summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordjm <>2011-11-03 02:32:23 +0000
committerdjm <>2011-11-03 02:32:23 +0000
commit113f799ec7d1728f0a5d7ab5b0e3b42e3de56407 (patch)
tree26d712b25a8fa580b8f2dfc6df470ba5ffea9eb7
parent829fd51d4f8dde4a7f3bf54754f3c1d1a502f5e2 (diff)
downloadopenbsd-113f799ec7d1728f0a5d7ab5b0e3b42e3de56407.tar.gz
openbsd-113f799ec7d1728f0a5d7ab5b0e3b42e3de56407.tar.bz2
openbsd-113f799ec7d1728f0a5d7ab5b0e3b42e3de56407.zip
import OpenSSL 1.0.0e
Diffstat
-rw-r--r--src/lib/libcrypto/aes/aes_wrap.c12
-rw-r--r--src/lib/libcrypto/aes/asm/aes-armv4.pl397
-rw-r--r--src/lib/libcrypto/alphacpuid.pl126
-rw-r--r--src/lib/libcrypto/asn1/a_int.c3
-rw-r--r--src/lib/libcrypto/asn1/a_object.c4
-rw-r--r--src/lib/libcrypto/asn1/a_strex.c17
-rw-r--r--src/lib/libcrypto/asn1/a_strnid.c2
-rw-r--r--src/lib/libcrypto/asn1/ameth_lib.c2
-rw-r--r--src/lib/libcrypto/asn1/asn1.h2
-rw-r--r--src/lib/libcrypto/asn1/bio_ndef.c3
-rw-r--r--src/lib/libcrypto/asn1/n_pkey.c3
-rw-r--r--src/lib/libcrypto/asn1/t_crl.c3
-rw-r--r--src/lib/libcrypto/asn1/tasn_dec.c3
-rw-r--r--src/lib/libcrypto/asn1/x_name.c7
-rw-r--r--src/lib/libcrypto/asn1/x_x509.c4
-rw-r--r--src/lib/libcrypto/bio/b_sock.c29
-rw-r--r--src/lib/libcrypto/bio/bf_nbio.c2
-rw-r--r--src/lib/libcrypto/bio/bio_lib.c4
-rw-r--r--src/lib/libcrypto/bio/bss_acpt.c5
-rw-r--r--src/lib/libcrypto/bio/bss_dgram.c20
-rw-r--r--src/lib/libcrypto/bio/bss_file.c12
-rw-r--r--src/lib/libcrypto/bio/bss_log.c32
-rw-r--r--src/lib/libcrypto/bn/asm/alpha-mont.pl36
-rw-r--r--src/lib/libcrypto/bn/asm/s390x-mont.pl4
-rwxr-xr-xsrc/lib/libcrypto/bn/asm/s390x.S86
-rw-r--r--src/lib/libcrypto/bn/bn.h18
-rw-r--r--src/lib/libcrypto/bn/bn_exp2.c3
-rw-r--r--src/lib/libcrypto/bn/bn_gf2m.c1
-rw-r--r--src/lib/libcrypto/bn/bn_mont.c2
-rw-r--r--src/lib/libcrypto/bn/bn_mul.c9
-rw-r--r--src/lib/libcrypto/bn/bn_nist.c64
-rw-r--r--src/lib/libcrypto/comp/c_rle.c3
-rw-r--r--src/lib/libcrypto/conf/conf_api.c3
-rw-r--r--src/lib/libcrypto/conf/conf_def.c13
-rw-r--r--src/lib/libcrypto/cryptlib.c21
-rw-r--r--src/lib/libcrypto/doc/EVP_PKEY_verify.pod2
-rw-r--r--src/lib/libcrypto/dsa/dsa_gen.c3
-rw-r--r--src/lib/libcrypto/dsa/dsa_ossl.c20
-rw-r--r--src/lib/libcrypto/dsa/dsa_pmeth.c1
-rw-r--r--src/lib/libcrypto/dso/dso_dlfcn.c1
-rw-r--r--src/lib/libcrypto/ec/ec2_mult.c13
-rw-r--r--src/lib/libcrypto/ec/ec2_smpl.c3
-rw-r--r--src/lib/libcrypto/ec/ec_key.c8
-rw-r--r--src/lib/libcrypto/ec/ec_mult.c6
-rw-r--r--src/lib/libcrypto/ec/ecp_smpl.c3
-rw-r--r--src/lib/libcrypto/ecdh/ech_lib.c3
-rw-r--r--src/lib/libcrypto/ecdsa/ecs_lib.c2
-rw-r--r--src/lib/libcrypto/ecdsa/ecs_ossl.c8
-rw-r--r--src/lib/libcrypto/engine/engine.h3
-rw-r--r--src/lib/libcrypto/evp/encode.c3
-rw-r--r--src/lib/libcrypto/evp/evp_enc.c1
-rw-r--r--src/lib/libcrypto/evp/m_sigver.c4
-rw-r--r--src/lib/libcrypto/evp/p_lib.c3
-rw-r--r--src/lib/libcrypto/evp/p_sign.c2
-rw-r--r--src/lib/libcrypto/evp/p_verify.c2
-rw-r--r--src/lib/libcrypto/evp/pmeth_lib.c2
-rw-r--r--src/lib/libcrypto/hmac/hm_pmeth.c2
-rw-r--r--src/lib/libcrypto/hmac/hmac.c3
-rw-r--r--src/lib/libcrypto/md32_common.h15
-rw-r--r--src/lib/libcrypto/o_time.c22
-rw-r--r--src/lib/libcrypto/ocsp/ocsp_ht.c12
-rw-r--r--src/lib/libcrypto/ocsp/ocsp_lib.c8
-rw-r--r--src/lib/libcrypto/ocsp/ocsp_prn.c2
-rw-r--r--src/lib/libcrypto/opensslv.h6
-rw-r--r--src/lib/libcrypto/pem/pem_lib.c2
-rw-r--r--src/lib/libcrypto/pem/pvkfmt.c10
-rw-r--r--src/lib/libcrypto/perlasm/cbc.pl2
-rwxr-xr-xsrc/lib/libcrypto/perlasm/x86_64-xlate.pl6
-rw-r--r--src/lib/libcrypto/pkcs12/p12_key.c38
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_doit.c3
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_lib.c2
-rw-r--r--src/lib/libcrypto/rand/randfile.c6
-rw-r--r--src/lib/libcrypto/rsa/rsa_eay.c2
-rw-r--r--src/lib/libcrypto/rsa/rsa_oaep.c20
-rw-r--r--src/lib/libcrypto/sha/asm/sha1-armv4-large.pl76
-rw-r--r--src/lib/libcrypto/sha/asm/sha1-sparcv9.pl1
-rw-r--r--src/lib/libcrypto/sha/asm/sha1-sparcv9a.pl1
-rw-r--r--src/lib/libcrypto/sha/asm/sha256-armv4.pl33
-rw-r--r--src/lib/libcrypto/sha/asm/sha512-armv4.pl32
-rw-r--r--src/lib/libcrypto/sha/asm/sha512-sparcv9.pl1
-rw-r--r--src/lib/libcrypto/sparccpuid.S84
-rw-r--r--src/lib/libcrypto/sparcv9cap.c97
-rw-r--r--src/lib/libcrypto/stack/safestack.h115
-rw-r--r--src/lib/libcrypto/ts/ts_verify_ctx.c5
-rw-r--r--src/lib/libcrypto/util/mkerr.pl4
-rw-r--r--src/lib/libcrypto/util/mkstack.pl20
-rw-r--r--src/lib/libcrypto/x509/x509.h1
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.c6
-rw-r--r--src/lib/libcrypto/x509/x_all.c1
-rw-r--r--src/lib/libcrypto/x509v3/pcy_tree.c3
-rw-r--r--src/lib/libcrypto/x509v3/v3_ncons.c1
-rw-r--r--src/lib/libssl/LICENSE2
-rw-r--r--src/lib/libssl/bio_ssl.c4
-rw-r--r--src/lib/libssl/d1_both.c28
-rw-r--r--src/lib/libssl/d1_clnt.c6
-rw-r--r--src/lib/libssl/d1_enc.c6
-rw-r--r--src/lib/libssl/d1_lib.c65
-rw-r--r--src/lib/libssl/d1_pkt.c22
-rw-r--r--src/lib/libssl/d1_srvr.c26
-rw-r--r--src/lib/libssl/s23_lib.c7
-rw-r--r--src/lib/libssl/s3_clnt.c6
-rw-r--r--src/lib/libssl/s3_lib.c6
-rw-r--r--src/lib/libssl/s3_pkt.c6
-rw-r--r--src/lib/libssl/s3_srvr.c41
-rw-r--r--src/lib/libssl/ssl_asn1.c3
-rw-r--r--src/lib/libssl/ssl_ciph.c6
-rw-r--r--src/lib/libssl/ssl_lib.c47
-rw-r--r--src/lib/libssl/t1_enc.c14
-rw-r--r--src/lib/libssl/t1_lib.c88
-rw-r--r--src/lib/libssl/test/cms-test.pl94
110 files changed, 1337 insertions, 830 deletions
diff --git a/src/lib/libcrypto/aes/aes_wrap.c b/src/lib/libcrypto/aes/aes_wrap.c
index 9feacd65d8..e2d73d37ce 100644
--- a/src/lib/libcrypto/aes/aes_wrap.c
+++ b/src/lib/libcrypto/aes/aes_wrap.c
@@ -85,9 +85,9 @@ int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
85 A[7] ^= (unsigned char)(t & 0xff); 85 A[7] ^= (unsigned char)(t & 0xff);
86 if (t > 0xff) 86 if (t > 0xff)
87 { 87 {
88 A[6] ^= (unsigned char)((t & 0xff) >> 8); 88 A[6] ^= (unsigned char)((t >> 8) & 0xff);
89 A[5] ^= (unsigned char)((t & 0xff) >> 16); 89 A[5] ^= (unsigned char)((t >> 16) & 0xff);
90 A[4] ^= (unsigned char)((t & 0xff) >> 24); 90 A[4] ^= (unsigned char)((t >> 24) & 0xff);
91 } 91 }
92 memcpy(R, B + 8, 8); 92 memcpy(R, B + 8, 8);
93 } 93 }
@@ -119,9 +119,9 @@ int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
119 A[7] ^= (unsigned char)(t & 0xff); 119 A[7] ^= (unsigned char)(t & 0xff);
120 if (t > 0xff) 120 if (t > 0xff)
121 { 121 {
122 A[6] ^= (unsigned char)((t & 0xff) >> 8); 122 A[6] ^= (unsigned char)((t >> 8) & 0xff);
123 A[5] ^= (unsigned char)((t & 0xff) >> 16); 123 A[5] ^= (unsigned char)((t >> 16) & 0xff);
124 A[4] ^= (unsigned char)((t & 0xff) >> 24); 124 A[4] ^= (unsigned char)((t >> 24) & 0xff);
125 } 125 }
126 memcpy(B + 8, R, 8); 126 memcpy(B + 8, R, 8);
127 AES_decrypt(B, B, key); 127 AES_decrypt(B, B, key);
diff --git a/src/lib/libcrypto/aes/asm/aes-armv4.pl b/src/lib/libcrypto/aes/asm/aes-armv4.pl
index 690244111a..c51ee1fbf6 100644
--- a/src/lib/libcrypto/aes/asm/aes-armv4.pl
+++ b/src/lib/libcrypto/aes/asm/aes-armv4.pl
@@ -16,12 +16,20 @@
16# allows to merge logical or arithmetic operation with shift or rotate 16# allows to merge logical or arithmetic operation with shift or rotate
17# in one instruction and emit combined result every cycle. The module 17# in one instruction and emit combined result every cycle. The module
18# is endian-neutral. The performance is ~42 cycles/byte for 128-bit 18# is endian-neutral. The performance is ~42 cycles/byte for 128-bit
19# key. 19# key [on single-issue Xscale PXA250 core].
20 20
21# May 2007. 21# May 2007.
22# 22#
23# AES_set_[en|de]crypt_key is added. 23# AES_set_[en|de]crypt_key is added.
24 24
25# July 2010.
26#
27# Rescheduling for dual-issue pipeline resulted in 12% improvement on
28# Cortex A8 core and ~25 cycles per byte processed with 128-bit key.
29
30while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
31open STDOUT,">$output";
32
25$s0="r0"; 33$s0="r0";
26$s1="r1"; 34$s1="r1";
27$s2="r2"; 35$s2="r2";
@@ -164,24 +172,24 @@ AES_encrypt:
164 ldrb $t2,[$rounds,#1] 172 ldrb $t2,[$rounds,#1]
165 ldrb $t3,[$rounds,#0] 173 ldrb $t3,[$rounds,#0]
166 orr $s0,$s0,$t1,lsl#8 174 orr $s0,$s0,$t1,lsl#8
167 orr $s0,$s0,$t2,lsl#16
168 orr $s0,$s0,$t3,lsl#24
169 ldrb $s1,[$rounds,#7] 175 ldrb $s1,[$rounds,#7]
176 orr $s0,$s0,$t2,lsl#16
170 ldrb $t1,[$rounds,#6] 177 ldrb $t1,[$rounds,#6]
178 orr $s0,$s0,$t3,lsl#24
171 ldrb $t2,[$rounds,#5] 179 ldrb $t2,[$rounds,#5]
172 ldrb $t3,[$rounds,#4] 180 ldrb $t3,[$rounds,#4]
173 orr $s1,$s1,$t1,lsl#8 181 orr $s1,$s1,$t1,lsl#8
174 orr $s1,$s1,$t2,lsl#16
175 orr $s1,$s1,$t3,lsl#24
176 ldrb $s2,[$rounds,#11] 182 ldrb $s2,[$rounds,#11]
183 orr $s1,$s1,$t2,lsl#16
177 ldrb $t1,[$rounds,#10] 184 ldrb $t1,[$rounds,#10]
185 orr $s1,$s1,$t3,lsl#24
178 ldrb $t2,[$rounds,#9] 186 ldrb $t2,[$rounds,#9]
179 ldrb $t3,[$rounds,#8] 187 ldrb $t3,[$rounds,#8]
180 orr $s2,$s2,$t1,lsl#8 188 orr $s2,$s2,$t1,lsl#8
181 orr $s2,$s2,$t2,lsl#16
182 orr $s2,$s2,$t3,lsl#24
183 ldrb $s3,[$rounds,#15] 189 ldrb $s3,[$rounds,#15]
190 orr $s2,$s2,$t2,lsl#16
184 ldrb $t1,[$rounds,#14] 191 ldrb $t1,[$rounds,#14]
192 orr $s2,$s2,$t3,lsl#24
185 ldrb $t2,[$rounds,#13] 193 ldrb $t2,[$rounds,#13]
186 ldrb $t3,[$rounds,#12] 194 ldrb $t3,[$rounds,#12]
187 orr $s3,$s3,$t1,lsl#8 195 orr $s3,$s3,$t1,lsl#8
@@ -196,24 +204,24 @@ AES_encrypt:
196 mov $t3,$s0,lsr#8 204 mov $t3,$s0,lsr#8
197 strb $t1,[$rounds,#0] 205 strb $t1,[$rounds,#0]
198 strb $t2,[$rounds,#1] 206 strb $t2,[$rounds,#1]
199 strb $t3,[$rounds,#2]
200 strb $s0,[$rounds,#3]
201 mov $t1,$s1,lsr#24 207 mov $t1,$s1,lsr#24
208 strb $t3,[$rounds,#2]
202 mov $t2,$s1,lsr#16 209 mov $t2,$s1,lsr#16
210 strb $s0,[$rounds,#3]
203 mov $t3,$s1,lsr#8 211 mov $t3,$s1,lsr#8
204 strb $t1,[$rounds,#4] 212 strb $t1,[$rounds,#4]
205 strb $t2,[$rounds,#5] 213 strb $t2,[$rounds,#5]
206 strb $t3,[$rounds,#6]
207 strb $s1,[$rounds,#7]
208 mov $t1,$s2,lsr#24 214 mov $t1,$s2,lsr#24
215 strb $t3,[$rounds,#6]
209 mov $t2,$s2,lsr#16 216 mov $t2,$s2,lsr#16
217 strb $s1,[$rounds,#7]
210 mov $t3,$s2,lsr#8 218 mov $t3,$s2,lsr#8
211 strb $t1,[$rounds,#8] 219 strb $t1,[$rounds,#8]
212 strb $t2,[$rounds,#9] 220 strb $t2,[$rounds,#9]
213 strb $t3,[$rounds,#10]
214 strb $s2,[$rounds,#11]
215 mov $t1,$s3,lsr#24 221 mov $t1,$s3,lsr#24
222 strb $t3,[$rounds,#10]
216 mov $t2,$s3,lsr#16 223 mov $t2,$s3,lsr#16
224 strb $s2,[$rounds,#11]
217 mov $t3,$s3,lsr#8 225 mov $t3,$s3,lsr#8
218 strb $t1,[$rounds,#12] 226 strb $t1,[$rounds,#12]
219 strb $t2,[$rounds,#13] 227 strb $t2,[$rounds,#13]
@@ -230,141 +238,137 @@ AES_encrypt:
230.align 2 238.align 2
231_armv4_AES_encrypt: 239_armv4_AES_encrypt:
232 str lr,[sp,#-4]! @ push lr 240 str lr,[sp,#-4]! @ push lr
233 ldr $t1,[$key],#16 241 ldmia $key!,{$t1-$i1}
234 ldr $t2,[$key,#-12]
235 ldr $t3,[$key,#-8]
236 ldr $i1,[$key,#-4]
237 ldr $rounds,[$key,#240-16]
238 eor $s0,$s0,$t1 242 eor $s0,$s0,$t1
243 ldr $rounds,[$key,#240-16]
239 eor $s1,$s1,$t2 244 eor $s1,$s1,$t2
240 eor $s2,$s2,$t3 245 eor $s2,$s2,$t3
241 eor $s3,$s3,$i1 246 eor $s3,$s3,$i1
242 sub $rounds,$rounds,#1 247 sub $rounds,$rounds,#1
243 mov lr,#255 248 mov lr,#255
244 249
245.Lenc_loop: 250 and $i1,lr,$s0
246 and $i2,lr,$s0,lsr#8 251 and $i2,lr,$s0,lsr#8
247 and $i3,lr,$s0,lsr#16 252 and $i3,lr,$s0,lsr#16
248 and $i1,lr,$s0
249 mov $s0,$s0,lsr#24 253 mov $s0,$s0,lsr#24
254.Lenc_loop:
250 ldr $t1,[$tbl,$i1,lsl#2] @ Te3[s0>>0] 255 ldr $t1,[$tbl,$i1,lsl#2] @ Te3[s0>>0]
251 ldr $s0,[$tbl,$s0,lsl#2] @ Te0[s0>>24]
252 ldr $t2,[$tbl,$i2,lsl#2] @ Te2[s0>>8]
253 ldr $t3,[$tbl,$i3,lsl#2] @ Te1[s0>>16]
254
255 and $i1,lr,$s1,lsr#16 @ i0 256 and $i1,lr,$s1,lsr#16 @ i0
257 ldr $t2,[$tbl,$i2,lsl#2] @ Te2[s0>>8]
256 and $i2,lr,$s1 258 and $i2,lr,$s1
259 ldr $t3,[$tbl,$i3,lsl#2] @ Te1[s0>>16]
257 and $i3,lr,$s1,lsr#8 260 and $i3,lr,$s1,lsr#8
261 ldr $s0,[$tbl,$s0,lsl#2] @ Te0[s0>>24]
258 mov $s1,$s1,lsr#24 262 mov $s1,$s1,lsr#24
263
259 ldr $i1,[$tbl,$i1,lsl#2] @ Te1[s1>>16] 264 ldr $i1,[$tbl,$i1,lsl#2] @ Te1[s1>>16]
260 ldr $s1,[$tbl,$s1,lsl#2] @ Te0[s1>>24]
261 ldr $i2,[$tbl,$i2,lsl#2] @ Te3[s1>>0] 265 ldr $i2,[$tbl,$i2,lsl#2] @ Te3[s1>>0]
262 ldr $i3,[$tbl,$i3,lsl#2] @ Te2[s1>>8] 266 ldr $i3,[$tbl,$i3,lsl#2] @ Te2[s1>>8]
263 eor $s0,$s0,$i1,ror#8 267 eor $s0,$s0,$i1,ror#8
264 eor $s1,$s1,$t1,ror#24 268 ldr $s1,[$tbl,$s1,lsl#2] @ Te0[s1>>24]
265 eor $t2,$t2,$i2,ror#8
266 eor $t3,$t3,$i3,ror#8
267
268 and $i1,lr,$s2,lsr#8 @ i0 269 and $i1,lr,$s2,lsr#8 @ i0
270 eor $t2,$t2,$i2,ror#8
269 and $i2,lr,$s2,lsr#16 @ i1 271 and $i2,lr,$s2,lsr#16 @ i1
272 eor $t3,$t3,$i3,ror#8
270 and $i3,lr,$s2 273 and $i3,lr,$s2
271 mov $s2,$s2,lsr#24 274 eor $s1,$s1,$t1,ror#24
272 ldr $i1,[$tbl,$i1,lsl#2] @ Te2[s2>>8] 275 ldr $i1,[$tbl,$i1,lsl#2] @ Te2[s2>>8]
276 mov $s2,$s2,lsr#24
277
273 ldr $i2,[$tbl,$i2,lsl#2] @ Te1[s2>>16] 278 ldr $i2,[$tbl,$i2,lsl#2] @ Te1[s2>>16]
274 ldr $s2,[$tbl,$s2,lsl#2] @ Te0[s2>>24]
275 ldr $i3,[$tbl,$i3,lsl#2] @ Te3[s2>>0] 279 ldr $i3,[$tbl,$i3,lsl#2] @ Te3[s2>>0]
276 eor $s0,$s0,$i1,ror#16 280 eor $s0,$s0,$i1,ror#16
277 eor $s1,$s1,$i2,ror#8 281 ldr $s2,[$tbl,$s2,lsl#2] @ Te0[s2>>24]
278 eor $s2,$s2,$t2,ror#16
279 eor $t3,$t3,$i3,ror#16
280
281 and $i1,lr,$s3 @ i0 282 and $i1,lr,$s3 @ i0
283 eor $s1,$s1,$i2,ror#8
282 and $i2,lr,$s3,lsr#8 @ i1 284 and $i2,lr,$s3,lsr#8 @ i1
285 eor $t3,$t3,$i3,ror#16
283 and $i3,lr,$s3,lsr#16 @ i2 286 and $i3,lr,$s3,lsr#16 @ i2
284 mov $s3,$s3,lsr#24 287 eor $s2,$s2,$t2,ror#16
285 ldr $i1,[$tbl,$i1,lsl#2] @ Te3[s3>>0] 288 ldr $i1,[$tbl,$i1,lsl#2] @ Te3[s3>>0]
289 mov $s3,$s3,lsr#24
290
286 ldr $i2,[$tbl,$i2,lsl#2] @ Te2[s3>>8] 291 ldr $i2,[$tbl,$i2,lsl#2] @ Te2[s3>>8]
287 ldr $i3,[$tbl,$i3,lsl#2] @ Te1[s3>>16] 292 ldr $i3,[$tbl,$i3,lsl#2] @ Te1[s3>>16]
288 ldr $s3,[$tbl,$s3,lsl#2] @ Te0[s3>>24]
289 eor $s0,$s0,$i1,ror#24 293 eor $s0,$s0,$i1,ror#24
294 ldr $s3,[$tbl,$s3,lsl#2] @ Te0[s3>>24]
290 eor $s1,$s1,$i2,ror#16 295 eor $s1,$s1,$i2,ror#16
296 ldr $i1,[$key],#16
291 eor $s2,$s2,$i3,ror#8 297 eor $s2,$s2,$i3,ror#8
298 ldr $t1,[$key,#-12]
292 eor $s3,$s3,$t3,ror#8 299 eor $s3,$s3,$t3,ror#8
293 300
294 ldr $t1,[$key],#16 301 ldr $t2,[$key,#-8]
295 ldr $t2,[$key,#-12] 302 eor $s0,$s0,$i1
296 ldr $t3,[$key,#-8] 303 ldr $t3,[$key,#-4]
297 ldr $i1,[$key,#-4] 304 and $i1,lr,$s0
298 eor $s0,$s0,$t1 305 eor $s1,$s1,$t1
299 eor $s1,$s1,$t2 306 and $i2,lr,$s0,lsr#8
300 eor $s2,$s2,$t3 307 eor $s2,$s2,$t2
301 eor $s3,$s3,$i1 308 and $i3,lr,$s0,lsr#16
309 eor $s3,$s3,$t3
310 mov $s0,$s0,lsr#24
302 311
303 subs $rounds,$rounds,#1 312 subs $rounds,$rounds,#1
304 bne .Lenc_loop 313 bne .Lenc_loop
305 314
306 add $tbl,$tbl,#2 315 add $tbl,$tbl,#2
307 316
308 and $i1,lr,$s0
309 and $i2,lr,$s0,lsr#8
310 and $i3,lr,$s0,lsr#16
311 mov $s0,$s0,lsr#24
312 ldrb $t1,[$tbl,$i1,lsl#2] @ Te4[s0>>0] 317 ldrb $t1,[$tbl,$i1,lsl#2] @ Te4[s0>>0]
313 ldrb $s0,[$tbl,$s0,lsl#2] @ Te4[s0>>24]
314 ldrb $t2,[$tbl,$i2,lsl#2] @ Te4[s0>>8]
315 ldrb $t3,[$tbl,$i3,lsl#2] @ Te4[s0>>16]
316
317 and $i1,lr,$s1,lsr#16 @ i0 318 and $i1,lr,$s1,lsr#16 @ i0
319 ldrb $t2,[$tbl,$i2,lsl#2] @ Te4[s0>>8]
318 and $i2,lr,$s1 320 and $i2,lr,$s1
321 ldrb $t3,[$tbl,$i3,lsl#2] @ Te4[s0>>16]
319 and $i3,lr,$s1,lsr#8 322 and $i3,lr,$s1,lsr#8
323 ldrb $s0,[$tbl,$s0,lsl#2] @ Te4[s0>>24]
320 mov $s1,$s1,lsr#24 324 mov $s1,$s1,lsr#24
325
321 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s1>>16] 326 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s1>>16]
322 ldrb $s1,[$tbl,$s1,lsl#2] @ Te4[s1>>24]
323 ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s1>>0] 327 ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s1>>0]
324 ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s1>>8] 328 ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s1>>8]
325 eor $s0,$i1,$s0,lsl#8 329 eor $s0,$i1,$s0,lsl#8
326 eor $s1,$t1,$s1,lsl#24 330 ldrb $s1,[$tbl,$s1,lsl#2] @ Te4[s1>>24]
327 eor $t2,$i2,$t2,lsl#8
328 eor $t3,$i3,$t3,lsl#8
329
330 and $i1,lr,$s2,lsr#8 @ i0 331 and $i1,lr,$s2,lsr#8 @ i0
332 eor $t2,$i2,$t2,lsl#8
331 and $i2,lr,$s2,lsr#16 @ i1 333 and $i2,lr,$s2,lsr#16 @ i1
334 eor $t3,$i3,$t3,lsl#8
332 and $i3,lr,$s2 335 and $i3,lr,$s2
333 mov $s2,$s2,lsr#24 336 eor $s1,$t1,$s1,lsl#24
334 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s2>>8] 337 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s2>>8]
338 mov $s2,$s2,lsr#24
339
335 ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s2>>16] 340 ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s2>>16]
336 ldrb $s2,[$tbl,$s2,lsl#2] @ Te4[s2>>24]
337 ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s2>>0] 341 ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s2>>0]
338 eor $s0,$i1,$s0,lsl#8 342 eor $s0,$i1,$s0,lsl#8
339 eor $s1,$s1,$i2,lsl#16 343 ldrb $s2,[$tbl,$s2,lsl#2] @ Te4[s2>>24]
340 eor $s2,$t2,$s2,lsl#24
341 eor $t3,$i3,$t3,lsl#8
342
343 and $i1,lr,$s3 @ i0 344 and $i1,lr,$s3 @ i0
345 eor $s1,$s1,$i2,lsl#16
344 and $i2,lr,$s3,lsr#8 @ i1 346 and $i2,lr,$s3,lsr#8 @ i1
347 eor $t3,$i3,$t3,lsl#8
345 and $i3,lr,$s3,lsr#16 @ i2 348 and $i3,lr,$s3,lsr#16 @ i2
346 mov $s3,$s3,lsr#24 349 eor $s2,$t2,$s2,lsl#24
347 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s3>>0] 350 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s3>>0]
351 mov $s3,$s3,lsr#24
352
348 ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s3>>8] 353 ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s3>>8]
349 ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s3>>16] 354 ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s3>>16]
350 ldrb $s3,[$tbl,$s3,lsl#2] @ Te4[s3>>24]
351 eor $s0,$i1,$s0,lsl#8 355 eor $s0,$i1,$s0,lsl#8
356 ldrb $s3,[$tbl,$s3,lsl#2] @ Te4[s3>>24]
357 ldr $i1,[$key,#0]
352 eor $s1,$s1,$i2,lsl#8 358 eor $s1,$s1,$i2,lsl#8
359 ldr $t1,[$key,#4]
353 eor $s2,$s2,$i3,lsl#16 360 eor $s2,$s2,$i3,lsl#16
361 ldr $t2,[$key,#8]
354 eor $s3,$t3,$s3,lsl#24 362 eor $s3,$t3,$s3,lsl#24
363 ldr $t3,[$key,#12]
355 364
356 ldr lr,[sp],#4 @ pop lr 365 eor $s0,$s0,$i1
357 ldr $t1,[$key,#0] 366 eor $s1,$s1,$t1
358 ldr $t2,[$key,#4] 367 eor $s2,$s2,$t2
359 ldr $t3,[$key,#8] 368 eor $s3,$s3,$t3
360 ldr $i1,[$key,#12]
361 eor $s0,$s0,$t1
362 eor $s1,$s1,$t2
363 eor $s2,$s2,$t3
364 eor $s3,$s3,$i1
365 369
366 sub $tbl,$tbl,#2 370 sub $tbl,$tbl,#2
367 mov pc,lr @ return 371 ldr pc,[sp],#4 @ pop and return
368.size _armv4_AES_encrypt,.-_armv4_AES_encrypt 372.size _armv4_AES_encrypt,.-_armv4_AES_encrypt
369 373
370.global AES_set_encrypt_key 374.global AES_set_encrypt_key
@@ -399,31 +403,31 @@ AES_set_encrypt_key:
399 ldrb $t2,[$rounds,#1] 403 ldrb $t2,[$rounds,#1]
400 ldrb $t3,[$rounds,#0] 404 ldrb $t3,[$rounds,#0]
401 orr $s0,$s0,$t1,lsl#8 405 orr $s0,$s0,$t1,lsl#8
402 orr $s0,$s0,$t2,lsl#16
403 orr $s0,$s0,$t3,lsl#24
404 ldrb $s1,[$rounds,#7] 406 ldrb $s1,[$rounds,#7]
407 orr $s0,$s0,$t2,lsl#16
405 ldrb $t1,[$rounds,#6] 408 ldrb $t1,[$rounds,#6]
409 orr $s0,$s0,$t3,lsl#24
406 ldrb $t2,[$rounds,#5] 410 ldrb $t2,[$rounds,#5]
407 ldrb $t3,[$rounds,#4] 411 ldrb $t3,[$rounds,#4]
408 orr $s1,$s1,$t1,lsl#8 412 orr $s1,$s1,$t1,lsl#8
409 orr $s1,$s1,$t2,lsl#16
410 orr $s1,$s1,$t3,lsl#24
411 ldrb $s2,[$rounds,#11] 413 ldrb $s2,[$rounds,#11]
414 orr $s1,$s1,$t2,lsl#16
412 ldrb $t1,[$rounds,#10] 415 ldrb $t1,[$rounds,#10]
416 orr $s1,$s1,$t3,lsl#24
413 ldrb $t2,[$rounds,#9] 417 ldrb $t2,[$rounds,#9]
414 ldrb $t3,[$rounds,#8] 418 ldrb $t3,[$rounds,#8]
415 orr $s2,$s2,$t1,lsl#8 419 orr $s2,$s2,$t1,lsl#8
416 orr $s2,$s2,$t2,lsl#16
417 orr $s2,$s2,$t3,lsl#24
418 ldrb $s3,[$rounds,#15] 420 ldrb $s3,[$rounds,#15]
421 orr $s2,$s2,$t2,lsl#16
419 ldrb $t1,[$rounds,#14] 422 ldrb $t1,[$rounds,#14]
423 orr $s2,$s2,$t3,lsl#24
420 ldrb $t2,[$rounds,#13] 424 ldrb $t2,[$rounds,#13]
421 ldrb $t3,[$rounds,#12] 425 ldrb $t3,[$rounds,#12]
422 orr $s3,$s3,$t1,lsl#8 426 orr $s3,$s3,$t1,lsl#8
423 orr $s3,$s3,$t2,lsl#16
424 orr $s3,$s3,$t3,lsl#24
425 str $s0,[$key],#16 427 str $s0,[$key],#16
428 orr $s3,$s3,$t2,lsl#16
426 str $s1,[$key,#-12] 429 str $s1,[$key,#-12]
430 orr $s3,$s3,$t3,lsl#24
427 str $s2,[$key,#-8] 431 str $s2,[$key,#-8]
428 str $s3,[$key,#-4] 432 str $s3,[$key,#-4]
429 433
@@ -437,27 +441,26 @@ AES_set_encrypt_key:
437.L128_loop: 441.L128_loop:
438 and $t2,lr,$s3,lsr#24 442 and $t2,lr,$s3,lsr#24
439 and $i1,lr,$s3,lsr#16 443 and $i1,lr,$s3,lsr#16
440 and $i2,lr,$s3,lsr#8
441 and $i3,lr,$s3
442 ldrb $t2,[$tbl,$t2] 444 ldrb $t2,[$tbl,$t2]
445 and $i2,lr,$s3,lsr#8
443 ldrb $i1,[$tbl,$i1] 446 ldrb $i1,[$tbl,$i1]
447 and $i3,lr,$s3
444 ldrb $i2,[$tbl,$i2] 448 ldrb $i2,[$tbl,$i2]
445 ldrb $i3,[$tbl,$i3]
446 ldr $t1,[$t3],#4 @ rcon[i++]
447 orr $t2,$t2,$i1,lsl#24 449 orr $t2,$t2,$i1,lsl#24
450 ldrb $i3,[$tbl,$i3]
448 orr $t2,$t2,$i2,lsl#16 451 orr $t2,$t2,$i2,lsl#16
452 ldr $t1,[$t3],#4 @ rcon[i++]
449 orr $t2,$t2,$i3,lsl#8 453 orr $t2,$t2,$i3,lsl#8
450 eor $t2,$t2,$t1 454 eor $t2,$t2,$t1
451 eor $s0,$s0,$t2 @ rk[4]=rk[0]^... 455 eor $s0,$s0,$t2 @ rk[4]=rk[0]^...
452 eor $s1,$s1,$s0 @ rk[5]=rk[1]^rk[4] 456 eor $s1,$s1,$s0 @ rk[5]=rk[1]^rk[4]
453 eor $s2,$s2,$s1 @ rk[6]=rk[2]^rk[5]
454 eor $s3,$s3,$s2 @ rk[7]=rk[3]^rk[6]
455 str $s0,[$key],#16 457 str $s0,[$key],#16
458 eor $s2,$s2,$s1 @ rk[6]=rk[2]^rk[5]
456 str $s1,[$key,#-12] 459 str $s1,[$key,#-12]
460 eor $s3,$s3,$s2 @ rk[7]=rk[3]^rk[6]
457 str $s2,[$key,#-8] 461 str $s2,[$key,#-8]
458 str $s3,[$key,#-4]
459
460 subs $rounds,$rounds,#1 462 subs $rounds,$rounds,#1
463 str $s3,[$key,#-4]
461 bne .L128_loop 464 bne .L128_loop
462 sub r2,$key,#176 465 sub r2,$key,#176
463 b .Ldone 466 b .Ldone
@@ -468,16 +471,16 @@ AES_set_encrypt_key:
468 ldrb $t2,[$rounds,#17] 471 ldrb $t2,[$rounds,#17]
469 ldrb $t3,[$rounds,#16] 472 ldrb $t3,[$rounds,#16]
470 orr $i2,$i2,$t1,lsl#8 473 orr $i2,$i2,$t1,lsl#8
471 orr $i2,$i2,$t2,lsl#16
472 orr $i2,$i2,$t3,lsl#24
473 ldrb $i3,[$rounds,#23] 474 ldrb $i3,[$rounds,#23]
475 orr $i2,$i2,$t2,lsl#16
474 ldrb $t1,[$rounds,#22] 476 ldrb $t1,[$rounds,#22]
477 orr $i2,$i2,$t3,lsl#24
475 ldrb $t2,[$rounds,#21] 478 ldrb $t2,[$rounds,#21]
476 ldrb $t3,[$rounds,#20] 479 ldrb $t3,[$rounds,#20]
477 orr $i3,$i3,$t1,lsl#8 480 orr $i3,$i3,$t1,lsl#8
478 orr $i3,$i3,$t2,lsl#16 481 orr $i3,$i3,$t2,lsl#16
479 orr $i3,$i3,$t3,lsl#24
480 str $i2,[$key],#8 482 str $i2,[$key],#8
483 orr $i3,$i3,$t3,lsl#24
481 str $i3,[$key,#-4] 484 str $i3,[$key,#-4]
482 485
483 teq lr,#192 486 teq lr,#192
@@ -491,27 +494,26 @@ AES_set_encrypt_key:
491.L192_loop: 494.L192_loop:
492 and $t2,lr,$i3,lsr#24 495 and $t2,lr,$i3,lsr#24
493 and $i1,lr,$i3,lsr#16 496 and $i1,lr,$i3,lsr#16
494 and $i2,lr,$i3,lsr#8
495 and $i3,lr,$i3
496 ldrb $t2,[$tbl,$t2] 497 ldrb $t2,[$tbl,$t2]
498 and $i2,lr,$i3,lsr#8
497 ldrb $i1,[$tbl,$i1] 499 ldrb $i1,[$tbl,$i1]
500 and $i3,lr,$i3
498 ldrb $i2,[$tbl,$i2] 501 ldrb $i2,[$tbl,$i2]
499 ldrb $i3,[$tbl,$i3]
500 ldr $t1,[$t3],#4 @ rcon[i++]
501 orr $t2,$t2,$i1,lsl#24 502 orr $t2,$t2,$i1,lsl#24
503 ldrb $i3,[$tbl,$i3]
502 orr $t2,$t2,$i2,lsl#16 504 orr $t2,$t2,$i2,lsl#16
505 ldr $t1,[$t3],#4 @ rcon[i++]
503 orr $t2,$t2,$i3,lsl#8 506 orr $t2,$t2,$i3,lsl#8
504 eor $i3,$t2,$t1 507 eor $i3,$t2,$t1
505 eor $s0,$s0,$i3 @ rk[6]=rk[0]^... 508 eor $s0,$s0,$i3 @ rk[6]=rk[0]^...
506 eor $s1,$s1,$s0 @ rk[7]=rk[1]^rk[6] 509 eor $s1,$s1,$s0 @ rk[7]=rk[1]^rk[6]
507 eor $s2,$s2,$s1 @ rk[8]=rk[2]^rk[7]
508 eor $s3,$s3,$s2 @ rk[9]=rk[3]^rk[8]
509 str $s0,[$key],#24 510 str $s0,[$key],#24
511 eor $s2,$s2,$s1 @ rk[8]=rk[2]^rk[7]
510 str $s1,[$key,#-20] 512 str $s1,[$key,#-20]
513 eor $s3,$s3,$s2 @ rk[9]=rk[3]^rk[8]
511 str $s2,[$key,#-16] 514 str $s2,[$key,#-16]
512 str $s3,[$key,#-12]
513
514 subs $rounds,$rounds,#1 515 subs $rounds,$rounds,#1
516 str $s3,[$key,#-12]
515 subeq r2,$key,#216 517 subeq r2,$key,#216
516 beq .Ldone 518 beq .Ldone
517 519
@@ -529,16 +531,16 @@ AES_set_encrypt_key:
529 ldrb $t2,[$rounds,#25] 531 ldrb $t2,[$rounds,#25]
530 ldrb $t3,[$rounds,#24] 532 ldrb $t3,[$rounds,#24]
531 orr $i2,$i2,$t1,lsl#8 533 orr $i2,$i2,$t1,lsl#8
532 orr $i2,$i2,$t2,lsl#16
533 orr $i2,$i2,$t3,lsl#24
534 ldrb $i3,[$rounds,#31] 534 ldrb $i3,[$rounds,#31]
535 orr $i2,$i2,$t2,lsl#16
535 ldrb $t1,[$rounds,#30] 536 ldrb $t1,[$rounds,#30]
537 orr $i2,$i2,$t3,lsl#24
536 ldrb $t2,[$rounds,#29] 538 ldrb $t2,[$rounds,#29]
537 ldrb $t3,[$rounds,#28] 539 ldrb $t3,[$rounds,#28]
538 orr $i3,$i3,$t1,lsl#8 540 orr $i3,$i3,$t1,lsl#8
539 orr $i3,$i3,$t2,lsl#16 541 orr $i3,$i3,$t2,lsl#16
540 orr $i3,$i3,$t3,lsl#24
541 str $i2,[$key],#8 542 str $i2,[$key],#8
543 orr $i3,$i3,$t3,lsl#24
542 str $i3,[$key,#-4] 544 str $i3,[$key,#-4]
543 545
544 mov $rounds,#14 546 mov $rounds,#14
@@ -550,52 +552,51 @@ AES_set_encrypt_key:
550.L256_loop: 552.L256_loop:
551 and $t2,lr,$i3,lsr#24 553 and $t2,lr,$i3,lsr#24
552 and $i1,lr,$i3,lsr#16 554 and $i1,lr,$i3,lsr#16
553 and $i2,lr,$i3,lsr#8
554 and $i3,lr,$i3
555 ldrb $t2,[$tbl,$t2] 555 ldrb $t2,[$tbl,$t2]
556 and $i2,lr,$i3,lsr#8
556 ldrb $i1,[$tbl,$i1] 557 ldrb $i1,[$tbl,$i1]
558 and $i3,lr,$i3
557 ldrb $i2,[$tbl,$i2] 559 ldrb $i2,[$tbl,$i2]
558 ldrb $i3,[$tbl,$i3]
559 ldr $t1,[$t3],#4 @ rcon[i++]
560 orr $t2,$t2,$i1,lsl#24 560 orr $t2,$t2,$i1,lsl#24
561 ldrb $i3,[$tbl,$i3]
561 orr $t2,$t2,$i2,lsl#16 562 orr $t2,$t2,$i2,lsl#16
563 ldr $t1,[$t3],#4 @ rcon[i++]
562 orr $t2,$t2,$i3,lsl#8 564 orr $t2,$t2,$i3,lsl#8
563 eor $i3,$t2,$t1 565 eor $i3,$t2,$t1
564 eor $s0,$s0,$i3 @ rk[8]=rk[0]^... 566 eor $s0,$s0,$i3 @ rk[8]=rk[0]^...
565 eor $s1,$s1,$s0 @ rk[9]=rk[1]^rk[8] 567 eor $s1,$s1,$s0 @ rk[9]=rk[1]^rk[8]
566 eor $s2,$s2,$s1 @ rk[10]=rk[2]^rk[9]
567 eor $s3,$s3,$s2 @ rk[11]=rk[3]^rk[10]
568 str $s0,[$key],#32 568 str $s0,[$key],#32
569 eor $s2,$s2,$s1 @ rk[10]=rk[2]^rk[9]
569 str $s1,[$key,#-28] 570 str $s1,[$key,#-28]
571 eor $s3,$s3,$s2 @ rk[11]=rk[3]^rk[10]
570 str $s2,[$key,#-24] 572 str $s2,[$key,#-24]
571 str $s3,[$key,#-20]
572
573 subs $rounds,$rounds,#1 573 subs $rounds,$rounds,#1
574 str $s3,[$key,#-20]
574 subeq r2,$key,#256 575 subeq r2,$key,#256
575 beq .Ldone 576 beq .Ldone
576 577
577 and $t2,lr,$s3 578 and $t2,lr,$s3
578 and $i1,lr,$s3,lsr#8 579 and $i1,lr,$s3,lsr#8
579 and $i2,lr,$s3,lsr#16
580 and $i3,lr,$s3,lsr#24
581 ldrb $t2,[$tbl,$t2] 580 ldrb $t2,[$tbl,$t2]
581 and $i2,lr,$s3,lsr#16
582 ldrb $i1,[$tbl,$i1] 582 ldrb $i1,[$tbl,$i1]
583 and $i3,lr,$s3,lsr#24
583 ldrb $i2,[$tbl,$i2] 584 ldrb $i2,[$tbl,$i2]
584 ldrb $i3,[$tbl,$i3]
585 orr $t2,$t2,$i1,lsl#8 585 orr $t2,$t2,$i1,lsl#8
586 ldrb $i3,[$tbl,$i3]
586 orr $t2,$t2,$i2,lsl#16 587 orr $t2,$t2,$i2,lsl#16
588 ldr $t1,[$key,#-48]
587 orr $t2,$t2,$i3,lsl#24 589 orr $t2,$t2,$i3,lsl#24
588 590
589 ldr $t1,[$key,#-48]
590 ldr $i1,[$key,#-44] 591 ldr $i1,[$key,#-44]
591 ldr $i2,[$key,#-40] 592 ldr $i2,[$key,#-40]
592 ldr $i3,[$key,#-36]
593 eor $t1,$t1,$t2 @ rk[12]=rk[4]^... 593 eor $t1,$t1,$t2 @ rk[12]=rk[4]^...
594 ldr $i3,[$key,#-36]
594 eor $i1,$i1,$t1 @ rk[13]=rk[5]^rk[12] 595 eor $i1,$i1,$t1 @ rk[13]=rk[5]^rk[12]
595 eor $i2,$i2,$i1 @ rk[14]=rk[6]^rk[13]
596 eor $i3,$i3,$i2 @ rk[15]=rk[7]^rk[14]
597 str $t1,[$key,#-16] 596 str $t1,[$key,#-16]
597 eor $i2,$i2,$i1 @ rk[14]=rk[6]^rk[13]
598 str $i1,[$key,#-12] 598 str $i1,[$key,#-12]
599 eor $i3,$i3,$i2 @ rk[15]=rk[7]^rk[14]
599 str $i2,[$key,#-8] 600 str $i2,[$key,#-8]
600 str $i3,[$key,#-4] 601 str $i3,[$key,#-4]
601 b .L256_loop 602 b .L256_loop
@@ -816,24 +817,24 @@ AES_decrypt:
816 ldrb $t2,[$rounds,#1] 817 ldrb $t2,[$rounds,#1]
817 ldrb $t3,[$rounds,#0] 818 ldrb $t3,[$rounds,#0]
818 orr $s0,$s0,$t1,lsl#8 819 orr $s0,$s0,$t1,lsl#8
819 orr $s0,$s0,$t2,lsl#16
820 orr $s0,$s0,$t3,lsl#24
821 ldrb $s1,[$rounds,#7] 820 ldrb $s1,[$rounds,#7]
821 orr $s0,$s0,$t2,lsl#16
822 ldrb $t1,[$rounds,#6] 822 ldrb $t1,[$rounds,#6]
823 orr $s0,$s0,$t3,lsl#24
823 ldrb $t2,[$rounds,#5] 824 ldrb $t2,[$rounds,#5]
824 ldrb $t3,[$rounds,#4] 825 ldrb $t3,[$rounds,#4]
825 orr $s1,$s1,$t1,lsl#8 826 orr $s1,$s1,$t1,lsl#8
826 orr $s1,$s1,$t2,lsl#16
827 orr $s1,$s1,$t3,lsl#24
828 ldrb $s2,[$rounds,#11] 827 ldrb $s2,[$rounds,#11]
828 orr $s1,$s1,$t2,lsl#16
829 ldrb $t1,[$rounds,#10] 829 ldrb $t1,[$rounds,#10]
830 orr $s1,$s1,$t3,lsl#24
830 ldrb $t2,[$rounds,#9] 831 ldrb $t2,[$rounds,#9]
831 ldrb $t3,[$rounds,#8] 832 ldrb $t3,[$rounds,#8]
832 orr $s2,$s2,$t1,lsl#8 833 orr $s2,$s2,$t1,lsl#8
833 orr $s2,$s2,$t2,lsl#16
834 orr $s2,$s2,$t3,lsl#24
835 ldrb $s3,[$rounds,#15] 834 ldrb $s3,[$rounds,#15]
835 orr $s2,$s2,$t2,lsl#16
836 ldrb $t1,[$rounds,#14] 836 ldrb $t1,[$rounds,#14]
837 orr $s2,$s2,$t3,lsl#24
837 ldrb $t2,[$rounds,#13] 838 ldrb $t2,[$rounds,#13]
838 ldrb $t3,[$rounds,#12] 839 ldrb $t3,[$rounds,#12]
839 orr $s3,$s3,$t1,lsl#8 840 orr $s3,$s3,$t1,lsl#8
@@ -848,24 +849,24 @@ AES_decrypt:
848 mov $t3,$s0,lsr#8 849 mov $t3,$s0,lsr#8
849 strb $t1,[$rounds,#0] 850 strb $t1,[$rounds,#0]
850 strb $t2,[$rounds,#1] 851 strb $t2,[$rounds,#1]
851 strb $t3,[$rounds,#2]
852 strb $s0,[$rounds,#3]
853 mov $t1,$s1,lsr#24 852 mov $t1,$s1,lsr#24
853 strb $t3,[$rounds,#2]
854 mov $t2,$s1,lsr#16 854 mov $t2,$s1,lsr#16
855 strb $s0,[$rounds,#3]
855 mov $t3,$s1,lsr#8 856 mov $t3,$s1,lsr#8
856 strb $t1,[$rounds,#4] 857 strb $t1,[$rounds,#4]
857 strb $t2,[$rounds,#5] 858 strb $t2,[$rounds,#5]
858 strb $t3,[$rounds,#6]
859 strb $s1,[$rounds,#7]
860 mov $t1,$s2,lsr#24 859 mov $t1,$s2,lsr#24
860 strb $t3,[$rounds,#6]
861 mov $t2,$s2,lsr#16 861 mov $t2,$s2,lsr#16
862 strb $s1,[$rounds,#7]
862 mov $t3,$s2,lsr#8 863 mov $t3,$s2,lsr#8
863 strb $t1,[$rounds,#8] 864 strb $t1,[$rounds,#8]
864 strb $t2,[$rounds,#9] 865 strb $t2,[$rounds,#9]
865 strb $t3,[$rounds,#10]
866 strb $s2,[$rounds,#11]
867 mov $t1,$s3,lsr#24 866 mov $t1,$s3,lsr#24
867 strb $t3,[$rounds,#10]
868 mov $t2,$s3,lsr#16 868 mov $t2,$s3,lsr#16
869 strb $s2,[$rounds,#11]
869 mov $t3,$s3,lsr#8 870 mov $t3,$s3,lsr#8
870 strb $t1,[$rounds,#12] 871 strb $t1,[$rounds,#12]
871 strb $t2,[$rounds,#13] 872 strb $t2,[$rounds,#13]
@@ -882,146 +883,143 @@ AES_decrypt:
882.align 2 883.align 2
883_armv4_AES_decrypt: 884_armv4_AES_decrypt:
884 str lr,[sp,#-4]! @ push lr 885 str lr,[sp,#-4]! @ push lr
885 ldr $t1,[$key],#16 886 ldmia $key!,{$t1-$i1}
886 ldr $t2,[$key,#-12]
887 ldr $t3,[$key,#-8]
888 ldr $i1,[$key,#-4]
889 ldr $rounds,[$key,#240-16]
890 eor $s0,$s0,$t1 887 eor $s0,$s0,$t1
888 ldr $rounds,[$key,#240-16]
891 eor $s1,$s1,$t2 889 eor $s1,$s1,$t2
892 eor $s2,$s2,$t3 890 eor $s2,$s2,$t3
893 eor $s3,$s3,$i1 891 eor $s3,$s3,$i1
894 sub $rounds,$rounds,#1 892 sub $rounds,$rounds,#1
895 mov lr,#255 893 mov lr,#255
896 894
897.Ldec_loop:
898 and $i1,lr,$s0,lsr#16 895 and $i1,lr,$s0,lsr#16
899 and $i2,lr,$s0,lsr#8 896 and $i2,lr,$s0,lsr#8
900 and $i3,lr,$s0 897 and $i3,lr,$s0
901 mov $s0,$s0,lsr#24 898 mov $s0,$s0,lsr#24
899.Ldec_loop:
902 ldr $t1,[$tbl,$i1,lsl#2] @ Td1[s0>>16] 900 ldr $t1,[$tbl,$i1,lsl#2] @ Td1[s0>>16]
903 ldr $s0,[$tbl,$s0,lsl#2] @ Td0[s0>>24]
904 ldr $t2,[$tbl,$i2,lsl#2] @ Td2[s0>>8]
905 ldr $t3,[$tbl,$i3,lsl#2] @ Td3[s0>>0]
906
907 and $i1,lr,$s1 @ i0 901 and $i1,lr,$s1 @ i0
902 ldr $t2,[$tbl,$i2,lsl#2] @ Td2[s0>>8]
908 and $i2,lr,$s1,lsr#16 903 and $i2,lr,$s1,lsr#16
904 ldr $t3,[$tbl,$i3,lsl#2] @ Td3[s0>>0]
909 and $i3,lr,$s1,lsr#8 905 and $i3,lr,$s1,lsr#8
906 ldr $s0,[$tbl,$s0,lsl#2] @ Td0[s0>>24]
910 mov $s1,$s1,lsr#24 907 mov $s1,$s1,lsr#24
908
911 ldr $i1,[$tbl,$i1,lsl#2] @ Td3[s1>>0] 909 ldr $i1,[$tbl,$i1,lsl#2] @ Td3[s1>>0]
912 ldr $s1,[$tbl,$s1,lsl#2] @ Td0[s1>>24]
913 ldr $i2,[$tbl,$i2,lsl#2] @ Td1[s1>>16] 910 ldr $i2,[$tbl,$i2,lsl#2] @ Td1[s1>>16]
914 ldr $i3,[$tbl,$i3,lsl#2] @ Td2[s1>>8] 911 ldr $i3,[$tbl,$i3,lsl#2] @ Td2[s1>>8]
915 eor $s0,$s0,$i1,ror#24 912 eor $s0,$s0,$i1,ror#24
916 eor $s1,$s1,$t1,ror#8 913 ldr $s1,[$tbl,$s1,lsl#2] @ Td0[s1>>24]
917 eor $t2,$i2,$t2,ror#8
918 eor $t3,$i3,$t3,ror#8
919
920 and $i1,lr,$s2,lsr#8 @ i0 914 and $i1,lr,$s2,lsr#8 @ i0
915 eor $t2,$i2,$t2,ror#8
921 and $i2,lr,$s2 @ i1 916 and $i2,lr,$s2 @ i1
917 eor $t3,$i3,$t3,ror#8
922 and $i3,lr,$s2,lsr#16 918 and $i3,lr,$s2,lsr#16
923 mov $s2,$s2,lsr#24 919 eor $s1,$s1,$t1,ror#8
924 ldr $i1,[$tbl,$i1,lsl#2] @ Td2[s2>>8] 920 ldr $i1,[$tbl,$i1,lsl#2] @ Td2[s2>>8]
921 mov $s2,$s2,lsr#24
922
925 ldr $i2,[$tbl,$i2,lsl#2] @ Td3[s2>>0] 923 ldr $i2,[$tbl,$i2,lsl#2] @ Td3[s2>>0]
926 ldr $s2,[$tbl,$s2,lsl#2] @ Td0[s2>>24]
927 ldr $i3,[$tbl,$i3,lsl#2] @ Td1[s2>>16] 924 ldr $i3,[$tbl,$i3,lsl#2] @ Td1[s2>>16]
928 eor $s0,$s0,$i1,ror#16 925 eor $s0,$s0,$i1,ror#16
929 eor $s1,$s1,$i2,ror#24 926 ldr $s2,[$tbl,$s2,lsl#2] @ Td0[s2>>24]
930 eor $s2,$s2,$t2,ror#8
931 eor $t3,$i3,$t3,ror#8
932
933 and $i1,lr,$s3,lsr#16 @ i0 927 and $i1,lr,$s3,lsr#16 @ i0
928 eor $s1,$s1,$i2,ror#24
934 and $i2,lr,$s3,lsr#8 @ i1 929 and $i2,lr,$s3,lsr#8 @ i1
930 eor $t3,$i3,$t3,ror#8
935 and $i3,lr,$s3 @ i2 931 and $i3,lr,$s3 @ i2
936 mov $s3,$s3,lsr#24 932 eor $s2,$s2,$t2,ror#8
937 ldr $i1,[$tbl,$i1,lsl#2] @ Td1[s3>>16] 933 ldr $i1,[$tbl,$i1,lsl#2] @ Td1[s3>>16]
934 mov $s3,$s3,lsr#24
935
938 ldr $i2,[$tbl,$i2,lsl#2] @ Td2[s3>>8] 936 ldr $i2,[$tbl,$i2,lsl#2] @ Td2[s3>>8]
939 ldr $i3,[$tbl,$i3,lsl#2] @ Td3[s3>>0] 937 ldr $i3,[$tbl,$i3,lsl#2] @ Td3[s3>>0]
940 ldr $s3,[$tbl,$s3,lsl#2] @ Td0[s3>>24]
941 eor $s0,$s0,$i1,ror#8 938 eor $s0,$s0,$i1,ror#8
939 ldr $s3,[$tbl,$s3,lsl#2] @ Td0[s3>>24]
942 eor $s1,$s1,$i2,ror#16 940 eor $s1,$s1,$i2,ror#16
943 eor $s2,$s2,$i3,ror#24 941 eor $s2,$s2,$i3,ror#24
942 ldr $i1,[$key],#16
944 eor $s3,$s3,$t3,ror#8 943 eor $s3,$s3,$t3,ror#8
945 944
946 ldr $t1,[$key],#16 945 ldr $t1,[$key,#-12]
947 ldr $t2,[$key,#-12] 946 ldr $t2,[$key,#-8]
948 ldr $t3,[$key,#-8] 947 eor $s0,$s0,$i1
949 ldr $i1,[$key,#-4] 948 ldr $t3,[$key,#-4]
950 eor $s0,$s0,$t1 949 and $i1,lr,$s0,lsr#16
951 eor $s1,$s1,$t2 950 eor $s1,$s1,$t1
952 eor $s2,$s2,$t3 951 and $i2,lr,$s0,lsr#8
953 eor $s3,$s3,$i1 952 eor $s2,$s2,$t2
953 and $i3,lr,$s0
954 eor $s3,$s3,$t3
955 mov $s0,$s0,lsr#24
954 956
955 subs $rounds,$rounds,#1 957 subs $rounds,$rounds,#1
956 bne .Ldec_loop 958 bne .Ldec_loop
957 959
958 add $tbl,$tbl,#1024 960 add $tbl,$tbl,#1024
959 961
960 ldr $t1,[$tbl,#0] @ prefetch Td4 962 ldr $t2,[$tbl,#0] @ prefetch Td4
961 ldr $t2,[$tbl,#32] 963 ldr $t3,[$tbl,#32]
962 ldr $t3,[$tbl,#64] 964 ldr $t1,[$tbl,#64]
963 ldr $i1,[$tbl,#96] 965 ldr $t2,[$tbl,#96]
964 ldr $i2,[$tbl,#128] 966 ldr $t3,[$tbl,#128]
965 ldr $i3,[$tbl,#160] 967 ldr $t1,[$tbl,#160]
966 ldr $t1,[$tbl,#192] 968 ldr $t2,[$tbl,#192]
967 ldr $t2,[$tbl,#224] 969 ldr $t3,[$tbl,#224]
968 970
969 and $i1,lr,$s0,lsr#16 971 ldrb $s0,[$tbl,$s0] @ Td4[s0>>24]
970 and $i2,lr,$s0,lsr#8
971 and $i3,lr,$s0
972 ldrb $s0,[$tbl,$s0,lsr#24] @ Td4[s0>>24]
973 ldrb $t1,[$tbl,$i1] @ Td4[s0>>16] 972 ldrb $t1,[$tbl,$i1] @ Td4[s0>>16]
974 ldrb $t2,[$tbl,$i2] @ Td4[s0>>8]
975 ldrb $t3,[$tbl,$i3] @ Td4[s0>>0]
976
977 and $i1,lr,$s1 @ i0 973 and $i1,lr,$s1 @ i0
974 ldrb $t2,[$tbl,$i2] @ Td4[s0>>8]
978 and $i2,lr,$s1,lsr#16 975 and $i2,lr,$s1,lsr#16
976 ldrb $t3,[$tbl,$i3] @ Td4[s0>>0]
979 and $i3,lr,$s1,lsr#8 977 and $i3,lr,$s1,lsr#8
978
980 ldrb $i1,[$tbl,$i1] @ Td4[s1>>0] 979 ldrb $i1,[$tbl,$i1] @ Td4[s1>>0]
981 ldrb $s1,[$tbl,$s1,lsr#24] @ Td4[s1>>24] 980 ldrb $s1,[$tbl,$s1,lsr#24] @ Td4[s1>>24]
982 ldrb $i2,[$tbl,$i2] @ Td4[s1>>16] 981 ldrb $i2,[$tbl,$i2] @ Td4[s1>>16]
983 ldrb $i3,[$tbl,$i3] @ Td4[s1>>8]
984 eor $s0,$i1,$s0,lsl#24 982 eor $s0,$i1,$s0,lsl#24
983 ldrb $i3,[$tbl,$i3] @ Td4[s1>>8]
985 eor $s1,$t1,$s1,lsl#8 984 eor $s1,$t1,$s1,lsl#8
986 eor $t2,$t2,$i2,lsl#8
987 eor $t3,$t3,$i3,lsl#8
988
989 and $i1,lr,$s2,lsr#8 @ i0 985 and $i1,lr,$s2,lsr#8 @ i0
986 eor $t2,$t2,$i2,lsl#8
990 and $i2,lr,$s2 @ i1 987 and $i2,lr,$s2 @ i1
991 and $i3,lr,$s2,lsr#16 988 eor $t3,$t3,$i3,lsl#8
992 ldrb $i1,[$tbl,$i1] @ Td4[s2>>8] 989 ldrb $i1,[$tbl,$i1] @ Td4[s2>>8]
990 and $i3,lr,$s2,lsr#16
991
993 ldrb $i2,[$tbl,$i2] @ Td4[s2>>0] 992 ldrb $i2,[$tbl,$i2] @ Td4[s2>>0]
994 ldrb $s2,[$tbl,$s2,lsr#24] @ Td4[s2>>24] 993 ldrb $s2,[$tbl,$s2,lsr#24] @ Td4[s2>>24]
995 ldrb $i3,[$tbl,$i3] @ Td4[s2>>16]
996 eor $s0,$s0,$i1,lsl#8 994 eor $s0,$s0,$i1,lsl#8
995 ldrb $i3,[$tbl,$i3] @ Td4[s2>>16]
997 eor $s1,$i2,$s1,lsl#16 996 eor $s1,$i2,$s1,lsl#16
998 eor $s2,$t2,$s2,lsl#16
999 eor $t3,$t3,$i3,lsl#16
1000
1001 and $i1,lr,$s3,lsr#16 @ i0 997 and $i1,lr,$s3,lsr#16 @ i0
998 eor $s2,$t2,$s2,lsl#16
1002 and $i2,lr,$s3,lsr#8 @ i1 999 and $i2,lr,$s3,lsr#8 @ i1
1003 and $i3,lr,$s3 @ i2 1000 eor $t3,$t3,$i3,lsl#16
1004 ldrb $i1,[$tbl,$i1] @ Td4[s3>>16] 1001 ldrb $i1,[$tbl,$i1] @ Td4[s3>>16]
1002 and $i3,lr,$s3 @ i2
1003
1005 ldrb $i2,[$tbl,$i2] @ Td4[s3>>8] 1004 ldrb $i2,[$tbl,$i2] @ Td4[s3>>8]
1006 ldrb $i3,[$tbl,$i3] @ Td4[s3>>0] 1005 ldrb $i3,[$tbl,$i3] @ Td4[s3>>0]
1007 ldrb $s3,[$tbl,$s3,lsr#24] @ Td4[s3>>24] 1006 ldrb $s3,[$tbl,$s3,lsr#24] @ Td4[s3>>24]
1008 eor $s0,$s0,$i1,lsl#16 1007 eor $s0,$s0,$i1,lsl#16
1008 ldr $i1,[$key,#0]
1009 eor $s1,$s1,$i2,lsl#8 1009 eor $s1,$s1,$i2,lsl#8
1010 ldr $t1,[$key,#4]
1010 eor $s2,$i3,$s2,lsl#8 1011 eor $s2,$i3,$s2,lsl#8
1012 ldr $t2,[$key,#8]
1011 eor $s3,$t3,$s3,lsl#24 1013 eor $s3,$t3,$s3,lsl#24
1014 ldr $t3,[$key,#12]
1012 1015
1013 ldr lr,[sp],#4 @ pop lr 1016 eor $s0,$s0,$i1
1014 ldr $t1,[$key,#0] 1017 eor $s1,$s1,$t1
1015 ldr $t2,[$key,#4] 1018 eor $s2,$s2,$t2
1016 ldr $t3,[$key,#8] 1019 eor $s3,$s3,$t3
1017 ldr $i1,[$key,#12]
1018 eor $s0,$s0,$t1
1019 eor $s1,$s1,$t2
1020 eor $s2,$s2,$t3
1021 eor $s3,$s3,$i1
1022 1020
1023 sub $tbl,$tbl,#1024 1021 sub $tbl,$tbl,#1024
1024 mov pc,lr @ return 1022 ldr pc,[sp],#4 @ pop and return
1025.size _armv4_AES_decrypt,.-_armv4_AES_decrypt 1023.size _armv4_AES_decrypt,.-_armv4_AES_decrypt
1026.asciz "AES for ARMv4, CRYPTOGAMS by <appro\@openssl.org>" 1024.asciz "AES for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
1027.align 2 1025.align 2
@@ -1029,3 +1027,4 @@ ___
1029 1027
1030$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4 1028$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4
1031print $code; 1029print $code;
1030close STDOUT; # enforce flush
diff --git a/src/lib/libcrypto/alphacpuid.pl b/src/lib/libcrypto/alphacpuid.pl
new file mode 100644
index 0000000000..4b3cbb9827
--- /dev/null
+++ b/src/lib/libcrypto/alphacpuid.pl
@@ -0,0 +1,126 @@
1#!/usr/bin/env perl
2print <<'___';
3.text
4
5.set noat
6
7.globl OPENSSL_cpuid_setup
8.ent OPENSSL_cpuid_setup
9OPENSSL_cpuid_setup:
10 .frame $30,0,$26
11 .prologue 0
12 ret ($26)
13.end OPENSSL_cpuid_setup
14
15.globl OPENSSL_wipe_cpu
16.ent OPENSSL_wipe_cpu
17OPENSSL_wipe_cpu:
18 .frame $30,0,$26
19 .prologue 0
20 clr $1
21 clr $2
22 clr $3
23 clr $4
24 clr $5
25 clr $6
26 clr $7
27 clr $8
28 clr $16
29 clr $17
30 clr $18
31 clr $19
32 clr $20
33 clr $21
34 clr $22
35 clr $23
36 clr $24
37 clr $25
38 clr $27
39 clr $at
40 clr $29
41 fclr $f0
42 fclr $f1
43 fclr $f10
44 fclr $f11
45 fclr $f12
46 fclr $f13
47 fclr $f14
48 fclr $f15
49 fclr $f16
50 fclr $f17
51 fclr $f18
52 fclr $f19
53 fclr $f20
54 fclr $f21
55 fclr $f22
56 fclr $f23
57 fclr $f24
58 fclr $f25
59 fclr $f26
60 fclr $f27
61 fclr $f28
62 fclr $f29
63 fclr $f30
64 mov $sp,$0
65 ret ($26)
66.end OPENSSL_wipe_cpu
67
68.globl OPENSSL_atomic_add
69.ent OPENSSL_atomic_add
70OPENSSL_atomic_add:
71 .frame $30,0,$26
72 .prologue 0
731: ldl_l $0,0($16)
74 addl $0,$17,$1
75 stl_c $1,0($16)
76 beq $1,1b
77 addl $0,$17,$0
78 ret ($26)
79.end OPENSSL_atomic_add
80
81.globl OPENSSL_rdtsc
82.ent OPENSSL_rdtsc
83OPENSSL_rdtsc:
84 .frame $30,0,$26
85 .prologue 0
86 rpcc $0
87 ret ($26)
88.end OPENSSL_rdtsc
89
90.globl OPENSSL_cleanse
91.ent OPENSSL_cleanse
92OPENSSL_cleanse:
93 .frame $30,0,$26
94 .prologue 0
95 beq $17,.Ldone
96 and $16,7,$0
97 bic $17,7,$at
98 beq $at,.Little
99 beq $0,.Laligned
100
101.Little:
102 subq $0,8,$0
103 ldq_u $1,0($16)
104 mov $16,$2
105.Lalign:
106 mskbl $1,$16,$1
107 lda $16,1($16)
108 subq $17,1,$17
109 addq $0,1,$0
110 beq $17,.Lout
111 bne $0,.Lalign
112.Lout: stq_u $1,0($2)
113 beq $17,.Ldone
114 bic $17,7,$at
115 beq $at,.Little
116
117.Laligned:
118 stq $31,0($16)
119 subq $17,8,$17
120 lda $16,8($16)
121 bic $17,7,$at
122 bne $at,.Laligned
123 bne $17,.Little
124.Ldone: ret ($26)
125.end OPENSSL_cleanse
126___
diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c
index c6fd204ae3..3348b8762c 100644
--- a/src/lib/libcrypto/asn1/a_int.c
+++ b/src/lib/libcrypto/asn1/a_int.c
@@ -273,7 +273,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
273 { 273 {
274 ASN1_INTEGER *ret=NULL; 274 ASN1_INTEGER *ret=NULL;
275 const unsigned char *p; 275 const unsigned char *p;
276 unsigned char *to,*s; 276 unsigned char *s;
277 long len; 277 long len;
278 int inf,tag,xclass; 278 int inf,tag,xclass;
279 int i; 279 int i;
@@ -308,7 +308,6 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
308 i=ERR_R_MALLOC_FAILURE; 308 i=ERR_R_MALLOC_FAILURE;
309 goto err; 309 goto err;
310 } 310 }
311 to=s;
312 ret->type=V_ASN1_INTEGER; 311 ret->type=V_ASN1_INTEGER;
313 if(len) { 312 if(len) {
314 if ((*p == 0) && (len != 1)) 313 if ((*p == 0) && (len != 1))
diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c
index e5fbe7cbb1..3978c9150d 100644
--- a/src/lib/libcrypto/asn1/a_object.c
+++ b/src/lib/libcrypto/asn1/a_object.c
@@ -139,7 +139,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
139 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT); 139 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
140 goto err; 140 goto err;
141 } 141 }
142 if (!use_bn && l > (ULONG_MAX / 10L)) 142 if (!use_bn && l >= ((ULONG_MAX - 80) / 10L))
143 { 143 {
144 use_bn = 1; 144 use_bn = 1;
145 if (!bl) 145 if (!bl)
@@ -293,7 +293,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
293 /* Sanity check OID encoding: can't have leading 0x80 in 293 /* Sanity check OID encoding: can't have leading 0x80 in
294 * subidentifiers, see: X.690 8.19.2 294 * subidentifiers, see: X.690 8.19.2
295 */ 295 */
296 for (i = 0, p = *pp + 1; i < len - 1; i++, p++) 296 for (i = 0, p = *pp; i < len; i++, p++)
297 { 297 {
298 if (*p == 0x80 && (!i || !(p[-1] & 0x80))) 298 if (*p == 0x80 && (!i || !(p[-1] & 0x80)))
299 { 299 {
diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c
index 7fc14d3296..264ebf2393 100644
--- a/src/lib/libcrypto/asn1/a_strex.c
+++ b/src/lib/libcrypto/asn1/a_strex.c
@@ -74,6 +74,11 @@
74 74
75#define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253) 75#define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
76 76
77#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
78 ASN1_STRFLGS_ESC_QUOTE | \
79 ASN1_STRFLGS_ESC_CTRL | \
80 ASN1_STRFLGS_ESC_MSB)
81
77 82
78/* Three IO functions for sending data to memory, a BIO and 83/* Three IO functions for sending data to memory, a BIO and
79 * and a FILE pointer. 84 * and a FILE pointer.
@@ -148,6 +153,13 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, ch
148 if(!io_ch(arg, tmphex, 3)) return -1; 153 if(!io_ch(arg, tmphex, 3)) return -1;
149 return 3; 154 return 3;
150 } 155 }
156 /* If we get this far and do any escaping at all must escape
157 * the escape character itself: backslash.
158 */
159 if (chtmp == '\\' && flags & ESC_FLAGS) {
160 if(!io_ch(arg, "\\\\", 2)) return -1;
161 return 2;
162 }
151 if(!io_ch(arg, &chtmp, 1)) return -1; 163 if(!io_ch(arg, &chtmp, 1)) return -1;
152 return 1; 164 return 1;
153} 165}
@@ -292,11 +304,6 @@ static const signed char tag2nbyte[] = {
292 4, -1, 2 /* 28-30 */ 304 4, -1, 2 /* 28-30 */
293}; 305};
294 306
295#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
296 ASN1_STRFLGS_ESC_QUOTE | \
297 ASN1_STRFLGS_ESC_CTRL | \
298 ASN1_STRFLGS_ESC_MSB)
299
300/* This is the main function, print out an 307/* This is the main function, print out an
301 * ASN1_STRING taking note of various escape 308 * ASN1_STRING taking note of various escape
302 * and display options. Returns number of 309 * and display options. Returns number of
diff --git a/src/lib/libcrypto/asn1/a_strnid.c b/src/lib/libcrypto/asn1/a_strnid.c
index 753021a7a2..2fc48c1551 100644
--- a/src/lib/libcrypto/asn1/a_strnid.c
+++ b/src/lib/libcrypto/asn1/a_strnid.c
@@ -95,7 +95,7 @@ unsigned long ASN1_STRING_get_default_mask(void)
95 * default: the default value, Printable, T61, BMP. 95 * default: the default value, Printable, T61, BMP.
96 */ 96 */
97 97
98int ASN1_STRING_set_default_mask_asc(char *p) 98int ASN1_STRING_set_default_mask_asc(const char *p)
99{ 99{
100 unsigned long mask; 100 unsigned long mask;
101 char *end; 101 char *end;
diff --git a/src/lib/libcrypto/asn1/ameth_lib.c b/src/lib/libcrypto/asn1/ameth_lib.c
index 9a8b6cc222..5a581b90ea 100644
--- a/src/lib/libcrypto/asn1/ameth_lib.c
+++ b/src/lib/libcrypto/asn1/ameth_lib.c
@@ -172,7 +172,6 @@ static const EVP_PKEY_ASN1_METHOD *pkey_asn1_find(int type)
172const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type) 172const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type)
173 { 173 {
174 const EVP_PKEY_ASN1_METHOD *t; 174 const EVP_PKEY_ASN1_METHOD *t;
175 ENGINE *e;
176 175
177 for (;;) 176 for (;;)
178 { 177 {
@@ -184,6 +183,7 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type)
184 if (pe) 183 if (pe)
185 { 184 {
186#ifndef OPENSSL_NO_ENGINE 185#ifndef OPENSSL_NO_ENGINE
186 ENGINE *e;
187 /* type will contain the final unaliased type */ 187 /* type will contain the final unaliased type */
188 e = ENGINE_get_pkey_asn1_meth_engine(type); 188 e = ENGINE_get_pkey_asn1_meth_engine(type);
189 if (e) 189 if (e)
diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h
index f7718b5a94..59540e4e79 100644
--- a/src/lib/libcrypto/asn1/asn1.h
+++ b/src/lib/libcrypto/asn1/asn1.h
@@ -1067,7 +1067,7 @@ ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
1067ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct); 1067ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct);
1068 1068
1069void ASN1_STRING_set_default_mask(unsigned long mask); 1069void ASN1_STRING_set_default_mask(unsigned long mask);
1070int ASN1_STRING_set_default_mask_asc(char *p); 1070int ASN1_STRING_set_default_mask_asc(const char *p);
1071unsigned long ASN1_STRING_get_default_mask(void); 1071unsigned long ASN1_STRING_get_default_mask(void);
1072int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len, 1072int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
1073 int inform, unsigned long mask); 1073 int inform, unsigned long mask);
diff --git a/src/lib/libcrypto/asn1/bio_ndef.c b/src/lib/libcrypto/asn1/bio_ndef.c
index 370389b1e6..b91f97a1b1 100644
--- a/src/lib/libcrypto/asn1/bio_ndef.c
+++ b/src/lib/libcrypto/asn1/bio_ndef.c
@@ -57,9 +57,6 @@
57#include <openssl/bio.h> 57#include <openssl/bio.h>
58#include <openssl/err.h> 58#include <openssl/err.h>
59 59
60#ifndef OPENSSL_SYSNAME_NETWARE
61#include <memory.h>
62#endif
63#include <stdio.h> 60#include <stdio.h>
64 61
65/* Experimental NDEF ASN1 BIO support routines */ 62/* Experimental NDEF ASN1 BIO support routines */
diff --git a/src/lib/libcrypto/asn1/n_pkey.c b/src/lib/libcrypto/asn1/n_pkey.c
index 60bc437938..e7d0439062 100644
--- a/src/lib/libcrypto/asn1/n_pkey.c
+++ b/src/lib/libcrypto/asn1/n_pkey.c
@@ -242,7 +242,7 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
242 int sgckey) 242 int sgckey)
243 { 243 {
244 RSA *ret=NULL; 244 RSA *ret=NULL;
245 const unsigned char *p, *kp; 245 const unsigned char *p;
246 NETSCAPE_ENCRYPTED_PKEY *enckey = NULL; 246 NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
247 247
248 p = *pp; 248 p = *pp;
@@ -265,7 +265,6 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
265 ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); 265 ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
266 goto err; 266 goto err;
267 } 267 }
268 kp = enckey->enckey->digest->data;
269 if (cb == NULL) 268 if (cb == NULL)
270 cb=EVP_read_pw_string; 269 cb=EVP_read_pw_string;
271 if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err; 270 if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err;
diff --git a/src/lib/libcrypto/asn1/t_crl.c b/src/lib/libcrypto/asn1/t_crl.c
index bdb244c015..ee5a687ce8 100644
--- a/src/lib/libcrypto/asn1/t_crl.c
+++ b/src/lib/libcrypto/asn1/t_crl.c
@@ -87,7 +87,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
87 STACK_OF(X509_REVOKED) *rev; 87 STACK_OF(X509_REVOKED) *rev;
88 X509_REVOKED *r; 88 X509_REVOKED *r;
89 long l; 89 long l;
90 int i, n; 90 int i;
91 char *p; 91 char *p;
92 92
93 BIO_printf(out, "Certificate Revocation List (CRL):\n"); 93 BIO_printf(out, "Certificate Revocation List (CRL):\n");
@@ -107,7 +107,6 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
107 else BIO_printf(out,"NONE"); 107 else BIO_printf(out,"NONE");
108 BIO_printf(out,"\n"); 108 BIO_printf(out,"\n");
109 109
110 n=X509_CRL_get_ext_count(x);
111 X509V3_extensions_print(out, "CRL extensions", 110 X509V3_extensions_print(out, "CRL extensions",
112 x->crl->extensions, 0, 8); 111 x->crl->extensions, 0, 8);
113 112
diff --git a/src/lib/libcrypto/asn1/tasn_dec.c b/src/lib/libcrypto/asn1/tasn_dec.c
index 3bee439968..87d7dfdf5c 100644
--- a/src/lib/libcrypto/asn1/tasn_dec.c
+++ b/src/lib/libcrypto/asn1/tasn_dec.c
@@ -168,7 +168,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
168 int i; 168 int i;
169 int otag; 169 int otag;
170 int ret = 0; 170 int ret = 0;
171 ASN1_VALUE *pchval, **pchptr, *ptmpval; 171 ASN1_VALUE **pchptr, *ptmpval;
172 if (!pval) 172 if (!pval)
173 return 0; 173 return 0;
174 if (aux && aux->asn1_cb) 174 if (aux && aux->asn1_cb)
@@ -319,7 +319,6 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
319 goto err; 319 goto err;
320 } 320 }
321 /* CHOICE type, try each possibility in turn */ 321 /* CHOICE type, try each possibility in turn */
322 pchval = NULL;
323 p = *in; 322 p = *in;
324 for (i = 0, tt=it->templates; i < it->tcount; i++, tt++) 323 for (i = 0, tt=it->templates; i < it->tcount; i++, tt++)
325 { 324 {
diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c
index caa4409feb..49be08b4da 100644
--- a/src/lib/libcrypto/asn1/x_name.c
+++ b/src/lib/libcrypto/asn1/x_name.c
@@ -214,7 +214,9 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
214 *val = nm.a; 214 *val = nm.a;
215 *in = p; 215 *in = p;
216 return ret; 216 return ret;
217 err: 217err:
218 if (nm.x != NULL)
219 X509_NAME_free(nm.x);
218 ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR); 220 ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
219 return 0; 221 return 0;
220} 222}
@@ -464,7 +466,8 @@ static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
464 } 466 }
465 else 467 else
466 { 468 {
467 *to++ = tolower(*from++); 469 *to++ = tolower(*from);
470 from++;
468 i++; 471 i++;
469 } 472 }
470 } 473 }
diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c
index dafd3cc921..de3df9eb51 100644
--- a/src/lib/libcrypto/asn1/x_x509.c
+++ b/src/lib/libcrypto/asn1/x_x509.c
@@ -63,7 +63,7 @@
63#include <openssl/x509.h> 63#include <openssl/x509.h>
64#include <openssl/x509v3.h> 64#include <openssl/x509v3.h>
65 65
66ASN1_SEQUENCE(X509_CINF) = { 66ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
67 ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0), 67 ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
68 ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER), 68 ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
69 ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR), 69 ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
@@ -74,7 +74,7 @@ ASN1_SEQUENCE(X509_CINF) = {
74 ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1), 74 ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
75 ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2), 75 ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
76 ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3) 76 ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
77} ASN1_SEQUENCE_END(X509_CINF) 77} ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF)
78 78
79IMPLEMENT_ASN1_FUNCTIONS(X509_CINF) 79IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
80/* X509 top level structure needs a bit of customisation */ 80/* X509 top level structure needs a bit of customisation */
diff --git a/src/lib/libcrypto/bio/b_sock.c b/src/lib/libcrypto/bio/b_sock.c
index 12b0a53a81..d47310d650 100644
--- a/src/lib/libcrypto/bio/b_sock.c
+++ b/src/lib/libcrypto/bio/b_sock.c
@@ -551,7 +551,30 @@ int BIO_socket_ioctl(int fd, long type, void *arg)
551#ifdef __DJGPP__ 551#ifdef __DJGPP__
552 i=ioctlsocket(fd,type,(char *)arg); 552 i=ioctlsocket(fd,type,(char *)arg);
553#else 553#else
554 i=ioctlsocket(fd,type,arg); 554# if defined(OPENSSL_SYS_VMS)
555 /* 2011-02-18 SMS.
556 * VMS ioctl() can't tolerate a 64-bit "void *arg", but we
557 * observe that all the consumers pass in an "unsigned long *",
558 * so we arrange a local copy with a short pointer, and use
559 * that, instead.
560 */
561# if __INITIAL_POINTER_SIZE == 64
562# define ARG arg_32p
563# pragma pointer_size save
564# pragma pointer_size 32
565 unsigned long arg_32;
566 unsigned long *arg_32p;
567# pragma pointer_size restore
568 arg_32p = &arg_32;
569 arg_32 = *((unsigned long *) arg);
570# else /* __INITIAL_POINTER_SIZE == 64 */
571# define ARG arg
572# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
573# else /* defined(OPENSSL_SYS_VMS) */
574# define ARG arg
575# endif /* defined(OPENSSL_SYS_VMS) [else] */
576
577 i=ioctlsocket(fd,type,ARG);
555#endif /* __DJGPP__ */ 578#endif /* __DJGPP__ */
556 if (i < 0) 579 if (i < 0)
557 SYSerr(SYS_F_IOCTLSOCKET,get_last_socket_error()); 580 SYSerr(SYS_F_IOCTLSOCKET,get_last_socket_error());
@@ -660,6 +683,7 @@ int BIO_get_accept_socket(char *host, int bind_mode)
660 * note that commonly IPv6 wildchard socket can service 683 * note that commonly IPv6 wildchard socket can service
661 * IPv4 connections just as well... */ 684 * IPv4 connections just as well... */
662 memset(&hint,0,sizeof(hint)); 685 memset(&hint,0,sizeof(hint));
686 hint.ai_flags = AI_PASSIVE;
663 if (h) 687 if (h)
664 { 688 {
665 if (strchr(h,':')) 689 if (strchr(h,':'))
@@ -672,7 +696,10 @@ int BIO_get_accept_socket(char *host, int bind_mode)
672#endif 696#endif
673 } 697 }
674 else if (h[0]=='*' && h[1]=='\0') 698 else if (h[0]=='*' && h[1]=='\0')
699 {
700 hint.ai_family = AF_INET;
675 h=NULL; 701 h=NULL;
702 }
676 } 703 }
677 704
678 if ((*p_getaddrinfo.f)(h,p,&hint,&res)) break; 705 if ((*p_getaddrinfo.f)(h,p,&hint,&res)) break;
diff --git a/src/lib/libcrypto/bio/bf_nbio.c b/src/lib/libcrypto/bio/bf_nbio.c
index c72a23c2e1..028616c064 100644
--- a/src/lib/libcrypto/bio/bf_nbio.c
+++ b/src/lib/libcrypto/bio/bf_nbio.c
@@ -125,7 +125,6 @@ static int nbiof_free(BIO *a)
125 125
126static int nbiof_read(BIO *b, char *out, int outl) 126static int nbiof_read(BIO *b, char *out, int outl)
127 { 127 {
128 NBIO_TEST *nt;
129 int ret=0; 128 int ret=0;
130#if 1 129#if 1
131 int num; 130 int num;
@@ -134,7 +133,6 @@ static int nbiof_read(BIO *b, char *out, int outl)
134 133
135 if (out == NULL) return(0); 134 if (out == NULL) return(0);
136 if (b->next_bio == NULL) return(0); 135 if (b->next_bio == NULL) return(0);
137 nt=(NBIO_TEST *)b->ptr;
138 136
139 BIO_clear_retry_flags(b); 137 BIO_clear_retry_flags(b);
140#if 1 138#if 1
diff --git a/src/lib/libcrypto/bio/bio_lib.c b/src/lib/libcrypto/bio/bio_lib.c
index 77f4de9c32..e12bc3a2ca 100644
--- a/src/lib/libcrypto/bio/bio_lib.c
+++ b/src/lib/libcrypto/bio/bio_lib.c
@@ -110,7 +110,7 @@ int BIO_set(BIO *bio, BIO_METHOD *method)
110 110
111int BIO_free(BIO *a) 111int BIO_free(BIO *a)
112 { 112 {
113 int ret=0,i; 113 int i;
114 114
115 if (a == NULL) return(0); 115 if (a == NULL) return(0);
116 116
@@ -133,7 +133,7 @@ int BIO_free(BIO *a)
133 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data); 133 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
134 134
135 if ((a->method == NULL) || (a->method->destroy == NULL)) return(1); 135 if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
136 ret=a->method->destroy(a); 136 a->method->destroy(a);
137 OPENSSL_free(a); 137 OPENSSL_free(a);
138 return(1); 138 return(1);
139 } 139 }
diff --git a/src/lib/libcrypto/bio/bss_acpt.c b/src/lib/libcrypto/bio/bss_acpt.c
index 826f761143..5d49e1a72b 100644
--- a/src/lib/libcrypto/bio/bss_acpt.c
+++ b/src/lib/libcrypto/bio/bss_acpt.c
@@ -340,7 +340,6 @@ static int acpt_write(BIO *b, const char *in, int inl)
340 340
341static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr) 341static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
342 { 342 {
343 BIO *dbio;
344 int *ip; 343 int *ip;
345 long ret=1; 344 long ret=1;
346 BIO_ACCEPT *data; 345 BIO_ACCEPT *data;
@@ -437,8 +436,8 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
437 ret=(long)data->bind_mode; 436 ret=(long)data->bind_mode;
438 break; 437 break;
439 case BIO_CTRL_DUP: 438 case BIO_CTRL_DUP:
440 dbio=(BIO *)ptr; 439/* dbio=(BIO *)ptr;
441/* if (data->param_port) EAY EAY 440 if (data->param_port) EAY EAY
442 BIO_set_port(dbio,data->param_port); 441 BIO_set_port(dbio,data->param_port);
443 if (data->param_hostname) 442 if (data->param_hostname)
444 BIO_set_hostname(dbio,data->param_hostname); 443 BIO_set_hostname(dbio,data->param_hostname);
diff --git a/src/lib/libcrypto/bio/bss_dgram.c b/src/lib/libcrypto/bio/bss_dgram.c
index eb7e365467..71ebe987b6 100644
--- a/src/lib/libcrypto/bio/bss_dgram.c
+++ b/src/lib/libcrypto/bio/bss_dgram.c
@@ -57,7 +57,6 @@
57 * 57 *
58 */ 58 */
59 59
60#ifndef OPENSSL_NO_DGRAM
61 60
62#include <stdio.h> 61#include <stdio.h>
63#include <errno.h> 62#include <errno.h>
@@ -65,6 +64,7 @@
65#include "cryptlib.h" 64#include "cryptlib.h"
66 65
67#include <openssl/bio.h> 66#include <openssl/bio.h>
67#ifndef OPENSSL_NO_DGRAM
68 68
69#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) 69#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS)
70#include <sys/timeb.h> 70#include <sys/timeb.h>
@@ -308,7 +308,6 @@ static int dgram_read(BIO *b, char *out, int outl)
308 OPENSSL_assert(sa.len.s<=sizeof(sa.peer)); 308 OPENSSL_assert(sa.len.s<=sizeof(sa.peer));
309 sa.len.i = (int)sa.len.s; 309 sa.len.i = (int)sa.len.s;
310 } 310 }
311 dgram_reset_rcv_timeout(b);
312 311
313 if ( ! data->connected && ret >= 0) 312 if ( ! data->connected && ret >= 0)
314 BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer); 313 BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
@@ -322,6 +321,8 @@ static int dgram_read(BIO *b, char *out, int outl)
322 data->_errno = get_last_socket_error(); 321 data->_errno = get_last_socket_error();
323 } 322 }
324 } 323 }
324
325 dgram_reset_rcv_timeout(b);
325 } 326 }
326 return(ret); 327 return(ret);
327 } 328 }
@@ -340,7 +341,7 @@ static int dgram_write(BIO *b, const char *in, int inl)
340 341
341 if (data->peer.sa.sa_family == AF_INET) 342 if (data->peer.sa.sa_family == AF_INET)
342 peerlen = sizeof(data->peer.sa_in); 343 peerlen = sizeof(data->peer.sa_in);
343#if OPENSSL_USE_IVP6 344#if OPENSSL_USE_IPV6
344 else if (data->peer.sa.sa_family == AF_INET6) 345 else if (data->peer.sa.sa_family == AF_INET6)
345 peerlen = sizeof(data->peer.sa_in6); 346 peerlen = sizeof(data->peer.sa_in6);
346#endif 347#endif
@@ -745,9 +746,13 @@ static int BIO_dgram_should_retry(int i)
745 { 746 {
746 err=get_last_socket_error(); 747 err=get_last_socket_error();
747 748
748#if defined(OPENSSL_SYS_WINDOWS) && 0 /* more microsoft stupidity? perhaps not? Ben 4/1/99 */ 749#if defined(OPENSSL_SYS_WINDOWS)
749 if ((i == -1) && (err == 0)) 750 /* If the socket return value (i) is -1
750 return(1); 751 * and err is unexpectedly 0 at this point,
752 * the error code was overwritten by
753 * another system call before this error
754 * handling is called.
755 */
751#endif 756#endif
752 757
753 return(BIO_dgram_non_fatal_error(err)); 758 return(BIO_dgram_non_fatal_error(err));
@@ -810,7 +815,6 @@ int BIO_dgram_non_fatal_error(int err)
810 } 815 }
811 return(0); 816 return(0);
812 } 817 }
813#endif
814 818
815static void get_current_time(struct timeval *t) 819static void get_current_time(struct timeval *t)
816 { 820 {
@@ -828,3 +832,5 @@ static void get_current_time(struct timeval *t)
828 gettimeofday(t, NULL); 832 gettimeofday(t, NULL);
829#endif 833#endif
830 } 834 }
835
836#endif
diff --git a/src/lib/libcrypto/bio/bss_file.c b/src/lib/libcrypto/bio/bss_file.c
index 8bfa0bcd97..b954fe7ebc 100644
--- a/src/lib/libcrypto/bio/bss_file.c
+++ b/src/lib/libcrypto/bio/bss_file.c
@@ -123,6 +123,7 @@ BIO *BIO_new_file(const char *filename, const char *mode)
123 123
124#if defined(_WIN32) && defined(CP_UTF8) 124#if defined(_WIN32) && defined(CP_UTF8)
125 int sz, len_0 = (int)strlen(filename)+1; 125 int sz, len_0 = (int)strlen(filename)+1;
126 DWORD flags;
126 127
127 /* 128 /*
128 * Basically there are three cases to cover: a) filename is 129 * Basically there are three cases to cover: a) filename is
@@ -136,17 +137,22 @@ BIO *BIO_new_file(const char *filename, const char *mode)
136 * ERROR_NO_UNICODE_TRANSLATION, in which case we fall 137 * ERROR_NO_UNICODE_TRANSLATION, in which case we fall
137 * back to fopen... 138 * back to fopen...
138 */ 139 */
139 if ((sz=MultiByteToWideChar(CP_UTF8,MB_ERR_INVALID_CHARS, 140 if ((sz=MultiByteToWideChar(CP_UTF8,(flags=MB_ERR_INVALID_CHARS),
141 filename,len_0,NULL,0))>0 ||
142 (GetLastError()==ERROR_INVALID_FLAGS &&
143 (sz=MultiByteToWideChar(CP_UTF8,(flags=0),
140 filename,len_0,NULL,0))>0) 144 filename,len_0,NULL,0))>0)
145 )
141 { 146 {
142 WCHAR wmode[8]; 147 WCHAR wmode[8];
143 WCHAR *wfilename = _alloca(sz*sizeof(WCHAR)); 148 WCHAR *wfilename = _alloca(sz*sizeof(WCHAR));
144 149
145 if (MultiByteToWideChar(CP_UTF8,MB_ERR_INVALID_CHARS, 150 if (MultiByteToWideChar(CP_UTF8,flags,
146 filename,len_0,wfilename,sz) && 151 filename,len_0,wfilename,sz) &&
147 MultiByteToWideChar(CP_UTF8,0,mode,strlen(mode)+1, 152 MultiByteToWideChar(CP_UTF8,0,mode,strlen(mode)+1,
148 wmode,sizeof(wmode)/sizeof(wmode[0])) && 153 wmode,sizeof(wmode)/sizeof(wmode[0])) &&
149 (file=_wfopen(wfilename,wmode))==NULL && errno==ENOENT 154 (file=_wfopen(wfilename,wmode))==NULL &&
155 (errno==ENOENT || errno==EBADF)
150 ) /* UTF-8 decode succeeded, but no file, filename 156 ) /* UTF-8 decode succeeded, but no file, filename
151 * could still have been locale-ized... */ 157 * could still have been locale-ized... */
152 file = fopen(filename,mode); 158 file = fopen(filename,mode);
diff --git a/src/lib/libcrypto/bio/bss_log.c b/src/lib/libcrypto/bio/bss_log.c
index 7ead044b37..b7dce5c1a2 100644
--- a/src/lib/libcrypto/bio/bss_log.c
+++ b/src/lib/libcrypto/bio/bss_log.c
@@ -75,6 +75,15 @@
75# include <descrip.h> 75# include <descrip.h>
76# include <lib$routines.h> 76# include <lib$routines.h>
77# include <starlet.h> 77# include <starlet.h>
78/* Some compiler options may mask the declaration of "_malloc32". */
79# if __INITIAL_POINTER_SIZE && defined _ANSI_C_SOURCE
80# if __INITIAL_POINTER_SIZE == 64
81# pragma pointer_size save
82# pragma pointer_size 32
83 void * _malloc32 (__size_t);
84# pragma pointer_size restore
85# endif /* __INITIAL_POINTER_SIZE == 64 */
86# endif /* __INITIAL_POINTER_SIZE && defined _ANSI_C_SOURCE */
78#elif defined(__ultrix) 87#elif defined(__ultrix)
79# include <sys/syslog.h> 88# include <sys/syslog.h>
80#elif defined(OPENSSL_SYS_NETWARE) 89#elif defined(OPENSSL_SYS_NETWARE)
@@ -300,7 +309,24 @@ static void xopenlog(BIO* bp, char* name, int level)
300static void xsyslog(BIO *bp, int priority, const char *string) 309static void xsyslog(BIO *bp, int priority, const char *string)
301{ 310{
302 struct dsc$descriptor_s opc_dsc; 311 struct dsc$descriptor_s opc_dsc;
312
313/* Arrange 32-bit pointer to opcdef buffer and malloc(), if needed. */
314#if __INITIAL_POINTER_SIZE == 64
315# pragma pointer_size save
316# pragma pointer_size 32
317# define OPCDEF_TYPE __char_ptr32
318# define OPCDEF_MALLOC _malloc32
319#else /* __INITIAL_POINTER_SIZE == 64 */
320# define OPCDEF_TYPE char *
321# define OPCDEF_MALLOC OPENSSL_malloc
322#endif /* __INITIAL_POINTER_SIZE == 64 [else] */
323
303 struct opcdef *opcdef_p; 324 struct opcdef *opcdef_p;
325
326#if __INITIAL_POINTER_SIZE == 64
327# pragma pointer_size restore
328#endif /* __INITIAL_POINTER_SIZE == 64 */
329
304 char buf[10240]; 330 char buf[10240];
305 unsigned int len; 331 unsigned int len;
306 struct dsc$descriptor_s buf_dsc; 332 struct dsc$descriptor_s buf_dsc;
@@ -326,8 +352,8 @@ static void xsyslog(BIO *bp, int priority, const char *string)
326 352
327 lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string); 353 lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string);
328 354
329 /* we know there's an 8 byte header. That's documented */ 355 /* We know there's an 8-byte header. That's documented. */
330 opcdef_p = (struct opcdef *) OPENSSL_malloc(8 + len); 356 opcdef_p = OPCDEF_MALLOC( 8+ len);
331 opcdef_p->opc$b_ms_type = OPC$_RQ_RQST; 357 opcdef_p->opc$b_ms_type = OPC$_RQ_RQST;
332 memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3); 358 memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3);
333 opcdef_p->opc$l_ms_rqstid = 0; 359 opcdef_p->opc$l_ms_rqstid = 0;
@@ -335,7 +361,7 @@ static void xsyslog(BIO *bp, int priority, const char *string)
335 361
336 opc_dsc.dsc$b_dtype = DSC$K_DTYPE_T; 362 opc_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
337 opc_dsc.dsc$b_class = DSC$K_CLASS_S; 363 opc_dsc.dsc$b_class = DSC$K_CLASS_S;
338 opc_dsc.dsc$a_pointer = (char *)opcdef_p; 364 opc_dsc.dsc$a_pointer = (OPCDEF_TYPE) opcdef_p;
339 opc_dsc.dsc$w_length = len + 8; 365 opc_dsc.dsc$w_length = len + 8;
340 366
341 sys$sndopr(opc_dsc, 0); 367 sys$sndopr(opc_dsc, 0);
diff --git a/src/lib/libcrypto/bn/asm/alpha-mont.pl b/src/lib/libcrypto/bn/asm/alpha-mont.pl
index f7e0ca1646..03596e2014 100644
--- a/src/lib/libcrypto/bn/asm/alpha-mont.pl
+++ b/src/lib/libcrypto/bn/asm/alpha-mont.pl
@@ -41,8 +41,12 @@ $j="s4";
41$m1="s5"; 41$m1="s5";
42 42
43$code=<<___; 43$code=<<___;
44#ifdef __linux__
45#include <asm/regdef.h>
46#else
44#include <asm.h> 47#include <asm.h>
45#include <regdef.h> 48#include <regdef.h>
49#endif
46 50
47.text 51.text
48 52
@@ -76,7 +80,7 @@ bn_mul_mont:
76 ldq $aj,8($ap) 80 ldq $aj,8($ap)
77 subq sp,AT,sp 81 subq sp,AT,sp
78 ldq $bi,0($bp) # bp[0] 82 ldq $bi,0($bp) # bp[0]
79 mov -4096,AT 83 lda AT,-4096(zero) # mov -4096,AT
80 ldq $n0,0($n0) 84 ldq $n0,0($n0)
81 and sp,AT,sp 85 and sp,AT,sp
82 86
@@ -106,9 +110,9 @@ bn_mul_mont:
106.align 4 110.align 4
107.L1st: 111.L1st:
108 .set noreorder 112 .set noreorder
109 ldq $aj,($aj) 113 ldq $aj,0($aj)
110 addl $j,1,$j 114 addl $j,1,$j
111 ldq $nj,($nj) 115 ldq $nj,0($nj)
112 lda $tp,8($tp) 116 lda $tp,8($tp)
113 117
114 addq $alo,$hi0,$lo0 118 addq $alo,$hi0,$lo0
@@ -159,12 +163,12 @@ bn_mul_mont:
159.align 4 163.align 4
160.Louter: 164.Louter:
161 s8addq $i,$bp,$bi 165 s8addq $i,$bp,$bi
162 ldq $hi0,($ap) 166 ldq $hi0,0($ap)
163 ldq $aj,8($ap) 167 ldq $aj,8($ap)
164 ldq $bi,($bi) 168 ldq $bi,0($bi)
165 ldq $hi1,($np) 169 ldq $hi1,0($np)
166 ldq $nj,8($np) 170 ldq $nj,8($np)
167 ldq $tj,(sp) 171 ldq $tj,0(sp)
168 172
169 mulq $hi0,$bi,$lo0 173 mulq $hi0,$bi,$lo0
170 umulh $hi0,$bi,$hi0 174 umulh $hi0,$bi,$hi0
@@ -195,10 +199,10 @@ bn_mul_mont:
195 .set noreorder 199 .set noreorder
196 ldq $tj,8($tp) #L0 200 ldq $tj,8($tp) #L0
197 nop #U1 201 nop #U1
198 ldq $aj,($aj) #L1 202 ldq $aj,0($aj) #L1
199 s8addq $j,$np,$nj #U0 203 s8addq $j,$np,$nj #U0
200 204
201 ldq $nj,($nj) #L0 205 ldq $nj,0($nj) #L0
202 nop #U1 206 nop #U1
203 addq $alo,$hi0,$lo0 #L1 207 addq $alo,$hi0,$lo0 #L1
204 lda $tp,8($tp) 208 lda $tp,8($tp)
@@ -247,7 +251,7 @@ bn_mul_mont:
247 addq $hi1,v0,$hi1 251 addq $hi1,v0,$hi1
248 252
249 addq $hi1,$hi0,$lo1 253 addq $hi1,$hi0,$lo1
250 stq $j,($tp) 254 stq $j,0($tp)
251 cmpult $lo1,$hi0,$hi1 255 cmpult $lo1,$hi0,$hi1
252 addq $lo1,$tj,$lo1 256 addq $lo1,$tj,$lo1
253 cmpult $lo1,$tj,AT 257 cmpult $lo1,$tj,AT
@@ -265,8 +269,8 @@ bn_mul_mont:
265 mov 0,$hi0 # clear borrow bit 269 mov 0,$hi0 # clear borrow bit
266 270
267.align 4 271.align 4
268.Lsub: ldq $lo0,($tp) 272.Lsub: ldq $lo0,0($tp)
269 ldq $lo1,($np) 273 ldq $lo1,0($np)
270 lda $tp,8($tp) 274 lda $tp,8($tp)
271 lda $np,8($np) 275 lda $np,8($np)
272 subq $lo0,$lo1,$lo1 # tp[i]-np[i] 276 subq $lo0,$lo1,$lo1 # tp[i]-np[i]
@@ -274,7 +278,7 @@ bn_mul_mont:
274 subq $lo1,$hi0,$lo0 278 subq $lo1,$hi0,$lo0
275 cmpult $lo1,$lo0,$hi0 279 cmpult $lo1,$lo0,$hi0
276 or $hi0,AT,$hi0 280 or $hi0,AT,$hi0
277 stq $lo0,($rp) 281 stq $lo0,0($rp)
278 cmpult $tp,$tj,v0 282 cmpult $tp,$tj,v0
279 lda $rp,8($rp) 283 lda $rp,8($rp)
280 bne v0,.Lsub 284 bne v0,.Lsub
@@ -288,7 +292,7 @@ bn_mul_mont:
288 bis $bp,$ap,$ap # ap=borrow?tp:rp 292 bis $bp,$ap,$ap # ap=borrow?tp:rp
289 293
290.align 4 294.align 4
291.Lcopy: ldq $aj,($ap) # copy or in-place refresh 295.Lcopy: ldq $aj,0($ap) # copy or in-place refresh
292 lda $tp,8($tp) 296 lda $tp,8($tp)
293 lda $rp,8($rp) 297 lda $rp,8($rp)
294 lda $ap,8($ap) 298 lda $ap,8($ap)
@@ -309,8 +313,8 @@ bn_mul_mont:
309 lda sp,48(sp) 313 lda sp,48(sp)
310 ret (ra) 314 ret (ra)
311.end bn_mul_mont 315.end bn_mul_mont
312.rdata 316.ascii "Montgomery Multiplication for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
313.asciiz "Montgomery Multiplication for Alpha, CRYPTOGAMS by <appro\@openssl.org>" 317.align 2
314___ 318___
315 319
316print $code; 320print $code;
diff --git a/src/lib/libcrypto/bn/asm/s390x-mont.pl b/src/lib/libcrypto/bn/asm/s390x-mont.pl
index d23251033b..f61246f5b6 100644
--- a/src/lib/libcrypto/bn/asm/s390x-mont.pl
+++ b/src/lib/libcrypto/bn/asm/s390x-mont.pl
@@ -69,8 +69,8 @@ bn_mul_mont:
69 cghi $num,16 # 69 cghi $num,16 #
70 lghi %r2,0 # 70 lghi %r2,0 #
71 blr %r14 # if($num<16) return 0; 71 blr %r14 # if($num<16) return 0;
72 cghi $num,128 # 72 cghi $num,96 #
73 bhr %r14 # if($num>128) return 0; 73 bhr %r14 # if($num>96) return 0;
74 74
75 stmg %r3,%r15,24($sp) 75 stmg %r3,%r15,24($sp)
76 76
diff --git a/src/lib/libcrypto/bn/asm/s390x.S b/src/lib/libcrypto/bn/asm/s390x.S
index 8f45f5d513..43fcb79bc0 100755
--- a/src/lib/libcrypto/bn/asm/s390x.S
+++ b/src/lib/libcrypto/bn/asm/s390x.S
@@ -1,4 +1,4 @@
1.ident "s390x.S, version 1.0" 1.ident "s390x.S, version 1.1"
2// ==================================================================== 2// ====================================================================
3// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL 3// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
4// project. 4// project.
@@ -24,67 +24,67 @@ bn_mul_add_words:
24 bler %r14 // if (len<=0) return 0; 24 bler %r14 // if (len<=0) return 0;
25 25
26 stmg %r6,%r10,48(%r15) 26 stmg %r6,%r10,48(%r15)
27 lghi %r10,3
27 lghi %r8,0 // carry = 0 28 lghi %r8,0 // carry = 0
28 srag %r10,%r4,2 // cnt=len/4 29 nr %r10,%r4 // len%4
29 jz .Loop1_madd 30 sra %r4,2 // cnt=len/4
31 jz .Loop1_madd // carry is incidentally cleared if branch taken
32 algr zero,zero // clear carry
30 33
31.Loop4_madd: 34.Loop4_madd:
32 lg %r7,0(%r2,%r3) // ap[i] 35 lg %r7,0(%r2,%r3) // ap[i]
33 mlgr %r6,%r5 // *=w 36 mlgr %r6,%r5 // *=w
34 algr %r7,%r8 // +=carry 37 alcgr %r7,%r8 // +=carry
35 alcgr %r6,zero 38 alcgr %r6,zero
36 alg %r7,0(%r2,%r1) // +=rp[i] 39 alg %r7,0(%r2,%r1) // +=rp[i]
37 alcgr %r6,zero
38 stg %r7,0(%r2,%r1) // rp[i]= 40 stg %r7,0(%r2,%r1) // rp[i]=
39 41
40 lg %r9,8(%r2,%r3) 42 lg %r9,8(%r2,%r3)
41 mlgr %r8,%r5 43 mlgr %r8,%r5
42 algr %r9,%r6 44 alcgr %r9,%r6
43 alcgr %r8,zero 45 alcgr %r8,zero
44 alg %r9,8(%r2,%r1) 46 alg %r9,8(%r2,%r1)
45 alcgr %r8,zero
46 stg %r9,8(%r2,%r1) 47 stg %r9,8(%r2,%r1)
47 48
48 lg %r7,16(%r2,%r3) 49 lg %r7,16(%r2,%r3)
49 mlgr %r6,%r5 50 mlgr %r6,%r5
50 algr %r7,%r8 51 alcgr %r7,%r8
51 alcgr %r6,zero 52 alcgr %r6,zero
52 alg %r7,16(%r2,%r1) 53 alg %r7,16(%r2,%r1)
53 alcgr %r6,zero
54 stg %r7,16(%r2,%r1) 54 stg %r7,16(%r2,%r1)
55 55
56 lg %r9,24(%r2,%r3) 56 lg %r9,24(%r2,%r3)
57 mlgr %r8,%r5 57 mlgr %r8,%r5
58 algr %r9,%r6 58 alcgr %r9,%r6
59 alcgr %r8,zero 59 alcgr %r8,zero
60 alg %r9,24(%r2,%r1) 60 alg %r9,24(%r2,%r1)
61 alcgr %r8,zero
62 stg %r9,24(%r2,%r1) 61 stg %r9,24(%r2,%r1)
63 62
64 la %r2,32(%r2) // i+=4 63 la %r2,32(%r2) // i+=4
65 brct %r10,.Loop4_madd 64 brct %r4,.Loop4_madd
66 65
67 lghi %r10,3 66 la %r10,1(%r10) // see if len%4 is zero ...
68 nr %r4,%r10 // cnt=len%4 67 brct %r10,.Loop1_madd // without touching condition code:-)
69 jz .Lend_madd 68
69.Lend_madd:
70 alcgr %r8,zero // collect carry bit
71 lgr %r2,%r8
72 lmg %r6,%r10,48(%r15)
73 br %r14
70 74
71.Loop1_madd: 75.Loop1_madd:
72 lg %r7,0(%r2,%r3) // ap[i] 76 lg %r7,0(%r2,%r3) // ap[i]
73 mlgr %r6,%r5 // *=w 77 mlgr %r6,%r5 // *=w
74 algr %r7,%r8 // +=carry 78 alcgr %r7,%r8 // +=carry
75 alcgr %r6,zero 79 alcgr %r6,zero
76 alg %r7,0(%r2,%r1) // +=rp[i] 80 alg %r7,0(%r2,%r1) // +=rp[i]
77 alcgr %r6,zero
78 stg %r7,0(%r2,%r1) // rp[i]= 81 stg %r7,0(%r2,%r1) // rp[i]=
79 82
80 lgr %r8,%r6 83 lgr %r8,%r6
81 la %r2,8(%r2) // i++ 84 la %r2,8(%r2) // i++
82 brct %r4,.Loop1_madd 85 brct %r10,.Loop1_madd
83 86
84.Lend_madd: 87 j .Lend_madd
85 lgr %r2,%r8
86 lmg %r6,%r10,48(%r15)
87 br %r14
88.size bn_mul_add_words,.-bn_mul_add_words 88.size bn_mul_add_words,.-bn_mul_add_words
89 89
90// BN_ULONG bn_mul_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5); 90// BN_ULONG bn_mul_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
@@ -99,57 +99,57 @@ bn_mul_words:
99 bler %r14 // if (len<=0) return 0; 99 bler %r14 // if (len<=0) return 0;
100 100
101 stmg %r6,%r10,48(%r15) 101 stmg %r6,%r10,48(%r15)
102 lghi %r10,3
102 lghi %r8,0 // carry = 0 103 lghi %r8,0 // carry = 0
103 srag %r10,%r4,2 // cnt=len/4 104 nr %r10,%r4 // len%4
104 jz .Loop1_mul 105 sra %r4,2 // cnt=len/4
106 jz .Loop1_mul // carry is incidentally cleared if branch taken
107 algr zero,zero // clear carry
105 108
106.Loop4_mul: 109.Loop4_mul:
107 lg %r7,0(%r2,%r3) // ap[i] 110 lg %r7,0(%r2,%r3) // ap[i]
108 mlgr %r6,%r5 // *=w 111 mlgr %r6,%r5 // *=w
109 algr %r7,%r8 // +=carry 112 alcgr %r7,%r8 // +=carry
110 alcgr %r6,zero
111 stg %r7,0(%r2,%r1) // rp[i]= 113 stg %r7,0(%r2,%r1) // rp[i]=
112 114
113 lg %r9,8(%r2,%r3) 115 lg %r9,8(%r2,%r3)
114 mlgr %r8,%r5 116 mlgr %r8,%r5
115 algr %r9,%r6 117 alcgr %r9,%r6
116 alcgr %r8,zero
117 stg %r9,8(%r2,%r1) 118 stg %r9,8(%r2,%r1)
118 119
119 lg %r7,16(%r2,%r3) 120 lg %r7,16(%r2,%r3)
120 mlgr %r6,%r5 121 mlgr %r6,%r5
121 algr %r7,%r8 122 alcgr %r7,%r8
122 alcgr %r6,zero
123 stg %r7,16(%r2,%r1) 123 stg %r7,16(%r2,%r1)
124 124
125 lg %r9,24(%r2,%r3) 125 lg %r9,24(%r2,%r3)
126 mlgr %r8,%r5 126 mlgr %r8,%r5
127 algr %r9,%r6 127 alcgr %r9,%r6
128 alcgr %r8,zero
129 stg %r9,24(%r2,%r1) 128 stg %r9,24(%r2,%r1)
130 129
131 la %r2,32(%r2) // i+=4 130 la %r2,32(%r2) // i+=4
132 brct %r10,.Loop4_mul 131 brct %r4,.Loop4_mul
133 132
134 lghi %r10,3 133 la %r10,1(%r10) // see if len%4 is zero ...
135 nr %r4,%r10 // cnt=len%4 134 brct %r10,.Loop1_mul // without touching condition code:-)
136 jz .Lend_mul 135
136.Lend_mul:
137 alcgr %r8,zero // collect carry bit
138 lgr %r2,%r8
139 lmg %r6,%r10,48(%r15)
140 br %r14
137 141
138.Loop1_mul: 142.Loop1_mul:
139 lg %r7,0(%r2,%r3) // ap[i] 143 lg %r7,0(%r2,%r3) // ap[i]
140 mlgr %r6,%r5 // *=w 144 mlgr %r6,%r5 // *=w
141 algr %r7,%r8 // +=carry 145 alcgr %r7,%r8 // +=carry
142 alcgr %r6,zero
143 stg %r7,0(%r2,%r1) // rp[i]= 146 stg %r7,0(%r2,%r1) // rp[i]=
144 147
145 lgr %r8,%r6 148 lgr %r8,%r6
146 la %r2,8(%r2) // i++ 149 la %r2,8(%r2) // i++
147 brct %r4,.Loop1_mul 150 brct %r10,.Loop1_mul
148 151
149.Lend_mul: 152 j .Lend_mul
150 lgr %r2,%r8
151 lmg %r6,%r10,48(%r15)
152 br %r14
153.size bn_mul_words,.-bn_mul_words 153.size bn_mul_words,.-bn_mul_words
154 154
155// void bn_sqr_words(BN_ULONG *r2,BN_ULONG *r2,int r4) 155// void bn_sqr_words(BN_ULONG *r2,BN_ULONG *r2,int r4)
diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h
index e484b7fc11..a0bc47837d 100644
--- a/src/lib/libcrypto/bn/bn.h
+++ b/src/lib/libcrypto/bn/bn.h
@@ -253,6 +253,24 @@ extern "C" {
253#define BN_HEX_FMT2 "%08X" 253#define BN_HEX_FMT2 "%08X"
254#endif 254#endif
255 255
256/* 2011-02-22 SMS.
257 * In various places, a size_t variable or a type cast to size_t was
258 * used to perform integer-only operations on pointers. This failed on
259 * VMS with 64-bit pointers (CC /POINTER_SIZE = 64) because size_t is
260 * still only 32 bits. What's needed in these cases is an integer type
261 * with the same size as a pointer, which size_t is not certain to be.
262 * The only fix here is VMS-specific.
263 */
264#if defined(OPENSSL_SYS_VMS)
265# if __INITIAL_POINTER_SIZE == 64
266# define PTR_SIZE_INT long long
267# else /* __INITIAL_POINTER_SIZE == 64 */
268# define PTR_SIZE_INT int
269# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
270#else /* defined(OPENSSL_SYS_VMS) */
271# define PTR_SIZE_INT size_t
272#endif /* defined(OPENSSL_SYS_VMS) [else] */
273
256#define BN_DEFAULT_BITS 1280 274#define BN_DEFAULT_BITS 1280
257 275
258#define BN_FLG_MALLOCED 0x01 276#define BN_FLG_MALLOCED 0x01
diff --git a/src/lib/libcrypto/bn/bn_exp2.c b/src/lib/libcrypto/bn/bn_exp2.c
index b3f43cec8c..bd0c34b91b 100644
--- a/src/lib/libcrypto/bn/bn_exp2.c
+++ b/src/lib/libcrypto/bn/bn_exp2.c
@@ -301,7 +301,8 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
301 r_is_one = 0; 301 r_is_one = 0;
302 } 302 }
303 } 303 }
304 BN_from_montgomery(rr,r,mont,ctx); 304 if (!BN_from_montgomery(rr,r,mont,ctx))
305 goto err;
305 ret=1; 306 ret=1;
306err: 307err:
307 if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); 308 if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
diff --git a/src/lib/libcrypto/bn/bn_gf2m.c b/src/lib/libcrypto/bn/bn_gf2m.c
index 527b0fa15b..432a3aa338 100644
--- a/src/lib/libcrypto/bn/bn_gf2m.c
+++ b/src/lib/libcrypto/bn/bn_gf2m.c
@@ -545,6 +545,7 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
545 { 545 {
546 while (!BN_is_odd(u)) 546 while (!BN_is_odd(u))
547 { 547 {
548 if (BN_is_zero(u)) goto err;
548 if (!BN_rshift1(u, u)) goto err; 549 if (!BN_rshift1(u, u)) goto err;
549 if (BN_is_odd(b)) 550 if (BN_is_odd(b))
550 { 551 {
diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c
index 7224637ab3..1a866880f5 100644
--- a/src/lib/libcrypto/bn/bn_mont.c
+++ b/src/lib/libcrypto/bn/bn_mont.c
@@ -277,7 +277,7 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
277 m1|=m2; /* (al!=ri) */ 277 m1|=m2; /* (al!=ri) */
278 m1|=(0-(size_t)v); /* (al!=ri || v) */ 278 m1|=(0-(size_t)v); /* (al!=ri || v) */
279 m1&=~m2; /* (al!=ri || v) && !al>ri */ 279 m1&=~m2; /* (al!=ri || v) && !al>ri */
280 nrp=(BN_ULONG *)(((size_t)rp&~m1)|((size_t)ap&m1)); 280 nrp=(BN_ULONG *)(((PTR_SIZE_INT)rp&~m1)|((PTR_SIZE_INT)ap&m1));
281 } 281 }
282 282
283 /* 'i<ri' is chosen to eliminate dependency on input data, even 283 /* 'i<ri' is chosen to eliminate dependency on input data, even
diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c
index a0e9ec3b46..12e5be80eb 100644
--- a/src/lib/libcrypto/bn/bn_mul.c
+++ b/src/lib/libcrypto/bn/bn_mul.c
@@ -551,7 +551,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
551 int tna, int tnb, BN_ULONG *t) 551 int tna, int tnb, BN_ULONG *t)
552 { 552 {
553 int i,j,n2=n*2; 553 int i,j,n2=n*2;
554 int c1,c2,neg,zero; 554 int c1,c2,neg;
555 BN_ULONG ln,lo,*p; 555 BN_ULONG ln,lo,*p;
556 556
557# ifdef BN_COUNT 557# ifdef BN_COUNT
@@ -567,7 +567,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
567 /* r=(a[0]-a[1])*(b[1]-b[0]) */ 567 /* r=(a[0]-a[1])*(b[1]-b[0]) */
568 c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); 568 c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna);
569 c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); 569 c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n);
570 zero=neg=0; 570 neg=0;
571 switch (c1*3+c2) 571 switch (c1*3+c2)
572 { 572 {
573 case -4: 573 case -4:
@@ -575,7 +575,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
575 bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ 575 bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */
576 break; 576 break;
577 case -3: 577 case -3:
578 zero=1;
579 /* break; */ 578 /* break; */
580 case -2: 579 case -2:
581 bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ 580 bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */
@@ -585,7 +584,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
585 case -1: 584 case -1:
586 case 0: 585 case 0:
587 case 1: 586 case 1:
588 zero=1;
589 /* break; */ 587 /* break; */
590 case 2: 588 case 2:
591 bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ 589 bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */
@@ -593,7 +591,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
593 neg=1; 591 neg=1;
594 break; 592 break;
595 case 3: 593 case 3:
596 zero=1;
597 /* break; */ 594 /* break; */
598 case 4: 595 case 4:
599 bn_sub_part_words(t, a, &(a[n]),tna,n-tna); 596 bn_sub_part_words(t, a, &(a[n]),tna,n-tna);
@@ -1012,7 +1009,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
1012 { 1009 {
1013 if (i >= -1 && i <= 1) 1010 if (i >= -1 && i <= 1)
1014 { 1011 {
1015 int sav_j =0;
1016 /* Find out the power of two lower or equal 1012 /* Find out the power of two lower or equal
1017 to the longest of the two numbers */ 1013 to the longest of the two numbers */
1018 if (i >= 0) 1014 if (i >= 0)
@@ -1023,7 +1019,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
1023 { 1019 {
1024 j = BN_num_bits_word((BN_ULONG)bl); 1020 j = BN_num_bits_word((BN_ULONG)bl);
1025 } 1021 }
1026 sav_j = j;
1027 j = 1<<(j-1); 1022 j = 1<<(j-1);
1028 assert(j <= al || j <= bl); 1023 assert(j <= al || j <= bl);
1029 k = j+j; 1024 k = j+j;
diff --git a/src/lib/libcrypto/bn/bn_nist.c b/src/lib/libcrypto/bn/bn_nist.c
index 2ca5b01391..c6de032696 100644
--- a/src/lib/libcrypto/bn/bn_nist.c
+++ b/src/lib/libcrypto/bn/bn_nist.c
@@ -354,7 +354,7 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
354 buf[BN_NIST_192_TOP], 354 buf[BN_NIST_192_TOP],
355 c_d[BN_NIST_192_TOP], 355 c_d[BN_NIST_192_TOP],
356 *res; 356 *res;
357 size_t mask; 357 PTR_SIZE_INT mask;
358 static const BIGNUM _bignum_nist_p_192_sqr = { 358 static const BIGNUM _bignum_nist_p_192_sqr = {
359 (BN_ULONG *)_nist_p_192_sqr, 359 (BN_ULONG *)_nist_p_192_sqr,
360 sizeof(_nist_p_192_sqr)/sizeof(_nist_p_192_sqr[0]), 360 sizeof(_nist_p_192_sqr)/sizeof(_nist_p_192_sqr[0]),
@@ -405,9 +405,10 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
405 * 'tmp=result-modulus; if (!carry || !borrow) result=tmp;' 405 * 'tmp=result-modulus; if (!carry || !borrow) result=tmp;'
406 * this is what happens below, but without explicit if:-) a. 406 * this is what happens below, but without explicit if:-) a.
407 */ 407 */
408 mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_192[0],BN_NIST_192_TOP); 408 mask = 0-(PTR_SIZE_INT)bn_sub_words(c_d,r_d,_nist_p_192[0],BN_NIST_192_TOP);
409 mask &= 0-(size_t)carry; 409 mask &= 0-(PTR_SIZE_INT)carry;
410 res = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask)); 410 res = (BN_ULONG *)
411 (((PTR_SIZE_INT)c_d&~mask) | ((PTR_SIZE_INT)r_d&mask));
411 nist_cp_bn(r_d, res, BN_NIST_192_TOP); 412 nist_cp_bn(r_d, res, BN_NIST_192_TOP);
412 r->top = BN_NIST_192_TOP; 413 r->top = BN_NIST_192_TOP;
413 bn_correct_top(r); 414 bn_correct_top(r);
@@ -438,8 +439,8 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
438 buf[BN_NIST_224_TOP], 439 buf[BN_NIST_224_TOP],
439 c_d[BN_NIST_224_TOP], 440 c_d[BN_NIST_224_TOP],
440 *res; 441 *res;
441 size_t mask; 442 PTR_SIZE_INT mask;
442 union { bn_addsub_f f; size_t p; } u; 443 union { bn_addsub_f f; PTR_SIZE_INT p; } u;
443 static const BIGNUM _bignum_nist_p_224_sqr = { 444 static const BIGNUM _bignum_nist_p_224_sqr = {
444 (BN_ULONG *)_nist_p_224_sqr, 445 (BN_ULONG *)_nist_p_224_sqr,
445 sizeof(_nist_p_224_sqr)/sizeof(_nist_p_224_sqr[0]), 446 sizeof(_nist_p_224_sqr)/sizeof(_nist_p_224_sqr[0]),
@@ -510,16 +511,18 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
510 * to be compared to the modulus and conditionally 511 * to be compared to the modulus and conditionally
511 * adjusted by *subtracting* the latter. */ 512 * adjusted by *subtracting* the latter. */
512 carry = (int)bn_add_words(r_d,r_d,_nist_p_224[-carry-1],BN_NIST_224_TOP); 513 carry = (int)bn_add_words(r_d,r_d,_nist_p_224[-carry-1],BN_NIST_224_TOP);
513 mask = 0-(size_t)carry; 514 mask = 0-(PTR_SIZE_INT)carry;
514 u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask); 515 u.p = ((PTR_SIZE_INT)bn_sub_words&mask) |
516 ((PTR_SIZE_INT)bn_add_words&~mask);
515 } 517 }
516 else 518 else
517 carry = 1; 519 carry = 1;
518 520
519 /* otherwise it's effectively same as in BN_nist_mod_192... */ 521 /* otherwise it's effectively same as in BN_nist_mod_192... */
520 mask = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_224[0],BN_NIST_224_TOP); 522 mask = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_224[0],BN_NIST_224_TOP);
521 mask &= 0-(size_t)carry; 523 mask &= 0-(PTR_SIZE_INT)carry;
522 res = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask)); 524 res = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
525 ((PTR_SIZE_INT)r_d&mask));
523 nist_cp_bn(r_d, res, BN_NIST_224_TOP); 526 nist_cp_bn(r_d, res, BN_NIST_224_TOP);
524 r->top = BN_NIST_224_TOP; 527 r->top = BN_NIST_224_TOP;
525 bn_correct_top(r); 528 bn_correct_top(r);
@@ -549,8 +552,8 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
549 buf[BN_NIST_256_TOP], 552 buf[BN_NIST_256_TOP],
550 c_d[BN_NIST_256_TOP], 553 c_d[BN_NIST_256_TOP],
551 *res; 554 *res;
552 size_t mask; 555 PTR_SIZE_INT mask;
553 union { bn_addsub_f f; size_t p; } u; 556 union { bn_addsub_f f; PTR_SIZE_INT p; } u;
554 static const BIGNUM _bignum_nist_p_256_sqr = { 557 static const BIGNUM _bignum_nist_p_256_sqr = {
555 (BN_ULONG *)_nist_p_256_sqr, 558 (BN_ULONG *)_nist_p_256_sqr,
556 sizeof(_nist_p_256_sqr)/sizeof(_nist_p_256_sqr[0]), 559 sizeof(_nist_p_256_sqr)/sizeof(_nist_p_256_sqr[0]),
@@ -629,15 +632,17 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
629 else if (carry < 0) 632 else if (carry < 0)
630 { 633 {
631 carry = (int)bn_add_words(r_d,r_d,_nist_p_256[-carry-1],BN_NIST_256_TOP); 634 carry = (int)bn_add_words(r_d,r_d,_nist_p_256[-carry-1],BN_NIST_256_TOP);
632 mask = 0-(size_t)carry; 635 mask = 0-(PTR_SIZE_INT)carry;
633 u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask); 636 u.p = ((PTR_SIZE_INT)bn_sub_words&mask) |
637 ((PTR_SIZE_INT)bn_add_words&~mask);
634 } 638 }
635 else 639 else
636 carry = 1; 640 carry = 1;
637 641
638 mask = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_256[0],BN_NIST_256_TOP); 642 mask = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_256[0],BN_NIST_256_TOP);
639 mask &= 0-(size_t)carry; 643 mask &= 0-(PTR_SIZE_INT)carry;
640 res = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask)); 644 res = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
645 ((PTR_SIZE_INT)r_d&mask));
641 nist_cp_bn(r_d, res, BN_NIST_256_TOP); 646 nist_cp_bn(r_d, res, BN_NIST_256_TOP);
642 r->top = BN_NIST_256_TOP; 647 r->top = BN_NIST_256_TOP;
643 bn_correct_top(r); 648 bn_correct_top(r);
@@ -671,8 +676,8 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
671 buf[BN_NIST_384_TOP], 676 buf[BN_NIST_384_TOP],
672 c_d[BN_NIST_384_TOP], 677 c_d[BN_NIST_384_TOP],
673 *res; 678 *res;
674 size_t mask; 679 PTR_SIZE_INT mask;
675 union { bn_addsub_f f; size_t p; } u; 680 union { bn_addsub_f f; PTR_SIZE_INT p; } u;
676 static const BIGNUM _bignum_nist_p_384_sqr = { 681 static const BIGNUM _bignum_nist_p_384_sqr = {
677 (BN_ULONG *)_nist_p_384_sqr, 682 (BN_ULONG *)_nist_p_384_sqr,
678 sizeof(_nist_p_384_sqr)/sizeof(_nist_p_384_sqr[0]), 683 sizeof(_nist_p_384_sqr)/sizeof(_nist_p_384_sqr[0]),
@@ -754,15 +759,17 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
754 else if (carry < 0) 759 else if (carry < 0)
755 { 760 {
756 carry = (int)bn_add_words(r_d,r_d,_nist_p_384[-carry-1],BN_NIST_384_TOP); 761 carry = (int)bn_add_words(r_d,r_d,_nist_p_384[-carry-1],BN_NIST_384_TOP);
757 mask = 0-(size_t)carry; 762 mask = 0-(PTR_SIZE_INT)carry;
758 u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask); 763 u.p = ((PTR_SIZE_INT)bn_sub_words&mask) |
764 ((PTR_SIZE_INT)bn_add_words&~mask);
759 } 765 }
760 else 766 else
761 carry = 1; 767 carry = 1;
762 768
763 mask = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_384[0],BN_NIST_384_TOP); 769 mask = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_384[0],BN_NIST_384_TOP);
764 mask &= 0-(size_t)carry; 770 mask &= 0-(PTR_SIZE_INT)carry;
765 res = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask)); 771 res = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
772 ((PTR_SIZE_INT)r_d&mask));
766 nist_cp_bn(r_d, res, BN_NIST_384_TOP); 773 nist_cp_bn(r_d, res, BN_NIST_384_TOP);
767 r->top = BN_NIST_384_TOP; 774 r->top = BN_NIST_384_TOP;
768 bn_correct_top(r); 775 bn_correct_top(r);
@@ -781,7 +788,7 @@ int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
781 BN_ULONG *r_d, *a_d = a->d, 788 BN_ULONG *r_d, *a_d = a->d,
782 t_d[BN_NIST_521_TOP], 789 t_d[BN_NIST_521_TOP],
783 val,tmp,*res; 790 val,tmp,*res;
784 size_t mask; 791 PTR_SIZE_INT mask;
785 static const BIGNUM _bignum_nist_p_521_sqr = { 792 static const BIGNUM _bignum_nist_p_521_sqr = {
786 (BN_ULONG *)_nist_p_521_sqr, 793 (BN_ULONG *)_nist_p_521_sqr,
787 sizeof(_nist_p_521_sqr)/sizeof(_nist_p_521_sqr[0]), 794 sizeof(_nist_p_521_sqr)/sizeof(_nist_p_521_sqr[0]),
@@ -826,8 +833,9 @@ int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
826 r_d[i] &= BN_NIST_521_TOP_MASK; 833 r_d[i] &= BN_NIST_521_TOP_MASK;
827 834
828 bn_add_words(r_d,r_d,t_d,BN_NIST_521_TOP); 835 bn_add_words(r_d,r_d,t_d,BN_NIST_521_TOP);
829 mask = 0-(size_t)bn_sub_words(t_d,r_d,_nist_p_521,BN_NIST_521_TOP); 836 mask = 0-(PTR_SIZE_INT)bn_sub_words(t_d,r_d,_nist_p_521,BN_NIST_521_TOP);
830 res = (BN_ULONG *)(((size_t)t_d&~mask) | ((size_t)r_d&mask)); 837 res = (BN_ULONG *)(((PTR_SIZE_INT)t_d&~mask) |
838 ((PTR_SIZE_INT)r_d&mask));
831 nist_cp_bn(r_d,res,BN_NIST_521_TOP); 839 nist_cp_bn(r_d,res,BN_NIST_521_TOP);
832 r->top = BN_NIST_521_TOP; 840 r->top = BN_NIST_521_TOP;
833 bn_correct_top(r); 841 bn_correct_top(r);
diff --git a/src/lib/libcrypto/comp/c_rle.c b/src/lib/libcrypto/comp/c_rle.c
index efd366fa22..18bceae51e 100644
--- a/src/lib/libcrypto/comp/c_rle.c
+++ b/src/lib/libcrypto/comp/c_rle.c
@@ -46,7 +46,7 @@ static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
46 { 46 {
47 int i; 47 int i;
48 48
49 if (olen < (ilen-1)) 49 if (ilen == 0 || olen < (ilen-1))
50 { 50 {
51 /* ZZZZZZZZZZZZZZZZZZZZZZ */ 51 /* ZZZZZZZZZZZZZZZZZZZZZZ */
52 return(-1); 52 return(-1);
@@ -59,4 +59,3 @@ static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
59 } 59 }
60 return(ilen-1); 60 return(ilen-1);
61 } 61 }
62
diff --git a/src/lib/libcrypto/conf/conf_api.c b/src/lib/libcrypto/conf/conf_api.c
index 22617e5fa1..f5fcbb9f6b 100644
--- a/src/lib/libcrypto/conf/conf_api.c
+++ b/src/lib/libcrypto/conf/conf_api.c
@@ -64,6 +64,7 @@
64#endif 64#endif
65 65
66#include <assert.h> 66#include <assert.h>
67#include <stdlib.h>
67#include <string.h> 68#include <string.h>
68#include <openssl/conf.h> 69#include <openssl/conf.h>
69#include <openssl/conf_api.h> 70#include <openssl/conf_api.h>
@@ -285,7 +286,7 @@ CONF_VALUE *_CONF_new_section(CONF *conf, const char *section)
285 v->value=(char *)sk; 286 v->value=(char *)sk;
286 287
287 vv=lh_CONF_VALUE_insert(conf->data,v); 288 vv=lh_CONF_VALUE_insert(conf->data,v);
288 assert(vv == NULL); 289 OPENSSL_assert(vv == NULL);
289 ok=1; 290 ok=1;
290err: 291err:
291 if (!ok) 292 if (!ok)
diff --git a/src/lib/libcrypto/conf/conf_def.c b/src/lib/libcrypto/conf/conf_def.c
index 0b571b0394..cf951320af 100644
--- a/src/lib/libcrypto/conf/conf_def.c
+++ b/src/lib/libcrypto/conf/conf_def.c
@@ -213,13 +213,12 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
213 int bufnum=0,i,ii; 213 int bufnum=0,i,ii;
214 BUF_MEM *buff=NULL; 214 BUF_MEM *buff=NULL;
215 char *s,*p,*end; 215 char *s,*p,*end;
216 int again,n; 216 int again;
217 long eline=0; 217 long eline=0;
218 char btmp[DECIMAL_SIZE(eline)+1]; 218 char btmp[DECIMAL_SIZE(eline)+1];
219 CONF_VALUE *v=NULL,*tv; 219 CONF_VALUE *v=NULL,*tv;
220 CONF_VALUE *sv=NULL; 220 CONF_VALUE *sv=NULL;
221 char *section=NULL,*buf; 221 char *section=NULL,*buf;
222 STACK_OF(CONF_VALUE) *section_sk=NULL,*ts;
223 char *start,*psection,*pname; 222 char *start,*psection,*pname;
224 void *h = (void *)(conf->data); 223 void *h = (void *)(conf->data);
225 224
@@ -250,7 +249,6 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
250 CONF_R_UNABLE_TO_CREATE_NEW_SECTION); 249 CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
251 goto err; 250 goto err;
252 } 251 }
253 section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
254 252
255 bufnum=0; 253 bufnum=0;
256 again=0; 254 again=0;
@@ -309,7 +307,6 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
309 buf=buff->data; 307 buf=buff->data;
310 308
311 clear_comments(conf, buf); 309 clear_comments(conf, buf);
312 n=strlen(buf);
313 s=eat_ws(conf, buf); 310 s=eat_ws(conf, buf);
314 if (IS_EOF(conf,*s)) continue; /* blank line */ 311 if (IS_EOF(conf,*s)) continue; /* blank line */
315 if (*s == '[') 312 if (*s == '[')
@@ -343,7 +340,6 @@ again:
343 CONF_R_UNABLE_TO_CREATE_NEW_SECTION); 340 CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
344 goto err; 341 goto err;
345 } 342 }
346 section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
347 continue; 343 continue;
348 } 344 }
349 else 345 else
@@ -406,13 +402,9 @@ again:
406 CONF_R_UNABLE_TO_CREATE_NEW_SECTION); 402 CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
407 goto err; 403 goto err;
408 } 404 }
409 ts=(STACK_OF(CONF_VALUE) *)tv->value;
410 } 405 }
411 else 406 else
412 {
413 tv=sv; 407 tv=sv;
414 ts=section_sk;
415 }
416#if 1 408#if 1
417 if (_CONF_add_string(conf, tv, v) == 0) 409 if (_CONF_add_string(conf, tv, v) == 0)
418 { 410 {
@@ -465,9 +457,6 @@ err:
465 457
466static void clear_comments(CONF *conf, char *p) 458static void clear_comments(CONF *conf, char *p)
467 { 459 {
468 char *to;
469
470 to=p;
471 for (;;) 460 for (;;)
472 { 461 {
473 if (IS_FCOMMENT(conf,*p)) 462 if (IS_FCOMMENT(conf,*p))
diff --git a/src/lib/libcrypto/cryptlib.c b/src/lib/libcrypto/cryptlib.c
index b4449b86d6..24fe123e14 100644
--- a/src/lib/libcrypto/cryptlib.c
+++ b/src/lib/libcrypto/cryptlib.c
@@ -731,7 +731,6 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
731 case DLL_THREAD_ATTACH: 731 case DLL_THREAD_ATTACH:
732 break; 732 break;
733 case DLL_THREAD_DETACH: 733 case DLL_THREAD_DETACH:
734 ERR_remove_state(0);
735 break; 734 break;
736 case DLL_PROCESS_DETACH: 735 case DLL_PROCESS_DETACH:
737 break; 736 break;
@@ -743,6 +742,16 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
743#if defined(_WIN32) && !defined(__CYGWIN__) 742#if defined(_WIN32) && !defined(__CYGWIN__)
744#include <tchar.h> 743#include <tchar.h>
745#include <signal.h> 744#include <signal.h>
745#ifdef __WATCOMC__
746#if defined(_UNICODE) || defined(__UNICODE__)
747#define _vsntprintf _vsnwprintf
748#else
749#define _vsntprintf _vsnprintf
750#endif
751#endif
752#ifdef _MSC_VER
753#define alloca _alloca
754#endif
746 755
747#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 756#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
748int OPENSSL_isservice(void) 757int OPENSSL_isservice(void)
@@ -773,11 +782,7 @@ int OPENSSL_isservice(void)
773 782
774 if (len>512) return -1; /* paranoia */ 783 if (len>512) return -1; /* paranoia */
775 len++,len&=~1; /* paranoia */ 784 len++,len&=~1; /* paranoia */
776#ifdef _MSC_VER
777 name=(WCHAR *)_alloca(len+sizeof(WCHAR));
778#else
779 name=(WCHAR *)alloca(len+sizeof(WCHAR)); 785 name=(WCHAR *)alloca(len+sizeof(WCHAR));
780#endif
781 if (!GetUserObjectInformationW (h,UOI_NAME,name,len,&len)) 786 if (!GetUserObjectInformationW (h,UOI_NAME,name,len,&len))
782 return -1; 787 return -1;
783 788
@@ -822,11 +827,7 @@ void OPENSSL_showfatal (const char *fmta,...)
822 size_t len_0=strlen(fmta)+1,i; 827 size_t len_0=strlen(fmta)+1,i;
823 WCHAR *fmtw; 828 WCHAR *fmtw;
824 829
825#ifdef _MSC_VER 830 fmtw = (WCHAR *)alloca(len_0*sizeof(WCHAR));
826 fmtw = (WCHAR *)_alloca (len_0*sizeof(WCHAR));
827#else
828 fmtw = (WCHAR *)alloca (len_0*sizeof(WCHAR));
829#endif
830 if (fmtw == NULL) { fmt=(const TCHAR *)L"no stack?"; break; } 831 if (fmtw == NULL) { fmt=(const TCHAR *)L"no stack?"; break; }
831 832
832#ifndef OPENSSL_NO_MULTIBYTE 833#ifndef OPENSSL_NO_MULTIBYTE
diff --git a/src/lib/libcrypto/doc/EVP_PKEY_verify.pod b/src/lib/libcrypto/doc/EVP_PKEY_verify.pod
index 10633da3f2..f93e5fc6c3 100644
--- a/src/lib/libcrypto/doc/EVP_PKEY_verify.pod
+++ b/src/lib/libcrypto/doc/EVP_PKEY_verify.pod
@@ -69,7 +69,7 @@ Verify signature using PKCS#1 and SHA256 digest:
69 /* Error */ 69 /* Error */
70 70
71 /* Perform operation */ 71 /* Perform operation */
72 ret = EVP_PKEY_verify(ctx, md, mdlen, sig, siglen); 72 ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen);
73 73
74 /* ret == 1 indicates success, 0 verify failure and < 0 for some 74 /* ret == 1 indicates success, 0 verify failure and < 0 for some
75 * other error. 75 * other error.
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c
index 0fcd25f8b0..cb0b4538a4 100644
--- a/src/lib/libcrypto/dsa/dsa_gen.c
+++ b/src/lib/libcrypto/dsa/dsa_gen.c
@@ -120,7 +120,7 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
120 BIGNUM *r0,*W,*X,*c,*test; 120 BIGNUM *r0,*W,*X,*c,*test;
121 BIGNUM *g=NULL,*q=NULL,*p=NULL; 121 BIGNUM *g=NULL,*q=NULL,*p=NULL;
122 BN_MONT_CTX *mont=NULL; 122 BN_MONT_CTX *mont=NULL;
123 int i, k,n=0,b,m=0, qsize = qbits >> 3; 123 int i, k, n=0, m=0, qsize = qbits >> 3;
124 int counter=0; 124 int counter=0;
125 int r=0; 125 int r=0;
126 BN_CTX *ctx=NULL; 126 BN_CTX *ctx=NULL;
@@ -232,7 +232,6 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
232 /* "offset = 2" */ 232 /* "offset = 2" */
233 233
234 n=(bits-1)/160; 234 n=(bits-1)/160;
235 b=(bits-1)-n*160;
236 235
237 for (;;) 236 for (;;)
238 { 237 {
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index 4fead07e80..a3ddd7d281 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -148,15 +148,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
148 148
149 s=BN_new(); 149 s=BN_new();
150 if (s == NULL) goto err; 150 if (s == NULL) goto err;
151
152 /* reject a excessive digest length (currently at most
153 * dsa-with-SHA256 is supported) */
154 if (dlen > SHA256_DIGEST_LENGTH)
155 {
156 reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
157 goto err;
158 }
159
160 ctx=BN_CTX_new(); 151 ctx=BN_CTX_new();
161 if (ctx == NULL) goto err; 152 if (ctx == NULL) goto err;
162 153
@@ -185,7 +176,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
185 if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */ 176 if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
186 if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */ 177 if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */
187 if (BN_cmp(s,dsa->q) > 0) 178 if (BN_cmp(s,dsa->q) > 0)
188 BN_sub(s,s,dsa->q); 179 if (!BN_sub(s,s,dsa->q)) goto err;
189 if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err; 180 if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
190 181
191 ret=DSA_SIG_new(); 182 ret=DSA_SIG_new();
@@ -325,15 +316,6 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
325 DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE); 316 DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE);
326 return -1; 317 return -1;
327 } 318 }
328
329 /* reject a excessive digest length (currently at most
330 * dsa-with-SHA256 is supported) */
331 if (dgst_len > SHA256_DIGEST_LENGTH)
332 {
333 DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
334 return -1;
335 }
336
337 BN_init(&u1); 319 BN_init(&u1);
338 BN_init(&u2); 320 BN_init(&u2);
339 BN_init(&t1); 321 BN_init(&t1);
diff --git a/src/lib/libcrypto/dsa/dsa_pmeth.c b/src/lib/libcrypto/dsa/dsa_pmeth.c
index 4ce91e20c6..e2df54fec6 100644
--- a/src/lib/libcrypto/dsa/dsa_pmeth.c
+++ b/src/lib/libcrypto/dsa/dsa_pmeth.c
@@ -187,6 +187,7 @@ static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
187 case EVP_PKEY_CTRL_MD: 187 case EVP_PKEY_CTRL_MD:
188 if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 && 188 if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
189 EVP_MD_type((const EVP_MD *)p2) != NID_dsa && 189 EVP_MD_type((const EVP_MD *)p2) != NID_dsa &&
190 EVP_MD_type((const EVP_MD *)p2) != NID_dsaWithSHA &&
190 EVP_MD_type((const EVP_MD *)p2) != NID_sha224 && 191 EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
191 EVP_MD_type((const EVP_MD *)p2) != NID_sha256) 192 EVP_MD_type((const EVP_MD *)p2) != NID_sha256)
192 { 193 {
diff --git a/src/lib/libcrypto/dso/dso_dlfcn.c b/src/lib/libcrypto/dso/dso_dlfcn.c
index 14bd322fb8..c2bc61760b 100644
--- a/src/lib/libcrypto/dso/dso_dlfcn.c
+++ b/src/lib/libcrypto/dso/dso_dlfcn.c
@@ -85,6 +85,7 @@ DSO_METHOD *DSO_METHOD_dlfcn(void)
85# define HAVE_DLINFO 1 85# define HAVE_DLINFO 1
86# if defined(_AIX) || defined(__CYGWIN__) || \ 86# if defined(_AIX) || defined(__CYGWIN__) || \
87 defined(__SCO_VERSION__) || defined(_SCO_ELF) || \ 87 defined(__SCO_VERSION__) || defined(_SCO_ELF) || \
88 (defined(__osf__) && !defined(RTLD_NEXT)) || \
88 (defined(__OpenBSD__) && !defined(RTLD_SELF)) 89 (defined(__OpenBSD__) && !defined(RTLD_SELF))
89# undef HAVE_DLINFO 90# undef HAVE_DLINFO
90# endif 91# endif
diff --git a/src/lib/libcrypto/ec/ec2_mult.c b/src/lib/libcrypto/ec/ec2_mult.c
index ab631a50a2..e12b9b284a 100644
--- a/src/lib/libcrypto/ec/ec2_mult.c
+++ b/src/lib/libcrypto/ec/ec2_mult.c
@@ -319,6 +319,7 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
319 int ret = 0; 319 int ret = 0;
320 size_t i; 320 size_t i;
321 EC_POINT *p=NULL; 321 EC_POINT *p=NULL;
322 EC_POINT *acc = NULL;
322 323
323 if (ctx == NULL) 324 if (ctx == NULL)
324 { 325 {
@@ -338,15 +339,16 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
338 } 339 }
339 340
340 if ((p = EC_POINT_new(group)) == NULL) goto err; 341 if ((p = EC_POINT_new(group)) == NULL) goto err;
342 if ((acc = EC_POINT_new(group)) == NULL) goto err;
341 343
342 if (!EC_POINT_set_to_infinity(group, r)) goto err; 344 if (!EC_POINT_set_to_infinity(group, acc)) goto err;
343 345
344 if (scalar) 346 if (scalar)
345 { 347 {
346 if (!ec_GF2m_montgomery_point_multiply(group, p, scalar, group->generator, ctx)) goto err; 348 if (!ec_GF2m_montgomery_point_multiply(group, p, scalar, group->generator, ctx)) goto err;
347 if (BN_is_negative(scalar)) 349 if (BN_is_negative(scalar))
348 if (!group->meth->invert(group, p, ctx)) goto err; 350 if (!group->meth->invert(group, p, ctx)) goto err;
349 if (!group->meth->add(group, r, r, p, ctx)) goto err; 351 if (!group->meth->add(group, acc, acc, p, ctx)) goto err;
350 } 352 }
351 353
352 for (i = 0; i < num; i++) 354 for (i = 0; i < num; i++)
@@ -354,13 +356,16 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
354 if (!ec_GF2m_montgomery_point_multiply(group, p, scalars[i], points[i], ctx)) goto err; 356 if (!ec_GF2m_montgomery_point_multiply(group, p, scalars[i], points[i], ctx)) goto err;
355 if (BN_is_negative(scalars[i])) 357 if (BN_is_negative(scalars[i]))
356 if (!group->meth->invert(group, p, ctx)) goto err; 358 if (!group->meth->invert(group, p, ctx)) goto err;
357 if (!group->meth->add(group, r, r, p, ctx)) goto err; 359 if (!group->meth->add(group, acc, acc, p, ctx)) goto err;
358 } 360 }
359 361
362 if (!EC_POINT_copy(r, acc)) goto err;
363
360 ret = 1; 364 ret = 1;
361 365
362 err: 366 err:
363 if (p) EC_POINT_free(p); 367 if (p) EC_POINT_free(p);
368 if (acc) EC_POINT_free(acc);
364 if (new_ctx != NULL) 369 if (new_ctx != NULL)
365 BN_CTX_free(new_ctx); 370 BN_CTX_free(new_ctx);
366 return ret; 371 return ret;
diff --git a/src/lib/libcrypto/ec/ec2_smpl.c b/src/lib/libcrypto/ec/ec2_smpl.c
index cf357b462a..af94458ca7 100644
--- a/src/lib/libcrypto/ec/ec2_smpl.c
+++ b/src/lib/libcrypto/ec/ec2_smpl.c
@@ -937,6 +937,9 @@ int ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT
937 { 937 {
938 return EC_POINT_is_at_infinity(group, b) ? 0 : 1; 938 return EC_POINT_is_at_infinity(group, b) ? 0 : 1;
939 } 939 }
940
941 if (EC_POINT_is_at_infinity(group, b))
942 return 1;
940 943
941 if (a->Z_is_one && b->Z_is_one) 944 if (a->Z_is_one && b->Z_is_one)
942 { 945 {
diff --git a/src/lib/libcrypto/ec/ec_key.c b/src/lib/libcrypto/ec/ec_key.c
index 12fb0e6d6d..522802c07a 100644
--- a/src/lib/libcrypto/ec/ec_key.c
+++ b/src/lib/libcrypto/ec/ec_key.c
@@ -304,7 +304,13 @@ int EC_KEY_check_key(const EC_KEY *eckey)
304 ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER); 304 ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER);
305 return 0; 305 return 0;
306 } 306 }
307 307
308 if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key))
309 {
310 ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_AT_INFINITY);
311 goto err;
312 }
313
308 if ((ctx = BN_CTX_new()) == NULL) 314 if ((ctx = BN_CTX_new()) == NULL)
309 goto err; 315 goto err;
310 if ((point = EC_POINT_new(eckey->group)) == NULL) 316 if ((point = EC_POINT_new(eckey->group)) == NULL)
diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c
index f05df5332e..19f21675fb 100644
--- a/src/lib/libcrypto/ec/ec_mult.c
+++ b/src/lib/libcrypto/ec/ec_mult.c
@@ -169,11 +169,13 @@ static void ec_pre_comp_clear_free(void *pre_)
169 EC_POINT **p; 169 EC_POINT **p;
170 170
171 for (p = pre->points; *p != NULL; p++) 171 for (p = pre->points; *p != NULL; p++)
172 {
172 EC_POINT_clear_free(*p); 173 EC_POINT_clear_free(*p);
173 OPENSSL_cleanse(pre->points, sizeof pre->points); 174 OPENSSL_cleanse(p, sizeof *p);
175 }
174 OPENSSL_free(pre->points); 176 OPENSSL_free(pre->points);
175 } 177 }
176 OPENSSL_cleanse(pre, sizeof pre); 178 OPENSSL_cleanse(pre, sizeof *pre);
177 OPENSSL_free(pre); 179 OPENSSL_free(pre);
178 } 180 }
179 181
diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c
index 4d26f8bdf6..66a92e2a90 100644
--- a/src/lib/libcrypto/ec/ecp_smpl.c
+++ b/src/lib/libcrypto/ec/ecp_smpl.c
@@ -1406,6 +1406,9 @@ int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *
1406 { 1406 {
1407 return EC_POINT_is_at_infinity(group, b) ? 0 : 1; 1407 return EC_POINT_is_at_infinity(group, b) ? 0 : 1;
1408 } 1408 }
1409
1410 if (EC_POINT_is_at_infinity(group, b))
1411 return 1;
1409 1412
1410 if (a->Z_is_one && b->Z_is_one) 1413 if (a->Z_is_one && b->Z_is_one)
1411 { 1414 {
diff --git a/src/lib/libcrypto/ecdh/ech_lib.c b/src/lib/libcrypto/ecdh/ech_lib.c
index e89b1d4772..4d8ea03d3d 100644
--- a/src/lib/libcrypto/ecdh/ech_lib.c
+++ b/src/lib/libcrypto/ecdh/ech_lib.c
@@ -96,7 +96,6 @@ const ECDH_METHOD *ECDH_get_default_method(void)
96 96
97int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth) 97int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
98 { 98 {
99 const ECDH_METHOD *mtmp;
100 ECDH_DATA *ecdh; 99 ECDH_DATA *ecdh;
101 100
102 ecdh = ecdh_check(eckey); 101 ecdh = ecdh_check(eckey);
@@ -104,8 +103,8 @@ int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
104 if (ecdh == NULL) 103 if (ecdh == NULL)
105 return 0; 104 return 0;
106 105
107 mtmp = ecdh->meth;
108#if 0 106#if 0
107 mtmp = ecdh->meth;
109 if (mtmp->finish) 108 if (mtmp->finish)
110 mtmp->finish(eckey); 109 mtmp->finish(eckey);
111#endif 110#endif
diff --git a/src/lib/libcrypto/ecdsa/ecs_lib.c b/src/lib/libcrypto/ecdsa/ecs_lib.c
index 85e8a3a7ed..2ebae3aa27 100644
--- a/src/lib/libcrypto/ecdsa/ecs_lib.c
+++ b/src/lib/libcrypto/ecdsa/ecs_lib.c
@@ -83,7 +83,6 @@ const ECDSA_METHOD *ECDSA_get_default_method(void)
83 83
84int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth) 84int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
85{ 85{
86 const ECDSA_METHOD *mtmp;
87 ECDSA_DATA *ecdsa; 86 ECDSA_DATA *ecdsa;
88 87
89 ecdsa = ecdsa_check(eckey); 88 ecdsa = ecdsa_check(eckey);
@@ -91,7 +90,6 @@ int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
91 if (ecdsa == NULL) 90 if (ecdsa == NULL)
92 return 0; 91 return 0;
93 92
94 mtmp = ecdsa->meth;
95#ifndef OPENSSL_NO_ENGINE 93#ifndef OPENSSL_NO_ENGINE
96 if (ecdsa->engine) 94 if (ecdsa->engine)
97 { 95 {
diff --git a/src/lib/libcrypto/ecdsa/ecs_ossl.c b/src/lib/libcrypto/ecdsa/ecs_ossl.c
index 551cf5068f..1bbf328de5 100644
--- a/src/lib/libcrypto/ecdsa/ecs_ossl.c
+++ b/src/lib/libcrypto/ecdsa/ecs_ossl.c
@@ -144,6 +144,14 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
144 } 144 }
145 while (BN_is_zero(k)); 145 while (BN_is_zero(k));
146 146
147 /* We do not want timing information to leak the length of k,
148 * so we compute G*k using an equivalent scalar of fixed
149 * bit-length. */
150
151 if (!BN_add(k, k, order)) goto err;
152 if (BN_num_bits(k) <= BN_num_bits(order))
153 if (!BN_add(k, k, order)) goto err;
154
147 /* compute r the x-coordinate of generator * k */ 155 /* compute r the x-coordinate of generator * k */
148 if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) 156 if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx))
149 { 157 {
diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h
index 7fbd95f634..943aeae215 100644
--- a/src/lib/libcrypto/engine/engine.h
+++ b/src/lib/libcrypto/engine/engine.h
@@ -677,6 +677,7 @@ typedef struct st_dynamic_fns {
677 * can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */ 677 * can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */
678typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version); 678typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);
679#define IMPLEMENT_DYNAMIC_CHECK_FN() \ 679#define IMPLEMENT_DYNAMIC_CHECK_FN() \
680 OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
680 OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \ 681 OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
681 if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \ 682 if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
682 return 0; } 683 return 0; }
@@ -700,6 +701,8 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
700 const dynamic_fns *fns); 701 const dynamic_fns *fns);
701#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \ 702#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
702 OPENSSL_EXPORT \ 703 OPENSSL_EXPORT \
704 int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
705 OPENSSL_EXPORT \
703 int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \ 706 int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
704 if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \ 707 if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
705 if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ 708 if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c
index b42c747249..28546a84bc 100644
--- a/src/lib/libcrypto/evp/encode.c
+++ b/src/lib/libcrypto/evp/encode.c
@@ -235,7 +235,7 @@ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
235int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, 235int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
236 const unsigned char *in, int inl) 236 const unsigned char *in, int inl)
237 { 237 {
238 int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl; 238 int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,exp_nl;
239 unsigned char *d; 239 unsigned char *d;
240 240
241 n=ctx->num; 241 n=ctx->num;
@@ -319,7 +319,6 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
319 * lines. We process the line and then need to 319 * lines. We process the line and then need to
320 * accept the '\n' */ 320 * accept the '\n' */
321 if ((v != B64_EOF) && (n >= 64)) exp_nl=1; 321 if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
322 tmp2=v;
323 if (n > 0) 322 if (n > 0)
324 { 323 {
325 v=EVP_DecodeBlock(out,d,n); 324 v=EVP_DecodeBlock(out,d,n);
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index bead6a2170..c268d25cb4 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -204,6 +204,7 @@ skip_to_init:
204 case EVP_CIPH_OFB_MODE: 204 case EVP_CIPH_OFB_MODE:
205 205
206 ctx->num = 0; 206 ctx->num = 0;
207 /* fall-through */
207 208
208 case EVP_CIPH_CBC_MODE: 209 case EVP_CIPH_CBC_MODE:
209 210
diff --git a/src/lib/libcrypto/evp/m_sigver.c b/src/lib/libcrypto/evp/m_sigver.c
index f0b7f95059..7e2731f4a4 100644
--- a/src/lib/libcrypto/evp/m_sigver.c
+++ b/src/lib/libcrypto/evp/m_sigver.c
@@ -137,7 +137,7 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
137 sctx = 0; 137 sctx = 0;
138 if (sigret) 138 if (sigret)
139 { 139 {
140 MS_STATIC EVP_MD_CTX tmp_ctx; 140 EVP_MD_CTX tmp_ctx;
141 unsigned char md[EVP_MAX_MD_SIZE]; 141 unsigned char md[EVP_MAX_MD_SIZE];
142 unsigned int mdlen; 142 unsigned int mdlen;
143 EVP_MD_CTX_init(&tmp_ctx); 143 EVP_MD_CTX_init(&tmp_ctx);
@@ -173,7 +173,7 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
173 173
174int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen) 174int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen)
175 { 175 {
176 MS_STATIC EVP_MD_CTX tmp_ctx; 176 EVP_MD_CTX tmp_ctx;
177 unsigned char md[EVP_MAX_MD_SIZE]; 177 unsigned char md[EVP_MAX_MD_SIZE];
178 int r; 178 int r;
179 unsigned int mdlen; 179 unsigned int mdlen;
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
index 1916c61699..e26ccd0d08 100644
--- a/src/lib/libcrypto/evp/p_lib.c
+++ b/src/lib/libcrypto/evp/p_lib.c
@@ -411,7 +411,10 @@ void EVP_PKEY_free(EVP_PKEY *x)
411static void EVP_PKEY_free_it(EVP_PKEY *x) 411static void EVP_PKEY_free_it(EVP_PKEY *x)
412 { 412 {
413 if (x->ameth && x->ameth->pkey_free) 413 if (x->ameth && x->ameth->pkey_free)
414 {
414 x->ameth->pkey_free(x); 415 x->ameth->pkey_free(x);
416 x->pkey.ptr = NULL;
417 }
415#ifndef OPENSSL_NO_ENGINE 418#ifndef OPENSSL_NO_ENGINE
416 if (x->engine) 419 if (x->engine)
417 { 420 {
diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c
index 8df6d48a7e..bb893f5bde 100644
--- a/src/lib/libcrypto/evp/p_sign.c
+++ b/src/lib/libcrypto/evp/p_sign.c
@@ -81,7 +81,7 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
81 unsigned char m[EVP_MAX_MD_SIZE]; 81 unsigned char m[EVP_MAX_MD_SIZE];
82 unsigned int m_len; 82 unsigned int m_len;
83 int i,ok=0,v; 83 int i,ok=0,v;
84 MS_STATIC EVP_MD_CTX tmp_ctx; 84 EVP_MD_CTX tmp_ctx;
85 85
86 *siglen=0; 86 *siglen=0;
87 EVP_MD_CTX_init(&tmp_ctx); 87 EVP_MD_CTX_init(&tmp_ctx);
diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c
index 8db46412f3..41d4b67130 100644
--- a/src/lib/libcrypto/evp/p_verify.c
+++ b/src/lib/libcrypto/evp/p_verify.c
@@ -68,7 +68,7 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
68 unsigned char m[EVP_MAX_MD_SIZE]; 68 unsigned char m[EVP_MAX_MD_SIZE];
69 unsigned int m_len; 69 unsigned int m_len;
70 int i,ok=0,v; 70 int i,ok=0,v;
71 MS_STATIC EVP_MD_CTX tmp_ctx; 71 EVP_MD_CTX tmp_ctx;
72 72
73 EVP_MD_CTX_init(&tmp_ctx); 73 EVP_MD_CTX_init(&tmp_ctx);
74 EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); 74 EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);
diff --git a/src/lib/libcrypto/evp/pmeth_lib.c b/src/lib/libcrypto/evp/pmeth_lib.c
index b2d8de3a8d..5481d4b8a5 100644
--- a/src/lib/libcrypto/evp/pmeth_lib.c
+++ b/src/lib/libcrypto/evp/pmeth_lib.c
@@ -134,6 +134,8 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
134 id = pkey->ameth->pkey_id; 134 id = pkey->ameth->pkey_id;
135 } 135 }
136#ifndef OPENSSL_NO_ENGINE 136#ifndef OPENSSL_NO_ENGINE
137 if (pkey && pkey->engine)
138 e = pkey->engine;
137 /* Try to find an ENGINE which implements this method */ 139 /* Try to find an ENGINE which implements this method */
138 if (e) 140 if (e)
139 { 141 {
diff --git a/src/lib/libcrypto/hmac/hm_pmeth.c b/src/lib/libcrypto/hmac/hm_pmeth.c
index 985921ca1a..71e8567a14 100644
--- a/src/lib/libcrypto/hmac/hm_pmeth.c
+++ b/src/lib/libcrypto/hmac/hm_pmeth.c
@@ -147,6 +147,8 @@ static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count)
147 147
148static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) 148static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
149 { 149 {
150 HMAC_PKEY_CTX *hctx = ctx->data;
151 HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);
150 EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); 152 EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
151 mctx->update = int_update; 153 mctx->update = int_update;
152 return 1; 154 return 1;
diff --git a/src/lib/libcrypto/hmac/hmac.c b/src/lib/libcrypto/hmac/hmac.c
index 45015fe754..6c98fc43a3 100644
--- a/src/lib/libcrypto/hmac/hmac.c
+++ b/src/lib/libcrypto/hmac/hmac.c
@@ -138,12 +138,9 @@ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
138 138
139int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) 139int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
140 { 140 {
141 int j;
142 unsigned int i; 141 unsigned int i;
143 unsigned char buf[EVP_MAX_MD_SIZE]; 142 unsigned char buf[EVP_MAX_MD_SIZE];
144 143
145 j=EVP_MD_block_size(ctx->md);
146
147 if (!EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i)) 144 if (!EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i))
148 goto err; 145 goto err;
149 if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx)) 146 if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx))
diff --git a/src/lib/libcrypto/md32_common.h b/src/lib/libcrypto/md32_common.h
index 1cb783944e..bb7381952a 100644
--- a/src/lib/libcrypto/md32_common.h
+++ b/src/lib/libcrypto/md32_common.h
@@ -165,7 +165,7 @@
165 asm ( \ 165 asm ( \
166 "roll %1,%0" \ 166 "roll %1,%0" \
167 : "=r"(ret) \ 167 : "=r"(ret) \
168 : "I"(n), "0"(a) \ 168 : "I"(n), "0"((unsigned int)(a)) \
169 : "cc"); \ 169 : "cc"); \
170 ret; \ 170 ret; \
171 }) 171 })
@@ -383,6 +383,7 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c)
383 } 383 }
384 384
385#ifndef MD32_REG_T 385#ifndef MD32_REG_T
386#if defined(__alpha) || defined(__sparcv9) || defined(__mips)
386#define MD32_REG_T long 387#define MD32_REG_T long
387/* 388/*
388 * This comment was originaly written for MD5, which is why it 389 * This comment was originaly written for MD5, which is why it
@@ -400,9 +401,15 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c)
400 * Well, to be honest it should say that this *prevents* 401 * Well, to be honest it should say that this *prevents*
401 * performance degradation. 402 * performance degradation.
402 * <appro@fy.chalmers.se> 403 * <appro@fy.chalmers.se>
403 * Apparently there're LP64 compilers that generate better 404 */
404 * code if A-D are declared int. Most notably GCC-x86_64 405#else
405 * generates better code. 406/*
407 * Above is not absolute and there are LP64 compilers that
408 * generate better code if MD32_REG_T is defined int. The above
409 * pre-processor condition reflects the circumstances under which
410 * the conclusion was made and is subject to further extension.
406 * <appro@fy.chalmers.se> 411 * <appro@fy.chalmers.se>
407 */ 412 */
413#define MD32_REG_T int
414#endif
408#endif 415#endif
diff --git a/src/lib/libcrypto/o_time.c b/src/lib/libcrypto/o_time.c
index eecbdd19f0..9030fdef7a 100644
--- a/src/lib/libcrypto/o_time.c
+++ b/src/lib/libcrypto/o_time.c
@@ -64,12 +64,18 @@
64#include "o_time.h" 64#include "o_time.h"
65 65
66#ifdef OPENSSL_SYS_VMS 66#ifdef OPENSSL_SYS_VMS
67# include <libdtdef.h> 67# if __CRTL_VER >= 70000000 && \
68# include <lib$routines.h> 68 (defined _POSIX_C_SOURCE || !defined _ANSI_C_SOURCE)
69# include <lnmdef.h> 69# define VMS_GMTIME_OK
70# include <starlet.h> 70# endif
71# include <descrip.h> 71# ifndef VMS_GMTIME_OK
72# include <stdlib.h> 72# include <libdtdef.h>
73# include <lib$routines.h>
74# include <lnmdef.h>
75# include <starlet.h>
76# include <descrip.h>
77# include <stdlib.h>
78# endif /* ndef VMS_GMTIME_OK */
73#endif 79#endif
74 80
75struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) 81struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
@@ -81,7 +87,7 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
81 so we don't even look at the return value */ 87 so we don't even look at the return value */
82 gmtime_r(timer,result); 88 gmtime_r(timer,result);
83 ts = result; 89 ts = result;
84#elif !defined(OPENSSL_SYS_VMS) 90#elif !defined(OPENSSL_SYS_VMS) || defined(VMS_GMTIME_OK)
85 ts = gmtime(timer); 91 ts = gmtime(timer);
86 if (ts == NULL) 92 if (ts == NULL)
87 return NULL; 93 return NULL;
@@ -89,7 +95,7 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
89 memcpy(result, ts, sizeof(struct tm)); 95 memcpy(result, ts, sizeof(struct tm));
90 ts = result; 96 ts = result;
91#endif 97#endif
92#ifdef OPENSSL_SYS_VMS 98#if defined( OPENSSL_SYS_VMS) && !defined( VMS_GMTIME_OK)
93 if (ts == NULL) 99 if (ts == NULL)
94 { 100 {
95 static $DESCRIPTOR(tabnam,"LNM$DCL_LOGICAL"); 101 static $DESCRIPTOR(tabnam,"LNM$DCL_LOGICAL");
diff --git a/src/lib/libcrypto/ocsp/ocsp_ht.c b/src/lib/libcrypto/ocsp/ocsp_ht.c
index 12bbfcffd1..af5fc16691 100644
--- a/src/lib/libcrypto/ocsp/ocsp_ht.c
+++ b/src/lib/libcrypto/ocsp/ocsp_ht.c
@@ -397,11 +397,12 @@ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx)
397 397
398 398
399 case OHS_ASN1_HEADER: 399 case OHS_ASN1_HEADER:
400 /* Now reading ASN1 header: can read at least 6 bytes which 400 /* Now reading ASN1 header: can read at least 2 bytes which
401 * is more than enough for any valid ASN1 SEQUENCE header 401 * is enough for ASN1 SEQUENCE header and either length field
402 * or at least the length of the length field.
402 */ 403 */
403 n = BIO_get_mem_data(rctx->mem, &p); 404 n = BIO_get_mem_data(rctx->mem, &p);
404 if (n < 6) 405 if (n < 2)
405 goto next_io; 406 goto next_io;
406 407
407 /* Check it is an ASN1 SEQUENCE */ 408 /* Check it is an ASN1 SEQUENCE */
@@ -414,6 +415,11 @@ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx)
414 /* Check out length field */ 415 /* Check out length field */
415 if (*p & 0x80) 416 if (*p & 0x80)
416 { 417 {
418 /* If MSB set on initial length octet we can now
419 * always read 6 octets: make sure we have them.
420 */
421 if (n < 6)
422 goto next_io;
417 n = *p & 0x7F; 423 n = *p & 0x7F;
418 /* Not NDEF or excessive length */ 424 /* Not NDEF or excessive length */
419 if (!n || (n > 4)) 425 if (!n || (n > 4))
diff --git a/src/lib/libcrypto/ocsp/ocsp_lib.c b/src/lib/libcrypto/ocsp/ocsp_lib.c
index 36905d76cd..e92b86c060 100644
--- a/src/lib/libcrypto/ocsp/ocsp_lib.c
+++ b/src/lib/libcrypto/ocsp/ocsp_lib.c
@@ -170,14 +170,14 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss
170 170
171 char *host, *port; 171 char *host, *port;
172 172
173 /* dup the buffer since we are going to mess with it */
174 buf = BUF_strdup(url);
175 if (!buf) goto mem_err;
176
177 *phost = NULL; 173 *phost = NULL;
178 *pport = NULL; 174 *pport = NULL;
179 *ppath = NULL; 175 *ppath = NULL;
180 176
177 /* dup the buffer since we are going to mess with it */
178 buf = BUF_strdup(url);
179 if (!buf) goto mem_err;
180
181 /* Check for initial colon */ 181 /* Check for initial colon */
182 p = strchr(buf, ':'); 182 p = strchr(buf, ':');
183 183
diff --git a/src/lib/libcrypto/ocsp/ocsp_prn.c b/src/lib/libcrypto/ocsp/ocsp_prn.c
index 1695c9c4ad..87608ff399 100644
--- a/src/lib/libcrypto/ocsp/ocsp_prn.c
+++ b/src/lib/libcrypto/ocsp/ocsp_prn.c
@@ -182,7 +182,6 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
182 { 182 {
183 int i, ret = 0; 183 int i, ret = 0;
184 long l; 184 long l;
185 unsigned char *p;
186 OCSP_CERTID *cid = NULL; 185 OCSP_CERTID *cid = NULL;
187 OCSP_BASICRESP *br = NULL; 186 OCSP_BASICRESP *br = NULL;
188 OCSP_RESPID *rid = NULL; 187 OCSP_RESPID *rid = NULL;
@@ -207,7 +206,6 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
207 return 1; 206 return 1;
208 } 207 }
209 208
210 p = ASN1_STRING_data(rb->response);
211 i = ASN1_STRING_length(rb->response); 209 i = ASN1_STRING_length(rb->response);
212 if (!(br = OCSP_response_get1_basic(o))) goto err; 210 if (!(br = OCSP_response_get1_basic(o))) goto err;
213 rd = br->tbsResponseData; 211 rd = br->tbsResponseData;
diff --git a/src/lib/libcrypto/opensslv.h b/src/lib/libcrypto/opensslv.h
index 2fb110fa0e..310a3387be 100644
--- a/src/lib/libcrypto/opensslv.h
+++ b/src/lib/libcrypto/opensslv.h
@@ -25,11 +25,11 @@
25 * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for 25 * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
26 * major minor fix final patch/beta) 26 * major minor fix final patch/beta)
27 */ 27 */
28#define OPENSSL_VERSION_NUMBER 0x1000001fL 28#define OPENSSL_VERSION_NUMBER 0x1000005fL
29#ifdef OPENSSL_FIPS 29#ifdef OPENSSL_FIPS
30#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0a-fips 1 Jun 2010" 30#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0e-fips 6 Sep 2011"
31#else 31#else
32#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0a 1 Jun 2010" 32#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0e 6 Sep 2011"
33#endif 33#endif
34#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT 34#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
35 35
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
index 42e4861bc1..cfc89a9921 100644
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -482,7 +482,6 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
482 482
483int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) 483int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
484 { 484 {
485 int o;
486 const EVP_CIPHER *enc=NULL; 485 const EVP_CIPHER *enc=NULL;
487 char *p,c; 486 char *p,c;
488 char **header_pp = &header; 487 char **header_pp = &header;
@@ -522,7 +521,6 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
522 header++; 521 header++;
523 } 522 }
524 *header='\0'; 523 *header='\0';
525 o=OBJ_sn2nid(p);
526 cipher->cipher=enc=EVP_get_cipherbyname(p); 524 cipher->cipher=enc=EVP_get_cipherbyname(p);
527 *header=c; 525 *header=c;
528 header++; 526 header++;
diff --git a/src/lib/libcrypto/pem/pvkfmt.c b/src/lib/libcrypto/pem/pvkfmt.c
index d998a67fa5..5f130c4528 100644
--- a/src/lib/libcrypto/pem/pvkfmt.c
+++ b/src/lib/libcrypto/pem/pvkfmt.c
@@ -662,7 +662,7 @@ static int do_PVK_header(const unsigned char **in, unsigned int length,
662 662
663 { 663 {
664 const unsigned char *p = *in; 664 const unsigned char *p = *in;
665 unsigned int pvk_magic, keytype, is_encrypted; 665 unsigned int pvk_magic, is_encrypted;
666 if (skip_magic) 666 if (skip_magic)
667 { 667 {
668 if (length < 20) 668 if (length < 20)
@@ -689,7 +689,7 @@ static int do_PVK_header(const unsigned char **in, unsigned int length,
689 } 689 }
690 /* Skip reserved */ 690 /* Skip reserved */
691 p += 4; 691 p += 4;
692 keytype = read_ledword(&p); 692 /*keytype = */read_ledword(&p);
693 is_encrypted = read_ledword(&p); 693 is_encrypted = read_ledword(&p);
694 *psaltlen = read_ledword(&p); 694 *psaltlen = read_ledword(&p);
695 *pkeylen = read_ledword(&p); 695 *pkeylen = read_ledword(&p);
@@ -839,7 +839,7 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
839static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel, 839static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
840 pem_password_cb *cb, void *u) 840 pem_password_cb *cb, void *u)
841 { 841 {
842 int outlen = 24, noinc, pklen; 842 int outlen = 24, pklen;
843 unsigned char *p, *salt = NULL; 843 unsigned char *p, *salt = NULL;
844 if (enclevel) 844 if (enclevel)
845 outlen += PVK_SALTLEN; 845 outlen += PVK_SALTLEN;
@@ -850,10 +850,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
850 if (!out) 850 if (!out)
851 return outlen; 851 return outlen;
852 if (*out) 852 if (*out)
853 {
854 p = *out; 853 p = *out;
855 noinc = 0;
856 }
857 else 854 else
858 { 855 {
859 p = OPENSSL_malloc(outlen); 856 p = OPENSSL_malloc(outlen);
@@ -863,7 +860,6 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
863 return -1; 860 return -1;
864 } 861 }
865 *out = p; 862 *out = p;
866 noinc = 1;
867 } 863 }
868 864
869 write_ledword(&p, MS_PVKMAGIC); 865 write_ledword(&p, MS_PVKMAGIC);
diff --git a/src/lib/libcrypto/perlasm/cbc.pl b/src/lib/libcrypto/perlasm/cbc.pl
index e43dc9ae15..6fc2510905 100644
--- a/src/lib/libcrypto/perlasm/cbc.pl
+++ b/src/lib/libcrypto/perlasm/cbc.pl
@@ -158,7 +158,6 @@ sub cbc
158 &jmp_ptr($count); 158 &jmp_ptr($count);
159 159
160&set_label("ej7"); 160&set_label("ej7");
161 &xor("edx", "edx") if $ppro; # ppro friendly
162 &movb(&HB("edx"), &BP(6,$in,"",0)); 161 &movb(&HB("edx"), &BP(6,$in,"",0));
163 &shl("edx",8); 162 &shl("edx",8);
164&set_label("ej6"); 163&set_label("ej6");
@@ -170,7 +169,6 @@ sub cbc
170 &jmp(&label("ejend")); 169 &jmp(&label("ejend"));
171&set_label("ej3"); 170&set_label("ej3");
172 &movb(&HB("ecx"), &BP(2,$in,"",0)); 171 &movb(&HB("ecx"), &BP(2,$in,"",0));
173 &xor("ecx", "ecx") if $ppro; # ppro friendly
174 &shl("ecx",8); 172 &shl("ecx",8);
175&set_label("ej2"); 173&set_label("ej2");
176 &movb(&HB("ecx"), &BP(1,$in,"",0)); 174 &movb(&HB("ecx"), &BP(1,$in,"",0));
diff --git a/src/lib/libcrypto/perlasm/x86_64-xlate.pl b/src/lib/libcrypto/perlasm/x86_64-xlate.pl
index 354673acc1..e47116b74b 100755
--- a/src/lib/libcrypto/perlasm/x86_64-xlate.pl
+++ b/src/lib/libcrypto/perlasm/x86_64-xlate.pl
@@ -167,7 +167,7 @@ my %globals;
167 } elsif ($self->{op} =~ /^(pop|push)f/) { 167 } elsif ($self->{op} =~ /^(pop|push)f/) {
168 $self->{op} .= $self->{sz}; 168 $self->{op} .= $self->{sz};
169 } elsif ($self->{op} eq "call" && $current_segment eq ".CRT\$XCU") { 169 } elsif ($self->{op} eq "call" && $current_segment eq ".CRT\$XCU") {
170 $self->{op} = "ALIGN\t8\n\tDQ"; 170 $self->{op} = "\tDQ";
171 } 171 }
172 $self->{op}; 172 $self->{op};
173 } 173 }
@@ -545,6 +545,8 @@ my %globals;
545 if ($line=~/\.([px])data/) { 545 if ($line=~/\.([px])data/) {
546 $v.=" rdata align="; 546 $v.=" rdata align=";
547 $v.=$1 eq "p"? 4 : 8; 547 $v.=$1 eq "p"? 4 : 8;
548 } elsif ($line=~/\.CRT\$/i) {
549 $v.=" rdata align=8";
548 } 550 }
549 } else { 551 } else {
550 $v="$current_segment\tENDS\n" if ($current_segment); 552 $v="$current_segment\tENDS\n" if ($current_segment);
@@ -552,6 +554,8 @@ my %globals;
552 if ($line=~/\.([px])data/) { 554 if ($line=~/\.([px])data/) {
553 $v.=" READONLY"; 555 $v.=" READONLY";
554 $v.=" ALIGN(".($1 eq "p" ? 4 : 8).")" if ($masm>=$masmref); 556 $v.=" ALIGN(".($1 eq "p" ? 4 : 8).")" if ($masm>=$masmref);
557 } elsif ($line=~/\.CRT\$/i) {
558 $v.=" READONLY DWORD";
555 } 559 }
556 } 560 }
557 $current_segment = $line; 561 $current_segment = $line;
diff --git a/src/lib/libcrypto/pkcs12/p12_key.c b/src/lib/libcrypto/pkcs12/p12_key.c
index a29794bbbc..424203f648 100644
--- a/src/lib/libcrypto/pkcs12/p12_key.c
+++ b/src/lib/libcrypto/pkcs12/p12_key.c
@@ -107,6 +107,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
107 unsigned char *B, *D, *I, *p, *Ai; 107 unsigned char *B, *D, *I, *p, *Ai;
108 int Slen, Plen, Ilen, Ijlen; 108 int Slen, Plen, Ilen, Ijlen;
109 int i, j, u, v; 109 int i, j, u, v;
110 int ret = 0;
110 BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */ 111 BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */
111 EVP_MD_CTX ctx; 112 EVP_MD_CTX ctx;
112#ifdef DEBUG_KEYGEN 113#ifdef DEBUG_KEYGEN
@@ -144,10 +145,8 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
144 I = OPENSSL_malloc (Ilen); 145 I = OPENSSL_malloc (Ilen);
145 Ij = BN_new(); 146 Ij = BN_new();
146 Bpl1 = BN_new(); 147 Bpl1 = BN_new();
147 if (!D || !Ai || !B || !I || !Ij || !Bpl1) { 148 if (!D || !Ai || !B || !I || !Ij || !Bpl1)
148 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE); 149 goto err;
149 return 0;
150 }
151 for (i = 0; i < v; i++) D[i] = id; 150 for (i = 0; i < v; i++) D[i] = id;
152 p = I; 151 p = I;
153 for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen]; 152 for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen];
@@ -164,28 +163,22 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
164 } 163 }
165 memcpy (out, Ai, min (n, u)); 164 memcpy (out, Ai, min (n, u));
166 if (u >= n) { 165 if (u >= n) {
167 OPENSSL_free (Ai);
168 OPENSSL_free (B);
169 OPENSSL_free (D);
170 OPENSSL_free (I);
171 BN_free (Ij);
172 BN_free (Bpl1);
173 EVP_MD_CTX_cleanup(&ctx);
174#ifdef DEBUG_KEYGEN 166#ifdef DEBUG_KEYGEN
175 fprintf(stderr, "Output KEY (length %d)\n", tmpn); 167 fprintf(stderr, "Output KEY (length %d)\n", tmpn);
176 h__dump(tmpout, tmpn); 168 h__dump(tmpout, tmpn);
177#endif 169#endif
178 return 1; 170 ret = 1;
171 goto end;
179 } 172 }
180 n -= u; 173 n -= u;
181 out += u; 174 out += u;
182 for (j = 0; j < v; j++) B[j] = Ai[j % u]; 175 for (j = 0; j < v; j++) B[j] = Ai[j % u];
183 /* Work out B + 1 first then can use B as tmp space */ 176 /* Work out B + 1 first then can use B as tmp space */
184 BN_bin2bn (B, v, Bpl1); 177 if (!BN_bin2bn (B, v, Bpl1)) goto err;
185 BN_add_word (Bpl1, 1); 178 if (!BN_add_word (Bpl1, 1)) goto err;
186 for (j = 0; j < Ilen ; j+=v) { 179 for (j = 0; j < Ilen ; j+=v) {
187 BN_bin2bn (I + j, v, Ij); 180 if (!BN_bin2bn (I + j, v, Ij)) goto err;
188 BN_add (Ij, Ij, Bpl1); 181 if (!BN_add (Ij, Ij, Bpl1)) goto err;
189 BN_bn2bin (Ij, B); 182 BN_bn2bin (Ij, B);
190 Ijlen = BN_num_bytes (Ij); 183 Ijlen = BN_num_bytes (Ij);
191 /* If more than 2^(v*8) - 1 cut off MSB */ 184 /* If more than 2^(v*8) - 1 cut off MSB */
@@ -201,6 +194,19 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
201 } else BN_bn2bin (Ij, I + j); 194 } else BN_bn2bin (Ij, I + j);
202 } 195 }
203 } 196 }
197
198err:
199 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE);
200
201end:
202 OPENSSL_free (Ai);
203 OPENSSL_free (B);
204 OPENSSL_free (D);
205 OPENSSL_free (I);
206 BN_free (Ij);
207 BN_free (Bpl1);
208 EVP_MD_CTX_cleanup(&ctx);
209 return ret;
204} 210}
205#ifdef DEBUG_KEYGEN 211#ifdef DEBUG_KEYGEN
206void h__dump (unsigned char *p, int len) 212void h__dump (unsigned char *p, int len)
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c
index 451de84489..3bf1a367bb 100644
--- a/src/lib/libcrypto/pkcs7/pk7_doit.c
+++ b/src/lib/libcrypto/pkcs7/pk7_doit.c
@@ -422,7 +422,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
422 X509_ALGOR *enc_alg=NULL; 422 X509_ALGOR *enc_alg=NULL;
423 STACK_OF(X509_ALGOR) *md_sk=NULL; 423 STACK_OF(X509_ALGOR) *md_sk=NULL;
424 STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL; 424 STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
425 X509_ALGOR *xalg=NULL;
426 PKCS7_RECIP_INFO *ri=NULL; 425 PKCS7_RECIP_INFO *ri=NULL;
427 426
428 i=OBJ_obj2nid(p7->type); 427 i=OBJ_obj2nid(p7->type);
@@ -445,7 +444,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
445 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE); 444 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
446 goto err; 445 goto err;
447 } 446 }
448 xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
449 break; 447 break;
450 case NID_pkcs7_enveloped: 448 case NID_pkcs7_enveloped:
451 rsk=p7->d.enveloped->recipientinfo; 449 rsk=p7->d.enveloped->recipientinfo;
@@ -457,7 +455,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
457 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE); 455 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
458 goto err; 456 goto err;
459 } 457 }
460 xalg=p7->d.enveloped->enc_data->algorithm;
461 break; 458 break;
462 default: 459 default:
463 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); 460 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c
index 3ca0952792..d411269b50 100644
--- a/src/lib/libcrypto/pkcs7/pk7_lib.c
+++ b/src/lib/libcrypto/pkcs7/pk7_lib.c
@@ -591,7 +591,6 @@ X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
591int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) 591int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
592 { 592 {
593 int i; 593 int i;
594 ASN1_OBJECT *objtmp;
595 PKCS7_ENC_CONTENT *ec; 594 PKCS7_ENC_CONTENT *ec;
596 595
597 i=OBJ_obj2nid(p7->type); 596 i=OBJ_obj2nid(p7->type);
@@ -614,7 +613,6 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
614 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); 613 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
615 return(0); 614 return(0);
616 } 615 }
617 objtmp = OBJ_nid2obj(i);
618 616
619 ec->cipher = cipher; 617 ec->cipher = cipher;
620 return 1; 618 return 1;
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
index 4ed40b7b70..bc7d9c5804 100644
--- a/src/lib/libcrypto/rand/randfile.c
+++ b/src/lib/libcrypto/rand/randfile.c
@@ -144,7 +144,9 @@ int RAND_load_file(const char *file, long bytes)
144 * I/O because we will waste system entropy. 144 * I/O because we will waste system entropy.
145 */ 145 */
146 bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */ 146 bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
147#ifndef OPENSSL_NO_SETVBUF_IONBF
147 setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */ 148 setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */
149#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
148 } 150 }
149#endif 151#endif
150 for (;;) 152 for (;;)
@@ -269,7 +271,6 @@ err:
269const char *RAND_file_name(char *buf, size_t size) 271const char *RAND_file_name(char *buf, size_t size)
270 { 272 {
271 char *s=NULL; 273 char *s=NULL;
272 int ok = 0;
273#ifdef __OpenBSD__ 274#ifdef __OpenBSD__
274 struct stat sb; 275 struct stat sb;
275#endif 276#endif
@@ -298,7 +299,6 @@ const char *RAND_file_name(char *buf, size_t size)
298 BUF_strlcat(buf,"/",size); 299 BUF_strlcat(buf,"/",size);
299#endif 300#endif
300 BUF_strlcat(buf,RFILE,size); 301 BUF_strlcat(buf,RFILE,size);
301 ok = 1;
302 } 302 }
303 else 303 else
304 buf[0] = '\0'; /* no file name */ 304 buf[0] = '\0'; /* no file name */
@@ -312,7 +312,7 @@ const char *RAND_file_name(char *buf, size_t size)
312 * to something hopefully decent if that isn't available. 312 * to something hopefully decent if that isn't available.
313 */ 313 */
314 314
315 if (!ok) 315 if (!buf[0])
316 if (BUF_strlcpy(buf,"/dev/arandom",size) >= size) { 316 if (BUF_strlcpy(buf,"/dev/arandom",size) >= size) {
317 return(NULL); 317 return(NULL);
318 } 318 }
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c
index c5eaeeae6b..7c941885f0 100644
--- a/src/lib/libcrypto/rsa/rsa_eay.c
+++ b/src/lib/libcrypto/rsa/rsa_eay.c
@@ -675,7 +675,7 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
675 rsa->_method_mod_n)) goto err; 675 rsa->_method_mod_n)) goto err;
676 676
677 if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12)) 677 if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12))
678 BN_sub(ret, rsa->n, ret); 678 if (!BN_sub(ret, rsa->n, ret)) goto err;
679 679
680 p=buf; 680 p=buf;
681 i=BN_bn2bin(ret,p); 681 i=BN_bn2bin(ret,p);
diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c
index e238d10e5c..18d307ea9e 100644
--- a/src/lib/libcrypto/rsa/rsa_oaep.c
+++ b/src/lib/libcrypto/rsa/rsa_oaep.c
@@ -189,34 +189,40 @@ int PKCS1_MGF1(unsigned char *mask, long len,
189 EVP_MD_CTX c; 189 EVP_MD_CTX c;
190 unsigned char md[EVP_MAX_MD_SIZE]; 190 unsigned char md[EVP_MAX_MD_SIZE];
191 int mdlen; 191 int mdlen;
192 int rv = -1;
192 193
193 EVP_MD_CTX_init(&c); 194 EVP_MD_CTX_init(&c);
194 mdlen = EVP_MD_size(dgst); 195 mdlen = EVP_MD_size(dgst);
195 if (mdlen < 0) 196 if (mdlen < 0)
196 return -1; 197 goto err;
197 for (i = 0; outlen < len; i++) 198 for (i = 0; outlen < len; i++)
198 { 199 {
199 cnt[0] = (unsigned char)((i >> 24) & 255); 200 cnt[0] = (unsigned char)((i >> 24) & 255);
200 cnt[1] = (unsigned char)((i >> 16) & 255); 201 cnt[1] = (unsigned char)((i >> 16) & 255);
201 cnt[2] = (unsigned char)((i >> 8)) & 255; 202 cnt[2] = (unsigned char)((i >> 8)) & 255;
202 cnt[3] = (unsigned char)(i & 255); 203 cnt[3] = (unsigned char)(i & 255);
203 EVP_DigestInit_ex(&c,dgst, NULL); 204 if (!EVP_DigestInit_ex(&c,dgst, NULL)
204 EVP_DigestUpdate(&c, seed, seedlen); 205 || !EVP_DigestUpdate(&c, seed, seedlen)
205 EVP_DigestUpdate(&c, cnt, 4); 206 || !EVP_DigestUpdate(&c, cnt, 4))
207 goto err;
206 if (outlen + mdlen <= len) 208 if (outlen + mdlen <= len)
207 { 209 {
208 EVP_DigestFinal_ex(&c, mask + outlen, NULL); 210 if (!EVP_DigestFinal_ex(&c, mask + outlen, NULL))
211 goto err;
209 outlen += mdlen; 212 outlen += mdlen;
210 } 213 }
211 else 214 else
212 { 215 {
213 EVP_DigestFinal_ex(&c, md, NULL); 216 if (!EVP_DigestFinal_ex(&c, md, NULL))
217 goto err;
214 memcpy(mask + outlen, md, len - outlen); 218 memcpy(mask + outlen, md, len - outlen);
215 outlen = len; 219 outlen = len;
216 } 220 }
217 } 221 }
222 rv = 0;
223 err:
218 EVP_MD_CTX_cleanup(&c); 224 EVP_MD_CTX_cleanup(&c);
219 return 0; 225 return rv;
220 } 226 }
221 227
222static int MGF1(unsigned char *mask, long len, const unsigned char *seed, 228static int MGF1(unsigned char *mask, long len, const unsigned char *seed,
diff --git a/src/lib/libcrypto/sha/asm/sha1-armv4-large.pl b/src/lib/libcrypto/sha/asm/sha1-armv4-large.pl
index 88861af641..6e65fe3e01 100644
--- a/src/lib/libcrypto/sha/asm/sha1-armv4-large.pl
+++ b/src/lib/libcrypto/sha/asm/sha1-armv4-large.pl
@@ -37,9 +37,18 @@
37# modes are limited. As result it takes more instructions to do 37# modes are limited. As result it takes more instructions to do
38# the same job in Thumb, therefore the code is never twice as 38# the same job in Thumb, therefore the code is never twice as
39# small and always slower. 39# small and always slower.
40# [***] which is also ~35% better than compiler generated code. 40# [***] which is also ~35% better than compiler generated code. Dual-
41# issue Cortex A8 core was measured to process input block in
42# ~990 cycles.
41 43
42$output=shift; 44# August 2010.
45#
46# Rescheduling for dual-issue pipeline resulted in 13% improvement on
47# Cortex A8 core and in absolute terms ~870 cycles per input block
48# [or 13.6 cycles per byte].
49
50
51while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
43open STDOUT,">$output"; 52open STDOUT,">$output";
44 53
45$ctx="r0"; 54$ctx="r0";
@@ -58,43 +67,22 @@ $t3="r12";
58$Xi="r14"; 67$Xi="r14";
59@V=($a,$b,$c,$d,$e); 68@V=($a,$b,$c,$d,$e);
60 69
61# One can optimize this for aligned access on big-endian architecture,
62# but code's endian neutrality makes it too pretty:-)
63sub Xload {
64my ($a,$b,$c,$d,$e)=@_;
65$code.=<<___;
66 ldrb $t0,[$inp],#4
67 ldrb $t1,[$inp,#-3]
68 ldrb $t2,[$inp,#-2]
69 ldrb $t3,[$inp,#-1]
70 add $e,$K,$e,ror#2 @ E+=K_00_19
71 orr $t0,$t1,$t0,lsl#8
72 add $e,$e,$a,ror#27 @ E+=ROR(A,27)
73 orr $t0,$t2,$t0,lsl#8
74 eor $t1,$c,$d @ F_xx_xx
75 orr $t0,$t3,$t0,lsl#8
76 add $e,$e,$t0 @ E+=X[i]
77 str $t0,[$Xi,#-4]!
78___
79}
80sub Xupdate { 70sub Xupdate {
81my ($a,$b,$c,$d,$e,$flag)=@_; 71my ($a,$b,$c,$d,$e,$opt1,$opt2)=@_;
82$code.=<<___; 72$code.=<<___;
83 ldr $t0,[$Xi,#15*4] 73 ldr $t0,[$Xi,#15*4]
84 ldr $t1,[$Xi,#13*4] 74 ldr $t1,[$Xi,#13*4]
85 ldr $t2,[$Xi,#7*4] 75 ldr $t2,[$Xi,#7*4]
86 ldr $t3,[$Xi,#2*4]
87 add $e,$K,$e,ror#2 @ E+=K_xx_xx 76 add $e,$K,$e,ror#2 @ E+=K_xx_xx
77 ldr $t3,[$Xi,#2*4]
88 eor $t0,$t0,$t1 78 eor $t0,$t0,$t1
89 eor $t0,$t0,$t2 79 eor $t2,$t2,$t3
90 eor $t0,$t0,$t3 80 eor $t1,$c,$d @ F_xx_xx
91 add $e,$e,$a,ror#27 @ E+=ROR(A,27)
92___
93$code.=<<___ if (!defined($flag));
94 eor $t1,$c,$d @ F_xx_xx, but not in 40_59
95___
96$code.=<<___;
97 mov $t0,$t0,ror#31 81 mov $t0,$t0,ror#31
82 add $e,$e,$a,ror#27 @ E+=ROR(A,27)
83 eor $t0,$t0,$t2,ror#31
84 $opt1 @ F_xx_xx
85 $opt2 @ F_xx_xx
98 add $e,$e,$t0 @ E+=X[i] 86 add $e,$e,$t0 @ E+=X[i]
99 str $t0,[$Xi,#-4]! 87 str $t0,[$Xi,#-4]!
100___ 88___
@@ -102,19 +90,29 @@ ___
102 90
103sub BODY_00_15 { 91sub BODY_00_15 {
104my ($a,$b,$c,$d,$e)=@_; 92my ($a,$b,$c,$d,$e)=@_;
105 &Xload(@_);
106$code.=<<___; 93$code.=<<___;
94 ldrb $t0,[$inp],#4
95 ldrb $t1,[$inp,#-1]
96 ldrb $t2,[$inp,#-2]
97 add $e,$K,$e,ror#2 @ E+=K_00_19
98 ldrb $t3,[$inp,#-3]
99 add $e,$e,$a,ror#27 @ E+=ROR(A,27)
100 orr $t0,$t1,$t0,lsl#24
101 eor $t1,$c,$d @ F_xx_xx
102 orr $t0,$t0,$t2,lsl#8
103 orr $t0,$t0,$t3,lsl#16
107 and $t1,$b,$t1,ror#2 104 and $t1,$b,$t1,ror#2
105 add $e,$e,$t0 @ E+=X[i]
108 eor $t1,$t1,$d,ror#2 @ F_00_19(B,C,D) 106 eor $t1,$t1,$d,ror#2 @ F_00_19(B,C,D)
107 str $t0,[$Xi,#-4]!
109 add $e,$e,$t1 @ E+=F_00_19(B,C,D) 108 add $e,$e,$t1 @ E+=F_00_19(B,C,D)
110___ 109___
111} 110}
112 111
113sub BODY_16_19 { 112sub BODY_16_19 {
114my ($a,$b,$c,$d,$e)=@_; 113my ($a,$b,$c,$d,$e)=@_;
115 &Xupdate(@_); 114 &Xupdate(@_,"and $t1,$b,$t1,ror#2");
116$code.=<<___; 115$code.=<<___;
117 and $t1,$b,$t1,ror#2
118 eor $t1,$t1,$d,ror#2 @ F_00_19(B,C,D) 116 eor $t1,$t1,$d,ror#2 @ F_00_19(B,C,D)
119 add $e,$e,$t1 @ E+=F_00_19(B,C,D) 117 add $e,$e,$t1 @ E+=F_00_19(B,C,D)
120___ 118___
@@ -122,22 +120,18 @@ ___
122 120
123sub BODY_20_39 { 121sub BODY_20_39 {
124my ($a,$b,$c,$d,$e)=@_; 122my ($a,$b,$c,$d,$e)=@_;
125 &Xupdate(@_); 123 &Xupdate(@_,"eor $t1,$b,$t1,ror#2");
126$code.=<<___; 124$code.=<<___;
127 eor $t1,$b,$t1,ror#2 @ F_20_39(B,C,D)
128 add $e,$e,$t1 @ E+=F_20_39(B,C,D) 125 add $e,$e,$t1 @ E+=F_20_39(B,C,D)
129___ 126___
130} 127}
131 128
132sub BODY_40_59 { 129sub BODY_40_59 {
133my ($a,$b,$c,$d,$e)=@_; 130my ($a,$b,$c,$d,$e)=@_;
134 &Xupdate(@_,1); 131 &Xupdate(@_,"and $t1,$b,$t1,ror#2","and $t2,$c,$d");
135$code.=<<___; 132$code.=<<___;
136 and $t1,$b,$c,ror#2
137 orr $t2,$b,$c,ror#2
138 and $t2,$t2,$d,ror#2
139 orr $t1,$t1,$t2 @ F_40_59(B,C,D)
140 add $e,$e,$t1 @ E+=F_40_59(B,C,D) 133 add $e,$e,$t1 @ E+=F_40_59(B,C,D)
134 add $e,$e,$t2,ror#2
141___ 135___
142} 136}
143 137
diff --git a/src/lib/libcrypto/sha/asm/sha1-sparcv9.pl b/src/lib/libcrypto/sha/asm/sha1-sparcv9.pl
index 8306fc88cc..5c161cecd6 100644
--- a/src/lib/libcrypto/sha/asm/sha1-sparcv9.pl
+++ b/src/lib/libcrypto/sha/asm/sha1-sparcv9.pl
@@ -276,6 +276,7 @@ $code.=<<___;
276.type sha1_block_data_order,#function 276.type sha1_block_data_order,#function
277.size sha1_block_data_order,(.-sha1_block_data_order) 277.size sha1_block_data_order,(.-sha1_block_data_order)
278.asciz "SHA1 block transform for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>" 278.asciz "SHA1 block transform for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
279.align 4
279___ 280___
280 281
281$code =~ s/\`([^\`]*)\`/eval $1/gem; 282$code =~ s/\`([^\`]*)\`/eval $1/gem;
diff --git a/src/lib/libcrypto/sha/asm/sha1-sparcv9a.pl b/src/lib/libcrypto/sha/asm/sha1-sparcv9a.pl
index 15eb854bad..85e8d68086 100644
--- a/src/lib/libcrypto/sha/asm/sha1-sparcv9a.pl
+++ b/src/lib/libcrypto/sha/asm/sha1-sparcv9a.pl
@@ -539,6 +539,7 @@ $code.=<<___;
539.type sha1_block_data_order,#function 539.type sha1_block_data_order,#function
540.size sha1_block_data_order,(.-sha1_block_data_order) 540.size sha1_block_data_order,(.-sha1_block_data_order)
541.asciz "SHA1 block transform for SPARCv9a, CRYPTOGAMS by <appro\@openssl.org>" 541.asciz "SHA1 block transform for SPARCv9a, CRYPTOGAMS by <appro\@openssl.org>"
542.align 4
542___ 543___
543 544
544# Purpose of these subroutines is to explicitly encode VIS instructions, 545# Purpose of these subroutines is to explicitly encode VIS instructions,
diff --git a/src/lib/libcrypto/sha/asm/sha256-armv4.pl b/src/lib/libcrypto/sha/asm/sha256-armv4.pl
index 48d846deec..492cb62bc0 100644
--- a/src/lib/libcrypto/sha/asm/sha256-armv4.pl
+++ b/src/lib/libcrypto/sha/asm/sha256-armv4.pl
@@ -11,9 +11,14 @@
11 11
12# Performance is ~2x better than gcc 3.4 generated code and in "abso- 12# Performance is ~2x better than gcc 3.4 generated code and in "abso-
13# lute" terms is ~2250 cycles per 64-byte block or ~35 cycles per 13# lute" terms is ~2250 cycles per 64-byte block or ~35 cycles per
14# byte. 14# byte [on single-issue Xscale PXA250 core].
15 15
16$output=shift; 16# July 2010.
17#
18# Rescheduling for dual-issue pipeline resulted in 22% improvement on
19# Cortex A8 core and ~20 cycles per processed byte.
20
21while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
17open STDOUT,">$output"; 22open STDOUT,">$output";
18 23
19$ctx="r0"; $t0="r0"; 24$ctx="r0"; $t0="r0";
@@ -52,27 +57,27 @@ $code.=<<___ if ($i<16);
52___ 57___
53$code.=<<___; 58$code.=<<___;
54 ldr $t2,[$Ktbl],#4 @ *K256++ 59 ldr $t2,[$Ktbl],#4 @ *K256++
55 str $T1,[sp,#`$i%16`*4]
56 mov $t0,$e,ror#$Sigma1[0] 60 mov $t0,$e,ror#$Sigma1[0]
61 str $T1,[sp,#`$i%16`*4]
57 eor $t0,$t0,$e,ror#$Sigma1[1] 62 eor $t0,$t0,$e,ror#$Sigma1[1]
58 eor $t0,$t0,$e,ror#$Sigma1[2] @ Sigma1(e)
59 add $T1,$T1,$t0
60 eor $t1,$f,$g 63 eor $t1,$f,$g
64 eor $t0,$t0,$e,ror#$Sigma1[2] @ Sigma1(e)
61 and $t1,$t1,$e 65 and $t1,$t1,$e
66 add $T1,$T1,$t0
62 eor $t1,$t1,$g @ Ch(e,f,g) 67 eor $t1,$t1,$g @ Ch(e,f,g)
63 add $T1,$T1,$t1
64 add $T1,$T1,$h 68 add $T1,$T1,$h
65 add $T1,$T1,$t2
66 mov $h,$a,ror#$Sigma0[0] 69 mov $h,$a,ror#$Sigma0[0]
70 add $T1,$T1,$t1
67 eor $h,$h,$a,ror#$Sigma0[1] 71 eor $h,$h,$a,ror#$Sigma0[1]
72 add $T1,$T1,$t2
68 eor $h,$h,$a,ror#$Sigma0[2] @ Sigma0(a) 73 eor $h,$h,$a,ror#$Sigma0[2] @ Sigma0(a)
69 orr $t0,$a,$b 74 orr $t0,$a,$b
70 and $t0,$t0,$c
71 and $t1,$a,$b 75 and $t1,$a,$b
76 and $t0,$t0,$c
77 add $h,$h,$T1
72 orr $t0,$t0,$t1 @ Maj(a,b,c) 78 orr $t0,$t0,$t1 @ Maj(a,b,c)
73 add $h,$h,$t0
74 add $d,$d,$T1 79 add $d,$d,$T1
75 add $h,$h,$T1 80 add $h,$h,$t0
76___ 81___
77} 82}
78 83
@@ -80,19 +85,19 @@ sub BODY_16_XX {
80my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_; 85my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
81 86
82$code.=<<___; 87$code.=<<___;
83 ldr $t1,[sp,#`($i+1)%16`*4] @ $i 88 ldr $t1,[sp,#`($i+1)%16`*4] @ $i
84 ldr $t2,[sp,#`($i+14)%16`*4] 89 ldr $t2,[sp,#`($i+14)%16`*4]
85 ldr $T1,[sp,#`($i+0)%16`*4] 90 ldr $T1,[sp,#`($i+0)%16`*4]
86 ldr $inp,[sp,#`($i+9)%16`*4]
87 mov $t0,$t1,ror#$sigma0[0] 91 mov $t0,$t1,ror#$sigma0[0]
92 ldr $inp,[sp,#`($i+9)%16`*4]
88 eor $t0,$t0,$t1,ror#$sigma0[1] 93 eor $t0,$t0,$t1,ror#$sigma0[1]
89 eor $t0,$t0,$t1,lsr#$sigma0[2] @ sigma0(X[i+1]) 94 eor $t0,$t0,$t1,lsr#$sigma0[2] @ sigma0(X[i+1])
90 mov $t1,$t2,ror#$sigma1[0] 95 mov $t1,$t2,ror#$sigma1[0]
96 add $T1,$T1,$t0
91 eor $t1,$t1,$t2,ror#$sigma1[1] 97 eor $t1,$t1,$t2,ror#$sigma1[1]
98 add $T1,$T1,$inp
92 eor $t1,$t1,$t2,lsr#$sigma1[2] @ sigma1(X[i+14]) 99 eor $t1,$t1,$t2,lsr#$sigma1[2] @ sigma1(X[i+14])
93 add $T1,$T1,$t0
94 add $T1,$T1,$t1 100 add $T1,$T1,$t1
95 add $T1,$T1,$inp
96___ 101___
97 &BODY_00_15(@_); 102 &BODY_00_15(@_);
98} 103}
diff --git a/src/lib/libcrypto/sha/asm/sha512-armv4.pl b/src/lib/libcrypto/sha/asm/sha512-armv4.pl
index 4fbb94a914..3a35861ac6 100644
--- a/src/lib/libcrypto/sha/asm/sha512-armv4.pl
+++ b/src/lib/libcrypto/sha/asm/sha512-armv4.pl
@@ -10,7 +10,13 @@
10# SHA512 block procedure for ARMv4. September 2007. 10# SHA512 block procedure for ARMv4. September 2007.
11 11
12# This code is ~4.5 (four and a half) times faster than code generated 12# This code is ~4.5 (four and a half) times faster than code generated
13# by gcc 3.4 and it spends ~72 clock cycles per byte. 13# by gcc 3.4 and it spends ~72 clock cycles per byte [on single-issue
14# Xscale PXA250 core].
15#
16# July 2010.
17#
18# Rescheduling for dual-issue pipeline resulted in 6% improvement on
19# Cortex A8 core and ~40 cycles per processed byte.
14 20
15# Byte order [in]dependence. ========================================= 21# Byte order [in]dependence. =========================================
16# 22#
@@ -22,7 +28,7 @@ $hi=0;
22$lo=4; 28$lo=4;
23# ==================================================================== 29# ====================================================================
24 30
25$output=shift; 31while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
26open STDOUT,">$output"; 32open STDOUT,">$output";
27 33
28$ctx="r0"; 34$ctx="r0";
@@ -73,33 +79,31 @@ $code.=<<___;
73 eor $t0,$t0,$Elo,lsl#23 79 eor $t0,$t0,$Elo,lsl#23
74 eor $t1,$t1,$Ehi,lsl#23 @ Sigma1(e) 80 eor $t1,$t1,$Ehi,lsl#23 @ Sigma1(e)
75 adds $Tlo,$Tlo,$t0 81 adds $Tlo,$Tlo,$t0
76 adc $Thi,$Thi,$t1 @ T += Sigma1(e)
77 adds $Tlo,$Tlo,$t2
78 adc $Thi,$Thi,$t3 @ T += h
79
80 ldr $t0,[sp,#$Foff+0] @ f.lo 82 ldr $t0,[sp,#$Foff+0] @ f.lo
83 adc $Thi,$Thi,$t1 @ T += Sigma1(e)
81 ldr $t1,[sp,#$Foff+4] @ f.hi 84 ldr $t1,[sp,#$Foff+4] @ f.hi
85 adds $Tlo,$Tlo,$t2
82 ldr $t2,[sp,#$Goff+0] @ g.lo 86 ldr $t2,[sp,#$Goff+0] @ g.lo
87 adc $Thi,$Thi,$t3 @ T += h
83 ldr $t3,[sp,#$Goff+4] @ g.hi 88 ldr $t3,[sp,#$Goff+4] @ g.hi
84 str $Elo,[sp,#$Eoff+0]
85 str $Ehi,[sp,#$Eoff+4]
86 str $Alo,[sp,#$Aoff+0]
87 str $Ahi,[sp,#$Aoff+4]
88 89
89 eor $t0,$t0,$t2 90 eor $t0,$t0,$t2
91 str $Elo,[sp,#$Eoff+0]
90 eor $t1,$t1,$t3 92 eor $t1,$t1,$t3
93 str $Ehi,[sp,#$Eoff+4]
91 and $t0,$t0,$Elo 94 and $t0,$t0,$Elo
95 str $Alo,[sp,#$Aoff+0]
92 and $t1,$t1,$Ehi 96 and $t1,$t1,$Ehi
97 str $Ahi,[sp,#$Aoff+4]
93 eor $t0,$t0,$t2 98 eor $t0,$t0,$t2
94 eor $t1,$t1,$t3 @ Ch(e,f,g)
95
96 ldr $t2,[$Ktbl,#4] @ K[i].lo 99 ldr $t2,[$Ktbl,#4] @ K[i].lo
100 eor $t1,$t1,$t3 @ Ch(e,f,g)
97 ldr $t3,[$Ktbl,#0] @ K[i].hi 101 ldr $t3,[$Ktbl,#0] @ K[i].hi
98 ldr $Elo,[sp,#$Doff+0] @ d.lo
99 ldr $Ehi,[sp,#$Doff+4] @ d.hi
100 102
101 adds $Tlo,$Tlo,$t0 103 adds $Tlo,$Tlo,$t0
104 ldr $Elo,[sp,#$Doff+0] @ d.lo
102 adc $Thi,$Thi,$t1 @ T += Ch(e,f,g) 105 adc $Thi,$Thi,$t1 @ T += Ch(e,f,g)
106 ldr $Ehi,[sp,#$Doff+4] @ d.hi
103 adds $Tlo,$Tlo,$t2 107 adds $Tlo,$Tlo,$t2
104 adc $Thi,$Thi,$t3 @ T += K[i] 108 adc $Thi,$Thi,$t3 @ T += K[i]
105 adds $Elo,$Elo,$Tlo 109 adds $Elo,$Elo,$Tlo
diff --git a/src/lib/libcrypto/sha/asm/sha512-sparcv9.pl b/src/lib/libcrypto/sha/asm/sha512-sparcv9.pl
index 54241aab50..ec5d78135e 100644
--- a/src/lib/libcrypto/sha/asm/sha512-sparcv9.pl
+++ b/src/lib/libcrypto/sha/asm/sha512-sparcv9.pl
@@ -586,6 +586,7 @@ $code.=<<___;
586.type sha${label}_block_data_order,#function 586.type sha${label}_block_data_order,#function
587.size sha${label}_block_data_order,(.-sha${label}_block_data_order) 587.size sha${label}_block_data_order,(.-sha${label}_block_data_order)
588.asciz "SHA${label} block transform for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>" 588.asciz "SHA${label} block transform for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
589.align 4
589___ 590___
590 591
591$code =~ s/\`([^\`]*)\`/eval $1/gem; 592$code =~ s/\`([^\`]*)\`/eval $1/gem;
diff --git a/src/lib/libcrypto/sparccpuid.S b/src/lib/libcrypto/sparccpuid.S
index aa8b11efc9..ae61f7f5ce 100644
--- a/src/lib/libcrypto/sparccpuid.S
+++ b/src/lib/libcrypto/sparccpuid.S
@@ -225,13 +225,95 @@ _sparcv9_rdtick:
225 xor %o0,%o0,%o0 225 xor %o0,%o0,%o0
226 .word 0x91410000 !rd %tick,%o0 226 .word 0x91410000 !rd %tick,%o0
227 retl 227 retl
228 .word 0x93323020 !srlx %o2,32,%o1 228 .word 0x93323020 !srlx %o0,32,%o1
229.notick: 229.notick:
230 retl 230 retl
231 xor %o1,%o1,%o1 231 xor %o1,%o1,%o1
232.type _sparcv9_rdtick,#function 232.type _sparcv9_rdtick,#function
233.size _sparcv9_rdtick,.-_sparcv9_rdtick 233.size _sparcv9_rdtick,.-_sparcv9_rdtick
234 234
235.global _sparcv9_vis1_probe
236.align 8
237_sparcv9_vis1_probe:
238 .word 0x81b00d80 !fxor %f0,%f0,%f0
239 add %sp,BIAS+2,%o1
240 retl
241 .word 0xc19a5a40 !ldda [%o1]ASI_FP16_P,%f0
242.type _sparcv9_vis1_probe,#function
243.size _sparcv9_vis1_probe,.-_sparcv9_vis1_probe
244
245! Probe and instrument VIS1 instruction. Output is number of cycles it
246! takes to execute rdtick and pair of VIS1 instructions. US-Tx VIS unit
247! is slow (documented to be 6 cycles on T2) and the core is in-order
248! single-issue, it should be possible to distinguish Tx reliably...
249! Observed return values are:
250!
251! UltraSPARC IIe 7
252! UltraSPARC III 7
253! UltraSPARC T1 24
254!
255! Numbers for T2 and SPARC64 V-VII are more than welcomed.
256!
257! It would be possible to detect specifically US-T1 by instrumenting
258! fmul8ulx16, which is emulated on T1 and as such accounts for quite
259! a lot of %tick-s, couple of thousand on Linux...
260.global _sparcv9_vis1_instrument
261.align 8
262_sparcv9_vis1_instrument:
263 .word 0x91410000 !rd %tick,%o0
264 .word 0x81b00d80 !fxor %f0,%f0,%f0
265 .word 0x85b08d82 !fxor %f2,%f2,%f2
266 .word 0x93410000 !rd %tick,%o1
267 .word 0x81b00d80 !fxor %f0,%f0,%f0
268 .word 0x85b08d82 !fxor %f2,%f2,%f2
269 .word 0x95410000 !rd %tick,%o2
270 .word 0x81b00d80 !fxor %f0,%f0,%f0
271 .word 0x85b08d82 !fxor %f2,%f2,%f2
272 .word 0x97410000 !rd %tick,%o3
273 .word 0x81b00d80 !fxor %f0,%f0,%f0
274 .word 0x85b08d82 !fxor %f2,%f2,%f2
275 .word 0x99410000 !rd %tick,%o4
276
277 ! calculate intervals
278 sub %o1,%o0,%o0
279 sub %o2,%o1,%o1
280 sub %o3,%o2,%o2
281 sub %o4,%o3,%o3
282
283 ! find minumum value
284 cmp %o0,%o1
285 .word 0x38680002 !bgu,a %xcc,.+8
286 mov %o1,%o0
287 cmp %o0,%o2
288 .word 0x38680002 !bgu,a %xcc,.+8
289 mov %o2,%o0
290 cmp %o0,%o3
291 .word 0x38680002 !bgu,a %xcc,.+8
292 mov %o3,%o0
293
294 retl
295 nop
296.type _sparcv9_vis1_instrument,#function
297.size _sparcv9_vis1_instrument,.-_sparcv9_vis1_instrument
298
299.global _sparcv9_vis2_probe
300.align 8
301_sparcv9_vis2_probe:
302 retl
303 .word 0x81b00980 !bshuffle %f0,%f0,%f0
304.type _sparcv9_vis2_probe,#function
305.size _sparcv9_vis2_probe,.-_sparcv9_vis2_probe
306
307.global _sparcv9_fmadd_probe
308.align 8
309_sparcv9_fmadd_probe:
310 .word 0x81b00d80 !fxor %f0,%f0,%f0
311 .word 0x85b08d82 !fxor %f2,%f2,%f2
312 retl
313 .word 0x81b80440 !fmaddd %f0,%f0,%f2,%f0
314.type _sparcv9_fmadd_probe,#function
315.size _sparcv9_fmadd_probe,.-_sparcv9_fmadd_probe
316
235.global OPENSSL_cleanse 317.global OPENSSL_cleanse
236.align 32 318.align 32
237OPENSSL_cleanse: 319OPENSSL_cleanse:
diff --git a/src/lib/libcrypto/sparcv9cap.c b/src/lib/libcrypto/sparcv9cap.c
index 5f31d20bd0..ed195ab402 100644
--- a/src/lib/libcrypto/sparcv9cap.c
+++ b/src/lib/libcrypto/sparcv9cap.c
@@ -1,6 +1,8 @@
1#include <stdio.h> 1#include <stdio.h>
2#include <stdlib.h> 2#include <stdlib.h>
3#include <string.h> 3#include <string.h>
4#include <setjmp.h>
5#include <signal.h>
4#include <sys/time.h> 6#include <sys/time.h>
5#include <openssl/bn.h> 7#include <openssl/bn.h>
6 8
@@ -9,6 +11,7 @@
9#define SPARCV9_VIS1 (1<<2) 11#define SPARCV9_VIS1 (1<<2)
10#define SPARCV9_VIS2 (1<<3) /* reserved */ 12#define SPARCV9_VIS2 (1<<3) /* reserved */
11#define SPARCV9_FMADD (1<<4) /* reserved for SPARC64 V */ 13#define SPARCV9_FMADD (1<<4) /* reserved for SPARC64 V */
14
12static int OPENSSL_sparcv9cap_P=SPARCV9_TICK_PRIVILEGED; 15static int OPENSSL_sparcv9cap_P=SPARCV9_TICK_PRIVILEGED;
13 16
14int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num) 17int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num)
@@ -23,10 +26,14 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_U
23 return bn_mul_mont_int(rp,ap,bp,np,n0,num); 26 return bn_mul_mont_int(rp,ap,bp,np,n0,num);
24 } 27 }
25 28
29unsigned long _sparcv9_rdtick(void);
30void _sparcv9_vis1_probe(void);
31unsigned long _sparcv9_vis1_instrument(void);
32void _sparcv9_vis2_probe(void);
33void _sparcv9_fmadd_probe(void);
34
26unsigned long OPENSSL_rdtsc(void) 35unsigned long OPENSSL_rdtsc(void)
27 { 36 {
28 unsigned long _sparcv9_rdtick(void);
29
30 if (OPENSSL_sparcv9cap_P&SPARCV9_TICK_PRIVILEGED) 37 if (OPENSSL_sparcv9cap_P&SPARCV9_TICK_PRIVILEGED)
31#if defined(__sun) && defined(__SVR4) 38#if defined(__sun) && defined(__SVR4)
32 return gethrtime(); 39 return gethrtime();
@@ -37,8 +44,11 @@ unsigned long OPENSSL_rdtsc(void)
37 return _sparcv9_rdtick(); 44 return _sparcv9_rdtick();
38 } 45 }
39 46
40#if defined(__sun) && defined(__SVR4) 47#if 0 && defined(__sun) && defined(__SVR4)
41 48/* This code path is disabled, because of incompatibility of
49 * libdevinfo.so.1 and libmalloc.so.1 (see below for details)
50 */
51#include <malloc.h>
42#include <dlfcn.h> 52#include <dlfcn.h>
43#include <libdevinfo.h> 53#include <libdevinfo.h>
44#include <sys/systeminfo.h> 54#include <sys/systeminfo.h>
@@ -110,7 +120,21 @@ void OPENSSL_cpuid_setup(void)
110 return; 120 return;
111 } 121 }
112 } 122 }
113 123#ifdef M_KEEP
124 /*
125 * Solaris libdevinfo.so.1 is effectively incomatible with
126 * libmalloc.so.1. Specifically, if application is linked with
127 * -lmalloc, it crashes upon startup with SIGSEGV in
128 * free(3LIBMALLOC) called by di_fini. Prior call to
129 * mallopt(M_KEEP,0) somehow helps... But not always...
130 */
131 if ((h = dlopen(NULL,RTLD_LAZY)))
132 {
133 union { void *p; int (*f)(int,int); } sym;
134 if ((sym.p = dlsym(h,"mallopt"))) (*sym.f)(M_KEEP,0);
135 dlclose(h);
136 }
137#endif
114 if ((h = dlopen("libdevinfo.so.1",RTLD_LAZY))) do 138 if ((h = dlopen("libdevinfo.so.1",RTLD_LAZY))) do
115 { 139 {
116 di_init_t di_init; 140 di_init_t di_init;
@@ -137,9 +161,19 @@ void OPENSSL_cpuid_setup(void)
137 161
138#else 162#else
139 163
164static sigjmp_buf common_jmp;
165static void common_handler(int sig) { siglongjmp(common_jmp,sig); }
166
140void OPENSSL_cpuid_setup(void) 167void OPENSSL_cpuid_setup(void)
141 { 168 {
142 char *e; 169 char *e;
170 struct sigaction common_act,ill_oact,bus_oact;
171 sigset_t all_masked,oset;
172 int sig;
173 static int trigger=0;
174
175 if (trigger) return;
176 trigger=1;
143 177
144 if ((e=getenv("OPENSSL_sparcv9cap"))) 178 if ((e=getenv("OPENSSL_sparcv9cap")))
145 { 179 {
@@ -147,8 +181,57 @@ void OPENSSL_cpuid_setup(void)
147 return; 181 return;
148 } 182 }
149 183
150 /* For now we assume that the rest supports UltraSPARC-I* only */ 184 /* Initial value, fits UltraSPARC-I&II... */
151 OPENSSL_sparcv9cap_P |= SPARCV9_PREFER_FPU|SPARCV9_VIS1; 185 OPENSSL_sparcv9cap_P = SPARCV9_PREFER_FPU|SPARCV9_TICK_PRIVILEGED;
186
187 sigfillset(&all_masked);
188 sigdelset(&all_masked,SIGILL);
189 sigdelset(&all_masked,SIGTRAP);
190#ifdef SIGEMT
191 sigdelset(&all_masked,SIGEMT);
192#endif
193 sigdelset(&all_masked,SIGFPE);
194 sigdelset(&all_masked,SIGBUS);
195 sigdelset(&all_masked,SIGSEGV);
196 sigprocmask(SIG_SETMASK,&all_masked,&oset);
197
198 memset(&common_act,0,sizeof(common_act));
199 common_act.sa_handler = common_handler;
200 common_act.sa_mask = all_masked;
201
202 sigaction(SIGILL,&common_act,&ill_oact);
203 sigaction(SIGBUS,&common_act,&bus_oact);/* T1 fails 16-bit ldda [on Linux] */
204
205 if (sigsetjmp(common_jmp,1) == 0)
206 {
207 _sparcv9_rdtick();
208 OPENSSL_sparcv9cap_P &= ~SPARCV9_TICK_PRIVILEGED;
209 }
210
211 if (sigsetjmp(common_jmp,1) == 0)
212 {
213 _sparcv9_vis1_probe();
214 OPENSSL_sparcv9cap_P |= SPARCV9_VIS1;
215 /* detect UltraSPARC-Tx, see sparccpud.S for details... */
216 if (_sparcv9_vis1_instrument() >= 12)
217 OPENSSL_sparcv9cap_P &= ~(SPARCV9_VIS1|SPARCV9_PREFER_FPU);
218 else
219 {
220 _sparcv9_vis2_probe();
221 OPENSSL_sparcv9cap_P |= SPARCV9_VIS2;
222 }
223 }
224
225 if (sigsetjmp(common_jmp,1) == 0)
226 {
227 _sparcv9_fmadd_probe();
228 OPENSSL_sparcv9cap_P |= SPARCV9_FMADD;
229 }
230
231 sigaction(SIGBUS,&bus_oact,NULL);
232 sigaction(SIGILL,&ill_oact,NULL);
233
234 sigprocmask(SIG_SETMASK,&oset,NULL);
152 } 235 }
153 236
154#endif 237#endif
diff --git a/src/lib/libcrypto/stack/safestack.h b/src/lib/libcrypto/stack/safestack.h
index 891cb84a51..3e76aa58f5 100644
--- a/src/lib/libcrypto/stack/safestack.h
+++ b/src/lib/libcrypto/stack/safestack.h
@@ -179,7 +179,8 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
179 sk_is_sorted(CHECKED_STACK_OF(type, st)) 179 sk_is_sorted(CHECKED_STACK_OF(type, st))
180 180
181#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ 181#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
182 (STACK_OF(type) *)d2i_ASN1_SET((STACK_OF(OPENSSL_BLOCK) **)CHECKED_STACK_OF(type, st), \ 182 (STACK_OF(type) *)d2i_ASN1_SET( \
183 (STACK_OF(OPENSSL_BLOCK) **)CHECKED_PTR_OF(STACK_OF(type)*, st), \
183 pp, length, \ 184 pp, length, \
184 CHECKED_D2I_OF(type, d2i_func), \ 185 CHECKED_D2I_OF(type, d2i_func), \
185 CHECKED_SK_FREE_FUNC(type, free_func), \ 186 CHECKED_SK_FREE_FUNC(type, free_func), \
@@ -2030,79 +2031,79 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
2030#define sk_void_sort(st) SKM_sk_sort(void, (st)) 2031#define sk_void_sort(st) SKM_sk_sort(void, (st))
2031#define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st)) 2032#define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st))
2032 2033
2033#define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_SK_CMP_FUNC(void, cmp))) 2034#define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp)))
2034#define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null()) 2035#define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null())
2035#define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val)) 2036#define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
2036#define sk_OPENSSL_BLOCK_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val)) 2037#define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
2037#define sk_OPENSSL_BLOCK_value(st, i) ((OPENSSL_BLOCK)sk_value(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), i)) 2038#define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_STACK_OF(OPENSSL_STRING, st), i))
2038#define sk_OPENSSL_BLOCK_num(st) SKM_sk_num(OPENSSL_BLOCK, st) 2039#define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st)
2039#define sk_OPENSSL_BLOCK_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_SK_FREE_FUNC2(OPENSSL_BLOCK, free_func)) 2040#define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_STRING, free_func))
2040#define sk_OPENSSL_BLOCK_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val), i) 2041#define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val), i)
2041#define sk_OPENSSL_BLOCK_free(st) SKM_sk_free(OPENSSL_BLOCK, st) 2042#define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st)
2042#define sk_OPENSSL_BLOCK_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), i, CHECKED_PTR_OF(void, val)) 2043#define sk_OPENSSL_STRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_STRING, st), i, CHECKED_PTR_OF(char, val))
2043#define sk_OPENSSL_BLOCK_zero(st) SKM_sk_zero(OPENSSL_BLOCK, (st)) 2044#define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st))
2044#define sk_OPENSSL_BLOCK_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val)) 2045#define sk_OPENSSL_STRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
2045#define sk_OPENSSL_BLOCK_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_CONST_PTR_OF(void, val)) 2046#define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val))
2046#define sk_OPENSSL_BLOCK_delete(st, i) SKM_sk_delete(OPENSSL_BLOCK, (st), (i)) 2047#define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i))
2047#define sk_OPENSSL_BLOCK_delete_ptr(st, ptr) (OPENSSL_BLOCK *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, ptr)) 2048#define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, ptr))
2048#define sk_OPENSSL_BLOCK_set_cmp_func(st, cmp) \ 2049#define sk_OPENSSL_STRING_set_cmp_func(st, cmp) \
2049 ((int (*)(const void * const *,const void * const *)) \ 2050 ((int (*)(const char * const *,const char * const *)) \
2050 sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_SK_CMP_FUNC(void, cmp))) 2051 sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_CMP_FUNC(char, cmp)))
2051#define sk_OPENSSL_BLOCK_dup(st) SKM_sk_dup(OPENSSL_BLOCK, st) 2052#define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st)
2052#define sk_OPENSSL_BLOCK_shift(st) SKM_sk_shift(OPENSSL_BLOCK, (st)) 2053#define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st))
2053#define sk_OPENSSL_BLOCK_pop(st) (void *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st)) 2054#define sk_OPENSSL_STRING_pop(st) (char *)sk_pop(CHECKED_STACK_OF(OPENSSL_STRING, st))
2054#define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st)) 2055#define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st))
2055#define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st)) 2056#define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st))
2056 2057
2057 2058
2058#define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) 2059#define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
2059#define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null()) 2060#define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null())
2060#define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val)) 2061#define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
2061#define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val)) 2062#define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
2062#define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), i)) 2063#define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i))
2063#define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st) 2064#define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st)
2064#define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_SK_FREE_FUNC2(OPENSSL_PSTRING, free_func)) 2065#define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_PSTRING, free_func))
2065#define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val), i) 2066#define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
2066#define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st) 2067#define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st)
2067#define sk_OPENSSL_PSTRING_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), i, CHECKED_PTR_OF(OPENSSL_STRING, val)) 2068#define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
2068#define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st)) 2069#define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st))
2069#define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val)) 2070#define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
2070#define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val)) 2071#define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val))
2071#define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i)) 2072#define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i))
2072#define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, ptr)) 2073#define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
2073#define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \ 2074#define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \
2074 ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \ 2075 ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \
2075 sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) 2076 sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
2076#define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st) 2077#define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st)
2077#define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st)) 2078#define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st))
2078#define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st)) 2079#define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st))
2079#define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st)) 2080#define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st))
2080#define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st)) 2081#define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st))
2081 2082
2082 2083
2083#define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp))) 2084#define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_SK_CMP_FUNC(void, cmp)))
2084#define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null()) 2085#define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null())
2085#define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val)) 2086#define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
2086#define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val)) 2087#define sk_OPENSSL_BLOCK_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
2087#define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), i)) 2088#define sk_OPENSSL_BLOCK_value(st, i) ((OPENSSL_BLOCK)sk_value(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i))
2088#define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st) 2089#define sk_OPENSSL_BLOCK_num(st) SKM_sk_num(OPENSSL_BLOCK, st)
2089#define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_SK_FREE_FUNC2(OPENSSL_STRING, free_func)) 2090#define sk_OPENSSL_BLOCK_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_FREE_FUNC2(OPENSSL_BLOCK, free_func))
2090#define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val), i) 2091#define sk_OPENSSL_BLOCK_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val), i)
2091#define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st) 2092#define sk_OPENSSL_BLOCK_free(st) SKM_sk_free(OPENSSL_BLOCK, st)
2092#define sk_OPENSSL_STRING_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), i, CHECKED_PTR_OF(char, val)) 2093#define sk_OPENSSL_BLOCK_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i, CHECKED_PTR_OF(void, val))
2093#define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st)) 2094#define sk_OPENSSL_BLOCK_zero(st) SKM_sk_zero(OPENSSL_BLOCK, (st))
2094#define sk_OPENSSL_STRING_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val)) 2095#define sk_OPENSSL_BLOCK_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
2095#define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val)) 2096#define sk_OPENSSL_BLOCK_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_CONST_PTR_OF(void, val))
2096#define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i)) 2097#define sk_OPENSSL_BLOCK_delete(st, i) SKM_sk_delete(OPENSSL_BLOCK, (st), (i))
2097#define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, ptr)) 2098#define sk_OPENSSL_BLOCK_delete_ptr(st, ptr) (OPENSSL_BLOCK *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, ptr))
2098#define sk_OPENSSL_STRING_set_cmp_func(st, cmp) \ 2099#define sk_OPENSSL_BLOCK_set_cmp_func(st, cmp) \
2099 ((int (*)(const char * const *,const char * const *)) \ 2100 ((int (*)(const void * const *,const void * const *)) \
2100 sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_SK_CMP_FUNC(char, cmp))) 2101 sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_CMP_FUNC(void, cmp)))
2101#define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st) 2102#define sk_OPENSSL_BLOCK_dup(st) SKM_sk_dup(OPENSSL_BLOCK, st)
2102#define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st)) 2103#define sk_OPENSSL_BLOCK_shift(st) SKM_sk_shift(OPENSSL_BLOCK, (st))
2103#define sk_OPENSSL_STRING_pop(st) (char *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st)) 2104#define sk_OPENSSL_BLOCK_pop(st) (void *)sk_pop(CHECKED_STACK_OF(OPENSSL_BLOCK, st))
2104#define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st)) 2105#define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st))
2105#define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st)) 2106#define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st))
2106 2107
2107 2108
2108#define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ 2109#define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
diff --git a/src/lib/libcrypto/ts/ts_verify_ctx.c b/src/lib/libcrypto/ts/ts_verify_ctx.c
index b079b50fc3..609b7735d4 100644
--- a/src/lib/libcrypto/ts/ts_verify_ctx.c
+++ b/src/lib/libcrypto/ts/ts_verify_ctx.c
@@ -56,7 +56,6 @@
56 * 56 *
57 */ 57 */
58 58
59#include <assert.h>
60#include "cryptlib.h" 59#include "cryptlib.h"
61#include <openssl/objects.h> 60#include <openssl/objects.h>
62#include <openssl/ts.h> 61#include <openssl/ts.h>
@@ -74,7 +73,7 @@ TS_VERIFY_CTX *TS_VERIFY_CTX_new(void)
74 73
75void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx) 74void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx)
76 { 75 {
77 assert(ctx != NULL); 76 OPENSSL_assert(ctx != NULL);
78 memset(ctx, 0, sizeof(TS_VERIFY_CTX)); 77 memset(ctx, 0, sizeof(TS_VERIFY_CTX));
79 } 78 }
80 79
@@ -116,7 +115,7 @@ TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
116 ASN1_OCTET_STRING *msg; 115 ASN1_OCTET_STRING *msg;
117 const ASN1_INTEGER *nonce; 116 const ASN1_INTEGER *nonce;
118 117
119 assert(req != NULL); 118 OPENSSL_assert(req != NULL);
120 if (ret) 119 if (ret)
121 TS_VERIFY_CTX_cleanup(ret); 120 TS_VERIFY_CTX_cleanup(ret);
122 else 121 else
diff --git a/src/lib/libcrypto/util/mkerr.pl b/src/lib/libcrypto/util/mkerr.pl
index 15b774f277..2c99467d34 100644
--- a/src/lib/libcrypto/util/mkerr.pl
+++ b/src/lib/libcrypto/util/mkerr.pl
@@ -391,7 +391,7 @@ foreach $lib (keys %csrc)
391 } else { 391 } else {
392 push @out, 392 push @out,
393"/* ====================================================================\n", 393"/* ====================================================================\n",
394" * Copyright (c) 2001-2010 The OpenSSL Project. All rights reserved.\n", 394" * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.\n",
395" *\n", 395" *\n",
396" * Redistribution and use in source and binary forms, with or without\n", 396" * Redistribution and use in source and binary forms, with or without\n",
397" * modification, are permitted provided that the following conditions\n", 397" * modification, are permitted provided that the following conditions\n",
@@ -576,7 +576,7 @@ EOF
576 print OUT <<"EOF"; 576 print OUT <<"EOF";
577/* $cfile */ 577/* $cfile */
578/* ==================================================================== 578/* ====================================================================
579 * Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved. 579 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
580 * 580 *
581 * Redistribution and use in source and binary forms, with or without 581 * Redistribution and use in source and binary forms, with or without
582 * modification, are permitted provided that the following conditions 582 * modification, are permitted provided that the following conditions
diff --git a/src/lib/libcrypto/util/mkstack.pl b/src/lib/libcrypto/util/mkstack.pl
index 6a43757c95..f708610a78 100644
--- a/src/lib/libcrypto/util/mkstack.pl
+++ b/src/lib/libcrypto/util/mkstack.pl
@@ -104,25 +104,25 @@ EOF
104 104
105#define sk_${t1}_new(cmp) ((STACK_OF($t1) *)sk_new(CHECKED_SK_CMP_FUNC($t2, cmp))) 105#define sk_${t1}_new(cmp) ((STACK_OF($t1) *)sk_new(CHECKED_SK_CMP_FUNC($t2, cmp)))
106#define sk_${t1}_new_null() ((STACK_OF($t1) *)sk_new_null()) 106#define sk_${t1}_new_null() ((STACK_OF($t1) *)sk_new_null())
107#define sk_${t1}_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_PTR_OF($t2, val)) 107#define sk_${t1}_push(st, val) sk_push(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val))
108#define sk_${t1}_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_PTR_OF($t2, val)) 108#define sk_${t1}_find(st, val) sk_find(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val))
109#define sk_${t1}_value(st, i) (($t1)sk_value(CHECKED_PTR_OF(STACK_OF($t1), st), i)) 109#define sk_${t1}_value(st, i) (($t1)sk_value(CHECKED_STACK_OF($t1, st), i))
110#define sk_${t1}_num(st) SKM_sk_num($t1, st) 110#define sk_${t1}_num(st) SKM_sk_num($t1, st)
111#define sk_${t1}_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_SK_FREE_FUNC2($t1, free_func)) 111#define sk_${t1}_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF($t1, st), CHECKED_SK_FREE_FUNC2($t1, free_func))
112#define sk_${t1}_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_PTR_OF($t2, val), i) 112#define sk_${t1}_insert(st, val, i) sk_insert(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val), i)
113#define sk_${t1}_free(st) SKM_sk_free(${t1}, st) 113#define sk_${t1}_free(st) SKM_sk_free(${t1}, st)
114#define sk_${t1}_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF($t1), st), i, CHECKED_PTR_OF($t2, val)) 114#define sk_${t1}_set(st, i, val) sk_set(CHECKED_STACK_OF($t1, st), i, CHECKED_PTR_OF($t2, val))
115#define sk_${t1}_zero(st) SKM_sk_zero($t1, (st)) 115#define sk_${t1}_zero(st) SKM_sk_zero($t1, (st))
116#define sk_${t1}_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_PTR_OF($t2, val)) 116#define sk_${t1}_unshift(st, val) sk_unshift(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val))
117#define sk_${t1}_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF($t1), st), CHECKED_CONST_PTR_OF($t2, val)) 117#define sk_${t1}_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF($t1), st), CHECKED_CONST_PTR_OF($t2, val))
118#define sk_${t1}_delete(st, i) SKM_sk_delete($t1, (st), (i)) 118#define sk_${t1}_delete(st, i) SKM_sk_delete($t1, (st), (i))
119#define sk_${t1}_delete_ptr(st, ptr) ($t1 *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_PTR_OF($t2, ptr)) 119#define sk_${t1}_delete_ptr(st, ptr) ($t1 *)sk_delete_ptr(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, ptr))
120#define sk_${t1}_set_cmp_func(st, cmp) \\ 120#define sk_${t1}_set_cmp_func(st, cmp) \\
121 ((int (*)(const $t2 * const *,const $t2 * const *)) \\ 121 ((int (*)(const $t2 * const *,const $t2 * const *)) \\
122 sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_SK_CMP_FUNC($t2, cmp))) 122 sk_set_cmp_func(CHECKED_STACK_OF($t1, st), CHECKED_SK_CMP_FUNC($t2, cmp)))
123#define sk_${t1}_dup(st) SKM_sk_dup($t1, st) 123#define sk_${t1}_dup(st) SKM_sk_dup($t1, st)
124#define sk_${t1}_shift(st) SKM_sk_shift($t1, (st)) 124#define sk_${t1}_shift(st) SKM_sk_shift($t1, (st))
125#define sk_${t1}_pop(st) ($t2 *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF($t1), st)) 125#define sk_${t1}_pop(st) ($t2 *)sk_pop(CHECKED_STACK_OF($t1, st))
126#define sk_${t1}_sort(st) SKM_sk_sort($t1, (st)) 126#define sk_${t1}_sort(st) SKM_sk_sort($t1, (st))
127#define sk_${t1}_is_sorted(st) SKM_sk_is_sorted($t1, (st)) 127#define sk_${t1}_is_sorted(st) SKM_sk_is_sorted($t1, (st))
128 128
diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h
index 604f4fb27f..e6f8a40395 100644
--- a/src/lib/libcrypto/x509/x509.h
+++ b/src/lib/libcrypto/x509/x509.h
@@ -258,6 +258,7 @@ typedef struct x509_cinf_st
258 ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ 258 ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
259 ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ 259 ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
260 STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ 260 STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
261 ASN1_ENCODING enc;
261 } X509_CINF; 262 } X509_CINF;
262 263
263/* This stuff is certificate "auxiliary info" 264/* This stuff is certificate "auxiliary info"
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index 87ebf62525..5a0b0249b4 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -703,6 +703,7 @@ static int check_cert(X509_STORE_CTX *ctx)
703 x = sk_X509_value(ctx->chain, cnum); 703 x = sk_X509_value(ctx->chain, cnum);
704 ctx->current_cert = x; 704 ctx->current_cert = x;
705 ctx->current_issuer = NULL; 705 ctx->current_issuer = NULL;
706 ctx->current_crl_score = 0;
706 ctx->current_reasons = 0; 707 ctx->current_reasons = 0;
707 while (ctx->current_reasons != CRLDP_ALL_REASONS) 708 while (ctx->current_reasons != CRLDP_ALL_REASONS)
708 { 709 {
@@ -2015,6 +2016,9 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
2015 ctx->error_depth=0; 2016 ctx->error_depth=0;
2016 ctx->current_cert=NULL; 2017 ctx->current_cert=NULL;
2017 ctx->current_issuer=NULL; 2018 ctx->current_issuer=NULL;
2019 ctx->current_crl=NULL;
2020 ctx->current_crl_score=0;
2021 ctx->current_reasons=0;
2018 ctx->tree = NULL; 2022 ctx->tree = NULL;
2019 ctx->parent = NULL; 2023 ctx->parent = NULL;
2020 2024
@@ -2034,7 +2038,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
2034 if (store) 2038 if (store)
2035 ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param); 2039 ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);
2036 else 2040 else
2037 ctx->param->flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE; 2041 ctx->param->inh_flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE;
2038 2042
2039 if (store) 2043 if (store)
2040 { 2044 {
diff --git a/src/lib/libcrypto/x509/x_all.c b/src/lib/libcrypto/x509/x_all.c
index ebae30b701..8ec88c215a 100644
--- a/src/lib/libcrypto/x509/x_all.c
+++ b/src/lib/libcrypto/x509/x_all.c
@@ -90,6 +90,7 @@ int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
90 90
91int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) 91int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
92 { 92 {
93 x->cert_info->enc.modified = 1;
93 return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), x->cert_info->signature, 94 return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), x->cert_info->signature,
94 x->sig_alg, x->signature, x->cert_info,pkey,md)); 95 x->sig_alg, x->signature, x->cert_info,pkey,md));
95 } 96 }
diff --git a/src/lib/libcrypto/x509v3/pcy_tree.c b/src/lib/libcrypto/x509v3/pcy_tree.c
index 92f6b24556..bb9777348f 100644
--- a/src/lib/libcrypto/x509v3/pcy_tree.c
+++ b/src/lib/libcrypto/x509v3/pcy_tree.c
@@ -341,9 +341,8 @@ static int tree_link_nodes(X509_POLICY_LEVEL *curr,
341 const X509_POLICY_CACHE *cache) 341 const X509_POLICY_CACHE *cache)
342 { 342 {
343 int i; 343 int i;
344 X509_POLICY_LEVEL *last;
345 X509_POLICY_DATA *data; 344 X509_POLICY_DATA *data;
346 last = curr - 1; 345
347 for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) 346 for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++)
348 { 347 {
349 data = sk_X509_POLICY_DATA_value(cache->data, i); 348 data = sk_X509_POLICY_DATA_value(cache->data, i);
diff --git a/src/lib/libcrypto/x509v3/v3_ncons.c b/src/lib/libcrypto/x509v3/v3_ncons.c
index 689df46acd..a01dc64dd2 100644
--- a/src/lib/libcrypto/x509v3/v3_ncons.c
+++ b/src/lib/libcrypto/x509v3/v3_ncons.c
@@ -189,7 +189,6 @@ static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method,
189 print_nc_ipadd(bp, tree->base->d.ip); 189 print_nc_ipadd(bp, tree->base->d.ip);
190 else 190 else
191 GENERAL_NAME_print(bp, tree->base); 191 GENERAL_NAME_print(bp, tree->base);
192 tree = sk_GENERAL_SUBTREE_value(trees, i);
193 BIO_puts(bp, "\n"); 192 BIO_puts(bp, "\n");
194 } 193 }
195 return 1; 194 return 1;
diff --git a/src/lib/libssl/LICENSE b/src/lib/libssl/LICENSE
index a2c4adcbe6..e47d101f10 100644
--- a/src/lib/libssl/LICENSE
+++ b/src/lib/libssl/LICENSE
@@ -12,7 +12,7 @@
12 --------------- 12 ---------------
13 13
14/* ==================================================================== 14/* ====================================================================
15 * Copyright (c) 1998-2008 The OpenSSL Project. All rights reserved. 15 * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved.
16 * 16 *
17 * Redistribution and use in source and binary forms, with or without 17 * Redistribution and use in source and binary forms, with or without
18 * modification, are permitted provided that the following conditions 18 * modification, are permitted provided that the following conditions
diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c
index af319af302..eedac8a3fc 100644
--- a/src/lib/libssl/bio_ssl.c
+++ b/src/lib/libssl/bio_ssl.c
@@ -348,7 +348,11 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
348 break; 348 break;
349 case BIO_C_SET_SSL: 349 case BIO_C_SET_SSL:
350 if (ssl != NULL) 350 if (ssl != NULL)
351 {
351 ssl_free(b); 352 ssl_free(b);
353 if (!ssl_new(b))
354 return 0;
355 }
352 b->shutdown=(int)num; 356 b->shutdown=(int)num;
353 ssl=(SSL *)ptr; 357 ssl=(SSL *)ptr;
354 ((BIO_SSL *)b->ptr)->ssl=ssl; 358 ((BIO_SSL *)b->ptr)->ssl=ssl;
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index 4ce4064cc9..2180c6d4da 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -153,7 +153,7 @@
153#endif 153#endif
154 154
155static unsigned char bitmask_start_values[] = {0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80}; 155static unsigned char bitmask_start_values[] = {0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80};
156static unsigned char bitmask_end_values[] = {0x00, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f}; 156static unsigned char bitmask_end_values[] = {0xff, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f};
157 157
158/* XDTLS: figure out the right values */ 158/* XDTLS: figure out the right values */
159static unsigned int g_probable_mtu[] = {1500 - 28, 512 - 28, 256 - 28}; 159static unsigned int g_probable_mtu[] = {1500 - 28, 512 - 28, 256 - 28};
@@ -464,20 +464,9 @@ again:
464 464
465 memset(msg_hdr, 0x00, sizeof(struct hm_header_st)); 465 memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
466 466
467 s->d1->handshake_read_seq++; 467 /* Don't change sequence numbers while listening */
468 /* we just read a handshake message from the other side: 468 if (!s->d1->listen)
469 * this means that we don't need to retransmit of the 469 s->d1->handshake_read_seq++;
470 * buffered messages.
471 * XDTLS: may be able clear out this
472 * buffer a little sooner (i.e if an out-of-order
473 * handshake message/record is received at the record
474 * layer.
475 * XDTLS: exception is that the server needs to
476 * know that change cipher spec and finished messages
477 * have been received by the client before clearing this
478 * buffer. this can simply be done by waiting for the
479 * first data segment, but is there a better way? */
480 dtls1_clear_record_buffer(s);
481 470
482 s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH; 471 s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
483 return s->init_num; 472 return s->init_num;
@@ -813,9 +802,11 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
813 802
814 /* 803 /*
815 * if this is a future (or stale) message it gets buffered 804 * if this is a future (or stale) message it gets buffered
816 * (or dropped)--no further processing at this time 805 * (or dropped)--no further processing at this time
806 * While listening, we accept seq 1 (ClientHello with cookie)
807 * although we're still expecting seq 0 (ClientHello)
817 */ 808 */
818 if ( msg_hdr.seq != s->d1->handshake_read_seq) 809 if (msg_hdr.seq != s->d1->handshake_read_seq && !(s->d1->listen && msg_hdr.seq == 1))
819 return dtls1_process_out_of_seq_message(s, &msg_hdr, ok); 810 return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
820 811
821 len = msg_hdr.msg_len; 812 len = msg_hdr.msg_len;
@@ -1322,7 +1313,8 @@ unsigned char *
1322dtls1_set_message_header(SSL *s, unsigned char *p, unsigned char mt, 1313dtls1_set_message_header(SSL *s, unsigned char *p, unsigned char mt,
1323 unsigned long len, unsigned long frag_off, unsigned long frag_len) 1314 unsigned long len, unsigned long frag_off, unsigned long frag_len)
1324 { 1315 {
1325 if ( frag_off == 0) 1316 /* Don't change sequence numbers while listening */
1317 if (frag_off == 0 && !s->d1->listen)
1326 { 1318 {
1327 s->d1->handshake_write_seq = s->d1->next_handshake_write_seq; 1319 s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
1328 s->d1->next_handshake_write_seq++; 1320 s->d1->next_handshake_write_seq++;
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index 5bc9eb6603..089fa4c7f8 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -407,7 +407,8 @@ int dtls1_connect(SSL *s)
407 407
408 case SSL3_ST_CW_CHANGE_A: 408 case SSL3_ST_CW_CHANGE_A:
409 case SSL3_ST_CW_CHANGE_B: 409 case SSL3_ST_CW_CHANGE_B:
410 dtls1_start_timer(s); 410 if (!s->hit)
411 dtls1_start_timer(s);
411 ret=dtls1_send_change_cipher_spec(s, 412 ret=dtls1_send_change_cipher_spec(s,
412 SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B); 413 SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
413 if (ret <= 0) goto end; 414 if (ret <= 0) goto end;
@@ -442,7 +443,8 @@ int dtls1_connect(SSL *s)
442 443
443 case SSL3_ST_CW_FINISHED_A: 444 case SSL3_ST_CW_FINISHED_A:
444 case SSL3_ST_CW_FINISHED_B: 445 case SSL3_ST_CW_FINISHED_B:
445 dtls1_start_timer(s); 446 if (!s->hit)
447 dtls1_start_timer(s);
446 ret=dtls1_send_finished(s, 448 ret=dtls1_send_finished(s,
447 SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B, 449 SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
448 s->method->ssl3_enc->client_finished_label, 450 s->method->ssl3_enc->client_finished_label,
diff --git a/src/lib/libssl/d1_enc.c b/src/lib/libssl/d1_enc.c
index 8fa57347a9..becbab91c2 100644
--- a/src/lib/libssl/d1_enc.c
+++ b/src/lib/libssl/d1_enc.c
@@ -231,11 +231,7 @@ int dtls1_enc(SSL *s, int send)
231 if (!send) 231 if (!send)
232 { 232 {
233 if (l == 0 || l%bs != 0) 233 if (l == 0 || l%bs != 0)
234 { 234 return -1;
235 SSLerr(SSL_F_DTLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
236 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
237 return 0;
238 }
239 } 235 }
240 236
241 EVP_Cipher(ds,rec->data,rec->input,l); 237 EVP_Cipher(ds,rec->data,rec->input,l);
diff --git a/src/lib/libssl/d1_lib.c b/src/lib/libssl/d1_lib.c
index 96b220e87c..48e8b6ffbb 100644
--- a/src/lib/libssl/d1_lib.c
+++ b/src/lib/libssl/d1_lib.c
@@ -129,26 +129,33 @@ int dtls1_new(SSL *s)
129 return(1); 129 return(1);
130 } 130 }
131 131
132void dtls1_free(SSL *s) 132static void dtls1_clear_queues(SSL *s)
133 { 133 {
134 pitem *item = NULL; 134 pitem *item = NULL;
135 hm_fragment *frag = NULL; 135 hm_fragment *frag = NULL;
136 136 DTLS1_RECORD_DATA *rdata;
137 ssl3_free(s);
138 137
139 while( (item = pqueue_pop(s->d1->unprocessed_rcds.q)) != NULL) 138 while( (item = pqueue_pop(s->d1->unprocessed_rcds.q)) != NULL)
140 { 139 {
140 rdata = (DTLS1_RECORD_DATA *) item->data;
141 if (rdata->rbuf.buf)
142 {
143 OPENSSL_free(rdata->rbuf.buf);
144 }
141 OPENSSL_free(item->data); 145 OPENSSL_free(item->data);
142 pitem_free(item); 146 pitem_free(item);
143 } 147 }
144 pqueue_free(s->d1->unprocessed_rcds.q);
145 148
146 while( (item = pqueue_pop(s->d1->processed_rcds.q)) != NULL) 149 while( (item = pqueue_pop(s->d1->processed_rcds.q)) != NULL)
147 { 150 {
151 rdata = (DTLS1_RECORD_DATA *) item->data;
152 if (rdata->rbuf.buf)
153 {
154 OPENSSL_free(rdata->rbuf.buf);
155 }
148 OPENSSL_free(item->data); 156 OPENSSL_free(item->data);
149 pitem_free(item); 157 pitem_free(item);
150 } 158 }
151 pqueue_free(s->d1->processed_rcds.q);
152 159
153 while( (item = pqueue_pop(s->d1->buffered_messages)) != NULL) 160 while( (item = pqueue_pop(s->d1->buffered_messages)) != NULL)
154 { 161 {
@@ -157,7 +164,6 @@ void dtls1_free(SSL *s)
157 OPENSSL_free(frag); 164 OPENSSL_free(frag);
158 pitem_free(item); 165 pitem_free(item);
159 } 166 }
160 pqueue_free(s->d1->buffered_messages);
161 167
162 while ( (item = pqueue_pop(s->d1->sent_messages)) != NULL) 168 while ( (item = pqueue_pop(s->d1->sent_messages)) != NULL)
163 { 169 {
@@ -166,7 +172,6 @@ void dtls1_free(SSL *s)
166 OPENSSL_free(frag); 172 OPENSSL_free(frag);
167 pitem_free(item); 173 pitem_free(item);
168 } 174 }
169 pqueue_free(s->d1->sent_messages);
170 175
171 while ( (item = pqueue_pop(s->d1->buffered_app_data.q)) != NULL) 176 while ( (item = pqueue_pop(s->d1->buffered_app_data.q)) != NULL)
172 { 177 {
@@ -175,6 +180,18 @@ void dtls1_free(SSL *s)
175 OPENSSL_free(frag); 180 OPENSSL_free(frag);
176 pitem_free(item); 181 pitem_free(item);
177 } 182 }
183 }
184
185void dtls1_free(SSL *s)
186 {
187 ssl3_free(s);
188
189 dtls1_clear_queues(s);
190
191 pqueue_free(s->d1->unprocessed_rcds.q);
192 pqueue_free(s->d1->processed_rcds.q);
193 pqueue_free(s->d1->buffered_messages);
194 pqueue_free(s->d1->sent_messages);
178 pqueue_free(s->d1->buffered_app_data.q); 195 pqueue_free(s->d1->buffered_app_data.q);
179 196
180 OPENSSL_free(s->d1); 197 OPENSSL_free(s->d1);
@@ -182,6 +199,36 @@ void dtls1_free(SSL *s)
182 199
183void dtls1_clear(SSL *s) 200void dtls1_clear(SSL *s)
184 { 201 {
202 pqueue unprocessed_rcds;
203 pqueue processed_rcds;
204 pqueue buffered_messages;
205 pqueue sent_messages;
206 pqueue buffered_app_data;
207
208 if (s->d1)
209 {
210 unprocessed_rcds = s->d1->unprocessed_rcds.q;
211 processed_rcds = s->d1->processed_rcds.q;
212 buffered_messages = s->d1->buffered_messages;
213 sent_messages = s->d1->sent_messages;
214 buffered_app_data = s->d1->buffered_app_data.q;
215
216 dtls1_clear_queues(s);
217
218 memset(s->d1, 0, sizeof(*(s->d1)));
219
220 if (s->server)
221 {
222 s->d1->cookie_len = sizeof(s->d1->cookie);
223 }
224
225 s->d1->unprocessed_rcds.q = unprocessed_rcds;
226 s->d1->processed_rcds.q = processed_rcds;
227 s->d1->buffered_messages = buffered_messages;
228 s->d1->sent_messages = sent_messages;
229 s->d1->buffered_app_data.q = buffered_app_data;
230 }
231
185 ssl3_clear(s); 232 ssl3_clear(s);
186 if (s->options & SSL_OP_CISCO_ANYCONNECT) 233 if (s->options & SSL_OP_CISCO_ANYCONNECT)
187 s->version=DTLS1_BAD_VER; 234 s->version=DTLS1_BAD_VER;
@@ -330,6 +377,8 @@ void dtls1_stop_timer(SSL *s)
330 memset(&(s->d1->next_timeout), 0, sizeof(struct timeval)); 377 memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
331 s->d1->timeout_duration = 1; 378 s->d1->timeout_duration = 1;
332 BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, &(s->d1->next_timeout)); 379 BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, &(s->d1->next_timeout));
380 /* Clear retransmission buffer */
381 dtls1_clear_record_buffer(s);
333 } 382 }
334 383
335int dtls1_handle_timeout(SSL *s) 384int dtls1_handle_timeout(SSL *s)
@@ -349,7 +398,7 @@ int dtls1_handle_timeout(SSL *s)
349 { 398 {
350 /* fail the connection, enough alerts have been sent */ 399 /* fail the connection, enough alerts have been sent */
351 SSLerr(SSL_F_DTLS1_HANDLE_TIMEOUT,SSL_R_READ_TIMEOUT_EXPIRED); 400 SSLerr(SSL_F_DTLS1_HANDLE_TIMEOUT,SSL_R_READ_TIMEOUT_EXPIRED);
352 return 0; 401 return -1;
353 } 402 }
354 403
355 state->timeout.read_timeouts++; 404 state->timeout.read_timeouts++;
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index a5439d544f..39aac73e10 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -296,9 +296,6 @@ dtls1_process_buffered_records(SSL *s)
296 item = pqueue_peek(s->d1->unprocessed_rcds.q); 296 item = pqueue_peek(s->d1->unprocessed_rcds.q);
297 if (item) 297 if (item)
298 { 298 {
299 DTLS1_RECORD_DATA *rdata;
300 rdata = (DTLS1_RECORD_DATA *)item->data;
301
302 /* Check if epoch is current. */ 299 /* Check if epoch is current. */
303 if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch) 300 if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
304 return(1); /* Nothing to do. */ 301 return(1); /* Nothing to do. */
@@ -412,11 +409,12 @@ dtls1_process_record(SSL *s)
412 enc_err = s->method->ssl3_enc->enc(s,0); 409 enc_err = s->method->ssl3_enc->enc(s,0);
413 if (enc_err <= 0) 410 if (enc_err <= 0)
414 { 411 {
415 if (enc_err == 0) 412 /* decryption failed, silently discard message */
416 /* SSLerr() and ssl3_send_alert() have been called */ 413 if (enc_err < 0)
417 goto err; 414 {
418 415 rr->length = 0;
419 /* otherwise enc_err == -1 */ 416 s->packet_length = 0;
417 }
420 goto err; 418 goto err;
421 } 419 }
422 420
@@ -528,14 +526,12 @@ int dtls1_get_record(SSL *s)
528 int ssl_major,ssl_minor; 526 int ssl_major,ssl_minor;
529 int i,n; 527 int i,n;
530 SSL3_RECORD *rr; 528 SSL3_RECORD *rr;
531 SSL_SESSION *sess;
532 unsigned char *p = NULL; 529 unsigned char *p = NULL;
533 unsigned short version; 530 unsigned short version;
534 DTLS1_BITMAP *bitmap; 531 DTLS1_BITMAP *bitmap;
535 unsigned int is_next_epoch; 532 unsigned int is_next_epoch;
536 533
537 rr= &(s->s3->rrec); 534 rr= &(s->s3->rrec);
538 sess=s->session;
539 535
540 /* The epoch may have changed. If so, process all the 536 /* The epoch may have changed. If so, process all the
541 * pending records. This is a non-blocking operation. */ 537 * pending records. This is a non-blocking operation. */
@@ -662,10 +658,12 @@ again:
662 658
663 /* If this record is from the next epoch (either HM or ALERT), 659 /* If this record is from the next epoch (either HM or ALERT),
664 * and a handshake is currently in progress, buffer it since it 660 * and a handshake is currently in progress, buffer it since it
665 * cannot be processed at this time. */ 661 * cannot be processed at this time. However, do not buffer
662 * anything while listening.
663 */
666 if (is_next_epoch) 664 if (is_next_epoch)
667 { 665 {
668 if (SSL_in_init(s) || s->in_handshake) 666 if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen)
669 { 667 {
670 dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num); 668 dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);
671 } 669 }
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index 301ceda7a5..a6a4c87ea6 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -150,6 +150,7 @@ int dtls1_accept(SSL *s)
150 unsigned long alg_k; 150 unsigned long alg_k;
151 int ret= -1; 151 int ret= -1;
152 int new_state,state,skip=0; 152 int new_state,state,skip=0;
153 int listen;
153 154
154 RAND_add(&Time,sizeof(Time),0); 155 RAND_add(&Time,sizeof(Time),0);
155 ERR_clear_error(); 156 ERR_clear_error();
@@ -159,11 +160,15 @@ int dtls1_accept(SSL *s)
159 cb=s->info_callback; 160 cb=s->info_callback;
160 else if (s->ctx->info_callback != NULL) 161 else if (s->ctx->info_callback != NULL)
161 cb=s->ctx->info_callback; 162 cb=s->ctx->info_callback;
163
164 listen = s->d1->listen;
162 165
163 /* init things to blank */ 166 /* init things to blank */
164 s->in_handshake++; 167 s->in_handshake++;
165 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 168 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
166 169
170 s->d1->listen = listen;
171
167 if (s->cert == NULL) 172 if (s->cert == NULL)
168 { 173 {
169 SSLerr(SSL_F_DTLS1_ACCEPT,SSL_R_NO_CERTIFICATE_SET); 174 SSLerr(SSL_F_DTLS1_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
@@ -273,11 +278,23 @@ int dtls1_accept(SSL *s)
273 278
274 s->init_num=0; 279 s->init_num=0;
275 280
281 /* Reflect ClientHello sequence to remain stateless while listening */
282 if (listen)
283 {
284 memcpy(s->s3->write_sequence, s->s3->read_sequence, sizeof(s->s3->write_sequence));
285 }
286
276 /* If we're just listening, stop here */ 287 /* If we're just listening, stop here */
277 if (s->d1->listen && s->state == SSL3_ST_SW_SRVR_HELLO_A) 288 if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A)
278 { 289 {
279 ret = 2; 290 ret = 2;
280 s->d1->listen = 0; 291 s->d1->listen = 0;
292 /* Set expected sequence numbers
293 * to continue the handshake.
294 */
295 s->d1->handshake_read_seq = 2;
296 s->d1->handshake_write_seq = 1;
297 s->d1->next_handshake_write_seq = 1;
281 goto end; 298 goto end;
282 } 299 }
283 300
@@ -286,7 +303,6 @@ int dtls1_accept(SSL *s)
286 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: 303 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
287 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: 304 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
288 305
289 dtls1_start_timer(s);
290 ret = dtls1_send_hello_verify_request(s); 306 ret = dtls1_send_hello_verify_request(s);
291 if ( ret <= 0) goto end; 307 if ( ret <= 0) goto end;
292 s->state=SSL3_ST_SW_FLUSH; 308 s->state=SSL3_ST_SW_FLUSH;
@@ -736,9 +752,6 @@ int dtls1_send_hello_verify_request(SSL *s)
736 /* number of bytes to write */ 752 /* number of bytes to write */
737 s->init_num=p-buf; 753 s->init_num=p-buf;
738 s->init_off=0; 754 s->init_off=0;
739
740 /* buffer the message to handle re-xmits */
741 dtls1_buffer_message(s, 0);
742 } 755 }
743 756
744 /* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */ 757 /* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
@@ -1017,12 +1030,11 @@ int dtls1_send_server_key_exchange(SSL *s)
1017 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB); 1030 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
1018 goto err; 1031 goto err;
1019 } 1032 }
1020 if (!EC_KEY_up_ref(ecdhp)) 1033 if ((ecdh = EC_KEY_dup(ecdhp)) == NULL)
1021 { 1034 {
1022 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB); 1035 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
1023 goto err; 1036 goto err;
1024 } 1037 }
1025 ecdh = ecdhp;
1026 1038
1027 s->s3->tmp.ecdh=ecdh; 1039 s->s3->tmp.ecdh=ecdh;
1028 if ((EC_KEY_get0_public_key(ecdh) == NULL) || 1040 if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
diff --git a/src/lib/libssl/s23_lib.c b/src/lib/libssl/s23_lib.c
index e3fce53430..3bf728318a 100644
--- a/src/lib/libssl/s23_lib.c
+++ b/src/lib/libssl/s23_lib.c
@@ -92,15 +92,8 @@ const SSL_CIPHER *ssl23_get_cipher(unsigned int u)
92 * available */ 92 * available */
93const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p) 93const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
94 { 94 {
95 SSL_CIPHER c;
96 const SSL_CIPHER *cp; 95 const SSL_CIPHER *cp;
97 unsigned long id;
98 int n;
99 96
100 n=ssl3_num_ciphers();
101 id=0x03000000|((unsigned long)p[0]<<16L)|
102 ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
103 c.id=id;
104 cp=ssl3_get_cipher_by_char(p); 97 cp=ssl3_get_cipher_by_char(p);
105#ifndef OPENSSL_NO_SSL2 98#ifndef OPENSSL_NO_SSL2
106 if (cp == NULL) 99 if (cp == NULL)
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index 41769febab..50bd415b56 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -866,8 +866,11 @@ int ssl3_get_server_hello(SSL *s)
866 s->session->cipher_id = s->session->cipher->id; 866 s->session->cipher_id = s->session->cipher->id;
867 if (s->hit && (s->session->cipher_id != c->id)) 867 if (s->hit && (s->session->cipher_id != c->id))
868 { 868 {
869/* Workaround is now obsolete */
870#if 0
869 if (!(s->options & 871 if (!(s->options &
870 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) 872 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
873#endif
871 { 874 {
872 al=SSL_AD_ILLEGAL_PARAMETER; 875 al=SSL_AD_ILLEGAL_PARAMETER;
873 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); 876 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
@@ -1508,6 +1511,7 @@ int ssl3_get_key_exchange(SSL *s)
1508 s->session->sess_cert->peer_ecdh_tmp=ecdh; 1511 s->session->sess_cert->peer_ecdh_tmp=ecdh;
1509 ecdh=NULL; 1512 ecdh=NULL;
1510 BN_CTX_free(bn_ctx); 1513 BN_CTX_free(bn_ctx);
1514 bn_ctx = NULL;
1511 EC_POINT_free(srvr_ecpoint); 1515 EC_POINT_free(srvr_ecpoint);
1512 srvr_ecpoint = NULL; 1516 srvr_ecpoint = NULL;
1513 } 1517 }
@@ -2239,6 +2243,7 @@ int ssl3_send_client_key_exchange(SSL *s)
2239 if (!DH_generate_key(dh_clnt)) 2243 if (!DH_generate_key(dh_clnt))
2240 { 2244 {
2241 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); 2245 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
2246 DH_free(dh_clnt);
2242 goto err; 2247 goto err;
2243 } 2248 }
2244 2249
@@ -2250,6 +2255,7 @@ int ssl3_send_client_key_exchange(SSL *s)
2250 if (n <= 0) 2255 if (n <= 0)
2251 { 2256 {
2252 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); 2257 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
2258 DH_free(dh_clnt);
2253 goto err; 2259 goto err;
2254 } 2260 }
2255 2261
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index d6b047c995..62c791cb72 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -2198,11 +2198,17 @@ void ssl3_clear(SSL *s)
2198 } 2198 }
2199#ifndef OPENSSL_NO_DH 2199#ifndef OPENSSL_NO_DH
2200 if (s->s3->tmp.dh != NULL) 2200 if (s->s3->tmp.dh != NULL)
2201 {
2201 DH_free(s->s3->tmp.dh); 2202 DH_free(s->s3->tmp.dh);
2203 s->s3->tmp.dh = NULL;
2204 }
2202#endif 2205#endif
2203#ifndef OPENSSL_NO_ECDH 2206#ifndef OPENSSL_NO_ECDH
2204 if (s->s3->tmp.ecdh != NULL) 2207 if (s->s3->tmp.ecdh != NULL)
2208 {
2205 EC_KEY_free(s->s3->tmp.ecdh); 2209 EC_KEY_free(s->s3->tmp.ecdh);
2210 s->s3->tmp.ecdh = NULL;
2211 }
2206#endif 2212#endif
2207 2213
2208 rp = s->s3->rbuf.buf; 2214 rp = s->s3->rbuf.buf;
diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c
index e3f6050a26..f9b3629cf7 100644
--- a/src/lib/libssl/s3_pkt.c
+++ b/src/lib/libssl/s3_pkt.c
@@ -246,7 +246,8 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
246 if (i <= 0) 246 if (i <= 0)
247 { 247 {
248 rb->left = left; 248 rb->left = left;
249 if (s->mode & SSL_MODE_RELEASE_BUFFERS) 249 if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
250 SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
250 if (len+left == 0) 251 if (len+left == 0)
251 ssl3_release_read_buffer(s); 252 ssl3_release_read_buffer(s);
252 return(i); 253 return(i);
@@ -846,7 +847,8 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
846 { 847 {
847 wb->left=0; 848 wb->left=0;
848 wb->offset+=i; 849 wb->offset+=i;
849 if (s->mode & SSL_MODE_RELEASE_BUFFERS) 850 if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
851 SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
850 ssl3_release_write_buffer(s); 852 ssl3_release_write_buffer(s);
851 s->rwstate=SSL_NOTHING; 853 s->rwstate=SSL_NOTHING;
852 return(s->s3->wpend_ret); 854 return(s->s3->wpend_ret);
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index 92f73b6681..c3b5ff33ff 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -768,9 +768,7 @@ int ssl3_check_client_hello(SSL *s)
768 if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO) 768 if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
769 { 769 {
770 /* Throw away what we have done so far in the current handshake, 770 /* Throw away what we have done so far in the current handshake,
771 * which will now be aborted. (A full SSL_clear would be too much.) 771 * which will now be aborted. (A full SSL_clear would be too much.) */
772 * I hope that tmp.dh is the only thing that may need to be cleared
773 * when a handshake is not completed ... */
774#ifndef OPENSSL_NO_DH 772#ifndef OPENSSL_NO_DH
775 if (s->s3->tmp.dh != NULL) 773 if (s->s3->tmp.dh != NULL)
776 { 774 {
@@ -778,6 +776,13 @@ int ssl3_check_client_hello(SSL *s)
778 s->s3->tmp.dh = NULL; 776 s->s3->tmp.dh = NULL;
779 } 777 }
780#endif 778#endif
779#ifndef OPENSSL_NO_ECDH
780 if (s->s3->tmp.ecdh != NULL)
781 {
782 EC_KEY_free(s->s3->tmp.ecdh);
783 s->s3->tmp.ecdh = NULL;
784 }
785#endif
781 return 2; 786 return 2;
782 } 787 }
783 return 1; 788 return 1;
@@ -985,6 +990,10 @@ int ssl3_get_client_hello(SSL *s)
985 break; 990 break;
986 } 991 }
987 } 992 }
993/* Disabled because it can be used in a ciphersuite downgrade
994 * attack: CVE-2010-4180.
995 */
996#if 0
988 if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1)) 997 if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
989 { 998 {
990 /* Special case as client bug workaround: the previously used cipher may 999 /* Special case as client bug workaround: the previously used cipher may
@@ -999,6 +1008,7 @@ int ssl3_get_client_hello(SSL *s)
999 j = 1; 1008 j = 1;
1000 } 1009 }
1001 } 1010 }
1011#endif
1002 if (j == 0) 1012 if (j == 0)
1003 { 1013 {
1004 /* we need to have the cipher in the cipher 1014 /* we need to have the cipher in the cipher
@@ -1486,7 +1496,6 @@ int ssl3_send_server_key_exchange(SSL *s)
1486 1496
1487 if (s->s3->tmp.dh != NULL) 1497 if (s->s3->tmp.dh != NULL)
1488 { 1498 {
1489 DH_free(dh);
1490 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); 1499 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
1491 goto err; 1500 goto err;
1492 } 1501 }
@@ -1547,7 +1556,6 @@ int ssl3_send_server_key_exchange(SSL *s)
1547 1556
1548 if (s->s3->tmp.ecdh != NULL) 1557 if (s->s3->tmp.ecdh != NULL)
1549 { 1558 {
1550 EC_KEY_free(s->s3->tmp.ecdh);
1551 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); 1559 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
1552 goto err; 1560 goto err;
1553 } 1561 }
@@ -1558,12 +1566,11 @@ int ssl3_send_server_key_exchange(SSL *s)
1558 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB); 1566 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
1559 goto err; 1567 goto err;
1560 } 1568 }
1561 if (!EC_KEY_up_ref(ecdhp)) 1569 if ((ecdh = EC_KEY_dup(ecdhp)) == NULL)
1562 { 1570 {
1563 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB); 1571 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
1564 goto err; 1572 goto err;
1565 } 1573 }
1566 ecdh = ecdhp;
1567 1574
1568 s->s3->tmp.ecdh=ecdh; 1575 s->s3->tmp.ecdh=ecdh;
1569 if ((EC_KEY_get0_public_key(ecdh) == NULL) || 1576 if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
@@ -1726,6 +1733,7 @@ int ssl3_send_server_key_exchange(SSL *s)
1726 (unsigned char *)encodedPoint, 1733 (unsigned char *)encodedPoint,
1727 encodedlen); 1734 encodedlen);
1728 OPENSSL_free(encodedPoint); 1735 OPENSSL_free(encodedPoint);
1736 encodedPoint = NULL;
1729 p += encodedlen; 1737 p += encodedlen;
1730 } 1738 }
1731#endif 1739#endif
@@ -2435,6 +2443,12 @@ int ssl3_get_client_key_exchange(SSL *s)
2435 /* Get encoded point length */ 2443 /* Get encoded point length */
2436 i = *p; 2444 i = *p;
2437 p += 1; 2445 p += 1;
2446 if (n != 1 + i)
2447 {
2448 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
2449 ERR_R_EC_LIB);
2450 goto err;
2451 }
2438 if (EC_POINT_oct2point(group, 2452 if (EC_POINT_oct2point(group,
2439 clnt_ecpoint, p, i, bn_ctx) == 0) 2453 clnt_ecpoint, p, i, bn_ctx) == 0)
2440 { 2454 {
@@ -2579,12 +2593,19 @@ int ssl3_get_client_key_exchange(SSL *s)
2579 { 2593 {
2580 int ret = 0; 2594 int ret = 0;
2581 EVP_PKEY_CTX *pkey_ctx; 2595 EVP_PKEY_CTX *pkey_ctx;
2582 EVP_PKEY *client_pub_pkey = NULL; 2596 EVP_PKEY *client_pub_pkey = NULL, *pk = NULL;
2583 unsigned char premaster_secret[32], *start; 2597 unsigned char premaster_secret[32], *start;
2584 size_t outlen=32, inlen; 2598 size_t outlen=32, inlen;
2599 unsigned long alg_a;
2585 2600
2586 /* Get our certificate private key*/ 2601 /* Get our certificate private key*/
2587 pkey_ctx = EVP_PKEY_CTX_new(s->cert->key->privatekey,NULL); 2602 alg_a = s->s3->tmp.new_cipher->algorithm_auth;
2603 if (alg_a & SSL_aGOST94)
2604 pk = s->cert->pkeys[SSL_PKEY_GOST94].privatekey;
2605 else if (alg_a & SSL_aGOST01)
2606 pk = s->cert->pkeys[SSL_PKEY_GOST01].privatekey;
2607
2608 pkey_ctx = EVP_PKEY_CTX_new(pk,NULL);
2588 EVP_PKEY_decrypt_init(pkey_ctx); 2609 EVP_PKEY_decrypt_init(pkey_ctx);
2589 /* If client certificate is present and is of the same type, maybe 2610 /* If client certificate is present and is of the same type, maybe
2590 * use it for key exchange. Don't mind errors from 2611 * use it for key exchange. Don't mind errors from
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
index 28709978b5..d7f4c6087e 100644
--- a/src/lib/libssl/ssl_asn1.c
+++ b/src/lib/libssl/ssl_asn1.c
@@ -357,7 +357,7 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
357SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, 357SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
358 long length) 358 long length)
359 { 359 {
360 int version,ssl_version=0,i; 360 int ssl_version=0,i;
361 long id; 361 long id;
362 ASN1_INTEGER ai,*aip; 362 ASN1_INTEGER ai,*aip;
363 ASN1_OCTET_STRING os,*osp; 363 ASN1_OCTET_STRING os,*osp;
@@ -371,7 +371,6 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
371 371
372 ai.data=NULL; ai.length=0; 372 ai.data=NULL; ai.length=0;
373 M_ASN1_D2I_get_x(ASN1_INTEGER,aip,d2i_ASN1_INTEGER); 373 M_ASN1_D2I_get_x(ASN1_INTEGER,aip,d2i_ASN1_INTEGER);
374 version=(int)ASN1_INTEGER_get(aip);
375 if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; } 374 if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
376 375
377 /* we don't care about the version right now :-) */ 376 /* we don't care about the version right now :-) */
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
index bee3507ea1..a8ce186b78 100644
--- a/src/lib/libssl/ssl_ciph.c
+++ b/src/lib/libssl/ssl_ciph.c
@@ -1027,7 +1027,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
1027 const SSL_CIPHER **ca_list) 1027 const SSL_CIPHER **ca_list)
1028 { 1028 {
1029 unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength; 1029 unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength;
1030 const char *l, *start, *buf; 1030 const char *l, *buf;
1031 int j, multi, found, rule, retval, ok, buflen; 1031 int j, multi, found, rule, retval, ok, buflen;
1032 unsigned long cipher_id = 0; 1032 unsigned long cipher_id = 0;
1033 char ch; 1033 char ch;
@@ -1064,7 +1064,6 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
1064 alg_ssl = 0; 1064 alg_ssl = 0;
1065 algo_strength = 0; 1065 algo_strength = 0;
1066 1066
1067 start=l;
1068 for (;;) 1067 for (;;)
1069 { 1068 {
1070 ch = *l; 1069 ch = *l;
@@ -1456,7 +1455,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
1456 int is_export,pkl,kl; 1455 int is_export,pkl,kl;
1457 const char *ver,*exp_str; 1456 const char *ver,*exp_str;
1458 const char *kx,*au,*enc,*mac; 1457 const char *kx,*au,*enc,*mac;
1459 unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2,alg_s; 1458 unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2;
1460#ifdef KSSL_DEBUG 1459#ifdef KSSL_DEBUG
1461 static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n"; 1460 static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
1462#else 1461#else
@@ -1469,7 +1468,6 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
1469 alg_mac = cipher->algorithm_mac; 1468 alg_mac = cipher->algorithm_mac;
1470 alg_ssl = cipher->algorithm_ssl; 1469 alg_ssl = cipher->algorithm_ssl;
1471 1470
1472 alg_s=cipher->algo_strength;
1473 alg2=cipher->algorithm2; 1471 alg2=cipher->algorithm2;
1474 1472
1475 is_export=SSL_C_IS_EXPORT(cipher); 1473 is_export=SSL_C_IS_EXPORT(cipher);
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 3157f20eac..46732791fd 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1833,7 +1833,7 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1833#endif 1833#endif
1834 X509 *x = NULL; 1834 X509 *x = NULL;
1835 EVP_PKEY *ecc_pkey = NULL; 1835 EVP_PKEY *ecc_pkey = NULL;
1836 int signature_nid = 0; 1836 int signature_nid = 0, pk_nid = 0, md_nid = 0;
1837 1837
1838 if (c == NULL) return; 1838 if (c == NULL) return;
1839 1839
@@ -1963,18 +1963,15 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1963 EVP_PKEY_bits(ecc_pkey) : 0; 1963 EVP_PKEY_bits(ecc_pkey) : 0;
1964 EVP_PKEY_free(ecc_pkey); 1964 EVP_PKEY_free(ecc_pkey);
1965 if ((x->sig_alg) && (x->sig_alg->algorithm)) 1965 if ((x->sig_alg) && (x->sig_alg->algorithm))
1966 {
1966 signature_nid = OBJ_obj2nid(x->sig_alg->algorithm); 1967 signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
1968 OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
1969 }
1967#ifndef OPENSSL_NO_ECDH 1970#ifndef OPENSSL_NO_ECDH
1968 if (ecdh_ok) 1971 if (ecdh_ok)
1969 { 1972 {
1970 const char *sig = OBJ_nid2ln(signature_nid); 1973
1971 if (sig == NULL) 1974 if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa)
1972 {
1973 ERR_clear_error();
1974 sig = "unknown";
1975 }
1976
1977 if (strstr(sig, "WithRSA"))
1978 { 1975 {
1979 mask_k|=SSL_kECDHr; 1976 mask_k|=SSL_kECDHr;
1980 mask_a|=SSL_aECDH; 1977 mask_a|=SSL_aECDH;
@@ -1985,7 +1982,7 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1985 } 1982 }
1986 } 1983 }
1987 1984
1988 if (signature_nid == NID_ecdsa_with_SHA1) 1985 if (pk_nid == NID_X9_62_id_ecPublicKey)
1989 { 1986 {
1990 mask_k|=SSL_kECDHe; 1987 mask_k|=SSL_kECDHe;
1991 mask_a|=SSL_aECDH; 1988 mask_a|=SSL_aECDH;
@@ -2039,7 +2036,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs)
2039 unsigned long alg_k, alg_a; 2036 unsigned long alg_k, alg_a;
2040 EVP_PKEY *pkey = NULL; 2037 EVP_PKEY *pkey = NULL;
2041 int keysize = 0; 2038 int keysize = 0;
2042 int signature_nid = 0; 2039 int signature_nid = 0, md_nid = 0, pk_nid = 0;
2043 2040
2044 alg_k = cs->algorithm_mkey; 2041 alg_k = cs->algorithm_mkey;
2045 alg_a = cs->algorithm_auth; 2042 alg_a = cs->algorithm_auth;
@@ -2057,7 +2054,10 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs)
2057 /* This call populates the ex_flags field correctly */ 2054 /* This call populates the ex_flags field correctly */
2058 X509_check_purpose(x, -1, 0); 2055 X509_check_purpose(x, -1, 0);
2059 if ((x->sig_alg) && (x->sig_alg->algorithm)) 2056 if ((x->sig_alg) && (x->sig_alg->algorithm))
2057 {
2060 signature_nid = OBJ_obj2nid(x->sig_alg->algorithm); 2058 signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
2059 OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
2060 }
2061 if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) 2061 if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr)
2062 { 2062 {
2063 /* key usage, if present, must allow key agreement */ 2063 /* key usage, if present, must allow key agreement */
@@ -2069,7 +2069,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs)
2069 if (alg_k & SSL_kECDHe) 2069 if (alg_k & SSL_kECDHe)
2070 { 2070 {
2071 /* signature alg must be ECDSA */ 2071 /* signature alg must be ECDSA */
2072 if (signature_nid != NID_ecdsa_with_SHA1) 2072 if (pk_nid != NID_X9_62_id_ecPublicKey)
2073 { 2073 {
2074 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE); 2074 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
2075 return 0; 2075 return 0;
@@ -2079,13 +2079,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs)
2079 { 2079 {
2080 /* signature alg must be RSA */ 2080 /* signature alg must be RSA */
2081 2081
2082 const char *sig = OBJ_nid2ln(signature_nid); 2082 if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa)
2083 if (sig == NULL)
2084 {
2085 ERR_clear_error();
2086 sig = "unknown";
2087 }
2088 if (strstr(sig, "WithRSA") == NULL)
2089 { 2083 {
2090 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE); 2084 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
2091 return 0; 2085 return 0;
@@ -2110,23 +2104,12 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs)
2110/* THIS NEEDS CLEANING UP */ 2104/* THIS NEEDS CLEANING UP */
2111X509 *ssl_get_server_send_cert(SSL *s) 2105X509 *ssl_get_server_send_cert(SSL *s)
2112 { 2106 {
2113 unsigned long alg_k,alg_a,mask_k,mask_a; 2107 unsigned long alg_k,alg_a;
2114 CERT *c; 2108 CERT *c;
2115 int i,is_export; 2109 int i;
2116 2110
2117 c=s->cert; 2111 c=s->cert;
2118 ssl_set_cert_masks(c, s->s3->tmp.new_cipher); 2112 ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
2119 is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
2120 if (is_export)
2121 {
2122 mask_k = c->export_mask_k;
2123 mask_a = c->export_mask_a;
2124 }
2125 else
2126 {
2127 mask_k = c->mask_k;
2128 mask_a = c->mask_a;
2129 }
2130 2113
2131 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 2114 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
2132 alg_a = s->s3->tmp.new_cipher->algorithm_auth; 2115 alg_a = s->s3->tmp.new_cipher->algorithm_auth;
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 9719541f2b..793ea43e90 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -157,7 +157,7 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
157 const void *seed5, int seed5_len, 157 const void *seed5, int seed5_len,
158 unsigned char *out, int olen) 158 unsigned char *out, int olen)
159 { 159 {
160 int chunk,n; 160 int chunk;
161 unsigned int j; 161 unsigned int j;
162 HMAC_CTX ctx; 162 HMAC_CTX ctx;
163 HMAC_CTX ctx_tmp; 163 HMAC_CTX ctx_tmp;
@@ -187,7 +187,6 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
187 if (!HMAC_Final(&ctx,A1,&A1_len)) 187 if (!HMAC_Final(&ctx,A1,&A1_len))
188 goto err; 188 goto err;
189 189
190 n=0;
191 for (;;) 190 for (;;)
192 { 191 {
193 if (!HMAC_Init_ex(&ctx,NULL,0,NULL,NULL)) /* re-init */ 192 if (!HMAC_Init_ex(&ctx,NULL,0,NULL,NULL)) /* re-init */
@@ -309,13 +308,13 @@ static int tls1_generate_key_block(SSL *s, unsigned char *km,
309int tls1_change_cipher_state(SSL *s, int which) 308int tls1_change_cipher_state(SSL *s, int which)
310 { 309 {
311 static const unsigned char empty[]=""; 310 static const unsigned char empty[]="";
312 unsigned char *p,*key_block,*mac_secret; 311 unsigned char *p,*mac_secret;
313 unsigned char *exp_label; 312 unsigned char *exp_label;
314 unsigned char tmp1[EVP_MAX_KEY_LENGTH]; 313 unsigned char tmp1[EVP_MAX_KEY_LENGTH];
315 unsigned char tmp2[EVP_MAX_KEY_LENGTH]; 314 unsigned char tmp2[EVP_MAX_KEY_LENGTH];
316 unsigned char iv1[EVP_MAX_IV_LENGTH*2]; 315 unsigned char iv1[EVP_MAX_IV_LENGTH*2];
317 unsigned char iv2[EVP_MAX_IV_LENGTH*2]; 316 unsigned char iv2[EVP_MAX_IV_LENGTH*2];
318 unsigned char *ms,*key,*iv,*er1,*er2; 317 unsigned char *ms,*key,*iv;
319 int client_write; 318 int client_write;
320 EVP_CIPHER_CTX *dd; 319 EVP_CIPHER_CTX *dd;
321 const EVP_CIPHER *c; 320 const EVP_CIPHER *c;
@@ -337,7 +336,6 @@ int tls1_change_cipher_state(SSL *s, int which)
337#ifndef OPENSSL_NO_COMP 336#ifndef OPENSSL_NO_COMP
338 comp=s->s3->tmp.new_compression; 337 comp=s->s3->tmp.new_compression;
339#endif 338#endif
340 key_block=s->s3->tmp.key_block;
341 339
342#ifdef KSSL_DEBUG 340#ifdef KSSL_DEBUG
343 printf("tls1_change_cipher_state(which= %d) w/\n", which); 341 printf("tls1_change_cipher_state(which= %d) w/\n", which);
@@ -448,8 +446,6 @@ int tls1_change_cipher_state(SSL *s, int which)
448 cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl; 446 cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
449 /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */ 447 /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
450 k=EVP_CIPHER_iv_length(c); 448 k=EVP_CIPHER_iv_length(c);
451 er1= &(s->s3->client_random[0]);
452 er2= &(s->s3->server_random[0]);
453 if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) || 449 if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
454 (which == SSL3_CHANGE_CIPHER_SERVER_READ)) 450 (which == SSL3_CHANGE_CIPHER_SERVER_READ))
455 { 451 {
@@ -880,7 +876,7 @@ int tls1_final_finish_mac(SSL *s,
880int tls1_mac(SSL *ssl, unsigned char *md, int send) 876int tls1_mac(SSL *ssl, unsigned char *md, int send)
881 { 877 {
882 SSL3_RECORD *rec; 878 SSL3_RECORD *rec;
883 unsigned char *mac_sec,*seq; 879 unsigned char *seq;
884 EVP_MD_CTX *hash; 880 EVP_MD_CTX *hash;
885 size_t md_size; 881 size_t md_size;
886 int i; 882 int i;
@@ -892,14 +888,12 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
892 if (send) 888 if (send)
893 { 889 {
894 rec= &(ssl->s3->wrec); 890 rec= &(ssl->s3->wrec);
895 mac_sec= &(ssl->s3->write_mac_secret[0]);
896 seq= &(ssl->s3->write_sequence[0]); 891 seq= &(ssl->s3->write_sequence[0]);
897 hash=ssl->write_hash; 892 hash=ssl->write_hash;
898 } 893 }
899 else 894 else
900 { 895 {
901 rec= &(ssl->s3->rrec); 896 rec= &(ssl->s3->rrec);
902 mac_sec= &(ssl->s3->read_mac_secret[0]);
903 seq= &(ssl->s3->read_sequence[0]); 897 seq= &(ssl->s3->read_sequence[0]);
904 hash=ssl->read_hash; 898 hash=ssl->read_hash;
905 } 899 }
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index e8bc34c111..85371c87b8 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -714,14 +714,23 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
714 switch (servname_type) 714 switch (servname_type)
715 { 715 {
716 case TLSEXT_NAMETYPE_host_name: 716 case TLSEXT_NAMETYPE_host_name:
717 if (s->session->tlsext_hostname == NULL) 717 if (!s->hit)
718 { 718 {
719 if (len > TLSEXT_MAXLEN_host_name || 719 if(s->session->tlsext_hostname)
720 ((s->session->tlsext_hostname = OPENSSL_malloc(len+1)) == NULL)) 720 {
721 *al = SSL_AD_DECODE_ERROR;
722 return 0;
723 }
724 if (len > TLSEXT_MAXLEN_host_name)
721 { 725 {
722 *al = TLS1_AD_UNRECOGNIZED_NAME; 726 *al = TLS1_AD_UNRECOGNIZED_NAME;
723 return 0; 727 return 0;
724 } 728 }
729 if ((s->session->tlsext_hostname = OPENSSL_malloc(len+1)) == NULL)
730 {
731 *al = TLS1_AD_INTERNAL_ERROR;
732 return 0;
733 }
725 memcpy(s->session->tlsext_hostname, sdata, len); 734 memcpy(s->session->tlsext_hostname, sdata, len);
726 s->session->tlsext_hostname[len]='\0'; 735 s->session->tlsext_hostname[len]='\0';
727 if (strlen(s->session->tlsext_hostname) != len) { 736 if (strlen(s->session->tlsext_hostname) != len) {
@@ -734,7 +743,8 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
734 743
735 } 744 }
736 else 745 else
737 s->servername_done = strlen(s->session->tlsext_hostname) == len 746 s->servername_done = s->session->tlsext_hostname
747 && strlen(s->session->tlsext_hostname) == len
738 && strncmp(s->session->tlsext_hostname, (char *)sdata, len) == 0; 748 && strncmp(s->session->tlsext_hostname, (char *)sdata, len) == 0;
739 749
740 break; 750 break;
@@ -765,15 +775,22 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
765 *al = TLS1_AD_DECODE_ERROR; 775 *al = TLS1_AD_DECODE_ERROR;
766 return 0; 776 return 0;
767 } 777 }
768 s->session->tlsext_ecpointformatlist_length = 0; 778 if (!s->hit)
769 if (s->session->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->session->tlsext_ecpointformatlist);
770 if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)
771 { 779 {
772 *al = TLS1_AD_INTERNAL_ERROR; 780 if(s->session->tlsext_ecpointformatlist)
773 return 0; 781 {
782 OPENSSL_free(s->session->tlsext_ecpointformatlist);
783 s->session->tlsext_ecpointformatlist = NULL;
784 }
785 s->session->tlsext_ecpointformatlist_length = 0;
786 if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)
787 {
788 *al = TLS1_AD_INTERNAL_ERROR;
789 return 0;
790 }
791 s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length;
792 memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length);
774 } 793 }
775 s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length;
776 memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length);
777#if 0 794#if 0
778 fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ecpointformatlist (length=%i) ", s->session->tlsext_ecpointformatlist_length); 795 fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ecpointformatlist (length=%i) ", s->session->tlsext_ecpointformatlist_length);
779 sdata = s->session->tlsext_ecpointformatlist; 796 sdata = s->session->tlsext_ecpointformatlist;
@@ -794,15 +811,22 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
794 *al = TLS1_AD_DECODE_ERROR; 811 *al = TLS1_AD_DECODE_ERROR;
795 return 0; 812 return 0;
796 } 813 }
797 s->session->tlsext_ellipticcurvelist_length = 0; 814 if (!s->hit)
798 if (s->session->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->session->tlsext_ellipticcurvelist);
799 if ((s->session->tlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL)
800 { 815 {
801 *al = TLS1_AD_INTERNAL_ERROR; 816 if(s->session->tlsext_ellipticcurvelist)
802 return 0; 817 {
818 *al = TLS1_AD_DECODE_ERROR;
819 return 0;
820 }
821 s->session->tlsext_ellipticcurvelist_length = 0;
822 if ((s->session->tlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL)
823 {
824 *al = TLS1_AD_INTERNAL_ERROR;
825 return 0;
826 }
827 s->session->tlsext_ellipticcurvelist_length = ellipticcurvelist_length;
828 memcpy(s->session->tlsext_ellipticcurvelist, sdata, ellipticcurvelist_length);
803 } 829 }
804 s->session->tlsext_ellipticcurvelist_length = ellipticcurvelist_length;
805 memcpy(s->session->tlsext_ellipticcurvelist, sdata, ellipticcurvelist_length);
806#if 0 830#if 0
807 fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ellipticcurvelist (length=%i) ", s->session->tlsext_ellipticcurvelist_length); 831 fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ellipticcurvelist (length=%i) ", s->session->tlsext_ellipticcurvelist_length);
808 sdata = s->session->tlsext_ellipticcurvelist; 832 sdata = s->session->tlsext_ellipticcurvelist;
@@ -893,6 +917,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
893 } 917 }
894 n2s(data, idsize); 918 n2s(data, idsize);
895 dsize -= 2 + idsize; 919 dsize -= 2 + idsize;
920 size -= 2 + idsize;
896 if (dsize < 0) 921 if (dsize < 0)
897 { 922 {
898 *al = SSL_AD_DECODE_ERROR; 923 *al = SSL_AD_DECODE_ERROR;
@@ -931,9 +956,14 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
931 } 956 }
932 957
933 /* Read in request_extensions */ 958 /* Read in request_extensions */
959 if (size < 2)
960 {
961 *al = SSL_AD_DECODE_ERROR;
962 return 0;
963 }
934 n2s(data,dsize); 964 n2s(data,dsize);
935 size -= 2; 965 size -= 2;
936 if (dsize > size) 966 if (dsize != size)
937 { 967 {
938 *al = SSL_AD_DECODE_ERROR; 968 *al = SSL_AD_DECODE_ERROR;
939 return 0; 969 return 0;
@@ -983,9 +1013,9 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
983 1013
984int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al) 1014int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al)
985 { 1015 {
1016 unsigned short length;
986 unsigned short type; 1017 unsigned short type;
987 unsigned short size; 1018 unsigned short size;
988 unsigned short len;
989 unsigned char *data = *p; 1019 unsigned char *data = *p;
990 int tlsext_servername = 0; 1020 int tlsext_servername = 0;
991 int renegotiate_seen = 0; 1021 int renegotiate_seen = 0;
@@ -993,7 +1023,12 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
993 if (data >= (d+n-2)) 1023 if (data >= (d+n-2))
994 goto ri_check; 1024 goto ri_check;
995 1025
996 n2s(data,len); 1026 n2s(data,length);
1027 if (data+length != d+n)
1028 {
1029 *al = SSL_AD_DECODE_ERROR;
1030 return 0;
1031 }
997 1032
998 while(data <= (d+n-4)) 1033 while(data <= (d+n-4))
999 { 1034 {
@@ -1423,23 +1458,20 @@ int ssl_check_serverhello_tlsext(SSL *s)
1423 int al = SSL_AD_UNRECOGNIZED_NAME; 1458 int al = SSL_AD_UNRECOGNIZED_NAME;
1424 1459
1425#ifndef OPENSSL_NO_EC 1460#ifndef OPENSSL_NO_EC
1426 /* If we are client and using an elliptic curve cryptography cipher suite, then server 1461 /* If we are client and using an elliptic curve cryptography cipher
1427 * must return a an EC point formats lists containing uncompressed. 1462 * suite, then if server returns an EC point formats lists extension
1463 * it must contain uncompressed.
1428 */ 1464 */
1429 unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 1465 unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
1430 unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth; 1466 unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
1431 if ((s->tlsext_ecpointformatlist != NULL) && (s->tlsext_ecpointformatlist_length > 0) && 1467 if ((s->tlsext_ecpointformatlist != NULL) && (s->tlsext_ecpointformatlist_length > 0) &&
1468 (s->session->tlsext_ecpointformatlist != NULL) && (s->session->tlsext_ecpointformatlist_length > 0) &&
1432 ((alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe)) || (alg_a & SSL_aECDSA))) 1469 ((alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe)) || (alg_a & SSL_aECDSA)))
1433 { 1470 {
1434 /* we are using an ECC cipher */ 1471 /* we are using an ECC cipher */
1435 size_t i; 1472 size_t i;
1436 unsigned char *list; 1473 unsigned char *list;
1437 int found_uncompressed = 0; 1474 int found_uncompressed = 0;
1438 if ((s->session->tlsext_ecpointformatlist == NULL) || (s->session->tlsext_ecpointformatlist_length == 0))
1439 {
1440 SSLerr(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT,SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST);
1441 return -1;
1442 }
1443 list = s->session->tlsext_ecpointformatlist; 1475 list = s->session->tlsext_ecpointformatlist;
1444 for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++) 1476 for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
1445 { 1477 {
diff --git a/src/lib/libssl/test/cms-test.pl b/src/lib/libssl/test/cms-test.pl
index 9c50dff3e9..c938bcf00d 100644
--- a/src/lib/libssl/test/cms-test.pl
+++ b/src/lib/libssl/test/cms-test.pl
@@ -54,9 +54,13 @@
54# OpenSSL PKCS#7 and CMS implementations. 54# OpenSSL PKCS#7 and CMS implementations.
55 55
56my $ossl_path; 56my $ossl_path;
57my $redir = " 2>cms.err 1>cms.out"; 57my $redir = " 2> cms.err > cms.out";
58# Make VMS work
59if ( $^O eq "VMS" && -f "OSSLX:openssl.exe" ) {
60 $ossl_path = "pipe mcr OSSLX:openssl";
61}
58# Make MSYS work 62# Make MSYS work
59if ( $^O eq "MSWin32" && -f "../apps/openssl.exe" ) { 63elsif ( $^O eq "MSWin32" && -f "../apps/openssl.exe" ) {
60 $ossl_path = "cmd /c ..\\apps\\openssl"; 64 $ossl_path = "cmd /c ..\\apps\\openssl";
61} 65}
62elsif ( -f "../apps/openssl$ENV{EXE_EXT}" ) { 66elsif ( -f "../apps/openssl$ENV{EXE_EXT}" ) {
@@ -84,79 +88,79 @@ my @smime_pkcs7_tests = (
84 88
85 [ 89 [
86 "signed content DER format, RSA key", 90 "signed content DER format, RSA key",
87 "-sign -in smcont.txt -outform DER -nodetach" 91 "-sign -in smcont.txt -outform \"DER\" -nodetach"
88 . " -certfile $smdir/smroot.pem" 92 . " -certfile $smdir/smroot.pem"
89 . " -signer $smdir/smrsa1.pem -out test.cms", 93 . " -signer $smdir/smrsa1.pem -out test.cms",
90 "-verify -in test.cms -inform DER " 94 "-verify -in test.cms -inform \"DER\" "
91 . " -CAfile $smdir/smroot.pem -out smtst.txt" 95 . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
92 ], 96 ],
93 97
94 [ 98 [
95 "signed detached content DER format, RSA key", 99 "signed detached content DER format, RSA key",
96 "-sign -in smcont.txt -outform DER" 100 "-sign -in smcont.txt -outform \"DER\""
97 . " -signer $smdir/smrsa1.pem -out test.cms", 101 . " -signer $smdir/smrsa1.pem -out test.cms",
98 "-verify -in test.cms -inform DER " 102 "-verify -in test.cms -inform \"DER\" "
99 . " -CAfile $smdir/smroot.pem -out smtst.txt -content smcont.txt" 103 . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
100 ], 104 ],
101 105
102 [ 106 [
103 "signed content test streaming BER format, RSA", 107 "signed content test streaming BER format, RSA",
104 "-sign -in smcont.txt -outform DER -nodetach" 108 "-sign -in smcont.txt -outform \"DER\" -nodetach"
105 . " -stream -signer $smdir/smrsa1.pem -out test.cms", 109 . " -stream -signer $smdir/smrsa1.pem -out test.cms",
106 "-verify -in test.cms -inform DER " 110 "-verify -in test.cms -inform \"DER\" "
107 . " -CAfile $smdir/smroot.pem -out smtst.txt" 111 . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
108 ], 112 ],
109 113
110 [ 114 [
111 "signed content DER format, DSA key", 115 "signed content DER format, DSA key",
112 "-sign -in smcont.txt -outform DER -nodetach" 116 "-sign -in smcont.txt -outform \"DER\" -nodetach"
113 . " -signer $smdir/smdsa1.pem -out test.cms", 117 . " -signer $smdir/smdsa1.pem -out test.cms",
114 "-verify -in test.cms -inform DER " 118 "-verify -in test.cms -inform \"DER\" "
115 . " -CAfile $smdir/smroot.pem -out smtst.txt" 119 . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
116 ], 120 ],
117 121
118 [ 122 [
119 "signed detached content DER format, DSA key", 123 "signed detached content DER format, DSA key",
120 "-sign -in smcont.txt -outform DER" 124 "-sign -in smcont.txt -outform \"DER\""
121 . " -signer $smdir/smdsa1.pem -out test.cms", 125 . " -signer $smdir/smdsa1.pem -out test.cms",
122 "-verify -in test.cms -inform DER " 126 "-verify -in test.cms -inform \"DER\" "
123 . " -CAfile $smdir/smroot.pem -out smtst.txt -content smcont.txt" 127 . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
124 ], 128 ],
125 129
126 [ 130 [
127 "signed detached content DER format, add RSA signer", 131 "signed detached content DER format, add RSA signer",
128 "-resign -inform DER -in test.cms -outform DER" 132 "-resign -inform \"DER\" -in test.cms -outform \"DER\""
129 . " -signer $smdir/smrsa1.pem -out test2.cms", 133 . " -signer $smdir/smrsa1.pem -out test2.cms",
130 "-verify -in test2.cms -inform DER " 134 "-verify -in test2.cms -inform \"DER\" "
131 . " -CAfile $smdir/smroot.pem -out smtst.txt -content smcont.txt" 135 . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
132 ], 136 ],
133 137
134 [ 138 [
135 "signed content test streaming BER format, DSA key", 139 "signed content test streaming BER format, DSA key",
136 "-sign -in smcont.txt -outform DER -nodetach" 140 "-sign -in smcont.txt -outform \"DER\" -nodetach"
137 . " -stream -signer $smdir/smdsa1.pem -out test.cms", 141 . " -stream -signer $smdir/smdsa1.pem -out test.cms",
138 "-verify -in test.cms -inform DER " 142 "-verify -in test.cms -inform \"DER\" "
139 . " -CAfile $smdir/smroot.pem -out smtst.txt" 143 . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
140 ], 144 ],
141 145
142 [ 146 [
143 "signed content test streaming BER format, 2 DSA and 2 RSA keys", 147 "signed content test streaming BER format, 2 DSA and 2 RSA keys",
144 "-sign -in smcont.txt -outform DER -nodetach" 148 "-sign -in smcont.txt -outform \"DER\" -nodetach"
145 . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" 149 . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
146 . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" 150 . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
147 . " -stream -out test.cms", 151 . " -stream -out test.cms",
148 "-verify -in test.cms -inform DER " 152 "-verify -in test.cms -inform \"DER\" "
149 . " -CAfile $smdir/smroot.pem -out smtst.txt" 153 . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
150 ], 154 ],
151 155
152 [ 156 [
153"signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes", 157"signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",
154 "-sign -in smcont.txt -outform DER -noattr -nodetach" 158 "-sign -in smcont.txt -outform \"DER\" -noattr -nodetach"
155 . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" 159 . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
156 . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" 160 . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
157 . " -stream -out test.cms", 161 . " -stream -out test.cms",
158 "-verify -in test.cms -inform DER " 162 "-verify -in test.cms -inform \"DER\" "
159 . " -CAfile $smdir/smroot.pem -out smtst.txt" 163 . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
160 ], 164 ],
161 165
162 [ 166 [
@@ -165,7 +169,7 @@ my @smime_pkcs7_tests = (
165 . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" 169 . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
166 . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" 170 . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
167 . " -stream -out test.cms", 171 . " -stream -out test.cms",
168 "-verify -in test.cms " . " -CAfile $smdir/smroot.pem -out smtst.txt" 172 "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
169 ], 173 ],
170 174
171 [ 175 [
@@ -174,7 +178,7 @@ my @smime_pkcs7_tests = (
174 . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" 178 . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
175 . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" 179 . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
176 . " -stream -out test.cms", 180 . " -stream -out test.cms",
177 "-verify -in test.cms " . " -CAfile $smdir/smroot.pem -out smtst.txt" 181 "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
178 ], 182 ],
179 183
180 [ 184 [
@@ -215,12 +219,12 @@ my @smime_cms_tests = (
215 219
216 [ 220 [
217 "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid", 221 "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",
218 "-sign -in smcont.txt -outform DER -nodetach -keyid" 222 "-sign -in smcont.txt -outform \"DER\" -nodetach -keyid"
219 . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" 223 . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
220 . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" 224 . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
221 . " -stream -out test.cms", 225 . " -stream -out test.cms",
222 "-verify -in test.cms -inform DER " 226 "-verify -in test.cms -inform \"DER\" "
223 . " -CAfile $smdir/smroot.pem -out smtst.txt" 227 . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
224 ], 228 ],
225 229
226 [ 230 [
@@ -230,7 +234,7 @@ my @smime_cms_tests = (
230 . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" 234 . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
231 . " -stream -out test.cms", 235 . " -stream -out test.cms",
232 "-verify -in test.cms -inform PEM " 236 "-verify -in test.cms -inform PEM "
233 . " -CAfile $smdir/smroot.pem -out smtst.txt" 237 . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
234 ], 238 ],
235 239
236 [ 240 [
@@ -239,7 +243,7 @@ my @smime_cms_tests = (
239 . " -receipt_request_to test\@openssl.org -receipt_request_all" 243 . " -receipt_request_to test\@openssl.org -receipt_request_all"
240 . " -out test.cms", 244 . " -out test.cms",
241 "-verify -in test.cms " 245 "-verify -in test.cms "
242 . " -CAfile $smdir/smroot.pem -out smtst.txt" 246 . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
243 ], 247 ],
244 248
245 [ 249 [
@@ -248,7 +252,7 @@ my @smime_cms_tests = (
248 . " -signer $smdir/smrsa2.pem" 252 . " -signer $smdir/smrsa2.pem"
249 . " -out test2.cms", 253 . " -out test2.cms",
250 "-verify_receipt test2.cms -in test.cms" 254 "-verify_receipt test2.cms -in test.cms"
251 . " -CAfile $smdir/smroot.pem" 255 . " \"-CAfile\" $smdir/smroot.pem"
252 ], 256 ],
253 257
254 [ 258 [
@@ -289,38 +293,38 @@ my @smime_cms_tests = (
289 293
290 [ 294 [
291 "encrypted content test streaming PEM format, 128 bit RC2 key", 295 "encrypted content test streaming PEM format, 128 bit RC2 key",
292 "-EncryptedData_encrypt -in smcont.txt -outform PEM" 296 "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
293 . " -rc2 -secretkey 000102030405060708090A0B0C0D0E0F" 297 . " -rc2 -secretkey 000102030405060708090A0B0C0D0E0F"
294 . " -stream -out test.cms", 298 . " -stream -out test.cms",
295 "-EncryptedData_decrypt -in test.cms -inform PEM " 299 "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
296 . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt" 300 . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
297 ], 301 ],
298 302
299 [ 303 [
300 "encrypted content test streaming PEM format, 40 bit RC2 key", 304 "encrypted content test streaming PEM format, 40 bit RC2 key",
301 "-EncryptedData_encrypt -in smcont.txt -outform PEM" 305 "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
302 . " -rc2 -secretkey 0001020304" 306 . " -rc2 -secretkey 0001020304"
303 . " -stream -out test.cms", 307 . " -stream -out test.cms",
304 "-EncryptedData_decrypt -in test.cms -inform PEM " 308 "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
305 . " -secretkey 0001020304 -out smtst.txt" 309 . " -secretkey 0001020304 -out smtst.txt"
306 ], 310 ],
307 311
308 [ 312 [
309 "encrypted content test streaming PEM format, triple DES key", 313 "encrypted content test streaming PEM format, triple DES key",
310 "-EncryptedData_encrypt -in smcont.txt -outform PEM" 314 "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
311 . " -des3 -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617" 315 . " -des3 -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
312 . " -stream -out test.cms", 316 . " -stream -out test.cms",
313 "-EncryptedData_decrypt -in test.cms -inform PEM " 317 "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
314 . " -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617" 318 . " -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
315 . " -out smtst.txt" 319 . " -out smtst.txt"
316 ], 320 ],
317 321
318 [ 322 [
319 "encrypted content test streaming PEM format, 128 bit AES key", 323 "encrypted content test streaming PEM format, 128 bit AES key",
320 "-EncryptedData_encrypt -in smcont.txt -outform PEM" 324 "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
321 . " -aes128 -secretkey 000102030405060708090A0B0C0D0E0F" 325 . " -aes128 -secretkey 000102030405060708090A0B0C0D0E0F"
322 . " -stream -out test.cms", 326 . " -stream -out test.cms",
323 "-EncryptedData_decrypt -in test.cms -inform PEM " 327 "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
324 . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt" 328 . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
325 ], 329 ],
326 330
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 12:05:50 +0000