Openssl 3.0.15

CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/aes/aesv8-armx.S

@@ -103,7 +103,7 @@ aes_v8_set_encrypt_key:
 .Loop192:
         tbl     v6.16b,{v4.16b},v2.16b
         ext     v5.16b,v0.16b,v3.16b,#12
-#ifdef __ARMEB__
+#ifdef __AARCH64EB__
         st1     {v4.4s},[x2],#16
         sub     x2,x2,#8
 #else
@@ -1510,7 +1510,7 @@ aes_v8_ctr32_encrypt_blocks:
         ldr     w5,[x3,#240]
 
         ldr     w8, [x4, #12]
-#ifdef __ARMEB__
+#ifdef __AARCH64EB__
         ld1     {v0.16b},[x4]
 #else
         ld1     {v0.4s},[x4]
@@ -1527,7 +1527,7 @@ aes_v8_ctr32_encrypt_blocks:
         add     x7,x3,#32
         mov     w6,w5
         csel    x12,xzr,x12,lo
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev     w8, w8
 #endif
         orr     v1.16b,v0.16b,v0.16b

CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/modes/ghashv8-armx.S

@@ -101,7 +101,7 @@ gcm_gmult_v8:
         movi    v19.16b,#0xe1
         ld1     {v20.2d,v21.2d},[x1]    //load twisted H, ...
         shl     v19.2d,v19.2d,#57
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev64   v17.16b,v17.16b
 #endif
         ext     v3.16b,v17.16b,v17.16b,#8
@@ -126,7 +126,7 @@ gcm_gmult_v8:
         eor     v18.16b,v18.16b,v2.16b
         eor     v0.16b,v0.16b,v18.16b
 
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev64   v0.16b,v0.16b
 #endif
         ext     v0.16b,v0.16b,v0.16b,#8
@@ -163,14 +163,14 @@ gcm_ghash_v8:
         ext     v0.16b,v0.16b,v0.16b,#8         //rotate Xi
         ld1     {v16.2d},[x2],#16       //load [rotated] I[0]
         shl     v19.2d,v19.2d,#57               //compose 0xc2.0 constant
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev64   v16.16b,v16.16b
         rev64   v0.16b,v0.16b
 #endif
         ext     v3.16b,v16.16b,v16.16b,#8               //rotate I[0]
         b.lo    .Lodd_tail_v8           //x3 was less than 32
         ld1     {v17.2d},[x2],x12       //load [rotated] I[1]
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev64   v17.16b,v17.16b
 #endif
         ext     v7.16b,v17.16b,v17.16b,#8
@@ -202,13 +202,13 @@ gcm_ghash_v8:
         eor     v18.16b,v0.16b,v2.16b
         eor     v1.16b,v1.16b,v17.16b
         ld1     {v17.2d},[x2],x12       //load [rotated] I[i+3]
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev64   v16.16b,v16.16b
 #endif
         eor     v1.16b,v1.16b,v18.16b
         pmull   v18.1q,v0.1d,v19.1d             //1st phase of reduction
 
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev64   v17.16b,v17.16b
 #endif
         ins     v2.d[0],v1.d[1]
@@ -258,7 +258,7 @@ gcm_ghash_v8:
         eor     v0.16b,v0.16b,v18.16b
 
 .Ldone_v8:
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev64   v0.16b,v0.16b
 #endif
         ext     v0.16b,v0.16b,v0.16b,#8
@@ -277,7 +277,7 @@ gcm_ghash_v8_4x:
         shl     v19.2d,v19.2d,#57               //compose 0xc2.0 constant
 
         ld1     {v4.2d,v5.2d,v6.2d,v7.2d},[x2],#64
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev64   v0.16b,v0.16b
         rev64   v5.16b,v5.16b
         rev64   v6.16b,v6.16b
@@ -321,7 +321,7 @@ gcm_ghash_v8_4x:
         eor     v16.16b,v4.16b,v0.16b
         ld1     {v4.2d,v5.2d,v6.2d,v7.2d},[x2],#64
         ext     v3.16b,v16.16b,v16.16b,#8
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev64   v5.16b,v5.16b
         rev64   v6.16b,v6.16b
         rev64   v7.16b,v7.16b
@@ -404,7 +404,7 @@ gcm_ghash_v8_4x:
         eor     v1.16b,v1.16b,v17.16b
         ld1     {v4.2d,v5.2d,v6.2d},[x2]
         eor     v1.16b,v1.16b,v18.16b
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev64   v5.16b,v5.16b
         rev64   v6.16b,v6.16b
         rev64   v4.16b,v4.16b
@@ -456,7 +456,7 @@ gcm_ghash_v8_4x:
         eor     v1.16b,v1.16b,v17.16b
         ld1     {v4.2d,v5.2d},[x2]
         eor     v1.16b,v1.16b,v18.16b
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev64   v5.16b,v5.16b
         rev64   v4.16b,v4.16b
 #endif
@@ -499,7 +499,7 @@ gcm_ghash_v8_4x:
         eor     v1.16b,v1.16b,v17.16b
         ld1     {v4.2d},[x2]
         eor     v1.16b,v1.16b,v18.16b
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev64   v4.16b,v4.16b
 #endif
 
@@ -539,7 +539,7 @@ gcm_ghash_v8_4x:
         eor     v0.16b,v0.16b,v18.16b
         ext     v0.16b,v0.16b,v0.16b,#8
 
-#ifndef __ARMEB__
+#ifndef __AARCH64EB__
         rev64   v0.16b,v0.16b
 #endif
         st1     {v0.2d},[x0]            //write out Xi

CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/sha/sha256-armv8.S

@@ -4,57 +4,6 @@
 // this file except in compliance with the License.  You can obtain a copy
 // in the file LICENSE in the source distribution or at
 // https://www.openssl.org/source/license.html
-
-// ====================================================================
-// Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-// project. The module is, however, dual licensed under OpenSSL and
-// CRYPTOGAMS licenses depending on where you obtain it. For further
-// details see http://www.openssl.org/~appro/cryptogams/.
-//
-// Permission to use under GPLv2 terms is granted.
-// ====================================================================
-//
-// SHA256/512 for ARMv8.
-//
-// Performance in cycles per processed byte and improvement coefficient
-// over code generated with "default" compiler:
-//
-//              SHA256-hw       SHA256(*)       SHA512
-// Apple A7     1.97            10.5 (+33%)     6.73 (-1%(**))
-// Cortex-A53   2.38            15.5 (+115%)    10.0 (+150%(***))
-// Cortex-A57   2.31            11.6 (+86%)     7.51 (+260%(***))
-// Denver       2.01            10.5 (+26%)     6.70 (+8%)
-// X-Gene                       20.0 (+100%)    12.8 (+300%(***))
-// Mongoose     2.36            13.0 (+50%)     8.36 (+33%)
-// Kryo         1.92            17.4 (+30%)     11.2 (+8%)
-// ThunderX2    2.54            13.2 (+40%)     8.40 (+18%)
-//
-// (*)  Software SHA256 results are of lesser relevance, presented
-//      mostly for informational purposes.
-// (**) The result is a trade-off: it's possible to improve it by
-//      10% (or by 1 cycle per round), but at the cost of 20% loss
-//      on Cortex-A53 (or by 4 cycles per round).
-// (***)        Super-impressive coefficients over gcc-generated code are
-//      indication of some compiler "pathology", most notably code
-//      generated with -mgeneral-regs-only is significantly faster
-//      and the gap is only 40-90%.
-//
-// October 2016.
-//
-// Originally it was reckoned that it makes no sense to implement NEON
-// version of SHA256 for 64-bit processors. This is because performance
-// improvement on most wide-spread Cortex-A5x processors was observed
-// to be marginal, same on Cortex-A53 and ~10% on A57. But then it was
-// observed that 32-bit NEON SHA256 performs significantly better than
-// 64-bit scalar version on *some* of the more recent processors. As
-// result 64-bit NEON version of SHA256 was added to provide best
-// all-round performance. For example it executes ~30% faster on X-Gene
-// and Mongoose. [For reference, NEON version of SHA512 is bound to
-// deliver much less improvement, likely *negative* on Cortex-A5x.
-// Which is why NEON support is limited to SHA256.]
-
-// $output is the last argument if it looks like a file (it has an extension)
-// $flavour is the first argument if it doesn't look like a file
 #ifndef __KERNEL__
 # include "arm_arch.h"
 

CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/sha/sha512-armv8.S

@@ -4,57 +4,6 @@
 // this file except in compliance with the License.  You can obtain a copy
 // in the file LICENSE in the source distribution or at
 // https://www.openssl.org/source/license.html
-
-// ====================================================================
-// Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-// project. The module is, however, dual licensed under OpenSSL and
-// CRYPTOGAMS licenses depending on where you obtain it. For further
-// details see http://www.openssl.org/~appro/cryptogams/.
-//
-// Permission to use under GPLv2 terms is granted.
-// ====================================================================
-//
-// SHA256/512 for ARMv8.
-//
-// Performance in cycles per processed byte and improvement coefficient
-// over code generated with "default" compiler:
-//
-//              SHA256-hw       SHA256(*)       SHA512
-// Apple A7     1.97            10.5 (+33%)     6.73 (-1%(**))
-// Cortex-A53   2.38            15.5 (+115%)    10.0 (+150%(***))
-// Cortex-A57   2.31            11.6 (+86%)     7.51 (+260%(***))
-// Denver       2.01            10.5 (+26%)     6.70 (+8%)
-// X-Gene                       20.0 (+100%)    12.8 (+300%(***))
-// Mongoose     2.36            13.0 (+50%)     8.36 (+33%)
-// Kryo         1.92            17.4 (+30%)     11.2 (+8%)
-// ThunderX2    2.54            13.2 (+40%)     8.40 (+18%)
-//
-// (*)  Software SHA256 results are of lesser relevance, presented
-//      mostly for informational purposes.
-// (**) The result is a trade-off: it's possible to improve it by
-//      10% (or by 1 cycle per round), but at the cost of 20% loss
-//      on Cortex-A53 (or by 4 cycles per round).
-// (***)        Super-impressive coefficients over gcc-generated code are
-//      indication of some compiler "pathology", most notably code
-//      generated with -mgeneral-regs-only is significantly faster
-//      and the gap is only 40-90%.
-//
-// October 2016.
-//
-// Originally it was reckoned that it makes no sense to implement NEON
-// version of SHA256 for 64-bit processors. This is because performance
-// improvement on most wide-spread Cortex-A5x processors was observed
-// to be marginal, same on Cortex-A53 and ~10% on A57. But then it was
-// observed that 32-bit NEON SHA256 performs significantly better than
-// 64-bit scalar version on *some* of the more recent processors. As
-// result 64-bit NEON version of SHA256 was added to provide best
-// all-round performance. For example it executes ~30% faster on X-Gene
-// and Mongoose. [For reference, NEON version of SHA512 is bound to
-// deliver much less improvement, likely *negative* on Cortex-A5x.
-// Which is why NEON support is limited to SHA256.]
-
-// $output is the last argument if it looks like a file (it has an extension)
-// $flavour is the first argument if it doesn't look like a file
 #ifndef __KERNEL__
 # include "arm_arch.h"
 

CryptoPkg/Library/OpensslLib/OpensslGen/include/openssl/bio.h

@@ -867,7 +867,7 @@ int BIO_meth_set_puts(BIO_METHOD *biom,
                       int (*puts) (BIO *, const char *));
 int (*BIO_meth_get_gets(const BIO_METHOD *biom)) (BIO *, char *, int);
 int BIO_meth_set_gets(BIO_METHOD *biom,
-                      int (*gets) (BIO *, char *, int));
+                      int (*ossl_gets) (BIO *, char *, int));
 long (*BIO_meth_get_ctrl(const BIO_METHOD *biom)) (BIO *, int, long, void *);
 int BIO_meth_set_ctrl(BIO_METHOD *biom,
                       long (*ctrl) (BIO *, int, long, void *));

CryptoPkg/Library/OpensslLib/OpensslGen/include/openssl/opensslv.h

@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  9
+# define OPENSSL_VERSION_PATCH  15
 
 /*
  * Additional version information
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.9"
-# define OPENSSL_FULL_VERSION_STR "3.0.9"
+# define OPENSSL_VERSION_STR "3.0.15"
+# define OPENSSL_FULL_VERSION_STR "3.0.15"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "30 May 2023"
+# define OPENSSL_RELEASE_DATE "3 Sep 2024"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.9 30 May 2023"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15 3 Sep 2024"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE

CryptoPkg/Library/OpensslLib/OpensslGen/include/openssl/pkcs7.h

@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by Makefile from include/openssl/pkcs7.h.in
  *
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -56,8 +56,8 @@ typedef struct pkcs7_signer_info_st {
     PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
     X509_ALGOR *digest_alg;
     STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
-    X509_ALGOR *digest_enc_alg;
-    ASN1_OCTET_STRING *enc_digest;
+    X509_ALGOR *digest_enc_alg; /* confusing name, actually used for signing */
+    ASN1_OCTET_STRING *enc_digest; /* confusing name, actually signature */
     STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
     /* The private key to sign with */
     EVP_PKEY *pkey;