO5ZJB6nGx`
		`- +DOE9lVQxYVml++cQj6foHh1TVJAgGl4mWuveW/Rz+NEhpK4zVeEsfMrbkBypPByy`
		`- +xzF1Z49t568xdIo+e8jLI8FjEdXOIUg4ehB3NY6SL8r4oJ49j/sJWfHcDoWH/LK9`
		`- +ZaBF8NpflJe3F40S8RDvM8j2HC+y2Q4QyKk1DXGiH+7yQLGWzr3M73kC3UBnnH0h`
		`- +Hxb7ISDCT7dCw/lH1nCbVFBOM0ASI26SSsFSXQrvD2kryRcTZ0KkyyhhoPODWpU+`
		`- +TQMsxQQiAiAdCUJ5n2Q9hIynN8BMpnRcdfH696BKejGx+2Mr2kfnnA==`
		`- -----END PRIVATE KEY-----`
		`- -----BEGIN CERTIFICATE-----`
		`- -MIIFmjCCBIKgAwIBAgIUHGKu2FMhT1wCiJTK3uAnklo55uowDQYJKoZIhvcNAQEL`
		`- +MIIFmzCCBIOgAwIBAgIUXgHGnvOCmrOH9biRq3yTCcDsliUwDQYJKoZIhvcNAQEL`
		`- BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV`
		`- -BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxNFoYDzIxMjIw`
		`- -NTA5MTUzMzE0WjBFMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91`
		`- -cDEeMBwGA1UEAwwVVGVzdCBTL01JTUUgRUUgRFNBICMyMIIDQzCCAjYGByqGSM44`
		`- -BAEwggIpAoIBAQCg5xGADjdINCKODDX6yq3w8vQ1i0SuHnFvPc5gHMLIxJhDp3cL`
		`- -J5eJmcHZ07WflsMgSxD2Wd5lX5Q9uxtv78/erv5t4INbA4D+QSkxb4SWNurRBQj5`
		`- -LuoGhFMpCubDYSxiKkTJ4pmOEbsjnlGLiN5R1jAakOxI+l/rPAQlIUMCHSF6xXgd`
		`- -62fUdEAnRYj46Lgw+FWKAKNhcH7rOLA7k4JnYCLgc9HnYvwxlpoV+SHi+QXSrcrt`
		`- -MBNCmIgIONI5uNuBnZq6jjHE/Wg1+D4wGxOZl+/S8EP8eXSDD+1Sni2Jk38etU+l`
		`- -aS0pVV9lh6sV3zV28YXVZl01CHUfwH+3w/XJAh0AmkjrU1XrCahV9d78Rklpd4fK`
		`- -3K53+X5MeTgNLQKCAQEAoA32HKvIhx6wvmT9huawV6wj7hT99kjzQjZqbvLENW9b`
		`- -bAgOdPzZzusqZmZMgGdDr94oYz1/MhmAKNY4lQv7ioJmtded5hhS6GDg3Oj4IYiJ`
		`- -9trAQ/ATrDrSi3sQAZ3Pvip7j4oljvsQBmAj3KKRCnZ2/FeRyjSS3cUey89GE2N2`
		`- -DQbHEmuG/F8aDmUhLNusZm6nXs2Y1W7+kQRwswBL5H4Oo6NaSUc8dl7HWEeWoS8B`
		`- -E7G4JFCXBQwwgInOJINyQlknxMSpv7dwxp32SgdLQldkaQkHAEg0QqYb2Hv/xHfV`
		`- -hn9vTpGJQyWvnT5RvbXSGdTk1CTlZTrUAGmbHOwXygOCAQUAAoIBAE0+OYS0s8/o`
		`- -HwuuiPsBZTlRynqdwF6FHdE0Ei2uVTxnJouPYB2HvaMioG2inbISzPtEcnLF9Pyx`
		`- -4hsXz7D49yqyMFjE3G8ObBOs/Vdno6E9ZZshWiRDwPf8JmoYp551UuJDoVaOTnhx`
		`- -pEs30nuidtqd54PMdWUQPfp58kTu6bXvcRxdUj5CK/PyjavJCnGfppq/6j8jtrji`
		`- -mOjIIeLZIbWp7hTVS/ffmfqZ8Lx/ShOcUzDa0VS3lfO28XqXpeqbyHdojsYlG2oA`
		`- -shKJL7/scq3ab8cI5QuHEIGSbxinKfjCX4OEQ04CNsgUwMY9emPSaNdYDZOPqq/K`
		`- -3bGk2PLcRsyjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMB0GA1Ud`
		`- -DgQWBBTQAQyUCqYWGo5RuwGCtHNgXgzEQzAfBgNVHSMEGDAWgBQVwRMha+JVX6dq`
		`- -HVcg1s/zqXNkWTANBgkqhkiG9w0BAQsFAAOCAQEAc3rayE2FGgG1RhLXAHYAs1Ky`
		`- -4fcVcrzaPaz5jjWbpBCStkx+gNcUiBf+aSxNrRvUoPOSwMDLpMhbNBj2cjJqQ0W1`
		`- -oq4RUQth11qH89uPtBqiOqRTdlWAGZJbUTtVfrlc58DsDxFCwdcktSDYZwlO2lGO`
		`- -vMCOn9N7oqEEuwRa++xVnYc8ZbY8lGwJD3bGR6iC7NkYk+2LSqPS52m8e0GO8dpf`
		`- -RUrndbhmtsYa925dj2LlI218F3XwVcAUPW67dbpeEVw5OG8OCHRHqrwBEJj2PMV3`
		`- -tHeNXDEhjTzI3wiFia4kDBAKIsrC/XQ4tEiFzq0V00BiVY0ykhy+v/qNPskTsg==`
		`- +BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MjIyNloXDTMyMDMz`
		`- +MTE0MjIyNlowRTELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx`
		`- +HjAcBgNVBAMMFVRlc3QgUy9NSU1FIEVFIERTQSAjMjCCA0YwggI5BgcqhkjOOAQB`
		`- +MIICLAKCAQEAkHy5TXXoT506xiDIcOK5NLrmupNZwht83Mn15YtewXQdpNBwT2kw`
		`- +N2t2R3zrdQMMtFLtMGd4HT6/c9COuIZyVyBqLsyGp2e52ESJh7V+STBW13ssaNTs`
		`- +HdmbN6BJPZ0FKFLDMb5mAv4ITy+WcdaT8XBwjsM1saBuMmTI4plznNf1u87yv+P4`
		`- +Pws/XyLQ983XMnX4DP4StPwnmENtcX4an+Joyr/aZZwnFoE6BiPux/FSvNDBW5Dt`
		`- +kCkc97z9f04yuj0ZvbBHgeW9dPkrxr9o9sPggtH1y+LOp+z7QZZv28MPMS9fwM/J`
		`- +MHo1HCCNQ3PLjcMCEsBm8Ghgb5eyB6ZttQIhAK6HWYvpwimXUy/CIAo1959A7oT0`
		`- +ZFUD48/welcHi1vTAoIBAH4ppFDcJ7Bhae5ijMySoR6EJDAdaic8iB4w80PydcY3`
		`- +6Beotu2n8Nf1im6DQ+XrHmYZYQNkzuWSQepxsQzhPZVUMWFZpfvnEI+n6B4dU1SQ`
		`- +IBpeJlrr3lv0c/jRIaSuM1XhLHzK25AcqTwcsscxdWePbeevMXSKPnvIyyPBYxHV`
		`- +ziFIOHoQdzWOki/K+KCePY/7CVnx3A6Fh/yyvWWgRfDaX5SXtxeNEvEQ7zPI9hwv`
		`- +stkOEMipNQ1xoh/u8kCxls69zO95At1AZ5x9IR8W+yEgwk+3QsP5R9Zwm1RQTjNA`
		`- +EiNukkrBUl0K7w9pK8kXE2dCpMsoYaDzg1qVPk0DLMUDggEFAAKCAQAi1CUW7S3s`
		`- +zDUcdE667AotL4SHZY01k/3owtBPKA5WWqBolj7WYkvO+X/nUssfph7NfS3z1nYO`
		`- +b/dI4kR02t1sgS21u7mvPKZfEWFzy5ohhkWFJPfyhDAk6MzzAWK0BARJ7r/0dmOR`
		`- +7EypKrH+vloQpNosGKeoDUElEjvZKjX/V2/w/30Vq88AN2PxXt8BxxF4oRAqd+fA`
		`- +DuaucP46UioUoWffAIaTxLDu1In2DqOAIj7MXCsqfbD7D6Ki386DGX3IwC0qYB3r`
		`- +z0gBmvkY8+9XbLQo6iAKJRiBJNJrBmGv6uPIVq98jl0FbMyri0rH/MCLown7qEYm`
		`- +MnyMehP0kA+Zo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNV`
		`- +HQ4EFgQUZrHDTiSqm594ZkL5NMGrygydfKswHwYDVR0jBBgwFoAUyZFTCmN7FluL`
		`- +vUTwdoipJObltmwwDQYJKoZIhvcNAQELBQADggEBADhpm4d9pgdWTiX1ci4qxOat`
		`- +MK+eAc3y8dwjacwiTD94fFy+MFzItAI2msF+ILXDCYDUpFZpBjlCNRzMu/ETghJx`
		`- +53g4Hg6ioYmtLcYIAFQVIz4skdgV8npztK3ZQMSN3dcateZBf8KaEdP+cRtQs4IW`
		`- +Y+EAZ6Fve2j/kz1x/cmhSFQdWhhS+WzYUCY+FLWDXMuNLh7rDWy1t8VaRHLBU4TU`
		`- +q6W/qDaN2e6dKrzjEkqUstdGZ+JAkAZ+6CIABEnHeco1dEQUU5Atry7djeRhY68r`
		`- +us++ajRd6DLWXrD4KePyTYSPc7rAcbBBYSwe48cTxlPfKItTCrRXmWJHCCZ0UBA=`
		`- -----END CERTIFICATE-----`
		`- diff -up openssl-3.0.5/test/smime-certs/smdsa3.pem.0061 openssl-3.0.5/test/smime-certs/smdsa3.pem`
		`- --- openssl-3.0.5/test/smime-certs/smdsa3.pem.0061 2022-09-02 14:17:15.334436689 +0200`
		`- +++ openssl-3.0.5/test/smime-certs/smdsa3.pem 2022-09-02 14:17:15.348436813 +0200`
		`- @@ -1,47 +1,47 @@`
		`- -----BEGIN PRIVATE KEY-----`
		`- -MIICXgIBADCCAjYGByqGSM44BAEwggIpAoIBAQCg5xGADjdINCKODDX6yq3w8vQ1`
		`- -i0SuHnFvPc5gHMLIxJhDp3cLJ5eJmcHZ07WflsMgSxD2Wd5lX5Q9uxtv78/erv5t`
		`- -4INbA4D+QSkxb4SWNurRBQj5LuoGhFMpCubDYSxiKkTJ4pmOEbsjnlGLiN5R1jAa`
		`- -kOxI+l/rPAQlIUMCHSF6xXgd62fUdEAnRYj46Lgw+FWKAKNhcH7rOLA7k4JnYCLg`
		`- -c9HnYvwxlpoV+SHi+QXSrcrtMBNCmIgIONI5uNuBnZq6jjHE/Wg1+D4wGxOZl+/S`
		`- -8EP8eXSDD+1Sni2Jk38etU+laS0pVV9lh6sV3zV28YXVZl01CHUfwH+3w/XJAh0A`
		`- -mkjrU1XrCahV9d78Rklpd4fK3K53+X5MeTgNLQKCAQEAoA32HKvIhx6wvmT9huaw`
		`- -V6wj7hT99kjzQjZqbvLENW9bbAgOdPzZzusqZmZMgGdDr94oYz1/MhmAKNY4lQv7`
		`- -ioJmtded5hhS6GDg3Oj4IYiJ9trAQ/ATrDrSi3sQAZ3Pvip7j4oljvsQBmAj3KKR`
		`- -CnZ2/FeRyjSS3cUey89GE2N2DQbHEmuG/F8aDmUhLNusZm6nXs2Y1W7+kQRwswBL`
		`- -5H4Oo6NaSUc8dl7HWEeWoS8BE7G4JFCXBQwwgInOJINyQlknxMSpv7dwxp32SgdL`
		`- -QldkaQkHAEg0QqYb2Hv/xHfVhn9vTpGJQyWvnT5RvbXSGdTk1CTlZTrUAGmbHOwX`
		`- -ygQfAh0AkfI6533W5nBIVrDPcp2DCXC8u2SIwBob6OoK5A==`
		`- +MIICZQIBADCCAjkGByqGSM44BAEwggIsAoIBAQCQfLlNdehPnTrGIMhw4rk0uua6`
		`- +k1nCG3zcyfXli17BdB2k0HBPaTA3a3ZHfOt1Awy0Uu0wZ3gdPr9z0I64hnJXIGou`
		`- +zIanZ7nYRImHtX5JMFbXeyxo1Owd2Zs3oEk9nQUoUsMxvmYC/ghPL5Zx1pPxcHCO`
		`- +wzWxoG4yZMjimXOc1/W7zvK/4/g/Cz9fItD3zdcydfgM/hK0/CeYQ21xfhqf4mjK`
		`- +v9plnCcWgToGI+7H8VK80MFbkO2QKRz3vP1/TjK6PRm9sEeB5b10+SvGv2j2w+CC`
		`- +0fXL4s6n7PtBlm/bww8xL1/Az8kwejUcII1Dc8uNwwISwGbwaGBvl7IHpm21AiEA`
		`- +rodZi+nCKZdTL8IgCjX3n0DuhPRkVQPjz/B6VweLW9MCggEAfimkUNwnsGFp7mKM`
		`- +zJKhHoQkMB1qJzyIHjDzQ/J1xjfoF6i27afw1/WKboND5eseZhlhA2TO5ZJB6nGx`
		`- +DOE9lVQxYVml++cQj6foHh1TVJAgGl4mWuveW/Rz+NEhpK4zVeEsfMrbkBypPByy`
		`- +xzF1Z49t568xdIo+e8jLI8FjEdXOIUg4ehB3NY6SL8r4oJ49j/sJWfHcDoWH/LK9`
		`- +ZaBF8NpflJe3F40S8RDvM8j2HC+y2Q4QyKk1DXGiH+7yQLGWzr3M73kC3UBnnH0h`
		`- +Hxb7ISDCT7dCw/lH1nCbVFBOM0ASI26SSsFSXQrvD2kryRcTZ0KkyyhhoPODWpU+`
		`- +TQMsxQQjAiEArJr6p2zTbhRppQurHGTdmdYHqrDdZH4MCsD9tQCw1xY=`
		`- -----END PRIVATE KEY-----`
		`- -----BEGIN CERTIFICATE-----`
		`- -MIIFmjCCBIKgAwIBAgIUO2QHMd9V/S6KlrFDIPd7asRP4FAwDQYJKoZIhvcNAQEL`
		`- +MIIFmzCCBIOgAwIBAgIUMMzeluWS9FTgzFM2PCI6rSt0++QwDQYJKoZIhvcNAQEL`
		`- BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV`
		`- -BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxNFoYDzIxMjIw`
		`- -NTA5MTUzMzE0WjBFMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91`
		`- -cDEeMBwGA1UEAwwVVGVzdCBTL01JTUUgRUUgRFNBICMzMIIDQzCCAjYGByqGSM44`
		`- -BAEwggIpAoIBAQCg5xGADjdINCKODDX6yq3w8vQ1i0SuHnFvPc5gHMLIxJhDp3cL`
		`- -J5eJmcHZ07WflsMgSxD2Wd5lX5Q9uxtv78/erv5t4INbA4D+QSkxb4SWNurRBQj5`
		`- -LuoGhFMpCubDYSxiKkTJ4pmOEbsjnlGLiN5R1jAakOxI+l/rPAQlIUMCHSF6xXgd`
		`- -62fUdEAnRYj46Lgw+FWKAKNhcH7rOLA7k4JnYCLgc9HnYvwxlpoV+SHi+QXSrcrt`
		`- -MBNCmIgIONI5uNuBnZq6jjHE/Wg1+D4wGxOZl+/S8EP8eXSDD+1Sni2Jk38etU+l`
		`- -aS0pVV9lh6sV3zV28YXVZl01CHUfwH+3w/XJAh0AmkjrU1XrCahV9d78Rklpd4fK`
		`- -3K53+X5MeTgNLQKCAQEAoA32HKvIhx6wvmT9huawV6wj7hT99kjzQjZqbvLENW9b`
		`- -bAgOdPzZzusqZmZMgGdDr94oYz1/MhmAKNY4lQv7ioJmtded5hhS6GDg3Oj4IYiJ`
		`- -9trAQ/ATrDrSi3sQAZ3Pvip7j4oljvsQBmAj3KKRCnZ2/FeRyjSS3cUey89GE2N2`
		`- -DQbHEmuG/F8aDmUhLNusZm6nXs2Y1W7+kQRwswBL5H4Oo6NaSUc8dl7HWEeWoS8B`
		`- -E7G4JFCXBQwwgInOJINyQlknxMSpv7dwxp32SgdLQldkaQkHAEg0QqYb2Hv/xHfV`
		`- -hn9vTpGJQyWvnT5RvbXSGdTk1CTlZTrUAGmbHOwXygOCAQUAAoIBAEj25Os9f57G`
		`- -TaxsP8NzdCRBThCLqZWqLADh6S/aFOQQFpRRk3vGkvrOK/5La8KGKIDyzCEQo7Kg`
		`- -sPwI1o4N5GKx15Cer2ekDWLtP4hA2CChs4tWJzEa8VxIDTg4EUnASFCbfDUY/Yt0`
		`- -5NM4nxtBhnr6PT7XmRehEFaTAgmsQFJ29jKx4tJkr+Gmj9J4i10CPd9DvIgIEnNt`
		`- -rYMAlfbGovaZVCgKp5INVA4IkDfCcbzDeNiOGaACeV+4QuEbgIbUhMq9vbw3Vvqe`
		`- -jwozPdrTYjd7oNxx/tY7gqxFRFxdDPXPno230afsAJsHmNF7lpj9Q4vBhy8w/EI1`
		`- -jGzuiXjei9qjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMB0GA1Ud`
		`- -DgQWBBTwbCT+wSR9cvTg70jA2yIWgQSDZjAfBgNVHSMEGDAWgBQVwRMha+JVX6dq`
		`- -HVcg1s/zqXNkWTANBgkqhkiG9w0BAQsFAAOCAQEAe5t9oi8K76y+wnV6I21vKgEh`
		`- -M6DEe3+XTq10kAgYbcbMm+a6n86beaID7FANGET+3bsShxFeAX9g4Qsdw+Z3PF3P`
		`- -wvqiBD8MaXczj28zP6j9TxsjGzpAsV3xo1n7aQ+hHzpopJUxAyx4hLBqSSwdj/xe`
		`- -azELeVKoXY/nlokXnONWC5AvtfR7m7mKFPOmUghbeGCJH7+FXnC58eiF7BEpSbQl`
		`- -SniAdQFis+Dne6/kwZnQQaSDg55ELfaZOLhaLcRtqqgU+kv24mXGGEBhs9bBKMz5`
		`- -ZNiKLafE3tCGRA5iMRwzdeSgrdnkQDHFiYXh3JHk5oKwGOdxusgt3DTHAFej1A==`
		`- +BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MjI0MloXDTMyMDMz`
		`- +MTE0MjI0MlowRTELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx`
		`- +HjAcBgNVBAMMFVRlc3QgUy9NSU1FIEVFIERTQSAjMzCCA0YwggI5BgcqhkjOOAQB`
		`- +MIICLAKCAQEAkHy5TXXoT506xiDIcOK5NLrmupNZwht83Mn15YtewXQdpNBwT2kw`
		`- +N2t2R3zrdQMMtFLtMGd4HT6/c9COuIZyVyBqLsyGp2e52ESJh7V+STBW13ssaNTs`
		`- +HdmbN6BJPZ0FKFLDMb5mAv4ITy+WcdaT8XBwjsM1saBuMmTI4plznNf1u87yv+P4`
		`- +Pws/XyLQ983XMnX4DP4StPwnmENtcX4an+Joyr/aZZwnFoE6BiPux/FSvNDBW5Dt`
		`- +kCkc97z9f04yuj0ZvbBHgeW9dPkrxr9o9sPggtH1y+LOp+z7QZZv28MPMS9fwM/J`
		`- +MHo1HCCNQ3PLjcMCEsBm8Ghgb5eyB6ZttQIhAK6HWYvpwimXUy/CIAo1959A7oT0`
		`- +ZFUD48/welcHi1vTAoIBAH4ppFDcJ7Bhae5ijMySoR6EJDAdaic8iB4w80PydcY3`
		`- +6Beotu2n8Nf1im6DQ+XrHmYZYQNkzuWSQepxsQzhPZVUMWFZpfvnEI+n6B4dU1SQ`
		`- +IBpeJlrr3lv0c/jRIaSuM1XhLHzK25AcqTwcsscxdWePbeevMXSKPnvIyyPBYxHV`
		`- +ziFIOHoQdzWOki/K+KCePY/7CVnx3A6Fh/yyvWWgRfDaX5SXtxeNEvEQ7zPI9hwv`
		`- +stkOEMipNQ1xoh/u8kCxls69zO95At1AZ5x9IR8W+yEgwk+3QsP5R9Zwm1RQTjNA`
		`- +EiNukkrBUl0K7w9pK8kXE2dCpMsoYaDzg1qVPk0DLMUDggEFAAKCAQBxe+1+Il8h`
		`- +nTCAak3vZl4asn2axRc7GjDvDd8Ns/yvyd9WQE1t+FryvHR5jp9REVVnMg53wQcY`
		`- +rKlwfWBLp5k25x/OCwfWDmvlxFqExmaAZcEQGxauHYhoMbtVIq372CHPbsQqCMBA`
		`- +LPIdAvkUImBHanty/RXhJGqCIAZiUnX3WTZa0s6xV3yRf/+OPWXxNSATtOqm5ISl`
		`- +pLJDifMlE6llZmk3VHAWYJRFF7KQAFT83OKf/6tme9munxahdJcSrF4HiZKFFJof`
		`- +nvEWckKlHAonipLa6EBPMloofu+7reTcON+1tIFWH7fZhfC0dz4EaOzxLZoO0Jbc`
		`- +W0MDtnonwEjFo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNV`
		`- +HQ4EFgQUwnFq0MQUIQUaXi6iJBDXTnQm71EwHwYDVR0jBBgwFoAUyZFTCmN7FluL`
		`- +vUTwdoipJObltmwwDQYJKoZIhvcNAQELBQADggEBAJNW/oEmpz6jZ7EjUkHhxDXR`
		`- +egsZVjBO+E2hPCciEoZaM6jIDYphrCVbdOOyy1RvLBv3SRblaECmInsRpCNwf5B5`
		`- +OaGN3hdsvx23IKnLJ7EKDauIOGhkzCMWjO8tez48UL0Wgta0+TpuiOT+UBoKb9fw`
		`- +f0f4ab9wD9pED7ghMKlwI6/oppS4PrhwYS2nwYwGXpmgu6QZDln/cgoU7cQV7r3J`
		`- +deMCpKGPyS429B9mUxlggZYvvJOm35ZiI7UAcGhJWIUrdXBxqx3DQ3CSf75vGP87`
		`- +2vn6ZoXRXSLfE48GpUtQzP6/gZti68vZrHdzKWTyZxMs4+PGoHrW5hbNDsghKDs=`
		`- -----END CERTIFICATE-----`
		`- diff -up openssl-3.0.5/test/smime-certs/smec1.pem.0061 openssl-3.0.5/test/smime-certs/smec1.pem`
		`- --- openssl-3.0.5/test/smime-certs/smec1.pem.0061 2022-09-02 14:17:15.325436610 +0200`
		`- +++ openssl-3.0.5/test/smime-certs/smec1.pem 2022-09-02 14:17:15.345436786 +0200`
		`- @@ -1,22 +1,22 @@`
		`- -----BEGIN PRIVATE KEY-----`
		`- -MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgdOomk0EB/oWMnTZB`
		`- -Qm5XMjlKnZNF4PMpwgov0Tj3u8OhRANCAATbG6XprSqHiD9AxWJiXRFgS+y38DGZ`
		`- -7hpSjs4bd95L+Lli+O91/lUy7Tb8aJ6VU2CoyWQjV4sQjbdVqeD+y4Ky`
		`- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgXzBRX9Z5Ib4LAVAS`
		`- +DMlYvkj0SmLmYvWULe2LfyXRmpWhRANCAAS+SIj2FY2DouPRuNDp9WVpsqef58tV`
		`- +3gIwV0EOV/xyYTzZhufZi/aBcXugWR1x758x4nHus2uEuEFi3Mr3K3+x`
		`- -----END PRIVATE KEY-----`
		`- -----BEGIN CERTIFICATE-----`
		`- -MIICrTCCAZWgAwIBAgIUdLT4B443vbxt0B8Mzy0sR4+6AyowDQYJKoZIhvcNAQEL`
		`- +MIICqzCCAZOgAwIBAgIUZsuXIOmILju0nz1jVSgag5GrPyMwDQYJKoZIhvcNAQEL`
		`- BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV`
		`- -BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxNFoYDzIxMjIw`
		`- -NTA5MTUzMzE0WjBEMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91`
		`- -cDEdMBsGA1UEAwwUVGVzdCBTL01JTUUgRUUgRUMgIzEwWTATBgcqhkjOPQIBBggq`
		`- -hkjOPQMBBwNCAATbG6XprSqHiD9AxWJiXRFgS+y38DGZ7hpSjs4bd95L+Lli+O91`
		`- -/lUy7Tb8aJ6VU2CoyWQjV4sQjbdVqeD+y4Kyo2AwXjAMBgNVHRMBAf8EAjAAMA4G`
		`- -A1UdDwEB/wQEAwIF4DAdBgNVHQ4EFgQUOia9H7l0qw3ftsDgEEeSBrHwQrwwHwYD`
		`- -VR0jBBgwFoAUFcETIWviVV+nah1XINbP86lzZFkwDQYJKoZIhvcNAQELBQADggEB`
		`- -AC7h/QkMocYANPqMQAO2okygG+OaE4qpKnlzHPUFMYedJGCvAWrwxu4hWL9T+hZo`
		`- -qilM7Fwaxw/P4Zaaa15SOOhXkIdn9Fu2ROmBQtEiklmWGMjiZ6F+9NCZPk0cTAXK`
		`- -2WQZOy41YNuvts+20osD4X/8x3fiARlokufj/TVyE73wG8pSSDh4KxWDfKv5Pi1F`
		`- -PC5IJh8XVELnFkeY3xjtoux5AYT+1xIQHO4eBua02Y1oPiWG7l/sK3grVlxrupd9`
		`- -pXowwFlezWZP9q12VlWkcqwNb9hF9PkZge9bpiOJipSYgyobtAnms/CRHu3e6izl`
		`- -LJRua7p4Wt/8GQENDrVkHqU=`
		`- +BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MjUyNFoXDTMyMDMz`
		`- +MTE0MjUyNFowRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx`
		`- +HTAbBgNVBAMMFFRlc3QgUy9NSU1FIEVFIEVDICMxMFkwEwYHKoZIzj0CAQYIKoZI`
		`- +zj0DAQcDQgAEvkiI9hWNg6Lj0bjQ6fVlabKnn+fLVd4CMFdBDlf8cmE82Ybn2Yv2`
		`- +gXF7oFkdce+fMeJx7rNrhLhBYtzK9yt/saNgMF4wDAYDVR0TAQH/BAIwADAOBgNV`
		`- +HQ8BAf8EBAMCBeAwHQYDVR0OBBYEFH/JvELYMj4nJ2HHUUyA9sxOYvNHMB8GA1Ud`
		`- +IwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZsMA0GCSqGSIb3DQEBCwUAA4IBAQCp`
		`- +sSEupiqT7S6oPS/5qtRF6POyxmhkH/Eh+RJitOODutxneJh+NdDqAQAOCexqcsF9`
		`- +1BH9hB/H6b3mS4CbcRG6R/EwzqMPUgy8OYXTrqWI9jzMKGyrBo59QFfGrwP1h8hj`
		`- +weVOVQU1iOloWPOfvMHehjX1Wt79/6BMMBvw+2qXXLAw2xpLFa4lU6HSoTiwoS5R`
		`- +mimrHnZ9tQZb54bsvdrW84kV3u1FIQ5G7jAduu97Wfr3eZGaJhW1MZLeoL7Z4Usy`
		`- +hRd2TJ6bZanb+wUJBcHOeW5ETj9MPtPsGIp8vETmY5XDm4UlX6tp4gAe4oeoIXFQ`
		`- +V5ASvNRiGWIJK5XF+zRY`
		`- -----END CERTIFICATE-----`
		`- diff -up openssl-3.0.5/test/smime-certs/smec2.pem.0061 openssl-3.0.5/test/smime-certs/smec2.pem`
		`- --- openssl-3.0.5/test/smime-certs/smec2.pem.0061 2022-09-02 14:17:15.330436654 +0200`
		`- +++ openssl-3.0.5/test/smime-certs/smec2.pem 2022-09-02 14:17:15.347436804 +0200`
		`- @@ -1,23 +1,23 @@`
		`- -----BEGIN PRIVATE KEY-----`
		`- -MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAEkuzLBwx5bIw3Q2PMNQ`
		`- -HzaY8yL3QLjzaJ8tCHrI/JTb9Q7VoUwDSgAEAu8b2HvLzKd0qhPtIw65Lh3OgF3X`
		`- -IN5874qHwt9zPSvokijSAH3v9tcBJPdRLD3Lweh2ZPn5hMwVwVorHqSgASk5vnjp`
		`- -HqER`
		`- +MIGPAgEAMBAGByqGSM49AgEGBSuBBAAQBHgwdgIBAQQjhHaq507MOBznelrLG/pl`
		`- +brnnJi/iEJUUp+Pm3PEiteXqckmhTANKAAQF2zs6vobmoT+M+P2+9LZ7asvFBNi7`
		`- +uCzLYF/8j1Scn/spczoC9vNzVhNw+Lg7dnjNL4EDIyYZLl7E0v69luzbvy+q44/8`
		`- +6bQ=`
		`- -----END PRIVATE KEY-----`
		`- -----BEGIN CERTIFICATE-----`
		`- -MIICsjCCAZqgAwIBAgIUFMjrNKt+D8tzvn7jtjZ5HrLcUlswDQYJKoZIhvcNAQEL`
		`- +MIICsDCCAZigAwIBAgIUWJSICrM9ZdmN6/jF/PoKng63XR0wDQYJKoZIhvcNAQEL`
		`- BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV`
		`- -BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxNFoYDzIxMjIw`
		`- -NTA5MTUzMzE0WjBEMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91`
		`- -cDEdMBsGA1UEAwwUVGVzdCBTL01JTUUgRUUgRUMgIzIwXjAQBgcqhkjOPQIBBgUr`
		`- -gQQAEANKAAQC7xvYe8vMp3SqE+0jDrkuHc6AXdcg3nzviofC33M9K+iSKNIAfe/2`
		`- -1wEk91EsPcvB6HZk+fmEzBXBWisepKABKTm+eOkeoRGjYDBeMAwGA1UdEwEB/wQC`
		`- -MAAwDgYDVR0PAQH/BAQDAgXgMB0GA1UdDgQWBBSqWRYUy2syIUwfSR31e19LeNXK`
		`- -9TAfBgNVHSMEGDAWgBQVwRMha+JVX6dqHVcg1s/zqXNkWTANBgkqhkiG9w0BAQsF`
		`- -AAOCAQEASbh+sI03xUMMzPT8bRbWNF5gG3ab8IUzqm05rTa54NCPRSn+ZdMXcCFz`
		`- -5fSU0T1dgEjeD+cCRVAZxskTZF7FWmRLc2weJMf7x+nPE5KaWyRAoD7FIKGP2m6m`
		`- -IMCVOmiafuzmHASBYOz6RwjgWS0AWES48DJX6o0KpuT4bsknz+H7Xo+4+NYGCRao`
		`- -enqIMZmWesGVXJ63pl32jUlXeAg59W6PpV2L9XRWLzDW1t1q2Uji7coCWtNjkojZ`
		`- -rv0yRMc1czkT+mAJRAJ8D9MoTnRXm1dH4bOxte4BGUHNQ2P1HeV01vkd1RTL0g0R`
		`- -lPyDAlBASvMn7RZ9nX8G3UOOL6gtVA==`
		`- +BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MjgxOVoXDTMyMDMz`
		`- +MTE0MjgxOVowRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx`
		`- +HTAbBgNVBAMMFFRlc3QgUy9NSU1FIEVFIEVDICMyMF4wEAYHKoZIzj0CAQYFK4EE`
		`- +ABADSgAEBds7Or6G5qE/jPj9vvS2e2rLxQTYu7gsy2Bf/I9UnJ/7KXM6Avbzc1YT`
		`- +cPi4O3Z4zS+BAyMmGS5exNL+vZbs278vquOP/Om0o2AwXjAMBgNVHRMBAf8EAjAA`
		`- +MA4GA1UdDwEB/wQEAwIF4DAdBgNVHQ4EFgQUZ/5BJCWQ3bQ+w03vH6OZAgkENxcw`
		`- +HwYDVR0jBBgwFoAUyZFTCmN7FluLvUTwdoipJObltmwwDQYJKoZIhvcNAQELBQAD`
		`- +ggEBACMGL6tuV/1lfrnx7TN/CnWdLEp55AlmzJ3MT9dXSOO1/df/fO3uAiiBNMyQ`
		`- +Rcf4vOeBZEk/Xq6GIaAbuuT5ECg50uopEGjUDR9sRWC5yiw2CRQ5ZWTcqMapv+E5`
		`- +7/1/tpaVHy+ZkJpbTV6O9gogEPy6uoft+tsel6NFoAj9ulkjuX9TortkVGPTfedd`
		`- +oevI32G3z4L4Gv1PCZvFMwEIiAuFDZBbD86gw7rH4BNihRujJRhpnxeRu8zJYB60`
		`- +cNeR2N7humdUy5uZnj6YHy3g2j0EDKOITHydIvL1KkSlihQrxEX5kMRr9RWRyFXJ`
		`- +/UfNk+5Y3g5Mm642MLvjBEUqurw=`
		`- -----END CERTIFICATE-----`
		`- diff -up openssl-3.0.5/test/smime-certs/smroot.pem.0061 openssl-3.0.5/test/smime-certs/smroot.pem`
		`- --- openssl-3.0.5/test/smime-certs/smroot.pem.0061 2022-09-02 14:17:15.329436645 +0200`
		`- +++ openssl-3.0.5/test/smime-certs/smroot.pem 2022-09-02 14:17:15.346436795 +0200`
		`- @@ -1,49 +1,49 @@`
		`- -----BEGIN PRIVATE KEY-----`
		`- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDZLSl8LdU54OUA`
		`- -T8ctFuKLShJul2IMzaEDkFLoL4agccajgvsRxW+8vbc2Re0y1mVMvfNz7Cg5a7Ke`
		`- -iSuFJOrQtvDt+HkU5c706YDmw15mBpDSHapkXr80G/ABFbstWafOfagVW45wv65K`
		`- -H4cnpcqwrLhagmC8QG0KfWbf+Z2efOxaGu/dTNA3Cnq/BQGTdlkQ28xbrvd+Ubzg`
		`- -cY4Y/hJ7Fw1/IeEhgr/iVJhQIUAklp9B+xqDfWuxIt5mNwWWh/Lfk+UxqE99EhQR`
		`- -0YZWyIKfKzbeJLBzDqY2hQzVL6kAvY9cR1WbBItTA0G2F5qZ9B/3EHEFWZMBvobt`
		`- -+UTEkuBdAgMBAAECggEAF3Eagz7nPyIZVdlGpIVN2r8aEjng6YTglmPjrxBCNdtS`
		`- -F6AxvY9UKklIF2Gg4tXlhU0TlDWvedM4Koif2/VKK1Ez3FvvpePQXPs/YKlB7T1U`
		`- -MHnnRII9nUBOva88zv5YcJ97nyKM03q9M18H1a29nShnlc1w56EEpBc5HX/yFYMv`
		`- -kMYydvB5j0DQkJlkQNFn4yRag0wIIPeyXwwh5l98SMlr40hO10OYTOQPrrgP/ham`
		`- -AOZ//DvGo5gF8hGJYoqG4vcYbxRfTqbc2lQ4XRknOT182l9gRum52ahkBY6LKb4r`
		`- -IZXPStS6fCAR5S0lcdBb3uN/ap9SUfb9w/Dhj5DZAQKBgQDr06DcsBpoGV2dK9ib`
		`- -YL5MxC5JL7G79IBPi3ThRiOSttKXv3oDAFB0AlJvFKwYmVz8SxXqQ2JUA4BfvMGF`
		`- -TNrbhukzo0ou5boExnQW/RjLN3fWVq1JM7iLbNU9YYpPCIG5LXrt4ZDOwITeGe8f`
		`- -bmZK9zxWxc6BBJtc3mTFS5tm4QKBgQDrwRyEn6oZ9TPbR69fPgWvDqQwKs+6TtYn`
		`- -0otMG9UejbSMcyU4sI+bZouoca2CzoNi2qZVIvI9aOygUHQAP7Dyq1KhsvYtzJub`
		`- -KEua379WnzBMMjJ56Q/e4aKTq229QvOk+ZEYl6aklZX7xnYetYNZQrp4QzUyOQTG`
		`- -gfxgxKi0/QKBgQCy1esAUJ/F366JOS3rLqNBjehX4c5T7ae8KtJ433qskO4E29TI`
		`- -H93jC7u9txyHDw5f2QUGgRE5Cuq4L2lGEDFMFvQUD7l69QVrB6ATqt25hhffuB1z`
		`- -DMDfIqpXAPgk1Rui9SVq7gqlb4OS9nHLESqLoQ/l8d2XI4o6FACxSZPQoQKBgQCR`
		`- -8AvwSUoqIXDFaB22jpVEJYMb0hSfFxhYtGvIZF5MOJowa0L6UcnD//mp/xzSoXYR`
		`- -pppaj3R28VGxd7wnP0YRIl7XfAoKleMpbAtJRwKR458pO9WlQ9GwPeq/ENqw0xYx`
		`- -5M+d8pqUvYiHv/X00pYJllYKBkiS21sKawLJAFQTHQKBgQCJCwVHxvxkdQ8G0sU2`
		`- -Vtv2W38hWOSg5+cxa+g1W6My2LhX34RkgKzuaUpYMlWGHzILpxIxhPrVLk1ZIjil`
		`- -GIP969XJ1BjB/kFtLWdxXG8tH1If3JgzfSHUofPHF3CENoJYEZ1ugEfIPzWPZJDI`
		`- -DL5zP8gmBL9ZAOO/J9YacxWYMQ==`
		`- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCyyQXED5HyVWwq`
		`- +nXyzmY317yMUJrIfsKvREG2C691dJNHgNg+oq5sjt/fzkyS84AvdOiicAsao4cYL`
		`- +DulthaLpbC7msEBhvwAil0FNb5g3ERupe1KuTdUV1UuD/i6S2VoaNXUBBn1rD9Wc`
		`- +BBc0lnx/4Wt92eQTI6925pt7ZHPQw2Olp7TQDElyi5qPxCem4uT0g3zbZsWqmmsI`
		`- +MXbu+K3dEprzqA1ucKXbxUmZNkMwVs2XCmlLxrRUj8C3/zENtH17HWCznhR/IVcV`
		`- +kgIuklkeiDsEhbWvUQumVXR7oPh/CPZAbjGqq5mVueHSHrp7brBVZKHZvoUka28Q`
		`- +LWitq1W5AgMBAAECggEASkRnOMKfBeOmQy2Yl6K57eeg0sYgSDnDpd0FINWJ5x9c`
		`- +b58FcjOXBodtYKlHIY6QXx3BsM0WaSEge4d+QBi7S+u8r+eXVwNYswXSArDQsk9R`
		`- +Bl5MQkvisGciL3pvLmFLpIeASyS/BLJXMbAhU58PqK+jT2wr6idwxBuXivJ3ichu`
		`- +ISdT1s2aMmnD86ulCD2DruZ4g0mmk5ffV+Cdj+WWkyvEaJW2GRYov2qdaqwSOxV4`
		`- +Yve9qStvEIWAf2cISQjbnw2Ww6Z5ebrqlOz9etkmwIly6DTbrIneBnoqJlFFWGlF`
		`- +ghuzc5RE2w1GbcKSOt0qXH44MTf/j0r86dlu7UIxgQKBgQDq0pEaiZuXHi9OQAOp`
		`- +PsDEIznCU1bcTDJewANHag5DPEnMKLltTNyLaBRulMypI+CrDbou0nDr29VOzfXx`
		`- +mNvi/c7RttOBOx7kXKvu0JUFKe2oIWRsg0KsyMX7UFMVaHFgrW+8DhQc7HK7URiw`
		`- +nitOnA7YwIHRF9BMmcWcLFEYBQKBgQDC6LPbXV8COKO0YCfGXPnE7EZGD/p0Q92Z`
		`- +8CoSefphEScSdO1IpxFXG7fOZ4x2GQb9q7D3IvaeKAqNjUjkuyxdB30lIWDBwSWw`
		`- +fFgsa2SZwD5P60G/ar50YJr6LiF333aUMDVmC9swFfZERAEmGUz2NTrPWQdIx/lu`
		`- +PyDtUR75JQKBgHaoCCJ8vl5SJl1IA5GV4Bo8IoeLTSzsY9d09zMy6BoZcMD1Ix2T`
		`- +5S2cXhayoegl9PT6bsYSGHVWFCdJ86ktMI826TcXRzDaCvYhzc9THroJQcnfdbtP`
		`- +aHWezkv7fsAmkoPjn75K7ubeo+r7Q5qbkg6a1PW58N8TRXIvkackzaVxAoGBALAq`
		`- +qh3U+AHG9dgbrPeyo6KkuCOtX39ks8/mbfCDRZYkbb9V5f5r2tVz3R93IlK/7jyr`
		`- +yWimtmde46Lrl33922w+T5OW5qBZllo9GWkUrDn3s5qClcuQjJIdmxYTSfbSCJiK`
		`- +NkmE39lHkG5FVRB9f71tgTlWS6ox7TYDYxx83NTtAoGAUJPAkGt4yGAN4Pdebv53`
		`- +bSEpAAULBHntiqDEOu3lVColHuZIucml/gbTpQDruE4ww4wE7dOhY8Q4wEBVYbRI`
		`- +vHkSiWpJUvZCuKG8Foh5pm9hU0qb+rbQV7NhLJ02qn1AMGO3F/WKrHPPY8/b9YhQ`
		`- +KfvPCYimQwBjVrEnSntLPR0=`
		`- -----END PRIVATE KEY-----`
		`- -----BEGIN CERTIFICATE-----`
		`- -MIIDezCCAmOgAwIBAgIUBxh2L3ItsVPuBogDI0WfUX1lFnMwDQYJKoZIhvcNAQEL`
		`- +MIIDeTCCAmGgAwIBAgIUF/2lFo3fH3uYuFalQVSIFqcYtd4wDQYJKoZIhvcNAQEL`
		`- BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV`
		`- -BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxM1oYDzIxMjIw`
		`- -NTEwMTUzMzEzWjBEMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91`
		`- -cDEdMBsGA1UEAwwUVGVzdCBTL01JTUUgUlNBIFJvb3QwggEiMA0GCSqGSIb3DQEB`
		`- -AQUAA4IBDwAwggEKAoIBAQDZLSl8LdU54OUAT8ctFuKLShJul2IMzaEDkFLoL4ag`
		`- -ccajgvsRxW+8vbc2Re0y1mVMvfNz7Cg5a7KeiSuFJOrQtvDt+HkU5c706YDmw15m`
		`- -BpDSHapkXr80G/ABFbstWafOfagVW45wv65KH4cnpcqwrLhagmC8QG0KfWbf+Z2e`
		`- -fOxaGu/dTNA3Cnq/BQGTdlkQ28xbrvd+UbzgcY4Y/hJ7Fw1/IeEhgr/iVJhQIUAk`
		`- -lp9B+xqDfWuxIt5mNwWWh/Lfk+UxqE99EhQR0YZWyIKfKzbeJLBzDqY2hQzVL6kA`
		`- -vY9cR1WbBItTA0G2F5qZ9B/3EHEFWZMBvobt+UTEkuBdAgMBAAGjYzBhMB0GA1Ud`
		`- -DgQWBBQVwRMha+JVX6dqHVcg1s/zqXNkWTAfBgNVHSMEGDAWgBQVwRMha+JVX6dq`
		`- -HVcg1s/zqXNkWTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkq`
		`- -hkiG9w0BAQsFAAOCAQEAvdAmpDPi1Wt7Hk30dXKF7Ug6MUKETi+uoO1Suo9JhNko`
		`- -/cpvoi8fbo/dnWVDfHVoItEn644Svver5UJdKJY62DvhilpCtAywYfCpgxkpKoKE`
		`- -dnpjnRBSMcbVDImsqvf1YjzFKiOiD7kcVvz4V0NZY91ZWwu3vgaSvcTJQkpWN0a+`
		`- -LWanpVKqigl8nskttnBeiHDHGebxj3hawlIdtVlkbQwLLwlVkX99x1F73uS33IzB`
		`- -Y6+ZJ2is7mD839B8fOVd9pvPvBBgahIrw5tzJ/Q+gITuVQd9E6RVXh10/Aw+i/8S`
		`- -7tHpEUgP3hBk1P+wRQBWDxbHB28lE+41jvh3JObQWQ==`
		`- +BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MDE1MloXDTMyMDUy`
		`- +MDE0MDE1MlowRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx`
		`- +HTAbBgNVBAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MIIBIjANBgkqhkiG9w0BAQEF`
		`- +AAOCAQ8AMIIBCgKCAQEAsskFxA+R8lVsKp18s5mN9e8jFCayH7Cr0RBtguvdXSTR`
		`- +4DYPqKubI7f385MkvOAL3ToonALGqOHGCw7pbYWi6Wwu5rBAYb8AIpdBTW+YNxEb`
		`- +qXtSrk3VFdVLg/4uktlaGjV1AQZ9aw/VnAQXNJZ8f+FrfdnkEyOvduabe2Rz0MNj`
		`- +pae00AxJcouaj8QnpuLk9IN822bFqpprCDF27vit3RKa86gNbnCl28VJmTZDMFbN`
		`- +lwppS8a0VI/At/8xDbR9ex1gs54UfyFXFZICLpJZHog7BIW1r1ELplV0e6D4fwj2`
		`- +QG4xqquZlbnh0h66e26wVWSh2b6FJGtvEC1oratVuQIDAQABo2MwYTAdBgNVHQ4E`
		`- +FgQUyZFTCmN7FluLvUTwdoipJObltmwwHwYDVR0jBBgwFoAUyZFTCmN7FluLvUTw`
		`- +doipJObltmwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZI`
		`- +hvcNAQELBQADggEBAFUbNCqSA5JTIk4wkLiDxs6sGVgSGS/XyFurT5WtyLwR6eiN`
		`- +r1Osq3DrF1805xzOjFfk3yYk2ctMMMXVEfXZavfNWgGSyUi6GrS+X1+y5snMpP7Z`
		`- +tFlb7iXxiSn5lUE1IS3y9bAlWUwTnOwdX2RuALVAzQ6oAvGIIOhb7FTkMqwsQBDx`
		`- +kBA9sgdCKv4d7zgFGdDMh1PGuia7+ZPWS9Nt3+WfRKzy4cf2p8+FTWkv1z7PtCSo`
		`- +bZySoXgav6WYGdA0VZY29HzVWC5d/LwSkeJr7pw09UjXBPnrDHbJRa+4JpwwsMT2`
		`- +b1E+cp36aagmQW97e8dCf3VzZWcD2bNJ9QM59d8=`
		`- -----END CERTIFICATE-----`
		`- diff -up openssl-3.0.5/test/smime-certs/smrsa1.pem.0061 openssl-3.0.5/test/smime-certs/smrsa1.pem`
		`- --- openssl-3.0.5/test/smime-certs/smrsa1.pem.0061 2022-09-02 14:17:15.328436636 +0200`
		`- +++ openssl-3.0.5/test/smime-certs/smrsa1.pem 2022-09-02 14:17:15.346436795 +0200`
		`- @@ -1,49 +1,49 @@`
		`- -----BEGIN PRIVATE KEY-----`
		`- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDax3T7alefZcbm`
		`- -CcdN0kEoBLwV8H25vre43RYjuPo64TBjeKUy27ayC1TXydF1eYm3HPrFYfkS0fZ6`
		`- -YK0xvwyxiQnesvcfnVe2fpXFPsl5RQvu1JKM7rJAuLC+YTRLez07IHhQnHQ25ZkR`
		`- -+B4SL5mIhuOSJ9yyFJYJQ3Kdw/aX/jtnWVR8p3FyghJptWIm90ufW4xWFY0yNSW1`
		`- -KmkZuOWF7VPh5RC1C7woB/RHhyD2gOP7tF+eDJ/QbX4iki4gPRFHuNrSV8ZpvDkI`
		`- -qqyF5BW8tyJneDkoWW8IuEpmNIzfbOCHvI6y7roeAmRrwH4/o5WxaEIsnQ/3pNvj`
		`- -n6+vA+nfAgMBAAECggEAFR5MHQQYCYjDXoDoI7YdgwA+AFIoGLjKYZu5yjX4tZv3`
		`- -gJ/si7sTaMlY5cGTU1HUPirxIVeCjv4Eha31BJ3KsGJ9jj6Gm0nOuzd/O+ctKeRv`
		`- -2/HaDvpFlk4dsCrlkjmxteuS9u5l9hygniWYutcBwjY0cRnMScZcm0VO+DVVMDj0`
		`- -9yNrFzhlmqV+ckawjK/J91r0uvnCVIsGA6akhlc5K0gwvFb/CC1WuceEeGx/38k3`
		`- -4OuiHtLyJfIlgyGD8C3QfJlMOBHeQ/DCo6GMqrOAad/chtcO7JklcJ+k2qylP2gu`
		`- -e25NJCQVh+L32b9WrH3quH6fbLIg8a8MmUWl6te3FQKBgQDddu0Dp8R8fe2WnAE5`
		`- -oXdASAf2BpthRNqUdYpkkO7gOV0MXCKIEiGZ+WuWEYmNlsXZCJRABprqLw9O/5Td`
		`- -2q+rCbdG9mSW2x82t/Ia4zd3r0RSHZyKbtOLtgmWfQkwVHy+rED8Juie5bNzHbjS`
		`- -1mYtFP2KDQ5yZA95yFg8ZtXOawKBgQD85VOPnfXGOJ783JHepAn4J2x1Edi+ZDQ+`
		`- -Ml9g2LwetI46dQ0bF6V8RtcyWp0+6+ydX5U4JKhERFDivolD7Z1KFmlNLPs0cqSX`
		`- -5g5kzTD+R+zpr9FRragYKyLdHsLP0ur75Rh5FQkUl2DmeKCMvMKAkio0cduVpVXT`
		`- -SvWUBtkHXQKBgBy4VoZZ1GZcolocwx/pK6DfdoDWXIIhvsLv91GRZhkX91QqAqRo`
		`- -zYi9StF8Vr1Q5zl9HlSrRp3GGpMhG/olaRCiQu1l+KeDpSmgczo/aysPRKntgyaE`
		`- -ttRweA/XCUEGQ+MqTYcluJcarMnp+dUFztxb04F6rfvxs/wUGjVDFMkfAoGBAK+F`
		`- -wx9UtPZk6gP6Wsu58qlnQ2Flh5dtGM1qTMR86OQu0OBFyVjaaqL8z/NE7Qp02H7J`
		`- -jlmvJ5JqD/Gv6Llau+Zl86P66kcWoqJCrA7OU4jJBueSfadA7gAIQGRUK0Xuz+UQ`
		`- -tpGjRfAiuMB9TIEhqaVuzRglRhBw9kZ2KkgZEJyJAoGBANrEpEwOhCv8Vt1Yiw6o`
		`- -co96wYj+0LARJXw6rIfEuLkthBRRoHqQMKqwIGMrwjHlHXPnQmajONzIJd+u+OS4`
		`- -psCGetAIGegd3xNVpK2uZv9QBWBpQbuofOh/c2Ctmm2phL2sVwCZ0qwIeXuBwJEc`
		`- -NOlOojKDO+dELErpShJgFIaU`
		`- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDXr9uzB/20QXKC`
		`- +xhkfNnJvl2xl1hzdOcrQmAqo+AAAcA/D49ImuJDVQRaK2bcj54XB26i1kXuOrxID`
		`- +3/etUb8yudfx8OAVwh8G0xVA4zhr8uXW85W2tBr4v0Lt+W6lSd6Hmfrk4GmE9LTU`
		`- +/vzl9HUPW6SZShN1G0nY6oeUXvLi0vasEUKv3a51T6JFYg4c7qt5RCk/w8kwrQ0D`
		`- +orQwCdkOPEIiC4b+nPStF12SVm5bx8rbYzioxuY/PdSebvt0APeqgRxSpCxqYnHs`
		`- +CoNeHzSrGXcP0COzFeUOz2tdrhmH09JLbGZs4nbojPxMkjpJSv3/ekDG2CHYxXSH`
		`- +XxpJstxZAgMBAAECggEASY4xsJaTEPwY3zxLqPdag2/yibBBW7ivz/9p80HQTlXp`
		`- +KnbxXj8nNXLjCytAZ8A3P2t316PrrTdLP4ML5lGwkM4MNPhek00GY79syhozTa0i`
		`- +cPHVJt+5Kwee/aVI9JmCiGAczh0yHyOM3+6ttIZvvXMVaSl4BUHvJ0ikQBc5YdzL`
		`- +s6VM2gCOR6K6n+39QHDI/T7WwO9FFSNnpWFOCHwAWtyBMlleVj+xeZX8OZ/aT+35`
		`- +27yjsGNBftWKku29VDineiQC+o+fZGJs6w4JZHoBSP8TfxP8fRCFVNA281G78Xak`
		`- +cEnKXwZ54bpoSa3ThKl+56J6NHkkfRGb8Rgt/ipJYQKBgQD5DKb82mLw85iReqsT`
		`- +8bkp408nPOBGz7KYnQsZqAVNGfehM02+dcN5z+w0jOj6GMPLPg5whlEo/O+rt9ze`
		`- +j6c2+8/+B4Bt5oqCKoOCIndH68jl65+oUxFkcHYxa3zYKGC9Uvb+x2BtBmYgvDRG`
		`- +ew6I2Q3Zyd2ThZhJygUZpsjsbQKBgQDdtNiGTkgWOm+WuqBI1LT5cQfoPfgI7/da`
		`- +ZA+37NBUQRe0cM7ddEcNqx7E3uUa1JJOoOYv65VyGI33Ul+evI8h5WE5bupcCEFk`
		`- +LolzbMc4YQUlsySY9eUXM8jQtfVtaWhuQaABt97l+9oADkrhA+YNdEu2yiz3T6W+`
		`- +msI5AnvkHQKBgDEjuPMdF/aY6dqSjJzjzfgg3KZOUaZHJuML4XvPdjRPUlfhKo7Q`
		`- +55/qUZ3Qy8tFBaTderXjGrJurc+A+LiFOaYUq2ZhDosguOWUA9yydjyfnkUXZ6or`
		`- +sbvSoM+BeOGhnezdKNT+e90nLRF6cQoTD7war6vwM6L+8hxlGvqDuRNFAoGAD4K8`
		`- +d0D4yB1Uez4ZQp8m/iCLRhM3zCBFtNw1QU/fD1Xye5w8zL96zRkAsRNLAgKHLdsR`
		`- +355iuTXAkOIBcJCOjveGQsdgvAmT0Zdz5FBi663V91o+IDlryqDD1t40CnCKbtRG`
		`- +hng/ruVczg4x7OYh7SUKuwIP/UlkNh6LogNreX0CgYBQF9troLex6X94VTi1V5hu`
		`- +iCwzDT6AJj63cS3VRO2ait3ZiLdpKdSNNW2WrlZs8FZr/mVutGEcWho8BugGMWST`
		`- +1iZkYwly9Xfjnpd0I00ZIlr2/B3+ZsK8w5cOW5Lpb7frol6+BkDnBjbNZI5kQndn`
		`- +zQpuMJliRlrq/5JkIbH6SA==`
		`- -----END PRIVATE KEY-----`
		`- -----BEGIN CERTIFICATE-----`
		`- -MIIDeTCCAmGgAwIBAgIUM6U1Peo3wzfAJIrzINejJJfmRzkwDQYJKoZIhvcNAQEL`
		`- +MIIDdzCCAl+gAwIBAgIUNrEw2I4NEV0Nbo7AVOF9z4mPBiYwDQYJKoZIhvcNAQEL`
		`- BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV`
		`- -BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxM1oYDzIxMjIw`
		`- -NTA5MTUzMzEzWjBFMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91`
		`- -cDEeMBwGA1UEAwwVVGVzdCBTL01JTUUgRUUgUlNBICMxMIIBIjANBgkqhkiG9w0B`
		`- -AQEFAAOCAQ8AMIIBCgKCAQEA2sd0+2pXn2XG5gnHTdJBKAS8FfB9ub63uN0WI7j6`
		`- -OuEwY3ilMtu2sgtU18nRdXmJtxz6xWH5EtH2emCtMb8MsYkJ3rL3H51Xtn6VxT7J`
		`- -eUUL7tSSjO6yQLiwvmE0S3s9OyB4UJx0NuWZEfgeEi+ZiIbjkifcshSWCUNyncP2`
		`- -l/47Z1lUfKdxcoISabViJvdLn1uMVhWNMjUltSppGbjlhe1T4eUQtQu8KAf0R4cg`
		`- -9oDj+7Rfngyf0G1+IpIuID0RR7ja0lfGabw5CKqsheQVvLciZ3g5KFlvCLhKZjSM`
		`- -32zgh7yOsu66HgJka8B+P6OVsWhCLJ0P96Tb45+vrwPp3wIDAQABo2AwXjAMBgNV`
		`- -HRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNVHQ4EFgQUHw4Us7FXwgLtZ1JB`
		`- -MOAHSkNYfEkwHwYDVR0jBBgwFoAUFcETIWviVV+nah1XINbP86lzZFkwDQYJKoZI`
		`- -hvcNAQELBQADggEBAAMAXEjTNo7evn6BvfEaG2q21q9xfFear/M0zxc5xcTj+WP+`
		`- -BKrlxXg5RlVFyvmzGhwZBERsDMJYa54aw8scDJsy/0zPdWST39dNev7xH13pP8nF`
		`- -QF4MGPKIqBzX8iDCqhz70p1w2ndLjz1dvsAqn6z9/Sh3T2kj6DfZY3jA49pMEim1`
		`- -vYd4lWa5AezU3+cLtBbo2c2iyG2W7SFpnNTjLX823f9rbVPnUb93ZI/tDXDIf5hL`
		`- -0hocZs+MWdC7Ly1Ru4PXa6+DeOM0z673me/Q27e24OBbG2eq5g7eW5euxJinGkpI`
		`- -XGGKTKrBCPxSdTtwSNHU9HsggT8a0wXL2QocZ3w=`
		`- +BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MDczN1oXDTMyMDMz`
		`- +MTE0MDczN1owRTELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx`
		`- +HjAcBgNVBAMMFVRlc3QgUy9NSU1FIEVFIFJTQSAjMTCCASIwDQYJKoZIhvcNAQEB`
		`- +BQADggEPADCCAQoCggEBANev27MH/bRBcoLGGR82cm+XbGXWHN05ytCYCqj4AABw`
		`- +D8Pj0ia4kNVBForZtyPnhcHbqLWRe46vEgPf961RvzK51/Hw4BXCHwbTFUDjOGvy`
		`- +5dbzlba0Gvi/Qu35bqVJ3oeZ+uTgaYT0tNT+/OX0dQ9bpJlKE3UbSdjqh5Re8uLS`
		`- +9qwRQq/drnVPokViDhzuq3lEKT/DyTCtDQOitDAJ2Q48QiILhv6c9K0XXZJWblvH`
		`- +yttjOKjG5j891J5u+3QA96qBHFKkLGpicewKg14fNKsZdw/QI7MV5Q7Pa12uGYfT`
		`- +0ktsZmziduiM/EySOklK/f96QMbYIdjFdIdfGkmy3FkCAwEAAaNgMF4wDAYDVR0T`
		`- +AQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYEFOaNz6WtNC5jH9UE4EaM`
		`- +y+59qO+EMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZsMA0GCSqGSIb3`
		`- +DQEBCwUAA4IBAQBMz3Ef3U0blTGhfP9HIBq09fWCgUN3aDDLZ/B6biFfWM87wlAm`
		`- +CdIuy2jhiEt8Ld8U9y8dbO7c2gzHBGc9FhScBkfQInrbhSctXL/r/wOc0divK9rq`
		`- +oXL2cL/CFfzcYPWNN3w6JAJyOhkhWnqF+/0T8+NdiRLE3a9NfX3a83GpfBVccYKQ`
		`- +kKKeVIw2K1dYbtlSo1HwOckxqUzN00IPs3xC8U9KNXKy7o0kdetKhk70DzXQ64j0`
		`- +EcmXxqPaCkgo3fl9z9nzKlWhg/qIi/1Bd1bpMP8IXAPEURDqhi0KI0w9GPCQRjfY`
		`- +7NwXrLEayBoL8TNxcJ3FwdI20+bmhhILBZgO`
		`- -----END CERTIFICATE-----`
		`- diff -up openssl-3.0.5/test/smime-certs/smrsa2.pem.0061 openssl-3.0.5/test/smime-certs/smrsa2.pem`
		`- --- openssl-3.0.5/test/smime-certs/smrsa2.pem.0061 2022-09-02 14:17:15.333436680 +0200`
		`- +++ openssl-3.0.5/test/smime-certs/smrsa2.pem 2022-09-02 14:17:15.347436804 +0200`
		`- @@ -1,49 +1,49 @@`
		`- -----BEGIN PRIVATE KEY-----`
		`- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDkoMi4sqj2mN8j`
		`- -SaFAibXEfeYYrzBHIdCm/uaXWit81fXOSFVw1rbeAppxz7bOcSEN50lpdP2UX3/b`
		`- -FYFD3exHXjvch9NPNgQaNkCqTNTuYa2L9wrpltXnon7tH3W/zZfF+/qpUSu1f6rk`
		`- -GyxjVXxLwjIawCX0rbLcdFCVVy+EyvQkvSxXjafrDMzshWzPDbtjUv3SH6avqrPn`
		`- -4NX0fv3BdBwTfDLAw/m8nN+9B9Mg0V7UNM1IJY/Vo5pLhv+MrEf8SnAS+1Wt43rT`
		`- -3PY9iMZMMWUswdgmPY0yCN95ggwNrSMGV60yvEDxINWuJoR8s0lybDdFa+AB5v4T`
		`- -hqKpspFNAgMBAAECggEAZmWu0K5QJ7Y7Rlo9ayLicsFyk36vUESQZ6MF0ybzEEPi`
		`- -BkR2ZAX+vDuNQckm1pprlAcRZbactl35bT3Z+fQE1cgaZoC8/x6xwq2m0796pNPB`
		`- -v0zjqdBBOLAaSgjLm56wyd88GqZ8vZsTBnw3KrxIYcP13e5OcaJ0V/GOf/yfD0lg`
		`- -Tq9i7V5Iq++Fpo2KvJA8FMgqcfhvhdo40rRykoBfzEZpBk4Ia/Yijsbx5sE15pFZ`
		`- -DfmsMbD+vViuM8IavHo61mBNyYeydwlgIMqUgP/6xbYUov/XSUojrLG+IQuvDx9D`
		`- -xzTHGM+IBJxQZMza/mDVcjUAcDEjWt/Mve8ibTQCbwKBgQDyaiGsURtlf/8xmmvT`
		`- -RQQFFFsJ8SXHNYmnceNULIjfDxpLk1yC4kBNUD+liAJscoVlOcByHmXQRtnY1PHq`
		`- -AwyrwplGd82773mtriDVFSjhD+GB7I0Hv2j+uiFZury0jR/6/AsWKCtTqd0opyuB`
		`- -8rGZjguiwZIjeyxd8mL1dncUHwKBgQDxcNxHUvIeDBvAmtK65xWUuLcqtK9BblBH`
		`- -YVA7p93RqX4E+w3J0OCvQRQ3r1GCMMzFEO0oOvNfMucU4rbQmx1pbzF8aQU+8iEW`
		`- -kYpaWUbPUQ2hmBblhjGYHsigt/BrzaW0QveVIWcGiyVVX9wiCzJH5moJlCRK2oHR`
		`- -B36hdlmNEwKBgQCSlWSpOx4y4RQiHXtn9Eq6+5UVTPGIJTKIwxAwnQFiyFIhMwl0`
		`- -x3UUixsBcF3uz80j6akaGJF+QOmH+TQTSibGUdS3TMhmBSfxwuJtlu7yMNUu6Chb`
		`- -b/4AUfLKvGVRVCjrbq8Rhda1L3jhFTz0xhlofgFBOIWy2M96O5BlV24oBwKBgQDs`
		`- -cf93ZfawkGEZVUXsPeQ3mlHe48YCCPtbfCSr13B3JErCq+5L52AyoUQgaHQlUI8o`
		`- -qrPmQx0V7O662G/6iP3bxEYtNVgq1cqrpGpeorGi1BjKWPyLWMj21abbJmev21xc`
		`- -1XxLMsQHd3tfSZp2SIq8OR09NjP4jla1k2Ziz1lRuwKBgQCUJXjhW4dPoOzC7DJK`
		`- -u4PsxcKkJDwwtfNudVDaHcbvvaHELTAkE2639vawH0TRwP6TDwmlbTQJP4EW+/0q`
		`- -13VcNXVAZSruA9dvxlh4vNUH3PzTDdFIJzGVbYbV9p5t++EQ7gRLuLZqs99BOzM9`
		`- -k6W9F60mEFz1Owh+lQv7WfSIVA==`
		`- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDcYC4tS2Uvn1Z2`
		`- +iDgtfkJA5tAqgbN6X4yK02RtVH5xekV9+6+eTt/9S+iFAzAnwqR/UB1R67ETrsWq`
		`- +V8u9xLg5fHIwIkmu9/6P31UU9cghO7J1lcrhHvooHaFpcXepPWQacpuBq2VvcKRD`
		`- +lDfVmdM5z6eS3dSZPTOMMP/xk4nhZB8mcw27qiccPieS0PZ9EZB63T1gmwaK1Rd5`
		`- +U94Pl0+zpDqhViuXmBfiIDWjjz0BzHnHSz5Rg4S3oXF1NcojhptIWyI0r7dgn5J3`
		`- +NxC4kgKdjzysxo6iWd0nLgz7h0jUdj79EOis4fg9G4f0EFWyQf7iDxGaA93Y9ePB`
		`- +Jv5iFZVZAgMBAAECggEBAILIPX856EHb0KclbhlpfY4grFcdg9LS04grrcTISQW1`
		`- +J3p9nBpZ+snKe6I8Yx6lf5PiipPsSLlCliHiWpIzJZVQCkAQiSPiHttpEYgP2IYI`
		`- +dH8dtznkdVbLRthZs0bnnPmpHCpW+iqpcYJ9eqkz0cvUNUGOjjWmwWmoRqwp/8CW`
		`- +3S1qbkQiCh0Mk2fQeGar76R06kXQ9MKDEj14zyS3rJX+cokjEoMSlH8Sbmdh2mJz`
		`- +XlNZcvqmeGJZwQWgbVVHOMUuZaKJiFa+lqvOdppbqSx0AsCRq6vjmjEYQEoOefYK`
		`- +3IJM9IvqW5UNx0Cy4kQdjhZFFwMO/ALD3QyF21iP4gECgYEA+isQiaWdaY4UYxwK`
		`- +Dg+pnSCKD7UGZUaCUIv9ds3CbntMOONFe0FxPsgcc4jRYQYj1rpQiFB8F11+qXGa`
		`- +P/IHcnjr2+mTrNY4I9Bt1Lg+pHSS8QCgzeueFybYMLaSsXUo7tGwpvw6UUb6/YWI`
		`- +LNCzZbrCLg1KZjGODhhxtvN45ZkCgYEA4YNSe+GMZlxgsvxbLs86WOm6DzJUPvxN`
		`- +bWmni0+Oe0cbevgGEUjDVc895uMFnpvlgO49/C0AYJ+VVbStjIMgAeMnWj6OZoSX`
		`- +q49rI8KmKUxKgORZiiaMqGWQ7Rxv68+4S8WANsjFxoUrE6dNV3uYDIUsiSLbZeI8`
		`- +38KVTcLohcECgYEAiOdyWHGq0G4xl/9rPUCzCMsa4velNV09yYiiwBZgVgfhsawm`
		`- +hQpOSBZJA60XMGqkyEkT81VgY4UF4QLLcD0qeCnWoXWVHFvrQyY4RNZDacpl87/t`
		`- +QGO2E2NtolL3umesa+2TJ/8Whw46Iu2llSjtVDm9NGiPk5eA7xPPf1iEi9kCgYAb`
		`- +0EmVE91wJoaarLtGS7LDkpgrFacEWbPnAbfzW62UENIX2Y1OBm5pH/Vfi7J+vHWS`
		`- +8E9e0eIRCL2vY2hgQy/oa67H151SkZnvQ/IP6Ar8Xvd1bDSK8HQ6tMQqKm63Y9g0`
		`- +KDjHCP4znOsSMnk8h/bZ3HcAtvbeWwftBR/LBnYNQQKBgA1leIXLLHRoX0VtS/7e`
		`- +y7Xmn7gepj+gDbSuCs5wGtgw0RB/1z/S3QoS2TCbZzKPBo20+ivoRP7gcuFhduFR`
		`- +hT8V87esr/QzLVpjLedQDW8Xb7GiO3BsU/gVC9VcngenbL7JObl3NgvdreIYo6+n`
		`- +yrLyf+8hjm6H6zkjqiOkHAl+`
		`- -----END PRIVATE KEY-----`
		`- -----BEGIN CERTIFICATE-----`
		`- -MIIDeTCCAmGgAwIBAgIUTMQXiTcI/rpzqO91NyFWpjLE3KkwDQYJKoZIhvcNAQEL`
		`- +MIIDdzCCAl+gAwIBAgIUdWyHziJTdWjooy8SanPMwLxNsPEwDQYJKoZIhvcNAQEL`
		`- BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV`
		`- -BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxM1oYDzIxMjIw`
		`- -NTA5MTUzMzEzWjBFMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91`
		`- -cDEeMBwGA1UEAwwVVGVzdCBTL01JTUUgRUUgUlNBICMyMIIBIjANBgkqhkiG9w0B`
		`- -AQEFAAOCAQ8AMIIBCgKCAQEA5KDIuLKo9pjfI0mhQIm1xH3mGK8wRyHQpv7ml1or`
		`- -fNX1zkhVcNa23gKacc+2znEhDedJaXT9lF9/2xWBQ93sR1473IfTTzYEGjZAqkzU`
		`- -7mGti/cK6ZbV56J+7R91v82Xxfv6qVErtX+q5BssY1V8S8IyGsAl9K2y3HRQlVcv`
		`- -hMr0JL0sV42n6wzM7IVszw27Y1L90h+mr6qz5+DV9H79wXQcE3wywMP5vJzfvQfT`
		`- -INFe1DTNSCWP1aOaS4b/jKxH/EpwEvtVreN609z2PYjGTDFlLMHYJj2NMgjfeYIM`
		`- -Da0jBletMrxA8SDVriaEfLNJcmw3RWvgAeb+E4aiqbKRTQIDAQABo2AwXjAMBgNV`
		`- -HRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNVHQ4EFgQUSJ0v3SKahe6eKssR`
		`- -rBvYLBprFTgwHwYDVR0jBBgwFoAUFcETIWviVV+nah1XINbP86lzZFkwDQYJKoZI`
		`- -hvcNAQELBQADggEBAKoyszyZ3DfCOIVzeJrnScXuMvRkVqO5aGmgZxtY9r6gPk8v`
		`- -gXaEFXDKqRbGqEnuwEjpew+SVZO8nrVpdIP7fydpufy7Cu91Ev4YL1ui5Vc66+IK`
		`- -7dXV7eZYcH/dDJBPZddHx9vGhcr0w8B1W9nldM3aQE/RQjOmMRDc7/Hnk0f0RzJp`
		`- -LA0adW3ry27z2s4qeCwkV9DNSh1KoGfcLwydBiXmJ1XINMFH/scD4pk9UeJpUL+5`
		`- -zvTaDzUmzLsI1gH3j/rlzJuNJ7EMfggKlfQdit9Qn6+6Gjk6T5jkZfzcq3LszuEA`
		`- -EFtkxWyBmmEgh4EmvZGAyrUvne1hIIksKe3iJ+E=`
		`- +BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MDkyNVoXDTMyMDMz`
		`- +MTE0MDkyNVowRTELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx`
		`- +HjAcBgNVBAMMFVRlc3QgUy9NSU1FIEVFIFJTQSAjMjCCASIwDQYJKoZIhvcNAQEB`
		`- +BQADggEPADCCAQoCggEBANxgLi1LZS+fVnaIOC1+QkDm0CqBs3pfjIrTZG1UfnF6`
		`- +RX37r55O3/1L6IUDMCfCpH9QHVHrsROuxapXy73EuDl8cjAiSa73/o/fVRT1yCE7`
		`- +snWVyuEe+igdoWlxd6k9ZBpym4GrZW9wpEOUN9WZ0znPp5Ld1Jk9M4ww//GTieFk`
		`- +HyZzDbuqJxw+J5LQ9n0RkHrdPWCbBorVF3lT3g+XT7OkOqFWK5eYF+IgNaOPPQHM`
		`- +ecdLPlGDhLehcXU1yiOGm0hbIjSvt2Cfknc3ELiSAp2PPKzGjqJZ3ScuDPuHSNR2`
		`- +Pv0Q6Kzh+D0bh/QQVbJB/uIPEZoD3dj148Em/mIVlVkCAwEAAaNgMF4wDAYDVR0T`
		`- +AQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYEFPRqunJgwdcM9Uvsy/MT`
		`- +6XHvUvuyMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZsMA0GCSqGSIb3`
		`- +DQEBCwUAA4IBAQBz02v4hd+EjW5NaMubkqPbgUTDRKdRq1RZM+C6m1MTMKy+8zTD`
		`- +QSKRCFf0UmSPMsdTArry9x15fmHIJW21F3bw4ISeVXRyzBhOnrGKXUt2Lg9c2MLa`
		`- +9C394ex0vw4ZGSNkrIARbM3084Chegs4PLMWLFam1H5J6wpvH8iXXYvhESW98luv`
		`- +i3HVQzqLXw7/9XHxf8RnrRcy/WhAA+KegAQMGHTo5KPLliXtypYdCxBHNcmOwJlR`
		`- +pSOp6fxhiRKN5DzcBPHOE/brZc4aNGgBHZgGg1g1Wb2lAylopgJrbyNkhEEwHVNM`
		`- +1uLCnXKV1nX+EiMKkhSV761ozdhMGljYb+GE`
		`- -----END CERTIFICATE-----`
		`- diff -up openssl-3.0.5/test/smime-certs/smrsa3.pem.0061 openssl-3.0.5/test/smime-certs/smrsa3.pem`
		`- --- openssl-3.0.5/test/smime-certs/smrsa3.pem.0061 2022-09-02 14:17:15.327436627 +0200`
		`- +++ openssl-3.0.5/test/smime-certs/smrsa3.pem 2022-09-02 14:17:15.346436795 +0200`
		`- @@ -1,49 +1,49 @@`
		`- -----BEGIN PRIVATE KEY-----`
		`- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQD5A/t3norj/167`
		`- -toKG1Ygtg3G+pZ4Nwl5a9flnm8JdSMW5TEEP1TSvDVIEuAVi7xqoAn6heypoaMkB`
		`- -GJ+AoSo9R7umdhhq2vnmWFNsdH6oDzynVXixyURo81YrN3sn9Xd55ivTiSpZXldi`
		`- -ECr2T0BYvOw0h497bPs6gY9LqgrBHNYVF3lFhdOmYWv+2qSdti+1gV3t24pv1CrK`
		`- -2AdX5Epdd5jR+eNnt+suZqoPC0hTcNjszJLcfDYFXHva9BcE0DfrgcYSmoSBU53M`
		`- -jt63TClK6ZoVcPJ7vXjFRHncvs1/d+nc9BdL9FsGI1ezspSwcJHqex2wgo76yDrq`
		`- -DE4s23rPAgMBAAECggEAEDi+VWD5VUpjD5zWOoPQiRDGBJBhtMAKkl6okxEmXvWb`
		`- -Xz3STFnjHgA1JFHW3bRU9BHI9k8vSHmnlnkfKb3V/ZX5IHNcKCHb/x9NBak+QLVQ`
		`- -0zLtfE9vxiTC0B/oac+MPaiD4hYFQ81pFwK6VS0Poi8ZCBJtOkRqfUvsyV8zZrgh`
		`- -/6cs4mwOVyZPFRgF9eWXYv7PJz8pNRizhII0iv9H/r2I3DzsZLPCg7c29mP+I/SG`
		`- -A7Pl82UXjtOc0KurGY2M5VheZjxJT/k/FLMkWY2GS5n6dfcyzsVSKb25HoeuvQsI`
		`- -vs1mKs+Onbobdc17hCcKVJzbi3DwXs5XDhrEzfHccQKBgQD88uBxVCRV31PsCN6I`
		`- -pKxQDGgz+1BqPqe7KMRiZI7HgDUK0eCM3/oG089/jsBtJcSxnScLSVNBjQ+xGiFi`
		`- -YCD4icQoJSzpqJyR6gDq5lTHASAe+9LWRW771MrtyACQWNXowYEyu8AjekrZkCUS`
		`- -wIKVpw57oWykzIoS7ixZsJ8gxwKBgQD8BPWqJEsLiQvOlS5E/g88eV1KTpxm9Xs+`
		`- -BbwsDXZ7m4Iw5lYaUu5CwBB/2jkGGRl8Q/EfAdUT7gXv3t6x5b1qMXaIczmRGYto`
		`- -NuI3AH2MPxAa7lg5TgBgie1r7PKwyPMfG3CtDx6n8W5sexgJpbIy5u7E+U6d8s1o`
		`- -c7EcsefduQKBgCkHJAx9v18GWFBip+W2ABUDzisQSlzRSNd8p03mTZpiWzgkDq4K`
		`- -7j0JQhDIkMGjbKH6gYi9Hfn17WOmf1+7g92MSvrP/NbxeGPadsejEIEu14zu/6Wt`
		`- -oXDLdRbYZ+8B2cBlEpWuCl42yck8Lic6fnPTou++oSah3otvglYR5d2lAoGACd8L`
		`- -3FE1m0sP6lSPjmZBJIZAcDOqDqJY5HIHD9arKGZL8CxlfPx4lqa9PrTGfQWoqORk`
		`- -YmmI9hHhq6aYJHGyPKGZWfjhbVyJyFg1/h+Hy2GA+P0S+ZOjkiR050BNtTz5wOMr`
		`- -Q6wO8FcVkywzIdWaqEHBYne9a5RiFVBKxKv3QAkCgYBxmCBKajFkMVb4Uc55WqJs`
		`- -Add0mctGgmZ1l5vq81eWe3wjM8wgfJgaD3Q3gwx2ABUX/R+OsVWSh4o5ZR86sYoz`
		`- -TviknBHF8GeDLjpT49+04fEaz336J2JOptF9zIpz7ZK1nrOEjzaZGtumReVjUP7X`
		`- -fNcb5iDYqZRzD8ixBbLxUw==`
		`- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCyK+BTAOJKJjji`
		`- +OhY60NeZjzGGZxEBfCm62n0mwkzusW/V/e63uwj6uOVCFoVBz5doMf3M6QIS2jL3`
		`- +Aw6Qs5+vcuLA0gHrqIwjYQz1UZ5ETLKLKbQw6YOIVfsFSTxytUVpfcByrubWiLKX`
		`- +63theG1/IVokDK/9/k52Kyt+wcCjuRb7AJQFj2OLDRuWm/gavozkK103gQ+dUq4H`
		`- +XamZMtTq1EhQOfc0IUeCOEL6xz4jzlHHfzLdkvb7Enhav2sXDfOmZp/DYf9IqS7l`
		`- +vFkkINPVbYFBTexaPZlFwmpGRjkmoyH/w+Jlcpzs+w6p1diWRpaSn62bbkRN49j6`
		`- +L2dVb+DfAgMBAAECggEAciwDl6zdVT6g/PbT/+SMA+7qgYHSN+1koEQaJpgjzGEP`
		`- +lUUfj8TewCtzXaIoyj9IepBuXryBg6snNXpT/w3bqgYon/7zFBvxkUpDj4A5tvKf`
		`- +BuY2fZFlpBvUu1Ju1eKrFCptBBBoA9mc+BUB/ze4ktrAdJFcxZoMlVScjqGB3GdR`
		`- +OHw2x9BdWGCJBhiu9VHhAAb/LVWi6xgDumYSWZwN2yovg+7J91t5bsENeBRHycK+`
		`- +i5dNFh1umIK9N0SH6bpHPnLHrCRchrQ6ZRRxL4ZBKA9jFRDeI7OOsJuCvhGyJ1se`
		`- +snsLjr/Ahg00aiHCcC1SPQ6pmXAVBCG7hf4AX82V4QKBgQDaFDE+Fcpv84mFo4s9`
		`- +wn4CZ8ymoNIaf5zPl/gpH7MGots4NT5+Ns+6zzJQ6TEpDjTPx+vDaabP7QGXwVZn`
		`- +8NAHYvCQK37b+u9HrOt256YYRDOmnJFSbsJdmqzMEzpTNmQ8GuI37cZCS9CmSMv+`
		`- +ab/plcwuv0cJRSC83NN2AFyu1QKBgQDRJzKIBQlpprF9rA0D5ZjLVW4OH18A0Mmm`
		`- +oanw7qVutBaM4taFN4M851WnNIROyYIlkk2fNgW57Y4M8LER4zLrjU5HY4lB0BMX`
		`- +LQWDbyz4Y7L4lVnnEKfQxWFt9avNZwiCxCxEKy/n/icmVCzc91j9uwKcupdzrN6E`
		`- +yzPd1s5y4wKBgQCkJvzmAdsOp9/Fg1RFWcgmIWHvrzBXl+U+ceLveZf1j9K5nYJ7`
		`- +2OBGer4iH1XM1I+2M4No5XcWHg3L4FEdDixY0wXHT6Y/CcThS+015Kqmq3fBmyrc`
		`- +RNjzQoF9X5/QkSmkAIx1kvpgXtcgw70htRIrToGSUpKzDKDW6NYXhbA+PQKBgDJK`
		`- +KH5IJ8E9kYPUMLT1Kc4KVpISvPcnPLVSPdhuqVx69MkfadFSTb4BKbkwiXegQCjk`
		`- +isFzbeEM25EE9q6EYKP+sAm+RyyJ6W0zKBY4TynSXyAiWSGUAaXTL+AOqCaVVZiL`
		`- +rtEdSUGQ/LzclIT0/HLV2oTw4KWxtTdc3LXEhpNdAoGBAM3LckiHENqtoeK2gVNw`
		`- +IPeEuruEqoN4n+XltbEEv6Ymhxrs6T6HSKsEsLhqsUiIvIzH43KMm45SNYTn5eZh`
		`- +yzYMXLmervN7c1jJe2Y2MYv6hE+Ypj1xGW4w7s8WNKmVzLv97beisD9AZrS7sXfF`
		`- +RvOAi5wVkYylDxV4238MAZIq`
		`- -----END PRIVATE KEY-----`
		`- -----BEGIN CERTIFICATE-----`
		`- -MIIDeTCCAmGgAwIBAgIUIDyc//j/LoNDesZTGbPBoVarv4EwDQYJKoZIhvcNAQEL`
		`- +MIIDdzCCAl+gAwIBAgIUAKvI4FWjFLx8iBGifOW3mG/xkT0wDQYJKoZIhvcNAQEL`
		`- BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV`
		`- -BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxM1oYDzIxMjIw`
		`- -NTA5MTUzMzEzWjBFMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91`
		`- -cDEeMBwGA1UEAwwVVGVzdCBTL01JTUUgRUUgUlNBICMzMIIBIjANBgkqhkiG9w0B`
		`- -AQEFAAOCAQ8AMIIBCgKCAQEA+QP7d56K4/9eu7aChtWILYNxvqWeDcJeWvX5Z5vC`
		`- -XUjFuUxBD9U0rw1SBLgFYu8aqAJ+oXsqaGjJARifgKEqPUe7pnYYatr55lhTbHR+`
		`- -qA88p1V4sclEaPNWKzd7J/V3eeYr04kqWV5XYhAq9k9AWLzsNIePe2z7OoGPS6oK`
		`- -wRzWFRd5RYXTpmFr/tqknbYvtYFd7duKb9QqytgHV+RKXXeY0fnjZ7frLmaqDwtI`
		`- -U3DY7MyS3Hw2BVx72vQXBNA364HGEpqEgVOdzI7et0wpSumaFXDye714xUR53L7N`
		`- -f3fp3PQXS/RbBiNXs7KUsHCR6nsdsIKO+sg66gxOLNt6zwIDAQABo2AwXjAMBgNV`
		`- -HRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNVHQ4EFgQUN9pGq/UFS3o50rTi`
		`- -V+AYgAk+3R4wHwYDVR0jBBgwFoAUFcETIWviVV+nah1XINbP86lzZFkwDQYJKoZI`
		`- -hvcNAQELBQADggEBAGcOh380/6aJqMpYBssuf2CB3DX/hGKdvEF7fF8iNSfl5HHq`
		`- -112kHl3MhbL9Th/safJq9sLDJqjXRNdVCUJJbU4YI2P2gsi04paC0qxWxMLtzQLd`
		`- -CE7ki2xH94Fuu/dThbpzZBABROO1RrdI24GDGt9t4Gf0WVkobmT/zNlwGppKTIB2`
		`- -iV/Ug30iKr/C49UzwUIa+XXXujkjPTmGSnrKwVQNxQh81rb+iTL7GEnNuqDsatHW`
		`- -ZyLS2SaVdG5tMqDkITPMDGjehUzJcAbVc8Bv4m8Ukuov3uDj2Doc6MxlvrVkV0AE`
		`- -BcSCb/bWQJJ/X4LQZlx9cMk4NINxV9UeFPZOefg=`
		`- +BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MTEwNloXDTMyMDMz`
		`- +MTE0MTEwNlowRTELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx`
		`- +HjAcBgNVBAMMFVRlc3QgUy9NSU1FIEVFIFJTQSAjMzCCASIwDQYJKoZIhvcNAQEB`
		`- +BQADggEPADCCAQoCggEBALIr4FMA4komOOI6FjrQ15mPMYZnEQF8KbrafSbCTO6x`
		`- +b9X97re7CPq45UIWhUHPl2gx/czpAhLaMvcDDpCzn69y4sDSAeuojCNhDPVRnkRM`
		`- +sosptDDpg4hV+wVJPHK1RWl9wHKu5taIspfre2F4bX8hWiQMr/3+TnYrK37BwKO5`
		`- +FvsAlAWPY4sNG5ab+Bq+jOQrXTeBD51SrgddqZky1OrUSFA59zQhR4I4QvrHPiPO`
		`- +Ucd/Mt2S9vsSeFq/axcN86Zmn8Nh/0ipLuW8WSQg09VtgUFN7Fo9mUXCakZGOSaj`
		`- +If/D4mVynOz7DqnV2JZGlpKfrZtuRE3j2PovZ1Vv4N8CAwEAAaNgMF4wDAYDVR0T`
		`- +AQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYEFDoKRbmxroesGxa+4868`
		`- +yPIvkCewMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZsMA0GCSqGSIb3`
		`- +DQEBCwUAA4IBAQBfCCzWyZzIvq/ci6E74ovJ8mMel5Z9MU9EcvY0k7pJSUbpCg3c`
		`- +P48CiAzt8r8Em4AymADfK1pYvvpTNVpU/USbdKR1hyxZjqWrYdsY7tlVuvZ92oFs`
		`- +s3komuKHCx2SQAe5b+LWjC1Bf8JUFx+XTjYb/BBg7nQRwi3TkYVVmW7hXLYvf4Jn`
		`- +Uyu0x02pDzUu+62jeYbNIVJnYwSU0gLHEo81QmNs06RLjnAhbneUZ6P6YuJOdDo7`
		`- +xMw/ywijZM0FxsWxRSsCBwavhabg1Kb1lO//pbgcSa9T0D7ax1XoMni3RJnHj6gu`
		`- +r0Mi3QjgZaxghR3TPh83dQLilECYDuD0uTzf`
		`- -----END CERTIFICATE-----`

0062-fips-Expose-a-FIPS-indicator.patch

file modified

+1 -1

		`@@ -248,8 +248,8 @@`
		`--- a/providers/fips/fipsprov.c`
		`+++ b/providers/fips/fipsprov.c`
		`@@ -23,6 +23,7 @@`
		`- #include "prov/seeding.h"`
		`#include "self_test.h"`
		`+ #include "crypto/context.h"`
		`#include "internal/core.h"`
		`+#include "indicator.h"`

0071-AES-GCM-performance-optimization.patch

file removed

-1635

		`@@ -1,1635 +0,0 @@`
		`- Upstream-Status: Backport [https://github.com/openssl/openssl/commit/44a563dde1584cd9284e80b6e45ee5019be8d36c, https://github.com/openssl/openssl/commit/345c99b6654b8313c792d54f829943068911ddbd]`
		`- diff --git a/crypto/modes/asm/aes-gcm-ppc.pl b/crypto/modes/asm/aes-gcm-ppc.pl`
		`- new file mode 100644`
		`- index 0000000..6624e6c`
		`- --- /dev/null`
		`- +++ b/crypto/modes/asm/aes-gcm-ppc.pl`
		`- @@ -0,0 +1,1438 @@`
		`- +#! /usr/bin/env perl`
		`- +# Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.`
		`- +# Copyright 2021- IBM Inc. All rights reserved`
		`- +#`
		`- +# Licensed under the Apache License 2.0 (the "License"). You may not use`
		`- +# this file except in compliance with the License. You can obtain a copy`
		`- +# in the file LICENSE in the source distribution or at`
		`- +# https://www.openssl.org/source/license.html`
		`- +#`
		`- +#===================================================================================`
		`- +# Written by Danny Tsen <dtsen@us.ibm.com> for OpenSSL Project,`
		`- +#`
		`- +# GHASH is based on the Karatsuba multiplication method.`
		`- +#`
		`- +# Xi xor X1`
		`- +#`
		`- +# X1 * H^4 + X2 * H^3 + x3 * H^2 + X4 * H =`
		`- +# (X1.h * H4.h + xX.l * H4.l + X1 * H4) +`
		`- +# (X2.h * H3.h + X2.l * H3.l + X2 * H3) +`
		`- +# (X3.h * H2.h + X3.l * H2.l + X3 * H2) +`
		`- +# (X4.h * H.h + X4.l * H.l + X4 * H)`
		`- +#`
		`- +# Xi = v0`
		`- +# H Poly = v2`
		`- +# Hash keys = v3 - v14`
		`- +# ( H.l, H, H.h)`
		`- +# ( H^2.l, H^2, H^2.h)`
		`- +# ( H^3.l, H^3, H^3.h)`
		`- +# ( H^4.l, H^4, H^4.h)`
		`- +#`
		`- +# v30 is IV`
		`- +# v31 - counter 1`
		`- +#`
		`- +# AES used,`
		`- +# vs0 - vs14 for round keys`
		`- +# v15, v16, v17, v18, v19, v20, v21, v22 for 8 blocks (encrypted)`
		`- +#`
		`- +# This implementation uses stitched AES-GCM approach to improve overall performance.`
		`- +# AES is implemented with 8x blocks and GHASH is using 2 4x blocks.`
		`- +#`
		`- +# Current large block (16384 bytes) performance per second with 128 bit key --`
		`- +#`
		`- +# Encrypt Decrypt`
		`- +# Power10[le] (3.5GHz) 5.32G 5.26G`
		`- +#`
		`- +# ===================================================================================`
		`- +#`
		`- +# $output is the last argument if it looks like a file (it has an extension)`
		`- +# $flavour is the first argument if it doesn't look like a file`
		`- +$output = $#ARGV >= 0 && $ARGV[$#ARGV] =~ m\|\.\w+$\| ? pop : undef;`
		`- +$flavour = $#ARGV >= 0 && $ARGV[0] !~ m\|\.\| ? shift : undef;`
		`- +`
		`- +if ($flavour =~ /64/) {`
		`- + $SIZE_T=8;`
		`- + $LRSAVE=2*$SIZE_T;`
		`- + $STU="stdu";`
		`- + $POP="ld";`
		`- + $PUSH="std";`
		`- + $UCMP="cmpld";`
		`- + $SHRI="srdi";`
		`- +} elsif ($flavour =~ /32/) {`
		`- + $SIZE_T=4;`
		`- + $LRSAVE=$SIZE_T;`
		`- + $STU="stwu";`
		`- + $POP="lwz";`
		`- + $PUSH="stw";`
		`- + $UCMP="cmplw";`
		`- + $SHRI="srwi";`
		`- +} else { die "nonsense $flavour"; }`
		`- +`
		`- +$sp="r1";`
		`- +$FRAME=6$SIZE_T+1316; # 13*16 is for v20-v31 offload`
		`- +`
		`- +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;`
		`- +( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or`
		`- +( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or`
		`- +die "can't locate ppc-xlate.pl";`
		`- +`
		`- +open STDOUT,"\| $^X $xlate $flavour \"$output\""`
		`- + or die "can't call $xlate: $!";`
		`- +`
		`- +$code=<<___;`
		`- +.machine "any"`
		`- +.text`
		`- +`
		`- +# 4x loops`
		`- +# v15 - v18 - input states`
		`- +# vs1 - vs9 - round keys`
		`- +#`
		`- +.macro Loop_aes_middle4x`
		`- + xxlor 19+32, 1, 1`
		`- + xxlor 20+32, 2, 2`
		`- + xxlor 21+32, 3, 3`
		`- + xxlor 22+32, 4, 4`
		`- +`
		`- + vcipher 15, 15, 19`
		`- + vcipher 16, 16, 19`
		`- + vcipher 17, 17, 19`
		`- + vcipher 18, 18, 19`
		`- +`
		`- + vcipher 15, 15, 20`
		`- + vcipher 16, 16, 20`
		`- + vcipher 17, 17, 20`
		`- + vcipher 18, 18, 20`
		`- +`
		`- + vcipher 15, 15, 21`
		`- + vcipher 16, 16, 21`
		`- + vcipher 17, 17, 21`
		`- + vcipher 18, 18, 21`
		`- +`
		`- + vcipher 15, 15, 22`
		`- + vcipher 16, 16, 22`
		`- + vcipher 17, 17, 22`
		`- + vcipher 18, 18, 22`
		`- +`
		`- + xxlor 19+32, 5, 5`
		`- + xxlor 20+32, 6, 6`
		`- + xxlor 21+32, 7, 7`
		`- + xxlor 22+32, 8, 8`
		`- +`
		`- + vcipher 15, 15, 19`
		`- + vcipher 16, 16, 19`
		`- + vcipher 17, 17, 19`
		`- + vcipher 18, 18, 19`
		`- +`
		`- + vcipher 15, 15, 20`
		`- + vcipher 16, 16, 20`
		`- + vcipher 17, 17, 20`
		`- + vcipher 18, 18, 20`
		`- +`
		`- + vcipher 15, 15, 21`
		`- + vcipher 16, 16, 21`
		`- + vcipher 17, 17, 21`
		`- + vcipher 18, 18, 21`
		`- +`
		`- + vcipher 15, 15, 22`
		`- + vcipher 16, 16, 22`
		`- + vcipher 17, 17, 22`
		`- + vcipher 18, 18, 22`
		`- +`
		`- + xxlor 23+32, 9, 9`
		`- + vcipher 15, 15, 23`
		`- + vcipher 16, 16, 23`
		`- + vcipher 17, 17, 23`
		`- + vcipher 18, 18, 23`
		`- +.endm`
		`- +`
		`- +# 8x loops`
		`- +# v15 - v22 - input states`
		`- +# vs1 - vs9 - round keys`
		`- +#`
		`- +.macro Loop_aes_middle8x`
		`- + xxlor 23+32, 1, 1`
		`- + xxlor 24+32, 2, 2`
		`- + xxlor 25+32, 3, 3`
		`- + xxlor 26+32, 4, 4`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 16, 16, 23`
		`- + vcipher 17, 17, 23`
		`- + vcipher 18, 18, 23`
		`- + vcipher 19, 19, 23`
		`- + vcipher 20, 20, 23`
		`- + vcipher 21, 21, 23`
		`- + vcipher 22, 22, 23`
		`- +`
		`- + vcipher 15, 15, 24`
		`- + vcipher 16, 16, 24`
		`- + vcipher 17, 17, 24`
		`- + vcipher 18, 18, 24`
		`- + vcipher 19, 19, 24`
		`- + vcipher 20, 20, 24`
		`- + vcipher 21, 21, 24`
		`- + vcipher 22, 22, 24`
		`- +`
		`- + vcipher 15, 15, 25`
		`- + vcipher 16, 16, 25`
		`- + vcipher 17, 17, 25`
		`- + vcipher 18, 18, 25`
		`- + vcipher 19, 19, 25`
		`- + vcipher 20, 20, 25`
		`- + vcipher 21, 21, 25`
		`- + vcipher 22, 22, 25`
		`- +`
		`- + vcipher 15, 15, 26`
		`- + vcipher 16, 16, 26`
		`- + vcipher 17, 17, 26`
		`- + vcipher 18, 18, 26`
		`- + vcipher 19, 19, 26`
		`- + vcipher 20, 20, 26`
		`- + vcipher 21, 21, 26`
		`- + vcipher 22, 22, 26`
		`- +`
		`- + xxlor 23+32, 5, 5`
		`- + xxlor 24+32, 6, 6`
		`- + xxlor 25+32, 7, 7`
		`- + xxlor 26+32, 8, 8`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 16, 16, 23`
		`- + vcipher 17, 17, 23`
		`- + vcipher 18, 18, 23`
		`- + vcipher 19, 19, 23`
		`- + vcipher 20, 20, 23`
		`- + vcipher 21, 21, 23`
		`- + vcipher 22, 22, 23`
		`- +`
		`- + vcipher 15, 15, 24`
		`- + vcipher 16, 16, 24`
		`- + vcipher 17, 17, 24`
		`- + vcipher 18, 18, 24`
		`- + vcipher 19, 19, 24`
		`- + vcipher 20, 20, 24`
		`- + vcipher 21, 21, 24`
		`- + vcipher 22, 22, 24`
		`- +`
		`- + vcipher 15, 15, 25`
		`- + vcipher 16, 16, 25`
		`- + vcipher 17, 17, 25`
		`- + vcipher 18, 18, 25`
		`- + vcipher 19, 19, 25`
		`- + vcipher 20, 20, 25`
		`- + vcipher 21, 21, 25`
		`- + vcipher 22, 22, 25`
		`- +`
		`- + vcipher 15, 15, 26`
		`- + vcipher 16, 16, 26`
		`- + vcipher 17, 17, 26`
		`- + vcipher 18, 18, 26`
		`- + vcipher 19, 19, 26`
		`- + vcipher 20, 20, 26`
		`- + vcipher 21, 21, 26`
		`- + vcipher 22, 22, 26`
		`- +`
		`- + xxlor 23+32, 9, 9`
		`- + vcipher 15, 15, 23`
		`- + vcipher 16, 16, 23`
		`- + vcipher 17, 17, 23`
		`- + vcipher 18, 18, 23`
		`- + vcipher 19, 19, 23`
		`- + vcipher 20, 20, 23`
		`- + vcipher 21, 21, 23`
		`- + vcipher 22, 22, 23`
		`- +.endm`
		`- +`
		`- +#`
		`- +# Compute 4x hash values based on Karatsuba method.`
		`- +#`
		`- +ppc_aes_gcm_ghash:`
		`- + vxor 15, 15, 0`
		`- +`
		`- + xxlxor 29, 29, 29`
		`- +`
		`- + vpmsumd 23, 12, 15 # H4.L * X.L`
		`- + vpmsumd 24, 9, 16`
		`- + vpmsumd 25, 6, 17`
		`- + vpmsumd 26, 3, 18`
		`- +`
		`- + vxor 23, 23, 24`
		`- + vxor 23, 23, 25`
		`- + vxor 23, 23, 26 # L`
		`- +`
		`- + vpmsumd 24, 13, 15 # H4.L * X.H + H4.H * X.L`
		`- + vpmsumd 25, 10, 16 # H3.L * X1.H + H3.H * X1.L`
		`- + vpmsumd 26, 7, 17`
		`- + vpmsumd 27, 4, 18`
		`- +`
		`- + vxor 24, 24, 25`
		`- + vxor 24, 24, 26`
		`- + vxor 24, 24, 27 # M`
		`- +`
		`- + # sum hash and reduction with H Poly`
		`- + vpmsumd 28, 23, 2 # reduction`
		`- +`
		`- + xxlor 29+32, 29, 29`
		`- + vsldoi 26, 24, 29, 8 # mL`
		`- + vsldoi 29, 29, 24, 8 # mH`
		`- + vxor 23, 23, 26 # mL + L`
		`- +`
		`- + vsldoi 23, 23, 23, 8 # swap`
		`- + vxor 23, 23, 28`
		`- +`
		`- + vpmsumd 24, 14, 15 # H4.H * X.H`
		`- + vpmsumd 25, 11, 16`
		`- + vpmsumd 26, 8, 17`
		`- + vpmsumd 27, 5, 18`
		`- +`
		`- + vxor 24, 24, 25`
		`- + vxor 24, 24, 26`
		`- + vxor 24, 24, 27`
		`- +`
		`- + vxor 24, 24, 29`
		`- +`
		`- + # sum hash and reduction with H Poly`
		`- + vsldoi 27, 23, 23, 8 # swap`
		`- + vpmsumd 23, 23, 2`
		`- + vxor 27, 27, 24`
		`- + vxor 23, 23, 27`
		`- +`
		`- + xxlor 32, 23+32, 23+32 # update hash`
		`- +`
		`- + blr`
		`- +`
		`- +#`
		`- +# Combine two 4x ghash`
		`- +# v15 - v22 - input blocks`
		`- +#`
		`- +.macro ppc_aes_gcm_ghash2_4x`
		`- + # first 4x hash`
		`- + vxor 15, 15, 0 # Xi + X`
		`- +`
		`- + xxlxor 29, 29, 29`
		`- +`
		`- + vpmsumd 23, 12, 15 # H4.L * X.L`
		`- + vpmsumd 24, 9, 16`
		`- + vpmsumd 25, 6, 17`
		`- + vpmsumd 26, 3, 18`
		`- +`
		`- + vxor 23, 23, 24`
		`- + vxor 23, 23, 25`
		`- + vxor 23, 23, 26 # L`
		`- +`
		`- + vpmsumd 24, 13, 15 # H4.L * X.H + H4.H * X.L`
		`- + vpmsumd 25, 10, 16 # H3.L * X1.H + H3.H * X1.L`
		`- + vpmsumd 26, 7, 17`
		`- + vpmsumd 27, 4, 18`
		`- +`
		`- + vxor 24, 24, 25`
		`- + vxor 24, 24, 26`
		`- +`
		`- + # sum hash and reduction with H Poly`
		`- + vpmsumd 28, 23, 2 # reduction`
		`- +`
		`- + xxlor 29+32, 29, 29`
		`- +`
		`- + vxor 24, 24, 27 # M`
		`- + vsldoi 26, 24, 29, 8 # mL`
		`- + vsldoi 29, 29, 24, 8 # mH`
		`- + vxor 23, 23, 26 # mL + L`
		`- +`
		`- + vsldoi 23, 23, 23, 8 # swap`
		`- + vxor 23, 23, 28`
		`- +`
		`- + vpmsumd 24, 14, 15 # H4.H * X.H`
		`- + vpmsumd 25, 11, 16`
		`- + vpmsumd 26, 8, 17`
		`- + vpmsumd 27, 5, 18`
		`- +`
		`- + vxor 24, 24, 25`
		`- + vxor 24, 24, 26`
		`- + vxor 24, 24, 27 # H`
		`- +`
		`- + vxor 24, 24, 29 # H + mH`
		`- +`
		`- + # sum hash and reduction with H Poly`
		`- + vsldoi 27, 23, 23, 8 # swap`
		`- + vpmsumd 23, 23, 2`
		`- + vxor 27, 27, 24`
		`- + vxor 27, 23, 27 # 1st Xi`
		`- +`
		`- + # 2nd 4x hash`
		`- + vpmsumd 24, 9, 20`
		`- + vpmsumd 25, 6, 21`
		`- + vpmsumd 26, 3, 22`
		`- + vxor 19, 19, 27 # Xi + X`
		`- + vpmsumd 23, 12, 19 # H4.L * X.L`
		`- +`
		`- + vxor 23, 23, 24`
		`- + vxor 23, 23, 25`
		`- + vxor 23, 23, 26 # L`
		`- +`
		`- + vpmsumd 24, 13, 19 # H4.L * X.H + H4.H * X.L`
		`- + vpmsumd 25, 10, 20 # H3.L * X1.H + H3.H * X1.L`
		`- + vpmsumd 26, 7, 21`
		`- + vpmsumd 27, 4, 22`
		`- +`
		`- + vxor 24, 24, 25`
		`- + vxor 24, 24, 26`
		`- +`
		`- + # sum hash and reduction with H Poly`
		`- + vpmsumd 28, 23, 2 # reduction`
		`- +`
		`- + xxlor 29+32, 29, 29`
		`- +`
		`- + vxor 24, 24, 27 # M`
		`- + vsldoi 26, 24, 29, 8 # mL`
		`- + vsldoi 29, 29, 24, 8 # mH`
		`- + vxor 23, 23, 26 # mL + L`
		`- +`
		`- + vsldoi 23, 23, 23, 8 # swap`
		`- + vxor 23, 23, 28`
		`- +`
		`- + vpmsumd 24, 14, 19 # H4.H * X.H`
		`- + vpmsumd 25, 11, 20`
		`- + vpmsumd 26, 8, 21`
		`- + vpmsumd 27, 5, 22`
		`- +`
		`- + vxor 24, 24, 25`
		`- + vxor 24, 24, 26`
		`- + vxor 24, 24, 27 # H`
		`- +`
		`- + vxor 24, 24, 29 # H + mH`
		`- +`
		`- + # sum hash and reduction with H Poly`
		`- + vsldoi 27, 23, 23, 8 # swap`
		`- + vpmsumd 23, 23, 2`
		`- + vxor 27, 27, 24`
		`- + vxor 23, 23, 27`
		`- +`
		`- + xxlor 32, 23+32, 23+32 # update hash`
		`- +`
		`- +.endm`
		`- +`
		`- +#`
		`- +# Compute update single hash`
		`- +#`
		`- +.macro ppc_update_hash_1x`
		`- + vxor 28, 28, 0`
		`- +`
		`- + vxor 19, 19, 19`
		`- +`
		`- + vpmsumd 22, 3, 28 # L`
		`- + vpmsumd 23, 4, 28 # M`
		`- + vpmsumd 24, 5, 28 # H`
		`- +`
		`- + vpmsumd 27, 22, 2 # reduction`
		`- +`
		`- + vsldoi 25, 23, 19, 8 # mL`
		`- + vsldoi 26, 19, 23, 8 # mH`
		`- + vxor 22, 22, 25 # LL + LL`
		`- + vxor 24, 24, 26 # HH + HH`
		`- +`
		`- + vsldoi 22, 22, 22, 8 # swap`
		`- + vxor 22, 22, 27`
		`- +`
		`- + vsldoi 20, 22, 22, 8 # swap`
		`- + vpmsumd 22, 22, 2 # reduction`
		`- + vxor 20, 20, 24`
		`- + vxor 22, 22, 20`
		`- +`
		`- + vmr 0, 22 # update hash`
		`- +`
		`- +.endm`
		`- +`
		`- +#`
		`- +# ppc_aes_gcm_encrypt (const void inp, void out, size_t len,`
		`- +# const AES_KEY *key, unsigned char iv[16],`
		`- +# void *Xip);`
		`- +#`
		`- +# r3 - inp`
		`- +# r4 - out`
		`- +# r5 - len`
		`- +# r6 - AES round keys`
		`- +# r7 - iv`
		`- +# r8 - Xi, HPoli, hash keys`
		`- +#`
		`- +.global ppc_aes_gcm_encrypt`
		`- +.align 5`
		`- +ppc_aes_gcm_encrypt:`
		`- +_ppc_aes_gcm_encrypt:`
		`- +`
		`- + stdu 1,-512(1)`
		`- + mflr 0`
		`- +`
		`- + std 14,112(1)`
		`- + std 15,120(1)`
		`- + std 16,128(1)`
		`- + std 17,136(1)`
		`- + std 18,144(1)`
		`- + std 19,152(1)`
		`- + std 20,160(1)`
		`- + std 21,168(1)`
		`- + li 9, 256`
		`- + stvx 20, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 21, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 22, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 23, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 24, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 25, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 26, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 27, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 28, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 29, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 30, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 31, 9, 1`
		`- + std 0, 528(1)`
		`- +`
		`- + # Load Xi`
		`- + lxvb16x 32, 0, 8 # load Xi`
		`- +`
		`- + # load Hash - h^4, h^3, h^2, h`
		`- + li 10, 32`
		`- + lxvd2x 2+32, 10, 8 # H Poli`
		`- + li 10, 48`
		`- + lxvd2x 3+32, 10, 8 # Hl`
		`- + li 10, 64`
		`- + lxvd2x 4+32, 10, 8 # H`
		`- + li 10, 80`
		`- + lxvd2x 5+32, 10, 8 # Hh`
		`- +`
		`- + li 10, 96`
		`- + lxvd2x 6+32, 10, 8 # H^2l`
		`- + li 10, 112`
		`- + lxvd2x 7+32, 10, 8 # H^2`
		`- + li 10, 128`
		`- + lxvd2x 8+32, 10, 8 # H^2h`
		`- +`
		`- + li 10, 144`
		`- + lxvd2x 9+32, 10, 8 # H^3l`
		`- + li 10, 160`
		`- + lxvd2x 10+32, 10, 8 # H^3`
		`- + li 10, 176`
		`- + lxvd2x 11+32, 10, 8 # H^3h`
		`- +`
		`- + li 10, 192`
		`- + lxvd2x 12+32, 10, 8 # H^4l`
		`- + li 10, 208`
		`- + lxvd2x 13+32, 10, 8 # H^4`
		`- + li 10, 224`
		`- + lxvd2x 14+32, 10, 8 # H^4h`
		`- +`
		`- + # initialize ICB: GHASH( IV ), IV - r7`
		`- + lxvb16x 30+32, 0, 7 # load IV - v30`
		`- +`
		`- + mr 12, 5 # length`
		`- + li 11, 0 # block index`
		`- +`
		`- + # counter 1`
		`- + vxor 31, 31, 31`
		`- + vspltisb 22, 1`
		`- + vsldoi 31, 31, 22,1 # counter 1`
		`- +`
		`- + # load round key to VSR`
		`- + lxv 0, 0(6)`
		`- + lxv 1, 0x10(6)`
		`- + lxv 2, 0x20(6)`
		`- + lxv 3, 0x30(6)`
		`- + lxv 4, 0x40(6)`
		`- + lxv 5, 0x50(6)`
		`- + lxv 6, 0x60(6)`
		`- + lxv 7, 0x70(6)`
		`- + lxv 8, 0x80(6)`
		`- + lxv 9, 0x90(6)`
		`- + lxv 10, 0xa0(6)`
		`- +`
		`- + # load rounds - 10 (128), 12 (192), 14 (256)`
		`- + lwz 9,240(6)`
		`- +`
		`- + #`
		`- + # vxor state, state, w # addroundkey`
		`- + xxlor 32+29, 0, 0`
		`- + vxor 15, 30, 29 # IV + round key - add round key 0`
		`- +`
		`- + cmpdi 9, 10`
		`- + beq Loop_aes_gcm_8x`
		`- +`
		`- + # load 2 more round keys (v11, v12)`
		`- + lxv 11, 0xb0(6)`
		`- + lxv 12, 0xc0(6)`
		`- +`
		`- + cmpdi 9, 12`
		`- + beq Loop_aes_gcm_8x`
		`- +`
		`- + # load 2 more round keys (v11, v12, v13, v14)`
		`- + lxv 13, 0xd0(6)`
		`- + lxv 14, 0xe0(6)`
		`- + cmpdi 9, 14`
		`- + beq Loop_aes_gcm_8x`
		`- +`
		`- + b aes_gcm_out`
		`- +`
		`- +.align 5`
		`- +Loop_aes_gcm_8x:`
		`- + mr 14, 3`
		`- + mr 9, 4`
		`- +`
		`- + # n blocks`
		`- + li 10, 128`
		`- + divdu 10, 5, 10 # n 128 bytes-blocks`
		`- + cmpdi 10, 0`
		`- + beq Loop_last_block`
		`- +`
		`- + vaddudm 30, 30, 31 # IV + counter`
		`- + vxor 16, 30, 29`
		`- + vaddudm 30, 30, 31`
		`- + vxor 17, 30, 29`
		`- + vaddudm 30, 30, 31`
		`- + vxor 18, 30, 29`
		`- + vaddudm 30, 30, 31`
		`- + vxor 19, 30, 29`
		`- + vaddudm 30, 30, 31`
		`- + vxor 20, 30, 29`
		`- + vaddudm 30, 30, 31`
		`- + vxor 21, 30, 29`
		`- + vaddudm 30, 30, 31`
		`- + vxor 22, 30, 29`
		`- +`
		`- + mtctr 10`
		`- +`
		`- + li 15, 16`
		`- + li 16, 32`
		`- + li 17, 48`
		`- + li 18, 64`
		`- + li 19, 80`
		`- + li 20, 96`
		`- + li 21, 112`
		`- +`
		`- + lwz 10, 240(6)`
		`- +`
		`- +Loop_8x_block:`
		`- +`
		`- + lxvb16x 15, 0, 14 # load block`
		`- + lxvb16x 16, 15, 14 # load block`
		`- + lxvb16x 17, 16, 14 # load block`
		`- + lxvb16x 18, 17, 14 # load block`
		`- + lxvb16x 19, 18, 14 # load block`
		`- + lxvb16x 20, 19, 14 # load block`
		`- + lxvb16x 21, 20, 14 # load block`
		`- + lxvb16x 22, 21, 14 # load block`
		`- + addi 14, 14, 128`
		`- +`
		`- + Loop_aes_middle8x`
		`- +`
		`- + xxlor 23+32, 10, 10`
		`- +`
		`- + cmpdi 10, 10`
		`- + beq Do_next_ghash`
		`- +`
		`- + # 192 bits`
		`- + xxlor 24+32, 11, 11`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 16, 16, 23`
		`- + vcipher 17, 17, 23`
		`- + vcipher 18, 18, 23`
		`- + vcipher 19, 19, 23`
		`- + vcipher 20, 20, 23`
		`- + vcipher 21, 21, 23`
		`- + vcipher 22, 22, 23`
		`- +`
		`- + vcipher 15, 15, 24`
		`- + vcipher 16, 16, 24`
		`- + vcipher 17, 17, 24`
		`- + vcipher 18, 18, 24`
		`- + vcipher 19, 19, 24`
		`- + vcipher 20, 20, 24`
		`- + vcipher 21, 21, 24`
		`- + vcipher 22, 22, 24`
		`- +`
		`- + xxlor 23+32, 12, 12`
		`- +`
		`- + cmpdi 10, 12`
		`- + beq Do_next_ghash`
		`- +`
		`- + # 256 bits`
		`- + xxlor 24+32, 13, 13`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 16, 16, 23`
		`- + vcipher 17, 17, 23`
		`- + vcipher 18, 18, 23`
		`- + vcipher 19, 19, 23`
		`- + vcipher 20, 20, 23`
		`- + vcipher 21, 21, 23`
		`- + vcipher 22, 22, 23`
		`- +`
		`- + vcipher 15, 15, 24`
		`- + vcipher 16, 16, 24`
		`- + vcipher 17, 17, 24`
		`- + vcipher 18, 18, 24`
		`- + vcipher 19, 19, 24`
		`- + vcipher 20, 20, 24`
		`- + vcipher 21, 21, 24`
		`- + vcipher 22, 22, 24`
		`- +`
		`- + xxlor 23+32, 14, 14`
		`- +`
		`- + cmpdi 10, 14`
		`- + beq Do_next_ghash`
		`- + b aes_gcm_out`
		`- +`
		`- +Do_next_ghash:`
		`- +`
		`- + #`
		`- + # last round`
		`- + vcipherlast 15, 15, 23`
		`- + vcipherlast 16, 16, 23`
		`- +`
		`- + xxlxor 47, 47, 15`
		`- + stxvb16x 47, 0, 9 # store output`
		`- + xxlxor 48, 48, 16`
		`- + stxvb16x 48, 15, 9 # store output`
		`- +`
		`- + vcipherlast 17, 17, 23`
		`- + vcipherlast 18, 18, 23`
		`- +`
		`- + xxlxor 49, 49, 17`
		`- + stxvb16x 49, 16, 9 # store output`
		`- + xxlxor 50, 50, 18`
		`- + stxvb16x 50, 17, 9 # store output`
		`- +`
		`- + vcipherlast 19, 19, 23`
		`- + vcipherlast 20, 20, 23`
		`- +`
		`- + xxlxor 51, 51, 19`
		`- + stxvb16x 51, 18, 9 # store output`
		`- + xxlxor 52, 52, 20`
		`- + stxvb16x 52, 19, 9 # store output`
		`- +`
		`- + vcipherlast 21, 21, 23`
		`- + vcipherlast 22, 22, 23`
		`- +`
		`- + xxlxor 53, 53, 21`
		`- + stxvb16x 53, 20, 9 # store output`
		`- + xxlxor 54, 54, 22`
		`- + stxvb16x 54, 21, 9 # store output`
		`- +`
		`- + addi 9, 9, 128`
		`- +`
		`- + # ghash here`
		`- + ppc_aes_gcm_ghash2_4x`
		`- +`
		`- + xxlor 27+32, 0, 0`
		`- + vaddudm 30, 30, 31 # IV + counter`
		`- + vmr 29, 30`
		`- + vxor 15, 30, 27 # add round key`
		`- + vaddudm 30, 30, 31`
		`- + vxor 16, 30, 27`
		`- + vaddudm 30, 30, 31`
		`- + vxor 17, 30, 27`
		`- + vaddudm 30, 30, 31`
		`- + vxor 18, 30, 27`
		`- + vaddudm 30, 30, 31`
		`- + vxor 19, 30, 27`
		`- + vaddudm 30, 30, 31`
		`- + vxor 20, 30, 27`
		`- + vaddudm 30, 30, 31`
		`- + vxor 21, 30, 27`
		`- + vaddudm 30, 30, 31`
		`- + vxor 22, 30, 27`
		`- +`
		`- + addi 12, 12, -128`
		`- + addi 11, 11, 128`
		`- +`
		`- + bdnz Loop_8x_block`
		`- +`
		`- + vmr 30, 29`
		`- +`
		`- +Loop_last_block:`
		`- + cmpdi 12, 0`
		`- + beq aes_gcm_out`
		`- +`
		`- + # loop last few blocks`
		`- + li 10, 16`
		`- + divdu 10, 12, 10`
		`- +`
		`- + mtctr 10`
		`- +`
		`- + lwz 10, 240(6)`
		`- +`
		`- + cmpdi 12, 16`
		`- + blt Final_block`
		`- +`
		`- +.macro Loop_aes_middle_1x`
		`- + xxlor 19+32, 1, 1`
		`- + xxlor 20+32, 2, 2`
		`- + xxlor 21+32, 3, 3`
		`- + xxlor 22+32, 4, 4`
		`- +`
		`- + vcipher 15, 15, 19`
		`- + vcipher 15, 15, 20`
		`- + vcipher 15, 15, 21`
		`- + vcipher 15, 15, 22`
		`- +`
		`- + xxlor 19+32, 5, 5`
		`- + xxlor 20+32, 6, 6`
		`- + xxlor 21+32, 7, 7`
		`- + xxlor 22+32, 8, 8`
		`- +`
		`- + vcipher 15, 15, 19`
		`- + vcipher 15, 15, 20`
		`- + vcipher 15, 15, 21`
		`- + vcipher 15, 15, 22`
		`- +`
		`- + xxlor 19+32, 9, 9`
		`- + vcipher 15, 15, 19`
		`- +.endm`
		`- +`
		`- +Next_rem_block:`
		`- + lxvb16x 15, 0, 14 # load block`
		`- +`
		`- + Loop_aes_middle_1x`
		`- +`
		`- + xxlor 23+32, 10, 10`
		`- +`
		`- + cmpdi 10, 10`
		`- + beq Do_next_1x`
		`- +`
		`- + # 192 bits`
		`- + xxlor 24+32, 11, 11`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 15, 15, 24`
		`- +`
		`- + xxlor 23+32, 12, 12`
		`- +`
		`- + cmpdi 10, 12`
		`- + beq Do_next_1x`
		`- +`
		`- + # 256 bits`
		`- + xxlor 24+32, 13, 13`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 15, 15, 24`
		`- +`
		`- + xxlor 23+32, 14, 14`
		`- +`
		`- + cmpdi 10, 14`
		`- + beq Do_next_1x`
		`- +`
		`- +Do_next_1x:`
		`- + vcipherlast 15, 15, 23`
		`- +`
		`- + xxlxor 47, 47, 15`
		`- + stxvb16x 47, 0, 9 # store output`
		`- + addi 14, 14, 16`
		`- + addi 9, 9, 16`
		`- +`
		`- + vmr 28, 15`
		`- + ppc_update_hash_1x`
		`- +`
		`- + addi 12, 12, -16`
		`- + addi 11, 11, 16`
		`- + xxlor 19+32, 0, 0`
		`- + vaddudm 30, 30, 31 # IV + counter`
		`- + vxor 15, 30, 19 # add round key`
		`- +`
		`- + bdnz Next_rem_block`
		`- +`
		`- + cmpdi 12, 0`
		`- + beq aes_gcm_out`
		`- +`
		`- +Final_block:`
		`- + Loop_aes_middle_1x`
		`- +`
		`- + xxlor 23+32, 10, 10`
		`- +`
		`- + cmpdi 10, 10`
		`- + beq Do_final_1x`
		`- +`
		`- + # 192 bits`
		`- + xxlor 24+32, 11, 11`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 15, 15, 24`
		`- +`
		`- + xxlor 23+32, 12, 12`
		`- +`
		`- + cmpdi 10, 12`
		`- + beq Do_final_1x`
		`- +`
		`- + # 256 bits`
		`- + xxlor 24+32, 13, 13`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 15, 15, 24`
		`- +`
		`- + xxlor 23+32, 14, 14`
		`- +`
		`- + cmpdi 10, 14`
		`- + beq Do_final_1x`
		`- +`
		`- +Do_final_1x:`
		`- + vcipherlast 15, 15, 23`
		`- +`
		`- + lxvb16x 15, 0, 14 # load last block`
		`- + xxlxor 47, 47, 15`
		`- +`
		`- + # create partial block mask`
		`- + li 15, 16`
		`- + sub 15, 15, 12 # index to the mask`
		`- +`
		`- + vspltisb 16, -1 # first 16 bytes - 0xffff...ff`
		`- + vspltisb 17, 0 # second 16 bytes - 0x0000...00`
		`- + li 10, 192`
		`- + stvx 16, 10, 1`
		`- + addi 10, 10, 16`
		`- + stvx 17, 10, 1`
		`- +`
		`- + addi 10, 1, 192`
		`- + lxvb16x 16, 15, 10 # load partial block mask`
		`- + xxland 47, 47, 16`
		`- +`
		`- + vmr 28, 15`
		`- + ppc_update_hash_1x`
		`- +`
		`- + # * should store only the remaining bytes.`
		`- + bl Write_partial_block`
		`- +`
		`- + b aes_gcm_out`
		`- +`
		`- +#`
		`- +# Write partial block`
		`- +# r9 - output`
		`- +# r12 - remaining bytes`
		`- +# v15 - partial input data`
		`- +#`
		`- +Write_partial_block:`
		`- + li 10, 192`
		`- + stxvb16x 15+32, 10, 1 # last block`
		`- +`
		`- + #add 10, 9, 11 # Output`
		`- + addi 10, 9, -1`
		`- + addi 16, 1, 191`
		`- +`
		`- + mtctr 12 # remaining bytes`
		`- + li 15, 0`
		`- +`
		`- +Write_last_byte:`
		`- + lbzu 14, 1(16)`
		`- + stbu 14, 1(10)`
		`- + bdnz Write_last_byte`
		`- + blr`
		`- +`
		`- +aes_gcm_out:`
		`- + # out = state`
		`- + stxvb16x 32, 0, 8 # write out Xi`
		`- + add 3, 11, 12 # return count`
		`- +`
		`- + li 9, 256`
		`- + lvx 20, 9, 1`
		`- + addi 9, 9, 16`
		`- + lvx 21, 9, 1`
		`- + addi 9, 9, 16`
		`- + lvx 22, 9, 1`
		`- + addi 9, 9, 16`
		`- + lvx 23, 9, 1`
		`- + addi 9, 9, 16`
		`- + lvx 24, 9, 1`
		`- + addi 9, 9, 16`
		`- + lvx 25, 9, 1`
		`- + addi 9, 9, 16`
		`- + lvx 26, 9, 1`
		`- + addi 9, 9, 16`
		`- + lvx 27, 9, 1`
		`- + addi 9, 9, 16`
		`- + lvx 28, 9, 1`
		`- + addi 9, 9, 16`
		`- + lvx 29, 9, 1`
		`- + addi 9, 9, 16`
		`- + lvx 30, 9, 1`
		`- + addi 9, 9, 16`
		`- + lvx 31, 9, 1`
		`- +`
		`- + ld 0, 528(1)`
		`- + ld 14,112(1)`
		`- + ld 15,120(1)`
		`- + ld 16,128(1)`
		`- + ld 17,136(1)`
		`- + ld 18,144(1)`
		`- + ld 19,152(1)`
		`- + ld 20,160(1)`
		`- + ld 21,168(1)`
		`- +`
		`- + mtlr 0`
		`- + addi 1, 1, 512`
		`- + blr`
		`- +`
		`- +#`
		`- +# 8x Decrypt`
		`- +#`
		`- +.global ppc_aes_gcm_decrypt`
		`- +.align 5`
		`- +ppc_aes_gcm_decrypt:`
		`- +_ppc_aes_gcm_decrypt:`
		`- +`
		`- + stdu 1,-512(1)`
		`- + mflr 0`
		`- +`
		`- + std 14,112(1)`
		`- + std 15,120(1)`
		`- + std 16,128(1)`
		`- + std 17,136(1)`
		`- + std 18,144(1)`
		`- + std 19,152(1)`
		`- + std 20,160(1)`
		`- + std 21,168(1)`
		`- + li 9, 256`
		`- + stvx 20, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 21, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 22, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 23, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 24, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 25, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 26, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 27, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 28, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 29, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 30, 9, 1`
		`- + addi 9, 9, 16`
		`- + stvx 31, 9, 1`
		`- + std 0, 528(1)`
		`- +`
		`- + # Load Xi`
		`- + lxvb16x 32, 0, 8 # load Xi`
		`- +`
		`- + # load Hash - h^4, h^3, h^2, h`
		`- + li 10, 32`
		`- + lxvd2x 2+32, 10, 8 # H Poli`
		`- + li 10, 48`
		`- + lxvd2x 3+32, 10, 8 # Hl`
		`- + li 10, 64`
		`- + lxvd2x 4+32, 10, 8 # H`
		`- + li 10, 80`
		`- + lxvd2x 5+32, 10, 8 # Hh`
		`- +`
		`- + li 10, 96`
		`- + lxvd2x 6+32, 10, 8 # H^2l`
		`- + li 10, 112`
		`- + lxvd2x 7+32, 10, 8 # H^2`
		`- + li 10, 128`
		`- + lxvd2x 8+32, 10, 8 # H^2h`
		`- +`
		`- + li 10, 144`
		`- + lxvd2x 9+32, 10, 8 # H^3l`
		`- + li 10, 160`
		`- + lxvd2x 10+32, 10, 8 # H^3`
		`- + li 10, 176`
		`- + lxvd2x 11+32, 10, 8 # H^3h`
		`- +`
		`- + li 10, 192`
		`- + lxvd2x 12+32, 10, 8 # H^4l`
		`- + li 10, 208`
		`- + lxvd2x 13+32, 10, 8 # H^4`
		`- + li 10, 224`
		`- + lxvd2x 14+32, 10, 8 # H^4h`
		`- +`
		`- + # initialize ICB: GHASH( IV ), IV - r7`
		`- + lxvb16x 30+32, 0, 7 # load IV - v30`
		`- +`
		`- + mr 12, 5 # length`
		`- + li 11, 0 # block index`
		`- +`
		`- + # counter 1`
		`- + vxor 31, 31, 31`
		`- + vspltisb 22, 1`
		`- + vsldoi 31, 31, 22,1 # counter 1`
		`- +`
		`- + # load round key to VSR`
		`- + lxv 0, 0(6)`
		`- + lxv 1, 0x10(6)`
		`- + lxv 2, 0x20(6)`
		`- + lxv 3, 0x30(6)`
		`- + lxv 4, 0x40(6)`
		`- + lxv 5, 0x50(6)`
		`- + lxv 6, 0x60(6)`
		`- + lxv 7, 0x70(6)`
		`- + lxv 8, 0x80(6)`
		`- + lxv 9, 0x90(6)`
		`- + lxv 10, 0xa0(6)`
		`- +`
		`- + # load rounds - 10 (128), 12 (192), 14 (256)`
		`- + lwz 9,240(6)`
		`- +`
		`- + #`
		`- + # vxor state, state, w # addroundkey`
		`- + xxlor 32+29, 0, 0`
		`- + vxor 15, 30, 29 # IV + round key - add round key 0`
		`- +`
		`- + cmpdi 9, 10`
		`- + beq Loop_aes_gcm_8x_dec`
		`- +`
		`- + # load 2 more round keys (v11, v12)`
		`- + lxv 11, 0xb0(6)`
		`- + lxv 12, 0xc0(6)`
		`- +`
		`- + cmpdi 9, 12`
		`- + beq Loop_aes_gcm_8x_dec`
		`- +`
		`- + # load 2 more round keys (v11, v12, v13, v14)`
		`- + lxv 13, 0xd0(6)`
		`- + lxv 14, 0xe0(6)`
		`- + cmpdi 9, 14`
		`- + beq Loop_aes_gcm_8x_dec`
		`- +`
		`- + b aes_gcm_out`
		`- +`
		`- +.align 5`
		`- +Loop_aes_gcm_8x_dec:`
		`- + mr 14, 3`
		`- + mr 9, 4`
		`- +`
		`- + # n blocks`
		`- + li 10, 128`
		`- + divdu 10, 5, 10 # n 128 bytes-blocks`
		`- + cmpdi 10, 0`
		`- + beq Loop_last_block_dec`
		`- +`
		`- + vaddudm 30, 30, 31 # IV + counter`
		`- + vxor 16, 30, 29`
		`- + vaddudm 30, 30, 31`
		`- + vxor 17, 30, 29`
		`- + vaddudm 30, 30, 31`
		`- + vxor 18, 30, 29`
		`- + vaddudm 30, 30, 31`
		`- + vxor 19, 30, 29`
		`- + vaddudm 30, 30, 31`
		`- + vxor 20, 30, 29`
		`- + vaddudm 30, 30, 31`
		`- + vxor 21, 30, 29`
		`- + vaddudm 30, 30, 31`
		`- + vxor 22, 30, 29`
		`- +`
		`- + mtctr 10`
		`- +`
		`- + li 15, 16`
		`- + li 16, 32`
		`- + li 17, 48`
		`- + li 18, 64`
		`- + li 19, 80`
		`- + li 20, 96`
		`- + li 21, 112`
		`- +`
		`- + lwz 10, 240(6)`
		`- +`
		`- +Loop_8x_block_dec:`
		`- +`
		`- + lxvb16x 15, 0, 14 # load block`
		`- + lxvb16x 16, 15, 14 # load block`
		`- + lxvb16x 17, 16, 14 # load block`
		`- + lxvb16x 18, 17, 14 # load block`
		`- + lxvb16x 19, 18, 14 # load block`
		`- + lxvb16x 20, 19, 14 # load block`
		`- + lxvb16x 21, 20, 14 # load block`
		`- + lxvb16x 22, 21, 14 # load block`
		`- + addi 14, 14, 128`
		`- +`
		`- + Loop_aes_middle8x`
		`- +`
		`- + xxlor 23+32, 10, 10`
		`- +`
		`- + cmpdi 10, 10`
		`- + beq Do_last_aes_dec`
		`- +`
		`- + # 192 bits`
		`- + xxlor 24+32, 11, 11`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 16, 16, 23`
		`- + vcipher 17, 17, 23`
		`- + vcipher 18, 18, 23`
		`- + vcipher 19, 19, 23`
		`- + vcipher 20, 20, 23`
		`- + vcipher 21, 21, 23`
		`- + vcipher 22, 22, 23`
		`- +`
		`- + vcipher 15, 15, 24`
		`- + vcipher 16, 16, 24`
		`- + vcipher 17, 17, 24`
		`- + vcipher 18, 18, 24`
		`- + vcipher 19, 19, 24`
		`- + vcipher 20, 20, 24`
		`- + vcipher 21, 21, 24`
		`- + vcipher 22, 22, 24`
		`- +`
		`- + xxlor 23+32, 12, 12`
		`- +`
		`- + cmpdi 10, 12`
		`- + beq Do_last_aes_dec`
		`- +`
		`- + # 256 bits`
		`- + xxlor 24+32, 13, 13`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 16, 16, 23`
		`- + vcipher 17, 17, 23`
		`- + vcipher 18, 18, 23`
		`- + vcipher 19, 19, 23`
		`- + vcipher 20, 20, 23`
		`- + vcipher 21, 21, 23`
		`- + vcipher 22, 22, 23`
		`- +`
		`- + vcipher 15, 15, 24`
		`- + vcipher 16, 16, 24`
		`- + vcipher 17, 17, 24`
		`- + vcipher 18, 18, 24`
		`- + vcipher 19, 19, 24`
		`- + vcipher 20, 20, 24`
		`- + vcipher 21, 21, 24`
		`- + vcipher 22, 22, 24`
		`- +`
		`- + xxlor 23+32, 14, 14`
		`- +`
		`- + cmpdi 10, 14`
		`- + beq Do_last_aes_dec`
		`- + b aes_gcm_out`
		`- +`
		`- +Do_last_aes_dec:`
		`- +`
		`- + #`
		`- + # last round`
		`- + vcipherlast 15, 15, 23`
		`- + vcipherlast 16, 16, 23`
		`- +`
		`- + xxlxor 47, 47, 15`
		`- + stxvb16x 47, 0, 9 # store output`
		`- + xxlxor 48, 48, 16`
		`- + stxvb16x 48, 15, 9 # store output`
		`- +`
		`- + vcipherlast 17, 17, 23`
		`- + vcipherlast 18, 18, 23`
		`- +`
		`- + xxlxor 49, 49, 17`
		`- + stxvb16x 49, 16, 9 # store output`
		`- + xxlxor 50, 50, 18`
		`- + stxvb16x 50, 17, 9 # store output`
		`- +`
		`- + vcipherlast 19, 19, 23`
		`- + vcipherlast 20, 20, 23`
		`- +`
		`- + xxlxor 51, 51, 19`
		`- + stxvb16x 51, 18, 9 # store output`
		`- + xxlxor 52, 52, 20`
		`- + stxvb16x 52, 19, 9 # store output`
		`- +`
		`- + vcipherlast 21, 21, 23`
		`- + vcipherlast 22, 22, 23`
		`- +`
		`- + xxlxor 53, 53, 21`
		`- + stxvb16x 53, 20, 9 # store output`
		`- + xxlxor 54, 54, 22`
		`- + stxvb16x 54, 21, 9 # store output`
		`- +`
		`- + addi 9, 9, 128`
		`- +`
		`- + xxlor 15+32, 15, 15`
		`- + xxlor 16+32, 16, 16`
		`- + xxlor 17+32, 17, 17`
		`- + xxlor 18+32, 18, 18`
		`- + xxlor 19+32, 19, 19`
		`- + xxlor 20+32, 20, 20`
		`- + xxlor 21+32, 21, 21`
		`- + xxlor 22+32, 22, 22`
		`- +`
		`- + # ghash here`
		`- + ppc_aes_gcm_ghash2_4x`
		`- +`
		`- + xxlor 27+32, 0, 0`
		`- + vaddudm 30, 30, 31 # IV + counter`
		`- + vmr 29, 30`
		`- + vxor 15, 30, 27 # add round key`
		`- + vaddudm 30, 30, 31`
		`- + vxor 16, 30, 27`
		`- + vaddudm 30, 30, 31`
		`- + vxor 17, 30, 27`
		`- + vaddudm 30, 30, 31`
		`- + vxor 18, 30, 27`
		`- + vaddudm 30, 30, 31`
		`- + vxor 19, 30, 27`
		`- + vaddudm 30, 30, 31`
		`- + vxor 20, 30, 27`
		`- + vaddudm 30, 30, 31`
		`- + vxor 21, 30, 27`
		`- + vaddudm 30, 30, 31`
		`- + vxor 22, 30, 27`
		`- + addi 12, 12, -128`
		`- + addi 11, 11, 128`
		`- +`
		`- + bdnz Loop_8x_block_dec`
		`- +`
		`- + vmr 30, 29`
		`- +`
		`- +Loop_last_block_dec:`
		`- + cmpdi 12, 0`
		`- + beq aes_gcm_out`
		`- +`
		`- + # loop last few blocks`
		`- + li 10, 16`
		`- + divdu 10, 12, 10`
		`- +`
		`- + mtctr 10`
		`- +`
		`- + lwz 10,240(6)`
		`- +`
		`- + cmpdi 12, 16`
		`- + blt Final_block_dec`
		`- +`
		`- +Next_rem_block_dec:`
		`- + lxvb16x 15, 0, 14 # load block`
		`- +`
		`- + Loop_aes_middle_1x`
		`- +`
		`- + xxlor 23+32, 10, 10`
		`- +`
		`- + cmpdi 10, 10`
		`- + beq Do_next_1x_dec`
		`- +`
		`- + # 192 bits`
		`- + xxlor 24+32, 11, 11`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 15, 15, 24`
		`- +`
		`- + xxlor 23+32, 12, 12`
		`- +`
		`- + cmpdi 10, 12`
		`- + beq Do_next_1x_dec`
		`- +`
		`- + # 256 bits`
		`- + xxlor 24+32, 13, 13`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 15, 15, 24`
		`- +`
		`- + xxlor 23+32, 14, 14`
		`- +`
		`- + cmpdi 10, 14`
		`- + beq Do_next_1x_dec`
		`- +`
		`- +Do_next_1x_dec:`
		`- + vcipherlast 15, 15, 23`
		`- +`
		`- + xxlxor 47, 47, 15`
		`- + stxvb16x 47, 0, 9 # store output`
		`- + addi 14, 14, 16`
		`- + addi 9, 9, 16`
		`- +`
		`- + xxlor 28+32, 15, 15`
		`- + ppc_update_hash_1x`
		`- +`
		`- + addi 12, 12, -16`
		`- + addi 11, 11, 16`
		`- + xxlor 19+32, 0, 0`
		`- + vaddudm 30, 30, 31 # IV + counter`
		`- + vxor 15, 30, 19 # add round key`
		`- +`
		`- + bdnz Next_rem_block_dec`
		`- +`
		`- + cmpdi 12, 0`
		`- + beq aes_gcm_out`
		`- +`
		`- +Final_block_dec:`
		`- + Loop_aes_middle_1x`
		`- +`
		`- + xxlor 23+32, 10, 10`
		`- +`
		`- + cmpdi 10, 10`
		`- + beq Do_final_1x_dec`
		`- +`
		`- + # 192 bits`
		`- + xxlor 24+32, 11, 11`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 15, 15, 24`
		`- +`
		`- + xxlor 23+32, 12, 12`
		`- +`
		`- + cmpdi 10, 12`
		`- + beq Do_final_1x_dec`
		`- +`
		`- + # 256 bits`
		`- + xxlor 24+32, 13, 13`
		`- +`
		`- + vcipher 15, 15, 23`
		`- + vcipher 15, 15, 24`
		`- +`
		`- + xxlor 23+32, 14, 14`
		`- +`
		`- + cmpdi 10, 14`
		`- + beq Do_final_1x_dec`
		`- +`
		`- +Do_final_1x_dec:`
		`- + vcipherlast 15, 15, 23`
		`- +`
		`- + lxvb16x 15, 0, 14 # load block`
		`- + xxlxor 47, 47, 15`
		`- +`
		`- + # create partial block mask`
		`- + li 15, 16`
		`- + sub 15, 15, 12 # index to the mask`
		`- +`
		`- + vspltisb 16, -1 # first 16 bytes - 0xffff...ff`
		`- + vspltisb 17, 0 # second 16 bytes - 0x0000...00`
		`- + li 10, 192`
		`- + stvx 16, 10, 1`
		`- + addi 10, 10, 16`
		`- + stvx 17, 10, 1`
		`- +`
		`- + addi 10, 1, 192`
		`- + lxvb16x 16, 15, 10 # load block mask`
		`- + xxland 47, 47, 16`
		`- +`
		`- + xxlor 28+32, 15, 15`
		`- + ppc_update_hash_1x`
		`- +`
		`- + # * should store only the remaining bytes.`
		`- + bl Write_partial_block`
		`- +`
		`- + b aes_gcm_out`
		`- +`
		`- +`
		`- +___`
		`- +`
		`- +foreach (split("\n",$code)) {`
		- + s/\`([^\`]*)\`/eval $1/geo;
		`- +`
		`- + if ($flavour =~ /le$/o) { # little-endian`
		`- + s/le\?//o or`
		`- + s/be\?/#be#/o;`
		`- + } else {`
		`- + s/le\?/#le#/o or`
		`- + s/be\?//o;`
		`- + }`
		`- + print $_,"\n";`
		`- +}`
		`- +`
		`- +close STDOUT or die "error closing STDOUT: $!"; # enforce flush`
		`- diff --git a/crypto/modes/build.info b/crypto/modes/build.info`
		`- index 687e872..0ea122e 100644`
		`- --- a/crypto/modes/build.info`
		`- +++ b/crypto/modes/build.info`
		`- @@ -32,7 +32,7 @@ IF[{- !$disabled{asm} -}]`
		`- $MODESASM_parisc20_64=$MODESASM_parisc11`
		`- $MODESDEF_parisc20_64=$MODESDEF_parisc11`
		`-`
		`- - $MODESASM_ppc32=ghashp8-ppc.s`
		`- + $MODESASM_ppc32=ghashp8-ppc.s aes-gcm-ppc.s`
		`- $MODESDEF_ppc32=`
		`- $MODESASM_ppc64=$MODESASM_ppc32`
		`- $MODESDEF_ppc64=$MODESDEF_ppc32`
		`- @@ -71,6 +71,7 @@ INCLUDE[ghash-sparcv9.o]=..`
		`- GENERATE[ghash-alpha.S]=asm/ghash-alpha.pl`
		`- GENERATE[ghash-parisc.s]=asm/ghash-parisc.pl`
		`- GENERATE[ghashp8-ppc.s]=asm/ghashp8-ppc.pl`
		`- +GENERATE[aes-gcm-ppc.s]=asm/aes-gcm-ppc.pl`
		`- GENERATE[ghash-armv4.S]=asm/ghash-armv4.pl`
		`- INCLUDE[ghash-armv4.o]=..`
		`- GENERATE[ghashv8-armx.S]=asm/ghashv8-armx.pl`
		`- diff --git a/include/crypto/aes_platform.h b/include/crypto/aes_platform.h`
		`- index e95ad5a..0c281a3 100644`
		`- --- a/include/crypto/aes_platform.h`
		`- +++ b/include/crypto/aes_platform.h`
		`- @@ -74,6 +74,26 @@ void AES_xts_decrypt(const unsigned char inp, unsigned char out, size_t len,`
		`- # define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks`
		`- # define HWAES_xts_encrypt aes_p8_xts_encrypt`
		`- # define HWAES_xts_decrypt aes_p8_xts_decrypt`
		`- +# define PPC_AES_GCM_CAPABLE (OPENSSL_ppccap_P & PPC_MADD300)`
		`- +# define AES_GCM_ENC_BYTES 128`
		`- +# define AES_GCM_DEC_BYTES 128`
		`- +size_t ppc_aes_gcm_encrypt(const unsigned char in, unsigned char out,`
		`- + size_t len, const void *key, unsigned char ivec[16],`
		`- + u64 *Xi);`
		`- +size_t ppc_aes_gcm_decrypt(const unsigned char in, unsigned char out,`
		`- + size_t len, const void *key, unsigned char ivec[16],`
		`- + u64 *Xi);`
		`- +size_t ppc_aes_gcm_encrypt_wrap(const unsigned char in, unsigned char out,`
		`- + size_t len, const void *key,`
		`- + unsigned char ivec[16], u64 *Xi);`
		`- +size_t ppc_aes_gcm_decrypt_wrap(const unsigned char in, unsigned char out,`
		`- + size_t len, const void *key,`
		`- + unsigned char ivec[16], u64 *Xi);`
		`- +# define AES_gcm_encrypt ppc_aes_gcm_encrypt_wrap`
		`- +# define AES_gcm_decrypt ppc_aes_gcm_decrypt_wrap`
		`- +# define AES_GCM_ASM(gctx) ((gctx)->ctr==aes_p8_ctr32_encrypt_blocks && \`
		`- + (gctx)->gcm.ghash==gcm_ghash_p8)`
		`- +void gcm_ghash_p8(u64 Xi[2],const u128 Htable[16],const u8 *inp, size_t len);`
		`- # endif /* PPC */`
		`-`
		`- # if (defined(__arm__) \|\| defined(__arm) \|\| defined(__aarch64__))`
		`- diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw.c b/providers/implementations/ciphers/cipher_aes_gcm_hw.c`
		`- index 44fa9d4..789ec12 100644`
		`- --- a/providers/implementations/ciphers/cipher_aes_gcm_hw.c`
		`- +++ b/providers/implementations/ciphers/cipher_aes_gcm_hw.c`
		`- @@ -141,6 +141,8 @@ static const PROV_GCM_HW aes_gcm = {`
		`- # include "cipher_aes_gcm_hw_t4.inc"`
		`- #elif defined(AES_PMULL_CAPABLE) && defined(AES_GCM_ASM)`
		`- # include "cipher_aes_gcm_hw_armv8.inc"`
		`- +#elif defined(PPC_AES_GCM_CAPABLE)`
		`- +# include "cipher_aes_gcm_hw_ppc.inc"`
		`- #else`
		`- const PROV_GCM_HW *ossl_prov_aes_hw_gcm(size_t keybits)`
		`- {`
		`- diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc b/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc`
		`- new file mode 100644`
		`- index 0000000..4eed0f4`
		`- --- /dev/null`
		`- +++ b/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc`
		`- @@ -0,0 +1,119 @@`
		`- +/*`
		`- + * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.`
		`- + *`
		`- + * Licensed under the Apache License 2.0 (the "License"). You may not use`
		`- + * this file except in compliance with the License. You can obtain a copy`
		`- + * in the file LICENSE in the source distribution or at`
		`- + * https://www.openssl.org/source/license.html`
		`- + */`
		`- +`
		`- +/*-`
		`- + * PPC support for AES GCM.`
		`- + * This file is included by cipher_aes_gcm_hw.c`
		`- + */`
		`- +`
		`- +static int aes_ppc_gcm_initkey(PROV_GCM_CTX ctx, const unsigned char key,`
		`- + size_t keylen)`
		`- +{`
		`- + PROV_AES_GCM_CTX actx = (PROV_AES_GCM_CTX )ctx;`
		`- + AES_KEY *ks = &actx->ks.ks;`
		`- +`
		`- + GCM_HW_SET_KEY_CTR_FN(ks, aes_p8_set_encrypt_key, aes_p8_encrypt,`
		`- + aes_p8_ctr32_encrypt_blocks);`
		`- + return 1;`
		`- +}`
		`- +`
		`- +`
		`- +extern size_t ppc_aes_gcm_encrypt(const unsigned char in, unsigned char out, size_t len,`
		`- + const void key, unsigned char ivec[16], u64 Xi);`
		`- +extern size_t ppc_aes_gcm_decrypt(const unsigned char in, unsigned char out, size_t len,`
		`- + const void key, unsigned char ivec[16], u64 Xi);`
		`- +`
		`- +static inline u32 UTO32(unsigned char *buf)`
		`- +{`
		`- + return ((u32) buf[0] << 24) \| ((u32) buf[1] << 16) \| ((u32) buf[2] << 8) \| ((u32) buf[3]);`
		`- +}`
		`- +`
		`- +static inline u32 add32TOU(unsigned char buf[4], u32 n)`
		`- +{`
		`- + u32 r;`
		`- +`
		`- + r = UTO32(buf);`
		`- + r += n;`
		`- + buf[0] = (unsigned char) (r >> 24) & 0xFF;`
		`- + buf[1] = (unsigned char) (r >> 16) & 0xFF;`
		`- + buf[2] = (unsigned char) (r >> 8) & 0xFF;`
		`- + buf[3] = (unsigned char) r & 0xFF;`
		`- + return r;`
		`- +}`
		`- +`
		`- +static size_t aes_p10_gcm_crypt(const unsigned char in, unsigned char out, size_t len,`
		`- + const void key, unsigned char ivec[16], u64 Xi, int encrypt)`
		`- +{`
		`- + int s = 0;`
		`- + int ndone = 0;`
		`- + int ctr_reset = 0;`
		`- + u64 blocks_unused;`
		`- + u64 nb = len / 16;`
		`- + u64 next_ctr = 0;`
		`- + unsigned char ctr_saved[12];`
		`- +`
		`- + memcpy(ctr_saved, ivec, 12);`
		`- +`
		`- + while (nb) {`
		`- + blocks_unused = (u64) 0xffffffffU + 1 - (u64) UTO32 (ivec + 12);`
		`- + if (nb > blocks_unused) {`
		`- + len = blocks_unused * 16;`
		`- + nb -= blocks_unused;`
		`- + next_ctr = blocks_unused;`
		`- + ctr_reset = 1;`
		`- + } else {`
		`- + len = nb * 16;`
		`- + next_ctr = nb;`
		`- + nb = 0;`
		`- + }`
		`- +`
		`- + s = encrypt ? ppc_aes_gcm_encrypt(in, out, len, key, ivec, Xi)`
		`- + : ppc_aes_gcm_decrypt(in, out, len, key, ivec, Xi);`
		`- +`
		`- + /* add counter to ivec */`
		`- + add32TOU(ivec + 12, (u32) next_ctr);`
		`- + if (ctr_reset) {`
		`- + ctr_reset = 0;`
		`- + in += len;`
		`- + out += len;`
		`- + }`
		`- + memcpy(ivec, ctr_saved, 12);`
		`- + ndone += s;`
		`- + }`
		`- +`
		`- + return ndone;`
		`- +}`
		`- +`
		`- +size_t ppc_aes_gcm_encrypt_wrap(const unsigned char in, unsigned char out, size_t len,`
		`- + const void key, unsigned char ivec[16], u64 Xi)`
		`- +{`
		`- + return aes_p10_gcm_crypt(in, out, len, key, ivec, Xi, 1);`
		`- +}`
		`- +`
		`- +size_t ppc_aes_gcm_decrypt_wrap(const unsigned char in, unsigned char out, size_t len,`
		`- + const void key, unsigned char ivec[16], u64 Xi)`
		`- +{`
		`- + return aes_p10_gcm_crypt(in, out, len, key, ivec, Xi, 0);`
		`- +}`
		`- +`
		`- +`
		`- +static const PROV_GCM_HW aes_ppc_gcm = {`
		`- + aes_ppc_gcm_initkey,`
		`- + ossl_gcm_setiv,`
		`- + ossl_gcm_aad_update,`
		`- + generic_aes_gcm_cipher_update,`
		`- + ossl_gcm_cipher_final,`
		`- + ossl_gcm_one_shot`
		`- +};`
		`- +`
		`- +const PROV_GCM_HW *ossl_prov_aes_hw_gcm(size_t keybits)`
		`- +{`
		`- + return PPC_AES_GCM_CAPABLE ? &aes_ppc_gcm : &aes_gcm;`
		`- +}`
		`- +`

0072-ChaCha20-performance-optimizations-for-ppc64le.patch

file removed

-1493

		`@@ -1,1493 +0,0 @@`
		`- Upstream-Status: Backport [`
		`- https://github.com/openssl/openssl/commit/f596bbe4da779b56eea34d96168b557d78e1149,`
		`- https://github.com/openssl/openssl/commit/7e1f3ffcc5bc15fb9a12b9e3bb202f544c6ed5aa,`
		`- hunks in crypto/ppccap.c from https://github.com/openssl/openssl/commit/f5485b97b6c9977c0d39c7669b9f97a879312447`
		`- ]`
		`- diff --git a/crypto/chacha/asm/chachap10-ppc.pl b/crypto/chacha/asm/chachap10-ppc.pl`
		`- new file mode 100755`
		`- index 0000000..36e9a8d`
		`- --- /dev/null`
		`- +++ b/crypto/chacha/asm/chachap10-ppc.pl`
		`- @@ -0,0 +1,1288 @@`
		`- +#! /usr/bin/env perl`
		`- +# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.`
		`- +#`
		`- +# Licensed under the Apache License 2.0 (the "License"). You may not use`
		`- +# this file except in compliance with the License. You can obtain a copy`
		`- +# in the file LICENSE in the source distribution or at`
		`- +# https://www.openssl.org/source/license.html`
		`- +`
		`- +#`
		`- +# ====================================================================`
		`- +# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL`
		`- +# project. The module is, however, dual licensed under OpenSSL and`
		`- +# CRYPTOGAMS licenses depending on where you obtain it. For further`
		`- +# details see http://www.openssl.org/~appro/cryptogams/.`
		`- +# ====================================================================`
		`- +#`
		`- +# October 2015`
		`- +#`
		`- +# ChaCha20 for PowerPC/AltiVec.`
		`- +#`
		`- +# June 2018`
		`- +#`
		`- +# Add VSX 2.07 code path. Original 3xAltiVec+1xIALU is well-suited for`
		`- +# processors that can't issue more than one vector instruction per`
		`- +# cycle. But POWER8 (and POWER9) can issue a pair, and vector-only 4x`
		`- +# interleave would perform better. Incidentally PowerISA 2.07 (first`
		`- +# implemented by POWER8) defined new usable instructions, hence 4xVSX`
		`- +# code path...`
		`- +#`
		`- +# Performance in cycles per byte out of large buffer.`
		`- +#`
		`- +# IALU/gcc-4.x 3xAltiVec+1xIALU 4xVSX`
		`- +#`
		`- +# Freescale e300 13.6/+115% - -`
		`- +# PPC74x0/G4e 6.81/+310% 3.81 -`
		`- +# PPC970/G5 9.29/+160% ? -`
		`- +# POWER7 8.62/+61% 3.35 -`
		`- +# POWER8 8.70/+51% 2.91 2.09`
		`- +# POWER9 8.80/+29% 4.44() 2.45(*)`
		`- +#`
		`- +# (*) this is trade-off result, it's possible to improve it, but`
		`- +# then it would negatively affect all others;`
		`- +# (**) POWER9 seems to be "allergic" to mixing vector and integer`
		`- +# instructions, which is why switch to vector-only code pays`
		`- +# off that much;`
		`- +`
		`- +# $output is the last argument if it looks like a file (it has an extension)`
		`- +# $flavour is the first argument if it doesn't look like a file`
		`- +$output = $#ARGV >= 0 && $ARGV[$#ARGV] =~ m\|\.\w+$\| ? pop : undef;`
		`- +$flavour = $#ARGV >= 0 && $ARGV[0] !~ m\|\.\| ? shift : undef;`
		`- +`
		`- +if ($flavour =~ /64/) {`
		`- + $SIZE_T =8;`
		`- + $LRSAVE =2*$SIZE_T;`
		`- + $STU ="stdu";`
		`- + $POP ="ld";`
		`- + $PUSH ="std";`
		`- + $UCMP ="cmpld";`
		`- +} elsif ($flavour =~ /32/) {`
		`- + $SIZE_T =4;`
		`- + $LRSAVE =$SIZE_T;`
		`- + $STU ="stwu";`
		`- + $POP ="lwz";`
		`- + $PUSH ="stw";`
		`- + $UCMP ="cmplw";`
		`- +} else { die "nonsense $flavour"; }`
		`- +`
		`- +$LITTLE_ENDIAN = ($flavour=~/le$/) ? 1 : 0;`
		`- +`
		`- +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;`
		`- +( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or`
		`- +( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or`
		`- +die "can't locate ppc-xlate.pl";`
		`- +`
		`- +open STDOUT,"\| $^X $xlate $flavour \"$output\""`
		`- + or die "can't call $xlate: $!";`
		`- +`
		`- +$LOCALS=6*$SIZE_T;`
		`- +$FRAME=$LOCALS+64+18*$SIZE_T; # 64 is for local variables`
		`- +`
		`- +sub AUTOLOAD() # thunk [simplified] x86-style perlasm`
		`- +{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://; $opcode =~ s/_/\./;`
		`- + $code .= "\t$opcode\t".join(',',@_)."\n";`
		`- +}`
		`- +`
		`- +my $sp = "r1";`
		`- +`
		`- +my ($out,$inp,$len,$key,$ctr) = map("r$_",(3..7));`
		`- +`
		`- +`
		`- +{{{`
		`- +my ($xa0,$xa1,$xa2,$xa3, $xb0,$xb1,$xb2,$xb3,`
		`- + $xc0,$xc1,$xc2,$xc3, $xd0,$xd1,$xd2,$xd3) = map("v$_",(0..15));`
		`- +my @K = map("v$_",(16..19));`
		`- +my $CTR = "v26";`
		`- +my ($xt0,$xt1,$xt2,$xt3) = map("v$_",(27..30));`
		`- +my ($sixteen,$twelve,$eight,$seven) = ($xt0,$xt1,$xt2,$xt3);`
		`- +my $beperm = "v31";`
		`- +`
		`- +my ($x00,$x10,$x20,$x30) = (0, map("r$_",(8..10)));`
		`- +`
		`- +my $FRAME=$LOCALS+64+716; # 716 is for v26-v31 offload`
		`- +`
		`- +`
		`- +sub VSX_lane_ROUND_4x {`
		`- +my ($a0,$b0,$c0,$d0)=@_;`
		`- +my ($a1,$b1,$c1,$d1)=map(($_&~3)+(($_+1)&3),($a0,$b0,$c0,$d0));`
		`- +my ($a2,$b2,$c2,$d2)=map(($_&~3)+(($_+1)&3),($a1,$b1,$c1,$d1));`
		`- +my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1)&3),($a2,$b2,$c2,$d2));`
		`- +my @x=map("\"v$_\"",(0..15));`
		`- +`
		`- + (`
		`- + "&vadduwm (@x[$a0],@x[$a0],@x[$b0])", # Q1`
		`- + "&vadduwm (@x[$a1],@x[$a1],@x[$b1])", # Q2`
		`- + "&vadduwm (@x[$a2],@x[$a2],@x[$b2])", # Q3`
		`- + "&vadduwm (@x[$a3],@x[$a3],@x[$b3])", # Q4`
		`- + "&vxor (@x[$d0],@x[$d0],@x[$a0])",`
		`- + "&vxor (@x[$d1],@x[$d1],@x[$a1])",`
		`- + "&vxor (@x[$d2],@x[$d2],@x[$a2])",`
		`- + "&vxor (@x[$d3],@x[$d3],@x[$a3])",`
		`- + "&vrlw (@x[$d0],@x[$d0],'$sixteen')",`
		`- + "&vrlw (@x[$d1],@x[$d1],'$sixteen')",`
		`- + "&vrlw (@x[$d2],@x[$d2],'$sixteen')",`
		`- + "&vrlw (@x[$d3],@x[$d3],'$sixteen')",`
		`- +`
		`- + "&vadduwm (@x[$c0],@x[$c0],@x[$d0])",`
		`- + "&vadduwm (@x[$c1],@x[$c1],@x[$d1])",`
		`- + "&vadduwm (@x[$c2],@x[$c2],@x[$d2])",`
		`- + "&vadduwm (@x[$c3],@x[$c3],@x[$d3])",`
		`- + "&vxor (@x[$b0],@x[$b0],@x[$c0])",`
		`- + "&vxor (@x[$b1],@x[$b1],@x[$c1])",`
		`- + "&vxor (@x[$b2],@x[$b2],@x[$c2])",`
		`- + "&vxor (@x[$b3],@x[$b3],@x[$c3])",`
		`- + "&vrlw (@x[$b0],@x[$b0],'$twelve')",`
		`- + "&vrlw (@x[$b1],@x[$b1],'$twelve')",`
		`- + "&vrlw (@x[$b2],@x[$b2],'$twelve')",`
		`- + "&vrlw (@x[$b3],@x[$b3],'$twelve')",`
		`- +`
		`- + "&vadduwm (@x[$a0],@x[$a0],@x[$b0])",`
		`- + "&vadduwm (@x[$a1],@x[$a1],@x[$b1])",`
		`- + "&vadduwm (@x[$a2],@x[$a2],@x[$b2])",`
		`- + "&vadduwm (@x[$a3],@x[$a3],@x[$b3])",`
		`- + "&vxor (@x[$d0],@x[$d0],@x[$a0])",`
		`- + "&vxor (@x[$d1],@x[$d1],@x[$a1])",`
		`- + "&vxor (@x[$d2],@x[$d2],@x[$a2])",`
		`- + "&vxor (@x[$d3],@x[$d3],@x[$a3])",`
		`- + "&vrlw (@x[$d0],@x[$d0],'$eight')",`
		`- + "&vrlw (@x[$d1],@x[$d1],'$eight')",`
		`- + "&vrlw (@x[$d2],@x[$d2],'$eight')",`
		`- + "&vrlw (@x[$d3],@x[$d3],'$eight')",`
		`- +`
		`- + "&vadduwm (@x[$c0],@x[$c0],@x[$d0])",`
		`- + "&vadduwm (@x[$c1],@x[$c1],@x[$d1])",`
		`- + "&vadduwm (@x[$c2],@x[$c2],@x[$d2])",`
		`- + "&vadduwm (@x[$c3],@x[$c3],@x[$d3])",`
		`- + "&vxor (@x[$b0],@x[$b0],@x[$c0])",`
		`- + "&vxor (@x[$b1],@x[$b1],@x[$c1])",`
		`- + "&vxor (@x[$b2],@x[$b2],@x[$c2])",`
		`- + "&vxor (@x[$b3],@x[$b3],@x[$c3])",`
		`- + "&vrlw (@x[$b0],@x[$b0],'$seven')",`
		`- + "&vrlw (@x[$b1],@x[$b1],'$seven')",`
		`- + "&vrlw (@x[$b2],@x[$b2],'$seven')",`
		`- + "&vrlw (@x[$b3],@x[$b3],'$seven')"`
		`- + );`
		`- +}`
		`- +`
		`- +$code.=<<___;`
		`- +`
		`- +.globl .ChaCha20_ctr32_vsx_p10`
		`- +.align 5`
		`- +.ChaCha20_ctr32_vsx_p10:`
		`- + ${UCMP}i $len,255`
		`- + bgt ChaCha20_ctr32_vsx_8x`
		`- + $STU $sp,-$FRAME($sp)`
		`- + mflr r0`
		- + li r10,`15+$LOCALS+64`
		- + li r11,`31+$LOCALS+64`
		`- + mfspr r12,256`
		`- + stvx v26,r10,$sp`
		`- + addi r10,r10,32`
		`- + stvx v27,r11,$sp`
		`- + addi r11,r11,32`
		`- + stvx v28,r10,$sp`
		`- + addi r10,r10,32`
		`- + stvx v29,r11,$sp`
		`- + addi r11,r11,32`
		`- + stvx v30,r10,$sp`
		`- + stvx v31,r11,$sp`
		- + stw r12,`$FRAME-4`($sp) # save vrsave
		`- + li r12,-4096+63`
		- + $PUSH r0, `$FRAME+$LRSAVE`($sp)
		`- + mtspr 256,r12 # preserve 29 AltiVec registers`
		`- +`
		`- + bl Lconsts # returns pointer Lsigma in r12`
		`- + lvx_4w @K[0],0,r12 # load sigma`
		`- + addi r12,r12,0x70`
		`- + li $x10,16`
		`- + li $x20,32`
		`- + li $x30,48`
		`- + li r11,64`
		`- +`
		`- + lvx_4w @K[1],0,$key # load key`
		`- + lvx_4w @K[2],$x10,$key`
		`- + lvx_4w @K[3],0,$ctr # load counter`
		`- +`
		`- + vxor $xt0,$xt0,$xt0`
		`- + lvx_4w $xt1,r11,r12`
		`- + vspltw $CTR,@K[3],0`
		`- + vsldoi @K[3],@K[3],$xt0,4`
		`- + vsldoi @K[3],$xt0,@K[3],12 # clear @K[3].word[0]`
		`- + vadduwm $CTR,$CTR,$xt1`
		`- +`
		`- + be?lvsl $beperm,0,$x10 # 0x00..0f`
		`- + be?vspltisb $xt0,3 # 0x03..03`
		`- + be?vxor $beperm,$beperm,$xt0 # swap bytes within words`
		`- +`
		`- + li r0,10 # inner loop counter`
		`- + mtctr r0`
		`- + b Loop_outer_vsx`
		`- +`
		`- +.align 5`
		`- +Loop_outer_vsx:`
		`- + lvx $xa0,$x00,r12 # load [smashed] sigma`
		`- + lvx $xa1,$x10,r12`
		`- + lvx $xa2,$x20,r12`
		`- + lvx $xa3,$x30,r12`
		`- +`
		`- + vspltw $xb0,@K[1],0 # smash the key`
		`- + vspltw $xb1,@K[1],1`
		`- + vspltw $xb2,@K[1],2`
		`- + vspltw $xb3,@K[1],3`
		`- +`
		`- + vspltw $xc0,@K[2],0`
		`- + vspltw $xc1,@K[2],1`
		`- + vspltw $xc2,@K[2],2`
		`- + vspltw $xc3,@K[2],3`
		`- +`
		`- + vmr $xd0,$CTR # smash the counter`
		`- + vspltw $xd1,@K[3],1`
		`- + vspltw $xd2,@K[3],2`
		`- + vspltw $xd3,@K[3],3`
		`- +`
		`- + vspltisw $sixteen,-16 # synthesize constants`
		`- + vspltisw $twelve,12`
		`- + vspltisw $eight,8`
		`- + vspltisw $seven,7`
		`- +`
		`- +Loop_vsx_4x:`
		`- +___`
		`- + foreach (&VSX_lane_ROUND_4x(0, 4, 8,12)) { eval; }`
		`- + foreach (&VSX_lane_ROUND_4x(0, 5,10,15)) { eval; }`
		`- +$code.=<<___;`
		`- +`
		`- + bdnz Loop_vsx_4x`
		`- +`
		`- + vadduwm $xd0,$xd0,$CTR`
		`- +`
		`- + vmrgew $xt0,$xa0,$xa1 # transpose data`
		`- + vmrgew $xt1,$xa2,$xa3`
		`- + vmrgow $xa0,$xa0,$xa1`
		`- + vmrgow $xa2,$xa2,$xa3`
		`- + vmrgew $xt2,$xb0,$xb1`
		`- + vmrgew $xt3,$xb2,$xb3`
		`- + vpermdi $xa1,$xa0,$xa2,0b00`
		`- + vpermdi $xa3,$xa0,$xa2,0b11`
		`- + vpermdi $xa0,$xt0,$xt1,0b00`
		`- + vpermdi $xa2,$xt0,$xt1,0b11`
		`- +`
		`- + vmrgow $xb0,$xb0,$xb1`
		`- + vmrgow $xb2,$xb2,$xb3`
		`- + vmrgew $xt0,$xc0,$xc1`
		`- + vmrgew $xt1,$xc2,$xc3`
		`- + vpermdi $xb1,$xb0,$xb2,0b00`
		`- + vpermdi $xb3,$xb0,$xb2,0b11`
		`- + vpermdi $xb0,$xt2,$xt3,0b00`
		`- + vpermdi $xb2,$xt2,$xt3,0b11`
		`- +`
		`- + vmrgow $xc0,$xc0,$xc1`
		`- + vmrgow $xc2,$xc2,$xc3`
		`- + vmrgew $xt2,$xd0,$xd1`
		`- + vmrgew $xt3,$xd2,$xd3`
		`- + vpermdi $xc1,$xc0,$xc2,0b00`
		`- + vpermdi $xc3,$xc0,$xc2,0b11`
		`- + vpermdi $xc0,$xt0,$xt1,0b00`
		`- + vpermdi $xc2,$xt0,$xt1,0b11`
		`- +`
		`- + vmrgow $xd0,$xd0,$xd1`
		`- + vmrgow $xd2,$xd2,$xd3`
		`- + vspltisw $xt0,4`
		`- + vadduwm $CTR,$CTR,$xt0 # next counter value`
		`- + vpermdi $xd1,$xd0,$xd2,0b00`
		`- + vpermdi $xd3,$xd0,$xd2,0b11`
		`- + vpermdi $xd0,$xt2,$xt3,0b00`
		`- + vpermdi $xd2,$xt2,$xt3,0b11`
		`- +`
		`- + vadduwm $xa0,$xa0,@K[0]`
		`- + vadduwm $xb0,$xb0,@K[1]`
		`- + vadduwm $xc0,$xc0,@K[2]`
		`- + vadduwm $xd0,$xd0,@K[3]`
		`- +`
		`- + be?vperm $xa0,$xa0,$xa0,$beperm`
		`- + be?vperm $xb0,$xb0,$xb0,$beperm`
		`- + be?vperm $xc0,$xc0,$xc0,$beperm`
		`- + be?vperm $xd0,$xd0,$xd0,$beperm`
		`- +`
		`- + ${UCMP}i $len,0x40`
		`- + blt Ltail_vsx`
		`- +`
		`- + lvx_4w $xt0,$x00,$inp`
		`- + lvx_4w $xt1,$x10,$inp`
		`- + lvx_4w $xt2,$x20,$inp`
		`- + lvx_4w $xt3,$x30,$inp`
		`- +`
		`- + vxor $xt0,$xt0,$xa0`
		`- + vxor $xt1,$xt1,$xb0`
		`- + vxor $xt2,$xt2,$xc0`
		`- + vxor $xt3,$xt3,$xd0`
		`- +`
		`- + stvx_4w $xt0,$x00,$out`
		`- + stvx_4w $xt1,$x10,$out`
		`- + addi $inp,$inp,0x40`
		`- + stvx_4w $xt2,$x20,$out`
		`- + subi $len,$len,0x40`
		`- + stvx_4w $xt3,$x30,$out`
		`- + addi $out,$out,0x40`
		`- + beq Ldone_vsx`
		`- +`
		`- + vadduwm $xa0,$xa1,@K[0]`
		`- + vadduwm $xb0,$xb1,@K[1]`
		`- + vadduwm $xc0,$xc1,@K[2]`
		`- + vadduwm $xd0,$xd1,@K[3]`
		`- +`
		`- + be?vperm $xa0,$xa0,$xa0,$beperm`
		`- + be?vperm $xb0,$xb0,$xb0,$beperm`
		`- + be?vperm $xc0,$xc0,$xc0,$beperm`
		`- + be?vperm $xd0,$xd0,$xd0,$beperm`
		`- +`
		`- + ${UCMP}i $len,0x40`
		`- + blt Ltail_vsx`
		`- +`
		`- + lvx_4w $xt0,$x00,$inp`
		`- + lvx_4w $xt1,$x10,$inp`
		`- + lvx_4w $xt2,$x20,$inp`
		`- + lvx_4w $xt3,$x30,$inp`
		`- +`
		`- + vxor $xt0,$xt0,$xa0`
		`- + vxor $xt1,$xt1,$xb0`
		`- + vxor $xt2,$xt2,$xc0`
		`- + vxor $xt3,$xt3,$xd0`
		`- +`
		`- + stvx_4w $xt0,$x00,$out`
		`- + stvx_4w $xt1,$x10,$out`
		`- + addi $inp,$inp,0x40`
		`- + stvx_4w $xt2,$x20,$out`
		`- + subi $len,$len,0x40`
		`- + stvx_4w $xt3,$x30,$out`
		`- + addi $out,$out,0x40`
		`- + beq Ldone_vsx`
		`- +`
		`- + vadduwm $xa0,$xa2,@K[0]`
		`- + vadduwm $xb0,$xb2,@K[1]`
		`- + vadduwm $xc0,$xc2,@K[2]`
		`- + vadduwm $xd0,$xd2,@K[3]`
		`- +`
		`- + be?vperm $xa0,$xa0,$xa0,$beperm`
		`- + be?vperm $xb0,$xb0,$xb0,$beperm`
		`- + be?vperm $xc0,$xc0,$xc0,$beperm`
		`- + be?vperm $xd0,$xd0,$xd0,$beperm`
		`- +`
		`- + ${UCMP}i $len,0x40`
		`- + blt Ltail_vsx`
		`- +`
		`- + lvx_4w $xt0,$x00,$inp`
		`- + lvx_4w $xt1,$x10,$inp`
		`- + lvx_4w $xt2,$x20,$inp`
		`- + lvx_4w $xt3,$x30,$inp`
		`- +`
		`- + vxor $xt0,$xt0,$xa0`
		`- + vxor $xt1,$xt1,$xb0`
		`- + vxor $xt2,$xt2,$xc0`
		`- + vxor $xt3,$xt3,$xd0`
		`- +`
		`- + stvx_4w $xt0,$x00,$out`
		`- + stvx_4w $xt1,$x10,$out`
		`- + addi $inp,$inp,0x40`
		`- + stvx_4w $xt2,$x20,$out`
		`- + subi $len,$len,0x40`
		`- + stvx_4w $xt3,$x30,$out`
		`- + addi $out,$out,0x40`
		`- + beq Ldone_vsx`
		`- +`
		`- + vadduwm $xa0,$xa3,@K[0]`
		`- + vadduwm $xb0,$xb3,@K[1]`
		`- + vadduwm $xc0,$xc3,@K[2]`
		`- + vadduwm $xd0,$xd3,@K[3]`
		`- +`
		`- + be?vperm $xa0,$xa0,$xa0,$beperm`
		`- + be?vperm $xb0,$xb0,$xb0,$beperm`
		`- + be?vperm $xc0,$xc0,$xc0,$beperm`
		`- + be?vperm $xd0,$xd0,$xd0,$beperm`
		`- +`
		`- + ${UCMP}i $len,0x40`
		`- + blt Ltail_vsx`
		`- +`
		`- + lvx_4w $xt0,$x00,$inp`
		`- + lvx_4w $xt1,$x10,$inp`
		`- + lvx_4w $xt2,$x20,$inp`
		`- + lvx_4w $xt3,$x30,$inp`
		`- +`
		`- + vxor $xt0,$xt0,$xa0`
		`- + vxor $xt1,$xt1,$xb0`
		`- + vxor $xt2,$xt2,$xc0`
		`- + vxor $xt3,$xt3,$xd0`
		`- +`
		`- + stvx_4w $xt0,$x00,$out`
		`- + stvx_4w $xt1,$x10,$out`
		`- + addi $inp,$inp,0x40`
		`- + stvx_4w $xt2,$x20,$out`
		`- + subi $len,$len,0x40`
		`- + stvx_4w $xt3,$x30,$out`
		`- + addi $out,$out,0x40`
		`- + mtctr r0`
		`- + bne Loop_outer_vsx`
		`- +`
		`- +Ldone_vsx:`
		- + lwz r12,`$FRAME-4`($sp) # pull vrsave
		- + li r10,`15+$LOCALS+64`
		- + li r11,`31+$LOCALS+64`
		- + $POP r0, `$FRAME+$LRSAVE`($sp)
		`- + mtspr 256,r12 # restore vrsave`
		`- + lvx v26,r10,$sp`
		`- + addi r10,r10,32`
		`- + lvx v27,r11,$sp`
		`- + addi r11,r11,32`
		`- + lvx v28,r10,$sp`
		`- + addi r10,r10,32`
		`- + lvx v29,r11,$sp`
		`- + addi r11,r11,32`
		`- + lvx v30,r10,$sp`
		`- + lvx v31,r11,$sp`
		`- + mtlr r0`
		`- + addi $sp,$sp,$FRAME`
		`- + blr`
		`- +`
		`- +.align 4`
		`- +Ltail_vsx:`
		`- + addi r11,$sp,$LOCALS`
		`- + mtctr $len`
		`- + stvx_4w $xa0,$x00,r11 # offload block to stack`
		`- + stvx_4w $xb0,$x10,r11`
		`- + stvx_4w $xc0,$x20,r11`
		`- + stvx_4w $xd0,$x30,r11`
		`- + subi r12,r11,1 # prepare for *++ptr`
		`- + subi $inp,$inp,1`
		`- + subi $out,$out,1`
		`- +`
		`- +Loop_tail_vsx:`
		`- + lbzu r6,1(r12)`
		`- + lbzu r7,1($inp)`
		`- + xor r6,r6,r7`
		`- + stbu r6,1($out)`
		`- + bdnz Loop_tail_vsx`
		`- +`
		`- + stvx_4w $K[0],$x00,r11 # wipe copy of the block`
		`- + stvx_4w $K[0],$x10,r11`
		`- + stvx_4w $K[0],$x20,r11`
		`- + stvx_4w $K[0],$x30,r11`
		`- +`
		`- + b Ldone_vsx`
		`- + .long 0`
		`- + .byte 0,12,0x04,1,0x80,0,5,0`
		`- + .long 0`
		`- +.size .ChaCha20_ctr32_vsx_p10,.-.ChaCha20_ctr32_vsx_p10`
		`- +___`
		`- +}}}`
		`- +`
		`- +##This is 8 block in parallel implementation. The heart of chacha round uses vector instruction that has access to`
		`- +# vsr[32+X]. To perform the 8 parallel block we tend to use all 32 register to hold the 8 block info.`
		`- +# WE need to store few register value on side, so we can use VSR{32+X} for few vector instructions used in round op and hold intermediate value.`
		`- +# WE use the VSR[0]-VSR[31] for holding intermediate value and perform 8 block in parallel.`
		`- +#`
		`- +{{{`
		`- +#### ($out,$inp,$len,$key,$ctr) = map("r$_",(3..7));`
		`- +my ($xa0,$xa1,$xa2,$xa3, $xb0,$xb1,$xb2,$xb3,`
		`- + $xc0,$xc1,$xc2,$xc3, $xd0,$xd1,$xd2,$xd3,`
		`- + $xa4,$xa5,$xa6,$xa7, $xb4,$xb5,$xb6,$xb7,`
		`- + $xc4,$xc5,$xc6,$xc7, $xd4,$xd5,$xd6,$xd7) = map("v$_",(0..31));`
		`- +my ($xcn4,$xcn5,$xcn6,$xcn7, $xdn4,$xdn5,$xdn6,$xdn7) = map("v$_",(8..15));`
		`- +my ($xan0,$xbn0,$xcn0,$xdn0) = map("v$_",(0..3));`
		`- +my @K = map("v$_",27,(24..26));`
		`- +my ($xt0,$xt1,$xt2,$xt3,$xt4) = map("v$_",23,(28..31));`
		`- +my $xr0 = "v4";`
		`- +my $CTR0 = "v22";`
		`- +my $CTR1 = "v5";`
		`- +my $beperm = "v31";`
		`- +my ($x00,$x10,$x20,$x30) = (0, map("r$_",(8..10)));`
		`- +my ($xv0,$xv1,$xv2,$xv3,$xv4,$xv5,$xv6,$xv7) = map("v$_",(0..7));`
		`- +my ($xv8,$xv9,$xv10,$xv11,$xv12,$xv13,$xv14,$xv15,$xv16,$xv17) = map("v$_",(8..17));`
		`- +my ($xv18,$xv19,$xv20,$xv21) = map("v$_",(18..21));`
		`- +my ($xv22,$xv23,$xv24,$xv25,$xv26) = map("v$_",(22..26));`
		`- +`
		`- +my $FRAME=$LOCALS+64+916; # 816 is for v24-v31 offload`
		`- +`
		`- +sub VSX_lane_ROUND_8x {`
		`- +my ($a0,$b0,$c0,$d0,$a4,$b4,$c4,$d4)=@_;`
		`- +my ($a1,$b1,$c1,$d1)=map(($_&~3)+(($_+1)&3),($a0,$b0,$c0,$d0));`
		`- +my ($a2,$b2,$c2,$d2)=map(($_&~3)+(($_+1)&3),($a1,$b1,$c1,$d1));`
		`- +my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1)&3),($a2,$b2,$c2,$d2));`
		`- +my ($a5,$b5,$c5,$d5)=map(($_&~3)+(($_+1)&3),($a4,$b4,$c4,$d4));`
		`- +my ($a6,$b6,$c6,$d6)=map(($_&~3)+(($_+1)&3),($a5,$b5,$c5,$d5));`
		`- +my ($a7,$b7,$c7,$d7)=map(($_&~3)+(($_+1)&3),($a6,$b6,$c6,$d6));`
		`- +my ($xv8,$xv9,$xv10,$xv11,$xv12,$xv13,$xv14,$xv15,$xv16,$xv17) = map("\"v$_\"",(8..17));`
		`- +my @x=map("\"v$_\"",(0..31));`
		`- +`
		`- + (`
		`- + "&vxxlor ($xv15 ,@x[$c7],@x[$c7])", #copy v30 to v13`
		`- + "&vxxlorc (@x[$c7], $xv9,$xv9)",`
		`- +`
		`- + "&vadduwm (@x[$a0],@x[$a0],@x[$b0])", # Q1`
		`- + "&vadduwm (@x[$a1],@x[$a1],@x[$b1])", # Q2`
		`- + "&vadduwm (@x[$a2],@x[$a2],@x[$b2])", # Q3`
		`- + "&vadduwm (@x[$a3],@x[$a3],@x[$b3])", # Q4`
		`- + "&vadduwm (@x[$a4],@x[$a4],@x[$b4])", # Q1`
		`- + "&vadduwm (@x[$a5],@x[$a5],@x[$b5])", # Q2`
		`- + "&vadduwm (@x[$a6],@x[$a6],@x[$b6])", # Q3`
		`- + "&vadduwm (@x[$a7],@x[$a7],@x[$b7])", # Q4`
		`- +`
		`- + "&vxor (@x[$d0],@x[$d0],@x[$a0])",`
		`- + "&vxor (@x[$d1],@x[$d1],@x[$a1])",`
		`- + "&vxor (@x[$d2],@x[$d2],@x[$a2])",`
		`- + "&vxor (@x[$d3],@x[$d3],@x[$a3])",`
		`- + "&vxor (@x[$d4],@x[$d4],@x[$a4])",`
		`- + "&vxor (@x[$d5],@x[$d5],@x[$a5])",`
		`- + "&vxor (@x[$d6],@x[$d6],@x[$a6])",`
		`- + "&vxor (@x[$d7],@x[$d7],@x[$a7])",`
		`- +`
		`- + "&vrlw (@x[$d0],@x[$d0],@x[$c7])",`
		`- + "&vrlw (@x[$d1],@x[$d1],@x[$c7])",`
		`- + "&vrlw (@x[$d2],@x[$d2],@x[$c7])",`
		`- + "&vrlw (@x[$d3],@x[$d3],@x[$c7])",`
		`- + "&vrlw (@x[$d4],@x[$d4],@x[$c7])",`
		`- + "&vrlw (@x[$d5],@x[$d5],@x[$c7])",`
		`- + "&vrlw (@x[$d6],@x[$d6],@x[$c7])",`
		`- + "&vrlw (@x[$d7],@x[$d7],@x[$c7])",`
		`- +`
		`- + "&vxxlor ($xv13 ,@x[$a7],@x[$a7])",`
		`- + "&vxxlorc (@x[$c7], $xv15,$xv15)",`
		`- + "&vxxlorc (@x[$a7], $xv10,$xv10)",`
		`- +`
		`- + "&vadduwm (@x[$c0],@x[$c0],@x[$d0])",`
		`- + "&vadduwm (@x[$c1],@x[$c1],@x[$d1])",`
		`- + "&vadduwm (@x[$c2],@x[$c2],@x[$d2])",`
		`- + "&vadduwm (@x[$c3],@x[$c3],@x[$d3])",`
		`- + "&vadduwm (@x[$c4],@x[$c4],@x[$d4])",`
		`- + "&vadduwm (@x[$c5],@x[$c5],@x[$d5])",`
		`- + "&vadduwm (@x[$c6],@x[$c6],@x[$d6])",`
		`- + "&vadduwm (@x[$c7],@x[$c7],@x[$d7])",`
		`- +`
		`- + "&vxor (@x[$b0],@x[$b0],@x[$c0])",`
		`- + "&vxor (@x[$b1],@x[$b1],@x[$c1])",`
		`- + "&vxor (@x[$b2],@x[$b2],@x[$c2])",`
		`- + "&vxor (@x[$b3],@x[$b3],@x[$c3])",`
		`- + "&vxor (@x[$b4],@x[$b4],@x[$c4])",`
		`- + "&vxor (@x[$b5],@x[$b5],@x[$c5])",`
		`- + "&vxor (@x[$b6],@x[$b6],@x[$c6])",`
		`- + "&vxor (@x[$b7],@x[$b7],@x[$c7])",`
		`- +`
		`- + "&vrlw (@x[$b0],@x[$b0],@x[$a7])",`
		`- + "&vrlw (@x[$b1],@x[$b1],@x[$a7])",`
		`- + "&vrlw (@x[$b2],@x[$b2],@x[$a7])",`
		`- + "&vrlw (@x[$b3],@x[$b3],@x[$a7])",`
		`- + "&vrlw (@x[$b4],@x[$b4],@x[$a7])",`
		`- + "&vrlw (@x[$b5],@x[$b5],@x[$a7])",`
		`- + "&vrlw (@x[$b6],@x[$b6],@x[$a7])",`
		`- + "&vrlw (@x[$b7],@x[$b7],@x[$a7])",`
		`- +`
		`- + "&vxxlorc (@x[$a7], $xv13,$xv13)",`
		`- + "&vxxlor ($xv15 ,@x[$c7],@x[$c7])",`
		`- + "&vxxlorc (@x[$c7], $xv11,$xv11)",`
		`- +`
		`- +`
		`- + "&vadduwm (@x[$a0],@x[$a0],@x[$b0])",`
		`- + "&vadduwm (@x[$a1],@x[$a1],@x[$b1])",`
		`- + "&vadduwm (@x[$a2],@x[$a2],@x[$b2])",`
		`- + "&vadduwm (@x[$a3],@x[$a3],@x[$b3])",`
		`- + "&vadduwm (@x[$a4],@x[$a4],@x[$b4])",`
		`- + "&vadduwm (@x[$a5],@x[$a5],@x[$b5])",`
		`- + "&vadduwm (@x[$a6],@x[$a6],@x[$b6])",`
		`- + "&vadduwm (@x[$a7],@x[$a7],@x[$b7])",`
		`- +`
		`- + "&vxor (@x[$d0],@x[$d0],@x[$a0])",`
		`- + "&vxor (@x[$d1],@x[$d1],@x[$a1])",`
		`- + "&vxor (@x[$d2],@x[$d2],@x[$a2])",`
		`- + "&vxor (@x[$d3],@x[$d3],@x[$a3])",`
		`- + "&vxor (@x[$d4],@x[$d4],@x[$a4])",`
		`- + "&vxor (@x[$d5],@x[$d5],@x[$a5])",`
		`- + "&vxor (@x[$d6],@x[$d6],@x[$a6])",`
		`- + "&vxor (@x[$d7],@x[$d7],@x[$a7])",`
		`- +`
		`- + "&vrlw (@x[$d0],@x[$d0],@x[$c7])",`
		`- + "&vrlw (@x[$d1],@x[$d1],@x[$c7])",`
		`- + "&vrlw (@x[$d2],@x[$d2],@x[$c7])",`
		`- + "&vrlw (@x[$d3],@x[$d3],@x[$c7])",`
		`- + "&vrlw (@x[$d4],@x[$d4],@x[$c7])",`
		`- + "&vrlw (@x[$d5],@x[$d5],@x[$c7])",`
		`- + "&vrlw (@x[$d6],@x[$d6],@x[$c7])",`
		`- + "&vrlw (@x[$d7],@x[$d7],@x[$c7])",`
		`- +`
		`- + "&vxxlorc (@x[$c7], $xv15,$xv15)",`
		`- + "&vxxlor ($xv13 ,@x[$a7],@x[$a7])",`
		`- + "&vxxlorc (@x[$a7], $xv12,$xv12)",`
		`- +`
		`- + "&vadduwm (@x[$c0],@x[$c0],@x[$d0])",`
		`- + "&vadduwm (@x[$c1],@x[$c1],@x[$d1])",`
		`- + "&vadduwm (@x[$c2],@x[$c2],@x[$d2])",`
		`- + "&vadduwm (@x[$c3],@x[$c3],@x[$d3])",`
		`- + "&vadduwm (@x[$c4],@x[$c4],@x[$d4])",`
		`- + "&vadduwm (@x[$c5],@x[$c5],@x[$d5])",`
		`- + "&vadduwm (@x[$c6],@x[$c6],@x[$d6])",`
		`- + "&vadduwm (@x[$c7],@x[$c7],@x[$d7])",`
		`- + "&vxor (@x[$b0],@x[$b0],@x[$c0])",`
		`- + "&vxor (@x[$b1],@x[$b1],@x[$c1])",`
		`- + "&vxor (@x[$b2],@x[$b2],@x[$c2])",`
		`- + "&vxor (@x[$b3],@x[$b3],@x[$c3])",`
		`- + "&vxor (@x[$b4],@x[$b4],@x[$c4])",`
		`- + "&vxor (@x[$b5],@x[$b5],@x[$c5])",`
		`- + "&vxor (@x[$b6],@x[$b6],@x[$c6])",`
		`- + "&vxor (@x[$b7],@x[$b7],@x[$c7])",`
		`- + "&vrlw (@x[$b0],@x[$b0],@x[$a7])",`
		`- + "&vrlw (@x[$b1],@x[$b1],@x[$a7])",`
		`- + "&vrlw (@x[$b2],@x[$b2],@x[$a7])",`
		`- + "&vrlw (@x[$b3],@x[$b3],@x[$a7])",`
		`- + "&vrlw (@x[$b4],@x[$b4],@x[$a7])",`
		`- + "&vrlw (@x[$b5],@x[$b5],@x[$a7])",`
		`- + "&vrlw (@x[$b6],@x[$b6],@x[$a7])",`
		`- + "&vrlw (@x[$b7],@x[$b7],@x[$a7])",`
		`- +`
		`- + "&vxxlorc (@x[$a7], $xv13,$xv13)",`
		`- + );`
		`- +}`
		`- +`
		`- +$code.=<<___;`
		`- +`
		`- +.globl .ChaCha20_ctr32_vsx_8x`
		`- +.align 5`
		`- +.ChaCha20_ctr32_vsx_8x:`
		`- + $STU $sp,-$FRAME($sp)`
		`- + mflr r0`
		- + li r10,`15+$LOCALS+64`
		- + li r11,`31+$LOCALS+64`
		`- + mfspr r12,256`
		`- + stvx v24,r10,$sp`
		`- + addi r10,r10,32`
		`- + stvx v25,r11,$sp`
		`- + addi r11,r11,32`
		`- + stvx v26,r10,$sp`
		`- + addi r10,r10,32`
		`- + stvx v27,r11,$sp`
		`- + addi r11,r11,32`
		`- + stvx v28,r10,$sp`
		`- + addi r10,r10,32`
		`- + stvx v29,r11,$sp`
		`- + addi r11,r11,32`
		`- + stvx v30,r10,$sp`
		`- + stvx v31,r11,$sp`
		- + stw r12,`$FRAME-4`($sp) # save vrsave
		`- + li r12,-4096+63`
		- + $PUSH r0, `$FRAME+$LRSAVE`($sp)
		`- + mtspr 256,r12 # preserve 29 AltiVec registers`
		`- +`
		`- + bl Lconsts # returns pointer Lsigma in r12`
		`- +`
		`- + lvx_4w @K[0],0,r12 # load sigma`
		`- + addi r12,r12,0x70`
		`- + li $x10,16`
		`- + li $x20,32`
		`- + li $x30,48`
		`- + li r11,64`
		`- +`
		`- + vspltisw $xa4,-16 # synthesize constants`
		`- + vspltisw $xb4,12 # synthesize constants`
		`- + vspltisw $xc4,8 # synthesize constants`
		`- + vspltisw $xd4,7 # synthesize constants`
		`- +`
		`- + lvx $xa0,$x00,r12 # load [smashed] sigma`
		`- + lvx $xa1,$x10,r12`
		`- + lvx $xa2,$x20,r12`
		`- + lvx $xa3,$x30,r12`
		`- +`
		`- + vxxlor $xv9 ,$xa4,$xa4 #save shift val in vr9-12`
		`- + vxxlor $xv10 ,$xb4,$xb4`
		`- + vxxlor $xv11 ,$xc4,$xc4`
		`- + vxxlor $xv12 ,$xd4,$xd4`
		`- + vxxlor $xv22 ,$xa0,$xa0 #save sigma in vr22-25`
		`- + vxxlor $xv23 ,$xa1,$xa1`
		`- + vxxlor $xv24 ,$xa2,$xa2`
		`- + vxxlor $xv25 ,$xa3,$xa3`
		`- +`
		`- + lvx_4w @K[1],0,$key # load key`
		`- + lvx_4w @K[2],$x10,$key`
		`- + lvx_4w @K[3],0,$ctr # load counter`
		`- + vspltisw $xt3,4`
		`- +`
		`- +`
		`- + vxor $xt2,$xt2,$xt2`
		`- + lvx_4w $xt1,r11,r12`
		`- + vspltw $xa2,@K[3],0 #save the original count after spltw`
		`- + vsldoi @K[3],@K[3],$xt2,4`
		`- + vsldoi @K[3],$xt2,@K[3],12 # clear @K[3].word[0]`
		`- + vadduwm $xt1,$xa2,$xt1`
		`- + vadduwm $xt3,$xt1,$xt3 # next counter value`
		`- + vspltw $xa0,@K[2],2 # save the K[2] spltw 2 and save v8.`
		`- +`
		`- + be?lvsl $beperm,0,$x10 # 0x00..0f`
		`- + be?vspltisb $xt0,3 # 0x03..03`
		`- + be?vxor $beperm,$beperm,$xt0 # swap bytes within words`
		`- + be?vxxlor $xv26 ,$beperm,$beperm`
		`- +`
		`- + vxxlor $xv0 ,@K[0],@K[0] # K0,k1,k2 to vr0,1,2`
		`- + vxxlor $xv1 ,@K[1],@K[1]`
		`- + vxxlor $xv2 ,@K[2],@K[2]`
		`- + vxxlor $xv3 ,@K[3],@K[3]`
		`- + vxxlor $xv4 ,$xt1,$xt1 #CTR ->4, CTR+4-> 5`
		`- + vxxlor $xv5 ,$xt3,$xt3`
		`- + vxxlor $xv8 ,$xa0,$xa0`
		`- +`
		`- + li r0,10 # inner loop counter`
		`- + mtctr r0`
		`- + b Loop_outer_vsx_8x`
		`- +`
		`- +.align 5`
		`- +Loop_outer_vsx_8x:`
		`- + vxxlorc $xa0,$xv22,$xv22 # load [smashed] sigma`
		`- + vxxlorc $xa1,$xv23,$xv23`
		`- + vxxlorc $xa2,$xv24,$xv24`
		`- + vxxlorc $xa3,$xv25,$xv25`
		`- + vxxlorc $xa4,$xv22,$xv22`
		`- + vxxlorc $xa5,$xv23,$xv23`
		`- + vxxlorc $xa6,$xv24,$xv24`
		`- + vxxlorc $xa7,$xv25,$xv25`
		`- +`
		`- + vspltw $xb0,@K[1],0 # smash the key`
		`- + vspltw $xb1,@K[1],1`
		`- + vspltw $xb2,@K[1],2`
		`- + vspltw $xb3,@K[1],3`
		`- + vspltw $xb4,@K[1],0 # smash the key`
		`- + vspltw $xb5,@K[1],1`
		`- + vspltw $xb6,@K[1],2`
		`- + vspltw $xb7,@K[1],3`
		`- +`
		`- + vspltw $xc0,@K[2],0`
		`- + vspltw $xc1,@K[2],1`
		`- + vspltw $xc2,@K[2],2`
		`- + vspltw $xc3,@K[2],3`
		`- + vspltw $xc4,@K[2],0`
		`- + vspltw $xc7,@K[2],3`
		`- + vspltw $xc5,@K[2],1`
		`- +`
		`- + vxxlorc $xd0,$xv4,$xv4 # smash the counter`
		`- + vspltw $xd1,@K[3],1`
		`- + vspltw $xd2,@K[3],2`
		`- + vspltw $xd3,@K[3],3`
		`- + vxxlorc $xd4,$xv5,$xv5 # smash the counter`
		`- + vspltw $xd5,@K[3],1`
		`- + vspltw $xd6,@K[3],2`
		`- + vspltw $xd7,@K[3],3`
		`- + vxxlorc $xc6,$xv8,$xv8 #copy of vlspt k[2],2 is in v8.v26 ->k[3] so need to wait until k3 is done`
		`- +`
		`- +Loop_vsx_8x:`
		`- +___`
		`- + foreach (&VSX_lane_ROUND_8x(0,4, 8,12,16,20,24,28)) { eval; }`
		`- + foreach (&VSX_lane_ROUND_8x(0,5,10,15,16,21,26,31)) { eval; }`
		`- +$code.=<<___;`
		`- +`
		`- + bdnz Loop_vsx_8x`
		`- + vxxlor $xv13 ,$xd4,$xd4 # save the register vr24-31`
		`- + vxxlor $xv14 ,$xd5,$xd5 #`
		`- + vxxlor $xv15 ,$xd6,$xd6 #`
		`- + vxxlor $xv16 ,$xd7,$xd7 #`
		`- +`
		`- + vxxlor $xv18 ,$xc4,$xc4 #`
		`- + vxxlor $xv19 ,$xc5,$xc5 #`
		`- + vxxlor $xv20 ,$xc6,$xc6 #`
		`- + vxxlor $xv21 ,$xc7,$xc7 #`
		`- +`
		`- + vxxlor $xv6 ,$xb6,$xb6 # save vr23, so we get 8 regs`
		`- + vxxlor $xv7 ,$xb7,$xb7 # save vr23, so we get 8 regs`
		`- + be?vxxlorc $beperm,$xv26,$xv26 # copy back the the beperm.`
		`- +`
		`- + vxxlorc @K[0],$xv0,$xv0 #27`
		`- + vxxlorc @K[1],$xv1,$xv1 #24`
		`- + vxxlorc @K[2],$xv2,$xv2 #25`
		`- + vxxlorc @K[3],$xv3,$xv3 #26`
		`- + vxxlorc $CTR0,$xv4,$xv4`
		`- +###changing to vertical`
		`- +`
		`- + vmrgew $xt0,$xa0,$xa1 # transpose data`
		`- + vmrgew $xt1,$xa2,$xa3`
		`- + vmrgow $xa0,$xa0,$xa1`
		`- + vmrgow $xa2,$xa2,$xa3`
		`- +`
		`- + vmrgew $xt2,$xb0,$xb1`
		`- + vmrgew $xt3,$xb2,$xb3`
		`- + vmrgow $xb0,$xb0,$xb1`
		`- + vmrgow $xb2,$xb2,$xb3`
		`- +`
		`- + vadduwm $xd0,$xd0,$CTR0`
		`- +`
		`- + vpermdi $xa1,$xa0,$xa2,0b00`
		`- + vpermdi $xa3,$xa0,$xa2,0b11`
		`- + vpermdi $xa0,$xt0,$xt1,0b00`
		`- + vpermdi $xa2,$xt0,$xt1,0b11`
		`- + vpermdi $xb1,$xb0,$xb2,0b00`
		`- + vpermdi $xb3,$xb0,$xb2,0b11`
		`- + vpermdi $xb0,$xt2,$xt3,0b00`
		`- + vpermdi $xb2,$xt2,$xt3,0b11`
		`- +`
		`- + vmrgew $xt0,$xc0,$xc1`
		`- + vmrgew $xt1,$xc2,$xc3`
		`- + vmrgow $xc0,$xc0,$xc1`
		`- + vmrgow $xc2,$xc2,$xc3`
		`- + vmrgew $xt2,$xd0,$xd1`
		`- + vmrgew $xt3,$xd2,$xd3`
		`- + vmrgow $xd0,$xd0,$xd1`
		`- + vmrgow $xd2,$xd2,$xd3`
		`- +`
		`- + vpermdi $xc1,$xc0,$xc2,0b00`
		`- + vpermdi $xc3,$xc0,$xc2,0b11`
		`- + vpermdi $xc0,$xt0,$xt1,0b00`
		`- + vpermdi $xc2,$xt0,$xt1,0b11`
		`- + vpermdi $xd1,$xd0,$xd2,0b00`
		`- + vpermdi $xd3,$xd0,$xd2,0b11`
		`- + vpermdi $xd0,$xt2,$xt3,0b00`
		`- + vpermdi $xd2,$xt2,$xt3,0b11`
		`- +`
		`- + vspltisw $xt0,8`
		`- + vadduwm $CTR0,$CTR0,$xt0 # next counter value`
		`- + vxxlor $xv4 ,$CTR0,$CTR0 #CTR+4-> 5`
		`- +`
		`- + vadduwm $xa0,$xa0,@K[0]`
		`- + vadduwm $xb0,$xb0,@K[1]`
		`- + vadduwm $xc0,$xc0,@K[2]`
		`- + vadduwm $xd0,$xd0,@K[3]`
		`- +`
		`- + be?vperm $xa0,$xa0,$xa0,$beperm`
		`- + be?vperm $xb0,$xb0,$xb0,$beperm`
		`- + be?vperm $xc0,$xc0,$xc0,$beperm`
		`- + be?vperm $xd0,$xd0,$xd0,$beperm`
		`- +`
		`- + ${UCMP}i $len,0x40`
		`- + blt Ltail_vsx_8x`
		`- +`
		`- + lvx_4w $xt0,$x00,$inp`
		`- + lvx_4w $xt1,$x10,$inp`
		`- + lvx_4w $xt2,$x20,$inp`
		`- + lvx_4w $xt3,$x30,$inp`
		`- +`
		`- + vxor $xt0,$xt0,$xa0`
		`- + vxor $xt1,$xt1,$xb0`
		`- + vxor $xt2,$xt2,$xc0`
		`- + vxor $xt3,$xt3,$xd0`
		`- +`
		`- + stvx_4w $xt0,$x00,$out`
		`- + stvx_4w $xt1,$x10,$out`
		`- + addi $inp,$inp,0x40`
		`- + stvx_4w $xt2,$x20,$out`
		`- + subi $len,$len,0x40`
		`- + stvx_4w $xt3,$x30,$out`
		`- + addi $out,$out,0x40`
		`- + beq Ldone_vsx_8x`
		`- +`
		`- + vadduwm $xa0,$xa1,@K[0]`
		`- + vadduwm $xb0,$xb1,@K[1]`
		`- + vadduwm $xc0,$xc1,@K[2]`
		`- + vadduwm $xd0,$xd1,@K[3]`
		`- +`
		`- + be?vperm $xa0,$xa0,$xa0,$beperm`
		`- + be?vperm $xb0,$xb0,$xb0,$beperm`
		`- + be?vperm $xc0,$xc0,$xc0,$beperm`
		`- + be?vperm $xd0,$xd0,$xd0,$beperm`
		`- +`
		`- + ${UCMP}i $len,0x40`
		`- + blt Ltail_vsx_8x`
		`- +`
		`- + lvx_4w $xt0,$x00,$inp`
		`- + lvx_4w $xt1,$x10,$inp`
		`- + lvx_4w $xt2,$x20,$inp`
		`- + lvx_4w $xt3,$x30,$inp`
		`- +`
		`- + vxor $xt0,$xt0,$xa0`
		`- + vxor $xt1,$xt1,$xb0`
		`- + vxor $xt2,$xt2,$xc0`
		`- + vxor $xt3,$xt3,$xd0`
		`- +`
		`- + stvx_4w $xt0,$x00,$out`
		`- + stvx_4w $xt1,$x10,$out`
		`- + addi $inp,$inp,0x40`
		`- + stvx_4w $xt2,$x20,$out`
		`- + subi $len,$len,0x40`
		`- + stvx_4w $xt3,$x30,$out`
		`- + addi $out,$out,0x40`
		`- + beq Ldone_vsx_8x`
		`- +`
		`- + vadduwm $xa0,$xa2,@K[0]`
		`- + vadduwm $xb0,$xb2,@K[1]`
		`- + vadduwm $xc0,$xc2,@K[2]`
		`- + vadduwm $xd0,$xd2,@K[3]`
		`- +`
		`- + be?vperm $xa0,$xa0,$xa0,$beperm`
		`- + be?vperm $xb0,$xb0,$xb0,$beperm`
		`- + be?vperm $xc0,$xc0,$xc0,$beperm`
		`- + be?vperm $xd0,$xd0,$xd0,$beperm`
		`- +`
		`- + ${UCMP}i $len,0x40`
		`- + blt Ltail_vsx_8x`
		`- +`
		`- + lvx_4w $xt0,$x00,$inp`
		`- + lvx_4w $xt1,$x10,$inp`
		`- + lvx_4w $xt2,$x20,$inp`
		`- + lvx_4w $xt3,$x30,$inp`
		`- +`
		`- + vxor $xt0,$xt0,$xa0`
		`- + vxor $xt1,$xt1,$xb0`
		`- + vxor $xt2,$xt2,$xc0`
		`- + vxor $xt3,$xt3,$xd0`
		`- +`
		`- + stvx_4w $xt0,$x00,$out`
		`- + stvx_4w $xt1,$x10,$out`
		`- + addi $inp,$inp,0x40`
		`- + stvx_4w $xt2,$x20,$out`
		`- + subi $len,$len,0x40`
		`- + stvx_4w $xt3,$x30,$out`
		`- + addi $out,$out,0x40`
		`- + beq Ldone_vsx_8x`
		`- +`
		`- + vadduwm $xa0,$xa3,@K[0]`
		`- + vadduwm $xb0,$xb3,@K[1]`
		`- + vadduwm $xc0,$xc3,@K[2]`
		`- + vadduwm $xd0,$xd3,@K[3]`
		`- +`
		`- + be?vperm $xa0,$xa0,$xa0,$beperm`
		`- + be?vperm $xb0,$xb0,$xb0,$beperm`
		`- + be?vperm $xc0,$xc0,$xc0,$beperm`
		`- + be?vperm $xd0,$xd0,$xd0,$beperm`
		`- +`
		`- + ${UCMP}i $len,0x40`
		`- + blt Ltail_vsx_8x`
		`- +`
		`- + lvx_4w $xt0,$x00,$inp`
		`- + lvx_4w $xt1,$x10,$inp`
		`- + lvx_4w $xt2,$x20,$inp`
		`- + lvx_4w $xt3,$x30,$inp`
		`- +`
		`- + vxor $xt0,$xt0,$xa0`
		`- + vxor $xt1,$xt1,$xb0`
		`- + vxor $xt2,$xt2,$xc0`
		`- + vxor $xt3,$xt3,$xd0`
		`- +`
		`- + stvx_4w $xt0,$x00,$out`
		`- + stvx_4w $xt1,$x10,$out`
		`- + addi $inp,$inp,0x40`
		`- + stvx_4w $xt2,$x20,$out`
		`- + subi $len,$len,0x40`
		`- + stvx_4w $xt3,$x30,$out`
		`- + addi $out,$out,0x40`
		`- + beq Ldone_vsx_8x`
		`- +`
		`- +#blk4-7: 24:31 remain the same as we can use the same logic above . Reg a4-b7 remain same.Load c4,d7--> position 8-15.we can reuse vr24-31.`
		`- +#VR0-3 : are used to load temp value, vr4 --> as xr0 instead of xt0.`
		`- +`
		`- + vxxlorc $CTR1 ,$xv5,$xv5`
		`- +`
		`- + vxxlorc $xcn4 ,$xv18,$xv18`
		`- + vxxlorc $xcn5 ,$xv19,$xv19`
		`- + vxxlorc $xcn6 ,$xv20,$xv20`
		`- + vxxlorc $xcn7 ,$xv21,$xv21`
		`- +`
		`- + vxxlorc $xdn4 ,$xv13,$xv13`
		`- + vxxlorc $xdn5 ,$xv14,$xv14`
		`- + vxxlorc $xdn6 ,$xv15,$xv15`
		`- + vxxlorc $xdn7 ,$xv16,$xv16`
		`- + vadduwm $xdn4,$xdn4,$CTR1`
		`- +`
		`- + vxxlorc $xb6 ,$xv6,$xv6`
		`- + vxxlorc $xb7 ,$xv7,$xv7`
		`- +#use xa1->xr0, as xt0...in the block 4-7`
		`- +`
		`- + vmrgew $xr0,$xa4,$xa5 # transpose data`
		`- + vmrgew $xt1,$xa6,$xa7`
		`- + vmrgow $xa4,$xa4,$xa5`
		`- + vmrgow $xa6,$xa6,$xa7`
		`- + vmrgew $xt2,$xb4,$xb5`
		`- + vmrgew $xt3,$xb6,$xb7`
		`- + vmrgow $xb4,$xb4,$xb5`
		`- + vmrgow $xb6,$xb6,$xb7`
		`- +`
		`- + vpermdi $xa5,$xa4,$xa6,0b00`
		`- + vpermdi $xa7,$xa4,$xa6,0b11`
		`- + vpermdi $xa4,$xr0,$xt1,0b00`
		`- + vpermdi $xa6,$xr0,$xt1,0b11`
		`- + vpermdi $xb5,$xb4,$xb6,0b00`
		`- + vpermdi $xb7,$xb4,$xb6,0b11`
		`- + vpermdi $xb4,$xt2,$xt3,0b00`
		`- + vpermdi $xb6,$xt2,$xt3,0b11`
		`- +`
		`- + vmrgew $xr0,$xcn4,$xcn5`
		`- + vmrgew $xt1,$xcn6,$xcn7`
		`- + vmrgow $xcn4,$xcn4,$xcn5`
		`- + vmrgow $xcn6,$xcn6,$xcn7`
		`- + vmrgew $xt2,$xdn4,$xdn5`
		`- + vmrgew $xt3,$xdn6,$xdn7`
		`- + vmrgow $xdn4,$xdn4,$xdn5`
		`- + vmrgow $xdn6,$xdn6,$xdn7`
		`- +`
		`- + vpermdi $xcn5,$xcn4,$xcn6,0b00`
		`- + vpermdi $xcn7,$xcn4,$xcn6,0b11`
		`- + vpermdi $xcn4,$xr0,$xt1,0b00`
		`- + vpermdi $xcn6,$xr0,$xt1,0b11`
		`- + vpermdi $xdn5,$xdn4,$xdn6,0b00`
		`- + vpermdi $xdn7,$xdn4,$xdn6,0b11`
		`- + vpermdi $xdn4,$xt2,$xt3,0b00`
		`- + vpermdi $xdn6,$xt2,$xt3,0b11`
		`- +`
		`- + vspltisw $xr0,8`
		`- + vadduwm $CTR1,$CTR1,$xr0 # next counter value`
		`- + vxxlor $xv5 ,$CTR1,$CTR1 #CTR+4-> 5`
		`- +`
		`- + vadduwm $xan0,$xa4,@K[0]`
		`- + vadduwm $xbn0,$xb4,@K[1]`
		`- + vadduwm $xcn0,$xcn4,@K[2]`
		`- + vadduwm $xdn0,$xdn4,@K[3]`
		`- +`
		`- + be?vperm $xan0,$xa4,$xa4,$beperm`
		`- + be?vperm $xbn0,$xb4,$xb4,$beperm`
		`- + be?vperm $xcn0,$xcn4,$xcn4,$beperm`
		`- + be?vperm $xdn0,$xdn4,$xdn4,$beperm`
		`- +`
		`- + ${UCMP}i $len,0x40`
		`- + blt Ltail_vsx_8x_1`
		`- +`
		`- + lvx_4w $xr0,$x00,$inp`
		`- + lvx_4w $xt1,$x10,$inp`
		`- + lvx_4w $xt2,$x20,$inp`
		`- + lvx_4w $xt3,$x30,$inp`
		`- +`
		`- + vxor $xr0,$xr0,$xan0`
		`- + vxor $xt1,$xt1,$xbn0`
		`- + vxor $xt2,$xt2,$xcn0`
		`- + vxor $xt3,$xt3,$xdn0`
		`- +`
		`- + stvx_4w $xr0,$x00,$out`
		`- + stvx_4w $xt1,$x10,$out`
		`- + addi $inp,$inp,0x40`
		`- + stvx_4w $xt2,$x20,$out`
		`- + subi $len,$len,0x40`
		`- + stvx_4w $xt3,$x30,$out`
		`- + addi $out,$out,0x40`
		`- + beq Ldone_vsx_8x`
		`- +`
		`- + vadduwm $xan0,$xa5,@K[0]`
		`- + vadduwm $xbn0,$xb5,@K[1]`
		`- + vadduwm $xcn0,$xcn5,@K[2]`
		`- + vadduwm $xdn0,$xdn5,@K[3]`
		`- +`
		`- + be?vperm $xan0,$xan0,$xan0,$beperm`
		`- + be?vperm $xbn0,$xbn0,$xbn0,$beperm`
		`- + be?vperm $xcn0,$xcn0,$xcn0,$beperm`
		`- + be?vperm $xdn0,$xdn0,$xdn0,$beperm`
		`- +`
		`- + ${UCMP}i $len,0x40`
		`- + blt Ltail_vsx_8x_1`
		`- +`
		`- + lvx_4w $xr0,$x00,$inp`
		`- + lvx_4w $xt1,$x10,$inp`
		`- + lvx_4w $xt2,$x20,$inp`
		`- + lvx_4w $xt3,$x30,$inp`
		`- +`
		`- + vxor $xr0,$xr0,$xan0`
		`- + vxor $xt1,$xt1,$xbn0`
		`- + vxor $xt2,$xt2,$xcn0`
		`- + vxor $xt3,$xt3,$xdn0`
		`- +`
		`- + stvx_4w $xr0,$x00,$out`
		`- + stvx_4w $xt1,$x10,$out`
		`- + addi $inp,$inp,0x40`
		`- + stvx_4w $xt2,$x20,$out`
		`- + subi $len,$len,0x40`
		`- + stvx_4w $xt3,$x30,$out`
		`- + addi $out,$out,0x40`
		`- + beq Ldone_vsx_8x`
		`- +`
		`- + vadduwm $xan0,$xa6,@K[0]`
		`- + vadduwm $xbn0,$xb6,@K[1]`
		`- + vadduwm $xcn0,$xcn6,@K[2]`
		`- + vadduwm $xdn0,$xdn6,@K[3]`
		`- +`
		`- + be?vperm $xan0,$xan0,$xan0,$beperm`
		`- + be?vperm $xbn0,$xbn0,$xbn0,$beperm`
		`- + be?vperm $xcn0,$xcn0,$xcn0,$beperm`
		`- + be?vperm $xdn0,$xdn0,$xdn0,$beperm`
		`- +`
		`- + ${UCMP}i $len,0x40`
		`- + blt Ltail_vsx_8x_1`
		`- +`
		`- + lvx_4w $xr0,$x00,$inp`
		`- + lvx_4w $xt1,$x10,$inp`
		`- + lvx_4w $xt2,$x20,$inp`
		`- + lvx_4w $xt3,$x30,$inp`
		`- +`
		`- + vxor $xr0,$xr0,$xan0`
		`- + vxor $xt1,$xt1,$xbn0`
		`- + vxor $xt2,$xt2,$xcn0`
		`- + vxor $xt3,$xt3,$xdn0`
		`- +`
		`- + stvx_4w $xr0,$x00,$out`
		`- + stvx_4w $xt1,$x10,$out`
		`- + addi $inp,$inp,0x40`
		`- + stvx_4w $xt2,$x20,$out`
		`- + subi $len,$len,0x40`
		`- + stvx_4w $xt3,$x30,$out`
		`- + addi $out,$out,0x40`
		`- + beq Ldone_vsx_8x`
		`- +`
		`- + vadduwm $xan0,$xa7,@K[0]`
		`- + vadduwm $xbn0,$xb7,@K[1]`
		`- + vadduwm $xcn0,$xcn7,@K[2]`
		`- + vadduwm $xdn0,$xdn7,@K[3]`
		`- +`
		`- + be?vperm $xan0,$xan0,$xan0,$beperm`
		`- + be?vperm $xbn0,$xbn0,$xbn0,$beperm`
		`- + be?vperm $xcn0,$xcn0,$xcn0,$beperm`
		`- + be?vperm $xdn0,$xdn0,$xdn0,$beperm`
		`- +`
		`- + ${UCMP}i $len,0x40`
		`- + blt Ltail_vsx_8x_1`
		`- +`
		`- + lvx_4w $xr0,$x00,$inp`
		`- + lvx_4w $xt1,$x10,$inp`
		`- + lvx_4w $xt2,$x20,$inp`
		`- + lvx_4w $xt3,$x30,$inp`
		`- +`
		`- + vxor $xr0,$xr0,$xan0`
		`- + vxor $xt1,$xt1,$xbn0`
		`- + vxor $xt2,$xt2,$xcn0`
		`- + vxor $xt3,$xt3,$xdn0`
		`- +`
		`- + stvx_4w $xr0,$x00,$out`
		`- + stvx_4w $xt1,$x10,$out`
		`- + addi $inp,$inp,0x40`
		`- + stvx_4w $xt2,$x20,$out`
		`- + subi $len,$len,0x40`
		`- + stvx_4w $xt3,$x30,$out`
		`- + addi $out,$out,0x40`
		`- + beq Ldone_vsx_8x`
		`- +`
		`- + mtctr r0`
		`- + bne Loop_outer_vsx_8x`
		`- +`
		`- +Ldone_vsx_8x:`
		- + lwz r12,`$FRAME-4`($sp) # pull vrsave
		- + li r10,`15+$LOCALS+64`
		- + li r11,`31+$LOCALS+64`
		- + $POP r0, `$FRAME+$LRSAVE`($sp)
		`- + mtspr 256,r12 # restore vrsave`
		`- + lvx v24,r10,$sp`
		`- + addi r10,r10,32`
		`- + lvx v25,r11,$sp`
		`- + addi r11,r11,32`
		`- + lvx v26,r10,$sp`
		`- + addi r10,r10,32`
		`- + lvx v27,r11,$sp`
		`- + addi r11,r11,32`
		`- + lvx v28,r10,$sp`
		`- + addi r10,r10,32`
		`- + lvx v29,r11,$sp`
		`- + addi r11,r11,32`
		`- + lvx v30,r10,$sp`
		`- + lvx v31,r11,$sp`
		`- + mtlr r0`
		`- + addi $sp,$sp,$FRAME`
		`- + blr`
		`- +`
		`- +.align 4`
		`- +Ltail_vsx_8x:`
		`- + addi r11,$sp,$LOCALS`
		`- + mtctr $len`
		`- + stvx_4w $xa0,$x00,r11 # offload block to stack`
		`- + stvx_4w $xb0,$x10,r11`
		`- + stvx_4w $xc0,$x20,r11`
		`- + stvx_4w $xd0,$x30,r11`
		`- + subi r12,r11,1 # prepare for *++ptr`
		`- + subi $inp,$inp,1`
		`- + subi $out,$out,1`
		`- + bl Loop_tail_vsx_8x`
		`- +Ltail_vsx_8x_1:`
		`- + addi r11,$sp,$LOCALS`
		`- + mtctr $len`
		`- + stvx_4w $xan0,$x00,r11 # offload block to stack`
		`- + stvx_4w $xbn0,$x10,r11`
		`- + stvx_4w $xcn0,$x20,r11`
		`- + stvx_4w $xdn0,$x30,r11`
		`- + subi r12,r11,1 # prepare for *++ptr`
		`- + subi $inp,$inp,1`
		`- + subi $out,$out,1`
		`- + bl Loop_tail_vsx_8x`
		`- +`
		`- +Loop_tail_vsx_8x:`
		`- + lbzu r6,1(r12)`
		`- + lbzu r7,1($inp)`
		`- + xor r6,r6,r7`
		`- + stbu r6,1($out)`
		`- + bdnz Loop_tail_vsx_8x`
		`- +`
		`- + stvx_4w $K[0],$x00,r11 # wipe copy of the block`
		`- + stvx_4w $K[0],$x10,r11`
		`- + stvx_4w $K[0],$x20,r11`
		`- + stvx_4w $K[0],$x30,r11`
		`- +`
		`- + b Ldone_vsx_8x`
		`- + .long 0`
		`- + .byte 0,12,0x04,1,0x80,0,5,0`
		`- + .long 0`
		`- +.size .ChaCha20_ctr32_vsx_8x,.-.ChaCha20_ctr32_vsx_8x`
		`- +___`
		`- +}}}`
		`- +`
		`- +`
		`- +$code.=<<___;`
		`- +.align 5`
		`- +Lconsts:`
		`- + mflr r0`
		`- + bcl 20,31,\$+4`
		`- + mflr r12 #vvvvv "distance between . and Lsigma`
		- + addi r12,r12,`64-8`
		`- + mtlr r0`
		`- + blr`
		`- + .long 0`
		`- + .byte 0,12,0x14,0,0,0,0,0`
		- + .space `64-9*4`
		`- +Lsigma:`
		`- + .long 0x61707865,0x3320646e,0x79622d32,0x6b206574`
		`- + .long 1,0,0,0`
		`- + .long 2,0,0,0`
		`- + .long 3,0,0,0`
		`- + .long 4,0,0,0`
		`- +___`
		`- +$code.=<<___ if ($LITTLE_ENDIAN);`
		`- + .long 0x0e0f0c0d,0x0a0b0809,0x06070405,0x02030001`
		`- + .long 0x0d0e0f0c,0x090a0b08,0x05060704,0x01020300`
		`- +___`
		`- +$code.=<<___ if (!$LITTLE_ENDIAN); # flipped words`
		`- + .long 0x02030001,0x06070405,0x0a0b0809,0x0e0f0c0d`
		`- + .long 0x01020300,0x05060704,0x090a0b08,0x0d0e0f0c`
		`- +___`
		`- +$code.=<<___;`
		`- + .long 0x61707865,0x61707865,0x61707865,0x61707865`
		`- + .long 0x3320646e,0x3320646e,0x3320646e,0x3320646e`
		`- + .long 0x79622d32,0x79622d32,0x79622d32,0x79622d32`
		`- + .long 0x6b206574,0x6b206574,0x6b206574,0x6b206574`
		`- + .long 0,1,2,3`
		`- + .long 0x03020100,0x07060504,0x0b0a0908,0x0f0e0d0c`
		`- +.asciz "ChaCha20 for PowerPC/AltiVec, CRYPTOGAMS by <appro\@openssl.org>"`
		`- +.align 2`
		`- +___`
		`- +`
		`- +foreach (split("\n",$code)) {`
		- + s/\`([^\`]*)\`/eval $1/ge;
		`- +`
		`- + # instructions prefixed with '?' are endian-specific and need`
		`- + # to be adjusted accordingly...`
		`- + if ($flavour !~ /le$/) { # big-endian`
		`- + s/be\?// or`
		`- + s/le\?/#le#/ or`
		`- + s/\?lvsr/lvsl/ or`
		`- + s/\?lvsl/lvsr/ or`
		`- + s/\?(vperm\s+v[0-9]+,\s)(v[0-9]+,\s)(v[0-9]+,\s*)(v[0-9]+)/$1$3$2$4/ or`
		`- + s/vrldoi(\s+v[0-9]+,\s)(v[0-9]+,)\s([0-9]+)/vsldoi$1$2$2 16-$3/;`
		`- + } else { # little-endian`
		`- + s/le\?// or`
		`- + s/be\?/#be#/ or`
		`- + s/\?([a-z]+)/$1/ or`
		`- + s/vrldoi(\s+v[0-9]+,\s)(v[0-9]+,)\s([0-9]+)/vsldoi$1$2$2 $3/;`
		`- + }`
		`- +`
		`- + print $_,"\n";`
		`- +}`
		`- +`
		`- +close STDOUT or die "error closing STDOUT: $!";`
		`- diff --git a/crypto/chacha/build.info b/crypto/chacha/build.info`
		`- index c12cb9c..2a819b2 100644`
		`- --- a/crypto/chacha/build.info`
		`- +++ b/crypto/chacha/build.info`
		`- @@ -12,7 +12,7 @@ IF[{- !$disabled{asm} -}]`
		`- $CHACHAASM_armv4=chacha-armv4.S`
		`- $CHACHAASM_aarch64=chacha-armv8.S`
		`-`
		`- - $CHACHAASM_ppc32=chacha_ppc.c chacha-ppc.s`
		`- + $CHACHAASM_ppc32=chacha_ppc.c chacha-ppc.s chachap10-ppc.s`
		`- $CHACHAASM_ppc64=$CHACHAASM_ppc32`
		`-`
		`- $CHACHAASM_c64xplus=chacha-c64xplus.s`
		`- @@ -29,6 +29,7 @@ SOURCE[../../libcrypto]=$CHACHAASM`
		`- GENERATE[chacha-x86.S]=asm/chacha-x86.pl`
		`- GENERATE[chacha-x86_64.s]=asm/chacha-x86_64.pl`
		`- GENERATE[chacha-ppc.s]=asm/chacha-ppc.pl`
		`- +GENERATE[chachap10-ppc.s]=asm/chachap10-ppc.pl`
		`- GENERATE[chacha-armv4.S]=asm/chacha-armv4.pl`
		`- INCLUDE[chacha-armv4.o]=..`
		`- GENERATE[chacha-armv8.S]=asm/chacha-armv8.pl`
		`- diff --git a/crypto/chacha/chacha_ppc.c b/crypto/chacha/chacha_ppc.c`
		`- index 5319040..f99cca8 100644`
		`- --- a/crypto/chacha/chacha_ppc.c`
		`- +++ b/crypto/chacha/chacha_ppc.c`
		`- @@ -23,13 +23,18 @@ void ChaCha20_ctr32_vmx(unsigned char out, const unsigned char inp,`
		`- void ChaCha20_ctr32_vsx(unsigned char out, const unsigned char inp,`
		`- size_t len, const unsigned int key[8],`
		`- const unsigned int counter[4]);`
		`- +void ChaCha20_ctr32_vsx_p10(unsigned char out, const unsigned char inp,`
		`- + size_t len, const unsigned int key[8],`
		`- + const unsigned int counter[4]);`
		`- void ChaCha20_ctr32(unsigned char out, const unsigned char inp,`
		`- size_t len, const unsigned int key[8],`
		`- const unsigned int counter[4])`
		`- {`
		`- - OPENSSL_ppccap_P & PPC_CRYPTO207`
		`- - ? ChaCha20_ctr32_vsx(out, inp, len, key, counter)`
		`- - : OPENSSL_ppccap_P & PPC_ALTIVEC`
		`- - ? ChaCha20_ctr32_vmx(out, inp, len, key, counter)`
		`- - : ChaCha20_ctr32_int(out, inp, len, key, counter);`
		`- + OPENSSL_ppccap_P & PPC_BRD31`
		`- + ? ChaCha20_ctr32_vsx_p10(out, inp, len, key, counter)`
		`- + :OPENSSL_ppccap_P & PPC_CRYPTO207`
		`- + ? ChaCha20_ctr32_vsx(out, inp, len, key, counter)`
		`- + : OPENSSL_ppccap_P & PPC_ALTIVEC`
		`- + ? ChaCha20_ctr32_vmx(out, inp, len, key, counter)`
		`- + : ChaCha20_ctr32_int(out, inp, len, key, counter);`
		`- }`
		`- diff --git a/crypto/perlasm/ppc-xlate.pl b/crypto/perlasm/ppc-xlate.pl`
		`- index 2ee4440..4590340 100755`
		`- --- a/crypto/perlasm/ppc-xlate.pl`
		`- +++ b/crypto/perlasm/ppc-xlate.pl`
		`- @@ -293,6 +293,14 @@ my $vpermdi = sub { # xxpermdi`
		`- $dm = oct($dm) if ($dm =~ /^0/);`
		`- " .long ".sprintf "0x%X",(60<<26)\|($vrt<<21)\|($vra<<16)\|($vrb<<11)\|($dm<<8)\|(10<<3)\|7;`
		`- };`
		`- +my $vxxlor = sub { # xxlor`
		`- + my ($f, $vrt, $vra, $vrb) = @_;`
		`- + " .long ".sprintf "0x%X",(60<<26)\|($vrt<<21)\|($vra<<16)\|($vrb<<11)\|(146<<3)\|6;`
		`- +};`
		`- +my $vxxlorc = sub { # xxlor`
		`- + my ($f, $vrt, $vra, $vrb) = @_;`
		`- + " .long ".sprintf "0x%X",(60<<26)\|($vrt<<21)\|($vra<<16)\|($vrb<<11)\|(146<<3)\|1;`
		`- +};`
		`-`
		`- # PowerISA 2.07 stuff`
		`- sub vcrypto_op {`
		`- @@ -377,6 +385,15 @@ my $addex = sub {`
		`- };`
		`- my $vmsumudm = sub { vfour_vsr(@_, 35); };`
		`-`
		`- +# PowerISA 3.1 stuff`
		`- +my $brd = sub {`
		`- + my ($f, $ra, $rs) = @_;`
		`- + " .long ".sprintf "0x%X",(31<<26)\|($rs<<21)\|($ra<<16)\|(187<<1);`
		`- +};`
		`- +my $vsrq = sub { vcrypto_op(@_, 517); };`
		`- +`
		`- +`
		`- +`
		`- while($line=<>) {`
		`-`
		`- $line =~ s\|[#!;].*$\|\|; # get rid of asm-style comments...`
		`- diff --git a/crypto/ppccap.c b/crypto/ppccap.c`
		`- index 8bcfed2..664627c 100644`
		`- --- a/crypto/ppccap.c`
		`- +++ b/crypto/ppccap.c`
		`- @@ -45,6 +45,7 @@ void OPENSSL_ppc64_probe(void);`
		`- void OPENSSL_altivec_probe(void);`
		`- void OPENSSL_crypto207_probe(void);`
		`- void OPENSSL_madd300_probe(void);`
		`- +void OPENSSL_brd31_probe(void);`
		`-`
		`- long OPENSSL_rdtsc_mftb(void);`
		`- long OPENSSL_rdtsc_mfspr268(void);`
		`- @@ -117,16 +118,21 @@ static unsigned long getauxval(unsigned long key)`
		`- #endif`
		`-`
		`- /* I wish <sys/auxv.h> was universally available */`
		`- -#define HWCAP 16 /* AT_HWCAP */`
		`- +#ifndef AT_HWCAP`
		`- +# define AT_HWCAP 16 /* AT_HWCAP */`
		`- +#endif`
		`- #define HWCAP_PPC64 (1U << 30)`
		`- #define HWCAP_ALTIVEC (1U << 28)`
		`- #define HWCAP_FPU (1U << 27)`
		`- #define HWCAP_POWER6_EXT (1U << 9)`
		`- #define HWCAP_VSX (1U << 7)`
		`-`
		`- -#define HWCAP2 26 /* AT_HWCAP2 */`
		`- +#ifndef AT_HWCAP2`
		`- +# define AT_HWCAP2 26 /* AT_HWCAP2 */`
		`- +#endif`
		`- #define HWCAP_VEC_CRYPTO (1U << 25)`
		`- #define HWCAP_ARCH_3_00 (1U << 23)`
		`- +#define HWCAP_ARCH_3_1 (1U << 18)`
		`-`
		`- # if defined(__GNUC__) && __GNUC__>=2`
		`- __attribute__ ((constructor))`
		`- @@ -187,6 +193,9 @@ void OPENSSL_cpuid_setup(void)`
		`- if (__power_set(0xffffffffU<<17)) /* POWER9 and later */`
		`- OPENSSL_ppccap_P \|= PPC_MADD300;`
		`-`
		`- + if (__power_set(0xffffffffU<<18)) /* POWER10 and later */`
		`- + OPENSSL_ppccap_P \|= PPC_BRD31;`
		`- +`
		`- return;`
		`- # endif`
		`- #endif`
		`- @@ -215,8 +224,8 @@ void OPENSSL_cpuid_setup(void)`
		`-`
		`- #ifdef OSSL_IMPLEMENT_GETAUXVAL`
		`- {`
		`- - unsigned long hwcap = getauxval(HWCAP);`
		`- - unsigned long hwcap2 = getauxval(HWCAP2);`
		`- + unsigned long hwcap = getauxval(AT_HWCAP);`
		`- + unsigned long hwcap2 = getauxval(AT_HWCAP2);`
		`-`
		`- if (hwcap & HWCAP_FPU) {`
		`- OPENSSL_ppccap_P \|= PPC_FPU;`
		`- @@ -242,6 +251,10 @@ void OPENSSL_cpuid_setup(void)`
		`- if (hwcap2 & HWCAP_ARCH_3_00) {`
		`- OPENSSL_ppccap_P \|= PPC_MADD300;`
		`- }`
		`- +`
		`- + if (hwcap2 & HWCAP_ARCH_3_1) {`
		`- + OPENSSL_ppccap_P \|= PPC_BRD31;`
		`- + }`
		`- }`
		`- #endif`
		`-`
		`- @@ -263,7 +276,7 @@ void OPENSSL_cpuid_setup(void)`
		`- sigaction(SIGILL, &ill_act, &ill_oact);`
		`-`
		`- #ifndef OSSL_IMPLEMENT_GETAUXVAL`
		`- - if (sigsetjmp(ill_jmp,1) == 0) {`
		`- + if (sigsetjmp(ill_jmp, 1) == 0) {`
		`- OPENSSL_fpu_probe();`
		`- OPENSSL_ppccap_P \|= PPC_FPU;`
		`-`
		`- diff --git a/crypto/ppccpuid.pl b/crypto/ppccpuid.pl`
		`- index c6555df..706164a 100755`
		`- --- a/crypto/ppccpuid.pl`
		`- +++ b/crypto/ppccpuid.pl`
		`- @@ -81,6 +81,17 @@ $code=<<___;`
		`- .long 0`
		`- .byte 0,12,0x14,0,0,0,0,0`
		`-`
		`- +.globl .OPENSSL_brd31_probe`
		`- +.align 4`
		`- +.OPENSSL_brd31_probe:`
		`- + xor r0,r0,r0`
		`- + brd r3,r0`
		`- + blr`
		`- + .long 0`
		`- + .byte 0,12,0x14,0,0,0,0,0`
		`- +.size .OPENSSL_brd31_probe,.-.OPENSSL_brd31_probe`
		`- +`
		`- +`
		`- .globl .OPENSSL_wipe_cpu`
		`- .align 4`
		`- .OPENSSL_wipe_cpu:`
		`- diff --git a/include/crypto/ppc_arch.h b/include/crypto/ppc_arch.h`
		`- index 3b3ce4b..fcc846c 100644`
		`- --- a/include/crypto/ppc_arch.h`
		`- +++ b/include/crypto/ppc_arch.h`
		`- @@ -24,5 +24,6 @@ extern unsigned int OPENSSL_ppccap_P;`
		`- # define PPC_MADD300 (1<<4)`
		`- # define PPC_MFTB (1<<5)`
		`- # define PPC_MFSPR268 (1<<6)`
		`- +# define PPC_BRD31 (1<<7)`
		`-`
		`- #endif`

0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch

file modified

+34 -57

		`@@ -1,39 +1,22 @@`
		`- From 4a2239bd7d444c30c55b20ea8b4aeadafdfe1afd Mon Sep 17 00:00:00 2001`
		`- From: Clemens Lang <cllang@redhat.com>`
		`- Date: Fri, 22 Jul 2022 13:59:37 +0200`
		`- Subject: [PATCH] FIPS: Use OAEP in KATs, support fixed OAEP seed`
		`+ From abeda0b0475adb0d4f89b0c97cfc349779915bbf Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:28 +0200`
		`+ Subject: [PATCH 29/35]`
		`+ 0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch`

		`- Review by our lab for FIPS 140-3 certification expects the RSA`
		`- encryption and decryption tests to use a supported padding mode, not raw`
		`- RSA signatures. Switch to RSA-OAEP for the self tests to fulfill that.`
		`-`
		`- The FIPS 140-3 Implementation Guidance specifies in section 10.3.A`
		`- "Cryptographic Algorithm Self-Test Requirements" that a self-test may be`
		`- a known-answer test, a comparison test, or a fault-detection test.`
		`-`
		`- Comparison tests are not an option, because they would require`
		`- a separate implementation of RSA-OAEP, which we do not have. Fault`
		`- detection tests require implementing fault detection mechanisms into the`
		`- cryptographic algorithm implementation, we we also do not have.`
		`-`
		`- As a consequence, a known-answer test must be used to test RSA`
		`- encryption and decryption, but RSA encryption with OAEP padding is not`
		`- deterministic, and thus encryption will always yield different results`
		`- that could not be compared to known answers. For this reason, this`
		`- change explicitly sets the seed in OAEP (see RFC 8017 section 7.1.1),`
		`- which is the source of randomness for RSA-OAEP, to a fixed value. This`
		`- setting is only available during self-test execution, and the parameter`
		`- set using EVP_PKEY_CTX_set_params() will be ignored otherwise.`
		`-`
		`- Signed-off-by: Clemens Lang <cllang@redhat.com>`
		`+ Patch-name: 0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch`
		`+ Patch-id: 73`
		`+ Patch-status: \|`
		`+ # https://bugzilla.redhat.com/show_bug.cgi?id=2102535`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`---`
		`crypto/rsa/rsa_local.h \| 8 ++`
		`crypto/rsa/rsa_oaep.c \| 34 ++++++--`
		`include/openssl/core_names.h \| 3 +`
		`- providers/fips/self_test_data.inc \| 83 +++++++++++--------`
		`+ providers/fips/self_test_data.inc \| 79 ++++++++++---------`
		`providers/fips/self_test_kats.c \| 7 ++`
		`- .../implementations/asymciphers/rsa_enc.c \| 41 ++++++++-`
		`- 6 files changed, 133 insertions(+), 43 deletions(-)`
		`+ .../implementations/asymciphers/rsa_enc.c \| 41 +++++++++-`
		`+ 6 files changed, 128 insertions(+), 44 deletions(-)`

		`diff --git a/crypto/rsa/rsa_local.h b/crypto/rsa/rsa_local.h`
		`index ea70da05ad..dde57a1a0e 100644`
		`@@ -119,10 +102,10 @@`
		`const unsigned char *from, int flen,`
		`const unsigned char *param, int plen,`
		`diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h`
		`- index 59a6e79566..11216fb8f8 100644`
		`+ index 5e3c132f5b..c0cce14297 100644`
		`--- a/include/openssl/core_names.h`
		`+++ b/include/openssl/core_names.h`
		`- @@ -469,6 +469,9 @@ extern "C" {`
		`+ @@ -471,6 +471,9 @@ extern "C" {`
		`#define OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL "oaep-label"`
		`#define OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION "tls-client-version"`
		`#define OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION "tls-negotiated-version"`
		`@@ -133,32 +116,26 @@`
		`/*`
		`* Encoder / decoder parameters`
		`diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc`
		`- index 4e30ec56dd..0103c87528 100644`
		`+ index e0fdc0daa4..aa2012c04a 100644`
		`--- a/providers/fips/self_test_data.inc`
		`+++ b/providers/fips/self_test_data.inc`
		`- @@ -1294,15 +1294,22 @@ static const ST_KAT_PARAM rsa_priv_key[] = {`
		`- ST_KAT_PARAM_END()`
		`+ @@ -1296,14 +1296,21 @@ static const ST_KAT_PARAM rsa_priv_key[] = {`
		`};`

		`- -/*-`
		`+ /*-`
		`- * Using OSSL_PKEY_RSA_PAD_MODE_NONE directly in the expansion of the`
		`- - * ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient`
		`- - * HP/UX PA-RISC compilers.`
		`- - */`
		`- -static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;`
		`- -`
		`- +/*-`
		`+ * Using OSSL_PKEY_RSA_PAD_MODE_OAEP directly in the expansion of the`
		`- + * ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient`
		`- + * HP/UX PA-RISC compilers.`
		`- + */`
		`+ * ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient`
		`+ * HP/UX PA-RISC compilers.`
		`+ */`
		`+ -static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;`
		`+static const char pad_mode_oaep[] = OSSL_PKEY_RSA_PAD_MODE_OAEP;`
		`+static const char oaep_fixed_seed[] = {`
		`+ 0xf6, 0x10, 0xef, 0x0a, 0x97, 0xbf, 0x91, 0x25,`
		`+ 0x97, 0xcf, 0x8e, 0x0a, 0x75, 0x51, 0x2f, 0xab,`
		`+ 0x2e, 0x4b, 0x2c, 0xe6`
		`+};`
		`- +`
		`+`
		`static const ST_KAT_PARAM rsa_enc_params[] = {`
		`- ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_none),`
		`+ ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_oaep),`
		`@@ -167,7 +144,7 @@`
		`ST_KAT_PARAM_END()`
		`};`

		`- @@ -1335,43 +1348,43 @@ static const unsigned char rsa_expected_sig[256] = {`
		`+ @@ -1342,43 +1349,43 @@ static const unsigned char rsa_expected_sig[256] = {`
		`0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6`
		`};`

		`@@ -245,10 +222,10 @@`

		`#ifndef OPENSSL_NO_EC`
		`diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c`
		`- index 064794d9bf..b6d5e8e134 100644`
		`+ index 74ee25dcb6..a9bc8be7fa 100644`
		`--- a/providers/fips/self_test_kats.c`
		`+++ b/providers/fips/self_test_kats.c`
		`- @@ -647,14 +647,21 @@ static int self_test_ciphers(OSSL_SELF_TEST st, OSSL_LIB_CTX libctx)`
		`+ @@ -641,14 +641,21 @@ static int self_test_ciphers(OSSL_SELF_TEST st, OSSL_LIB_CTX libctx)`
		`return ret;`
		`}`

		`@@ -271,7 +248,7 @@`
		`}`

		`diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c`
		`- index 00cf65fcd6..83be3d8ede 100644`
		`+ index 9cd8904131..40de5ce8fa 100644`
		`--- a/providers/implementations/asymciphers/rsa_enc.c`
		`+++ b/providers/implementations/asymciphers/rsa_enc.c`
		`@@ -30,6 +30,9 @@`
		`@@ -294,8 +271,8 @@`
		`} PROV_RSA_CTX;`

		`static void rsa_newctx(void provctx)`
		`- @@ -190,12 +196,21 @@ static int rsa_encrypt(void vprsactx, unsigned char out, size_t *outlen,`
		`- return 0;`
		`+ @@ -192,12 +198,21 @@ static int rsa_encrypt(void vprsactx, unsigned char out, size_t *outlen,`
		`+ }`
		`}`
		`ret =`
		`- ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf,`
		`@@ -318,7 +295,7 @@`

		`if (!ret) {`
		`OPENSSL_free(tbuf);`
		`- @@ -326,6 +341,9 @@ static void rsa_freectx(void *vprsactx)`
		`+ @@ -328,6 +343,9 @@ static void rsa_freectx(void *vprsactx)`
		`EVP_MD_free(prsactx->oaep_md);`
		`EVP_MD_free(prsactx->mgf1_md);`
		`OPENSSL_free(prsactx->oaep_label);`
		`@@ -328,7 +305,7 @@`

		`OPENSSL_free(prsactx);`
		`}`
		`- @@ -445,6 +463,9 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {`
		`+ @@ -447,6 +465,9 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {`
		`NULL, 0),`
		`OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION, NULL),`
		`OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION, NULL),`
		`@@ -338,7 +315,7 @@`
		`OSSL_PARAM_END`
		`};`

		`- @@ -454,6 +475,10 @@ static const OSSL_PARAM rsa_gettable_ctx_params(ossl_unused void vprsactx,`
		`+ @@ -456,6 +477,10 @@ static const OSSL_PARAM rsa_gettable_ctx_params(ossl_unused void vprsactx,`
		`return known_gettable_ctx_params;`
		`}`

		`@@ -349,7 +326,7 @@`
		`static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])`
		`{`
		`PROV_RSA_CTX prsactx = (PROV_RSA_CTX )vprsactx;`
		`- @@ -563,6 +588,18 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])`
		`+ @@ -567,6 +592,18 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])`
		`prsactx->oaep_labellen = tmp_labellen;`
		`}`

		`@@ -369,5 +346,5 @@`
		`if (p != NULL) {`
		`unsigned int client_version;`
		`--`
		`- 2.37.1`
		`+ 2.41.0`

0074-FIPS-Use-digest_sign-digest_verify-in-self-test-eln.patch

file removed

-313

		`@@ -1,313 +0,0 @@`
		`- From 97ac06e5a8e3a8699279c06eeb64c8e958bad7bd Mon Sep 17 00:00:00 2001`
		`- From: Clemens Lang <cllang@redhat.com>`
		`- Date: Fri, 15 Jul 2022 17:45:40 +0200`
		`- Subject: [PATCH] FIPS: Use digest_sign & digest_verify in self test`
		`-`
		`- In review for FIPS 140-3, the lack of a self-test for the digest_sign`
		`- and digest_verify provider functions was highlighted as a problem. NIST`
		`- no longer provides ACVP tests for the RSA SigVer primitive (see`
		`- https://github.com/usnistgov/ACVP/issues/1347). Because FIPS 140-3`
		`- recommends the use of functions that compute the digest and signature`
		`- within the module, we have been advised in our module review that the`
		`- self tests should also use the combined digest and signature APIs, i.e.`
		`- the digest_sign and digest_verify provider functions.`
		`-`
		`- Modify the signature self-test to use these instead by switching to`
		`- EVP_DigestSign and EVP_DigestVerify. This requires adding more ifdefs to`
		`- crypto/evp/m_sigver.c to make these functions usable in the FIPS module.`
		`-`
		`- Signed-off-by: Clemens Lang <cllang@redhat.com>`
		`- ---`
		`- crypto/evp/m_sigver.c \| 43 +++++++++++++++++++++++++++------`
		`- providers/fips/self_test_kats.c \| 37 +++++++++++++++-------------`
		`- 2 files changed, 56 insertions(+), 24 deletions(-)`
		`-`
		`- diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c`
		`- index db1a1d7bc3..c94c3c53bd 100644`
		`- --- a/crypto/evp/m_sigver.c`
		`- +++ b/crypto/evp/m_sigver.c`
		`- @@ -88,6 +88,7 @@ static int update(EVP_MD_CTX ctx, const void data, size_t datalen)`
		`- ERR_raise(ERR_LIB_EVP, EVP_R_ONLY_ONESHOT_SUPPORTED);`
		`- return 0;`
		`- }`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`-`
		`- /*`
		`- * If we get the "NULL" md then the name comes back as "UNDEF". We want to use`
		`- @@ -130,8 +131,10 @@ static int do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`- reinit = 0;`
		`- if (e == NULL)`
		`- ctx->pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, props);`
		`- +#ifndef FIPS_MODULE`
		`- else`
		`- ctx->pctx = EVP_PKEY_CTX_new(pkey, e);`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`- }`
		`- if (ctx->pctx == NULL)`
		`- return 0;`
		`- @@ -139,8 +142,10 @@ static int do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`- locpctx = ctx->pctx;`
		`- ERR_set_mark();`
		`-`
		`- +#ifndef FIPS_MODULE`
		`- if (evp_pkey_ctx_is_legacy(locpctx))`
		`- goto legacy;`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`-`
		`- /* do not reinitialize if pkey is set or operation is different */`
		`- if (reinit`
		`- @@ -225,8 +230,10 @@ static int do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`- signature =`
		`- evp_signature_fetch_from_prov((OSSL_PROVIDER *)tmp_prov,`
		`- supported_sig, locpctx->propquery);`
		`- +#ifndef FIPS_MODULE`
		`- if (signature == NULL)`
		`- goto legacy;`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`- break;`
		`- }`
		`- if (signature == NULL)`
		`- @@ -310,6 +317,7 @@ static int do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`- ctx->fetched_digest = EVP_MD_fetch(locpctx->libctx, mdname, props);`
		`- if (ctx->fetched_digest != NULL) {`
		`- ctx->digest = ctx->reqdigest = ctx->fetched_digest;`
		`- +#ifndef FIPS_MODULE`
		`- } else {`
		`- /* legacy engine support : remove the mark when this is deleted */`
		`- ctx->reqdigest = ctx->digest = EVP_get_digestbyname(mdname);`
		`- @@ -318,11 +326,13 @@ static int do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`- ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);`
		`- goto err;`
		`- }`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`- }`
		`- (void)ERR_pop_to_mark();`
		`- }`
		`- }`
		`-`
		`- +#ifndef FIPS_MODULE`
		`- if (ctx->reqdigest != NULL`
		`- && !EVP_PKEY_is_a(locpctx->pkey, SN_hmac)`
		`- && !EVP_PKEY_is_a(locpctx->pkey, SN_tls1_prf)`
		`- @@ -334,6 +344,7 @@ static int do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`- goto err;`
		`- }`
		`- }`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`-`
		`- if (ver) {`
		`- if (signature->digest_verify_init == NULL) {`
		`- @@ -366,6 +377,7 @@ static int do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`- EVP_KEYMGMT_free(tmp_keymgmt);`
		`- return 0;`
		`-`
		`- +#ifndef FIPS_MODULE`
		`- legacy:`
		`- /*`
		`- * If we don't have the full support we need with provided methods,`
		`- @@ -437,6 +449,7 @@ static int do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`- ctx->pctx->flag_call_digest_custom = 1;`
		`-`
		`- ret = 1;`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`-`
		`- end:`
		`- #ifndef FIPS_MODULE`
		`- @@ -479,7 +492,6 @@ int EVP_DigestVerifyInit(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`- return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 1,`
		`- NULL);`
		`- }`
		`- -#endif /* FIPS_MDOE */`
		`-`
		`- int EVP_DigestSignUpdate(EVP_MD_CTX ctx, const void data, size_t dsize)`
		`- {`
		`- @@ -541,23 +553,29 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX ctx, const void data, size_t dsize)`
		`- return EVP_DigestUpdate(ctx, data, dsize);`
		`- }`
		`-`
		`- -#ifndef FIPS_MODULE`
		`- int EVP_DigestSignFinal(EVP_MD_CTX ctx, unsigned char sigret,`
		`- size_t *siglen)`
		`- {`
		`- - int sctx = 0, r = 0;`
		`- - EVP_PKEY_CTX dctx, pctx = ctx->pctx;`
		`- + int r = 0;`
		`- +#ifndef FIPS_MODULE`
		`- + int sctx = 0;`
		`- + EVP_PKEY_CTX *dctx;`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`- + EVP_PKEY_CTX *pctx = ctx->pctx;`
		`-`
		`- +#ifndef FIPS_MODULE`
		`- if (pctx == NULL`
		`- \|\| pctx->operation != EVP_PKEY_OP_SIGNCTX`
		`- \|\| pctx->op.sig.algctx == NULL`
		`- \|\| pctx->op.sig.signature == NULL)`
		`- goto legacy;`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`-`
		`- if (sigret == NULL \|\| (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) != 0)`
		`- return pctx->op.sig.signature->digest_sign_final(pctx->op.sig.algctx,`
		`- sigret, siglen,`
		`- sigret == NULL ? 0 : *siglen);`
		`- +#ifndef FIPS_MODULE`
		`- dctx = EVP_PKEY_CTX_dup(pctx);`
		`- if (dctx == NULL)`
		`- return 0;`
		`- @@ -566,8 +584,10 @@ int EVP_DigestSignFinal(EVP_MD_CTX ctx, unsigned char sigret,`
		`- sigret, siglen,`
		`- *siglen);`
		`- EVP_PKEY_CTX_free(dctx);`
		`- +#endif /* defined(FIPS_MODULE) */`
		`- return r;`
		`-`
		`- +#ifndef FIPS_MODULE`
		`- legacy:`
		`- if (pctx == NULL \|\| pctx->pmeth == NULL) {`
		`- ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);`
		`- @@ -639,6 +659,7 @@ int EVP_DigestSignFinal(EVP_MD_CTX ctx, unsigned char sigret,`
		`- }`
		`- }`
		`- return 1;`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`- }`
		`-`
		`- int EVP_DigestSign(EVP_MD_CTX ctx, unsigned char sigret, size_t *siglen,`
		`- @@ -669,21 +690,27 @@ int EVP_DigestSign(EVP_MD_CTX ctx, unsigned char sigret, size_t *siglen,`
		`- int EVP_DigestVerifyFinal(EVP_MD_CTX ctx, const unsigned char sig,`
		`- size_t siglen)`
		`- {`
		`- - unsigned char md[EVP_MAX_MD_SIZE];`
		`- int r = 0;`
		`- +#ifndef FIPS_MODULE`
		`- + unsigned char md[EVP_MAX_MD_SIZE];`
		`- unsigned int mdlen = 0;`
		`- int vctx = 0;`
		`- - EVP_PKEY_CTX dctx, pctx = ctx->pctx;`
		`- + EVP_PKEY_CTX *dctx;`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`- + EVP_PKEY_CTX *pctx = ctx->pctx;`
		`-`
		`- +#ifndef FIPS_MODULE`
		`- if (pctx == NULL`
		`- \|\| pctx->operation != EVP_PKEY_OP_VERIFYCTX`
		`- \|\| pctx->op.sig.algctx == NULL`
		`- \|\| pctx->op.sig.signature == NULL)`
		`- goto legacy;`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`-`
		`- if ((ctx->flags & EVP_MD_CTX_FLAG_FINALISE) != 0)`
		`- return pctx->op.sig.signature->digest_verify_final(pctx->op.sig.algctx,`
		`- sig, siglen);`
		`- +#ifndef FIPS_MODULE`
		`- dctx = EVP_PKEY_CTX_dup(pctx);`
		`- if (dctx == NULL)`
		`- return 0;`
		`- @@ -691,8 +718,10 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX ctx, const unsigned char sig,`
		`- r = dctx->op.sig.signature->digest_verify_final(dctx->op.sig.algctx,`
		`- sig, siglen);`
		`- EVP_PKEY_CTX_free(dctx);`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`- return r;`
		`-`
		`- +#ifndef FIPS_MODULE`
		`- legacy:`
		`- if (pctx == NULL \|\| pctx->pmeth == NULL) {`
		`- ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);`
		`- @@ -732,6 +761,7 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX ctx, const unsigned char sig,`
		`- if (vctx \|\| !r)`
		`- return r;`
		`- return EVP_PKEY_verify(pctx, sig, siglen, md, mdlen);`
		`- +#endif /* !defined(FIPS_MODULE) */`
		`- }`
		`-`
		`- int EVP_DigestVerify(EVP_MD_CTX ctx, const unsigned char sigret,`
		`- @@ -757,4 +787,3 @@ int EVP_DigestVerify(EVP_MD_CTX ctx, const unsigned char sigret,`
		`- return -1;`
		`- return EVP_DigestVerifyFinal(ctx, sigret, siglen);`
		`- }`
		`- -#endif /* FIPS_MODULE */`
		`- diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c`
		`- index b6d5e8e134..77eec075e6 100644`
		`- --- a/providers/fips/self_test_kats.c`
		`- +++ b/providers/fips/self_test_kats.c`
		`- @@ -444,11 +444,14 @@ static int self_test_sign(const ST_KAT_SIGN *t,`
		`- int ret = 0;`
		`- OSSL_PARAM params = NULL, params_sig = NULL;`
		`- OSSL_PARAM_BLD *bld = NULL;`
		`- + EVP_MD *md = NULL;`
		`- + EVP_MD_CTX *ctx = NULL;`
		`- EVP_PKEY_CTX sctx = NULL, kctx = NULL;`
		`- EVP_PKEY *pkey = NULL;`
		`- - unsigned char sig[256];`
		`- BN_CTX *bnctx = NULL;`
		`- BIGNUM *K = NULL;`
		`- + const char *msg = "Hello World!";`
		`- + unsigned char sig[256];`
		`- size_t siglen = sizeof(sig);`
		`- static const unsigned char dgst[] = {`
		`- 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,`
		`- @@ -488,23 +491,26 @@ static int self_test_sign(const ST_KAT_SIGN *t,`
		`- \|\| EVP_PKEY_fromdata(kctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0)`
		`- goto err;`
		`-`
		`- - /* Create a EVP_PKEY_CTX to use for the signing operation */`
		`- - sctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, NULL);`
		`- - if (sctx == NULL`
		`- - \|\| EVP_PKEY_sign_init(sctx) <= 0)`
		`- - goto err;`
		`- -`
		`- - /* set signature parameters */`
		`- - if (!OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_SIGNATURE_PARAM_DIGEST,`
		`- - t->mdalgorithm,`
		`- - strlen(t->mdalgorithm) + 1))`
		`- - goto err;`
		`- + /* Create a EVP_MD_CTX to use for the signature operation, assign signature`
		`- + * parameters and sign */`
		`- params_sig = OSSL_PARAM_BLD_to_param(bld);`
		`- - if (EVP_PKEY_CTX_set_params(sctx, params_sig) <= 0)`
		`- + md = EVP_MD_fetch(libctx, "SHA256", NULL);`
		`- + ctx = EVP_MD_CTX_new();`
		`- + if (md == NULL \|\| ctx == NULL)`
		`- + goto err;`
		`- + EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_FINALISE \| EVP_MD_CTX_FLAG_ONESHOT);`
		`- + if (EVP_DigestSignInit(ctx, &sctx, md, NULL, pkey) <= 0`
		`- + \|\| EVP_PKEY_CTX_set_params(sctx, params_sig) <= 0`
		`- + \|\| EVP_DigestSign(ctx, sig, &siglen, (const unsigned char *)msg, strlen(msg)) <= 0`
		`- + \|\| EVP_MD_CTX_reset(ctx) <= 0)`
		`- goto err;`
		`-`
		`- - if (EVP_PKEY_sign(sctx, sig, &siglen, dgst, sizeof(dgst)) <= 0`
		`- - \|\| EVP_PKEY_verify_init(sctx) <= 0`
		`- + /* sctx is not freed automatically inside the FIPS module */`
		`- + EVP_PKEY_CTX_free(sctx);`
		`- + sctx = NULL;`
		`- +`
		`- + EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_FINALISE \| EVP_MD_CTX_FLAG_ONESHOT);`
		`- + if (EVP_DigestVerifyInit(ctx, &sctx, md, NULL, pkey) <= 0`
		`- \|\| EVP_PKEY_CTX_set_params(sctx, params_sig) <= 0)`
		`- goto err;`
		`-`
		`- @@ -509,14 +510,17 @@ static int self_test_sign(const ST_KAT_SIGN *t,`
		`- goto err;`
		`-`
		`- OSSL_SELF_TEST_oncorrupt_byte(st, sig);`
		`- - if (EVP_PKEY_verify(sctx, sig, siglen, dgst, sizeof(dgst)) <= 0)`
		`- + if (EVP_DigestVerify(ctx, sig, siglen, (const unsigned char *)msg, strlen(msg)) <= 0)`
		`- goto err;`
		`- ret = 1;`
		`- err:`
		`- BN_CTX_free(bnctx);`
		`- EVP_PKEY_free(pkey);`
		`- - EVP_PKEY_CTX_free(kctx);`
		`- + EVP_MD_free(md);`
		`- + EVP_MD_CTX_free(ctx);`
		`- + /* sctx is not freed automatically inside the FIPS module */`
		`- EVP_PKEY_CTX_free(sctx);`
		`- + EVP_PKEY_CTX_free(kctx);`
		`- OSSL_PARAM_free(params);`
		`- OSSL_PARAM_free(params_sig);`
		`- OSSL_PARAM_BLD_free(bld);`
		`- --`
		`- 2.37.1`
		`-`

0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch

file modified

+2 -3

		`@@ -90,7 +90,7 @@`
		`&& !EVP_PKEY_is_a(locpctx->pkey, SN_hmac)`
		`&& !EVP_PKEY_is_a(locpctx->pkey, SN_tls1_prf)`
		`@@ -334,6 +344,7 @@ static int do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,`
		`- }`
		`+ goto err;`
		`}`
		`}`
		`+#endif /* !defined(FIPS_MODULE) */`
		`@@ -231,7 +231,7 @@`
		`index b6d5e8e134..77eec075e6 100644`
		`--- a/providers/fips/self_test_kats.c`
		`+++ b/providers/fips/self_test_kats.c`
		`- @@ -444,11 +444,14 @@ static int self_test_sign(const ST_KAT_SIGN *t,`
		`+ @@ -444,10 +444,13 @@ static int self_test_sign(const ST_KAT_SIGN *t,`
		`int ret = 0;`
		`OSSL_PARAM params = NULL, params_sig = NULL;`
		`OSSL_PARAM_BLD *bld = NULL;`
		`@@ -241,7 +241,6 @@`
		`EVP_PKEY *pkey = NULL;`
		`- unsigned char sig[256];`
		`BN_CTX *bnctx = NULL;`
		`- BIGNUM *K = NULL;`
		`+ const char *msg = "Hello World!";`
		`+ unsigned char sig[256];`
		`size_t siglen = sizeof(sig);`

0076-FIPS-140-3-DRBG.patch

file modified

+78 -53

		`@@ -1,6 +1,76 @@`
		`- diff -up openssl-3.0.1/providers/implementations/rands/seeding/rand_unix.c.fipsrand openssl-3.0.1/providers/implementations/rands/seeding/rand_unix.c`
		`- --- openssl-3.0.1/providers/implementations/rands/seeding/rand_unix.c.fipsrand 2022-08-03 11:09:01.301637515 +0200`
		`- +++ openssl-3.0.1/providers/implementations/rands/seeding/rand_unix.c 2022-08-03 11:13:00.058688605 +0200`
		`+ From 4b59d71e276243615d8fcc65bab32d83e6a602ad Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:29 +0200`
		`+ Subject: [PATCH 32/35] 0076-FIPS-140-3-DRBG.patch`
		`+`
		`+ Patch-name: 0076-FIPS-140-3-DRBG.patch`
		`+ Patch-id: 76`
		`+ Patch-status: \|`
		`+ # Downstream only. Reseed DRBG using getrandom(GRND_RANDOM)`
		`+ # https://bugzilla.redhat.com/show_bug.cgi?id=2102541`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ crypto/rand/prov_seed.c \| 9 ++-`
		`+ providers/implementations/rands/crngt.c \| 6 +-`
		`+ providers/implementations/rands/drbg.c \| 3 +`
		`+ .../implementations/rands/seeding/rand_unix.c \| 64 ++-----------------`
		`+ 4 files changed, 20 insertions(+), 62 deletions(-)`
		`+`
		`+ diff --git a/crypto/rand/prov_seed.c b/crypto/rand/prov_seed.c`
		`+ index 96c499c957..61c4cd8779 100644`
		`+ --- a/crypto/rand/prov_seed.c`
		`+ +++ b/crypto/rand/prov_seed.c`
		`+ @@ -20,7 +20,14 @@ size_t ossl_rand_get_entropy(ossl_unused const OSSL_CORE_HANDLE *handle,`
		`+ size_t entropy_available;`
		`+ RAND_POOL *pool;`
		`+`
		`+ - pool = ossl_rand_pool_new(entropy, 1, min_len, max_len);`
		`+ + /*`
		`+ + * OpenSSL still implements an internal entropy pool of`
		`+ + * some size that is hashed to get seed data.`
		`+ + * Note that this is a conditioning step for which SP800-90C requires`
		`+ + * 64 additional bits from the entropy source to claim the requested`
		`+ + * amount of entropy.`
		`+ + */`
		`+ + pool = ossl_rand_pool_new(entropy + 64, 1, min_len, max_len);`
		`+ if (pool == NULL) {`
		`+ ERR_raise(ERR_LIB_RAND, ERR_R_MALLOC_FAILURE);`
		`+ return 0;`
		`+ diff --git a/providers/implementations/rands/crngt.c b/providers/implementations/rands/crngt.c`
		`+ index fa4a2db14a..1f13fc759e 100644`
		`+ --- a/providers/implementations/rands/crngt.c`
		`+ +++ b/providers/implementations/rands/crngt.c`
		`+ @@ -133,7 +133,11 @@ size_t ossl_crngt_get_entropy(PROV_DRBG *drbg,`
		`+ * to the nearest byte. If the entropy is of less than full quality,`
		`+ * the amount required should be scaled up appropriately here.`
		`+ */`
		`+ - bytes_needed = (entropy + 7) / 8;`
		`+ + /*`
		`+ + * FIPS 140-3: the yet draft SP800-90C requires requested entropy`
		`+ + * + 128 bits during initial seeding`
		`+ + */`
		`+ + bytes_needed = (entropy + 128 + 7) / 8;`
		`+ if (bytes_needed < min_len)`
		`+ bytes_needed = min_len;`
		`+ if (bytes_needed > max_len)`
		`+ diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c`
		`+ index ea55363bf8..423bb91157 100644`
		`+ --- a/providers/implementations/rands/drbg.c`
		`+ +++ b/providers/implementations/rands/drbg.c`
		`+ @@ -570,6 +570,9 @@ int ossl_prov_drbg_reseed(PROV_DRBG *drbg, int prediction_resistance,`
		`+ #endif`
		`+ }`
		`+`
		`+ +#ifdef FIPS_MODULE`
		`+ + prediction_resistance = 1;`
		`+ +#endif`
		`+ /* Reseed using our sources in addition */`
		`+ entropylen = get_entropy(drbg, &entropy, drbg->strength,`
		`+ drbg->min_entropylen, drbg->max_entropylen,`
		`+ diff --git a/providers/implementations/rands/seeding/rand_unix.c b/providers/implementations/rands/seeding/rand_unix.c`
		`+ index cd02a0236d..98c917b6d8 100644`
		`+ --- a/providers/implementations/rands/seeding/rand_unix.c`
		`+ +++ b/providers/implementations/rands/seeding/rand_unix.c`
		`@@ -48,6 +48,8 @@`
		`# include <fcntl.h>`
		`# include <unistd.h>`
		`@@ -9,8 +79,8 @@`
		`+# include <openssl/evp.h>`

		`static uint64_t get_time_stamp(void);`
		`- static uint64_t get_timer_bits(void);`
		`- @@ -342,66 +342,8 @@ static ssize_t syscall_random(void *buf,`
		`+`
		`+ @@ -341,66 +343,8 @@ static ssize_t syscall_random(void *buf, size_t buflen)`
		`* which is way below the OSSL_SSIZE_MAX limit. Therefore sign conversion`
		`* between size_t and ssize_t is safe even without a range check.`
		`*/`
		`@@ -79,51 +149,6 @@`
		`}`
		`# endif /* defined(OPENSSL_RAND_SEED_GETRANDOM) */`

		`- diff -up openssl-3.0.1/providers/implementations/rands/drbg.c.fipsrand openssl-3.0.1/providers/implementations/rands/drbg.c`
		`- --- openssl-3.0.1/providers/implementations/rands/drbg.c.fipsrand 2022-08-03 12:14:39.409370134 +0200`
		`- +++ openssl-3.0.1/providers/implementations/rands/drbg.c 2022-08-03 12:19:06.320700346 +0200`
		`- @@ -575,6 +575,9 @@ int ossl_prov_drbg_reseed(PROV_DRBG *drb`
		`- #endif`
		`- }`
		`-`
		`- +#ifdef FIPS_MODULE`
		`- + prediction_resistance = 1;`
		`- +#endif`
		`- /* Reseed using our sources in addition */`
		`- entropylen = get_entropy(drbg, &entropy, drbg->strength,`
		`- drbg->min_entropylen, drbg->max_entropylen,`
		`- diff -up openssl-3.0.1/crypto/rand/prov_seed.c.fipsrand openssl-3.0.1/crypto/rand/prov_seed.c`
		`- --- openssl-3.0.1/crypto/rand/prov_seed.c.fipsrand 2022-08-04 12:17:52.148556301 +0200`
		`- +++ openssl-3.0.1/crypto/rand/prov_seed.c 2022-08-04 12:19:41.783533552 +0200`
		`- @@ -20,7 +20,14 @@ size_t ossl_rand_get_entropy(ossl_unused`
		`- size_t entropy_available;`
		`- RAND_POOL *pool;`
		`-`
		`- - pool = ossl_rand_pool_new(entropy, 1, min_len, max_len);`
		`- + /*`
		`- + * OpenSSL still implements an internal entropy pool of`
		`- + * some size that is hashed to get seed data.`
		`- + * Note that this is a conditioning step for which SP800-90C requires`
		`- + * 64 additional bits from the entropy source to claim the requested`
		`- + * amount of entropy.`
		`- + */`
		`- + pool = ossl_rand_pool_new(entropy + 64, 1, min_len, max_len);`
		`- if (pool == NULL) {`
		`- ERR_raise(ERR_LIB_RAND, ERR_R_MALLOC_FAILURE);`
		`- return 0;`
		`- diff -up openssl-3.0.1/providers/implementations/rands/crngt.c.fipsrand openssl-3.0.1/providers/implementations/rands/crngt.c`
		`- --- openssl-3.0.1/providers/implementations/rands/crngt.c.fipsrand 2022-08-04 11:56:10.100950299 +0200`
		`- +++ openssl-3.0.1/providers/implementations/rands/crngt.c 2022-08-04 11:59:11.241564925 +0200`
		`- @@ -139,7 +139,11 @@ size_t ossl_crngt_get_entropy(PROV_DRBG`
		`- * to the nearest byte. If the entropy is of less than full quality,`
		`- * the amount required should be scaled up appropriately here.`
		`- */`
		`- - bytes_needed = (entropy + 7) / 8;`
		`- + /*`
		`- + * FIPS 140-3: the yet draft SP800-90C requires requested entropy`
		`- + * + 128 bits during initial seeding`
		`- + */`
		`- + bytes_needed = (entropy + 128 + 7) / 8;`
		`- if (bytes_needed < min_len)`
		`- bytes_needed = min_len;`
		`- if (bytes_needed > max_len)`
		`+ --`
		`+ 2.41.0`
		`+`

0077-FIPS-140-3-zeroization.patch

file modified

+61 -35

		`@@ -1,7 +1,47 @@`
		`- diff -up openssl-3.0.1/crypto/ffc/ffc_params.c.fipszero openssl-3.0.1/crypto/ffc/ffc_params.c`
		`- --- openssl-3.0.1/crypto/ffc/ffc_params.c.fipszero 2022-08-05 13:11:27.211413931 +0200`
		`- +++ openssl-3.0.1/crypto/ffc/ffc_params.c 2022-08-05 13:11:34.151475891 +0200`
		`- @@ -27,10 +27,10 @@ void ossl_ffc_params_init(FFC_PARAMS *pa`
		`+ From 9c667a7ba589329f3a777b012bf69a0db7f7eda9 Mon Sep 17 00:00:00 2001`
		`+ From: rpm-build <rpm-build>`
		`+ Date: Mon, 31 Jul 2023 09:41:29 +0200`
		`+ Subject: [PATCH 33/35] 0077-FIPS-140-3-zeroization.patch`
		`+`
		`+ Patch-name: 0077-FIPS-140-3-zeroization.patch`
		`+ Patch-id: 77`
		`+ Patch-status: \|`
		`+ # https://bugzilla.redhat.com/show_bug.cgi?id=2102542`
		`+ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd`
		`+ ---`
		`+ crypto/ec/ec_lib.c \| 4 ++++`
		`+ crypto/ffc/ffc_params.c \| 8 ++++----`
		`+ crypto/rsa/rsa_lib.c \| 4 ++--`
		`+ providers/implementations/kdfs/hkdf.c \| 2 +-`
		`+ providers/implementations/kdfs/pbkdf2.c \| 2 +-`
		`+ 5 files changed, 12 insertions(+), 8 deletions(-)`
		`+`
		`+ diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c`
		`+ index 6c37bf78ae..cfbc3c3c1d 100644`
		`+ --- a/crypto/ec/ec_lib.c`
		`+ +++ b/crypto/ec/ec_lib.c`
		`+ @@ -744,12 +744,16 @@ EC_POINT EC_POINT_new(const EC_GROUP group)`
		`+`
		`+ void EC_POINT_free(EC_POINT *point)`
		`+ {`
		`+ +#ifdef FIPS_MODULE`
		`+ + EC_POINT_clear_free(point);`
		`+ +#else`
		`+ if (point == NULL)`
		`+ return;`
		`+`
		`+ if (point->meth->point_finish != 0)`
		`+ point->meth->point_finish(point);`
		`+ OPENSSL_free(point);`
		`+ +#endif`
		`+ }`
		`+`
		`+ void EC_POINT_clear_free(EC_POINT *point)`
		`+ diff --git a/crypto/ffc/ffc_params.c b/crypto/ffc/ffc_params.c`
		`+ index 3536efd1ad..f3c164b8fc 100644`
		`+ --- a/crypto/ffc/ffc_params.c`
		`+ +++ b/crypto/ffc/ffc_params.c`
		`+ @@ -27,10 +27,10 @@ void ossl_ffc_params_init(FFC_PARAMS *params)`

		`void ossl_ffc_params_cleanup(FFC_PARAMS *params)`
		`{`
		`@@ -16,9 +56,10 @@`
		`OPENSSL_free(params->seed);`
		`ossl_ffc_params_init(params);`
		`}`
		`- diff -up openssl-3.0.1/crypto/rsa/rsa_lib.c.fipszero openssl-3.0.1/crypto/rsa/rsa_lib.c`
		`- --- openssl-3.0.1/crypto/rsa/rsa_lib.c.fipszero 2022-08-05 13:08:31.875848536 +0200`
		`- +++ openssl-3.0.1/crypto/rsa/rsa_lib.c 2022-08-05 13:09:35.438416025 +0200`
		`+ diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c`
		`+ index 9588a75964..76b4aac6fc 100644`
		`+ --- a/crypto/rsa/rsa_lib.c`
		`+ +++ b/crypto/rsa/rsa_lib.c`
		`@@ -155,8 +155,8 @@ void RSA_free(RSA *r)`

		`CRYPTO_THREAD_lock_free(r->lock);`
		`@@ -30,10 +71,11 @@`
		`BN_clear_free(r->d);`
		`BN_clear_free(r->p);`
		`BN_clear_free(r->q);`
		`- diff -up openssl-3.0.1/providers/implementations/kdfs/hkdf.c.fipszero openssl-3.0.1/providers/implementations/kdfs/hkdf.c`
		`- --- openssl-3.0.1/providers/implementations/kdfs/hkdf.c.fipszero 2022-08-05 13:14:58.827303241 +0200`
		`- +++ openssl-3.0.1/providers/implementations/kdfs/hkdf.c 2022-08-05 13:16:24.530068399 +0200`
		`- @@ -116,7 +116,7 @@ static void kdf_hkdf_reset(void *vctx)`
		`+ diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c`
		`+ index daa619b8af..5304baa6c9 100644`
		`+ --- a/providers/implementations/kdfs/hkdf.c`
		`+ +++ b/providers/implementations/kdfs/hkdf.c`
		`+ @@ -118,7 +118,7 @@ static void kdf_hkdf_reset(void *vctx)`
		`void *provctx = ctx->provctx;`

		`ossl_prov_digest_reset(&ctx->digest);`
		`@@ -42,10 +84,11 @@`
		`OPENSSL_free(ctx->prefix);`
		`OPENSSL_free(ctx->label);`
		`OPENSSL_clear_free(ctx->data, ctx->data_len);`
		`- diff -up openssl-3.0.1/providers/implementations/kdfs/pbkdf2.c.fipszero openssl-3.0.1/providers/implementations/kdfs/pbkdf2.c`
		`- --- openssl-3.0.1/providers/implementations/kdfs/pbkdf2.c.fipszero 2022-08-05 13:12:40.552068717 +0200`
		`- +++ openssl-3.0.1/providers/implementations/kdfs/pbkdf2.c 2022-08-05 13:13:34.324548799 +0200`
		`- @@ -83,7 +83,7 @@ static void kdf_pbkdf2_new(void provct`
		`+ diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c`
		`+ index 5c3e7b95ce..349c3dd657 100644`
		`+ --- a/providers/implementations/kdfs/pbkdf2.c`
		`+ +++ b/providers/implementations/kdfs/pbkdf2.c`
		`+ @@ -92,7 +92,7 @@ static void kdf_pbkdf2_new(void provctx)`
		`static void kdf_pbkdf2_cleanup(KDF_PBKDF2 *ctx)`
		`{`
		`ossl_prov_digest_reset(&ctx->digest);`
		`@@ -54,23 +97,6 @@`
		`OPENSSL_clear_free(ctx->pass, ctx->pass_len);`
		`memset(ctx, 0, sizeof(*ctx));`
		`}`
		`- diff -up openssl-3.0.1/crypto/ec/ec_lib.c.fipszero openssl-3.0.1/crypto/ec/ec_lib.c`
		`- --- openssl-3.0.1/crypto/ec/ec_lib.c.fipszero 2022-08-05 13:48:32.221345774 +0200`
		`- +++ openssl-3.0.1/crypto/ec/ec_lib.c 2022-08-05 13:49:16.138741452 +0200`
		`- @@ -744,12 +744,16 @@ EC_POINT EC_POINT_new(const EC_GROUP g`
		`-`
		`- void EC_POINT_free(EC_POINT *point)`
		`- {`
		`- +#ifdef FIPS_MODULE`
		`- + EC_POINT_clear_free(point);`
		`- +#else`
		`- if (point == NULL)`
		`- return;`
		`-`
		`- if (point->meth->point_finish != 0)`
		`- point->meth->point_finish(point);`
		`- OPENSSL_free(point);`
		`- +#endif`
		`- }`
		`-`
		`- void EC_POINT_clear_free(EC_POINT *point)`
		`+ --`
		`+ 2.41.0`
		`+`

0079-Fix-AES-GCM-on-Power-8-CPUs.patch

file removed

-146

		`@@ -1,146 +0,0 @@`
		`- From 5dee3e41a5b3f8934277de17a2ae192f43601948 Mon Sep 17 00:00:00 2001`
		`- From: Tomas Mraz <tomas@openssl.org>`
		`- Date: Fri, 9 Sep 2022 14:46:24 +0200`
		`- Subject: [PATCH] Fix AES-GCM on Power 8 CPUs`
		`-`
		`- Properly fallback to the default implementation on CPUs`
		`- missing necessary instructions.`
		`-`
		`- Fixes #19163`
		`-`
		`- (cherry picked from commit 24344d387178d45b37a1fbc51519c390e9a4effe)`
		`- ---`
		`- include/crypto/aes_platform.h \| 12 +---`
		`- .../ciphers/cipher_aes_gcm_hw_ppc.inc \| 72 ++++++++++++++-----`
		`- 2 files changed, 56 insertions(+), 28 deletions(-)`
		`-`
		`- diff --git a/include/crypto/aes_platform.h b/include/crypto/aes_platform.h`
		`- index 0c281a366a..6830bad0e9 100644`
		`- --- a/include/crypto/aes_platform.h`
		`- +++ b/include/crypto/aes_platform.h`
		`- @@ -83,16 +83,8 @@ size_t ppc_aes_gcm_encrypt(const unsigned char in, unsigned char out,`
		`- size_t ppc_aes_gcm_decrypt(const unsigned char in, unsigned char out,`
		`- size_t len, const void *key, unsigned char ivec[16],`
		`- u64 *Xi);`
		`- -size_t ppc_aes_gcm_encrypt_wrap(const unsigned char in, unsigned char out,`
		`- - size_t len, const void *key,`
		`- - unsigned char ivec[16], u64 *Xi);`
		`- -size_t ppc_aes_gcm_decrypt_wrap(const unsigned char in, unsigned char out,`
		`- - size_t len, const void *key,`
		`- - unsigned char ivec[16], u64 *Xi);`
		`- -# define AES_gcm_encrypt ppc_aes_gcm_encrypt_wrap`
		`- -# define AES_gcm_decrypt ppc_aes_gcm_decrypt_wrap`
		`- -# define AES_GCM_ASM(gctx) ((gctx)->ctr==aes_p8_ctr32_encrypt_blocks && \`
		`- - (gctx)->gcm.ghash==gcm_ghash_p8)`
		`- +# define AES_GCM_ASM_PPC(gctx) ((gctx)->ctr==aes_p8_ctr32_encrypt_blocks && \`
		`- + (gctx)->gcm.ghash==gcm_ghash_p8)`
		`- void gcm_ghash_p8(u64 Xi[2],const u128 Htable[16],const u8 *inp, size_t len);`
		`- # endif /* PPC */`
		`-`
		`- diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc b/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc`
		`- index 4eed0f4ab0..03e3eddc41 100644`
		`- --- a/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc`
		`- +++ b/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc`
		`- @@ -23,12 +23,6 @@ static int aes_ppc_gcm_initkey(PROV_GCM_CTX ctx, const unsigned char key,`
		`- return 1;`
		`- }`
		`-`
		`- -`
		`- -extern size_t ppc_aes_gcm_encrypt(const unsigned char in, unsigned char out, size_t len,`
		`- - const void key, unsigned char ivec[16], u64 Xi);`
		`- -extern size_t ppc_aes_gcm_decrypt(const unsigned char in, unsigned char out, size_t len,`
		`- - const void key, unsigned char ivec[16], u64 Xi);`
		`- -`
		`- static inline u32 UTO32(unsigned char *buf)`
		`- {`
		`- return ((u32) buf[0] << 24) \| ((u32) buf[1] << 16) \| ((u32) buf[2] << 8) \| ((u32) buf[3]);`
		`- @@ -47,7 +41,7 @@ static inline u32 add32TOU(unsigned char buf[4], u32 n)`
		`- return r;`
		`- }`
		`-`
		`- -static size_t aes_p10_gcm_crypt(const unsigned char in, unsigned char out, size_t len,`
		`- +static size_t ppc_aes_gcm_crypt(const unsigned char in, unsigned char out, size_t len,`
		`- const void key, unsigned char ivec[16], u64 Xi, int encrypt)`
		`- {`
		`- int s = 0;`
		`- @@ -90,24 +84,66 @@ static size_t aes_p10_gcm_crypt(const unsigned char in, unsigned char out, siz`
		`- return ndone;`
		`- }`
		`-`
		`- -size_t ppc_aes_gcm_encrypt_wrap(const unsigned char in, unsigned char out, size_t len,`
		`- - const void key, unsigned char ivec[16], u64 Xi)`
		`- -{`
		`- - return aes_p10_gcm_crypt(in, out, len, key, ivec, Xi, 1);`
		`- -}`
		`- -`
		`- -size_t ppc_aes_gcm_decrypt_wrap(const unsigned char in, unsigned char out, size_t len,`
		`- - const void key, unsigned char ivec[16], u64 Xi)`
		`- +static int ppc_aes_gcm_cipher_update(PROV_GCM_CTX ctx, const unsigned char in,`
		`- + size_t len, unsigned char *out)`
		`- {`
		`- - return aes_p10_gcm_crypt(in, out, len, key, ivec, Xi, 0);`
		`- + if (ctx->enc) {`
		`- + if (ctx->ctr != NULL) {`
		`- + size_t bulk = 0;`
		`- +`
		`- + if (len >= AES_GCM_ENC_BYTES && AES_GCM_ASM_PPC(ctx)) {`
		`- + size_t res = (16 - ctx->gcm.mres) % 16;`
		`- +`
		`- + if (CRYPTO_gcm128_encrypt(&ctx->gcm, in, out, res))`
		`- + return 0;`
		`- +`
		`- + bulk = ppc_aes_gcm_crypt(in + res, out + res, len - res,`
		`- + ctx->gcm.key,`
		`- + ctx->gcm.Yi.c, ctx->gcm.Xi.u, 1);`
		`- +`
		`- + ctx->gcm.len.u[1] += bulk;`
		`- + bulk += res;`
		`- + }`
		`- + if (CRYPTO_gcm128_encrypt_ctr32(&ctx->gcm, in + bulk, out + bulk,`
		`- + len - bulk, ctx->ctr))`
		`- + return 0;`
		`- + } else {`
		`- + if (CRYPTO_gcm128_encrypt(&ctx->gcm, in, out, len))`
		`- + return 0;`
		`- + }`
		`- + } else {`
		`- + if (ctx->ctr != NULL) {`
		`- + size_t bulk = 0;`
		`- +`
		`- + if (len >= AES_GCM_DEC_BYTES && AES_GCM_ASM_PPC(ctx)) {`
		`- + size_t res = (16 - ctx->gcm.mres) % 16;`
		`- +`
		`- + if (CRYPTO_gcm128_decrypt(&ctx->gcm, in, out, res))`
		`- + return -1;`
		`- +`
		`- + bulk = ppc_aes_gcm_crypt(in + res, out + res, len - res,`
		`- + ctx->gcm.key,`
		`- + ctx->gcm.Yi.c, ctx->gcm.Xi.u, 0);`
		`- +`
		`- + ctx->gcm.len.u[1] += bulk;`
		`- + bulk += res;`
		`- + }`
		`- + if (CRYPTO_gcm128_decrypt_ctr32(&ctx->gcm, in + bulk, out + bulk,`
		`- + len - bulk, ctx->ctr))`
		`- + return 0;`
		`- + } else {`
		`- + if (CRYPTO_gcm128_decrypt(&ctx->gcm, in, out, len))`
		`- + return 0;`
		`- + }`
		`- + }`
		`- + return 1;`
		`- }`
		`-`
		`- -`
		`- static const PROV_GCM_HW aes_ppc_gcm = {`
		`- aes_ppc_gcm_initkey,`
		`- ossl_gcm_setiv,`
		`- ossl_gcm_aad_update,`
		`- - generic_aes_gcm_cipher_update,`
		`- + ppc_aes_gcm_cipher_update,`
		`- ossl_gcm_cipher_final,`
		`- ossl_gcm_one_shot`
		`- };`
		`- --`
		`- 2.37.3`
		`-`

0100-RSA-PKCS15-implicit-rejection.patch

file modified

+5 -5

		`@@ -183,11 +183,11 @@`
		`+ }`
		`+ }`
		`+`
		`- if (blinding) {`
		`- /*`
		`- * ossl_bn_rsa_do_unblind() combines blinding inversion and`
		`+ if (blinding)`
		`+ if (!rsa_blinding_invert(blinding, ret, unblind, ctx))`
		`+ goto err;`
		`@@ -471,9 +545,12 @@ static int rsa_ossl_private_decrypt(int flen, const unsigned char *from,`
		`- }`
		`+ goto err;`

		`switch (padding) {`
		`- case RSA_PKCS1_PADDING:`
		`@@ -739,9 +739,9 @@`
		`#define OSSL_PKEY_PARAM_PUB_KEY "pub"`
		`#define OSSL_PKEY_PARAM_PRIV_KEY "priv"`
		`+#define OSSL_PKEY_PARAM_IMPLICIT_REJECTION "implicit-rejection"`
		`- #define OSSL_PKEY_PARAM_REDHAT_SIGN_KAT_K "rh_sign_kat_k"`

		`/* Diffie-Hellman/DSA Parameters */`
		`+ #define OSSL_PKEY_PARAM_FFC_P "p"`
		`@@ -482,6 +483,7 @@ extern "C" {`
		`#define OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL "oaep-label"`
		`#define OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION "tls-client-version"`

openssl.spec

file modified

+90 -115

		`@@ -28,8 +28,8 @@`

		`Summary: Utilities from the general purpose cryptography library with TLS implementation`
		`Name: openssl`
		`- Version: 3.0.8`
		`- Release: 4%{?dist}`
		`+ Version: 3.1.1`
		`+ Release: 1%{?dist}`
		`Epoch: 1`
		`Source: openssl-%{version}.tar.gz`
		`Source2: Makefile.certificate`
		`@@ -40,117 +40,84 @@`
		`Source9: configuration-switch.h`
		`Source10: configuration-prefix.h`
		`Source14: 0025-for-tests.patch`
		`-`
		`- # Patches exported from source git`
		`- # Aarch64 and ppc64le use lib64`
		`- Patch1: 0001-Aarch64-and-ppc64le-use-lib64.patch`
		`- # Use more general default values in openssl.cnf`
		`- Patch2: 0002-Use-more-general-default-values-in-openssl.cnf.patch`
		`- # Do not install html docs`
		`- Patch3: 0003-Do-not-install-html-docs.patch`
		`- # Override default paths for the CA directory tree`
		`- Patch4: 0004-Override-default-paths-for-the-CA-directory-tree.patch`
		`- # apps/ca: fix md option help text`
		`- Patch5: 0005-apps-ca-fix-md-option-help-text.patch`
		`- # Disable signature verification with totally unsafe hash algorithms`
		`- Patch6: 0006-Disable-signature-verification-with-totally-unsafe-h.patch`
		`- # Add support for PROFILE=SYSTEM system default cipherlist`
		`- Patch7: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch`
		`- # Add FIPS_mode() compatibility macro`
		`- Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch`
		`- # Add check to see if fips flag is enabled in kernel`
		`- Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch`
		`- # Instead of replacing ectest.c and ec_curve.c, add the changes as a patch so`
		`- # that new modifications made to these files by upstream are not lost.`
		`- Patch10: 0010-Add-changes-to-ectest-and-eccurve.patch`
		`- # remove unsupported EC curves`
		`- Patch11: 0011-Remove-EC-curves.patch`
		`- # Disable explicit EC curves`
		`- # https://bugzilla.redhat.com/show_bug.cgi?id=2066412`
		`- Patch12: 0012-Disable-explicit-ec.patch`
		`- #Skipped tests from former 0011-Remove-EC-curves.patch`
		`- Patch13: 0013-skipped-tests-EC-curves.patch`
		`- # Instructions to load legacy provider in openssl.cnf`
		`- Patch24: 0024-load-legacy-prov.patch`
		`- # Tmp: test name change`
		`- Patch31: 0031-tmp-Fix-test-names.patch`
		`- # We load FIPS provider and set FIPS properties implicitly`
		`- Patch32: 0032-Force-fips.patch`
		`- # Embed HMAC into the fips.so`
		`- Patch33: 0033-FIPS-embed-hmac.patch`
		`- # Comment out fipsinstall command-line utility`
		`- Patch34: 0034.fipsinstall_disable.patch`
		- # Skip unavailable algorithms running `openssl speed`
		`- Patch35: 0035-speed-skip-unavailable-dgst.patch`
		`- # Extra public/private key checks required by FIPS-140-3`
		`- Patch44: 0044-FIPS-140-3-keychecks.patch`
		`- # Minimize fips services`
		`- Patch45: 0045-FIPS-services-minimize.patch`
		`- # Execute KATS before HMAC verification`
		`- Patch47: 0047-FIPS-early-KATS.patch`
		`- %if 0%{?rhel}`
		`- # Selectively disallow SHA1 signatures`
		`- Patch49: 0049-Selectively-disallow-SHA1-signatures.patch`
		`- %else`
		`- # Selectively disallow SHA1 signatures rhbz#2070977`
		`- Patch49: 0049-Allow-disabling-of-SHA1-signatures.patch`
		`- %endif`
		`- # Backport of patch for RHEL for Edge rhbz #2027261`
		`- Patch51: 0051-Support-different-R_BITS-lengths-for-KBKDF.patch`
		`- %if 0%{?rhel}`
		`- # Allow SHA1 in seclevel 2 if rh-allow-sha1-signatures = yes`
		`- Patch52: 0052-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch`
		`- %else`
		`- # Support SHA1 in TLS in LEGACY crypto-policy (which is SECLEVEL=1)`
		`- Patch52: 0052-Allow-SHA1-in-seclevel-1-if-rh-allow-sha1-signatures.patch`
		`- %endif`
		`- %if 0%{?rhel}`
		`- # no USDT probe instrumentation required`
		`- %else`
		`- # Instrument with USDT probes related to SHA-1 deprecation`
		`- Patch53: 0053-Add-SHA1-probes.patch`
		`- %endif`
		`- # https://github.com/openssl/openssl/pull/18103`
		`- # The patch is incorporated in 3.0.3 but we provide this function since 3.0.1`
		`- # so the patch should persist`
		`- Patch56: 0056-strcasecmp.patch`
		`- # https://github.com/openssl/openssl/pull/18175`
		`- # Patch57: 0057-strcasecmp-fix.patch`
		`- # https://bugzilla.redhat.com/show_bug.cgi?id=2053289`
		`- Patch58: 0058-FIPS-limit-rsa-encrypt.patch`
		`- # https://bugzilla.redhat.com/show_bug.cgi?id=2069235`
		`- Patch60: 0060-FIPS-KAT-signature-tests.patch`
		`- # https://bugzilla.redhat.com/show_bug.cgi?id=2087147`
		`- Patch61: 0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch`
		`- Patch62: 0062-fips-Expose-a-FIPS-indicator.patch`
		`- # https://github.com/openssl/openssl/commit/44a563dde1584cd9284e80b6e45ee5019be8d36c`
		`- # https://github.com/openssl/openssl/commit/345c99b6654b8313c792d54f829943068911ddbd`
		`- # Regression on Power8, see rhbz2124845, https://github.com/openssl/openssl/issues/19163; fix in 0079-Fix-AES-GCM-on-Power-8-CPUs.patch`
		`- Patch71: 0071-AES-GCM-performance-optimization.patch`
		`- # https://github.com/openssl/openssl/commit/f596bbe4da779b56eea34d96168b557d78e1149`
		`- # https://github.com/openssl/openssl/commit/7e1f3ffcc5bc15fb9a12b9e3bb202f544c6ed5aa`
		`- # hunks in crypto/ppccap.c from https://github.com/openssl/openssl/commit/f5485b97b6c9977c0d39c7669b9f97a879312447`
		`- Patch72: 0072-ChaCha20-performance-optimizations-for-ppc64le.patch`
		`- # https://bugzilla.redhat.com/show_bug.cgi?id=2102535`
		`- Patch73: 0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch`
		`- # https://bugzilla.redhat.com/show_bug.cgi?id=2102535`
		`- %if 0%{?rhel}`
		`- Patch74: 0074-FIPS-Use-digest_sign-digest_verify-in-self-test-eln.patch`
		`- %else`
		`- Patch74: 0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch`
		`- %endif`
		`- # https://bugzilla.redhat.com/show_bug.cgi?id=2102535`
		`- Patch75: 0075-FIPS-Use-FFDHE2048-in-self-test.patch`
		`- # Downstream only. Reseed DRBG using getrandom(GRND_RANDOM)`
		`- # https://bugzilla.redhat.com/show_bug.cgi?id=2102541`
		`- Patch76: 0076-FIPS-140-3-DRBG.patch`
		`- # https://bugzilla.redhat.com/show_bug.cgi?id=2102542`
		`- Patch77: 0077-FIPS-140-3-zeroization.patch`
		`- # https://bugzilla.redhat.com/show_bug.cgi?id=2114772`
		`- Patch78: 0078-Add-FIPS-indicator-parameter-to-HKDF.patch`
		`- # https://bugzilla.redhat.com/show_bug.cgi?id=2124845, https://github.com/openssl/openssl/pull/19182`
		`- Patch79: 0079-Fix-AES-GCM-on-Power-8-CPUs.patch`
		`- # https://github.com/openssl/openssl/pull/13817`
		`+ # # Patches exported from source git`
		`+ # # Aarch64 and ppc64le use lib64`
		`+ Patch1: 0001-Aarch64-and-ppc64le-use-lib64.patch`
		`+ # # Use more general default values in openssl.cnf`
		`+ Patch2: 0002-Use-more-general-default-values-in-openssl.cnf.patch`
		`+ # # Do not install html docs`
		`+ Patch3: 0003-Do-not-install-html-docs.patch`
		`+ # # Override default paths for the CA directory tree`
		`+ Patch4: 0004-Override-default-paths-for-the-CA-directory-tree.patch`
		`+ # # apps/ca: fix md option help text`
		`+ Patch5: 0005-apps-ca-fix-md-option-help-text.patch`
		`+ # # Disable signature verification with totally unsafe hash algorithms`
		`+ Patch6: 0006-Disable-signature-verification-with-totally-unsafe-h.patch`
		`+ # # Add support for PROFILE=SYSTEM system default cipherlist`
		`+ Patch7: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch`
		`+ # # Add FIPS_mode() compatibility macro`
		`+ Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch`
		`+ # # Add check to see if fips flag is enabled in kernel`
		`+ Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch`
		`+ # # Instead of replacing ectest.c and ec_curve.c, add the changes as a patch so`
		`+ # # that new modifications made to these files by upstream are not lost.`
		`+ Patch10: 0010-Add-changes-to-ectest-and-eccurve.patch`
		`+ # # remove unsupported EC curves`
		`+ Patch11: 0011-Remove-EC-curves.patch`
		`+ # # Disable explicit EC curves`
		`+ # # https://bugzilla.redhat.com/show_bug.cgi?id=2066412`
		`+ Patch12: 0012-Disable-explicit-ec.patch`
		`+ # # Skipped tests from former 0011-Remove-EC-curves.patch`
		`+ Patch13: 0013-skipped-tests-EC-curves.patch`
		`+ # # Instructions to load legacy provider in openssl.cnf`
		`+ Patch24: 0024-load-legacy-prov.patch`
		`+ # # Tmp: test name change`
		`+ Patch31: 0031-tmp-Fix-test-names.patch`
		`+ # # We load FIPS provider and set FIPS properties implicitly`
		`+ Patch32: 0032-Force-fips.patch`
		`+ # # Embed HMAC into the fips.so`
		`+ Patch33: 0033-FIPS-embed-hmac.patch`
		`+ # # Comment out fipsinstall command-line utility`
		`+ Patch34: 0034.fipsinstall_disable.patch`
		+ # # Skip unavailable algorithms running `openssl speed`
		`+ Patch35: 0035-speed-skip-unavailable-dgst.patch`
		`+ # # Extra public/private key checks required by FIPS-140-3`
		`+ Patch44: 0044-FIPS-140-3-keychecks.patch`
		`+ # # Minimize fips services`
		`+ Patch45: 0045-FIPS-services-minimize.patch`
		`+ # # Execute KATS before HMAC verification`
		`+ Patch47: 0047-FIPS-early-KATS.patch`
		`+ # # Selectively disallow SHA1 signatures rhbz#2070977`
		`+ Patch49: 0049-Allow-disabling-of-SHA1-signatures.patch`
		`+ # # Support SHA1 in TLS in LEGACY crypto-policy (which is SECLEVEL=1)`
		`+ Patch52: 0052-Allow-SHA1-in-seclevel-1-if-rh-allow-sha1-signatures.patch`
		`+ # # https://github.com/openssl/openssl/pull/18103`
		`+ # # The patch is incorporated in 3.0.3 but we provide this function since 3.0.1`
		`+ # # so the patch should persist`
		`+ Patch56: 0056-strcasecmp.patch`
		`+ # # https://github.com/openssl/openssl/pull/18175`
		`+ # # Patch57: 0057-strcasecmp-fix.patch`
		`+ # # https://bugzilla.redhat.com/show_bug.cgi?id=2053289`
		`+ Patch58: 0058-FIPS-limit-rsa-encrypt.patch`
		`+ # # https://bugzilla.redhat.com/show_bug.cgi?id=2087147`
		`+ Patch61: 0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch`
		`+ # 0062-fips-Expose-a-FIPS-indicator.patch`
		`+ Patch62: 0062-fips-Expose-a-FIPS-indicator.patch`
		`+ # # https://bugzilla.redhat.com/show_bug.cgi?id=2102535`
		`+ Patch73: 0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch`
		`+ # [PATCH 30/35]`
		`+ # 0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch`
		`+ Patch74: 0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch`
		`+ # # https://bugzilla.redhat.com/show_bug.cgi?id=2102535`
		`+ Patch75: 0075-FIPS-Use-FFDHE2048-in-self-test.patch`
		`+ # # Downstream only. Reseed DRBG using getrandom(GRND_RANDOM)`
		`+ # # https://bugzilla.redhat.com/show_bug.cgi?id=2102541`
		`+ Patch76: 0076-FIPS-140-3-DRBG.patch`
		`+ # # https://bugzilla.redhat.com/show_bug.cgi?id=2102542`
		`+ Patch77: 0077-FIPS-140-3-zeroization.patch`
		`+ # # https://bugzilla.redhat.com/show_bug.cgi?id=2114772`
		`+ Patch78: 0078-Add-FIPS-indicator-parameter-to-HKDF.patch`
		`+ # # https://github.com/openssl/openssl/pull/13817`
		`Patch100: 0100-RSA-PKCS15-implicit-rejection.patch`

		`License: ASL 2.0`
		`@@ -330,7 +297,7 @@`
		`OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file`
		`export OPENSSL_SYSTEM_CIPHERS_OVERRIDE`
		`#embed HMAC into fips provider for test run`
		`- LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < providers/fips.so > providers/fips.so.hmac`
		`+ OPENSSL_CONF=/dev/null LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < providers/fips.so > providers/fips.so.hmac`
		`objcopy --update-section .rodata1=providers/fips.so.hmac providers/fips.so providers/fips.so.mac`
		`mv providers/fips.so.mac providers/fips.so`
		`#run tests itself`
		`@@ -343,7 +310,7 @@`
		`%{?__debug_package:%{__debug_install_post}} \`
		`%{__arch_install_post} \`
		`%{__os_install_post} \`
		`- LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so > $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac \`
		`+ OPENSSL_CONF=/dev/null LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so > $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac \`
		`objcopy --update-section .rodata1=$RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.mac \`
		`mv $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.mac $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so \`
		`rm $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac \`
		`@@ -483,6 +450,14 @@`
		`%ldconfig_scriptlets libs`

		`%changelog`
		`+ * Thu Jul 27 2023 Sahana Prasad <sahana@redhat.com> - 1:3.1.1-1`
		`+ - Rebase to upstream version 3.1.1`
		`+ Resolves: CVE-2023-0464`
		`+ Resolves: CVE-2023-0465`
		`+ Resolves: CVE-2023-0466`
		`+ Resolves: CVE-2023-1255`
		`+ Resolves: CVE-2023-2650`
		`+`
		`* Thu Jul 27 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.8-4`
		`- Forbid custom EC more completely`
		`Resolves: rhbz#2223953`

sources

file modified

+1 -1

		`@@ -1,1 +1,1 @@`
		`- SHA512 (openssl-3.0.8.tar.gz) = 6c5651e1ed66a567238948b306aa9140c407a153da9c6afe14268c830748df252c955819fac4eb0759dae4dcbc9ec98f5cc2a4a90bb575747b1b040e104c7ffd`
		`+ SHA512 (openssl-3.1.1.tar.gz) = 8ba9dd6ab87451e126c19cc106ccd1643ca48667d6c37504d0ab98205fbccf855fd0db54474b4113c4c3a15215a4ef77a039fb897a69f71bcab2054b2effd1d9`

saprasad commented 9 months ago

Rebase to upstream release 3.1.1

This is just a place holder

Actual rebase will be through source-git and a separate PR to follow for that

Signed-off-by: Sahana Prasad sahana@redhat.com

zuul commented 9 months ago

Build failed. More information on how to proceed and troubleshoot errors available at https://fedoraproject.org/wiki/Zuul-based-ci
https://fedora.softwarefactory-project.io/zuul/buildset/de7c3a51a4264829aa752ab85983ba40

check-for-arches : SUCCESS in 1m 49s
check-for-eln : SUCCESS in 18s
eln-rpm-scratch-build : FAILURE in 9m 27s
rpm-scratch-build : FAILURE in 19m 54s
rpm-scratch-build-s390x : FAILURE in 37m 49s (non-voting)
rpm-scratch-build-ppc64le : FAILURE in 36m 22s (non-voting)
rpm-scratch-build-i686 : FAILURE in 59m 43s (non-voting)
rpm-scratch-build-aarch64 : FAILURE in 23m 57s (non-voting)
rpm-linter : SKIPPED Skipped due to failed job rpm-scratch-build (non-voting)
rpm-rpminspect : SKIPPED Skipped due to failed job rpm-scratch-build (non-voting)
check-for-sti-tests : SKIPPED Skipped due to failed job rpm-scratch-build
check-for-fmf-tests : SKIPPED Skipped due to failed job rpm-scratch-build
rpm-install-test : SKIPPED Skipped due to failed job rpm-scratch-build
rpm-tmt-test : SKIPPED Skipped due to failed job rpm-scratch-build
rpm-sti-test : SKIPPED Skipped due to failed job rpm-scratch-build