From 2a6d9226d487a270835f5c69886b4ee50398aa51 Mon Sep 17 00:00:00 2001
From: Hakase <hakase@hakase.app>
Date: Thu, 14 Mar 2019 00:30:13 +0900
Subject: [PATCH] Latest update

---
 README.md                             |  2 +-
 openssl-3.0.0-dev-chacha_draft.patch  | 62 +++++++++++++--------------
 openssl-equal-3.0.0-dev.patch         | 28 +++++++++---
 openssl-equal-3.0.0-dev_ciphers.patch | 28 +++++++++---
 4 files changed, 76 insertions(+), 44 deletions(-)

diff --git a/README.md b/README.md
index fc74587..93c2284 100644
--- a/README.md
+++ b/README.md
@@ -29,7 +29,7 @@ Default support is in bold type.
 - [Google(Gmail)](https://gmail.com/) : _TLSv1.3_ **final**
 - [NSS TLS 1.3(Mozilla)](https://tls13.crypto.mozilla.org/) : _TLSv1.3_ **final**
 
-[Compatible OpenSSL-3.0.0-dev (OpenSSL, 23495 commits)](https://github.com/openssl/openssl/tree/ebb7823e14596ad07fdc7d2ed0a267815f545927)
+[Compatible OpenSSL-3.0.0-dev (OpenSSL, 23528 commits)](https://github.com/openssl/openssl/tree/62ca15650576f3953103b27e220e4ff4cc4abed5)
 
 ## Patch files
 
diff --git a/openssl-3.0.0-dev-chacha_draft.patch b/openssl-3.0.0-dev-chacha_draft.patch
index 9454975..f445915 100644
--- a/openssl-3.0.0-dev-chacha_draft.patch
+++ b/openssl-3.0.0-dev-chacha_draft.patch
@@ -220,69 +220,69 @@ index 37902000a0..56832b63a0 100644
  # endif
  #endif
 diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
-index e7c59d610d..7ba1ecdacf 100644
+index 913e107974..339aaa703c 100644
 --- a/crypto/objects/obj_dat.h
 +++ b/crypto/objects/obj_dat.h
-@@ -1079,7 +1079,7 @@ static const unsigned char so[7767] = {
-     0x28,0xCC,0x45,0x03,0x04,                      /* [ 7761] OBJ_gmac */
+@@ -1080,7 +1080,7 @@ static const unsigned char so[7775] = {
+     0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x75,       /* [ 7766] OBJ_SM2_with_SM3 */
  };
  
--#define NUM_NID 1204
-+#define NUM_NID 1205
+-#define NUM_NID 1205
++#define NUM_NID 1206
  static const ASN1_OBJECT nid_objs[NUM_NID] = {
      {"UNDEF", "undefined", NID_undef},
      {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
-@@ -2285,9 +2285,10 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
-     {"BLAKE2BMAC", "blake2bmac", NID_blake2bmac},
+@@ -2287,9 +2287,10 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
      {"BLAKE2SMAC", "blake2smac", NID_blake2smac},
      {"SSHKDF", "sshkdf", NID_sshkdf},
+     {"SM2-SM3", "SM2-with-SM3", NID_SM2_with_SM3, 8, &so[7766]},
 +    {"ChaCha20-Poly1305-D", "chacha20-poly1305-draft", NID_chacha20_poly1305_draft},
  };
  
--#define NUM_SN 1195
-+#define NUM_SN 1196
+-#define NUM_SN 1196
++#define NUM_SN 1197
  static const unsigned int sn_objs[NUM_SN] = {
       364,    /* "AD_DVCS" */
       419,    /* "AES-128-CBC" */
-@@ -2410,6 +2411,7 @@ static const unsigned int sn_objs[NUM_SN] = {
+@@ -2412,6 +2413,7 @@ static const unsigned int sn_objs[NUM_SN] = {
       417,    /* "CSPName" */
      1019,    /* "ChaCha20" */
      1018,    /* "ChaCha20-Poly1305" */
-+    1204,    /* "ChaCha20-Poly1305-D" */
++    1205,    /* "ChaCha20-Poly1305-D" */
       367,    /* "CrlID" */
       391,    /* "DC" */
        31,    /* "DES-CBC" */
-@@ -3486,7 +3488,7 @@ static const unsigned int sn_objs[NUM_SN] = {
+@@ -3489,7 +3491,7 @@ static const unsigned int sn_objs[NUM_SN] = {
      1093,    /* "x509ExtAdmission" */
  };
  
--#define NUM_LN 1195
-+#define NUM_LN 1196
+-#define NUM_LN 1196
++#define NUM_LN 1197
  static const unsigned int ln_objs[NUM_LN] = {
       363,    /* "AD Time Stamping" */
       405,    /* "ANSI X9.62" */
-@@ -3870,6 +3872,7 @@ static const unsigned int ln_objs[NUM_LN] = {
+@@ -3874,6 +3876,7 @@ static const unsigned int ln_objs[NUM_LN] = {
       883,    /* "certificateRevocationList" */
      1019,    /* "chacha20" */
      1018,    /* "chacha20-poly1305" */
-+    1204,    /* "chacha20-poly1305-draft" */
++    1205,    /* "chacha20-poly1305-draft" */
        54,    /* "challengePassword" */
       407,    /* "characteristic-two-field" */
       395,    /* "clearance" */
 diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
-index 623e7e8623..0818547548 100644
+index cfd06d4c29..4d3e79d4c6 100644
 --- a/crypto/objects/obj_mac.num
 +++ b/crypto/objects/obj_mac.num
-@@ -1201,3 +1201,4 @@ aes_256_siv		1200
- blake2bmac		1201
+@@ -1202,3 +1202,4 @@ blake2bmac		1201
  blake2smac		1202
  sshkdf		1203
-+chacha20_poly1305_draft		1204
+ SM2_with_SM3		1204
++chacha20_poly1305_draft		1205
 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
-index cb0b99c47f..d480bd3800 100644
+index 78ebff6ada..2f236c3037 100644
 --- a/crypto/objects/objects.txt
 +++ b/crypto/objects/objects.txt
-@@ -1543,6 +1543,7 @@ sm-scheme 104 7         : SM4-CTR             : sm4-ctr
+@@ -1545,6 +1545,7 @@ sm-scheme 104 7         : SM4-CTR             : sm4-ctr
  			: AES-192-CBC-HMAC-SHA256	: aes-192-cbc-hmac-sha256
  			: AES-256-CBC-HMAC-SHA256	: aes-256-cbc-hmac-sha256
  			: ChaCha20-Poly1305		: chacha20-poly1305
@@ -303,16 +303,16 @@ index 72060e7e96..125bc1c425 100644
  # endif
  
 diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h
-index 80353ad4d7..e525a04b2c 100644
+index c8cb5ce92d..2ad7e07709 100644
 --- a/include/openssl/obj_mac.h
 +++ b/include/openssl/obj_mac.h
-@@ -4828,6 +4828,10 @@
+@@ -4833,6 +4833,10 @@
  #define LN_chacha20_poly1305            "chacha20-poly1305"
  #define NID_chacha20_poly1305           1018
  
 +#define SN_chacha20_poly1305_draft              "ChaCha20-Poly1305-D"
 +#define LN_chacha20_poly1305_draft              "chacha20-poly1305-draft"
-+#define NID_chacha20_poly1305_draft             1204
++#define NID_chacha20_poly1305_draft             1205
 +
  #define SN_chacha20             "ChaCha20"
  #define LN_chacha20             "chacha20"
@@ -489,11 +489,11 @@ index 1d3397d880..d5ff8520b6 100644
  # define SSL_ARIA                (SSL_ARIAGCM)
  
 diff --git a/util/libcrypto.num b/util/libcrypto.num
-index cb0cb2279b..a5829966e7 100644
+index 817c8bbaf4..4d946530b4 100644
 --- a/util/libcrypto.num
 +++ b/util/libcrypto.num
-@@ -4655,3 +4655,4 @@ OSSL_trace_set_callback                 4610	3_0_0	EXIST::FUNCTION:
- OSSL_trace_enabled                      4611	3_0_0	EXIST::FUNCTION:
- OSSL_trace_begin                        4612	3_0_0	EXIST::FUNCTION:
- OSSL_trace_end                          4613	3_0_0	EXIST::FUNCTION:
-+EVP_chacha20_poly1305_draft             4614	3_0_0	EXIST::FUNCTION:CHACHA,POLY1305
+@@ -4790,3 +4790,4 @@ OSSL_PARAM_get_octet_ptr                4737	3_0_0	EXIST::FUNCTION:
+ OSSL_PARAM_set_octet_ptr                4738	3_0_0	EXIST::FUNCTION:
+ X509_set_sm2_id                         4739	3_0_0	EXIST::FUNCTION:
+ X509_get0_sm2_id                        4740	3_0_0	EXIST::FUNCTION:
++EVP_chacha20_poly1305_draft             4741	3_0_0	EXIST::FUNCTION:CHACHA,POLY1305
diff --git a/openssl-equal-3.0.0-dev.patch b/openssl-equal-3.0.0-dev.patch
index 0465a74..b0ab844 100644
--- a/openssl-equal-3.0.0-dev.patch
+++ b/openssl-equal-3.0.0-dev.patch
@@ -1,8 +1,24 @@
 diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
-index aec6a8dac8..9dc9d183e7 100644
+index 7c915d4645..d8c8d714b9 100644
 --- a/crypto/err/openssl.txt
 +++ b/crypto/err/openssl.txt
-@@ -2805,6 +2805,8 @@ SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key
+@@ -2128,7 +2128,6 @@ CONF_R_UNKNOWN_MODULE_NAME:113:unknown module name
+ CONF_R_VARIABLE_EXPANSION_TOO_LONG:116:variable expansion too long
+ CONF_R_VARIABLE_HAS_NO_VALUE:104:variable has no value
+ CRMF_R_BAD_PBM_ITERATIONCOUNT:100:bad pbm iterationcount
+-CRMF_R_MALFORMED_IV:101:malformed iv
+ CRMF_R_CRMFERROR:102:crmferror
+ CRMF_R_ERROR:103:error
+ CRMF_R_ERROR_DECODING_CERTIFICATE:104:error decoding certificate
+@@ -2136,6 +2135,7 @@ CRMF_R_ERROR_DECRYPTING_CERTIFICATE:105:error decrypting certificate
+ CRMF_R_ERROR_DECRYPTING_SYMMETRIC_KEY:106:error decrypting symmetric key
+ CRMF_R_FAILURE_OBTAINING_RANDOM:107:failure obtaining random
+ CRMF_R_ITERATIONCOUNT_BELOW_100:108:iterationcount below 100
++CRMF_R_MALFORMED_IV:101:malformed iv
+ CRMF_R_NULL_ARGUMENT:109:null argument
+ CRMF_R_SETTING_MAC_ALGOR_FAILURE:110:setting mac algor failure
+ CRMF_R_SETTING_OWF_ALGOR_FAILURE:111:setting owf algor failure
+@@ -2865,6 +2865,8 @@ SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key
  SSL_R_MISSING_TMP_ECDH_KEY:311:missing tmp ecdh key
  SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA:293:\
  	mixed handshake and non handshake data
@@ -11,7 +27,7 @@ index aec6a8dac8..9dc9d183e7 100644
  SSL_R_NOT_ON_RECORD_BOUNDARY:182:not on record boundary
  SSL_R_NOT_REPLACING_CERTIFICATE:289:not replacing certificate
  SSL_R_NOT_SERVER:284:not server
-@@ -2913,7 +2915,9 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
+@@ -2973,7 +2975,9 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
  SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES:243:unable to load ssl3 sha1 routines
  SSL_R_UNEXPECTED_CCS_MESSAGE:262:unexpected ccs message
  SSL_R_UNEXPECTED_END_OF_EARLY_DATA:178:unexpected end of early data
@@ -48,10 +64,10 @@ index e29c5d7ced..7d795c390e 100644
  
  The following lists give the SSL or TLS cipher suites names from the
 diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
-index 63057517dc..77910bad17 100644
+index 4603ef4274..fac8736d1d 100644
 --- a/include/openssl/sslerr.h
 +++ b/include/openssl/sslerr.h
-@@ -597,6 +597,8 @@ int ERR_load_SSL_strings(void);
+@@ -601,6 +601,8 @@ int ERR_load_SSL_strings(void);
  # define SSL_R_MISSING_TMP_DH_KEY                         171
  # define SSL_R_MISSING_TMP_ECDH_KEY                       311
  # define SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA     293
@@ -60,7 +76,7 @@ index 63057517dc..77910bad17 100644
  # define SSL_R_NOT_ON_RECORD_BOUNDARY                     182
  # define SSL_R_NOT_REPLACING_CERTIFICATE                  289
  # define SSL_R_NOT_SERVER                                 284
-@@ -729,7 +731,9 @@ int ERR_load_SSL_strings(void);
+@@ -733,7 +735,9 @@ int ERR_load_SSL_strings(void);
  # define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES          243
  # define SSL_R_UNEXPECTED_CCS_MESSAGE                     262
  # define SSL_R_UNEXPECTED_END_OF_EARLY_DATA               178
diff --git a/openssl-equal-3.0.0-dev_ciphers.patch b/openssl-equal-3.0.0-dev_ciphers.patch
index 971aff7..8f7f5d9 100644
--- a/openssl-equal-3.0.0-dev_ciphers.patch
+++ b/openssl-equal-3.0.0-dev_ciphers.patch
@@ -1,8 +1,24 @@
 diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
-index aec6a8dac8..9dc9d183e7 100644
+index 7c915d4645..d8c8d714b9 100644
 --- a/crypto/err/openssl.txt
 +++ b/crypto/err/openssl.txt
-@@ -2805,6 +2805,8 @@ SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key
+@@ -2128,7 +2128,6 @@ CONF_R_UNKNOWN_MODULE_NAME:113:unknown module name
+ CONF_R_VARIABLE_EXPANSION_TOO_LONG:116:variable expansion too long
+ CONF_R_VARIABLE_HAS_NO_VALUE:104:variable has no value
+ CRMF_R_BAD_PBM_ITERATIONCOUNT:100:bad pbm iterationcount
+-CRMF_R_MALFORMED_IV:101:malformed iv
+ CRMF_R_CRMFERROR:102:crmferror
+ CRMF_R_ERROR:103:error
+ CRMF_R_ERROR_DECODING_CERTIFICATE:104:error decoding certificate
+@@ -2136,6 +2135,7 @@ CRMF_R_ERROR_DECRYPTING_CERTIFICATE:105:error decrypting certificate
+ CRMF_R_ERROR_DECRYPTING_SYMMETRIC_KEY:106:error decrypting symmetric key
+ CRMF_R_FAILURE_OBTAINING_RANDOM:107:failure obtaining random
+ CRMF_R_ITERATIONCOUNT_BELOW_100:108:iterationcount below 100
++CRMF_R_MALFORMED_IV:101:malformed iv
+ CRMF_R_NULL_ARGUMENT:109:null argument
+ CRMF_R_SETTING_MAC_ALGOR_FAILURE:110:setting mac algor failure
+ CRMF_R_SETTING_OWF_ALGOR_FAILURE:111:setting owf algor failure
+@@ -2865,6 +2865,8 @@ SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key
  SSL_R_MISSING_TMP_ECDH_KEY:311:missing tmp ecdh key
  SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA:293:\
  	mixed handshake and non handshake data
@@ -11,7 +27,7 @@ index aec6a8dac8..9dc9d183e7 100644
  SSL_R_NOT_ON_RECORD_BOUNDARY:182:not on record boundary
  SSL_R_NOT_REPLACING_CERTIFICATE:289:not replacing certificate
  SSL_R_NOT_SERVER:284:not server
-@@ -2913,7 +2915,9 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
+@@ -2973,7 +2975,9 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
  SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES:243:unable to load ssl3 sha1 routines
  SSL_R_UNEXPECTED_CCS_MESSAGE:262:unexpected ccs message
  SSL_R_UNEXPECTED_END_OF_EARLY_DATA:178:unexpected end of early data
@@ -48,10 +64,10 @@ index e29c5d7ced..7d795c390e 100644
  
  The following lists give the SSL or TLS cipher suites names from the
 diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
-index 63057517dc..77910bad17 100644
+index 4603ef4274..fac8736d1d 100644
 --- a/include/openssl/sslerr.h
 +++ b/include/openssl/sslerr.h
-@@ -597,6 +597,8 @@ int ERR_load_SSL_strings(void);
+@@ -601,6 +601,8 @@ int ERR_load_SSL_strings(void);
  # define SSL_R_MISSING_TMP_DH_KEY                         171
  # define SSL_R_MISSING_TMP_ECDH_KEY                       311
  # define SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA     293
@@ -60,7 +76,7 @@ index 63057517dc..77910bad17 100644
  # define SSL_R_NOT_ON_RECORD_BOUNDARY                     182
  # define SSL_R_NOT_REPLACING_CERTIFICATE                  289
  # define SSL_R_NOT_SERVER                                 284
-@@ -729,7 +731,9 @@ int ERR_load_SSL_strings(void);
+@@ -733,7 +735,9 @@ int ERR_load_SSL_strings(void);
  # define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES          243
  # define SSL_R_UNEXPECTED_CCS_MESSAGE                     262
  # define SSL_R_UNEXPECTED_END_OF_EARLY_DATA               178