diff options
| author | djm <> | 2008-09-06 12:17:54 +0000 |
|---|---|---|
| committer | djm <> | 2008-09-06 12:17:54 +0000 |
| commit | 38ce604e3cc97706b876b0525ddff0121115456d (patch) | |
| tree | 7ccc28afe1789ea3dbedf72365f955d5b8e105b5 /src/lib/libcrypto | |
| parent | 12867252827c8efaa8ddd1fa3b3d6e321e2bcdef (diff) | |
| download | openbsd-38ce604e3cc97706b876b0525ddff0121115456d.tar.gz openbsd-38ce604e3cc97706b876b0525ddff0121115456d.tar.bz2 openbsd-38ce604e3cc97706b876b0525ddff0121115456d.zip | |
resolve conflicts
Diffstat (limited to 'src/lib/libcrypto')
491 files changed, 23916 insertions, 9930 deletions
diff --git a/src/lib/libcrypto/aes/aes.h b/src/lib/libcrypto/aes/aes.h index 8a3ea0b883..baf0222d49 100644 --- a/src/lib/libcrypto/aes/aes.h +++ b/src/lib/libcrypto/aes/aes.h | |||
| @@ -52,7 +52,7 @@ | |||
| 52 | #ifndef HEADER_AES_H | 52 | #ifndef HEADER_AES_H |
| 53 | #define HEADER_AES_H | 53 | #define HEADER_AES_H |
| 54 | 54 | ||
| 55 | #include <openssl/e_os2.h> | 55 | #include <openssl/opensslconf.h> |
| 56 | 56 | ||
| 57 | #ifdef OPENSSL_NO_AES | 57 | #ifdef OPENSSL_NO_AES |
| 58 | #error AES is disabled. | 58 | #error AES is disabled. |
| @@ -66,17 +66,17 @@ | |||
| 66 | #define AES_MAXNR 14 | 66 | #define AES_MAXNR 14 |
| 67 | #define AES_BLOCK_SIZE 16 | 67 | #define AES_BLOCK_SIZE 16 |
| 68 | 68 | ||
| 69 | #if defined(OPENSSL_FIPS) | ||
| 70 | #define FIPS_AES_SIZE_T int | ||
| 71 | #endif | ||
| 72 | |||
| 73 | #ifdef __cplusplus | 69 | #ifdef __cplusplus |
| 74 | extern "C" { | 70 | extern "C" { |
| 75 | #endif | 71 | #endif |
| 76 | 72 | ||
| 77 | /* This should be a hidden type, but EVP requires that the size be known */ | 73 | /* This should be a hidden type, but EVP requires that the size be known */ |
| 78 | struct aes_key_st { | 74 | struct aes_key_st { |
| 75 | #ifdef AES_LONG | ||
| 79 | unsigned long rd_key[4 *(AES_MAXNR + 1)]; | 76 | unsigned long rd_key[4 *(AES_MAXNR + 1)]; |
| 77 | #else | ||
| 78 | unsigned int rd_key[4 *(AES_MAXNR + 1)]; | ||
| 79 | #endif | ||
| 80 | int rounds; | 80 | int rounds; |
| 81 | }; | 81 | }; |
| 82 | typedef struct aes_key_st AES_KEY; | 82 | typedef struct aes_key_st AES_KEY; |
| @@ -119,6 +119,23 @@ void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, | |||
| 119 | unsigned char ecount_buf[AES_BLOCK_SIZE], | 119 | unsigned char ecount_buf[AES_BLOCK_SIZE], |
| 120 | unsigned int *num); | 120 | unsigned int *num); |
| 121 | 121 | ||
| 122 | /* For IGE, see also http://www.links.org/files/openssl-ige.pdf */ | ||
| 123 | /* NB: the IV is _two_ blocks long */ | ||
| 124 | void AES_ige_encrypt(const unsigned char *in, unsigned char *out, | ||
| 125 | const unsigned long length, const AES_KEY *key, | ||
| 126 | unsigned char *ivec, const int enc); | ||
| 127 | /* NB: the IV is _four_ blocks long */ | ||
| 128 | void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out, | ||
| 129 | const unsigned long length, const AES_KEY *key, | ||
| 130 | const AES_KEY *key2, const unsigned char *ivec, | ||
| 131 | const int enc); | ||
| 132 | |||
| 133 | int AES_wrap_key(AES_KEY *key, const unsigned char *iv, | ||
| 134 | unsigned char *out, | ||
| 135 | const unsigned char *in, unsigned int inlen); | ||
| 136 | int AES_unwrap_key(AES_KEY *key, const unsigned char *iv, | ||
| 137 | unsigned char *out, | ||
| 138 | const unsigned char *in, unsigned int inlen); | ||
| 122 | 139 | ||
| 123 | #ifdef __cplusplus | 140 | #ifdef __cplusplus |
| 124 | } | 141 | } |
diff --git a/src/lib/libcrypto/aes/aes_cbc.c b/src/lib/libcrypto/aes/aes_cbc.c index 373864cd4b..d2ba6bcdb4 100644 --- a/src/lib/libcrypto/aes/aes_cbc.c +++ b/src/lib/libcrypto/aes/aes_cbc.c | |||
| @@ -59,7 +59,6 @@ | |||
| 59 | #include <openssl/aes.h> | 59 | #include <openssl/aes.h> |
| 60 | #include "aes_locl.h" | 60 | #include "aes_locl.h" |
| 61 | 61 | ||
| 62 | #if !defined(OPENSSL_FIPS_AES_ASM) | ||
| 63 | void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, | 62 | void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, |
| 64 | const unsigned long length, const AES_KEY *key, | 63 | const unsigned long length, const AES_KEY *key, |
| 65 | unsigned char *ivec, const int enc) { | 64 | unsigned char *ivec, const int enc) { |
| @@ -130,4 +129,3 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, | |||
| 130 | } | 129 | } |
| 131 | } | 130 | } |
| 132 | } | 131 | } |
| 133 | #endif | ||
diff --git a/src/lib/libcrypto/aes/aes_core.c b/src/lib/libcrypto/aes/aes_core.c index ed566a8123..3a80e18b0a 100644 --- a/src/lib/libcrypto/aes/aes_core.c +++ b/src/lib/libcrypto/aes/aes_core.c | |||
| @@ -37,23 +37,19 @@ | |||
| 37 | 37 | ||
| 38 | #include <stdlib.h> | 38 | #include <stdlib.h> |
| 39 | #include <openssl/aes.h> | 39 | #include <openssl/aes.h> |
| 40 | #include <openssl/fips.h> | ||
| 41 | #include "aes_locl.h" | 40 | #include "aes_locl.h" |
| 42 | 41 | ||
| 43 | #ifndef OPENSSL_FIPS | ||
| 44 | |||
| 45 | /* | 42 | /* |
| 46 | Te0[x] = S [x].[02, 01, 01, 03]; | 43 | Te0[x] = S [x].[02, 01, 01, 03]; |
| 47 | Te1[x] = S [x].[03, 02, 01, 01]; | 44 | Te1[x] = S [x].[03, 02, 01, 01]; |
| 48 | Te2[x] = S [x].[01, 03, 02, 01]; | 45 | Te2[x] = S [x].[01, 03, 02, 01]; |
| 49 | Te3[x] = S [x].[01, 01, 03, 02]; | 46 | Te3[x] = S [x].[01, 01, 03, 02]; |
| 50 | Te4[x] = S [x].[01, 01, 01, 01]; | ||
| 51 | 47 | ||
| 52 | Td0[x] = Si[x].[0e, 09, 0d, 0b]; | 48 | Td0[x] = Si[x].[0e, 09, 0d, 0b]; |
| 53 | Td1[x] = Si[x].[0b, 0e, 09, 0d]; | 49 | Td1[x] = Si[x].[0b, 0e, 09, 0d]; |
| 54 | Td2[x] = Si[x].[0d, 0b, 0e, 09]; | 50 | Td2[x] = Si[x].[0d, 0b, 0e, 09]; |
| 55 | Td3[x] = Si[x].[09, 0d, 0b, 0e]; | 51 | Td3[x] = Si[x].[09, 0d, 0b, 0e]; |
| 56 | Td4[x] = Si[x].[01, 01, 01, 01]; | 52 | Td4[x] = Si[x].[01]; |
| 57 | */ | 53 | */ |
| 58 | 54 | ||
| 59 | static const u32 Te0[256] = { | 55 | static const u32 Te0[256] = { |
| @@ -255,7 +251,6 @@ static const u32 Te2[256] = { | |||
| 255 | 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U, | 251 | 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U, |
| 256 | }; | 252 | }; |
| 257 | static const u32 Te3[256] = { | 253 | static const u32 Te3[256] = { |
| 258 | |||
| 259 | 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U, | 254 | 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U, |
| 260 | 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U, | 255 | 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U, |
| 261 | 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U, | 256 | 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U, |
| @@ -321,72 +316,7 @@ static const u32 Te3[256] = { | |||
| 321 | 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU, | 316 | 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU, |
| 322 | 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU, | 317 | 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU, |
| 323 | }; | 318 | }; |
| 324 | static const u32 Te4[256] = { | 319 | |
| 325 | 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU, | ||
| 326 | 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U, | ||
| 327 | 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU, | ||
| 328 | 0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U, | ||
| 329 | 0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU, | ||
| 330 | 0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U, | ||
| 331 | 0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU, | ||
| 332 | 0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U, | ||
| 333 | 0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U, | ||
| 334 | 0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU, | ||
| 335 | 0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U, | ||
| 336 | 0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U, | ||
| 337 | 0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U, | ||
| 338 | 0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU, | ||
| 339 | 0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U, | ||
| 340 | 0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U, | ||
| 341 | 0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU, | ||
| 342 | 0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U, | ||
| 343 | 0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U, | ||
| 344 | 0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U, | ||
| 345 | 0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU, | ||
| 346 | 0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU, | ||
| 347 | 0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U, | ||
| 348 | 0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU, | ||
| 349 | 0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU, | ||
| 350 | 0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U, | ||
| 351 | 0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU, | ||
| 352 | 0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U, | ||
| 353 | 0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU, | ||
| 354 | 0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U, | ||
| 355 | 0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U, | ||
| 356 | 0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U, | ||
| 357 | 0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU, | ||
| 358 | 0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U, | ||
| 359 | 0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU, | ||
| 360 | 0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U, | ||
| 361 | 0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU, | ||
| 362 | 0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U, | ||
| 363 | 0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U, | ||
| 364 | 0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU, | ||
| 365 | 0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU, | ||
| 366 | 0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU, | ||
| 367 | 0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U, | ||
| 368 | 0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U, | ||
| 369 | 0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU, | ||
| 370 | 0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U, | ||
| 371 | 0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU, | ||
| 372 | 0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U, | ||
| 373 | 0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU, | ||
| 374 | 0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U, | ||
| 375 | 0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU, | ||
| 376 | 0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU, | ||
| 377 | 0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U, | ||
| 378 | 0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU, | ||
| 379 | 0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U, | ||
| 380 | 0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU, | ||
| 381 | 0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U, | ||
| 382 | 0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U, | ||
| 383 | 0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U, | ||
| 384 | 0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU, | ||
| 385 | 0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU, | ||
| 386 | 0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U, | ||
| 387 | 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU, | ||
| 388 | 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U, | ||
| 389 | }; | ||
| 390 | static const u32 Td0[256] = { | 320 | static const u32 Td0[256] = { |
| 391 | 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U, | 321 | 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U, |
| 392 | 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U, | 322 | 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U, |
| @@ -540,7 +470,6 @@ static const u32 Td2[256] = { | |||
| 540 | 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U, | 470 | 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U, |
| 541 | 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U, | 471 | 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U, |
| 542 | 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU, | 472 | 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU, |
| 543 | |||
| 544 | 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U, | 473 | 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U, |
| 545 | 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U, | 474 | 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U, |
| 546 | 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U, | 475 | 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U, |
| @@ -652,71 +581,39 @@ static const u32 Td3[256] = { | |||
| 652 | 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U, | 581 | 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U, |
| 653 | 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U, | 582 | 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U, |
| 654 | }; | 583 | }; |
| 655 | static const u32 Td4[256] = { | 584 | static const u8 Td4[256] = { |
| 656 | 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U, | 585 | 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U, |
| 657 | 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U, | 586 | 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU, |
| 658 | 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU, | 587 | 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U, |
| 659 | 0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU, | 588 | 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU, |
| 660 | 0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U, | 589 | 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU, |
| 661 | 0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U, | 590 | 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU, |
| 662 | 0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U, | 591 | 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U, |
| 663 | 0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU, | 592 | 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U, |
| 664 | 0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U, | 593 | 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U, |
| 665 | 0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU, | 594 | 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U, |
| 666 | 0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU, | 595 | 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU, |
| 667 | 0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU, | 596 | 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U, |
| 668 | 0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U, | 597 | 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU, |
| 669 | 0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U, | 598 | 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U, |
| 670 | 0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U, | 599 | 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U, |
| 671 | 0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U, | 600 | 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU, |
| 672 | 0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U, | 601 | 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU, |
| 673 | 0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U, | 602 | 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U, |
| 674 | 0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU, | 603 | 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U, |
| 675 | 0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U, | 604 | 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU, |
| 676 | 0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U, | 605 | 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U, |
| 677 | 0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU, | 606 | 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU, |
| 678 | 0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U, | 607 | 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U, |
| 679 | 0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U, | 608 | 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U, |
| 680 | 0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U, | 609 | 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U, |
| 681 | 0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU, | 610 | 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU, |
| 682 | 0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U, | 611 | 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU, |
| 683 | 0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U, | 612 | 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU, |
| 684 | 0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU, | 613 | 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U, |
| 685 | 0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U, | 614 | 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U, |
| 686 | 0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U, | 615 | 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U, |
| 687 | 0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU, | 616 | 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU, |
| 688 | 0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U, | ||
| 689 | 0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU, | ||
| 690 | 0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU, | ||
| 691 | 0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U, | ||
| 692 | 0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U, | ||
| 693 | 0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U, | ||
| 694 | 0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U, | ||
| 695 | 0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU, | ||
| 696 | 0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U, | ||
| 697 | 0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U, | ||
| 698 | 0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU, | ||
| 699 | 0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU, | ||
| 700 | 0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU, | ||
| 701 | 0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U, | ||
| 702 | 0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU, | ||
| 703 | 0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U, | ||
| 704 | 0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U, | ||
| 705 | 0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U, | ||
| 706 | 0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U, | ||
| 707 | 0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU, | ||
| 708 | 0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U, | ||
| 709 | 0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU, | ||
| 710 | 0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU, | ||
| 711 | 0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU, | ||
| 712 | 0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU, | ||
| 713 | 0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U, | ||
| 714 | 0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU, | ||
| 715 | 0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U, | ||
| 716 | 0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU, | ||
| 717 | 0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U, | ||
| 718 | 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U, | ||
| 719 | 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU, | ||
| 720 | }; | 617 | }; |
| 721 | static const u32 rcon[] = { | 618 | static const u32 rcon[] = { |
| 722 | 0x01000000, 0x02000000, 0x04000000, 0x08000000, | 619 | 0x01000000, 0x02000000, 0x04000000, 0x08000000, |
| @@ -756,10 +653,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | |||
| 756 | while (1) { | 653 | while (1) { |
| 757 | temp = rk[3]; | 654 | temp = rk[3]; |
| 758 | rk[4] = rk[0] ^ | 655 | rk[4] = rk[0] ^ |
| 759 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | 656 | (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ |
| 760 | (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ | 657 | (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ |
| 761 | (Te4[(temp ) & 0xff] & 0x0000ff00) ^ | 658 | (Te0[(temp ) & 0xff] & 0x0000ff00) ^ |
| 762 | (Te4[(temp >> 24) ] & 0x000000ff) ^ | 659 | (Te1[(temp >> 24) ] & 0x000000ff) ^ |
| 763 | rcon[i]; | 660 | rcon[i]; |
| 764 | rk[5] = rk[1] ^ rk[4]; | 661 | rk[5] = rk[1] ^ rk[4]; |
| 765 | rk[6] = rk[2] ^ rk[5]; | 662 | rk[6] = rk[2] ^ rk[5]; |
| @@ -776,10 +673,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | |||
| 776 | while (1) { | 673 | while (1) { |
| 777 | temp = rk[ 5]; | 674 | temp = rk[ 5]; |
| 778 | rk[ 6] = rk[ 0] ^ | 675 | rk[ 6] = rk[ 0] ^ |
| 779 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | 676 | (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ |
| 780 | (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ | 677 | (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ |
| 781 | (Te4[(temp ) & 0xff] & 0x0000ff00) ^ | 678 | (Te0[(temp ) & 0xff] & 0x0000ff00) ^ |
| 782 | (Te4[(temp >> 24) ] & 0x000000ff) ^ | 679 | (Te1[(temp >> 24) ] & 0x000000ff) ^ |
| 783 | rcon[i]; | 680 | rcon[i]; |
| 784 | rk[ 7] = rk[ 1] ^ rk[ 6]; | 681 | rk[ 7] = rk[ 1] ^ rk[ 6]; |
| 785 | rk[ 8] = rk[ 2] ^ rk[ 7]; | 682 | rk[ 8] = rk[ 2] ^ rk[ 7]; |
| @@ -798,10 +695,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | |||
| 798 | while (1) { | 695 | while (1) { |
| 799 | temp = rk[ 7]; | 696 | temp = rk[ 7]; |
| 800 | rk[ 8] = rk[ 0] ^ | 697 | rk[ 8] = rk[ 0] ^ |
| 801 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | 698 | (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ |
| 802 | (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ | 699 | (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ |
| 803 | (Te4[(temp ) & 0xff] & 0x0000ff00) ^ | 700 | (Te0[(temp ) & 0xff] & 0x0000ff00) ^ |
| 804 | (Te4[(temp >> 24) ] & 0x000000ff) ^ | 701 | (Te1[(temp >> 24) ] & 0x000000ff) ^ |
| 805 | rcon[i]; | 702 | rcon[i]; |
| 806 | rk[ 9] = rk[ 1] ^ rk[ 8]; | 703 | rk[ 9] = rk[ 1] ^ rk[ 8]; |
| 807 | rk[10] = rk[ 2] ^ rk[ 9]; | 704 | rk[10] = rk[ 2] ^ rk[ 9]; |
| @@ -811,10 +708,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | |||
| 811 | } | 708 | } |
| 812 | temp = rk[11]; | 709 | temp = rk[11]; |
| 813 | rk[12] = rk[ 4] ^ | 710 | rk[12] = rk[ 4] ^ |
| 814 | (Te4[(temp >> 24) ] & 0xff000000) ^ | 711 | (Te2[(temp >> 24) ] & 0xff000000) ^ |
| 815 | (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^ | 712 | (Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^ |
| 816 | (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^ | 713 | (Te0[(temp >> 8) & 0xff] & 0x0000ff00) ^ |
| 817 | (Te4[(temp ) & 0xff] & 0x000000ff); | 714 | (Te1[(temp ) & 0xff] & 0x000000ff); |
| 818 | rk[13] = rk[ 5] ^ rk[12]; | 715 | rk[13] = rk[ 5] ^ rk[12]; |
| 819 | rk[14] = rk[ 6] ^ rk[13]; | 716 | rk[14] = rk[ 6] ^ rk[13]; |
| 820 | rk[15] = rk[ 7] ^ rk[14]; | 717 | rk[15] = rk[ 7] ^ rk[14]; |
| @@ -853,29 +750,30 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits, | |||
| 853 | for (i = 1; i < (key->rounds); i++) { | 750 | for (i = 1; i < (key->rounds); i++) { |
| 854 | rk += 4; | 751 | rk += 4; |
| 855 | rk[0] = | 752 | rk[0] = |
| 856 | Td0[Te4[(rk[0] >> 24) ] & 0xff] ^ | 753 | Td0[Te1[(rk[0] >> 24) ] & 0xff] ^ |
| 857 | Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^ | 754 | Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^ |
| 858 | Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^ | 755 | Td2[Te1[(rk[0] >> 8) & 0xff] & 0xff] ^ |
| 859 | Td3[Te4[(rk[0] ) & 0xff] & 0xff]; | 756 | Td3[Te1[(rk[0] ) & 0xff] & 0xff]; |
| 860 | rk[1] = | 757 | rk[1] = |
| 861 | Td0[Te4[(rk[1] >> 24) ] & 0xff] ^ | 758 | Td0[Te1[(rk[1] >> 24) ] & 0xff] ^ |
| 862 | Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^ | 759 | Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^ |
| 863 | Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^ | 760 | Td2[Te1[(rk[1] >> 8) & 0xff] & 0xff] ^ |
| 864 | Td3[Te4[(rk[1] ) & 0xff] & 0xff]; | 761 | Td3[Te1[(rk[1] ) & 0xff] & 0xff]; |
| 865 | rk[2] = | 762 | rk[2] = |
| 866 | Td0[Te4[(rk[2] >> 24) ] & 0xff] ^ | 763 | Td0[Te1[(rk[2] >> 24) ] & 0xff] ^ |
| 867 | Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^ | 764 | Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^ |
| 868 | Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^ | 765 | Td2[Te1[(rk[2] >> 8) & 0xff] & 0xff] ^ |
| 869 | Td3[Te4[(rk[2] ) & 0xff] & 0xff]; | 766 | Td3[Te1[(rk[2] ) & 0xff] & 0xff]; |
| 870 | rk[3] = | 767 | rk[3] = |
| 871 | Td0[Te4[(rk[3] >> 24) ] & 0xff] ^ | 768 | Td0[Te1[(rk[3] >> 24) ] & 0xff] ^ |
| 872 | Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^ | 769 | Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^ |
| 873 | Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^ | 770 | Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^ |
| 874 | Td3[Te4[(rk[3] ) & 0xff] & 0xff]; | 771 | Td3[Te1[(rk[3] ) & 0xff] & 0xff]; |
| 875 | } | 772 | } |
| 876 | return 0; | 773 | return 0; |
| 877 | } | 774 | } |
| 878 | 775 | ||
| 776 | #ifndef AES_ASM | ||
| 879 | /* | 777 | /* |
| 880 | * Encrypt a single block | 778 | * Encrypt a single block |
| 881 | * in and out can overlap | 779 | * in and out can overlap |
| @@ -1038,31 +936,31 @@ void AES_encrypt(const unsigned char *in, unsigned char *out, | |||
| 1038 | * map cipher state to byte array block: | 936 | * map cipher state to byte array block: |
| 1039 | */ | 937 | */ |
| 1040 | s0 = | 938 | s0 = |
| 1041 | (Te4[(t0 >> 24) ] & 0xff000000) ^ | 939 | (Te2[(t0 >> 24) ] & 0xff000000) ^ |
| 1042 | (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ | 940 | (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^ |
| 1043 | (Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ | 941 | (Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^ |
| 1044 | (Te4[(t3 ) & 0xff] & 0x000000ff) ^ | 942 | (Te1[(t3 ) & 0xff] & 0x000000ff) ^ |
| 1045 | rk[0]; | 943 | rk[0]; |
| 1046 | PUTU32(out , s0); | 944 | PUTU32(out , s0); |
| 1047 | s1 = | 945 | s1 = |
| 1048 | (Te4[(t1 >> 24) ] & 0xff000000) ^ | 946 | (Te2[(t1 >> 24) ] & 0xff000000) ^ |
| 1049 | (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ | 947 | (Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^ |
| 1050 | (Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ | 948 | (Te0[(t3 >> 8) & 0xff] & 0x0000ff00) ^ |
| 1051 | (Te4[(t0 ) & 0xff] & 0x000000ff) ^ | 949 | (Te1[(t0 ) & 0xff] & 0x000000ff) ^ |
| 1052 | rk[1]; | 950 | rk[1]; |
| 1053 | PUTU32(out + 4, s1); | 951 | PUTU32(out + 4, s1); |
| 1054 | s2 = | 952 | s2 = |
| 1055 | (Te4[(t2 >> 24) ] & 0xff000000) ^ | 953 | (Te2[(t2 >> 24) ] & 0xff000000) ^ |
| 1056 | (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ | 954 | (Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^ |
| 1057 | (Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ | 955 | (Te0[(t0 >> 8) & 0xff] & 0x0000ff00) ^ |
| 1058 | (Te4[(t1 ) & 0xff] & 0x000000ff) ^ | 956 | (Te1[(t1 ) & 0xff] & 0x000000ff) ^ |
| 1059 | rk[2]; | 957 | rk[2]; |
| 1060 | PUTU32(out + 8, s2); | 958 | PUTU32(out + 8, s2); |
| 1061 | s3 = | 959 | s3 = |
| 1062 | (Te4[(t3 >> 24) ] & 0xff000000) ^ | 960 | (Te2[(t3 >> 24) ] & 0xff000000) ^ |
| 1063 | (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ | 961 | (Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^ |
| 1064 | (Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ | 962 | (Te0[(t1 >> 8) & 0xff] & 0x0000ff00) ^ |
| 1065 | (Te4[(t2 ) & 0xff] & 0x000000ff) ^ | 963 | (Te1[(t2 ) & 0xff] & 0x000000ff) ^ |
| 1066 | rk[3]; | 964 | rk[3]; |
| 1067 | PUTU32(out + 12, s3); | 965 | PUTU32(out + 12, s3); |
| 1068 | } | 966 | } |
| @@ -1229,33 +1127,33 @@ void AES_decrypt(const unsigned char *in, unsigned char *out, | |||
| 1229 | * map cipher state to byte array block: | 1127 | * map cipher state to byte array block: |
| 1230 | */ | 1128 | */ |
| 1231 | s0 = | 1129 | s0 = |
| 1232 | (Td4[(t0 >> 24) ] & 0xff000000) ^ | 1130 | (Td4[(t0 >> 24) ] << 24) ^ |
| 1233 | (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ | 1131 | (Td4[(t3 >> 16) & 0xff] << 16) ^ |
| 1234 | (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ | 1132 | (Td4[(t2 >> 8) & 0xff] << 8) ^ |
| 1235 | (Td4[(t1 ) & 0xff] & 0x000000ff) ^ | 1133 | (Td4[(t1 ) & 0xff]) ^ |
| 1236 | rk[0]; | 1134 | rk[0]; |
| 1237 | PUTU32(out , s0); | 1135 | PUTU32(out , s0); |
| 1238 | s1 = | 1136 | s1 = |
| 1239 | (Td4[(t1 >> 24) ] & 0xff000000) ^ | 1137 | (Td4[(t1 >> 24) ] << 24) ^ |
| 1240 | (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ | 1138 | (Td4[(t0 >> 16) & 0xff] << 16) ^ |
| 1241 | (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ | 1139 | (Td4[(t3 >> 8) & 0xff] << 8) ^ |
| 1242 | (Td4[(t2 ) & 0xff] & 0x000000ff) ^ | 1140 | (Td4[(t2 ) & 0xff]) ^ |
| 1243 | rk[1]; | 1141 | rk[1]; |
| 1244 | PUTU32(out + 4, s1); | 1142 | PUTU32(out + 4, s1); |
| 1245 | s2 = | 1143 | s2 = |
| 1246 | (Td4[(t2 >> 24) ] & 0xff000000) ^ | 1144 | (Td4[(t2 >> 24) ] << 24) ^ |
| 1247 | (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ | 1145 | (Td4[(t1 >> 16) & 0xff] << 16) ^ |
| 1248 | (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ | 1146 | (Td4[(t0 >> 8) & 0xff] << 8) ^ |
| 1249 | (Td4[(t3 ) & 0xff] & 0x000000ff) ^ | 1147 | (Td4[(t3 ) & 0xff]) ^ |
| 1250 | rk[2]; | 1148 | rk[2]; |
| 1251 | PUTU32(out + 8, s2); | 1149 | PUTU32(out + 8, s2); |
| 1252 | s3 = | 1150 | s3 = |
| 1253 | (Td4[(t3 >> 24) ] & 0xff000000) ^ | 1151 | (Td4[(t3 >> 24) ] << 24) ^ |
| 1254 | (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ | 1152 | (Td4[(t2 >> 16) & 0xff] << 16) ^ |
| 1255 | (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ | 1153 | (Td4[(t1 >> 8) & 0xff] << 8) ^ |
| 1256 | (Td4[(t0 ) & 0xff] & 0x000000ff) ^ | 1154 | (Td4[(t0 ) & 0xff]) ^ |
| 1257 | rk[3]; | 1155 | rk[3]; |
| 1258 | PUTU32(out + 12, s3); | 1156 | PUTU32(out + 12, s3); |
| 1259 | } | 1157 | } |
| 1260 | 1158 | ||
| 1261 | #endif /* ndef OPENSSL_FIPS */ | 1159 | #endif /* AES_ASM */ |
diff --git a/src/lib/libcrypto/aes/aes_locl.h b/src/lib/libcrypto/aes/aes_locl.h index 4184729e34..054b442d41 100644 --- a/src/lib/libcrypto/aes/aes_locl.h +++ b/src/lib/libcrypto/aes/aes_locl.h | |||
| @@ -62,7 +62,7 @@ | |||
| 62 | #include <stdlib.h> | 62 | #include <stdlib.h> |
| 63 | #include <string.h> | 63 | #include <string.h> |
| 64 | 64 | ||
| 65 | #if defined(_MSC_VER) && !defined(_M_IA64) && !defined(OPENSSL_SYS_WINCE) | 65 | #if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64)) |
| 66 | # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) | 66 | # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) |
| 67 | # define GETU32(p) SWAP(*((u32 *)(p))) | 67 | # define GETU32(p) SWAP(*((u32 *)(p))) |
| 68 | # define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); } | 68 | # define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); } |
| @@ -71,7 +71,11 @@ | |||
| 71 | # define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); } | 71 | # define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); } |
| 72 | #endif | 72 | #endif |
| 73 | 73 | ||
| 74 | #ifdef AES_LONG | ||
| 74 | typedef unsigned long u32; | 75 | typedef unsigned long u32; |
| 76 | #else | ||
| 77 | typedef unsigned int u32; | ||
| 78 | #endif | ||
| 75 | typedef unsigned short u16; | 79 | typedef unsigned short u16; |
| 76 | typedef unsigned char u8; | 80 | typedef unsigned char u8; |
| 77 | 81 | ||
diff --git a/src/lib/libcrypto/aes/aes_misc.c b/src/lib/libcrypto/aes/aes_misc.c index 090def25d5..4fead1b4c7 100644 --- a/src/lib/libcrypto/aes/aes_misc.c +++ b/src/lib/libcrypto/aes/aes_misc.c | |||
| @@ -53,7 +53,7 @@ | |||
| 53 | #include <openssl/aes.h> | 53 | #include <openssl/aes.h> |
| 54 | #include "aes_locl.h" | 54 | #include "aes_locl.h" |
| 55 | 55 | ||
| 56 | const char *AES_version="AES" OPENSSL_VERSION_PTEXT; | 56 | const char AES_version[]="AES" OPENSSL_VERSION_PTEXT; |
| 57 | 57 | ||
| 58 | const char *AES_options(void) { | 58 | const char *AES_options(void) { |
| 59 | #ifdef FULL_UNROLL | 59 | #ifdef FULL_UNROLL |
diff --git a/src/lib/libcrypto/aes/asm/aes-586.pl b/src/lib/libcrypto/aes/asm/aes-586.pl index 688fda21ff..89fa261794 100644 --- a/src/lib/libcrypto/aes/asm/aes-586.pl +++ b/src/lib/libcrypto/aes/asm/aes-586.pl | |||
| @@ -6,7 +6,7 @@ | |||
| 6 | # forms are granted according to the OpenSSL license. | 6 | # forms are granted according to the OpenSSL license. |
| 7 | # ==================================================================== | 7 | # ==================================================================== |
| 8 | # | 8 | # |
| 9 | # Version 2.0. | 9 | # Version 3.6. |
| 10 | # | 10 | # |
| 11 | # You might fail to appreciate this module performance from the first | 11 | # You might fail to appreciate this module performance from the first |
| 12 | # try. If compared to "vanilla" linux-ia32-icc target, i.e. considered | 12 | # try. If compared to "vanilla" linux-ia32-icc target, i.e. considered |
| @@ -46,43 +46,68 @@ | |||
| 46 | # Instruction Level Parallelism, and it indeed resulted in up to 15% | 46 | # Instruction Level Parallelism, and it indeed resulted in up to 15% |
| 47 | # better performance on most recent µ-archs... | 47 | # better performance on most recent µ-archs... |
| 48 | # | 48 | # |
| 49 | # Current ECB performance numbers for 128-bit key in cycles per byte | 49 | # Third version adds AES_cbc_encrypt implementation, which resulted in |
| 50 | # [measure commonly used by AES benchmarkers] are: | 50 | # up to 40% performance imrovement of CBC benchmark results. 40% was |
| 51 | # observed on P4 core, where "overall" imrovement coefficient, i.e. if | ||
| 52 | # compared to PIC generated by GCC and in CBC mode, was observed to be | ||
| 53 | # as large as 4x:-) CBC performance is virtually identical to ECB now | ||
| 54 | # and on some platforms even better, e.g. 17.6 "small" cycles/byte on | ||
| 55 | # Opteron, because certain function prologues and epilogues are | ||
| 56 | # effectively taken out of the loop... | ||
| 51 | # | 57 | # |
| 52 | # small footprint fully unrolled | 58 | # Version 3.2 implements compressed tables and prefetch of these tables |
| 53 | # P4[-3] 23[24] 22[23] | 59 | # in CBC[!] mode. Former means that 3/4 of table references are now |
| 54 | # AMD K8 19 18 | 60 | # misaligned, which unfortunately has negative impact on elder IA-32 |
| 55 | # PIII 26(*) 23 | 61 | # implementations, Pentium suffered 30% penalty, PIII - 10%. |
| 56 | # Pentium 63(*) 52 | 62 | # |
| 63 | # Version 3.3 avoids L1 cache aliasing between stack frame and | ||
| 64 | # S-boxes, and 3.4 - L1 cache aliasing even between key schedule. The | ||
| 65 | # latter is achieved by copying the key schedule to controlled place in | ||
| 66 | # stack. This unfortunately has rather strong impact on small block CBC | ||
| 67 | # performance, ~2x deterioration on 16-byte block if compared to 3.3. | ||
| 68 | # | ||
| 69 | # Version 3.5 checks if there is L1 cache aliasing between user-supplied | ||
| 70 | # key schedule and S-boxes and abstains from copying the former if | ||
| 71 | # there is no. This allows end-user to consciously retain small block | ||
| 72 | # performance by aligning key schedule in specific manner. | ||
| 57 | # | 73 | # |
| 58 | # (*) Performance difference between small footprint code and fully | 74 | # Version 3.6 compresses Td4 to 256 bytes and prefetches it in ECB. |
| 59 | # unrolled in more commonly used CBC mode is not as big, 7% for | 75 | # |
| 60 | # PIII and 15% for Pentium, which I consider tolerable. | 76 | # Current ECB performance numbers for 128-bit key in CPU cycles per |
| 77 | # processed byte [measure commonly used by AES benchmarkers] are: | ||
| 78 | # | ||
| 79 | # small footprint fully unrolled | ||
| 80 | # P4 24 22 | ||
| 81 | # AMD K8 20 19 | ||
| 82 | # PIII 25 23 | ||
| 83 | # Pentium 81 78 | ||
| 61 | 84 | ||
| 62 | push(@INC,"perlasm","../../perlasm"); | 85 | push(@INC,"perlasm","../../perlasm"); |
| 63 | require "x86asm.pl"; | 86 | require "x86asm.pl"; |
| 64 | 87 | ||
| 65 | &asm_init($ARGV[0],"aes-586.pl",$ARGV[$#ARGV] eq "386"); | 88 | &asm_init($ARGV[0],"aes-586.pl",$ARGV[$#ARGV] eq "386"); |
| 66 | 89 | ||
| 67 | $small_footprint=1; # $small_footprint=1 code is ~5% slower [on | ||
| 68 | # recent µ-archs], but ~5 times smaller! | ||
| 69 | # I favor compact code, because it minimizes | ||
| 70 | # cache contention... | ||
| 71 | $vertical_spin=0; # shift "verticaly" defaults to 0, because of | ||
| 72 | # its proof-of-concept status, see below... | ||
| 73 | |||
| 74 | $s0="eax"; | 90 | $s0="eax"; |
| 75 | $s1="ebx"; | 91 | $s1="ebx"; |
| 76 | $s2="ecx"; | 92 | $s2="ecx"; |
| 77 | $s3="edx"; | 93 | $s3="edx"; |
| 78 | $key="esi"; | 94 | $key="edi"; |
| 79 | $acc="edi"; | 95 | $acc="esi"; |
| 96 | |||
| 97 | $compromise=0; # $compromise=128 abstains from copying key | ||
| 98 | # schedule to stack when encrypting inputs | ||
| 99 | # shorter than 128 bytes at the cost of | ||
| 100 | # risksing aliasing with S-boxes. In return | ||
| 101 | # you get way better, up to +70%, small block | ||
| 102 | # performance. | ||
| 103 | $small_footprint=1; # $small_footprint=1 code is ~5% slower [on | ||
| 104 | # recent µ-archs], but ~5 times smaller! | ||
| 105 | # I favor compact code to minimize cache | ||
| 106 | # contention and in hope to "collect" 5% back | ||
| 107 | # in real-life applications... | ||
| 108 | $vertical_spin=0; # shift "verticaly" defaults to 0, because of | ||
| 109 | # its proof-of-concept status... | ||
| 80 | 110 | ||
| 81 | if ($vertical_spin) { | ||
| 82 | # I need high parts of volatile registers to be accessible... | ||
| 83 | $s1="esi"; $key="ebx"; | ||
| 84 | $s2="edi"; $acc="ecx"; | ||
| 85 | } | ||
| 86 | # Note that there is no decvert(), as well as last encryption round is | 111 | # Note that there is no decvert(), as well as last encryption round is |
| 87 | # performed with "horizontal" shifts. This is because this "vertical" | 112 | # performed with "horizontal" shifts. This is because this "vertical" |
| 88 | # implementation [one which groups shifts on a given $s[i] to form a | 113 | # implementation [one which groups shifts on a given $s[i] to form a |
| @@ -98,55 +123,55 @@ sub encvert() | |||
| 98 | my $v0 = $acc, $v1 = $key; | 123 | my $v0 = $acc, $v1 = $key; |
| 99 | 124 | ||
| 100 | &mov ($v0,$s[3]); # copy s3 | 125 | &mov ($v0,$s[3]); # copy s3 |
| 101 | &mov (&DWP(0,"esp"),$s[2]); # save s2 | 126 | &mov (&DWP(4,"esp"),$s[2]); # save s2 |
| 102 | &mov ($v1,$s[0]); # copy s0 | 127 | &mov ($v1,$s[0]); # copy s0 |
| 103 | &mov (&DWP(4,"esp"),$s[1]); # save s1 | 128 | &mov (&DWP(8,"esp"),$s[1]); # save s1 |
| 104 | 129 | ||
| 105 | &movz ($s[2],&HB($s[0])); | 130 | &movz ($s[2],&HB($s[0])); |
| 106 | &and ($s[0],0xFF); | 131 | &and ($s[0],0xFF); |
| 107 | &mov ($s[0],&DWP(1024*0,$te,$s[0],4)); # s0>>0 | 132 | &mov ($s[0],&DWP(0,$te,$s[0],8)); # s0>>0 |
| 108 | &shr ($v1,16); | 133 | &shr ($v1,16); |
| 109 | &mov ($s[3],&DWP(1024*1,$te,$s[2],4)); # s0>>8 | 134 | &mov ($s[3],&DWP(3,$te,$s[2],8)); # s0>>8 |
| 110 | &movz ($s[1],&HB($v1)); | 135 | &movz ($s[1],&HB($v1)); |
| 111 | &and ($v1,0xFF); | 136 | &and ($v1,0xFF); |
| 112 | &mov ($s[2],&DWP(1024*2,$te,$v1,4)); # s0>>16 | 137 | &mov ($s[2],&DWP(2,$te,$v1,8)); # s0>>16 |
| 113 | &mov ($v1,$v0); | 138 | &mov ($v1,$v0); |
| 114 | &mov ($s[1],&DWP(1024*3,$te,$s[1],4)); # s0>>24 | 139 | &mov ($s[1],&DWP(1,$te,$s[1],8)); # s0>>24 |
| 115 | 140 | ||
| 116 | &and ($v0,0xFF); | 141 | &and ($v0,0xFF); |
| 117 | &xor ($s[3],&DWP(1024*0,$te,$v0,4)); # s3>>0 | 142 | &xor ($s[3],&DWP(0,$te,$v0,8)); # s3>>0 |
| 118 | &movz ($v0,&HB($v1)); | 143 | &movz ($v0,&HB($v1)); |
| 119 | &shr ($v1,16); | 144 | &shr ($v1,16); |
| 120 | &xor ($s[2],&DWP(1024*1,$te,$v0,4)); # s3>>8 | 145 | &xor ($s[2],&DWP(3,$te,$v0,8)); # s3>>8 |
| 121 | &movz ($v0,&HB($v1)); | 146 | &movz ($v0,&HB($v1)); |
| 122 | &and ($v1,0xFF); | 147 | &and ($v1,0xFF); |
| 123 | &xor ($s[1],&DWP(1024*2,$te,$v1,4)); # s3>>16 | 148 | &xor ($s[1],&DWP(2,$te,$v1,8)); # s3>>16 |
| 124 | &mov ($v1,&DWP(0,"esp")); # restore s2 | 149 | &mov ($v1,&DWP(4,"esp")); # restore s2 |
| 125 | &xor ($s[0],&DWP(1024*3,$te,$v0,4)); # s3>>24 | 150 | &xor ($s[0],&DWP(1,$te,$v0,8)); # s3>>24 |
| 126 | 151 | ||
| 127 | &mov ($v0,$v1); | 152 | &mov ($v0,$v1); |
| 128 | &and ($v1,0xFF); | 153 | &and ($v1,0xFF); |
| 129 | &xor ($s[2],&DWP(1024*0,$te,$v1,4)); # s2>>0 | 154 | &xor ($s[2],&DWP(0,$te,$v1,8)); # s2>>0 |
| 130 | &movz ($v1,&HB($v0)); | 155 | &movz ($v1,&HB($v0)); |
| 131 | &shr ($v0,16); | 156 | &shr ($v0,16); |
| 132 | &xor ($s[1],&DWP(1024*1,$te,$v1,4)); # s2>>8 | 157 | &xor ($s[1],&DWP(3,$te,$v1,8)); # s2>>8 |
| 133 | &movz ($v1,&HB($v0)); | 158 | &movz ($v1,&HB($v0)); |
| 134 | &and ($v0,0xFF); | 159 | &and ($v0,0xFF); |
| 135 | &xor ($s[0],&DWP(1024*2,$te,$v0,4)); # s2>>16 | 160 | &xor ($s[0],&DWP(2,$te,$v0,8)); # s2>>16 |
| 136 | &mov ($v0,&DWP(4,"esp")); # restore s1 | 161 | &mov ($v0,&DWP(8,"esp")); # restore s1 |
| 137 | &xor ($s[3],&DWP(1024*3,$te,$v1,4)); # s2>>24 | 162 | &xor ($s[3],&DWP(1,$te,$v1,8)); # s2>>24 |
| 138 | 163 | ||
| 139 | &mov ($v1,$v0); | 164 | &mov ($v1,$v0); |
| 140 | &and ($v0,0xFF); | 165 | &and ($v0,0xFF); |
| 141 | &xor ($s[1],&DWP(1024*0,$te,$v0,4)); # s1>>0 | 166 | &xor ($s[1],&DWP(0,$te,$v0,8)); # s1>>0 |
| 142 | &movz ($v0,&HB($v1)); | 167 | &movz ($v0,&HB($v1)); |
| 143 | &shr ($v1,16); | 168 | &shr ($v1,16); |
| 144 | &xor ($s[0],&DWP(1024*1,$te,$v0,4)); # s1>>8 | 169 | &xor ($s[0],&DWP(3,$te,$v0,8)); # s1>>8 |
| 145 | &movz ($v0,&HB($v1)); | 170 | &movz ($v0,&HB($v1)); |
| 146 | &and ($v1,0xFF); | 171 | &and ($v1,0xFF); |
| 147 | &xor ($s[3],&DWP(1024*2,$te,$v1,4)); # s1>>16 | 172 | &xor ($s[3],&DWP(2,$te,$v1,8)); # s1>>16 |
| 148 | &mov ($key,&DWP(12,"esp")); # reincarnate v1 as key | 173 | &mov ($key,&DWP(12,"esp")); # reincarnate v1 as key |
| 149 | &xor ($s[2],&DWP(1024*3,$te,$v0,4)); # s1>>24 | 174 | &xor ($s[2],&DWP(1,$te,$v0,8)); # s1>>24 |
| 150 | } | 175 | } |
| 151 | 176 | ||
| 152 | sub encstep() | 177 | sub encstep() |
| @@ -160,25 +185,25 @@ sub encstep() | |||
| 160 | &and ($out,0xFF); } | 185 | &and ($out,0xFF); } |
| 161 | if ($i==1) { &shr ($s[0],16); }#%ebx[1] | 186 | if ($i==1) { &shr ($s[0],16); }#%ebx[1] |
| 162 | if ($i==2) { &shr ($s[0],24); }#%ecx[2] | 187 | if ($i==2) { &shr ($s[0],24); }#%ecx[2] |
| 163 | &mov ($out,&DWP(1024*0,$te,$out,4)); | 188 | &mov ($out,&DWP(0,$te,$out,8)); |
| 164 | 189 | ||
| 165 | if ($i==3) { $tmp=$s[1]; }##%eax | 190 | if ($i==3) { $tmp=$s[1]; }##%eax |
| 166 | &movz ($tmp,&HB($s[1])); | 191 | &movz ($tmp,&HB($s[1])); |
| 167 | &xor ($out,&DWP(1024*1,$te,$tmp,4)); | 192 | &xor ($out,&DWP(3,$te,$tmp,8)); |
| 168 | 193 | ||
| 169 | if ($i==3) { $tmp=$s[2]; &mov ($s[1],&DWP(0,"esp")); }##%ebx | 194 | if ($i==3) { $tmp=$s[2]; &mov ($s[1],&DWP(4,"esp")); }##%ebx |
| 170 | else { &mov ($tmp,$s[2]); | 195 | else { &mov ($tmp,$s[2]); |
| 171 | &shr ($tmp,16); } | 196 | &shr ($tmp,16); } |
| 172 | if ($i==2) { &and ($s[1],0xFF); }#%edx[2] | 197 | if ($i==2) { &and ($s[1],0xFF); }#%edx[2] |
| 173 | &and ($tmp,0xFF); | 198 | &and ($tmp,0xFF); |
| 174 | &xor ($out,&DWP(1024*2,$te,$tmp,4)); | 199 | &xor ($out,&DWP(2,$te,$tmp,8)); |
| 175 | 200 | ||
| 176 | if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(4,"esp")); }##%ecx | 201 | if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); }##%ecx |
| 177 | elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2] | 202 | elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2] |
| 178 | else { &mov ($tmp,$s[3]); | 203 | else { &mov ($tmp,$s[3]); |
| 179 | &shr ($tmp,24) } | 204 | &shr ($tmp,24) } |
| 180 | &xor ($out,&DWP(1024*3,$te,$tmp,4)); | 205 | &xor ($out,&DWP(1,$te,$tmp,8)); |
| 181 | if ($i<2) { &mov (&DWP(4*$i,"esp"),$out); } | 206 | if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } |
| 182 | if ($i==3) { &mov ($s[3],$acc); } | 207 | if ($i==3) { &mov ($s[3],$acc); } |
| 183 | &comment(); | 208 | &comment(); |
| 184 | } | 209 | } |
| @@ -193,60 +218,49 @@ sub enclast() | |||
| 193 | &and ($out,0xFF); | 218 | &and ($out,0xFF); |
| 194 | if ($i==1) { &shr ($s[0],16); }#%ebx[1] | 219 | if ($i==1) { &shr ($s[0],16); }#%ebx[1] |
| 195 | if ($i==2) { &shr ($s[0],24); }#%ecx[2] | 220 | if ($i==2) { &shr ($s[0],24); }#%ecx[2] |
| 196 | &mov ($out,&DWP(1024*0,$te,$out,4)); | 221 | &mov ($out,&DWP(2,$te,$out,8)); |
| 197 | &and ($out,0x000000ff); | 222 | &and ($out,0x000000ff); |
| 198 | 223 | ||
| 199 | if ($i==3) { $tmp=$s[1]; }##%eax | 224 | if ($i==3) { $tmp=$s[1]; }##%eax |
| 200 | &movz ($tmp,&HB($s[1])); | 225 | &movz ($tmp,&HB($s[1])); |
| 201 | &mov ($tmp,&DWP(0,$te,$tmp,4)); | 226 | &mov ($tmp,&DWP(0,$te,$tmp,8)); |
| 202 | &and ($tmp,0x0000ff00); | 227 | &and ($tmp,0x0000ff00); |
| 203 | &xor ($out,$tmp); | 228 | &xor ($out,$tmp); |
| 204 | 229 | ||
| 205 | if ($i==3) { $tmp=$s[2]; &mov ($s[1],&DWP(0,"esp")); }##%ebx | 230 | if ($i==3) { $tmp=$s[2]; &mov ($s[1],&DWP(4,"esp")); }##%ebx |
| 206 | else { mov ($tmp,$s[2]); | 231 | else { mov ($tmp,$s[2]); |
| 207 | &shr ($tmp,16); } | 232 | &shr ($tmp,16); } |
| 208 | if ($i==2) { &and ($s[1],0xFF); }#%edx[2] | 233 | if ($i==2) { &and ($s[1],0xFF); }#%edx[2] |
| 209 | &and ($tmp,0xFF); | 234 | &and ($tmp,0xFF); |
| 210 | &mov ($tmp,&DWP(0,$te,$tmp,4)); | 235 | &mov ($tmp,&DWP(0,$te,$tmp,8)); |
| 211 | &and ($tmp,0x00ff0000); | 236 | &and ($tmp,0x00ff0000); |
| 212 | &xor ($out,$tmp); | 237 | &xor ($out,$tmp); |
| 213 | 238 | ||
| 214 | if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(4,"esp")); }##%ecx | 239 | if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); }##%ecx |
| 215 | elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2] | 240 | elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2] |
| 216 | else { &mov ($tmp,$s[3]); | 241 | else { &mov ($tmp,$s[3]); |
| 217 | &shr ($tmp,24); } | 242 | &shr ($tmp,24); } |
| 218 | &mov ($tmp,&DWP(0,$te,$tmp,4)); | 243 | &mov ($tmp,&DWP(2,$te,$tmp,8)); |
| 219 | &and ($tmp,0xff000000); | 244 | &and ($tmp,0xff000000); |
| 220 | &xor ($out,$tmp); | 245 | &xor ($out,$tmp); |
| 221 | if ($i<2) { &mov (&DWP(4*$i,"esp"),$out); } | 246 | if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } |
| 222 | if ($i==3) { &mov ($s[3],$acc); } | 247 | if ($i==3) { &mov ($s[3],$acc); } |
| 223 | } | 248 | } |
| 224 | 249 | ||
| 225 | # void AES_encrypt (const void *inp,void *out,const AES_KEY *key); | 250 | sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } |
| 226 | &public_label("AES_Te"); | ||
| 227 | &function_begin("AES_encrypt"); | ||
| 228 | &mov ($acc,&wparam(0)); # load inp | ||
| 229 | &mov ($key,&wparam(2)); # load key | ||
| 230 | |||
| 231 | &call (&label("pic_point")); # make it PIC! | ||
| 232 | &set_label("pic_point"); | ||
| 233 | &blindpop("ebp"); | ||
| 234 | &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); | ||
| 235 | 251 | ||
| 236 | # allocate aligned stack frame | 252 | &public_label("AES_Te"); |
| 237 | &mov ($s0,"esp"); | 253 | &function_begin_B("_x86_AES_encrypt"); |
| 238 | &sub ("esp",20); | 254 | if ($vertical_spin) { |
| 239 | &and ("esp",-16); | 255 | # I need high parts of volatile registers to be accessible... |
| 256 | &exch ($s1="edi",$key="ebx"); | ||
| 257 | &mov ($s2="esi",$acc="ecx"); | ||
| 258 | } | ||
| 240 | 259 | ||
| 260 | # note that caller is expected to allocate stack frame for me! | ||
| 241 | &mov (&DWP(12,"esp"),$key); # save key | 261 | &mov (&DWP(12,"esp"),$key); # save key |
| 242 | &mov (&DWP(16,"esp"),$s0); # save %esp | ||
| 243 | 262 | ||
| 244 | &mov ($s0,&DWP(0,$acc)); # load input data | 263 | &xor ($s0,&DWP(0,$key)); # xor with key |
| 245 | &mov ($s1,&DWP(4,$acc)); | ||
| 246 | &mov ($s2,&DWP(8,$acc)); | ||
| 247 | &mov ($s3,&DWP(12,$acc)); | ||
| 248 | |||
| 249 | &xor ($s0,&DWP(0,$key)); | ||
| 250 | &xor ($s1,&DWP(4,$key)); | 264 | &xor ($s1,&DWP(4,$key)); |
| 251 | &xor ($s2,&DWP(8,$key)); | 265 | &xor ($s2,&DWP(8,$key)); |
| 252 | &xor ($s3,&DWP(12,$key)); | 266 | &xor ($s3,&DWP(12,$key)); |
| @@ -256,7 +270,7 @@ sub enclast() | |||
| 256 | if ($small_footprint) { | 270 | if ($small_footprint) { |
| 257 | &lea ($acc,&DWP(-2,$acc,$acc)); | 271 | &lea ($acc,&DWP(-2,$acc,$acc)); |
| 258 | &lea ($acc,&DWP(0,$key,$acc,8)); | 272 | &lea ($acc,&DWP(0,$key,$acc,8)); |
| 259 | &mov (&DWP(8,"esp"),$acc); # end of key schedule | 273 | &mov (&DWP(16,"esp"),$acc); # end of key schedule |
| 260 | &align (4); | 274 | &align (4); |
| 261 | &set_label("loop"); | 275 | &set_label("loop"); |
| 262 | if ($vertical_spin) { | 276 | if ($vertical_spin) { |
| @@ -267,12 +281,12 @@ sub enclast() | |||
| 267 | &encstep(2,"ebp",$s2,$s3,$s0,$s1); | 281 | &encstep(2,"ebp",$s2,$s3,$s0,$s1); |
| 268 | &encstep(3,"ebp",$s3,$s0,$s1,$s2); | 282 | &encstep(3,"ebp",$s3,$s0,$s1,$s2); |
| 269 | } | 283 | } |
| 270 | &add ($key,16); # advance rd_key | 284 | &add ($key,16); # advance rd_key |
| 271 | &xor ($s0,&DWP(0,$key)); | 285 | &xor ($s0,&DWP(0,$key)); |
| 272 | &xor ($s1,&DWP(4,$key)); | 286 | &xor ($s1,&DWP(4,$key)); |
| 273 | &xor ($s2,&DWP(8,$key)); | 287 | &xor ($s2,&DWP(8,$key)); |
| 274 | &xor ($s3,&DWP(12,$key)); | 288 | &xor ($s3,&DWP(12,$key)); |
| 275 | &cmp ($key,&DWP(8,"esp")); | 289 | &cmp ($key,&DWP(16,"esp")); |
| 276 | &mov (&DWP(12,"esp"),$key); | 290 | &mov (&DWP(12,"esp"),$key); |
| 277 | &jb (&label("loop")); | 291 | &jb (&label("loop")); |
| 278 | } | 292 | } |
| @@ -298,7 +312,7 @@ sub enclast() | |||
| 298 | &xor ($s3,&DWP(16*$i+12,$key)); | 312 | &xor ($s3,&DWP(16*$i+12,$key)); |
| 299 | } | 313 | } |
| 300 | &add ($key,32); | 314 | &add ($key,32); |
| 301 | &mov (&DWP(12,"esp"),$key); # advance rd_key | 315 | &mov (&DWP(12,"esp"),$key); # advance rd_key |
| 302 | &set_label("12rounds"); | 316 | &set_label("12rounds"); |
| 303 | for ($i=1;$i<3;$i++) { | 317 | for ($i=1;$i<3;$i++) { |
| 304 | if ($vertical_spin) { | 318 | if ($vertical_spin) { |
| @@ -315,7 +329,7 @@ sub enclast() | |||
| 315 | &xor ($s3,&DWP(16*$i+12,$key)); | 329 | &xor ($s3,&DWP(16*$i+12,$key)); |
| 316 | } | 330 | } |
| 317 | &add ($key,32); | 331 | &add ($key,32); |
| 318 | &mov (&DWP(12,"esp"),$key); # advance rd_key | 332 | &mov (&DWP(12,"esp"),$key); # advance rd_key |
| 319 | &set_label("10rounds"); | 333 | &set_label("10rounds"); |
| 320 | for ($i=1;$i<10;$i++) { | 334 | for ($i=1;$i<10;$i++) { |
| 321 | if ($vertical_spin) { | 335 | if ($vertical_spin) { |
| @@ -333,375 +347,129 @@ sub enclast() | |||
| 333 | } | 347 | } |
| 334 | } | 348 | } |
| 335 | 349 | ||
| 336 | &add ("ebp",4*1024); # skip to Te4 | ||
| 337 | if ($vertical_spin) { | 350 | if ($vertical_spin) { |
| 338 | # "reincarnate" some registers for "horizontal" spin... | 351 | # "reincarnate" some registers for "horizontal" spin... |
| 339 | &mov ($s1="ebx",$key="esi"); | 352 | &mov ($s1="ebx",$key="edi"); |
| 340 | &mov ($s2="ecx",$acc="edi"); | 353 | &mov ($s2="ecx",$acc="esi"); |
| 341 | } | 354 | } |
| 342 | &enclast(0,"ebp",$s0,$s1,$s2,$s3); | 355 | &enclast(0,"ebp",$s0,$s1,$s2,$s3); |
| 343 | &enclast(1,"ebp",$s1,$s2,$s3,$s0); | 356 | &enclast(1,"ebp",$s1,$s2,$s3,$s0); |
| 344 | &enclast(2,"ebp",$s2,$s3,$s0,$s1); | 357 | &enclast(2,"ebp",$s2,$s3,$s0,$s1); |
| 345 | &enclast(3,"ebp",$s3,$s0,$s1,$s2); | 358 | &enclast(3,"ebp",$s3,$s0,$s1,$s2); |
| 346 | 359 | ||
| 347 | &mov ("esp",&DWP(16,"esp")); # restore %esp | ||
| 348 | &add ($key,$small_footprint?16:160); | 360 | &add ($key,$small_footprint?16:160); |
| 349 | &xor ($s0,&DWP(0,$key)); | 361 | &xor ($s0,&DWP(0,$key)); |
| 350 | &xor ($s1,&DWP(4,$key)); | 362 | &xor ($s1,&DWP(4,$key)); |
| 351 | &xor ($s2,&DWP(8,$key)); | 363 | &xor ($s2,&DWP(8,$key)); |
| 352 | &xor ($s3,&DWP(12,$key)); | 364 | &xor ($s3,&DWP(12,$key)); |
| 353 | 365 | ||
| 354 | &mov ($acc,&wparam(1)); # load out | ||
| 355 | &mov (&DWP(0,$acc),$s0); # write output data | ||
| 356 | &mov (&DWP(4,$acc),$s1); | ||
| 357 | &mov (&DWP(8,$acc),$s2); | ||
| 358 | &mov (&DWP(12,$acc),$s3); | ||
| 359 | |||
| 360 | &pop ("edi"); | ||
| 361 | &pop ("esi"); | ||
| 362 | &pop ("ebx"); | ||
| 363 | &pop ("ebp"); | ||
| 364 | &ret (); | 366 | &ret (); |
| 365 | 367 | ||
| 366 | &set_label("AES_Te",64); # Yes! I keep it in the code segment! | 368 | &set_label("AES_Te",64); # Yes! I keep it in the code segment! |
| 367 | &data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6); | 369 | &_data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6); |
| 368 | &data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591); | 370 | &_data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591); |
| 369 | &data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56); | 371 | &_data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56); |
| 370 | &data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec); | 372 | &_data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec); |
| 371 | &data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa); | 373 | &_data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa); |
| 372 | &data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb); | 374 | &_data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb); |
| 373 | &data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45); | 375 | &_data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45); |
| 374 | &data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b); | 376 | &_data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b); |
| 375 | &data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c); | 377 | &_data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c); |
| 376 | &data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83); | 378 | &_data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83); |
| 377 | &data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9); | 379 | &_data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9); |
| 378 | &data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a); | 380 | &_data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a); |
| 379 | &data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d); | 381 | &_data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d); |
| 380 | &data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f); | 382 | &_data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f); |
| 381 | &data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df); | 383 | &_data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df); |
| 382 | &data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea); | 384 | &_data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea); |
| 383 | &data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34); | 385 | &_data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34); |
| 384 | &data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b); | 386 | &_data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b); |
| 385 | &data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d); | 387 | &_data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d); |
| 386 | &data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413); | 388 | &_data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413); |
| 387 | &data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1); | 389 | &_data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1); |
| 388 | &data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6); | 390 | &_data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6); |
| 389 | &data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972); | 391 | &_data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972); |
| 390 | &data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85); | 392 | &_data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85); |
| 391 | &data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed); | 393 | &_data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed); |
| 392 | &data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511); | 394 | &_data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511); |
| 393 | &data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe); | 395 | &_data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe); |
| 394 | &data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b); | 396 | &_data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b); |
| 395 | &data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05); | 397 | &_data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05); |
| 396 | &data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1); | 398 | &_data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1); |
| 397 | &data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142); | 399 | &_data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142); |
| 398 | &data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf); | 400 | &_data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf); |
| 399 | &data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3); | 401 | &_data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3); |
| 400 | &data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e); | 402 | &_data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e); |
| 401 | &data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a); | 403 | &_data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a); |
| 402 | &data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6); | 404 | &_data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6); |
| 403 | &data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3); | 405 | &_data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3); |
| 404 | &data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b); | 406 | &_data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b); |
| 405 | &data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428); | 407 | &_data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428); |
| 406 | &data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad); | 408 | &_data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad); |
| 407 | &data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14); | 409 | &_data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14); |
| 408 | &data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8); | 410 | &_data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8); |
| 409 | &data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4); | 411 | &_data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4); |
| 410 | &data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2); | 412 | &_data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2); |
| 411 | &data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda); | 413 | &_data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda); |
| 412 | &data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949); | 414 | &_data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949); |
| 413 | &data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf); | 415 | &_data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf); |
| 414 | &data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810); | 416 | &_data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810); |
| 415 | &data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c); | 417 | &_data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c); |
| 416 | &data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697); | 418 | &_data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697); |
| 417 | &data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e); | 419 | &_data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e); |
| 418 | &data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f); | 420 | &_data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f); |
| 419 | &data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc); | 421 | &_data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc); |
| 420 | &data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c); | 422 | &_data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c); |
| 421 | &data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969); | 423 | &_data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969); |
| 422 | &data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27); | 424 | &_data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27); |
| 423 | &data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122); | 425 | &_data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122); |
| 424 | &data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433); | 426 | &_data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433); |
| 425 | &data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9); | 427 | &_data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9); |
| 426 | &data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5); | 428 | &_data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5); |
| 427 | &data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a); | 429 | &_data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a); |
| 428 | &data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0); | 430 | &_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0); |
| 429 | &data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e); | 431 | &_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e); |
| 430 | &data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c); | 432 | &_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c); |
| 431 | #Te1: | ||
| 432 | &data_word(0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d); | ||
| 433 | &data_word(0xf2f2ff0d, 0x6b6bd6bd, 0x6f6fdeb1, 0xc5c59154); | ||
| 434 | &data_word(0x30306050, 0x01010203, 0x6767cea9, 0x2b2b567d); | ||
| 435 | &data_word(0xfefee719, 0xd7d7b562, 0xabab4de6, 0x7676ec9a); | ||
| 436 | &data_word(0xcaca8f45, 0x82821f9d, 0xc9c98940, 0x7d7dfa87); | ||
| 437 | &data_word(0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b); | ||
| 438 | &data_word(0xadad41ec, 0xd4d4b367, 0xa2a25ffd, 0xafaf45ea); | ||
| 439 | &data_word(0x9c9c23bf, 0xa4a453f7, 0x7272e496, 0xc0c09b5b); | ||
| 440 | &data_word(0xb7b775c2, 0xfdfde11c, 0x93933dae, 0x26264c6a); | ||
| 441 | &data_word(0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f); | ||
| 442 | &data_word(0x3434685c, 0xa5a551f4, 0xe5e5d134, 0xf1f1f908); | ||
| 443 | &data_word(0x7171e293, 0xd8d8ab73, 0x31316253, 0x15152a3f); | ||
| 444 | &data_word(0x0404080c, 0xc7c79552, 0x23234665, 0xc3c39d5e); | ||
| 445 | &data_word(0x18183028, 0x969637a1, 0x05050a0f, 0x9a9a2fb5); | ||
| 446 | &data_word(0x07070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d); | ||
| 447 | &data_word(0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f); | ||
| 448 | &data_word(0x0909121b, 0x83831d9e, 0x2c2c5874, 0x1a1a342e); | ||
| 449 | &data_word(0x1b1b362d, 0x6e6edcb2, 0x5a5ab4ee, 0xa0a05bfb); | ||
| 450 | &data_word(0x5252a4f6, 0x3b3b764d, 0xd6d6b761, 0xb3b37dce); | ||
| 451 | &data_word(0x2929527b, 0xe3e3dd3e, 0x2f2f5e71, 0x84841397); | ||
| 452 | &data_word(0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c); | ||
| 453 | &data_word(0x20204060, 0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed); | ||
| 454 | &data_word(0x6a6ad4be, 0xcbcb8d46, 0xbebe67d9, 0x3939724b); | ||
| 455 | &data_word(0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, 0xcfcf854a); | ||
| 456 | &data_word(0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16); | ||
| 457 | &data_word(0x434386c5, 0x4d4d9ad7, 0x33336655, 0x85851194); | ||
| 458 | &data_word(0x45458acf, 0xf9f9e910, 0x02020406, 0x7f7ffe81); | ||
| 459 | &data_word(0x5050a0f0, 0x3c3c7844, 0x9f9f25ba, 0xa8a84be3); | ||
| 460 | &data_word(0x5151a2f3, 0xa3a35dfe, 0x404080c0, 0x8f8f058a); | ||
| 461 | &data_word(0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104); | ||
| 462 | &data_word(0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263); | ||
| 463 | &data_word(0x10102030, 0xffffe51a, 0xf3f3fd0e, 0xd2d2bf6d); | ||
| 464 | &data_word(0xcdcd814c, 0x0c0c1814, 0x13132635, 0xececc32f); | ||
| 465 | &data_word(0x5f5fbee1, 0x979735a2, 0x444488cc, 0x17172e39); | ||
| 466 | &data_word(0xc4c49357, 0xa7a755f2, 0x7e7efc82, 0x3d3d7a47); | ||
| 467 | &data_word(0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695); | ||
| 468 | &data_word(0x6060c0a0, 0x81811998, 0x4f4f9ed1, 0xdcdca37f); | ||
| 469 | &data_word(0x22224466, 0x2a2a547e, 0x90903bab, 0x88880b83); | ||
| 470 | &data_word(0x46468cca, 0xeeeec729, 0xb8b86bd3, 0x1414283c); | ||
| 471 | &data_word(0xdedea779, 0x5e5ebce2, 0x0b0b161d, 0xdbdbad76); | ||
| 472 | &data_word(0xe0e0db3b, 0x32326456, 0x3a3a744e, 0x0a0a141e); | ||
| 473 | &data_word(0x494992db, 0x06060c0a, 0x2424486c, 0x5c5cb8e4); | ||
| 474 | &data_word(0xc2c29f5d, 0xd3d3bd6e, 0xacac43ef, 0x6262c4a6); | ||
| 475 | &data_word(0x919139a8, 0x959531a4, 0xe4e4d337, 0x7979f28b); | ||
| 476 | &data_word(0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7); | ||
| 477 | &data_word(0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0); | ||
| 478 | &data_word(0x6c6cd8b4, 0x5656acfa, 0xf4f4f307, 0xeaeacf25); | ||
| 479 | &data_word(0x6565caaf, 0x7a7af48e, 0xaeae47e9, 0x08081018); | ||
| 480 | &data_word(0xbaba6fd5, 0x7878f088, 0x25254a6f, 0x2e2e5c72); | ||
| 481 | &data_word(0x1c1c3824, 0xa6a657f1, 0xb4b473c7, 0xc6c69751); | ||
| 482 | &data_word(0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21); | ||
| 483 | &data_word(0x4b4b96dd, 0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85); | ||
| 484 | &data_word(0x7070e090, 0x3e3e7c42, 0xb5b571c4, 0x6666ccaa); | ||
| 485 | &data_word(0x484890d8, 0x03030605, 0xf6f6f701, 0x0e0e1c12); | ||
| 486 | &data_word(0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0); | ||
| 487 | &data_word(0x86861791, 0xc1c19958, 0x1d1d3a27, 0x9e9e27b9); | ||
| 488 | &data_word(0xe1e1d938, 0xf8f8eb13, 0x98982bb3, 0x11112233); | ||
| 489 | &data_word(0x6969d2bb, 0xd9d9a970, 0x8e8e0789, 0x949433a7); | ||
| 490 | &data_word(0x9b9b2db6, 0x1e1e3c22, 0x87871592, 0xe9e9c920); | ||
| 491 | &data_word(0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a); | ||
| 492 | &data_word(0x8c8c038f, 0xa1a159f8, 0x89890980, 0x0d0d1a17); | ||
| 493 | &data_word(0xbfbf65da, 0xe6e6d731, 0x424284c6, 0x6868d0b8); | ||
| 494 | &data_word(0x414182c3, 0x999929b0, 0x2d2d5a77, 0x0f0f1e11); | ||
| 495 | &data_word(0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 0x16162c3a); | ||
| 496 | #Te2: | ||
| 497 | &data_word(0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b); | ||
| 498 | &data_word(0xf2ff0df2, 0x6bd6bd6b, 0x6fdeb16f, 0xc59154c5); | ||
| 499 | &data_word(0x30605030, 0x01020301, 0x67cea967, 0x2b567d2b); | ||
| 500 | &data_word(0xfee719fe, 0xd7b562d7, 0xab4de6ab, 0x76ec9a76); | ||
| 501 | &data_word(0xca8f45ca, 0x821f9d82, 0xc98940c9, 0x7dfa877d); | ||
| 502 | &data_word(0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0); | ||
| 503 | &data_word(0xad41ecad, 0xd4b367d4, 0xa25ffda2, 0xaf45eaaf); | ||
| 504 | &data_word(0x9c23bf9c, 0xa453f7a4, 0x72e49672, 0xc09b5bc0); | ||
| 505 | &data_word(0xb775c2b7, 0xfde11cfd, 0x933dae93, 0x264c6a26); | ||
| 506 | &data_word(0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc); | ||
| 507 | &data_word(0x34685c34, 0xa551f4a5, 0xe5d134e5, 0xf1f908f1); | ||
| 508 | &data_word(0x71e29371, 0xd8ab73d8, 0x31625331, 0x152a3f15); | ||
| 509 | &data_word(0x04080c04, 0xc79552c7, 0x23466523, 0xc39d5ec3); | ||
| 510 | &data_word(0x18302818, 0x9637a196, 0x050a0f05, 0x9a2fb59a); | ||
| 511 | &data_word(0x070e0907, 0x12243612, 0x801b9b80, 0xe2df3de2); | ||
| 512 | &data_word(0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75); | ||
| 513 | &data_word(0x09121b09, 0x831d9e83, 0x2c58742c, 0x1a342e1a); | ||
| 514 | &data_word(0x1b362d1b, 0x6edcb26e, 0x5ab4ee5a, 0xa05bfba0); | ||
| 515 | &data_word(0x52a4f652, 0x3b764d3b, 0xd6b761d6, 0xb37dceb3); | ||
| 516 | &data_word(0x29527b29, 0xe3dd3ee3, 0x2f5e712f, 0x84139784); | ||
| 517 | &data_word(0x53a6f553, 0xd1b968d1, 0x00000000, 0xedc12ced); | ||
| 518 | &data_word(0x20406020, 0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b); | ||
| 519 | &data_word(0x6ad4be6a, 0xcb8d46cb, 0xbe67d9be, 0x39724b39); | ||
| 520 | &data_word(0x4a94de4a, 0x4c98d44c, 0x58b0e858, 0xcf854acf); | ||
| 521 | &data_word(0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb); | ||
| 522 | &data_word(0x4386c543, 0x4d9ad74d, 0x33665533, 0x85119485); | ||
| 523 | &data_word(0x458acf45, 0xf9e910f9, 0x02040602, 0x7ffe817f); | ||
| 524 | &data_word(0x50a0f050, 0x3c78443c, 0x9f25ba9f, 0xa84be3a8); | ||
| 525 | &data_word(0x51a2f351, 0xa35dfea3, 0x4080c040, 0x8f058a8f); | ||
| 526 | &data_word(0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5); | ||
| 527 | &data_word(0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321); | ||
| 528 | &data_word(0x10203010, 0xffe51aff, 0xf3fd0ef3, 0xd2bf6dd2); | ||
| 529 | &data_word(0xcd814ccd, 0x0c18140c, 0x13263513, 0xecc32fec); | ||
| 530 | &data_word(0x5fbee15f, 0x9735a297, 0x4488cc44, 0x172e3917); | ||
| 531 | &data_word(0xc49357c4, 0xa755f2a7, 0x7efc827e, 0x3d7a473d); | ||
| 532 | &data_word(0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573); | ||
| 533 | &data_word(0x60c0a060, 0x81199881, 0x4f9ed14f, 0xdca37fdc); | ||
| 534 | &data_word(0x22446622, 0x2a547e2a, 0x903bab90, 0x880b8388); | ||
| 535 | &data_word(0x468cca46, 0xeec729ee, 0xb86bd3b8, 0x14283c14); | ||
| 536 | &data_word(0xdea779de, 0x5ebce25e, 0x0b161d0b, 0xdbad76db); | ||
| 537 | &data_word(0xe0db3be0, 0x32645632, 0x3a744e3a, 0x0a141e0a); | ||
| 538 | &data_word(0x4992db49, 0x060c0a06, 0x24486c24, 0x5cb8e45c); | ||
| 539 | &data_word(0xc29f5dc2, 0xd3bd6ed3, 0xac43efac, 0x62c4a662); | ||
| 540 | &data_word(0x9139a891, 0x9531a495, 0xe4d337e4, 0x79f28b79); | ||
| 541 | &data_word(0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d); | ||
| 542 | &data_word(0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9); | ||
| 543 | &data_word(0x6cd8b46c, 0x56acfa56, 0xf4f307f4, 0xeacf25ea); | ||
| 544 | &data_word(0x65caaf65, 0x7af48e7a, 0xae47e9ae, 0x08101808); | ||
| 545 | &data_word(0xba6fd5ba, 0x78f08878, 0x254a6f25, 0x2e5c722e); | ||
| 546 | &data_word(0x1c38241c, 0xa657f1a6, 0xb473c7b4, 0xc69751c6); | ||
| 547 | &data_word(0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f); | ||
| 548 | &data_word(0x4b96dd4b, 0xbd61dcbd, 0x8b0d868b, 0x8a0f858a); | ||
| 549 | &data_word(0x70e09070, 0x3e7c423e, 0xb571c4b5, 0x66ccaa66); | ||
| 550 | &data_word(0x4890d848, 0x03060503, 0xf6f701f6, 0x0e1c120e); | ||
| 551 | &data_word(0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9); | ||
| 552 | &data_word(0x86179186, 0xc19958c1, 0x1d3a271d, 0x9e27b99e); | ||
| 553 | &data_word(0xe1d938e1, 0xf8eb13f8, 0x982bb398, 0x11223311); | ||
| 554 | &data_word(0x69d2bb69, 0xd9a970d9, 0x8e07898e, 0x9433a794); | ||
| 555 | &data_word(0x9b2db69b, 0x1e3c221e, 0x87159287, 0xe9c920e9); | ||
| 556 | &data_word(0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf); | ||
| 557 | &data_word(0x8c038f8c, 0xa159f8a1, 0x89098089, 0x0d1a170d); | ||
| 558 | &data_word(0xbf65dabf, 0xe6d731e6, 0x4284c642, 0x68d0b868); | ||
| 559 | &data_word(0x4182c341, 0x9929b099, 0x2d5a772d, 0x0f1e110f); | ||
| 560 | &data_word(0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 0x162c3a16); | ||
| 561 | #Te3: | ||
| 562 | &data_word(0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b); | ||
| 563 | &data_word(0xff0df2f2, 0xd6bd6b6b, 0xdeb16f6f, 0x9154c5c5); | ||
| 564 | &data_word(0x60503030, 0x02030101, 0xcea96767, 0x567d2b2b); | ||
| 565 | &data_word(0xe719fefe, 0xb562d7d7, 0x4de6abab, 0xec9a7676); | ||
| 566 | &data_word(0x8f45caca, 0x1f9d8282, 0x8940c9c9, 0xfa877d7d); | ||
| 567 | &data_word(0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0); | ||
| 568 | &data_word(0x41ecadad, 0xb367d4d4, 0x5ffda2a2, 0x45eaafaf); | ||
| 569 | &data_word(0x23bf9c9c, 0x53f7a4a4, 0xe4967272, 0x9b5bc0c0); | ||
| 570 | &data_word(0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, 0x4c6a2626); | ||
| 571 | &data_word(0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc); | ||
| 572 | &data_word(0x685c3434, 0x51f4a5a5, 0xd134e5e5, 0xf908f1f1); | ||
| 573 | &data_word(0xe2937171, 0xab73d8d8, 0x62533131, 0x2a3f1515); | ||
| 574 | &data_word(0x080c0404, 0x9552c7c7, 0x46652323, 0x9d5ec3c3); | ||
| 575 | &data_word(0x30281818, 0x37a19696, 0x0a0f0505, 0x2fb59a9a); | ||
| 576 | &data_word(0x0e090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2); | ||
| 577 | &data_word(0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575); | ||
| 578 | &data_word(0x121b0909, 0x1d9e8383, 0x58742c2c, 0x342e1a1a); | ||
| 579 | &data_word(0x362d1b1b, 0xdcb26e6e, 0xb4ee5a5a, 0x5bfba0a0); | ||
| 580 | &data_word(0xa4f65252, 0x764d3b3b, 0xb761d6d6, 0x7dceb3b3); | ||
| 581 | &data_word(0x527b2929, 0xdd3ee3e3, 0x5e712f2f, 0x13978484); | ||
| 582 | &data_word(0xa6f55353, 0xb968d1d1, 0x00000000, 0xc12ceded); | ||
| 583 | &data_word(0x40602020, 0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b); | ||
| 584 | &data_word(0xd4be6a6a, 0x8d46cbcb, 0x67d9bebe, 0x724b3939); | ||
| 585 | &data_word(0x94de4a4a, 0x98d44c4c, 0xb0e85858, 0x854acfcf); | ||
| 586 | &data_word(0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb); | ||
| 587 | &data_word(0x86c54343, 0x9ad74d4d, 0x66553333, 0x11948585); | ||
| 588 | &data_word(0x8acf4545, 0xe910f9f9, 0x04060202, 0xfe817f7f); | ||
| 589 | &data_word(0xa0f05050, 0x78443c3c, 0x25ba9f9f, 0x4be3a8a8); | ||
| 590 | &data_word(0xa2f35151, 0x5dfea3a3, 0x80c04040, 0x058a8f8f); | ||
| 591 | &data_word(0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5); | ||
| 592 | &data_word(0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121); | ||
| 593 | &data_word(0x20301010, 0xe51affff, 0xfd0ef3f3, 0xbf6dd2d2); | ||
| 594 | &data_word(0x814ccdcd, 0x18140c0c, 0x26351313, 0xc32fecec); | ||
| 595 | &data_word(0xbee15f5f, 0x35a29797, 0x88cc4444, 0x2e391717); | ||
| 596 | &data_word(0x9357c4c4, 0x55f2a7a7, 0xfc827e7e, 0x7a473d3d); | ||
| 597 | &data_word(0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373); | ||
| 598 | &data_word(0xc0a06060, 0x19988181, 0x9ed14f4f, 0xa37fdcdc); | ||
| 599 | &data_word(0x44662222, 0x547e2a2a, 0x3bab9090, 0x0b838888); | ||
| 600 | &data_word(0x8cca4646, 0xc729eeee, 0x6bd3b8b8, 0x283c1414); | ||
| 601 | &data_word(0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb); | ||
| 602 | &data_word(0xdb3be0e0, 0x64563232, 0x744e3a3a, 0x141e0a0a); | ||
| 603 | &data_word(0x92db4949, 0x0c0a0606, 0x486c2424, 0xb8e45c5c); | ||
| 604 | &data_word(0x9f5dc2c2, 0xbd6ed3d3, 0x43efacac, 0xc4a66262); | ||
| 605 | &data_word(0x39a89191, 0x31a49595, 0xd337e4e4, 0xf28b7979); | ||
| 606 | &data_word(0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d); | ||
| 607 | &data_word(0x018c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9); | ||
| 608 | &data_word(0xd8b46c6c, 0xacfa5656, 0xf307f4f4, 0xcf25eaea); | ||
| 609 | &data_word(0xcaaf6565, 0xf48e7a7a, 0x47e9aeae, 0x10180808); | ||
| 610 | &data_word(0x6fd5baba, 0xf0887878, 0x4a6f2525, 0x5c722e2e); | ||
| 611 | &data_word(0x38241c1c, 0x57f1a6a6, 0x73c7b4b4, 0x9751c6c6); | ||
| 612 | &data_word(0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f); | ||
| 613 | &data_word(0x96dd4b4b, 0x61dcbdbd, 0x0d868b8b, 0x0f858a8a); | ||
| 614 | &data_word(0xe0907070, 0x7c423e3e, 0x71c4b5b5, 0xccaa6666); | ||
| 615 | &data_word(0x90d84848, 0x06050303, 0xf701f6f6, 0x1c120e0e); | ||
| 616 | &data_word(0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9); | ||
| 617 | &data_word(0x17918686, 0x9958c1c1, 0x3a271d1d, 0x27b99e9e); | ||
| 618 | &data_word(0xd938e1e1, 0xeb13f8f8, 0x2bb39898, 0x22331111); | ||
| 619 | &data_word(0xd2bb6969, 0xa970d9d9, 0x07898e8e, 0x33a79494); | ||
| 620 | &data_word(0x2db69b9b, 0x3c221e1e, 0x15928787, 0xc920e9e9); | ||
| 621 | &data_word(0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf); | ||
| 622 | &data_word(0x038f8c8c, 0x59f8a1a1, 0x09808989, 0x1a170d0d); | ||
| 623 | &data_word(0x65dabfbf, 0xd731e6e6, 0x84c64242, 0xd0b86868); | ||
| 624 | &data_word(0x82c34141, 0x29b09999, 0x5a772d2d, 0x1e110f0f); | ||
| 625 | &data_word(0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 0x2c3a1616); | ||
| 626 | #Te4: | ||
| 627 | &data_word(0x63636363, 0x7c7c7c7c, 0x77777777, 0x7b7b7b7b); | ||
| 628 | &data_word(0xf2f2f2f2, 0x6b6b6b6b, 0x6f6f6f6f, 0xc5c5c5c5); | ||
| 629 | &data_word(0x30303030, 0x01010101, 0x67676767, 0x2b2b2b2b); | ||
| 630 | &data_word(0xfefefefe, 0xd7d7d7d7, 0xabababab, 0x76767676); | ||
| 631 | &data_word(0xcacacaca, 0x82828282, 0xc9c9c9c9, 0x7d7d7d7d); | ||
| 632 | &data_word(0xfafafafa, 0x59595959, 0x47474747, 0xf0f0f0f0); | ||
| 633 | &data_word(0xadadadad, 0xd4d4d4d4, 0xa2a2a2a2, 0xafafafaf); | ||
| 634 | &data_word(0x9c9c9c9c, 0xa4a4a4a4, 0x72727272, 0xc0c0c0c0); | ||
| 635 | &data_word(0xb7b7b7b7, 0xfdfdfdfd, 0x93939393, 0x26262626); | ||
| 636 | &data_word(0x36363636, 0x3f3f3f3f, 0xf7f7f7f7, 0xcccccccc); | ||
| 637 | &data_word(0x34343434, 0xa5a5a5a5, 0xe5e5e5e5, 0xf1f1f1f1); | ||
| 638 | &data_word(0x71717171, 0xd8d8d8d8, 0x31313131, 0x15151515); | ||
| 639 | &data_word(0x04040404, 0xc7c7c7c7, 0x23232323, 0xc3c3c3c3); | ||
| 640 | &data_word(0x18181818, 0x96969696, 0x05050505, 0x9a9a9a9a); | ||
| 641 | &data_word(0x07070707, 0x12121212, 0x80808080, 0xe2e2e2e2); | ||
| 642 | &data_word(0xebebebeb, 0x27272727, 0xb2b2b2b2, 0x75757575); | ||
| 643 | &data_word(0x09090909, 0x83838383, 0x2c2c2c2c, 0x1a1a1a1a); | ||
| 644 | &data_word(0x1b1b1b1b, 0x6e6e6e6e, 0x5a5a5a5a, 0xa0a0a0a0); | ||
| 645 | &data_word(0x52525252, 0x3b3b3b3b, 0xd6d6d6d6, 0xb3b3b3b3); | ||
| 646 | &data_word(0x29292929, 0xe3e3e3e3, 0x2f2f2f2f, 0x84848484); | ||
| 647 | &data_word(0x53535353, 0xd1d1d1d1, 0x00000000, 0xedededed); | ||
| 648 | &data_word(0x20202020, 0xfcfcfcfc, 0xb1b1b1b1, 0x5b5b5b5b); | ||
| 649 | &data_word(0x6a6a6a6a, 0xcbcbcbcb, 0xbebebebe, 0x39393939); | ||
| 650 | &data_word(0x4a4a4a4a, 0x4c4c4c4c, 0x58585858, 0xcfcfcfcf); | ||
| 651 | &data_word(0xd0d0d0d0, 0xefefefef, 0xaaaaaaaa, 0xfbfbfbfb); | ||
| 652 | &data_word(0x43434343, 0x4d4d4d4d, 0x33333333, 0x85858585); | ||
| 653 | &data_word(0x45454545, 0xf9f9f9f9, 0x02020202, 0x7f7f7f7f); | ||
| 654 | &data_word(0x50505050, 0x3c3c3c3c, 0x9f9f9f9f, 0xa8a8a8a8); | ||
| 655 | &data_word(0x51515151, 0xa3a3a3a3, 0x40404040, 0x8f8f8f8f); | ||
| 656 | &data_word(0x92929292, 0x9d9d9d9d, 0x38383838, 0xf5f5f5f5); | ||
| 657 | &data_word(0xbcbcbcbc, 0xb6b6b6b6, 0xdadadada, 0x21212121); | ||
| 658 | &data_word(0x10101010, 0xffffffff, 0xf3f3f3f3, 0xd2d2d2d2); | ||
| 659 | &data_word(0xcdcdcdcd, 0x0c0c0c0c, 0x13131313, 0xecececec); | ||
| 660 | &data_word(0x5f5f5f5f, 0x97979797, 0x44444444, 0x17171717); | ||
| 661 | &data_word(0xc4c4c4c4, 0xa7a7a7a7, 0x7e7e7e7e, 0x3d3d3d3d); | ||
| 662 | &data_word(0x64646464, 0x5d5d5d5d, 0x19191919, 0x73737373); | ||
| 663 | &data_word(0x60606060, 0x81818181, 0x4f4f4f4f, 0xdcdcdcdc); | ||
| 664 | &data_word(0x22222222, 0x2a2a2a2a, 0x90909090, 0x88888888); | ||
| 665 | &data_word(0x46464646, 0xeeeeeeee, 0xb8b8b8b8, 0x14141414); | ||
| 666 | &data_word(0xdededede, 0x5e5e5e5e, 0x0b0b0b0b, 0xdbdbdbdb); | ||
| 667 | &data_word(0xe0e0e0e0, 0x32323232, 0x3a3a3a3a, 0x0a0a0a0a); | ||
| 668 | &data_word(0x49494949, 0x06060606, 0x24242424, 0x5c5c5c5c); | ||
| 669 | &data_word(0xc2c2c2c2, 0xd3d3d3d3, 0xacacacac, 0x62626262); | ||
| 670 | &data_word(0x91919191, 0x95959595, 0xe4e4e4e4, 0x79797979); | ||
| 671 | &data_word(0xe7e7e7e7, 0xc8c8c8c8, 0x37373737, 0x6d6d6d6d); | ||
| 672 | &data_word(0x8d8d8d8d, 0xd5d5d5d5, 0x4e4e4e4e, 0xa9a9a9a9); | ||
| 673 | &data_word(0x6c6c6c6c, 0x56565656, 0xf4f4f4f4, 0xeaeaeaea); | ||
| 674 | &data_word(0x65656565, 0x7a7a7a7a, 0xaeaeaeae, 0x08080808); | ||
| 675 | &data_word(0xbabababa, 0x78787878, 0x25252525, 0x2e2e2e2e); | ||
| 676 | &data_word(0x1c1c1c1c, 0xa6a6a6a6, 0xb4b4b4b4, 0xc6c6c6c6); | ||
| 677 | &data_word(0xe8e8e8e8, 0xdddddddd, 0x74747474, 0x1f1f1f1f); | ||
| 678 | &data_word(0x4b4b4b4b, 0xbdbdbdbd, 0x8b8b8b8b, 0x8a8a8a8a); | ||
| 679 | &data_word(0x70707070, 0x3e3e3e3e, 0xb5b5b5b5, 0x66666666); | ||
| 680 | &data_word(0x48484848, 0x03030303, 0xf6f6f6f6, 0x0e0e0e0e); | ||
| 681 | &data_word(0x61616161, 0x35353535, 0x57575757, 0xb9b9b9b9); | ||
| 682 | &data_word(0x86868686, 0xc1c1c1c1, 0x1d1d1d1d, 0x9e9e9e9e); | ||
| 683 | &data_word(0xe1e1e1e1, 0xf8f8f8f8, 0x98989898, 0x11111111); | ||
| 684 | &data_word(0x69696969, 0xd9d9d9d9, 0x8e8e8e8e, 0x94949494); | ||
| 685 | &data_word(0x9b9b9b9b, 0x1e1e1e1e, 0x87878787, 0xe9e9e9e9); | ||
| 686 | &data_word(0xcececece, 0x55555555, 0x28282828, 0xdfdfdfdf); | ||
| 687 | &data_word(0x8c8c8c8c, 0xa1a1a1a1, 0x89898989, 0x0d0d0d0d); | ||
| 688 | &data_word(0xbfbfbfbf, 0xe6e6e6e6, 0x42424242, 0x68686868); | ||
| 689 | &data_word(0x41414141, 0x99999999, 0x2d2d2d2d, 0x0f0f0f0f); | ||
| 690 | &data_word(0xb0b0b0b0, 0x54545454, 0xbbbbbbbb, 0x16161616); | ||
| 691 | #rcon: | 433 | #rcon: |
| 692 | &data_word(0x00000001, 0x00000002, 0x00000004, 0x00000008); | 434 | &data_word(0x00000001, 0x00000002, 0x00000004, 0x00000008); |
| 693 | &data_word(0x00000010, 0x00000020, 0x00000040, 0x00000080); | 435 | &data_word(0x00000010, 0x00000020, 0x00000040, 0x00000080); |
| 694 | &data_word(0x0000001b, 0x00000036); | 436 | &data_word(0x0000001b, 0x00000036, 0, 0, 0, 0, 0, 0); |
| 695 | &function_end_B("AES_encrypt"); | 437 | &function_end_B("_x86_AES_encrypt"); |
| 696 | 438 | ||
| 697 | #------------------------------------------------------------------# | 439 | # void AES_encrypt (const void *inp,void *out,const AES_KEY *key); |
| 440 | &public_label("AES_Te"); | ||
| 441 | &function_begin("AES_encrypt"); | ||
| 442 | &mov ($acc,&wparam(0)); # load inp | ||
| 443 | &mov ($key,&wparam(2)); # load key | ||
| 698 | 444 | ||
| 699 | $s0="eax"; | 445 | &mov ($s0,"esp"); |
| 700 | $s1="ebx"; | 446 | &sub ("esp",24); |
| 701 | $s2="ecx"; | 447 | &and ("esp",-64); |
| 702 | $s3="edx"; | 448 | &add ("esp",4); |
| 703 | $key="edi"; | 449 | &mov (&DWP(16,"esp"),$s0); |
| 704 | $acc="esi"; | 450 | |
| 451 | &call (&label("pic_point")); # make it PIC! | ||
| 452 | &set_label("pic_point"); | ||
| 453 | &blindpop("ebp"); | ||
| 454 | &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); | ||
| 455 | |||
| 456 | &mov ($s0,&DWP(0,$acc)); # load input data | ||
| 457 | &mov ($s1,&DWP(4,$acc)); | ||
| 458 | &mov ($s2,&DWP(8,$acc)); | ||
| 459 | &mov ($s3,&DWP(12,$acc)); | ||
| 460 | |||
| 461 | &call ("_x86_AES_encrypt"); | ||
| 462 | |||
| 463 | &mov ("esp",&DWP(16,"esp")); | ||
| 464 | |||
| 465 | &mov ($acc,&wparam(1)); # load out | ||
| 466 | &mov (&DWP(0,$acc),$s0); # write output data | ||
| 467 | &mov (&DWP(4,$acc),$s1); | ||
| 468 | &mov (&DWP(8,$acc),$s2); | ||
| 469 | &mov (&DWP(12,$acc),$s3); | ||
| 470 | &function_end("AES_encrypt"); | ||
| 471 | |||
| 472 | #------------------------------------------------------------------# | ||
| 705 | 473 | ||
| 706 | sub decstep() | 474 | sub decstep() |
| 707 | { my ($i,$td,@s) = @_; | 475 | { my ($i,$td,@s) = @_; |
| @@ -715,24 +483,24 @@ sub decstep() | |||
| 715 | if($i==3) { &mov ($key,&DWP(12,"esp")); } | 483 | if($i==3) { &mov ($key,&DWP(12,"esp")); } |
| 716 | else { &mov ($out,$s[0]); } | 484 | else { &mov ($out,$s[0]); } |
| 717 | &and ($out,0xFF); | 485 | &and ($out,0xFF); |
| 718 | &mov ($out,&DWP(1024*0,$td,$out,4)); | 486 | &mov ($out,&DWP(0,$td,$out,8)); |
| 719 | 487 | ||
| 720 | if ($i==3) { $tmp=$s[1]; } | 488 | if ($i==3) { $tmp=$s[1]; } |
| 721 | &movz ($tmp,&HB($s[1])); | 489 | &movz ($tmp,&HB($s[1])); |
| 722 | &xor ($out,&DWP(1024*1,$td,$tmp,4)); | 490 | &xor ($out,&DWP(3,$td,$tmp,8)); |
| 723 | 491 | ||
| 724 | if ($i==3) { $tmp=$s[2]; &mov ($s[1],$acc); } | 492 | if ($i==3) { $tmp=$s[2]; &mov ($s[1],$acc); } |
| 725 | else { &mov ($tmp,$s[2]); } | 493 | else { &mov ($tmp,$s[2]); } |
| 726 | &shr ($tmp,16); | 494 | &shr ($tmp,16); |
| 727 | &and ($tmp,0xFF); | 495 | &and ($tmp,0xFF); |
| 728 | &xor ($out,&DWP(1024*2,$td,$tmp,4)); | 496 | &xor ($out,&DWP(2,$td,$tmp,8)); |
| 729 | 497 | ||
| 730 | if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(4,"esp")); } | 498 | if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); } |
| 731 | else { &mov ($tmp,$s[3]); } | 499 | else { &mov ($tmp,$s[3]); } |
| 732 | &shr ($tmp,24); | 500 | &shr ($tmp,24); |
| 733 | &xor ($out,&DWP(1024*3,$td,$tmp,4)); | 501 | &xor ($out,&DWP(1,$td,$tmp,8)); |
| 734 | if ($i<2) { &mov (&DWP(4*$i,"esp"),$out); } | 502 | if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } |
| 735 | if ($i==3) { &mov ($s[3],&DWP(0,"esp")); } | 503 | if ($i==3) { &mov ($s[3],&DWP(4,"esp")); } |
| 736 | &comment(); | 504 | &comment(); |
| 737 | } | 505 | } |
| 738 | 506 | ||
| @@ -744,58 +512,38 @@ sub declast() | |||
| 744 | if($i==3) { &mov ($key,&DWP(12,"esp")); } | 512 | if($i==3) { &mov ($key,&DWP(12,"esp")); } |
| 745 | else { &mov ($out,$s[0]); } | 513 | else { &mov ($out,$s[0]); } |
| 746 | &and ($out,0xFF); | 514 | &and ($out,0xFF); |
| 747 | &mov ($out,&DWP(0,$td,$out,4)); | 515 | &movz ($out,&BP(2048,$td,$out,1)); |
| 748 | &and ($out,0x000000ff); | ||
| 749 | 516 | ||
| 750 | if ($i==3) { $tmp=$s[1]; } | 517 | if ($i==3) { $tmp=$s[1]; } |
| 751 | &movz ($tmp,&HB($s[1])); | 518 | &movz ($tmp,&HB($s[1])); |
| 752 | &mov ($tmp,&DWP(0,$td,$tmp,4)); | 519 | &movz ($tmp,&BP(2048,$td,$tmp,1)); |
| 753 | &and ($tmp,0x0000ff00); | 520 | &shl ($tmp,8); |
| 754 | &xor ($out,$tmp); | 521 | &xor ($out,$tmp); |
| 755 | 522 | ||
| 756 | if ($i==3) { $tmp=$s[2]; &mov ($s[1],$acc); } | 523 | if ($i==3) { $tmp=$s[2]; &mov ($s[1],$acc); } |
| 757 | else { mov ($tmp,$s[2]); } | 524 | else { mov ($tmp,$s[2]); } |
| 758 | &shr ($tmp,16); | 525 | &shr ($tmp,16); |
| 759 | &and ($tmp,0xFF); | 526 | &and ($tmp,0xFF); |
| 760 | &mov ($tmp,&DWP(0,$td,$tmp,4)); | 527 | &movz ($tmp,&BP(2048,$td,$tmp,1)); |
| 761 | &and ($tmp,0x00ff0000); | 528 | &shl ($tmp,16); |
| 762 | &xor ($out,$tmp); | 529 | &xor ($out,$tmp); |
| 763 | 530 | ||
| 764 | if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(4,"esp")); } | 531 | if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); } |
| 765 | else { &mov ($tmp,$s[3]); } | 532 | else { &mov ($tmp,$s[3]); } |
| 766 | &shr ($tmp,24); | 533 | &shr ($tmp,24); |
| 767 | &mov ($tmp,&DWP(0,$td,$tmp,4)); | 534 | &movz ($tmp,&BP(2048,$td,$tmp,1)); |
| 768 | &and ($tmp,0xff000000); | 535 | &shl ($tmp,24); |
| 769 | &xor ($out,$tmp); | 536 | &xor ($out,$tmp); |
| 770 | if ($i<2) { &mov (&DWP(4*$i,"esp"),$out); } | 537 | if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } |
| 771 | if ($i==3) { &mov ($s[3],&DWP(0,"esp")); } | 538 | if ($i==3) { &mov ($s[3],&DWP(4,"esp")); } |
| 772 | } | 539 | } |
| 773 | 540 | ||
| 774 | # void AES_decrypt (const void *inp,void *out,const AES_KEY *key); | ||
| 775 | &public_label("AES_Td"); | 541 | &public_label("AES_Td"); |
| 776 | &function_begin("AES_decrypt"); | 542 | &function_begin_B("_x86_AES_decrypt"); |
| 777 | &mov ($acc,&wparam(0)); # load inp | 543 | # note that caller is expected to allocate stack frame for me! |
| 778 | &mov ($key,&wparam(2)); # load key | ||
| 779 | |||
| 780 | &call (&label("pic_point")); # make it PIC! | ||
| 781 | &set_label("pic_point"); | ||
| 782 | &blindpop("ebp"); | ||
| 783 | &lea ("ebp",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp")); | ||
| 784 | |||
| 785 | # allocate aligned stack frame | ||
| 786 | &mov ($s0,"esp"); | ||
| 787 | &sub ("esp",20); | ||
| 788 | &and ("esp",-16); | ||
| 789 | |||
| 790 | &mov (&DWP(12,"esp"),$key); # save key | 544 | &mov (&DWP(12,"esp"),$key); # save key |
| 791 | &mov (&DWP(16,"esp"),$s0); # save %esp | ||
| 792 | |||
| 793 | &mov ($s0,&DWP(0,$acc)); # load input data | ||
| 794 | &mov ($s1,&DWP(4,$acc)); | ||
| 795 | &mov ($s2,&DWP(8,$acc)); | ||
| 796 | &mov ($s3,&DWP(12,$acc)); | ||
| 797 | 545 | ||
| 798 | &xor ($s0,&DWP(0,$key)); | 546 | &xor ($s0,&DWP(0,$key)); # xor with key |
| 799 | &xor ($s1,&DWP(4,$key)); | 547 | &xor ($s1,&DWP(4,$key)); |
| 800 | &xor ($s2,&DWP(8,$key)); | 548 | &xor ($s2,&DWP(8,$key)); |
| 801 | &xor ($s3,&DWP(12,$key)); | 549 | &xor ($s3,&DWP(12,$key)); |
| @@ -805,19 +553,19 @@ sub declast() | |||
| 805 | if ($small_footprint) { | 553 | if ($small_footprint) { |
| 806 | &lea ($acc,&DWP(-2,$acc,$acc)); | 554 | &lea ($acc,&DWP(-2,$acc,$acc)); |
| 807 | &lea ($acc,&DWP(0,$key,$acc,8)); | 555 | &lea ($acc,&DWP(0,$key,$acc,8)); |
| 808 | &mov (&DWP(8,"esp"),$acc); # end of key schedule | 556 | &mov (&DWP(16,"esp"),$acc); # end of key schedule |
| 809 | &align (4); | 557 | &align (4); |
| 810 | &set_label("loop"); | 558 | &set_label("loop"); |
| 811 | &decstep(0,"ebp",$s0,$s3,$s2,$s1); | 559 | &decstep(0,"ebp",$s0,$s3,$s2,$s1); |
| 812 | &decstep(1,"ebp",$s1,$s0,$s3,$s2); | 560 | &decstep(1,"ebp",$s1,$s0,$s3,$s2); |
| 813 | &decstep(2,"ebp",$s2,$s1,$s0,$s3); | 561 | &decstep(2,"ebp",$s2,$s1,$s0,$s3); |
| 814 | &decstep(3,"ebp",$s3,$s2,$s1,$s0); | 562 | &decstep(3,"ebp",$s3,$s2,$s1,$s0); |
| 815 | &add ($key,16); # advance rd_key | 563 | &add ($key,16); # advance rd_key |
| 816 | &xor ($s0,&DWP(0,$key)); | 564 | &xor ($s0,&DWP(0,$key)); |
| 817 | &xor ($s1,&DWP(4,$key)); | 565 | &xor ($s1,&DWP(4,$key)); |
| 818 | &xor ($s2,&DWP(8,$key)); | 566 | &xor ($s2,&DWP(8,$key)); |
| 819 | &xor ($s3,&DWP(12,$key)); | 567 | &xor ($s3,&DWP(12,$key)); |
| 820 | &cmp ($key,&DWP(8,"esp")); | 568 | &cmp ($key,&DWP(16,"esp")); |
| 821 | &mov (&DWP(12,"esp"),$key); | 569 | &mov (&DWP(12,"esp"),$key); |
| 822 | &jb (&label("loop")); | 570 | &jb (&label("loop")); |
| 823 | } | 571 | } |
| @@ -839,7 +587,7 @@ sub declast() | |||
| 839 | &xor ($s3,&DWP(16*$i+12,$key)); | 587 | &xor ($s3,&DWP(16*$i+12,$key)); |
| 840 | } | 588 | } |
| 841 | &add ($key,32); | 589 | &add ($key,32); |
| 842 | &mov (&DWP(12,"esp"),$key); # advance rd_key | 590 | &mov (&DWP(12,"esp"),$key); # advance rd_key |
| 843 | &set_label("12rounds"); | 591 | &set_label("12rounds"); |
| 844 | for ($i=1;$i<3;$i++) { | 592 | for ($i=1;$i<3;$i++) { |
| 845 | &decstep(0,"ebp",$s0,$s3,$s2,$s1); | 593 | &decstep(0,"ebp",$s0,$s3,$s2,$s1); |
| @@ -852,7 +600,7 @@ sub declast() | |||
| 852 | &xor ($s3,&DWP(16*$i+12,$key)); | 600 | &xor ($s3,&DWP(16*$i+12,$key)); |
| 853 | } | 601 | } |
| 854 | &add ($key,32); | 602 | &add ($key,32); |
| 855 | &mov (&DWP(12,"esp"),$key); # advance rd_key | 603 | &mov (&DWP(12,"esp"),$key); # advance rd_key |
| 856 | &set_label("10rounds"); | 604 | &set_label("10rounds"); |
| 857 | for ($i=1;$i<10;$i++) { | 605 | for ($i=1;$i<10;$i++) { |
| 858 | &decstep(0,"ebp",$s0,$s3,$s2,$s1); | 606 | &decstep(0,"ebp",$s0,$s3,$s2,$s1); |
| @@ -866,382 +614,627 @@ sub declast() | |||
| 866 | } | 614 | } |
| 867 | } | 615 | } |
| 868 | 616 | ||
| 869 | &add ("ebp",4*1024); # skip to Te4 | ||
| 870 | &declast(0,"ebp",$s0,$s3,$s2,$s1); | 617 | &declast(0,"ebp",$s0,$s3,$s2,$s1); |
| 871 | &declast(1,"ebp",$s1,$s0,$s3,$s2); | 618 | &declast(1,"ebp",$s1,$s0,$s3,$s2); |
| 872 | &declast(2,"ebp",$s2,$s1,$s0,$s3); | 619 | &declast(2,"ebp",$s2,$s1,$s0,$s3); |
| 873 | &declast(3,"ebp",$s3,$s2,$s1,$s0); | 620 | &declast(3,"ebp",$s3,$s2,$s1,$s0); |
| 874 | 621 | ||
| 875 | &mov ("esp",&DWP(16,"esp")); # restore %esp | ||
| 876 | &add ($key,$small_footprint?16:160); | 622 | &add ($key,$small_footprint?16:160); |
| 877 | &xor ($s0,&DWP(0,$key)); | 623 | &xor ($s0,&DWP(0,$key)); |
| 878 | &xor ($s1,&DWP(4,$key)); | 624 | &xor ($s1,&DWP(4,$key)); |
| 879 | &xor ($s2,&DWP(8,$key)); | 625 | &xor ($s2,&DWP(8,$key)); |
| 880 | &xor ($s3,&DWP(12,$key)); | 626 | &xor ($s3,&DWP(12,$key)); |
| 881 | 627 | ||
| 882 | &mov ($key,&wparam(1)); # load out | 628 | &ret (); |
| 883 | &mov (&DWP(0,$key),$s0); # write output data | 629 | |
| 630 | &set_label("AES_Td",64); # Yes! I keep it in the code segment! | ||
| 631 | &_data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a); | ||
| 632 | &_data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b); | ||
| 633 | &_data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5); | ||
| 634 | &_data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5); | ||
| 635 | &_data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d); | ||
| 636 | &_data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b); | ||
| 637 | &_data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295); | ||
| 638 | &_data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e); | ||
| 639 | &_data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927); | ||
| 640 | &_data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d); | ||
| 641 | &_data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362); | ||
| 642 | &_data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9); | ||
| 643 | &_data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52); | ||
| 644 | &_data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566); | ||
| 645 | &_data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3); | ||
| 646 | &_data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed); | ||
| 647 | &_data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e); | ||
| 648 | &_data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4); | ||
| 649 | &_data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4); | ||
| 650 | &_data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd); | ||
| 651 | &_data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d); | ||
| 652 | &_data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060); | ||
| 653 | &_data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967); | ||
| 654 | &_data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879); | ||
| 655 | &_data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000); | ||
| 656 | &_data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c); | ||
| 657 | &_data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36); | ||
| 658 | &_data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624); | ||
| 659 | &_data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b); | ||
| 660 | &_data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c); | ||
| 661 | &_data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12); | ||
| 662 | &_data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14); | ||
| 663 | &_data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3); | ||
| 664 | &_data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b); | ||
| 665 | &_data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8); | ||
| 666 | &_data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684); | ||
| 667 | &_data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7); | ||
| 668 | &_data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177); | ||
| 669 | &_data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947); | ||
| 670 | &_data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322); | ||
| 671 | &_data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498); | ||
| 672 | &_data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f); | ||
| 673 | &_data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54); | ||
| 674 | &_data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382); | ||
| 675 | &_data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf); | ||
| 676 | &_data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb); | ||
| 677 | &_data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83); | ||
| 678 | &_data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef); | ||
| 679 | &_data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029); | ||
| 680 | &_data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235); | ||
| 681 | &_data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733); | ||
| 682 | &_data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117); | ||
| 683 | &_data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4); | ||
| 684 | &_data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546); | ||
| 685 | &_data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb); | ||
| 686 | &_data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d); | ||
| 687 | &_data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb); | ||
| 688 | &_data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a); | ||
| 689 | &_data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773); | ||
| 690 | &_data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478); | ||
| 691 | &_data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2); | ||
| 692 | &_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff); | ||
| 693 | &_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664); | ||
| 694 | &_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0); | ||
| 695 | #Td4: | ||
| 696 | &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); | ||
| 697 | &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); | ||
| 698 | &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); | ||
| 699 | &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb); | ||
| 700 | &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d); | ||
| 701 | &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e); | ||
| 702 | &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2); | ||
| 703 | &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25); | ||
| 704 | &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16); | ||
| 705 | &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92); | ||
| 706 | &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda); | ||
| 707 | &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84); | ||
| 708 | &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a); | ||
| 709 | &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06); | ||
| 710 | &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02); | ||
| 711 | &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b); | ||
| 712 | &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea); | ||
| 713 | &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73); | ||
| 714 | &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85); | ||
| 715 | &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e); | ||
| 716 | &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89); | ||
| 717 | &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b); | ||
| 718 | &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20); | ||
| 719 | &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4); | ||
| 720 | &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31); | ||
| 721 | &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f); | ||
| 722 | &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d); | ||
| 723 | &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef); | ||
| 724 | &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0); | ||
| 725 | &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); | ||
| 726 | &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); | ||
| 727 | &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); | ||
| 728 | &function_end_B("_x86_AES_decrypt"); | ||
| 729 | |||
| 730 | # void AES_decrypt (const void *inp,void *out,const AES_KEY *key); | ||
| 731 | &public_label("AES_Td"); | ||
| 732 | &function_begin("AES_decrypt"); | ||
| 733 | &mov ($acc,&wparam(0)); # load inp | ||
| 734 | &mov ($key,&wparam(2)); # load key | ||
| 735 | |||
| 736 | &mov ($s0,"esp"); | ||
| 737 | &sub ("esp",24); | ||
| 738 | &and ("esp",-64); | ||
| 739 | &add ("esp",4); | ||
| 740 | &mov (&DWP(16,"esp"),$s0); | ||
| 741 | |||
| 742 | &call (&label("pic_point")); # make it PIC! | ||
| 743 | &set_label("pic_point"); | ||
| 744 | &blindpop("ebp"); | ||
| 745 | &lea ("ebp",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp")); | ||
| 746 | |||
| 747 | # prefetch Td4 | ||
| 748 | &lea ("ebp",&DWP(2048+128,"ebp")); | ||
| 749 | &mov ($s0,&DWP(0-128,"ebp")); | ||
| 750 | &mov ($s1,&DWP(32-128,"ebp")); | ||
| 751 | &mov ($s2,&DWP(64-128,"ebp")); | ||
| 752 | &mov ($s3,&DWP(96-128,"ebp")); | ||
| 753 | &mov ($s0,&DWP(128-128,"ebp")); | ||
| 754 | &mov ($s1,&DWP(160-128,"ebp")); | ||
| 755 | &mov ($s2,&DWP(192-128,"ebp")); | ||
| 756 | &mov ($s3,&DWP(224-128,"ebp")); | ||
| 757 | &lea ("ebp",&DWP(-2048-128,"ebp")); | ||
| 758 | |||
| 759 | &mov ($s0,&DWP(0,$acc)); # load input data | ||
| 760 | &mov ($s1,&DWP(4,$acc)); | ||
| 761 | &mov ($s2,&DWP(8,$acc)); | ||
| 762 | &mov ($s3,&DWP(12,$acc)); | ||
| 763 | |||
| 764 | &call ("_x86_AES_decrypt"); | ||
| 765 | |||
| 766 | &mov ("esp",&DWP(16,"esp")); | ||
| 767 | |||
| 768 | &mov ($acc,&wparam(1)); # load out | ||
| 769 | &mov (&DWP(0,$acc),$s0); # write output data | ||
| 770 | &mov (&DWP(4,$acc),$s1); | ||
| 771 | &mov (&DWP(8,$acc),$s2); | ||
| 772 | &mov (&DWP(12,$acc),$s3); | ||
| 773 | &function_end("AES_decrypt"); | ||
| 774 | |||
| 775 | # void AES_cbc_encrypt (const void char *inp, unsigned char *out, | ||
| 776 | # size_t length, const AES_KEY *key, | ||
| 777 | # unsigned char *ivp,const int enc); | ||
| 778 | { | ||
| 779 | # stack frame layout | ||
| 780 | # -4(%esp) 0(%esp) return address | ||
| 781 | # 0(%esp) 4(%esp) tmp1 | ||
| 782 | # 4(%esp) 8(%esp) tmp2 | ||
| 783 | # 8(%esp) 12(%esp) key | ||
| 784 | # 12(%esp) 16(%esp) end of key schedule | ||
| 785 | my $_esp=&DWP(16,"esp"); #saved %esp | ||
| 786 | my $_inp=&DWP(20,"esp"); #copy of wparam(0) | ||
| 787 | my $_out=&DWP(24,"esp"); #copy of wparam(1) | ||
| 788 | my $_len=&DWP(28,"esp"); #copy of wparam(2) | ||
| 789 | my $_key=&DWP(32,"esp"); #copy of wparam(3) | ||
| 790 | my $_ivp=&DWP(36,"esp"); #copy of wparam(4) | ||
| 791 | my $_tmp=&DWP(40,"esp"); #volatile variable | ||
| 792 | my $ivec=&DWP(44,"esp"); #ivec[16] | ||
| 793 | my $aes_key=&DWP(60,"esp"); #copy of aes_key | ||
| 794 | my $mark=&DWP(60+240,"esp"); #copy of aes_key->rounds | ||
| 795 | |||
| 796 | &public_label("AES_Te"); | ||
| 797 | &public_label("AES_Td"); | ||
| 798 | &function_begin("AES_cbc_encrypt"); | ||
| 799 | &mov ($s2 eq "ecx"? $s2 : "",&wparam(2)); # load len | ||
| 800 | &cmp ($s2,0); | ||
| 801 | &je (&label("enc_out")); | ||
| 802 | |||
| 803 | &call (&label("pic_point")); # make it PIC! | ||
| 804 | &set_label("pic_point"); | ||
| 805 | &blindpop("ebp"); | ||
| 806 | |||
| 807 | &pushf (); | ||
| 808 | &cld (); | ||
| 809 | |||
| 810 | &cmp (&wparam(5),0); | ||
| 811 | &je (&label("DECRYPT")); | ||
| 812 | |||
| 813 | &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); | ||
| 814 | |||
| 815 | # allocate aligned stack frame... | ||
| 816 | &lea ($key,&DWP(-64-244,"esp")); | ||
| 817 | &and ($key,-64); | ||
| 818 | |||
| 819 | # ... and make sure it doesn't alias with AES_Te modulo 4096 | ||
| 820 | &mov ($s0,"ebp"); | ||
| 821 | &lea ($s1,&DWP(2048,"ebp")); | ||
| 822 | &mov ($s3,$key); | ||
| 823 | &and ($s0,0xfff); # s = %ebp&0xfff | ||
| 824 | &and ($s1,0xfff); # e = (%ebp+2048)&0xfff | ||
| 825 | &and ($s3,0xfff); # p = %esp&0xfff | ||
| 826 | |||
| 827 | &cmp ($s3,$s1); # if (p>=e) %esp =- (p-e); | ||
| 828 | &jb (&label("te_break_out")); | ||
| 829 | &sub ($s3,$s1); | ||
| 830 | &sub ($key,$s3); | ||
| 831 | &jmp (&label("te_ok")); | ||
| 832 | &set_label("te_break_out"); # else %esp -= (p-s)&0xfff + framesz; | ||
| 833 | &sub ($s3,$s0); | ||
| 834 | &and ($s3,0xfff); | ||
| 835 | &add ($s3,64+256); | ||
| 836 | &sub ($key,$s3); | ||
| 837 | &align (4); | ||
| 838 | &set_label("te_ok"); | ||
| 839 | |||
| 840 | &mov ($s0,&wparam(0)); # load inp | ||
| 841 | &mov ($s1,&wparam(1)); # load out | ||
| 842 | &mov ($s3,&wparam(3)); # load key | ||
| 843 | &mov ($acc,&wparam(4)); # load ivp | ||
| 844 | |||
| 845 | &exch ("esp",$key); | ||
| 846 | &add ("esp",4); # reserve for return address! | ||
| 847 | &mov ($_esp,$key); # save %esp | ||
| 848 | |||
| 849 | &mov ($_inp,$s0); # save copy of inp | ||
| 850 | &mov ($_out,$s1); # save copy of out | ||
| 851 | &mov ($_len,$s2); # save copy of len | ||
| 852 | &mov ($_key,$s3); # save copy of key | ||
| 853 | &mov ($_ivp,$acc); # save copy of ivp | ||
| 854 | |||
| 855 | &mov ($mark,0); # copy of aes_key->rounds = 0; | ||
| 856 | if ($compromise) { | ||
| 857 | &cmp ($s2,$compromise); | ||
| 858 | &jb (&label("skip_ecopy")); | ||
| 859 | } | ||
| 860 | # do we copy key schedule to stack? | ||
| 861 | &mov ($s1 eq "ebx" ? $s1 : "",$s3); | ||
| 862 | &mov ($s2 eq "ecx" ? $s2 : "",244/4); | ||
| 863 | &sub ($s1,"ebp"); | ||
| 864 | &mov ("esi",$s3); | ||
| 865 | &and ($s1,0xfff); | ||
| 866 | &lea ("edi",$aes_key); | ||
| 867 | &cmp ($s1,2048); | ||
| 868 | &jb (&label("do_ecopy")); | ||
| 869 | &cmp ($s1,4096-244); | ||
| 870 | &jb (&label("skip_ecopy")); | ||
| 871 | &align (4); | ||
| 872 | &set_label("do_ecopy"); | ||
| 873 | &mov ($_key,"edi"); | ||
| 874 | &data_word(0xA5F3F689); # rep movsd | ||
| 875 | &set_label("skip_ecopy"); | ||
| 876 | |||
| 877 | &mov ($acc,$s0); | ||
| 878 | &mov ($key,16); | ||
| 879 | &align (4); | ||
| 880 | &set_label("prefetch_te"); | ||
| 881 | &mov ($s0,&DWP(0,"ebp")); | ||
| 882 | &mov ($s1,&DWP(32,"ebp")); | ||
| 883 | &mov ($s2,&DWP(64,"ebp")); | ||
| 884 | &mov ($s3,&DWP(96,"ebp")); | ||
| 885 | &lea ("ebp",&DWP(128,"ebp")); | ||
| 886 | &dec ($key); | ||
| 887 | &jnz (&label("prefetch_te")); | ||
| 888 | &sub ("ebp",2048); | ||
| 889 | |||
| 890 | &mov ($s2,$_len); | ||
| 891 | &mov ($key,$_ivp); | ||
| 892 | &test ($s2,0xFFFFFFF0); | ||
| 893 | &jz (&label("enc_tail")); # short input... | ||
| 894 | |||
| 895 | &mov ($s0,&DWP(0,$key)); # load iv | ||
| 896 | &mov ($s1,&DWP(4,$key)); | ||
| 897 | |||
| 898 | &align (4); | ||
| 899 | &set_label("enc_loop"); | ||
| 900 | &mov ($s2,&DWP(8,$key)); | ||
| 901 | &mov ($s3,&DWP(12,$key)); | ||
| 902 | |||
| 903 | &xor ($s0,&DWP(0,$acc)); # xor input data | ||
| 904 | &xor ($s1,&DWP(4,$acc)); | ||
| 905 | &xor ($s2,&DWP(8,$acc)); | ||
| 906 | &xor ($s3,&DWP(12,$acc)); | ||
| 907 | |||
| 908 | &mov ($key,$_key); # load key | ||
| 909 | &call ("_x86_AES_encrypt"); | ||
| 910 | |||
| 911 | &mov ($acc,$_inp); # load inp | ||
| 912 | &mov ($key,$_out); # load out | ||
| 913 | |||
| 914 | &mov (&DWP(0,$key),$s0); # save output data | ||
| 915 | &mov (&DWP(4,$key),$s1); | ||
| 916 | &mov (&DWP(8,$key),$s2); | ||
| 917 | &mov (&DWP(12,$key),$s3); | ||
| 918 | |||
| 919 | &mov ($s2,$_len); # load len | ||
| 920 | |||
| 921 | &lea ($acc,&DWP(16,$acc)); | ||
| 922 | &mov ($_inp,$acc); # save inp | ||
| 923 | |||
| 924 | &lea ($s3,&DWP(16,$key)); | ||
| 925 | &mov ($_out,$s3); # save out | ||
| 926 | |||
| 927 | &sub ($s2,16); | ||
| 928 | &test ($s2,0xFFFFFFF0); | ||
| 929 | &mov ($_len,$s2); # save len | ||
| 930 | &jnz (&label("enc_loop")); | ||
| 931 | &test ($s2,15); | ||
| 932 | &jnz (&label("enc_tail")); | ||
| 933 | &mov ($acc,$_ivp); # load ivp | ||
| 934 | &mov ($s2,&DWP(8,$key)); # restore last dwords | ||
| 935 | &mov ($s3,&DWP(12,$key)); | ||
| 936 | &mov (&DWP(0,$acc),$s0); # save ivec | ||
| 937 | &mov (&DWP(4,$acc),$s1); | ||
| 938 | &mov (&DWP(8,$acc),$s2); | ||
| 939 | &mov (&DWP(12,$acc),$s3); | ||
| 940 | |||
| 941 | &cmp ($mark,0); # was the key schedule copied? | ||
| 942 | &mov ("edi",$_key); | ||
| 943 | &je (&label("skip_ezero")); | ||
| 944 | # zero copy of key schedule | ||
| 945 | &mov ("ecx",240/4); | ||
| 946 | &xor ("eax","eax"); | ||
| 947 | &align (4); | ||
| 948 | &data_word(0xABF3F689); # rep stosd | ||
| 949 | &set_label("skip_ezero") | ||
| 950 | &mov ("esp",$_esp); | ||
| 951 | &popf (); | ||
| 952 | &set_label("enc_out"); | ||
| 953 | &function_end_A(); | ||
| 954 | &pushf (); # kludge, never executed | ||
| 955 | |||
| 956 | &align (4); | ||
| 957 | &set_label("enc_tail"); | ||
| 958 | &push ($key eq "edi" ? $key : ""); # push ivp | ||
| 959 | &mov ($key,$_out); # load out | ||
| 960 | &mov ($s1,16); | ||
| 961 | &sub ($s1,$s2); | ||
| 962 | &cmp ($key,$acc); # compare with inp | ||
| 963 | &je (&label("enc_in_place")); | ||
| 964 | &align (4); | ||
| 965 | &data_word(0xA4F3F689); # rep movsb # copy input | ||
| 966 | &jmp (&label("enc_skip_in_place")); | ||
| 967 | &set_label("enc_in_place"); | ||
| 968 | &lea ($key,&DWP(0,$key,$s2)); | ||
| 969 | &set_label("enc_skip_in_place"); | ||
| 970 | &mov ($s2,$s1); | ||
| 971 | &xor ($s0,$s0); | ||
| 972 | &align (4); | ||
| 973 | &data_word(0xAAF3F689); # rep stosb # zero tail | ||
| 974 | &pop ($key); # pop ivp | ||
| 975 | |||
| 976 | &mov ($acc,$_out); # output as input | ||
| 977 | &mov ($s0,&DWP(0,$key)); | ||
| 978 | &mov ($s1,&DWP(4,$key)); | ||
| 979 | &mov ($_len,16); # len=16 | ||
| 980 | &jmp (&label("enc_loop")); # one more spin... | ||
| 981 | |||
| 982 | #----------------------------- DECRYPT -----------------------------# | ||
| 983 | &align (4); | ||
| 984 | &set_label("DECRYPT"); | ||
| 985 | &lea ("ebp",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp")); | ||
| 986 | |||
| 987 | # allocate aligned stack frame... | ||
| 988 | &lea ($key,&DWP(-64-244,"esp")); | ||
| 989 | &and ($key,-64); | ||
| 990 | |||
| 991 | # ... and make sure it doesn't alias with AES_Td modulo 4096 | ||
| 992 | &mov ($s0,"ebp"); | ||
| 993 | &lea ($s1,&DWP(2048+256,"ebp")); | ||
| 994 | &mov ($s3,$key); | ||
| 995 | &and ($s0,0xfff); # s = %ebp&0xfff | ||
| 996 | &and ($s1,0xfff); # e = (%ebp+2048+256)&0xfff | ||
| 997 | &and ($s3,0xfff); # p = %esp&0xfff | ||
| 998 | |||
| 999 | &cmp ($s3,$s1); # if (p>=e) %esp =- (p-e); | ||
| 1000 | &jb (&label("td_break_out")); | ||
| 1001 | &sub ($s3,$s1); | ||
| 1002 | &sub ($key,$s3); | ||
| 1003 | &jmp (&label("td_ok")); | ||
| 1004 | &set_label("td_break_out"); # else %esp -= (p-s)&0xfff + framesz; | ||
| 1005 | &sub ($s3,$s0); | ||
| 1006 | &and ($s3,0xfff); | ||
| 1007 | &add ($s3,64+256); | ||
| 1008 | &sub ($key,$s3); | ||
| 1009 | &align (4); | ||
| 1010 | &set_label("td_ok"); | ||
| 1011 | |||
| 1012 | &mov ($s0,&wparam(0)); # load inp | ||
| 1013 | &mov ($s1,&wparam(1)); # load out | ||
| 1014 | &mov ($s3,&wparam(3)); # load key | ||
| 1015 | &mov ($acc,&wparam(4)); # load ivp | ||
| 1016 | |||
| 1017 | &exch ("esp",$key); | ||
| 1018 | &add ("esp",4); # reserve for return address! | ||
| 1019 | &mov ($_esp,$key); # save %esp | ||
| 1020 | |||
| 1021 | &mov ($_inp,$s0); # save copy of inp | ||
| 1022 | &mov ($_out,$s1); # save copy of out | ||
| 1023 | &mov ($_len,$s2); # save copy of len | ||
| 1024 | &mov ($_key,$s3); # save copy of key | ||
| 1025 | &mov ($_ivp,$acc); # save copy of ivp | ||
| 1026 | |||
| 1027 | &mov ($mark,0); # copy of aes_key->rounds = 0; | ||
| 1028 | if ($compromise) { | ||
| 1029 | &cmp ($s2,$compromise); | ||
| 1030 | &jb (&label("skip_dcopy")); | ||
| 1031 | } | ||
| 1032 | # do we copy key schedule to stack? | ||
| 1033 | &mov ($s1 eq "ebx" ? $s1 : "",$s3); | ||
| 1034 | &mov ($s2 eq "ecx" ? $s2 : "",244/4); | ||
| 1035 | &sub ($s1,"ebp"); | ||
| 1036 | &mov ("esi",$s3); | ||
| 1037 | &and ($s1,0xfff); | ||
| 1038 | &lea ("edi",$aes_key); | ||
| 1039 | &cmp ($s1,2048+256); | ||
| 1040 | &jb (&label("do_dcopy")); | ||
| 1041 | &cmp ($s1,4096-244); | ||
| 1042 | &jb (&label("skip_dcopy")); | ||
| 1043 | &align (4); | ||
| 1044 | &set_label("do_dcopy"); | ||
| 1045 | &mov ($_key,"edi"); | ||
| 1046 | &data_word(0xA5F3F689); # rep movsd | ||
| 1047 | &set_label("skip_dcopy"); | ||
| 1048 | |||
| 1049 | &mov ($acc,$s0); | ||
| 1050 | &mov ($key,18); | ||
| 1051 | &align (4); | ||
| 1052 | &set_label("prefetch_td"); | ||
| 1053 | &mov ($s0,&DWP(0,"ebp")); | ||
| 1054 | &mov ($s1,&DWP(32,"ebp")); | ||
| 1055 | &mov ($s2,&DWP(64,"ebp")); | ||
| 1056 | &mov ($s3,&DWP(96,"ebp")); | ||
| 1057 | &lea ("ebp",&DWP(128,"ebp")); | ||
| 1058 | &dec ($key); | ||
| 1059 | &jnz (&label("prefetch_td")); | ||
| 1060 | &sub ("ebp",2048+256); | ||
| 1061 | |||
| 1062 | &cmp ($acc,$_out); | ||
| 1063 | &je (&label("dec_in_place")); # in-place processing... | ||
| 1064 | |||
| 1065 | &mov ($key,$_ivp); # load ivp | ||
| 1066 | &mov ($_tmp,$key); | ||
| 1067 | |||
| 1068 | &align (4); | ||
| 1069 | &set_label("dec_loop"); | ||
| 1070 | &mov ($s0,&DWP(0,$acc)); # read input | ||
| 1071 | &mov ($s1,&DWP(4,$acc)); | ||
| 1072 | &mov ($s2,&DWP(8,$acc)); | ||
| 1073 | &mov ($s3,&DWP(12,$acc)); | ||
| 1074 | |||
| 1075 | &mov ($key,$_key); # load key | ||
| 1076 | &call ("_x86_AES_decrypt"); | ||
| 1077 | |||
| 1078 | &mov ($key,$_tmp); # load ivp | ||
| 1079 | &mov ($acc,$_len); # load len | ||
| 1080 | &xor ($s0,&DWP(0,$key)); # xor iv | ||
| 1081 | &xor ($s1,&DWP(4,$key)); | ||
| 1082 | &xor ($s2,&DWP(8,$key)); | ||
| 1083 | &xor ($s3,&DWP(12,$key)); | ||
| 1084 | |||
| 1085 | &sub ($acc,16); | ||
| 1086 | &jc (&label("dec_partial")); | ||
| 1087 | &mov ($_len,$acc); # save len | ||
| 1088 | &mov ($acc,$_inp); # load inp | ||
| 1089 | &mov ($key,$_out); # load out | ||
| 1090 | |||
| 1091 | &mov (&DWP(0,$key),$s0); # write output | ||
| 1092 | &mov (&DWP(4,$key),$s1); | ||
| 1093 | &mov (&DWP(8,$key),$s2); | ||
| 1094 | &mov (&DWP(12,$key),$s3); | ||
| 1095 | |||
| 1096 | &mov ($_tmp,$acc); # save ivp | ||
| 1097 | &lea ($acc,&DWP(16,$acc)); | ||
| 1098 | &mov ($_inp,$acc); # save inp | ||
| 1099 | |||
| 1100 | &lea ($key,&DWP(16,$key)); | ||
| 1101 | &mov ($_out,$key); # save out | ||
| 1102 | |||
| 1103 | &jnz (&label("dec_loop")); | ||
| 1104 | &mov ($key,$_tmp); # load temp ivp | ||
| 1105 | &set_label("dec_end"); | ||
| 1106 | &mov ($acc,$_ivp); # load user ivp | ||
| 1107 | &mov ($s0,&DWP(0,$key)); # load iv | ||
| 1108 | &mov ($s1,&DWP(4,$key)); | ||
| 1109 | &mov ($s2,&DWP(8,$key)); | ||
| 1110 | &mov ($s3,&DWP(12,$key)); | ||
| 1111 | &mov (&DWP(0,$acc),$s0); # copy back to user | ||
| 1112 | &mov (&DWP(4,$acc),$s1); | ||
| 1113 | &mov (&DWP(8,$acc),$s2); | ||
| 1114 | &mov (&DWP(12,$acc),$s3); | ||
| 1115 | &jmp (&label("dec_out")); | ||
| 1116 | |||
| 1117 | &align (4); | ||
| 1118 | &set_label("dec_partial"); | ||
| 1119 | &lea ($key,$ivec); | ||
| 1120 | &mov (&DWP(0,$key),$s0); # dump output to stack | ||
| 884 | &mov (&DWP(4,$key),$s1); | 1121 | &mov (&DWP(4,$key),$s1); |
| 885 | &mov (&DWP(8,$key),$s2); | 1122 | &mov (&DWP(8,$key),$s2); |
| 886 | &mov (&DWP(12,$key),$s3); | 1123 | &mov (&DWP(12,$key),$s3); |
| 1124 | &lea ($s2 eq "ecx" ? $s2 : "",&DWP(16,$acc)); | ||
| 1125 | &mov ($acc eq "esi" ? $acc : "",$key); | ||
| 1126 | &mov ($key eq "edi" ? $key : "",$_out); # load out | ||
| 1127 | &data_word(0xA4F3F689); # rep movsb # copy output | ||
| 1128 | &mov ($key,$_inp); # use inp as temp ivp | ||
| 1129 | &jmp (&label("dec_end")); | ||
| 1130 | |||
| 1131 | &align (4); | ||
| 1132 | &set_label("dec_in_place"); | ||
| 1133 | &set_label("dec_in_place_loop"); | ||
| 1134 | &lea ($key,$ivec); | ||
| 1135 | &mov ($s0,&DWP(0,$acc)); # read input | ||
| 1136 | &mov ($s1,&DWP(4,$acc)); | ||
| 1137 | &mov ($s2,&DWP(8,$acc)); | ||
| 1138 | &mov ($s3,&DWP(12,$acc)); | ||
| 1139 | |||
| 1140 | &mov (&DWP(0,$key),$s0); # copy to temp | ||
| 1141 | &mov (&DWP(4,$key),$s1); | ||
| 1142 | &mov (&DWP(8,$key),$s2); | ||
| 1143 | &mov (&DWP(12,$key),$s3); | ||
| 1144 | |||
| 1145 | &mov ($key,$_key); # load key | ||
| 1146 | &call ("_x86_AES_decrypt"); | ||
| 1147 | |||
| 1148 | &mov ($key,$_ivp); # load ivp | ||
| 1149 | &mov ($acc,$_out); # load out | ||
| 1150 | &xor ($s0,&DWP(0,$key)); # xor iv | ||
| 1151 | &xor ($s1,&DWP(4,$key)); | ||
| 1152 | &xor ($s2,&DWP(8,$key)); | ||
| 1153 | &xor ($s3,&DWP(12,$key)); | ||
| 887 | 1154 | ||
| 888 | &pop ("edi"); | 1155 | &mov (&DWP(0,$acc),$s0); # write output |
| 889 | &pop ("esi"); | 1156 | &mov (&DWP(4,$acc),$s1); |
| 890 | &pop ("ebx"); | 1157 | &mov (&DWP(8,$acc),$s2); |
| 891 | &pop ("ebp"); | 1158 | &mov (&DWP(12,$acc),$s3); |
| 892 | &ret (); | 1159 | |
| 1160 | &lea ($acc,&DWP(16,$acc)); | ||
| 1161 | &mov ($_out,$acc); # save out | ||
| 1162 | |||
| 1163 | &lea ($acc,$ivec); | ||
| 1164 | &mov ($s0,&DWP(0,$acc)); # read temp | ||
| 1165 | &mov ($s1,&DWP(4,$acc)); | ||
| 1166 | &mov ($s2,&DWP(8,$acc)); | ||
| 1167 | &mov ($s3,&DWP(12,$acc)); | ||
| 1168 | |||
| 1169 | &mov (&DWP(0,$key),$s0); # copy iv | ||
| 1170 | &mov (&DWP(4,$key),$s1); | ||
| 1171 | &mov (&DWP(8,$key),$s2); | ||
| 1172 | &mov (&DWP(12,$key),$s3); | ||
| 1173 | |||
| 1174 | &mov ($acc,$_inp); # load inp | ||
| 1175 | |||
| 1176 | &lea ($acc,&DWP(16,$acc)); | ||
| 1177 | &mov ($_inp,$acc); # save inp | ||
| 1178 | |||
| 1179 | &mov ($s2,$_len); # load len | ||
| 1180 | &sub ($s2,16); | ||
| 1181 | &jc (&label("dec_in_place_partial")); | ||
| 1182 | &mov ($_len,$s2); # save len | ||
| 1183 | &jnz (&label("dec_in_place_loop")); | ||
| 1184 | &jmp (&label("dec_out")); | ||
| 1185 | |||
| 1186 | &align (4); | ||
| 1187 | &set_label("dec_in_place_partial"); | ||
| 1188 | # one can argue if this is actually required... | ||
| 1189 | &mov ($key eq "edi" ? $key : "",$_out); | ||
| 1190 | &lea ($acc eq "esi" ? $acc : "",$ivec); | ||
| 1191 | &lea ($key,&DWP(0,$key,$s2)); | ||
| 1192 | &lea ($acc,&DWP(16,$acc,$s2)); | ||
| 1193 | &neg ($s2 eq "ecx" ? $s2 : ""); | ||
| 1194 | &data_word(0xA4F3F689); # rep movsb # restore tail | ||
| 1195 | |||
| 1196 | &align (4); | ||
| 1197 | &set_label("dec_out"); | ||
| 1198 | &cmp ($mark,0); # was the key schedule copied? | ||
| 1199 | &mov ("edi",$_key); | ||
| 1200 | &je (&label("skip_dzero")); | ||
| 1201 | # zero copy of key schedule | ||
| 1202 | &mov ("ecx",240/4); | ||
| 1203 | &xor ("eax","eax"); | ||
| 1204 | &align (4); | ||
| 1205 | &data_word(0xABF3F689); # rep stosd | ||
| 1206 | &set_label("skip_dzero") | ||
| 1207 | &mov ("esp",$_esp); | ||
| 1208 | &popf (); | ||
| 1209 | &function_end("AES_cbc_encrypt"); | ||
| 1210 | } | ||
| 893 | 1211 | ||
| 894 | &set_label("AES_Td",64); # Yes! I keep it in the code segment! | 1212 | #------------------------------------------------------------------# |
| 895 | &data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a); | ||
| 896 | &data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b); | ||
| 897 | &data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5); | ||
| 898 | &data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5); | ||
| 899 | &data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d); | ||
| 900 | &data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b); | ||
| 901 | &data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295); | ||
| 902 | &data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e); | ||
| 903 | &data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927); | ||
| 904 | &data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d); | ||
| 905 | &data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362); | ||
| 906 | &data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9); | ||
| 907 | &data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52); | ||
| 908 | &data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566); | ||
| 909 | &data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3); | ||
| 910 | &data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed); | ||
| 911 | &data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e); | ||
| 912 | &data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4); | ||
| 913 | &data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4); | ||
| 914 | &data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd); | ||
| 915 | &data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d); | ||
| 916 | &data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060); | ||
| 917 | &data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967); | ||
| 918 | &data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879); | ||
| 919 | &data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000); | ||
| 920 | &data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c); | ||
| 921 | &data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36); | ||
| 922 | &data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624); | ||
| 923 | &data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b); | ||
| 924 | &data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c); | ||
| 925 | &data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12); | ||
| 926 | &data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14); | ||
| 927 | &data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3); | ||
| 928 | &data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b); | ||
| 929 | &data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8); | ||
| 930 | &data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684); | ||
| 931 | &data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7); | ||
| 932 | &data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177); | ||
| 933 | &data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947); | ||
| 934 | &data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322); | ||
| 935 | &data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498); | ||
| 936 | &data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f); | ||
| 937 | &data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54); | ||
| 938 | &data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382); | ||
| 939 | &data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf); | ||
| 940 | &data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb); | ||
| 941 | &data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83); | ||
| 942 | &data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef); | ||
| 943 | &data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029); | ||
| 944 | &data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235); | ||
| 945 | &data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733); | ||
| 946 | &data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117); | ||
| 947 | &data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4); | ||
| 948 | &data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546); | ||
| 949 | &data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb); | ||
| 950 | &data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d); | ||
| 951 | &data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb); | ||
| 952 | &data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a); | ||
| 953 | &data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773); | ||
| 954 | &data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478); | ||
| 955 | &data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2); | ||
| 956 | &data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff); | ||
| 957 | &data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664); | ||
| 958 | &data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0); | ||
| 959 | #Td1: | ||
| 960 | &data_word(0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96); | ||
| 961 | &data_word(0x6bab3bcb, 0x459d1ff1, 0x58faacab, 0x03e34b93); | ||
| 962 | &data_word(0xfa302055, 0x6d76adf6, 0x76cc8891, 0x4c02f525); | ||
| 963 | &data_word(0xd7e54ffc, 0xcb2ac5d7, 0x44352680, 0xa362b58f); | ||
| 964 | &data_word(0x5ab1de49, 0x1bba2567, 0x0eea4598, 0xc0fe5de1); | ||
| 965 | &data_word(0x752fc302, 0xf04c8112, 0x97468da3, 0xf9d36bc6); | ||
| 966 | &data_word(0x5f8f03e7, 0x9c921595, 0x7a6dbfeb, 0x595295da); | ||
| 967 | &data_word(0x83bed42d, 0x217458d3, 0x69e04929, 0xc8c98e44); | ||
| 968 | &data_word(0x89c2756a, 0x798ef478, 0x3e58996b, 0x71b927dd); | ||
| 969 | &data_word(0x4fe1beb6, 0xad88f017, 0xac20c966, 0x3ace7db4); | ||
| 970 | &data_word(0x4adf6318, 0x311ae582, 0x33519760, 0x7f536245); | ||
| 971 | &data_word(0x7764b1e0, 0xae6bbb84, 0xa081fe1c, 0x2b08f994); | ||
| 972 | &data_word(0x68487058, 0xfd458f19, 0x6cde9487, 0xf87b52b7); | ||
| 973 | &data_word(0xd373ab23, 0x024b72e2, 0x8f1fe357, 0xab55662a); | ||
| 974 | &data_word(0x28ebb207, 0xc2b52f03, 0x7bc5869a, 0x0837d3a5); | ||
| 975 | &data_word(0x872830f2, 0xa5bf23b2, 0x6a0302ba, 0x8216ed5c); | ||
| 976 | &data_word(0x1ccf8a2b, 0xb479a792, 0xf207f3f0, 0xe2694ea1); | ||
| 977 | &data_word(0xf4da65cd, 0xbe0506d5, 0x6234d11f, 0xfea6c48a); | ||
| 978 | &data_word(0x532e349d, 0x55f3a2a0, 0xe18a0532, 0xebf6a475); | ||
| 979 | &data_word(0xec830b39, 0xef6040aa, 0x9f715e06, 0x106ebd51); | ||
| 980 | &data_word(0x8a213ef9, 0x06dd963d, 0x053eddae, 0xbde64d46); | ||
| 981 | &data_word(0x8d5491b5, 0x5dc47105, 0xd406046f, 0x155060ff); | ||
| 982 | &data_word(0xfb981924, 0xe9bdd697, 0x434089cc, 0x9ed96777); | ||
| 983 | &data_word(0x42e8b0bd, 0x8b890788, 0x5b19e738, 0xeec879db); | ||
| 984 | &data_word(0x0a7ca147, 0x0f427ce9, 0x1e84f8c9, 0x00000000); | ||
| 985 | &data_word(0x86800983, 0xed2b3248, 0x70111eac, 0x725a6c4e); | ||
| 986 | &data_word(0xff0efdfb, 0x38850f56, 0xd5ae3d1e, 0x392d3627); | ||
| 987 | &data_word(0xd90f0a64, 0xa65c6821, 0x545b9bd1, 0x2e36243a); | ||
| 988 | &data_word(0x670a0cb1, 0xe757930f, 0x96eeb4d2, 0x919b1b9e); | ||
| 989 | &data_word(0xc5c0804f, 0x20dc61a2, 0x4b775a69, 0x1a121c16); | ||
| 990 | &data_word(0xba93e20a, 0x2aa0c0e5, 0xe0223c43, 0x171b121d); | ||
| 991 | &data_word(0x0d090e0b, 0xc78bf2ad, 0xa8b62db9, 0xa91e14c8); | ||
| 992 | &data_word(0x19f15785, 0x0775af4c, 0xdd99eebb, 0x607fa3fd); | ||
| 993 | &data_word(0x2601f79f, 0xf5725cbc, 0x3b6644c5, 0x7efb5b34); | ||
| 994 | &data_word(0x29438b76, 0xc623cbdc, 0xfcedb668, 0xf1e4b863); | ||
| 995 | &data_word(0xdc31d7ca, 0x85634210, 0x22971340, 0x11c68420); | ||
| 996 | &data_word(0x244a857d, 0x3dbbd2f8, 0x32f9ae11, 0xa129c76d); | ||
| 997 | &data_word(0x2f9e1d4b, 0x30b2dcf3, 0x52860dec, 0xe3c177d0); | ||
| 998 | &data_word(0x16b32b6c, 0xb970a999, 0x489411fa, 0x64e94722); | ||
| 999 | &data_word(0x8cfca8c4, 0x3ff0a01a, 0x2c7d56d8, 0x903322ef); | ||
| 1000 | &data_word(0x4e4987c7, 0xd138d9c1, 0xa2ca8cfe, 0x0bd49836); | ||
| 1001 | &data_word(0x81f5a6cf, 0xde7aa528, 0x8eb7da26, 0xbfad3fa4); | ||
| 1002 | &data_word(0x9d3a2ce4, 0x9278500d, 0xcc5f6a9b, 0x467e5462); | ||
| 1003 | &data_word(0x138df6c2, 0xb8d890e8, 0xf7392e5e, 0xafc382f5); | ||
| 1004 | &data_word(0x805d9fbe, 0x93d0697c, 0x2dd56fa9, 0x1225cfb3); | ||
| 1005 | &data_word(0x99acc83b, 0x7d1810a7, 0x639ce86e, 0xbb3bdb7b); | ||
| 1006 | &data_word(0x7826cd09, 0x18596ef4, 0xb79aec01, 0x9a4f83a8); | ||
| 1007 | &data_word(0x6e95e665, 0xe6ffaa7e, 0xcfbc2108, 0xe815efe6); | ||
| 1008 | &data_word(0x9be7bad9, 0x366f4ace, 0x099fead4, 0x7cb029d6); | ||
| 1009 | &data_word(0xb2a431af, 0x233f2a31, 0x94a5c630, 0x66a235c0); | ||
| 1010 | &data_word(0xbc4e7437, 0xca82fca6, 0xd090e0b0, 0xd8a73315); | ||
| 1011 | &data_word(0x9804f14a, 0xdaec41f7, 0x50cd7f0e, 0xf691172f); | ||
| 1012 | &data_word(0xd64d768d, 0xb0ef434d, 0x4daacc54, 0x0496e4df); | ||
| 1013 | &data_word(0xb5d19ee3, 0x886a4c1b, 0x1f2cc1b8, 0x5165467f); | ||
| 1014 | &data_word(0xea5e9d04, 0x358c015d, 0x7487fa73, 0x410bfb2e); | ||
| 1015 | &data_word(0x1d67b35a, 0xd2db9252, 0x5610e933, 0x47d66d13); | ||
| 1016 | &data_word(0x61d79a8c, 0x0ca1377a, 0x14f8598e, 0x3c13eb89); | ||
| 1017 | &data_word(0x27a9ceee, 0xc961b735, 0xe51ce1ed, 0xb1477a3c); | ||
| 1018 | &data_word(0xdfd29c59, 0x73f2553f, 0xce141879, 0x37c773bf); | ||
| 1019 | &data_word(0xcdf753ea, 0xaafd5f5b, 0x6f3ddf14, 0xdb447886); | ||
| 1020 | &data_word(0xf3afca81, 0xc468b93e, 0x3424382c, 0x40a3c25f); | ||
| 1021 | &data_word(0xc31d1672, 0x25e2bc0c, 0x493c288b, 0x950dff41); | ||
| 1022 | &data_word(0x01a83971, 0xb30c08de, 0xe4b4d89c, 0xc1566490); | ||
| 1023 | &data_word(0x84cb7b61, 0xb632d570, 0x5c6c4874, 0x57b8d042); | ||
| 1024 | #Td2: | ||
| 1025 | &data_word(0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e); | ||
| 1026 | &data_word(0xab3bcb6b, 0x9d1ff145, 0xfaacab58, 0xe34b9303); | ||
| 1027 | &data_word(0x302055fa, 0x76adf66d, 0xcc889176, 0x02f5254c); | ||
| 1028 | &data_word(0xe54ffcd7, 0x2ac5d7cb, 0x35268044, 0x62b58fa3); | ||
| 1029 | &data_word(0xb1de495a, 0xba25671b, 0xea45980e, 0xfe5de1c0); | ||
| 1030 | &data_word(0x2fc30275, 0x4c8112f0, 0x468da397, 0xd36bc6f9); | ||
| 1031 | &data_word(0x8f03e75f, 0x9215959c, 0x6dbfeb7a, 0x5295da59); | ||
| 1032 | &data_word(0xbed42d83, 0x7458d321, 0xe0492969, 0xc98e44c8); | ||
| 1033 | &data_word(0xc2756a89, 0x8ef47879, 0x58996b3e, 0xb927dd71); | ||
| 1034 | &data_word(0xe1beb64f, 0x88f017ad, 0x20c966ac, 0xce7db43a); | ||
| 1035 | &data_word(0xdf63184a, 0x1ae58231, 0x51976033, 0x5362457f); | ||
| 1036 | &data_word(0x64b1e077, 0x6bbb84ae, 0x81fe1ca0, 0x08f9942b); | ||
| 1037 | &data_word(0x48705868, 0x458f19fd, 0xde94876c, 0x7b52b7f8); | ||
| 1038 | &data_word(0x73ab23d3, 0x4b72e202, 0x1fe3578f, 0x55662aab); | ||
| 1039 | &data_word(0xebb20728, 0xb52f03c2, 0xc5869a7b, 0x37d3a508); | ||
| 1040 | &data_word(0x2830f287, 0xbf23b2a5, 0x0302ba6a, 0x16ed5c82); | ||
| 1041 | &data_word(0xcf8a2b1c, 0x79a792b4, 0x07f3f0f2, 0x694ea1e2); | ||
| 1042 | &data_word(0xda65cdf4, 0x0506d5be, 0x34d11f62, 0xa6c48afe); | ||
| 1043 | &data_word(0x2e349d53, 0xf3a2a055, 0x8a0532e1, 0xf6a475eb); | ||
| 1044 | &data_word(0x830b39ec, 0x6040aaef, 0x715e069f, 0x6ebd5110); | ||
| 1045 | &data_word(0x213ef98a, 0xdd963d06, 0x3eddae05, 0xe64d46bd); | ||
| 1046 | &data_word(0x5491b58d, 0xc471055d, 0x06046fd4, 0x5060ff15); | ||
| 1047 | &data_word(0x981924fb, 0xbdd697e9, 0x4089cc43, 0xd967779e); | ||
| 1048 | &data_word(0xe8b0bd42, 0x8907888b, 0x19e7385b, 0xc879dbee); | ||
| 1049 | &data_word(0x7ca1470a, 0x427ce90f, 0x84f8c91e, 0x00000000); | ||
| 1050 | &data_word(0x80098386, 0x2b3248ed, 0x111eac70, 0x5a6c4e72); | ||
| 1051 | &data_word(0x0efdfbff, 0x850f5638, 0xae3d1ed5, 0x2d362739); | ||
| 1052 | &data_word(0x0f0a64d9, 0x5c6821a6, 0x5b9bd154, 0x36243a2e); | ||
| 1053 | &data_word(0x0a0cb167, 0x57930fe7, 0xeeb4d296, 0x9b1b9e91); | ||
| 1054 | &data_word(0xc0804fc5, 0xdc61a220, 0x775a694b, 0x121c161a); | ||
| 1055 | &data_word(0x93e20aba, 0xa0c0e52a, 0x223c43e0, 0x1b121d17); | ||
| 1056 | &data_word(0x090e0b0d, 0x8bf2adc7, 0xb62db9a8, 0x1e14c8a9); | ||
| 1057 | &data_word(0xf1578519, 0x75af4c07, 0x99eebbdd, 0x7fa3fd60); | ||
| 1058 | &data_word(0x01f79f26, 0x725cbcf5, 0x6644c53b, 0xfb5b347e); | ||
| 1059 | &data_word(0x438b7629, 0x23cbdcc6, 0xedb668fc, 0xe4b863f1); | ||
| 1060 | &data_word(0x31d7cadc, 0x63421085, 0x97134022, 0xc6842011); | ||
| 1061 | &data_word(0x4a857d24, 0xbbd2f83d, 0xf9ae1132, 0x29c76da1); | ||
| 1062 | &data_word(0x9e1d4b2f, 0xb2dcf330, 0x860dec52, 0xc177d0e3); | ||
| 1063 | &data_word(0xb32b6c16, 0x70a999b9, 0x9411fa48, 0xe9472264); | ||
| 1064 | &data_word(0xfca8c48c, 0xf0a01a3f, 0x7d56d82c, 0x3322ef90); | ||
| 1065 | &data_word(0x4987c74e, 0x38d9c1d1, 0xca8cfea2, 0xd498360b); | ||
| 1066 | &data_word(0xf5a6cf81, 0x7aa528de, 0xb7da268e, 0xad3fa4bf); | ||
| 1067 | &data_word(0x3a2ce49d, 0x78500d92, 0x5f6a9bcc, 0x7e546246); | ||
| 1068 | &data_word(0x8df6c213, 0xd890e8b8, 0x392e5ef7, 0xc382f5af); | ||
| 1069 | &data_word(0x5d9fbe80, 0xd0697c93, 0xd56fa92d, 0x25cfb312); | ||
| 1070 | &data_word(0xacc83b99, 0x1810a77d, 0x9ce86e63, 0x3bdb7bbb); | ||
| 1071 | &data_word(0x26cd0978, 0x596ef418, 0x9aec01b7, 0x4f83a89a); | ||
| 1072 | &data_word(0x95e6656e, 0xffaa7ee6, 0xbc2108cf, 0x15efe6e8); | ||
| 1073 | &data_word(0xe7bad99b, 0x6f4ace36, 0x9fead409, 0xb029d67c); | ||
| 1074 | &data_word(0xa431afb2, 0x3f2a3123, 0xa5c63094, 0xa235c066); | ||
| 1075 | &data_word(0x4e7437bc, 0x82fca6ca, 0x90e0b0d0, 0xa73315d8); | ||
| 1076 | &data_word(0x04f14a98, 0xec41f7da, 0xcd7f0e50, 0x91172ff6); | ||
| 1077 | &data_word(0x4d768dd6, 0xef434db0, 0xaacc544d, 0x96e4df04); | ||
| 1078 | &data_word(0xd19ee3b5, 0x6a4c1b88, 0x2cc1b81f, 0x65467f51); | ||
| 1079 | &data_word(0x5e9d04ea, 0x8c015d35, 0x87fa7374, 0x0bfb2e41); | ||
| 1080 | &data_word(0x67b35a1d, 0xdb9252d2, 0x10e93356, 0xd66d1347); | ||
| 1081 | &data_word(0xd79a8c61, 0xa1377a0c, 0xf8598e14, 0x13eb893c); | ||
| 1082 | &data_word(0xa9ceee27, 0x61b735c9, 0x1ce1ede5, 0x477a3cb1); | ||
| 1083 | &data_word(0xd29c59df, 0xf2553f73, 0x141879ce, 0xc773bf37); | ||
| 1084 | &data_word(0xf753eacd, 0xfd5f5baa, 0x3ddf146f, 0x447886db); | ||
| 1085 | &data_word(0xafca81f3, 0x68b93ec4, 0x24382c34, 0xa3c25f40); | ||
| 1086 | &data_word(0x1d1672c3, 0xe2bc0c25, 0x3c288b49, 0x0dff4195); | ||
| 1087 | &data_word(0xa8397101, 0x0c08deb3, 0xb4d89ce4, 0x566490c1); | ||
| 1088 | &data_word(0xcb7b6184, 0x32d570b6, 0x6c48745c, 0xb8d04257); | ||
| 1089 | #Td3: | ||
| 1090 | &data_word(0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27); | ||
| 1091 | &data_word(0x3bcb6bab, 0x1ff1459d, 0xacab58fa, 0x4b9303e3); | ||
| 1092 | &data_word(0x2055fa30, 0xadf66d76, 0x889176cc, 0xf5254c02); | ||
| 1093 | &data_word(0x4ffcd7e5, 0xc5d7cb2a, 0x26804435, 0xb58fa362); | ||
| 1094 | &data_word(0xde495ab1, 0x25671bba, 0x45980eea, 0x5de1c0fe); | ||
| 1095 | &data_word(0xc302752f, 0x8112f04c, 0x8da39746, 0x6bc6f9d3); | ||
| 1096 | &data_word(0x03e75f8f, 0x15959c92, 0xbfeb7a6d, 0x95da5952); | ||
| 1097 | &data_word(0xd42d83be, 0x58d32174, 0x492969e0, 0x8e44c8c9); | ||
| 1098 | &data_word(0x756a89c2, 0xf478798e, 0x996b3e58, 0x27dd71b9); | ||
| 1099 | &data_word(0xbeb64fe1, 0xf017ad88, 0xc966ac20, 0x7db43ace); | ||
| 1100 | &data_word(0x63184adf, 0xe582311a, 0x97603351, 0x62457f53); | ||
| 1101 | &data_word(0xb1e07764, 0xbb84ae6b, 0xfe1ca081, 0xf9942b08); | ||
| 1102 | &data_word(0x70586848, 0x8f19fd45, 0x94876cde, 0x52b7f87b); | ||
| 1103 | &data_word(0xab23d373, 0x72e2024b, 0xe3578f1f, 0x662aab55); | ||
| 1104 | &data_word(0xb20728eb, 0x2f03c2b5, 0x869a7bc5, 0xd3a50837); | ||
| 1105 | &data_word(0x30f28728, 0x23b2a5bf, 0x02ba6a03, 0xed5c8216); | ||
| 1106 | &data_word(0x8a2b1ccf, 0xa792b479, 0xf3f0f207, 0x4ea1e269); | ||
| 1107 | &data_word(0x65cdf4da, 0x06d5be05, 0xd11f6234, 0xc48afea6); | ||
| 1108 | &data_word(0x349d532e, 0xa2a055f3, 0x0532e18a, 0xa475ebf6); | ||
| 1109 | &data_word(0x0b39ec83, 0x40aaef60, 0x5e069f71, 0xbd51106e); | ||
| 1110 | &data_word(0x3ef98a21, 0x963d06dd, 0xddae053e, 0x4d46bde6); | ||
| 1111 | &data_word(0x91b58d54, 0x71055dc4, 0x046fd406, 0x60ff1550); | ||
| 1112 | &data_word(0x1924fb98, 0xd697e9bd, 0x89cc4340, 0x67779ed9); | ||
| 1113 | &data_word(0xb0bd42e8, 0x07888b89, 0xe7385b19, 0x79dbeec8); | ||
| 1114 | &data_word(0xa1470a7c, 0x7ce90f42, 0xf8c91e84, 0x00000000); | ||
| 1115 | &data_word(0x09838680, 0x3248ed2b, 0x1eac7011, 0x6c4e725a); | ||
| 1116 | &data_word(0xfdfbff0e, 0x0f563885, 0x3d1ed5ae, 0x3627392d); | ||
| 1117 | &data_word(0x0a64d90f, 0x6821a65c, 0x9bd1545b, 0x243a2e36); | ||
| 1118 | &data_word(0x0cb1670a, 0x930fe757, 0xb4d296ee, 0x1b9e919b); | ||
| 1119 | &data_word(0x804fc5c0, 0x61a220dc, 0x5a694b77, 0x1c161a12); | ||
| 1120 | &data_word(0xe20aba93, 0xc0e52aa0, 0x3c43e022, 0x121d171b); | ||
| 1121 | &data_word(0x0e0b0d09, 0xf2adc78b, 0x2db9a8b6, 0x14c8a91e); | ||
| 1122 | &data_word(0x578519f1, 0xaf4c0775, 0xeebbdd99, 0xa3fd607f); | ||
| 1123 | &data_word(0xf79f2601, 0x5cbcf572, 0x44c53b66, 0x5b347efb); | ||
| 1124 | &data_word(0x8b762943, 0xcbdcc623, 0xb668fced, 0xb863f1e4); | ||
| 1125 | &data_word(0xd7cadc31, 0x42108563, 0x13402297, 0x842011c6); | ||
| 1126 | &data_word(0x857d244a, 0xd2f83dbb, 0xae1132f9, 0xc76da129); | ||
| 1127 | &data_word(0x1d4b2f9e, 0xdcf330b2, 0x0dec5286, 0x77d0e3c1); | ||
| 1128 | &data_word(0x2b6c16b3, 0xa999b970, 0x11fa4894, 0x472264e9); | ||
| 1129 | &data_word(0xa8c48cfc, 0xa01a3ff0, 0x56d82c7d, 0x22ef9033); | ||
| 1130 | &data_word(0x87c74e49, 0xd9c1d138, 0x8cfea2ca, 0x98360bd4); | ||
| 1131 | &data_word(0xa6cf81f5, 0xa528de7a, 0xda268eb7, 0x3fa4bfad); | ||
| 1132 | &data_word(0x2ce49d3a, 0x500d9278, 0x6a9bcc5f, 0x5462467e); | ||
| 1133 | &data_word(0xf6c2138d, 0x90e8b8d8, 0x2e5ef739, 0x82f5afc3); | ||
| 1134 | &data_word(0x9fbe805d, 0x697c93d0, 0x6fa92dd5, 0xcfb31225); | ||
| 1135 | &data_word(0xc83b99ac, 0x10a77d18, 0xe86e639c, 0xdb7bbb3b); | ||
| 1136 | &data_word(0xcd097826, 0x6ef41859, 0xec01b79a, 0x83a89a4f); | ||
| 1137 | &data_word(0xe6656e95, 0xaa7ee6ff, 0x2108cfbc, 0xefe6e815); | ||
| 1138 | &data_word(0xbad99be7, 0x4ace366f, 0xead4099f, 0x29d67cb0); | ||
| 1139 | &data_word(0x31afb2a4, 0x2a31233f, 0xc63094a5, 0x35c066a2); | ||
| 1140 | &data_word(0x7437bc4e, 0xfca6ca82, 0xe0b0d090, 0x3315d8a7); | ||
| 1141 | &data_word(0xf14a9804, 0x41f7daec, 0x7f0e50cd, 0x172ff691); | ||
| 1142 | &data_word(0x768dd64d, 0x434db0ef, 0xcc544daa, 0xe4df0496); | ||
| 1143 | &data_word(0x9ee3b5d1, 0x4c1b886a, 0xc1b81f2c, 0x467f5165); | ||
| 1144 | &data_word(0x9d04ea5e, 0x015d358c, 0xfa737487, 0xfb2e410b); | ||
| 1145 | &data_word(0xb35a1d67, 0x9252d2db, 0xe9335610, 0x6d1347d6); | ||
| 1146 | &data_word(0x9a8c61d7, 0x377a0ca1, 0x598e14f8, 0xeb893c13); | ||
| 1147 | &data_word(0xceee27a9, 0xb735c961, 0xe1ede51c, 0x7a3cb147); | ||
| 1148 | &data_word(0x9c59dfd2, 0x553f73f2, 0x1879ce14, 0x73bf37c7); | ||
| 1149 | &data_word(0x53eacdf7, 0x5f5baafd, 0xdf146f3d, 0x7886db44); | ||
| 1150 | &data_word(0xca81f3af, 0xb93ec468, 0x382c3424, 0xc25f40a3); | ||
| 1151 | &data_word(0x1672c31d, 0xbc0c25e2, 0x288b493c, 0xff41950d); | ||
| 1152 | &data_word(0x397101a8, 0x08deb30c, 0xd89ce4b4, 0x6490c156); | ||
| 1153 | &data_word(0x7b6184cb, 0xd570b632, 0x48745c6c, 0xd04257b8); | ||
| 1154 | #Td4: | ||
| 1155 | &data_word(0x52525252, 0x09090909, 0x6a6a6a6a, 0xd5d5d5d5); | ||
| 1156 | &data_word(0x30303030, 0x36363636, 0xa5a5a5a5, 0x38383838); | ||
| 1157 | &data_word(0xbfbfbfbf, 0x40404040, 0xa3a3a3a3, 0x9e9e9e9e); | ||
| 1158 | &data_word(0x81818181, 0xf3f3f3f3, 0xd7d7d7d7, 0xfbfbfbfb); | ||
| 1159 | &data_word(0x7c7c7c7c, 0xe3e3e3e3, 0x39393939, 0x82828282); | ||
| 1160 | &data_word(0x9b9b9b9b, 0x2f2f2f2f, 0xffffffff, 0x87878787); | ||
| 1161 | &data_word(0x34343434, 0x8e8e8e8e, 0x43434343, 0x44444444); | ||
| 1162 | &data_word(0xc4c4c4c4, 0xdededede, 0xe9e9e9e9, 0xcbcbcbcb); | ||
| 1163 | &data_word(0x54545454, 0x7b7b7b7b, 0x94949494, 0x32323232); | ||
| 1164 | &data_word(0xa6a6a6a6, 0xc2c2c2c2, 0x23232323, 0x3d3d3d3d); | ||
| 1165 | &data_word(0xeeeeeeee, 0x4c4c4c4c, 0x95959595, 0x0b0b0b0b); | ||
| 1166 | &data_word(0x42424242, 0xfafafafa, 0xc3c3c3c3, 0x4e4e4e4e); | ||
| 1167 | &data_word(0x08080808, 0x2e2e2e2e, 0xa1a1a1a1, 0x66666666); | ||
| 1168 | &data_word(0x28282828, 0xd9d9d9d9, 0x24242424, 0xb2b2b2b2); | ||
| 1169 | &data_word(0x76767676, 0x5b5b5b5b, 0xa2a2a2a2, 0x49494949); | ||
| 1170 | &data_word(0x6d6d6d6d, 0x8b8b8b8b, 0xd1d1d1d1, 0x25252525); | ||
| 1171 | &data_word(0x72727272, 0xf8f8f8f8, 0xf6f6f6f6, 0x64646464); | ||
| 1172 | &data_word(0x86868686, 0x68686868, 0x98989898, 0x16161616); | ||
| 1173 | &data_word(0xd4d4d4d4, 0xa4a4a4a4, 0x5c5c5c5c, 0xcccccccc); | ||
| 1174 | &data_word(0x5d5d5d5d, 0x65656565, 0xb6b6b6b6, 0x92929292); | ||
| 1175 | &data_word(0x6c6c6c6c, 0x70707070, 0x48484848, 0x50505050); | ||
| 1176 | &data_word(0xfdfdfdfd, 0xedededed, 0xb9b9b9b9, 0xdadadada); | ||
| 1177 | &data_word(0x5e5e5e5e, 0x15151515, 0x46464646, 0x57575757); | ||
| 1178 | &data_word(0xa7a7a7a7, 0x8d8d8d8d, 0x9d9d9d9d, 0x84848484); | ||
| 1179 | &data_word(0x90909090, 0xd8d8d8d8, 0xabababab, 0x00000000); | ||
| 1180 | &data_word(0x8c8c8c8c, 0xbcbcbcbc, 0xd3d3d3d3, 0x0a0a0a0a); | ||
| 1181 | &data_word(0xf7f7f7f7, 0xe4e4e4e4, 0x58585858, 0x05050505); | ||
| 1182 | &data_word(0xb8b8b8b8, 0xb3b3b3b3, 0x45454545, 0x06060606); | ||
| 1183 | &data_word(0xd0d0d0d0, 0x2c2c2c2c, 0x1e1e1e1e, 0x8f8f8f8f); | ||
| 1184 | &data_word(0xcacacaca, 0x3f3f3f3f, 0x0f0f0f0f, 0x02020202); | ||
| 1185 | &data_word(0xc1c1c1c1, 0xafafafaf, 0xbdbdbdbd, 0x03030303); | ||
| 1186 | &data_word(0x01010101, 0x13131313, 0x8a8a8a8a, 0x6b6b6b6b); | ||
| 1187 | &data_word(0x3a3a3a3a, 0x91919191, 0x11111111, 0x41414141); | ||
| 1188 | &data_word(0x4f4f4f4f, 0x67676767, 0xdcdcdcdc, 0xeaeaeaea); | ||
| 1189 | &data_word(0x97979797, 0xf2f2f2f2, 0xcfcfcfcf, 0xcececece); | ||
| 1190 | &data_word(0xf0f0f0f0, 0xb4b4b4b4, 0xe6e6e6e6, 0x73737373); | ||
| 1191 | &data_word(0x96969696, 0xacacacac, 0x74747474, 0x22222222); | ||
| 1192 | &data_word(0xe7e7e7e7, 0xadadadad, 0x35353535, 0x85858585); | ||
| 1193 | &data_word(0xe2e2e2e2, 0xf9f9f9f9, 0x37373737, 0xe8e8e8e8); | ||
| 1194 | &data_word(0x1c1c1c1c, 0x75757575, 0xdfdfdfdf, 0x6e6e6e6e); | ||
| 1195 | &data_word(0x47474747, 0xf1f1f1f1, 0x1a1a1a1a, 0x71717171); | ||
| 1196 | &data_word(0x1d1d1d1d, 0x29292929, 0xc5c5c5c5, 0x89898989); | ||
| 1197 | &data_word(0x6f6f6f6f, 0xb7b7b7b7, 0x62626262, 0x0e0e0e0e); | ||
| 1198 | &data_word(0xaaaaaaaa, 0x18181818, 0xbebebebe, 0x1b1b1b1b); | ||
| 1199 | &data_word(0xfcfcfcfc, 0x56565656, 0x3e3e3e3e, 0x4b4b4b4b); | ||
| 1200 | &data_word(0xc6c6c6c6, 0xd2d2d2d2, 0x79797979, 0x20202020); | ||
| 1201 | &data_word(0x9a9a9a9a, 0xdbdbdbdb, 0xc0c0c0c0, 0xfefefefe); | ||
| 1202 | &data_word(0x78787878, 0xcdcdcdcd, 0x5a5a5a5a, 0xf4f4f4f4); | ||
| 1203 | &data_word(0x1f1f1f1f, 0xdddddddd, 0xa8a8a8a8, 0x33333333); | ||
| 1204 | &data_word(0x88888888, 0x07070707, 0xc7c7c7c7, 0x31313131); | ||
| 1205 | &data_word(0xb1b1b1b1, 0x12121212, 0x10101010, 0x59595959); | ||
| 1206 | &data_word(0x27272727, 0x80808080, 0xecececec, 0x5f5f5f5f); | ||
| 1207 | &data_word(0x60606060, 0x51515151, 0x7f7f7f7f, 0xa9a9a9a9); | ||
| 1208 | &data_word(0x19191919, 0xb5b5b5b5, 0x4a4a4a4a, 0x0d0d0d0d); | ||
| 1209 | &data_word(0x2d2d2d2d, 0xe5e5e5e5, 0x7a7a7a7a, 0x9f9f9f9f); | ||
| 1210 | &data_word(0x93939393, 0xc9c9c9c9, 0x9c9c9c9c, 0xefefefef); | ||
| 1211 | &data_word(0xa0a0a0a0, 0xe0e0e0e0, 0x3b3b3b3b, 0x4d4d4d4d); | ||
| 1212 | &data_word(0xaeaeaeae, 0x2a2a2a2a, 0xf5f5f5f5, 0xb0b0b0b0); | ||
| 1213 | &data_word(0xc8c8c8c8, 0xebebebeb, 0xbbbbbbbb, 0x3c3c3c3c); | ||
| 1214 | &data_word(0x83838383, 0x53535353, 0x99999999, 0x61616161); | ||
| 1215 | &data_word(0x17171717, 0x2b2b2b2b, 0x04040404, 0x7e7e7e7e); | ||
| 1216 | &data_word(0xbabababa, 0x77777777, 0xd6d6d6d6, 0x26262626); | ||
| 1217 | &data_word(0xe1e1e1e1, 0x69696969, 0x14141414, 0x63636363); | ||
| 1218 | &data_word(0x55555555, 0x21212121, 0x0c0c0c0c, 0x7d7d7d7d); | ||
| 1219 | &function_end_B("AES_decrypt"); | ||
| 1220 | 1213 | ||
| 1221 | sub enckey() | 1214 | sub enckey() |
| 1222 | { | 1215 | { |
| 1223 | &movz ("esi",&LB("edx")); # rk[i]>>0 | 1216 | &movz ("esi",&LB("edx")); # rk[i]>>0 |
| 1224 | &mov ("ebx",&DWP(0,"ebp","esi",4)); | 1217 | &mov ("ebx",&DWP(2,"ebp","esi",8)); |
| 1225 | &movz ("esi",&HB("edx")); # rk[i]>>8 | 1218 | &movz ("esi",&HB("edx")); # rk[i]>>8 |
| 1226 | &and ("ebx",0xFF000000); | 1219 | &and ("ebx",0xFF000000); |
| 1227 | &xor ("eax","ebx"); | 1220 | &xor ("eax","ebx"); |
| 1228 | 1221 | ||
| 1229 | &mov ("ebx",&DWP(0,"ebp","esi",4)); | 1222 | &mov ("ebx",&DWP(2,"ebp","esi",8)); |
| 1230 | &shr ("edx",16); | 1223 | &shr ("edx",16); |
| 1231 | &and ("ebx",0x000000FF); | 1224 | &and ("ebx",0x000000FF); |
| 1232 | &movz ("esi",&LB("edx")); # rk[i]>>16 | 1225 | &movz ("esi",&LB("edx")); # rk[i]>>16 |
| 1233 | &xor ("eax","ebx"); | 1226 | &xor ("eax","ebx"); |
| 1234 | 1227 | ||
| 1235 | &mov ("ebx",&DWP(0,"ebp","esi",4)); | 1228 | &mov ("ebx",&DWP(0,"ebp","esi",8)); |
| 1236 | &movz ("esi",&HB("edx")); # rk[i]>>24 | 1229 | &movz ("esi",&HB("edx")); # rk[i]>>24 |
| 1237 | &and ("ebx",0x0000FF00); | 1230 | &and ("ebx",0x0000FF00); |
| 1238 | &xor ("eax","ebx"); | 1231 | &xor ("eax","ebx"); |
| 1239 | 1232 | ||
| 1240 | &mov ("ebx",&DWP(0,"ebp","esi",4)); | 1233 | &mov ("ebx",&DWP(0,"ebp","esi",8)); |
| 1241 | &and ("ebx",0x00FF0000); | 1234 | &and ("ebx",0x00FF0000); |
| 1242 | &xor ("eax","ebx"); | 1235 | &xor ("eax","ebx"); |
| 1243 | 1236 | ||
| 1244 | &xor ("eax",&DWP(1024,"ebp","ecx",4)); # rcon | 1237 | &xor ("eax",&DWP(2048,"ebp","ecx",4)); # rcon |
| 1245 | } | 1238 | } |
| 1246 | 1239 | ||
| 1247 | # int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | 1240 | # int AES_set_encrypt_key(const unsigned char *userKey, const int bits, |
| @@ -1260,7 +1253,6 @@ sub enckey() | |||
| 1260 | &set_label("pic_point"); | 1253 | &set_label("pic_point"); |
| 1261 | &blindpop("ebp"); | 1254 | &blindpop("ebp"); |
| 1262 | &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); | 1255 | &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); |
| 1263 | &add ("ebp",1024*4); # skip to Te4 | ||
| 1264 | 1256 | ||
| 1265 | &mov ("ecx",&wparam(1)); # number of bits in key | 1257 | &mov ("ecx",&wparam(1)); # number of bits in key |
| 1266 | &cmp ("ecx",128); | 1258 | &cmp ("ecx",128); |
| @@ -1401,23 +1393,23 @@ sub enckey() | |||
| 1401 | &mov ("edx","eax"); | 1393 | &mov ("edx","eax"); |
| 1402 | &mov ("eax",&DWP(16,"edi")); # rk[4] | 1394 | &mov ("eax",&DWP(16,"edi")); # rk[4] |
| 1403 | &movz ("esi",&LB("edx")); # rk[11]>>0 | 1395 | &movz ("esi",&LB("edx")); # rk[11]>>0 |
| 1404 | &mov ("ebx",&DWP(0,"ebp","esi",4)); | 1396 | &mov ("ebx",&DWP(2,"ebp","esi",8)); |
| 1405 | &movz ("esi",&HB("edx")); # rk[11]>>8 | 1397 | &movz ("esi",&HB("edx")); # rk[11]>>8 |
| 1406 | &and ("ebx",0x000000FF); | 1398 | &and ("ebx",0x000000FF); |
| 1407 | &xor ("eax","ebx"); | 1399 | &xor ("eax","ebx"); |
| 1408 | 1400 | ||
| 1409 | &mov ("ebx",&DWP(0,"ebp","esi",4)); | 1401 | &mov ("ebx",&DWP(0,"ebp","esi",8)); |
| 1410 | &shr ("edx",16); | 1402 | &shr ("edx",16); |
| 1411 | &and ("ebx",0x0000FF00); | 1403 | &and ("ebx",0x0000FF00); |
| 1412 | &movz ("esi",&LB("edx")); # rk[11]>>16 | 1404 | &movz ("esi",&LB("edx")); # rk[11]>>16 |
| 1413 | &xor ("eax","ebx"); | 1405 | &xor ("eax","ebx"); |
| 1414 | 1406 | ||
| 1415 | &mov ("ebx",&DWP(0,"ebp","esi",4)); | 1407 | &mov ("ebx",&DWP(0,"ebp","esi",8)); |
| 1416 | &movz ("esi",&HB("edx")); # rk[11]>>24 | 1408 | &movz ("esi",&HB("edx")); # rk[11]>>24 |
| 1417 | &and ("ebx",0x00FF0000); | 1409 | &and ("ebx",0x00FF0000); |
| 1418 | &xor ("eax","ebx"); | 1410 | &xor ("eax","ebx"); |
| 1419 | 1411 | ||
| 1420 | &mov ("ebx",&DWP(0,"ebp","esi",4)); | 1412 | &mov ("ebx",&DWP(2,"ebp","esi",8)); |
| 1421 | &and ("ebx",0xFF000000); | 1413 | &and ("ebx",0xFF000000); |
| 1422 | &xor ("eax","ebx"); | 1414 | &xor ("eax","ebx"); |
| 1423 | 1415 | ||
| @@ -1443,23 +1435,23 @@ sub enckey() | |||
| 1443 | &function_end("AES_set_encrypt_key"); | 1435 | &function_end("AES_set_encrypt_key"); |
| 1444 | 1436 | ||
| 1445 | sub deckey() | 1437 | sub deckey() |
| 1446 | { my ($i,$ptr,$te4,$td) = @_; | 1438 | { my ($i,$ptr,$te,$td) = @_; |
| 1447 | 1439 | ||
| 1448 | &mov ("eax",&DWP($i,$ptr)); | 1440 | &mov ("eax",&DWP($i,$ptr)); |
| 1449 | &mov ("edx","eax"); | 1441 | &mov ("edx","eax"); |
| 1450 | &movz ("ebx",&HB("eax")); | 1442 | &movz ("ebx",&HB("eax")); |
| 1451 | &shr ("edx",16); | 1443 | &shr ("edx",16); |
| 1452 | &and ("eax",0xFF); | 1444 | &and ("eax",0xFF); |
| 1453 | &movz ("eax",&BP(0,$te4,"eax",4)); | 1445 | &movz ("eax",&BP(2,$te,"eax",8)); |
| 1454 | &movz ("ebx",&BP(0,$te4,"ebx",4)); | 1446 | &movz ("ebx",&BP(2,$te,"ebx",8)); |
| 1455 | &mov ("eax",&DWP(1024*0,$td,"eax",4)); | 1447 | &mov ("eax",&DWP(0,$td,"eax",8)); |
| 1456 | &xor ("eax",&DWP(1024*1,$td,"ebx",4)); | 1448 | &xor ("eax",&DWP(3,$td,"ebx",8)); |
| 1457 | &movz ("ebx",&HB("edx")); | 1449 | &movz ("ebx",&HB("edx")); |
| 1458 | &and ("edx",0xFF); | 1450 | &and ("edx",0xFF); |
| 1459 | &movz ("edx",&BP(0,$te4,"edx",4)); | 1451 | &movz ("edx",&BP(2,$te,"edx",8)); |
| 1460 | &movz ("ebx",&BP(0,$te4,"ebx",4)); | 1452 | &movz ("ebx",&BP(2,$te,"ebx",8)); |
| 1461 | &xor ("eax",&DWP(1024*2,$td,"edx",4)); | 1453 | &xor ("eax",&DWP(2,$td,"edx",8)); |
| 1462 | &xor ("eax",&DWP(1024*3,$td,"ebx",4)); | 1454 | &xor ("eax",&DWP(1,$td,"ebx",8)); |
| 1463 | &mov (&DWP($i,$ptr),"eax"); | 1455 | &mov (&DWP($i,$ptr),"eax"); |
| 1464 | } | 1456 | } |
| 1465 | 1457 | ||
| @@ -1520,7 +1512,6 @@ sub deckey() | |||
| 1520 | blindpop("ebp"); | 1512 | blindpop("ebp"); |
| 1521 | &lea ("edi",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp")); | 1513 | &lea ("edi",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp")); |
| 1522 | &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); | 1514 | &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); |
| 1523 | &add ("ebp",1024*4); # skip to Te4 | ||
| 1524 | 1515 | ||
| 1525 | &mov ("esi",&wparam(2)); | 1516 | &mov ("esi",&wparam(2)); |
| 1526 | &mov ("ecx",&DWP(240,"esi")); # pull number of rounds | 1517 | &mov ("ecx",&DWP(240,"esi")); # pull number of rounds |
diff --git a/src/lib/libcrypto/asn1/a_bitstr.c b/src/lib/libcrypto/asn1/a_bitstr.c index b81bf4fc81..0fb9ce0c2a 100644 --- a/src/lib/libcrypto/asn1/a_bitstr.c +++ b/src/lib/libcrypto/asn1/a_bitstr.c | |||
| @@ -113,11 +113,12 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) | |||
| 113 | return(ret); | 113 | return(ret); |
| 114 | } | 114 | } |
| 115 | 115 | ||
| 116 | ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp, | 116 | ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, |
| 117 | long len) | 117 | const unsigned char **pp, long len) |
| 118 | { | 118 | { |
| 119 | ASN1_BIT_STRING *ret=NULL; | 119 | ASN1_BIT_STRING *ret=NULL; |
| 120 | unsigned char *p,*s; | 120 | const unsigned char *p; |
| 121 | unsigned char *s; | ||
| 121 | int i; | 122 | int i; |
| 122 | 123 | ||
| 123 | if (len < 1) | 124 | if (len < 1) |
| @@ -164,7 +165,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp, | |||
| 164 | *pp=p; | 165 | *pp=p; |
| 165 | return(ret); | 166 | return(ret); |
| 166 | err: | 167 | err: |
| 167 | ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i); | 168 | ASN1err(ASN1_F_C2I_ASN1_BIT_STRING,i); |
| 168 | if ((ret != NULL) && ((a == NULL) || (*a != ret))) | 169 | if ((ret != NULL) && ((a == NULL) || (*a != ret))) |
| 169 | M_ASN1_BIT_STRING_free(ret); | 170 | M_ASN1_BIT_STRING_free(ret); |
| 170 | return(NULL); | 171 | return(NULL); |
| @@ -182,9 +183,11 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) | |||
| 182 | iv= ~v; | 183 | iv= ~v; |
| 183 | if (!value) v=0; | 184 | if (!value) v=0; |
| 184 | 185 | ||
| 186 | if (a == NULL) | ||
| 187 | return 0; | ||
| 188 | |||
| 185 | a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */ | 189 | a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */ |
| 186 | 190 | ||
| 187 | if (a == NULL) return(0); | ||
| 188 | if ((a->length < (w+1)) || (a->data == NULL)) | 191 | if ((a->length < (w+1)) || (a->data == NULL)) |
| 189 | { | 192 | { |
| 190 | if (!value) return(1); /* Don't need to set */ | 193 | if (!value) return(1); /* Don't need to set */ |
diff --git a/src/lib/libcrypto/asn1/a_bool.c b/src/lib/libcrypto/asn1/a_bool.c index 24333ea4d5..331acdf053 100644 --- a/src/lib/libcrypto/asn1/a_bool.c +++ b/src/lib/libcrypto/asn1/a_bool.c | |||
| @@ -75,10 +75,10 @@ int i2d_ASN1_BOOLEAN(int a, unsigned char **pp) | |||
| 75 | return(r); | 75 | return(r); |
| 76 | } | 76 | } |
| 77 | 77 | ||
| 78 | int d2i_ASN1_BOOLEAN(int *a, unsigned char **pp, long length) | 78 | int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length) |
| 79 | { | 79 | { |
| 80 | int ret= -1; | 80 | int ret= -1; |
| 81 | unsigned char *p; | 81 | const unsigned char *p; |
| 82 | long len; | 82 | long len; |
| 83 | int inf,tag,xclass; | 83 | int inf,tag,xclass; |
| 84 | int i=0; | 84 | int i=0; |
diff --git a/src/lib/libcrypto/asn1/a_bytes.c b/src/lib/libcrypto/asn1/a_bytes.c index 2407f7c87a..92d630cdba 100644 --- a/src/lib/libcrypto/asn1/a_bytes.c +++ b/src/lib/libcrypto/asn1/a_bytes.c | |||
| @@ -60,14 +60,15 @@ | |||
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/asn1.h> | 61 | #include <openssl/asn1.h> |
| 62 | 62 | ||
| 63 | static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c); | 63 | static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c); |
| 64 | /* type is a 'bitmap' of acceptable string types. | 64 | /* type is a 'bitmap' of acceptable string types. |
| 65 | */ | 65 | */ |
| 66 | ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp, | 66 | ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp, |
| 67 | long length, int type) | 67 | long length, int type) |
| 68 | { | 68 | { |
| 69 | ASN1_STRING *ret=NULL; | 69 | ASN1_STRING *ret=NULL; |
| 70 | unsigned char *p,*s; | 70 | const unsigned char *p; |
| 71 | unsigned char *s; | ||
| 71 | long len; | 72 | long len; |
| 72 | int inf,tag,xclass; | 73 | int inf,tag,xclass; |
| 73 | int i=0; | 74 | int i=0; |
| @@ -153,11 +154,12 @@ int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass) | |||
| 153 | return(r); | 154 | return(r); |
| 154 | } | 155 | } |
| 155 | 156 | ||
| 156 | ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length, | 157 | ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, |
| 157 | int Ptag, int Pclass) | 158 | long length, int Ptag, int Pclass) |
| 158 | { | 159 | { |
| 159 | ASN1_STRING *ret=NULL; | 160 | ASN1_STRING *ret=NULL; |
| 160 | unsigned char *p,*s; | 161 | const unsigned char *p; |
| 162 | unsigned char *s; | ||
| 161 | long len; | 163 | long len; |
| 162 | int inf,tag,xclass; | 164 | int inf,tag,xclass; |
| 163 | int i=0; | 165 | int i=0; |
| @@ -185,7 +187,7 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length, | |||
| 185 | 187 | ||
| 186 | if (inf & V_ASN1_CONSTRUCTED) | 188 | if (inf & V_ASN1_CONSTRUCTED) |
| 187 | { | 189 | { |
| 188 | ASN1_CTX c; | 190 | ASN1_const_CTX c; |
| 189 | 191 | ||
| 190 | c.pp=pp; | 192 | c.pp=pp; |
| 191 | c.p=p; | 193 | c.p=p; |
| @@ -247,7 +249,7 @@ err: | |||
| 247 | * them into the one structure that is then returned */ | 249 | * them into the one structure that is then returned */ |
| 248 | /* There have been a few bug fixes for this function from | 250 | /* There have been a few bug fixes for this function from |
| 249 | * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */ | 251 | * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */ |
| 250 | static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) | 252 | static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c) |
| 251 | { | 253 | { |
| 252 | ASN1_STRING *os=NULL; | 254 | ASN1_STRING *os=NULL; |
| 253 | BUF_MEM b; | 255 | BUF_MEM b; |
| @@ -268,7 +270,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) | |||
| 268 | { | 270 | { |
| 269 | if (c->inf & 1) | 271 | if (c->inf & 1) |
| 270 | { | 272 | { |
| 271 | c->eos=ASN1_check_infinite_end(&c->p, | 273 | c->eos=ASN1_const_check_infinite_end(&c->p, |
| 272 | (long)(c->max-c->p)); | 274 | (long)(c->max-c->p)); |
| 273 | if (c->eos) break; | 275 | if (c->eos) break; |
| 274 | } | 276 | } |
| @@ -296,7 +298,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) | |||
| 296 | num+=os->length; | 298 | num+=os->length; |
| 297 | } | 299 | } |
| 298 | 300 | ||
| 299 | if (!asn1_Finish(c)) goto err; | 301 | if (!asn1_const_Finish(c)) goto err; |
| 300 | 302 | ||
| 301 | a->length=num; | 303 | a->length=num; |
| 302 | if (a->data != NULL) OPENSSL_free(a->data); | 304 | if (a->data != NULL) OPENSSL_free(a->data); |
diff --git a/src/lib/libcrypto/asn1/a_d2i_fp.c b/src/lib/libcrypto/asn1/a_d2i_fp.c index b67b75e7c2..ece40bc4c0 100644 --- a/src/lib/libcrypto/asn1/a_d2i_fp.c +++ b/src/lib/libcrypto/asn1/a_d2i_fp.c | |||
| @@ -66,11 +66,10 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb); | |||
| 66 | #ifndef NO_OLD_ASN1 | 66 | #ifndef NO_OLD_ASN1 |
| 67 | #ifndef OPENSSL_NO_FP_API | 67 | #ifndef OPENSSL_NO_FP_API |
| 68 | 68 | ||
| 69 | char *ASN1_d2i_fp(char *(*xnew)(), char *(*d2i)(), FILE *in, | 69 | void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x) |
| 70 | unsigned char **x) | ||
| 71 | { | 70 | { |
| 72 | BIO *b; | 71 | BIO *b; |
| 73 | char *ret; | 72 | void *ret; |
| 74 | 73 | ||
| 75 | if ((b=BIO_new(BIO_s_file())) == NULL) | 74 | if ((b=BIO_new(BIO_s_file())) == NULL) |
| 76 | { | 75 | { |
| @@ -84,12 +83,11 @@ char *ASN1_d2i_fp(char *(*xnew)(), char *(*d2i)(), FILE *in, | |||
| 84 | } | 83 | } |
| 85 | #endif | 84 | #endif |
| 86 | 85 | ||
| 87 | char *ASN1_d2i_bio(char *(*xnew)(), char *(*d2i)(), BIO *in, | 86 | void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x) |
| 88 | unsigned char **x) | ||
| 89 | { | 87 | { |
| 90 | BUF_MEM *b = NULL; | 88 | BUF_MEM *b = NULL; |
| 91 | unsigned char *p; | 89 | const unsigned char *p; |
| 92 | char *ret=NULL; | 90 | void *ret=NULL; |
| 93 | int len; | 91 | int len; |
| 94 | 92 | ||
| 95 | len = asn1_d2i_read_bio(in, &b); | 93 | len = asn1_d2i_read_bio(in, &b); |
| @@ -107,14 +105,14 @@ err: | |||
| 107 | void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x) | 105 | void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x) |
| 108 | { | 106 | { |
| 109 | BUF_MEM *b = NULL; | 107 | BUF_MEM *b = NULL; |
| 110 | unsigned char *p; | 108 | const unsigned char *p; |
| 111 | void *ret=NULL; | 109 | void *ret=NULL; |
| 112 | int len; | 110 | int len; |
| 113 | 111 | ||
| 114 | len = asn1_d2i_read_bio(in, &b); | 112 | len = asn1_d2i_read_bio(in, &b); |
| 115 | if(len < 0) goto err; | 113 | if(len < 0) goto err; |
| 116 | 114 | ||
| 117 | p=(unsigned char *)b->data; | 115 | p=(const unsigned char *)b->data; |
| 118 | ret=ASN1_item_d2i(x,&p,len, it); | 116 | ret=ASN1_item_d2i(x,&p,len, it); |
| 119 | err: | 117 | err: |
| 120 | if (b != NULL) BUF_MEM_free(b); | 118 | if (b != NULL) BUF_MEM_free(b); |
| @@ -129,7 +127,7 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x) | |||
| 129 | 127 | ||
| 130 | if ((b=BIO_new(BIO_s_file())) == NULL) | 128 | if ((b=BIO_new(BIO_s_file())) == NULL) |
| 131 | { | 129 | { |
| 132 | ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB); | 130 | ASN1err(ASN1_F_ASN1_ITEM_D2I_FP,ERR_R_BUF_LIB); |
| 133 | return(NULL); | 131 | return(NULL); |
| 134 | } | 132 | } |
| 135 | BIO_set_fp(b,in,BIO_NOCLOSE); | 133 | BIO_set_fp(b,in,BIO_NOCLOSE); |
| @@ -146,7 +144,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) | |||
| 146 | unsigned char *p; | 144 | unsigned char *p; |
| 147 | int i; | 145 | int i; |
| 148 | int ret=-1; | 146 | int ret=-1; |
| 149 | ASN1_CTX c; | 147 | ASN1_const_CTX c; |
| 150 | int want=HEADER_SIZE; | 148 | int want=HEADER_SIZE; |
| 151 | int eos=0; | 149 | int eos=0; |
| 152 | #if defined(__GNUC__) && defined(__ia64) | 150 | #if defined(__GNUC__) && defined(__ia64) |
| @@ -160,7 +158,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) | |||
| 160 | b=BUF_MEM_new(); | 158 | b=BUF_MEM_new(); |
| 161 | if (b == NULL) | 159 | if (b == NULL) |
| 162 | { | 160 | { |
| 163 | ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); | 161 | ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE); |
| 164 | return -1; | 162 | return -1; |
| 165 | } | 163 | } |
| 166 | 164 | ||
| @@ -173,13 +171,13 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) | |||
| 173 | 171 | ||
| 174 | if (!BUF_MEM_grow_clean(b,len+want)) | 172 | if (!BUF_MEM_grow_clean(b,len+want)) |
| 175 | { | 173 | { |
| 176 | ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); | 174 | ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE); |
| 177 | goto err; | 175 | goto err; |
| 178 | } | 176 | } |
| 179 | i=BIO_read(in,&(b->data[len]),want); | 177 | i=BIO_read(in,&(b->data[len]),want); |
| 180 | if ((i < 0) && ((len-off) == 0)) | 178 | if ((i < 0) && ((len-off) == 0)) |
| 181 | { | 179 | { |
| 182 | ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA); | 180 | ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ASN1_R_NOT_ENOUGH_DATA); |
| 183 | goto err; | 181 | goto err; |
| 184 | } | 182 | } |
| 185 | if (i > 0) | 183 | if (i > 0) |
| @@ -199,7 +197,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) | |||
| 199 | if (e != ASN1_R_TOO_LONG) | 197 | if (e != ASN1_R_TOO_LONG) |
| 200 | goto err; | 198 | goto err; |
| 201 | else | 199 | else |
| 202 | ERR_get_error(); /* clear error */ | 200 | ERR_clear_error(); /* clear error */ |
| 203 | } | 201 | } |
| 204 | i=c.p-p;/* header length */ | 202 | i=c.p-p;/* header length */ |
| 205 | off+=i; /* end of data */ | 203 | off+=i; /* end of data */ |
| @@ -228,7 +226,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) | |||
| 228 | want-=(len-off); | 226 | want-=(len-off); |
| 229 | if (!BUF_MEM_grow_clean(b,len+want)) | 227 | if (!BUF_MEM_grow_clean(b,len+want)) |
| 230 | { | 228 | { |
| 231 | ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); | 229 | ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE); |
| 232 | goto err; | 230 | goto err; |
| 233 | } | 231 | } |
| 234 | while (want > 0) | 232 | while (want > 0) |
| @@ -236,7 +234,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) | |||
| 236 | i=BIO_read(in,&(b->data[len]),want); | 234 | i=BIO_read(in,&(b->data[len]),want); |
| 237 | if (i <= 0) | 235 | if (i <= 0) |
| 238 | { | 236 | { |
| 239 | ASN1err(ASN1_F_ASN1_D2I_BIO, | 237 | ASN1err(ASN1_F_ASN1_D2I_READ_BIO, |
| 240 | ASN1_R_NOT_ENOUGH_DATA); | 238 | ASN1_R_NOT_ENOUGH_DATA); |
| 241 | goto err; | 239 | goto err; |
| 242 | } | 240 | } |
diff --git a/src/lib/libcrypto/asn1/a_digest.c b/src/lib/libcrypto/asn1/a_digest.c index 7182e9fa5d..d00d9e22b1 100644 --- a/src/lib/libcrypto/asn1/a_digest.c +++ b/src/lib/libcrypto/asn1/a_digest.c | |||
| @@ -72,7 +72,7 @@ | |||
| 72 | 72 | ||
| 73 | #ifndef NO_ASN1_OLD | 73 | #ifndef NO_ASN1_OLD |
| 74 | 74 | ||
| 75 | int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data, | 75 | int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, |
| 76 | unsigned char *md, unsigned int *len) | 76 | unsigned char *md, unsigned int *len) |
| 77 | { | 77 | { |
| 78 | int i; | 78 | int i; |
diff --git a/src/lib/libcrypto/asn1/a_dup.c b/src/lib/libcrypto/asn1/a_dup.c index 58a017884c..199d50f521 100644 --- a/src/lib/libcrypto/asn1/a_dup.c +++ b/src/lib/libcrypto/asn1/a_dup.c | |||
| @@ -62,22 +62,23 @@ | |||
| 62 | 62 | ||
| 63 | #ifndef NO_OLD_ASN1 | 63 | #ifndef NO_OLD_ASN1 |
| 64 | 64 | ||
| 65 | char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x) | 65 | void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x) |
| 66 | { | 66 | { |
| 67 | unsigned char *b,*p; | 67 | unsigned char *b,*p; |
| 68 | long i; | 68 | const unsigned char *p2; |
| 69 | int i; | ||
| 69 | char *ret; | 70 | char *ret; |
| 70 | 71 | ||
| 71 | if (x == NULL) return(NULL); | 72 | if (x == NULL) return(NULL); |
| 72 | 73 | ||
| 73 | i=(long)i2d(x,NULL); | 74 | i=i2d(x,NULL); |
| 74 | b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); | 75 | b=OPENSSL_malloc(i+10); |
| 75 | if (b == NULL) | 76 | if (b == NULL) |
| 76 | { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } | 77 | { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } |
| 77 | p= b; | 78 | p= b; |
| 78 | i=i2d(x,&p); | 79 | i=i2d(x,&p); |
| 79 | p= b; | 80 | p2= b; |
| 80 | ret=d2i(NULL,&p,i); | 81 | ret=d2i(NULL,&p2,i); |
| 81 | OPENSSL_free(b); | 82 | OPENSSL_free(b); |
| 82 | return(ret); | 83 | return(ret); |
| 83 | } | 84 | } |
| @@ -91,7 +92,8 @@ char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x) | |||
| 91 | 92 | ||
| 92 | void *ASN1_item_dup(const ASN1_ITEM *it, void *x) | 93 | void *ASN1_item_dup(const ASN1_ITEM *it, void *x) |
| 93 | { | 94 | { |
| 94 | unsigned char *b = NULL, *p; | 95 | unsigned char *b = NULL; |
| 96 | const unsigned char *p; | ||
| 95 | long i; | 97 | long i; |
| 96 | void *ret; | 98 | void *ret; |
| 97 | 99 | ||
| @@ -99,7 +101,7 @@ void *ASN1_item_dup(const ASN1_ITEM *it, void *x) | |||
| 99 | 101 | ||
| 100 | i=ASN1_item_i2d(x,&b,it); | 102 | i=ASN1_item_i2d(x,&b,it); |
| 101 | if (b == NULL) | 103 | if (b == NULL) |
| 102 | { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } | 104 | { ASN1err(ASN1_F_ASN1_ITEM_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } |
| 103 | p= b; | 105 | p= b; |
| 104 | ret=ASN1_item_d2i(NULL,&p,i, it); | 106 | ret=ASN1_item_d2i(NULL,&p,i, it); |
| 105 | OPENSSL_free(b); | 107 | OPENSSL_free(b); |
diff --git a/src/lib/libcrypto/asn1/a_enum.c b/src/lib/libcrypto/asn1/a_enum.c index 03ede68d1c..fe9aa13b9c 100644 --- a/src/lib/libcrypto/asn1/a_enum.c +++ b/src/lib/libcrypto/asn1/a_enum.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/asn1.h> | 61 | #include <openssl/asn1.h> |
| 62 | #include <openssl/bn.h> | ||
| 62 | 63 | ||
| 63 | /* | 64 | /* |
| 64 | * Code for ENUMERATED type: identical to INTEGER apart from a different tag. | 65 | * Code for ENUMERATED type: identical to INTEGER apart from a different tag. |
| @@ -67,12 +68,13 @@ | |||
| 67 | 68 | ||
| 68 | int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) | 69 | int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) |
| 69 | { | 70 | { |
| 70 | int i,j,k; | 71 | int j,k; |
| 72 | unsigned int i; | ||
| 71 | unsigned char buf[sizeof(long)+1]; | 73 | unsigned char buf[sizeof(long)+1]; |
| 72 | long d; | 74 | long d; |
| 73 | 75 | ||
| 74 | a->type=V_ASN1_ENUMERATED; | 76 | a->type=V_ASN1_ENUMERATED; |
| 75 | if (a->length < (sizeof(long)+1)) | 77 | if (a->length < (int)(sizeof(long)+1)) |
| 76 | { | 78 | { |
| 77 | if (a->data != NULL) | 79 | if (a->data != NULL) |
| 78 | OPENSSL_free(a->data); | 80 | OPENSSL_free(a->data); |
| @@ -116,7 +118,7 @@ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a) | |||
| 116 | else if (i != V_ASN1_ENUMERATED) | 118 | else if (i != V_ASN1_ENUMERATED) |
| 117 | return -1; | 119 | return -1; |
| 118 | 120 | ||
| 119 | if (a->length > sizeof(long)) | 121 | if (a->length > (int)sizeof(long)) |
| 120 | { | 122 | { |
| 121 | /* hmm... a bit ugly */ | 123 | /* hmm... a bit ugly */ |
| 122 | return(0xffffffffL); | 124 | return(0xffffffffL); |
| @@ -147,7 +149,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) | |||
| 147 | ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR); | 149 | ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR); |
| 148 | goto err; | 150 | goto err; |
| 149 | } | 151 | } |
| 150 | if(bn->neg) ret->type = V_ASN1_NEG_ENUMERATED; | 152 | if(BN_is_negative(bn)) ret->type = V_ASN1_NEG_ENUMERATED; |
| 151 | else ret->type=V_ASN1_ENUMERATED; | 153 | else ret->type=V_ASN1_ENUMERATED; |
| 152 | j=BN_num_bits(bn); | 154 | j=BN_num_bits(bn); |
| 153 | len=((j == 0)?0:((j/8)+1)); | 155 | len=((j == 0)?0:((j/8)+1)); |
| @@ -175,6 +177,6 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn) | |||
| 175 | 177 | ||
| 176 | if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) | 178 | if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) |
| 177 | ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB); | 179 | ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB); |
| 178 | else if(ai->type == V_ASN1_NEG_ENUMERATED) ret->neg = 1; | 180 | else if(ai->type == V_ASN1_NEG_ENUMERATED) BN_set_negative(ret,1); |
| 179 | return(ret); | 181 | return(ret); |
| 180 | } | 182 | } |
diff --git a/src/lib/libcrypto/asn1/a_gentm.c b/src/lib/libcrypto/asn1/a_gentm.c index 0dfd576211..def79062a5 100644 --- a/src/lib/libcrypto/asn1/a_gentm.c +++ b/src/lib/libcrypto/asn1/a_gentm.c | |||
| @@ -181,7 +181,7 @@ err: | |||
| 181 | return(0); | 181 | return(0); |
| 182 | } | 182 | } |
| 183 | 183 | ||
| 184 | int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str) | 184 | int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str) |
| 185 | { | 185 | { |
| 186 | ASN1_GENERALIZEDTIME t; | 186 | ASN1_GENERALIZEDTIME t; |
| 187 | 187 | ||
diff --git a/src/lib/libcrypto/asn1/a_hdr.c b/src/lib/libcrypto/asn1/a_hdr.c index b1aad81f77..d1c2a7b9e3 100644 --- a/src/lib/libcrypto/asn1/a_hdr.c +++ b/src/lib/libcrypto/asn1/a_hdr.c | |||
| @@ -76,17 +76,17 @@ int i2d_ASN1_HEADER(ASN1_HEADER *a, unsigned char **pp) | |||
| 76 | M_ASN1_I2D_finish(); | 76 | M_ASN1_I2D_finish(); |
| 77 | } | 77 | } |
| 78 | 78 | ||
| 79 | ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, unsigned char **pp, | 79 | ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, const unsigned char **pp, |
| 80 | long length) | 80 | long length) |
| 81 | { | 81 | { |
| 82 | M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new); | 82 | M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new); |
| 83 | 83 | ||
| 84 | M_ASN1_D2I_Init(); | 84 | M_ASN1_D2I_Init(); |
| 85 | M_ASN1_D2I_start_sequence(); | 85 | M_ASN1_D2I_start_sequence(); |
| 86 | M_ASN1_D2I_get(ret->header,d2i_ASN1_OCTET_STRING); | 86 | M_ASN1_D2I_get_x(ASN1_OCTET_STRING,ret->header,d2i_ASN1_OCTET_STRING); |
| 87 | if (ret->meth != NULL) | 87 | if (ret->meth != NULL) |
| 88 | { | 88 | { |
| 89 | M_ASN1_D2I_get(ret->data,ret->meth->d2i); | 89 | M_ASN1_D2I_get_x(void,ret->data,ret->meth->d2i); |
| 90 | } | 90 | } |
| 91 | else | 91 | else |
| 92 | { | 92 | { |
diff --git a/src/lib/libcrypto/asn1/a_i2d_fp.c b/src/lib/libcrypto/asn1/a_i2d_fp.c index f4f1b73ebe..a3ad76d356 100644 --- a/src/lib/libcrypto/asn1/a_i2d_fp.c +++ b/src/lib/libcrypto/asn1/a_i2d_fp.c | |||
| @@ -64,7 +64,7 @@ | |||
| 64 | #ifndef NO_OLD_ASN1 | 64 | #ifndef NO_OLD_ASN1 |
| 65 | 65 | ||
| 66 | #ifndef OPENSSL_NO_FP_API | 66 | #ifndef OPENSSL_NO_FP_API |
| 67 | int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x) | 67 | int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x) |
| 68 | { | 68 | { |
| 69 | BIO *b; | 69 | BIO *b; |
| 70 | int ret; | 70 | int ret; |
| @@ -81,7 +81,7 @@ int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x) | |||
| 81 | } | 81 | } |
| 82 | #endif | 82 | #endif |
| 83 | 83 | ||
| 84 | int ASN1_i2d_bio(int (*i2d)(), BIO *out, unsigned char *x) | 84 | int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) |
| 85 | { | 85 | { |
| 86 | char *b; | 86 | char *b; |
| 87 | unsigned char *p; | 87 | unsigned char *p; |
| @@ -124,7 +124,7 @@ int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x) | |||
| 124 | 124 | ||
| 125 | if ((b=BIO_new(BIO_s_file())) == NULL) | 125 | if ((b=BIO_new(BIO_s_file())) == NULL) |
| 126 | { | 126 | { |
| 127 | ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB); | 127 | ASN1err(ASN1_F_ASN1_ITEM_I2D_FP,ERR_R_BUF_LIB); |
| 128 | return(0); | 128 | return(0); |
| 129 | } | 129 | } |
| 130 | BIO_set_fp(b,out,BIO_NOCLOSE); | 130 | BIO_set_fp(b,out,BIO_NOCLOSE); |
| @@ -142,7 +142,7 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x) | |||
| 142 | n = ASN1_item_i2d(x, &b, it); | 142 | n = ASN1_item_i2d(x, &b, it); |
| 143 | if (b == NULL) | 143 | if (b == NULL) |
| 144 | { | 144 | { |
| 145 | ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE); | 145 | ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO,ERR_R_MALLOC_FAILURE); |
| 146 | return(0); | 146 | return(0); |
| 147 | } | 147 | } |
| 148 | 148 | ||
diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c index 21cc64bb23..f8d198efb1 100644 --- a/src/lib/libcrypto/asn1/a_int.c +++ b/src/lib/libcrypto/asn1/a_int.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/asn1.h> | 61 | #include <openssl/asn1.h> |
| 62 | #include <openssl/bn.h> | ||
| 62 | 63 | ||
| 63 | ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x) | 64 | ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x) |
| 64 | { return M_ASN1_INTEGER_dup(x);} | 65 | { return M_ASN1_INTEGER_dup(x);} |
| @@ -174,11 +175,12 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) | |||
| 174 | 175 | ||
| 175 | /* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */ | 176 | /* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */ |
| 176 | 177 | ||
| 177 | ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, | 178 | ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, |
| 178 | long len) | 179 | long len) |
| 179 | { | 180 | { |
| 180 | ASN1_INTEGER *ret=NULL; | 181 | ASN1_INTEGER *ret=NULL; |
| 181 | unsigned char *p,*to,*s, *pend; | 182 | const unsigned char *p, *pend; |
| 183 | unsigned char *to,*s; | ||
| 182 | int i; | 184 | int i; |
| 183 | 185 | ||
| 184 | if ((a == NULL) || ((*a) == NULL)) | 186 | if ((a == NULL) || ((*a) == NULL)) |
| @@ -254,7 +256,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, | |||
| 254 | *pp=pend; | 256 | *pp=pend; |
| 255 | return(ret); | 257 | return(ret); |
| 256 | err: | 258 | err: |
| 257 | ASN1err(ASN1_F_D2I_ASN1_INTEGER,i); | 259 | ASN1err(ASN1_F_C2I_ASN1_INTEGER,i); |
| 258 | if ((ret != NULL) && ((a == NULL) || (*a != ret))) | 260 | if ((ret != NULL) && ((a == NULL) || (*a != ret))) |
| 259 | M_ASN1_INTEGER_free(ret); | 261 | M_ASN1_INTEGER_free(ret); |
| 260 | return(NULL); | 262 | return(NULL); |
| @@ -266,11 +268,12 @@ err: | |||
| 266 | * with its MSB set as negative (it doesn't add a padding zero). | 268 | * with its MSB set as negative (it doesn't add a padding zero). |
| 267 | */ | 269 | */ |
| 268 | 270 | ||
| 269 | ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp, | 271 | ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, |
| 270 | long length) | 272 | long length) |
| 271 | { | 273 | { |
| 272 | ASN1_INTEGER *ret=NULL; | 274 | ASN1_INTEGER *ret=NULL; |
| 273 | unsigned char *p,*to,*s; | 275 | const unsigned char *p; |
| 276 | unsigned char *to,*s; | ||
| 274 | long len; | 277 | long len; |
| 275 | int inf,tag,xclass; | 278 | int inf,tag,xclass; |
| 276 | int i; | 279 | int i; |
| @@ -332,12 +335,13 @@ err: | |||
| 332 | 335 | ||
| 333 | int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) | 336 | int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) |
| 334 | { | 337 | { |
| 335 | int i,j,k; | 338 | int j,k; |
| 339 | unsigned int i; | ||
| 336 | unsigned char buf[sizeof(long)+1]; | 340 | unsigned char buf[sizeof(long)+1]; |
| 337 | long d; | 341 | long d; |
| 338 | 342 | ||
| 339 | a->type=V_ASN1_INTEGER; | 343 | a->type=V_ASN1_INTEGER; |
| 340 | if (a->length < (sizeof(long)+1)) | 344 | if (a->length < (int)(sizeof(long)+1)) |
| 341 | { | 345 | { |
| 342 | if (a->data != NULL) | 346 | if (a->data != NULL) |
| 343 | OPENSSL_free(a->data); | 347 | OPENSSL_free(a->data); |
| @@ -381,7 +385,7 @@ long ASN1_INTEGER_get(ASN1_INTEGER *a) | |||
| 381 | else if (i != V_ASN1_INTEGER) | 385 | else if (i != V_ASN1_INTEGER) |
| 382 | return -1; | 386 | return -1; |
| 383 | 387 | ||
| 384 | if (a->length > sizeof(long)) | 388 | if (a->length > (int)sizeof(long)) |
| 385 | { | 389 | { |
| 386 | /* hmm... a bit ugly */ | 390 | /* hmm... a bit ugly */ |
| 387 | return(0xffffffffL); | 391 | return(0xffffffffL); |
| @@ -412,7 +416,8 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai) | |||
| 412 | ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR); | 416 | ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR); |
| 413 | goto err; | 417 | goto err; |
| 414 | } | 418 | } |
| 415 | if(bn->neg) ret->type = V_ASN1_NEG_INTEGER; | 419 | if (BN_is_negative(bn)) |
| 420 | ret->type = V_ASN1_NEG_INTEGER; | ||
| 416 | else ret->type=V_ASN1_INTEGER; | 421 | else ret->type=V_ASN1_INTEGER; |
| 417 | j=BN_num_bits(bn); | 422 | j=BN_num_bits(bn); |
| 418 | len=((j == 0)?0:((j/8)+1)); | 423 | len=((j == 0)?0:((j/8)+1)); |
| @@ -445,7 +450,8 @@ BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn) | |||
| 445 | 450 | ||
| 446 | if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) | 451 | if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) |
| 447 | ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB); | 452 | ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB); |
| 448 | else if(ai->type == V_ASN1_NEG_INTEGER) ret->neg = 1; | 453 | else if(ai->type == V_ASN1_NEG_INTEGER) |
| 454 | BN_set_negative(ret, 1); | ||
| 449 | return(ret); | 455 | return(ret); |
| 450 | } | 456 | } |
| 451 | 457 | ||
diff --git a/src/lib/libcrypto/asn1/a_mbstr.c b/src/lib/libcrypto/asn1/a_mbstr.c index 208b3ec395..2d4800a22a 100644 --- a/src/lib/libcrypto/asn1/a_mbstr.c +++ b/src/lib/libcrypto/asn1/a_mbstr.c | |||
| @@ -107,7 +107,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, | |||
| 107 | 107 | ||
| 108 | case MBSTRING_BMP: | 108 | case MBSTRING_BMP: |
| 109 | if(len & 1) { | 109 | if(len & 1) { |
| 110 | ASN1err(ASN1_F_ASN1_MBSTRING_COPY, | 110 | ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, |
| 111 | ASN1_R_INVALID_BMPSTRING_LENGTH); | 111 | ASN1_R_INVALID_BMPSTRING_LENGTH); |
| 112 | return -1; | 112 | return -1; |
| 113 | } | 113 | } |
| @@ -116,7 +116,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, | |||
| 116 | 116 | ||
| 117 | case MBSTRING_UNIV: | 117 | case MBSTRING_UNIV: |
| 118 | if(len & 3) { | 118 | if(len & 3) { |
| 119 | ASN1err(ASN1_F_ASN1_MBSTRING_COPY, | 119 | ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, |
| 120 | ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); | 120 | ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); |
| 121 | return -1; | 121 | return -1; |
| 122 | } | 122 | } |
| @@ -128,7 +128,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, | |||
| 128 | /* This counts the characters and does utf8 syntax checking */ | 128 | /* This counts the characters and does utf8 syntax checking */ |
| 129 | ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar); | 129 | ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar); |
| 130 | if(ret < 0) { | 130 | if(ret < 0) { |
| 131 | ASN1err(ASN1_F_ASN1_MBSTRING_COPY, | 131 | ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, |
| 132 | ASN1_R_INVALID_UTF8STRING); | 132 | ASN1_R_INVALID_UTF8STRING); |
| 133 | return -1; | 133 | return -1; |
| 134 | } | 134 | } |
| @@ -139,19 +139,19 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, | |||
| 139 | break; | 139 | break; |
| 140 | 140 | ||
| 141 | default: | 141 | default: |
| 142 | ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_UNKNOWN_FORMAT); | 142 | ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_UNKNOWN_FORMAT); |
| 143 | return -1; | 143 | return -1; |
| 144 | } | 144 | } |
| 145 | 145 | ||
| 146 | if((minsize > 0) && (nchar < minsize)) { | 146 | if((minsize > 0) && (nchar < minsize)) { |
| 147 | ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_SHORT); | 147 | ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT); |
| 148 | BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize); | 148 | BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize); |
| 149 | ERR_add_error_data(2, "minsize=", strbuf); | 149 | ERR_add_error_data(2, "minsize=", strbuf); |
| 150 | return -1; | 150 | return -1; |
| 151 | } | 151 | } |
| 152 | 152 | ||
| 153 | if((maxsize > 0) && (nchar > maxsize)) { | 153 | if((maxsize > 0) && (nchar > maxsize)) { |
| 154 | ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_LONG); | 154 | ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG); |
| 155 | BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize); | 155 | BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize); |
| 156 | ERR_add_error_data(2, "maxsize=", strbuf); | 156 | ERR_add_error_data(2, "maxsize=", strbuf); |
| 157 | return -1; | 157 | return -1; |
| @@ -159,7 +159,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, | |||
| 159 | 159 | ||
| 160 | /* Now work out minimal type (if any) */ | 160 | /* Now work out minimal type (if any) */ |
| 161 | if(traverse_string(in, len, inform, type_str, &mask) < 0) { | 161 | if(traverse_string(in, len, inform, type_str, &mask) < 0) { |
| 162 | ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_ILLEGAL_CHARACTERS); | 162 | ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_ILLEGAL_CHARACTERS); |
| 163 | return -1; | 163 | return -1; |
| 164 | } | 164 | } |
| 165 | 165 | ||
| @@ -193,7 +193,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, | |||
| 193 | free_out = 1; | 193 | free_out = 1; |
| 194 | dest = ASN1_STRING_type_new(str_type); | 194 | dest = ASN1_STRING_type_new(str_type); |
| 195 | if(!dest) { | 195 | if(!dest) { |
| 196 | ASN1err(ASN1_F_ASN1_MBSTRING_COPY, | 196 | ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, |
| 197 | ERR_R_MALLOC_FAILURE); | 197 | ERR_R_MALLOC_FAILURE); |
| 198 | return -1; | 198 | return -1; |
| 199 | } | 199 | } |
| @@ -202,7 +202,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, | |||
| 202 | /* If both the same type just copy across */ | 202 | /* If both the same type just copy across */ |
| 203 | if(inform == outform) { | 203 | if(inform == outform) { |
| 204 | if(!ASN1_STRING_set(dest, in, len)) { | 204 | if(!ASN1_STRING_set(dest, in, len)) { |
| 205 | ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE); | 205 | ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,ERR_R_MALLOC_FAILURE); |
| 206 | return -1; | 206 | return -1; |
| 207 | } | 207 | } |
| 208 | return str_type; | 208 | return str_type; |
| @@ -233,7 +233,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, | |||
| 233 | } | 233 | } |
| 234 | if(!(p = OPENSSL_malloc(outlen + 1))) { | 234 | if(!(p = OPENSSL_malloc(outlen + 1))) { |
| 235 | if(free_out) ASN1_STRING_free(dest); | 235 | if(free_out) ASN1_STRING_free(dest); |
| 236 | ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE); | 236 | ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,ERR_R_MALLOC_FAILURE); |
| 237 | return -1; | 237 | return -1; |
| 238 | } | 238 | } |
| 239 | dest->length = outlen; | 239 | dest->length = outlen; |
diff --git a/src/lib/libcrypto/asn1/a_meth.c b/src/lib/libcrypto/asn1/a_meth.c index 63158e9cab..50bea917e3 100644 --- a/src/lib/libcrypto/asn1/a_meth.c +++ b/src/lib/libcrypto/asn1/a_meth.c | |||
| @@ -62,16 +62,16 @@ | |||
| 62 | #include <openssl/asn1.h> | 62 | #include <openssl/asn1.h> |
| 63 | 63 | ||
| 64 | static ASN1_METHOD ia5string_meth={ | 64 | static ASN1_METHOD ia5string_meth={ |
| 65 | (int (*)()) i2d_ASN1_IA5STRING, | 65 | (I2D_OF(void)) i2d_ASN1_IA5STRING, |
| 66 | (char *(*)()) d2i_ASN1_IA5STRING, | 66 | (D2I_OF(void)) d2i_ASN1_IA5STRING, |
| 67 | (char *(*)()) ASN1_STRING_new, | 67 | (void *(*)(void))ASN1_STRING_new, |
| 68 | (void (*)()) ASN1_STRING_free}; | 68 | (void (*)(void *))ASN1_STRING_free}; |
| 69 | 69 | ||
| 70 | static ASN1_METHOD bit_string_meth={ | 70 | static ASN1_METHOD bit_string_meth={ |
| 71 | (int (*)()) i2d_ASN1_BIT_STRING, | 71 | (I2D_OF(void)) i2d_ASN1_BIT_STRING, |
| 72 | (char *(*)()) d2i_ASN1_BIT_STRING, | 72 | (D2I_OF(void)) d2i_ASN1_BIT_STRING, |
| 73 | (char *(*)()) ASN1_STRING_new, | 73 | (void *(*)(void))ASN1_STRING_new, |
| 74 | (void (*)()) ASN1_STRING_free}; | 74 | (void (*)(void *))ASN1_STRING_free}; |
| 75 | 75 | ||
| 76 | ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void) | 76 | ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void) |
| 77 | { | 77 | { |
diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c index 0a8e6c287c..dc980421d0 100644 --- a/src/lib/libcrypto/asn1/a_object.c +++ b/src/lib/libcrypto/asn1/a_object.c | |||
| @@ -57,10 +57,12 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <limits.h> | ||
| 60 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 61 | #include <openssl/buffer.h> | 62 | #include <openssl/buffer.h> |
| 62 | #include <openssl/asn1.h> | 63 | #include <openssl/asn1.h> |
| 63 | #include <openssl/objects.h> | 64 | #include <openssl/objects.h> |
| 65 | #include <openssl/bn.h> | ||
| 64 | 66 | ||
| 65 | int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp) | 67 | int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp) |
| 66 | { | 68 | { |
| @@ -83,10 +85,12 @@ int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp) | |||
| 83 | 85 | ||
| 84 | int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) | 86 | int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) |
| 85 | { | 87 | { |
| 86 | int i,first,len=0,c; | 88 | int i,first,len=0,c, use_bn; |
| 87 | char tmp[24]; | 89 | char ftmp[24], *tmp = ftmp; |
| 90 | int tmpsize = sizeof ftmp; | ||
| 88 | const char *p; | 91 | const char *p; |
| 89 | unsigned long l; | 92 | unsigned long l; |
| 93 | BIGNUM *bl = NULL; | ||
| 90 | 94 | ||
| 91 | if (num == 0) | 95 | if (num == 0) |
| 92 | return(0); | 96 | return(0); |
| @@ -98,7 +102,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) | |||
| 98 | num--; | 102 | num--; |
| 99 | if ((c >= '0') && (c <= '2')) | 103 | if ((c >= '0') && (c <= '2')) |
| 100 | { | 104 | { |
| 101 | first=(c-'0')*40; | 105 | first= c-'0'; |
| 102 | } | 106 | } |
| 103 | else | 107 | else |
| 104 | { | 108 | { |
| @@ -122,6 +126,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) | |||
| 122 | goto err; | 126 | goto err; |
| 123 | } | 127 | } |
| 124 | l=0; | 128 | l=0; |
| 129 | use_bn = 0; | ||
| 125 | for (;;) | 130 | for (;;) |
| 126 | { | 131 | { |
| 127 | if (num <= 0) break; | 132 | if (num <= 0) break; |
| @@ -134,7 +139,22 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) | |||
| 134 | ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT); | 139 | ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT); |
| 135 | goto err; | 140 | goto err; |
| 136 | } | 141 | } |
| 137 | l=l*10L+(long)(c-'0'); | 142 | if (!use_bn && l > (ULONG_MAX / 10L)) |
| 143 | { | ||
| 144 | use_bn = 1; | ||
| 145 | if (!bl) | ||
| 146 | bl = BN_new(); | ||
| 147 | if (!bl || !BN_set_word(bl, l)) | ||
| 148 | goto err; | ||
| 149 | } | ||
| 150 | if (use_bn) | ||
| 151 | { | ||
| 152 | if (!BN_mul_word(bl, 10L) | ||
| 153 | || !BN_add_word(bl, c-'0')) | ||
| 154 | goto err; | ||
| 155 | } | ||
| 156 | else | ||
| 157 | l=l*10L+(long)(c-'0'); | ||
| 138 | } | 158 | } |
| 139 | if (len == 0) | 159 | if (len == 0) |
| 140 | { | 160 | { |
| @@ -143,14 +163,42 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) | |||
| 143 | ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE); | 163 | ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE); |
| 144 | goto err; | 164 | goto err; |
| 145 | } | 165 | } |
| 146 | l+=(long)first; | 166 | if (use_bn) |
| 167 | { | ||
| 168 | if (!BN_add_word(bl, first * 40)) | ||
| 169 | goto err; | ||
| 170 | } | ||
| 171 | else | ||
| 172 | l+=(long)first*40; | ||
| 147 | } | 173 | } |
| 148 | i=0; | 174 | i=0; |
| 149 | for (;;) | 175 | if (use_bn) |
| 176 | { | ||
| 177 | int blsize; | ||
| 178 | blsize = BN_num_bits(bl); | ||
| 179 | blsize = (blsize + 6)/7; | ||
| 180 | if (blsize > tmpsize) | ||
| 181 | { | ||
| 182 | if (tmp != ftmp) | ||
| 183 | OPENSSL_free(tmp); | ||
| 184 | tmpsize = blsize + 32; | ||
| 185 | tmp = OPENSSL_malloc(tmpsize); | ||
| 186 | if (!tmp) | ||
| 187 | goto err; | ||
| 188 | } | ||
| 189 | while(blsize--) | ||
| 190 | tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L); | ||
| 191 | } | ||
| 192 | else | ||
| 150 | { | 193 | { |
| 151 | tmp[i++]=(unsigned char)l&0x7f; | 194 | |
| 152 | l>>=7L; | 195 | for (;;) |
| 153 | if (l == 0L) break; | 196 | { |
| 197 | tmp[i++]=(unsigned char)l&0x7f; | ||
| 198 | l>>=7L; | ||
| 199 | if (l == 0L) break; | ||
| 200 | } | ||
| 201 | |||
| 154 | } | 202 | } |
| 155 | if (out != NULL) | 203 | if (out != NULL) |
| 156 | { | 204 | { |
| @@ -166,8 +214,16 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) | |||
| 166 | else | 214 | else |
| 167 | len+=i; | 215 | len+=i; |
| 168 | } | 216 | } |
| 217 | if (tmp != ftmp) | ||
| 218 | OPENSSL_free(tmp); | ||
| 219 | if (bl) | ||
| 220 | BN_free(bl); | ||
| 169 | return(len); | 221 | return(len); |
| 170 | err: | 222 | err: |
| 223 | if (tmp != ftmp) | ||
| 224 | OPENSSL_free(tmp); | ||
| 225 | if (bl) | ||
| 226 | BN_free(bl); | ||
| 171 | return(0); | 227 | return(0); |
| 172 | } | 228 | } |
| 173 | 229 | ||
| @@ -178,21 +234,31 @@ int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a) | |||
| 178 | 234 | ||
| 179 | int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) | 235 | int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) |
| 180 | { | 236 | { |
| 181 | char buf[80]; | 237 | char buf[80], *p = buf; |
| 182 | int i; | 238 | int i; |
| 183 | 239 | ||
| 184 | if ((a == NULL) || (a->data == NULL)) | 240 | if ((a == NULL) || (a->data == NULL)) |
| 185 | return(BIO_write(bp,"NULL",4)); | 241 | return(BIO_write(bp,"NULL",4)); |
| 186 | i=i2t_ASN1_OBJECT(buf,sizeof buf,a); | 242 | i=i2t_ASN1_OBJECT(buf,sizeof buf,a); |
| 187 | if (i > sizeof buf) i=sizeof buf; | 243 | if (i > (int)(sizeof(buf) - 1)) |
| 188 | BIO_write(bp,buf,i); | 244 | { |
| 245 | p = OPENSSL_malloc(i + 1); | ||
| 246 | if (!p) | ||
| 247 | return -1; | ||
| 248 | i2t_ASN1_OBJECT(p,i + 1,a); | ||
| 249 | } | ||
| 250 | if (i <= 0) | ||
| 251 | return BIO_write(bp, "<INVALID>", 9); | ||
| 252 | BIO_write(bp,p,i); | ||
| 253 | if (p != buf) | ||
| 254 | OPENSSL_free(p); | ||
| 189 | return(i); | 255 | return(i); |
| 190 | } | 256 | } |
| 191 | 257 | ||
| 192 | ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, | 258 | ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, |
| 193 | long length) | 259 | long length) |
| 194 | { | 260 | { |
| 195 | unsigned char *p; | 261 | const unsigned char *p; |
| 196 | long len; | 262 | long len; |
| 197 | int tag,xclass; | 263 | int tag,xclass; |
| 198 | int inf,i; | 264 | int inf,i; |
| @@ -219,11 +285,11 @@ err: | |||
| 219 | ASN1_OBJECT_free(ret); | 285 | ASN1_OBJECT_free(ret); |
| 220 | return(NULL); | 286 | return(NULL); |
| 221 | } | 287 | } |
| 222 | ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, | 288 | ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, |
| 223 | long len) | 289 | long len) |
| 224 | { | 290 | { |
| 225 | ASN1_OBJECT *ret=NULL; | 291 | ASN1_OBJECT *ret=NULL; |
| 226 | unsigned char *p; | 292 | const unsigned char *p; |
| 227 | int i; | 293 | int i; |
| 228 | 294 | ||
| 229 | /* only the ASN1_OBJECTs from the 'table' will have values | 295 | /* only the ASN1_OBJECTs from the 'table' will have values |
| @@ -255,7 +321,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, | |||
| 255 | *pp=p; | 321 | *pp=p; |
| 256 | return(ret); | 322 | return(ret); |
| 257 | err: | 323 | err: |
| 258 | ASN1err(ASN1_F_D2I_ASN1_OBJECT,i); | 324 | ASN1err(ASN1_F_C2I_ASN1_OBJECT,i); |
| 259 | if ((ret != NULL) && ((a == NULL) || (*a != ret))) | 325 | if ((ret != NULL) && ((a == NULL) || (*a != ret))) |
| 260 | ASN1_OBJECT_free(ret); | 326 | ASN1_OBJECT_free(ret); |
| 261 | return(NULL); | 327 | return(NULL); |
diff --git a/src/lib/libcrypto/asn1/a_octet.c b/src/lib/libcrypto/asn1/a_octet.c index 9690bae0f1..24fd0f8e5a 100644 --- a/src/lib/libcrypto/asn1/a_octet.c +++ b/src/lib/libcrypto/asn1/a_octet.c | |||
| @@ -66,6 +66,6 @@ ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x) | |||
| 66 | int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b) | 66 | int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b) |
| 67 | { return M_ASN1_OCTET_STRING_cmp(a, b); } | 67 | { return M_ASN1_OCTET_STRING_cmp(a, b); } |
| 68 | 68 | ||
| 69 | int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, unsigned char *d, int len) | 69 | int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d, int len) |
| 70 | { return M_ASN1_OCTET_STRING_set(x, d, len); } | 70 | { return M_ASN1_OCTET_STRING_set(x, d, len); } |
| 71 | 71 | ||
diff --git a/src/lib/libcrypto/asn1/a_set.c b/src/lib/libcrypto/asn1/a_set.c index e24061c545..958558c204 100644 --- a/src/lib/libcrypto/asn1/a_set.c +++ b/src/lib/libcrypto/asn1/a_set.c | |||
| @@ -85,8 +85,8 @@ static int SetBlobCmp(const void *elem1, const void *elem2 ) | |||
| 85 | } | 85 | } |
| 86 | 86 | ||
| 87 | /* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */ | 87 | /* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */ |
| 88 | int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, | 88 | int i2d_ASN1_SET(STACK *a, unsigned char **pp, i2d_of_void *i2d, int ex_tag, |
| 89 | int ex_class, int is_set) | 89 | int ex_class, int is_set) |
| 90 | { | 90 | { |
| 91 | int ret=0,r; | 91 | int ret=0,r; |
| 92 | int i; | 92 | int i; |
| @@ -97,7 +97,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, | |||
| 97 | 97 | ||
| 98 | if (a == NULL) return(0); | 98 | if (a == NULL) return(0); |
| 99 | for (i=sk_num(a)-1; i>=0; i--) | 99 | for (i=sk_num(a)-1; i>=0; i--) |
| 100 | ret+=func(sk_value(a,i),NULL); | 100 | ret+=i2d(sk_value(a,i),NULL); |
| 101 | r=ASN1_object_size(1,ret,ex_tag); | 101 | r=ASN1_object_size(1,ret,ex_tag); |
| 102 | if (pp == NULL) return(r); | 102 | if (pp == NULL) return(r); |
| 103 | 103 | ||
| @@ -111,7 +111,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, | |||
| 111 | if(!is_set || (sk_num(a) < 2)) | 111 | if(!is_set || (sk_num(a) < 2)) |
| 112 | { | 112 | { |
| 113 | for (i=0; i<sk_num(a); i++) | 113 | for (i=0; i<sk_num(a); i++) |
| 114 | func(sk_value(a,i),&p); | 114 | i2d(sk_value(a,i),&p); |
| 115 | 115 | ||
| 116 | *pp=p; | 116 | *pp=p; |
| 117 | return(r); | 117 | return(r); |
| @@ -129,7 +129,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, | |||
| 129 | for (i=0; i<sk_num(a); i++) | 129 | for (i=0; i<sk_num(a); i++) |
| 130 | { | 130 | { |
| 131 | rgSetBlob[i].pbData = p; /* catch each set encode blob */ | 131 | rgSetBlob[i].pbData = p; /* catch each set encode blob */ |
| 132 | func(sk_value(a,i),&p); | 132 | i2d(sk_value(a,i),&p); |
| 133 | rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this | 133 | rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this |
| 134 | SetBlob | 134 | SetBlob |
| 135 | */ | 135 | */ |
| @@ -162,10 +162,11 @@ SetBlob | |||
| 162 | return(r); | 162 | return(r); |
| 163 | } | 163 | } |
| 164 | 164 | ||
| 165 | STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length, | 165 | STACK *d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length, |
| 166 | char *(*func)(), void (*free_func)(void *), int ex_tag, int ex_class) | 166 | d2i_of_void *d2i, void (*free_func)(void *), int ex_tag, |
| 167 | int ex_class) | ||
| 167 | { | 168 | { |
| 168 | ASN1_CTX c; | 169 | ASN1_const_CTX c; |
| 169 | STACK *ret=NULL; | 170 | STACK *ret=NULL; |
| 170 | 171 | ||
| 171 | if ((a == NULL) || ((*a) == NULL)) | 172 | if ((a == NULL) || ((*a) == NULL)) |
| @@ -210,7 +211,9 @@ STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length, | |||
| 210 | char *s; | 211 | char *s; |
| 211 | 212 | ||
| 212 | if (M_ASN1_D2I_end_sequence()) break; | 213 | if (M_ASN1_D2I_end_sequence()) break; |
| 213 | if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) | 214 | /* XXX: This was called with 4 arguments, incorrectly, it seems |
| 215 | if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) */ | ||
| 216 | if ((s=d2i(NULL,&c.p,c.slen)) == NULL) | ||
| 214 | { | 217 | { |
| 215 | ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT); | 218 | ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT); |
| 216 | asn1_add_error(*pp,(int)(c.q- *pp)); | 219 | asn1_add_error(*pp,(int)(c.q- *pp)); |
diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c index 52ce7e3974..1081950518 100644 --- a/src/lib/libcrypto/asn1/a_sign.c +++ b/src/lib/libcrypto/asn1/a_sign.c | |||
| @@ -56,7 +56,7 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | 58 | /* ==================================================================== |
| 59 | * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. | 59 | * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. |
| 60 | * | 60 | * |
| 61 | * Redistribution and use in source and binary forms, with or without | 61 | * Redistribution and use in source and binary forms, with or without |
| 62 | * modification, are permitted provided that the following conditions | 62 | * modification, are permitted provided that the following conditions |
| @@ -126,9 +126,9 @@ | |||
| 126 | 126 | ||
| 127 | #ifndef NO_ASN1_OLD | 127 | #ifndef NO_ASN1_OLD |
| 128 | 128 | ||
| 129 | int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, | 129 | int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, |
| 130 | ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, | 130 | ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, |
| 131 | const EVP_MD *type) | 131 | const EVP_MD *type) |
| 132 | { | 132 | { |
| 133 | EVP_MD_CTX ctx; | 133 | EVP_MD_CTX ctx; |
| 134 | unsigned char *p,*buf_in=NULL,*buf_out=NULL; | 134 | unsigned char *p,*buf_in=NULL,*buf_out=NULL; |
| @@ -229,10 +229,11 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 229 | else | 229 | else |
| 230 | a=algor2; | 230 | a=algor2; |
| 231 | if (a == NULL) continue; | 231 | if (a == NULL) continue; |
| 232 | if (type->pkey_type == NID_dsaWithSHA1) | 232 | if (type->pkey_type == NID_dsaWithSHA1 || |
| 233 | type->pkey_type == NID_ecdsa_with_SHA1) | ||
| 233 | { | 234 | { |
| 234 | /* special case: RFC 2459 tells us to omit 'parameters' | 235 | /* special case: RFC 3279 tells us to omit 'parameters' |
| 235 | * with id-dsa-with-sha1 */ | 236 | * with id-dsa-with-sha1 and ecdsa-with-SHA1 */ |
| 236 | ASN1_TYPE_free(a->parameter); | 237 | ASN1_TYPE_free(a->parameter); |
| 237 | a->parameter = NULL; | 238 | a->parameter = NULL; |
| 238 | } | 239 | } |
| @@ -247,12 +248,12 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 247 | a->algorithm=OBJ_nid2obj(type->pkey_type); | 248 | a->algorithm=OBJ_nid2obj(type->pkey_type); |
| 248 | if (a->algorithm == NULL) | 249 | if (a->algorithm == NULL) |
| 249 | { | 250 | { |
| 250 | ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE); | 251 | ASN1err(ASN1_F_ASN1_ITEM_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE); |
| 251 | goto err; | 252 | goto err; |
| 252 | } | 253 | } |
| 253 | if (a->algorithm->length == 0) | 254 | if (a->algorithm->length == 0) |
| 254 | { | 255 | { |
| 255 | ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); | 256 | ASN1err(ASN1_F_ASN1_ITEM_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); |
| 256 | goto err; | 257 | goto err; |
| 257 | } | 258 | } |
| 258 | } | 259 | } |
| @@ -262,7 +263,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 262 | if ((buf_in == NULL) || (buf_out == NULL)) | 263 | if ((buf_in == NULL) || (buf_out == NULL)) |
| 263 | { | 264 | { |
| 264 | outl=0; | 265 | outl=0; |
| 265 | ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE); | 266 | ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_MALLOC_FAILURE); |
| 266 | goto err; | 267 | goto err; |
| 267 | } | 268 | } |
| 268 | 269 | ||
| @@ -272,7 +273,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 272 | (unsigned int *)&outl,pkey)) | 273 | (unsigned int *)&outl,pkey)) |
| 273 | { | 274 | { |
| 274 | outl=0; | 275 | outl=0; |
| 275 | ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB); | 276 | ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_EVP_LIB); |
| 276 | goto err; | 277 | goto err; |
| 277 | } | 278 | } |
| 278 | if (signature->data != NULL) OPENSSL_free(signature->data); | 279 | if (signature->data != NULL) OPENSSL_free(signature->data); |
diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c index a07122ba47..c2dbb6f9a5 100644 --- a/src/lib/libcrypto/asn1/a_strex.c +++ b/src/lib/libcrypto/asn1/a_strex.c | |||
| @@ -3,7 +3,7 @@ | |||
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 2000 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -58,12 +58,12 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include "cryptlib.h" | ||
| 61 | #include <openssl/crypto.h> | 62 | #include <openssl/crypto.h> |
| 62 | #include <openssl/x509.h> | 63 | #include <openssl/x509.h> |
| 63 | #include <openssl/asn1.h> | 64 | #include <openssl/asn1.h> |
| 64 | 65 | ||
| 65 | #include "charmap.h" | 66 | #include "charmap.h" |
| 66 | #include "cryptlib.h" | ||
| 67 | 67 | ||
| 68 | /* ASN1_STRING_print_ex() and X509_NAME_print_ex(). | 68 | /* ASN1_STRING_print_ex() and X509_NAME_print_ex(). |
| 69 | * Enhanced string and name printing routines handling | 69 | * Enhanced string and name printing routines handling |
| @@ -170,7 +170,7 @@ static int do_buf(unsigned char *buf, int buflen, | |||
| 170 | q = buf + buflen; | 170 | q = buf + buflen; |
| 171 | outlen = 0; | 171 | outlen = 0; |
| 172 | while(p != q) { | 172 | while(p != q) { |
| 173 | if(p == buf) orflags = CHARTYPE_FIRST_ESC_2253; | 173 | if(p == buf && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_FIRST_ESC_2253; |
| 174 | else orflags = 0; | 174 | else orflags = 0; |
| 175 | switch(type & BUF_TYPE_WIDTH_MASK) { | 175 | switch(type & BUF_TYPE_WIDTH_MASK) { |
| 176 | case 4: | 176 | case 4: |
| @@ -194,8 +194,10 @@ static int do_buf(unsigned char *buf, int buflen, | |||
| 194 | if(i < 0) return -1; /* Invalid UTF8String */ | 194 | if(i < 0) return -1; /* Invalid UTF8String */ |
| 195 | p += i; | 195 | p += i; |
| 196 | break; | 196 | break; |
| 197 | default: | ||
| 198 | return -1; /* invalid width */ | ||
| 197 | } | 199 | } |
| 198 | if (p == q) orflags = CHARTYPE_LAST_ESC_2253; | 200 | if (p == q && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_LAST_ESC_2253; |
| 199 | if(type & BUF_TYPE_CONVUTF8) { | 201 | if(type & BUF_TYPE_CONVUTF8) { |
| 200 | unsigned char utfbuf[6]; | 202 | unsigned char utfbuf[6]; |
| 201 | int utflen; | 203 | int utflen; |
| @@ -223,7 +225,7 @@ static int do_buf(unsigned char *buf, int buflen, | |||
| 223 | 225 | ||
| 224 | static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen) | 226 | static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen) |
| 225 | { | 227 | { |
| 226 | const static char hexdig[] = "0123456789ABCDEF"; | 228 | static const char hexdig[] = "0123456789ABCDEF"; |
| 227 | unsigned char *p, *q; | 229 | unsigned char *p, *q; |
| 228 | char hextmp[2]; | 230 | char hextmp[2]; |
| 229 | if(arg) { | 231 | if(arg) { |
| @@ -279,7 +281,7 @@ static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING | |||
| 279 | * otherwise it is the number of bytes per character | 281 | * otherwise it is the number of bytes per character |
| 280 | */ | 282 | */ |
| 281 | 283 | ||
| 282 | const static signed char tag2nbyte[] = { | 284 | static const signed char tag2nbyte[] = { |
| 283 | -1, -1, -1, -1, -1, /* 0-4 */ | 285 | -1, -1, -1, -1, -1, /* 0-4 */ |
| 284 | -1, -1, -1, -1, -1, /* 5-9 */ | 286 | -1, -1, -1, -1, -1, /* 5-9 */ |
| 285 | -1, -1, 0, -1, /* 10-13 */ | 287 | -1, -1, 0, -1, /* 10-13 */ |
| @@ -356,12 +358,13 @@ static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, ASN1_STR | |||
| 356 | } | 358 | } |
| 357 | 359 | ||
| 358 | len = do_buf(str->data, str->length, type, flags, "es, io_ch, NULL); | 360 | len = do_buf(str->data, str->length, type, flags, "es, io_ch, NULL); |
| 359 | if(outlen < 0) return -1; | 361 | if(len < 0) return -1; |
| 360 | outlen += len; | 362 | outlen += len; |
| 361 | if(quotes) outlen += 2; | 363 | if(quotes) outlen += 2; |
| 362 | if(!arg) return outlen; | 364 | if(!arg) return outlen; |
| 363 | if(quotes && !io_ch(arg, "\"", 1)) return -1; | 365 | if(quotes && !io_ch(arg, "\"", 1)) return -1; |
| 364 | do_buf(str->data, str->length, type, flags, NULL, io_ch, arg); | 366 | if(do_buf(str->data, str->length, type, flags, NULL, io_ch, arg) < 0) |
| 367 | return -1; | ||
| 365 | if(quotes && !io_ch(arg, "\"", 1)) return -1; | 368 | if(quotes && !io_ch(arg, "\"", 1)) return -1; |
| 366 | return outlen; | 369 | return outlen; |
| 367 | } | 370 | } |
| @@ -513,7 +516,7 @@ int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags) | |||
| 513 | return do_name_ex(send_bio_chars, out, nm, indent, flags); | 516 | return do_name_ex(send_bio_chars, out, nm, indent, flags); |
| 514 | } | 517 | } |
| 515 | 518 | ||
| 516 | 519 | #ifndef OPENSSL_NO_FP_API | |
| 517 | int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags) | 520 | int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags) |
| 518 | { | 521 | { |
| 519 | if(flags == XN_FLAG_COMPAT) | 522 | if(flags == XN_FLAG_COMPAT) |
| @@ -528,17 +531,19 @@ int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long fla | |||
| 528 | } | 531 | } |
| 529 | return do_name_ex(send_fp_chars, fp, nm, indent, flags); | 532 | return do_name_ex(send_fp_chars, fp, nm, indent, flags); |
| 530 | } | 533 | } |
| 534 | #endif | ||
| 531 | 535 | ||
| 532 | int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags) | 536 | int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags) |
| 533 | { | 537 | { |
| 534 | return do_print_ex(send_bio_chars, out, flags, str); | 538 | return do_print_ex(send_bio_chars, out, flags, str); |
| 535 | } | 539 | } |
| 536 | 540 | ||
| 537 | 541 | #ifndef OPENSSL_NO_FP_API | |
| 538 | int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags) | 542 | int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags) |
| 539 | { | 543 | { |
| 540 | return do_print_ex(send_fp_chars, fp, flags, str); | 544 | return do_print_ex(send_fp_chars, fp, flags, str); |
| 541 | } | 545 | } |
| 546 | #endif | ||
| 542 | 547 | ||
| 543 | /* Utility function: convert any string type to UTF8, returns number of bytes | 548 | /* Utility function: convert any string type to UTF8, returns number of bytes |
| 544 | * in output string or a negative error code | 549 | * in output string or a negative error code |
| @@ -553,12 +558,7 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in) | |||
| 553 | if((type < 0) || (type > 30)) return -1; | 558 | if((type < 0) || (type > 30)) return -1; |
| 554 | mbflag = tag2nbyte[type]; | 559 | mbflag = tag2nbyte[type]; |
| 555 | if(mbflag == -1) return -1; | 560 | if(mbflag == -1) return -1; |
| 556 | if (mbflag == 0) | 561 | mbflag |= MBSTRING_FLAG; |
| 557 | mbflag = MBSTRING_UTF8; | ||
| 558 | else if (mbflag == 4) | ||
| 559 | mbflag = MBSTRING_UNIV; | ||
| 560 | else | ||
| 561 | mbflag |= MBSTRING_FLAG; | ||
| 562 | stmp.data = NULL; | 562 | stmp.data = NULL; |
| 563 | ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING); | 563 | ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING); |
| 564 | if(ret < 0) return ret; | 564 | if(ret < 0) return ret; |
diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c index 2292d49b93..36beceacdb 100644 --- a/src/lib/libcrypto/asn1/a_type.c +++ b/src/lib/libcrypto/asn1/a_type.c | |||
| @@ -57,8 +57,9 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <openssl/asn1t.h> | ||
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/asn1t.h> | ||
| 62 | #include <openssl/objects.h> | ||
| 62 | 63 | ||
| 63 | int ASN1_TYPE_get(ASN1_TYPE *a) | 64 | int ASN1_TYPE_get(ASN1_TYPE *a) |
| 64 | { | 65 | { |
| @@ -79,6 +80,31 @@ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value) | |||
| 79 | a->value.ptr=value; | 80 | a->value.ptr=value; |
| 80 | } | 81 | } |
| 81 | 82 | ||
| 83 | int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value) | ||
| 84 | { | ||
| 85 | if (!value || (type == V_ASN1_BOOLEAN)) | ||
| 86 | { | ||
| 87 | void *p = (void *)value; | ||
| 88 | ASN1_TYPE_set(a, type, p); | ||
| 89 | } | ||
| 90 | else if (type == V_ASN1_OBJECT) | ||
| 91 | { | ||
| 92 | ASN1_OBJECT *odup; | ||
| 93 | odup = OBJ_dup(value); | ||
| 94 | if (!odup) | ||
| 95 | return 0; | ||
| 96 | ASN1_TYPE_set(a, type, odup); | ||
| 97 | } | ||
| 98 | else | ||
| 99 | { | ||
| 100 | ASN1_STRING *sdup; | ||
| 101 | sdup = ASN1_STRING_dup((ASN1_STRING *)value); | ||
| 102 | if (!sdup) | ||
| 103 | return 0; | ||
| 104 | ASN1_TYPE_set(a, type, sdup); | ||
| 105 | } | ||
| 106 | return 1; | ||
| 107 | } | ||
| 82 | 108 | ||
| 83 | IMPLEMENT_STACK_OF(ASN1_TYPE) | 109 | IMPLEMENT_STACK_OF(ASN1_TYPE) |
| 84 | IMPLEMENT_ASN1_SET_OF(ASN1_TYPE) | 110 | IMPLEMENT_ASN1_SET_OF(ASN1_TYPE) |
diff --git a/src/lib/libcrypto/asn1/a_utctm.c b/src/lib/libcrypto/asn1/a_utctm.c index 7b25fed331..d31c028193 100644 --- a/src/lib/libcrypto/asn1/a_utctm.c +++ b/src/lib/libcrypto/asn1/a_utctm.c | |||
| @@ -162,7 +162,7 @@ err: | |||
| 162 | return(0); | 162 | return(0); |
| 163 | } | 163 | } |
| 164 | 164 | ||
| 165 | int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str) | 165 | int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str) |
| 166 | { | 166 | { |
| 167 | ASN1_UTCTIME t; | 167 | ASN1_UTCTIME t; |
| 168 | 168 | ||
diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c index 18ef0acf00..fdce6e4380 100644 --- a/src/lib/libcrypto/asn1/a_verify.c +++ b/src/lib/libcrypto/asn1/a_verify.c | |||
| @@ -73,8 +73,8 @@ | |||
| 73 | 73 | ||
| 74 | #ifndef NO_ASN1_OLD | 74 | #ifndef NO_ASN1_OLD |
| 75 | 75 | ||
| 76 | int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, | 76 | int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, |
| 77 | char *data, EVP_PKEY *pkey) | 77 | char *data, EVP_PKEY *pkey) |
| 78 | { | 78 | { |
| 79 | EVP_MD_CTX ctx; | 79 | EVP_MD_CTX ctx; |
| 80 | const EVP_MD *type; | 80 | const EVP_MD *type; |
| @@ -138,13 +138,13 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat | |||
| 138 | type=EVP_get_digestbyname(OBJ_nid2sn(i)); | 138 | type=EVP_get_digestbyname(OBJ_nid2sn(i)); |
| 139 | if (type == NULL) | 139 | if (type == NULL) |
| 140 | { | 140 | { |
| 141 | ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); | 141 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); |
| 142 | goto err; | 142 | goto err; |
| 143 | } | 143 | } |
| 144 | 144 | ||
| 145 | if (!EVP_VerifyInit_ex(&ctx,type, NULL)) | 145 | if (!EVP_VerifyInit_ex(&ctx,type, NULL)) |
| 146 | { | 146 | { |
| 147 | ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); | 147 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); |
| 148 | ret=0; | 148 | ret=0; |
| 149 | goto err; | 149 | goto err; |
| 150 | } | 150 | } |
| @@ -153,7 +153,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat | |||
| 153 | 153 | ||
| 154 | if (buf_in == NULL) | 154 | if (buf_in == NULL) |
| 155 | { | 155 | { |
| 156 | ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE); | 156 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE); |
| 157 | goto err; | 157 | goto err; |
| 158 | } | 158 | } |
| 159 | 159 | ||
| @@ -165,7 +165,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat | |||
| 165 | if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, | 165 | if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, |
| 166 | (unsigned int)signature->length,pkey) <= 0) | 166 | (unsigned int)signature->length,pkey) <= 0) |
| 167 | { | 167 | { |
| 168 | ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); | 168 | ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); |
| 169 | ret=0; | 169 | ret=0; |
| 170 | goto err; | 170 | goto err; |
| 171 | } | 171 | } |
diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h index 0184b475a7..424cd348bb 100644 --- a/src/lib/libcrypto/asn1/asn1.h +++ b/src/lib/libcrypto/asn1/asn1.h | |||
| @@ -60,17 +60,19 @@ | |||
| 60 | #define HEADER_ASN1_H | 60 | #define HEADER_ASN1_H |
| 61 | 61 | ||
| 62 | #include <time.h> | 62 | #include <time.h> |
| 63 | #include <openssl/e_os2.h> | ||
| 63 | #ifndef OPENSSL_NO_BIO | 64 | #ifndef OPENSSL_NO_BIO |
| 64 | #include <openssl/bio.h> | 65 | #include <openssl/bio.h> |
| 65 | #endif | 66 | #endif |
| 66 | #include <openssl/e_os2.h> | ||
| 67 | #include <openssl/bn.h> | ||
| 68 | #include <openssl/stack.h> | 67 | #include <openssl/stack.h> |
| 69 | #include <openssl/safestack.h> | 68 | #include <openssl/safestack.h> |
| 70 | 69 | ||
| 71 | #include <openssl/symhacks.h> | 70 | #include <openssl/symhacks.h> |
| 72 | 71 | ||
| 73 | #include <openssl/ossl_typ.h> | 72 | #include <openssl/ossl_typ.h> |
| 73 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 74 | #include <openssl/bn.h> | ||
| 75 | #endif | ||
| 74 | 76 | ||
| 75 | #ifdef OPENSSL_BUILD_SHLIBCRYPTO | 77 | #ifdef OPENSSL_BUILD_SHLIBCRYPTO |
| 76 | # undef OPENSSL_EXTERN | 78 | # undef OPENSSL_EXTERN |
| @@ -147,19 +149,29 @@ extern "C" { | |||
| 147 | #define B_ASN1_UTF8STRING 0x2000 | 149 | #define B_ASN1_UTF8STRING 0x2000 |
| 148 | #define B_ASN1_UTCTIME 0x4000 | 150 | #define B_ASN1_UTCTIME 0x4000 |
| 149 | #define B_ASN1_GENERALIZEDTIME 0x8000 | 151 | #define B_ASN1_GENERALIZEDTIME 0x8000 |
| 152 | #define B_ASN1_SEQUENCE 0x10000 | ||
| 150 | 153 | ||
| 151 | /* For use with ASN1_mbstring_copy() */ | 154 | /* For use with ASN1_mbstring_copy() */ |
| 152 | #define MBSTRING_FLAG 0x1000 | 155 | #define MBSTRING_FLAG 0x1000 |
| 156 | #define MBSTRING_UTF8 (MBSTRING_FLAG) | ||
| 153 | #define MBSTRING_ASC (MBSTRING_FLAG|1) | 157 | #define MBSTRING_ASC (MBSTRING_FLAG|1) |
| 154 | #define MBSTRING_BMP (MBSTRING_FLAG|2) | 158 | #define MBSTRING_BMP (MBSTRING_FLAG|2) |
| 155 | #define MBSTRING_UNIV (MBSTRING_FLAG|3) | 159 | #define MBSTRING_UNIV (MBSTRING_FLAG|4) |
| 156 | #define MBSTRING_UTF8 (MBSTRING_FLAG|4) | 160 | |
| 161 | #define SMIME_OLDMIME 0x400 | ||
| 162 | #define SMIME_CRLFEOL 0x800 | ||
| 163 | #define SMIME_STREAM 0x1000 | ||
| 157 | 164 | ||
| 158 | struct X509_algor_st; | 165 | struct X509_algor_st; |
| 166 | DECLARE_STACK_OF(X509_ALGOR) | ||
| 159 | 167 | ||
| 160 | #define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */ | 168 | #define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */ |
| 161 | #define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */ | 169 | #define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */ |
| 162 | 170 | ||
| 171 | /* We MUST make sure that, except for constness, asn1_ctx_st and | ||
| 172 | asn1_const_ctx are exactly the same. Fortunately, as soon as | ||
| 173 | the old ASN1 parsing macros are gone, we can throw this away | ||
| 174 | as well... */ | ||
| 163 | typedef struct asn1_ctx_st | 175 | typedef struct asn1_ctx_st |
| 164 | { | 176 | { |
| 165 | unsigned char *p;/* work char pointer */ | 177 | unsigned char *p;/* work char pointer */ |
| @@ -175,6 +187,21 @@ typedef struct asn1_ctx_st | |||
| 175 | int line; /* used in error processing */ | 187 | int line; /* used in error processing */ |
| 176 | } ASN1_CTX; | 188 | } ASN1_CTX; |
| 177 | 189 | ||
| 190 | typedef struct asn1_const_ctx_st | ||
| 191 | { | ||
| 192 | const unsigned char *p;/* work char pointer */ | ||
| 193 | int eos; /* end of sequence read for indefinite encoding */ | ||
| 194 | int error; /* error code to use when returning an error */ | ||
| 195 | int inf; /* constructed if 0x20, indefinite is 0x21 */ | ||
| 196 | int tag; /* tag from last 'get object' */ | ||
| 197 | int xclass; /* class from last 'get object' */ | ||
| 198 | long slen; /* length of last 'get object' */ | ||
| 199 | const unsigned char *max; /* largest value of p allowed */ | ||
| 200 | const unsigned char *q;/* temporary variable */ | ||
| 201 | const unsigned char **pp;/* variable */ | ||
| 202 | int line; /* used in error processing */ | ||
| 203 | } ASN1_const_CTX; | ||
| 204 | |||
| 178 | /* These are used internally in the ASN1_OBJECT to keep track of | 205 | /* These are used internally in the ASN1_OBJECT to keep track of |
| 179 | * whether the names and data need to be free()ed */ | 206 | * whether the names and data need to be free()ed */ |
| 180 | #define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */ | 207 | #define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */ |
| @@ -191,6 +218,18 @@ typedef struct asn1_object_st | |||
| 191 | } ASN1_OBJECT; | 218 | } ASN1_OBJECT; |
| 192 | 219 | ||
| 193 | #define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */ | 220 | #define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */ |
| 221 | /* This indicates that the ASN1_STRING is not a real value but just a place | ||
| 222 | * holder for the location where indefinite length constructed data should | ||
| 223 | * be inserted in the memory buffer | ||
| 224 | */ | ||
| 225 | #define ASN1_STRING_FLAG_NDEF 0x010 | ||
| 226 | |||
| 227 | /* This flag is used by the CMS code to indicate that a string is not | ||
| 228 | * complete and is a place holder for content when it had all been | ||
| 229 | * accessed. The flag will be reset when content has been written to it. | ||
| 230 | */ | ||
| 231 | #define ASN1_STRING_FLAG_CONT 0x020 | ||
| 232 | |||
| 194 | /* This is the base type that holds just about everything :-) */ | 233 | /* This is the base type that holds just about everything :-) */ |
| 195 | typedef struct asn1_string_st | 234 | typedef struct asn1_string_st |
| 196 | { | 235 | { |
| @@ -259,18 +298,19 @@ typedef struct ASN1_VALUE_st ASN1_VALUE; | |||
| 259 | 298 | ||
| 260 | #define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type) | 299 | #define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type) |
| 261 | 300 | ||
| 301 | #define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \ | ||
| 302 | DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type) | ||
| 303 | |||
| 262 | #define DECLARE_ASN1_FUNCTIONS_name(type, name) \ | 304 | #define DECLARE_ASN1_FUNCTIONS_name(type, name) \ |
| 263 | type *name##_new(void); \ | 305 | DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ |
| 264 | void name##_free(type *a); \ | ||
| 265 | DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) | 306 | DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) |
| 266 | 307 | ||
| 267 | #define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \ | 308 | #define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \ |
| 268 | type *name##_new(void); \ | 309 | DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ |
| 269 | void name##_free(type *a); \ | ||
| 270 | DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) | 310 | DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) |
| 271 | 311 | ||
| 272 | #define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \ | 312 | #define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \ |
| 273 | type *d2i_##name(type **a, unsigned char **in, long len); \ | 313 | type *d2i_##name(type **a, const unsigned char **in, long len); \ |
| 274 | int i2d_##name(type *a, unsigned char **out); \ | 314 | int i2d_##name(type *a, unsigned char **out); \ |
| 275 | DECLARE_ASN1_ITEM(itname) | 315 | DECLARE_ASN1_ITEM(itname) |
| 276 | 316 | ||
| @@ -279,10 +319,37 @@ typedef struct ASN1_VALUE_st ASN1_VALUE; | |||
| 279 | int i2d_##name(const type *a, unsigned char **out); \ | 319 | int i2d_##name(const type *a, unsigned char **out); \ |
| 280 | DECLARE_ASN1_ITEM(name) | 320 | DECLARE_ASN1_ITEM(name) |
| 281 | 321 | ||
| 322 | #define DECLARE_ASN1_NDEF_FUNCTION(name) \ | ||
| 323 | int i2d_##name##_NDEF(name *a, unsigned char **out); | ||
| 324 | |||
| 282 | #define DECLARE_ASN1_FUNCTIONS_const(name) \ | 325 | #define DECLARE_ASN1_FUNCTIONS_const(name) \ |
| 283 | name *name##_new(void); \ | 326 | DECLARE_ASN1_ALLOC_FUNCTIONS(name) \ |
| 284 | void name##_free(name *a); | 327 | DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name) |
| 285 | 328 | ||
| 329 | #define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ | ||
| 330 | type *name##_new(void); \ | ||
| 331 | void name##_free(type *a); | ||
| 332 | |||
| 333 | #define D2I_OF(type) type *(*)(type **,const unsigned char **,long) | ||
| 334 | #define I2D_OF(type) int (*)(type *,unsigned char **) | ||
| 335 | #define I2D_OF_const(type) int (*)(const type *,unsigned char **) | ||
| 336 | |||
| 337 | #define CHECKED_D2I_OF(type, d2i) \ | ||
| 338 | ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0))) | ||
| 339 | #define CHECKED_I2D_OF(type, i2d) \ | ||
| 340 | ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0))) | ||
| 341 | #define CHECKED_NEW_OF(type, xnew) \ | ||
| 342 | ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0))) | ||
| 343 | #define CHECKED_PTR_OF(type, p) \ | ||
| 344 | ((void*) (1 ? p : (type*)0)) | ||
| 345 | #define CHECKED_PPTR_OF(type, p) \ | ||
| 346 | ((void**) (1 ? p : (type**)0)) | ||
| 347 | |||
| 348 | #define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long) | ||
| 349 | #define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **) | ||
| 350 | #define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type) | ||
| 351 | |||
| 352 | TYPEDEF_D2I2D_OF(void); | ||
| 286 | 353 | ||
| 287 | /* The following macros and typedefs allow an ASN1_ITEM | 354 | /* The following macros and typedefs allow an ASN1_ITEM |
| 288 | * to be embedded in a structure and referenced. Since | 355 | * to be embedded in a structure and referenced. Since |
| @@ -467,6 +534,7 @@ typedef struct asn1_type_st | |||
| 467 | * contain the set or sequence bytes */ | 534 | * contain the set or sequence bytes */ |
| 468 | ASN1_STRING * set; | 535 | ASN1_STRING * set; |
| 469 | ASN1_STRING * sequence; | 536 | ASN1_STRING * sequence; |
| 537 | ASN1_VALUE * asn1_value; | ||
| 470 | } value; | 538 | } value; |
| 471 | } ASN1_TYPE; | 539 | } ASN1_TYPE; |
| 472 | 540 | ||
| @@ -475,17 +543,17 @@ DECLARE_ASN1_SET_OF(ASN1_TYPE) | |||
| 475 | 543 | ||
| 476 | typedef struct asn1_method_st | 544 | typedef struct asn1_method_st |
| 477 | { | 545 | { |
| 478 | int (*i2d)(); | 546 | i2d_of_void *i2d; |
| 479 | char *(*d2i)(); | 547 | d2i_of_void *d2i; |
| 480 | char *(*create)(); | 548 | void *(*create)(void); |
| 481 | void (*destroy)(); | 549 | void (*destroy)(void *); |
| 482 | } ASN1_METHOD; | 550 | } ASN1_METHOD; |
| 483 | 551 | ||
| 484 | /* This is used when parsing some Netscape objects */ | 552 | /* This is used when parsing some Netscape objects */ |
| 485 | typedef struct asn1_header_st | 553 | typedef struct asn1_header_st |
| 486 | { | 554 | { |
| 487 | ASN1_OCTET_STRING *header; | 555 | ASN1_OCTET_STRING *header; |
| 488 | char *data; | 556 | void *data; |
| 489 | ASN1_METHOD *meth; | 557 | ASN1_METHOD *meth; |
| 490 | } ASN1_HEADER; | 558 | } ASN1_HEADER; |
| 491 | 559 | ||
| @@ -551,6 +619,7 @@ typedef struct BIT_STRING_BITNAME_st { | |||
| 551 | B_ASN1_UNIVERSALSTRING|\ | 619 | B_ASN1_UNIVERSALSTRING|\ |
| 552 | B_ASN1_BMPSTRING|\ | 620 | B_ASN1_BMPSTRING|\ |
| 553 | B_ASN1_UTF8STRING|\ | 621 | B_ASN1_UTF8STRING|\ |
| 622 | B_ASN1_SEQUENCE|\ | ||
| 554 | B_ASN1_UNKNOWN | 623 | B_ASN1_UNKNOWN |
| 555 | 624 | ||
| 556 | #define B_ASN1_DIRECTORYSTRING \ | 625 | #define B_ASN1_DIRECTORYSTRING \ |
| @@ -696,13 +765,14 @@ DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE) | |||
| 696 | 765 | ||
| 697 | int ASN1_TYPE_get(ASN1_TYPE *a); | 766 | int ASN1_TYPE_get(ASN1_TYPE *a); |
| 698 | void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); | 767 | void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); |
| 768 | int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value); | ||
| 699 | 769 | ||
| 700 | ASN1_OBJECT * ASN1_OBJECT_new(void ); | 770 | ASN1_OBJECT * ASN1_OBJECT_new(void ); |
| 701 | void ASN1_OBJECT_free(ASN1_OBJECT *a); | 771 | void ASN1_OBJECT_free(ASN1_OBJECT *a); |
| 702 | int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp); | 772 | int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp); |
| 703 | ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, | 773 | ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp, |
| 704 | long length); | 774 | long length); |
| 705 | ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, | 775 | ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp, |
| 706 | long length); | 776 | long length); |
| 707 | 777 | ||
| 708 | DECLARE_ASN1_ITEM(ASN1_OBJECT) | 778 | DECLARE_ASN1_ITEM(ASN1_OBJECT) |
| @@ -718,6 +788,7 @@ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b); | |||
| 718 | /* Since this is used to store all sorts of things, via macros, for now, make | 788 | /* Since this is used to store all sorts of things, via macros, for now, make |
| 719 | its data void * */ | 789 | its data void * */ |
| 720 | int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len); | 790 | int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len); |
| 791 | void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len); | ||
| 721 | int ASN1_STRING_length(ASN1_STRING *x); | 792 | int ASN1_STRING_length(ASN1_STRING *x); |
| 722 | void ASN1_STRING_length_set(ASN1_STRING *x, int n); | 793 | void ASN1_STRING_length_set(ASN1_STRING *x, int n); |
| 723 | int ASN1_STRING_type(ASN1_STRING *x); | 794 | int ASN1_STRING_type(ASN1_STRING *x); |
| @@ -725,7 +796,7 @@ unsigned char * ASN1_STRING_data(ASN1_STRING *x); | |||
| 725 | 796 | ||
| 726 | DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING) | 797 | DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING) |
| 727 | int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp); | 798 | int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp); |
| 728 | ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp, | 799 | ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,const unsigned char **pp, |
| 729 | long length); | 800 | long length); |
| 730 | int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, | 801 | int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, |
| 731 | int length ); | 802 | int length ); |
| @@ -741,13 +812,13 @@ int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value, | |||
| 741 | BIT_STRING_BITNAME *tbl); | 812 | BIT_STRING_BITNAME *tbl); |
| 742 | 813 | ||
| 743 | int i2d_ASN1_BOOLEAN(int a,unsigned char **pp); | 814 | int i2d_ASN1_BOOLEAN(int a,unsigned char **pp); |
| 744 | int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length); | 815 | int d2i_ASN1_BOOLEAN(int *a,const unsigned char **pp,long length); |
| 745 | 816 | ||
| 746 | DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER) | 817 | DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER) |
| 747 | int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp); | 818 | int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp); |
| 748 | ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp, | 819 | ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,const unsigned char **pp, |
| 749 | long length); | 820 | long length); |
| 750 | ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp, | 821 | ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,const unsigned char **pp, |
| 751 | long length); | 822 | long length); |
| 752 | ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x); | 823 | ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x); |
| 753 | int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y); | 824 | int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y); |
| @@ -756,7 +827,7 @@ DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED) | |||
| 756 | 827 | ||
| 757 | int ASN1_UTCTIME_check(ASN1_UTCTIME *a); | 828 | int ASN1_UTCTIME_check(ASN1_UTCTIME *a); |
| 758 | ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t); | 829 | ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t); |
| 759 | int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str); | 830 | int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str); |
| 760 | int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); | 831 | int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); |
| 761 | #if 0 | 832 | #if 0 |
| 762 | time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); | 833 | time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); |
| @@ -764,12 +835,12 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); | |||
| 764 | 835 | ||
| 765 | int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a); | 836 | int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a); |
| 766 | ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t); | 837 | ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t); |
| 767 | int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str); | 838 | int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str); |
| 768 | 839 | ||
| 769 | DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING) | 840 | DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING) |
| 770 | ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a); | 841 | ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a); |
| 771 | int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b); | 842 | int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b); |
| 772 | int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len); | 843 | int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, int len); |
| 773 | 844 | ||
| 774 | DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING) | 845 | DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING) |
| 775 | DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING) | 846 | DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING) |
| @@ -792,15 +863,17 @@ DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME) | |||
| 792 | DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME) | 863 | DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME) |
| 793 | DECLARE_ASN1_FUNCTIONS(ASN1_TIME) | 864 | DECLARE_ASN1_FUNCTIONS(ASN1_TIME) |
| 794 | 865 | ||
| 866 | DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF) | ||
| 867 | |||
| 795 | ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t); | 868 | ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t); |
| 796 | int ASN1_TIME_check(ASN1_TIME *t); | 869 | int ASN1_TIME_check(ASN1_TIME *t); |
| 797 | ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out); | 870 | ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out); |
| 798 | 871 | ||
| 799 | int i2d_ASN1_SET(STACK *a, unsigned char **pp, | 872 | int i2d_ASN1_SET(STACK *a, unsigned char **pp, |
| 800 | int (*func)(), int ex_tag, int ex_class, int is_set); | 873 | i2d_of_void *i2d, int ex_tag, int ex_class, int is_set); |
| 801 | STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length, | 874 | STACK * d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length, |
| 802 | char *(*func)(), void (*free_func)(void *), | 875 | d2i_of_void *d2i, void (*free_func)(void *), |
| 803 | int ex_tag, int ex_class); | 876 | int ex_tag, int ex_class); |
| 804 | 877 | ||
| 805 | #ifndef OPENSSL_NO_BIO | 878 | #ifndef OPENSSL_NO_BIO |
| 806 | int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a); | 879 | int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a); |
| @@ -832,33 +905,70 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn); | |||
| 832 | int ASN1_PRINTABLE_type(const unsigned char *s, int max); | 905 | int ASN1_PRINTABLE_type(const unsigned char *s, int max); |
| 833 | 906 | ||
| 834 | int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass); | 907 | int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass); |
| 835 | ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, | 908 | ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, |
| 836 | long length, int Ptag, int Pclass); | 909 | long length, int Ptag, int Pclass); |
| 837 | unsigned long ASN1_tag2bit(int tag); | 910 | unsigned long ASN1_tag2bit(int tag); |
| 838 | /* type is one or more of the B_ASN1_ values. */ | 911 | /* type is one or more of the B_ASN1_ values. */ |
| 839 | ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp, | 912 | ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,const unsigned char **pp, |
| 840 | long length,int type); | 913 | long length,int type); |
| 841 | 914 | ||
| 842 | /* PARSING */ | 915 | /* PARSING */ |
| 843 | int asn1_Finish(ASN1_CTX *c); | 916 | int asn1_Finish(ASN1_CTX *c); |
| 917 | int asn1_const_Finish(ASN1_const_CTX *c); | ||
| 844 | 918 | ||
| 845 | /* SPECIALS */ | 919 | /* SPECIALS */ |
| 846 | int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, | 920 | int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, |
| 847 | int *pclass, long omax); | 921 | int *pclass, long omax); |
| 848 | int ASN1_check_infinite_end(unsigned char **p,long len); | 922 | int ASN1_check_infinite_end(unsigned char **p,long len); |
| 923 | int ASN1_const_check_infinite_end(const unsigned char **p,long len); | ||
| 849 | void ASN1_put_object(unsigned char **pp, int constructed, int length, | 924 | void ASN1_put_object(unsigned char **pp, int constructed, int length, |
| 850 | int tag, int xclass); | 925 | int tag, int xclass); |
| 926 | int ASN1_put_eoc(unsigned char **pp); | ||
| 851 | int ASN1_object_size(int constructed, int length, int tag); | 927 | int ASN1_object_size(int constructed, int length, int tag); |
| 852 | 928 | ||
| 853 | /* Used to implement other functions */ | 929 | /* Used to implement other functions */ |
| 854 | char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x); | 930 | void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x); |
| 931 | |||
| 932 | #define ASN1_dup_of(type,i2d,d2i,x) \ | ||
| 933 | ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \ | ||
| 934 | CHECKED_D2I_OF(type, d2i), \ | ||
| 935 | CHECKED_PTR_OF(type, x))) | ||
| 936 | |||
| 937 | #define ASN1_dup_of_const(type,i2d,d2i,x) \ | ||
| 938 | ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \ | ||
| 939 | CHECKED_D2I_OF(type, d2i), \ | ||
| 940 | CHECKED_PTR_OF(const type, x))) | ||
| 855 | 941 | ||
| 856 | void *ASN1_item_dup(const ASN1_ITEM *it, void *x); | 942 | void *ASN1_item_dup(const ASN1_ITEM *it, void *x); |
| 857 | 943 | ||
| 944 | /* ASN1 alloc/free macros for when a type is only used internally */ | ||
| 945 | |||
| 946 | #define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type)) | ||
| 947 | #define M_ASN1_free_of(x, type) \ | ||
| 948 | ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type)) | ||
| 949 | |||
| 858 | #ifndef OPENSSL_NO_FP_API | 950 | #ifndef OPENSSL_NO_FP_API |
| 859 | char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x); | 951 | void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x); |
| 952 | |||
| 953 | #define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \ | ||
| 954 | ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \ | ||
| 955 | CHECKED_D2I_OF(type, d2i), \ | ||
| 956 | in, \ | ||
| 957 | CHECKED_PPTR_OF(type, x))) | ||
| 958 | |||
| 860 | void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x); | 959 | void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x); |
| 861 | int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x); | 960 | int ASN1_i2d_fp(i2d_of_void *i2d,FILE *out,void *x); |
| 961 | |||
| 962 | #define ASN1_i2d_fp_of(type,i2d,out,x) \ | ||
| 963 | (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \ | ||
| 964 | out, \ | ||
| 965 | CHECKED_PTR_OF(type, x))) | ||
| 966 | |||
| 967 | #define ASN1_i2d_fp_of_const(type,i2d,out,x) \ | ||
| 968 | (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \ | ||
| 969 | out, \ | ||
| 970 | CHECKED_PTR_OF(const type, x))) | ||
| 971 | |||
| 862 | int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x); | 972 | int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x); |
| 863 | int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags); | 973 | int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags); |
| 864 | #endif | 974 | #endif |
| @@ -866,23 +976,41 @@ int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags); | |||
| 866 | int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in); | 976 | int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in); |
| 867 | 977 | ||
| 868 | #ifndef OPENSSL_NO_BIO | 978 | #ifndef OPENSSL_NO_BIO |
| 869 | char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x); | 979 | void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x); |
| 980 | |||
| 981 | #define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \ | ||
| 982 | ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \ | ||
| 983 | CHECKED_D2I_OF(type, d2i), \ | ||
| 984 | in, \ | ||
| 985 | CHECKED_PPTR_OF(type, x))) | ||
| 986 | |||
| 870 | void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x); | 987 | void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x); |
| 871 | int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x); | 988 | int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x); |
| 989 | |||
| 990 | #define ASN1_i2d_bio_of(type,i2d,out,x) \ | ||
| 991 | (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \ | ||
| 992 | out, \ | ||
| 993 | CHECKED_PTR_OF(type, x))) | ||
| 994 | |||
| 995 | #define ASN1_i2d_bio_of_const(type,i2d,out,x) \ | ||
| 996 | (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \ | ||
| 997 | out, \ | ||
| 998 | CHECKED_PTR_OF(const type, x))) | ||
| 999 | |||
| 872 | int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x); | 1000 | int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x); |
| 873 | int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a); | 1001 | int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a); |
| 874 | int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a); | 1002 | int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a); |
| 875 | int ASN1_TIME_print(BIO *fp,ASN1_TIME *a); | 1003 | int ASN1_TIME_print(BIO *fp,ASN1_TIME *a); |
| 876 | int ASN1_STRING_print(BIO *bp,ASN1_STRING *v); | 1004 | int ASN1_STRING_print(BIO *bp,ASN1_STRING *v); |
| 877 | int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags); | 1005 | int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags); |
| 878 | int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent); | 1006 | int ASN1_parse(BIO *bp,const unsigned char *pp,long len,int indent); |
| 879 | int ASN1_parse_dump(BIO *bp,unsigned char *pp,long len,int indent,int dump); | 1007 | int ASN1_parse_dump(BIO *bp,const unsigned char *pp,long len,int indent,int dump); |
| 880 | #endif | 1008 | #endif |
| 881 | const char *ASN1_tag2str(int tag); | 1009 | const char *ASN1_tag2str(int tag); |
| 882 | 1010 | ||
| 883 | /* Used to load and write netscape format cert/key */ | 1011 | /* Used to load and write netscape format cert/key */ |
| 884 | int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp); | 1012 | int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp); |
| 885 | ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,unsigned char **pp, long length); | 1013 | ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,const unsigned char **pp, long length); |
| 886 | ASN1_HEADER *ASN1_HEADER_new(void ); | 1014 | ASN1_HEADER *ASN1_HEADER_new(void ); |
| 887 | void ASN1_HEADER_free(ASN1_HEADER *a); | 1015 | void ASN1_HEADER_free(ASN1_HEADER *a); |
| 888 | 1016 | ||
| @@ -903,13 +1031,20 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, | |||
| 903 | int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num, | 1031 | int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num, |
| 904 | unsigned char *data, int max_len); | 1032 | unsigned char *data, int max_len); |
| 905 | 1033 | ||
| 906 | STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), | 1034 | STACK *ASN1_seq_unpack(const unsigned char *buf, int len, |
| 907 | void (*free_func)(void *) ); | 1035 | d2i_of_void *d2i, void (*free_func)(void *)); |
| 908 | unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, | 1036 | unsigned char *ASN1_seq_pack(STACK *safes, i2d_of_void *i2d, |
| 909 | int *len ); | 1037 | unsigned char **buf, int *len ); |
| 910 | void *ASN1_unpack_string(ASN1_STRING *oct, char *(*d2i)()); | 1038 | void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i); |
| 911 | void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it); | 1039 | void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it); |
| 912 | ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_OCTET_STRING **oct); | 1040 | ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, |
| 1041 | ASN1_OCTET_STRING **oct); | ||
| 1042 | |||
| 1043 | #define ASN1_pack_string_of(type,obj,i2d,oct) \ | ||
| 1044 | (ASN1_pack_string(CHECKED_PTR_OF(type, obj), \ | ||
| 1045 | CHECKED_I2D_OF(type, i2d), \ | ||
| 1046 | oct)) | ||
| 1047 | |||
| 913 | ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct); | 1048 | ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct); |
| 914 | 1049 | ||
| 915 | void ASN1_STRING_set_default_mask(unsigned long mask); | 1050 | void ASN1_STRING_set_default_mask(unsigned long mask); |
| @@ -932,11 +1067,25 @@ void ASN1_STRING_TABLE_cleanup(void); | |||
| 932 | /* Old API compatible functions */ | 1067 | /* Old API compatible functions */ |
| 933 | ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it); | 1068 | ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it); |
| 934 | void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it); | 1069 | void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it); |
| 935 | ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it); | 1070 | ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it); |
| 936 | int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); | 1071 | int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); |
| 1072 | int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); | ||
| 937 | 1073 | ||
| 938 | void ASN1_add_oid_module(void); | 1074 | void ASN1_add_oid_module(void); |
| 939 | 1075 | ||
| 1076 | ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf); | ||
| 1077 | ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf); | ||
| 1078 | |||
| 1079 | typedef int asn1_output_data_fn(BIO *out, BIO *data, ASN1_VALUE *val, int flags, | ||
| 1080 | const ASN1_ITEM *it); | ||
| 1081 | |||
| 1082 | int int_smime_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, | ||
| 1083 | int ctype_nid, int econt_nid, | ||
| 1084 | STACK_OF(X509_ALGOR) *mdalgs, | ||
| 1085 | asn1_output_data_fn *data_fn, | ||
| 1086 | const ASN1_ITEM *it); | ||
| 1087 | ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it); | ||
| 1088 | |||
| 940 | /* BEGIN ERROR CODES */ | 1089 | /* BEGIN ERROR CODES */ |
| 941 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 1090 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
| 942 | * made after this point may be overwritten when the script is next run. | 1091 | * made after this point may be overwritten when the script is next run. |
| @@ -950,49 +1099,70 @@ void ERR_load_ASN1_strings(void); | |||
| 950 | #define ASN1_F_A2I_ASN1_ENUMERATED 101 | 1099 | #define ASN1_F_A2I_ASN1_ENUMERATED 101 |
| 951 | #define ASN1_F_A2I_ASN1_INTEGER 102 | 1100 | #define ASN1_F_A2I_ASN1_INTEGER 102 |
| 952 | #define ASN1_F_A2I_ASN1_STRING 103 | 1101 | #define ASN1_F_A2I_ASN1_STRING 103 |
| 953 | #define ASN1_F_ASN1_BIT_STRING_SET_BIT 176 | 1102 | #define ASN1_F_APPEND_EXP 176 |
| 1103 | #define ASN1_F_ASN1_BIT_STRING_SET_BIT 183 | ||
| 1104 | #define ASN1_F_ASN1_CB 177 | ||
| 954 | #define ASN1_F_ASN1_CHECK_TLEN 104 | 1105 | #define ASN1_F_ASN1_CHECK_TLEN 104 |
| 955 | #define ASN1_F_ASN1_COLLATE_PRIMITIVE 105 | 1106 | #define ASN1_F_ASN1_COLLATE_PRIMITIVE 105 |
| 956 | #define ASN1_F_ASN1_COLLECT 106 | 1107 | #define ASN1_F_ASN1_COLLECT 106 |
| 957 | #define ASN1_F_ASN1_D2I_BIO 107 | ||
| 958 | #define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108 | 1108 | #define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108 |
| 959 | #define ASN1_F_ASN1_D2I_FP 109 | 1109 | #define ASN1_F_ASN1_D2I_FP 109 |
| 960 | #define ASN1_F_ASN1_DIGEST 177 | 1110 | #define ASN1_F_ASN1_D2I_READ_BIO 107 |
| 1111 | #define ASN1_F_ASN1_DIGEST 184 | ||
| 961 | #define ASN1_F_ASN1_DO_ADB 110 | 1112 | #define ASN1_F_ASN1_DO_ADB 110 |
| 962 | #define ASN1_F_ASN1_DUP 111 | 1113 | #define ASN1_F_ASN1_DUP 111 |
| 963 | #define ASN1_F_ASN1_ENUMERATED_SET 112 | 1114 | #define ASN1_F_ASN1_ENUMERATED_SET 112 |
| 964 | #define ASN1_F_ASN1_ENUMERATED_TO_BN 113 | 1115 | #define ASN1_F_ASN1_ENUMERATED_TO_BN 113 |
| 965 | #define ASN1_F_ASN1_FIND_END 182 | 1116 | #define ASN1_F_ASN1_EX_C2I 204 |
| 966 | #define ASN1_F_ASN1_GENERALIZEDTIME_SET 178 | 1117 | #define ASN1_F_ASN1_FIND_END 190 |
| 1118 | #define ASN1_F_ASN1_GENERALIZEDTIME_SET 185 | ||
| 1119 | #define ASN1_F_ASN1_GENERATE_V3 178 | ||
| 967 | #define ASN1_F_ASN1_GET_OBJECT 114 | 1120 | #define ASN1_F_ASN1_GET_OBJECT 114 |
| 968 | #define ASN1_F_ASN1_HEADER_NEW 115 | 1121 | #define ASN1_F_ASN1_HEADER_NEW 115 |
| 969 | #define ASN1_F_ASN1_I2D_BIO 116 | 1122 | #define ASN1_F_ASN1_I2D_BIO 116 |
| 970 | #define ASN1_F_ASN1_I2D_FP 117 | 1123 | #define ASN1_F_ASN1_I2D_FP 117 |
| 971 | #define ASN1_F_ASN1_INTEGER_SET 118 | 1124 | #define ASN1_F_ASN1_INTEGER_SET 118 |
| 972 | #define ASN1_F_ASN1_INTEGER_TO_BN 119 | 1125 | #define ASN1_F_ASN1_INTEGER_TO_BN 119 |
| 1126 | #define ASN1_F_ASN1_ITEM_D2I_FP 206 | ||
| 1127 | #define ASN1_F_ASN1_ITEM_DUP 191 | ||
| 1128 | #define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW 121 | ||
| 973 | #define ASN1_F_ASN1_ITEM_EX_D2I 120 | 1129 | #define ASN1_F_ASN1_ITEM_EX_D2I 120 |
| 974 | #define ASN1_F_ASN1_ITEM_NEW 121 | 1130 | #define ASN1_F_ASN1_ITEM_I2D_BIO 192 |
| 975 | #define ASN1_F_ASN1_MBSTRING_COPY 122 | 1131 | #define ASN1_F_ASN1_ITEM_I2D_FP 193 |
| 1132 | #define ASN1_F_ASN1_ITEM_PACK 198 | ||
| 1133 | #define ASN1_F_ASN1_ITEM_SIGN 195 | ||
| 1134 | #define ASN1_F_ASN1_ITEM_UNPACK 199 | ||
| 1135 | #define ASN1_F_ASN1_ITEM_VERIFY 197 | ||
| 1136 | #define ASN1_F_ASN1_MBSTRING_NCOPY 122 | ||
| 976 | #define ASN1_F_ASN1_OBJECT_NEW 123 | 1137 | #define ASN1_F_ASN1_OBJECT_NEW 123 |
| 1138 | #define ASN1_F_ASN1_OUTPUT_DATA 207 | ||
| 977 | #define ASN1_F_ASN1_PACK_STRING 124 | 1139 | #define ASN1_F_ASN1_PACK_STRING 124 |
| 978 | #define ASN1_F_ASN1_PBE_SET 125 | 1140 | #define ASN1_F_ASN1_PCTX_NEW 205 |
| 1141 | #define ASN1_F_ASN1_PKCS5_PBE_SET 125 | ||
| 979 | #define ASN1_F_ASN1_SEQ_PACK 126 | 1142 | #define ASN1_F_ASN1_SEQ_PACK 126 |
| 980 | #define ASN1_F_ASN1_SEQ_UNPACK 127 | 1143 | #define ASN1_F_ASN1_SEQ_UNPACK 127 |
| 981 | #define ASN1_F_ASN1_SIGN 128 | 1144 | #define ASN1_F_ASN1_SIGN 128 |
| 982 | #define ASN1_F_ASN1_STRING_SET 179 | 1145 | #define ASN1_F_ASN1_STR2TYPE 179 |
| 1146 | #define ASN1_F_ASN1_STRING_SET 186 | ||
| 983 | #define ASN1_F_ASN1_STRING_TABLE_ADD 129 | 1147 | #define ASN1_F_ASN1_STRING_TABLE_ADD 129 |
| 984 | #define ASN1_F_ASN1_STRING_TYPE_NEW 130 | 1148 | #define ASN1_F_ASN1_STRING_TYPE_NEW 130 |
| 985 | #define ASN1_F_ASN1_TEMPLATE_D2I 131 | ||
| 986 | #define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 | 1149 | #define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 |
| 987 | #define ASN1_F_ASN1_TEMPLATE_NEW 133 | 1150 | #define ASN1_F_ASN1_TEMPLATE_NEW 133 |
| 1151 | #define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131 | ||
| 988 | #define ASN1_F_ASN1_TIME_SET 175 | 1152 | #define ASN1_F_ASN1_TIME_SET 175 |
| 989 | #define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 | 1153 | #define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 |
| 990 | #define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 | 1154 | #define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 |
| 991 | #define ASN1_F_ASN1_UNPACK_STRING 136 | 1155 | #define ASN1_F_ASN1_UNPACK_STRING 136 |
| 992 | #define ASN1_F_ASN1_UTCTIME_SET 180 | 1156 | #define ASN1_F_ASN1_UTCTIME_SET 187 |
| 993 | #define ASN1_F_ASN1_VERIFY 137 | 1157 | #define ASN1_F_ASN1_VERIFY 137 |
| 1158 | #define ASN1_F_B64_READ_ASN1 208 | ||
| 1159 | #define ASN1_F_B64_WRITE_ASN1 209 | ||
| 1160 | #define ASN1_F_BITSTR_CB 180 | ||
| 994 | #define ASN1_F_BN_TO_ASN1_ENUMERATED 138 | 1161 | #define ASN1_F_BN_TO_ASN1_ENUMERATED 138 |
| 995 | #define ASN1_F_BN_TO_ASN1_INTEGER 139 | 1162 | #define ASN1_F_BN_TO_ASN1_INTEGER 139 |
| 1163 | #define ASN1_F_C2I_ASN1_BIT_STRING 189 | ||
| 1164 | #define ASN1_F_C2I_ASN1_INTEGER 194 | ||
| 1165 | #define ASN1_F_C2I_ASN1_OBJECT 196 | ||
| 996 | #define ASN1_F_COLLECT_DATA 140 | 1166 | #define ASN1_F_COLLECT_DATA 140 |
| 997 | #define ASN1_F_D2I_ASN1_BIT_STRING 141 | 1167 | #define ASN1_F_D2I_ASN1_BIT_STRING 141 |
| 998 | #define ASN1_F_D2I_ASN1_BOOLEAN 142 | 1168 | #define ASN1_F_D2I_ASN1_BOOLEAN 142 |
| @@ -1009,29 +1179,39 @@ void ERR_load_ASN1_strings(void); | |||
| 1009 | #define ASN1_F_D2I_NETSCAPE_RSA_2 153 | 1179 | #define ASN1_F_D2I_NETSCAPE_RSA_2 153 |
| 1010 | #define ASN1_F_D2I_PRIVATEKEY 154 | 1180 | #define ASN1_F_D2I_PRIVATEKEY 154 |
| 1011 | #define ASN1_F_D2I_PUBLICKEY 155 | 1181 | #define ASN1_F_D2I_PUBLICKEY 155 |
| 1182 | #define ASN1_F_D2I_RSA_NET 200 | ||
| 1183 | #define ASN1_F_D2I_RSA_NET_2 201 | ||
| 1012 | #define ASN1_F_D2I_X509 156 | 1184 | #define ASN1_F_D2I_X509 156 |
| 1013 | #define ASN1_F_D2I_X509_CINF 157 | 1185 | #define ASN1_F_D2I_X509_CINF 157 |
| 1014 | #define ASN1_F_D2I_X509_NAME 158 | ||
| 1015 | #define ASN1_F_D2I_X509_PKEY 159 | 1186 | #define ASN1_F_D2I_X509_PKEY 159 |
| 1016 | #define ASN1_F_I2D_ASN1_SET 181 | 1187 | #define ASN1_F_I2D_ASN1_SET 188 |
| 1017 | #define ASN1_F_I2D_ASN1_TIME 160 | 1188 | #define ASN1_F_I2D_ASN1_TIME 160 |
| 1018 | #define ASN1_F_I2D_DSA_PUBKEY 161 | 1189 | #define ASN1_F_I2D_DSA_PUBKEY 161 |
| 1019 | #define ASN1_F_I2D_NETSCAPE_RSA 162 | 1190 | #define ASN1_F_I2D_EC_PUBKEY 181 |
| 1020 | #define ASN1_F_I2D_PRIVATEKEY 163 | 1191 | #define ASN1_F_I2D_PRIVATEKEY 163 |
| 1021 | #define ASN1_F_I2D_PUBLICKEY 164 | 1192 | #define ASN1_F_I2D_PUBLICKEY 164 |
| 1193 | #define ASN1_F_I2D_RSA_NET 162 | ||
| 1022 | #define ASN1_F_I2D_RSA_PUBKEY 165 | 1194 | #define ASN1_F_I2D_RSA_PUBKEY 165 |
| 1023 | #define ASN1_F_LONG_C2I 166 | 1195 | #define ASN1_F_LONG_C2I 166 |
| 1024 | #define ASN1_F_OID_MODULE_INIT 174 | 1196 | #define ASN1_F_OID_MODULE_INIT 174 |
| 1197 | #define ASN1_F_PARSE_TAGGING 182 | ||
| 1025 | #define ASN1_F_PKCS5_PBE2_SET 167 | 1198 | #define ASN1_F_PKCS5_PBE2_SET 167 |
| 1199 | #define ASN1_F_PKCS5_PBE_SET 202 | ||
| 1200 | #define ASN1_F_SMIME_READ_ASN1 210 | ||
| 1201 | #define ASN1_F_SMIME_TEXT 211 | ||
| 1026 | #define ASN1_F_X509_CINF_NEW 168 | 1202 | #define ASN1_F_X509_CINF_NEW 168 |
| 1027 | #define ASN1_F_X509_CRL_ADD0_REVOKED 169 | 1203 | #define ASN1_F_X509_CRL_ADD0_REVOKED 169 |
| 1028 | #define ASN1_F_X509_INFO_NEW 170 | 1204 | #define ASN1_F_X509_INFO_NEW 170 |
| 1029 | #define ASN1_F_X509_NAME_NEW 171 | 1205 | #define ASN1_F_X509_NAME_ENCODE 203 |
| 1206 | #define ASN1_F_X509_NAME_EX_D2I 158 | ||
| 1207 | #define ASN1_F_X509_NAME_EX_NEW 171 | ||
| 1030 | #define ASN1_F_X509_NEW 172 | 1208 | #define ASN1_F_X509_NEW 172 |
| 1031 | #define ASN1_F_X509_PKEY_NEW 173 | 1209 | #define ASN1_F_X509_PKEY_NEW 173 |
| 1032 | 1210 | ||
| 1033 | /* Reason codes. */ | 1211 | /* Reason codes. */ |
| 1034 | #define ASN1_R_ADDING_OBJECT 171 | 1212 | #define ASN1_R_ADDING_OBJECT 171 |
| 1213 | #define ASN1_R_ASN1_PARSE_ERROR 198 | ||
| 1214 | #define ASN1_R_ASN1_SIG_PARSE_ERROR 199 | ||
| 1035 | #define ASN1_R_AUX_ERROR 100 | 1215 | #define ASN1_R_AUX_ERROR 100 |
| 1036 | #define ASN1_R_BAD_CLASS 101 | 1216 | #define ASN1_R_BAD_CLASS 101 |
| 1037 | #define ASN1_R_BAD_OBJECT_HEADER 102 | 1217 | #define ASN1_R_BAD_OBJECT_HEADER 102 |
| @@ -1044,6 +1224,7 @@ void ERR_load_ASN1_strings(void); | |||
| 1044 | #define ASN1_R_DATA_IS_WRONG 109 | 1224 | #define ASN1_R_DATA_IS_WRONG 109 |
| 1045 | #define ASN1_R_DECODE_ERROR 110 | 1225 | #define ASN1_R_DECODE_ERROR 110 |
| 1046 | #define ASN1_R_DECODING_ERROR 111 | 1226 | #define ASN1_R_DECODING_ERROR 111 |
| 1227 | #define ASN1_R_DEPTH_EXCEEDED 174 | ||
| 1047 | #define ASN1_R_ENCODE_ERROR 112 | 1228 | #define ASN1_R_ENCODE_ERROR 112 |
| 1048 | #define ASN1_R_ERROR_GETTING_TIME 173 | 1229 | #define ASN1_R_ERROR_GETTING_TIME 173 |
| 1049 | #define ASN1_R_ERROR_LOADING_SECTION 172 | 1230 | #define ASN1_R_ERROR_LOADING_SECTION 172 |
| @@ -1058,39 +1239,68 @@ void ERR_load_ASN1_strings(void); | |||
| 1058 | #define ASN1_R_FIELD_MISSING 121 | 1239 | #define ASN1_R_FIELD_MISSING 121 |
| 1059 | #define ASN1_R_FIRST_NUM_TOO_LARGE 122 | 1240 | #define ASN1_R_FIRST_NUM_TOO_LARGE 122 |
| 1060 | #define ASN1_R_HEADER_TOO_LONG 123 | 1241 | #define ASN1_R_HEADER_TOO_LONG 123 |
| 1242 | #define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175 | ||
| 1243 | #define ASN1_R_ILLEGAL_BOOLEAN 176 | ||
| 1061 | #define ASN1_R_ILLEGAL_CHARACTERS 124 | 1244 | #define ASN1_R_ILLEGAL_CHARACTERS 124 |
| 1245 | #define ASN1_R_ILLEGAL_FORMAT 177 | ||
| 1246 | #define ASN1_R_ILLEGAL_HEX 178 | ||
| 1247 | #define ASN1_R_ILLEGAL_IMPLICIT_TAG 179 | ||
| 1248 | #define ASN1_R_ILLEGAL_INTEGER 180 | ||
| 1249 | #define ASN1_R_ILLEGAL_NESTED_TAGGING 181 | ||
| 1062 | #define ASN1_R_ILLEGAL_NULL 125 | 1250 | #define ASN1_R_ILLEGAL_NULL 125 |
| 1251 | #define ASN1_R_ILLEGAL_NULL_VALUE 182 | ||
| 1252 | #define ASN1_R_ILLEGAL_OBJECT 183 | ||
| 1063 | #define ASN1_R_ILLEGAL_OPTIONAL_ANY 126 | 1253 | #define ASN1_R_ILLEGAL_OPTIONAL_ANY 126 |
| 1064 | #define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170 | 1254 | #define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170 |
| 1065 | #define ASN1_R_ILLEGAL_TAGGED_ANY 127 | 1255 | #define ASN1_R_ILLEGAL_TAGGED_ANY 127 |
| 1256 | #define ASN1_R_ILLEGAL_TIME_VALUE 184 | ||
| 1257 | #define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185 | ||
| 1066 | #define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128 | 1258 | #define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128 |
| 1067 | #define ASN1_R_INVALID_BMPSTRING_LENGTH 129 | 1259 | #define ASN1_R_INVALID_BMPSTRING_LENGTH 129 |
| 1068 | #define ASN1_R_INVALID_DIGIT 130 | 1260 | #define ASN1_R_INVALID_DIGIT 130 |
| 1261 | #define ASN1_R_INVALID_MIME_TYPE 200 | ||
| 1262 | #define ASN1_R_INVALID_MODIFIER 186 | ||
| 1263 | #define ASN1_R_INVALID_NUMBER 187 | ||
| 1069 | #define ASN1_R_INVALID_SEPARATOR 131 | 1264 | #define ASN1_R_INVALID_SEPARATOR 131 |
| 1070 | #define ASN1_R_INVALID_TIME_FORMAT 132 | 1265 | #define ASN1_R_INVALID_TIME_FORMAT 132 |
| 1071 | #define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133 | 1266 | #define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133 |
| 1072 | #define ASN1_R_INVALID_UTF8STRING 134 | 1267 | #define ASN1_R_INVALID_UTF8STRING 134 |
| 1073 | #define ASN1_R_IV_TOO_LARGE 135 | 1268 | #define ASN1_R_IV_TOO_LARGE 135 |
| 1074 | #define ASN1_R_LENGTH_ERROR 136 | 1269 | #define ASN1_R_LENGTH_ERROR 136 |
| 1270 | #define ASN1_R_LIST_ERROR 188 | ||
| 1271 | #define ASN1_R_MIME_NO_CONTENT_TYPE 201 | ||
| 1272 | #define ASN1_R_MIME_PARSE_ERROR 202 | ||
| 1273 | #define ASN1_R_MIME_SIG_PARSE_ERROR 203 | ||
| 1075 | #define ASN1_R_MISSING_EOC 137 | 1274 | #define ASN1_R_MISSING_EOC 137 |
| 1076 | #define ASN1_R_MISSING_SECOND_NUMBER 138 | 1275 | #define ASN1_R_MISSING_SECOND_NUMBER 138 |
| 1276 | #define ASN1_R_MISSING_VALUE 189 | ||
| 1077 | #define ASN1_R_MSTRING_NOT_UNIVERSAL 139 | 1277 | #define ASN1_R_MSTRING_NOT_UNIVERSAL 139 |
| 1078 | #define ASN1_R_MSTRING_WRONG_TAG 140 | 1278 | #define ASN1_R_MSTRING_WRONG_TAG 140 |
| 1079 | #define ASN1_R_NESTED_ASN1_STRING 174 | 1279 | #define ASN1_R_NESTED_ASN1_STRING 197 |
| 1080 | #define ASN1_R_NON_HEX_CHARACTERS 141 | 1280 | #define ASN1_R_NON_HEX_CHARACTERS 141 |
| 1281 | #define ASN1_R_NOT_ASCII_FORMAT 190 | ||
| 1081 | #define ASN1_R_NOT_ENOUGH_DATA 142 | 1282 | #define ASN1_R_NOT_ENOUGH_DATA 142 |
| 1283 | #define ASN1_R_NO_CONTENT_TYPE 204 | ||
| 1082 | #define ASN1_R_NO_MATCHING_CHOICE_TYPE 143 | 1284 | #define ASN1_R_NO_MATCHING_CHOICE_TYPE 143 |
| 1285 | #define ASN1_R_NO_MULTIPART_BODY_FAILURE 205 | ||
| 1286 | #define ASN1_R_NO_MULTIPART_BOUNDARY 206 | ||
| 1287 | #define ASN1_R_NO_SIG_CONTENT_TYPE 207 | ||
| 1083 | #define ASN1_R_NULL_IS_WRONG_LENGTH 144 | 1288 | #define ASN1_R_NULL_IS_WRONG_LENGTH 144 |
| 1289 | #define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191 | ||
| 1084 | #define ASN1_R_ODD_NUMBER_OF_CHARS 145 | 1290 | #define ASN1_R_ODD_NUMBER_OF_CHARS 145 |
| 1085 | #define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146 | 1291 | #define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146 |
| 1086 | #define ASN1_R_SECOND_NUMBER_TOO_LARGE 147 | 1292 | #define ASN1_R_SECOND_NUMBER_TOO_LARGE 147 |
| 1087 | #define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148 | 1293 | #define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148 |
| 1088 | #define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149 | 1294 | #define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149 |
| 1295 | #define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192 | ||
| 1089 | #define ASN1_R_SHORT_LINE 150 | 1296 | #define ASN1_R_SHORT_LINE 150 |
| 1297 | #define ASN1_R_SIG_INVALID_MIME_TYPE 208 | ||
| 1298 | #define ASN1_R_STREAMING_NOT_SUPPORTED 209 | ||
| 1090 | #define ASN1_R_STRING_TOO_LONG 151 | 1299 | #define ASN1_R_STRING_TOO_LONG 151 |
| 1091 | #define ASN1_R_STRING_TOO_SHORT 152 | 1300 | #define ASN1_R_STRING_TOO_SHORT 152 |
| 1092 | #define ASN1_R_TAG_VALUE_TOO_HIGH 153 | 1301 | #define ASN1_R_TAG_VALUE_TOO_HIGH 153 |
| 1093 | #define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154 | 1302 | #define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154 |
| 1303 | #define ASN1_R_TIME_NOT_ASCII_FORMAT 193 | ||
| 1094 | #define ASN1_R_TOO_LONG 155 | 1304 | #define ASN1_R_TOO_LONG 155 |
| 1095 | #define ASN1_R_TYPE_NOT_CONSTRUCTED 156 | 1305 | #define ASN1_R_TYPE_NOT_CONSTRUCTED 156 |
| 1096 | #define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157 | 1306 | #define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157 |
| @@ -1100,10 +1310,13 @@ void ERR_load_ASN1_strings(void); | |||
| 1100 | #define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161 | 1310 | #define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161 |
| 1101 | #define ASN1_R_UNKNOWN_OBJECT_TYPE 162 | 1311 | #define ASN1_R_UNKNOWN_OBJECT_TYPE 162 |
| 1102 | #define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163 | 1312 | #define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163 |
| 1313 | #define ASN1_R_UNKNOWN_TAG 194 | ||
| 1314 | #define ASN1_R_UNKOWN_FORMAT 195 | ||
| 1103 | #define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164 | 1315 | #define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164 |
| 1104 | #define ASN1_R_UNSUPPORTED_CIPHER 165 | 1316 | #define ASN1_R_UNSUPPORTED_CIPHER 165 |
| 1105 | #define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166 | 1317 | #define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166 |
| 1106 | #define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167 | 1318 | #define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167 |
| 1319 | #define ASN1_R_UNSUPPORTED_TYPE 196 | ||
| 1107 | #define ASN1_R_WRONG_TAG 168 | 1320 | #define ASN1_R_WRONG_TAG 168 |
| 1108 | #define ASN1_R_WRONG_TYPE 169 | 1321 | #define ASN1_R_WRONG_TYPE 169 |
| 1109 | 1322 | ||
diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c index 315d0a0807..f8a3e2e6cd 100644 --- a/src/lib/libcrypto/asn1/asn1_err.c +++ b/src/lib/libcrypto/asn1/asn1_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/asn1/asn1_err.c */ | 1 | /* crypto/asn1/asn1_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -74,49 +74,70 @@ static ERR_STRING_DATA ASN1_str_functs[]= | |||
| 74 | {ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"}, | 74 | {ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"}, |
| 75 | {ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"}, | 75 | {ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"}, |
| 76 | {ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"}, | 76 | {ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"}, |
| 77 | {ERR_FUNC(ASN1_F_APPEND_EXP), "APPEND_EXP"}, | ||
| 77 | {ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"}, | 78 | {ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"}, |
| 79 | {ERR_FUNC(ASN1_F_ASN1_CB), "ASN1_CB"}, | ||
| 78 | {ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "ASN1_CHECK_TLEN"}, | 80 | {ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "ASN1_CHECK_TLEN"}, |
| 79 | {ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"}, | 81 | {ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"}, |
| 80 | {ERR_FUNC(ASN1_F_ASN1_COLLECT), "ASN1_COLLECT"}, | 82 | {ERR_FUNC(ASN1_F_ASN1_COLLECT), "ASN1_COLLECT"}, |
| 81 | {ERR_FUNC(ASN1_F_ASN1_D2I_BIO), "ASN1_d2i_bio"}, | ||
| 82 | {ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "ASN1_D2I_EX_PRIMITIVE"}, | 83 | {ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "ASN1_D2I_EX_PRIMITIVE"}, |
| 83 | {ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"}, | 84 | {ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"}, |
| 85 | {ERR_FUNC(ASN1_F_ASN1_D2I_READ_BIO), "ASN1_D2I_READ_BIO"}, | ||
| 84 | {ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"}, | 86 | {ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"}, |
| 85 | {ERR_FUNC(ASN1_F_ASN1_DO_ADB), "ASN1_DO_ADB"}, | 87 | {ERR_FUNC(ASN1_F_ASN1_DO_ADB), "ASN1_DO_ADB"}, |
| 86 | {ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"}, | 88 | {ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"}, |
| 87 | {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"}, | 89 | {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"}, |
| 88 | {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"}, | 90 | {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"}, |
| 91 | {ERR_FUNC(ASN1_F_ASN1_EX_C2I), "ASN1_EX_C2I"}, | ||
| 89 | {ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"}, | 92 | {ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"}, |
| 90 | {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"}, | 93 | {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"}, |
| 94 | {ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"}, | ||
| 91 | {ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"}, | 95 | {ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"}, |
| 92 | {ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_new"}, | 96 | {ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_new"}, |
| 93 | {ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"}, | 97 | {ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"}, |
| 94 | {ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"}, | 98 | {ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"}, |
| 95 | {ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"}, | 99 | {ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"}, |
| 96 | {ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"}, | 100 | {ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"}, |
| 101 | {ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"}, | ||
| 102 | {ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"}, | ||
| 103 | {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW), "ASN1_ITEM_EX_COMBINE_NEW"}, | ||
| 97 | {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"}, | 104 | {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"}, |
| 98 | {ERR_FUNC(ASN1_F_ASN1_ITEM_NEW), "ASN1_item_new"}, | 105 | {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"}, |
| 99 | {ERR_FUNC(ASN1_F_ASN1_MBSTRING_COPY), "ASN1_mbstring_copy"}, | 106 | {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"}, |
| 107 | {ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"}, | ||
| 108 | {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN), "ASN1_item_sign"}, | ||
| 109 | {ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK), "ASN1_item_unpack"}, | ||
| 110 | {ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY), "ASN1_item_verify"}, | ||
| 111 | {ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"}, | ||
| 100 | {ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"}, | 112 | {ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"}, |
| 113 | {ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "ASN1_OUTPUT_DATA"}, | ||
| 101 | {ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"}, | 114 | {ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"}, |
| 102 | {ERR_FUNC(ASN1_F_ASN1_PBE_SET), "ASN1_PBE_SET"}, | 115 | {ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_NEW"}, |
| 116 | {ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET), "ASN1_PKCS5_PBE_SET"}, | ||
| 103 | {ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"}, | 117 | {ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"}, |
| 104 | {ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"}, | 118 | {ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"}, |
| 105 | {ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"}, | 119 | {ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"}, |
| 120 | {ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "ASN1_STR2TYPE"}, | ||
| 106 | {ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"}, | 121 | {ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"}, |
| 107 | {ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"}, | 122 | {ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"}, |
| 108 | {ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"}, | 123 | {ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"}, |
| 109 | {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_D2I), "ASN1_TEMPLATE_D2I"}, | ||
| 110 | {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"}, | 124 | {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"}, |
| 111 | {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"}, | 125 | {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"}, |
| 126 | {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "ASN1_TEMPLATE_NOEXP_D2I"}, | ||
| 112 | {ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"}, | 127 | {ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"}, |
| 113 | {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING), "ASN1_TYPE_get_int_octetstring"}, | 128 | {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING), "ASN1_TYPE_get_int_octetstring"}, |
| 114 | {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"}, | 129 | {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"}, |
| 115 | {ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"}, | 130 | {ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"}, |
| 116 | {ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"}, | 131 | {ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"}, |
| 117 | {ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"}, | 132 | {ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"}, |
| 133 | {ERR_FUNC(ASN1_F_B64_READ_ASN1), "B64_READ_ASN1"}, | ||
| 134 | {ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_WRITE_ASN1"}, | ||
| 135 | {ERR_FUNC(ASN1_F_BITSTR_CB), "BITSTR_CB"}, | ||
| 118 | {ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"}, | 136 | {ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"}, |
| 119 | {ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"}, | 137 | {ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"}, |
| 138 | {ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"}, | ||
| 139 | {ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"}, | ||
| 140 | {ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"}, | ||
| 120 | {ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"}, | 141 | {ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"}, |
| 121 | {ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"}, | 142 | {ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"}, |
| 122 | {ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"}, | 143 | {ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"}, |
| @@ -133,24 +154,32 @@ static ERR_STRING_DATA ASN1_str_functs[]= | |||
| 133 | {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"}, | 154 | {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"}, |
| 134 | {ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"}, | 155 | {ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"}, |
| 135 | {ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"}, | 156 | {ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"}, |
| 157 | {ERR_FUNC(ASN1_F_D2I_RSA_NET), "d2i_RSA_NET"}, | ||
| 158 | {ERR_FUNC(ASN1_F_D2I_RSA_NET_2), "D2I_RSA_NET_2"}, | ||
| 136 | {ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"}, | 159 | {ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"}, |
| 137 | {ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"}, | 160 | {ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"}, |
| 138 | {ERR_FUNC(ASN1_F_D2I_X509_NAME), "D2I_X509_NAME"}, | ||
| 139 | {ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"}, | 161 | {ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"}, |
| 140 | {ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"}, | 162 | {ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"}, |
| 141 | {ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"}, | 163 | {ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"}, |
| 142 | {ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"}, | 164 | {ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"}, |
| 143 | {ERR_FUNC(ASN1_F_I2D_NETSCAPE_RSA), "i2d_Netscape_RSA"}, | 165 | {ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"}, |
| 144 | {ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"}, | 166 | {ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"}, |
| 145 | {ERR_FUNC(ASN1_F_I2D_PUBLICKEY), "i2d_PublicKey"}, | 167 | {ERR_FUNC(ASN1_F_I2D_PUBLICKEY), "i2d_PublicKey"}, |
| 168 | {ERR_FUNC(ASN1_F_I2D_RSA_NET), "i2d_RSA_NET"}, | ||
| 146 | {ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY), "i2d_RSA_PUBKEY"}, | 169 | {ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY), "i2d_RSA_PUBKEY"}, |
| 147 | {ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"}, | 170 | {ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"}, |
| 148 | {ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"}, | 171 | {ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"}, |
| 172 | {ERR_FUNC(ASN1_F_PARSE_TAGGING), "PARSE_TAGGING"}, | ||
| 149 | {ERR_FUNC(ASN1_F_PKCS5_PBE2_SET), "PKCS5_pbe2_set"}, | 173 | {ERR_FUNC(ASN1_F_PKCS5_PBE2_SET), "PKCS5_pbe2_set"}, |
| 174 | {ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"}, | ||
| 175 | {ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"}, | ||
| 176 | {ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"}, | ||
| 150 | {ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"}, | 177 | {ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"}, |
| 151 | {ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"}, | 178 | {ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"}, |
| 152 | {ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"}, | 179 | {ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"}, |
| 153 | {ERR_FUNC(ASN1_F_X509_NAME_NEW), "X509_NAME_NEW"}, | 180 | {ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "X509_NAME_ENCODE"}, |
| 181 | {ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "X509_NAME_EX_D2I"}, | ||
| 182 | {ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "X509_NAME_EX_NEW"}, | ||
| 154 | {ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"}, | 183 | {ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"}, |
| 155 | {ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"}, | 184 | {ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"}, |
| 156 | {0,NULL} | 185 | {0,NULL} |
| @@ -159,6 +188,8 @@ static ERR_STRING_DATA ASN1_str_functs[]= | |||
| 159 | static ERR_STRING_DATA ASN1_str_reasons[]= | 188 | static ERR_STRING_DATA ASN1_str_reasons[]= |
| 160 | { | 189 | { |
| 161 | {ERR_REASON(ASN1_R_ADDING_OBJECT) ,"adding object"}, | 190 | {ERR_REASON(ASN1_R_ADDING_OBJECT) ,"adding object"}, |
| 191 | {ERR_REASON(ASN1_R_ASN1_PARSE_ERROR) ,"asn1 parse error"}, | ||
| 192 | {ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR) ,"asn1 sig parse error"}, | ||
| 162 | {ERR_REASON(ASN1_R_AUX_ERROR) ,"aux error"}, | 193 | {ERR_REASON(ASN1_R_AUX_ERROR) ,"aux error"}, |
| 163 | {ERR_REASON(ASN1_R_BAD_CLASS) ,"bad class"}, | 194 | {ERR_REASON(ASN1_R_BAD_CLASS) ,"bad class"}, |
| 164 | {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER) ,"bad object header"}, | 195 | {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER) ,"bad object header"}, |
| @@ -171,6 +202,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]= | |||
| 171 | {ERR_REASON(ASN1_R_DATA_IS_WRONG) ,"data is wrong"}, | 202 | {ERR_REASON(ASN1_R_DATA_IS_WRONG) ,"data is wrong"}, |
| 172 | {ERR_REASON(ASN1_R_DECODE_ERROR) ,"decode error"}, | 203 | {ERR_REASON(ASN1_R_DECODE_ERROR) ,"decode error"}, |
| 173 | {ERR_REASON(ASN1_R_DECODING_ERROR) ,"decoding error"}, | 204 | {ERR_REASON(ASN1_R_DECODING_ERROR) ,"decoding error"}, |
| 205 | {ERR_REASON(ASN1_R_DEPTH_EXCEEDED) ,"depth exceeded"}, | ||
| 174 | {ERR_REASON(ASN1_R_ENCODE_ERROR) ,"encode error"}, | 206 | {ERR_REASON(ASN1_R_ENCODE_ERROR) ,"encode error"}, |
| 175 | {ERR_REASON(ASN1_R_ERROR_GETTING_TIME) ,"error getting time"}, | 207 | {ERR_REASON(ASN1_R_ERROR_GETTING_TIME) ,"error getting time"}, |
| 176 | {ERR_REASON(ASN1_R_ERROR_LOADING_SECTION),"error loading section"}, | 208 | {ERR_REASON(ASN1_R_ERROR_LOADING_SECTION),"error loading section"}, |
| @@ -185,39 +217,68 @@ static ERR_STRING_DATA ASN1_str_reasons[]= | |||
| 185 | {ERR_REASON(ASN1_R_FIELD_MISSING) ,"field missing"}, | 217 | {ERR_REASON(ASN1_R_FIELD_MISSING) ,"field missing"}, |
| 186 | {ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE) ,"first num too large"}, | 218 | {ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE) ,"first num too large"}, |
| 187 | {ERR_REASON(ASN1_R_HEADER_TOO_LONG) ,"header too long"}, | 219 | {ERR_REASON(ASN1_R_HEADER_TOO_LONG) ,"header too long"}, |
| 220 | {ERR_REASON(ASN1_R_ILLEGAL_BITSTRING_FORMAT),"illegal bitstring format"}, | ||
| 221 | {ERR_REASON(ASN1_R_ILLEGAL_BOOLEAN) ,"illegal boolean"}, | ||
| 188 | {ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS) ,"illegal characters"}, | 222 | {ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS) ,"illegal characters"}, |
| 223 | {ERR_REASON(ASN1_R_ILLEGAL_FORMAT) ,"illegal format"}, | ||
| 224 | {ERR_REASON(ASN1_R_ILLEGAL_HEX) ,"illegal hex"}, | ||
| 225 | {ERR_REASON(ASN1_R_ILLEGAL_IMPLICIT_TAG) ,"illegal implicit tag"}, | ||
| 226 | {ERR_REASON(ASN1_R_ILLEGAL_INTEGER) ,"illegal integer"}, | ||
| 227 | {ERR_REASON(ASN1_R_ILLEGAL_NESTED_TAGGING),"illegal nested tagging"}, | ||
| 189 | {ERR_REASON(ASN1_R_ILLEGAL_NULL) ,"illegal null"}, | 228 | {ERR_REASON(ASN1_R_ILLEGAL_NULL) ,"illegal null"}, |
| 229 | {ERR_REASON(ASN1_R_ILLEGAL_NULL_VALUE) ,"illegal null value"}, | ||
| 230 | {ERR_REASON(ASN1_R_ILLEGAL_OBJECT) ,"illegal object"}, | ||
| 190 | {ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY) ,"illegal optional any"}, | 231 | {ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY) ,"illegal optional any"}, |
| 191 | {ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),"illegal options on item template"}, | 232 | {ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),"illegal options on item template"}, |
| 192 | {ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY) ,"illegal tagged any"}, | 233 | {ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY) ,"illegal tagged any"}, |
| 234 | {ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE) ,"illegal time value"}, | ||
| 235 | {ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT),"integer not ascii format"}, | ||
| 193 | {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"}, | 236 | {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"}, |
| 194 | {ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"}, | 237 | {ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"}, |
| 195 | {ERR_REASON(ASN1_R_INVALID_DIGIT) ,"invalid digit"}, | 238 | {ERR_REASON(ASN1_R_INVALID_DIGIT) ,"invalid digit"}, |
| 239 | {ERR_REASON(ASN1_R_INVALID_MIME_TYPE) ,"invalid mime type"}, | ||
| 240 | {ERR_REASON(ASN1_R_INVALID_MODIFIER) ,"invalid modifier"}, | ||
| 241 | {ERR_REASON(ASN1_R_INVALID_NUMBER) ,"invalid number"}, | ||
| 196 | {ERR_REASON(ASN1_R_INVALID_SEPARATOR) ,"invalid separator"}, | 242 | {ERR_REASON(ASN1_R_INVALID_SEPARATOR) ,"invalid separator"}, |
| 197 | {ERR_REASON(ASN1_R_INVALID_TIME_FORMAT) ,"invalid time format"}, | 243 | {ERR_REASON(ASN1_R_INVALID_TIME_FORMAT) ,"invalid time format"}, |
| 198 | {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),"invalid universalstring length"}, | 244 | {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),"invalid universalstring length"}, |
| 199 | {ERR_REASON(ASN1_R_INVALID_UTF8STRING) ,"invalid utf8string"}, | 245 | {ERR_REASON(ASN1_R_INVALID_UTF8STRING) ,"invalid utf8string"}, |
| 200 | {ERR_REASON(ASN1_R_IV_TOO_LARGE) ,"iv too large"}, | 246 | {ERR_REASON(ASN1_R_IV_TOO_LARGE) ,"iv too large"}, |
| 201 | {ERR_REASON(ASN1_R_LENGTH_ERROR) ,"length error"}, | 247 | {ERR_REASON(ASN1_R_LENGTH_ERROR) ,"length error"}, |
| 248 | {ERR_REASON(ASN1_R_LIST_ERROR) ,"list error"}, | ||
| 249 | {ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE) ,"mime no content type"}, | ||
| 250 | {ERR_REASON(ASN1_R_MIME_PARSE_ERROR) ,"mime parse error"}, | ||
| 251 | {ERR_REASON(ASN1_R_MIME_SIG_PARSE_ERROR) ,"mime sig parse error"}, | ||
| 202 | {ERR_REASON(ASN1_R_MISSING_EOC) ,"missing eoc"}, | 252 | {ERR_REASON(ASN1_R_MISSING_EOC) ,"missing eoc"}, |
| 203 | {ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER),"missing second number"}, | 253 | {ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER),"missing second number"}, |
| 254 | {ERR_REASON(ASN1_R_MISSING_VALUE) ,"missing value"}, | ||
| 204 | {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL),"mstring not universal"}, | 255 | {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL),"mstring not universal"}, |
| 205 | {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG) ,"mstring wrong tag"}, | 256 | {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG) ,"mstring wrong tag"}, |
| 206 | {ERR_REASON(ASN1_R_NESTED_ASN1_STRING) ,"nested asn1 string"}, | 257 | {ERR_REASON(ASN1_R_NESTED_ASN1_STRING) ,"nested asn1 string"}, |
| 207 | {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS) ,"non hex characters"}, | 258 | {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS) ,"non hex characters"}, |
| 259 | {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT) ,"not ascii format"}, | ||
| 208 | {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA) ,"not enough data"}, | 260 | {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA) ,"not enough data"}, |
| 261 | {ERR_REASON(ASN1_R_NO_CONTENT_TYPE) ,"no content type"}, | ||
| 209 | {ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE),"no matching choice type"}, | 262 | {ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE),"no matching choice type"}, |
| 263 | {ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"}, | ||
| 264 | {ERR_REASON(ASN1_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"}, | ||
| 265 | {ERR_REASON(ASN1_R_NO_SIG_CONTENT_TYPE) ,"no sig content type"}, | ||
| 210 | {ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH) ,"null is wrong length"}, | 266 | {ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH) ,"null is wrong length"}, |
| 267 | {ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT),"object not ascii format"}, | ||
| 211 | {ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS) ,"odd number of chars"}, | 268 | {ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS) ,"odd number of chars"}, |
| 212 | {ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING),"private key header missing"}, | 269 | {ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING),"private key header missing"}, |
| 213 | {ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE),"second number too large"}, | 270 | {ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE),"second number too large"}, |
| 214 | {ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH),"sequence length mismatch"}, | 271 | {ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH),"sequence length mismatch"}, |
| 215 | {ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED),"sequence not constructed"}, | 272 | {ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED),"sequence not constructed"}, |
| 273 | {ERR_REASON(ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG),"sequence or set needs config"}, | ||
| 216 | {ERR_REASON(ASN1_R_SHORT_LINE) ,"short line"}, | 274 | {ERR_REASON(ASN1_R_SHORT_LINE) ,"short line"}, |
| 275 | {ERR_REASON(ASN1_R_SIG_INVALID_MIME_TYPE),"sig invalid mime type"}, | ||
| 276 | {ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED),"streaming not supported"}, | ||
| 217 | {ERR_REASON(ASN1_R_STRING_TOO_LONG) ,"string too long"}, | 277 | {ERR_REASON(ASN1_R_STRING_TOO_LONG) ,"string too long"}, |
| 218 | {ERR_REASON(ASN1_R_STRING_TOO_SHORT) ,"string too short"}, | 278 | {ERR_REASON(ASN1_R_STRING_TOO_SHORT) ,"string too short"}, |
| 219 | {ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH) ,"tag value too high"}, | 279 | {ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH) ,"tag value too high"}, |
| 220 | {ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"}, | 280 | {ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"}, |
| 281 | {ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT),"time not ascii format"}, | ||
| 221 | {ERR_REASON(ASN1_R_TOO_LONG) ,"too long"}, | 282 | {ERR_REASON(ASN1_R_TOO_LONG) ,"too long"}, |
| 222 | {ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED) ,"type not constructed"}, | 283 | {ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED) ,"type not constructed"}, |
| 223 | {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa key"}, | 284 | {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa key"}, |
| @@ -227,10 +288,13 @@ static ERR_STRING_DATA ASN1_str_reasons[]= | |||
| 227 | {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message digest algorithm"}, | 288 | {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message digest algorithm"}, |
| 228 | {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE) ,"unknown object type"}, | 289 | {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE) ,"unknown object type"}, |
| 229 | {ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE),"unknown public key type"}, | 290 | {ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE),"unknown public key type"}, |
| 291 | {ERR_REASON(ASN1_R_UNKNOWN_TAG) ,"unknown tag"}, | ||
| 292 | {ERR_REASON(ASN1_R_UNKOWN_FORMAT) ,"unkown format"}, | ||
| 230 | {ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),"unsupported any defined by type"}, | 293 | {ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),"unsupported any defined by type"}, |
| 231 | {ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"}, | 294 | {ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"}, |
| 232 | {ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM),"unsupported encryption algorithm"}, | 295 | {ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM),"unsupported encryption algorithm"}, |
| 233 | {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),"unsupported public key type"}, | 296 | {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),"unsupported public key type"}, |
| 297 | {ERR_REASON(ASN1_R_UNSUPPORTED_TYPE) ,"unsupported type"}, | ||
| 234 | {ERR_REASON(ASN1_R_WRONG_TAG) ,"wrong tag"}, | 298 | {ERR_REASON(ASN1_R_WRONG_TAG) ,"wrong tag"}, |
| 235 | {ERR_REASON(ASN1_R_WRONG_TYPE) ,"wrong type"}, | 299 | {ERR_REASON(ASN1_R_WRONG_TYPE) ,"wrong type"}, |
| 236 | {0,NULL} | 300 | {0,NULL} |
| @@ -240,15 +304,12 @@ static ERR_STRING_DATA ASN1_str_reasons[]= | |||
| 240 | 304 | ||
| 241 | void ERR_load_ASN1_strings(void) | 305 | void ERR_load_ASN1_strings(void) |
| 242 | { | 306 | { |
| 243 | static int init=1; | 307 | #ifndef OPENSSL_NO_ERR |
| 244 | 308 | ||
| 245 | if (init) | 309 | if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) |
| 246 | { | 310 | { |
| 247 | init=0; | ||
| 248 | #ifndef OPENSSL_NO_ERR | ||
| 249 | ERR_load_strings(0,ASN1_str_functs); | 311 | ERR_load_strings(0,ASN1_str_functs); |
| 250 | ERR_load_strings(0,ASN1_str_reasons); | 312 | ERR_load_strings(0,ASN1_str_reasons); |
| 251 | #endif | ||
| 252 | |||
| 253 | } | 313 | } |
| 314 | #endif | ||
| 254 | } | 315 | } |
diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c index 97b9b35f4b..5af559ef8d 100644 --- a/src/lib/libcrypto/asn1/asn1_lib.c +++ b/src/lib/libcrypto/asn1/asn1_lib.c | |||
| @@ -62,11 +62,11 @@ | |||
| 62 | #include <openssl/asn1.h> | 62 | #include <openssl/asn1.h> |
| 63 | #include <openssl/asn1_mac.h> | 63 | #include <openssl/asn1_mac.h> |
| 64 | 64 | ||
| 65 | static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max); | 65 | static int asn1_get_length(const unsigned char **pp,int *inf,long *rl,int max); |
| 66 | static void asn1_put_length(unsigned char **pp, int length); | 66 | static void asn1_put_length(unsigned char **pp, int length); |
| 67 | const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT; | 67 | const char ASN1_version[]="ASN.1" OPENSSL_VERSION_PTEXT; |
| 68 | 68 | ||
| 69 | int ASN1_check_infinite_end(unsigned char **p, long len) | 69 | static int _asn1_check_infinite_end(const unsigned char **p, long len) |
| 70 | { | 70 | { |
| 71 | /* If there is 0 or 1 byte left, the length check should pick | 71 | /* If there is 0 or 1 byte left, the length check should pick |
| 72 | * things up */ | 72 | * things up */ |
| @@ -80,13 +80,23 @@ int ASN1_check_infinite_end(unsigned char **p, long len) | |||
| 80 | return(0); | 80 | return(0); |
| 81 | } | 81 | } |
| 82 | 82 | ||
| 83 | int ASN1_check_infinite_end(unsigned char **p, long len) | ||
| 84 | { | ||
| 85 | return _asn1_check_infinite_end((const unsigned char **)p, len); | ||
| 86 | } | ||
| 83 | 87 | ||
| 84 | int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass, | 88 | int ASN1_const_check_infinite_end(const unsigned char **p, long len) |
| 85 | long omax) | 89 | { |
| 90 | return _asn1_check_infinite_end(p, len); | ||
| 91 | } | ||
| 92 | |||
| 93 | |||
| 94 | int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, | ||
| 95 | int *pclass, long omax) | ||
| 86 | { | 96 | { |
| 87 | int i,ret; | 97 | int i,ret; |
| 88 | long l; | 98 | long l; |
| 89 | unsigned char *p= *pp; | 99 | const unsigned char *p= *pp; |
| 90 | int tag,xclass,inf; | 100 | int tag,xclass,inf; |
| 91 | long max=omax; | 101 | long max=omax; |
| 92 | 102 | ||
| @@ -141,11 +151,11 @@ err: | |||
| 141 | return(0x80); | 151 | return(0x80); |
| 142 | } | 152 | } |
| 143 | 153 | ||
| 144 | static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max) | 154 | static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max) |
| 145 | { | 155 | { |
| 146 | unsigned char *p= *pp; | 156 | const unsigned char *p= *pp; |
| 147 | unsigned long ret=0; | 157 | unsigned long ret=0; |
| 148 | int i; | 158 | unsigned int i; |
| 149 | 159 | ||
| 150 | if (max-- < 1) return(0); | 160 | if (max-- < 1) return(0); |
| 151 | if (*p == 0x80) | 161 | if (*p == 0x80) |
| @@ -205,13 +215,22 @@ void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag, | |||
| 205 | } | 215 | } |
| 206 | p += ttag; | 216 | p += ttag; |
| 207 | } | 217 | } |
| 208 | if ((constructed == 2) && (length == 0)) | 218 | if (constructed == 2) |
| 209 | *(p++)=0x80; /* der_put_length would output 0 instead */ | 219 | *(p++)=0x80; |
| 210 | else | 220 | else |
| 211 | asn1_put_length(&p,length); | 221 | asn1_put_length(&p,length); |
| 212 | *pp=p; | 222 | *pp=p; |
| 213 | } | 223 | } |
| 214 | 224 | ||
| 225 | int ASN1_put_eoc(unsigned char **pp) | ||
| 226 | { | ||
| 227 | unsigned char *p = *pp; | ||
| 228 | *p++ = 0; | ||
| 229 | *p++ = 0; | ||
| 230 | *pp = p; | ||
| 231 | return 2; | ||
| 232 | } | ||
| 233 | |||
| 215 | static void asn1_put_length(unsigned char **pp, int length) | 234 | static void asn1_put_length(unsigned char **pp, int length) |
| 216 | { | 235 | { |
| 217 | unsigned char *p= *pp; | 236 | unsigned char *p= *pp; |
| @@ -249,8 +268,8 @@ int ASN1_object_size(int constructed, int length, int tag) | |||
| 249 | ret++; | 268 | ret++; |
| 250 | } | 269 | } |
| 251 | } | 270 | } |
| 252 | if ((length == 0) && (constructed == 2)) | 271 | if (constructed == 2) |
| 253 | ret+=2; | 272 | return ret + 3; |
| 254 | ret++; | 273 | ret++; |
| 255 | if (length > 127) | 274 | if (length > 127) |
| 256 | { | 275 | { |
| @@ -263,11 +282,11 @@ int ASN1_object_size(int constructed, int length, int tag) | |||
| 263 | return(ret); | 282 | return(ret); |
| 264 | } | 283 | } |
| 265 | 284 | ||
| 266 | int asn1_Finish(ASN1_CTX *c) | 285 | static int _asn1_Finish(ASN1_const_CTX *c) |
| 267 | { | 286 | { |
| 268 | if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) | 287 | if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) |
| 269 | { | 288 | { |
| 270 | if (!ASN1_check_infinite_end(&c->p,c->slen)) | 289 | if (!ASN1_const_check_infinite_end(&c->p,c->slen)) |
| 271 | { | 290 | { |
| 272 | c->error=ERR_R_MISSING_ASN1_EOS; | 291 | c->error=ERR_R_MISSING_ASN1_EOS; |
| 273 | return(0); | 292 | return(0); |
| @@ -282,9 +301,19 @@ int asn1_Finish(ASN1_CTX *c) | |||
| 282 | return(1); | 301 | return(1); |
| 283 | } | 302 | } |
| 284 | 303 | ||
| 285 | int asn1_GetSequence(ASN1_CTX *c, long *length) | 304 | int asn1_Finish(ASN1_CTX *c) |
| 305 | { | ||
| 306 | return _asn1_Finish((ASN1_const_CTX *)c); | ||
| 307 | } | ||
| 308 | |||
| 309 | int asn1_const_Finish(ASN1_const_CTX *c) | ||
| 286 | { | 310 | { |
| 287 | unsigned char *q; | 311 | return _asn1_Finish(c); |
| 312 | } | ||
| 313 | |||
| 314 | int asn1_GetSequence(ASN1_const_CTX *c, long *length) | ||
| 315 | { | ||
| 316 | const unsigned char *q; | ||
| 288 | 317 | ||
| 289 | q=c->p; | 318 | q=c->p; |
| 290 | c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass), | 319 | c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass), |
| @@ -364,6 +393,14 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) | |||
| 364 | return(1); | 393 | return(1); |
| 365 | } | 394 | } |
| 366 | 395 | ||
| 396 | void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len) | ||
| 397 | { | ||
| 398 | if (str->data) | ||
| 399 | OPENSSL_free(str->data); | ||
| 400 | str->data = data; | ||
| 401 | str->length = len; | ||
| 402 | } | ||
| 403 | |||
| 367 | ASN1_STRING *ASN1_STRING_new(void) | 404 | ASN1_STRING *ASN1_STRING_new(void) |
| 368 | { | 405 | { |
| 369 | return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); | 406 | return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); |
| @@ -411,7 +448,7 @@ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b) | |||
| 411 | return(i); | 448 | return(i); |
| 412 | } | 449 | } |
| 413 | 450 | ||
| 414 | void asn1_add_error(unsigned char *address, int offset) | 451 | void asn1_add_error(const unsigned char *address, int offset) |
| 415 | { | 452 | { |
| 416 | char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1]; | 453 | char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1]; |
| 417 | 454 | ||
diff --git a/src/lib/libcrypto/asn1/asn1_mac.h b/src/lib/libcrypto/asn1/asn1_mac.h index a48649ceeb..d958ca60d9 100644 --- a/src/lib/libcrypto/asn1/asn1_mac.h +++ b/src/lib/libcrypto/asn1/asn1_mac.h | |||
| @@ -73,11 +73,11 @@ extern "C" { | |||
| 73 | ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line)) | 73 | ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line)) |
| 74 | 74 | ||
| 75 | #define M_ASN1_D2I_vars(a,type,func) \ | 75 | #define M_ASN1_D2I_vars(a,type,func) \ |
| 76 | ASN1_CTX c; \ | 76 | ASN1_const_CTX c; \ |
| 77 | type ret=NULL; \ | 77 | type ret=NULL; \ |
| 78 | \ | 78 | \ |
| 79 | c.pp=(unsigned char **)pp; \ | 79 | c.pp=(const unsigned char **)pp; \ |
| 80 | c.q= *(unsigned char **)pp; \ | 80 | c.q= *(const unsigned char **)pp; \ |
| 81 | c.error=ERR_R_NESTED_ASN1_ERROR; \ | 81 | c.error=ERR_R_NESTED_ASN1_ERROR; \ |
| 82 | if ((a == NULL) || ((*a) == NULL)) \ | 82 | if ((a == NULL) || ((*a) == NULL)) \ |
| 83 | { if ((ret=(type)func()) == NULL) \ | 83 | { if ((ret=(type)func()) == NULL) \ |
| @@ -85,13 +85,13 @@ extern "C" { | |||
| 85 | else ret=(*a); | 85 | else ret=(*a); |
| 86 | 86 | ||
| 87 | #define M_ASN1_D2I_Init() \ | 87 | #define M_ASN1_D2I_Init() \ |
| 88 | c.p= *(unsigned char **)pp; \ | 88 | c.p= *(const unsigned char **)pp; \ |
| 89 | c.max=(length == 0)?0:(c.p+length); | 89 | c.max=(length == 0)?0:(c.p+length); |
| 90 | 90 | ||
| 91 | #define M_ASN1_D2I_Finish_2(a) \ | 91 | #define M_ASN1_D2I_Finish_2(a) \ |
| 92 | if (!asn1_Finish(&c)) \ | 92 | if (!asn1_const_Finish(&c)) \ |
| 93 | { c.line=__LINE__; goto err; } \ | 93 | { c.line=__LINE__; goto err; } \ |
| 94 | *(unsigned char **)pp=c.p; \ | 94 | *(const unsigned char **)pp=c.p; \ |
| 95 | if (a != NULL) (*a)=ret; \ | 95 | if (a != NULL) (*a)=ret; \ |
| 96 | return(ret); | 96 | return(ret); |
| 97 | 97 | ||
| @@ -99,7 +99,7 @@ extern "C" { | |||
| 99 | M_ASN1_D2I_Finish_2(a); \ | 99 | M_ASN1_D2I_Finish_2(a); \ |
| 100 | err:\ | 100 | err:\ |
| 101 | ASN1_MAC_H_err((e),c.error,c.line); \ | 101 | ASN1_MAC_H_err((e),c.error,c.line); \ |
| 102 | asn1_add_error(*(unsigned char **)pp,(int)(c.q- *pp)); \ | 102 | asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \ |
| 103 | if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ | 103 | if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ |
| 104 | return(NULL) | 104 | return(NULL) |
| 105 | 105 | ||
| @@ -123,15 +123,22 @@ err:\ | |||
| 123 | 123 | ||
| 124 | #define M_ASN1_D2I_end_sequence() \ | 124 | #define M_ASN1_D2I_end_sequence() \ |
| 125 | (((c.inf&1) == 0)?(c.slen <= 0): \ | 125 | (((c.inf&1) == 0)?(c.slen <= 0): \ |
| 126 | (c.eos=ASN1_check_infinite_end(&c.p,c.slen))) | 126 | (c.eos=ASN1_const_check_infinite_end(&c.p,c.slen))) |
| 127 | 127 | ||
| 128 | /* Don't use this with d2i_ASN1_BOOLEAN() */ | 128 | /* Don't use this with d2i_ASN1_BOOLEAN() */ |
| 129 | #define M_ASN1_D2I_get(b,func) \ | 129 | #define M_ASN1_D2I_get(b, func) \ |
| 130 | c.q=c.p; \ | 130 | c.q=c.p; \ |
| 131 | if (func(&(b),&c.p,c.slen) == NULL) \ | 131 | if (func(&(b),&c.p,c.slen) == NULL) \ |
| 132 | {c.line=__LINE__; goto err; } \ | 132 | {c.line=__LINE__; goto err; } \ |
| 133 | c.slen-=(c.p-c.q); | 133 | c.slen-=(c.p-c.q); |
| 134 | 134 | ||
| 135 | /* Don't use this with d2i_ASN1_BOOLEAN() */ | ||
| 136 | #define M_ASN1_D2I_get_x(type,b,func) \ | ||
| 137 | c.q=c.p; \ | ||
| 138 | if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \ | ||
| 139 | {c.line=__LINE__; goto err; } \ | ||
| 140 | c.slen-=(c.p-c.q); | ||
| 141 | |||
| 135 | /* use this instead () */ | 142 | /* use this instead () */ |
| 136 | #define M_ASN1_D2I_get_int(b,func) \ | 143 | #define M_ASN1_D2I_get_int(b,func) \ |
| 137 | c.q=c.p; \ | 144 | c.q=c.p; \ |
| @@ -278,7 +285,7 @@ err:\ | |||
| 278 | { c.line=__LINE__; goto err; } \ | 285 | { c.line=__LINE__; goto err; } \ |
| 279 | if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ | 286 | if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ |
| 280 | Tlen = c.slen - (c.p - c.q); \ | 287 | Tlen = c.slen - (c.p - c.q); \ |
| 281 | if(!ASN1_check_infinite_end(&c.p, Tlen)) \ | 288 | if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \ |
| 282 | { c.error=ERR_R_MISSING_ASN1_EOS; \ | 289 | { c.error=ERR_R_MISSING_ASN1_EOS; \ |
| 283 | c.line=__LINE__; goto err; } \ | 290 | c.line=__LINE__; goto err; } \ |
| 284 | }\ | 291 | }\ |
| @@ -353,8 +360,12 @@ err:\ | |||
| 353 | return(NULL) | 360 | return(NULL) |
| 354 | 361 | ||
| 355 | 362 | ||
| 356 | #define M_ASN1_next (*c.p) | 363 | /* BIG UGLY WARNING! This is so damn ugly I wanna puke. Unfortunately, |
| 357 | #define M_ASN1_next_prev (*c.q) | 364 | some macros that use ASN1_const_CTX still insist on writing in the input |
| 365 | stream. ARGH! ARGH! ARGH! Let's get rid of this macro package. | ||
| 366 | Please? -- Richard Levitte */ | ||
| 367 | #define M_ASN1_next (*((unsigned char *)(c.p))) | ||
| 368 | #define M_ASN1_next_prev (*((unsigned char *)(c.q))) | ||
| 358 | 369 | ||
| 359 | /*************************************************/ | 370 | /*************************************************/ |
| 360 | 371 | ||
| @@ -551,8 +562,8 @@ err:\ | |||
| 551 | #define M_ASN1_I2D_finish() *pp=p; \ | 562 | #define M_ASN1_I2D_finish() *pp=p; \ |
| 552 | return(r); | 563 | return(r); |
| 553 | 564 | ||
| 554 | int asn1_GetSequence(ASN1_CTX *c, long *length); | 565 | int asn1_GetSequence(ASN1_const_CTX *c, long *length); |
| 555 | void asn1_add_error(unsigned char *address,int offset); | 566 | void asn1_add_error(const unsigned char *address,int offset); |
| 556 | #ifdef __cplusplus | 567 | #ifdef __cplusplus |
| 557 | } | 568 | } |
| 558 | #endif | 569 | #endif |
diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c index 676d434f03..501b62a4b1 100644 --- a/src/lib/libcrypto/asn1/asn1_par.c +++ b/src/lib/libcrypto/asn1/asn1_par.c | |||
| @@ -64,7 +64,7 @@ | |||
| 64 | 64 | ||
| 65 | static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed, | 65 | static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed, |
| 66 | int indent); | 66 | int indent); |
| 67 | static int asn1_parse2(BIO *bp, unsigned char **pp, long length, | 67 | static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, |
| 68 | int offset, int depth, int indent, int dump); | 68 | int offset, int depth, int indent, int dump); |
| 69 | static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, | 69 | static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, |
| 70 | int indent) | 70 | int indent) |
| @@ -88,7 +88,10 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, | |||
| 88 | BIO_snprintf(str,sizeof str,"cont [ %d ]",tag); | 88 | BIO_snprintf(str,sizeof str,"cont [ %d ]",tag); |
| 89 | else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) | 89 | else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) |
| 90 | BIO_snprintf(str,sizeof str,"appl [ %d ]",tag); | 90 | BIO_snprintf(str,sizeof str,"appl [ %d ]",tag); |
| 91 | else p = ASN1_tag2str(tag); | 91 | else if (tag > 30) |
| 92 | BIO_snprintf(str,sizeof str,"<ASN1 %d>",tag); | ||
| 93 | else | ||
| 94 | p = ASN1_tag2str(tag); | ||
| 92 | 95 | ||
| 93 | if (p2 != NULL) | 96 | if (p2 != NULL) |
| 94 | { | 97 | { |
| @@ -103,20 +106,20 @@ err: | |||
| 103 | return(0); | 106 | return(0); |
| 104 | } | 107 | } |
| 105 | 108 | ||
| 106 | int ASN1_parse(BIO *bp, unsigned char *pp, long len, int indent) | 109 | int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent) |
| 107 | { | 110 | { |
| 108 | return(asn1_parse2(bp,&pp,len,0,0,indent,0)); | 111 | return(asn1_parse2(bp,&pp,len,0,0,indent,0)); |
| 109 | } | 112 | } |
| 110 | 113 | ||
| 111 | int ASN1_parse_dump(BIO *bp, unsigned char *pp, long len, int indent, int dump) | 114 | int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump) |
| 112 | { | 115 | { |
| 113 | return(asn1_parse2(bp,&pp,len,0,0,indent,dump)); | 116 | return(asn1_parse2(bp,&pp,len,0,0,indent,dump)); |
| 114 | } | 117 | } |
| 115 | 118 | ||
| 116 | static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset, | 119 | static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset, |
| 117 | int depth, int indent, int dump) | 120 | int depth, int indent, int dump) |
| 118 | { | 121 | { |
| 119 | unsigned char *p,*ep,*tot,*op,*opp; | 122 | const unsigned char *p,*ep,*tot,*op,*opp; |
| 120 | long len; | 123 | long len; |
| 121 | int tag,xclass,ret=0; | 124 | int tag,xclass,ret=0; |
| 122 | int nl,hl,j,r; | 125 | int nl,hl,j,r; |
| @@ -215,7 +218,7 @@ static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset, | |||
| 215 | { | 218 | { |
| 216 | if (BIO_write(bp,":",1) <= 0) goto end; | 219 | if (BIO_write(bp,":",1) <= 0) goto end; |
| 217 | if ((len > 0) && | 220 | if ((len > 0) && |
| 218 | BIO_write(bp,(char *)p,(int)len) | 221 | BIO_write(bp,(const char *)p,(int)len) |
| 219 | != (int)len) | 222 | != (int)len) |
| 220 | goto end; | 223 | goto end; |
| 221 | } | 224 | } |
| @@ -256,9 +259,11 @@ static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset, | |||
| 256 | 259 | ||
| 257 | opp=op; | 260 | opp=op; |
| 258 | os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl); | 261 | os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl); |
| 259 | if (os != NULL) | 262 | if (os != NULL && os->length > 0) |
| 260 | { | 263 | { |
| 261 | opp=os->data; | 264 | opp = os->data; |
| 265 | /* testing whether the octet string is | ||
| 266 | * printable */ | ||
| 262 | for (i=0; i<os->length; i++) | 267 | for (i=0; i<os->length; i++) |
| 263 | { | 268 | { |
| 264 | if (( (opp[i] < ' ') && | 269 | if (( (opp[i] < ' ') && |
| @@ -271,28 +276,47 @@ static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset, | |||
| 271 | break; | 276 | break; |
| 272 | } | 277 | } |
| 273 | } | 278 | } |
| 274 | if (printable && (os->length > 0)) | 279 | if (printable) |
| 280 | /* printable string */ | ||
| 275 | { | 281 | { |
| 276 | if (BIO_write(bp,":",1) <= 0) | 282 | if (BIO_write(bp,":",1) <= 0) |
| 277 | goto end; | 283 | goto end; |
| 278 | if (BIO_write(bp,(char *)opp, | 284 | if (BIO_write(bp,(const char *)opp, |
| 279 | os->length) <= 0) | 285 | os->length) <= 0) |
| 280 | goto end; | 286 | goto end; |
| 281 | } | 287 | } |
| 282 | if (!printable && (os->length > 0) | 288 | else if (!dump) |
| 283 | && dump) | 289 | /* not printable => print octet string |
| 290 | * as hex dump */ | ||
| 291 | { | ||
| 292 | if (BIO_write(bp,"[HEX DUMP]:",11) <= 0) | ||
| 293 | goto end; | ||
| 294 | for (i=0; i<os->length; i++) | ||
| 295 | { | ||
| 296 | if (BIO_printf(bp,"%02X" | ||
| 297 | , opp[i]) <= 0) | ||
| 298 | goto end; | ||
| 299 | } | ||
| 300 | } | ||
| 301 | else | ||
| 302 | /* print the normal dump */ | ||
| 284 | { | 303 | { |
| 285 | if (!nl) | 304 | if (!nl) |
| 286 | { | 305 | { |
| 287 | if (BIO_write(bp,"\n",1) <= 0) | 306 | if (BIO_write(bp,"\n",1) <= 0) |
| 288 | goto end; | 307 | goto end; |
| 289 | } | 308 | } |
| 290 | if (BIO_dump_indent(bp,(char *)opp, | 309 | if (BIO_dump_indent(bp, |
| 291 | ((dump == -1 || dump > os->length)?os->length:dump), | 310 | (const char *)opp, |
| 311 | ((dump == -1 || dump > | ||
| 312 | os->length)?os->length:dump), | ||
| 292 | dump_indent) <= 0) | 313 | dump_indent) <= 0) |
| 293 | goto end; | 314 | goto end; |
| 294 | nl=1; | 315 | nl=1; |
| 295 | } | 316 | } |
| 317 | } | ||
| 318 | if (os != NULL) | ||
| 319 | { | ||
| 296 | M_ASN1_OCTET_STRING_free(os); | 320 | M_ASN1_OCTET_STRING_free(os); |
| 297 | os=NULL; | 321 | os=NULL; |
| 298 | } | 322 | } |
| @@ -368,7 +392,7 @@ static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset, | |||
| 368 | if (BIO_write(bp,"\n",1) <= 0) | 392 | if (BIO_write(bp,"\n",1) <= 0) |
| 369 | goto end; | 393 | goto end; |
| 370 | } | 394 | } |
| 371 | if (BIO_dump_indent(bp,(char *)p, | 395 | if (BIO_dump_indent(bp,(const char *)p, |
| 372 | ((dump == -1 || dump > len)?len:dump), | 396 | ((dump == -1 || dump > len)?len:dump), |
| 373 | dump_indent) <= 0) | 397 | dump_indent) <= 0) |
| 374 | goto end; | 398 | goto end; |
| @@ -398,7 +422,7 @@ end: | |||
| 398 | 422 | ||
| 399 | const char *ASN1_tag2str(int tag) | 423 | const char *ASN1_tag2str(int tag) |
| 400 | { | 424 | { |
| 401 | const static char *tag2str[] = { | 425 | static const char *tag2str[] = { |
| 402 | "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */ | 426 | "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */ |
| 403 | "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */ | 427 | "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */ |
| 404 | "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>", /* 10-13 */ | 428 | "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>", /* 10-13 */ |
diff --git a/src/lib/libcrypto/asn1/asn1t.h b/src/lib/libcrypto/asn1/asn1t.h index ed372f8554..bf315e65ed 100644 --- a/src/lib/libcrypto/asn1/asn1t.h +++ b/src/lib/libcrypto/asn1/asn1t.h | |||
| @@ -99,7 +99,7 @@ extern "C" { | |||
| 99 | #define ASN1_ITEM_start(itname) \ | 99 | #define ASN1_ITEM_start(itname) \ |
| 100 | const ASN1_ITEM * itname##_it(void) \ | 100 | const ASN1_ITEM * itname##_it(void) \ |
| 101 | { \ | 101 | { \ |
| 102 | static const ASN1_ITEM local_it = { \ | 102 | static const ASN1_ITEM local_it = { |
| 103 | 103 | ||
| 104 | #define ASN1_ITEM_end(itname) \ | 104 | #define ASN1_ITEM_end(itname) \ |
| 105 | }; \ | 105 | }; \ |
| @@ -112,7 +112,7 @@ extern "C" { | |||
| 112 | /* Macros to aid ASN1 template writing */ | 112 | /* Macros to aid ASN1 template writing */ |
| 113 | 113 | ||
| 114 | #define ASN1_ITEM_TEMPLATE(tname) \ | 114 | #define ASN1_ITEM_TEMPLATE(tname) \ |
| 115 | const static ASN1_TEMPLATE tname##_item_tt | 115 | static const ASN1_TEMPLATE tname##_item_tt |
| 116 | 116 | ||
| 117 | #define ASN1_ITEM_TEMPLATE_END(tname) \ | 117 | #define ASN1_ITEM_TEMPLATE_END(tname) \ |
| 118 | ;\ | 118 | ;\ |
| @@ -150,7 +150,7 @@ extern "C" { | |||
| 150 | */ | 150 | */ |
| 151 | 151 | ||
| 152 | #define ASN1_SEQUENCE(tname) \ | 152 | #define ASN1_SEQUENCE(tname) \ |
| 153 | const static ASN1_TEMPLATE tname##_seq_tt[] | 153 | static const ASN1_TEMPLATE tname##_seq_tt[] |
| 154 | 154 | ||
| 155 | #define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname) | 155 | #define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname) |
| 156 | 156 | ||
| @@ -166,22 +166,40 @@ extern "C" { | |||
| 166 | #stname \ | 166 | #stname \ |
| 167 | ASN1_ITEM_end(tname) | 167 | ASN1_ITEM_end(tname) |
| 168 | 168 | ||
| 169 | #define ASN1_NDEF_SEQUENCE(tname) \ | ||
| 170 | ASN1_SEQUENCE(tname) | ||
| 171 | |||
| 172 | #define ASN1_NDEF_SEQUENCE_cb(tname, cb) \ | ||
| 173 | ASN1_SEQUENCE_cb(tname, cb) | ||
| 174 | |||
| 169 | #define ASN1_SEQUENCE_cb(tname, cb) \ | 175 | #define ASN1_SEQUENCE_cb(tname, cb) \ |
| 170 | const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ | 176 | static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ |
| 171 | ASN1_SEQUENCE(tname) | 177 | ASN1_SEQUENCE(tname) |
| 172 | 178 | ||
| 173 | #define ASN1_BROKEN_SEQUENCE(tname) \ | 179 | #define ASN1_BROKEN_SEQUENCE(tname) \ |
| 174 | const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \ | 180 | static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \ |
| 175 | ASN1_SEQUENCE(tname) | 181 | ASN1_SEQUENCE(tname) |
| 176 | 182 | ||
| 177 | #define ASN1_SEQUENCE_ref(tname, cb, lck) \ | 183 | #define ASN1_SEQUENCE_ref(tname, cb, lck) \ |
| 178 | const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \ | 184 | static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \ |
| 179 | ASN1_SEQUENCE(tname) | 185 | ASN1_SEQUENCE(tname) |
| 180 | 186 | ||
| 181 | #define ASN1_SEQUENCE_enc(tname, enc, cb) \ | 187 | #define ASN1_SEQUENCE_enc(tname, enc, cb) \ |
| 182 | const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \ | 188 | static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \ |
| 183 | ASN1_SEQUENCE(tname) | 189 | ASN1_SEQUENCE(tname) |
| 184 | 190 | ||
| 191 | #define ASN1_NDEF_SEQUENCE_END(tname) \ | ||
| 192 | ;\ | ||
| 193 | ASN1_ITEM_start(tname) \ | ||
| 194 | ASN1_ITYPE_NDEF_SEQUENCE,\ | ||
| 195 | V_ASN1_SEQUENCE,\ | ||
| 196 | tname##_seq_tt,\ | ||
| 197 | sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ | ||
| 198 | NULL,\ | ||
| 199 | sizeof(tname),\ | ||
| 200 | #tname \ | ||
| 201 | ASN1_ITEM_end(tname) | ||
| 202 | |||
| 185 | #define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname) | 203 | #define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname) |
| 186 | 204 | ||
| 187 | #define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) | 205 | #define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) |
| @@ -224,10 +242,10 @@ extern "C" { | |||
| 224 | */ | 242 | */ |
| 225 | 243 | ||
| 226 | #define ASN1_CHOICE(tname) \ | 244 | #define ASN1_CHOICE(tname) \ |
| 227 | const static ASN1_TEMPLATE tname##_ch_tt[] | 245 | static const ASN1_TEMPLATE tname##_ch_tt[] |
| 228 | 246 | ||
| 229 | #define ASN1_CHOICE_cb(tname, cb) \ | 247 | #define ASN1_CHOICE_cb(tname, cb) \ |
| 230 | const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ | 248 | static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ |
| 231 | ASN1_CHOICE(tname) | 249 | ASN1_CHOICE(tname) |
| 232 | 250 | ||
| 233 | #define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname) | 251 | #define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname) |
| @@ -353,16 +371,24 @@ extern "C" { | |||
| 353 | #define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \ | 371 | #define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \ |
| 354 | ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) | 372 | ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) |
| 355 | 373 | ||
| 374 | /* EXPLICIT using indefinite length constructed form */ | ||
| 375 | #define ASN1_NDEF_EXP(stname, field, type, tag) \ | ||
| 376 | ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF) | ||
| 377 | |||
| 378 | /* EXPLICIT OPTIONAL using indefinite length constructed form */ | ||
| 379 | #define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \ | ||
| 380 | ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF) | ||
| 381 | |||
| 356 | /* Macros for the ASN1_ADB structure */ | 382 | /* Macros for the ASN1_ADB structure */ |
| 357 | 383 | ||
| 358 | #define ASN1_ADB(name) \ | 384 | #define ASN1_ADB(name) \ |
| 359 | const static ASN1_ADB_TABLE name##_adbtbl[] | 385 | static const ASN1_ADB_TABLE name##_adbtbl[] |
| 360 | 386 | ||
| 361 | #ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION | 387 | #ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION |
| 362 | 388 | ||
| 363 | #define ASN1_ADB_END(name, flags, field, app_table, def, none) \ | 389 | #define ASN1_ADB_END(name, flags, field, app_table, def, none) \ |
| 364 | ;\ | 390 | ;\ |
| 365 | const static ASN1_ADB name##_adb = {\ | 391 | static const ASN1_ADB name##_adb = {\ |
| 366 | flags,\ | 392 | flags,\ |
| 367 | offsetof(name, field),\ | 393 | offsetof(name, field),\ |
| 368 | app_table,\ | 394 | app_table,\ |
| @@ -376,9 +402,9 @@ extern "C" { | |||
| 376 | 402 | ||
| 377 | #define ASN1_ADB_END(name, flags, field, app_table, def, none) \ | 403 | #define ASN1_ADB_END(name, flags, field, app_table, def, none) \ |
| 378 | ;\ | 404 | ;\ |
| 379 | const static ASN1_ITEM *name##_adb(void) \ | 405 | static const ASN1_ITEM *name##_adb(void) \ |
| 380 | { \ | 406 | { \ |
| 381 | const static ASN1_ADB internal_adb = \ | 407 | static const ASN1_ADB internal_adb = \ |
| 382 | {\ | 408 | {\ |
| 383 | flags,\ | 409 | flags,\ |
| 384 | offsetof(name, field),\ | 410 | offsetof(name, field),\ |
| @@ -397,7 +423,7 @@ extern "C" { | |||
| 397 | #define ADB_ENTRY(val, template) {val, template} | 423 | #define ADB_ENTRY(val, template) {val, template} |
| 398 | 424 | ||
| 399 | #define ASN1_ADB_TEMPLATE(name) \ | 425 | #define ASN1_ADB_TEMPLATE(name) \ |
| 400 | const static ASN1_TEMPLATE name##_tt | 426 | static const ASN1_TEMPLATE name##_tt |
| 401 | 427 | ||
| 402 | /* This is the ASN1 template structure that defines | 428 | /* This is the ASN1 template structure that defines |
| 403 | * a wrapper round the actual type. It determines the | 429 | * a wrapper round the actual type. It determines the |
| @@ -410,7 +436,7 @@ unsigned long flags; /* Various flags */ | |||
| 410 | long tag; /* tag, not used if no tagging */ | 436 | long tag; /* tag, not used if no tagging */ |
| 411 | unsigned long offset; /* Offset of this field in structure */ | 437 | unsigned long offset; /* Offset of this field in structure */ |
| 412 | #ifndef NO_ASN1_FIELD_NAMES | 438 | #ifndef NO_ASN1_FIELD_NAMES |
| 413 | char *field_name; /* Field name */ | 439 | const char *field_name; /* Field name */ |
| 414 | #endif | 440 | #endif |
| 415 | ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */ | 441 | ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */ |
| 416 | }; | 442 | }; |
| @@ -518,6 +544,13 @@ struct ASN1_ADB_TABLE_st { | |||
| 518 | 544 | ||
| 519 | #define ASN1_TFLG_COMBINE (0x1<<10) | 545 | #define ASN1_TFLG_COMBINE (0x1<<10) |
| 520 | 546 | ||
| 547 | /* This flag when present in a SEQUENCE OF, SET OF | ||
| 548 | * or EXPLICIT causes indefinite length constructed | ||
| 549 | * encoding to be used if required. | ||
| 550 | */ | ||
| 551 | |||
| 552 | #define ASN1_TFLG_NDEF (0x1<<11) | ||
| 553 | |||
| 521 | /* This is the actual ASN1 item itself */ | 554 | /* This is the actual ASN1 item itself */ |
| 522 | 555 | ||
| 523 | struct ASN1_ITEM_st { | 556 | struct ASN1_ITEM_st { |
| @@ -570,19 +603,25 @@ const char *sname; /* Structure name */ | |||
| 570 | * has a special meaning, it is used as a mask | 603 | * has a special meaning, it is used as a mask |
| 571 | * of acceptable types using the B_ASN1 constants. | 604 | * of acceptable types using the B_ASN1 constants. |
| 572 | * | 605 | * |
| 606 | * NDEF_SEQUENCE is the same as SEQUENCE except | ||
| 607 | * that it will use indefinite length constructed | ||
| 608 | * encoding if requested. | ||
| 609 | * | ||
| 573 | */ | 610 | */ |
| 574 | 611 | ||
| 575 | #define ASN1_ITYPE_PRIMITIVE 0x0 | 612 | #define ASN1_ITYPE_PRIMITIVE 0x0 |
| 613 | |||
| 614 | #define ASN1_ITYPE_SEQUENCE 0x1 | ||
| 576 | 615 | ||
| 577 | #define ASN1_ITYPE_SEQUENCE 0x1 | 616 | #define ASN1_ITYPE_CHOICE 0x2 |
| 578 | 617 | ||
| 579 | #define ASN1_ITYPE_CHOICE 0x2 | 618 | #define ASN1_ITYPE_COMPAT 0x3 |
| 580 | 619 | ||
| 581 | #define ASN1_ITYPE_COMPAT 0x3 | 620 | #define ASN1_ITYPE_EXTERN 0x4 |
| 582 | 621 | ||
| 583 | #define ASN1_ITYPE_EXTERN 0x4 | 622 | #define ASN1_ITYPE_MSTRING 0x5 |
| 584 | 623 | ||
| 585 | #define ASN1_ITYPE_MSTRING 0x5 | 624 | #define ASN1_ITYPE_NDEF_SEQUENCE 0x6 |
| 586 | 625 | ||
| 587 | /* Cache for ASN1 tag and length, so we | 626 | /* Cache for ASN1 tag and length, so we |
| 588 | * don't keep re-reading it for things | 627 | * don't keep re-reading it for things |
| @@ -602,10 +641,10 @@ struct ASN1_TLC_st{ | |||
| 602 | 641 | ||
| 603 | typedef ASN1_VALUE * ASN1_new_func(void); | 642 | typedef ASN1_VALUE * ASN1_new_func(void); |
| 604 | typedef void ASN1_free_func(ASN1_VALUE *a); | 643 | typedef void ASN1_free_func(ASN1_VALUE *a); |
| 605 | typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, unsigned char ** in, long length); | 644 | typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length); |
| 606 | typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in); | 645 | typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in); |
| 607 | 646 | ||
| 608 | typedef int ASN1_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, | 647 | typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, |
| 609 | int tag, int aclass, char opt, ASN1_TLC *ctx); | 648 | int tag, int aclass, char opt, ASN1_TLC *ctx); |
| 610 | 649 | ||
| 611 | typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); | 650 | typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); |
| @@ -613,7 +652,7 @@ typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it); | |||
| 613 | typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); | 652 | typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); |
| 614 | 653 | ||
| 615 | typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); | 654 | typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); |
| 616 | typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); | 655 | typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); |
| 617 | 656 | ||
| 618 | typedef struct ASN1_COMPAT_FUNCS_st { | 657 | typedef struct ASN1_COMPAT_FUNCS_st { |
| 619 | ASN1_new_func *asn1_new; | 658 | ASN1_new_func *asn1_new; |
| @@ -743,6 +782,9 @@ typedef struct ASN1_AUX_st { | |||
| 743 | #define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \ | 782 | #define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \ |
| 744 | IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname) | 783 | IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname) |
| 745 | 784 | ||
| 785 | #define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \ | ||
| 786 | IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname) | ||
| 787 | |||
| 746 | #define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \ | 788 | #define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \ |
| 747 | stname *fname##_new(void) \ | 789 | stname *fname##_new(void) \ |
| 748 | { \ | 790 | { \ |
| @@ -758,7 +800,7 @@ typedef struct ASN1_AUX_st { | |||
| 758 | IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) | 800 | IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) |
| 759 | 801 | ||
| 760 | #define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ | 802 | #define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ |
| 761 | stname *d2i_##fname(stname **a, unsigned char **in, long len) \ | 803 | stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ |
| 762 | { \ | 804 | { \ |
| 763 | return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ | 805 | return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ |
| 764 | } \ | 806 | } \ |
| @@ -767,13 +809,19 @@ typedef struct ASN1_AUX_st { | |||
| 767 | return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ | 809 | return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ |
| 768 | } | 810 | } |
| 769 | 811 | ||
| 812 | #define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \ | ||
| 813 | int i2d_##stname##_NDEF(stname *a, unsigned char **out) \ | ||
| 814 | { \ | ||
| 815 | return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\ | ||
| 816 | } | ||
| 817 | |||
| 770 | /* This includes evil casts to remove const: they will go away when full | 818 | /* This includes evil casts to remove const: they will go away when full |
| 771 | * ASN1 constification is done. | 819 | * ASN1 constification is done. |
| 772 | */ | 820 | */ |
| 773 | #define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ | 821 | #define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ |
| 774 | stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ | 822 | stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ |
| 775 | { \ | 823 | { \ |
| 776 | return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, (unsigned char **)in, len, ASN1_ITEM_rptr(itname));\ | 824 | return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ |
| 777 | } \ | 825 | } \ |
| 778 | int i2d_##fname(const stname *a, unsigned char **out) \ | 826 | int i2d_##fname(const stname *a, unsigned char **out) \ |
| 779 | { \ | 827 | { \ |
| @@ -798,7 +846,6 @@ typedef struct ASN1_AUX_st { | |||
| 798 | DECLARE_ASN1_ITEM(ASN1_BOOLEAN) | 846 | DECLARE_ASN1_ITEM(ASN1_BOOLEAN) |
| 799 | DECLARE_ASN1_ITEM(ASN1_TBOOLEAN) | 847 | DECLARE_ASN1_ITEM(ASN1_TBOOLEAN) |
| 800 | DECLARE_ASN1_ITEM(ASN1_FBOOLEAN) | 848 | DECLARE_ASN1_ITEM(ASN1_FBOOLEAN) |
| 801 | DECLARE_ASN1_ITEM(ASN1_ANY) | ||
| 802 | DECLARE_ASN1_ITEM(ASN1_SEQUENCE) | 849 | DECLARE_ASN1_ITEM(ASN1_SEQUENCE) |
| 803 | DECLARE_ASN1_ITEM(CBIGNUM) | 850 | DECLARE_ASN1_ITEM(CBIGNUM) |
| 804 | DECLARE_ASN1_ITEM(BIGNUM) | 851 | DECLARE_ASN1_ITEM(BIGNUM) |
| @@ -815,8 +862,8 @@ int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); | |||
| 815 | int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it); | 862 | int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it); |
| 816 | 863 | ||
| 817 | void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); | 864 | void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); |
| 818 | int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt); | 865 | int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt); |
| 819 | int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, | 866 | int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, |
| 820 | int tag, int aclass, char opt, ASN1_TLC *ctx); | 867 | int tag, int aclass, char opt, ASN1_TLC *ctx); |
| 821 | 868 | ||
| 822 | int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); | 869 | int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); |
| @@ -824,7 +871,7 @@ int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLAT | |||
| 824 | void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); | 871 | void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); |
| 825 | 872 | ||
| 826 | int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); | 873 | int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); |
| 827 | int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); | 874 | int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); |
| 828 | 875 | ||
| 829 | int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); | 876 | int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); |
| 830 | int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it); | 877 | int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it); |
| @@ -838,7 +885,7 @@ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it); | |||
| 838 | void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); | 885 | void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); |
| 839 | void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it); | 886 | void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it); |
| 840 | int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it); | 887 | int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it); |
| 841 | int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it); | 888 | int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it); |
| 842 | 889 | ||
| 843 | #ifdef __cplusplus | 890 | #ifdef __cplusplus |
| 844 | } | 891 | } |
diff --git a/src/lib/libcrypto/asn1/asn_moid.c b/src/lib/libcrypto/asn1/asn_moid.c index edb44c988f..9132350f10 100644 --- a/src/lib/libcrypto/asn1/asn_moid.c +++ b/src/lib/libcrypto/asn1/asn_moid.c | |||
| @@ -3,7 +3,7 @@ | |||
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 2001 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 2001-2004 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -57,6 +57,7 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <ctype.h> | ||
| 60 | #include <openssl/crypto.h> | 61 | #include <openssl/crypto.h> |
| 61 | #include "cryptlib.h" | 62 | #include "cryptlib.h" |
| 62 | #include <openssl/conf.h> | 63 | #include <openssl/conf.h> |
| @@ -65,6 +66,8 @@ | |||
| 65 | 66 | ||
| 66 | /* Simple ASN1 OID module: add all objects in a given section */ | 67 | /* Simple ASN1 OID module: add all objects in a given section */ |
| 67 | 68 | ||
| 69 | static int do_create(char *value, char *name); | ||
| 70 | |||
| 68 | static int oid_module_init(CONF_IMODULE *md, const CONF *cnf) | 71 | static int oid_module_init(CONF_IMODULE *md, const CONF *cnf) |
| 69 | { | 72 | { |
| 70 | int i; | 73 | int i; |
| @@ -80,7 +83,7 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf) | |||
| 80 | for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) | 83 | for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) |
| 81 | { | 84 | { |
| 82 | oval = sk_CONF_VALUE_value(sktmp, i); | 85 | oval = sk_CONF_VALUE_value(sktmp, i); |
| 83 | if(OBJ_create(oval->value, oval->name, oval->name) == NID_undef) | 86 | if(!do_create(oval->value, oval->name)) |
| 84 | { | 87 | { |
| 85 | ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT); | 88 | ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT); |
| 86 | return 0; | 89 | return 0; |
| @@ -98,3 +101,60 @@ void ASN1_add_oid_module(void) | |||
| 98 | { | 101 | { |
| 99 | CONF_module_add("oid_section", oid_module_init, oid_module_finish); | 102 | CONF_module_add("oid_section", oid_module_init, oid_module_finish); |
| 100 | } | 103 | } |
| 104 | |||
| 105 | /* Create an OID based on a name value pair. Accept two formats. | ||
| 106 | * shortname = 1.2.3.4 | ||
| 107 | * shortname = some long name, 1.2.3.4 | ||
| 108 | */ | ||
| 109 | |||
| 110 | |||
| 111 | static int do_create(char *value, char *name) | ||
| 112 | { | ||
| 113 | int nid; | ||
| 114 | ASN1_OBJECT *oid; | ||
| 115 | char *ln, *ostr, *p, *lntmp; | ||
| 116 | p = strrchr(value, ','); | ||
| 117 | if (!p) | ||
| 118 | { | ||
| 119 | ln = name; | ||
| 120 | ostr = value; | ||
| 121 | } | ||
| 122 | else | ||
| 123 | { | ||
| 124 | ln = NULL; | ||
| 125 | ostr = p + 1; | ||
| 126 | if (!*ostr) | ||
| 127 | return 0; | ||
| 128 | while(isspace((unsigned char)*ostr)) ostr++; | ||
| 129 | } | ||
| 130 | |||
| 131 | nid = OBJ_create(ostr, name, ln); | ||
| 132 | |||
| 133 | if (nid == NID_undef) | ||
| 134 | return 0; | ||
| 135 | |||
| 136 | if (p) | ||
| 137 | { | ||
| 138 | ln = value; | ||
| 139 | while(isspace((unsigned char)*ln)) ln++; | ||
| 140 | p--; | ||
| 141 | while(isspace((unsigned char)*p)) | ||
| 142 | { | ||
| 143 | if (p == ln) | ||
| 144 | return 0; | ||
| 145 | p--; | ||
| 146 | } | ||
| 147 | p++; | ||
| 148 | lntmp = OPENSSL_malloc((p - ln) + 1); | ||
| 149 | if (lntmp == NULL) | ||
| 150 | return 0; | ||
| 151 | memcpy(lntmp, ln, p - ln); | ||
| 152 | lntmp[p - ln] = 0; | ||
| 153 | oid = OBJ_nid2obj(nid); | ||
| 154 | oid->ln = lntmp; | ||
| 155 | } | ||
| 156 | |||
| 157 | return 1; | ||
| 158 | } | ||
| 159 | |||
| 160 | |||
diff --git a/src/lib/libcrypto/asn1/asn_pack.c b/src/lib/libcrypto/asn1/asn_pack.c index e6051db2dc..e8b671b7b5 100644 --- a/src/lib/libcrypto/asn1/asn_pack.c +++ b/src/lib/libcrypto/asn1/asn_pack.c | |||
| @@ -66,11 +66,11 @@ | |||
| 66 | 66 | ||
| 67 | /* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */ | 67 | /* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */ |
| 68 | 68 | ||
| 69 | STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), | 69 | STACK *ASN1_seq_unpack(const unsigned char *buf, int len, |
| 70 | void (*free_func)(void *)) | 70 | d2i_of_void *d2i,void (*free_func)(void *)) |
| 71 | { | 71 | { |
| 72 | STACK *sk; | 72 | STACK *sk; |
| 73 | unsigned char *pbuf; | 73 | const unsigned char *pbuf; |
| 74 | pbuf = buf; | 74 | pbuf = buf; |
| 75 | if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func, | 75 | if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func, |
| 76 | V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL))) | 76 | V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL))) |
| @@ -82,8 +82,8 @@ STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), | |||
| 82 | * OPENSSL_malloc'ed buffer | 82 | * OPENSSL_malloc'ed buffer |
| 83 | */ | 83 | */ |
| 84 | 84 | ||
| 85 | unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, | 85 | unsigned char *ASN1_seq_pack(STACK *safes, i2d_of_void *i2d, |
| 86 | int *len) | 86 | unsigned char **buf, int *len) |
| 87 | { | 87 | { |
| 88 | int safelen; | 88 | int safelen; |
| 89 | unsigned char *safe, *p; | 89 | unsigned char *safe, *p; |
| @@ -106,9 +106,9 @@ unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, | |||
| 106 | 106 | ||
| 107 | /* Extract an ASN1 object from an ASN1_STRING */ | 107 | /* Extract an ASN1 object from an ASN1_STRING */ |
| 108 | 108 | ||
| 109 | void *ASN1_unpack_string (ASN1_STRING *oct, char *(*d2i)()) | 109 | void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i) |
| 110 | { | 110 | { |
| 111 | unsigned char *p; | 111 | const unsigned char *p; |
| 112 | char *ret; | 112 | char *ret; |
| 113 | 113 | ||
| 114 | p = oct->data; | 114 | p = oct->data; |
| @@ -119,7 +119,7 @@ void *ASN1_unpack_string (ASN1_STRING *oct, char *(*d2i)()) | |||
| 119 | 119 | ||
| 120 | /* Pack an ASN1 object into an ASN1_STRING */ | 120 | /* Pack an ASN1 object into an ASN1_STRING */ |
| 121 | 121 | ||
| 122 | ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_STRING **oct) | 122 | ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct) |
| 123 | { | 123 | { |
| 124 | unsigned char *p; | 124 | unsigned char *p; |
| 125 | ASN1_STRING *octmp; | 125 | ASN1_STRING *octmp; |
| @@ -155,7 +155,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) | |||
| 155 | 155 | ||
| 156 | if (!oct || !*oct) { | 156 | if (!oct || !*oct) { |
| 157 | if (!(octmp = ASN1_STRING_new ())) { | 157 | if (!(octmp = ASN1_STRING_new ())) { |
| 158 | ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); | 158 | ASN1err(ASN1_F_ASN1_ITEM_PACK,ERR_R_MALLOC_FAILURE); |
| 159 | return NULL; | 159 | return NULL; |
| 160 | } | 160 | } |
| 161 | if (oct) *oct = octmp; | 161 | if (oct) *oct = octmp; |
| @@ -167,11 +167,11 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) | |||
| 167 | } | 167 | } |
| 168 | 168 | ||
| 169 | if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) { | 169 | if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) { |
| 170 | ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR); | 170 | ASN1err(ASN1_F_ASN1_ITEM_PACK,ASN1_R_ENCODE_ERROR); |
| 171 | return NULL; | 171 | return NULL; |
| 172 | } | 172 | } |
| 173 | if (!octmp->data) { | 173 | if (!octmp->data) { |
| 174 | ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); | 174 | ASN1err(ASN1_F_ASN1_ITEM_PACK,ERR_R_MALLOC_FAILURE); |
| 175 | return NULL; | 175 | return NULL; |
| 176 | } | 176 | } |
| 177 | return octmp; | 177 | return octmp; |
| @@ -181,11 +181,11 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) | |||
| 181 | 181 | ||
| 182 | void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it) | 182 | void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it) |
| 183 | { | 183 | { |
| 184 | unsigned char *p; | 184 | const unsigned char *p; |
| 185 | void *ret; | 185 | void *ret; |
| 186 | 186 | ||
| 187 | p = oct->data; | 187 | p = oct->data; |
| 188 | if(!(ret = ASN1_item_d2i(NULL, &p, oct->length, it))) | 188 | if(!(ret = ASN1_item_d2i(NULL, &p, oct->length, it))) |
| 189 | ASN1err(ASN1_F_ASN1_UNPACK_STRING,ASN1_R_DECODE_ERROR); | 189 | ASN1err(ASN1_F_ASN1_ITEM_UNPACK,ASN1_R_DECODE_ERROR); |
| 190 | return ret; | 190 | return ret; |
| 191 | } | 191 | } |
diff --git a/src/lib/libcrypto/asn1/d2i_pr.c b/src/lib/libcrypto/asn1/d2i_pr.c index 2e7d96af90..207ccda5ac 100644 --- a/src/lib/libcrypto/asn1/d2i_pr.c +++ b/src/lib/libcrypto/asn1/d2i_pr.c | |||
| @@ -68,8 +68,11 @@ | |||
| 68 | #ifndef OPENSSL_NO_DSA | 68 | #ifndef OPENSSL_NO_DSA |
| 69 | #include <openssl/dsa.h> | 69 | #include <openssl/dsa.h> |
| 70 | #endif | 70 | #endif |
| 71 | #ifndef OPENSSL_NO_EC | ||
| 72 | #include <openssl/ec.h> | ||
| 73 | #endif | ||
| 71 | 74 | ||
| 72 | EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp, | 75 | EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, |
| 73 | long length) | 76 | long length) |
| 74 | { | 77 | { |
| 75 | EVP_PKEY *ret; | 78 | EVP_PKEY *ret; |
| @@ -108,6 +111,16 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp, | |||
| 108 | } | 111 | } |
| 109 | break; | 112 | break; |
| 110 | #endif | 113 | #endif |
| 114 | #ifndef OPENSSL_NO_EC | ||
| 115 | case EVP_PKEY_EC: | ||
| 116 | if ((ret->pkey.ec = d2i_ECPrivateKey(NULL, | ||
| 117 | (const unsigned char **)pp, length)) == NULL) | ||
| 118 | { | ||
| 119 | ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB); | ||
| 120 | goto err; | ||
| 121 | } | ||
| 122 | break; | ||
| 123 | #endif | ||
| 111 | default: | 124 | default: |
| 112 | ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); | 125 | ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); |
| 113 | goto err; | 126 | goto err; |
| @@ -122,11 +135,11 @@ err: | |||
| 122 | 135 | ||
| 123 | /* This works like d2i_PrivateKey() except it automatically works out the type */ | 136 | /* This works like d2i_PrivateKey() except it automatically works out the type */ |
| 124 | 137 | ||
| 125 | EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp, | 138 | EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, |
| 126 | long length) | 139 | long length) |
| 127 | { | 140 | { |
| 128 | STACK_OF(ASN1_TYPE) *inkey; | 141 | STACK_OF(ASN1_TYPE) *inkey; |
| 129 | unsigned char *p; | 142 | const unsigned char *p; |
| 130 | int keytype; | 143 | int keytype; |
| 131 | p = *pp; | 144 | p = *pp; |
| 132 | /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): | 145 | /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): |
| @@ -138,7 +151,10 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp, | |||
| 138 | /* Since we only need to discern "traditional format" RSA and DSA | 151 | /* Since we only need to discern "traditional format" RSA and DSA |
| 139 | * keys we can just count the elements. | 152 | * keys we can just count the elements. |
| 140 | */ | 153 | */ |
| 141 | if(sk_ASN1_TYPE_num(inkey) == 6) keytype = EVP_PKEY_DSA; | 154 | if(sk_ASN1_TYPE_num(inkey) == 6) |
| 155 | keytype = EVP_PKEY_DSA; | ||
| 156 | else if (sk_ASN1_TYPE_num(inkey) == 4) | ||
| 157 | keytype = EVP_PKEY_EC; | ||
| 142 | else keytype = EVP_PKEY_RSA; | 158 | else keytype = EVP_PKEY_RSA; |
| 143 | sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); | 159 | sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); |
| 144 | return d2i_PrivateKey(keytype, a, pp, length); | 160 | return d2i_PrivateKey(keytype, a, pp, length); |
diff --git a/src/lib/libcrypto/asn1/d2i_pu.c b/src/lib/libcrypto/asn1/d2i_pu.c index 71f2eb361b..3694f51a8c 100644 --- a/src/lib/libcrypto/asn1/d2i_pu.c +++ b/src/lib/libcrypto/asn1/d2i_pu.c | |||
| @@ -68,8 +68,11 @@ | |||
| 68 | #ifndef OPENSSL_NO_DSA | 68 | #ifndef OPENSSL_NO_DSA |
| 69 | #include <openssl/dsa.h> | 69 | #include <openssl/dsa.h> |
| 70 | #endif | 70 | #endif |
| 71 | #ifndef OPENSSL_NO_EC | ||
| 72 | #include <openssl/ec.h> | ||
| 73 | #endif | ||
| 71 | 74 | ||
| 72 | EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, | 75 | EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, |
| 73 | long length) | 76 | long length) |
| 74 | { | 77 | { |
| 75 | EVP_PKEY *ret; | 78 | EVP_PKEY *ret; |
| @@ -100,14 +103,24 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, | |||
| 100 | #endif | 103 | #endif |
| 101 | #ifndef OPENSSL_NO_DSA | 104 | #ifndef OPENSSL_NO_DSA |
| 102 | case EVP_PKEY_DSA: | 105 | case EVP_PKEY_DSA: |
| 103 | if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL, | 106 | if (!d2i_DSAPublicKey(&(ret->pkey.dsa), |
| 104 | (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ | 107 | (const unsigned char **)pp,length)) /* TMP UGLY CAST */ |
| 105 | { | 108 | { |
| 106 | ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); | 109 | ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); |
| 107 | goto err; | 110 | goto err; |
| 108 | } | 111 | } |
| 109 | break; | 112 | break; |
| 110 | #endif | 113 | #endif |
| 114 | #ifndef OPENSSL_NO_EC | ||
| 115 | case EVP_PKEY_EC: | ||
| 116 | if (!o2i_ECPublicKey(&(ret->pkey.ec), | ||
| 117 | (const unsigned char **)pp, length)) | ||
| 118 | { | ||
| 119 | ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB); | ||
| 120 | goto err; | ||
| 121 | } | ||
| 122 | break; | ||
| 123 | #endif | ||
| 111 | default: | 124 | default: |
| 112 | ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); | 125 | ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); |
| 113 | goto err; | 126 | goto err; |
diff --git a/src/lib/libcrypto/asn1/evp_asn1.c b/src/lib/libcrypto/asn1/evp_asn1.c index f92ce6cb5d..f3d9804860 100644 --- a/src/lib/libcrypto/asn1/evp_asn1.c +++ b/src/lib/libcrypto/asn1/evp_asn1.c | |||
| @@ -141,9 +141,9 @@ int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data, | |||
| 141 | int ret= -1,n; | 141 | int ret= -1,n; |
| 142 | ASN1_INTEGER *ai=NULL; | 142 | ASN1_INTEGER *ai=NULL; |
| 143 | ASN1_OCTET_STRING *os=NULL; | 143 | ASN1_OCTET_STRING *os=NULL; |
| 144 | unsigned char *p; | 144 | const unsigned char *p; |
| 145 | long length; | 145 | long length; |
| 146 | ASN1_CTX c; | 146 | ASN1_const_CTX c; |
| 147 | 147 | ||
| 148 | if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) | 148 | if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) |
| 149 | { | 149 | { |
diff --git a/src/lib/libcrypto/asn1/i2d_pr.c b/src/lib/libcrypto/asn1/i2d_pr.c index 1e951ae01d..0be52c5b76 100644 --- a/src/lib/libcrypto/asn1/i2d_pr.c +++ b/src/lib/libcrypto/asn1/i2d_pr.c | |||
| @@ -67,6 +67,9 @@ | |||
| 67 | #ifndef OPENSSL_NO_DSA | 67 | #ifndef OPENSSL_NO_DSA |
| 68 | #include <openssl/dsa.h> | 68 | #include <openssl/dsa.h> |
| 69 | #endif | 69 | #endif |
| 70 | #ifndef OPENSSL_NO_EC | ||
| 71 | #include <openssl/ec.h> | ||
| 72 | #endif | ||
| 70 | 73 | ||
| 71 | int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) | 74 | int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) |
| 72 | { | 75 | { |
| @@ -83,6 +86,12 @@ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) | |||
| 83 | return(i2d_DSAPrivateKey(a->pkey.dsa,pp)); | 86 | return(i2d_DSAPrivateKey(a->pkey.dsa,pp)); |
| 84 | } | 87 | } |
| 85 | #endif | 88 | #endif |
| 89 | #ifndef OPENSSL_NO_EC | ||
| 90 | if (a->type == EVP_PKEY_EC) | ||
| 91 | { | ||
| 92 | return(i2d_ECPrivateKey(a->pkey.ec, pp)); | ||
| 93 | } | ||
| 94 | #endif | ||
| 86 | 95 | ||
| 87 | ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); | 96 | ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); |
| 88 | return(-1); | 97 | return(-1); |
diff --git a/src/lib/libcrypto/asn1/i2d_pu.c b/src/lib/libcrypto/asn1/i2d_pu.c index 013d19bbf4..34286dbd35 100644 --- a/src/lib/libcrypto/asn1/i2d_pu.c +++ b/src/lib/libcrypto/asn1/i2d_pu.c | |||
| @@ -67,6 +67,9 @@ | |||
| 67 | #ifndef OPENSSL_NO_DSA | 67 | #ifndef OPENSSL_NO_DSA |
| 68 | #include <openssl/dsa.h> | 68 | #include <openssl/dsa.h> |
| 69 | #endif | 69 | #endif |
| 70 | #ifndef OPENSSL_NO_EC | ||
| 71 | #include <openssl/ec.h> | ||
| 72 | #endif | ||
| 70 | 73 | ||
| 71 | int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) | 74 | int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) |
| 72 | { | 75 | { |
| @@ -80,6 +83,10 @@ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) | |||
| 80 | case EVP_PKEY_DSA: | 83 | case EVP_PKEY_DSA: |
| 81 | return(i2d_DSAPublicKey(a->pkey.dsa,pp)); | 84 | return(i2d_DSAPublicKey(a->pkey.dsa,pp)); |
| 82 | #endif | 85 | #endif |
| 86 | #ifndef OPENSSL_NO_EC | ||
| 87 | case EVP_PKEY_EC: | ||
| 88 | return(i2o_ECPublicKey(a->pkey.ec, pp)); | ||
| 89 | #endif | ||
| 83 | default: | 90 | default: |
| 84 | ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); | 91 | ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); |
| 85 | return(-1); | 92 | return(-1); |
diff --git a/src/lib/libcrypto/asn1/n_pkey.c b/src/lib/libcrypto/asn1/n_pkey.c index 766b51c538..60bc437938 100644 --- a/src/lib/libcrypto/asn1/n_pkey.c +++ b/src/lib/libcrypto/asn1/n_pkey.c | |||
| @@ -56,9 +56,9 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_RSA | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #ifndef OPENSSL_NO_RSA | ||
| 62 | #include <openssl/rsa.h> | 62 | #include <openssl/rsa.h> |
| 63 | #include <openssl/objects.h> | 63 | #include <openssl/objects.h> |
| 64 | #include <openssl/asn1t.h> | 64 | #include <openssl/asn1t.h> |
| @@ -107,14 +107,20 @@ DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY,NETSCAPE_PKEY) | |||
| 107 | IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) | 107 | IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) |
| 108 | 108 | ||
| 109 | static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, | 109 | static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, |
| 110 | int (*cb)(), int sgckey); | 110 | int (*cb)(char *buf, int len, const char *prompt, |
| 111 | int verify), | ||
| 112 | int sgckey); | ||
| 111 | 113 | ||
| 112 | int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)()) | 114 | int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, |
| 115 | int (*cb)(char *buf, int len, const char *prompt, | ||
| 116 | int verify)) | ||
| 113 | { | 117 | { |
| 114 | return i2d_RSA_NET(a, pp, cb, 0); | 118 | return i2d_RSA_NET(a, pp, cb, 0); |
| 115 | } | 119 | } |
| 116 | 120 | ||
| 117 | int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) | 121 | int i2d_RSA_NET(const RSA *a, unsigned char **pp, |
| 122 | int (*cb)(char *buf, int len, const char *prompt, int verify), | ||
| 123 | int sgckey) | ||
| 118 | { | 124 | { |
| 119 | int i, j, ret = 0; | 125 | int i, j, ret = 0; |
| 120 | int rsalen, pkeylen, olen; | 126 | int rsalen, pkeylen, olen; |
| @@ -164,7 +170,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) | |||
| 164 | /* Since its RC4 encrypted length is actual length */ | 170 | /* Since its RC4 encrypted length is actual length */ |
| 165 | if ((zz=(unsigned char *)OPENSSL_malloc(rsalen)) == NULL) | 171 | if ((zz=(unsigned char *)OPENSSL_malloc(rsalen)) == NULL) |
| 166 | { | 172 | { |
| 167 | ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); | 173 | ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); |
| 168 | goto err; | 174 | goto err; |
| 169 | } | 175 | } |
| 170 | 176 | ||
| @@ -174,13 +180,13 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) | |||
| 174 | 180 | ||
| 175 | if ((zz=OPENSSL_malloc(pkeylen)) == NULL) | 181 | if ((zz=OPENSSL_malloc(pkeylen)) == NULL) |
| 176 | { | 182 | { |
| 177 | ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); | 183 | ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); |
| 178 | goto err; | 184 | goto err; |
| 179 | } | 185 | } |
| 180 | 186 | ||
| 181 | if (!ASN1_STRING_set(enckey->os, "private-key", -1)) | 187 | if (!ASN1_STRING_set(enckey->os, "private-key", -1)) |
| 182 | { | 188 | { |
| 183 | ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); | 189 | ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); |
| 184 | goto err; | 190 | goto err; |
| 185 | } | 191 | } |
| 186 | enckey->enckey->digest->data = zz; | 192 | enckey->enckey->digest->data = zz; |
| @@ -191,10 +197,10 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) | |||
| 191 | 197 | ||
| 192 | if (cb == NULL) | 198 | if (cb == NULL) |
| 193 | cb=EVP_read_pw_string; | 199 | cb=EVP_read_pw_string; |
| 194 | i=cb(buf,256,"Enter Private Key password:",1); | 200 | i=cb((char *)buf,256,"Enter Private Key password:",1); |
| 195 | if (i != 0) | 201 | if (i != 0) |
| 196 | { | 202 | { |
| 197 | ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ); | 203 | ASN1err(ASN1_F_I2D_RSA_NET,ASN1_R_BAD_PASSWORD_READ); |
| 198 | goto err; | 204 | goto err; |
| 199 | } | 205 | } |
| 200 | i = strlen((char *)buf); | 206 | i = strlen((char *)buf); |
| @@ -224,12 +230,16 @@ err: | |||
| 224 | } | 230 | } |
| 225 | 231 | ||
| 226 | 232 | ||
| 227 | RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)()) | 233 | RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, |
| 234 | int (*cb)(char *buf, int len, const char *prompt, | ||
| 235 | int verify)) | ||
| 228 | { | 236 | { |
| 229 | return d2i_RSA_NET(a, pp, length, cb, 0); | 237 | return d2i_RSA_NET(a, pp, length, cb, 0); |
| 230 | } | 238 | } |
| 231 | 239 | ||
| 232 | RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey) | 240 | RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, |
| 241 | int (*cb)(char *buf, int len, const char *prompt, int verify), | ||
| 242 | int sgckey) | ||
| 233 | { | 243 | { |
| 234 | RSA *ret=NULL; | 244 | RSA *ret=NULL; |
| 235 | const unsigned char *p, *kp; | 245 | const unsigned char *p, *kp; |
| @@ -239,20 +249,20 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), in | |||
| 239 | 249 | ||
| 240 | enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length); | 250 | enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length); |
| 241 | if(!enckey) { | 251 | if(!enckey) { |
| 242 | ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR); | 252 | ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_DECODING_ERROR); |
| 243 | return NULL; | 253 | return NULL; |
| 244 | } | 254 | } |
| 245 | 255 | ||
| 246 | if ((enckey->os->length != 11) || (strncmp("private-key", | 256 | if ((enckey->os->length != 11) || (strncmp("private-key", |
| 247 | (char *)enckey->os->data,11) != 0)) | 257 | (char *)enckey->os->data,11) != 0)) |
| 248 | { | 258 | { |
| 249 | ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING); | 259 | ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_PRIVATE_KEY_HEADER_MISSING); |
| 250 | NETSCAPE_ENCRYPTED_PKEY_free(enckey); | 260 | NETSCAPE_ENCRYPTED_PKEY_free(enckey); |
| 251 | return NULL; | 261 | return NULL; |
| 252 | } | 262 | } |
| 253 | if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) | 263 | if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) |
| 254 | { | 264 | { |
| 255 | ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); | 265 | ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); |
| 256 | goto err; | 266 | goto err; |
| 257 | } | 267 | } |
| 258 | kp = enckey->enckey->digest->data; | 268 | kp = enckey->enckey->digest->data; |
| @@ -269,7 +279,8 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), in | |||
| 269 | } | 279 | } |
| 270 | 280 | ||
| 271 | static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, | 281 | static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, |
| 272 | int (*cb)(), int sgckey) | 282 | int (*cb)(char *buf, int len, const char *prompt, |
| 283 | int verify), int sgckey) | ||
| 273 | { | 284 | { |
| 274 | NETSCAPE_PKEY *pkey=NULL; | 285 | NETSCAPE_PKEY *pkey=NULL; |
| 275 | RSA *ret=NULL; | 286 | RSA *ret=NULL; |
| @@ -279,10 +290,10 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, | |||
| 279 | unsigned char key[EVP_MAX_KEY_LENGTH]; | 290 | unsigned char key[EVP_MAX_KEY_LENGTH]; |
| 280 | EVP_CIPHER_CTX ctx; | 291 | EVP_CIPHER_CTX ctx; |
| 281 | 292 | ||
| 282 | i=cb(buf,256,"Enter Private Key password:",0); | 293 | i=cb((char *)buf,256,"Enter Private Key password:",0); |
| 283 | if (i != 0) | 294 | if (i != 0) |
| 284 | { | 295 | { |
| 285 | ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_BAD_PASSWORD_READ); | 296 | ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_BAD_PASSWORD_READ); |
| 286 | goto err; | 297 | goto err; |
| 287 | } | 298 | } |
| 288 | 299 | ||
| @@ -307,14 +318,14 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, | |||
| 307 | 318 | ||
| 308 | if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL) | 319 | if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL) |
| 309 | { | 320 | { |
| 310 | ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY); | 321 | ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY); |
| 311 | goto err; | 322 | goto err; |
| 312 | } | 323 | } |
| 313 | 324 | ||
| 314 | zz=pkey->private_key->data; | 325 | zz=pkey->private_key->data; |
| 315 | if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL) | 326 | if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL) |
| 316 | { | 327 | { |
| 317 | ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY); | 328 | ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY); |
| 318 | goto err; | 329 | goto err; |
| 319 | } | 330 | } |
| 320 | err: | 331 | err: |
diff --git a/src/lib/libcrypto/asn1/p5_pbe.c b/src/lib/libcrypto/asn1/p5_pbe.c index ec788267e0..da91170094 100644 --- a/src/lib/libcrypto/asn1/p5_pbe.c +++ b/src/lib/libcrypto/asn1/p5_pbe.c | |||
| @@ -82,17 +82,17 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, | |||
| 82 | ASN1_TYPE *astype=NULL; | 82 | ASN1_TYPE *astype=NULL; |
| 83 | 83 | ||
| 84 | if (!(pbe = PBEPARAM_new ())) { | 84 | if (!(pbe = PBEPARAM_new ())) { |
| 85 | ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); | 85 | ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); |
| 86 | goto err; | 86 | goto err; |
| 87 | } | 87 | } |
| 88 | if(iter <= 0) iter = PKCS5_DEFAULT_ITER; | 88 | if(iter <= 0) iter = PKCS5_DEFAULT_ITER; |
| 89 | if (!ASN1_INTEGER_set(pbe->iter, iter)) { | 89 | if (!ASN1_INTEGER_set(pbe->iter, iter)) { |
| 90 | ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); | 90 | ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); |
| 91 | goto err; | 91 | goto err; |
| 92 | } | 92 | } |
| 93 | if (!saltlen) saltlen = PKCS5_SALT_LEN; | 93 | if (!saltlen) saltlen = PKCS5_SALT_LEN; |
| 94 | if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) { | 94 | if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) { |
| 95 | ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); | 95 | ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); |
| 96 | goto err; | 96 | goto err; |
| 97 | } | 97 | } |
| 98 | pbe->salt->length = saltlen; | 98 | pbe->salt->length = saltlen; |
| @@ -101,13 +101,14 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, | |||
| 101 | goto err; | 101 | goto err; |
| 102 | 102 | ||
| 103 | if (!(astype = ASN1_TYPE_new())) { | 103 | if (!(astype = ASN1_TYPE_new())) { |
| 104 | ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); | 104 | ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); |
| 105 | goto err; | 105 | goto err; |
| 106 | } | 106 | } |
| 107 | 107 | ||
| 108 | astype->type = V_ASN1_SEQUENCE; | 108 | astype->type = V_ASN1_SEQUENCE; |
| 109 | if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) { | 109 | if(!ASN1_pack_string_of(PBEPARAM, pbe, i2d_PBEPARAM, |
| 110 | ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); | 110 | &astype->value.sequence)) { |
| 111 | ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); | ||
| 111 | goto err; | 112 | goto err; |
| 112 | } | 113 | } |
| 113 | PBEPARAM_free (pbe); | 114 | PBEPARAM_free (pbe); |
| @@ -115,7 +116,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, | |||
| 115 | 116 | ||
| 116 | al = OBJ_nid2obj(alg); /* never need to free al */ | 117 | al = OBJ_nid2obj(alg); /* never need to free al */ |
| 117 | if (!(algor = X509_ALGOR_new())) { | 118 | if (!(algor = X509_ALGOR_new())) { |
| 118 | ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); | 119 | ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); |
| 119 | goto err; | 120 | goto err; |
| 120 | } | 121 | } |
| 121 | ASN1_OBJECT_free(algor->algorithm); | 122 | ASN1_OBJECT_free(algor->algorithm); |
diff --git a/src/lib/libcrypto/asn1/p5_pbev2.c b/src/lib/libcrypto/asn1/p5_pbev2.c index e0dc0ec4ee..c834a38ddf 100644 --- a/src/lib/libcrypto/asn1/p5_pbev2.c +++ b/src/lib/libcrypto/asn1/p5_pbev2.c | |||
| @@ -115,7 +115,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, | |||
| 115 | /* Create random IV */ | 115 | /* Create random IV */ |
| 116 | if (EVP_CIPHER_iv_length(cipher) && | 116 | if (EVP_CIPHER_iv_length(cipher) && |
| 117 | RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0) | 117 | RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0) |
| 118 | goto err; | 118 | goto err; |
| 119 | 119 | ||
| 120 | EVP_CIPHER_CTX_init(&ctx); | 120 | EVP_CIPHER_CTX_init(&ctx); |
| 121 | 121 | ||
| @@ -164,7 +164,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, | |||
| 164 | 164 | ||
| 165 | if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr; | 165 | if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr; |
| 166 | 166 | ||
| 167 | if(!ASN1_pack_string(kdf, i2d_PBKDF2PARAM, | 167 | if(!ASN1_pack_string_of(PBKDF2PARAM, kdf, i2d_PBKDF2PARAM, |
| 168 | &pbe2->keyfunc->parameter->value.sequence)) goto merr; | 168 | &pbe2->keyfunc->parameter->value.sequence)) goto merr; |
| 169 | pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE; | 169 | pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE; |
| 170 | 170 | ||
| @@ -180,7 +180,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, | |||
| 180 | 180 | ||
| 181 | /* Encode PBE2PARAM into parameter */ | 181 | /* Encode PBE2PARAM into parameter */ |
| 182 | 182 | ||
| 183 | if(!ASN1_pack_string(pbe2, i2d_PBE2PARAM, | 183 | if(!ASN1_pack_string_of(PBE2PARAM, pbe2, i2d_PBE2PARAM, |
| 184 | &ret->parameter->value.sequence)) goto merr; | 184 | &ret->parameter->value.sequence)) goto merr; |
| 185 | ret->parameter->type = V_ASN1_SEQUENCE; | 185 | ret->parameter->type = V_ASN1_SEQUENCE; |
| 186 | 186 | ||
diff --git a/src/lib/libcrypto/asn1/t_crl.c b/src/lib/libcrypto/asn1/t_crl.c index 757c148df8..929b3e5904 100644 --- a/src/lib/libcrypto/asn1/t_crl.c +++ b/src/lib/libcrypto/asn1/t_crl.c | |||
| @@ -72,7 +72,7 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x) | |||
| 72 | 72 | ||
| 73 | if ((b=BIO_new(BIO_s_file())) == NULL) | 73 | if ((b=BIO_new(BIO_s_file())) == NULL) |
| 74 | { | 74 | { |
| 75 | X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB); | 75 | X509err(X509_F_X509_CRL_PRINT_FP,ERR_R_BUF_LIB); |
| 76 | return(0); | 76 | return(0); |
| 77 | } | 77 | } |
| 78 | BIO_set_fp(b,fp,BIO_NOCLOSE); | 78 | BIO_set_fp(b,fp,BIO_NOCLOSE); |
| @@ -121,7 +121,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x) | |||
| 121 | r = sk_X509_REVOKED_value(rev, i); | 121 | r = sk_X509_REVOKED_value(rev, i); |
| 122 | BIO_printf(out," Serial Number: "); | 122 | BIO_printf(out," Serial Number: "); |
| 123 | i2a_ASN1_INTEGER(out,r->serialNumber); | 123 | i2a_ASN1_INTEGER(out,r->serialNumber); |
| 124 | BIO_printf(out,"\n Revocation Date: ",""); | 124 | BIO_printf(out,"\n Revocation Date: "); |
| 125 | ASN1_TIME_print(out,r->revocationDate); | 125 | ASN1_TIME_print(out,r->revocationDate); |
| 126 | BIO_printf(out,"\n"); | 126 | BIO_printf(out,"\n"); |
| 127 | X509V3_extensions_print(out, "CRL entry extensions", | 127 | X509V3_extensions_print(out, "CRL entry extensions", |
diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c index d15006e654..afb95d6712 100644 --- a/src/lib/libcrypto/asn1/t_pkey.c +++ b/src/lib/libcrypto/asn1/t_pkey.c | |||
| @@ -55,9 +55,15 @@ | |||
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * Binary polynomial ECC support in OpenSSL originally developed by | ||
| 61 | * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | ||
| 62 | */ | ||
| 58 | 63 | ||
| 59 | #include <stdio.h> | 64 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 65 | #include "cryptlib.h" |
| 66 | #include <openssl/objects.h> | ||
| 61 | #include <openssl/buffer.h> | 67 | #include <openssl/buffer.h> |
| 62 | #include <openssl/bn.h> | 68 | #include <openssl/bn.h> |
| 63 | #ifndef OPENSSL_NO_RSA | 69 | #ifndef OPENSSL_NO_RSA |
| @@ -69,26 +75,33 @@ | |||
| 69 | #ifndef OPENSSL_NO_DSA | 75 | #ifndef OPENSSL_NO_DSA |
| 70 | #include <openssl/dsa.h> | 76 | #include <openssl/dsa.h> |
| 71 | #endif | 77 | #endif |
| 78 | #ifndef OPENSSL_NO_EC | ||
| 79 | #include <openssl/ec.h> | ||
| 80 | #endif | ||
| 72 | 81 | ||
| 73 | static int print(BIO *fp,const char *str,BIGNUM *num, | 82 | static int print(BIO *fp,const char *str, const BIGNUM *num, |
| 74 | unsigned char *buf,int off); | 83 | unsigned char *buf,int off); |
| 84 | #ifndef OPENSSL_NO_EC | ||
| 85 | static int print_bin(BIO *fp, const char *str, const unsigned char *num, | ||
| 86 | size_t len, int off); | ||
| 87 | #endif | ||
| 75 | #ifndef OPENSSL_NO_RSA | 88 | #ifndef OPENSSL_NO_RSA |
| 76 | #ifndef OPENSSL_NO_FP_API | 89 | #ifndef OPENSSL_NO_FP_API |
| 77 | int RSA_print_fp(FILE *fp, const RSA *x, int off) | 90 | int RSA_print_fp(FILE *fp, const RSA *x, int off) |
| 78 | { | 91 | { |
| 79 | BIO *b; | 92 | BIO *b; |
| 80 | int ret; | 93 | int ret; |
| 81 | 94 | ||
| 82 | if ((b=BIO_new(BIO_s_file())) == NULL) | 95 | if ((b=BIO_new(BIO_s_file())) == NULL) |
| 83 | { | 96 | { |
| 84 | RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB); | 97 | RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB); |
| 85 | return(0); | 98 | return(0); |
| 86 | } | 99 | } |
| 87 | BIO_set_fp(b,fp,BIO_NOCLOSE); | 100 | BIO_set_fp(b,fp,BIO_NOCLOSE); |
| 88 | ret=RSA_print(b,x,off); | 101 | ret=RSA_print(b,x,off); |
| 89 | BIO_free(b); | 102 | BIO_free(b); |
| 90 | return(ret); | 103 | return(ret); |
| 91 | } | 104 | } |
| 92 | #endif | 105 | #endif |
| 93 | 106 | ||
| 94 | int RSA_print(BIO *bp, const RSA *x, int off) | 107 | int RSA_print(BIO *bp, const RSA *x, int off) |
| @@ -96,7 +109,7 @@ int RSA_print(BIO *bp, const RSA *x, int off) | |||
| 96 | char str[128]; | 109 | char str[128]; |
| 97 | const char *s; | 110 | const char *s; |
| 98 | unsigned char *m=NULL; | 111 | unsigned char *m=NULL; |
| 99 | int ret=0; | 112 | int ret=0, mod_len = 0; |
| 100 | size_t buf_len=0, i; | 113 | size_t buf_len=0, i; |
| 101 | 114 | ||
| 102 | if (x->n) | 115 | if (x->n) |
| @@ -130,27 +143,37 @@ int RSA_print(BIO *bp, const RSA *x, int off) | |||
| 130 | goto err; | 143 | goto err; |
| 131 | } | 144 | } |
| 132 | 145 | ||
| 146 | if (x->n != NULL) | ||
| 147 | mod_len = BN_num_bits(x->n); | ||
| 148 | |||
| 133 | if (x->d != NULL) | 149 | if (x->d != NULL) |
| 134 | { | 150 | { |
| 135 | if(!BIO_indent(bp,off,128)) | 151 | if(!BIO_indent(bp,off,128)) |
| 136 | goto err; | 152 | goto err; |
| 137 | if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n)) | 153 | if (BIO_printf(bp,"Private-Key: (%d bit)\n", mod_len) |
| 138 | <= 0) goto err; | 154 | <= 0) goto err; |
| 139 | } | 155 | } |
| 140 | 156 | ||
| 141 | if (x->d == NULL) | 157 | if (x->d == NULL) |
| 142 | BIO_snprintf(str,sizeof str,"Modulus (%d bit):",BN_num_bits(x->n)); | 158 | BIO_snprintf(str,sizeof str,"Modulus (%d bit):", mod_len); |
| 143 | else | 159 | else |
| 144 | BUF_strlcpy(str,"modulus:",sizeof str); | 160 | BUF_strlcpy(str,"modulus:",sizeof str); |
| 145 | if (!print(bp,str,x->n,m,off)) goto err; | 161 | if (!print(bp,str,x->n,m,off)) goto err; |
| 146 | s=(x->d == NULL)?"Exponent:":"publicExponent:"; | 162 | s=(x->d == NULL)?"Exponent:":"publicExponent:"; |
| 147 | if (!print(bp,s,x->e,m,off)) goto err; | 163 | if ((x->e != NULL) && !print(bp,s,x->e,m,off)) |
| 148 | if (!print(bp,"privateExponent:",x->d,m,off)) goto err; | 164 | goto err; |
| 149 | if (!print(bp,"prime1:",x->p,m,off)) goto err; | 165 | if ((x->d != NULL) && !print(bp,"privateExponent:",x->d,m,off)) |
| 150 | if (!print(bp,"prime2:",x->q,m,off)) goto err; | 166 | goto err; |
| 151 | if (!print(bp,"exponent1:",x->dmp1,m,off)) goto err; | 167 | if ((x->p != NULL) && !print(bp,"prime1:",x->p,m,off)) |
| 152 | if (!print(bp,"exponent2:",x->dmq1,m,off)) goto err; | 168 | goto err; |
| 153 | if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err; | 169 | if ((x->q != NULL) && !print(bp,"prime2:",x->q,m,off)) |
| 170 | goto err; | ||
| 171 | if ((x->dmp1 != NULL) && !print(bp,"exponent1:",x->dmp1,m,off)) | ||
| 172 | goto err; | ||
| 173 | if ((x->dmq1 != NULL) && !print(bp,"exponent2:",x->dmq1,m,off)) | ||
| 174 | goto err; | ||
| 175 | if ((x->iqmp != NULL) && !print(bp,"coefficient:",x->iqmp,m,off)) | ||
| 176 | goto err; | ||
| 154 | ret=1; | 177 | ret=1; |
| 155 | err: | 178 | err: |
| 156 | if (m != NULL) OPENSSL_free(m); | 179 | if (m != NULL) OPENSSL_free(m); |
| @@ -185,6 +208,11 @@ int DSA_print(BIO *bp, const DSA *x, int off) | |||
| 185 | 208 | ||
| 186 | if (x->p) | 209 | if (x->p) |
| 187 | buf_len = (size_t)BN_num_bytes(x->p); | 210 | buf_len = (size_t)BN_num_bytes(x->p); |
| 211 | else | ||
| 212 | { | ||
| 213 | DSAerr(DSA_F_DSA_PRINT,DSA_R_MISSING_PARAMETERS); | ||
| 214 | goto err; | ||
| 215 | } | ||
| 188 | if (x->q) | 216 | if (x->q) |
| 189 | if (buf_len < (i = (size_t)BN_num_bytes(x->q))) | 217 | if (buf_len < (i = (size_t)BN_num_bytes(x->q))) |
| 190 | buf_len = i; | 218 | buf_len = i; |
| @@ -227,16 +255,334 @@ err: | |||
| 227 | } | 255 | } |
| 228 | #endif /* !OPENSSL_NO_DSA */ | 256 | #endif /* !OPENSSL_NO_DSA */ |
| 229 | 257 | ||
| 230 | static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, | 258 | #ifndef OPENSSL_NO_EC |
| 259 | #ifndef OPENSSL_NO_FP_API | ||
| 260 | int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off) | ||
| 261 | { | ||
| 262 | BIO *b; | ||
| 263 | int ret; | ||
| 264 | |||
| 265 | if ((b=BIO_new(BIO_s_file())) == NULL) | ||
| 266 | { | ||
| 267 | ECerr(EC_F_ECPKPARAMETERS_PRINT_FP,ERR_R_BUF_LIB); | ||
| 268 | return(0); | ||
| 269 | } | ||
| 270 | BIO_set_fp(b, fp, BIO_NOCLOSE); | ||
| 271 | ret = ECPKParameters_print(b, x, off); | ||
| 272 | BIO_free(b); | ||
| 273 | return(ret); | ||
| 274 | } | ||
| 275 | |||
| 276 | int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off) | ||
| 277 | { | ||
| 278 | BIO *b; | ||
| 279 | int ret; | ||
| 280 | |||
| 281 | if ((b=BIO_new(BIO_s_file())) == NULL) | ||
| 282 | { | ||
| 283 | ECerr(EC_F_EC_KEY_PRINT_FP, ERR_R_BIO_LIB); | ||
| 284 | return(0); | ||
| 285 | } | ||
| 286 | BIO_set_fp(b, fp, BIO_NOCLOSE); | ||
| 287 | ret = EC_KEY_print(b, x, off); | ||
| 288 | BIO_free(b); | ||
| 289 | return(ret); | ||
| 290 | } | ||
| 291 | #endif | ||
| 292 | |||
| 293 | int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off) | ||
| 294 | { | ||
| 295 | unsigned char *buffer=NULL; | ||
| 296 | size_t buf_len=0, i; | ||
| 297 | int ret=0, reason=ERR_R_BIO_LIB; | ||
| 298 | BN_CTX *ctx=NULL; | ||
| 299 | const EC_POINT *point=NULL; | ||
| 300 | BIGNUM *p=NULL, *a=NULL, *b=NULL, *gen=NULL, | ||
| 301 | *order=NULL, *cofactor=NULL; | ||
| 302 | const unsigned char *seed; | ||
| 303 | size_t seed_len=0; | ||
| 304 | |||
| 305 | static const char *gen_compressed = "Generator (compressed):"; | ||
| 306 | static const char *gen_uncompressed = "Generator (uncompressed):"; | ||
| 307 | static const char *gen_hybrid = "Generator (hybrid):"; | ||
| 308 | |||
| 309 | if (!x) | ||
| 310 | { | ||
| 311 | reason = ERR_R_PASSED_NULL_PARAMETER; | ||
| 312 | goto err; | ||
| 313 | } | ||
| 314 | |||
| 315 | if (EC_GROUP_get_asn1_flag(x)) | ||
| 316 | { | ||
| 317 | /* the curve parameter are given by an asn1 OID */ | ||
| 318 | int nid; | ||
| 319 | |||
| 320 | if (!BIO_indent(bp, off, 128)) | ||
| 321 | goto err; | ||
| 322 | |||
| 323 | nid = EC_GROUP_get_curve_name(x); | ||
| 324 | if (nid == 0) | ||
| 325 | goto err; | ||
| 326 | |||
| 327 | if (BIO_printf(bp, "ASN1 OID: %s", OBJ_nid2sn(nid)) <= 0) | ||
| 328 | goto err; | ||
| 329 | if (BIO_printf(bp, "\n") <= 0) | ||
| 330 | goto err; | ||
| 331 | } | ||
| 332 | else | ||
| 333 | { | ||
| 334 | /* explicit parameters */ | ||
| 335 | int is_char_two = 0; | ||
| 336 | point_conversion_form_t form; | ||
| 337 | int tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(x)); | ||
| 338 | |||
| 339 | if (tmp_nid == NID_X9_62_characteristic_two_field) | ||
| 340 | is_char_two = 1; | ||
| 341 | |||
| 342 | if ((p = BN_new()) == NULL || (a = BN_new()) == NULL || | ||
| 343 | (b = BN_new()) == NULL || (order = BN_new()) == NULL || | ||
| 344 | (cofactor = BN_new()) == NULL) | ||
| 345 | { | ||
| 346 | reason = ERR_R_MALLOC_FAILURE; | ||
| 347 | goto err; | ||
| 348 | } | ||
| 349 | |||
| 350 | if (is_char_two) | ||
| 351 | { | ||
| 352 | if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx)) | ||
| 353 | { | ||
| 354 | reason = ERR_R_EC_LIB; | ||
| 355 | goto err; | ||
| 356 | } | ||
| 357 | } | ||
| 358 | else /* prime field */ | ||
| 359 | { | ||
| 360 | if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx)) | ||
| 361 | { | ||
| 362 | reason = ERR_R_EC_LIB; | ||
| 363 | goto err; | ||
| 364 | } | ||
| 365 | } | ||
| 366 | |||
| 367 | if ((point = EC_GROUP_get0_generator(x)) == NULL) | ||
| 368 | { | ||
| 369 | reason = ERR_R_EC_LIB; | ||
| 370 | goto err; | ||
| 371 | } | ||
| 372 | if (!EC_GROUP_get_order(x, order, NULL) || | ||
| 373 | !EC_GROUP_get_cofactor(x, cofactor, NULL)) | ||
| 374 | { | ||
| 375 | reason = ERR_R_EC_LIB; | ||
| 376 | goto err; | ||
| 377 | } | ||
| 378 | |||
| 379 | form = EC_GROUP_get_point_conversion_form(x); | ||
| 380 | |||
| 381 | if ((gen = EC_POINT_point2bn(x, point, | ||
| 382 | form, NULL, ctx)) == NULL) | ||
| 383 | { | ||
| 384 | reason = ERR_R_EC_LIB; | ||
| 385 | goto err; | ||
| 386 | } | ||
| 387 | |||
| 388 | buf_len = (size_t)BN_num_bytes(p); | ||
| 389 | if (buf_len < (i = (size_t)BN_num_bytes(a))) | ||
| 390 | buf_len = i; | ||
| 391 | if (buf_len < (i = (size_t)BN_num_bytes(b))) | ||
| 392 | buf_len = i; | ||
| 393 | if (buf_len < (i = (size_t)BN_num_bytes(gen))) | ||
| 394 | buf_len = i; | ||
| 395 | if (buf_len < (i = (size_t)BN_num_bytes(order))) | ||
| 396 | buf_len = i; | ||
| 397 | if (buf_len < (i = (size_t)BN_num_bytes(cofactor))) | ||
| 398 | buf_len = i; | ||
| 399 | |||
| 400 | if ((seed = EC_GROUP_get0_seed(x)) != NULL) | ||
| 401 | seed_len = EC_GROUP_get_seed_len(x); | ||
| 402 | |||
| 403 | buf_len += 10; | ||
| 404 | if ((buffer = OPENSSL_malloc(buf_len)) == NULL) | ||
| 405 | { | ||
| 406 | reason = ERR_R_MALLOC_FAILURE; | ||
| 407 | goto err; | ||
| 408 | } | ||
| 409 | |||
| 410 | if (!BIO_indent(bp, off, 128)) | ||
| 411 | goto err; | ||
| 412 | |||
| 413 | /* print the 'short name' of the field type */ | ||
| 414 | if (BIO_printf(bp, "Field Type: %s\n", OBJ_nid2sn(tmp_nid)) | ||
| 415 | <= 0) | ||
| 416 | goto err; | ||
| 417 | |||
| 418 | if (is_char_two) | ||
| 419 | { | ||
| 420 | /* print the 'short name' of the base type OID */ | ||
| 421 | int basis_type = EC_GROUP_get_basis_type(x); | ||
| 422 | if (basis_type == 0) | ||
| 423 | goto err; | ||
| 424 | |||
| 425 | if (!BIO_indent(bp, off, 128)) | ||
| 426 | goto err; | ||
| 427 | |||
| 428 | if (BIO_printf(bp, "Basis Type: %s\n", | ||
| 429 | OBJ_nid2sn(basis_type)) <= 0) | ||
| 430 | goto err; | ||
| 431 | |||
| 432 | /* print the polynomial */ | ||
| 433 | if ((p != NULL) && !print(bp, "Polynomial:", p, buffer, | ||
| 434 | off)) | ||
| 435 | goto err; | ||
| 436 | } | ||
| 437 | else | ||
| 438 | { | ||
| 439 | if ((p != NULL) && !print(bp, "Prime:", p, buffer,off)) | ||
| 440 | goto err; | ||
| 441 | } | ||
| 442 | if ((a != NULL) && !print(bp, "A: ", a, buffer, off)) | ||
| 443 | goto err; | ||
| 444 | if ((b != NULL) && !print(bp, "B: ", b, buffer, off)) | ||
| 445 | goto err; | ||
| 446 | if (form == POINT_CONVERSION_COMPRESSED) | ||
| 447 | { | ||
| 448 | if ((gen != NULL) && !print(bp, gen_compressed, gen, | ||
| 449 | buffer, off)) | ||
| 450 | goto err; | ||
| 451 | } | ||
| 452 | else if (form == POINT_CONVERSION_UNCOMPRESSED) | ||
| 453 | { | ||
| 454 | if ((gen != NULL) && !print(bp, gen_uncompressed, gen, | ||
| 455 | buffer, off)) | ||
| 456 | goto err; | ||
| 457 | } | ||
| 458 | else /* form == POINT_CONVERSION_HYBRID */ | ||
| 459 | { | ||
| 460 | if ((gen != NULL) && !print(bp, gen_hybrid, gen, | ||
| 461 | buffer, off)) | ||
| 462 | goto err; | ||
| 463 | } | ||
| 464 | if ((order != NULL) && !print(bp, "Order: ", order, | ||
| 465 | buffer, off)) goto err; | ||
| 466 | if ((cofactor != NULL) && !print(bp, "Cofactor: ", cofactor, | ||
| 467 | buffer, off)) goto err; | ||
| 468 | if (seed && !print_bin(bp, "Seed:", seed, seed_len, off)) | ||
| 469 | goto err; | ||
| 470 | } | ||
| 471 | ret=1; | ||
| 472 | err: | ||
| 473 | if (!ret) | ||
| 474 | ECerr(EC_F_ECPKPARAMETERS_PRINT, reason); | ||
| 475 | if (p) | ||
| 476 | BN_free(p); | ||
| 477 | if (a) | ||
| 478 | BN_free(a); | ||
| 479 | if (b) | ||
| 480 | BN_free(b); | ||
| 481 | if (gen) | ||
| 482 | BN_free(gen); | ||
| 483 | if (order) | ||
| 484 | BN_free(order); | ||
| 485 | if (cofactor) | ||
| 486 | BN_free(cofactor); | ||
| 487 | if (ctx) | ||
| 488 | BN_CTX_free(ctx); | ||
| 489 | if (buffer != NULL) | ||
| 490 | OPENSSL_free(buffer); | ||
| 491 | return(ret); | ||
| 492 | } | ||
| 493 | |||
| 494 | int EC_KEY_print(BIO *bp, const EC_KEY *x, int off) | ||
| 495 | { | ||
| 496 | unsigned char *buffer=NULL; | ||
| 497 | size_t buf_len=0, i; | ||
| 498 | int ret=0, reason=ERR_R_BIO_LIB; | ||
| 499 | BIGNUM *pub_key=NULL, *order=NULL; | ||
| 500 | BN_CTX *ctx=NULL; | ||
| 501 | const EC_GROUP *group; | ||
| 502 | const EC_POINT *public_key; | ||
| 503 | const BIGNUM *priv_key; | ||
| 504 | |||
| 505 | if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) | ||
| 506 | { | ||
| 507 | reason = ERR_R_PASSED_NULL_PARAMETER; | ||
| 508 | goto err; | ||
| 509 | } | ||
| 510 | |||
| 511 | public_key = EC_KEY_get0_public_key(x); | ||
| 512 | if ((pub_key = EC_POINT_point2bn(group, public_key, | ||
| 513 | EC_KEY_get_conv_form(x), NULL, ctx)) == NULL) | ||
| 514 | { | ||
| 515 | reason = ERR_R_EC_LIB; | ||
| 516 | goto err; | ||
| 517 | } | ||
| 518 | |||
| 519 | buf_len = (size_t)BN_num_bytes(pub_key); | ||
| 520 | priv_key = EC_KEY_get0_private_key(x); | ||
| 521 | if (priv_key != NULL) | ||
| 522 | { | ||
| 523 | if ((i = (size_t)BN_num_bytes(priv_key)) > buf_len) | ||
| 524 | buf_len = i; | ||
| 525 | } | ||
| 526 | |||
| 527 | buf_len += 10; | ||
| 528 | if ((buffer = OPENSSL_malloc(buf_len)) == NULL) | ||
| 529 | { | ||
| 530 | reason = ERR_R_MALLOC_FAILURE; | ||
| 531 | goto err; | ||
| 532 | } | ||
| 533 | |||
| 534 | if (priv_key != NULL) | ||
| 535 | { | ||
| 536 | if (!BIO_indent(bp, off, 128)) | ||
| 537 | goto err; | ||
| 538 | if ((order = BN_new()) == NULL) | ||
| 539 | goto err; | ||
| 540 | if (!EC_GROUP_get_order(group, order, NULL)) | ||
| 541 | goto err; | ||
| 542 | if (BIO_printf(bp, "Private-Key: (%d bit)\n", | ||
| 543 | BN_num_bits(order)) <= 0) goto err; | ||
| 544 | } | ||
| 545 | |||
| 546 | if ((priv_key != NULL) && !print(bp, "priv:", priv_key, | ||
| 547 | buffer, off)) | ||
| 548 | goto err; | ||
| 549 | if ((pub_key != NULL) && !print(bp, "pub: ", pub_key, | ||
| 550 | buffer, off)) | ||
| 551 | goto err; | ||
| 552 | if (!ECPKParameters_print(bp, group, off)) | ||
| 553 | goto err; | ||
| 554 | ret=1; | ||
| 555 | err: | ||
| 556 | if (!ret) | ||
| 557 | ECerr(EC_F_EC_KEY_PRINT, reason); | ||
| 558 | if (pub_key) | ||
| 559 | BN_free(pub_key); | ||
| 560 | if (order) | ||
| 561 | BN_free(order); | ||
| 562 | if (ctx) | ||
| 563 | BN_CTX_free(ctx); | ||
| 564 | if (buffer != NULL) | ||
| 565 | OPENSSL_free(buffer); | ||
| 566 | return(ret); | ||
| 567 | } | ||
| 568 | #endif /* OPENSSL_NO_EC */ | ||
| 569 | |||
| 570 | static int print(BIO *bp, const char *number, const BIGNUM *num, unsigned char *buf, | ||
| 231 | int off) | 571 | int off) |
| 232 | { | 572 | { |
| 233 | int n,i; | 573 | int n,i; |
| 234 | const char *neg; | 574 | const char *neg; |
| 235 | 575 | ||
| 236 | if (num == NULL) return(1); | 576 | if (num == NULL) return(1); |
| 237 | neg=(num->neg)?"-":""; | 577 | neg = (BN_is_negative(num))?"-":""; |
| 238 | if(!BIO_indent(bp,off,128)) | 578 | if(!BIO_indent(bp,off,128)) |
| 239 | return 0; | 579 | return 0; |
| 580 | if (BN_is_zero(num)) | ||
| 581 | { | ||
| 582 | if (BIO_printf(bp, "%s 0\n", number) <= 0) | ||
| 583 | return 0; | ||
| 584 | return 1; | ||
| 585 | } | ||
| 240 | 586 | ||
| 241 | if (BN_num_bytes(num) <= BN_BYTES) | 587 | if (BN_num_bytes(num) <= BN_BYTES) |
| 242 | { | 588 | { |
| @@ -272,23 +618,63 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, | |||
| 272 | return(1); | 618 | return(1); |
| 273 | } | 619 | } |
| 274 | 620 | ||
| 621 | #ifndef OPENSSL_NO_EC | ||
| 622 | static int print_bin(BIO *fp, const char *name, const unsigned char *buf, | ||
| 623 | size_t len, int off) | ||
| 624 | { | ||
| 625 | size_t i; | ||
| 626 | char str[128]; | ||
| 627 | |||
| 628 | if (buf == NULL) | ||
| 629 | return 1; | ||
| 630 | if (off) | ||
| 631 | { | ||
| 632 | if (off > 128) | ||
| 633 | off=128; | ||
| 634 | memset(str,' ',off); | ||
| 635 | if (BIO_write(fp, str, off) <= 0) | ||
| 636 | return 0; | ||
| 637 | } | ||
| 638 | |||
| 639 | if (BIO_printf(fp,"%s", name) <= 0) | ||
| 640 | return 0; | ||
| 641 | |||
| 642 | for (i=0; i<len; i++) | ||
| 643 | { | ||
| 644 | if ((i%15) == 0) | ||
| 645 | { | ||
| 646 | str[0]='\n'; | ||
| 647 | memset(&(str[1]),' ',off+4); | ||
| 648 | if (BIO_write(fp, str, off+1+4) <= 0) | ||
| 649 | return 0; | ||
| 650 | } | ||
| 651 | if (BIO_printf(fp,"%02x%s",buf[i],((i+1) == len)?"":":") <= 0) | ||
| 652 | return 0; | ||
| 653 | } | ||
| 654 | if (BIO_write(fp,"\n",1) <= 0) | ||
| 655 | return 0; | ||
| 656 | |||
| 657 | return 1; | ||
| 658 | } | ||
| 659 | #endif | ||
| 660 | |||
| 275 | #ifndef OPENSSL_NO_DH | 661 | #ifndef OPENSSL_NO_DH |
| 276 | #ifndef OPENSSL_NO_FP_API | 662 | #ifndef OPENSSL_NO_FP_API |
| 277 | int DHparams_print_fp(FILE *fp, const DH *x) | 663 | int DHparams_print_fp(FILE *fp, const DH *x) |
| 278 | { | 664 | { |
| 279 | BIO *b; | 665 | BIO *b; |
| 280 | int ret; | 666 | int ret; |
| 281 | 667 | ||
| 282 | if ((b=BIO_new(BIO_s_file())) == NULL) | 668 | if ((b=BIO_new(BIO_s_file())) == NULL) |
| 283 | { | 669 | { |
| 284 | DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB); | 670 | DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB); |
| 285 | return(0); | 671 | return(0); |
| 286 | } | 672 | } |
| 287 | BIO_set_fp(b,fp,BIO_NOCLOSE); | 673 | BIO_set_fp(b,fp,BIO_NOCLOSE); |
| 288 | ret=DHparams_print(b, x); | 674 | ret=DHparams_print(b, x); |
| 289 | BIO_free(b); | 675 | BIO_free(b); |
| 290 | return(ret); | 676 | return(ret); |
| 291 | } | 677 | } |
| 292 | #endif | 678 | #endif |
| 293 | 679 | ||
| 294 | int DHparams_print(BIO *bp, const DH *x) | 680 | int DHparams_print(BIO *bp, const DH *x) |
| @@ -299,6 +685,11 @@ int DHparams_print(BIO *bp, const DH *x) | |||
| 299 | 685 | ||
| 300 | if (x->p) | 686 | if (x->p) |
| 301 | buf_len = (size_t)BN_num_bytes(x->p); | 687 | buf_len = (size_t)BN_num_bytes(x->p); |
| 688 | else | ||
| 689 | { | ||
| 690 | reason = ERR_R_PASSED_NULL_PARAMETER; | ||
| 691 | goto err; | ||
| 692 | } | ||
| 302 | if (x->g) | 693 | if (x->g) |
| 303 | if (buf_len < (i = (size_t)BN_num_bytes(x->g))) | 694 | if (buf_len < (i = (size_t)BN_num_bytes(x->g))) |
| 304 | buf_len = i; | 695 | buf_len = i; |
| @@ -333,30 +724,35 @@ err: | |||
| 333 | #ifndef OPENSSL_NO_DSA | 724 | #ifndef OPENSSL_NO_DSA |
| 334 | #ifndef OPENSSL_NO_FP_API | 725 | #ifndef OPENSSL_NO_FP_API |
| 335 | int DSAparams_print_fp(FILE *fp, const DSA *x) | 726 | int DSAparams_print_fp(FILE *fp, const DSA *x) |
| 336 | { | 727 | { |
| 337 | BIO *b; | 728 | BIO *b; |
| 338 | int ret; | 729 | int ret; |
| 339 | 730 | ||
| 340 | if ((b=BIO_new(BIO_s_file())) == NULL) | 731 | if ((b=BIO_new(BIO_s_file())) == NULL) |
| 341 | { | 732 | { |
| 342 | DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB); | 733 | DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB); |
| 343 | return(0); | 734 | return(0); |
| 344 | } | 735 | } |
| 345 | BIO_set_fp(b,fp,BIO_NOCLOSE); | 736 | BIO_set_fp(b,fp,BIO_NOCLOSE); |
| 346 | ret=DSAparams_print(b, x); | 737 | ret=DSAparams_print(b, x); |
| 347 | BIO_free(b); | 738 | BIO_free(b); |
| 348 | return(ret); | 739 | return(ret); |
| 349 | } | 740 | } |
| 350 | #endif | 741 | #endif |
| 351 | 742 | ||
| 352 | int DSAparams_print(BIO *bp, const DSA *x) | 743 | int DSAparams_print(BIO *bp, const DSA *x) |
| 353 | { | 744 | { |
| 354 | unsigned char *m=NULL; | 745 | unsigned char *m=NULL; |
| 355 | int reason=ERR_R_BUF_LIB,ret=0; | 746 | int ret=0; |
| 356 | size_t buf_len=0,i; | 747 | size_t buf_len=0,i; |
| 357 | 748 | ||
| 358 | if (x->p) | 749 | if (x->p) |
| 359 | buf_len = (size_t)BN_num_bytes(x->p); | 750 | buf_len = (size_t)BN_num_bytes(x->p); |
| 751 | else | ||
| 752 | { | ||
| 753 | DSAerr(DSA_F_DSAPARAMS_PRINT,DSA_R_MISSING_PARAMETERS); | ||
| 754 | goto err; | ||
| 755 | } | ||
| 360 | if (x->q) | 756 | if (x->q) |
| 361 | if (buf_len < (i = (size_t)BN_num_bytes(x->q))) | 757 | if (buf_len < (i = (size_t)BN_num_bytes(x->q))) |
| 362 | buf_len = i; | 758 | buf_len = i; |
| @@ -366,7 +762,7 @@ int DSAparams_print(BIO *bp, const DSA *x) | |||
| 366 | m=(unsigned char *)OPENSSL_malloc(buf_len+10); | 762 | m=(unsigned char *)OPENSSL_malloc(buf_len+10); |
| 367 | if (m == NULL) | 763 | if (m == NULL) |
| 368 | { | 764 | { |
| 369 | reason=ERR_R_MALLOC_FAILURE; | 765 | DSAerr(DSA_F_DSAPARAMS_PRINT,ERR_R_MALLOC_FAILURE); |
| 370 | goto err; | 766 | goto err; |
| 371 | } | 767 | } |
| 372 | 768 | ||
| @@ -374,14 +770,70 @@ int DSAparams_print(BIO *bp, const DSA *x) | |||
| 374 | BN_num_bits(x->p)) <= 0) | 770 | BN_num_bits(x->p)) <= 0) |
| 375 | goto err; | 771 | goto err; |
| 376 | if (!print(bp,"p:",x->p,m,4)) goto err; | 772 | if (!print(bp,"p:",x->p,m,4)) goto err; |
| 377 | if (!print(bp,"q:",x->q,m,4)) goto err; | 773 | if ((x->q != NULL) && !print(bp,"q:",x->q,m,4)) goto err; |
| 378 | if (!print(bp,"g:",x->g,m,4)) goto err; | 774 | if ((x->g != NULL) && !print(bp,"g:",x->g,m,4)) goto err; |
| 379 | ret=1; | 775 | ret=1; |
| 380 | err: | 776 | err: |
| 381 | if (m != NULL) OPENSSL_free(m); | 777 | if (m != NULL) OPENSSL_free(m); |
| 382 | DSAerr(DSA_F_DSAPARAMS_PRINT,reason); | ||
| 383 | return(ret); | 778 | return(ret); |
| 384 | } | 779 | } |
| 385 | 780 | ||
| 386 | #endif /* !OPENSSL_NO_DSA */ | 781 | #endif /* !OPENSSL_NO_DSA */ |
| 387 | 782 | ||
| 783 | #ifndef OPENSSL_NO_EC | ||
| 784 | #ifndef OPENSSL_NO_FP_API | ||
| 785 | int ECParameters_print_fp(FILE *fp, const EC_KEY *x) | ||
| 786 | { | ||
| 787 | BIO *b; | ||
| 788 | int ret; | ||
| 789 | |||
| 790 | if ((b=BIO_new(BIO_s_file())) == NULL) | ||
| 791 | { | ||
| 792 | ECerr(EC_F_ECPARAMETERS_PRINT_FP, ERR_R_BIO_LIB); | ||
| 793 | return(0); | ||
| 794 | } | ||
| 795 | BIO_set_fp(b, fp, BIO_NOCLOSE); | ||
| 796 | ret = ECParameters_print(b, x); | ||
| 797 | BIO_free(b); | ||
| 798 | return(ret); | ||
| 799 | } | ||
| 800 | #endif | ||
| 801 | |||
| 802 | int ECParameters_print(BIO *bp, const EC_KEY *x) | ||
| 803 | { | ||
| 804 | int reason=ERR_R_EC_LIB, ret=0; | ||
| 805 | BIGNUM *order=NULL; | ||
| 806 | const EC_GROUP *group; | ||
| 807 | |||
| 808 | if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) | ||
| 809 | { | ||
| 810 | reason = ERR_R_PASSED_NULL_PARAMETER;; | ||
| 811 | goto err; | ||
| 812 | } | ||
| 813 | |||
| 814 | if ((order = BN_new()) == NULL) | ||
| 815 | { | ||
| 816 | reason = ERR_R_MALLOC_FAILURE; | ||
| 817 | goto err; | ||
| 818 | } | ||
| 819 | |||
| 820 | if (!EC_GROUP_get_order(group, order, NULL)) | ||
| 821 | { | ||
| 822 | reason = ERR_R_EC_LIB; | ||
| 823 | goto err; | ||
| 824 | } | ||
| 825 | |||
| 826 | if (BIO_printf(bp, "ECDSA-Parameters: (%d bit)\n", | ||
| 827 | BN_num_bits(order)) <= 0) | ||
| 828 | goto err; | ||
| 829 | if (!ECPKParameters_print(bp, group, 4)) | ||
| 830 | goto err; | ||
| 831 | ret=1; | ||
| 832 | err: | ||
| 833 | if (order) | ||
| 834 | BN_free(order); | ||
| 835 | ECerr(EC_F_ECPARAMETERS_PRINT, reason); | ||
| 836 | return(ret); | ||
| 837 | } | ||
| 838 | |||
| 839 | #endif | ||
diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c index 740cee80c0..5557e06584 100644 --- a/src/lib/libcrypto/asn1/t_req.c +++ b/src/lib/libcrypto/asn1/t_req.c | |||
| @@ -63,6 +63,12 @@ | |||
| 63 | #include <openssl/objects.h> | 63 | #include <openssl/objects.h> |
| 64 | #include <openssl/x509.h> | 64 | #include <openssl/x509.h> |
| 65 | #include <openssl/x509v3.h> | 65 | #include <openssl/x509v3.h> |
| 66 | #ifndef OPENSSL_NO_RSA | ||
| 67 | #include <openssl/rsa.h> | ||
| 68 | #endif | ||
| 69 | #ifndef OPENSSL_NO_DSA | ||
| 70 | #include <openssl/dsa.h> | ||
| 71 | #endif | ||
| 66 | 72 | ||
| 67 | #ifndef OPENSSL_NO_FP_API | 73 | #ifndef OPENSSL_NO_FP_API |
| 68 | int X509_REQ_print_fp(FILE *fp, X509_REQ *x) | 74 | int X509_REQ_print_fp(FILE *fp, X509_REQ *x) |
| @@ -160,6 +166,14 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long | |||
| 160 | } | 166 | } |
| 161 | else | 167 | else |
| 162 | #endif | 168 | #endif |
| 169 | #ifndef OPENSSL_NO_EC | ||
| 170 | if (pkey->type == EVP_PKEY_EC) | ||
| 171 | { | ||
| 172 | BIO_printf(bp, "%12sEC Public Key: \n",""); | ||
| 173 | EC_KEY_print(bp, pkey->pkey.ec, 16); | ||
| 174 | } | ||
| 175 | else | ||
| 176 | #endif | ||
| 163 | BIO_printf(bp,"%12sUnknown Public Key:\n",""); | 177 | BIO_printf(bp,"%12sUnknown Public Key:\n",""); |
| 164 | 178 | ||
| 165 | EVP_PKEY_free(pkey); | 179 | EVP_PKEY_free(pkey); |
| @@ -230,7 +244,7 @@ get_next: | |||
| 230 | } | 244 | } |
| 231 | } | 245 | } |
| 232 | } | 246 | } |
| 233 | if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) | 247 | if(!(cflag & X509_FLAG_NO_EXTENSIONS)) |
| 234 | { | 248 | { |
| 235 | exts = X509_REQ_get_extensions(x); | 249 | exts = X509_REQ_get_extensions(x); |
| 236 | if(exts) | 250 | if(exts) |
| @@ -246,9 +260,9 @@ get_next: | |||
| 246 | obj=X509_EXTENSION_get_object(ex); | 260 | obj=X509_EXTENSION_get_object(ex); |
| 247 | i2a_ASN1_OBJECT(bp,obj); | 261 | i2a_ASN1_OBJECT(bp,obj); |
| 248 | j=X509_EXTENSION_get_critical(ex); | 262 | j=X509_EXTENSION_get_critical(ex); |
| 249 | if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0) | 263 | if (BIO_printf(bp,": %s\n",j?"critical":"") <= 0) |
| 250 | goto err; | 264 | goto err; |
| 251 | if(!X509V3_EXT_print(bp, ex, 0, 16)) | 265 | if(!X509V3_EXT_print(bp, ex, cflag, 16)) |
| 252 | { | 266 | { |
| 253 | BIO_printf(bp, "%16s", ""); | 267 | BIO_printf(bp, "%16s", ""); |
| 254 | M_ASN1_OCTET_STRING_print(bp,ex->value); | 268 | M_ASN1_OCTET_STRING_print(bp,ex->value); |
| @@ -266,7 +280,7 @@ get_next: | |||
| 266 | 280 | ||
| 267 | return(1); | 281 | return(1); |
| 268 | err: | 282 | err: |
| 269 | X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB); | 283 | X509err(X509_F_X509_REQ_PRINT_EX,ERR_R_BUF_LIB); |
| 270 | return(0); | 284 | return(0); |
| 271 | } | 285 | } |
| 272 | 286 | ||
diff --git a/src/lib/libcrypto/asn1/t_spki.c b/src/lib/libcrypto/asn1/t_spki.c index 5abfbc815e..c2a5797dd8 100644 --- a/src/lib/libcrypto/asn1/t_spki.c +++ b/src/lib/libcrypto/asn1/t_spki.c | |||
| @@ -60,6 +60,13 @@ | |||
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/x509.h> | 61 | #include <openssl/x509.h> |
| 62 | #include <openssl/asn1.h> | 62 | #include <openssl/asn1.h> |
| 63 | #ifndef OPENSSL_NO_RSA | ||
| 64 | #include <openssl/rsa.h> | ||
| 65 | #endif | ||
| 66 | #ifndef OPENSSL_NO_DSA | ||
| 67 | #include <openssl/dsa.h> | ||
| 68 | #endif | ||
| 69 | #include <openssl/bn.h> | ||
| 63 | 70 | ||
| 64 | /* Print out an SPKI */ | 71 | /* Print out an SPKI */ |
| 65 | 72 | ||
| @@ -93,6 +100,15 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki) | |||
| 93 | } | 100 | } |
| 94 | else | 101 | else |
| 95 | #endif | 102 | #endif |
| 103 | #ifndef OPENSSL_NO_EC | ||
| 104 | if (pkey->type == EVP_PKEY_EC) | ||
| 105 | { | ||
| 106 | BIO_printf(out, " EC Public Key:\n"); | ||
| 107 | EC_KEY_print(out, pkey->pkey.ec,2); | ||
| 108 | } | ||
| 109 | else | ||
| 110 | #endif | ||
| 111 | |||
| 96 | BIO_printf(out," Unknown Public Key:\n"); | 112 | BIO_printf(out," Unknown Public Key:\n"); |
| 97 | EVP_PKEY_free(pkey); | 113 | EVP_PKEY_free(pkey); |
| 98 | } | 114 | } |
diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c index 30f68561b7..26d3361722 100644 --- a/src/lib/libcrypto/asn1/t_x509.c +++ b/src/lib/libcrypto/asn1/t_x509.c | |||
| @@ -66,6 +66,9 @@ | |||
| 66 | #ifndef OPENSSL_NO_DSA | 66 | #ifndef OPENSSL_NO_DSA |
| 67 | #include <openssl/dsa.h> | 67 | #include <openssl/dsa.h> |
| 68 | #endif | 68 | #endif |
| 69 | #ifndef OPENSSL_NO_EC | ||
| 70 | #include <openssl/ec.h> | ||
| 71 | #endif | ||
| 69 | #include <openssl/objects.h> | 72 | #include <openssl/objects.h> |
| 70 | #include <openssl/x509.h> | 73 | #include <openssl/x509.h> |
| 71 | #include <openssl/x509v3.h> | 74 | #include <openssl/x509v3.h> |
| @@ -83,7 +86,7 @@ int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cfla | |||
| 83 | 86 | ||
| 84 | if ((b=BIO_new(BIO_s_file())) == NULL) | 87 | if ((b=BIO_new(BIO_s_file())) == NULL) |
| 85 | { | 88 | { |
| 86 | X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB); | 89 | X509err(X509_F_X509_PRINT_EX_FP,ERR_R_BUF_LIB); |
| 87 | return(0); | 90 | return(0); |
| 88 | } | 91 | } |
| 89 | BIO_set_fp(b,fp,BIO_NOCLOSE); | 92 | BIO_set_fp(b,fp,BIO_NOCLOSE); |
| @@ -229,6 +232,14 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) | |||
| 229 | } | 232 | } |
| 230 | else | 233 | else |
| 231 | #endif | 234 | #endif |
| 235 | #ifndef OPENSSL_NO_EC | ||
| 236 | if (pkey->type == EVP_PKEY_EC) | ||
| 237 | { | ||
| 238 | BIO_printf(bp, "%12sEC Public Key:\n",""); | ||
| 239 | EC_KEY_print(bp, pkey->pkey.ec, 16); | ||
| 240 | } | ||
| 241 | else | ||
| 242 | #endif | ||
| 232 | BIO_printf(bp,"%12sUnknown Public Key:\n",""); | 243 | BIO_printf(bp,"%12sUnknown Public Key:\n",""); |
| 233 | 244 | ||
| 234 | EVP_PKEY_free(pkey); | 245 | EVP_PKEY_free(pkey); |
| @@ -434,19 +445,18 @@ err: | |||
| 434 | int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) | 445 | int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) |
| 435 | { | 446 | { |
| 436 | char *s,*c,*b; | 447 | char *s,*c,*b; |
| 437 | int ret=0,l,ll,i,first=1; | 448 | int ret=0,l,i; |
| 438 | 449 | ||
| 439 | ll=80-2-obase; | 450 | l=80-2-obase; |
| 440 | 451 | ||
| 441 | b=s=X509_NAME_oneline(name,NULL,0); | 452 | b=X509_NAME_oneline(name,NULL,0); |
| 442 | if (!*s) | 453 | if (!*b) |
| 443 | { | 454 | { |
| 444 | OPENSSL_free(b); | 455 | OPENSSL_free(b); |
| 445 | return 1; | 456 | return 1; |
| 446 | } | 457 | } |
| 447 | s++; /* skip the first slash */ | 458 | s=b+1; /* skip the first slash */ |
| 448 | 459 | ||
| 449 | l=ll; | ||
| 450 | c=s; | 460 | c=s; |
| 451 | for (;;) | 461 | for (;;) |
| 452 | { | 462 | { |
| @@ -468,20 +478,9 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) | |||
| 468 | (*s == '\0')) | 478 | (*s == '\0')) |
| 469 | #endif | 479 | #endif |
| 470 | { | 480 | { |
| 471 | if ((l <= 0) && !first) | ||
| 472 | { | ||
| 473 | first=0; | ||
| 474 | if (BIO_write(bp,"\n",1) != 1) goto err; | ||
| 475 | for (i=0; i<obase; i++) | ||
| 476 | { | ||
| 477 | if (BIO_write(bp," ",1) != 1) goto err; | ||
| 478 | } | ||
| 479 | l=ll; | ||
| 480 | } | ||
| 481 | i=s-c; | 481 | i=s-c; |
| 482 | if (BIO_write(bp,c,i) != i) goto err; | 482 | if (BIO_write(bp,c,i) != i) goto err; |
| 483 | c+=i; | 483 | c=s+1; /* skip following slash */ |
| 484 | c++; | ||
| 485 | if (*s != '\0') | 484 | if (*s != '\0') |
| 486 | { | 485 | { |
| 487 | if (BIO_write(bp,", ",2) != 2) goto err; | 486 | if (BIO_write(bp,", ",2) != 2) goto err; |
diff --git a/src/lib/libcrypto/asn1/tasn_dec.c b/src/lib/libcrypto/asn1/tasn_dec.c index b7e916ef36..0ee406231e 100644 --- a/src/lib/libcrypto/asn1/tasn_dec.c +++ b/src/lib/libcrypto/asn1/tasn_dec.c | |||
| @@ -3,7 +3,7 @@ | |||
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 2000 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -65,24 +65,40 @@ | |||
| 65 | #include <openssl/buffer.h> | 65 | #include <openssl/buffer.h> |
| 66 | #include <openssl/err.h> | 66 | #include <openssl/err.h> |
| 67 | 67 | ||
| 68 | static int asn1_check_eoc(unsigned char **in, long len); | 68 | static int asn1_check_eoc(const unsigned char **in, long len); |
| 69 | static int asn1_find_end(unsigned char **in, long len, char inf); | 69 | static int asn1_find_end(const unsigned char **in, long len, char inf); |
| 70 | static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass); | 70 | |
| 71 | static int collect_data(BUF_MEM *buf, unsigned char **p, long plen); | 71 | static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, |
| 72 | static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst, | 72 | char inf, int tag, int aclass); |
| 73 | unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx); | 73 | |
| 74 | static int asn1_template_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx); | 74 | static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen); |
| 75 | static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx); | 75 | |
| 76 | static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long len, | 76 | static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, |
| 77 | const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); | 77 | char *inf, char *cst, |
| 78 | const unsigned char **in, long len, | ||
| 79 | int exptag, int expclass, char opt, | ||
| 80 | ASN1_TLC *ctx); | ||
| 81 | |||
| 82 | static int asn1_template_ex_d2i(ASN1_VALUE **pval, | ||
| 83 | const unsigned char **in, long len, | ||
| 84 | const ASN1_TEMPLATE *tt, char opt, | ||
| 85 | ASN1_TLC *ctx); | ||
| 86 | static int asn1_template_noexp_d2i(ASN1_VALUE **val, | ||
| 87 | const unsigned char **in, long len, | ||
| 88 | const ASN1_TEMPLATE *tt, char opt, | ||
| 89 | ASN1_TLC *ctx); | ||
| 90 | static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, | ||
| 91 | const unsigned char **in, long len, | ||
| 92 | const ASN1_ITEM *it, | ||
| 93 | int tag, int aclass, char opt, ASN1_TLC *ctx); | ||
| 78 | 94 | ||
| 79 | /* Table to convert tags to bit values, used for MSTRING type */ | 95 | /* Table to convert tags to bit values, used for MSTRING type */ |
| 80 | static unsigned long tag2bit[32]={ | 96 | static const unsigned long tag2bit[32] = { |
| 81 | 0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */ | 97 | 0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */ |
| 82 | B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */ | 98 | B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */ |
| 83 | B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */ | 99 | B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */ |
| 84 | B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */ | 100 | B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */ |
| 85 | 0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */ | 101 | B_ASN1_SEQUENCE,0,B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */ |
| 86 | B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING, /* tags 20-22 */ | 102 | B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING, /* tags 20-22 */ |
| 87 | B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME, /* tags 23-24 */ | 103 | B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME, /* tags 23-24 */ |
| 88 | B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING, /* tags 25-27 */ | 104 | B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING, /* tags 25-27 */ |
| @@ -90,14 +106,14 @@ B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN, /* tags 2 | |||
| 90 | }; | 106 | }; |
| 91 | 107 | ||
| 92 | unsigned long ASN1_tag2bit(int tag) | 108 | unsigned long ASN1_tag2bit(int tag) |
| 93 | { | 109 | { |
| 94 | if((tag < 0) || (tag > 30)) return 0; | 110 | if ((tag < 0) || (tag > 30)) return 0; |
| 95 | return tag2bit[tag]; | 111 | return tag2bit[tag]; |
| 96 | } | 112 | } |
| 97 | 113 | ||
| 98 | /* Macro to initialize and invalidate the cache */ | 114 | /* Macro to initialize and invalidate the cache */ |
| 99 | 115 | ||
| 100 | #define asn1_tlc_clear(c) if(c) (c)->valid = 0 | 116 | #define asn1_tlc_clear(c) if (c) (c)->valid = 0 |
| 101 | 117 | ||
| 102 | /* Decode an ASN1 item, this currently behaves just | 118 | /* Decode an ASN1 item, this currently behaves just |
| 103 | * like a standard 'd2i' function. 'in' points to | 119 | * like a standard 'd2i' function. 'in' points to |
| @@ -107,113 +123,147 @@ unsigned long ASN1_tag2bit(int tag) | |||
| 107 | * case. | 123 | * case. |
| 108 | */ | 124 | */ |
| 109 | 125 | ||
| 110 | ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it) | 126 | ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, |
| 111 | { | 127 | const unsigned char **in, long len, const ASN1_ITEM *it) |
| 128 | { | ||
| 112 | ASN1_TLC c; | 129 | ASN1_TLC c; |
| 113 | ASN1_VALUE *ptmpval = NULL; | 130 | ASN1_VALUE *ptmpval = NULL; |
| 114 | if(!pval) pval = &ptmpval; | 131 | if (!pval) |
| 115 | asn1_tlc_clear(&c); | 132 | pval = &ptmpval; |
| 116 | if(ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) | 133 | c.valid = 0; |
| 134 | if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) | ||
| 117 | return *pval; | 135 | return *pval; |
| 118 | return NULL; | 136 | return NULL; |
| 119 | } | 137 | } |
| 120 | 138 | ||
| 121 | int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt) | 139 | int ASN1_template_d2i(ASN1_VALUE **pval, |
| 122 | { | 140 | const unsigned char **in, long len, const ASN1_TEMPLATE *tt) |
| 141 | { | ||
| 123 | ASN1_TLC c; | 142 | ASN1_TLC c; |
| 124 | asn1_tlc_clear(&c); | 143 | c.valid = 0; |
| 125 | return asn1_template_ex_d2i(pval, in, len, tt, 0, &c); | 144 | return asn1_template_ex_d2i(pval, in, len, tt, 0, &c); |
| 126 | } | 145 | } |
| 127 | 146 | ||
| 128 | 147 | ||
| 129 | /* Decode an item, taking care of IMPLICIT tagging, if any. | 148 | /* Decode an item, taking care of IMPLICIT tagging, if any. |
| 130 | * If 'opt' set and tag mismatch return -1 to handle OPTIONAL | 149 | * If 'opt' set and tag mismatch return -1 to handle OPTIONAL |
| 131 | */ | 150 | */ |
| 132 | 151 | ||
| 133 | int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, | 152 | int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, |
| 134 | int tag, int aclass, char opt, ASN1_TLC *ctx) | 153 | const ASN1_ITEM *it, |
| 135 | { | 154 | int tag, int aclass, char opt, ASN1_TLC *ctx) |
| 155 | { | ||
| 136 | const ASN1_TEMPLATE *tt, *errtt = NULL; | 156 | const ASN1_TEMPLATE *tt, *errtt = NULL; |
| 137 | const ASN1_COMPAT_FUNCS *cf; | 157 | const ASN1_COMPAT_FUNCS *cf; |
| 138 | const ASN1_EXTERN_FUNCS *ef; | 158 | const ASN1_EXTERN_FUNCS *ef; |
| 139 | const ASN1_AUX *aux = it->funcs; | 159 | const ASN1_AUX *aux = it->funcs; |
| 140 | ASN1_aux_cb *asn1_cb; | 160 | ASN1_aux_cb *asn1_cb; |
| 141 | unsigned char *p, *q, imphack = 0, oclass; | 161 | const unsigned char *p = NULL, *q; |
| 162 | unsigned char *wp=NULL; /* BIG FAT WARNING! BREAKS CONST WHERE USED */ | ||
| 163 | unsigned char imphack = 0, oclass; | ||
| 142 | char seq_eoc, seq_nolen, cst, isopt; | 164 | char seq_eoc, seq_nolen, cst, isopt; |
| 143 | long tmplen; | 165 | long tmplen; |
| 144 | int i; | 166 | int i; |
| 145 | int otag; | 167 | int otag; |
| 146 | int ret = 0; | 168 | int ret = 0; |
| 147 | ASN1_VALUE *pchval, **pchptr, *ptmpval; | 169 | ASN1_VALUE *pchval, **pchptr, *ptmpval; |
| 148 | if(!pval) return 0; | 170 | if (!pval) |
| 149 | if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; | 171 | return 0; |
| 172 | if (aux && aux->asn1_cb) | ||
| 173 | asn1_cb = aux->asn1_cb; | ||
| 150 | else asn1_cb = 0; | 174 | else asn1_cb = 0; |
| 151 | 175 | ||
| 152 | switch(it->itype) { | 176 | switch(it->itype) |
| 153 | 177 | { | |
| 154 | case ASN1_ITYPE_PRIMITIVE: | 178 | case ASN1_ITYPE_PRIMITIVE: |
| 155 | if(it->templates) { | 179 | if (it->templates) |
| 156 | /* tagging or OPTIONAL is currently illegal on an item template | 180 | { |
| 157 | * because the flags can't get passed down. In practice this isn't | 181 | /* tagging or OPTIONAL is currently illegal on an item |
| 158 | * a problem: we include the relevant flags from the item template | 182 | * template because the flags can't get passed down. |
| 159 | * in the template itself. | 183 | * In practice this isn't a problem: we include the |
| 184 | * relevant flags from the item template in the | ||
| 185 | * template itself. | ||
| 160 | */ | 186 | */ |
| 161 | if ((tag != -1) || opt) { | 187 | if ((tag != -1) || opt) |
| 162 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); | 188 | { |
| 189 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, | ||
| 190 | ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); | ||
| 163 | goto err; | 191 | goto err; |
| 164 | } | 192 | } |
| 165 | return asn1_template_ex_d2i(pval, in, len, it->templates, opt, ctx); | 193 | return asn1_template_ex_d2i(pval, in, len, |
| 194 | it->templates, opt, ctx); | ||
| 166 | } | 195 | } |
| 167 | return asn1_d2i_ex_primitive(pval, in, len, it, tag, aclass, opt, ctx); | 196 | return asn1_d2i_ex_primitive(pval, in, len, it, |
| 197 | tag, aclass, opt, ctx); | ||
| 168 | break; | 198 | break; |
| 169 | 199 | ||
| 170 | case ASN1_ITYPE_MSTRING: | 200 | case ASN1_ITYPE_MSTRING: |
| 171 | p = *in; | 201 | p = *in; |
| 172 | /* Just read in tag and class */ | 202 | /* Just read in tag and class */ |
| 173 | ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, &p, len, -1, 0, 1, ctx); | 203 | ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, |
| 174 | if(!ret) { | 204 | &p, len, -1, 0, 1, ctx); |
| 175 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); | 205 | if (!ret) |
| 206 | { | ||
| 207 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, | ||
| 208 | ERR_R_NESTED_ASN1_ERROR); | ||
| 176 | goto err; | 209 | goto err; |
| 177 | } | 210 | } |
| 211 | |||
| 178 | /* Must be UNIVERSAL class */ | 212 | /* Must be UNIVERSAL class */ |
| 179 | if(oclass != V_ASN1_UNIVERSAL) { | 213 | if (oclass != V_ASN1_UNIVERSAL) |
| 214 | { | ||
| 180 | /* If OPTIONAL, assume this is OK */ | 215 | /* If OPTIONAL, assume this is OK */ |
| 181 | if(opt) return -1; | 216 | if (opt) return -1; |
| 182 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL); | 217 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, |
| 218 | ASN1_R_MSTRING_NOT_UNIVERSAL); | ||
| 183 | goto err; | 219 | goto err; |
| 184 | } | 220 | } |
| 185 | /* Check tag matches bit map */ | 221 | /* Check tag matches bit map */ |
| 186 | if(!(ASN1_tag2bit(otag) & it->utype)) { | 222 | if (!(ASN1_tag2bit(otag) & it->utype)) |
| 223 | { | ||
| 187 | /* If OPTIONAL, assume this is OK */ | 224 | /* If OPTIONAL, assume this is OK */ |
| 188 | if(opt) return -1; | 225 | if (opt) |
| 189 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_WRONG_TAG); | 226 | return -1; |
| 227 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, | ||
| 228 | ASN1_R_MSTRING_WRONG_TAG); | ||
| 190 | goto err; | 229 | goto err; |
| 191 | } | 230 | } |
| 192 | return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx); | 231 | return asn1_d2i_ex_primitive(pval, in, len, |
| 232 | it, otag, 0, 0, ctx); | ||
| 193 | 233 | ||
| 194 | case ASN1_ITYPE_EXTERN: | 234 | case ASN1_ITYPE_EXTERN: |
| 195 | /* Use new style d2i */ | 235 | /* Use new style d2i */ |
| 196 | ef = it->funcs; | 236 | ef = it->funcs; |
| 197 | return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx); | 237 | return ef->asn1_ex_d2i(pval, in, len, |
| 238 | it, tag, aclass, opt, ctx); | ||
| 198 | 239 | ||
| 199 | case ASN1_ITYPE_COMPAT: | 240 | case ASN1_ITYPE_COMPAT: |
| 200 | /* we must resort to old style evil hackery */ | 241 | /* we must resort to old style evil hackery */ |
| 201 | cf = it->funcs; | 242 | cf = it->funcs; |
| 202 | 243 | ||
| 203 | /* If OPTIONAL see if it is there */ | 244 | /* If OPTIONAL see if it is there */ |
| 204 | if(opt) { | 245 | if (opt) |
| 246 | { | ||
| 205 | int exptag; | 247 | int exptag; |
| 206 | p = *in; | 248 | p = *in; |
| 207 | if(tag == -1) exptag = it->utype; | 249 | if (tag == -1) |
| 250 | exptag = it->utype; | ||
| 208 | else exptag = tag; | 251 | else exptag = tag; |
| 209 | /* Don't care about anything other than presence of expected tag */ | 252 | /* Don't care about anything other than presence |
| 210 | ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL, &p, len, exptag, aclass, 1, ctx); | 253 | * of expected tag */ |
| 211 | if(!ret) { | 254 | |
| 212 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); | 255 | ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL, |
| 256 | &p, len, exptag, aclass, 1, ctx); | ||
| 257 | if (!ret) | ||
| 258 | { | ||
| 259 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, | ||
| 260 | ERR_R_NESTED_ASN1_ERROR); | ||
| 213 | goto err; | 261 | goto err; |
| 262 | } | ||
| 263 | if (ret == -1) | ||
| 264 | return -1; | ||
| 214 | } | 265 | } |
| 215 | if(ret == -1) return -1; | 266 | |
| 216 | } | ||
| 217 | /* This is the old style evil hack IMPLICIT handling: | 267 | /* This is the old style evil hack IMPLICIT handling: |
| 218 | * since the underlying code is expecting a tag and | 268 | * since the underlying code is expecting a tag and |
| 219 | * class other than the one present we change the | 269 | * class other than the one present we change the |
| @@ -229,245 +279,332 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1 | |||
| 229 | * buffer. | 279 | * buffer. |
| 230 | */ | 280 | */ |
| 231 | 281 | ||
| 232 | if(tag != -1) { | 282 | if (tag != -1) |
| 233 | p = *in; | 283 | { |
| 234 | imphack = *p; | 284 | wp = *(unsigned char **)in; |
| 235 | *p = (unsigned char)((*p & V_ASN1_CONSTRUCTED) | it->utype); | 285 | imphack = *wp; |
| 236 | } | 286 | if (p == NULL) |
| 287 | { | ||
| 288 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, | ||
| 289 | ERR_R_NESTED_ASN1_ERROR); | ||
| 290 | goto err; | ||
| 291 | } | ||
| 292 | *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED) | ||
| 293 | | it->utype); | ||
| 294 | } | ||
| 237 | 295 | ||
| 238 | ptmpval = cf->asn1_d2i(pval, in, len); | 296 | ptmpval = cf->asn1_d2i(pval, in, len); |
| 239 | 297 | ||
| 240 | if(tag != -1) *p = imphack; | 298 | if (tag != -1) |
| 299 | *wp = imphack; | ||
| 300 | |||
| 301 | if (ptmpval) | ||
| 302 | return 1; | ||
| 241 | 303 | ||
| 242 | if(ptmpval) return 1; | ||
| 243 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); | 304 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); |
| 244 | goto err; | 305 | goto err; |
| 245 | 306 | ||
| 246 | 307 | ||
| 247 | case ASN1_ITYPE_CHOICE: | 308 | case ASN1_ITYPE_CHOICE: |
| 248 | if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) | 309 | if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) |
| 249 | goto auxerr; | 310 | goto auxerr; |
| 250 | 311 | ||
| 251 | /* Allocate structure */ | 312 | /* Allocate structure */ |
| 252 | if(!*pval) { | 313 | if (!*pval && !ASN1_item_ex_new(pval, it)) |
| 253 | if(!ASN1_item_ex_new(pval, it)) { | 314 | { |
| 254 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); | 315 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, |
| 255 | goto err; | 316 | ERR_R_NESTED_ASN1_ERROR); |
| 317 | goto err; | ||
| 256 | } | 318 | } |
| 257 | } | ||
| 258 | /* CHOICE type, try each possibility in turn */ | 319 | /* CHOICE type, try each possibility in turn */ |
| 259 | pchval = NULL; | 320 | pchval = NULL; |
| 260 | p = *in; | 321 | p = *in; |
| 261 | for(i = 0, tt=it->templates; i < it->tcount; i++, tt++) { | 322 | for (i = 0, tt=it->templates; i < it->tcount; i++, tt++) |
| 323 | { | ||
| 262 | pchptr = asn1_get_field_ptr(pval, tt); | 324 | pchptr = asn1_get_field_ptr(pval, tt); |
| 263 | /* We mark field as OPTIONAL so its absence | 325 | /* We mark field as OPTIONAL so its absence |
| 264 | * can be recognised. | 326 | * can be recognised. |
| 265 | */ | 327 | */ |
| 266 | ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx); | 328 | ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx); |
| 267 | /* If field not present, try the next one */ | 329 | /* If field not present, try the next one */ |
| 268 | if(ret == -1) continue; | 330 | if (ret == -1) |
| 331 | continue; | ||
| 269 | /* If positive return, read OK, break loop */ | 332 | /* If positive return, read OK, break loop */ |
| 270 | if(ret > 0) break; | 333 | if (ret > 0) |
| 334 | break; | ||
| 271 | /* Otherwise must be an ASN1 parsing error */ | 335 | /* Otherwise must be an ASN1 parsing error */ |
| 272 | errtt = tt; | 336 | errtt = tt; |
| 273 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); | 337 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, |
| 338 | ERR_R_NESTED_ASN1_ERROR); | ||
| 274 | goto err; | 339 | goto err; |
| 275 | } | 340 | } |
| 341 | |||
| 276 | /* Did we fall off the end without reading anything? */ | 342 | /* Did we fall off the end without reading anything? */ |
| 277 | if(i == it->tcount) { | 343 | if (i == it->tcount) |
| 344 | { | ||
| 278 | /* If OPTIONAL, this is OK */ | 345 | /* If OPTIONAL, this is OK */ |
| 279 | if(opt) { | 346 | if (opt) |
| 347 | { | ||
| 280 | /* Free and zero it */ | 348 | /* Free and zero it */ |
| 281 | ASN1_item_ex_free(pval, it); | 349 | ASN1_item_ex_free(pval, it); |
| 282 | return -1; | 350 | return -1; |
| 283 | } | 351 | } |
| 284 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE); | 352 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, |
| 353 | ASN1_R_NO_MATCHING_CHOICE_TYPE); | ||
| 285 | goto err; | 354 | goto err; |
| 286 | } | 355 | } |
| 356 | |||
| 287 | asn1_set_choice_selector(pval, i, it); | 357 | asn1_set_choice_selector(pval, i, it); |
| 288 | *in = p; | 358 | *in = p; |
| 289 | if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) | 359 | if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) |
| 290 | goto auxerr; | 360 | goto auxerr; |
| 291 | return 1; | 361 | return 1; |
| 292 | 362 | ||
| 363 | case ASN1_ITYPE_NDEF_SEQUENCE: | ||
| 293 | case ASN1_ITYPE_SEQUENCE: | 364 | case ASN1_ITYPE_SEQUENCE: |
| 294 | p = *in; | 365 | p = *in; |
| 295 | tmplen = len; | 366 | tmplen = len; |
| 296 | 367 | ||
| 297 | /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ | 368 | /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ |
| 298 | if(tag == -1) { | 369 | if (tag == -1) |
| 370 | { | ||
| 299 | tag = V_ASN1_SEQUENCE; | 371 | tag = V_ASN1_SEQUENCE; |
| 300 | aclass = V_ASN1_UNIVERSAL; | 372 | aclass = V_ASN1_UNIVERSAL; |
| 301 | } | 373 | } |
| 302 | /* Get SEQUENCE length and update len, p */ | 374 | /* Get SEQUENCE length and update len, p */ |
| 303 | ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, &p, len, tag, aclass, opt, ctx); | 375 | ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, |
| 304 | if(!ret) { | 376 | &p, len, tag, aclass, opt, ctx); |
| 305 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); | 377 | if (!ret) |
| 378 | { | ||
| 379 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, | ||
| 380 | ERR_R_NESTED_ASN1_ERROR); | ||
| 306 | goto err; | 381 | goto err; |
| 307 | } else if(ret == -1) return -1; | 382 | } |
| 308 | if(aux && (aux->flags & ASN1_AFLG_BROKEN)) { | 383 | else if (ret == -1) |
| 384 | return -1; | ||
| 385 | if (aux && (aux->flags & ASN1_AFLG_BROKEN)) | ||
| 386 | { | ||
| 309 | len = tmplen - (p - *in); | 387 | len = tmplen - (p - *in); |
| 310 | seq_nolen = 1; | 388 | seq_nolen = 1; |
| 311 | } else seq_nolen = seq_eoc; /* If indefinite we don't do a length check */ | 389 | } |
| 312 | if(!cst) { | 390 | /* If indefinite we don't do a length check */ |
| 313 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED); | 391 | else seq_nolen = seq_eoc; |
| 392 | if (!cst) | ||
| 393 | { | ||
| 394 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, | ||
| 395 | ASN1_R_SEQUENCE_NOT_CONSTRUCTED); | ||
| 314 | goto err; | 396 | goto err; |
| 315 | } | 397 | } |
| 316 | 398 | ||
| 317 | if(!*pval) { | 399 | if (!*pval && !ASN1_item_ex_new(pval, it)) |
| 318 | if(!ASN1_item_ex_new(pval, it)) { | 400 | { |
| 319 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); | 401 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, |
| 320 | goto err; | 402 | ERR_R_NESTED_ASN1_ERROR); |
| 403 | goto err; | ||
| 321 | } | 404 | } |
| 322 | } | 405 | |
| 323 | if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) | 406 | if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) |
| 324 | goto auxerr; | 407 | goto auxerr; |
| 325 | 408 | ||
| 326 | /* Get each field entry */ | 409 | /* Get each field entry */ |
| 327 | for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) { | 410 | for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) |
| 411 | { | ||
| 328 | const ASN1_TEMPLATE *seqtt; | 412 | const ASN1_TEMPLATE *seqtt; |
| 329 | ASN1_VALUE **pseqval; | 413 | ASN1_VALUE **pseqval; |
| 330 | seqtt = asn1_do_adb(pval, tt, 1); | 414 | seqtt = asn1_do_adb(pval, tt, 1); |
| 331 | if(!seqtt) goto err; | 415 | if (!seqtt) |
| 416 | goto err; | ||
| 332 | pseqval = asn1_get_field_ptr(pval, seqtt); | 417 | pseqval = asn1_get_field_ptr(pval, seqtt); |
| 333 | /* Have we ran out of data? */ | 418 | /* Have we ran out of data? */ |
| 334 | if(!len) break; | 419 | if (!len) |
| 420 | break; | ||
| 335 | q = p; | 421 | q = p; |
| 336 | if(asn1_check_eoc(&p, len)) { | 422 | if (asn1_check_eoc(&p, len)) |
| 337 | if(!seq_eoc) { | 423 | { |
| 338 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_UNEXPECTED_EOC); | 424 | if (!seq_eoc) |
| 425 | { | ||
| 426 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, | ||
| 427 | ASN1_R_UNEXPECTED_EOC); | ||
| 339 | goto err; | 428 | goto err; |
| 340 | } | 429 | } |
| 341 | len -= p - q; | 430 | len -= p - q; |
| 342 | seq_eoc = 0; | 431 | seq_eoc = 0; |
| 343 | q = p; | 432 | q = p; |
| 344 | break; | 433 | break; |
| 345 | } | 434 | } |
| 346 | /* This determines the OPTIONAL flag value. The field cannot | 435 | /* This determines the OPTIONAL flag value. The field |
| 347 | * be omitted if it is the last of a SEQUENCE and there is | 436 | * cannot be omitted if it is the last of a SEQUENCE |
| 348 | * still data to be read. This isn't strictly necessary but | 437 | * and there is still data to be read. This isn't |
| 349 | * it increases efficiency in some cases. | 438 | * strictly necessary but it increases efficiency in |
| 439 | * some cases. | ||
| 350 | */ | 440 | */ |
| 351 | if(i == (it->tcount - 1)) isopt = 0; | 441 | if (i == (it->tcount - 1)) |
| 442 | isopt = 0; | ||
| 352 | else isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL); | 443 | else isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL); |
| 353 | /* attempt to read in field, allowing each to be OPTIONAL */ | 444 | /* attempt to read in field, allowing each to be |
| 354 | ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx); | 445 | * OPTIONAL */ |
| 355 | if(!ret) { | 446 | |
| 447 | ret = asn1_template_ex_d2i(pseqval, &p, len, | ||
| 448 | seqtt, isopt, ctx); | ||
| 449 | if (!ret) | ||
| 450 | { | ||
| 356 | errtt = seqtt; | 451 | errtt = seqtt; |
| 357 | goto err; | 452 | goto err; |
| 358 | } else if(ret == -1) { | 453 | } |
| 359 | /* OPTIONAL component absent. Free and zero the field | 454 | else if (ret == -1) |
| 455 | { | ||
| 456 | /* OPTIONAL component absent. | ||
| 457 | * Free and zero the field. | ||
| 360 | */ | 458 | */ |
| 361 | ASN1_template_free(pseqval, seqtt); | 459 | ASN1_template_free(pseqval, seqtt); |
| 362 | continue; | 460 | continue; |
| 363 | } | 461 | } |
| 364 | /* Update length */ | 462 | /* Update length */ |
| 365 | len -= p - q; | 463 | len -= p - q; |
| 366 | } | 464 | } |
| 465 | |||
| 367 | /* Check for EOC if expecting one */ | 466 | /* Check for EOC if expecting one */ |
| 368 | if(seq_eoc && !asn1_check_eoc(&p, len)) { | 467 | if (seq_eoc && !asn1_check_eoc(&p, len)) |
| 468 | { | ||
| 369 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC); | 469 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC); |
| 370 | goto err; | 470 | goto err; |
| 371 | } | 471 | } |
| 372 | /* Check all data read */ | 472 | /* Check all data read */ |
| 373 | if(!seq_nolen && len) { | 473 | if (!seq_nolen && len) |
| 374 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH); | 474 | { |
| 475 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, | ||
| 476 | ASN1_R_SEQUENCE_LENGTH_MISMATCH); | ||
| 375 | goto err; | 477 | goto err; |
| 376 | } | 478 | } |
| 377 | 479 | ||
| 378 | /* If we get here we've got no more data in the SEQUENCE, | 480 | /* If we get here we've got no more data in the SEQUENCE, |
| 379 | * however we may not have read all fields so check all | 481 | * however we may not have read all fields so check all |
| 380 | * remaining are OPTIONAL and clear any that are. | 482 | * remaining are OPTIONAL and clear any that are. |
| 381 | */ | 483 | */ |
| 382 | for(; i < it->tcount; tt++, i++) { | 484 | for (; i < it->tcount; tt++, i++) |
| 485 | { | ||
| 383 | const ASN1_TEMPLATE *seqtt; | 486 | const ASN1_TEMPLATE *seqtt; |
| 384 | seqtt = asn1_do_adb(pval, tt, 1); | 487 | seqtt = asn1_do_adb(pval, tt, 1); |
| 385 | if(!seqtt) goto err; | 488 | if (!seqtt) |
| 386 | if(seqtt->flags & ASN1_TFLG_OPTIONAL) { | 489 | goto err; |
| 490 | if (seqtt->flags & ASN1_TFLG_OPTIONAL) | ||
| 491 | { | ||
| 387 | ASN1_VALUE **pseqval; | 492 | ASN1_VALUE **pseqval; |
| 388 | pseqval = asn1_get_field_ptr(pval, seqtt); | 493 | pseqval = asn1_get_field_ptr(pval, seqtt); |
| 389 | ASN1_template_free(pseqval, seqtt); | 494 | ASN1_template_free(pseqval, seqtt); |
| 390 | } else { | 495 | } |
| 496 | else | ||
| 497 | { | ||
| 391 | errtt = seqtt; | 498 | errtt = seqtt; |
| 392 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_FIELD_MISSING); | 499 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, |
| 500 | ASN1_R_FIELD_MISSING); | ||
| 393 | goto err; | 501 | goto err; |
| 502 | } | ||
| 394 | } | 503 | } |
| 395 | } | ||
| 396 | /* Save encoding */ | 504 | /* Save encoding */ |
| 397 | if(!asn1_enc_save(pval, *in, p - *in, it)) goto auxerr; | 505 | if (!asn1_enc_save(pval, *in, p - *in, it)) |
| 506 | goto auxerr; | ||
| 398 | *in = p; | 507 | *in = p; |
| 399 | if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) | 508 | if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) |
| 400 | goto auxerr; | 509 | goto auxerr; |
| 401 | return 1; | 510 | return 1; |
| 402 | 511 | ||
| 403 | default: | 512 | default: |
| 404 | return 0; | 513 | return 0; |
| 405 | } | 514 | } |
| 406 | auxerr: | 515 | auxerr: |
| 407 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR); | 516 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR); |
| 408 | err: | 517 | err: |
| 409 | ASN1_item_ex_free(pval, it); | 518 | ASN1_item_ex_free(pval, it); |
| 410 | if(errtt) ERR_add_error_data(4, "Field=", errtt->field_name, ", Type=", it->sname); | 519 | if (errtt) |
| 411 | else ERR_add_error_data(2, "Type=", it->sname); | 520 | ERR_add_error_data(4, "Field=", errtt->field_name, |
| 521 | ", Type=", it->sname); | ||
| 522 | else | ||
| 523 | ERR_add_error_data(2, "Type=", it->sname); | ||
| 412 | return 0; | 524 | return 0; |
| 413 | } | 525 | } |
| 414 | 526 | ||
| 415 | /* Templates are handled with two separate functions. One handles any EXPLICIT tag and the other handles the | 527 | /* Templates are handled with two separate functions. |
| 416 | * rest. | 528 | * One handles any EXPLICIT tag and the other handles the rest. |
| 417 | */ | 529 | */ |
| 418 | 530 | ||
| 419 | static int asn1_template_ex_d2i(ASN1_VALUE **val, unsigned char **in, long inlen, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx) | 531 | static int asn1_template_ex_d2i(ASN1_VALUE **val, |
| 420 | { | 532 | const unsigned char **in, long inlen, |
| 533 | const ASN1_TEMPLATE *tt, char opt, | ||
| 534 | ASN1_TLC *ctx) | ||
| 535 | { | ||
| 421 | int flags, aclass; | 536 | int flags, aclass; |
| 422 | int ret; | 537 | int ret; |
| 423 | long len; | 538 | long len; |
| 424 | unsigned char *p, *q; | 539 | const unsigned char *p, *q; |
| 425 | char exp_eoc; | 540 | char exp_eoc; |
| 426 | if(!val) return 0; | 541 | if (!val) |
| 542 | return 0; | ||
| 427 | flags = tt->flags; | 543 | flags = tt->flags; |
| 428 | aclass = flags & ASN1_TFLG_TAG_CLASS; | 544 | aclass = flags & ASN1_TFLG_TAG_CLASS; |
| 429 | 545 | ||
| 430 | p = *in; | 546 | p = *in; |
| 431 | 547 | ||
| 432 | /* Check if EXPLICIT tag expected */ | 548 | /* Check if EXPLICIT tag expected */ |
| 433 | if(flags & ASN1_TFLG_EXPTAG) { | 549 | if (flags & ASN1_TFLG_EXPTAG) |
| 550 | { | ||
| 434 | char cst; | 551 | char cst; |
| 435 | /* Need to work out amount of data available to the inner content and where it | 552 | /* Need to work out amount of data available to the inner |
| 436 | * starts: so read in EXPLICIT header to get the info. | 553 | * content and where it starts: so read in EXPLICIT header to |
| 554 | * get the info. | ||
| 437 | */ | 555 | */ |
| 438 | ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, &p, inlen, tt->tag, aclass, opt, ctx); | 556 | ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, |
| 557 | &p, inlen, tt->tag, aclass, opt, ctx); | ||
| 439 | q = p; | 558 | q = p; |
| 440 | if(!ret) { | 559 | if (!ret) |
| 441 | ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); | 560 | { |
| 561 | ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, | ||
| 562 | ERR_R_NESTED_ASN1_ERROR); | ||
| 442 | return 0; | 563 | return 0; |
| 443 | } else if(ret == -1) return -1; | 564 | } |
| 444 | if(!cst) { | 565 | else if (ret == -1) |
| 445 | ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); | 566 | return -1; |
| 567 | if (!cst) | ||
| 568 | { | ||
| 569 | ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, | ||
| 570 | ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); | ||
| 446 | return 0; | 571 | return 0; |
| 447 | } | 572 | } |
| 448 | /* We've found the field so it can't be OPTIONAL now */ | 573 | /* We've found the field so it can't be OPTIONAL now */ |
| 449 | ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx); | 574 | ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx); |
| 450 | if(!ret) { | 575 | if (!ret) |
| 451 | ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); | 576 | { |
| 577 | ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, | ||
| 578 | ERR_R_NESTED_ASN1_ERROR); | ||
| 452 | return 0; | 579 | return 0; |
| 453 | } | 580 | } |
| 454 | /* We read the field in OK so update length */ | 581 | /* We read the field in OK so update length */ |
| 455 | len -= p - q; | 582 | len -= p - q; |
| 456 | if(exp_eoc) { | 583 | if (exp_eoc) |
| 584 | { | ||
| 457 | /* If NDEF we must have an EOC here */ | 585 | /* If NDEF we must have an EOC here */ |
| 458 | if(!asn1_check_eoc(&p, len)) { | 586 | if (!asn1_check_eoc(&p, len)) |
| 459 | ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC); | 587 | { |
| 588 | ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, | ||
| 589 | ASN1_R_MISSING_EOC); | ||
| 460 | goto err; | 590 | goto err; |
| 591 | } | ||
| 461 | } | 592 | } |
| 462 | } else { | 593 | else |
| 463 | /* Otherwise we must hit the EXPLICIT tag end or its an error */ | 594 | { |
| 464 | if(len) { | 595 | /* Otherwise we must hit the EXPLICIT tag end or its |
| 465 | ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_EXPLICIT_LENGTH_MISMATCH); | 596 | * an error */ |
| 597 | if (len) | ||
| 598 | { | ||
| 599 | ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, | ||
| 600 | ASN1_R_EXPLICIT_LENGTH_MISMATCH); | ||
| 466 | goto err; | 601 | goto err; |
| 602 | } | ||
| 467 | } | 603 | } |
| 468 | } | 604 | } |
| 469 | } else | 605 | else |
| 470 | return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx); | 606 | return asn1_template_noexp_d2i(val, in, inlen, |
| 607 | tt, opt, ctx); | ||
| 471 | 608 | ||
| 472 | *in = p; | 609 | *in = p; |
| 473 | return 1; | 610 | return 1; |
| @@ -476,98 +613,145 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, unsigned char **in, long inlen | |||
| 476 | ASN1_template_free(val, tt); | 613 | ASN1_template_free(val, tt); |
| 477 | *val = NULL; | 614 | *val = NULL; |
| 478 | return 0; | 615 | return 0; |
| 479 | } | 616 | } |
| 480 | 617 | ||
| 481 | static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx) | 618 | static int asn1_template_noexp_d2i(ASN1_VALUE **val, |
| 482 | { | 619 | const unsigned char **in, long len, |
| 620 | const ASN1_TEMPLATE *tt, char opt, | ||
| 621 | ASN1_TLC *ctx) | ||
| 622 | { | ||
| 483 | int flags, aclass; | 623 | int flags, aclass; |
| 484 | int ret; | 624 | int ret; |
| 485 | unsigned char *p, *q; | 625 | const unsigned char *p, *q; |
| 486 | if(!val) return 0; | 626 | if (!val) |
| 627 | return 0; | ||
| 487 | flags = tt->flags; | 628 | flags = tt->flags; |
| 488 | aclass = flags & ASN1_TFLG_TAG_CLASS; | 629 | aclass = flags & ASN1_TFLG_TAG_CLASS; |
| 489 | 630 | ||
| 490 | p = *in; | 631 | p = *in; |
| 491 | q = p; | 632 | q = p; |
| 492 | 633 | ||
| 493 | if(flags & ASN1_TFLG_SK_MASK) { | 634 | if (flags & ASN1_TFLG_SK_MASK) |
| 635 | { | ||
| 494 | /* SET OF, SEQUENCE OF */ | 636 | /* SET OF, SEQUENCE OF */ |
| 495 | int sktag, skaclass; | 637 | int sktag, skaclass; |
| 496 | char sk_eoc; | 638 | char sk_eoc; |
| 497 | /* First work out expected inner tag value */ | 639 | /* First work out expected inner tag value */ |
| 498 | if(flags & ASN1_TFLG_IMPTAG) { | 640 | if (flags & ASN1_TFLG_IMPTAG) |
| 641 | { | ||
| 499 | sktag = tt->tag; | 642 | sktag = tt->tag; |
| 500 | skaclass = aclass; | 643 | skaclass = aclass; |
| 501 | } else { | 644 | } |
| 645 | else | ||
| 646 | { | ||
| 502 | skaclass = V_ASN1_UNIVERSAL; | 647 | skaclass = V_ASN1_UNIVERSAL; |
| 503 | if(flags & ASN1_TFLG_SET_OF) sktag = V_ASN1_SET; | 648 | if (flags & ASN1_TFLG_SET_OF) |
| 504 | else sktag = V_ASN1_SEQUENCE; | 649 | sktag = V_ASN1_SET; |
| 505 | } | 650 | else |
| 651 | sktag = V_ASN1_SEQUENCE; | ||
| 652 | } | ||
| 506 | /* Get the tag */ | 653 | /* Get the tag */ |
| 507 | ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, &p, len, sktag, skaclass, opt, ctx); | 654 | ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, |
| 508 | if(!ret) { | 655 | &p, len, sktag, skaclass, opt, ctx); |
| 509 | ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); | 656 | if (!ret) |
| 657 | { | ||
| 658 | ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, | ||
| 659 | ERR_R_NESTED_ASN1_ERROR); | ||
| 510 | return 0; | 660 | return 0; |
| 511 | } else if(ret == -1) return -1; | 661 | } |
| 512 | if(!*val) *val = (ASN1_VALUE *)sk_new_null(); | 662 | else if (ret == -1) |
| 513 | else { | 663 | return -1; |
| 664 | if (!*val) | ||
| 665 | *val = (ASN1_VALUE *)sk_new_null(); | ||
| 666 | else | ||
| 667 | { | ||
| 514 | /* We've got a valid STACK: free up any items present */ | 668 | /* We've got a valid STACK: free up any items present */ |
| 515 | STACK *sktmp = (STACK *)*val; | 669 | STACK *sktmp = (STACK *)*val; |
| 516 | ASN1_VALUE *vtmp; | 670 | ASN1_VALUE *vtmp; |
| 517 | while(sk_num(sktmp) > 0) { | 671 | while(sk_num(sktmp) > 0) |
| 672 | { | ||
| 518 | vtmp = (ASN1_VALUE *)sk_pop(sktmp); | 673 | vtmp = (ASN1_VALUE *)sk_pop(sktmp); |
| 519 | ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item)); | 674 | ASN1_item_ex_free(&vtmp, |
| 675 | ASN1_ITEM_ptr(tt->item)); | ||
| 676 | } | ||
| 520 | } | 677 | } |
| 521 | } | ||
| 522 | 678 | ||
| 523 | if(!*val) { | 679 | if (!*val) |
| 524 | ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_MALLOC_FAILURE); | 680 | { |
| 681 | ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, | ||
| 682 | ERR_R_MALLOC_FAILURE); | ||
| 525 | goto err; | 683 | goto err; |
| 526 | } | 684 | } |
| 685 | |||
| 527 | /* Read as many items as we can */ | 686 | /* Read as many items as we can */ |
| 528 | while(len > 0) { | 687 | while(len > 0) |
| 688 | { | ||
| 529 | ASN1_VALUE *skfield; | 689 | ASN1_VALUE *skfield; |
| 530 | q = p; | 690 | q = p; |
| 531 | /* See if EOC found */ | 691 | /* See if EOC found */ |
| 532 | if(asn1_check_eoc(&p, len)) { | 692 | if (asn1_check_eoc(&p, len)) |
| 533 | if(!sk_eoc) { | 693 | { |
| 534 | ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_UNEXPECTED_EOC); | 694 | if (!sk_eoc) |
| 695 | { | ||
| 696 | ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, | ||
| 697 | ASN1_R_UNEXPECTED_EOC); | ||
| 535 | goto err; | 698 | goto err; |
| 536 | } | 699 | } |
| 537 | len -= p - q; | 700 | len -= p - q; |
| 538 | sk_eoc = 0; | 701 | sk_eoc = 0; |
| 539 | break; | 702 | break; |
| 540 | } | 703 | } |
| 541 | skfield = NULL; | 704 | skfield = NULL; |
| 542 | if(!ASN1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) { | 705 | if (!ASN1_item_ex_d2i(&skfield, &p, len, |
| 543 | ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR); | 706 | ASN1_ITEM_ptr(tt->item), |
| 707 | -1, 0, 0, ctx)) | ||
| 708 | { | ||
| 709 | ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, | ||
| 710 | ERR_R_NESTED_ASN1_ERROR); | ||
| 544 | goto err; | 711 | goto err; |
| 545 | } | 712 | } |
| 546 | len -= p - q; | 713 | len -= p - q; |
| 547 | if(!sk_push((STACK *)*val, (char *)skfield)) { | 714 | if (!sk_push((STACK *)*val, (char *)skfield)) |
| 548 | ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_MALLOC_FAILURE); | 715 | { |
| 716 | ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, | ||
| 717 | ERR_R_MALLOC_FAILURE); | ||
| 549 | goto err; | 718 | goto err; |
| 719 | } | ||
| 550 | } | 720 | } |
| 551 | } | 721 | if (sk_eoc) |
| 552 | if(sk_eoc) { | 722 | { |
| 553 | ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC); | 723 | ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC); |
| 554 | goto err; | 724 | goto err; |
| 725 | } | ||
| 555 | } | 726 | } |
| 556 | } else if(flags & ASN1_TFLG_IMPTAG) { | 727 | else if (flags & ASN1_TFLG_IMPTAG) |
| 728 | { | ||
| 557 | /* IMPLICIT tagging */ | 729 | /* IMPLICIT tagging */ |
| 558 | ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx); | 730 | ret = ASN1_item_ex_d2i(val, &p, len, |
| 559 | if(!ret) { | 731 | ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx); |
| 560 | ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR); | 732 | if (!ret) |
| 733 | { | ||
| 734 | ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, | ||
| 735 | ERR_R_NESTED_ASN1_ERROR); | ||
| 561 | goto err; | 736 | goto err; |
| 562 | } else if(ret == -1) return -1; | 737 | } |
| 563 | } else { | 738 | else if (ret == -1) |
| 739 | return -1; | ||
| 740 | } | ||
| 741 | else | ||
| 742 | { | ||
| 564 | /* Nothing special */ | 743 | /* Nothing special */ |
| 565 | ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), -1, 0, opt, ctx); | 744 | ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), |
| 566 | if(!ret) { | 745 | -1, 0, opt, ctx); |
| 567 | ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR); | 746 | if (!ret) |
| 747 | { | ||
| 748 | ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, | ||
| 749 | ERR_R_NESTED_ASN1_ERROR); | ||
| 568 | goto err; | 750 | goto err; |
| 569 | } else if(ret == -1) return -1; | 751 | } |
| 570 | } | 752 | else if (ret == -1) |
| 753 | return -1; | ||
| 754 | } | ||
| 571 | 755 | ||
| 572 | *in = p; | 756 | *in = p; |
| 573 | return 1; | 757 | return 1; |
| @@ -576,85 +760,115 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long le | |||
| 576 | ASN1_template_free(val, tt); | 760 | ASN1_template_free(val, tt); |
| 577 | *val = NULL; | 761 | *val = NULL; |
| 578 | return 0; | 762 | return 0; |
| 579 | } | 763 | } |
| 580 | 764 | ||
| 581 | static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inlen, | 765 | static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, |
| 582 | const ASN1_ITEM *it, | 766 | const unsigned char **in, long inlen, |
| 583 | int tag, int aclass, char opt, ASN1_TLC *ctx) | 767 | const ASN1_ITEM *it, |
| 584 | { | 768 | int tag, int aclass, char opt, ASN1_TLC *ctx) |
| 769 | { | ||
| 585 | int ret = 0, utype; | 770 | int ret = 0, utype; |
| 586 | long plen; | 771 | long plen; |
| 587 | char cst, inf, free_cont = 0; | 772 | char cst, inf, free_cont = 0; |
| 588 | unsigned char *p; | 773 | const unsigned char *p; |
| 589 | BUF_MEM buf; | 774 | BUF_MEM buf; |
| 590 | unsigned char *cont = NULL; | 775 | const unsigned char *cont = NULL; |
| 591 | long len; | 776 | long len; |
| 592 | if(!pval) { | 777 | if (!pval) |
| 778 | { | ||
| 593 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL); | 779 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL); |
| 594 | return 0; /* Should never happen */ | 780 | return 0; /* Should never happen */ |
| 595 | } | 781 | } |
| 596 | 782 | ||
| 597 | if(it->itype == ASN1_ITYPE_MSTRING) { | 783 | if (it->itype == ASN1_ITYPE_MSTRING) |
| 784 | { | ||
| 598 | utype = tag; | 785 | utype = tag; |
| 599 | tag = -1; | 786 | tag = -1; |
| 600 | } else utype = it->utype; | 787 | } |
| 788 | else | ||
| 789 | utype = it->utype; | ||
| 601 | 790 | ||
| 602 | if(utype == V_ASN1_ANY) { | 791 | if (utype == V_ASN1_ANY) |
| 792 | { | ||
| 603 | /* If type is ANY need to figure out type from tag */ | 793 | /* If type is ANY need to figure out type from tag */ |
| 604 | unsigned char oclass; | 794 | unsigned char oclass; |
| 605 | if(tag >= 0) { | 795 | if (tag >= 0) |
| 606 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY); | 796 | { |
| 797 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, | ||
| 798 | ASN1_R_ILLEGAL_TAGGED_ANY); | ||
| 607 | return 0; | 799 | return 0; |
| 608 | } | 800 | } |
| 609 | if(opt) { | 801 | if (opt) |
| 610 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_OPTIONAL_ANY); | 802 | { |
| 803 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, | ||
| 804 | ASN1_R_ILLEGAL_OPTIONAL_ANY); | ||
| 611 | return 0; | 805 | return 0; |
| 612 | } | 806 | } |
| 613 | p = *in; | 807 | p = *in; |
| 614 | ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, &p, inlen, -1, 0, 0, ctx); | 808 | ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, |
| 615 | if(!ret) { | 809 | &p, inlen, -1, 0, 0, ctx); |
| 616 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); | 810 | if (!ret) |
| 811 | { | ||
| 812 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, | ||
| 813 | ERR_R_NESTED_ASN1_ERROR); | ||
| 617 | return 0; | 814 | return 0; |
| 815 | } | ||
| 816 | if (oclass != V_ASN1_UNIVERSAL) | ||
| 817 | utype = V_ASN1_OTHER; | ||
| 618 | } | 818 | } |
| 619 | if(oclass != V_ASN1_UNIVERSAL) utype = V_ASN1_OTHER; | 819 | if (tag == -1) |
| 620 | } | 820 | { |
| 621 | if(tag == -1) { | ||
| 622 | tag = utype; | 821 | tag = utype; |
| 623 | aclass = V_ASN1_UNIVERSAL; | 822 | aclass = V_ASN1_UNIVERSAL; |
| 624 | } | 823 | } |
| 625 | p = *in; | 824 | p = *in; |
| 626 | /* Check header */ | 825 | /* Check header */ |
| 627 | ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, &p, inlen, tag, aclass, opt, ctx); | 826 | ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, |
| 628 | if(!ret) { | 827 | &p, inlen, tag, aclass, opt, ctx); |
| 828 | if (!ret) | ||
| 829 | { | ||
| 629 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); | 830 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); |
| 630 | return 0; | 831 | return 0; |
| 631 | } else if(ret == -1) return -1; | 832 | } |
| 632 | 833 | else if (ret == -1) | |
| 633 | ret = 0; | 834 | return -1; |
| 835 | ret = 0; | ||
| 634 | /* SEQUENCE, SET and "OTHER" are left in encoded form */ | 836 | /* SEQUENCE, SET and "OTHER" are left in encoded form */ |
| 635 | if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) { | 837 | if ((utype == V_ASN1_SEQUENCE) |
| 636 | /* Clear context cache for type OTHER because the auto clear when | 838 | || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) |
| 637 | * we have a exact match wont work | 839 | { |
| 840 | /* Clear context cache for type OTHER because the auto clear | ||
| 841 | * when we have a exact match wont work | ||
| 638 | */ | 842 | */ |
| 639 | if(utype == V_ASN1_OTHER) { | 843 | if (utype == V_ASN1_OTHER) |
| 844 | { | ||
| 640 | asn1_tlc_clear(ctx); | 845 | asn1_tlc_clear(ctx); |
| 846 | } | ||
| 641 | /* SEQUENCE and SET must be constructed */ | 847 | /* SEQUENCE and SET must be constructed */ |
| 642 | } else if(!cst) { | 848 | else if (!cst) |
| 643 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_CONSTRUCTED); | 849 | { |
| 850 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, | ||
| 851 | ASN1_R_TYPE_NOT_CONSTRUCTED); | ||
| 644 | return 0; | 852 | return 0; |
| 645 | } | 853 | } |
| 646 | 854 | ||
| 647 | cont = *in; | 855 | cont = *in; |
| 648 | /* If indefinite length constructed find the real end */ | 856 | /* If indefinite length constructed find the real end */ |
| 649 | if(inf) { | 857 | if (inf) |
| 650 | if(!asn1_find_end(&p, plen, inf)) goto err; | 858 | { |
| 859 | if (!asn1_find_end(&p, plen, inf)) | ||
| 860 | goto err; | ||
| 651 | len = p - cont; | 861 | len = p - cont; |
| 652 | } else { | 862 | } |
| 863 | else | ||
| 864 | { | ||
| 653 | len = p - cont + plen; | 865 | len = p - cont + plen; |
| 654 | p += plen; | 866 | p += plen; |
| 655 | buf.data = NULL; | 867 | buf.data = NULL; |
| 868 | } | ||
| 656 | } | 869 | } |
| 657 | } else if(cst) { | 870 | else if (cst) |
| 871 | { | ||
| 658 | buf.length = 0; | 872 | buf.length = 0; |
| 659 | buf.max = 0; | 873 | buf.max = 0; |
| 660 | buf.data = NULL; | 874 | buf.data = NULL; |
| @@ -664,36 +878,46 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl | |||
| 664 | * internally irrespective of the type. So instead just check | 878 | * internally irrespective of the type. So instead just check |
| 665 | * for UNIVERSAL class and ignore the tag. | 879 | * for UNIVERSAL class and ignore the tag. |
| 666 | */ | 880 | */ |
| 667 | if(!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) goto err; | 881 | if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) |
| 882 | { | ||
| 883 | free_cont = 1; | ||
| 884 | goto err; | ||
| 885 | } | ||
| 668 | len = buf.length; | 886 | len = buf.length; |
| 669 | /* Append a final null to string */ | 887 | /* Append a final null to string */ |
| 670 | if(!BUF_MEM_grow_clean(&buf, len + 1)) { | 888 | if (!BUF_MEM_grow_clean(&buf, len + 1)) |
| 671 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); | 889 | { |
| 890 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, | ||
| 891 | ERR_R_MALLOC_FAILURE); | ||
| 672 | return 0; | 892 | return 0; |
| 673 | } | 893 | } |
| 674 | buf.data[len] = 0; | 894 | buf.data[len] = 0; |
| 675 | cont = (unsigned char *)buf.data; | 895 | cont = (const unsigned char *)buf.data; |
| 676 | free_cont = 1; | 896 | free_cont = 1; |
| 677 | } else { | 897 | } |
| 898 | else | ||
| 899 | { | ||
| 678 | cont = p; | 900 | cont = p; |
| 679 | len = plen; | 901 | len = plen; |
| 680 | p += plen; | 902 | p += plen; |
| 681 | } | 903 | } |
| 682 | 904 | ||
| 683 | /* We now have content length and type: translate into a structure */ | 905 | /* We now have content length and type: translate into a structure */ |
| 684 | if(!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it)) goto err; | 906 | if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it)) |
| 907 | goto err; | ||
| 685 | 908 | ||
| 686 | *in = p; | 909 | *in = p; |
| 687 | ret = 1; | 910 | ret = 1; |
| 688 | err: | 911 | err: |
| 689 | if(free_cont && buf.data) OPENSSL_free(buf.data); | 912 | if (free_cont && buf.data) OPENSSL_free(buf.data); |
| 690 | return ret; | 913 | return ret; |
| 691 | } | 914 | } |
| 692 | 915 | ||
| 693 | /* Translate ASN1 content octets into a structure */ | 916 | /* Translate ASN1 content octets into a structure */ |
| 694 | 917 | ||
| 695 | int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) | 918 | int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, |
| 696 | { | 919 | int utype, char *free_cont, const ASN1_ITEM *it) |
| 920 | { | ||
| 697 | ASN1_VALUE **opval = NULL; | 921 | ASN1_VALUE **opval = NULL; |
| 698 | ASN1_STRING *stmp; | 922 | ASN1_STRING *stmp; |
| 699 | ASN1_TYPE *typ = NULL; | 923 | ASN1_TYPE *typ = NULL; |
| @@ -701,43 +925,62 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char | |||
| 701 | const ASN1_PRIMITIVE_FUNCS *pf; | 925 | const ASN1_PRIMITIVE_FUNCS *pf; |
| 702 | ASN1_INTEGER **tint; | 926 | ASN1_INTEGER **tint; |
| 703 | pf = it->funcs; | 927 | pf = it->funcs; |
| 704 | if(pf && pf->prim_c2i) return pf->prim_c2i(pval, cont, len, utype, free_cont, it); | 928 | |
| 929 | if (pf && pf->prim_c2i) | ||
| 930 | return pf->prim_c2i(pval, cont, len, utype, free_cont, it); | ||
| 705 | /* If ANY type clear type and set pointer to internal value */ | 931 | /* If ANY type clear type and set pointer to internal value */ |
| 706 | if(it->utype == V_ASN1_ANY) { | 932 | if (it->utype == V_ASN1_ANY) |
| 707 | if(!*pval) { | 933 | { |
| 934 | if (!*pval) | ||
| 935 | { | ||
| 708 | typ = ASN1_TYPE_new(); | 936 | typ = ASN1_TYPE_new(); |
| 937 | if (typ == NULL) | ||
| 938 | goto err; | ||
| 709 | *pval = (ASN1_VALUE *)typ; | 939 | *pval = (ASN1_VALUE *)typ; |
| 710 | } else typ = (ASN1_TYPE *)*pval; | 940 | } |
| 711 | if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL); | 941 | else |
| 942 | typ = (ASN1_TYPE *)*pval; | ||
| 943 | |||
| 944 | if (utype != typ->type) | ||
| 945 | ASN1_TYPE_set(typ, utype, NULL); | ||
| 712 | opval = pval; | 946 | opval = pval; |
| 713 | pval = (ASN1_VALUE **)&typ->value.ptr; | 947 | pval = &typ->value.asn1_value; |
| 714 | } | 948 | } |
| 715 | switch(utype) { | 949 | switch(utype) |
| 950 | { | ||
| 716 | case V_ASN1_OBJECT: | 951 | case V_ASN1_OBJECT: |
| 717 | if(!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) goto err; | 952 | if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) |
| 953 | goto err; | ||
| 718 | break; | 954 | break; |
| 719 | 955 | ||
| 720 | case V_ASN1_NULL: | 956 | case V_ASN1_NULL: |
| 721 | if(len) { | 957 | if (len) |
| 722 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_NULL_IS_WRONG_LENGTH); | 958 | { |
| 959 | ASN1err(ASN1_F_ASN1_EX_C2I, | ||
| 960 | ASN1_R_NULL_IS_WRONG_LENGTH); | ||
| 723 | goto err; | 961 | goto err; |
| 724 | } | 962 | } |
| 725 | *pval = (ASN1_VALUE *)1; | 963 | *pval = (ASN1_VALUE *)1; |
| 726 | break; | 964 | break; |
| 727 | 965 | ||
| 728 | case V_ASN1_BOOLEAN: | 966 | case V_ASN1_BOOLEAN: |
| 729 | if(len != 1) { | 967 | if (len != 1) |
| 730 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_BOOLEAN_IS_WRONG_LENGTH); | 968 | { |
| 969 | ASN1err(ASN1_F_ASN1_EX_C2I, | ||
| 970 | ASN1_R_BOOLEAN_IS_WRONG_LENGTH); | ||
| 731 | goto err; | 971 | goto err; |
| 732 | } else { | 972 | } |
| 973 | else | ||
| 974 | { | ||
| 733 | ASN1_BOOLEAN *tbool; | 975 | ASN1_BOOLEAN *tbool; |
| 734 | tbool = (ASN1_BOOLEAN *)pval; | 976 | tbool = (ASN1_BOOLEAN *)pval; |
| 735 | *tbool = *cont; | 977 | *tbool = *cont; |
| 736 | } | 978 | } |
| 737 | break; | 979 | break; |
| 738 | 980 | ||
| 739 | case V_ASN1_BIT_STRING: | 981 | case V_ASN1_BIT_STRING: |
| 740 | if(!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) goto err; | 982 | if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) |
| 983 | goto err; | ||
| 741 | break; | 984 | break; |
| 742 | 985 | ||
| 743 | case V_ASN1_INTEGER: | 986 | case V_ASN1_INTEGER: |
| @@ -745,7 +988,8 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char | |||
| 745 | case V_ASN1_ENUMERATED: | 988 | case V_ASN1_ENUMERATED: |
| 746 | case V_ASN1_NEG_ENUMERATED: | 989 | case V_ASN1_NEG_ENUMERATED: |
| 747 | tint = (ASN1_INTEGER **)pval; | 990 | tint = (ASN1_INTEGER **)pval; |
| 748 | if(!c2i_ASN1_INTEGER(tint, &cont, len)) goto err; | 991 | if (!c2i_ASN1_INTEGER(tint, &cont, len)) |
| 992 | goto err; | ||
| 749 | /* Fixup type to match the expected form */ | 993 | /* Fixup type to match the expected form */ |
| 750 | (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG); | 994 | (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG); |
| 751 | break; | 995 | break; |
| @@ -769,46 +1013,59 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char | |||
| 769 | case V_ASN1_SEQUENCE: | 1013 | case V_ASN1_SEQUENCE: |
| 770 | default: | 1014 | default: |
| 771 | /* All based on ASN1_STRING and handled the same */ | 1015 | /* All based on ASN1_STRING and handled the same */ |
| 772 | if(!*pval) { | 1016 | if (!*pval) |
| 1017 | { | ||
| 773 | stmp = ASN1_STRING_type_new(utype); | 1018 | stmp = ASN1_STRING_type_new(utype); |
| 774 | if(!stmp) { | 1019 | if (!stmp) |
| 775 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); | 1020 | { |
| 1021 | ASN1err(ASN1_F_ASN1_EX_C2I, | ||
| 1022 | ERR_R_MALLOC_FAILURE); | ||
| 776 | goto err; | 1023 | goto err; |
| 777 | } | 1024 | } |
| 778 | *pval = (ASN1_VALUE *)stmp; | 1025 | *pval = (ASN1_VALUE *)stmp; |
| 779 | } else { | 1026 | } |
| 1027 | else | ||
| 1028 | { | ||
| 780 | stmp = (ASN1_STRING *)*pval; | 1029 | stmp = (ASN1_STRING *)*pval; |
| 781 | stmp->type = utype; | 1030 | stmp->type = utype; |
| 782 | } | 1031 | } |
| 783 | /* If we've already allocated a buffer use it */ | 1032 | /* If we've already allocated a buffer use it */ |
| 784 | if(*free_cont) { | 1033 | if (*free_cont) |
| 785 | if(stmp->data) OPENSSL_free(stmp->data); | 1034 | { |
| 786 | stmp->data = cont; | 1035 | if (stmp->data) |
| 1036 | OPENSSL_free(stmp->data); | ||
| 1037 | stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */ | ||
| 787 | stmp->length = len; | 1038 | stmp->length = len; |
| 788 | *free_cont = 0; | 1039 | *free_cont = 0; |
| 789 | } else { | 1040 | } |
| 790 | if(!ASN1_STRING_set(stmp, cont, len)) { | 1041 | else |
| 791 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); | 1042 | { |
| 1043 | if (!ASN1_STRING_set(stmp, cont, len)) | ||
| 1044 | { | ||
| 1045 | ASN1err(ASN1_F_ASN1_EX_C2I, | ||
| 1046 | ERR_R_MALLOC_FAILURE); | ||
| 792 | ASN1_STRING_free(stmp); | 1047 | ASN1_STRING_free(stmp); |
| 793 | *pval = NULL; | 1048 | *pval = NULL; |
| 794 | goto err; | 1049 | goto err; |
| 1050 | } | ||
| 795 | } | 1051 | } |
| 796 | } | ||
| 797 | break; | 1052 | break; |
| 798 | } | 1053 | } |
| 799 | /* If ASN1_ANY and NULL type fix up value */ | 1054 | /* If ASN1_ANY and NULL type fix up value */ |
| 800 | if(typ && utype==V_ASN1_NULL) typ->value.ptr = NULL; | 1055 | if (typ && (utype == V_ASN1_NULL)) |
| 1056 | typ->value.ptr = NULL; | ||
| 801 | 1057 | ||
| 802 | ret = 1; | 1058 | ret = 1; |
| 803 | err: | 1059 | err: |
| 804 | if(!ret) | 1060 | if (!ret) |
| 805 | { | 1061 | { |
| 806 | ASN1_TYPE_free(typ); | 1062 | ASN1_TYPE_free(typ); |
| 807 | if (opval) | 1063 | if (opval) |
| 808 | *opval = NULL; | 1064 | *opval = NULL; |
| 809 | } | 1065 | } |
| 810 | return ret; | 1066 | return ret; |
| 811 | } | 1067 | } |
| 1068 | |||
| 812 | 1069 | ||
| 813 | /* This function finds the end of an ASN1 structure when passed its maximum | 1070 | /* This function finds the end of an ASN1 structure when passed its maximum |
| 814 | * length, whether it is indefinite length and a pointer to the content. | 1071 | * length, whether it is indefinite length and a pointer to the content. |
| @@ -816,11 +1073,11 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char | |||
| 816 | * recurse on each indefinite length header. | 1073 | * recurse on each indefinite length header. |
| 817 | */ | 1074 | */ |
| 818 | 1075 | ||
| 819 | static int asn1_find_end(unsigned char **in, long len, char inf) | 1076 | static int asn1_find_end(const unsigned char **in, long len, char inf) |
| 820 | { | 1077 | { |
| 821 | int expected_eoc; | 1078 | int expected_eoc; |
| 822 | long plen; | 1079 | long plen; |
| 823 | unsigned char *p = *in, *q; | 1080 | const unsigned char *p = *in, *q; |
| 824 | /* If not indefinite length constructed just add length */ | 1081 | /* If not indefinite length constructed just add length */ |
| 825 | if (inf == 0) | 1082 | if (inf == 0) |
| 826 | { | 1083 | { |
| @@ -830,7 +1087,7 @@ static int asn1_find_end(unsigned char **in, long len, char inf) | |||
| 830 | expected_eoc = 1; | 1087 | expected_eoc = 1; |
| 831 | /* Indefinite length constructed form. Find the end when enough EOCs | 1088 | /* Indefinite length constructed form. Find the end when enough EOCs |
| 832 | * are found. If more indefinite length constructed headers | 1089 | * are found. If more indefinite length constructed headers |
| 833 | * are encountered increment the expected eoc count otherwise justi | 1090 | * are encountered increment the expected eoc count otherwise just |
| 834 | * skip to the end of the data. | 1091 | * skip to the end of the data. |
| 835 | */ | 1092 | */ |
| 836 | while (len > 0) | 1093 | while (len > 0) |
| @@ -865,38 +1122,55 @@ static int asn1_find_end(unsigned char **in, long len, char inf) | |||
| 865 | *in = p; | 1122 | *in = p; |
| 866 | return 1; | 1123 | return 1; |
| 867 | } | 1124 | } |
| 868 | |||
| 869 | /* This function collects the asn1 data from a constructred string | 1125 | /* This function collects the asn1 data from a constructred string |
| 870 | * type into a buffer. The values of 'in' and 'len' should refer | 1126 | * type into a buffer. The values of 'in' and 'len' should refer |
| 871 | * to the contents of the constructed type and 'inf' should be set | 1127 | * to the contents of the constructed type and 'inf' should be set |
| 872 | * if it is indefinite length. | 1128 | * if it is indefinite length. |
| 873 | */ | 1129 | */ |
| 874 | 1130 | ||
| 875 | static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass) | 1131 | static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, |
| 876 | { | 1132 | char inf, int tag, int aclass) |
| 877 | unsigned char *p, *q; | 1133 | { |
| 1134 | const unsigned char *p, *q; | ||
| 878 | long plen; | 1135 | long plen; |
| 879 | char cst, ininf; | 1136 | char cst, ininf; |
| 880 | p = *in; | 1137 | p = *in; |
| 881 | inf &= 1; | 1138 | inf &= 1; |
| 882 | while(len > 0) { | 1139 | /* If no buffer and not indefinite length constructed just pass over |
| 1140 | * the encoded data */ | ||
| 1141 | if (!buf && !inf) | ||
| 1142 | { | ||
| 1143 | *in += len; | ||
| 1144 | return 1; | ||
| 1145 | } | ||
| 1146 | while(len > 0) | ||
| 1147 | { | ||
| 883 | q = p; | 1148 | q = p; |
| 884 | /* Check for EOC */ | 1149 | /* Check for EOC */ |
| 885 | if(asn1_check_eoc(&p, len)) { | 1150 | if (asn1_check_eoc(&p, len)) |
| 886 | /* EOC is illegal outside indefinite length constructed form */ | 1151 | { |
| 887 | if(!inf) { | 1152 | /* EOC is illegal outside indefinite length |
| 888 | ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC); | 1153 | * constructed form */ |
| 1154 | if (!inf) | ||
| 1155 | { | ||
| 1156 | ASN1err(ASN1_F_ASN1_COLLECT, | ||
| 1157 | ASN1_R_UNEXPECTED_EOC); | ||
| 889 | return 0; | 1158 | return 0; |
| 890 | } | 1159 | } |
| 891 | inf = 0; | 1160 | inf = 0; |
| 892 | break; | 1161 | break; |
| 893 | } | 1162 | } |
| 894 | if(!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, len, tag, aclass, 0, NULL)) { | 1163 | |
| 1164 | if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, | ||
| 1165 | len, tag, aclass, 0, NULL)) | ||
| 1166 | { | ||
| 895 | ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR); | 1167 | ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR); |
| 896 | return 0; | 1168 | return 0; |
| 897 | } | 1169 | } |
| 1170 | |||
| 898 | /* If indefinite length constructed update max length */ | 1171 | /* If indefinite length constructed update max length */ |
| 899 | if(cst) { | 1172 | if (cst) |
| 1173 | { | ||
| 900 | #ifdef OPENSSL_ALLOW_NESTED_ASN1_STRINGS | 1174 | #ifdef OPENSSL_ALLOW_NESTED_ASN1_STRINGS |
| 901 | if (!asn1_collect(buf, &p, plen, ininf, tag, aclass)) | 1175 | if (!asn1_collect(buf, &p, plen, ininf, tag, aclass)) |
| 902 | return 0; | 1176 | return 0; |
| @@ -904,47 +1178,51 @@ static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, in | |||
| 904 | ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING); | 1178 | ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING); |
| 905 | return 0; | 1179 | return 0; |
| 906 | #endif | 1180 | #endif |
| 907 | } else { | 1181 | } |
| 908 | if(plen && !collect_data(buf, &p, plen)) return 0; | 1182 | else if (plen && !collect_data(buf, &p, plen)) |
| 909 | } | 1183 | return 0; |
| 910 | len -= p - q; | 1184 | len -= p - q; |
| 911 | } | 1185 | } |
| 912 | if(inf) { | 1186 | if (inf) |
| 1187 | { | ||
| 913 | ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC); | 1188 | ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC); |
| 914 | return 0; | 1189 | return 0; |
| 915 | } | 1190 | } |
| 916 | *in = p; | 1191 | *in = p; |
| 917 | return 1; | 1192 | return 1; |
| 918 | } | 1193 | } |
| 919 | 1194 | ||
| 920 | static int collect_data(BUF_MEM *buf, unsigned char **p, long plen) | 1195 | static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen) |
| 921 | { | 1196 | { |
| 922 | int len; | 1197 | int len; |
| 923 | if(buf) { | 1198 | if (buf) |
| 924 | len = buf->length; | 1199 | { |
| 925 | if(!BUF_MEM_grow_clean(buf, len + plen)) { | 1200 | len = buf->length; |
| 926 | ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE); | 1201 | if (!BUF_MEM_grow_clean(buf, len + plen)) |
| 927 | return 0; | 1202 | { |
| 1203 | ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE); | ||
| 1204 | return 0; | ||
| 928 | } | 1205 | } |
| 929 | memcpy(buf->data + len, *p, plen); | 1206 | memcpy(buf->data + len, *p, plen); |
| 930 | } | 1207 | } |
| 931 | *p += plen; | 1208 | *p += plen; |
| 932 | return 1; | 1209 | return 1; |
| 933 | } | 1210 | } |
| 934 | 1211 | ||
| 935 | /* Check for ASN1 EOC and swallow it if found */ | 1212 | /* Check for ASN1 EOC and swallow it if found */ |
| 936 | 1213 | ||
| 937 | static int asn1_check_eoc(unsigned char **in, long len) | 1214 | static int asn1_check_eoc(const unsigned char **in, long len) |
| 938 | { | 1215 | { |
| 939 | unsigned char *p; | 1216 | const unsigned char *p; |
| 940 | if(len < 2) return 0; | 1217 | if (len < 2) return 0; |
| 941 | p = *in; | 1218 | p = *in; |
| 942 | if(!p[0] && !p[1]) { | 1219 | if (!p[0] && !p[1]) |
| 1220 | { | ||
| 943 | *in += 2; | 1221 | *in += 2; |
| 944 | return 1; | 1222 | return 1; |
| 945 | } | 1223 | } |
| 946 | return 0; | 1224 | return 0; |
| 947 | } | 1225 | } |
| 948 | 1226 | ||
| 949 | /* Check an ASN1 tag and length: a bit like ASN1_get_object | 1227 | /* Check an ASN1 tag and length: a bit like ASN1_get_object |
| 950 | * but it sets the length for indefinite length constructed | 1228 | * but it sets the length for indefinite length constructed |
| @@ -953,25 +1231,32 @@ static int asn1_check_eoc(unsigned char **in, long len) | |||
| 953 | * header length just read. | 1231 | * header length just read. |
| 954 | */ | 1232 | */ |
| 955 | 1233 | ||
| 956 | static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst, | 1234 | static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, |
| 957 | unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx) | 1235 | char *inf, char *cst, |
| 958 | { | 1236 | const unsigned char **in, long len, |
| 1237 | int exptag, int expclass, char opt, | ||
| 1238 | ASN1_TLC *ctx) | ||
| 1239 | { | ||
| 959 | int i; | 1240 | int i; |
| 960 | int ptag, pclass; | 1241 | int ptag, pclass; |
| 961 | long plen; | 1242 | long plen; |
| 962 | unsigned char *p, *q; | 1243 | const unsigned char *p, *q; |
| 963 | p = *in; | 1244 | p = *in; |
| 964 | q = p; | 1245 | q = p; |
| 965 | 1246 | ||
| 966 | if(ctx && ctx->valid) { | 1247 | if (ctx && ctx->valid) |
| 1248 | { | ||
| 967 | i = ctx->ret; | 1249 | i = ctx->ret; |
| 968 | plen = ctx->plen; | 1250 | plen = ctx->plen; |
| 969 | pclass = ctx->pclass; | 1251 | pclass = ctx->pclass; |
| 970 | ptag = ctx->ptag; | 1252 | ptag = ctx->ptag; |
| 971 | p += ctx->hdrlen; | 1253 | p += ctx->hdrlen; |
| 972 | } else { | 1254 | } |
| 1255 | else | ||
| 1256 | { | ||
| 973 | i = ASN1_get_object(&p, &plen, &ptag, &pclass, len); | 1257 | i = ASN1_get_object(&p, &plen, &ptag, &pclass, len); |
| 974 | if(ctx) { | 1258 | if (ctx) |
| 1259 | { | ||
| 975 | ctx->ret = i; | 1260 | ctx->ret = i; |
| 976 | ctx->plen = plen; | 1261 | ctx->plen = plen; |
| 977 | ctx->pclass = pclass; | 1262 | ctx->pclass = pclass; |
| @@ -981,43 +1266,57 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *i | |||
| 981 | /* If definite length, and no error, length + | 1266 | /* If definite length, and no error, length + |
| 982 | * header can't exceed total amount of data available. | 1267 | * header can't exceed total amount of data available. |
| 983 | */ | 1268 | */ |
| 984 | if(!(i & 0x81) && ((plen + ctx->hdrlen) > len)) { | 1269 | if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) |
| 985 | ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG); | 1270 | { |
| 1271 | ASN1err(ASN1_F_ASN1_CHECK_TLEN, | ||
| 1272 | ASN1_R_TOO_LONG); | ||
| 986 | asn1_tlc_clear(ctx); | 1273 | asn1_tlc_clear(ctx); |
| 987 | return 0; | 1274 | return 0; |
| 1275 | } | ||
| 988 | } | 1276 | } |
| 989 | } | 1277 | } |
| 990 | } | ||
| 991 | 1278 | ||
| 992 | if(i & 0x80) { | 1279 | if (i & 0x80) |
| 1280 | { | ||
| 993 | ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER); | 1281 | ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER); |
| 994 | asn1_tlc_clear(ctx); | 1282 | asn1_tlc_clear(ctx); |
| 995 | return 0; | 1283 | return 0; |
| 996 | } | 1284 | } |
| 997 | if(exptag >= 0) { | 1285 | if (exptag >= 0) |
| 998 | if((exptag != ptag) || (expclass != pclass)) { | 1286 | { |
| 999 | /* If type is OPTIONAL, not an error, but indicate missing | 1287 | if ((exptag != ptag) || (expclass != pclass)) |
| 1000 | * type. | 1288 | { |
| 1289 | /* If type is OPTIONAL, not an error: | ||
| 1290 | * indicate missing type. | ||
| 1001 | */ | 1291 | */ |
| 1002 | if(opt) return -1; | 1292 | if (opt) return -1; |
| 1003 | asn1_tlc_clear(ctx); | 1293 | asn1_tlc_clear(ctx); |
| 1004 | ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG); | 1294 | ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG); |
| 1005 | return 0; | 1295 | return 0; |
| 1006 | } | 1296 | } |
| 1007 | /* We have a tag and class match, so assume we are going to do something with it */ | 1297 | /* We have a tag and class match: |
| 1298 | * assume we are going to do something with it */ | ||
| 1008 | asn1_tlc_clear(ctx); | 1299 | asn1_tlc_clear(ctx); |
| 1009 | } | 1300 | } |
| 1301 | |||
| 1302 | if (i & 1) | ||
| 1303 | plen = len - (p - q); | ||
| 1010 | 1304 | ||
| 1011 | if(i & 1) plen = len - (p - q); | 1305 | if (inf) |
| 1306 | *inf = i & 1; | ||
| 1012 | 1307 | ||
| 1013 | if(inf) *inf = i & 1; | 1308 | if (cst) |
| 1309 | *cst = i & V_ASN1_CONSTRUCTED; | ||
| 1014 | 1310 | ||
| 1015 | if(cst) *cst = i & V_ASN1_CONSTRUCTED; | 1311 | if (olen) |
| 1312 | *olen = plen; | ||
| 1016 | 1313 | ||
| 1017 | if(olen) *olen = plen; | 1314 | if (oclass) |
| 1018 | if(oclass) *oclass = pclass; | 1315 | *oclass = pclass; |
| 1019 | if(otag) *otag = ptag; | 1316 | |
| 1317 | if (otag) | ||
| 1318 | *otag = ptag; | ||
| 1020 | 1319 | ||
| 1021 | *in = p; | 1320 | *in = p; |
| 1022 | return 1; | 1321 | return 1; |
| 1023 | } | 1322 | } |
diff --git a/src/lib/libcrypto/asn1/tasn_enc.c b/src/lib/libcrypto/asn1/tasn_enc.c index c675c3c832..be19b36acd 100644 --- a/src/lib/libcrypto/asn1/tasn_enc.c +++ b/src/lib/libcrypto/asn1/tasn_enc.c | |||
| @@ -3,7 +3,7 @@ | |||
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 2000 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -59,88 +59,119 @@ | |||
| 59 | 59 | ||
| 60 | #include <stddef.h> | 60 | #include <stddef.h> |
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | #include "cryptlib.h" | ||
| 62 | #include <openssl/asn1.h> | 63 | #include <openssl/asn1.h> |
| 63 | #include <openssl/asn1t.h> | 64 | #include <openssl/asn1t.h> |
| 64 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 65 | 66 | ||
| 66 | static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); | 67 | static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, |
| 67 | static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *seq, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int isset); | 68 | const ASN1_ITEM *it, |
| 69 | int tag, int aclass); | ||
| 70 | static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, | ||
| 71 | int skcontlen, const ASN1_ITEM *item, | ||
| 72 | int do_sort, int iclass); | ||
| 73 | static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, | ||
| 74 | const ASN1_TEMPLATE *tt, | ||
| 75 | int tag, int aclass); | ||
| 76 | static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, | ||
| 77 | const ASN1_ITEM *it, int flags); | ||
| 78 | |||
| 79 | /* Top level i2d equivalents: the 'ndef' variant instructs the encoder | ||
| 80 | * to use indefinite length constructed encoding, where appropriate | ||
| 81 | */ | ||
| 82 | |||
| 83 | int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, | ||
| 84 | const ASN1_ITEM *it) | ||
| 85 | { | ||
| 86 | return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF); | ||
| 87 | } | ||
| 88 | |||
| 89 | int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) | ||
| 90 | { | ||
| 91 | return asn1_item_flags_i2d(val, out, it, 0); | ||
| 92 | } | ||
| 68 | 93 | ||
| 69 | /* Encode an ASN1 item, this is compatible with the | 94 | /* Encode an ASN1 item, this is use by the |
| 70 | * standard 'i2d' function. 'out' points to | 95 | * standard 'i2d' function. 'out' points to |
| 71 | * a buffer to output the data to, in future we will | 96 | * a buffer to output the data to. |
| 72 | * have more advanced versions that can output data | ||
| 73 | * a piece at a time and this will simply be a special | ||
| 74 | * case. | ||
| 75 | * | 97 | * |
| 76 | * The new i2d has one additional feature. If the output | 98 | * The new i2d has one additional feature. If the output |
| 77 | * buffer is NULL (i.e. *out == NULL) then a buffer is | 99 | * buffer is NULL (i.e. *out == NULL) then a buffer is |
| 78 | * allocated and populated with the encoding. | 100 | * allocated and populated with the encoding. |
| 79 | */ | 101 | */ |
| 80 | 102 | ||
| 81 | 103 | static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, | |
| 82 | int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) | 104 | const ASN1_ITEM *it, int flags) |
| 83 | { | 105 | { |
| 84 | if(out && !*out) { | 106 | if (out && !*out) |
| 107 | { | ||
| 85 | unsigned char *p, *buf; | 108 | unsigned char *p, *buf; |
| 86 | int len; | 109 | int len; |
| 87 | len = ASN1_item_ex_i2d(&val, NULL, it, -1, 0); | 110 | len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags); |
| 88 | if(len <= 0) return len; | 111 | if (len <= 0) |
| 112 | return len; | ||
| 89 | buf = OPENSSL_malloc(len); | 113 | buf = OPENSSL_malloc(len); |
| 90 | if(!buf) return -1; | 114 | if (!buf) |
| 115 | return -1; | ||
| 91 | p = buf; | 116 | p = buf; |
| 92 | ASN1_item_ex_i2d(&val, &p, it, -1, 0); | 117 | ASN1_item_ex_i2d(&val, &p, it, -1, flags); |
| 93 | *out = buf; | 118 | *out = buf; |
| 94 | return len; | 119 | return len; |
| 120 | } | ||
| 121 | |||
| 122 | return ASN1_item_ex_i2d(&val, out, it, -1, flags); | ||
| 95 | } | 123 | } |
| 96 | |||
| 97 | return ASN1_item_ex_i2d(&val, out, it, -1, 0); | ||
| 98 | } | ||
| 99 | 124 | ||
| 100 | /* Encode an item, taking care of IMPLICIT tagging (if any). | 125 | /* Encode an item, taking care of IMPLICIT tagging (if any). |
| 101 | * This function performs the normal item handling: it can be | 126 | * This function performs the normal item handling: it can be |
| 102 | * used in external types. | 127 | * used in external types. |
| 103 | */ | 128 | */ |
| 104 | 129 | ||
| 105 | int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) | 130 | int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, |
| 106 | { | 131 | const ASN1_ITEM *it, int tag, int aclass) |
| 132 | { | ||
| 107 | const ASN1_TEMPLATE *tt = NULL; | 133 | const ASN1_TEMPLATE *tt = NULL; |
| 108 | unsigned char *p = NULL; | 134 | unsigned char *p = NULL; |
| 109 | int i, seqcontlen, seqlen; | 135 | int i, seqcontlen, seqlen, ndef = 1; |
| 110 | ASN1_STRING *strtmp; | ||
| 111 | const ASN1_COMPAT_FUNCS *cf; | 136 | const ASN1_COMPAT_FUNCS *cf; |
| 112 | const ASN1_EXTERN_FUNCS *ef; | 137 | const ASN1_EXTERN_FUNCS *ef; |
| 113 | const ASN1_AUX *aux = it->funcs; | 138 | const ASN1_AUX *aux = it->funcs; |
| 114 | ASN1_aux_cb *asn1_cb; | 139 | ASN1_aux_cb *asn1_cb = 0; |
| 115 | if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return 0; | 140 | |
| 116 | if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; | 141 | if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) |
| 117 | else asn1_cb = 0; | 142 | return 0; |
| 118 | 143 | ||
| 119 | switch(it->itype) { | 144 | if (aux && aux->asn1_cb) |
| 145 | asn1_cb = aux->asn1_cb; | ||
| 146 | |||
| 147 | switch(it->itype) | ||
| 148 | { | ||
| 120 | 149 | ||
| 121 | case ASN1_ITYPE_PRIMITIVE: | 150 | case ASN1_ITYPE_PRIMITIVE: |
| 122 | if(it->templates) | 151 | if (it->templates) |
| 123 | return ASN1_template_i2d(pval, out, it->templates); | 152 | return asn1_template_ex_i2d(pval, out, it->templates, |
| 153 | tag, aclass); | ||
| 124 | return asn1_i2d_ex_primitive(pval, out, it, tag, aclass); | 154 | return asn1_i2d_ex_primitive(pval, out, it, tag, aclass); |
| 125 | break; | 155 | break; |
| 126 | 156 | ||
| 127 | case ASN1_ITYPE_MSTRING: | 157 | case ASN1_ITYPE_MSTRING: |
| 128 | strtmp = (ASN1_STRING *)*pval; | 158 | return asn1_i2d_ex_primitive(pval, out, it, -1, aclass); |
| 129 | return asn1_i2d_ex_primitive(pval, out, it, -1, 0); | ||
| 130 | 159 | ||
| 131 | case ASN1_ITYPE_CHOICE: | 160 | case ASN1_ITYPE_CHOICE: |
| 132 | if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) | 161 | if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) |
| 133 | return 0; | 162 | return 0; |
| 134 | i = asn1_get_choice_selector(pval, it); | 163 | i = asn1_get_choice_selector(pval, it); |
| 135 | if((i >= 0) && (i < it->tcount)) { | 164 | if ((i >= 0) && (i < it->tcount)) |
| 165 | { | ||
| 136 | ASN1_VALUE **pchval; | 166 | ASN1_VALUE **pchval; |
| 137 | const ASN1_TEMPLATE *chtt; | 167 | const ASN1_TEMPLATE *chtt; |
| 138 | chtt = it->templates + i; | 168 | chtt = it->templates + i; |
| 139 | pchval = asn1_get_field_ptr(pval, chtt); | 169 | pchval = asn1_get_field_ptr(pval, chtt); |
| 140 | return ASN1_template_i2d(pchval, out, chtt); | 170 | return asn1_template_ex_i2d(pchval, out, chtt, |
| 141 | } | 171 | -1, aclass); |
| 172 | } | ||
| 142 | /* Fixme: error condition if selector out of range */ | 173 | /* Fixme: error condition if selector out of range */ |
| 143 | if(asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) | 174 | if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) |
| 144 | return 0; | 175 | return 0; |
| 145 | break; | 176 | break; |
| 146 | 177 | ||
| @@ -152,136 +183,236 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it | |||
| 152 | case ASN1_ITYPE_COMPAT: | 183 | case ASN1_ITYPE_COMPAT: |
| 153 | /* old style hackery... */ | 184 | /* old style hackery... */ |
| 154 | cf = it->funcs; | 185 | cf = it->funcs; |
| 155 | if(out) p = *out; | 186 | if (out) |
| 187 | p = *out; | ||
| 156 | i = cf->asn1_i2d(*pval, out); | 188 | i = cf->asn1_i2d(*pval, out); |
| 157 | /* Fixup for IMPLICIT tag: note this messes up for tags > 30, | 189 | /* Fixup for IMPLICIT tag: note this messes up for tags > 30, |
| 158 | * but so did the old code. Tags > 30 are very rare anyway. | 190 | * but so did the old code. Tags > 30 are very rare anyway. |
| 159 | */ | 191 | */ |
| 160 | if(out && (tag != -1)) | 192 | if (out && (tag != -1)) |
| 161 | *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED); | 193 | *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED); |
| 162 | return i; | 194 | return i; |
| 163 | 195 | ||
| 196 | case ASN1_ITYPE_NDEF_SEQUENCE: | ||
| 197 | /* Use indefinite length constructed if requested */ | ||
| 198 | if (aclass & ASN1_TFLG_NDEF) ndef = 2; | ||
| 199 | /* fall through */ | ||
| 200 | |||
| 164 | case ASN1_ITYPE_SEQUENCE: | 201 | case ASN1_ITYPE_SEQUENCE: |
| 165 | i = asn1_enc_restore(&seqcontlen, out, pval, it); | 202 | i = asn1_enc_restore(&seqcontlen, out, pval, it); |
| 166 | /* An error occurred */ | 203 | /* An error occurred */ |
| 167 | if(i < 0) return 0; | 204 | if (i < 0) |
| 205 | return 0; | ||
| 168 | /* We have a valid cached encoding... */ | 206 | /* We have a valid cached encoding... */ |
| 169 | if(i > 0) return seqcontlen; | 207 | if (i > 0) |
| 208 | return seqcontlen; | ||
| 170 | /* Otherwise carry on */ | 209 | /* Otherwise carry on */ |
| 171 | seqcontlen = 0; | 210 | seqcontlen = 0; |
| 172 | /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ | 211 | /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ |
| 173 | if(tag == -1) { | 212 | if (tag == -1) |
| 213 | { | ||
| 174 | tag = V_ASN1_SEQUENCE; | 214 | tag = V_ASN1_SEQUENCE; |
| 175 | aclass = V_ASN1_UNIVERSAL; | 215 | /* Retain any other flags in aclass */ |
| 176 | } | 216 | aclass = (aclass & ~ASN1_TFLG_TAG_CLASS) |
| 177 | if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) | 217 | | V_ASN1_UNIVERSAL; |
| 218 | } | ||
| 219 | if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) | ||
| 178 | return 0; | 220 | return 0; |
| 179 | /* First work out sequence content length */ | 221 | /* First work out sequence content length */ |
| 180 | for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) { | 222 | for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) |
| 223 | { | ||
| 181 | const ASN1_TEMPLATE *seqtt; | 224 | const ASN1_TEMPLATE *seqtt; |
| 182 | ASN1_VALUE **pseqval; | 225 | ASN1_VALUE **pseqval; |
| 183 | seqtt = asn1_do_adb(pval, tt, 1); | 226 | seqtt = asn1_do_adb(pval, tt, 1); |
| 184 | if(!seqtt) return 0; | 227 | if (!seqtt) |
| 228 | return 0; | ||
| 185 | pseqval = asn1_get_field_ptr(pval, seqtt); | 229 | pseqval = asn1_get_field_ptr(pval, seqtt); |
| 186 | /* FIXME: check for errors in enhanced version */ | 230 | /* FIXME: check for errors in enhanced version */ |
| 187 | /* FIXME: special handling of indefinite length encoding */ | 231 | seqcontlen += asn1_template_ex_i2d(pseqval, NULL, seqtt, |
| 188 | seqcontlen += ASN1_template_i2d(pseqval, NULL, seqtt); | 232 | -1, aclass); |
| 189 | } | 233 | } |
| 190 | seqlen = ASN1_object_size(1, seqcontlen, tag); | 234 | |
| 191 | if(!out) return seqlen; | 235 | seqlen = ASN1_object_size(ndef, seqcontlen, tag); |
| 236 | if (!out) | ||
| 237 | return seqlen; | ||
| 192 | /* Output SEQUENCE header */ | 238 | /* Output SEQUENCE header */ |
| 193 | ASN1_put_object(out, 1, seqcontlen, tag, aclass); | 239 | ASN1_put_object(out, ndef, seqcontlen, tag, aclass); |
| 194 | for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) { | 240 | for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) |
| 241 | { | ||
| 195 | const ASN1_TEMPLATE *seqtt; | 242 | const ASN1_TEMPLATE *seqtt; |
| 196 | ASN1_VALUE **pseqval; | 243 | ASN1_VALUE **pseqval; |
| 197 | seqtt = asn1_do_adb(pval, tt, 1); | 244 | seqtt = asn1_do_adb(pval, tt, 1); |
| 198 | if(!seqtt) return 0; | 245 | if (!seqtt) |
| 246 | return 0; | ||
| 199 | pseqval = asn1_get_field_ptr(pval, seqtt); | 247 | pseqval = asn1_get_field_ptr(pval, seqtt); |
| 200 | /* FIXME: check for errors in enhanced version */ | 248 | /* FIXME: check for errors in enhanced version */ |
| 201 | ASN1_template_i2d(pseqval, out, seqtt); | 249 | asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass); |
| 202 | } | 250 | } |
| 203 | if(asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) | 251 | if (ndef == 2) |
| 252 | ASN1_put_eoc(out); | ||
| 253 | if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) | ||
| 204 | return 0; | 254 | return 0; |
| 205 | return seqlen; | 255 | return seqlen; |
| 206 | 256 | ||
| 207 | default: | 257 | default: |
| 208 | return 0; | 258 | return 0; |
| 209 | } | 259 | |
| 260 | } | ||
| 210 | return 0; | 261 | return 0; |
| 211 | } | 262 | } |
| 212 | 263 | ||
| 213 | int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt) | 264 | int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, |
| 214 | { | 265 | const ASN1_TEMPLATE *tt) |
| 215 | int i, ret, flags, aclass; | 266 | { |
| 267 | return asn1_template_ex_i2d(pval, out, tt, -1, 0); | ||
| 268 | } | ||
| 269 | |||
| 270 | static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, | ||
| 271 | const ASN1_TEMPLATE *tt, int tag, int iclass) | ||
| 272 | { | ||
| 273 | int i, ret, flags, ttag, tclass, ndef; | ||
| 216 | flags = tt->flags; | 274 | flags = tt->flags; |
| 217 | aclass = flags & ASN1_TFLG_TAG_CLASS; | 275 | /* Work out tag and class to use: tagging may come |
| 218 | if(flags & ASN1_TFLG_SK_MASK) { | 276 | * either from the template or the arguments, not both |
| 277 | * because this would create ambiguity. Additionally | ||
| 278 | * the iclass argument may contain some additional flags | ||
| 279 | * which should be noted and passed down to other levels. | ||
| 280 | */ | ||
| 281 | if (flags & ASN1_TFLG_TAG_MASK) | ||
| 282 | { | ||
| 283 | /* Error if argument and template tagging */ | ||
| 284 | if (tag != -1) | ||
| 285 | /* FIXME: error code here */ | ||
| 286 | return -1; | ||
| 287 | /* Get tagging from template */ | ||
| 288 | ttag = tt->tag; | ||
| 289 | tclass = flags & ASN1_TFLG_TAG_CLASS; | ||
| 290 | } | ||
| 291 | else if (tag != -1) | ||
| 292 | { | ||
| 293 | /* No template tagging, get from arguments */ | ||
| 294 | ttag = tag; | ||
| 295 | tclass = iclass & ASN1_TFLG_TAG_CLASS; | ||
| 296 | } | ||
| 297 | else | ||
| 298 | { | ||
| 299 | ttag = -1; | ||
| 300 | tclass = 0; | ||
| 301 | } | ||
| 302 | /* | ||
| 303 | * Remove any class mask from iflag. | ||
| 304 | */ | ||
| 305 | iclass &= ~ASN1_TFLG_TAG_CLASS; | ||
| 306 | |||
| 307 | /* At this point 'ttag' contains the outer tag to use, | ||
| 308 | * 'tclass' is the class and iclass is any flags passed | ||
| 309 | * to this function. | ||
| 310 | */ | ||
| 311 | |||
| 312 | /* if template and arguments require ndef, use it */ | ||
| 313 | if ((flags & ASN1_TFLG_NDEF) && (iclass & ASN1_TFLG_NDEF)) | ||
| 314 | ndef = 2; | ||
| 315 | else ndef = 1; | ||
| 316 | |||
| 317 | if (flags & ASN1_TFLG_SK_MASK) | ||
| 318 | { | ||
| 219 | /* SET OF, SEQUENCE OF */ | 319 | /* SET OF, SEQUENCE OF */ |
| 220 | STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; | 320 | STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; |
| 221 | int isset, sktag, skaclass; | 321 | int isset, sktag, skaclass; |
| 222 | int skcontlen, sklen; | 322 | int skcontlen, sklen; |
| 223 | ASN1_VALUE *skitem; | 323 | ASN1_VALUE *skitem; |
| 224 | if(!*pval) return 0; | 324 | |
| 225 | if(flags & ASN1_TFLG_SET_OF) { | 325 | if (!*pval) |
| 326 | return 0; | ||
| 327 | |||
| 328 | if (flags & ASN1_TFLG_SET_OF) | ||
| 329 | { | ||
| 226 | isset = 1; | 330 | isset = 1; |
| 227 | /* 2 means we reorder */ | 331 | /* 2 means we reorder */ |
| 228 | if(flags & ASN1_TFLG_SEQUENCE_OF) isset = 2; | 332 | if (flags & ASN1_TFLG_SEQUENCE_OF) |
| 229 | } else isset = 0; | 333 | isset = 2; |
| 230 | /* First work out inner tag value */ | 334 | } |
| 231 | if(flags & ASN1_TFLG_IMPTAG) { | 335 | else isset = 0; |
| 232 | sktag = tt->tag; | 336 | |
| 233 | skaclass = aclass; | 337 | /* Work out inner tag value: if EXPLICIT |
| 234 | } else { | 338 | * or no tagging use underlying type. |
| 339 | */ | ||
| 340 | if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) | ||
| 341 | { | ||
| 342 | sktag = ttag; | ||
| 343 | skaclass = tclass; | ||
| 344 | } | ||
| 345 | else | ||
| 346 | { | ||
| 235 | skaclass = V_ASN1_UNIVERSAL; | 347 | skaclass = V_ASN1_UNIVERSAL; |
| 236 | if(isset) sktag = V_ASN1_SET; | 348 | if (isset) |
| 349 | sktag = V_ASN1_SET; | ||
| 237 | else sktag = V_ASN1_SEQUENCE; | 350 | else sktag = V_ASN1_SEQUENCE; |
| 238 | } | 351 | } |
| 239 | /* Now work out length of items */ | 352 | |
| 353 | /* Determine total length of items */ | ||
| 240 | skcontlen = 0; | 354 | skcontlen = 0; |
| 241 | for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) { | 355 | for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) |
| 356 | { | ||
| 242 | skitem = sk_ASN1_VALUE_value(sk, i); | 357 | skitem = sk_ASN1_VALUE_value(sk, i); |
| 243 | skcontlen += ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item), -1, 0); | 358 | skcontlen += ASN1_item_ex_i2d(&skitem, NULL, |
| 244 | } | 359 | ASN1_ITEM_ptr(tt->item), |
| 245 | sklen = ASN1_object_size(1, skcontlen, sktag); | 360 | -1, iclass); |
| 361 | } | ||
| 362 | sklen = ASN1_object_size(ndef, skcontlen, sktag); | ||
| 246 | /* If EXPLICIT need length of surrounding tag */ | 363 | /* If EXPLICIT need length of surrounding tag */ |
| 247 | if(flags & ASN1_TFLG_EXPTAG) | 364 | if (flags & ASN1_TFLG_EXPTAG) |
| 248 | ret = ASN1_object_size(1, sklen, tt->tag); | 365 | ret = ASN1_object_size(ndef, sklen, ttag); |
| 249 | else ret = sklen; | 366 | else ret = sklen; |
| 250 | 367 | ||
| 251 | if(!out) return ret; | 368 | if (!out) |
| 369 | return ret; | ||
| 252 | 370 | ||
| 253 | /* Now encode this lot... */ | 371 | /* Now encode this lot... */ |
| 254 | /* EXPLICIT tag */ | 372 | /* EXPLICIT tag */ |
| 255 | if(flags & ASN1_TFLG_EXPTAG) | 373 | if (flags & ASN1_TFLG_EXPTAG) |
| 256 | ASN1_put_object(out, 1, sklen, tt->tag, aclass); | 374 | ASN1_put_object(out, ndef, sklen, ttag, tclass); |
| 257 | /* SET or SEQUENCE and IMPLICIT tag */ | 375 | /* SET or SEQUENCE and IMPLICIT tag */ |
| 258 | ASN1_put_object(out, 1, skcontlen, sktag, skaclass); | 376 | ASN1_put_object(out, ndef, skcontlen, sktag, skaclass); |
| 259 | /* And finally the stuff itself */ | 377 | /* And the stuff itself */ |
| 260 | asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item), isset); | 378 | asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item), |
| 379 | isset, iclass); | ||
| 380 | if (ndef == 2) | ||
| 381 | { | ||
| 382 | ASN1_put_eoc(out); | ||
| 383 | if (flags & ASN1_TFLG_EXPTAG) | ||
| 384 | ASN1_put_eoc(out); | ||
| 385 | } | ||
| 261 | 386 | ||
| 262 | return ret; | 387 | return ret; |
| 263 | } | 388 | } |
| 264 | 389 | ||
| 265 | if(flags & ASN1_TFLG_EXPTAG) { | 390 | if (flags & ASN1_TFLG_EXPTAG) |
| 391 | { | ||
| 266 | /* EXPLICIT tagging */ | 392 | /* EXPLICIT tagging */ |
| 267 | /* Find length of tagged item */ | 393 | /* Find length of tagged item */ |
| 268 | i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), -1, 0); | 394 | i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), |
| 269 | if(!i) return 0; | 395 | -1, iclass); |
| 396 | if (!i) | ||
| 397 | return 0; | ||
| 270 | /* Find length of EXPLICIT tag */ | 398 | /* Find length of EXPLICIT tag */ |
| 271 | ret = ASN1_object_size(1, i, tt->tag); | 399 | ret = ASN1_object_size(ndef, i, ttag); |
| 272 | if(out) { | 400 | if (out) |
| 401 | { | ||
| 273 | /* Output tag and item */ | 402 | /* Output tag and item */ |
| 274 | ASN1_put_object(out, 1, i, tt->tag, aclass); | 403 | ASN1_put_object(out, ndef, i, ttag, tclass); |
| 275 | ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, 0); | 404 | ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), |
| 276 | } | 405 | -1, iclass); |
| 406 | if (ndef == 2) | ||
| 407 | ASN1_put_eoc(out); | ||
| 408 | } | ||
| 277 | return ret; | 409 | return ret; |
| 278 | } | 410 | } |
| 279 | if(flags & ASN1_TFLG_IMPTAG) { | 411 | |
| 280 | /* IMPLICIT tagging */ | 412 | /* Either normal or IMPLICIT tagging: combine class and flags */ |
| 281 | return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), tt->tag, aclass); | 413 | return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), |
| 282 | } | 414 | ttag, tclass | iclass); |
| 283 | /* Nothing special: treat as normal */ | 415 | |
| 284 | return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, 0); | ||
| 285 | } | 416 | } |
| 286 | 417 | ||
| 287 | /* Temporary structure used to hold DER encoding of items for SET OF */ | 418 | /* Temporary structure used to hold DER encoding of items for SET OF */ |
| @@ -293,72 +424,90 @@ typedef struct { | |||
| 293 | } DER_ENC; | 424 | } DER_ENC; |
| 294 | 425 | ||
| 295 | static int der_cmp(const void *a, const void *b) | 426 | static int der_cmp(const void *a, const void *b) |
| 296 | { | 427 | { |
| 297 | const DER_ENC *d1 = a, *d2 = b; | 428 | const DER_ENC *d1 = a, *d2 = b; |
| 298 | int cmplen, i; | 429 | int cmplen, i; |
| 299 | cmplen = (d1->length < d2->length) ? d1->length : d2->length; | 430 | cmplen = (d1->length < d2->length) ? d1->length : d2->length; |
| 300 | i = memcmp(d1->data, d2->data, cmplen); | 431 | i = memcmp(d1->data, d2->data, cmplen); |
| 301 | if(i) return i; | 432 | if (i) |
| 433 | return i; | ||
| 302 | return d1->length - d2->length; | 434 | return d1->length - d2->length; |
| 303 | } | 435 | } |
| 304 | 436 | ||
| 305 | /* Output the content octets of SET OF or SEQUENCE OF */ | 437 | /* Output the content octets of SET OF or SEQUENCE OF */ |
| 306 | 438 | ||
| 307 | static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int do_sort) | 439 | static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, |
| 308 | { | 440 | int skcontlen, const ASN1_ITEM *item, |
| 441 | int do_sort, int iclass) | ||
| 442 | { | ||
| 309 | int i; | 443 | int i; |
| 310 | ASN1_VALUE *skitem; | 444 | ASN1_VALUE *skitem; |
| 311 | unsigned char *tmpdat = NULL, *p = NULL; | 445 | unsigned char *tmpdat = NULL, *p = NULL; |
| 312 | DER_ENC *derlst = NULL, *tder; | 446 | DER_ENC *derlst = NULL, *tder; |
| 313 | if(do_sort) { | 447 | if (do_sort) |
| 448 | { | ||
| 314 | /* Don't need to sort less than 2 items */ | 449 | /* Don't need to sort less than 2 items */ |
| 315 | if(sk_ASN1_VALUE_num(sk) < 2) do_sort = 0; | 450 | if (sk_ASN1_VALUE_num(sk) < 2) |
| 316 | else { | 451 | do_sort = 0; |
| 317 | derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst)); | 452 | else |
| 453 | { | ||
| 454 | derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) | ||
| 455 | * sizeof(*derlst)); | ||
| 318 | tmpdat = OPENSSL_malloc(skcontlen); | 456 | tmpdat = OPENSSL_malloc(skcontlen); |
| 319 | if(!derlst || !tmpdat) return 0; | 457 | if (!derlst || !tmpdat) |
| 458 | return 0; | ||
| 459 | } | ||
| 320 | } | 460 | } |
| 321 | } | ||
| 322 | /* If not sorting just output each item */ | 461 | /* If not sorting just output each item */ |
| 323 | if(!do_sort) { | 462 | if (!do_sort) |
| 324 | for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) { | 463 | { |
| 464 | for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) | ||
| 465 | { | ||
| 325 | skitem = sk_ASN1_VALUE_value(sk, i); | 466 | skitem = sk_ASN1_VALUE_value(sk, i); |
| 326 | ASN1_item_i2d(skitem, out, item); | 467 | ASN1_item_ex_i2d(&skitem, out, item, -1, iclass); |
| 327 | } | 468 | } |
| 328 | return 1; | 469 | return 1; |
| 329 | } | 470 | } |
| 330 | p = tmpdat; | 471 | p = tmpdat; |
| 472 | |||
| 331 | /* Doing sort: build up a list of each member's DER encoding */ | 473 | /* Doing sort: build up a list of each member's DER encoding */ |
| 332 | for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { | 474 | for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) |
| 475 | { | ||
| 333 | skitem = sk_ASN1_VALUE_value(sk, i); | 476 | skitem = sk_ASN1_VALUE_value(sk, i); |
| 334 | tder->data = p; | 477 | tder->data = p; |
| 335 | tder->length = ASN1_item_i2d(skitem, &p, item); | 478 | tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass); |
| 336 | tder->field = skitem; | 479 | tder->field = skitem; |
| 337 | } | 480 | } |
| 481 | |||
| 338 | /* Now sort them */ | 482 | /* Now sort them */ |
| 339 | qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp); | 483 | qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp); |
| 340 | /* Output sorted DER encoding */ | 484 | /* Output sorted DER encoding */ |
| 341 | p = *out; | 485 | p = *out; |
| 342 | for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { | 486 | for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) |
| 487 | { | ||
| 343 | memcpy(p, tder->data, tder->length); | 488 | memcpy(p, tder->data, tder->length); |
| 344 | p += tder->length; | 489 | p += tder->length; |
| 345 | } | 490 | } |
| 346 | *out = p; | 491 | *out = p; |
| 347 | /* If do_sort is 2 then reorder the STACK */ | 492 | /* If do_sort is 2 then reorder the STACK */ |
| 348 | if(do_sort == 2) { | 493 | if (do_sort == 2) |
| 349 | for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) | 494 | { |
| 350 | sk_ASN1_VALUE_set(sk, i, tder->field); | 495 | for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); |
| 351 | } | 496 | i++, tder++) |
| 497 | (void)sk_ASN1_VALUE_set(sk, i, tder->field); | ||
| 498 | } | ||
| 352 | OPENSSL_free(derlst); | 499 | OPENSSL_free(derlst); |
| 353 | OPENSSL_free(tmpdat); | 500 | OPENSSL_free(tmpdat); |
| 354 | return 1; | 501 | return 1; |
| 355 | } | 502 | } |
| 356 | 503 | ||
| 357 | static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) | 504 | static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, |
| 358 | { | 505 | const ASN1_ITEM *it, int tag, int aclass) |
| 506 | { | ||
| 359 | int len; | 507 | int len; |
| 360 | int utype; | 508 | int utype; |
| 361 | int usetag; | 509 | int usetag; |
| 510 | int ndef = 0; | ||
| 362 | 511 | ||
| 363 | utype = it->utype; | 512 | utype = it->utype; |
| 364 | 513 | ||
| @@ -374,33 +523,48 @@ static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const A | |||
| 374 | * because the call to asn1_ex_i2c() could change | 523 | * because the call to asn1_ex_i2c() could change |
| 375 | * utype. | 524 | * utype. |
| 376 | */ | 525 | */ |
| 377 | if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || | 526 | if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || |
| 378 | (utype == V_ASN1_OTHER)) | 527 | (utype == V_ASN1_OTHER)) |
| 379 | usetag = 0; | 528 | usetag = 0; |
| 380 | else usetag = 1; | 529 | else usetag = 1; |
| 381 | 530 | ||
| 382 | /* -1 means omit type */ | 531 | /* -1 means omit type */ |
| 383 | 532 | ||
| 384 | if(len == -1) return 0; | 533 | if (len == -1) |
| 534 | return 0; | ||
| 535 | |||
| 536 | /* -2 return is special meaning use ndef */ | ||
| 537 | if (len == -2) | ||
| 538 | { | ||
| 539 | ndef = 2; | ||
| 540 | len = 0; | ||
| 541 | } | ||
| 385 | 542 | ||
| 386 | /* If not implicitly tagged get tag from underlying type */ | 543 | /* If not implicitly tagged get tag from underlying type */ |
| 387 | if(tag == -1) tag = utype; | 544 | if (tag == -1) tag = utype; |
| 388 | 545 | ||
| 389 | /* Output tag+length followed by content octets */ | 546 | /* Output tag+length followed by content octets */ |
| 390 | if(out) { | 547 | if (out) |
| 391 | if(usetag) ASN1_put_object(out, 0, len, tag, aclass); | 548 | { |
| 549 | if (usetag) | ||
| 550 | ASN1_put_object(out, ndef, len, tag, aclass); | ||
| 392 | asn1_ex_i2c(pval, *out, &utype, it); | 551 | asn1_ex_i2c(pval, *out, &utype, it); |
| 393 | *out += len; | 552 | if (ndef) |
| 394 | } | 553 | ASN1_put_eoc(out); |
| 554 | else | ||
| 555 | *out += len; | ||
| 556 | } | ||
| 395 | 557 | ||
| 396 | if(usetag) return ASN1_object_size(0, len, tag); | 558 | if (usetag) |
| 559 | return ASN1_object_size(ndef, len, tag); | ||
| 397 | return len; | 560 | return len; |
| 398 | } | 561 | } |
| 399 | 562 | ||
| 400 | /* Produce content octets from a structure */ | 563 | /* Produce content octets from a structure */ |
| 401 | 564 | ||
| 402 | int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ITEM *it) | 565 | int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, |
| 403 | { | 566 | const ASN1_ITEM *it) |
| 567 | { | ||
| 404 | ASN1_BOOLEAN *tbool = NULL; | 568 | ASN1_BOOLEAN *tbool = NULL; |
| 405 | ASN1_STRING *strtmp; | 569 | ASN1_STRING *strtmp; |
| 406 | ASN1_OBJECT *otmp; | 570 | ASN1_OBJECT *otmp; |
| @@ -409,28 +573,36 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ | |||
| 409 | int len; | 573 | int len; |
| 410 | const ASN1_PRIMITIVE_FUNCS *pf; | 574 | const ASN1_PRIMITIVE_FUNCS *pf; |
| 411 | pf = it->funcs; | 575 | pf = it->funcs; |
| 412 | if(pf && pf->prim_i2c) return pf->prim_i2c(pval, cout, putype, it); | 576 | if (pf && pf->prim_i2c) |
| 577 | return pf->prim_i2c(pval, cout, putype, it); | ||
| 413 | 578 | ||
| 414 | /* Should type be omitted? */ | 579 | /* Should type be omitted? */ |
| 415 | if((it->itype != ASN1_ITYPE_PRIMITIVE) || (it->utype != V_ASN1_BOOLEAN)) { | 580 | if ((it->itype != ASN1_ITYPE_PRIMITIVE) |
| 416 | if(!*pval) return -1; | 581 | || (it->utype != V_ASN1_BOOLEAN)) |
| 417 | } | 582 | { |
| 583 | if (!*pval) return -1; | ||
| 584 | } | ||
| 418 | 585 | ||
| 419 | if(it->itype == ASN1_ITYPE_MSTRING) { | 586 | if (it->itype == ASN1_ITYPE_MSTRING) |
| 587 | { | ||
| 420 | /* If MSTRING type set the underlying type */ | 588 | /* If MSTRING type set the underlying type */ |
| 421 | strtmp = (ASN1_STRING *)*pval; | 589 | strtmp = (ASN1_STRING *)*pval; |
| 422 | utype = strtmp->type; | 590 | utype = strtmp->type; |
| 423 | *putype = utype; | 591 | *putype = utype; |
| 424 | } else if(it->utype == V_ASN1_ANY) { | 592 | } |
| 593 | else if (it->utype == V_ASN1_ANY) | ||
| 594 | { | ||
| 425 | /* If ANY set type and pointer to value */ | 595 | /* If ANY set type and pointer to value */ |
| 426 | ASN1_TYPE *typ; | 596 | ASN1_TYPE *typ; |
| 427 | typ = (ASN1_TYPE *)*pval; | 597 | typ = (ASN1_TYPE *)*pval; |
| 428 | utype = typ->type; | 598 | utype = typ->type; |
| 429 | *putype = utype; | 599 | *putype = utype; |
| 430 | pval = (ASN1_VALUE **)&typ->value.ptr; | 600 | pval = &typ->value.asn1_value; |
| 431 | } else utype = *putype; | 601 | } |
| 602 | else utype = *putype; | ||
| 432 | 603 | ||
| 433 | switch(utype) { | 604 | switch(utype) |
| 605 | { | ||
| 434 | case V_ASN1_OBJECT: | 606 | case V_ASN1_OBJECT: |
| 435 | otmp = (ASN1_OBJECT *)*pval; | 607 | otmp = (ASN1_OBJECT *)*pval; |
| 436 | cont = otmp->data; | 608 | cont = otmp->data; |
| @@ -444,12 +616,15 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ | |||
| 444 | 616 | ||
| 445 | case V_ASN1_BOOLEAN: | 617 | case V_ASN1_BOOLEAN: |
| 446 | tbool = (ASN1_BOOLEAN *)pval; | 618 | tbool = (ASN1_BOOLEAN *)pval; |
| 447 | if(*tbool == -1) return -1; | 619 | if (*tbool == -1) |
| 620 | return -1; | ||
| 448 | if (it->utype != V_ASN1_ANY) | 621 | if (it->utype != V_ASN1_ANY) |
| 449 | { | 622 | { |
| 450 | /* Default handling if value == size field then omit */ | 623 | /* Default handling if value == size field then omit */ |
| 451 | if(*tbool && (it->size > 0)) return -1; | 624 | if (*tbool && (it->size > 0)) |
| 452 | if(!*tbool && !it->size) return -1; | 625 | return -1; |
| 626 | if (!*tbool && !it->size) | ||
| 627 | return -1; | ||
| 453 | } | 628 | } |
| 454 | c = (unsigned char)*tbool; | 629 | c = (unsigned char)*tbool; |
| 455 | cont = &c; | 630 | cont = &c; |
| @@ -457,7 +632,8 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ | |||
| 457 | break; | 632 | break; |
| 458 | 633 | ||
| 459 | case V_ASN1_BIT_STRING: | 634 | case V_ASN1_BIT_STRING: |
| 460 | return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, cout ? &cout : NULL); | 635 | return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, |
| 636 | cout ? &cout : NULL); | ||
| 461 | break; | 637 | break; |
| 462 | 638 | ||
| 463 | case V_ASN1_INTEGER: | 639 | case V_ASN1_INTEGER: |
| @@ -467,7 +643,8 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ | |||
| 467 | /* These are all have the same content format | 643 | /* These are all have the same content format |
| 468 | * as ASN1_INTEGER | 644 | * as ASN1_INTEGER |
| 469 | */ | 645 | */ |
| 470 | return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL); | 646 | return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, |
| 647 | cout ? &cout : NULL); | ||
| 471 | break; | 648 | break; |
| 472 | 649 | ||
| 473 | case V_ASN1_OCTET_STRING: | 650 | case V_ASN1_OCTET_STRING: |
| @@ -489,12 +666,25 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ | |||
| 489 | default: | 666 | default: |
| 490 | /* All based on ASN1_STRING and handled the same */ | 667 | /* All based on ASN1_STRING and handled the same */ |
| 491 | strtmp = (ASN1_STRING *)*pval; | 668 | strtmp = (ASN1_STRING *)*pval; |
| 669 | /* Special handling for NDEF */ | ||
| 670 | if ((it->size == ASN1_TFLG_NDEF) | ||
| 671 | && (strtmp->flags & ASN1_STRING_FLAG_NDEF)) | ||
| 672 | { | ||
| 673 | if (cout) | ||
| 674 | { | ||
| 675 | strtmp->data = cout; | ||
| 676 | strtmp->length = 0; | ||
| 677 | } | ||
| 678 | /* Special return code */ | ||
| 679 | return -2; | ||
| 680 | } | ||
| 492 | cont = strtmp->data; | 681 | cont = strtmp->data; |
| 493 | len = strtmp->length; | 682 | len = strtmp->length; |
| 494 | 683 | ||
| 495 | break; | 684 | break; |
| 496 | 685 | ||
| 497 | } | 686 | } |
| 498 | if(cout && len) memcpy(cout, cont, len); | 687 | if (cout && len) |
| 688 | memcpy(cout, cont, len); | ||
| 499 | return len; | 689 | return len; |
| 500 | } | 690 | } |
diff --git a/src/lib/libcrypto/asn1/tasn_fre.c b/src/lib/libcrypto/asn1/tasn_fre.c index 2dd844159e..bb7c1e2af4 100644 --- a/src/lib/libcrypto/asn1/tasn_fre.c +++ b/src/lib/libcrypto/asn1/tasn_fre.c | |||
| @@ -67,33 +67,40 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c | |||
| 67 | /* Free up an ASN1 structure */ | 67 | /* Free up an ASN1 structure */ |
| 68 | 68 | ||
| 69 | void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it) | 69 | void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it) |
| 70 | { | 70 | { |
| 71 | asn1_item_combine_free(&val, it, 0); | 71 | asn1_item_combine_free(&val, it, 0); |
| 72 | } | 72 | } |
| 73 | 73 | ||
| 74 | void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) | 74 | void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) |
| 75 | { | 75 | { |
| 76 | asn1_item_combine_free(pval, it, 0); | 76 | asn1_item_combine_free(pval, it, 0); |
| 77 | } | 77 | } |
| 78 | 78 | ||
| 79 | static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine) | 79 | static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine) |
| 80 | { | 80 | { |
| 81 | const ASN1_TEMPLATE *tt = NULL, *seqtt; | 81 | const ASN1_TEMPLATE *tt = NULL, *seqtt; |
| 82 | const ASN1_EXTERN_FUNCS *ef; | 82 | const ASN1_EXTERN_FUNCS *ef; |
| 83 | const ASN1_COMPAT_FUNCS *cf; | 83 | const ASN1_COMPAT_FUNCS *cf; |
| 84 | const ASN1_AUX *aux = it->funcs; | 84 | const ASN1_AUX *aux = it->funcs; |
| 85 | ASN1_aux_cb *asn1_cb; | 85 | ASN1_aux_cb *asn1_cb; |
| 86 | int i; | 86 | int i; |
| 87 | if(!pval) return; | 87 | if (!pval) |
| 88 | if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return; | 88 | return; |
| 89 | if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; | 89 | if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) |
| 90 | else asn1_cb = 0; | 90 | return; |
| 91 | if (aux && aux->asn1_cb) | ||
| 92 | asn1_cb = aux->asn1_cb; | ||
| 93 | else | ||
| 94 | asn1_cb = 0; | ||
| 91 | 95 | ||
| 92 | switch(it->itype) { | 96 | switch(it->itype) |
| 97 | { | ||
| 93 | 98 | ||
| 94 | case ASN1_ITYPE_PRIMITIVE: | 99 | case ASN1_ITYPE_PRIMITIVE: |
| 95 | if(it->templates) ASN1_template_free(pval, it->templates); | 100 | if (it->templates) |
| 96 | else ASN1_primitive_free(pval, it); | 101 | ASN1_template_free(pval, it->templates); |
| 102 | else | ||
| 103 | ASN1_primitive_free(pval, it); | ||
| 97 | break; | 104 | break; |
| 98 | 105 | ||
| 99 | case ASN1_ITYPE_MSTRING: | 106 | case ASN1_ITYPE_MSTRING: |
| @@ -101,41 +108,51 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c | |||
| 101 | break; | 108 | break; |
| 102 | 109 | ||
| 103 | case ASN1_ITYPE_CHOICE: | 110 | case ASN1_ITYPE_CHOICE: |
| 104 | if(asn1_cb) { | 111 | if (asn1_cb) |
| 112 | { | ||
| 105 | i = asn1_cb(ASN1_OP_FREE_PRE, pval, it); | 113 | i = asn1_cb(ASN1_OP_FREE_PRE, pval, it); |
| 106 | if(i == 2) return; | 114 | if (i == 2) |
| 107 | } | 115 | return; |
| 116 | } | ||
| 108 | i = asn1_get_choice_selector(pval, it); | 117 | i = asn1_get_choice_selector(pval, it); |
| 109 | if(asn1_cb) asn1_cb(ASN1_OP_FREE_PRE, pval, it); | 118 | if ((i >= 0) && (i < it->tcount)) |
| 110 | if((i >= 0) && (i < it->tcount)) { | 119 | { |
| 111 | ASN1_VALUE **pchval; | 120 | ASN1_VALUE **pchval; |
| 112 | tt = it->templates + i; | 121 | tt = it->templates + i; |
| 113 | pchval = asn1_get_field_ptr(pval, tt); | 122 | pchval = asn1_get_field_ptr(pval, tt); |
| 114 | ASN1_template_free(pchval, tt); | 123 | ASN1_template_free(pchval, tt); |
| 115 | } | 124 | } |
| 116 | if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it); | 125 | if (asn1_cb) |
| 117 | if(!combine) { | 126 | asn1_cb(ASN1_OP_FREE_POST, pval, it); |
| 127 | if (!combine) | ||
| 128 | { | ||
| 118 | OPENSSL_free(*pval); | 129 | OPENSSL_free(*pval); |
| 119 | *pval = NULL; | 130 | *pval = NULL; |
| 120 | } | 131 | } |
| 121 | break; | 132 | break; |
| 122 | 133 | ||
| 123 | case ASN1_ITYPE_COMPAT: | 134 | case ASN1_ITYPE_COMPAT: |
| 124 | cf = it->funcs; | 135 | cf = it->funcs; |
| 125 | if(cf && cf->asn1_free) cf->asn1_free(*pval); | 136 | if (cf && cf->asn1_free) |
| 137 | cf->asn1_free(*pval); | ||
| 126 | break; | 138 | break; |
| 127 | 139 | ||
| 128 | case ASN1_ITYPE_EXTERN: | 140 | case ASN1_ITYPE_EXTERN: |
| 129 | ef = it->funcs; | 141 | ef = it->funcs; |
| 130 | if(ef && ef->asn1_ex_free) ef->asn1_ex_free(pval, it); | 142 | if (ef && ef->asn1_ex_free) |
| 143 | ef->asn1_ex_free(pval, it); | ||
| 131 | break; | 144 | break; |
| 132 | 145 | ||
| 146 | case ASN1_ITYPE_NDEF_SEQUENCE: | ||
| 133 | case ASN1_ITYPE_SEQUENCE: | 147 | case ASN1_ITYPE_SEQUENCE: |
| 134 | if(asn1_do_lock(pval, -1, it) > 0) return; | 148 | if (asn1_do_lock(pval, -1, it) > 0) |
| 135 | if(asn1_cb) { | 149 | return; |
| 150 | if (asn1_cb) | ||
| 151 | { | ||
| 136 | i = asn1_cb(ASN1_OP_FREE_PRE, pval, it); | 152 | i = asn1_cb(ASN1_OP_FREE_PRE, pval, it); |
| 137 | if(i == 2) return; | 153 | if (i == 2) |
| 138 | } | 154 | return; |
| 155 | } | ||
| 139 | asn1_enc_free(pval, it); | 156 | asn1_enc_free(pval, it); |
| 140 | /* If we free up as normal we will invalidate any | 157 | /* If we free up as normal we will invalidate any |
| 141 | * ANY DEFINED BY field and we wont be able to | 158 | * ANY DEFINED BY field and we wont be able to |
| @@ -143,64 +160,84 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c | |||
| 143 | * free up in reverse order. | 160 | * free up in reverse order. |
| 144 | */ | 161 | */ |
| 145 | tt = it->templates + it->tcount - 1; | 162 | tt = it->templates + it->tcount - 1; |
| 146 | for(i = 0; i < it->tcount; tt--, i++) { | 163 | for (i = 0; i < it->tcount; tt--, i++) |
| 164 | { | ||
| 147 | ASN1_VALUE **pseqval; | 165 | ASN1_VALUE **pseqval; |
| 148 | seqtt = asn1_do_adb(pval, tt, 0); | 166 | seqtt = asn1_do_adb(pval, tt, 0); |
| 149 | if(!seqtt) continue; | 167 | if (!seqtt) |
| 168 | continue; | ||
| 150 | pseqval = asn1_get_field_ptr(pval, seqtt); | 169 | pseqval = asn1_get_field_ptr(pval, seqtt); |
| 151 | ASN1_template_free(pseqval, seqtt); | 170 | ASN1_template_free(pseqval, seqtt); |
| 152 | } | 171 | } |
| 153 | if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it); | 172 | if (asn1_cb) |
| 154 | if(!combine) { | 173 | asn1_cb(ASN1_OP_FREE_POST, pval, it); |
| 174 | if (!combine) | ||
| 175 | { | ||
| 155 | OPENSSL_free(*pval); | 176 | OPENSSL_free(*pval); |
| 156 | *pval = NULL; | 177 | *pval = NULL; |
| 157 | } | 178 | } |
| 158 | break; | 179 | break; |
| 180 | } | ||
| 159 | } | 181 | } |
| 160 | } | ||
| 161 | 182 | ||
| 162 | void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) | 183 | void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) |
| 163 | { | 184 | { |
| 164 | int i; | 185 | int i; |
| 165 | if(tt->flags & ASN1_TFLG_SK_MASK) { | 186 | if (tt->flags & ASN1_TFLG_SK_MASK) |
| 187 | { | ||
| 166 | STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; | 188 | STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; |
| 167 | for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) { | 189 | for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) |
| 190 | { | ||
| 168 | ASN1_VALUE *vtmp; | 191 | ASN1_VALUE *vtmp; |
| 169 | vtmp = sk_ASN1_VALUE_value(sk, i); | 192 | vtmp = sk_ASN1_VALUE_value(sk, i); |
| 170 | asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item), 0); | 193 | asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item), |
| 171 | } | 194 | 0); |
| 195 | } | ||
| 172 | sk_ASN1_VALUE_free(sk); | 196 | sk_ASN1_VALUE_free(sk); |
| 173 | *pval = NULL; | 197 | *pval = NULL; |
| 174 | } else asn1_item_combine_free(pval, ASN1_ITEM_ptr(tt->item), | 198 | } |
| 199 | else | ||
| 200 | asn1_item_combine_free(pval, ASN1_ITEM_ptr(tt->item), | ||
| 175 | tt->flags & ASN1_TFLG_COMBINE); | 201 | tt->flags & ASN1_TFLG_COMBINE); |
| 176 | } | 202 | } |
| 177 | 203 | ||
| 178 | void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) | 204 | void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) |
| 179 | { | 205 | { |
| 180 | int utype; | 206 | int utype; |
| 181 | if(it) { | 207 | if (it) |
| 208 | { | ||
| 182 | const ASN1_PRIMITIVE_FUNCS *pf; | 209 | const ASN1_PRIMITIVE_FUNCS *pf; |
| 183 | pf = it->funcs; | 210 | pf = it->funcs; |
| 184 | if(pf && pf->prim_free) { | 211 | if (pf && pf->prim_free) |
| 212 | { | ||
| 185 | pf->prim_free(pval, it); | 213 | pf->prim_free(pval, it); |
| 186 | return; | 214 | return; |
| 215 | } | ||
| 187 | } | 216 | } |
| 188 | } | ||
| 189 | /* Special case: if 'it' is NULL free contents of ASN1_TYPE */ | 217 | /* Special case: if 'it' is NULL free contents of ASN1_TYPE */ |
| 190 | if(!it) { | 218 | if (!it) |
| 219 | { | ||
| 191 | ASN1_TYPE *typ = (ASN1_TYPE *)*pval; | 220 | ASN1_TYPE *typ = (ASN1_TYPE *)*pval; |
| 192 | utype = typ->type; | 221 | utype = typ->type; |
| 193 | pval = (ASN1_VALUE **)&typ->value.ptr; | 222 | pval = &typ->value.asn1_value; |
| 194 | if(!*pval) return; | 223 | if (!*pval) |
| 195 | } else if(it->itype == ASN1_ITYPE_MSTRING) { | 224 | return; |
| 225 | } | ||
| 226 | else if (it->itype == ASN1_ITYPE_MSTRING) | ||
| 227 | { | ||
| 196 | utype = -1; | 228 | utype = -1; |
| 197 | if(!*pval) return; | 229 | if (!*pval) |
| 198 | } else { | 230 | return; |
| 231 | } | ||
| 232 | else | ||
| 233 | { | ||
| 199 | utype = it->utype; | 234 | utype = it->utype; |
| 200 | if((utype != V_ASN1_BOOLEAN) && !*pval) return; | 235 | if ((utype != V_ASN1_BOOLEAN) && !*pval) |
| 201 | } | 236 | return; |
| 237 | } | ||
| 202 | 238 | ||
| 203 | switch(utype) { | 239 | switch(utype) |
| 240 | { | ||
| 204 | case V_ASN1_OBJECT: | 241 | case V_ASN1_OBJECT: |
| 205 | ASN1_OBJECT_free((ASN1_OBJECT *)*pval); | 242 | ASN1_OBJECT_free((ASN1_OBJECT *)*pval); |
| 206 | break; | 243 | break; |
| @@ -224,6 +261,6 @@ void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) | |||
| 224 | ASN1_STRING_free((ASN1_STRING *)*pval); | 261 | ASN1_STRING_free((ASN1_STRING *)*pval); |
| 225 | *pval = NULL; | 262 | *pval = NULL; |
| 226 | break; | 263 | break; |
| 227 | } | 264 | } |
| 228 | *pval = NULL; | 265 | *pval = NULL; |
| 229 | } | 266 | } |
diff --git a/src/lib/libcrypto/asn1/tasn_new.c b/src/lib/libcrypto/asn1/tasn_new.c index a0e3db574f..531dad365c 100644 --- a/src/lib/libcrypto/asn1/tasn_new.c +++ b/src/lib/libcrypto/asn1/tasn_new.c | |||
| @@ -3,7 +3,7 @@ | |||
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 2000 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -64,27 +64,30 @@ | |||
| 64 | #include <openssl/asn1t.h> | 64 | #include <openssl/asn1t.h> |
| 65 | #include <string.h> | 65 | #include <string.h> |
| 66 | 66 | ||
| 67 | static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine); | 67 | static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, |
| 68 | int combine); | ||
| 68 | static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); | 69 | static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); |
| 69 | static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); | 70 | static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); |
| 70 | void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); | 71 | void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); |
| 71 | 72 | ||
| 72 | ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it) | 73 | ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it) |
| 73 | { | 74 | { |
| 74 | ASN1_VALUE *ret = NULL; | 75 | ASN1_VALUE *ret = NULL; |
| 75 | if(ASN1_item_ex_new(&ret, it) > 0) return ret; | 76 | if (ASN1_item_ex_new(&ret, it) > 0) |
| 77 | return ret; | ||
| 76 | return NULL; | 78 | return NULL; |
| 77 | } | 79 | } |
| 78 | 80 | ||
| 79 | /* Allocate an ASN1 structure */ | 81 | /* Allocate an ASN1 structure */ |
| 80 | 82 | ||
| 81 | int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it) | 83 | int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it) |
| 82 | { | 84 | { |
| 83 | return asn1_item_ex_combine_new(pval, it, 0); | 85 | return asn1_item_ex_combine_new(pval, it, 0); |
| 84 | } | 86 | } |
| 85 | 87 | ||
| 86 | static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine) | 88 | static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, |
| 87 | { | 89 | int combine) |
| 90 | { | ||
| 88 | const ASN1_TEMPLATE *tt = NULL; | 91 | const ASN1_TEMPLATE *tt = NULL; |
| 89 | const ASN1_COMPAT_FUNCS *cf; | 92 | const ASN1_COMPAT_FUNCS *cf; |
| 90 | const ASN1_EXTERN_FUNCS *ef; | 93 | const ASN1_EXTERN_FUNCS *ef; |
| @@ -92,133 +95,155 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int | |||
| 92 | ASN1_aux_cb *asn1_cb; | 95 | ASN1_aux_cb *asn1_cb; |
| 93 | ASN1_VALUE **pseqval; | 96 | ASN1_VALUE **pseqval; |
| 94 | int i; | 97 | int i; |
| 95 | if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; | 98 | if (aux && aux->asn1_cb) |
| 96 | else asn1_cb = 0; | 99 | asn1_cb = aux->asn1_cb; |
| 100 | else | ||
| 101 | asn1_cb = 0; | ||
| 97 | 102 | ||
| 98 | if(!combine) *pval = NULL; | 103 | if (!combine) *pval = NULL; |
| 99 | 104 | ||
| 100 | #ifdef CRYPTO_MDEBUG | 105 | #ifdef CRYPTO_MDEBUG |
| 101 | if(it->sname) CRYPTO_push_info(it->sname); | 106 | if (it->sname) |
| 107 | CRYPTO_push_info(it->sname); | ||
| 102 | #endif | 108 | #endif |
| 103 | 109 | ||
| 104 | switch(it->itype) { | 110 | switch(it->itype) |
| 111 | { | ||
| 105 | 112 | ||
| 106 | case ASN1_ITYPE_EXTERN: | 113 | case ASN1_ITYPE_EXTERN: |
| 107 | ef = it->funcs; | 114 | ef = it->funcs; |
| 108 | if(ef && ef->asn1_ex_new) { | 115 | if (ef && ef->asn1_ex_new) |
| 109 | if(!ef->asn1_ex_new(pval, it)) | 116 | { |
| 117 | if (!ef->asn1_ex_new(pval, it)) | ||
| 110 | goto memerr; | 118 | goto memerr; |
| 111 | } | 119 | } |
| 112 | break; | 120 | break; |
| 113 | 121 | ||
| 114 | case ASN1_ITYPE_COMPAT: | 122 | case ASN1_ITYPE_COMPAT: |
| 115 | cf = it->funcs; | 123 | cf = it->funcs; |
| 116 | if(cf && cf->asn1_new) { | 124 | if (cf && cf->asn1_new) { |
| 117 | *pval = cf->asn1_new(); | 125 | *pval = cf->asn1_new(); |
| 118 | if(!*pval) goto memerr; | 126 | if (!*pval) |
| 127 | goto memerr; | ||
| 119 | } | 128 | } |
| 120 | break; | 129 | break; |
| 121 | 130 | ||
| 122 | case ASN1_ITYPE_PRIMITIVE: | 131 | case ASN1_ITYPE_PRIMITIVE: |
| 123 | if(it->templates) { | 132 | if (it->templates) |
| 124 | if(!ASN1_template_new(pval, it->templates)) | 133 | { |
| 134 | if (!ASN1_template_new(pval, it->templates)) | ||
| 125 | goto memerr; | 135 | goto memerr; |
| 126 | } else { | 136 | } |
| 127 | if(!ASN1_primitive_new(pval, it)) | 137 | else if (!ASN1_primitive_new(pval, it)) |
| 128 | goto memerr; | 138 | goto memerr; |
| 129 | } | ||
| 130 | break; | 139 | break; |
| 131 | 140 | ||
| 132 | case ASN1_ITYPE_MSTRING: | 141 | case ASN1_ITYPE_MSTRING: |
| 133 | if(!ASN1_primitive_new(pval, it)) | 142 | if (!ASN1_primitive_new(pval, it)) |
| 134 | goto memerr; | 143 | goto memerr; |
| 135 | break; | 144 | break; |
| 136 | 145 | ||
| 137 | case ASN1_ITYPE_CHOICE: | 146 | case ASN1_ITYPE_CHOICE: |
| 138 | if(asn1_cb) { | 147 | if (asn1_cb) |
| 148 | { | ||
| 139 | i = asn1_cb(ASN1_OP_NEW_PRE, pval, it); | 149 | i = asn1_cb(ASN1_OP_NEW_PRE, pval, it); |
| 140 | if(!i) goto auxerr; | 150 | if (!i) |
| 141 | if(i==2) { | 151 | goto auxerr; |
| 152 | if (i==2) | ||
| 153 | { | ||
| 142 | #ifdef CRYPTO_MDEBUG | 154 | #ifdef CRYPTO_MDEBUG |
| 143 | if(it->sname) CRYPTO_pop_info(); | 155 | if (it->sname) |
| 156 | CRYPTO_pop_info(); | ||
| 144 | #endif | 157 | #endif |
| 145 | return 1; | 158 | return 1; |
| 159 | } | ||
| 146 | } | 160 | } |
| 147 | } | 161 | if (!combine) |
| 148 | if(!combine) { | 162 | { |
| 149 | *pval = OPENSSL_malloc(it->size); | 163 | *pval = OPENSSL_malloc(it->size); |
| 150 | if(!*pval) goto memerr; | 164 | if (!*pval) |
| 165 | goto memerr; | ||
| 151 | memset(*pval, 0, it->size); | 166 | memset(*pval, 0, it->size); |
| 152 | } | 167 | } |
| 153 | asn1_set_choice_selector(pval, -1, it); | 168 | asn1_set_choice_selector(pval, -1, it); |
| 154 | if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) | 169 | if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) |
| 155 | goto auxerr; | 170 | goto auxerr; |
| 156 | break; | 171 | break; |
| 157 | 172 | ||
| 173 | case ASN1_ITYPE_NDEF_SEQUENCE: | ||
| 158 | case ASN1_ITYPE_SEQUENCE: | 174 | case ASN1_ITYPE_SEQUENCE: |
| 159 | if(asn1_cb) { | 175 | if (asn1_cb) |
| 176 | { | ||
| 160 | i = asn1_cb(ASN1_OP_NEW_PRE, pval, it); | 177 | i = asn1_cb(ASN1_OP_NEW_PRE, pval, it); |
| 161 | if(!i) goto auxerr; | 178 | if (!i) |
| 162 | if(i==2) { | 179 | goto auxerr; |
| 180 | if (i==2) | ||
| 181 | { | ||
| 163 | #ifdef CRYPTO_MDEBUG | 182 | #ifdef CRYPTO_MDEBUG |
| 164 | if(it->sname) CRYPTO_pop_info(); | 183 | if (it->sname) |
| 184 | CRYPTO_pop_info(); | ||
| 165 | #endif | 185 | #endif |
| 166 | return 1; | 186 | return 1; |
| 187 | } | ||
| 167 | } | 188 | } |
| 168 | } | 189 | if (!combine) |
| 169 | if(!combine) { | 190 | { |
| 170 | *pval = OPENSSL_malloc(it->size); | 191 | *pval = OPENSSL_malloc(it->size); |
| 171 | if(!*pval) goto memerr; | 192 | if (!*pval) |
| 193 | goto memerr; | ||
| 172 | memset(*pval, 0, it->size); | 194 | memset(*pval, 0, it->size); |
| 173 | asn1_do_lock(pval, 0, it); | 195 | asn1_do_lock(pval, 0, it); |
| 174 | asn1_enc_init(pval, it); | 196 | asn1_enc_init(pval, it); |
| 175 | } | 197 | } |
| 176 | for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) { | 198 | for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) |
| 199 | { | ||
| 177 | pseqval = asn1_get_field_ptr(pval, tt); | 200 | pseqval = asn1_get_field_ptr(pval, tt); |
| 178 | if(!ASN1_template_new(pseqval, tt)) goto memerr; | 201 | if (!ASN1_template_new(pseqval, tt)) |
| 179 | } | 202 | goto memerr; |
| 180 | if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) | 203 | } |
| 204 | if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) | ||
| 181 | goto auxerr; | 205 | goto auxerr; |
| 182 | break; | 206 | break; |
| 183 | } | 207 | } |
| 184 | #ifdef CRYPTO_MDEBUG | 208 | #ifdef CRYPTO_MDEBUG |
| 185 | if(it->sname) CRYPTO_pop_info(); | 209 | if (it->sname) CRYPTO_pop_info(); |
| 186 | #endif | 210 | #endif |
| 187 | return 1; | 211 | return 1; |
| 188 | 212 | ||
| 189 | memerr: | 213 | memerr: |
| 190 | ASN1err(ASN1_F_ASN1_ITEM_NEW, ERR_R_MALLOC_FAILURE); | 214 | ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE); |
| 191 | #ifdef CRYPTO_MDEBUG | 215 | #ifdef CRYPTO_MDEBUG |
| 192 | if(it->sname) CRYPTO_pop_info(); | 216 | if (it->sname) CRYPTO_pop_info(); |
| 193 | #endif | 217 | #endif |
| 194 | return 0; | 218 | return 0; |
| 195 | 219 | ||
| 196 | auxerr: | 220 | auxerr: |
| 197 | ASN1err(ASN1_F_ASN1_ITEM_NEW, ASN1_R_AUX_ERROR); | 221 | ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR); |
| 198 | ASN1_item_ex_free(pval, it); | 222 | ASN1_item_ex_free(pval, it); |
| 199 | #ifdef CRYPTO_MDEBUG | 223 | #ifdef CRYPTO_MDEBUG |
| 200 | if(it->sname) CRYPTO_pop_info(); | 224 | if (it->sname) CRYPTO_pop_info(); |
| 201 | #endif | 225 | #endif |
| 202 | return 0; | 226 | return 0; |
| 203 | 227 | ||
| 204 | } | 228 | } |
| 205 | 229 | ||
| 206 | static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) | 230 | static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) |
| 207 | { | 231 | { |
| 208 | const ASN1_EXTERN_FUNCS *ef; | 232 | const ASN1_EXTERN_FUNCS *ef; |
| 209 | 233 | ||
| 210 | switch(it->itype) { | 234 | switch(it->itype) |
| 235 | { | ||
| 211 | 236 | ||
| 212 | case ASN1_ITYPE_EXTERN: | 237 | case ASN1_ITYPE_EXTERN: |
| 213 | ef = it->funcs; | 238 | ef = it->funcs; |
| 214 | if(ef && ef->asn1_ex_clear) | 239 | if (ef && ef->asn1_ex_clear) |
| 215 | ef->asn1_ex_clear(pval, it); | 240 | ef->asn1_ex_clear(pval, it); |
| 216 | else *pval = NULL; | 241 | else *pval = NULL; |
| 217 | break; | 242 | break; |
| 218 | 243 | ||
| 219 | 244 | ||
| 220 | case ASN1_ITYPE_PRIMITIVE: | 245 | case ASN1_ITYPE_PRIMITIVE: |
| 221 | if(it->templates) | 246 | if (it->templates) |
| 222 | asn1_template_clear(pval, it->templates); | 247 | asn1_template_clear(pval, it->templates); |
| 223 | else | 248 | else |
| 224 | asn1_primitive_clear(pval, it); | 249 | asn1_primitive_clear(pval, it); |
| @@ -231,75 +256,90 @@ static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) | |||
| 231 | case ASN1_ITYPE_COMPAT: | 256 | case ASN1_ITYPE_COMPAT: |
| 232 | case ASN1_ITYPE_CHOICE: | 257 | case ASN1_ITYPE_CHOICE: |
| 233 | case ASN1_ITYPE_SEQUENCE: | 258 | case ASN1_ITYPE_SEQUENCE: |
| 259 | case ASN1_ITYPE_NDEF_SEQUENCE: | ||
| 234 | *pval = NULL; | 260 | *pval = NULL; |
| 235 | break; | 261 | break; |
| 262 | } | ||
| 236 | } | 263 | } |
| 237 | } | ||
| 238 | 264 | ||
| 239 | 265 | ||
| 240 | int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) | 266 | int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) |
| 241 | { | 267 | { |
| 242 | const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item); | 268 | const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item); |
| 243 | int ret; | 269 | int ret; |
| 244 | if(tt->flags & ASN1_TFLG_OPTIONAL) { | 270 | if (tt->flags & ASN1_TFLG_OPTIONAL) |
| 271 | { | ||
| 245 | asn1_template_clear(pval, tt); | 272 | asn1_template_clear(pval, tt); |
| 246 | return 1; | 273 | return 1; |
| 247 | } | 274 | } |
| 248 | /* If ANY DEFINED BY nothing to do */ | 275 | /* If ANY DEFINED BY nothing to do */ |
| 249 | 276 | ||
| 250 | if(tt->flags & ASN1_TFLG_ADB_MASK) { | 277 | if (tt->flags & ASN1_TFLG_ADB_MASK) |
| 278 | { | ||
| 251 | *pval = NULL; | 279 | *pval = NULL; |
| 252 | return 1; | 280 | return 1; |
| 253 | } | 281 | } |
| 254 | #ifdef CRYPTO_MDEBUG | 282 | #ifdef CRYPTO_MDEBUG |
| 255 | if(tt->field_name) CRYPTO_push_info(tt->field_name); | 283 | if (tt->field_name) |
| 284 | CRYPTO_push_info(tt->field_name); | ||
| 256 | #endif | 285 | #endif |
| 257 | /* If SET OF or SEQUENCE OF, its a STACK */ | 286 | /* If SET OF or SEQUENCE OF, its a STACK */ |
| 258 | if(tt->flags & ASN1_TFLG_SK_MASK) { | 287 | if (tt->flags & ASN1_TFLG_SK_MASK) |
| 288 | { | ||
| 259 | STACK_OF(ASN1_VALUE) *skval; | 289 | STACK_OF(ASN1_VALUE) *skval; |
| 260 | skval = sk_ASN1_VALUE_new_null(); | 290 | skval = sk_ASN1_VALUE_new_null(); |
| 261 | if(!skval) { | 291 | if (!skval) |
| 292 | { | ||
| 262 | ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE); | 293 | ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE); |
| 263 | ret = 0; | 294 | ret = 0; |
| 264 | goto done; | 295 | goto done; |
| 265 | } | 296 | } |
| 266 | *pval = (ASN1_VALUE *)skval; | 297 | *pval = (ASN1_VALUE *)skval; |
| 267 | ret = 1; | 298 | ret = 1; |
| 268 | goto done; | 299 | goto done; |
| 269 | } | 300 | } |
| 270 | /* Otherwise pass it back to the item routine */ | 301 | /* Otherwise pass it back to the item routine */ |
| 271 | ret = asn1_item_ex_combine_new(pval, it, tt->flags & ASN1_TFLG_COMBINE); | 302 | ret = asn1_item_ex_combine_new(pval, it, tt->flags & ASN1_TFLG_COMBINE); |
| 272 | done: | 303 | done: |
| 273 | #ifdef CRYPTO_MDEBUG | 304 | #ifdef CRYPTO_MDEBUG |
| 274 | if(it->sname) CRYPTO_pop_info(); | 305 | if (it->sname) |
| 306 | CRYPTO_pop_info(); | ||
| 275 | #endif | 307 | #endif |
| 276 | return ret; | 308 | return ret; |
| 277 | } | 309 | } |
| 278 | 310 | ||
| 279 | static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) | 311 | static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) |
| 280 | { | 312 | { |
| 281 | /* If ADB or STACK just NULL the field */ | 313 | /* If ADB or STACK just NULL the field */ |
| 282 | if(tt->flags & (ASN1_TFLG_ADB_MASK|ASN1_TFLG_SK_MASK)) | 314 | if (tt->flags & (ASN1_TFLG_ADB_MASK|ASN1_TFLG_SK_MASK)) |
| 283 | *pval = NULL; | 315 | *pval = NULL; |
| 284 | else | 316 | else |
| 285 | asn1_item_clear(pval, ASN1_ITEM_ptr(tt->item)); | 317 | asn1_item_clear(pval, ASN1_ITEM_ptr(tt->item)); |
| 286 | } | 318 | } |
| 287 | 319 | ||
| 288 | 320 | ||
| 289 | /* NB: could probably combine most of the real XXX_new() behaviour and junk all the old | 321 | /* NB: could probably combine most of the real XXX_new() behaviour and junk |
| 290 | * functions. | 322 | * all the old functions. |
| 291 | */ | 323 | */ |
| 292 | 324 | ||
| 293 | int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) | 325 | int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) |
| 294 | { | 326 | { |
| 295 | ASN1_TYPE *typ; | 327 | ASN1_TYPE *typ; |
| 296 | int utype; | 328 | int utype; |
| 297 | const ASN1_PRIMITIVE_FUNCS *pf; | 329 | |
| 298 | pf = it->funcs; | 330 | if (it && it->funcs) |
| 299 | if(pf && pf->prim_new) return pf->prim_new(pval, it); | 331 | { |
| 300 | if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1; | 332 | const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; |
| 301 | else utype = it->utype; | 333 | if (pf->prim_new) |
| 302 | switch(utype) { | 334 | return pf->prim_new(pval, it); |
| 335 | } | ||
| 336 | |||
| 337 | if (!it || (it->itype == ASN1_ITYPE_MSTRING)) | ||
| 338 | utype = -1; | ||
| 339 | else | ||
| 340 | utype = it->utype; | ||
| 341 | switch(utype) | ||
| 342 | { | ||
| 303 | case V_ASN1_OBJECT: | 343 | case V_ASN1_OBJECT: |
| 304 | *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef); | 344 | *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef); |
| 305 | return 1; | 345 | return 1; |
| @@ -317,7 +357,8 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) | |||
| 317 | 357 | ||
| 318 | case V_ASN1_ANY: | 358 | case V_ASN1_ANY: |
| 319 | typ = OPENSSL_malloc(sizeof(ASN1_TYPE)); | 359 | typ = OPENSSL_malloc(sizeof(ASN1_TYPE)); |
| 320 | if(!typ) return 0; | 360 | if (!typ) |
| 361 | return 0; | ||
| 321 | typ->value.ptr = NULL; | 362 | typ->value.ptr = NULL; |
| 322 | typ->type = -1; | 363 | typ->type = -1; |
| 323 | *pval = (ASN1_VALUE *)typ; | 364 | *pval = (ASN1_VALUE *)typ; |
| @@ -326,26 +367,29 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) | |||
| 326 | default: | 367 | default: |
| 327 | *pval = (ASN1_VALUE *)ASN1_STRING_type_new(utype); | 368 | *pval = (ASN1_VALUE *)ASN1_STRING_type_new(utype); |
| 328 | break; | 369 | break; |
| 329 | } | 370 | } |
| 330 | if(*pval) return 1; | 371 | if (*pval) |
| 372 | return 1; | ||
| 331 | return 0; | 373 | return 0; |
| 332 | } | 374 | } |
| 333 | 375 | ||
| 334 | void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) | 376 | void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) |
| 335 | { | 377 | { |
| 336 | int utype; | 378 | int utype; |
| 337 | const ASN1_PRIMITIVE_FUNCS *pf; | 379 | if (it && it->funcs) |
| 338 | pf = it->funcs; | 380 | { |
| 339 | if(pf) { | 381 | const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; |
| 340 | if(pf->prim_clear) | 382 | if (pf->prim_clear) |
| 341 | pf->prim_clear(pval, it); | 383 | pf->prim_clear(pval, it); |
| 342 | else | 384 | else |
| 343 | *pval = NULL; | 385 | *pval = NULL; |
| 344 | return; | 386 | return; |
| 345 | } | 387 | } |
| 346 | if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1; | 388 | if (!it || (it->itype == ASN1_ITYPE_MSTRING)) |
| 347 | else utype = it->utype; | 389 | utype = -1; |
| 348 | if(utype == V_ASN1_BOOLEAN) | 390 | else |
| 391 | utype = it->utype; | ||
| 392 | if (utype == V_ASN1_BOOLEAN) | ||
| 349 | *(ASN1_BOOLEAN *)pval = it->size; | 393 | *(ASN1_BOOLEAN *)pval = it->size; |
| 350 | else *pval = NULL; | 394 | else *pval = NULL; |
| 351 | } | 395 | } |
diff --git a/src/lib/libcrypto/asn1/tasn_typ.c b/src/lib/libcrypto/asn1/tasn_typ.c index 804d2eeba2..6f17f1bec7 100644 --- a/src/lib/libcrypto/asn1/tasn_typ.c +++ b/src/lib/libcrypto/asn1/tasn_typ.c | |||
| @@ -131,3 +131,7 @@ IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING) | |||
| 131 | IMPLEMENT_ASN1_TYPE_ex(ASN1_BOOLEAN, ASN1_BOOLEAN, -1) | 131 | IMPLEMENT_ASN1_TYPE_ex(ASN1_BOOLEAN, ASN1_BOOLEAN, -1) |
| 132 | IMPLEMENT_ASN1_TYPE_ex(ASN1_TBOOLEAN, ASN1_BOOLEAN, 1) | 132 | IMPLEMENT_ASN1_TYPE_ex(ASN1_TBOOLEAN, ASN1_BOOLEAN, 1) |
| 133 | IMPLEMENT_ASN1_TYPE_ex(ASN1_FBOOLEAN, ASN1_BOOLEAN, 0) | 133 | IMPLEMENT_ASN1_TYPE_ex(ASN1_FBOOLEAN, ASN1_BOOLEAN, 0) |
| 134 | |||
| 135 | /* Special, OCTET STRING with indefinite length constructed support */ | ||
| 136 | |||
| 137 | IMPLEMENT_ASN1_TYPE_ex(ASN1_OCTET_STRING_NDEF, ASN1_OCTET_STRING, ASN1_TFLG_NDEF) | ||
diff --git a/src/lib/libcrypto/asn1/tasn_utl.c b/src/lib/libcrypto/asn1/tasn_utl.c index 8996ce8c13..34d520b180 100644 --- a/src/lib/libcrypto/asn1/tasn_utl.c +++ b/src/lib/libcrypto/asn1/tasn_utl.c | |||
| @@ -3,7 +3,7 @@ | |||
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 2000 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -74,23 +74,23 @@ | |||
| 74 | */ | 74 | */ |
| 75 | 75 | ||
| 76 | int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it) | 76 | int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it) |
| 77 | { | 77 | { |
| 78 | int *sel = offset2ptr(*pval, it->utype); | 78 | int *sel = offset2ptr(*pval, it->utype); |
| 79 | return *sel; | 79 | return *sel; |
| 80 | } | 80 | } |
| 81 | 81 | ||
| 82 | /* Given an ASN1_ITEM CHOICE type set | 82 | /* Given an ASN1_ITEM CHOICE type set |
| 83 | * the selector value, return old value. | 83 | * the selector value, return old value. |
| 84 | */ | 84 | */ |
| 85 | 85 | ||
| 86 | int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it) | 86 | int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it) |
| 87 | { | 87 | { |
| 88 | int *sel, ret; | 88 | int *sel, ret; |
| 89 | sel = offset2ptr(*pval, it->utype); | 89 | sel = offset2ptr(*pval, it->utype); |
| 90 | ret = *sel; | 90 | ret = *sel; |
| 91 | *sel = value; | 91 | *sel = value; |
| 92 | return ret; | 92 | return ret; |
| 93 | } | 93 | } |
| 94 | 94 | ||
| 95 | /* Do reference counting. The value 'op' decides what to do. | 95 | /* Do reference counting. The value 'op' decides what to do. |
| 96 | * if it is +1 then the count is incremented. If op is 0 count is | 96 | * if it is +1 then the count is incremented. If op is 0 count is |
| @@ -99,114 +99,134 @@ int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it) | |||
| 99 | */ | 99 | */ |
| 100 | 100 | ||
| 101 | int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it) | 101 | int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it) |
| 102 | { | 102 | { |
| 103 | const ASN1_AUX *aux; | 103 | const ASN1_AUX *aux; |
| 104 | int *lck, ret; | 104 | int *lck, ret; |
| 105 | if(it->itype != ASN1_ITYPE_SEQUENCE) return 0; | 105 | if ((it->itype != ASN1_ITYPE_SEQUENCE) |
| 106 | && (it->itype != ASN1_ITYPE_NDEF_SEQUENCE)) | ||
| 107 | return 0; | ||
| 106 | aux = it->funcs; | 108 | aux = it->funcs; |
| 107 | if(!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) return 0; | 109 | if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) |
| 110 | return 0; | ||
| 108 | lck = offset2ptr(*pval, aux->ref_offset); | 111 | lck = offset2ptr(*pval, aux->ref_offset); |
| 109 | if(op == 0) { | 112 | if (op == 0) |
| 113 | { | ||
| 110 | *lck = 1; | 114 | *lck = 1; |
| 111 | return 1; | 115 | return 1; |
| 112 | } | 116 | } |
| 113 | ret = CRYPTO_add(lck, op, aux->ref_lock); | 117 | ret = CRYPTO_add(lck, op, aux->ref_lock); |
| 114 | #ifdef REF_PRINT | 118 | #ifdef REF_PRINT |
| 115 | fprintf(stderr, "%s: Reference Count: %d\n", it->sname, *lck); | 119 | fprintf(stderr, "%s: Reference Count: %d\n", it->sname, *lck); |
| 116 | #endif | 120 | #endif |
| 117 | #ifdef REF_CHECK | 121 | #ifdef REF_CHECK |
| 118 | if(ret < 0) | 122 | if (ret < 0) |
| 119 | fprintf(stderr, "%s, bad reference count\n", it->sname); | 123 | fprintf(stderr, "%s, bad reference count\n", it->sname); |
| 120 | #endif | 124 | #endif |
| 121 | return ret; | 125 | return ret; |
| 122 | } | 126 | } |
| 123 | 127 | ||
| 124 | static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it) | 128 | static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it) |
| 125 | { | 129 | { |
| 126 | const ASN1_AUX *aux; | 130 | const ASN1_AUX *aux; |
| 127 | if(!pval || !*pval) return NULL; | 131 | if (!pval || !*pval) |
| 132 | return NULL; | ||
| 128 | aux = it->funcs; | 133 | aux = it->funcs; |
| 129 | if(!aux || !(aux->flags & ASN1_AFLG_ENCODING)) return NULL; | 134 | if (!aux || !(aux->flags & ASN1_AFLG_ENCODING)) |
| 135 | return NULL; | ||
| 130 | return offset2ptr(*pval, aux->enc_offset); | 136 | return offset2ptr(*pval, aux->enc_offset); |
| 131 | } | 137 | } |
| 132 | 138 | ||
| 133 | void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it) | 139 | void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it) |
| 134 | { | 140 | { |
| 135 | ASN1_ENCODING *enc; | 141 | ASN1_ENCODING *enc; |
| 136 | enc = asn1_get_enc_ptr(pval, it); | 142 | enc = asn1_get_enc_ptr(pval, it); |
| 137 | if(enc) { | 143 | if (enc) |
| 144 | { | ||
| 138 | enc->enc = NULL; | 145 | enc->enc = NULL; |
| 139 | enc->len = 0; | 146 | enc->len = 0; |
| 140 | enc->modified = 1; | 147 | enc->modified = 1; |
| 148 | } | ||
| 141 | } | 149 | } |
| 142 | } | ||
| 143 | 150 | ||
| 144 | void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it) | 151 | void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it) |
| 145 | { | 152 | { |
| 146 | ASN1_ENCODING *enc; | 153 | ASN1_ENCODING *enc; |
| 147 | enc = asn1_get_enc_ptr(pval, it); | 154 | enc = asn1_get_enc_ptr(pval, it); |
| 148 | if(enc) { | 155 | if (enc) |
| 149 | if(enc->enc) OPENSSL_free(enc->enc); | 156 | { |
| 157 | if (enc->enc) | ||
| 158 | OPENSSL_free(enc->enc); | ||
| 150 | enc->enc = NULL; | 159 | enc->enc = NULL; |
| 151 | enc->len = 0; | 160 | enc->len = 0; |
| 152 | enc->modified = 1; | 161 | enc->modified = 1; |
| 162 | } | ||
| 153 | } | 163 | } |
| 154 | } | ||
| 155 | 164 | ||
| 156 | int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it) | 165 | int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, |
| 157 | { | 166 | const ASN1_ITEM *it) |
| 167 | { | ||
| 158 | ASN1_ENCODING *enc; | 168 | ASN1_ENCODING *enc; |
| 159 | enc = asn1_get_enc_ptr(pval, it); | 169 | enc = asn1_get_enc_ptr(pval, it); |
| 160 | if(!enc) return 1; | 170 | if (!enc) |
| 171 | return 1; | ||
| 161 | 172 | ||
| 162 | if(enc->enc) OPENSSL_free(enc->enc); | 173 | if (enc->enc) |
| 174 | OPENSSL_free(enc->enc); | ||
| 163 | enc->enc = OPENSSL_malloc(inlen); | 175 | enc->enc = OPENSSL_malloc(inlen); |
| 164 | if(!enc->enc) return 0; | 176 | if (!enc->enc) |
| 177 | return 0; | ||
| 165 | memcpy(enc->enc, in, inlen); | 178 | memcpy(enc->enc, in, inlen); |
| 166 | enc->len = inlen; | 179 | enc->len = inlen; |
| 167 | enc->modified = 0; | 180 | enc->modified = 0; |
| 168 | 181 | ||
| 169 | return 1; | 182 | return 1; |
| 170 | } | 183 | } |
| 171 | 184 | ||
| 172 | int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it) | 185 | int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, |
| 173 | { | 186 | const ASN1_ITEM *it) |
| 187 | { | ||
| 174 | ASN1_ENCODING *enc; | 188 | ASN1_ENCODING *enc; |
| 175 | enc = asn1_get_enc_ptr(pval, it); | 189 | enc = asn1_get_enc_ptr(pval, it); |
| 176 | if(!enc || enc->modified) return 0; | 190 | if (!enc || enc->modified) |
| 177 | if(out) { | 191 | return 0; |
| 192 | if (out) | ||
| 193 | { | ||
| 178 | memcpy(*out, enc->enc, enc->len); | 194 | memcpy(*out, enc->enc, enc->len); |
| 179 | *out += enc->len; | 195 | *out += enc->len; |
| 180 | } | 196 | } |
| 181 | if(len) *len = enc->len; | 197 | if (len) |
| 198 | *len = enc->len; | ||
| 182 | return 1; | 199 | return 1; |
| 183 | } | 200 | } |
| 184 | 201 | ||
| 185 | /* Given an ASN1_TEMPLATE get a pointer to a field */ | 202 | /* Given an ASN1_TEMPLATE get a pointer to a field */ |
| 186 | ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) | 203 | ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) |
| 187 | { | 204 | { |
| 188 | ASN1_VALUE **pvaltmp; | 205 | ASN1_VALUE **pvaltmp; |
| 189 | if(tt->flags & ASN1_TFLG_COMBINE) return pval; | 206 | if (tt->flags & ASN1_TFLG_COMBINE) |
| 207 | return pval; | ||
| 190 | pvaltmp = offset2ptr(*pval, tt->offset); | 208 | pvaltmp = offset2ptr(*pval, tt->offset); |
| 191 | /* NOTE for BOOLEAN types the field is just a plain | 209 | /* NOTE for BOOLEAN types the field is just a plain |
| 192 | * int so we can't return int **, so settle for | 210 | * int so we can't return int **, so settle for |
| 193 | * (int *). | 211 | * (int *). |
| 194 | */ | 212 | */ |
| 195 | return pvaltmp; | 213 | return pvaltmp; |
| 196 | } | 214 | } |
| 197 | 215 | ||
| 198 | /* Handle ANY DEFINED BY template, find the selector, look up | 216 | /* Handle ANY DEFINED BY template, find the selector, look up |
| 199 | * the relevant ASN1_TEMPLATE in the table and return it. | 217 | * the relevant ASN1_TEMPLATE in the table and return it. |
| 200 | */ | 218 | */ |
| 201 | 219 | ||
| 202 | const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr) | 220 | const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, |
| 203 | { | 221 | int nullerr) |
| 222 | { | ||
| 204 | const ASN1_ADB *adb; | 223 | const ASN1_ADB *adb; |
| 205 | const ASN1_ADB_TABLE *atbl; | 224 | const ASN1_ADB_TABLE *atbl; |
| 206 | long selector; | 225 | long selector; |
| 207 | ASN1_VALUE **sfld; | 226 | ASN1_VALUE **sfld; |
| 208 | int i; | 227 | int i; |
| 209 | if(!(tt->flags & ASN1_TFLG_ADB_MASK)) return tt; | 228 | if (!(tt->flags & ASN1_TFLG_ADB_MASK)) |
| 229 | return tt; | ||
| 210 | 230 | ||
| 211 | /* Else ANY DEFINED BY ... get the table */ | 231 | /* Else ANY DEFINED BY ... get the table */ |
| 212 | adb = ASN1_ADB_ptr(tt->item); | 232 | adb = ASN1_ADB_ptr(tt->item); |
| @@ -215,16 +235,18 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int | |||
| 215 | sfld = offset2ptr(*pval, adb->offset); | 235 | sfld = offset2ptr(*pval, adb->offset); |
| 216 | 236 | ||
| 217 | /* Check if NULL */ | 237 | /* Check if NULL */ |
| 218 | if(!sfld) { | 238 | if (!sfld) |
| 219 | if(!adb->null_tt) goto err; | 239 | { |
| 240 | if (!adb->null_tt) | ||
| 241 | goto err; | ||
| 220 | return adb->null_tt; | 242 | return adb->null_tt; |
| 221 | } | 243 | } |
| 222 | 244 | ||
| 223 | /* Convert type to a long: | 245 | /* Convert type to a long: |
| 224 | * NB: don't check for NID_undef here because it | 246 | * NB: don't check for NID_undef here because it |
| 225 | * might be a legitimate value in the table | 247 | * might be a legitimate value in the table |
| 226 | */ | 248 | */ |
| 227 | if(tt->flags & ASN1_TFLG_ADB_OID) | 249 | if (tt->flags & ASN1_TFLG_ADB_OID) |
| 228 | selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld); | 250 | selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld); |
| 229 | else | 251 | else |
| 230 | selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld); | 252 | selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld); |
| @@ -237,17 +259,21 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int | |||
| 237 | * linear search. | 259 | * linear search. |
| 238 | */ | 260 | */ |
| 239 | 261 | ||
| 240 | for(atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++) | 262 | for (atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++) |
| 241 | if(atbl->value == selector) return &atbl->tt; | 263 | if (atbl->value == selector) |
| 264 | return &atbl->tt; | ||
| 242 | 265 | ||
| 243 | /* FIXME: need to search application table too */ | 266 | /* FIXME: need to search application table too */ |
| 244 | 267 | ||
| 245 | /* No match, return default type */ | 268 | /* No match, return default type */ |
| 246 | if(!adb->default_tt) goto err; | 269 | if (!adb->default_tt) |
| 270 | goto err; | ||
| 247 | return adb->default_tt; | 271 | return adb->default_tt; |
| 248 | 272 | ||
| 249 | err: | 273 | err: |
| 250 | /* FIXME: should log the value or OID of unsupported type */ | 274 | /* FIXME: should log the value or OID of unsupported type */ |
| 251 | if(nullerr) ASN1err(ASN1_F_ASN1_DO_ADB, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); | 275 | if (nullerr) |
| 276 | ASN1err(ASN1_F_ASN1_DO_ADB, | ||
| 277 | ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); | ||
| 252 | return NULL; | 278 | return NULL; |
| 253 | } | 279 | } |
diff --git a/src/lib/libcrypto/asn1/x_algor.c b/src/lib/libcrypto/asn1/x_algor.c index 00b9ea54a1..33533aba86 100644 --- a/src/lib/libcrypto/asn1/x_algor.c +++ b/src/lib/libcrypto/asn1/x_algor.c | |||
| @@ -66,8 +66,65 @@ ASN1_SEQUENCE(X509_ALGOR) = { | |||
| 66 | ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY) | 66 | ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY) |
| 67 | } ASN1_SEQUENCE_END(X509_ALGOR) | 67 | } ASN1_SEQUENCE_END(X509_ALGOR) |
| 68 | 68 | ||
| 69 | ASN1_ITEM_TEMPLATE(X509_ALGORS) = | ||
| 70 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR) | ||
| 71 | ASN1_ITEM_TEMPLATE_END(X509_ALGORS) | ||
| 72 | |||
| 69 | IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR) | 73 | IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR) |
| 74 | IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_ALGORS, X509_ALGORS, X509_ALGORS) | ||
| 70 | IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR) | 75 | IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR) |
| 71 | 76 | ||
| 72 | IMPLEMENT_STACK_OF(X509_ALGOR) | 77 | IMPLEMENT_STACK_OF(X509_ALGOR) |
| 73 | IMPLEMENT_ASN1_SET_OF(X509_ALGOR) | 78 | IMPLEMENT_ASN1_SET_OF(X509_ALGOR) |
| 79 | |||
| 80 | int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval) | ||
| 81 | { | ||
| 82 | if (!alg) | ||
| 83 | return 0; | ||
| 84 | if (ptype != V_ASN1_UNDEF) | ||
| 85 | { | ||
| 86 | if (alg->parameter == NULL) | ||
| 87 | alg->parameter = ASN1_TYPE_new(); | ||
| 88 | if (alg->parameter == NULL) | ||
| 89 | return 0; | ||
| 90 | } | ||
| 91 | if (alg) | ||
| 92 | { | ||
| 93 | if (alg->algorithm) | ||
| 94 | ASN1_OBJECT_free(alg->algorithm); | ||
| 95 | alg->algorithm = aobj; | ||
| 96 | } | ||
| 97 | if (ptype == 0) | ||
| 98 | return 1; | ||
| 99 | if (ptype == V_ASN1_UNDEF) | ||
| 100 | { | ||
| 101 | if (alg->parameter) | ||
| 102 | { | ||
| 103 | ASN1_TYPE_free(alg->parameter); | ||
| 104 | alg->parameter = NULL; | ||
| 105 | } | ||
| 106 | } | ||
| 107 | else | ||
| 108 | ASN1_TYPE_set(alg->parameter, ptype, pval); | ||
| 109 | return 1; | ||
| 110 | } | ||
| 111 | |||
| 112 | void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval, | ||
| 113 | X509_ALGOR *algor) | ||
| 114 | { | ||
| 115 | if (paobj) | ||
| 116 | *paobj = algor->algorithm; | ||
| 117 | if (pptype) | ||
| 118 | { | ||
| 119 | if (algor->parameter == NULL) | ||
| 120 | { | ||
| 121 | *pptype = V_ASN1_UNDEF; | ||
| 122 | return; | ||
| 123 | } | ||
| 124 | else | ||
| 125 | *pptype = algor->parameter->type; | ||
| 126 | if (ppval) | ||
| 127 | *ppval = algor->parameter->value.ptr; | ||
| 128 | } | ||
| 129 | } | ||
| 130 | |||
diff --git a/src/lib/libcrypto/asn1/x_bignum.c b/src/lib/libcrypto/asn1/x_bignum.c index 848c7a0877..869c05d931 100644 --- a/src/lib/libcrypto/asn1/x_bignum.c +++ b/src/lib/libcrypto/asn1/x_bignum.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/asn1t.h> | 61 | #include <openssl/asn1t.h> |
| 62 | #include <openssl/bn.h> | ||
| 62 | 63 | ||
| 63 | /* Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER as a | 64 | /* Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER as a |
| 64 | * BIGNUM directly. Currently it ignores the sign which isn't a problem since all | 65 | * BIGNUM directly. Currently it ignores the sign which isn't a problem since all |
| @@ -72,7 +73,7 @@ static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it); | |||
| 72 | static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it); | 73 | static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it); |
| 73 | 74 | ||
| 74 | static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); | 75 | static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); |
| 75 | static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); | 76 | static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); |
| 76 | 77 | ||
| 77 | static ASN1_PRIMITIVE_FUNCS bignum_pf = { | 78 | static ASN1_PRIMITIVE_FUNCS bignum_pf = { |
| 78 | NULL, 0, | 79 | NULL, 0, |
| @@ -122,7 +123,8 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN | |||
| 122 | return pad + BN_num_bytes(bn); | 123 | return pad + BN_num_bytes(bn); |
| 123 | } | 124 | } |
| 124 | 125 | ||
| 125 | static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) | 126 | static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, |
| 127 | int utype, char *free_cont, const ASN1_ITEM *it) | ||
| 126 | { | 128 | { |
| 127 | BIGNUM *bn; | 129 | BIGNUM *bn; |
| 128 | if(!*pval) bn_new(pval, it); | 130 | if(!*pval) bn_new(pval, it); |
diff --git a/src/lib/libcrypto/asn1/x_crl.c b/src/lib/libcrypto/asn1/x_crl.c index b99f8fc522..70d56a67f2 100644 --- a/src/lib/libcrypto/asn1/x_crl.c +++ b/src/lib/libcrypto/asn1/x_crl.c | |||
| @@ -84,7 +84,7 @@ static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) | |||
| 84 | * would affect the output of X509_CRL_print(). | 84 | * would affect the output of X509_CRL_print(). |
| 85 | */ | 85 | */ |
| 86 | case ASN1_OP_D2I_POST: | 86 | case ASN1_OP_D2I_POST: |
| 87 | sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp); | 87 | (void)sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp); |
| 88 | break; | 88 | break; |
| 89 | } | 89 | } |
| 90 | return 1; | 90 | return 1; |
diff --git a/src/lib/libcrypto/asn1/x_exten.c b/src/lib/libcrypto/asn1/x_exten.c index 702421b6c8..1732e66712 100644 --- a/src/lib/libcrypto/asn1/x_exten.c +++ b/src/lib/libcrypto/asn1/x_exten.c | |||
| @@ -67,5 +67,10 @@ ASN1_SEQUENCE(X509_EXTENSION) = { | |||
| 67 | ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING) | 67 | ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING) |
| 68 | } ASN1_SEQUENCE_END(X509_EXTENSION) | 68 | } ASN1_SEQUENCE_END(X509_EXTENSION) |
| 69 | 69 | ||
| 70 | ASN1_ITEM_TEMPLATE(X509_EXTENSIONS) = | ||
| 71 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Extension, X509_EXTENSION) | ||
| 72 | ASN1_ITEM_TEMPLATE_END(X509_EXTENSIONS) | ||
| 73 | |||
| 70 | IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION) | 74 | IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION) |
| 75 | IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS) | ||
| 71 | IMPLEMENT_ASN1_DUP_FUNCTION(X509_EXTENSION) | 76 | IMPLEMENT_ASN1_DUP_FUNCTION(X509_EXTENSION) |
diff --git a/src/lib/libcrypto/asn1/x_long.c b/src/lib/libcrypto/asn1/x_long.c index c5f25956cb..0db233cb95 100644 --- a/src/lib/libcrypto/asn1/x_long.c +++ b/src/lib/libcrypto/asn1/x_long.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/asn1t.h> | 61 | #include <openssl/asn1t.h> |
| 62 | #include <openssl/bn.h> | ||
| 62 | 63 | ||
| 63 | /* Custom primitive type for long handling. This converts between an ASN1_INTEGER | 64 | /* Custom primitive type for long handling. This converts between an ASN1_INTEGER |
| 64 | * and a long directly. | 65 | * and a long directly. |
| @@ -69,7 +70,7 @@ static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it); | |||
| 69 | static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it); | 70 | static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it); |
| 70 | 71 | ||
| 71 | static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); | 72 | static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); |
| 72 | static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); | 73 | static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); |
| 73 | 74 | ||
| 74 | static ASN1_PRIMITIVE_FUNCS long_pf = { | 75 | static ASN1_PRIMITIVE_FUNCS long_pf = { |
| 75 | NULL, 0, | 76 | NULL, 0, |
| @@ -136,13 +137,14 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const A | |||
| 136 | return clen + pad; | 137 | return clen + pad; |
| 137 | } | 138 | } |
| 138 | 139 | ||
| 139 | static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) | 140 | static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, |
| 141 | int utype, char *free_cont, const ASN1_ITEM *it) | ||
| 140 | { | 142 | { |
| 141 | int neg, i; | 143 | int neg, i; |
| 142 | long ltmp; | 144 | long ltmp; |
| 143 | unsigned long utmp = 0; | 145 | unsigned long utmp = 0; |
| 144 | char *cp = (char *)pval; | 146 | char *cp = (char *)pval; |
| 145 | if(len > sizeof(long)) { | 147 | if(len > (int)sizeof(long)) { |
| 146 | ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); | 148 | ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); |
| 147 | return 0; | 149 | return 0; |
| 148 | } | 150 | } |
diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c index 31f3377b64..04380abc3f 100644 --- a/src/lib/libcrypto/asn1/x_name.c +++ b/src/lib/libcrypto/asn1/x_name.c | |||
| @@ -61,7 +61,7 @@ | |||
| 61 | #include <openssl/asn1t.h> | 61 | #include <openssl/asn1t.h> |
| 62 | #include <openssl/x509.h> | 62 | #include <openssl/x509.h> |
| 63 | 63 | ||
| 64 | static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it, | 64 | static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, |
| 65 | int tag, int aclass, char opt, ASN1_TLC *ctx); | 65 | int tag, int aclass, char opt, ASN1_TLC *ctx); |
| 66 | 66 | ||
| 67 | static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); | 67 | static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); |
| @@ -123,7 +123,7 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it) | |||
| 123 | return 1; | 123 | return 1; |
| 124 | 124 | ||
| 125 | memerr: | 125 | memerr: |
| 126 | ASN1err(ASN1_F_X509_NAME_NEW, ERR_R_MALLOC_FAILURE); | 126 | ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE); |
| 127 | if (ret) | 127 | if (ret) |
| 128 | { | 128 | { |
| 129 | if (ret->entries) | 129 | if (ret->entries) |
| @@ -156,48 +156,48 @@ static void sk_internal_free(void *a) | |||
| 156 | sk_free(a); | 156 | sk_free(a); |
| 157 | } | 157 | } |
| 158 | 158 | ||
| 159 | static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it, | 159 | static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, |
| 160 | int tag, int aclass, char opt, ASN1_TLC *ctx) | 160 | int tag, int aclass, char opt, ASN1_TLC *ctx) |
| 161 | { | 161 | { |
| 162 | unsigned char *p = *in, *q; | 162 | const unsigned char *p = *in, *q; |
| 163 | STACK *intname = NULL, **intname_pp = &intname; | 163 | union { STACK *s; ASN1_VALUE *a; } intname = {NULL}; |
| 164 | union { X509_NAME *x; ASN1_VALUE *a; } nm = {NULL}; | ||
| 164 | int i, j, ret; | 165 | int i, j, ret; |
| 165 | X509_NAME *nm = NULL, **nm_pp = &nm; | ||
| 166 | STACK_OF(X509_NAME_ENTRY) *entries; | 166 | STACK_OF(X509_NAME_ENTRY) *entries; |
| 167 | X509_NAME_ENTRY *entry; | 167 | X509_NAME_ENTRY *entry; |
| 168 | q = p; | 168 | q = p; |
| 169 | 169 | ||
| 170 | /* Get internal representation of Name */ | 170 | /* Get internal representation of Name */ |
| 171 | ret = ASN1_item_ex_d2i((ASN1_VALUE **)intname_pp, | 171 | ret = ASN1_item_ex_d2i(&intname.a, |
| 172 | &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL), | 172 | &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL), |
| 173 | tag, aclass, opt, ctx); | 173 | tag, aclass, opt, ctx); |
| 174 | 174 | ||
| 175 | if(ret <= 0) return ret; | 175 | if(ret <= 0) return ret; |
| 176 | 176 | ||
| 177 | if(*val) x509_name_ex_free(val, NULL); | 177 | if(*val) x509_name_ex_free(val, NULL); |
| 178 | if(!x509_name_ex_new((ASN1_VALUE **)nm_pp, NULL)) goto err; | 178 | if(!x509_name_ex_new(&nm.a, NULL)) goto err; |
| 179 | /* We've decoded it: now cache encoding */ | 179 | /* We've decoded it: now cache encoding */ |
| 180 | if(!BUF_MEM_grow(nm->bytes, p - q)) goto err; | 180 | if(!BUF_MEM_grow(nm.x->bytes, p - q)) goto err; |
| 181 | memcpy(nm->bytes->data, q, p - q); | 181 | memcpy(nm.x->bytes->data, q, p - q); |
| 182 | 182 | ||
| 183 | /* Convert internal representation to X509_NAME structure */ | 183 | /* Convert internal representation to X509_NAME structure */ |
| 184 | for(i = 0; i < sk_num(intname); i++) { | 184 | for(i = 0; i < sk_num(intname.s); i++) { |
| 185 | entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname, i); | 185 | entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname.s, i); |
| 186 | for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) { | 186 | for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) { |
| 187 | entry = sk_X509_NAME_ENTRY_value(entries, j); | 187 | entry = sk_X509_NAME_ENTRY_value(entries, j); |
| 188 | entry->set = i; | 188 | entry->set = i; |
| 189 | if(!sk_X509_NAME_ENTRY_push(nm->entries, entry)) | 189 | if(!sk_X509_NAME_ENTRY_push(nm.x->entries, entry)) |
| 190 | goto err; | 190 | goto err; |
| 191 | } | 191 | } |
| 192 | sk_X509_NAME_ENTRY_free(entries); | 192 | sk_X509_NAME_ENTRY_free(entries); |
| 193 | } | 193 | } |
| 194 | sk_free(intname); | 194 | sk_free(intname.s); |
| 195 | nm->modified = 0; | 195 | nm.x->modified = 0; |
| 196 | *val = (ASN1_VALUE *)nm; | 196 | *val = nm.a; |
| 197 | *in = p; | 197 | *in = p; |
| 198 | return ret; | 198 | return ret; |
| 199 | err: | 199 | err: |
| 200 | ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_NESTED_ASN1_ERROR); | 200 | ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR); |
| 201 | return 0; | 201 | return 0; |
| 202 | } | 202 | } |
| 203 | 203 | ||
| @@ -219,36 +219,36 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_IT | |||
| 219 | 219 | ||
| 220 | static int x509_name_encode(X509_NAME *a) | 220 | static int x509_name_encode(X509_NAME *a) |
| 221 | { | 221 | { |
| 222 | STACK *intname = NULL, **intname_pp = &intname; | 222 | union { STACK *s; ASN1_VALUE *a; } intname = {NULL}; |
| 223 | int len; | 223 | int len; |
| 224 | unsigned char *p; | 224 | unsigned char *p; |
| 225 | STACK_OF(X509_NAME_ENTRY) *entries = NULL; | 225 | STACK_OF(X509_NAME_ENTRY) *entries = NULL; |
| 226 | X509_NAME_ENTRY *entry; | 226 | X509_NAME_ENTRY *entry; |
| 227 | int i, set = -1; | 227 | int i, set = -1; |
| 228 | intname = sk_new_null(); | 228 | intname.s = sk_new_null(); |
| 229 | if(!intname) goto memerr; | 229 | if(!intname.s) goto memerr; |
| 230 | for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { | 230 | for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { |
| 231 | entry = sk_X509_NAME_ENTRY_value(a->entries, i); | 231 | entry = sk_X509_NAME_ENTRY_value(a->entries, i); |
| 232 | if(entry->set != set) { | 232 | if(entry->set != set) { |
| 233 | entries = sk_X509_NAME_ENTRY_new_null(); | 233 | entries = sk_X509_NAME_ENTRY_new_null(); |
| 234 | if(!entries) goto memerr; | 234 | if(!entries) goto memerr; |
| 235 | if(!sk_push(intname, (char *)entries)) goto memerr; | 235 | if(!sk_push(intname.s, (char *)entries)) goto memerr; |
| 236 | set = entry->set; | 236 | set = entry->set; |
| 237 | } | 237 | } |
| 238 | if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr; | 238 | if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr; |
| 239 | } | 239 | } |
| 240 | len = ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp, NULL, | 240 | len = ASN1_item_ex_i2d(&intname.a, NULL, |
| 241 | ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); | 241 | ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); |
| 242 | if (!BUF_MEM_grow(a->bytes,len)) goto memerr; | 242 | if (!BUF_MEM_grow(a->bytes,len)) goto memerr; |
| 243 | p=(unsigned char *)a->bytes->data; | 243 | p=(unsigned char *)a->bytes->data; |
| 244 | ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp, | 244 | ASN1_item_ex_i2d(&intname.a, |
| 245 | &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); | 245 | &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); |
| 246 | sk_pop_free(intname, sk_internal_free); | 246 | sk_pop_free(intname.s, sk_internal_free); |
| 247 | a->modified = 0; | 247 | a->modified = 0; |
| 248 | return len; | 248 | return len; |
| 249 | memerr: | 249 | memerr: |
| 250 | sk_pop_free(intname, sk_internal_free); | 250 | sk_pop_free(intname.s, sk_internal_free); |
| 251 | ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_MALLOC_FAILURE); | 251 | ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE); |
| 252 | return -1; | 252 | return -1; |
| 253 | } | 253 | } |
| 254 | 254 | ||
diff --git a/src/lib/libcrypto/asn1/x_pkey.c b/src/lib/libcrypto/asn1/x_pkey.c index f1c6221ac3..8453618426 100644 --- a/src/lib/libcrypto/asn1/x_pkey.c +++ b/src/lib/libcrypto/asn1/x_pkey.c | |||
| @@ -69,15 +69,15 @@ int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp) | |||
| 69 | return(0); | 69 | return(0); |
| 70 | } | 70 | } |
| 71 | 71 | ||
| 72 | X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, unsigned char **pp, long length) | 72 | X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, long length) |
| 73 | { | 73 | { |
| 74 | int i; | 74 | int i; |
| 75 | M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new); | 75 | M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new); |
| 76 | 76 | ||
| 77 | M_ASN1_D2I_Init(); | 77 | M_ASN1_D2I_Init(); |
| 78 | M_ASN1_D2I_start_sequence(); | 78 | M_ASN1_D2I_start_sequence(); |
| 79 | M_ASN1_D2I_get(ret->enc_algor,d2i_X509_ALGOR); | 79 | M_ASN1_D2I_get_x(X509_ALGOR,ret->enc_algor,d2i_X509_ALGOR); |
| 80 | M_ASN1_D2I_get(ret->enc_pkey,d2i_ASN1_OCTET_STRING); | 80 | M_ASN1_D2I_get_x(ASN1_OCTET_STRING,ret->enc_pkey,d2i_ASN1_OCTET_STRING); |
| 81 | 81 | ||
| 82 | ret->cipher.cipher=EVP_get_cipherbyname( | 82 | ret->cipher.cipher=EVP_get_cipherbyname( |
| 83 | OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm))); | 83 | OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm))); |
diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c index 7d6d71af88..91c2756116 100644 --- a/src/lib/libcrypto/asn1/x_pubkey.c +++ b/src/lib/libcrypto/asn1/x_pubkey.c | |||
| @@ -60,16 +60,23 @@ | |||
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/asn1t.h> | 61 | #include <openssl/asn1t.h> |
| 62 | #include <openssl/x509.h> | 62 | #include <openssl/x509.h> |
| 63 | #ifndef OPENSSL_NO_RSA | ||
| 64 | #include <openssl/rsa.h> | ||
| 65 | #endif | ||
| 66 | #ifndef OPENSSL_NO_DSA | ||
| 67 | #include <openssl/dsa.h> | ||
| 68 | #endif | ||
| 63 | 69 | ||
| 64 | /* Minor tweak to operation: free up EVP_PKEY */ | 70 | /* Minor tweak to operation: free up EVP_PKEY */ |
| 65 | static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) | 71 | static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) |
| 66 | { | 72 | { |
| 67 | if(operation == ASN1_OP_FREE_POST) { | 73 | if (operation == ASN1_OP_FREE_POST) |
| 74 | { | ||
| 68 | X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; | 75 | X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; |
| 69 | EVP_PKEY_free(pubkey->pkey); | 76 | EVP_PKEY_free(pubkey->pkey); |
| 70 | } | 77 | } |
| 71 | return 1; | 78 | return 1; |
| 72 | } | 79 | } |
| 73 | 80 | ||
| 74 | ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = { | 81 | ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = { |
| 75 | ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR), | 82 | ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR), |
| @@ -111,13 +118,12 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) | |||
| 111 | a->parameter->type=V_ASN1_NULL; | 118 | a->parameter->type=V_ASN1_NULL; |
| 112 | } | 119 | } |
| 113 | } | 120 | } |
| 114 | else | ||
| 115 | #ifndef OPENSSL_NO_DSA | 121 | #ifndef OPENSSL_NO_DSA |
| 116 | if (pkey->type == EVP_PKEY_DSA) | 122 | else if (pkey->type == EVP_PKEY_DSA) |
| 117 | { | 123 | { |
| 118 | unsigned char *pp; | 124 | unsigned char *pp; |
| 119 | DSA *dsa; | 125 | DSA *dsa; |
| 120 | 126 | ||
| 121 | dsa=pkey->pkey.dsa; | 127 | dsa=pkey->pkey.dsa; |
| 122 | dsa->write_params=0; | 128 | dsa->write_params=0; |
| 123 | ASN1_TYPE_free(a->parameter); | 129 | ASN1_TYPE_free(a->parameter); |
| @@ -151,8 +157,64 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) | |||
| 151 | } | 157 | } |
| 152 | OPENSSL_free(p); | 158 | OPENSSL_free(p); |
| 153 | } | 159 | } |
| 154 | else | ||
| 155 | #endif | 160 | #endif |
| 161 | #ifndef OPENSSL_NO_EC | ||
| 162 | else if (pkey->type == EVP_PKEY_EC) | ||
| 163 | { | ||
| 164 | int nid=0; | ||
| 165 | unsigned char *pp; | ||
| 166 | EC_KEY *ec_key; | ||
| 167 | const EC_GROUP *group; | ||
| 168 | |||
| 169 | ec_key = pkey->pkey.ec; | ||
| 170 | ASN1_TYPE_free(a->parameter); | ||
| 171 | |||
| 172 | if ((a->parameter = ASN1_TYPE_new()) == NULL) | ||
| 173 | { | ||
| 174 | X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB); | ||
| 175 | goto err; | ||
| 176 | } | ||
| 177 | |||
| 178 | group = EC_KEY_get0_group(ec_key); | ||
| 179 | if (EC_GROUP_get_asn1_flag(group) | ||
| 180 | && (nid = EC_GROUP_get_curve_name(group))) | ||
| 181 | { | ||
| 182 | /* just set the OID */ | ||
| 183 | a->parameter->type = V_ASN1_OBJECT; | ||
| 184 | a->parameter->value.object = OBJ_nid2obj(nid); | ||
| 185 | } | ||
| 186 | else /* explicit parameters */ | ||
| 187 | { | ||
| 188 | if ((i = i2d_ECParameters(ec_key, NULL)) == 0) | ||
| 189 | { | ||
| 190 | X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB); | ||
| 191 | goto err; | ||
| 192 | } | ||
| 193 | if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL) | ||
| 194 | { | ||
| 195 | X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE); | ||
| 196 | goto err; | ||
| 197 | } | ||
| 198 | pp = p; | ||
| 199 | if (!i2d_ECParameters(ec_key, &pp)) | ||
| 200 | { | ||
| 201 | X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB); | ||
| 202 | OPENSSL_free(p); | ||
| 203 | goto err; | ||
| 204 | } | ||
| 205 | a->parameter->type = V_ASN1_SEQUENCE; | ||
| 206 | if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL) | ||
| 207 | { | ||
| 208 | X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB); | ||
| 209 | OPENSSL_free(p); | ||
| 210 | goto err; | ||
| 211 | } | ||
| 212 | ASN1_STRING_set(a->parameter->value.sequence, p, i); | ||
| 213 | OPENSSL_free(p); | ||
| 214 | } | ||
| 215 | } | ||
| 216 | #endif | ||
| 217 | else if (1) | ||
| 156 | { | 218 | { |
| 157 | X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM); | 219 | X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM); |
| 158 | goto err; | 220 | goto err; |
| @@ -171,7 +233,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) | |||
| 171 | X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); | 233 | X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); |
| 172 | goto err; | 234 | goto err; |
| 173 | } | 235 | } |
| 174 | /* Set number of unused bits to zero */ | 236 | /* Set number of unused bits to zero */ |
| 175 | pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); | 237 | pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); |
| 176 | pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT; | 238 | pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT; |
| 177 | 239 | ||
| @@ -198,8 +260,8 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) | |||
| 198 | EVP_PKEY *ret=NULL; | 260 | EVP_PKEY *ret=NULL; |
| 199 | long j; | 261 | long j; |
| 200 | int type; | 262 | int type; |
| 201 | unsigned char *p; | 263 | const unsigned char *p; |
| 202 | #ifndef OPENSSL_NO_DSA | 264 | #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) |
| 203 | const unsigned char *cp; | 265 | const unsigned char *cp; |
| 204 | X509_ALGOR *a; | 266 | X509_ALGOR *a; |
| 205 | #endif | 267 | #endif |
| @@ -207,40 +269,106 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) | |||
| 207 | if (key == NULL) goto err; | 269 | if (key == NULL) goto err; |
| 208 | 270 | ||
| 209 | if (key->pkey != NULL) | 271 | if (key->pkey != NULL) |
| 210 | { | 272 | { |
| 211 | CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY); | 273 | CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); |
| 212 | return(key->pkey); | 274 | return(key->pkey); |
| 213 | } | 275 | } |
| 214 | 276 | ||
| 215 | if (key->public_key == NULL) goto err; | 277 | if (key->public_key == NULL) goto err; |
| 216 | 278 | ||
| 217 | type=OBJ_obj2nid(key->algor->algorithm); | 279 | type=OBJ_obj2nid(key->algor->algorithm); |
| 218 | p=key->public_key->data; | 280 | if ((ret = EVP_PKEY_new()) == NULL) |
| 219 | j=key->public_key->length; | ||
| 220 | if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL) | ||
| 221 | { | 281 | { |
| 222 | X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB); | 282 | X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); |
| 223 | goto err; | 283 | goto err; |
| 224 | } | 284 | } |
| 225 | ret->save_parameters=0; | 285 | ret->type = EVP_PKEY_type(type); |
| 226 | 286 | ||
| 227 | #ifndef OPENSSL_NO_DSA | 287 | /* the parameters must be extracted before the public key (ECDSA!) */ |
| 288 | |||
| 289 | #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) | ||
| 228 | a=key->algor; | 290 | a=key->algor; |
| 229 | if (ret->type == EVP_PKEY_DSA) | 291 | #endif |
| 292 | |||
| 293 | if (0) | ||
| 294 | ; | ||
| 295 | #ifndef OPENSSL_NO_DSA | ||
| 296 | else if (ret->type == EVP_PKEY_DSA) | ||
| 230 | { | 297 | { |
| 231 | if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) | 298 | if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) |
| 232 | { | 299 | { |
| 300 | if ((ret->pkey.dsa = DSA_new()) == NULL) | ||
| 301 | { | ||
| 302 | X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); | ||
| 303 | goto err; | ||
| 304 | } | ||
| 233 | ret->pkey.dsa->write_params=0; | 305 | ret->pkey.dsa->write_params=0; |
| 234 | cp=p=a->parameter->value.sequence->data; | 306 | cp=p=a->parameter->value.sequence->data; |
| 235 | j=a->parameter->value.sequence->length; | 307 | j=a->parameter->value.sequence->length; |
| 236 | if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j)) | 308 | if (!d2i_DSAparams(&ret->pkey.dsa, &cp, (long)j)) |
| 237 | goto err; | 309 | goto err; |
| 238 | } | 310 | } |
| 239 | ret->save_parameters=1; | 311 | ret->save_parameters=1; |
| 240 | } | 312 | } |
| 241 | #endif | 313 | #endif |
| 242 | key->pkey=ret; | 314 | #ifndef OPENSSL_NO_EC |
| 243 | CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY); | 315 | else if (ret->type == EVP_PKEY_EC) |
| 316 | { | ||
| 317 | if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) | ||
| 318 | { | ||
| 319 | /* type == V_ASN1_SEQUENCE => we have explicit parameters | ||
| 320 | * (e.g. parameters in the X9_62_EC_PARAMETERS-structure ) | ||
| 321 | */ | ||
| 322 | if ((ret->pkey.ec= EC_KEY_new()) == NULL) | ||
| 323 | { | ||
| 324 | X509err(X509_F_X509_PUBKEY_GET, | ||
| 325 | ERR_R_MALLOC_FAILURE); | ||
| 326 | goto err; | ||
| 327 | } | ||
| 328 | cp = p = a->parameter->value.sequence->data; | ||
| 329 | j = a->parameter->value.sequence->length; | ||
| 330 | if (!d2i_ECParameters(&ret->pkey.ec, &cp, (long)j)) | ||
| 331 | { | ||
| 332 | X509err(X509_F_X509_PUBKEY_GET, ERR_R_EC_LIB); | ||
| 333 | goto err; | ||
| 334 | } | ||
| 335 | } | ||
| 336 | else if (a->parameter && (a->parameter->type == V_ASN1_OBJECT)) | ||
| 337 | { | ||
| 338 | /* type == V_ASN1_OBJECT => the parameters are given | ||
| 339 | * by an asn1 OID | ||
| 340 | */ | ||
| 341 | EC_KEY *ec_key; | ||
| 342 | EC_GROUP *group; | ||
| 343 | |||
| 344 | if (ret->pkey.ec == NULL) | ||
| 345 | ret->pkey.ec = EC_KEY_new(); | ||
| 346 | ec_key = ret->pkey.ec; | ||
| 347 | if (ec_key == NULL) | ||
| 348 | goto err; | ||
| 349 | group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object)); | ||
| 350 | if (group == NULL) | ||
| 351 | goto err; | ||
| 352 | EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); | ||
| 353 | if (EC_KEY_set_group(ec_key, group) == 0) | ||
| 354 | goto err; | ||
| 355 | EC_GROUP_free(group); | ||
| 356 | } | ||
| 357 | /* the case implicitlyCA is currently not implemented */ | ||
| 358 | ret->save_parameters = 1; | ||
| 359 | } | ||
| 360 | #endif | ||
| 361 | |||
| 362 | p=key->public_key->data; | ||
| 363 | j=key->public_key->length; | ||
| 364 | if (!d2i_PublicKey(type, &ret, &p, (long)j)) | ||
| 365 | { | ||
| 366 | X509err(X509_F_X509_PUBKEY_GET, X509_R_ERR_ASN1_LIB); | ||
| 367 | goto err; | ||
| 368 | } | ||
| 369 | |||
| 370 | key->pkey = ret; | ||
| 371 | CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY); | ||
| 244 | return(ret); | 372 | return(ret); |
| 245 | err: | 373 | err: |
| 246 | if (ret != NULL) | 374 | if (ret != NULL) |
| @@ -252,9 +380,9 @@ err: | |||
| 252 | * and encode or decode as X509_PUBKEY | 380 | * and encode or decode as X509_PUBKEY |
| 253 | */ | 381 | */ |
| 254 | 382 | ||
| 255 | EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp, | 383 | EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, |
| 256 | long length) | 384 | long length) |
| 257 | { | 385 | { |
| 258 | X509_PUBKEY *xpk; | 386 | X509_PUBKEY *xpk; |
| 259 | EVP_PKEY *pktmp; | 387 | EVP_PKEY *pktmp; |
| 260 | xpk = d2i_X509_PUBKEY(NULL, pp, length); | 388 | xpk = d2i_X509_PUBKEY(NULL, pp, length); |
| @@ -262,15 +390,16 @@ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp, | |||
| 262 | pktmp = X509_PUBKEY_get(xpk); | 390 | pktmp = X509_PUBKEY_get(xpk); |
| 263 | X509_PUBKEY_free(xpk); | 391 | X509_PUBKEY_free(xpk); |
| 264 | if(!pktmp) return NULL; | 392 | if(!pktmp) return NULL; |
| 265 | if(a) { | 393 | if(a) |
| 394 | { | ||
| 266 | EVP_PKEY_free(*a); | 395 | EVP_PKEY_free(*a); |
| 267 | *a = pktmp; | 396 | *a = pktmp; |
| 268 | } | 397 | } |
| 269 | return pktmp; | 398 | return pktmp; |
| 270 | } | 399 | } |
| 271 | 400 | ||
| 272 | int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp) | 401 | int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp) |
| 273 | { | 402 | { |
| 274 | X509_PUBKEY *xpk=NULL; | 403 | X509_PUBKEY *xpk=NULL; |
| 275 | int ret; | 404 | int ret; |
| 276 | if(!a) return 0; | 405 | if(!a) return 0; |
| @@ -278,83 +407,125 @@ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp) | |||
| 278 | ret = i2d_X509_PUBKEY(xpk, pp); | 407 | ret = i2d_X509_PUBKEY(xpk, pp); |
| 279 | X509_PUBKEY_free(xpk); | 408 | X509_PUBKEY_free(xpk); |
| 280 | return ret; | 409 | return ret; |
| 281 | } | 410 | } |
| 282 | 411 | ||
| 283 | /* The following are equivalents but which return RSA and DSA | 412 | /* The following are equivalents but which return RSA and DSA |
| 284 | * keys | 413 | * keys |
| 285 | */ | 414 | */ |
| 286 | #ifndef OPENSSL_NO_RSA | 415 | #ifndef OPENSSL_NO_RSA |
| 287 | RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, | 416 | RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, |
| 288 | long length) | 417 | long length) |
| 289 | { | 418 | { |
| 290 | EVP_PKEY *pkey; | 419 | EVP_PKEY *pkey; |
| 291 | RSA *key; | 420 | RSA *key; |
| 292 | unsigned char *q; | 421 | const unsigned char *q; |
| 293 | q = *pp; | 422 | q = *pp; |
| 294 | pkey = d2i_PUBKEY(NULL, &q, length); | 423 | pkey = d2i_PUBKEY(NULL, &q, length); |
| 295 | if(!pkey) return NULL; | 424 | if (!pkey) return NULL; |
| 296 | key = EVP_PKEY_get1_RSA(pkey); | 425 | key = EVP_PKEY_get1_RSA(pkey); |
| 297 | EVP_PKEY_free(pkey); | 426 | EVP_PKEY_free(pkey); |
| 298 | if(!key) return NULL; | 427 | if (!key) return NULL; |
| 299 | *pp = q; | 428 | *pp = q; |
| 300 | if(a) { | 429 | if (a) |
| 430 | { | ||
| 301 | RSA_free(*a); | 431 | RSA_free(*a); |
| 302 | *a = key; | 432 | *a = key; |
| 303 | } | 433 | } |
| 304 | return key; | 434 | return key; |
| 305 | } | 435 | } |
| 306 | 436 | ||
| 307 | int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp) | 437 | int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp) |
| 308 | { | 438 | { |
| 309 | EVP_PKEY *pktmp; | 439 | EVP_PKEY *pktmp; |
| 310 | int ret; | 440 | int ret; |
| 311 | if(!a) return 0; | 441 | if (!a) return 0; |
| 312 | pktmp = EVP_PKEY_new(); | 442 | pktmp = EVP_PKEY_new(); |
| 313 | if(!pktmp) { | 443 | if (!pktmp) |
| 444 | { | ||
| 314 | ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); | 445 | ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); |
| 315 | return 0; | 446 | return 0; |
| 316 | } | 447 | } |
| 317 | EVP_PKEY_set1_RSA(pktmp, a); | 448 | EVP_PKEY_set1_RSA(pktmp, a); |
| 318 | ret = i2d_PUBKEY(pktmp, pp); | 449 | ret = i2d_PUBKEY(pktmp, pp); |
| 319 | EVP_PKEY_free(pktmp); | 450 | EVP_PKEY_free(pktmp); |
| 320 | return ret; | 451 | return ret; |
| 321 | } | 452 | } |
| 322 | #endif | 453 | #endif |
| 323 | 454 | ||
| 324 | #ifndef OPENSSL_NO_DSA | 455 | #ifndef OPENSSL_NO_DSA |
| 325 | DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp, | 456 | DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, |
| 326 | long length) | 457 | long length) |
| 327 | { | 458 | { |
| 328 | EVP_PKEY *pkey; | 459 | EVP_PKEY *pkey; |
| 329 | DSA *key; | 460 | DSA *key; |
| 330 | unsigned char *q; | 461 | const unsigned char *q; |
| 331 | q = *pp; | 462 | q = *pp; |
| 332 | pkey = d2i_PUBKEY(NULL, &q, length); | 463 | pkey = d2i_PUBKEY(NULL, &q, length); |
| 333 | if(!pkey) return NULL; | 464 | if (!pkey) return NULL; |
| 334 | key = EVP_PKEY_get1_DSA(pkey); | 465 | key = EVP_PKEY_get1_DSA(pkey); |
| 335 | EVP_PKEY_free(pkey); | 466 | EVP_PKEY_free(pkey); |
| 336 | if(!key) return NULL; | 467 | if (!key) return NULL; |
| 337 | *pp = q; | 468 | *pp = q; |
| 338 | if(a) { | 469 | if (a) |
| 470 | { | ||
| 339 | DSA_free(*a); | 471 | DSA_free(*a); |
| 340 | *a = key; | 472 | *a = key; |
| 341 | } | 473 | } |
| 342 | return key; | 474 | return key; |
| 343 | } | 475 | } |
| 344 | 476 | ||
| 345 | int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp) | 477 | int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp) |
| 346 | { | 478 | { |
| 347 | EVP_PKEY *pktmp; | 479 | EVP_PKEY *pktmp; |
| 348 | int ret; | 480 | int ret; |
| 349 | if(!a) return 0; | 481 | if(!a) return 0; |
| 350 | pktmp = EVP_PKEY_new(); | 482 | pktmp = EVP_PKEY_new(); |
| 351 | if(!pktmp) { | 483 | if(!pktmp) |
| 484 | { | ||
| 352 | ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); | 485 | ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); |
| 353 | return 0; | 486 | return 0; |
| 354 | } | 487 | } |
| 355 | EVP_PKEY_set1_DSA(pktmp, a); | 488 | EVP_PKEY_set1_DSA(pktmp, a); |
| 356 | ret = i2d_PUBKEY(pktmp, pp); | 489 | ret = i2d_PUBKEY(pktmp, pp); |
| 357 | EVP_PKEY_free(pktmp); | 490 | EVP_PKEY_free(pktmp); |
| 358 | return ret; | 491 | return ret; |
| 359 | } | 492 | } |
| 493 | #endif | ||
| 494 | |||
| 495 | #ifndef OPENSSL_NO_EC | ||
| 496 | EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length) | ||
| 497 | { | ||
| 498 | EVP_PKEY *pkey; | ||
| 499 | EC_KEY *key; | ||
| 500 | const unsigned char *q; | ||
| 501 | q = *pp; | ||
| 502 | pkey = d2i_PUBKEY(NULL, &q, length); | ||
| 503 | if (!pkey) return(NULL); | ||
| 504 | key = EVP_PKEY_get1_EC_KEY(pkey); | ||
| 505 | EVP_PKEY_free(pkey); | ||
| 506 | if (!key) return(NULL); | ||
| 507 | *pp = q; | ||
| 508 | if (a) | ||
| 509 | { | ||
| 510 | EC_KEY_free(*a); | ||
| 511 | *a = key; | ||
| 512 | } | ||
| 513 | return(key); | ||
| 514 | } | ||
| 515 | |||
| 516 | int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp) | ||
| 517 | { | ||
| 518 | EVP_PKEY *pktmp; | ||
| 519 | int ret; | ||
| 520 | if (!a) return(0); | ||
| 521 | if ((pktmp = EVP_PKEY_new()) == NULL) | ||
| 522 | { | ||
| 523 | ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE); | ||
| 524 | return(0); | ||
| 525 | } | ||
| 526 | EVP_PKEY_set1_EC_KEY(pktmp, a); | ||
| 527 | ret = i2d_PUBKEY(pktmp, pp); | ||
| 528 | EVP_PKEY_free(pktmp); | ||
| 529 | return(ret); | ||
| 530 | } | ||
| 360 | #endif | 531 | #endif |
diff --git a/src/lib/libcrypto/asn1/x_req.c b/src/lib/libcrypto/asn1/x_req.c index b3f18ebc12..59ca8ce329 100644 --- a/src/lib/libcrypto/asn1/x_req.c +++ b/src/lib/libcrypto/asn1/x_req.c | |||
| @@ -102,7 +102,7 @@ ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = { | |||
| 102 | 102 | ||
| 103 | IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO) | 103 | IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO) |
| 104 | 104 | ||
| 105 | ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_INFO) = { | 105 | ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_REQ) = { |
| 106 | ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO), | 106 | ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO), |
| 107 | ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR), | 107 | ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR), |
| 108 | ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING) | 108 | ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING) |
diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c index b50167ce43..e118696625 100644 --- a/src/lib/libcrypto/asn1/x_x509.c +++ b/src/lib/libcrypto/asn1/x_x509.c | |||
| @@ -79,6 +79,8 @@ ASN1_SEQUENCE(X509_CINF) = { | |||
| 79 | IMPLEMENT_ASN1_FUNCTIONS(X509_CINF) | 79 | IMPLEMENT_ASN1_FUNCTIONS(X509_CINF) |
| 80 | /* X509 top level structure needs a bit of customisation */ | 80 | /* X509 top level structure needs a bit of customisation */ |
| 81 | 81 | ||
| 82 | extern void policy_cache_free(X509_POLICY_CACHE *cache); | ||
| 83 | |||
| 82 | static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) | 84 | static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) |
| 83 | { | 85 | { |
| 84 | X509 *ret = (X509 *)*pval; | 86 | X509 *ret = (X509 *)*pval; |
| @@ -92,6 +94,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) | |||
| 92 | ret->ex_pathlen = -1; | 94 | ret->ex_pathlen = -1; |
| 93 | ret->skid = NULL; | 95 | ret->skid = NULL; |
| 94 | ret->akid = NULL; | 96 | ret->akid = NULL; |
| 97 | #ifndef OPENSSL_NO_RFC3779 | ||
| 98 | ret->rfc3779_addr = NULL; | ||
| 99 | ret->rfc3779_asid = NULL; | ||
| 100 | #endif | ||
| 95 | ret->aux = NULL; | 101 | ret->aux = NULL; |
| 96 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); | 102 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); |
| 97 | break; | 103 | break; |
| @@ -106,6 +112,11 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) | |||
| 106 | X509_CERT_AUX_free(ret->aux); | 112 | X509_CERT_AUX_free(ret->aux); |
| 107 | ASN1_OCTET_STRING_free(ret->skid); | 113 | ASN1_OCTET_STRING_free(ret->skid); |
| 108 | AUTHORITY_KEYID_free(ret->akid); | 114 | AUTHORITY_KEYID_free(ret->akid); |
| 115 | policy_cache_free(ret->policy_cache); | ||
| 116 | #ifndef OPENSSL_NO_RFC3779 | ||
| 117 | sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free); | ||
| 118 | ASIdentifiers_free(ret->rfc3779_asid); | ||
| 119 | #endif | ||
| 109 | 120 | ||
| 110 | if (ret->name != NULL) OPENSSL_free(ret->name); | 121 | if (ret->name != NULL) OPENSSL_free(ret->name); |
| 111 | break; | 122 | break; |
| @@ -125,11 +136,13 @@ ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = { | |||
| 125 | IMPLEMENT_ASN1_FUNCTIONS(X509) | 136 | IMPLEMENT_ASN1_FUNCTIONS(X509) |
| 126 | IMPLEMENT_ASN1_DUP_FUNCTION(X509) | 137 | IMPLEMENT_ASN1_DUP_FUNCTION(X509) |
| 127 | 138 | ||
| 128 | static ASN1_METHOD meth={ | 139 | static ASN1_METHOD meth= |
| 129 | (int (*)()) i2d_X509, | 140 | { |
| 130 | (char *(*)())d2i_X509, | 141 | (I2D_OF(void)) i2d_X509, |
| 131 | (char *(*)())X509_new, | 142 | (D2I_OF(void)) d2i_X509, |
| 132 | (void (*)()) X509_free}; | 143 | (void *(*)(void))X509_new, |
| 144 | (void (*)(void *)) X509_free | ||
| 145 | }; | ||
| 133 | 146 | ||
| 134 | ASN1_METHOD *X509_asn1_meth(void) | 147 | ASN1_METHOD *X509_asn1_meth(void) |
| 135 | { | 148 | { |
| @@ -161,9 +174,9 @@ void *X509_get_ex_data(X509 *r, int idx) | |||
| 161 | * | 174 | * |
| 162 | */ | 175 | */ |
| 163 | 176 | ||
| 164 | X509 *d2i_X509_AUX(X509 **a, unsigned char **pp, long length) | 177 | X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length) |
| 165 | { | 178 | { |
| 166 | unsigned char *q; | 179 | const unsigned char *q; |
| 167 | X509 *ret; | 180 | X509 *ret; |
| 168 | /* Save start position */ | 181 | /* Save start position */ |
| 169 | q = *pp; | 182 | q = *pp; |
diff --git a/src/lib/libcrypto/asn1/x_x509a.c b/src/lib/libcrypto/asn1/x_x509a.c index f244768b7e..13db5fd03f 100644 --- a/src/lib/libcrypto/asn1/x_x509a.c +++ b/src/lib/libcrypto/asn1/x_x509a.c | |||
| @@ -91,6 +91,14 @@ static X509_CERT_AUX *aux_get(X509 *x) | |||
| 91 | int X509_alias_set1(X509 *x, unsigned char *name, int len) | 91 | int X509_alias_set1(X509 *x, unsigned char *name, int len) |
| 92 | { | 92 | { |
| 93 | X509_CERT_AUX *aux; | 93 | X509_CERT_AUX *aux; |
| 94 | if (!name) | ||
| 95 | { | ||
| 96 | if (!x || !x->aux || !x->aux->alias) | ||
| 97 | return 1; | ||
| 98 | ASN1_UTF8STRING_free(x->aux->alias); | ||
| 99 | x->aux->alias = NULL; | ||
| 100 | return 1; | ||
| 101 | } | ||
| 94 | if(!(aux = aux_get(x))) return 0; | 102 | if(!(aux = aux_get(x))) return 0; |
| 95 | if(!aux->alias && !(aux->alias = ASN1_UTF8STRING_new())) return 0; | 103 | if(!aux->alias && !(aux->alias = ASN1_UTF8STRING_new())) return 0; |
| 96 | return ASN1_STRING_set(aux->alias, name, len); | 104 | return ASN1_STRING_set(aux->alias, name, len); |
| @@ -99,6 +107,14 @@ int X509_alias_set1(X509 *x, unsigned char *name, int len) | |||
| 99 | int X509_keyid_set1(X509 *x, unsigned char *id, int len) | 107 | int X509_keyid_set1(X509 *x, unsigned char *id, int len) |
| 100 | { | 108 | { |
| 101 | X509_CERT_AUX *aux; | 109 | X509_CERT_AUX *aux; |
| 110 | if (!id) | ||
| 111 | { | ||
| 112 | if (!x || !x->aux || !x->aux->keyid) | ||
| 113 | return 1; | ||
| 114 | ASN1_OCTET_STRING_free(x->aux->keyid); | ||
| 115 | x->aux->keyid = NULL; | ||
| 116 | return 1; | ||
| 117 | } | ||
| 102 | if(!(aux = aux_get(x))) return 0; | 118 | if(!(aux = aux_get(x))) return 0; |
| 103 | if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0; | 119 | if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0; |
| 104 | return ASN1_STRING_set(aux->keyid, id, len); | 120 | return ASN1_STRING_set(aux->keyid, id, len); |
| @@ -111,6 +127,13 @@ unsigned char *X509_alias_get0(X509 *x, int *len) | |||
| 111 | return x->aux->alias->data; | 127 | return x->aux->alias->data; |
| 112 | } | 128 | } |
| 113 | 129 | ||
| 130 | unsigned char *X509_keyid_get0(X509 *x, int *len) | ||
| 131 | { | ||
| 132 | if(!x->aux || !x->aux->keyid) return NULL; | ||
| 133 | if(len) *len = x->aux->keyid->length; | ||
| 134 | return x->aux->keyid->data; | ||
| 135 | } | ||
| 136 | |||
| 114 | int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj) | 137 | int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj) |
| 115 | { | 138 | { |
| 116 | X509_CERT_AUX *aux; | 139 | X509_CERT_AUX *aux; |
| @@ -149,3 +172,9 @@ void X509_reject_clear(X509 *x) | |||
| 149 | } | 172 | } |
| 150 | } | 173 | } |
| 151 | 174 | ||
| 175 | ASN1_SEQUENCE(X509_CERT_PAIR) = { | ||
| 176 | ASN1_EXP_OPT(X509_CERT_PAIR, forward, X509, 0), | ||
| 177 | ASN1_EXP_OPT(X509_CERT_PAIR, reverse, X509, 1) | ||
| 178 | } ASN1_SEQUENCE_END(X509_CERT_PAIR) | ||
| 179 | |||
| 180 | IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_PAIR) | ||
diff --git a/src/lib/libcrypto/bf/bf_ecb.c b/src/lib/libcrypto/bf/bf_ecb.c index 341991636f..1607cefa32 100644 --- a/src/lib/libcrypto/bf/bf_ecb.c +++ b/src/lib/libcrypto/bf/bf_ecb.c | |||
| @@ -65,7 +65,7 @@ | |||
| 65 | * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) | 65 | * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) |
| 66 | */ | 66 | */ |
| 67 | 67 | ||
| 68 | const char *BF_version="Blowfish" OPENSSL_VERSION_PTEXT; | 68 | const char BF_version[]="Blowfish" OPENSSL_VERSION_PTEXT; |
| 69 | 69 | ||
| 70 | const char *BF_options(void) | 70 | const char *BF_options(void) |
| 71 | { | 71 | { |
diff --git a/src/lib/libcrypto/bf/bf_enc.c b/src/lib/libcrypto/bf/bf_enc.c index b380acf959..2d21d09f42 100644 --- a/src/lib/libcrypto/bf/bf_enc.c +++ b/src/lib/libcrypto/bf/bf_enc.c | |||
| @@ -73,7 +73,7 @@ void BF_encrypt(BF_LONG *data, const BF_KEY *key) | |||
| 73 | { | 73 | { |
| 74 | #ifndef BF_PTR2 | 74 | #ifndef BF_PTR2 |
| 75 | register BF_LONG l,r; | 75 | register BF_LONG l,r; |
| 76 | const register BF_LONG *p,*s; | 76 | register const BF_LONG *p,*s; |
| 77 | 77 | ||
| 78 | p=key->P; | 78 | p=key->P; |
| 79 | s= &(key->S[0]); | 79 | s= &(key->S[0]); |
| @@ -150,7 +150,7 @@ void BF_decrypt(BF_LONG *data, const BF_KEY *key) | |||
| 150 | { | 150 | { |
| 151 | #ifndef BF_PTR2 | 151 | #ifndef BF_PTR2 |
| 152 | register BF_LONG l,r; | 152 | register BF_LONG l,r; |
| 153 | const register BF_LONG *p,*s; | 153 | register const BF_LONG *p,*s; |
| 154 | 154 | ||
| 155 | p=key->P; | 155 | p=key->P; |
| 156 | s= &(key->S[0]); | 156 | s= &(key->S[0]); |
diff --git a/src/lib/libcrypto/bf/bf_opts.c b/src/lib/libcrypto/bf/bf_opts.c index 171dada2ca..1721bb99b4 100644 --- a/src/lib/libcrypto/bf/bf_opts.c +++ b/src/lib/libcrypto/bf/bf_opts.c | |||
| @@ -69,7 +69,10 @@ | |||
| 69 | #include OPENSSL_UNISTD_IO | 69 | #include OPENSSL_UNISTD_IO |
| 70 | OPENSSL_DECLARE_EXIT | 70 | OPENSSL_DECLARE_EXIT |
| 71 | 71 | ||
| 72 | #ifndef OPENSSL_SYS_NETWARE | ||
| 72 | #include <signal.h> | 73 | #include <signal.h> |
| 74 | #endif | ||
| 75 | |||
| 73 | #ifndef _IRIX | 76 | #ifndef _IRIX |
| 74 | #include <time.h> | 77 | #include <time.h> |
| 75 | #endif | 78 | #endif |
diff --git a/src/lib/libcrypto/bf/bf_skey.c b/src/lib/libcrypto/bf/bf_skey.c index 1931aba83f..3673cdee6e 100644 --- a/src/lib/libcrypto/bf/bf_skey.c +++ b/src/lib/libcrypto/bf/bf_skey.c | |||
| @@ -58,13 +58,11 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/crypto.h> | ||
| 62 | #include <openssl/blowfish.h> | 61 | #include <openssl/blowfish.h> |
| 63 | #include <openssl/fips.h> | ||
| 64 | #include "bf_locl.h" | 62 | #include "bf_locl.h" |
| 65 | #include "bf_pi.h" | 63 | #include "bf_pi.h" |
| 66 | 64 | ||
| 67 | FIPS_NON_FIPS_VCIPHER_Init(BF) | 65 | void BF_set_key(BF_KEY *key, int len, const unsigned char *data) |
| 68 | { | 66 | { |
| 69 | int i; | 67 | int i; |
| 70 | BF_LONG *p,ri,in[2]; | 68 | BF_LONG *p,ri,in[2]; |
diff --git a/src/lib/libcrypto/bf/bfspeed.c b/src/lib/libcrypto/bf/bfspeed.c index f346af64f3..c41ef3b403 100644 --- a/src/lib/libcrypto/bf/bfspeed.c +++ b/src/lib/libcrypto/bf/bfspeed.c | |||
| @@ -69,7 +69,10 @@ | |||
| 69 | #include OPENSSL_UNISTD_IO | 69 | #include OPENSSL_UNISTD_IO |
| 70 | OPENSSL_DECLARE_EXIT | 70 | OPENSSL_DECLARE_EXIT |
| 71 | 71 | ||
| 72 | #ifndef OPENSSL_SYS_NETWARE | ||
| 72 | #include <signal.h> | 73 | #include <signal.h> |
| 74 | #endif | ||
| 75 | |||
| 73 | #ifndef _IRIX | 76 | #ifndef _IRIX |
| 74 | #include <time.h> | 77 | #include <time.h> |
| 75 | #endif | 78 | #endif |
diff --git a/src/lib/libcrypto/bf/bftest.c b/src/lib/libcrypto/bf/bftest.c index 24d526b14b..97e6634d37 100644 --- a/src/lib/libcrypto/bf/bftest.c +++ b/src/lib/libcrypto/bf/bftest.c | |||
| @@ -62,6 +62,7 @@ | |||
| 62 | #include <stdio.h> | 62 | #include <stdio.h> |
| 63 | #include <string.h> | 63 | #include <string.h> |
| 64 | #include <stdlib.h> | 64 | #include <stdlib.h> |
| 65 | #include <openssl/opensslconf.h> /* To see if OPENSSL_NO_BF is defined */ | ||
| 65 | 66 | ||
| 66 | #include "../e_os.h" | 67 | #include "../e_os.h" |
| 67 | 68 | ||
| @@ -277,6 +278,9 @@ int main(int argc, char *argv[]) | |||
| 277 | else | 278 | else |
| 278 | ret=test(); | 279 | ret=test(); |
| 279 | 280 | ||
| 281 | #ifdef OPENSSL_SYS_NETWARE | ||
| 282 | if (ret) printf("ERROR: %d\n", ret); | ||
| 283 | #endif | ||
| 280 | EXIT(ret); | 284 | EXIT(ret); |
| 281 | return(0); | 285 | return(0); |
| 282 | } | 286 | } |
diff --git a/src/lib/libcrypto/bf/blowfish.h b/src/lib/libcrypto/bf/blowfish.h index b4d8774961..cd49e85ab2 100644 --- a/src/lib/libcrypto/bf/blowfish.h +++ b/src/lib/libcrypto/bf/blowfish.h | |||
| @@ -104,10 +104,7 @@ typedef struct bf_key_st | |||
| 104 | BF_LONG S[4*256]; | 104 | BF_LONG S[4*256]; |
| 105 | } BF_KEY; | 105 | } BF_KEY; |
| 106 | 106 | ||
| 107 | 107 | ||
| 108 | #ifdef OPENSSL_FIPS | ||
| 109 | void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data); | ||
| 110 | #endif | ||
| 111 | void BF_set_key(BF_KEY *key, int len, const unsigned char *data); | 108 | void BF_set_key(BF_KEY *key, int len, const unsigned char *data); |
| 112 | 109 | ||
| 113 | void BF_encrypt(BF_LONG *data,const BF_KEY *key); | 110 | void BF_encrypt(BF_LONG *data,const BF_KEY *key); |
diff --git a/src/lib/libcrypto/bio/b_dump.c b/src/lib/libcrypto/bio/b_dump.c index f671e722fa..c80ecc4295 100644 --- a/src/lib/libcrypto/bio/b_dump.c +++ b/src/lib/libcrypto/bio/b_dump.c | |||
| @@ -62,30 +62,32 @@ | |||
| 62 | 62 | ||
| 63 | #include <stdio.h> | 63 | #include <stdio.h> |
| 64 | #include "cryptlib.h" | 64 | #include "cryptlib.h" |
| 65 | #include <openssl/bio.h> | 65 | #include "bio_lcl.h" |
| 66 | 66 | ||
| 67 | #define TRUNCATE | 67 | #define TRUNCATE |
| 68 | #define DUMP_WIDTH 16 | 68 | #define DUMP_WIDTH 16 |
| 69 | #define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4)) | 69 | #define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4)) |
| 70 | 70 | ||
| 71 | int BIO_dump(BIO *bio, const char *s, int len) | 71 | int BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u), |
| 72 | void *u, const char *s, int len) | ||
| 72 | { | 73 | { |
| 73 | return BIO_dump_indent(bio, s, len, 0); | 74 | return BIO_dump_indent_cb(cb, u, s, len, 0); |
| 74 | } | 75 | } |
| 75 | 76 | ||
| 76 | int BIO_dump_indent(BIO *bio, const char *s, int len, int indent) | 77 | int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u), |
| 78 | void *u, const char *s, int len, int indent) | ||
| 77 | { | 79 | { |
| 78 | int ret=0; | 80 | int ret=0; |
| 79 | char buf[288+1],tmp[20],str[128+1]; | 81 | char buf[288+1],tmp[20],str[128+1]; |
| 80 | int i,j,rows,trunc; | 82 | int i,j,rows,trc; |
| 81 | unsigned char ch; | 83 | unsigned char ch; |
| 82 | int dump_width; | 84 | int dump_width; |
| 83 | 85 | ||
| 84 | trunc=0; | 86 | trc=0; |
| 85 | 87 | ||
| 86 | #ifdef TRUNCATE | 88 | #ifdef TRUNCATE |
| 87 | for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--) | 89 | for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--) |
| 88 | trunc++; | 90 | trc++; |
| 89 | #endif | 91 | #endif |
| 90 | 92 | ||
| 91 | if (indent < 0) | 93 | if (indent < 0) |
| @@ -96,7 +98,7 @@ int BIO_dump_indent(BIO *bio, const char *s, int len, int indent) | |||
| 96 | memset(str,' ',indent); | 98 | memset(str,' ',indent); |
| 97 | } | 99 | } |
| 98 | str[indent]='\0'; | 100 | str[indent]='\0'; |
| 99 | 101 | ||
| 100 | dump_width=DUMP_WIDTH_LESS_INDENT(indent); | 102 | dump_width=DUMP_WIDTH_LESS_INDENT(indent); |
| 101 | rows=(len/dump_width); | 103 | rows=(len/dump_width); |
| 102 | if ((rows*dump_width)<len) | 104 | if ((rows*dump_width)<len) |
| @@ -117,7 +119,7 @@ int BIO_dump_indent(BIO *bio, const char *s, int len, int indent) | |||
| 117 | { | 119 | { |
| 118 | ch=((unsigned char)*(s+i*dump_width+j)) & 0xff; | 120 | ch=((unsigned char)*(s+i*dump_width+j)) & 0xff; |
| 119 | BIO_snprintf(tmp,sizeof tmp,"%02x%c",ch, | 121 | BIO_snprintf(tmp,sizeof tmp,"%02x%c",ch, |
| 120 | j==7?'-':' '); | 122 | j==7?'-':' '); |
| 121 | BUF_strlcat(buf,tmp,sizeof buf); | 123 | BUF_strlcat(buf,tmp,sizeof buf); |
| 122 | } | 124 | } |
| 123 | } | 125 | } |
| @@ -129,28 +131,57 @@ int BIO_dump_indent(BIO *bio, const char *s, int len, int indent) | |||
| 129 | ch=((unsigned char)*(s+i*dump_width+j)) & 0xff; | 131 | ch=((unsigned char)*(s+i*dump_width+j)) & 0xff; |
| 130 | #ifndef CHARSET_EBCDIC | 132 | #ifndef CHARSET_EBCDIC |
| 131 | BIO_snprintf(tmp,sizeof tmp,"%c", | 133 | BIO_snprintf(tmp,sizeof tmp,"%c", |
| 132 | ((ch>=' ')&&(ch<='~'))?ch:'.'); | 134 | ((ch>=' ')&&(ch<='~'))?ch:'.'); |
| 133 | #else | 135 | #else |
| 134 | BIO_snprintf(tmp,sizeof tmp,"%c", | 136 | BIO_snprintf(tmp,sizeof tmp,"%c", |
| 135 | ((ch>=os_toascii[' '])&&(ch<=os_toascii['~'])) | 137 | ((ch>=os_toascii[' '])&&(ch<=os_toascii['~'])) |
| 136 | ? os_toebcdic[ch] | 138 | ? os_toebcdic[ch] |
| 137 | : '.'); | 139 | : '.'); |
| 138 | #endif | 140 | #endif |
| 139 | BUF_strlcat(buf,tmp,sizeof buf); | 141 | BUF_strlcat(buf,tmp,sizeof buf); |
| 140 | } | 142 | } |
| 141 | BUF_strlcat(buf,"\n",sizeof buf); | 143 | BUF_strlcat(buf,"\n",sizeof buf); |
| 142 | /* if this is the last call then update the ddt_dump thing so that | 144 | /* if this is the last call then update the ddt_dump thing so |
| 143 | * we will move the selection point in the debug window | 145 | * that we will move the selection point in the debug window |
| 144 | */ | 146 | */ |
| 145 | ret+=BIO_write(bio,(char *)buf,strlen(buf)); | 147 | ret+=cb((void *)buf,strlen(buf),u); |
| 146 | } | 148 | } |
| 147 | #ifdef TRUNCATE | 149 | #ifdef TRUNCATE |
| 148 | if (trunc > 0) | 150 | if (trc > 0) |
| 149 | { | 151 | { |
| 150 | BIO_snprintf(buf,sizeof buf,"%s%04x - <SPACES/NULS>\n",str, | 152 | BIO_snprintf(buf,sizeof buf,"%s%04x - <SPACES/NULS>\n",str, |
| 151 | len+trunc); | 153 | len+trc); |
| 152 | ret+=BIO_write(bio,(char *)buf,strlen(buf)); | 154 | ret+=cb((void *)buf,strlen(buf),u); |
| 153 | } | 155 | } |
| 154 | #endif | 156 | #endif |
| 155 | return(ret); | 157 | return(ret); |
| 156 | } | 158 | } |
| 159 | |||
| 160 | #ifndef OPENSSL_NO_FP_API | ||
| 161 | static int write_fp(const void *data, size_t len, void *fp) | ||
| 162 | { | ||
| 163 | return UP_fwrite(data, len, 1, fp); | ||
| 164 | } | ||
| 165 | int BIO_dump_fp(FILE *fp, const char *s, int len) | ||
| 166 | { | ||
| 167 | return BIO_dump_cb(write_fp, fp, s, len); | ||
| 168 | } | ||
| 169 | int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent) | ||
| 170 | { | ||
| 171 | return BIO_dump_indent_cb(write_fp, fp, s, len, indent); | ||
| 172 | } | ||
| 173 | #endif | ||
| 174 | |||
| 175 | static int write_bio(const void *data, size_t len, void *bp) | ||
| 176 | { | ||
| 177 | return BIO_write((BIO *)bp, (const char *)data, len); | ||
| 178 | } | ||
| 179 | int BIO_dump(BIO *bp, const char *s, int len) | ||
| 180 | { | ||
| 181 | return BIO_dump_cb(write_bio, bp, s, len); | ||
| 182 | } | ||
| 183 | int BIO_dump_indent(BIO *bp, const char *s, int len, int indent) | ||
| 184 | { | ||
| 185 | return BIO_dump_indent_cb(write_bio, bp, s, len, indent); | ||
| 186 | } | ||
| 187 | |||
diff --git a/src/lib/libcrypto/bio/b_print.c b/src/lib/libcrypto/bio/b_print.c index f2bd91d5a0..2fffcfc025 100644 --- a/src/lib/libcrypto/bio/b_print.c +++ b/src/lib/libcrypto/bio/b_print.c | |||
| @@ -79,7 +79,7 @@ | |||
| 79 | #include <openssl/bn.h> /* To get BN_LLONG properly defined */ | 79 | #include <openssl/bn.h> /* To get BN_LLONG properly defined */ |
| 80 | #include <openssl/bio.h> | 80 | #include <openssl/bio.h> |
| 81 | 81 | ||
| 82 | #ifdef BN_LLONG | 82 | #if defined(BN_LLONG) || defined(SIXTY_FOUR_BIT) |
| 83 | # ifndef HAVE_LONG_LONG | 83 | # ifndef HAVE_LONG_LONG |
| 84 | # define HAVE_LONG_LONG 1 | 84 | # define HAVE_LONG_LONG 1 |
| 85 | # endif | 85 | # endif |
| @@ -117,7 +117,7 @@ | |||
| 117 | 117 | ||
| 118 | #if HAVE_LONG_LONG | 118 | #if HAVE_LONG_LONG |
| 119 | # if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__) | 119 | # if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__) |
| 120 | # define LLONG _int64 | 120 | # define LLONG __int64 |
| 121 | # else | 121 | # else |
| 122 | # define LLONG long long | 122 | # define LLONG long long |
| 123 | # endif | 123 | # endif |
| @@ -482,7 +482,7 @@ fmtint( | |||
| 482 | int flags) | 482 | int flags) |
| 483 | { | 483 | { |
| 484 | int signvalue = 0; | 484 | int signvalue = 0; |
| 485 | char *prefix = ""; | 485 | const char *prefix = ""; |
| 486 | unsigned LLONG uvalue; | 486 | unsigned LLONG uvalue; |
| 487 | char convert[DECIMAL_SIZE(value)+3]; | 487 | char convert[DECIMAL_SIZE(value)+3]; |
| 488 | int place = 0; | 488 | int place = 0; |
| @@ -513,8 +513,8 @@ fmtint( | |||
| 513 | (caps ? "0123456789ABCDEF" : "0123456789abcdef") | 513 | (caps ? "0123456789ABCDEF" : "0123456789abcdef") |
| 514 | [uvalue % (unsigned) base]; | 514 | [uvalue % (unsigned) base]; |
| 515 | uvalue = (uvalue / (unsigned) base); | 515 | uvalue = (uvalue / (unsigned) base); |
| 516 | } while (uvalue && (place < sizeof convert)); | 516 | } while (uvalue && (place < (int)sizeof(convert))); |
| 517 | if (place == sizeof convert) | 517 | if (place == sizeof(convert)) |
| 518 | place--; | 518 | place--; |
| 519 | convert[place] = 0; | 519 | convert[place] = 0; |
| 520 | 520 | ||
| @@ -619,6 +619,7 @@ fmtfp( | |||
| 619 | int caps = 0; | 619 | int caps = 0; |
| 620 | long intpart; | 620 | long intpart; |
| 621 | long fracpart; | 621 | long fracpart; |
| 622 | long max10; | ||
| 622 | 623 | ||
| 623 | if (max < 0) | 624 | if (max < 0) |
| 624 | max = 6; | 625 | max = 6; |
| @@ -639,11 +640,12 @@ fmtfp( | |||
| 639 | 640 | ||
| 640 | /* we "cheat" by converting the fractional part to integer by | 641 | /* we "cheat" by converting the fractional part to integer by |
| 641 | multiplying by a factor of 10 */ | 642 | multiplying by a factor of 10 */ |
| 642 | fracpart = roundv((pow_10(max)) * (ufvalue - intpart)); | 643 | max10 = roundv(pow_10(max)); |
| 644 | fracpart = roundv(pow_10(max) * (ufvalue - intpart)); | ||
| 643 | 645 | ||
| 644 | if (fracpart >= (long)pow_10(max)) { | 646 | if (fracpart >= max10) { |
| 645 | intpart++; | 647 | intpart++; |
| 646 | fracpart -= (long)pow_10(max); | 648 | fracpart -= max10; |
| 647 | } | 649 | } |
| 648 | 650 | ||
| 649 | /* convert integer part */ | 651 | /* convert integer part */ |
| @@ -652,7 +654,7 @@ fmtfp( | |||
| 652 | (caps ? "0123456789ABCDEF" | 654 | (caps ? "0123456789ABCDEF" |
| 653 | : "0123456789abcdef")[intpart % 10]; | 655 | : "0123456789abcdef")[intpart % 10]; |
| 654 | intpart = (intpart / 10); | 656 | intpart = (intpart / 10); |
| 655 | } while (intpart && (iplace < sizeof iconvert)); | 657 | } while (intpart && (iplace < (int)sizeof(iconvert))); |
| 656 | if (iplace == sizeof iconvert) | 658 | if (iplace == sizeof iconvert) |
| 657 | iplace--; | 659 | iplace--; |
| 658 | iconvert[iplace] = 0; | 660 | iconvert[iplace] = 0; |
diff --git a/src/lib/libcrypto/bio/b_sock.c b/src/lib/libcrypto/bio/b_sock.c index c851298d1e..ead477d8a2 100644 --- a/src/lib/libcrypto/bio/b_sock.c +++ b/src/lib/libcrypto/bio/b_sock.c | |||
| @@ -56,14 +56,21 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_SOCK | ||
| 60 | |||
| 61 | #include <stdio.h> | 59 | #include <stdio.h> |
| 62 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 63 | #include <errno.h> | 61 | #include <errno.h> |
| 64 | #define USE_SOCKETS | 62 | #define USE_SOCKETS |
| 65 | #include "cryptlib.h" | 63 | #include "cryptlib.h" |
| 66 | #include <openssl/bio.h> | 64 | #include <openssl/bio.h> |
| 65 | #if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK) | ||
| 66 | #include <netdb.h> | ||
| 67 | #if defined(NETWARE_CLIB) | ||
| 68 | #include <sys/ioctl.h> | ||
| 69 | NETDB_DEFINE_CONTEXT | ||
| 70 | #endif | ||
| 71 | #endif | ||
| 72 | |||
| 73 | #ifndef OPENSSL_NO_SOCK | ||
| 67 | 74 | ||
| 68 | #ifdef OPENSSL_SYS_WIN16 | 75 | #ifdef OPENSSL_SYS_WIN16 |
| 69 | #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ | 76 | #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ |
| @@ -79,7 +86,7 @@ | |||
| 79 | #define MAX_LISTEN 32 | 86 | #define MAX_LISTEN 32 |
| 80 | #endif | 87 | #endif |
| 81 | 88 | ||
| 82 | #ifdef OPENSSL_SYS_WINDOWS | 89 | #if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) |
| 83 | static int wsa_init_done=0; | 90 | static int wsa_init_done=0; |
| 84 | #endif | 91 | #endif |
| 85 | 92 | ||
| @@ -175,11 +182,11 @@ int BIO_get_port(const char *str, unsigned short *port_ptr) | |||
| 175 | /* Note: under VMS with SOCKETSHR, it seems like the first | 182 | /* Note: under VMS with SOCKETSHR, it seems like the first |
| 176 | * parameter is 'char *', instead of 'const char *' | 183 | * parameter is 'char *', instead of 'const char *' |
| 177 | */ | 184 | */ |
| 178 | s=getservbyname( | ||
| 179 | #ifndef CONST_STRICT | 185 | #ifndef CONST_STRICT |
| 180 | (char *) | 186 | s=getservbyname((char *)str,"tcp"); |
| 187 | #else | ||
| 188 | s=getservbyname(str,"tcp"); | ||
| 181 | #endif | 189 | #endif |
| 182 | str,"tcp"); | ||
| 183 | if(s != NULL) | 190 | if(s != NULL) |
| 184 | *port_ptr=ntohs((unsigned short)s->s_port); | 191 | *port_ptr=ntohs((unsigned short)s->s_port); |
| 185 | CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME); | 192 | CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME); |
| @@ -357,7 +364,11 @@ struct hostent *BIO_gethostbyname(const char *name) | |||
| 357 | #if 1 | 364 | #if 1 |
| 358 | /* Caching gethostbyname() results forever is wrong, | 365 | /* Caching gethostbyname() results forever is wrong, |
| 359 | * so we have to let the true gethostbyname() worry about this */ | 366 | * so we have to let the true gethostbyname() worry about this */ |
| 367 | #if (defined(NETWARE_BSDSOCK) && !defined(__NOVELL_LIBC__)) | ||
| 368 | return gethostbyname((char*)name); | ||
| 369 | #else | ||
| 360 | return gethostbyname(name); | 370 | return gethostbyname(name); |
| 371 | #endif | ||
| 361 | #else | 372 | #else |
| 362 | struct hostent *ret; | 373 | struct hostent *ret; |
| 363 | int i,lowi=0,j; | 374 | int i,lowi=0,j; |
| @@ -397,11 +408,11 @@ struct hostent *BIO_gethostbyname(const char *name) | |||
| 397 | /* Note: under VMS with SOCKETSHR, it seems like the first | 408 | /* Note: under VMS with SOCKETSHR, it seems like the first |
| 398 | * parameter is 'char *', instead of 'const char *' | 409 | * parameter is 'char *', instead of 'const char *' |
| 399 | */ | 410 | */ |
| 400 | ret=gethostbyname( | ||
| 401 | # ifndef CONST_STRICT | 411 | # ifndef CONST_STRICT |
| 402 | (char *) | 412 | ret=gethostbyname((char *)name); |
| 413 | # else | ||
| 414 | ret=gethostbyname(name); | ||
| 403 | # endif | 415 | # endif |
| 404 | name); | ||
| 405 | 416 | ||
| 406 | if (ret == NULL) | 417 | if (ret == NULL) |
| 407 | goto end; | 418 | goto end; |
| @@ -453,9 +464,6 @@ int BIO_sock_init(void) | |||
| 453 | { | 464 | { |
| 454 | int err; | 465 | int err; |
| 455 | 466 | ||
| 456 | #ifdef SIGINT | ||
| 457 | signal(SIGINT,(void (*)(int))BIO_sock_cleanup); | ||
| 458 | #endif | ||
| 459 | wsa_init_done=1; | 467 | wsa_init_done=1; |
| 460 | memset(&wsa_state,0,sizeof(wsa_state)); | 468 | memset(&wsa_state,0,sizeof(wsa_state)); |
| 461 | if (WSAStartup(0x0101,&wsa_state)!=0) | 469 | if (WSAStartup(0x0101,&wsa_state)!=0) |
| @@ -473,6 +481,26 @@ int BIO_sock_init(void) | |||
| 473 | if (sock_init()) | 481 | if (sock_init()) |
| 474 | return (-1); | 482 | return (-1); |
| 475 | #endif | 483 | #endif |
| 484 | |||
| 485 | #if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK) | ||
| 486 | WORD wVerReq; | ||
| 487 | WSADATA wsaData; | ||
| 488 | int err; | ||
| 489 | |||
| 490 | if (!wsa_init_done) | ||
| 491 | { | ||
| 492 | wsa_init_done=1; | ||
| 493 | wVerReq = MAKEWORD( 2, 0 ); | ||
| 494 | err = WSAStartup(wVerReq,&wsaData); | ||
| 495 | if (err != 0) | ||
| 496 | { | ||
| 497 | SYSerr(SYS_F_WSASTARTUP,err); | ||
| 498 | BIOerr(BIO_F_BIO_SOCK_INIT,BIO_R_WSASTARTUP); | ||
| 499 | return(-1); | ||
| 500 | } | ||
| 501 | } | ||
| 502 | #endif | ||
| 503 | |||
| 476 | return(1); | 504 | return(1); |
| 477 | } | 505 | } |
| 478 | 506 | ||
| @@ -483,10 +511,16 @@ void BIO_sock_cleanup(void) | |||
| 483 | { | 511 | { |
| 484 | wsa_init_done=0; | 512 | wsa_init_done=0; |
| 485 | #ifndef OPENSSL_SYS_WINCE | 513 | #ifndef OPENSSL_SYS_WINCE |
| 486 | WSACancelBlockingCall(); | 514 | WSACancelBlockingCall(); /* Winsock 1.1 specific */ |
| 487 | #endif | 515 | #endif |
| 488 | WSACleanup(); | 516 | WSACleanup(); |
| 489 | } | 517 | } |
| 518 | #elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK) | ||
| 519 | if (wsa_init_done) | ||
| 520 | { | ||
| 521 | wsa_init_done=0; | ||
| 522 | WSACleanup(); | ||
| 523 | } | ||
| 490 | #endif | 524 | #endif |
| 491 | } | 525 | } |
| 492 | 526 | ||
diff --git a/src/lib/libcrypto/bio/bf_nbio.c b/src/lib/libcrypto/bio/bf_nbio.c index 1ce2bfacc0..c72a23c2e1 100644 --- a/src/lib/libcrypto/bio/bf_nbio.c +++ b/src/lib/libcrypto/bio/bf_nbio.c | |||
| @@ -127,7 +127,7 @@ static int nbiof_read(BIO *b, char *out, int outl) | |||
| 127 | { | 127 | { |
| 128 | NBIO_TEST *nt; | 128 | NBIO_TEST *nt; |
| 129 | int ret=0; | 129 | int ret=0; |
| 130 | #if 0 | 130 | #if 1 |
| 131 | int num; | 131 | int num; |
| 132 | unsigned char n; | 132 | unsigned char n; |
| 133 | #endif | 133 | #endif |
| @@ -137,7 +137,7 @@ static int nbiof_read(BIO *b, char *out, int outl) | |||
| 137 | nt=(NBIO_TEST *)b->ptr; | 137 | nt=(NBIO_TEST *)b->ptr; |
| 138 | 138 | ||
| 139 | BIO_clear_retry_flags(b); | 139 | BIO_clear_retry_flags(b); |
| 140 | #if 0 | 140 | #if 1 |
| 141 | RAND_pseudo_bytes(&n,1); | 141 | RAND_pseudo_bytes(&n,1); |
| 142 | num=(n&0x07); | 142 | num=(n&0x07); |
| 143 | 143 | ||
diff --git a/src/lib/libcrypto/bio/bio.h b/src/lib/libcrypto/bio/bio.h index 2eb703830f..cecb6a7207 100644 --- a/src/lib/libcrypto/bio/bio.h +++ b/src/lib/libcrypto/bio/bio.h | |||
| @@ -59,13 +59,14 @@ | |||
| 59 | #ifndef HEADER_BIO_H | 59 | #ifndef HEADER_BIO_H |
| 60 | #define HEADER_BIO_H | 60 | #define HEADER_BIO_H |
| 61 | 61 | ||
| 62 | #include <openssl/e_os2.h> | ||
| 63 | |||
| 62 | #ifndef OPENSSL_NO_FP_API | 64 | #ifndef OPENSSL_NO_FP_API |
| 63 | # include <stdio.h> | 65 | # include <stdio.h> |
| 64 | #endif | 66 | #endif |
| 65 | #include <stdarg.h> | 67 | #include <stdarg.h> |
| 66 | 68 | ||
| 67 | #include <openssl/crypto.h> | 69 | #include <openssl/crypto.h> |
| 68 | #include <openssl/e_os2.h> | ||
| 69 | 70 | ||
| 70 | #ifdef __cplusplus | 71 | #ifdef __cplusplus |
| 71 | extern "C" { | 72 | extern "C" { |
| @@ -93,6 +94,8 @@ extern "C" { | |||
| 93 | #define BIO_TYPE_BER (18|0x0200) /* BER -> bin filter */ | 94 | #define BIO_TYPE_BER (18|0x0200) /* BER -> bin filter */ |
| 94 | #define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */ | 95 | #define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */ |
| 95 | #define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */ | 96 | #define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */ |
| 97 | #define BIO_TYPE_DGRAM (21|0x0400|0x0100) | ||
| 98 | #define BIO_TYPE_COMP (23|0x0200) /* filter */ | ||
| 96 | 99 | ||
| 97 | #define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */ | 100 | #define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */ |
| 98 | #define BIO_TYPE_FILTER 0x0200 | 101 | #define BIO_TYPE_FILTER 0x0200 |
| @@ -124,6 +127,38 @@ extern "C" { | |||
| 124 | 127 | ||
| 125 | #define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */ | 128 | #define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */ |
| 126 | 129 | ||
| 130 | /* dgram BIO stuff */ | ||
| 131 | #define BIO_CTRL_DGRAM_CONNECT 31 /* BIO dgram special */ | ||
| 132 | #define BIO_CTRL_DGRAM_SET_CONNECTED 32 /* allow for an externally | ||
| 133 | * connected socket to be | ||
| 134 | * passed in */ | ||
| 135 | #define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt, essentially */ | ||
| 136 | #define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt, essentially */ | ||
| 137 | #define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt, essentially */ | ||
| 138 | #define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36 /* getsockopt, essentially */ | ||
| 139 | |||
| 140 | #define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37 /* flag whether the last */ | ||
| 141 | #define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38 /* I/O operation tiemd out */ | ||
| 142 | |||
| 143 | /* #ifdef IP_MTU_DISCOVER */ | ||
| 144 | #define BIO_CTRL_DGRAM_MTU_DISCOVER 39 /* set DF bit on egress packets */ | ||
| 145 | /* #endif */ | ||
| 146 | |||
| 147 | #define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */ | ||
| 148 | #define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */ | ||
| 149 | #define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for | ||
| 150 | * MTU. want to use this | ||
| 151 | * if asking the kernel | ||
| 152 | * fails */ | ||
| 153 | |||
| 154 | #define BIO_CTRL_DGRAM_MTU_EXCEEDED 43 /* check whether the MTU | ||
| 155 | * was exceed in the | ||
| 156 | * previous write | ||
| 157 | * operation */ | ||
| 158 | |||
| 159 | #define BIO_CTRL_DGRAM_SET_PEER 44 /* Destination for the data */ | ||
| 160 | |||
| 161 | |||
| 127 | /* modifiers */ | 162 | /* modifiers */ |
| 128 | #define BIO_FP_READ 0x02 | 163 | #define BIO_FP_READ 0x02 |
| 129 | #define BIO_FP_WRITE 0x04 | 164 | #define BIO_FP_WRITE 0x04 |
| @@ -135,6 +170,11 @@ extern "C" { | |||
| 135 | #define BIO_FLAGS_IO_SPECIAL 0x04 | 170 | #define BIO_FLAGS_IO_SPECIAL 0x04 |
| 136 | #define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL) | 171 | #define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL) |
| 137 | #define BIO_FLAGS_SHOULD_RETRY 0x08 | 172 | #define BIO_FLAGS_SHOULD_RETRY 0x08 |
| 173 | #ifndef BIO_FLAGS_UPLINK | ||
| 174 | /* "UPLINK" flag denotes file descriptors provided by application. | ||
| 175 | It defaults to 0, as most platforms don't require UPLINK interface. */ | ||
| 176 | #define BIO_FLAGS_UPLINK 0 | ||
| 177 | #endif | ||
| 138 | 178 | ||
| 139 | /* Used in BIO_gethostbyname() */ | 179 | /* Used in BIO_gethostbyname() */ |
| 140 | #define BIO_GHBN_CTRL_HITS 1 | 180 | #define BIO_GHBN_CTRL_HITS 1 |
| @@ -157,28 +197,32 @@ extern "C" { | |||
| 157 | */ | 197 | */ |
| 158 | #define BIO_FLAGS_MEM_RDONLY 0x200 | 198 | #define BIO_FLAGS_MEM_RDONLY 0x200 |
| 159 | 199 | ||
| 160 | #define BIO_set_flags(b,f) ((b)->flags|=(f)) | 200 | typedef struct bio_st BIO; |
| 161 | #define BIO_get_flags(b) ((b)->flags) | 201 | |
| 202 | void BIO_set_flags(BIO *b, int flags); | ||
| 203 | int BIO_test_flags(const BIO *b, int flags); | ||
| 204 | void BIO_clear_flags(BIO *b, int flags); | ||
| 205 | |||
| 206 | #define BIO_get_flags(b) BIO_test_flags(b, ~(0x0)) | ||
| 162 | #define BIO_set_retry_special(b) \ | 207 | #define BIO_set_retry_special(b) \ |
| 163 | ((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY)) | 208 | BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY)) |
| 164 | #define BIO_set_retry_read(b) \ | 209 | #define BIO_set_retry_read(b) \ |
| 165 | ((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)) | 210 | BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)) |
| 166 | #define BIO_set_retry_write(b) \ | 211 | #define BIO_set_retry_write(b) \ |
| 167 | ((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY)) | 212 | BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY)) |
| 168 | 213 | ||
| 169 | /* These are normally used internally in BIOs */ | 214 | /* These are normally used internally in BIOs */ |
| 170 | #define BIO_clear_flags(b,f) ((b)->flags&= ~(f)) | ||
| 171 | #define BIO_clear_retry_flags(b) \ | 215 | #define BIO_clear_retry_flags(b) \ |
| 172 | ((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) | 216 | BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) |
| 173 | #define BIO_get_retry_flags(b) \ | 217 | #define BIO_get_retry_flags(b) \ |
| 174 | ((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) | 218 | BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) |
| 175 | 219 | ||
| 176 | /* These should be used by the application to tell why we should retry */ | 220 | /* These should be used by the application to tell why we should retry */ |
| 177 | #define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ) | 221 | #define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ) |
| 178 | #define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE) | 222 | #define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE) |
| 179 | #define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL) | 223 | #define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL) |
| 180 | #define BIO_retry_type(a) ((a)->flags & BIO_FLAGS_RWS) | 224 | #define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS) |
| 181 | #define BIO_should_retry(a) ((a)->flags & BIO_FLAGS_SHOULD_RETRY) | 225 | #define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY) |
| 182 | 226 | ||
| 183 | /* The next three are used in conjunction with the | 227 | /* The next three are used in conjunction with the |
| 184 | * BIO_should_io_special() condition. After this returns true, | 228 | * BIO_should_io_special() condition. After this returns true, |
| @@ -207,14 +251,14 @@ extern "C" { | |||
| 207 | #define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN)) | 251 | #define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN)) |
| 208 | #define BIO_cb_post(a) ((a)&BIO_CB_RETURN) | 252 | #define BIO_cb_post(a) ((a)&BIO_CB_RETURN) |
| 209 | 253 | ||
| 210 | #define BIO_set_callback(b,cb) ((b)->callback=(cb)) | 254 | long (*BIO_get_callback(const BIO *b)) (struct bio_st *,int,const char *,int, long,long); |
| 211 | #define BIO_set_callback_arg(b,arg) ((b)->cb_arg=(char *)(arg)) | 255 | void BIO_set_callback(BIO *b, |
| 212 | #define BIO_get_callback_arg(b) ((b)->cb_arg) | 256 | long (*callback)(struct bio_st *,int,const char *,int, long,long)); |
| 213 | #define BIO_get_callback(b) ((b)->callback) | 257 | char *BIO_get_callback_arg(const BIO *b); |
| 214 | #define BIO_method_name(b) ((b)->method->name) | 258 | void BIO_set_callback_arg(BIO *b, char *arg); |
| 215 | #define BIO_method_type(b) ((b)->method->type) | ||
| 216 | 259 | ||
| 217 | typedef struct bio_st BIO; | 260 | const char * BIO_method_name(const BIO *b); |
| 261 | int BIO_method_type(const BIO *b); | ||
| 218 | 262 | ||
| 219 | typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long); | 263 | typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long); |
| 220 | 264 | ||
| @@ -488,6 +532,18 @@ size_t BIO_ctrl_get_write_guarantee(BIO *b); | |||
| 488 | size_t BIO_ctrl_get_read_request(BIO *b); | 532 | size_t BIO_ctrl_get_read_request(BIO *b); |
| 489 | int BIO_ctrl_reset_read_request(BIO *b); | 533 | int BIO_ctrl_reset_read_request(BIO *b); |
| 490 | 534 | ||
| 535 | /* ctrl macros for dgram */ | ||
| 536 | #define BIO_ctrl_dgram_connect(b,peer) \ | ||
| 537 | (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer) | ||
| 538 | #define BIO_ctrl_set_connected(b, state, peer) \ | ||
| 539 | (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer) | ||
| 540 | #define BIO_dgram_recv_timedout(b) \ | ||
| 541 | (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL) | ||
| 542 | #define BIO_dgram_send_timedout(b) \ | ||
| 543 | (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL) | ||
| 544 | #define BIO_dgram_set_peer(b,peer) \ | ||
| 545 | (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer) | ||
| 546 | |||
| 491 | /* These two aren't currently implemented */ | 547 | /* These two aren't currently implemented */ |
| 492 | /* int BIO_get_ex_num(BIO *bio); */ | 548 | /* int BIO_get_ex_num(BIO *bio); */ |
| 493 | /* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */ | 549 | /* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */ |
| @@ -567,15 +623,28 @@ BIO_METHOD *BIO_f_buffer(void); | |||
| 567 | BIO_METHOD *BIO_f_linebuffer(void); | 623 | BIO_METHOD *BIO_f_linebuffer(void); |
| 568 | #endif | 624 | #endif |
| 569 | BIO_METHOD *BIO_f_nbio_test(void); | 625 | BIO_METHOD *BIO_f_nbio_test(void); |
| 626 | #ifndef OPENSSL_NO_DGRAM | ||
| 627 | BIO_METHOD *BIO_s_datagram(void); | ||
| 628 | #endif | ||
| 629 | |||
| 570 | /* BIO_METHOD *BIO_f_ber(void); */ | 630 | /* BIO_METHOD *BIO_f_ber(void); */ |
| 571 | 631 | ||
| 572 | int BIO_sock_should_retry(int i); | 632 | int BIO_sock_should_retry(int i); |
| 573 | int BIO_sock_non_fatal_error(int error); | 633 | int BIO_sock_non_fatal_error(int error); |
| 634 | int BIO_dgram_non_fatal_error(int error); | ||
| 635 | |||
| 574 | int BIO_fd_should_retry(int i); | 636 | int BIO_fd_should_retry(int i); |
| 575 | int BIO_fd_non_fatal_error(int error); | 637 | int BIO_fd_non_fatal_error(int error); |
| 638 | int BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u), | ||
| 639 | void *u, const char *s, int len); | ||
| 640 | int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u), | ||
| 641 | void *u, const char *s, int len, int indent); | ||
| 576 | int BIO_dump(BIO *b,const char *bytes,int len); | 642 | int BIO_dump(BIO *b,const char *bytes,int len); |
| 577 | int BIO_dump_indent(BIO *b,const char *bytes,int len,int indent); | 643 | int BIO_dump_indent(BIO *b,const char *bytes,int len,int indent); |
| 578 | 644 | #ifndef OPENSSL_NO_FP_API | |
| 645 | int BIO_dump_fp(FILE *fp, const char *s, int len); | ||
| 646 | int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent); | ||
| 647 | #endif | ||
| 579 | struct hostent *BIO_gethostbyname(const char *name); | 648 | struct hostent *BIO_gethostbyname(const char *name); |
| 580 | /* We might want a thread-safe interface too: | 649 | /* We might want a thread-safe interface too: |
| 581 | * struct hostent *BIO_gethostbyname_r(const char *name, | 650 | * struct hostent *BIO_gethostbyname_r(const char *name, |
| @@ -597,6 +666,7 @@ void BIO_sock_cleanup(void); | |||
| 597 | int BIO_set_tcp_ndelay(int sock,int turn_on); | 666 | int BIO_set_tcp_ndelay(int sock,int turn_on); |
| 598 | 667 | ||
| 599 | BIO *BIO_new_socket(int sock, int close_flag); | 668 | BIO *BIO_new_socket(int sock, int close_flag); |
| 669 | BIO *BIO_new_dgram(int fd, int close_flag); | ||
| 600 | BIO *BIO_new_fd(int fd, int close_flag); | 670 | BIO *BIO_new_fd(int fd, int close_flag); |
| 601 | BIO *BIO_new_connect(char *host_port); | 671 | BIO *BIO_new_connect(char *host_port); |
| 602 | BIO *BIO_new_accept(char *host_port); | 672 | BIO *BIO_new_accept(char *host_port); |
| @@ -612,10 +682,20 @@ void BIO_copy_next_retry(BIO *b); | |||
| 612 | 682 | ||
| 613 | /*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/ | 683 | /*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/ |
| 614 | 684 | ||
| 615 | int BIO_printf(BIO *bio, const char *format, ...); | 685 | #ifdef __GNUC__ |
| 616 | int BIO_vprintf(BIO *bio, const char *format, va_list args); | 686 | # define __bio_h__attr__ __attribute__ |
| 617 | int BIO_snprintf(char *buf, size_t n, const char *format, ...); | 687 | #else |
| 618 | int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args); | 688 | # define __bio_h__attr__(x) |
| 689 | #endif | ||
| 690 | int BIO_printf(BIO *bio, const char *format, ...) | ||
| 691 | __bio_h__attr__((__format__(__printf__,2,3))); | ||
| 692 | int BIO_vprintf(BIO *bio, const char *format, va_list args) | ||
| 693 | __bio_h__attr__((__format__(__printf__,2,0))); | ||
| 694 | int BIO_snprintf(char *buf, size_t n, const char *format, ...) | ||
| 695 | __bio_h__attr__((__format__(__printf__,3,4))); | ||
| 696 | int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) | ||
| 697 | __bio_h__attr__((__format__(__printf__,3,0))); | ||
| 698 | #undef __bio_h__attr__ | ||
| 619 | 699 | ||
| 620 | /* BEGIN ERROR CODES */ | 700 | /* BEGIN ERROR CODES */ |
| 621 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 701 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
| @@ -629,6 +709,7 @@ void ERR_load_BIO_strings(void); | |||
| 629 | #define BIO_F_ACPT_STATE 100 | 709 | #define BIO_F_ACPT_STATE 100 |
| 630 | #define BIO_F_BIO_ACCEPT 101 | 710 | #define BIO_F_BIO_ACCEPT 101 |
| 631 | #define BIO_F_BIO_BER_GET_HEADER 102 | 711 | #define BIO_F_BIO_BER_GET_HEADER 102 |
| 712 | #define BIO_F_BIO_CALLBACK_CTRL 131 | ||
| 632 | #define BIO_F_BIO_CTRL 103 | 713 | #define BIO_F_BIO_CTRL 103 |
| 633 | #define BIO_F_BIO_GETHOSTBYNAME 120 | 714 | #define BIO_F_BIO_GETHOSTBYNAME 120 |
| 634 | #define BIO_F_BIO_GETS 104 | 715 | #define BIO_F_BIO_GETS 104 |
diff --git a/src/lib/libcrypto/bio/bio_err.c b/src/lib/libcrypto/bio/bio_err.c index 8859a58ae4..6603f1c74d 100644 --- a/src/lib/libcrypto/bio/bio_err.c +++ b/src/lib/libcrypto/bio/bio_err.c | |||
| @@ -73,6 +73,7 @@ static ERR_STRING_DATA BIO_str_functs[]= | |||
| 73 | {ERR_FUNC(BIO_F_ACPT_STATE), "ACPT_STATE"}, | 73 | {ERR_FUNC(BIO_F_ACPT_STATE), "ACPT_STATE"}, |
| 74 | {ERR_FUNC(BIO_F_BIO_ACCEPT), "BIO_accept"}, | 74 | {ERR_FUNC(BIO_F_BIO_ACCEPT), "BIO_accept"}, |
| 75 | {ERR_FUNC(BIO_F_BIO_BER_GET_HEADER), "BIO_BER_GET_HEADER"}, | 75 | {ERR_FUNC(BIO_F_BIO_BER_GET_HEADER), "BIO_BER_GET_HEADER"}, |
| 76 | {ERR_FUNC(BIO_F_BIO_CALLBACK_CTRL), "BIO_callback_ctrl"}, | ||
| 76 | {ERR_FUNC(BIO_F_BIO_CTRL), "BIO_ctrl"}, | 77 | {ERR_FUNC(BIO_F_BIO_CTRL), "BIO_ctrl"}, |
| 77 | {ERR_FUNC(BIO_F_BIO_GETHOSTBYNAME), "BIO_gethostbyname"}, | 78 | {ERR_FUNC(BIO_F_BIO_GETHOSTBYNAME), "BIO_gethostbyname"}, |
| 78 | {ERR_FUNC(BIO_F_BIO_GETS), "BIO_gets"}, | 79 | {ERR_FUNC(BIO_F_BIO_GETS), "BIO_gets"}, |
| @@ -142,15 +143,12 @@ static ERR_STRING_DATA BIO_str_reasons[]= | |||
| 142 | 143 | ||
| 143 | void ERR_load_BIO_strings(void) | 144 | void ERR_load_BIO_strings(void) |
| 144 | { | 145 | { |
| 145 | static int init=1; | 146 | #ifndef OPENSSL_NO_ERR |
| 146 | 147 | ||
| 147 | if (init) | 148 | if (ERR_func_error_string(BIO_str_functs[0].error) == NULL) |
| 148 | { | 149 | { |
| 149 | init=0; | ||
| 150 | #ifndef OPENSSL_NO_ERR | ||
| 151 | ERR_load_strings(0,BIO_str_functs); | 150 | ERR_load_strings(0,BIO_str_functs); |
| 152 | ERR_load_strings(0,BIO_str_reasons); | 151 | ERR_load_strings(0,BIO_str_reasons); |
| 153 | #endif | ||
| 154 | |||
| 155 | } | 152 | } |
| 153 | #endif | ||
| 156 | } | 154 | } |
diff --git a/src/lib/libcrypto/bio/bio_lib.c b/src/lib/libcrypto/bio/bio_lib.c index 692c8fb5c6..3f52ae953c 100644 --- a/src/lib/libcrypto/bio/bio_lib.c +++ b/src/lib/libcrypto/bio/bio_lib.c | |||
| @@ -141,10 +141,56 @@ int BIO_free(BIO *a) | |||
| 141 | void BIO_vfree(BIO *a) | 141 | void BIO_vfree(BIO *a) |
| 142 | { BIO_free(a); } | 142 | { BIO_free(a); } |
| 143 | 143 | ||
| 144 | void BIO_clear_flags(BIO *b, int flags) | ||
| 145 | { | ||
| 146 | b->flags &= ~flags; | ||
| 147 | } | ||
| 148 | |||
| 149 | int BIO_test_flags(const BIO *b, int flags) | ||
| 150 | { | ||
| 151 | return (b->flags & flags); | ||
| 152 | } | ||
| 153 | |||
| 154 | void BIO_set_flags(BIO *b, int flags) | ||
| 155 | { | ||
| 156 | b->flags |= flags; | ||
| 157 | } | ||
| 158 | |||
| 159 | long (*BIO_get_callback(const BIO *b))(struct bio_st *,int,const char *,int, long,long) | ||
| 160 | { | ||
| 161 | return b->callback; | ||
| 162 | } | ||
| 163 | |||
| 164 | void BIO_set_callback(BIO *b, long (*cb)(struct bio_st *,int,const char *,int, long,long)) | ||
| 165 | { | ||
| 166 | b->callback = cb; | ||
| 167 | } | ||
| 168 | |||
| 169 | void BIO_set_callback_arg(BIO *b, char *arg) | ||
| 170 | { | ||
| 171 | b->cb_arg = arg; | ||
| 172 | } | ||
| 173 | |||
| 174 | char * BIO_get_callback_arg(const BIO *b) | ||
| 175 | { | ||
| 176 | return b->cb_arg; | ||
| 177 | } | ||
| 178 | |||
| 179 | const char * BIO_method_name(const BIO *b) | ||
| 180 | { | ||
| 181 | return b->method->name; | ||
| 182 | } | ||
| 183 | |||
| 184 | int BIO_method_type(const BIO *b) | ||
| 185 | { | ||
| 186 | return b->method->type; | ||
| 187 | } | ||
| 188 | |||
| 189 | |||
| 144 | int BIO_read(BIO *b, void *out, int outl) | 190 | int BIO_read(BIO *b, void *out, int outl) |
| 145 | { | 191 | { |
| 146 | int i; | 192 | int i; |
| 147 | long (*cb)(); | 193 | long (*cb)(BIO *,int,const char *,int,long,long); |
| 148 | 194 | ||
| 149 | if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL)) | 195 | if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL)) |
| 150 | { | 196 | { |
| @@ -176,7 +222,7 @@ int BIO_read(BIO *b, void *out, int outl) | |||
| 176 | int BIO_write(BIO *b, const void *in, int inl) | 222 | int BIO_write(BIO *b, const void *in, int inl) |
| 177 | { | 223 | { |
| 178 | int i; | 224 | int i; |
| 179 | long (*cb)(); | 225 | long (*cb)(BIO *,int,const char *,int,long,long); |
| 180 | 226 | ||
| 181 | if (b == NULL) | 227 | if (b == NULL) |
| 182 | return(0); | 228 | return(0); |
| @@ -211,7 +257,7 @@ int BIO_write(BIO *b, const void *in, int inl) | |||
| 211 | int BIO_puts(BIO *b, const char *in) | 257 | int BIO_puts(BIO *b, const char *in) |
| 212 | { | 258 | { |
| 213 | int i; | 259 | int i; |
| 214 | long (*cb)(); | 260 | long (*cb)(BIO *,int,const char *,int,long,long); |
| 215 | 261 | ||
| 216 | if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL)) | 262 | if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL)) |
| 217 | { | 263 | { |
| @@ -244,7 +290,7 @@ int BIO_puts(BIO *b, const char *in) | |||
| 244 | int BIO_gets(BIO *b, char *in, int inl) | 290 | int BIO_gets(BIO *b, char *in, int inl) |
| 245 | { | 291 | { |
| 246 | int i; | 292 | int i; |
| 247 | long (*cb)(); | 293 | long (*cb)(BIO *,int,const char *,int,long,long); |
| 248 | 294 | ||
| 249 | if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL)) | 295 | if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL)) |
| 250 | { | 296 | { |
| @@ -305,7 +351,7 @@ char *BIO_ptr_ctrl(BIO *b, int cmd, long larg) | |||
| 305 | long BIO_ctrl(BIO *b, int cmd, long larg, void *parg) | 351 | long BIO_ctrl(BIO *b, int cmd, long larg, void *parg) |
| 306 | { | 352 | { |
| 307 | long ret; | 353 | long ret; |
| 308 | long (*cb)(); | 354 | long (*cb)(BIO *,int,const char *,int,long,long); |
| 309 | 355 | ||
| 310 | if (b == NULL) return(0); | 356 | if (b == NULL) return(0); |
| 311 | 357 | ||
| @@ -332,13 +378,13 @@ long BIO_ctrl(BIO *b, int cmd, long larg, void *parg) | |||
| 332 | long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long)) | 378 | long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long)) |
| 333 | { | 379 | { |
| 334 | long ret; | 380 | long ret; |
| 335 | long (*cb)(); | 381 | long (*cb)(BIO *,int,const char *,int,long,long); |
| 336 | 382 | ||
| 337 | if (b == NULL) return(0); | 383 | if (b == NULL) return(0); |
| 338 | 384 | ||
| 339 | if ((b->method == NULL) || (b->method->callback_ctrl == NULL)) | 385 | if ((b->method == NULL) || (b->method->callback_ctrl == NULL)) |
| 340 | { | 386 | { |
| 341 | BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD); | 387 | BIOerr(BIO_F_BIO_CALLBACK_CTRL,BIO_R_UNSUPPORTED_METHOD); |
| 342 | return(-2); | 388 | return(-2); |
| 343 | } | 389 | } |
| 344 | 390 | ||
diff --git a/src/lib/libcrypto/bio/bss_acpt.c b/src/lib/libcrypto/bio/bss_acpt.c index 8ea1db158b..d090b7272f 100644 --- a/src/lib/libcrypto/bio/bss_acpt.c +++ b/src/lib/libcrypto/bio/bss_acpt.c | |||
| @@ -56,14 +56,14 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_SOCK | ||
| 60 | |||
| 61 | #include <stdio.h> | 59 | #include <stdio.h> |
| 62 | #include <errno.h> | 60 | #include <errno.h> |
| 63 | #define USE_SOCKETS | 61 | #define USE_SOCKETS |
| 64 | #include "cryptlib.h" | 62 | #include "cryptlib.h" |
| 65 | #include <openssl/bio.h> | 63 | #include <openssl/bio.h> |
| 66 | 64 | ||
| 65 | #ifndef OPENSSL_NO_SOCK | ||
| 66 | |||
| 67 | #ifdef OPENSSL_SYS_WIN16 | 67 | #ifdef OPENSSL_SYS_WIN16 |
| 68 | #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ | 68 | #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ |
| 69 | #else | 69 | #else |
diff --git a/src/lib/libcrypto/bio/bss_conn.c b/src/lib/libcrypto/bio/bss_conn.c index 216780ed5e..c14727855b 100644 --- a/src/lib/libcrypto/bio/bss_conn.c +++ b/src/lib/libcrypto/bio/bss_conn.c | |||
| @@ -56,14 +56,14 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_SOCK | ||
| 60 | |||
| 61 | #include <stdio.h> | 59 | #include <stdio.h> |
| 62 | #include <errno.h> | 60 | #include <errno.h> |
| 63 | #define USE_SOCKETS | 61 | #define USE_SOCKETS |
| 64 | #include "cryptlib.h" | 62 | #include "cryptlib.h" |
| 65 | #include <openssl/bio.h> | 63 | #include <openssl/bio.h> |
| 66 | 64 | ||
| 65 | #ifndef OPENSSL_NO_SOCK | ||
| 66 | |||
| 67 | #ifdef OPENSSL_SYS_WIN16 | 67 | #ifdef OPENSSL_SYS_WIN16 |
| 68 | #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ | 68 | #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ |
| 69 | #else | 69 | #else |
| @@ -130,7 +130,7 @@ static int conn_state(BIO *b, BIO_CONNECT *c) | |||
| 130 | int ret= -1,i; | 130 | int ret= -1,i; |
| 131 | unsigned long l; | 131 | unsigned long l; |
| 132 | char *p,*q; | 132 | char *p,*q; |
| 133 | int (*cb)()=NULL; | 133 | int (*cb)(const BIO *,int,int)=NULL; |
| 134 | 134 | ||
| 135 | if (c->info_callback != NULL) | 135 | if (c->info_callback != NULL) |
| 136 | cb=c->info_callback; | 136 | cb=c->info_callback; |
| @@ -590,9 +590,9 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 590 | break; | 590 | break; |
| 591 | case BIO_CTRL_GET_CALLBACK: | 591 | case BIO_CTRL_GET_CALLBACK: |
| 592 | { | 592 | { |
| 593 | int (**fptr)(); | 593 | int (**fptr)(const BIO *bio,int state,int xret); |
| 594 | 594 | ||
| 595 | fptr=(int (**)())ptr; | 595 | fptr=(int (**)(const BIO *bio,int state,int xret))ptr; |
| 596 | *fptr=data->info_callback; | 596 | *fptr=data->info_callback; |
| 597 | } | 597 | } |
| 598 | break; | 598 | break; |
diff --git a/src/lib/libcrypto/bio/bss_fd.c b/src/lib/libcrypto/bio/bss_fd.c index 5e3e187de6..4c229bf641 100644 --- a/src/lib/libcrypto/bio/bss_fd.c +++ b/src/lib/libcrypto/bio/bss_fd.c | |||
| @@ -60,7 +60,19 @@ | |||
| 60 | #include <errno.h> | 60 | #include <errno.h> |
| 61 | #define USE_SOCKETS | 61 | #define USE_SOCKETS |
| 62 | #include "cryptlib.h" | 62 | #include "cryptlib.h" |
| 63 | #include <openssl/bio.h> | 63 | /* |
| 64 | * As for unconditional usage of "UPLINK" interface in this module. | ||
| 65 | * Trouble is that unlike Unix file descriptors [which are indexes | ||
| 66 | * in kernel-side per-process table], corresponding descriptors on | ||
| 67 | * platforms which require "UPLINK" interface seem to be indexes | ||
| 68 | * in a user-land, non-global table. Well, in fact they are indexes | ||
| 69 | * in stdio _iob[], and recall that _iob[] was the very reason why | ||
| 70 | * "UPLINK" interface was introduced in first place. But one way on | ||
| 71 | * another. Neither libcrypto or libssl use this BIO meaning that | ||
| 72 | * file descriptors can only be provided by application. Therefore | ||
| 73 | * "UPLINK" calls are due... | ||
| 74 | */ | ||
| 75 | #include "bio_lcl.h" | ||
| 64 | 76 | ||
| 65 | static int fd_write(BIO *h, const char *buf, int num); | 77 | static int fd_write(BIO *h, const char *buf, int num); |
| 66 | static int fd_read(BIO *h, char *buf, int size); | 78 | static int fd_read(BIO *h, char *buf, int size); |
| @@ -100,9 +112,9 @@ BIO *BIO_new_fd(int fd,int close_flag) | |||
| 100 | static int fd_new(BIO *bi) | 112 | static int fd_new(BIO *bi) |
| 101 | { | 113 | { |
| 102 | bi->init=0; | 114 | bi->init=0; |
| 103 | bi->num=0; | 115 | bi->num=-1; |
| 104 | bi->ptr=NULL; | 116 | bi->ptr=NULL; |
| 105 | bi->flags=0; | 117 | bi->flags=BIO_FLAGS_UPLINK; /* essentially redundant */ |
| 106 | return(1); | 118 | return(1); |
| 107 | } | 119 | } |
| 108 | 120 | ||
| @@ -113,10 +125,10 @@ static int fd_free(BIO *a) | |||
| 113 | { | 125 | { |
| 114 | if (a->init) | 126 | if (a->init) |
| 115 | { | 127 | { |
| 116 | close(a->num); | 128 | UP_close(a->num); |
| 117 | } | 129 | } |
| 118 | a->init=0; | 130 | a->init=0; |
| 119 | a->flags=0; | 131 | a->flags=BIO_FLAGS_UPLINK; |
| 120 | } | 132 | } |
| 121 | return(1); | 133 | return(1); |
| 122 | } | 134 | } |
| @@ -128,7 +140,7 @@ static int fd_read(BIO *b, char *out,int outl) | |||
| 128 | if (out != NULL) | 140 | if (out != NULL) |
| 129 | { | 141 | { |
| 130 | clear_sys_error(); | 142 | clear_sys_error(); |
| 131 | ret=read(b->num,out,outl); | 143 | ret=UP_read(b->num,out,outl); |
| 132 | BIO_clear_retry_flags(b); | 144 | BIO_clear_retry_flags(b); |
| 133 | if (ret <= 0) | 145 | if (ret <= 0) |
| 134 | { | 146 | { |
| @@ -143,7 +155,7 @@ static int fd_write(BIO *b, const char *in, int inl) | |||
| 143 | { | 155 | { |
| 144 | int ret; | 156 | int ret; |
| 145 | clear_sys_error(); | 157 | clear_sys_error(); |
| 146 | ret=write(b->num,in,inl); | 158 | ret=UP_write(b->num,in,inl); |
| 147 | BIO_clear_retry_flags(b); | 159 | BIO_clear_retry_flags(b); |
| 148 | if (ret <= 0) | 160 | if (ret <= 0) |
| 149 | { | 161 | { |
| @@ -163,11 +175,11 @@ static long fd_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 163 | case BIO_CTRL_RESET: | 175 | case BIO_CTRL_RESET: |
| 164 | num=0; | 176 | num=0; |
| 165 | case BIO_C_FILE_SEEK: | 177 | case BIO_C_FILE_SEEK: |
| 166 | ret=(long)lseek(b->num,num,0); | 178 | ret=(long)UP_lseek(b->num,num,0); |
| 167 | break; | 179 | break; |
| 168 | case BIO_C_FILE_TELL: | 180 | case BIO_C_FILE_TELL: |
| 169 | case BIO_CTRL_INFO: | 181 | case BIO_CTRL_INFO: |
| 170 | ret=(long)lseek(b->num,0,1); | 182 | ret=(long)UP_lseek(b->num,0,1); |
| 171 | break; | 183 | break; |
| 172 | case BIO_C_SET_FD: | 184 | case BIO_C_SET_FD: |
| 173 | fd_free(b); | 185 | fd_free(b); |
diff --git a/src/lib/libcrypto/bio/bss_file.c b/src/lib/libcrypto/bio/bss_file.c index 58fade9f29..0c8c8115fa 100644 --- a/src/lib/libcrypto/bio/bss_file.c +++ b/src/lib/libcrypto/bio/bss_file.c | |||
| @@ -65,12 +65,34 @@ | |||
| 65 | #ifndef HEADER_BSS_FILE_C | 65 | #ifndef HEADER_BSS_FILE_C |
| 66 | #define HEADER_BSS_FILE_C | 66 | #define HEADER_BSS_FILE_C |
| 67 | 67 | ||
| 68 | #if defined(__linux) || defined(__sun) || defined(__hpux) | ||
| 69 | /* Following definition aliases fopen to fopen64 on above mentioned | ||
| 70 | * platforms. This makes it possible to open and sequentially access | ||
| 71 | * files larger than 2GB from 32-bit application. It does not allow to | ||
| 72 | * traverse them beyond 2GB with fseek/ftell, but on the other hand *no* | ||
| 73 | * 32-bit platform permits that, not with fseek/ftell. Not to mention | ||
| 74 | * that breaking 2GB limit for seeking would require surgery to *our* | ||
| 75 | * API. But sequential access suffices for practical cases when you | ||
| 76 | * can run into large files, such as fingerprinting, so we can let API | ||
| 77 | * alone. For reference, the list of 32-bit platforms which allow for | ||
| 78 | * sequential access of large files without extra "magic" comprise *BSD, | ||
| 79 | * Darwin, IRIX... | ||
| 80 | */ | ||
| 81 | #ifndef _FILE_OFFSET_BITS | ||
| 82 | #define _FILE_OFFSET_BITS 64 | ||
| 83 | #endif | ||
| 84 | #endif | ||
| 85 | |||
| 68 | #include <stdio.h> | 86 | #include <stdio.h> |
| 69 | #include <errno.h> | 87 | #include <errno.h> |
| 70 | #include "cryptlib.h" | 88 | #include "cryptlib.h" |
| 71 | #include <openssl/bio.h> | 89 | #include "bio_lcl.h" |
| 72 | #include <openssl/err.h> | 90 | #include <openssl/err.h> |
| 73 | 91 | ||
| 92 | #if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB) | ||
| 93 | #include <nwfileio.h> | ||
| 94 | #endif | ||
| 95 | |||
| 74 | #if !defined(OPENSSL_NO_STDIO) | 96 | #if !defined(OPENSSL_NO_STDIO) |
| 75 | 97 | ||
| 76 | static int MS_CALLBACK file_write(BIO *h, const char *buf, int num); | 98 | static int MS_CALLBACK file_write(BIO *h, const char *buf, int num); |
| @@ -110,8 +132,12 @@ BIO *BIO_new_file(const char *filename, const char *mode) | |||
| 110 | return(NULL); | 132 | return(NULL); |
| 111 | } | 133 | } |
| 112 | if ((ret=BIO_new(BIO_s_file_internal())) == NULL) | 134 | if ((ret=BIO_new(BIO_s_file_internal())) == NULL) |
| 135 | { | ||
| 136 | fclose(file); | ||
| 113 | return(NULL); | 137 | return(NULL); |
| 138 | } | ||
| 114 | 139 | ||
| 140 | BIO_clear_flags(ret,BIO_FLAGS_UPLINK); /* we did fopen -> we disengage UPLINK */ | ||
| 115 | BIO_set_fp(ret,file,BIO_CLOSE); | 141 | BIO_set_fp(ret,file,BIO_CLOSE); |
| 116 | return(ret); | 142 | return(ret); |
| 117 | } | 143 | } |
| @@ -123,6 +149,7 @@ BIO *BIO_new_fp(FILE *stream, int close_flag) | |||
| 123 | if ((ret=BIO_new(BIO_s_file())) == NULL) | 149 | if ((ret=BIO_new(BIO_s_file())) == NULL) |
| 124 | return(NULL); | 150 | return(NULL); |
| 125 | 151 | ||
| 152 | BIO_set_flags(ret,BIO_FLAGS_UPLINK); /* redundant, left for documentation puposes */ | ||
| 126 | BIO_set_fp(ret,stream,close_flag); | 153 | BIO_set_fp(ret,stream,close_flag); |
| 127 | return(ret); | 154 | return(ret); |
| 128 | } | 155 | } |
| @@ -137,6 +164,7 @@ static int MS_CALLBACK file_new(BIO *bi) | |||
| 137 | bi->init=0; | 164 | bi->init=0; |
| 138 | bi->num=0; | 165 | bi->num=0; |
| 139 | bi->ptr=NULL; | 166 | bi->ptr=NULL; |
| 167 | bi->flags=BIO_FLAGS_UPLINK; /* default to UPLINK */ | ||
| 140 | return(1); | 168 | return(1); |
| 141 | } | 169 | } |
| 142 | 170 | ||
| @@ -147,8 +175,12 @@ static int MS_CALLBACK file_free(BIO *a) | |||
| 147 | { | 175 | { |
| 148 | if ((a->init) && (a->ptr != NULL)) | 176 | if ((a->init) && (a->ptr != NULL)) |
| 149 | { | 177 | { |
| 150 | fclose((FILE *)a->ptr); | 178 | if (a->flags&BIO_FLAGS_UPLINK) |
| 179 | UP_fclose (a->ptr); | ||
| 180 | else | ||
| 181 | fclose (a->ptr); | ||
| 151 | a->ptr=NULL; | 182 | a->ptr=NULL; |
| 183 | a->flags=BIO_FLAGS_UPLINK; | ||
| 152 | } | 184 | } |
| 153 | a->init=0; | 185 | a->init=0; |
| 154 | } | 186 | } |
| @@ -161,8 +193,11 @@ static int MS_CALLBACK file_read(BIO *b, char *out, int outl) | |||
| 161 | 193 | ||
| 162 | if (b->init && (out != NULL)) | 194 | if (b->init && (out != NULL)) |
| 163 | { | 195 | { |
| 164 | ret=fread(out,1,(int)outl,(FILE *)b->ptr); | 196 | if (b->flags&BIO_FLAGS_UPLINK) |
| 165 | if(ret == 0 && ferror((FILE *)b->ptr)) | 197 | ret=UP_fread(out,1,(int)outl,b->ptr); |
| 198 | else | ||
| 199 | ret=fread(out,1,(int)outl,(FILE *)b->ptr); | ||
| 200 | if(ret == 0 && (b->flags&BIO_FLAGS_UPLINK)?UP_ferror((FILE *)b->ptr):ferror((FILE *)b->ptr)) | ||
| 166 | { | 201 | { |
| 167 | SYSerr(SYS_F_FREAD,get_last_sys_error()); | 202 | SYSerr(SYS_F_FREAD,get_last_sys_error()); |
| 168 | BIOerr(BIO_F_FILE_READ,ERR_R_SYS_LIB); | 203 | BIOerr(BIO_F_FILE_READ,ERR_R_SYS_LIB); |
| @@ -178,7 +213,11 @@ static int MS_CALLBACK file_write(BIO *b, const char *in, int inl) | |||
| 178 | 213 | ||
| 179 | if (b->init && (in != NULL)) | 214 | if (b->init && (in != NULL)) |
| 180 | { | 215 | { |
| 181 | if (fwrite(in,(int)inl,1,(FILE *)b->ptr)) | 216 | if (b->flags&BIO_FLAGS_UPLINK) |
| 217 | ret=UP_fwrite(in,(int)inl,1,b->ptr); | ||
| 218 | else | ||
| 219 | ret=fwrite(in,(int)inl,1,(FILE *)b->ptr); | ||
| 220 | if (ret) | ||
| 182 | ret=inl; | 221 | ret=inl; |
| 183 | /* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */ | 222 | /* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */ |
| 184 | /* according to Tim Hudson <tjh@cryptsoft.com>, the commented | 223 | /* according to Tim Hudson <tjh@cryptsoft.com>, the commented |
| @@ -199,20 +238,45 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 199 | { | 238 | { |
| 200 | case BIO_C_FILE_SEEK: | 239 | case BIO_C_FILE_SEEK: |
| 201 | case BIO_CTRL_RESET: | 240 | case BIO_CTRL_RESET: |
| 202 | ret=(long)fseek(fp,num,SEEK_SET); | 241 | if (b->flags&BIO_FLAGS_UPLINK) |
| 242 | ret=(long)UP_fseek(b->ptr,num,0); | ||
| 243 | else | ||
| 244 | ret=(long)fseek(fp,num,SEEK_SET); | ||
| 203 | break; | 245 | break; |
| 204 | case BIO_CTRL_EOF: | 246 | case BIO_CTRL_EOF: |
| 205 | ret=(long)feof(fp); | 247 | if (b->flags&BIO_FLAGS_UPLINK) |
| 248 | ret=(long)UP_feof(fp); | ||
| 249 | else | ||
| 250 | ret=(long)feof(fp); | ||
| 206 | break; | 251 | break; |
| 207 | case BIO_C_FILE_TELL: | 252 | case BIO_C_FILE_TELL: |
| 208 | case BIO_CTRL_INFO: | 253 | case BIO_CTRL_INFO: |
| 209 | ret=ftell(fp); | 254 | if (b->flags&BIO_FLAGS_UPLINK) |
| 255 | ret=UP_ftell(b->ptr); | ||
| 256 | else | ||
| 257 | ret=ftell(fp); | ||
| 210 | break; | 258 | break; |
| 211 | case BIO_C_SET_FILE_PTR: | 259 | case BIO_C_SET_FILE_PTR: |
| 212 | file_free(b); | 260 | file_free(b); |
| 213 | b->shutdown=(int)num&BIO_CLOSE; | 261 | b->shutdown=(int)num&BIO_CLOSE; |
| 214 | b->ptr=(char *)ptr; | 262 | b->ptr=ptr; |
| 215 | b->init=1; | 263 | b->init=1; |
| 264 | #if BIO_FLAGS_UPLINK!=0 | ||
| 265 | #if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES) | ||
| 266 | #define _IOB_ENTRIES 20 | ||
| 267 | #endif | ||
| 268 | #if defined(_IOB_ENTRIES) | ||
| 269 | /* Safety net to catch purely internal BIO_set_fp calls */ | ||
| 270 | if ((size_t)ptr >= (size_t)stdin && | ||
| 271 | (size_t)ptr < (size_t)(stdin+_IOB_ENTRIES)) | ||
| 272 | BIO_clear_flags(b,BIO_FLAGS_UPLINK); | ||
| 273 | #endif | ||
| 274 | #endif | ||
| 275 | #ifdef UP_fsetmode | ||
| 276 | if (b->flags&BIO_FLAGS_UPLINK) | ||
| 277 | UP_fsetmode(b->ptr,num&BIO_FP_TEXT?'t':'b'); | ||
| 278 | else | ||
| 279 | #endif | ||
| 216 | { | 280 | { |
| 217 | #if defined(OPENSSL_SYS_WINDOWS) | 281 | #if defined(OPENSSL_SYS_WINDOWS) |
| 218 | int fd = fileno((FILE*)ptr); | 282 | int fd = fileno((FILE*)ptr); |
| @@ -220,6 +284,14 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 220 | _setmode(fd,_O_TEXT); | 284 | _setmode(fd,_O_TEXT); |
| 221 | else | 285 | else |
| 222 | _setmode(fd,_O_BINARY); | 286 | _setmode(fd,_O_BINARY); |
| 287 | #elif defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB) | ||
| 288 | int fd = fileno((FILE*)ptr); | ||
| 289 | /* Under CLib there are differences in file modes | ||
| 290 | */ | ||
| 291 | if (num & BIO_FP_TEXT) | ||
| 292 | setmode(fd,O_TEXT); | ||
| 293 | else | ||
| 294 | setmode(fd,O_BINARY); | ||
| 223 | #elif defined(OPENSSL_SYS_MSDOS) | 295 | #elif defined(OPENSSL_SYS_MSDOS) |
| 224 | int fd = fileno((FILE*)ptr); | 296 | int fd = fileno((FILE*)ptr); |
| 225 | /* Set correct text/binary mode */ | 297 | /* Set correct text/binary mode */ |
| @@ -272,6 +344,12 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 272 | else | 344 | else |
| 273 | strcat(p,"t"); | 345 | strcat(p,"t"); |
| 274 | #endif | 346 | #endif |
| 347 | #if defined(OPENSSL_SYS_NETWARE) | ||
| 348 | if (!(num & BIO_FP_TEXT)) | ||
| 349 | strcat(p,"b"); | ||
| 350 | else | ||
| 351 | strcat(p,"t"); | ||
| 352 | #endif | ||
| 275 | fp=fopen(ptr,p); | 353 | fp=fopen(ptr,p); |
| 276 | if (fp == NULL) | 354 | if (fp == NULL) |
| 277 | { | 355 | { |
| @@ -281,8 +359,9 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 281 | ret=0; | 359 | ret=0; |
| 282 | break; | 360 | break; |
| 283 | } | 361 | } |
| 284 | b->ptr=(char *)fp; | 362 | b->ptr=fp; |
| 285 | b->init=1; | 363 | b->init=1; |
| 364 | BIO_clear_flags(b,BIO_FLAGS_UPLINK); /* we did fopen -> we disengage UPLINK */ | ||
| 286 | break; | 365 | break; |
| 287 | case BIO_C_GET_FILE_PTR: | 366 | case BIO_C_GET_FILE_PTR: |
| 288 | /* the ptr parameter is actually a FILE ** in this case. */ | 367 | /* the ptr parameter is actually a FILE ** in this case. */ |
| @@ -299,7 +378,10 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 299 | b->shutdown=(int)num; | 378 | b->shutdown=(int)num; |
| 300 | break; | 379 | break; |
| 301 | case BIO_CTRL_FLUSH: | 380 | case BIO_CTRL_FLUSH: |
| 302 | fflush((FILE *)b->ptr); | 381 | if (b->flags&BIO_FLAGS_UPLINK) |
| 382 | UP_fflush(b->ptr); | ||
| 383 | else | ||
| 384 | fflush((FILE *)b->ptr); | ||
| 303 | break; | 385 | break; |
| 304 | case BIO_CTRL_DUP: | 386 | case BIO_CTRL_DUP: |
| 305 | ret=1; | 387 | ret=1; |
| @@ -321,7 +403,10 @@ static int MS_CALLBACK file_gets(BIO *bp, char *buf, int size) | |||
| 321 | int ret=0; | 403 | int ret=0; |
| 322 | 404 | ||
| 323 | buf[0]='\0'; | 405 | buf[0]='\0'; |
| 324 | fgets(buf,size,(FILE *)bp->ptr); | 406 | if (bp->flags&BIO_FLAGS_UPLINK) |
| 407 | UP_fgets(buf,size,bp->ptr); | ||
| 408 | else | ||
| 409 | fgets(buf,size,(FILE *)bp->ptr); | ||
| 325 | if (buf[0] != '\0') | 410 | if (buf[0] != '\0') |
| 326 | ret=strlen(buf); | 411 | ret=strlen(buf); |
| 327 | return(ret); | 412 | return(ret); |
diff --git a/src/lib/libcrypto/bio/bss_log.c b/src/lib/libcrypto/bio/bss_log.c index 1eb678cac0..6360dbc820 100644 --- a/src/lib/libcrypto/bio/bss_log.c +++ b/src/lib/libcrypto/bio/bss_log.c | |||
| @@ -78,6 +78,8 @@ | |||
| 78 | # include <starlet.h> | 78 | # include <starlet.h> |
| 79 | #elif defined(__ultrix) | 79 | #elif defined(__ultrix) |
| 80 | # include <sys/syslog.h> | 80 | # include <sys/syslog.h> |
| 81 | #elif defined(OPENSSL_SYS_NETWARE) | ||
| 82 | # define NO_SYSLOG | ||
| 81 | #elif (!defined(MSDOS) || defined(WATT32)) && !defined(OPENSSL_SYS_VXWORKS) && !defined(NO_SYSLOG) | 83 | #elif (!defined(MSDOS) || defined(WATT32)) && !defined(OPENSSL_SYS_VXWORKS) && !defined(NO_SYSLOG) |
| 82 | # include <syslog.h> | 84 | # include <syslog.h> |
| 83 | #endif | 85 | #endif |
diff --git a/src/lib/libcrypto/bio/bss_sock.c b/src/lib/libcrypto/bio/bss_sock.c index 2c1c405ec7..472dd75821 100644 --- a/src/lib/libcrypto/bio/bss_sock.c +++ b/src/lib/libcrypto/bio/bss_sock.c | |||
| @@ -56,8 +56,6 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_SOCK | ||
| 60 | |||
| 61 | #include <stdio.h> | 59 | #include <stdio.h> |
| 62 | #include <errno.h> | 60 | #include <errno.h> |
| 63 | #define USE_SOCKETS | 61 | #define USE_SOCKETS |
| @@ -248,7 +246,7 @@ int BIO_sock_non_fatal_error(int err) | |||
| 248 | { | 246 | { |
| 249 | switch (err) | 247 | switch (err) |
| 250 | { | 248 | { |
| 251 | #if defined(OPENSSL_SYS_WINDOWS) | 249 | #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_NETWARE) |
| 252 | # if defined(WSAEWOULDBLOCK) | 250 | # if defined(WSAEWOULDBLOCK) |
| 253 | case WSAEWOULDBLOCK: | 251 | case WSAEWOULDBLOCK: |
| 254 | # endif | 252 | # endif |
| @@ -279,7 +277,7 @@ int BIO_sock_non_fatal_error(int err) | |||
| 279 | #endif | 277 | #endif |
| 280 | 278 | ||
| 281 | #ifdef EAGAIN | 279 | #ifdef EAGAIN |
| 282 | #if EWOULDBLOCK != EAGAIN | 280 | # if EWOULDBLOCK != EAGAIN |
| 283 | case EAGAIN: | 281 | case EAGAIN: |
| 284 | # endif | 282 | # endif |
| 285 | #endif | 283 | #endif |
| @@ -302,4 +300,3 @@ int BIO_sock_non_fatal_error(int err) | |||
| 302 | } | 300 | } |
| 303 | return(0); | 301 | return(0); |
| 304 | } | 302 | } |
| 305 | #endif | ||
diff --git a/src/lib/libcrypto/bn/asm/bn-586.pl b/src/lib/libcrypto/bn/asm/bn-586.pl index c4de4a2bee..26c2685a72 100644 --- a/src/lib/libcrypto/bn/asm/bn-586.pl +++ b/src/lib/libcrypto/bn/asm/bn-586.pl | |||
| @@ -5,13 +5,18 @@ require "x86asm.pl"; | |||
| 5 | 5 | ||
| 6 | &asm_init($ARGV[0],$0); | 6 | &asm_init($ARGV[0],$0); |
| 7 | 7 | ||
| 8 | $sse2=0; | ||
| 9 | for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } | ||
| 10 | |||
| 11 | &external_label("OPENSSL_ia32cap_P") if ($sse2); | ||
| 12 | |||
| 8 | &bn_mul_add_words("bn_mul_add_words"); | 13 | &bn_mul_add_words("bn_mul_add_words"); |
| 9 | &bn_mul_words("bn_mul_words"); | 14 | &bn_mul_words("bn_mul_words"); |
| 10 | &bn_sqr_words("bn_sqr_words"); | 15 | &bn_sqr_words("bn_sqr_words"); |
| 11 | &bn_div_words("bn_div_words"); | 16 | &bn_div_words("bn_div_words"); |
| 12 | &bn_add_words("bn_add_words"); | 17 | &bn_add_words("bn_add_words"); |
| 13 | &bn_sub_words("bn_sub_words"); | 18 | &bn_sub_words("bn_sub_words"); |
| 14 | #&bn_sub_part_words("bn_sub_part_words"); | 19 | &bn_sub_part_words("bn_sub_part_words"); |
| 15 | 20 | ||
| 16 | &asm_finish(); | 21 | &asm_finish(); |
| 17 | 22 | ||
| @@ -19,7 +24,7 @@ sub bn_mul_add_words | |||
| 19 | { | 24 | { |
| 20 | local($name)=@_; | 25 | local($name)=@_; |
| 21 | 26 | ||
| 22 | &function_begin($name,""); | 27 | &function_begin($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":""); |
| 23 | 28 | ||
| 24 | &comment(""); | 29 | &comment(""); |
| 25 | $Low="eax"; | 30 | $Low="eax"; |
| @@ -42,6 +47,83 @@ sub bn_mul_add_words | |||
| 42 | 47 | ||
| 43 | &jz(&label("maw_finish")); | 48 | &jz(&label("maw_finish")); |
| 44 | 49 | ||
| 50 | if ($sse2) { | ||
| 51 | &picmeup("eax","OPENSSL_ia32cap_P"); | ||
| 52 | &bt(&DWP(0,"eax"),26); | ||
| 53 | &jnc(&label("maw_loop")); | ||
| 54 | |||
| 55 | &movd("mm0",$w); # mm0 = w | ||
| 56 | &pxor("mm1","mm1"); # mm1 = carry_in | ||
| 57 | |||
| 58 | &set_label("maw_sse2_loop",0); | ||
| 59 | &movd("mm3",&DWP(0,$r,"",0)); # mm3 = r[0] | ||
| 60 | &paddq("mm1","mm3"); # mm1 = carry_in + r[0] | ||
| 61 | &movd("mm2",&DWP(0,$a,"",0)); # mm2 = a[0] | ||
| 62 | &pmuludq("mm2","mm0"); # mm2 = w*a[0] | ||
| 63 | &movd("mm4",&DWP(4,$a,"",0)); # mm4 = a[1] | ||
| 64 | &pmuludq("mm4","mm0"); # mm4 = w*a[1] | ||
| 65 | &movd("mm6",&DWP(8,$a,"",0)); # mm6 = a[2] | ||
| 66 | &pmuludq("mm6","mm0"); # mm6 = w*a[2] | ||
| 67 | &movd("mm7",&DWP(12,$a,"",0)); # mm7 = a[3] | ||
| 68 | &pmuludq("mm7","mm0"); # mm7 = w*a[3] | ||
| 69 | &paddq("mm1","mm2"); # mm1 = carry_in + r[0] + w*a[0] | ||
| 70 | &movd("mm3",&DWP(4,$r,"",0)); # mm3 = r[1] | ||
| 71 | &paddq("mm3","mm4"); # mm3 = r[1] + w*a[1] | ||
| 72 | &movd("mm5",&DWP(8,$r,"",0)); # mm5 = r[2] | ||
| 73 | &paddq("mm5","mm6"); # mm5 = r[2] + w*a[2] | ||
| 74 | &movd("mm4",&DWP(12,$r,"",0)); # mm4 = r[3] | ||
| 75 | &paddq("mm7","mm4"); # mm7 = r[3] + w*a[3] | ||
| 76 | &movd(&DWP(0,$r,"",0),"mm1"); | ||
| 77 | &movd("mm2",&DWP(16,$a,"",0)); # mm2 = a[4] | ||
| 78 | &pmuludq("mm2","mm0"); # mm2 = w*a[4] | ||
| 79 | &psrlq("mm1",32); # mm1 = carry0 | ||
| 80 | &movd("mm4",&DWP(20,$a,"",0)); # mm4 = a[5] | ||
| 81 | &pmuludq("mm4","mm0"); # mm4 = w*a[5] | ||
| 82 | &paddq("mm1","mm3"); # mm1 = carry0 + r[1] + w*a[1] | ||
| 83 | &movd("mm6",&DWP(24,$a,"",0)); # mm6 = a[6] | ||
| 84 | &pmuludq("mm6","mm0"); # mm6 = w*a[6] | ||
| 85 | &movd(&DWP(4,$r,"",0),"mm1"); | ||
| 86 | &psrlq("mm1",32); # mm1 = carry1 | ||
| 87 | &movd("mm3",&DWP(28,$a,"",0)); # mm3 = a[7] | ||
| 88 | &add($a,32); | ||
| 89 | &pmuludq("mm3","mm0"); # mm3 = w*a[7] | ||
| 90 | &paddq("mm1","mm5"); # mm1 = carry1 + r[2] + w*a[2] | ||
| 91 | &movd("mm5",&DWP(16,$r,"",0)); # mm5 = r[4] | ||
| 92 | &paddq("mm2","mm5"); # mm2 = r[4] + w*a[4] | ||
| 93 | &movd(&DWP(8,$r,"",0),"mm1"); | ||
| 94 | &psrlq("mm1",32); # mm1 = carry2 | ||
| 95 | &paddq("mm1","mm7"); # mm1 = carry2 + r[3] + w*a[3] | ||
| 96 | &movd("mm5",&DWP(20,$r,"",0)); # mm5 = r[5] | ||
| 97 | &paddq("mm4","mm5"); # mm4 = r[5] + w*a[5] | ||
| 98 | &movd(&DWP(12,$r,"",0),"mm1"); | ||
| 99 | &psrlq("mm1",32); # mm1 = carry3 | ||
| 100 | &paddq("mm1","mm2"); # mm1 = carry3 + r[4] + w*a[4] | ||
| 101 | &movd("mm5",&DWP(24,$r,"",0)); # mm5 = r[6] | ||
| 102 | &paddq("mm6","mm5"); # mm6 = r[6] + w*a[6] | ||
| 103 | &movd(&DWP(16,$r,"",0),"mm1"); | ||
| 104 | &psrlq("mm1",32); # mm1 = carry4 | ||
| 105 | &paddq("mm1","mm4"); # mm1 = carry4 + r[5] + w*a[5] | ||
| 106 | &movd("mm5",&DWP(28,$r,"",0)); # mm5 = r[7] | ||
| 107 | &paddq("mm3","mm5"); # mm3 = r[7] + w*a[7] | ||
| 108 | &movd(&DWP(20,$r,"",0),"mm1"); | ||
| 109 | &psrlq("mm1",32); # mm1 = carry5 | ||
| 110 | &paddq("mm1","mm6"); # mm1 = carry5 + r[6] + w*a[6] | ||
| 111 | &movd(&DWP(24,$r,"",0),"mm1"); | ||
| 112 | &psrlq("mm1",32); # mm1 = carry6 | ||
| 113 | &paddq("mm1","mm3"); # mm1 = carry6 + r[7] + w*a[7] | ||
| 114 | &movd(&DWP(28,$r,"",0),"mm1"); | ||
| 115 | &add($r,32); | ||
| 116 | &psrlq("mm1",32); # mm1 = carry_out | ||
| 117 | |||
| 118 | &sub("ecx",8); | ||
| 119 | &jnz(&label("maw_sse2_loop")); | ||
| 120 | |||
| 121 | &movd($c,"mm1"); # c = carry_out | ||
| 122 | &emms(); | ||
| 123 | |||
| 124 | &jmp(&label("maw_finish")); | ||
| 125 | } | ||
| 126 | |||
| 45 | &set_label("maw_loop",0); | 127 | &set_label("maw_loop",0); |
| 46 | 128 | ||
| 47 | &mov(&swtmp(0),"ecx"); # | 129 | &mov(&swtmp(0),"ecx"); # |
diff --git a/src/lib/libcrypto/bn/asm/ia64.S b/src/lib/libcrypto/bn/asm/ia64.S index 7b82b820e6..951abc53ea 100644 --- a/src/lib/libcrypto/bn/asm/ia64.S +++ b/src/lib/libcrypto/bn/asm/ia64.S | |||
| @@ -171,21 +171,21 @@ | |||
| 171 | .skip 32 // makes the loop body aligned at 64-byte boundary | 171 | .skip 32 // makes the loop body aligned at 64-byte boundary |
| 172 | bn_add_words: | 172 | bn_add_words: |
| 173 | .prologue | 173 | .prologue |
| 174 | .fframe 0 | ||
| 175 | .save ar.pfs,r2 | 174 | .save ar.pfs,r2 |
| 176 | { .mii; alloc r2=ar.pfs,4,12,0,16 | 175 | { .mii; alloc r2=ar.pfs,4,12,0,16 |
| 177 | cmp4.le p6,p0=r35,r0 };; | 176 | cmp4.le p6,p0=r35,r0 };; |
| 178 | { .mfb; mov r8=r0 // return value | 177 | { .mfb; mov r8=r0 // return value |
| 179 | (p6) br.ret.spnt.many b0 };; | 178 | (p6) br.ret.spnt.many b0 };; |
| 180 | 179 | ||
| 181 | .save ar.lc,r3 | ||
| 182 | { .mib; sub r10=r35,r0,1 | 180 | { .mib; sub r10=r35,r0,1 |
| 181 | .save ar.lc,r3 | ||
| 183 | mov r3=ar.lc | 182 | mov r3=ar.lc |
| 184 | brp.loop.imp .L_bn_add_words_ctop,.L_bn_add_words_cend-16 | 183 | brp.loop.imp .L_bn_add_words_ctop,.L_bn_add_words_cend-16 |
| 185 | } | 184 | } |
| 186 | .body | ||
| 187 | { .mib; ADDP r14=0,r32 // rp | 185 | { .mib; ADDP r14=0,r32 // rp |
| 186 | .save pr,r9 | ||
| 188 | mov r9=pr };; | 187 | mov r9=pr };; |
| 188 | .body | ||
| 189 | { .mii; ADDP r15=0,r33 // ap | 189 | { .mii; ADDP r15=0,r33 // ap |
| 190 | mov ar.lc=r10 | 190 | mov ar.lc=r10 |
| 191 | mov ar.ec=6 } | 191 | mov ar.ec=6 } |
| @@ -224,21 +224,21 @@ bn_add_words: | |||
| 224 | .skip 32 // makes the loop body aligned at 64-byte boundary | 224 | .skip 32 // makes the loop body aligned at 64-byte boundary |
| 225 | bn_sub_words: | 225 | bn_sub_words: |
| 226 | .prologue | 226 | .prologue |
| 227 | .fframe 0 | ||
| 228 | .save ar.pfs,r2 | 227 | .save ar.pfs,r2 |
| 229 | { .mii; alloc r2=ar.pfs,4,12,0,16 | 228 | { .mii; alloc r2=ar.pfs,4,12,0,16 |
| 230 | cmp4.le p6,p0=r35,r0 };; | 229 | cmp4.le p6,p0=r35,r0 };; |
| 231 | { .mfb; mov r8=r0 // return value | 230 | { .mfb; mov r8=r0 // return value |
| 232 | (p6) br.ret.spnt.many b0 };; | 231 | (p6) br.ret.spnt.many b0 };; |
| 233 | 232 | ||
| 234 | .save ar.lc,r3 | ||
| 235 | { .mib; sub r10=r35,r0,1 | 233 | { .mib; sub r10=r35,r0,1 |
| 234 | .save ar.lc,r3 | ||
| 236 | mov r3=ar.lc | 235 | mov r3=ar.lc |
| 237 | brp.loop.imp .L_bn_sub_words_ctop,.L_bn_sub_words_cend-16 | 236 | brp.loop.imp .L_bn_sub_words_ctop,.L_bn_sub_words_cend-16 |
| 238 | } | 237 | } |
| 239 | .body | ||
| 240 | { .mib; ADDP r14=0,r32 // rp | 238 | { .mib; ADDP r14=0,r32 // rp |
| 239 | .save pr,r9 | ||
| 241 | mov r9=pr };; | 240 | mov r9=pr };; |
| 241 | .body | ||
| 242 | { .mii; ADDP r15=0,r33 // ap | 242 | { .mii; ADDP r15=0,r33 // ap |
| 243 | mov ar.lc=r10 | 243 | mov ar.lc=r10 |
| 244 | mov ar.ec=6 } | 244 | mov ar.ec=6 } |
| @@ -283,7 +283,6 @@ bn_sub_words: | |||
| 283 | .skip 32 // makes the loop body aligned at 64-byte boundary | 283 | .skip 32 // makes the loop body aligned at 64-byte boundary |
| 284 | bn_mul_words: | 284 | bn_mul_words: |
| 285 | .prologue | 285 | .prologue |
| 286 | .fframe 0 | ||
| 287 | .save ar.pfs,r2 | 286 | .save ar.pfs,r2 |
| 288 | #ifdef XMA_TEMPTATION | 287 | #ifdef XMA_TEMPTATION |
| 289 | { .mfi; alloc r2=ar.pfs,4,0,0,0 };; | 288 | { .mfi; alloc r2=ar.pfs,4,0,0,0 };; |
| @@ -294,9 +293,10 @@ bn_mul_words: | |||
| 294 | cmp4.le p6,p0=r34,r0 | 293 | cmp4.le p6,p0=r34,r0 |
| 295 | (p6) br.ret.spnt.many b0 };; | 294 | (p6) br.ret.spnt.many b0 };; |
| 296 | 295 | ||
| 297 | .save ar.lc,r3 | ||
| 298 | { .mii; sub r10=r34,r0,1 | 296 | { .mii; sub r10=r34,r0,1 |
| 297 | .save ar.lc,r3 | ||
| 299 | mov r3=ar.lc | 298 | mov r3=ar.lc |
| 299 | .save pr,r9 | ||
| 300 | mov r9=pr };; | 300 | mov r9=pr };; |
| 301 | 301 | ||
| 302 | .body | 302 | .body |
| @@ -397,22 +397,21 @@ bn_mul_words: | |||
| 397 | .skip 48 // makes the loop body aligned at 64-byte boundary | 397 | .skip 48 // makes the loop body aligned at 64-byte boundary |
| 398 | bn_mul_add_words: | 398 | bn_mul_add_words: |
| 399 | .prologue | 399 | .prologue |
| 400 | .fframe 0 | ||
| 401 | .save ar.pfs,r2 | 400 | .save ar.pfs,r2 |
| 402 | .save ar.lc,r3 | ||
| 403 | .save pr,r9 | ||
| 404 | { .mmi; alloc r2=ar.pfs,4,4,0,8 | 401 | { .mmi; alloc r2=ar.pfs,4,4,0,8 |
| 405 | cmp4.le p6,p0=r34,r0 | 402 | cmp4.le p6,p0=r34,r0 |
| 403 | .save ar.lc,r3 | ||
| 406 | mov r3=ar.lc };; | 404 | mov r3=ar.lc };; |
| 407 | { .mib; mov r8=r0 // return value | 405 | { .mib; mov r8=r0 // return value |
| 408 | sub r10=r34,r0,1 | 406 | sub r10=r34,r0,1 |
| 409 | (p6) br.ret.spnt.many b0 };; | 407 | (p6) br.ret.spnt.many b0 };; |
| 410 | 408 | ||
| 411 | .body | ||
| 412 | { .mib; setf.sig f8=r35 // w | 409 | { .mib; setf.sig f8=r35 // w |
| 410 | .save pr,r9 | ||
| 413 | mov r9=pr | 411 | mov r9=pr |
| 414 | brp.loop.imp .L_bn_mul_add_words_ctop,.L_bn_mul_add_words_cend-16 | 412 | brp.loop.imp .L_bn_mul_add_words_ctop,.L_bn_mul_add_words_cend-16 |
| 415 | } | 413 | } |
| 414 | .body | ||
| 416 | { .mmi; ADDP r14=0,r32 // rp | 415 | { .mmi; ADDP r14=0,r32 // rp |
| 417 | ADDP r15=0,r33 // ap | 416 | ADDP r15=0,r33 // ap |
| 418 | mov ar.lc=r10 } | 417 | mov ar.lc=r10 } |
| @@ -466,7 +465,6 @@ bn_mul_add_words: | |||
| 466 | .skip 32 // makes the loop body aligned at 64-byte boundary | 465 | .skip 32 // makes the loop body aligned at 64-byte boundary |
| 467 | bn_sqr_words: | 466 | bn_sqr_words: |
| 468 | .prologue | 467 | .prologue |
| 469 | .fframe 0 | ||
| 470 | .save ar.pfs,r2 | 468 | .save ar.pfs,r2 |
| 471 | { .mii; alloc r2=ar.pfs,3,0,0,0 | 469 | { .mii; alloc r2=ar.pfs,3,0,0,0 |
| 472 | sxt4 r34=r34 };; | 470 | sxt4 r34=r34 };; |
| @@ -476,9 +474,10 @@ bn_sqr_words: | |||
| 476 | nop.f 0x0 | 474 | nop.f 0x0 |
| 477 | (p6) br.ret.spnt.many b0 };; | 475 | (p6) br.ret.spnt.many b0 };; |
| 478 | 476 | ||
| 479 | .save ar.lc,r3 | ||
| 480 | { .mii; sub r10=r34,r0,1 | 477 | { .mii; sub r10=r34,r0,1 |
| 478 | .save ar.lc,r3 | ||
| 481 | mov r3=ar.lc | 479 | mov r3=ar.lc |
| 480 | .save pr,r9 | ||
| 482 | mov r9=pr };; | 481 | mov r9=pr };; |
| 483 | 482 | ||
| 484 | .body | 483 | .body |
| @@ -545,7 +544,6 @@ bn_sqr_words: | |||
| 545 | .align 64 | 544 | .align 64 |
| 546 | bn_sqr_comba8: | 545 | bn_sqr_comba8: |
| 547 | .prologue | 546 | .prologue |
| 548 | .fframe 0 | ||
| 549 | .save ar.pfs,r2 | 547 | .save ar.pfs,r2 |
| 550 | #if defined(_HPUX_SOURCE) && !defined(_LP64) | 548 | #if defined(_HPUX_SOURCE) && !defined(_LP64) |
| 551 | { .mii; alloc r2=ar.pfs,2,1,0,0 | 549 | { .mii; alloc r2=ar.pfs,2,1,0,0 |
| @@ -617,7 +615,6 @@ bn_sqr_comba8: | |||
| 617 | .align 64 | 615 | .align 64 |
| 618 | bn_mul_comba8: | 616 | bn_mul_comba8: |
| 619 | .prologue | 617 | .prologue |
| 620 | .fframe 0 | ||
| 621 | .save ar.pfs,r2 | 618 | .save ar.pfs,r2 |
| 622 | #if defined(_HPUX_SOURCE) && !defined(_LP64) | 619 | #if defined(_HPUX_SOURCE) && !defined(_LP64) |
| 623 | { .mii; alloc r2=ar.pfs,3,0,0,0 | 620 | { .mii; alloc r2=ar.pfs,3,0,0,0 |
| @@ -1175,7 +1172,6 @@ bn_mul_comba8: | |||
| 1175 | .align 64 | 1172 | .align 64 |
| 1176 | bn_sqr_comba4: | 1173 | bn_sqr_comba4: |
| 1177 | .prologue | 1174 | .prologue |
| 1178 | .fframe 0 | ||
| 1179 | .save ar.pfs,r2 | 1175 | .save ar.pfs,r2 |
| 1180 | #if defined(_HPUX_SOURCE) && !defined(_LP64) | 1176 | #if defined(_HPUX_SOURCE) && !defined(_LP64) |
| 1181 | { .mii; alloc r2=ar.pfs,2,1,0,0 | 1177 | { .mii; alloc r2=ar.pfs,2,1,0,0 |
| @@ -1208,7 +1204,6 @@ bn_sqr_comba4: | |||
| 1208 | .align 64 | 1204 | .align 64 |
| 1209 | bn_mul_comba4: | 1205 | bn_mul_comba4: |
| 1210 | .prologue | 1206 | .prologue |
| 1211 | .fframe 0 | ||
| 1212 | .save ar.pfs,r2 | 1207 | .save ar.pfs,r2 |
| 1213 | #if defined(_HPUX_SOURCE) && !defined(_LP64) | 1208 | #if defined(_HPUX_SOURCE) && !defined(_LP64) |
| 1214 | { .mii; alloc r2=ar.pfs,3,0,0,0 | 1209 | { .mii; alloc r2=ar.pfs,3,0,0,0 |
| @@ -1411,11 +1406,11 @@ equ=p24 | |||
| 1411 | .align 64 | 1406 | .align 64 |
| 1412 | bn_div_words: | 1407 | bn_div_words: |
| 1413 | .prologue | 1408 | .prologue |
| 1414 | .fframe 0 | ||
| 1415 | .save ar.pfs,r2 | 1409 | .save ar.pfs,r2 |
| 1416 | .save b0,r3 | ||
| 1417 | { .mii; alloc r2=ar.pfs,3,5,0,8 | 1410 | { .mii; alloc r2=ar.pfs,3,5,0,8 |
| 1411 | .save b0,r3 | ||
| 1418 | mov r3=b0 | 1412 | mov r3=b0 |
| 1413 | .save pr,r10 | ||
| 1419 | mov r10=pr };; | 1414 | mov r10=pr };; |
| 1420 | { .mmb; cmp.eq p6,p0=r34,r0 | 1415 | { .mmb; cmp.eq p6,p0=r34,r0 |
| 1421 | mov r8=-1 | 1416 | mov r8=-1 |
diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h index 1251521c54..6d754d5547 100644 --- a/src/lib/libcrypto/bn/bn.h +++ b/src/lib/libcrypto/bn/bn.h | |||
| @@ -55,6 +55,19 @@ | |||
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * | ||
| 61 | * Portions of the attached software ("Contribution") are developed by | ||
| 62 | * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. | ||
| 63 | * | ||
| 64 | * The Contribution is licensed pursuant to the Eric Young open source | ||
| 65 | * license provided above. | ||
| 66 | * | ||
| 67 | * The binary polynomial arithmetic software is originally written by | ||
| 68 | * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. | ||
| 69 | * | ||
| 70 | */ | ||
| 58 | 71 | ||
| 59 | #ifndef HEADER_BN_H | 72 | #ifndef HEADER_BN_H |
| 60 | #define HEADER_BN_H | 73 | #define HEADER_BN_H |
| @@ -63,14 +76,23 @@ | |||
| 63 | #ifndef OPENSSL_NO_FP_API | 76 | #ifndef OPENSSL_NO_FP_API |
| 64 | #include <stdio.h> /* FILE */ | 77 | #include <stdio.h> /* FILE */ |
| 65 | #endif | 78 | #endif |
| 79 | #include <openssl/ossl_typ.h> | ||
| 66 | 80 | ||
| 67 | #ifdef __cplusplus | 81 | #ifdef __cplusplus |
| 68 | extern "C" { | 82 | extern "C" { |
| 69 | #endif | 83 | #endif |
| 70 | 84 | ||
| 71 | #ifdef OPENSSL_SYS_VMS | 85 | /* These preprocessor symbols control various aspects of the bignum headers and |
| 72 | #undef BN_LLONG /* experimental, so far... */ | 86 | * library code. They're not defined by any "normal" configuration, as they are |
| 73 | #endif | 87 | * intended for development and testing purposes. NB: defining all three can be |
| 88 | * useful for debugging application code as well as openssl itself. | ||
| 89 | * | ||
| 90 | * BN_DEBUG - turn on various debugging alterations to the bignum code | ||
| 91 | * BN_DEBUG_RAND - uses random poisoning of unused words to trip up | ||
| 92 | * mismanagement of bignum internals. You must also define BN_DEBUG. | ||
| 93 | */ | ||
| 94 | /* #define BN_DEBUG */ | ||
| 95 | /* #define BN_DEBUG_RAND */ | ||
| 74 | 96 | ||
| 75 | #define BN_MUL_COMBA | 97 | #define BN_MUL_COMBA |
| 76 | #define BN_SQR_COMBA | 98 | #define BN_SQR_COMBA |
| @@ -143,10 +165,12 @@ extern "C" { | |||
| 143 | #endif | 165 | #endif |
| 144 | 166 | ||
| 145 | #ifdef THIRTY_TWO_BIT | 167 | #ifdef THIRTY_TWO_BIT |
| 146 | #if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__) | 168 | #ifdef BN_LLONG |
| 147 | #define BN_ULLONG unsigned _int64 | 169 | # if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__) |
| 148 | #else | 170 | # define BN_ULLONG unsigned __int64 |
| 149 | #define BN_ULLONG unsigned long long | 171 | # else |
| 172 | # define BN_ULLONG unsigned long long | ||
| 173 | # endif | ||
| 150 | #endif | 174 | #endif |
| 151 | #define BN_ULONG unsigned long | 175 | #define BN_ULONG unsigned long |
| 152 | #define BN_LONG long | 176 | #define BN_LONG long |
| @@ -219,15 +243,23 @@ extern "C" { | |||
| 219 | 243 | ||
| 220 | #define BN_DEFAULT_BITS 1280 | 244 | #define BN_DEFAULT_BITS 1280 |
| 221 | 245 | ||
| 222 | #ifdef BIGNUM | ||
| 223 | #undef BIGNUM | ||
| 224 | #endif | ||
| 225 | |||
| 226 | #define BN_FLG_MALLOCED 0x01 | 246 | #define BN_FLG_MALLOCED 0x01 |
| 227 | #define BN_FLG_STATIC_DATA 0x02 | 247 | #define BN_FLG_STATIC_DATA 0x02 |
| 228 | #define BN_FLG_EXP_CONSTTIME 0x04 /* avoid leaking exponent information through timings | 248 | #define BN_FLG_CONSTTIME 0x04 /* avoid leaking exponent information through timing, |
| 229 | * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */ | 249 | * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime, |
| 250 | * BN_div() will call BN_div_no_branch, | ||
| 251 | * BN_mod_inverse() will call BN_mod_inverse_no_branch. | ||
| 252 | */ | ||
| 253 | |||
| 254 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 255 | #define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */ | ||
| 256 | /* avoid leaking exponent information through timings | ||
| 257 | * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */ | ||
| 258 | #endif | ||
| 259 | |||
| 260 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 230 | #define BN_FLG_FREE 0x8000 /* used for debuging */ | 261 | #define BN_FLG_FREE 0x8000 /* used for debuging */ |
| 262 | #endif | ||
| 231 | #define BN_set_flags(b,n) ((b)->flags|=(n)) | 263 | #define BN_set_flags(b,n) ((b)->flags|=(n)) |
| 232 | #define BN_get_flags(b,n) ((b)->flags&(n)) | 264 | #define BN_get_flags(b,n) ((b)->flags&(n)) |
| 233 | 265 | ||
| @@ -242,7 +274,18 @@ extern "C" { | |||
| 242 | | BN_FLG_STATIC_DATA \ | 274 | | BN_FLG_STATIC_DATA \ |
| 243 | | (n))) | 275 | | (n))) |
| 244 | 276 | ||
| 245 | typedef struct bignum_st | 277 | /* Already declared in ossl_typ.h */ |
| 278 | #if 0 | ||
| 279 | typedef struct bignum_st BIGNUM; | ||
| 280 | /* Used for temp variables (declaration hidden in bn_lcl.h) */ | ||
| 281 | typedef struct bignum_ctx BN_CTX; | ||
| 282 | typedef struct bn_blinding_st BN_BLINDING; | ||
| 283 | typedef struct bn_mont_ctx_st BN_MONT_CTX; | ||
| 284 | typedef struct bn_recp_ctx_st BN_RECP_CTX; | ||
| 285 | typedef struct bn_gencb_st BN_GENCB; | ||
| 286 | #endif | ||
| 287 | |||
| 288 | struct bignum_st | ||
| 246 | { | 289 | { |
| 247 | BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ | 290 | BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ |
| 248 | int top; /* Index of last used d +1. */ | 291 | int top; /* Index of last used d +1. */ |
| @@ -250,44 +293,64 @@ typedef struct bignum_st | |||
| 250 | int dmax; /* Size of the d array. */ | 293 | int dmax; /* Size of the d array. */ |
| 251 | int neg; /* one if the number is negative */ | 294 | int neg; /* one if the number is negative */ |
| 252 | int flags; | 295 | int flags; |
| 253 | } BIGNUM; | 296 | }; |
| 254 | |||
| 255 | /* Used for temp variables (declaration hidden in bn_lcl.h) */ | ||
| 256 | typedef struct bignum_ctx BN_CTX; | ||
| 257 | |||
| 258 | typedef struct bn_blinding_st | ||
| 259 | { | ||
| 260 | int init; | ||
| 261 | BIGNUM *A; | ||
| 262 | BIGNUM *Ai; | ||
| 263 | BIGNUM *mod; /* just a reference */ | ||
| 264 | unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b; | ||
| 265 | * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */ | ||
| 266 | } BN_BLINDING; | ||
| 267 | 297 | ||
| 268 | /* Used for montgomery multiplication */ | 298 | /* Used for montgomery multiplication */ |
| 269 | typedef struct bn_mont_ctx_st | 299 | struct bn_mont_ctx_st |
| 270 | { | 300 | { |
| 271 | int ri; /* number of bits in R */ | 301 | int ri; /* number of bits in R */ |
| 272 | BIGNUM RR; /* used to convert to montgomery form */ | 302 | BIGNUM RR; /* used to convert to montgomery form */ |
| 273 | BIGNUM N; /* The modulus */ | 303 | BIGNUM N; /* The modulus */ |
| 274 | BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 | 304 | BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 |
| 275 | * (Ni is only stored for bignum algorithm) */ | 305 | * (Ni is only stored for bignum algorithm) */ |
| 306 | #if 0 | ||
| 307 | /* OpenSSL 0.9.9 preview: */ | ||
| 308 | BN_ULONG n0[2];/* least significant word(s) of Ni */ | ||
| 309 | #else | ||
| 276 | BN_ULONG n0; /* least significant word of Ni */ | 310 | BN_ULONG n0; /* least significant word of Ni */ |
| 311 | #endif | ||
| 277 | int flags; | 312 | int flags; |
| 278 | } BN_MONT_CTX; | 313 | }; |
| 279 | 314 | ||
| 280 | /* Used for reciprocal division/mod functions | 315 | /* Used for reciprocal division/mod functions |
| 281 | * It cannot be shared between threads | 316 | * It cannot be shared between threads |
| 282 | */ | 317 | */ |
| 283 | typedef struct bn_recp_ctx_st | 318 | struct bn_recp_ctx_st |
| 284 | { | 319 | { |
| 285 | BIGNUM N; /* the divisor */ | 320 | BIGNUM N; /* the divisor */ |
| 286 | BIGNUM Nr; /* the reciprocal */ | 321 | BIGNUM Nr; /* the reciprocal */ |
| 287 | int num_bits; | 322 | int num_bits; |
| 288 | int shift; | 323 | int shift; |
| 289 | int flags; | 324 | int flags; |
| 290 | } BN_RECP_CTX; | 325 | }; |
| 326 | |||
| 327 | /* Used for slow "generation" functions. */ | ||
| 328 | struct bn_gencb_st | ||
| 329 | { | ||
| 330 | unsigned int ver; /* To handle binary (in)compatibility */ | ||
| 331 | void *arg; /* callback-specific data */ | ||
| 332 | union | ||
| 333 | { | ||
| 334 | /* if(ver==1) - handles old style callbacks */ | ||
| 335 | void (*cb_1)(int, int, void *); | ||
| 336 | /* if(ver==2) - new callback style */ | ||
| 337 | int (*cb_2)(int, int, BN_GENCB *); | ||
| 338 | } cb; | ||
| 339 | }; | ||
| 340 | /* Wrapper function to make using BN_GENCB easier, */ | ||
| 341 | int BN_GENCB_call(BN_GENCB *cb, int a, int b); | ||
| 342 | /* Macro to populate a BN_GENCB structure with an "old"-style callback */ | ||
| 343 | #define BN_GENCB_set_old(gencb, callback, cb_arg) { \ | ||
| 344 | BN_GENCB *tmp_gencb = (gencb); \ | ||
| 345 | tmp_gencb->ver = 1; \ | ||
| 346 | tmp_gencb->arg = (cb_arg); \ | ||
| 347 | tmp_gencb->cb.cb_1 = (callback); } | ||
| 348 | /* Macro to populate a BN_GENCB structure with a "new"-style callback */ | ||
| 349 | #define BN_GENCB_set(gencb, callback, cb_arg) { \ | ||
| 350 | BN_GENCB *tmp_gencb = (gencb); \ | ||
| 351 | tmp_gencb->ver = 2; \ | ||
| 352 | tmp_gencb->arg = (cb_arg); \ | ||
| 353 | tmp_gencb->cb.cb_2 = (callback); } | ||
| 291 | 354 | ||
| 292 | #define BN_prime_checks 0 /* default: select number of iterations | 355 | #define BN_prime_checks 0 /* default: select number of iterations |
| 293 | based on the size of the number */ | 356 | based on the size of the number */ |
| @@ -312,24 +375,33 @@ typedef struct bn_recp_ctx_st | |||
| 312 | 375 | ||
| 313 | #define BN_num_bytes(a) ((BN_num_bits(a)+7)/8) | 376 | #define BN_num_bytes(a) ((BN_num_bits(a)+7)/8) |
| 314 | 377 | ||
| 315 | /* Note that BN_abs_is_word does not work reliably for w == 0 */ | 378 | /* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */ |
| 316 | #define BN_abs_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) | 379 | #define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \ |
| 317 | #define BN_is_zero(a) (((a)->top == 0) || BN_abs_is_word(a,0)) | 380 | (((w) == 0) && ((a)->top == 0))) |
| 381 | #define BN_is_zero(a) ((a)->top == 0) | ||
| 318 | #define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg) | 382 | #define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg) |
| 319 | #define BN_is_word(a,w) ((w) ? BN_abs_is_word((a),(w)) && !(a)->neg : \ | 383 | #define BN_is_word(a,w) (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg)) |
| 320 | BN_is_zero((a))) | ||
| 321 | #define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1)) | 384 | #define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1)) |
| 322 | 385 | ||
| 323 | #define BN_one(a) (BN_set_word((a),1)) | 386 | #define BN_one(a) (BN_set_word((a),1)) |
| 387 | #define BN_zero_ex(a) \ | ||
| 388 | do { \ | ||
| 389 | BIGNUM *_tmp_bn = (a); \ | ||
| 390 | _tmp_bn->top = 0; \ | ||
| 391 | _tmp_bn->neg = 0; \ | ||
| 392 | } while(0) | ||
| 393 | #ifdef OPENSSL_NO_DEPRECATED | ||
| 394 | #define BN_zero(a) BN_zero_ex(a) | ||
| 395 | #else | ||
| 324 | #define BN_zero(a) (BN_set_word((a),0)) | 396 | #define BN_zero(a) (BN_set_word((a),0)) |
| 325 | 397 | #endif | |
| 326 | /*#define BN_ascii2bn(a) BN_hex2bn(a) */ | ||
| 327 | /*#define BN_bn2ascii(a) BN_bn2hex(a) */ | ||
| 328 | 398 | ||
| 329 | const BIGNUM *BN_value_one(void); | 399 | const BIGNUM *BN_value_one(void); |
| 330 | char * BN_options(void); | 400 | char * BN_options(void); |
| 331 | BN_CTX *BN_CTX_new(void); | 401 | BN_CTX *BN_CTX_new(void); |
| 402 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 332 | void BN_CTX_init(BN_CTX *c); | 403 | void BN_CTX_init(BN_CTX *c); |
| 404 | #endif | ||
| 333 | void BN_CTX_free(BN_CTX *c); | 405 | void BN_CTX_free(BN_CTX *c); |
| 334 | void BN_CTX_start(BN_CTX *ctx); | 406 | void BN_CTX_start(BN_CTX *ctx); |
| 335 | BIGNUM *BN_CTX_get(BN_CTX *ctx); | 407 | BIGNUM *BN_CTX_get(BN_CTX *ctx); |
| @@ -355,6 +427,16 @@ int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); | |||
| 355 | int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); | 427 | int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); |
| 356 | int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); | 428 | int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); |
| 357 | int BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx); | 429 | int BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx); |
| 430 | /** BN_set_negative sets sign of a BIGNUM | ||
| 431 | * \param b pointer to the BIGNUM object | ||
| 432 | * \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise | ||
| 433 | */ | ||
| 434 | void BN_set_negative(BIGNUM *b, int n); | ||
| 435 | /** BN_is_negative returns 1 if the BIGNUM is negative | ||
| 436 | * \param a pointer to the BIGNUM object | ||
| 437 | * \return 1 if a < 0 and 0 otherwise | ||
| 438 | */ | ||
| 439 | #define BN_is_negative(a) ((a)->neg != 0) | ||
| 358 | 440 | ||
| 359 | int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, | 441 | int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, |
| 360 | BN_CTX *ctx); | 442 | BN_CTX *ctx); |
| @@ -428,6 +510,9 @@ BIGNUM *BN_mod_inverse(BIGNUM *ret, | |||
| 428 | const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); | 510 | const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); |
| 429 | BIGNUM *BN_mod_sqrt(BIGNUM *ret, | 511 | BIGNUM *BN_mod_sqrt(BIGNUM *ret, |
| 430 | const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); | 512 | const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); |
| 513 | |||
| 514 | /* Deprecated versions */ | ||
| 515 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 431 | BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe, | 516 | BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe, |
| 432 | const BIGNUM *add, const BIGNUM *rem, | 517 | const BIGNUM *add, const BIGNUM *rem, |
| 433 | void (*callback)(int,int,void *),void *cb_arg); | 518 | void (*callback)(int,int,void *),void *cb_arg); |
| @@ -437,19 +522,14 @@ int BN_is_prime(const BIGNUM *p,int nchecks, | |||
| 437 | int BN_is_prime_fasttest(const BIGNUM *p,int nchecks, | 522 | int BN_is_prime_fasttest(const BIGNUM *p,int nchecks, |
| 438 | void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg, | 523 | void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg, |
| 439 | int do_trial_division); | 524 | int do_trial_division); |
| 525 | #endif /* !defined(OPENSSL_NO_DEPRECATED) */ | ||
| 440 | 526 | ||
| 441 | #ifdef OPENSSL_FIPS | 527 | /* Newer versions */ |
| 442 | int BN_X931_derive_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, | 528 | int BN_generate_prime_ex(BIGNUM *ret,int bits,int safe, const BIGNUM *add, |
| 443 | void (*cb)(int, int, void *), void *cb_arg, | 529 | const BIGNUM *rem, BN_GENCB *cb); |
| 444 | const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2, | 530 | int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb); |
| 445 | const BIGNUM *e, BN_CTX *ctx); | 531 | int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, |
| 446 | int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx); | 532 | int do_trial_division, BN_GENCB *cb); |
| 447 | int BN_X931_generate_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, | ||
| 448 | BIGNUM *Xp1, BIGNUM *Xp2, | ||
| 449 | const BIGNUM *Xp, | ||
| 450 | const BIGNUM *e, BN_CTX *ctx, | ||
| 451 | void (*cb)(int, int, void *), void *cb_arg); | ||
| 452 | #endif | ||
| 453 | 533 | ||
| 454 | BN_MONT_CTX *BN_MONT_CTX_new(void ); | 534 | BN_MONT_CTX *BN_MONT_CTX_new(void ); |
| 455 | void BN_MONT_CTX_init(BN_MONT_CTX *ctx); | 535 | void BN_MONT_CTX_init(BN_MONT_CTX *ctx); |
| @@ -465,14 +545,31 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from); | |||
| 465 | BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, | 545 | BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, |
| 466 | const BIGNUM *mod, BN_CTX *ctx); | 546 | const BIGNUM *mod, BN_CTX *ctx); |
| 467 | 547 | ||
| 468 | BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod); | 548 | /* BN_BLINDING flags */ |
| 549 | #define BN_BLINDING_NO_UPDATE 0x00000001 | ||
| 550 | #define BN_BLINDING_NO_RECREATE 0x00000002 | ||
| 551 | |||
| 552 | BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, /* const */ BIGNUM *mod); | ||
| 469 | void BN_BLINDING_free(BN_BLINDING *b); | 553 | void BN_BLINDING_free(BN_BLINDING *b); |
| 470 | int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx); | 554 | int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx); |
| 471 | int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx); | 555 | int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); |
| 472 | int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); | 556 | int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); |
| 473 | 557 | int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); | |
| 558 | int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); | ||
| 559 | unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *); | ||
| 560 | void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long); | ||
| 561 | unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); | ||
| 562 | void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); | ||
| 563 | BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, | ||
| 564 | const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx, | ||
| 565 | int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
| 566 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), | ||
| 567 | BN_MONT_CTX *m_ctx); | ||
| 568 | |||
| 569 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 474 | void BN_set_params(int mul,int high,int low,int mont); | 570 | void BN_set_params(int mul,int high,int low,int mont); |
| 475 | int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */ | 571 | int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */ |
| 572 | #endif | ||
| 476 | 573 | ||
| 477 | void BN_RECP_CTX_init(BN_RECP_CTX *recp); | 574 | void BN_RECP_CTX_init(BN_RECP_CTX *recp); |
| 478 | BN_RECP_CTX *BN_RECP_CTX_new(void); | 575 | BN_RECP_CTX *BN_RECP_CTX_new(void); |
| @@ -485,15 +582,162 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||
| 485 | int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, | 582 | int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, |
| 486 | BN_RECP_CTX *recp, BN_CTX *ctx); | 583 | BN_RECP_CTX *recp, BN_CTX *ctx); |
| 487 | 584 | ||
| 585 | /* Functions for arithmetic over binary polynomials represented by BIGNUMs. | ||
| 586 | * | ||
| 587 | * The BIGNUM::neg property of BIGNUMs representing binary polynomials is | ||
| 588 | * ignored. | ||
| 589 | * | ||
| 590 | * Note that input arguments are not const so that their bit arrays can | ||
| 591 | * be expanded to the appropriate size if needed. | ||
| 592 | */ | ||
| 593 | |||
| 594 | int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); /*r = a + b*/ | ||
| 595 | #define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b) | ||
| 596 | int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p); /*r=a mod p*/ | ||
| 597 | int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, | ||
| 598 | const BIGNUM *p, BN_CTX *ctx); /* r = (a * b) mod p */ | ||
| 599 | int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
| 600 | BN_CTX *ctx); /* r = (a * a) mod p */ | ||
| 601 | int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, | ||
| 602 | BN_CTX *ctx); /* r = (1 / b) mod p */ | ||
| 603 | int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, | ||
| 604 | const BIGNUM *p, BN_CTX *ctx); /* r = (a / b) mod p */ | ||
| 605 | int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, | ||
| 606 | const BIGNUM *p, BN_CTX *ctx); /* r = (a ^ b) mod p */ | ||
| 607 | int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
| 608 | BN_CTX *ctx); /* r = sqrt(a) mod p */ | ||
| 609 | int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
| 610 | BN_CTX *ctx); /* r^2 + r = a mod p */ | ||
| 611 | #define BN_GF2m_cmp(a, b) BN_ucmp((a), (b)) | ||
| 612 | /* Some functions allow for representation of the irreducible polynomials | ||
| 613 | * as an unsigned int[], say p. The irreducible f(t) is then of the form: | ||
| 614 | * t^p[0] + t^p[1] + ... + t^p[k] | ||
| 615 | * where m = p[0] > p[1] > ... > p[k] = 0. | ||
| 616 | */ | ||
| 617 | int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[]); | ||
| 618 | /* r = a mod p */ | ||
| 619 | int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, | ||
| 620 | const unsigned int p[], BN_CTX *ctx); /* r = (a * b) mod p */ | ||
| 621 | int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], | ||
| 622 | BN_CTX *ctx); /* r = (a * a) mod p */ | ||
| 623 | int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const unsigned int p[], | ||
| 624 | BN_CTX *ctx); /* r = (1 / b) mod p */ | ||
| 625 | int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, | ||
| 626 | const unsigned int p[], BN_CTX *ctx); /* r = (a / b) mod p */ | ||
| 627 | int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, | ||
| 628 | const unsigned int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */ | ||
| 629 | int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, | ||
| 630 | const unsigned int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */ | ||
| 631 | int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a, | ||
| 632 | const unsigned int p[], BN_CTX *ctx); /* r^2 + r = a mod p */ | ||
| 633 | int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max); | ||
| 634 | int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a); | ||
| 635 | |||
| 636 | /* faster mod functions for the 'NIST primes' | ||
| 637 | * 0 <= a < p^2 */ | ||
| 638 | int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); | ||
| 639 | int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); | ||
| 640 | int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); | ||
| 641 | int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); | ||
| 642 | int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); | ||
| 643 | |||
| 644 | const BIGNUM *BN_get0_nist_prime_192(void); | ||
| 645 | const BIGNUM *BN_get0_nist_prime_224(void); | ||
| 646 | const BIGNUM *BN_get0_nist_prime_256(void); | ||
| 647 | const BIGNUM *BN_get0_nist_prime_384(void); | ||
| 648 | const BIGNUM *BN_get0_nist_prime_521(void); | ||
| 649 | |||
| 488 | /* library internal functions */ | 650 | /* library internal functions */ |
| 489 | 651 | ||
| 490 | #define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\ | 652 | #define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\ |
| 491 | (a):bn_expand2((a),(bits)/BN_BITS2+1)) | 653 | (a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2)) |
| 492 | #define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words))) | 654 | #define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words))) |
| 493 | BIGNUM *bn_expand2(BIGNUM *a, int words); | 655 | BIGNUM *bn_expand2(BIGNUM *a, int words); |
| 494 | BIGNUM *bn_dup_expand(const BIGNUM *a, int words); | 656 | #ifndef OPENSSL_NO_DEPRECATED |
| 657 | BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */ | ||
| 658 | #endif | ||
| 659 | |||
| 660 | /* Bignum consistency macros | ||
| 661 | * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from | ||
| 662 | * bignum data after direct manipulations on the data. There is also an | ||
| 663 | * "internal" macro, bn_check_top(), for verifying that there are no leading | ||
| 664 | * zeroes. Unfortunately, some auditing is required due to the fact that | ||
| 665 | * bn_fix_top() has become an overabused duct-tape because bignum data is | ||
| 666 | * occasionally passed around in an inconsistent state. So the following | ||
| 667 | * changes have been made to sort this out; | ||
| 668 | * - bn_fix_top()s implementation has been moved to bn_correct_top() | ||
| 669 | * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and | ||
| 670 | * bn_check_top() is as before. | ||
| 671 | * - if BN_DEBUG *is* defined; | ||
| 672 | * - bn_check_top() tries to pollute unused words even if the bignum 'top' is | ||
| 673 | * consistent. (ed: only if BN_DEBUG_RAND is defined) | ||
| 674 | * - bn_fix_top() maps to bn_check_top() rather than "fixing" anything. | ||
| 675 | * The idea is to have debug builds flag up inconsistent bignums when they | ||
| 676 | * occur. If that occurs in a bn_fix_top(), we examine the code in question; if | ||
| 677 | * the use of bn_fix_top() was appropriate (ie. it follows directly after code | ||
| 678 | * that manipulates the bignum) it is converted to bn_correct_top(), and if it | ||
| 679 | * was not appropriate, we convert it permanently to bn_check_top() and track | ||
| 680 | * down the cause of the bug. Eventually, no internal code should be using the | ||
| 681 | * bn_fix_top() macro. External applications and libraries should try this with | ||
| 682 | * their own code too, both in terms of building against the openssl headers | ||
| 683 | * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it | ||
| 684 | * defined. This not only improves external code, it provides more test | ||
| 685 | * coverage for openssl's own code. | ||
| 686 | */ | ||
| 687 | |||
| 688 | #ifdef BN_DEBUG | ||
| 495 | 689 | ||
| 496 | #define bn_fix_top(a) \ | 690 | /* We only need assert() when debugging */ |
| 691 | #include <assert.h> | ||
| 692 | |||
| 693 | #ifdef BN_DEBUG_RAND | ||
| 694 | /* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */ | ||
| 695 | #ifndef RAND_pseudo_bytes | ||
| 696 | int RAND_pseudo_bytes(unsigned char *buf,int num); | ||
| 697 | #define BN_DEBUG_TRIX | ||
| 698 | #endif | ||
| 699 | #define bn_pollute(a) \ | ||
| 700 | do { \ | ||
| 701 | const BIGNUM *_bnum1 = (a); \ | ||
| 702 | if(_bnum1->top < _bnum1->dmax) { \ | ||
| 703 | unsigned char _tmp_char; \ | ||
| 704 | /* We cast away const without the compiler knowing, any \ | ||
| 705 | * *genuinely* constant variables that aren't mutable \ | ||
| 706 | * wouldn't be constructed with top!=dmax. */ \ | ||
| 707 | BN_ULONG *_not_const; \ | ||
| 708 | memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \ | ||
| 709 | RAND_pseudo_bytes(&_tmp_char, 1); \ | ||
| 710 | memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \ | ||
| 711 | (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \ | ||
| 712 | } \ | ||
| 713 | } while(0) | ||
| 714 | #ifdef BN_DEBUG_TRIX | ||
| 715 | #undef RAND_pseudo_bytes | ||
| 716 | #endif | ||
| 717 | #else | ||
| 718 | #define bn_pollute(a) | ||
| 719 | #endif | ||
| 720 | #define bn_check_top(a) \ | ||
| 721 | do { \ | ||
| 722 | const BIGNUM *_bnum2 = (a); \ | ||
| 723 | if (_bnum2 != NULL) { \ | ||
| 724 | assert((_bnum2->top == 0) || \ | ||
| 725 | (_bnum2->d[_bnum2->top - 1] != 0)); \ | ||
| 726 | bn_pollute(_bnum2); \ | ||
| 727 | } \ | ||
| 728 | } while(0) | ||
| 729 | |||
| 730 | #define bn_fix_top(a) bn_check_top(a) | ||
| 731 | |||
| 732 | #else /* !BN_DEBUG */ | ||
| 733 | |||
| 734 | #define bn_pollute(a) | ||
| 735 | #define bn_check_top(a) | ||
| 736 | #define bn_fix_top(a) bn_correct_top(a) | ||
| 737 | |||
| 738 | #endif | ||
| 739 | |||
| 740 | #define bn_correct_top(a) \ | ||
| 497 | { \ | 741 | { \ |
| 498 | BN_ULONG *ftl; \ | 742 | BN_ULONG *ftl; \ |
| 499 | if ((a)->top > 0) \ | 743 | if ((a)->top > 0) \ |
| @@ -501,6 +745,7 @@ BIGNUM *bn_dup_expand(const BIGNUM *a, int words); | |||
| 501 | for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \ | 745 | for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \ |
| 502 | if (*(ftl--)) break; \ | 746 | if (*(ftl--)) break; \ |
| 503 | } \ | 747 | } \ |
| 748 | bn_pollute(a); \ | ||
| 504 | } | 749 | } |
| 505 | 750 | ||
| 506 | BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); | 751 | BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); |
| @@ -510,15 +755,17 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d); | |||
| 510 | BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); | 755 | BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); |
| 511 | BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); | 756 | BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); |
| 512 | 757 | ||
| 513 | #ifdef BN_DEBUG | 758 | /* Primes from RFC 2409 */ |
| 514 | void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n); | 759 | BIGNUM *get_rfc2409_prime_768(BIGNUM *bn); |
| 515 | # define bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \ | 760 | BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn); |
| 516 | fprintf(stderr,"\n");} | 761 | |
| 517 | # define bn_dump(a,n) bn_dump1(stderr,#a,a,n); | 762 | /* Primes from RFC 3526 */ |
| 518 | #else | 763 | BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn); |
| 519 | # define bn_print(a) | 764 | BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn); |
| 520 | # define bn_dump(a,b) | 765 | BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn); |
| 521 | #endif | 766 | BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn); |
| 767 | BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn); | ||
| 768 | BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn); | ||
| 522 | 769 | ||
| 523 | int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom); | 770 | int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom); |
| 524 | 771 | ||
| @@ -531,18 +778,30 @@ void ERR_load_BN_strings(void); | |||
| 531 | /* Error codes for the BN functions. */ | 778 | /* Error codes for the BN functions. */ |
| 532 | 779 | ||
| 533 | /* Function codes. */ | 780 | /* Function codes. */ |
| 534 | #define BN_F_BN_BLINDING_CONVERT 100 | 781 | #define BN_F_BNRAND 127 |
| 535 | #define BN_F_BN_BLINDING_INVERT 101 | 782 | #define BN_F_BN_BLINDING_CONVERT_EX 100 |
| 783 | #define BN_F_BN_BLINDING_CREATE_PARAM 128 | ||
| 784 | #define BN_F_BN_BLINDING_INVERT_EX 101 | ||
| 536 | #define BN_F_BN_BLINDING_NEW 102 | 785 | #define BN_F_BN_BLINDING_NEW 102 |
| 537 | #define BN_F_BN_BLINDING_UPDATE 103 | 786 | #define BN_F_BN_BLINDING_UPDATE 103 |
| 538 | #define BN_F_BN_BN2DEC 104 | 787 | #define BN_F_BN_BN2DEC 104 |
| 539 | #define BN_F_BN_BN2HEX 105 | 788 | #define BN_F_BN_BN2HEX 105 |
| 540 | #define BN_F_BN_CTX_GET 116 | 789 | #define BN_F_BN_CTX_GET 116 |
| 541 | #define BN_F_BN_CTX_NEW 106 | 790 | #define BN_F_BN_CTX_NEW 106 |
| 791 | #define BN_F_BN_CTX_START 129 | ||
| 542 | #define BN_F_BN_DIV 107 | 792 | #define BN_F_BN_DIV 107 |
| 793 | #define BN_F_BN_DIV_NO_BRANCH 138 | ||
| 794 | #define BN_F_BN_DIV_RECP 130 | ||
| 543 | #define BN_F_BN_EXP 123 | 795 | #define BN_F_BN_EXP 123 |
| 544 | #define BN_F_BN_EXPAND2 108 | 796 | #define BN_F_BN_EXPAND2 108 |
| 545 | #define BN_F_BN_EXPAND_INTERNAL 120 | 797 | #define BN_F_BN_EXPAND_INTERNAL 120 |
| 798 | #define BN_F_BN_GF2M_MOD 131 | ||
| 799 | #define BN_F_BN_GF2M_MOD_EXP 132 | ||
| 800 | #define BN_F_BN_GF2M_MOD_MUL 133 | ||
| 801 | #define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134 | ||
| 802 | #define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135 | ||
| 803 | #define BN_F_BN_GF2M_MOD_SQR 136 | ||
| 804 | #define BN_F_BN_GF2M_MOD_SQRT 137 | ||
| 546 | #define BN_F_BN_MOD_EXP2_MONT 118 | 805 | #define BN_F_BN_MOD_EXP2_MONT 118 |
| 547 | #define BN_F_BN_MOD_EXP_MONT 109 | 806 | #define BN_F_BN_MOD_EXP_MONT 109 |
| 548 | #define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124 | 807 | #define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124 |
| @@ -550,6 +809,7 @@ void ERR_load_BN_strings(void); | |||
| 550 | #define BN_F_BN_MOD_EXP_RECP 125 | 809 | #define BN_F_BN_MOD_EXP_RECP 125 |
| 551 | #define BN_F_BN_MOD_EXP_SIMPLE 126 | 810 | #define BN_F_BN_MOD_EXP_SIMPLE 126 |
| 552 | #define BN_F_BN_MOD_INVERSE 110 | 811 | #define BN_F_BN_MOD_INVERSE 110 |
| 812 | #define BN_F_BN_MOD_INVERSE_NO_BRANCH 139 | ||
| 553 | #define BN_F_BN_MOD_LSHIFT_QUICK 119 | 813 | #define BN_F_BN_MOD_LSHIFT_QUICK 119 |
| 554 | #define BN_F_BN_MOD_MUL_RECIPROCAL 111 | 814 | #define BN_F_BN_MOD_MUL_RECIPROCAL 111 |
| 555 | #define BN_F_BN_MOD_SQRT 121 | 815 | #define BN_F_BN_MOD_SQRT 121 |
| @@ -573,6 +833,7 @@ void ERR_load_BN_strings(void); | |||
| 573 | #define BN_R_NOT_A_SQUARE 111 | 833 | #define BN_R_NOT_A_SQUARE 111 |
| 574 | #define BN_R_NOT_INITIALIZED 107 | 834 | #define BN_R_NOT_INITIALIZED 107 |
| 575 | #define BN_R_NO_INVERSE 108 | 835 | #define BN_R_NO_INVERSE 108 |
| 836 | #define BN_R_NO_SOLUTION 116 | ||
| 576 | #define BN_R_P_IS_NOT_PRIME 112 | 837 | #define BN_R_P_IS_NOT_PRIME 112 |
| 577 | #define BN_R_TOO_MANY_ITERATIONS 113 | 838 | #define BN_R_TOO_MANY_ITERATIONS 113 |
| 578 | #define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109 | 839 | #define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109 |
diff --git a/src/lib/libcrypto/bn/bn_add.c b/src/lib/libcrypto/bn/bn_add.c index 6cba07e9f6..9405163706 100644 --- a/src/lib/libcrypto/bn/bn_add.c +++ b/src/lib/libcrypto/bn/bn_add.c | |||
| @@ -64,7 +64,7 @@ | |||
| 64 | int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) | 64 | int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) |
| 65 | { | 65 | { |
| 66 | const BIGNUM *tmp; | 66 | const BIGNUM *tmp; |
| 67 | int a_neg = a->neg; | 67 | int a_neg = a->neg, ret; |
| 68 | 68 | ||
| 69 | bn_check_top(a); | 69 | bn_check_top(a); |
| 70 | bn_check_top(b); | 70 | bn_check_top(b); |
| @@ -95,20 +95,17 @@ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) | |||
| 95 | return(1); | 95 | return(1); |
| 96 | } | 96 | } |
| 97 | 97 | ||
| 98 | if (!BN_uadd(r,a,b)) return(0); | 98 | ret = BN_uadd(r,a,b); |
| 99 | if (a_neg) /* both are neg */ | 99 | r->neg = a_neg; |
| 100 | r->neg=1; | 100 | bn_check_top(r); |
| 101 | else | 101 | return ret; |
| 102 | r->neg=0; | ||
| 103 | return(1); | ||
| 104 | } | 102 | } |
| 105 | 103 | ||
| 106 | /* unsigned add of b to a, r must be large enough */ | 104 | /* unsigned add of b to a */ |
| 107 | int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) | 105 | int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) |
| 108 | { | 106 | { |
| 109 | register int i; | 107 | int max,min,dif; |
| 110 | int max,min; | 108 | BN_ULONG *ap,*bp,*rp,carry,t1,t2; |
| 111 | BN_ULONG *ap,*bp,*rp,carry,t1; | ||
| 112 | const BIGNUM *tmp; | 109 | const BIGNUM *tmp; |
| 113 | 110 | ||
| 114 | bn_check_top(a); | 111 | bn_check_top(a); |
| @@ -116,11 +113,12 @@ int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) | |||
| 116 | 113 | ||
| 117 | if (a->top < b->top) | 114 | if (a->top < b->top) |
| 118 | { tmp=a; a=b; b=tmp; } | 115 | { tmp=a; a=b; b=tmp; } |
| 119 | max=a->top; | 116 | max = a->top; |
| 120 | min=b->top; | 117 | min = b->top; |
| 118 | dif = max - min; | ||
| 121 | 119 | ||
| 122 | if (bn_wexpand(r,max+1) == NULL) | 120 | if (bn_wexpand(r,max+1) == NULL) |
| 123 | return(0); | 121 | return 0; |
| 124 | 122 | ||
| 125 | r->top=max; | 123 | r->top=max; |
| 126 | 124 | ||
| @@ -128,46 +126,46 @@ int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) | |||
| 128 | ap=a->d; | 126 | ap=a->d; |
| 129 | bp=b->d; | 127 | bp=b->d; |
| 130 | rp=r->d; | 128 | rp=r->d; |
| 131 | carry=0; | ||
| 132 | 129 | ||
| 133 | carry=bn_add_words(rp,ap,bp,min); | 130 | carry=bn_add_words(rp,ap,bp,min); |
| 134 | rp+=min; | 131 | rp+=min; |
| 135 | ap+=min; | 132 | ap+=min; |
| 136 | bp+=min; | 133 | bp+=min; |
| 137 | i=min; | ||
| 138 | 134 | ||
| 139 | if (carry) | 135 | if (carry) |
| 140 | { | 136 | { |
| 141 | while (i < max) | 137 | while (dif) |
| 142 | { | 138 | { |
| 143 | i++; | 139 | dif--; |
| 144 | t1= *(ap++); | 140 | t1 = *(ap++); |
| 145 | if ((*(rp++)=(t1+1)&BN_MASK2) >= t1) | 141 | t2 = (t1+1) & BN_MASK2; |
| 142 | *(rp++) = t2; | ||
| 143 | if (t2) | ||
| 146 | { | 144 | { |
| 147 | carry=0; | 145 | carry=0; |
| 148 | break; | 146 | break; |
| 149 | } | 147 | } |
| 150 | } | 148 | } |
| 151 | if ((i >= max) && carry) | 149 | if (carry) |
| 152 | { | 150 | { |
| 153 | *(rp++)=1; | 151 | /* carry != 0 => dif == 0 */ |
| 152 | *rp = 1; | ||
| 154 | r->top++; | 153 | r->top++; |
| 155 | } | 154 | } |
| 156 | } | 155 | } |
| 157 | if (rp != ap) | 156 | if (dif && rp != ap) |
| 158 | { | 157 | while (dif--) |
| 159 | for (; i<max; i++) | 158 | /* copy remaining words if ap != rp */ |
| 160 | *(rp++)= *(ap++); | 159 | *(rp++) = *(ap++); |
| 161 | } | ||
| 162 | /* memcpy(rp,ap,sizeof(*ap)*(max-i));*/ | ||
| 163 | r->neg = 0; | 160 | r->neg = 0; |
| 164 | return(1); | 161 | bn_check_top(r); |
| 162 | return 1; | ||
| 165 | } | 163 | } |
| 166 | 164 | ||
| 167 | /* unsigned subtraction of b from a, a must be larger than b. */ | 165 | /* unsigned subtraction of b from a, a must be larger than b. */ |
| 168 | int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) | 166 | int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) |
| 169 | { | 167 | { |
| 170 | int max,min; | 168 | int max,min,dif; |
| 171 | register BN_ULONG t1,t2,*ap,*bp,*rp; | 169 | register BN_ULONG t1,t2,*ap,*bp,*rp; |
| 172 | int i,carry; | 170 | int i,carry; |
| 173 | #if defined(IRIX_CC_BUG) && !defined(LINT) | 171 | #if defined(IRIX_CC_BUG) && !defined(LINT) |
| @@ -177,14 +175,16 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) | |||
| 177 | bn_check_top(a); | 175 | bn_check_top(a); |
| 178 | bn_check_top(b); | 176 | bn_check_top(b); |
| 179 | 177 | ||
| 180 | if (a->top < b->top) /* hmm... should not be happening */ | 178 | max = a->top; |
| 179 | min = b->top; | ||
| 180 | dif = max - min; | ||
| 181 | |||
| 182 | if (dif < 0) /* hmm... should not be happening */ | ||
| 181 | { | 183 | { |
| 182 | BNerr(BN_F_BN_USUB,BN_R_ARG2_LT_ARG3); | 184 | BNerr(BN_F_BN_USUB,BN_R_ARG2_LT_ARG3); |
| 183 | return(0); | 185 | return(0); |
| 184 | } | 186 | } |
| 185 | 187 | ||
| 186 | max=a->top; | ||
| 187 | min=b->top; | ||
| 188 | if (bn_wexpand(r,max) == NULL) return(0); | 188 | if (bn_wexpand(r,max) == NULL) return(0); |
| 189 | 189 | ||
| 190 | ap=a->d; | 190 | ap=a->d; |
| @@ -193,7 +193,7 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) | |||
| 193 | 193 | ||
| 194 | #if 1 | 194 | #if 1 |
| 195 | carry=0; | 195 | carry=0; |
| 196 | for (i=0; i<min; i++) | 196 | for (i = min; i != 0; i--) |
| 197 | { | 197 | { |
| 198 | t1= *(ap++); | 198 | t1= *(ap++); |
| 199 | t2= *(bp++); | 199 | t2= *(bp++); |
| @@ -217,17 +217,20 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) | |||
| 217 | ap+=min; | 217 | ap+=min; |
| 218 | bp+=min; | 218 | bp+=min; |
| 219 | rp+=min; | 219 | rp+=min; |
| 220 | i=min; | ||
| 221 | #endif | 220 | #endif |
| 222 | if (carry) /* subtracted */ | 221 | if (carry) /* subtracted */ |
| 223 | { | 222 | { |
| 224 | while (i < max) | 223 | if (!dif) |
| 224 | /* error: a < b */ | ||
| 225 | return 0; | ||
| 226 | while (dif) | ||
| 225 | { | 227 | { |
| 226 | i++; | 228 | dif--; |
| 227 | t1= *(ap++); | 229 | t1 = *(ap++); |
| 228 | t2=(t1-1)&BN_MASK2; | 230 | t2 = (t1-1)&BN_MASK2; |
| 229 | *(rp++)=t2; | 231 | *(rp++) = t2; |
| 230 | if (t1 > t2) break; | 232 | if (t1) |
| 233 | break; | ||
| 231 | } | 234 | } |
| 232 | } | 235 | } |
| 233 | #if 0 | 236 | #if 0 |
| @@ -237,13 +240,13 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) | |||
| 237 | { | 240 | { |
| 238 | for (;;) | 241 | for (;;) |
| 239 | { | 242 | { |
| 240 | if (i++ >= max) break; | 243 | if (!dif--) break; |
| 241 | rp[0]=ap[0]; | 244 | rp[0]=ap[0]; |
| 242 | if (i++ >= max) break; | 245 | if (!dif--) break; |
| 243 | rp[1]=ap[1]; | 246 | rp[1]=ap[1]; |
| 244 | if (i++ >= max) break; | 247 | if (!dif--) break; |
| 245 | rp[2]=ap[2]; | 248 | rp[2]=ap[2]; |
| 246 | if (i++ >= max) break; | 249 | if (!dif--) break; |
| 247 | rp[3]=ap[3]; | 250 | rp[3]=ap[3]; |
| 248 | rp+=4; | 251 | rp+=4; |
| 249 | ap+=4; | 252 | ap+=4; |
| @@ -253,7 +256,7 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) | |||
| 253 | 256 | ||
| 254 | r->top=max; | 257 | r->top=max; |
| 255 | r->neg=0; | 258 | r->neg=0; |
| 256 | bn_fix_top(r); | 259 | bn_correct_top(r); |
| 257 | return(1); | 260 | return(1); |
| 258 | } | 261 | } |
| 259 | 262 | ||
| @@ -304,6 +307,7 @@ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) | |||
| 304 | if (!BN_usub(r,a,b)) return(0); | 307 | if (!BN_usub(r,a,b)) return(0); |
| 305 | r->neg=0; | 308 | r->neg=0; |
| 306 | } | 309 | } |
| 310 | bn_check_top(r); | ||
| 307 | return(1); | 311 | return(1); |
| 308 | } | 312 | } |
| 309 | 313 | ||
diff --git a/src/lib/libcrypto/bn/bn_asm.c b/src/lib/libcrypto/bn/bn_asm.c index 19978085b2..99bc2de491 100644 --- a/src/lib/libcrypto/bn/bn_asm.c +++ b/src/lib/libcrypto/bn/bn_asm.c | |||
| @@ -459,6 +459,34 @@ BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) | |||
| 459 | #define sqr_add_c2(a,i,j,c0,c1,c2) \ | 459 | #define sqr_add_c2(a,i,j,c0,c1,c2) \ |
| 460 | mul_add_c2((a)[i],(a)[j],c0,c1,c2) | 460 | mul_add_c2((a)[i],(a)[j],c0,c1,c2) |
| 461 | 461 | ||
| 462 | #elif defined(BN_UMULT_LOHI) | ||
| 463 | |||
| 464 | #define mul_add_c(a,b,c0,c1,c2) { \ | ||
| 465 | BN_ULONG ta=(a),tb=(b); \ | ||
| 466 | BN_UMULT_LOHI(t1,t2,ta,tb); \ | ||
| 467 | c0 += t1; t2 += (c0<t1)?1:0; \ | ||
| 468 | c1 += t2; c2 += (c1<t2)?1:0; \ | ||
| 469 | } | ||
| 470 | |||
| 471 | #define mul_add_c2(a,b,c0,c1,c2) { \ | ||
| 472 | BN_ULONG ta=(a),tb=(b),t0; \ | ||
| 473 | BN_UMULT_LOHI(t0,t1,ta,tb); \ | ||
| 474 | t2 = t1+t1; c2 += (t2<t1)?1:0; \ | ||
| 475 | t1 = t0+t0; t2 += (t1<t0)?1:0; \ | ||
| 476 | c0 += t1; t2 += (c0<t1)?1:0; \ | ||
| 477 | c1 += t2; c2 += (c1<t2)?1:0; \ | ||
| 478 | } | ||
| 479 | |||
| 480 | #define sqr_add_c(a,i,c0,c1,c2) { \ | ||
| 481 | BN_ULONG ta=(a)[i]; \ | ||
| 482 | BN_UMULT_LOHI(t1,t2,ta,ta); \ | ||
| 483 | c0 += t1; t2 += (c0<t1)?1:0; \ | ||
| 484 | c1 += t2; c2 += (c1<t2)?1:0; \ | ||
| 485 | } | ||
| 486 | |||
| 487 | #define sqr_add_c2(a,i,j,c0,c1,c2) \ | ||
| 488 | mul_add_c2((a)[i],(a)[j],c0,c1,c2) | ||
| 489 | |||
| 462 | #elif defined(BN_UMULT_HIGH) | 490 | #elif defined(BN_UMULT_HIGH) |
| 463 | 491 | ||
| 464 | #define mul_add_c(a,b,c0,c1,c2) { \ | 492 | #define mul_add_c(a,b,c0,c1,c2) { \ |
diff --git a/src/lib/libcrypto/bn/bn_blind.c b/src/lib/libcrypto/bn/bn_blind.c index 2d287e6d1b..c11fb4ccc2 100644 --- a/src/lib/libcrypto/bn/bn_blind.c +++ b/src/lib/libcrypto/bn/bn_blind.c | |||
| @@ -1,4 +1,57 @@ | |||
| 1 | /* crypto/bn/bn_blind.c */ | 1 | /* crypto/bn/bn_blind.c */ |
| 2 | /* ==================================================================== | ||
| 3 | * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. | ||
| 4 | * | ||
| 5 | * Redistribution and use in source and binary forms, with or without | ||
| 6 | * modification, are permitted provided that the following conditions | ||
| 7 | * are met: | ||
| 8 | * | ||
| 9 | * 1. Redistributions of source code must retain the above copyright | ||
| 10 | * notice, this list of conditions and the following disclaimer. | ||
| 11 | * | ||
| 12 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer in | ||
| 14 | * the documentation and/or other materials provided with the | ||
| 15 | * distribution. | ||
| 16 | * | ||
| 17 | * 3. All advertising materials mentioning features or use of this | ||
| 18 | * software must display the following acknowledgment: | ||
| 19 | * "This product includes software developed by the OpenSSL Project | ||
| 20 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 21 | * | ||
| 22 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 23 | * endorse or promote products derived from this software without | ||
| 24 | * prior written permission. For written permission, please contact | ||
| 25 | * openssl-core@openssl.org. | ||
| 26 | * | ||
| 27 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 28 | * nor may "OpenSSL" appear in their names without prior written | ||
| 29 | * permission of the OpenSSL Project. | ||
| 30 | * | ||
| 31 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 32 | * acknowledgment: | ||
| 33 | * "This product includes software developed by the OpenSSL Project | ||
| 34 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 35 | * | ||
| 36 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 37 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 38 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 39 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 40 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 41 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 42 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 43 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 44 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 45 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 46 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 47 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 48 | * ==================================================================== | ||
| 49 | * | ||
| 50 | * This product includes cryptographic software written by Eric Young | ||
| 51 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 52 | * Hudson (tjh@cryptsoft.com). | ||
| 53 | * | ||
| 54 | */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 55 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 56 | * All rights reserved. |
| 4 | * | 57 | * |
| @@ -60,11 +113,28 @@ | |||
| 60 | #include "cryptlib.h" | 113 | #include "cryptlib.h" |
| 61 | #include "bn_lcl.h" | 114 | #include "bn_lcl.h" |
| 62 | 115 | ||
| 63 | BN_BLINDING *BN_BLINDING_new(BIGNUM *A, BIGNUM *Ai, BIGNUM *mod) | 116 | #define BN_BLINDING_COUNTER 32 |
| 117 | |||
| 118 | struct bn_blinding_st | ||
| 119 | { | ||
| 120 | BIGNUM *A; | ||
| 121 | BIGNUM *Ai; | ||
| 122 | BIGNUM *e; | ||
| 123 | BIGNUM *mod; /* just a reference */ | ||
| 124 | unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b; | ||
| 125 | * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */ | ||
| 126 | unsigned int counter; | ||
| 127 | unsigned long flags; | ||
| 128 | BN_MONT_CTX *m_ctx; | ||
| 129 | int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
| 130 | const BIGNUM *m, BN_CTX *ctx, | ||
| 131 | BN_MONT_CTX *m_ctx); | ||
| 132 | }; | ||
| 133 | |||
| 134 | BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, /* const */ BIGNUM *mod) | ||
| 64 | { | 135 | { |
| 65 | BN_BLINDING *ret=NULL; | 136 | BN_BLINDING *ret=NULL; |
| 66 | 137 | ||
| 67 | bn_check_top(Ai); | ||
| 68 | bn_check_top(mod); | 138 | bn_check_top(mod); |
| 69 | 139 | ||
| 70 | if ((ret=(BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL) | 140 | if ((ret=(BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL) |
| @@ -73,11 +143,21 @@ BN_BLINDING *BN_BLINDING_new(BIGNUM *A, BIGNUM *Ai, BIGNUM *mod) | |||
| 73 | return(NULL); | 143 | return(NULL); |
| 74 | } | 144 | } |
| 75 | memset(ret,0,sizeof(BN_BLINDING)); | 145 | memset(ret,0,sizeof(BN_BLINDING)); |
| 76 | if ((ret->A=BN_new()) == NULL) goto err; | 146 | if (A != NULL) |
| 77 | if ((ret->Ai=BN_new()) == NULL) goto err; | 147 | { |
| 78 | if (!BN_copy(ret->A,A)) goto err; | 148 | if ((ret->A = BN_dup(A)) == NULL) goto err; |
| 79 | if (!BN_copy(ret->Ai,Ai)) goto err; | 149 | } |
| 80 | ret->mod=mod; | 150 | if (Ai != NULL) |
| 151 | { | ||
| 152 | if ((ret->Ai = BN_dup(Ai)) == NULL) goto err; | ||
| 153 | } | ||
| 154 | |||
| 155 | /* save a copy of mod in the BN_BLINDING structure */ | ||
| 156 | if ((ret->mod = BN_dup(mod)) == NULL) goto err; | ||
| 157 | if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0) | ||
| 158 | BN_set_flags(ret->mod, BN_FLG_CONSTTIME); | ||
| 159 | |||
| 160 | ret->counter = BN_BLINDING_COUNTER; | ||
| 81 | return(ret); | 161 | return(ret); |
| 82 | err: | 162 | err: |
| 83 | if (ret != NULL) BN_BLINDING_free(ret); | 163 | if (ret != NULL) BN_BLINDING_free(ret); |
| @@ -91,6 +171,8 @@ void BN_BLINDING_free(BN_BLINDING *r) | |||
| 91 | 171 | ||
| 92 | if (r->A != NULL) BN_free(r->A ); | 172 | if (r->A != NULL) BN_free(r->A ); |
| 93 | if (r->Ai != NULL) BN_free(r->Ai); | 173 | if (r->Ai != NULL) BN_free(r->Ai); |
| 174 | if (r->e != NULL) BN_free(r->e ); | ||
| 175 | if (r->mod != NULL) BN_free(r->mod); | ||
| 94 | OPENSSL_free(r); | 176 | OPENSSL_free(r); |
| 95 | } | 177 | } |
| 96 | 178 | ||
| @@ -103,42 +185,181 @@ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) | |||
| 103 | BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITIALIZED); | 185 | BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITIALIZED); |
| 104 | goto err; | 186 | goto err; |
| 105 | } | 187 | } |
| 106 | 188 | ||
| 107 | if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err; | 189 | if (--(b->counter) == 0 && b->e != NULL && |
| 108 | if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err; | 190 | !(b->flags & BN_BLINDING_NO_RECREATE)) |
| 191 | { | ||
| 192 | /* re-create blinding parameters */ | ||
| 193 | if (!BN_BLINDING_create_param(b, NULL, NULL, ctx, NULL, NULL)) | ||
| 194 | goto err; | ||
| 195 | } | ||
| 196 | else if (!(b->flags & BN_BLINDING_NO_UPDATE)) | ||
| 197 | { | ||
| 198 | if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err; | ||
| 199 | if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err; | ||
| 200 | } | ||
| 109 | 201 | ||
| 110 | ret=1; | 202 | ret=1; |
| 111 | err: | 203 | err: |
| 204 | if (b->counter == 0) | ||
| 205 | b->counter = BN_BLINDING_COUNTER; | ||
| 112 | return(ret); | 206 | return(ret); |
| 113 | } | 207 | } |
| 114 | 208 | ||
| 115 | int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) | 209 | int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) |
| 116 | { | 210 | { |
| 211 | return BN_BLINDING_convert_ex(n, NULL, b, ctx); | ||
| 212 | } | ||
| 213 | |||
| 214 | int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) | ||
| 215 | { | ||
| 216 | int ret = 1; | ||
| 217 | |||
| 117 | bn_check_top(n); | 218 | bn_check_top(n); |
| 118 | 219 | ||
| 119 | if ((b->A == NULL) || (b->Ai == NULL)) | 220 | if ((b->A == NULL) || (b->Ai == NULL)) |
| 120 | { | 221 | { |
| 121 | BNerr(BN_F_BN_BLINDING_CONVERT,BN_R_NOT_INITIALIZED); | 222 | BNerr(BN_F_BN_BLINDING_CONVERT_EX,BN_R_NOT_INITIALIZED); |
| 122 | return(0); | 223 | return(0); |
| 123 | } | 224 | } |
| 124 | return(BN_mod_mul(n,n,b->A,b->mod,ctx)); | 225 | |
| 226 | if (r != NULL) | ||
| 227 | { | ||
| 228 | if (!BN_copy(r, b->Ai)) ret=0; | ||
| 229 | } | ||
| 230 | |||
| 231 | if (!BN_mod_mul(n,n,b->A,b->mod,ctx)) ret=0; | ||
| 232 | |||
| 233 | return ret; | ||
| 125 | } | 234 | } |
| 126 | 235 | ||
| 127 | int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) | 236 | int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) |
| 128 | { | 237 | { |
| 238 | return BN_BLINDING_invert_ex(n, NULL, b, ctx); | ||
| 239 | } | ||
| 240 | |||
| 241 | int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) | ||
| 242 | { | ||
| 129 | int ret; | 243 | int ret; |
| 130 | 244 | ||
| 131 | bn_check_top(n); | 245 | bn_check_top(n); |
| 132 | if ((b->A == NULL) || (b->Ai == NULL)) | 246 | if ((b->A == NULL) || (b->Ai == NULL)) |
| 133 | { | 247 | { |
| 134 | BNerr(BN_F_BN_BLINDING_INVERT,BN_R_NOT_INITIALIZED); | 248 | BNerr(BN_F_BN_BLINDING_INVERT_EX,BN_R_NOT_INITIALIZED); |
| 135 | return(0); | 249 | return(0); |
| 136 | } | 250 | } |
| 137 | if ((ret=BN_mod_mul(n,n,b->Ai,b->mod,ctx)) >= 0) | 251 | |
| 252 | if (r != NULL) | ||
| 253 | ret = BN_mod_mul(n, n, r, b->mod, ctx); | ||
| 254 | else | ||
| 255 | ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx); | ||
| 256 | |||
| 257 | if (ret >= 0) | ||
| 138 | { | 258 | { |
| 139 | if (!BN_BLINDING_update(b,ctx)) | 259 | if (!BN_BLINDING_update(b,ctx)) |
| 140 | return(0); | 260 | return(0); |
| 141 | } | 261 | } |
| 262 | bn_check_top(n); | ||
| 142 | return(ret); | 263 | return(ret); |
| 143 | } | 264 | } |
| 144 | 265 | ||
| 266 | unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b) | ||
| 267 | { | ||
| 268 | return b->thread_id; | ||
| 269 | } | ||
| 270 | |||
| 271 | void BN_BLINDING_set_thread_id(BN_BLINDING *b, unsigned long n) | ||
| 272 | { | ||
| 273 | b->thread_id = n; | ||
| 274 | } | ||
| 275 | |||
| 276 | unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b) | ||
| 277 | { | ||
| 278 | return b->flags; | ||
| 279 | } | ||
| 280 | |||
| 281 | void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags) | ||
| 282 | { | ||
| 283 | b->flags = flags; | ||
| 284 | } | ||
| 285 | |||
| 286 | BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, | ||
| 287 | const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx, | ||
| 288 | int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
| 289 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), | ||
| 290 | BN_MONT_CTX *m_ctx) | ||
| 291 | { | ||
| 292 | int retry_counter = 32; | ||
| 293 | BN_BLINDING *ret = NULL; | ||
| 294 | |||
| 295 | if (b == NULL) | ||
| 296 | ret = BN_BLINDING_new(NULL, NULL, m); | ||
| 297 | else | ||
| 298 | ret = b; | ||
| 299 | |||
| 300 | if (ret == NULL) | ||
| 301 | goto err; | ||
| 302 | |||
| 303 | if (ret->A == NULL && (ret->A = BN_new()) == NULL) | ||
| 304 | goto err; | ||
| 305 | if (ret->Ai == NULL && (ret->Ai = BN_new()) == NULL) | ||
| 306 | goto err; | ||
| 307 | |||
| 308 | if (e != NULL) | ||
| 309 | { | ||
| 310 | if (ret->e != NULL) | ||
| 311 | BN_free(ret->e); | ||
| 312 | ret->e = BN_dup(e); | ||
| 313 | } | ||
| 314 | if (ret->e == NULL) | ||
| 315 | goto err; | ||
| 316 | |||
| 317 | if (bn_mod_exp != NULL) | ||
| 318 | ret->bn_mod_exp = bn_mod_exp; | ||
| 319 | if (m_ctx != NULL) | ||
| 320 | ret->m_ctx = m_ctx; | ||
| 321 | |||
| 322 | do { | ||
| 323 | if (!BN_rand_range(ret->A, ret->mod)) goto err; | ||
| 324 | if (BN_mod_inverse(ret->Ai, ret->A, ret->mod, ctx) == NULL) | ||
| 325 | { | ||
| 326 | /* this should almost never happen for good RSA keys */ | ||
| 327 | unsigned long error = ERR_peek_last_error(); | ||
| 328 | if (ERR_GET_REASON(error) == BN_R_NO_INVERSE) | ||
| 329 | { | ||
| 330 | if (retry_counter-- == 0) | ||
| 331 | { | ||
| 332 | BNerr(BN_F_BN_BLINDING_CREATE_PARAM, | ||
| 333 | BN_R_TOO_MANY_ITERATIONS); | ||
| 334 | goto err; | ||
| 335 | } | ||
| 336 | ERR_clear_error(); | ||
| 337 | } | ||
| 338 | else | ||
| 339 | goto err; | ||
| 340 | } | ||
| 341 | else | ||
| 342 | break; | ||
| 343 | } while (1); | ||
| 344 | |||
| 345 | if (ret->bn_mod_exp != NULL && ret->m_ctx != NULL) | ||
| 346 | { | ||
| 347 | if (!ret->bn_mod_exp(ret->A, ret->A, ret->e, ret->mod, ctx, ret->m_ctx)) | ||
| 348 | goto err; | ||
| 349 | } | ||
| 350 | else | ||
| 351 | { | ||
| 352 | if (!BN_mod_exp(ret->A, ret->A, ret->e, ret->mod, ctx)) | ||
| 353 | goto err; | ||
| 354 | } | ||
| 355 | |||
| 356 | return ret; | ||
| 357 | err: | ||
| 358 | if (b == NULL && ret != NULL) | ||
| 359 | { | ||
| 360 | BN_BLINDING_free(ret); | ||
| 361 | ret = NULL; | ||
| 362 | } | ||
| 363 | |||
| 364 | return ret; | ||
| 365 | } | ||
diff --git a/src/lib/libcrypto/bn/bn_ctx.c b/src/lib/libcrypto/bn/bn_ctx.c index 7daf19eb84..b3452f1a91 100644 --- a/src/lib/libcrypto/bn/bn_ctx.c +++ b/src/lib/libcrypto/bn/bn_ctx.c | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | /* crypto/bn/bn_ctx.c */ | 1 | /* crypto/bn/bn_ctx.c */ |
| 2 | /* Written by Ulf Moeller for the OpenSSL project. */ | 2 | /* Written by Ulf Moeller for the OpenSSL project. */ |
| 3 | /* ==================================================================== | 3 | /* ==================================================================== |
| 4 | * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. | 4 | * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved. |
| 5 | * | 5 | * |
| 6 | * Redistribution and use in source and binary forms, with or without | 6 | * Redistribution and use in source and binary forms, with or without |
| 7 | * modification, are permitted provided that the following conditions | 7 | * modification, are permitted provided that the following conditions |
| @@ -54,9 +54,10 @@ | |||
| 54 | * | 54 | * |
| 55 | */ | 55 | */ |
| 56 | 56 | ||
| 57 | #ifndef BN_CTX_DEBUG | 57 | #if !defined(BN_CTX_DEBUG) && !defined(BN_DEBUG) |
| 58 | # undef NDEBUG /* avoid conflicting definitions */ | 58 | #ifndef NDEBUG |
| 59 | # define NDEBUG | 59 | #define NDEBUG |
| 60 | #endif | ||
| 60 | #endif | 61 | #endif |
| 61 | 62 | ||
| 62 | #include <stdio.h> | 63 | #include <stdio.h> |
| @@ -65,91 +66,389 @@ | |||
| 65 | #include "cryptlib.h" | 66 | #include "cryptlib.h" |
| 66 | #include "bn_lcl.h" | 67 | #include "bn_lcl.h" |
| 67 | 68 | ||
| 69 | /* TODO list | ||
| 70 | * | ||
| 71 | * 1. Check a bunch of "(words+1)" type hacks in various bignum functions and | ||
| 72 | * check they can be safely removed. | ||
| 73 | * - Check +1 and other ugliness in BN_from_montgomery() | ||
| 74 | * | ||
| 75 | * 2. Consider allowing a BN_new_ex() that, at least, lets you specify an | ||
| 76 | * appropriate 'block' size that will be honoured by bn_expand_internal() to | ||
| 77 | * prevent piddly little reallocations. OTOH, profiling bignum expansions in | ||
| 78 | * BN_CTX doesn't show this to be a big issue. | ||
| 79 | */ | ||
| 80 | |||
| 81 | /* How many bignums are in each "pool item"; */ | ||
| 82 | #define BN_CTX_POOL_SIZE 16 | ||
| 83 | /* The stack frame info is resizing, set a first-time expansion size; */ | ||
| 84 | #define BN_CTX_START_FRAMES 32 | ||
| 68 | 85 | ||
| 69 | BN_CTX *BN_CTX_new(void) | 86 | /***********/ |
| 87 | /* BN_POOL */ | ||
| 88 | /***********/ | ||
| 89 | |||
| 90 | /* A bundle of bignums that can be linked with other bundles */ | ||
| 91 | typedef struct bignum_pool_item | ||
| 92 | { | ||
| 93 | /* The bignum values */ | ||
| 94 | BIGNUM vals[BN_CTX_POOL_SIZE]; | ||
| 95 | /* Linked-list admin */ | ||
| 96 | struct bignum_pool_item *prev, *next; | ||
| 97 | } BN_POOL_ITEM; | ||
| 98 | /* A linked-list of bignums grouped in bundles */ | ||
| 99 | typedef struct bignum_pool | ||
| 100 | { | ||
| 101 | /* Linked-list admin */ | ||
| 102 | BN_POOL_ITEM *head, *current, *tail; | ||
| 103 | /* Stack depth and allocation size */ | ||
| 104 | unsigned used, size; | ||
| 105 | } BN_POOL; | ||
| 106 | static void BN_POOL_init(BN_POOL *); | ||
| 107 | static void BN_POOL_finish(BN_POOL *); | ||
| 108 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 109 | static void BN_POOL_reset(BN_POOL *); | ||
| 110 | #endif | ||
| 111 | static BIGNUM * BN_POOL_get(BN_POOL *); | ||
| 112 | static void BN_POOL_release(BN_POOL *, unsigned int); | ||
| 113 | |||
| 114 | /************/ | ||
| 115 | /* BN_STACK */ | ||
| 116 | /************/ | ||
| 117 | |||
| 118 | /* A wrapper to manage the "stack frames" */ | ||
| 119 | typedef struct bignum_ctx_stack | ||
| 70 | { | 120 | { |
| 71 | BN_CTX *ret; | 121 | /* Array of indexes into the bignum stack */ |
| 122 | unsigned int *indexes; | ||
| 123 | /* Number of stack frames, and the size of the allocated array */ | ||
| 124 | unsigned int depth, size; | ||
| 125 | } BN_STACK; | ||
| 126 | static void BN_STACK_init(BN_STACK *); | ||
| 127 | static void BN_STACK_finish(BN_STACK *); | ||
| 128 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 129 | static void BN_STACK_reset(BN_STACK *); | ||
| 130 | #endif | ||
| 131 | static int BN_STACK_push(BN_STACK *, unsigned int); | ||
| 132 | static unsigned int BN_STACK_pop(BN_STACK *); | ||
| 133 | |||
| 134 | /**********/ | ||
| 135 | /* BN_CTX */ | ||
| 136 | /**********/ | ||
| 137 | |||
| 138 | /* The opaque BN_CTX type */ | ||
| 139 | struct bignum_ctx | ||
| 140 | { | ||
| 141 | /* The bignum bundles */ | ||
| 142 | BN_POOL pool; | ||
| 143 | /* The "stack frames", if you will */ | ||
| 144 | BN_STACK stack; | ||
| 145 | /* The number of bignums currently assigned */ | ||
| 146 | unsigned int used; | ||
| 147 | /* Depth of stack overflow */ | ||
| 148 | int err_stack; | ||
| 149 | /* Block "gets" until an "end" (compatibility behaviour) */ | ||
| 150 | int too_many; | ||
| 151 | }; | ||
| 72 | 152 | ||
| 73 | ret=(BN_CTX *)OPENSSL_malloc(sizeof(BN_CTX)); | 153 | /* Enable this to find BN_CTX bugs */ |
| 74 | if (ret == NULL) | 154 | #ifdef BN_CTX_DEBUG |
| 155 | static const char *ctxdbg_cur = NULL; | ||
| 156 | static void ctxdbg(BN_CTX *ctx) | ||
| 157 | { | ||
| 158 | unsigned int bnidx = 0, fpidx = 0; | ||
| 159 | BN_POOL_ITEM *item = ctx->pool.head; | ||
| 160 | BN_STACK *stack = &ctx->stack; | ||
| 161 | fprintf(stderr,"(%08x): ", (unsigned int)ctx); | ||
| 162 | while(bnidx < ctx->used) | ||
| 75 | { | 163 | { |
| 76 | BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE); | 164 | fprintf(stderr,"%02x ", item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax); |
| 77 | return(NULL); | 165 | if(!(bnidx % BN_CTX_POOL_SIZE)) |
| 166 | item = item->next; | ||
| 78 | } | 167 | } |
| 79 | 168 | fprintf(stderr,"\n"); | |
| 80 | BN_CTX_init(ret); | 169 | bnidx = 0; |
| 81 | ret->flags=BN_FLG_MALLOCED; | 170 | fprintf(stderr," : "); |
| 82 | return(ret); | 171 | while(fpidx < stack->depth) |
| 172 | { | ||
| 173 | while(bnidx++ < stack->indexes[fpidx]) | ||
| 174 | fprintf(stderr," "); | ||
| 175 | fprintf(stderr,"^^ "); | ||
| 176 | bnidx++; | ||
| 177 | fpidx++; | ||
| 178 | } | ||
| 179 | fprintf(stderr,"\n"); | ||
| 83 | } | 180 | } |
| 181 | #define CTXDBG_ENTRY(str, ctx) do { \ | ||
| 182 | ctxdbg_cur = (str); \ | ||
| 183 | fprintf(stderr,"Starting %s\n", ctxdbg_cur); \ | ||
| 184 | ctxdbg(ctx); \ | ||
| 185 | } while(0) | ||
| 186 | #define CTXDBG_EXIT(ctx) do { \ | ||
| 187 | fprintf(stderr,"Ending %s\n", ctxdbg_cur); \ | ||
| 188 | ctxdbg(ctx); \ | ||
| 189 | } while(0) | ||
| 190 | #define CTXDBG_RET(ctx,ret) | ||
| 191 | #else | ||
| 192 | #define CTXDBG_ENTRY(str, ctx) | ||
| 193 | #define CTXDBG_EXIT(ctx) | ||
| 194 | #define CTXDBG_RET(ctx,ret) | ||
| 195 | #endif | ||
| 84 | 196 | ||
| 197 | /* This function is an evil legacy and should not be used. This implementation | ||
| 198 | * is WYSIWYG, though I've done my best. */ | ||
| 199 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 85 | void BN_CTX_init(BN_CTX *ctx) | 200 | void BN_CTX_init(BN_CTX *ctx) |
| 86 | { | 201 | { |
| 87 | #if 0 /* explicit version */ | 202 | /* Assume the caller obtained the context via BN_CTX_new() and so is |
| 88 | int i; | 203 | * trying to reset it for use. Nothing else makes sense, least of all |
| 89 | ctx->tos = 0; | 204 | * binary compatibility from a time when they could declare a static |
| 90 | ctx->flags = 0; | 205 | * variable. */ |
| 91 | ctx->depth = 0; | 206 | BN_POOL_reset(&ctx->pool); |
| 207 | BN_STACK_reset(&ctx->stack); | ||
| 208 | ctx->used = 0; | ||
| 209 | ctx->err_stack = 0; | ||
| 92 | ctx->too_many = 0; | 210 | ctx->too_many = 0; |
| 93 | for (i = 0; i < BN_CTX_NUM; i++) | 211 | } |
| 94 | BN_init(&(ctx->bn[i])); | ||
| 95 | #else | ||
| 96 | memset(ctx, 0, sizeof *ctx); | ||
| 97 | #endif | 212 | #endif |
| 213 | |||
| 214 | BN_CTX *BN_CTX_new(void) | ||
| 215 | { | ||
| 216 | BN_CTX *ret = OPENSSL_malloc(sizeof(BN_CTX)); | ||
| 217 | if(!ret) | ||
| 218 | { | ||
| 219 | BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE); | ||
| 220 | return NULL; | ||
| 221 | } | ||
| 222 | /* Initialise the structure */ | ||
| 223 | BN_POOL_init(&ret->pool); | ||
| 224 | BN_STACK_init(&ret->stack); | ||
| 225 | ret->used = 0; | ||
| 226 | ret->err_stack = 0; | ||
| 227 | ret->too_many = 0; | ||
| 228 | return ret; | ||
| 98 | } | 229 | } |
| 99 | 230 | ||
| 100 | void BN_CTX_free(BN_CTX *ctx) | 231 | void BN_CTX_free(BN_CTX *ctx) |
| 101 | { | 232 | { |
| 102 | int i; | 233 | if (ctx == NULL) |
| 103 | 234 | return; | |
| 104 | if (ctx == NULL) return; | 235 | #ifdef BN_CTX_DEBUG |
| 105 | assert(ctx->depth == 0); | 236 | { |
| 106 | 237 | BN_POOL_ITEM *pool = ctx->pool.head; | |
| 107 | for (i=0; i < BN_CTX_NUM; i++) | 238 | fprintf(stderr,"BN_CTX_free, stack-size=%d, pool-bignums=%d\n", |
| 108 | BN_clear_free(&(ctx->bn[i])); | 239 | ctx->stack.size, ctx->pool.size); |
| 109 | if (ctx->flags & BN_FLG_MALLOCED) | 240 | fprintf(stderr,"dmaxs: "); |
| 110 | OPENSSL_free(ctx); | 241 | while(pool) { |
| 242 | unsigned loop = 0; | ||
| 243 | while(loop < BN_CTX_POOL_SIZE) | ||
| 244 | fprintf(stderr,"%02x ", pool->vals[loop++].dmax); | ||
| 245 | pool = pool->next; | ||
| 246 | } | ||
| 247 | fprintf(stderr,"\n"); | ||
| 248 | } | ||
| 249 | #endif | ||
| 250 | BN_STACK_finish(&ctx->stack); | ||
| 251 | BN_POOL_finish(&ctx->pool); | ||
| 252 | OPENSSL_free(ctx); | ||
| 111 | } | 253 | } |
| 112 | 254 | ||
| 113 | void BN_CTX_start(BN_CTX *ctx) | 255 | void BN_CTX_start(BN_CTX *ctx) |
| 114 | { | 256 | { |
| 115 | if (ctx->depth < BN_CTX_NUM_POS) | 257 | CTXDBG_ENTRY("BN_CTX_start", ctx); |
| 116 | ctx->pos[ctx->depth] = ctx->tos; | 258 | /* If we're already overflowing ... */ |
| 117 | ctx->depth++; | 259 | if(ctx->err_stack || ctx->too_many) |
| 260 | ctx->err_stack++; | ||
| 261 | /* (Try to) get a new frame pointer */ | ||
| 262 | else if(!BN_STACK_push(&ctx->stack, ctx->used)) | ||
| 263 | { | ||
| 264 | BNerr(BN_F_BN_CTX_START,BN_R_TOO_MANY_TEMPORARY_VARIABLES); | ||
| 265 | ctx->err_stack++; | ||
| 266 | } | ||
| 267 | CTXDBG_EXIT(ctx); | ||
| 118 | } | 268 | } |
| 119 | 269 | ||
| 270 | void BN_CTX_end(BN_CTX *ctx) | ||
| 271 | { | ||
| 272 | CTXDBG_ENTRY("BN_CTX_end", ctx); | ||
| 273 | if(ctx->err_stack) | ||
| 274 | ctx->err_stack--; | ||
| 275 | else | ||
| 276 | { | ||
| 277 | unsigned int fp = BN_STACK_pop(&ctx->stack); | ||
| 278 | /* Does this stack frame have anything to release? */ | ||
| 279 | if(fp < ctx->used) | ||
| 280 | BN_POOL_release(&ctx->pool, ctx->used - fp); | ||
| 281 | ctx->used = fp; | ||
| 282 | /* Unjam "too_many" in case "get" had failed */ | ||
| 283 | ctx->too_many = 0; | ||
| 284 | } | ||
| 285 | CTXDBG_EXIT(ctx); | ||
| 286 | } | ||
| 120 | 287 | ||
| 121 | BIGNUM *BN_CTX_get(BN_CTX *ctx) | 288 | BIGNUM *BN_CTX_get(BN_CTX *ctx) |
| 122 | { | 289 | { |
| 123 | /* Note: If BN_CTX_get is ever changed to allocate BIGNUMs dynamically, | 290 | BIGNUM *ret; |
| 124 | * make sure that if BN_CTX_get fails once it will return NULL again | 291 | CTXDBG_ENTRY("BN_CTX_get", ctx); |
| 125 | * until BN_CTX_end is called. (This is so that callers have to check | 292 | if(ctx->err_stack || ctx->too_many) return NULL; |
| 126 | * only the last return value.) | 293 | if((ret = BN_POOL_get(&ctx->pool)) == NULL) |
| 127 | */ | 294 | { |
| 128 | if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM) | 295 | /* Setting too_many prevents repeated "get" attempts from |
| 296 | * cluttering the error stack. */ | ||
| 297 | ctx->too_many = 1; | ||
| 298 | BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES); | ||
| 299 | return NULL; | ||
| 300 | } | ||
| 301 | /* OK, make sure the returned bignum is "zero" */ | ||
| 302 | BN_zero(ret); | ||
| 303 | ctx->used++; | ||
| 304 | CTXDBG_RET(ctx, ret); | ||
| 305 | return ret; | ||
| 306 | } | ||
| 307 | |||
| 308 | /************/ | ||
| 309 | /* BN_STACK */ | ||
| 310 | /************/ | ||
| 311 | |||
| 312 | static void BN_STACK_init(BN_STACK *st) | ||
| 313 | { | ||
| 314 | st->indexes = NULL; | ||
| 315 | st->depth = st->size = 0; | ||
| 316 | } | ||
| 317 | |||
| 318 | static void BN_STACK_finish(BN_STACK *st) | ||
| 319 | { | ||
| 320 | if(st->size) OPENSSL_free(st->indexes); | ||
| 321 | } | ||
| 322 | |||
| 323 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 324 | static void BN_STACK_reset(BN_STACK *st) | ||
| 325 | { | ||
| 326 | st->depth = 0; | ||
| 327 | } | ||
| 328 | #endif | ||
| 329 | |||
| 330 | static int BN_STACK_push(BN_STACK *st, unsigned int idx) | ||
| 331 | { | ||
| 332 | if(st->depth == st->size) | ||
| 333 | /* Need to expand */ | ||
| 334 | { | ||
| 335 | unsigned int newsize = (st->size ? | ||
| 336 | (st->size * 3 / 2) : BN_CTX_START_FRAMES); | ||
| 337 | unsigned int *newitems = OPENSSL_malloc(newsize * | ||
| 338 | sizeof(unsigned int)); | ||
| 339 | if(!newitems) return 0; | ||
| 340 | if(st->depth) | ||
| 341 | memcpy(newitems, st->indexes, st->depth * | ||
| 342 | sizeof(unsigned int)); | ||
| 343 | if(st->size) OPENSSL_free(st->indexes); | ||
| 344 | st->indexes = newitems; | ||
| 345 | st->size = newsize; | ||
| 346 | } | ||
| 347 | st->indexes[(st->depth)++] = idx; | ||
| 348 | return 1; | ||
| 349 | } | ||
| 350 | |||
| 351 | static unsigned int BN_STACK_pop(BN_STACK *st) | ||
| 352 | { | ||
| 353 | return st->indexes[--(st->depth)]; | ||
| 354 | } | ||
| 355 | |||
| 356 | /***********/ | ||
| 357 | /* BN_POOL */ | ||
| 358 | /***********/ | ||
| 359 | |||
| 360 | static void BN_POOL_init(BN_POOL *p) | ||
| 361 | { | ||
| 362 | p->head = p->current = p->tail = NULL; | ||
| 363 | p->used = p->size = 0; | ||
| 364 | } | ||
| 365 | |||
| 366 | static void BN_POOL_finish(BN_POOL *p) | ||
| 367 | { | ||
| 368 | while(p->head) | ||
| 129 | { | 369 | { |
| 130 | if (!ctx->too_many) | 370 | unsigned int loop = 0; |
| 371 | BIGNUM *bn = p->head->vals; | ||
| 372 | while(loop++ < BN_CTX_POOL_SIZE) | ||
| 131 | { | 373 | { |
| 132 | BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES); | 374 | if(bn->d) BN_clear_free(bn); |
| 133 | /* disable error code until BN_CTX_end is called: */ | 375 | bn++; |
| 134 | ctx->too_many = 1; | ||
| 135 | } | 376 | } |
| 136 | return NULL; | 377 | p->current = p->head->next; |
| 378 | OPENSSL_free(p->head); | ||
| 379 | p->head = p->current; | ||
| 137 | } | 380 | } |
| 138 | return (&(ctx->bn[ctx->tos++])); | ||
| 139 | } | 381 | } |
| 140 | 382 | ||
| 141 | void BN_CTX_end(BN_CTX *ctx) | 383 | #ifndef OPENSSL_NO_DEPRECATED |
| 384 | static void BN_POOL_reset(BN_POOL *p) | ||
| 142 | { | 385 | { |
| 143 | if (ctx == NULL) return; | 386 | BN_POOL_ITEM *item = p->head; |
| 144 | assert(ctx->depth > 0); | 387 | while(item) |
| 145 | if (ctx->depth == 0) | 388 | { |
| 146 | /* should never happen, but we can tolerate it if not in | 389 | unsigned int loop = 0; |
| 147 | * debug mode (could be a 'goto err' in the calling function | 390 | BIGNUM *bn = item->vals; |
| 148 | * before BN_CTX_start was reached) */ | 391 | while(loop++ < BN_CTX_POOL_SIZE) |
| 149 | BN_CTX_start(ctx); | 392 | { |
| 393 | if(bn->d) BN_clear(bn); | ||
| 394 | bn++; | ||
| 395 | } | ||
| 396 | item = item->next; | ||
| 397 | } | ||
| 398 | p->current = p->head; | ||
| 399 | p->used = 0; | ||
| 400 | } | ||
| 401 | #endif | ||
| 150 | 402 | ||
| 151 | ctx->too_many = 0; | 403 | static BIGNUM *BN_POOL_get(BN_POOL *p) |
| 152 | ctx->depth--; | 404 | { |
| 153 | if (ctx->depth < BN_CTX_NUM_POS) | 405 | if(p->used == p->size) |
| 154 | ctx->tos = ctx->pos[ctx->depth]; | 406 | { |
| 407 | BIGNUM *bn; | ||
| 408 | unsigned int loop = 0; | ||
| 409 | BN_POOL_ITEM *item = OPENSSL_malloc(sizeof(BN_POOL_ITEM)); | ||
| 410 | if(!item) return NULL; | ||
| 411 | /* Initialise the structure */ | ||
| 412 | bn = item->vals; | ||
| 413 | while(loop++ < BN_CTX_POOL_SIZE) | ||
| 414 | BN_init(bn++); | ||
| 415 | item->prev = p->tail; | ||
| 416 | item->next = NULL; | ||
| 417 | /* Link it in */ | ||
| 418 | if(!p->head) | ||
| 419 | p->head = p->current = p->tail = item; | ||
| 420 | else | ||
| 421 | { | ||
| 422 | p->tail->next = item; | ||
| 423 | p->tail = item; | ||
| 424 | p->current = item; | ||
| 425 | } | ||
| 426 | p->size += BN_CTX_POOL_SIZE; | ||
| 427 | p->used++; | ||
| 428 | /* Return the first bignum from the new pool */ | ||
| 429 | return item->vals; | ||
| 430 | } | ||
| 431 | if(!p->used) | ||
| 432 | p->current = p->head; | ||
| 433 | else if((p->used % BN_CTX_POOL_SIZE) == 0) | ||
| 434 | p->current = p->current->next; | ||
| 435 | return p->current->vals + ((p->used++) % BN_CTX_POOL_SIZE); | ||
| 436 | } | ||
| 437 | |||
| 438 | static void BN_POOL_release(BN_POOL *p, unsigned int num) | ||
| 439 | { | ||
| 440 | unsigned int offset = (p->used - 1) % BN_CTX_POOL_SIZE; | ||
| 441 | p->used -= num; | ||
| 442 | while(num--) | ||
| 443 | { | ||
| 444 | bn_check_top(p->current->vals + offset); | ||
| 445 | if(!offset) | ||
| 446 | { | ||
| 447 | offset = BN_CTX_POOL_SIZE - 1; | ||
| 448 | p->current = p->current->prev; | ||
| 449 | } | ||
| 450 | else | ||
| 451 | offset--; | ||
| 452 | } | ||
| 155 | } | 453 | } |
| 454 | |||
diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c index 580d1201bc..8655eb118e 100644 --- a/src/lib/libcrypto/bn/bn_div.c +++ b/src/lib/libcrypto/bn/bn_div.c | |||
| @@ -169,22 +169,31 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, | |||
| 169 | #endif /* OPENSSL_NO_ASM */ | 169 | #endif /* OPENSSL_NO_ASM */ |
| 170 | 170 | ||
| 171 | 171 | ||
| 172 | /* BN_div computes dv := num / divisor, rounding towards zero, and sets up | 172 | /* BN_div[_no_branch] computes dv := num / divisor, rounding towards |
| 173 | * rm such that dv*divisor + rm = num holds. | 173 | * zero, and sets up rm such that dv*divisor + rm = num holds. |
| 174 | * Thus: | 174 | * Thus: |
| 175 | * dv->neg == num->neg ^ divisor->neg (unless the result is zero) | 175 | * dv->neg == num->neg ^ divisor->neg (unless the result is zero) |
| 176 | * rm->neg == num->neg (unless the remainder is zero) | 176 | * rm->neg == num->neg (unless the remainder is zero) |
| 177 | * If 'dv' or 'rm' is NULL, the respective value is not returned. | 177 | * If 'dv' or 'rm' is NULL, the respective value is not returned. |
| 178 | */ | 178 | */ |
| 179 | static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, | ||
| 180 | const BIGNUM *divisor, BN_CTX *ctx); | ||
| 179 | int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, | 181 | int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, |
| 180 | BN_CTX *ctx) | 182 | BN_CTX *ctx) |
| 181 | { | 183 | { |
| 182 | int norm_shift,i,j,loop; | 184 | int norm_shift,i,loop; |
| 183 | BIGNUM *tmp,wnum,*snum,*sdiv,*res; | 185 | BIGNUM *tmp,wnum,*snum,*sdiv,*res; |
| 184 | BN_ULONG *resp,*wnump; | 186 | BN_ULONG *resp,*wnump; |
| 185 | BN_ULONG d0,d1; | 187 | BN_ULONG d0,d1; |
| 186 | int num_n,div_n; | 188 | int num_n,div_n; |
| 187 | 189 | ||
| 190 | if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0)) | ||
| 191 | { | ||
| 192 | return BN_div_no_branch(dv, rm, num, divisor, ctx); | ||
| 193 | } | ||
| 194 | |||
| 195 | bn_check_top(dv); | ||
| 196 | bn_check_top(rm); | ||
| 188 | bn_check_top(num); | 197 | bn_check_top(num); |
| 189 | bn_check_top(divisor); | 198 | bn_check_top(divisor); |
| 190 | 199 | ||
| @@ -210,7 +219,6 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, | |||
| 210 | res=BN_CTX_get(ctx); | 219 | res=BN_CTX_get(ctx); |
| 211 | else res=dv; | 220 | else res=dv; |
| 212 | if (sdiv == NULL || res == NULL) goto err; | 221 | if (sdiv == NULL || res == NULL) goto err; |
| 213 | tmp->neg=0; | ||
| 214 | 222 | ||
| 215 | /* First we normalise the numbers */ | 223 | /* First we normalise the numbers */ |
| 216 | norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2); | 224 | norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2); |
| @@ -222,17 +230,17 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, | |||
| 222 | div_n=sdiv->top; | 230 | div_n=sdiv->top; |
| 223 | num_n=snum->top; | 231 | num_n=snum->top; |
| 224 | loop=num_n-div_n; | 232 | loop=num_n-div_n; |
| 225 | |||
| 226 | /* Lets setup a 'window' into snum | 233 | /* Lets setup a 'window' into snum |
| 227 | * This is the part that corresponds to the current | 234 | * This is the part that corresponds to the current |
| 228 | * 'area' being divided */ | 235 | * 'area' being divided */ |
| 229 | BN_init(&wnum); | 236 | wnum.neg = 0; |
| 230 | wnum.d= &(snum->d[loop]); | 237 | wnum.d = &(snum->d[loop]); |
| 231 | wnum.top= div_n; | 238 | wnum.top = div_n; |
| 232 | wnum.dmax= snum->dmax+1; /* a bit of a lie */ | 239 | /* only needed when BN_ucmp messes up the values between top and max */ |
| 240 | wnum.dmax = snum->dmax - loop; /* so we don't step out of bounds */ | ||
| 233 | 241 | ||
| 234 | /* Get the top 2 words of sdiv */ | 242 | /* Get the top 2 words of sdiv */ |
| 235 | /* i=sdiv->top; */ | 243 | /* div_n=sdiv->top; */ |
| 236 | d0=sdiv->d[div_n-1]; | 244 | d0=sdiv->d[div_n-1]; |
| 237 | d1=(div_n == 1)?0:sdiv->d[div_n-2]; | 245 | d1=(div_n == 1)?0:sdiv->d[div_n-2]; |
| 238 | 246 | ||
| @@ -250,19 +258,28 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, | |||
| 250 | 258 | ||
| 251 | if (BN_ucmp(&wnum,sdiv) >= 0) | 259 | if (BN_ucmp(&wnum,sdiv) >= 0) |
| 252 | { | 260 | { |
| 253 | if (!BN_usub(&wnum,&wnum,sdiv)) goto err; | 261 | /* If BN_DEBUG_RAND is defined BN_ucmp changes (via |
| 262 | * bn_pollute) the const bignum arguments => | ||
| 263 | * clean the values between top and max again */ | ||
| 264 | bn_clear_top2max(&wnum); | ||
| 265 | bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n); | ||
| 254 | *resp=1; | 266 | *resp=1; |
| 255 | res->d[res->top-1]=1; | ||
| 256 | } | 267 | } |
| 257 | else | 268 | else |
| 258 | res->top--; | 269 | res->top--; |
| 270 | /* if res->top == 0 then clear the neg value otherwise decrease | ||
| 271 | * the resp pointer */ | ||
| 259 | if (res->top == 0) | 272 | if (res->top == 0) |
| 260 | res->neg = 0; | 273 | res->neg = 0; |
| 261 | resp--; | 274 | else |
| 275 | resp--; | ||
| 262 | 276 | ||
| 263 | for (i=0; i<loop-1; i++) | 277 | for (i=0; i<loop-1; i++, wnump--, resp--) |
| 264 | { | 278 | { |
| 265 | BN_ULONG q,l0; | 279 | BN_ULONG q,l0; |
| 280 | /* the first part of the loop uses the top two words of | ||
| 281 | * snum and sdiv to calculate a BN_ULONG q such that | ||
| 282 | * | wnum - sdiv * q | < sdiv */ | ||
| 266 | #if defined(BN_DIV3W) && !defined(OPENSSL_NO_ASM) | 283 | #if defined(BN_DIV3W) && !defined(OPENSSL_NO_ASM) |
| 267 | BN_ULONG bn_div_3_words(BN_ULONG*,BN_ULONG,BN_ULONG); | 284 | BN_ULONG bn_div_3_words(BN_ULONG*,BN_ULONG,BN_ULONG); |
| 268 | q=bn_div_3_words(wnump,d1,d0); | 285 | q=bn_div_3_words(wnump,d1,d0); |
| @@ -346,27 +363,252 @@ X) -> 0x%08X\n", | |||
| 346 | #endif /* !BN_DIV3W */ | 363 | #endif /* !BN_DIV3W */ |
| 347 | 364 | ||
| 348 | l0=bn_mul_words(tmp->d,sdiv->d,div_n,q); | 365 | l0=bn_mul_words(tmp->d,sdiv->d,div_n,q); |
| 349 | wnum.d--; wnum.top++; | ||
| 350 | tmp->d[div_n]=l0; | 366 | tmp->d[div_n]=l0; |
| 351 | for (j=div_n+1; j>0; j--) | 367 | wnum.d--; |
| 352 | if (tmp->d[j-1]) break; | 368 | /* ingore top values of the bignums just sub the two |
| 353 | tmp->top=j; | 369 | * BN_ULONG arrays with bn_sub_words */ |
| 370 | if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n+1)) | ||
| 371 | { | ||
| 372 | /* Note: As we have considered only the leading | ||
| 373 | * two BN_ULONGs in the calculation of q, sdiv * q | ||
| 374 | * might be greater than wnum (but then (q-1) * sdiv | ||
| 375 | * is less or equal than wnum) | ||
| 376 | */ | ||
| 377 | q--; | ||
| 378 | if (bn_add_words(wnum.d, wnum.d, sdiv->d, div_n)) | ||
| 379 | /* we can't have an overflow here (assuming | ||
| 380 | * that q != 0, but if q == 0 then tmp is | ||
| 381 | * zero anyway) */ | ||
| 382 | (*wnump)++; | ||
| 383 | } | ||
| 384 | /* store part of the result */ | ||
| 385 | *resp = q; | ||
| 386 | } | ||
| 387 | bn_correct_top(snum); | ||
| 388 | if (rm != NULL) | ||
| 389 | { | ||
| 390 | /* Keep a copy of the neg flag in num because if rm==num | ||
| 391 | * BN_rshift() will overwrite it. | ||
| 392 | */ | ||
| 393 | int neg = num->neg; | ||
| 394 | BN_rshift(rm,snum,norm_shift); | ||
| 395 | if (!BN_is_zero(rm)) | ||
| 396 | rm->neg = neg; | ||
| 397 | bn_check_top(rm); | ||
| 398 | } | ||
| 399 | BN_CTX_end(ctx); | ||
| 400 | return(1); | ||
| 401 | err: | ||
| 402 | bn_check_top(rm); | ||
| 403 | BN_CTX_end(ctx); | ||
| 404 | return(0); | ||
| 405 | } | ||
| 406 | |||
| 407 | |||
| 408 | /* BN_div_no_branch is a special version of BN_div. It does not contain | ||
| 409 | * branches that may leak sensitive information. | ||
| 410 | */ | ||
| 411 | static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, | ||
| 412 | const BIGNUM *divisor, BN_CTX *ctx) | ||
| 413 | { | ||
| 414 | int norm_shift,i,loop; | ||
| 415 | BIGNUM *tmp,wnum,*snum,*sdiv,*res; | ||
| 416 | BN_ULONG *resp,*wnump; | ||
| 417 | BN_ULONG d0,d1; | ||
| 418 | int num_n,div_n; | ||
| 419 | |||
| 420 | bn_check_top(dv); | ||
| 421 | bn_check_top(rm); | ||
| 422 | bn_check_top(num); | ||
| 423 | bn_check_top(divisor); | ||
| 424 | |||
| 425 | if (BN_is_zero(divisor)) | ||
| 426 | { | ||
| 427 | BNerr(BN_F_BN_DIV_NO_BRANCH,BN_R_DIV_BY_ZERO); | ||
| 428 | return(0); | ||
| 429 | } | ||
| 430 | |||
| 431 | BN_CTX_start(ctx); | ||
| 432 | tmp=BN_CTX_get(ctx); | ||
| 433 | snum=BN_CTX_get(ctx); | ||
| 434 | sdiv=BN_CTX_get(ctx); | ||
| 435 | if (dv == NULL) | ||
| 436 | res=BN_CTX_get(ctx); | ||
| 437 | else res=dv; | ||
| 438 | if (sdiv == NULL || res == NULL) goto err; | ||
| 439 | |||
| 440 | /* First we normalise the numbers */ | ||
| 441 | norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2); | ||
| 442 | if (!(BN_lshift(sdiv,divisor,norm_shift))) goto err; | ||
| 443 | sdiv->neg=0; | ||
| 444 | norm_shift+=BN_BITS2; | ||
| 445 | if (!(BN_lshift(snum,num,norm_shift))) goto err; | ||
| 446 | snum->neg=0; | ||
| 447 | |||
| 448 | /* Since we don't know whether snum is larger than sdiv, | ||
| 449 | * we pad snum with enough zeroes without changing its | ||
| 450 | * value. | ||
| 451 | */ | ||
| 452 | if (snum->top <= sdiv->top+1) | ||
| 453 | { | ||
| 454 | if (bn_wexpand(snum, sdiv->top + 2) == NULL) goto err; | ||
| 455 | for (i = snum->top; i < sdiv->top + 2; i++) snum->d[i] = 0; | ||
| 456 | snum->top = sdiv->top + 2; | ||
| 457 | } | ||
| 458 | else | ||
| 459 | { | ||
| 460 | if (bn_wexpand(snum, snum->top + 1) == NULL) goto err; | ||
| 461 | snum->d[snum->top] = 0; | ||
| 462 | snum->top ++; | ||
| 463 | } | ||
| 464 | |||
| 465 | div_n=sdiv->top; | ||
| 466 | num_n=snum->top; | ||
| 467 | loop=num_n-div_n; | ||
| 468 | /* Lets setup a 'window' into snum | ||
| 469 | * This is the part that corresponds to the current | ||
| 470 | * 'area' being divided */ | ||
| 471 | wnum.neg = 0; | ||
| 472 | wnum.d = &(snum->d[loop]); | ||
| 473 | wnum.top = div_n; | ||
| 474 | /* only needed when BN_ucmp messes up the values between top and max */ | ||
| 475 | wnum.dmax = snum->dmax - loop; /* so we don't step out of bounds */ | ||
| 476 | |||
| 477 | /* Get the top 2 words of sdiv */ | ||
| 478 | /* div_n=sdiv->top; */ | ||
| 479 | d0=sdiv->d[div_n-1]; | ||
| 480 | d1=(div_n == 1)?0:sdiv->d[div_n-2]; | ||
| 481 | |||
| 482 | /* pointer to the 'top' of snum */ | ||
| 483 | wnump= &(snum->d[num_n-1]); | ||
| 484 | |||
| 485 | /* Setup to 'res' */ | ||
| 486 | res->neg= (num->neg^divisor->neg); | ||
| 487 | if (!bn_wexpand(res,(loop+1))) goto err; | ||
| 488 | res->top=loop-1; | ||
| 489 | resp= &(res->d[loop-1]); | ||
| 490 | |||
| 491 | /* space for temp */ | ||
| 492 | if (!bn_wexpand(tmp,(div_n+1))) goto err; | ||
| 493 | |||
| 494 | /* if res->top == 0 then clear the neg value otherwise decrease | ||
| 495 | * the resp pointer */ | ||
| 496 | if (res->top == 0) | ||
| 497 | res->neg = 0; | ||
| 498 | else | ||
| 499 | resp--; | ||
| 500 | |||
| 501 | for (i=0; i<loop-1; i++, wnump--, resp--) | ||
| 502 | { | ||
| 503 | BN_ULONG q,l0; | ||
| 504 | /* the first part of the loop uses the top two words of | ||
| 505 | * snum and sdiv to calculate a BN_ULONG q such that | ||
| 506 | * | wnum - sdiv * q | < sdiv */ | ||
| 507 | #if defined(BN_DIV3W) && !defined(OPENSSL_NO_ASM) | ||
| 508 | BN_ULONG bn_div_3_words(BN_ULONG*,BN_ULONG,BN_ULONG); | ||
| 509 | q=bn_div_3_words(wnump,d1,d0); | ||
| 510 | #else | ||
| 511 | BN_ULONG n0,n1,rem=0; | ||
| 512 | |||
| 513 | n0=wnump[0]; | ||
| 514 | n1=wnump[-1]; | ||
| 515 | if (n0 == d0) | ||
| 516 | q=BN_MASK2; | ||
| 517 | else /* n0 < d0 */ | ||
| 518 | { | ||
| 519 | #ifdef BN_LLONG | ||
| 520 | BN_ULLONG t2; | ||
| 521 | |||
| 522 | #if defined(BN_LLONG) && defined(BN_DIV2W) && !defined(bn_div_words) | ||
| 523 | q=(BN_ULONG)(((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0); | ||
| 524 | #else | ||
| 525 | q=bn_div_words(n0,n1,d0); | ||
| 526 | #ifdef BN_DEBUG_LEVITTE | ||
| 527 | fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\ | ||
| 528 | X) -> 0x%08X\n", | ||
| 529 | n0, n1, d0, q); | ||
| 530 | #endif | ||
| 531 | #endif | ||
| 532 | |||
| 533 | #ifndef REMAINDER_IS_ALREADY_CALCULATED | ||
| 534 | /* | ||
| 535 | * rem doesn't have to be BN_ULLONG. The least we | ||
| 536 | * know it's less that d0, isn't it? | ||
| 537 | */ | ||
| 538 | rem=(n1-q*d0)&BN_MASK2; | ||
| 539 | #endif | ||
| 540 | t2=(BN_ULLONG)d1*q; | ||
| 541 | |||
| 542 | for (;;) | ||
| 543 | { | ||
| 544 | if (t2 <= ((((BN_ULLONG)rem)<<BN_BITS2)|wnump[-2])) | ||
| 545 | break; | ||
| 546 | q--; | ||
| 547 | rem += d0; | ||
| 548 | if (rem < d0) break; /* don't let rem overflow */ | ||
| 549 | t2 -= d1; | ||
| 550 | } | ||
| 551 | #else /* !BN_LLONG */ | ||
| 552 | BN_ULONG t2l,t2h,ql,qh; | ||
| 553 | |||
| 554 | q=bn_div_words(n0,n1,d0); | ||
| 555 | #ifdef BN_DEBUG_LEVITTE | ||
| 556 | fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\ | ||
| 557 | X) -> 0x%08X\n", | ||
| 558 | n0, n1, d0, q); | ||
| 559 | #endif | ||
| 560 | #ifndef REMAINDER_IS_ALREADY_CALCULATED | ||
| 561 | rem=(n1-q*d0)&BN_MASK2; | ||
| 562 | #endif | ||
| 354 | 563 | ||
| 355 | j=wnum.top; | 564 | #if defined(BN_UMULT_LOHI) |
| 356 | if (!BN_sub(&wnum,&wnum,tmp)) goto err; | 565 | BN_UMULT_LOHI(t2l,t2h,d1,q); |
| 566 | #elif defined(BN_UMULT_HIGH) | ||
| 567 | t2l = d1 * q; | ||
| 568 | t2h = BN_UMULT_HIGH(d1,q); | ||
| 569 | #else | ||
| 570 | t2l=LBITS(d1); t2h=HBITS(d1); | ||
| 571 | ql =LBITS(q); qh =HBITS(q); | ||
| 572 | mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */ | ||
| 573 | #endif | ||
| 357 | 574 | ||
| 358 | snum->top=snum->top+wnum.top-j; | 575 | for (;;) |
| 576 | { | ||
| 577 | if ((t2h < rem) || | ||
| 578 | ((t2h == rem) && (t2l <= wnump[-2]))) | ||
| 579 | break; | ||
| 580 | q--; | ||
| 581 | rem += d0; | ||
| 582 | if (rem < d0) break; /* don't let rem overflow */ | ||
| 583 | if (t2l < d1) t2h--; t2l -= d1; | ||
| 584 | } | ||
| 585 | #endif /* !BN_LLONG */ | ||
| 586 | } | ||
| 587 | #endif /* !BN_DIV3W */ | ||
| 359 | 588 | ||
| 360 | if (wnum.neg) | 589 | l0=bn_mul_words(tmp->d,sdiv->d,div_n,q); |
| 590 | tmp->d[div_n]=l0; | ||
| 591 | wnum.d--; | ||
| 592 | /* ingore top values of the bignums just sub the two | ||
| 593 | * BN_ULONG arrays with bn_sub_words */ | ||
| 594 | if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n+1)) | ||
| 361 | { | 595 | { |
| 596 | /* Note: As we have considered only the leading | ||
| 597 | * two BN_ULONGs in the calculation of q, sdiv * q | ||
| 598 | * might be greater than wnum (but then (q-1) * sdiv | ||
| 599 | * is less or equal than wnum) | ||
| 600 | */ | ||
| 362 | q--; | 601 | q--; |
| 363 | j=wnum.top; | 602 | if (bn_add_words(wnum.d, wnum.d, sdiv->d, div_n)) |
| 364 | if (!BN_add(&wnum,&wnum,sdiv)) goto err; | 603 | /* we can't have an overflow here (assuming |
| 365 | snum->top+=wnum.top-j; | 604 | * that q != 0, but if q == 0 then tmp is |
| 605 | * zero anyway) */ | ||
| 606 | (*wnump)++; | ||
| 366 | } | 607 | } |
| 367 | *(resp--)=q; | 608 | /* store part of the result */ |
| 368 | wnump--; | 609 | *resp = q; |
| 369 | } | 610 | } |
| 611 | bn_correct_top(snum); | ||
| 370 | if (rm != NULL) | 612 | if (rm != NULL) |
| 371 | { | 613 | { |
| 372 | /* Keep a copy of the neg flag in num because if rm==num | 614 | /* Keep a copy of the neg flag in num because if rm==num |
| @@ -376,10 +618,13 @@ X) -> 0x%08X\n", | |||
| 376 | BN_rshift(rm,snum,norm_shift); | 618 | BN_rshift(rm,snum,norm_shift); |
| 377 | if (!BN_is_zero(rm)) | 619 | if (!BN_is_zero(rm)) |
| 378 | rm->neg = neg; | 620 | rm->neg = neg; |
| 621 | bn_check_top(rm); | ||
| 379 | } | 622 | } |
| 623 | bn_correct_top(res); | ||
| 380 | BN_CTX_end(ctx); | 624 | BN_CTX_end(ctx); |
| 381 | return(1); | 625 | return(1); |
| 382 | err: | 626 | err: |
| 627 | bn_check_top(rm); | ||
| 383 | BN_CTX_end(ctx); | 628 | BN_CTX_end(ctx); |
| 384 | return(0); | 629 | return(0); |
| 385 | } | 630 | } |
diff --git a/src/lib/libcrypto/bn/bn_err.c b/src/lib/libcrypto/bn/bn_err.c index 5dfac00c88..cfe2eb94a0 100644 --- a/src/lib/libcrypto/bn/bn_err.c +++ b/src/lib/libcrypto/bn/bn_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/bn/bn_err.c */ | 1 | /* crypto/bn/bn_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -70,18 +70,30 @@ | |||
| 70 | 70 | ||
| 71 | static ERR_STRING_DATA BN_str_functs[]= | 71 | static ERR_STRING_DATA BN_str_functs[]= |
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(BN_F_BN_BLINDING_CONVERT), "BN_BLINDING_convert"}, | 73 | {ERR_FUNC(BN_F_BNRAND), "BNRAND"}, |
| 74 | {ERR_FUNC(BN_F_BN_BLINDING_INVERT), "BN_BLINDING_invert"}, | 74 | {ERR_FUNC(BN_F_BN_BLINDING_CONVERT_EX), "BN_BLINDING_convert_ex"}, |
| 75 | {ERR_FUNC(BN_F_BN_BLINDING_CREATE_PARAM), "BN_BLINDING_create_param"}, | ||
| 76 | {ERR_FUNC(BN_F_BN_BLINDING_INVERT_EX), "BN_BLINDING_invert_ex"}, | ||
| 75 | {ERR_FUNC(BN_F_BN_BLINDING_NEW), "BN_BLINDING_new"}, | 77 | {ERR_FUNC(BN_F_BN_BLINDING_NEW), "BN_BLINDING_new"}, |
| 76 | {ERR_FUNC(BN_F_BN_BLINDING_UPDATE), "BN_BLINDING_update"}, | 78 | {ERR_FUNC(BN_F_BN_BLINDING_UPDATE), "BN_BLINDING_update"}, |
| 77 | {ERR_FUNC(BN_F_BN_BN2DEC), "BN_bn2dec"}, | 79 | {ERR_FUNC(BN_F_BN_BN2DEC), "BN_bn2dec"}, |
| 78 | {ERR_FUNC(BN_F_BN_BN2HEX), "BN_bn2hex"}, | 80 | {ERR_FUNC(BN_F_BN_BN2HEX), "BN_bn2hex"}, |
| 79 | {ERR_FUNC(BN_F_BN_CTX_GET), "BN_CTX_get"}, | 81 | {ERR_FUNC(BN_F_BN_CTX_GET), "BN_CTX_get"}, |
| 80 | {ERR_FUNC(BN_F_BN_CTX_NEW), "BN_CTX_new"}, | 82 | {ERR_FUNC(BN_F_BN_CTX_NEW), "BN_CTX_new"}, |
| 83 | {ERR_FUNC(BN_F_BN_CTX_START), "BN_CTX_start"}, | ||
| 81 | {ERR_FUNC(BN_F_BN_DIV), "BN_div"}, | 84 | {ERR_FUNC(BN_F_BN_DIV), "BN_div"}, |
| 85 | {ERR_FUNC(BN_F_BN_DIV_NO_BRANCH), "BN_div_no_branch"}, | ||
| 86 | {ERR_FUNC(BN_F_BN_DIV_RECP), "BN_div_recp"}, | ||
| 82 | {ERR_FUNC(BN_F_BN_EXP), "BN_exp"}, | 87 | {ERR_FUNC(BN_F_BN_EXP), "BN_exp"}, |
| 83 | {ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"}, | 88 | {ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"}, |
| 84 | {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "BN_EXPAND_INTERNAL"}, | 89 | {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "BN_EXPAND_INTERNAL"}, |
| 90 | {ERR_FUNC(BN_F_BN_GF2M_MOD), "BN_GF2m_mod"}, | ||
| 91 | {ERR_FUNC(BN_F_BN_GF2M_MOD_EXP), "BN_GF2m_mod_exp"}, | ||
| 92 | {ERR_FUNC(BN_F_BN_GF2M_MOD_MUL), "BN_GF2m_mod_mul"}, | ||
| 93 | {ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD), "BN_GF2m_mod_solve_quad"}, | ||
| 94 | {ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR), "BN_GF2m_mod_solve_quad_arr"}, | ||
| 95 | {ERR_FUNC(BN_F_BN_GF2M_MOD_SQR), "BN_GF2m_mod_sqr"}, | ||
| 96 | {ERR_FUNC(BN_F_BN_GF2M_MOD_SQRT), "BN_GF2m_mod_sqrt"}, | ||
| 85 | {ERR_FUNC(BN_F_BN_MOD_EXP2_MONT), "BN_mod_exp2_mont"}, | 97 | {ERR_FUNC(BN_F_BN_MOD_EXP2_MONT), "BN_mod_exp2_mont"}, |
| 86 | {ERR_FUNC(BN_F_BN_MOD_EXP_MONT), "BN_mod_exp_mont"}, | 98 | {ERR_FUNC(BN_F_BN_MOD_EXP_MONT), "BN_mod_exp_mont"}, |
| 87 | {ERR_FUNC(BN_F_BN_MOD_EXP_MONT_CONSTTIME), "BN_mod_exp_mont_consttime"}, | 99 | {ERR_FUNC(BN_F_BN_MOD_EXP_MONT_CONSTTIME), "BN_mod_exp_mont_consttime"}, |
| @@ -89,6 +101,7 @@ static ERR_STRING_DATA BN_str_functs[]= | |||
| 89 | {ERR_FUNC(BN_F_BN_MOD_EXP_RECP), "BN_mod_exp_recp"}, | 101 | {ERR_FUNC(BN_F_BN_MOD_EXP_RECP), "BN_mod_exp_recp"}, |
| 90 | {ERR_FUNC(BN_F_BN_MOD_EXP_SIMPLE), "BN_mod_exp_simple"}, | 102 | {ERR_FUNC(BN_F_BN_MOD_EXP_SIMPLE), "BN_mod_exp_simple"}, |
| 91 | {ERR_FUNC(BN_F_BN_MOD_INVERSE), "BN_mod_inverse"}, | 103 | {ERR_FUNC(BN_F_BN_MOD_INVERSE), "BN_mod_inverse"}, |
| 104 | {ERR_FUNC(BN_F_BN_MOD_INVERSE_NO_BRANCH), "BN_mod_inverse_no_branch"}, | ||
| 92 | {ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK), "BN_mod_lshift_quick"}, | 105 | {ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK), "BN_mod_lshift_quick"}, |
| 93 | {ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL), "BN_mod_mul_reciprocal"}, | 106 | {ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL), "BN_mod_mul_reciprocal"}, |
| 94 | {ERR_FUNC(BN_F_BN_MOD_SQRT), "BN_mod_sqrt"}, | 107 | {ERR_FUNC(BN_F_BN_MOD_SQRT), "BN_mod_sqrt"}, |
| @@ -115,6 +128,7 @@ static ERR_STRING_DATA BN_str_reasons[]= | |||
| 115 | {ERR_REASON(BN_R_NOT_A_SQUARE) ,"not a square"}, | 128 | {ERR_REASON(BN_R_NOT_A_SQUARE) ,"not a square"}, |
| 116 | {ERR_REASON(BN_R_NOT_INITIALIZED) ,"not initialized"}, | 129 | {ERR_REASON(BN_R_NOT_INITIALIZED) ,"not initialized"}, |
| 117 | {ERR_REASON(BN_R_NO_INVERSE) ,"no inverse"}, | 130 | {ERR_REASON(BN_R_NO_INVERSE) ,"no inverse"}, |
| 131 | {ERR_REASON(BN_R_NO_SOLUTION) ,"no solution"}, | ||
| 118 | {ERR_REASON(BN_R_P_IS_NOT_PRIME) ,"p is not prime"}, | 132 | {ERR_REASON(BN_R_P_IS_NOT_PRIME) ,"p is not prime"}, |
| 119 | {ERR_REASON(BN_R_TOO_MANY_ITERATIONS) ,"too many iterations"}, | 133 | {ERR_REASON(BN_R_TOO_MANY_ITERATIONS) ,"too many iterations"}, |
| 120 | {ERR_REASON(BN_R_TOO_MANY_TEMPORARY_VARIABLES),"too many temporary variables"}, | 134 | {ERR_REASON(BN_R_TOO_MANY_TEMPORARY_VARIABLES),"too many temporary variables"}, |
| @@ -125,15 +139,12 @@ static ERR_STRING_DATA BN_str_reasons[]= | |||
| 125 | 139 | ||
| 126 | void ERR_load_BN_strings(void) | 140 | void ERR_load_BN_strings(void) |
| 127 | { | 141 | { |
| 128 | static int init=1; | 142 | #ifndef OPENSSL_NO_ERR |
| 129 | 143 | ||
| 130 | if (init) | 144 | if (ERR_func_error_string(BN_str_functs[0].error) == NULL) |
| 131 | { | 145 | { |
| 132 | init=0; | ||
| 133 | #ifndef OPENSSL_NO_ERR | ||
| 134 | ERR_load_strings(0,BN_str_functs); | 146 | ERR_load_strings(0,BN_str_functs); |
| 135 | ERR_load_strings(0,BN_str_reasons); | 147 | ERR_load_strings(0,BN_str_reasons); |
| 136 | #endif | ||
| 137 | |||
| 138 | } | 148 | } |
| 149 | #endif | ||
| 139 | } | 150 | } |
diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c index 9e1e88abe8..70a33f0d93 100644 --- a/src/lib/libcrypto/bn/bn_exp.c +++ b/src/lib/libcrypto/bn/bn_exp.c | |||
| @@ -122,9 +122,9 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 122 | int i,bits,ret=0; | 122 | int i,bits,ret=0; |
| 123 | BIGNUM *v,*rr; | 123 | BIGNUM *v,*rr; |
| 124 | 124 | ||
| 125 | if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0) | 125 | if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) |
| 126 | { | 126 | { |
| 127 | /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */ | 127 | /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ |
| 128 | BNerr(BN_F_BN_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 128 | BNerr(BN_F_BN_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 129 | return -1; | 129 | return -1; |
| 130 | } | 130 | } |
| @@ -155,6 +155,7 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 155 | err: | 155 | err: |
| 156 | if (r != rr) BN_copy(r,rr); | 156 | if (r != rr) BN_copy(r,rr); |
| 157 | BN_CTX_end(ctx); | 157 | BN_CTX_end(ctx); |
| 158 | bn_check_top(r); | ||
| 158 | return(ret); | 159 | return(ret); |
| 159 | } | 160 | } |
| 160 | 161 | ||
| @@ -212,7 +213,7 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, | |||
| 212 | if (BN_is_odd(m)) | 213 | if (BN_is_odd(m)) |
| 213 | { | 214 | { |
| 214 | # ifdef MONT_EXP_WORD | 215 | # ifdef MONT_EXP_WORD |
| 215 | if (a->top == 1 && !a->neg && (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) == 0)) | 216 | if (a->top == 1 && !a->neg && (BN_get_flags(p, BN_FLG_CONSTTIME) == 0)) |
| 216 | { | 217 | { |
| 217 | BN_ULONG A = a->d[0]; | 218 | BN_ULONG A = a->d[0]; |
| 218 | ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL); | 219 | ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL); |
| @@ -229,6 +230,7 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, | |||
| 229 | { ret=BN_mod_exp_simple(r,a,p,m,ctx); } | 230 | { ret=BN_mod_exp_simple(r,a,p,m,ctx); } |
| 230 | #endif | 231 | #endif |
| 231 | 232 | ||
| 233 | bn_check_top(r); | ||
| 232 | return(ret); | 234 | return(ret); |
| 233 | } | 235 | } |
| 234 | 236 | ||
| @@ -237,14 +239,15 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||
| 237 | const BIGNUM *m, BN_CTX *ctx) | 239 | const BIGNUM *m, BN_CTX *ctx) |
| 238 | { | 240 | { |
| 239 | int i,j,bits,ret=0,wstart,wend,window,wvalue; | 241 | int i,j,bits,ret=0,wstart,wend,window,wvalue; |
| 240 | int start=1,ts=0; | 242 | int start=1; |
| 241 | BIGNUM *aa; | 243 | BIGNUM *aa; |
| 242 | BIGNUM val[TABLE_SIZE]; | 244 | /* Table of variables obtained from 'ctx' */ |
| 245 | BIGNUM *val[TABLE_SIZE]; | ||
| 243 | BN_RECP_CTX recp; | 246 | BN_RECP_CTX recp; |
| 244 | 247 | ||
| 245 | if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0) | 248 | if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) |
| 246 | { | 249 | { |
| 247 | /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */ | 250 | /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ |
| 248 | BNerr(BN_F_BN_MOD_EXP_RECP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 251 | BNerr(BN_F_BN_MOD_EXP_RECP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 249 | return -1; | 252 | return -1; |
| 250 | } | 253 | } |
| @@ -258,7 +261,9 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||
| 258 | } | 261 | } |
| 259 | 262 | ||
| 260 | BN_CTX_start(ctx); | 263 | BN_CTX_start(ctx); |
| 261 | if ((aa = BN_CTX_get(ctx)) == NULL) goto err; | 264 | aa = BN_CTX_get(ctx); |
| 265 | val[0] = BN_CTX_get(ctx); | ||
| 266 | if(!aa || !val[0]) goto err; | ||
| 262 | 267 | ||
| 263 | BN_RECP_CTX_init(&recp); | 268 | BN_RECP_CTX_init(&recp); |
| 264 | if (m->neg) | 269 | if (m->neg) |
| @@ -273,29 +278,27 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||
| 273 | if (BN_RECP_CTX_set(&recp,m,ctx) <= 0) goto err; | 278 | if (BN_RECP_CTX_set(&recp,m,ctx) <= 0) goto err; |
| 274 | } | 279 | } |
| 275 | 280 | ||
| 276 | BN_init(&(val[0])); | 281 | if (!BN_nnmod(val[0],a,m,ctx)) goto err; /* 1 */ |
| 277 | ts=1; | 282 | if (BN_is_zero(val[0])) |
| 278 | |||
| 279 | if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err; /* 1 */ | ||
| 280 | if (BN_is_zero(&(val[0]))) | ||
| 281 | { | 283 | { |
| 282 | ret = BN_zero(r); | 284 | BN_zero(r); |
| 285 | ret = 1; | ||
| 283 | goto err; | 286 | goto err; |
| 284 | } | 287 | } |
| 285 | 288 | ||
| 286 | window = BN_window_bits_for_exponent_size(bits); | 289 | window = BN_window_bits_for_exponent_size(bits); |
| 287 | if (window > 1) | 290 | if (window > 1) |
| 288 | { | 291 | { |
| 289 | if (!BN_mod_mul_reciprocal(aa,&(val[0]),&(val[0]),&recp,ctx)) | 292 | if (!BN_mod_mul_reciprocal(aa,val[0],val[0],&recp,ctx)) |
| 290 | goto err; /* 2 */ | 293 | goto err; /* 2 */ |
| 291 | j=1<<(window-1); | 294 | j=1<<(window-1); |
| 292 | for (i=1; i<j; i++) | 295 | for (i=1; i<j; i++) |
| 293 | { | 296 | { |
| 294 | BN_init(&val[i]); | 297 | if(((val[i] = BN_CTX_get(ctx)) == NULL) || |
| 295 | if (!BN_mod_mul_reciprocal(&(val[i]),&(val[i-1]),aa,&recp,ctx)) | 298 | !BN_mod_mul_reciprocal(val[i],val[i-1], |
| 299 | aa,&recp,ctx)) | ||
| 296 | goto err; | 300 | goto err; |
| 297 | } | 301 | } |
| 298 | ts=i; | ||
| 299 | } | 302 | } |
| 300 | 303 | ||
| 301 | start=1; /* This is used to avoid multiplication etc | 304 | start=1; /* This is used to avoid multiplication etc |
| @@ -347,7 +350,7 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||
| 347 | } | 350 | } |
| 348 | 351 | ||
| 349 | /* wvalue will be an odd number < 2^window */ | 352 | /* wvalue will be an odd number < 2^window */ |
| 350 | if (!BN_mod_mul_reciprocal(r,r,&(val[wvalue>>1]),&recp,ctx)) | 353 | if (!BN_mod_mul_reciprocal(r,r,val[wvalue>>1],&recp,ctx)) |
| 351 | goto err; | 354 | goto err; |
| 352 | 355 | ||
| 353 | /* move the 'window' down further */ | 356 | /* move the 'window' down further */ |
| @@ -359,9 +362,8 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||
| 359 | ret=1; | 362 | ret=1; |
| 360 | err: | 363 | err: |
| 361 | BN_CTX_end(ctx); | 364 | BN_CTX_end(ctx); |
| 362 | for (i=0; i<ts; i++) | ||
| 363 | BN_clear_free(&(val[i])); | ||
| 364 | BN_RECP_CTX_free(&recp); | 365 | BN_RECP_CTX_free(&recp); |
| 366 | bn_check_top(r); | ||
| 365 | return(ret); | 367 | return(ret); |
| 366 | } | 368 | } |
| 367 | 369 | ||
| @@ -370,13 +372,14 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, | |||
| 370 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) | 372 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) |
| 371 | { | 373 | { |
| 372 | int i,j,bits,ret=0,wstart,wend,window,wvalue; | 374 | int i,j,bits,ret=0,wstart,wend,window,wvalue; |
| 373 | int start=1,ts=0; | 375 | int start=1; |
| 374 | BIGNUM *d,*r; | 376 | BIGNUM *d,*r; |
| 375 | const BIGNUM *aa; | 377 | const BIGNUM *aa; |
| 376 | BIGNUM val[TABLE_SIZE]; | 378 | /* Table of variables obtained from 'ctx' */ |
| 379 | BIGNUM *val[TABLE_SIZE]; | ||
| 377 | BN_MONT_CTX *mont=NULL; | 380 | BN_MONT_CTX *mont=NULL; |
| 378 | 381 | ||
| 379 | if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0) | 382 | if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) |
| 380 | { | 383 | { |
| 381 | return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont); | 384 | return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont); |
| 382 | } | 385 | } |
| @@ -385,7 +388,7 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, | |||
| 385 | bn_check_top(p); | 388 | bn_check_top(p); |
| 386 | bn_check_top(m); | 389 | bn_check_top(m); |
| 387 | 390 | ||
| 388 | if (!(m->d[0] & 1)) | 391 | if (!BN_is_odd(m)) |
| 389 | { | 392 | { |
| 390 | BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS); | 393 | BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS); |
| 391 | return(0); | 394 | return(0); |
| @@ -400,7 +403,8 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, | |||
| 400 | BN_CTX_start(ctx); | 403 | BN_CTX_start(ctx); |
| 401 | d = BN_CTX_get(ctx); | 404 | d = BN_CTX_get(ctx); |
| 402 | r = BN_CTX_get(ctx); | 405 | r = BN_CTX_get(ctx); |
| 403 | if (d == NULL || r == NULL) goto err; | 406 | val[0] = BN_CTX_get(ctx); |
| 407 | if (!d || !r || !val[0]) goto err; | ||
| 404 | 408 | ||
| 405 | /* If this is not done, things will break in the montgomery | 409 | /* If this is not done, things will break in the montgomery |
| 406 | * part */ | 410 | * part */ |
| @@ -413,35 +417,34 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, | |||
| 413 | if (!BN_MONT_CTX_set(mont,m,ctx)) goto err; | 417 | if (!BN_MONT_CTX_set(mont,m,ctx)) goto err; |
| 414 | } | 418 | } |
| 415 | 419 | ||
| 416 | BN_init(&val[0]); | ||
| 417 | ts=1; | ||
| 418 | if (a->neg || BN_ucmp(a,m) >= 0) | 420 | if (a->neg || BN_ucmp(a,m) >= 0) |
| 419 | { | 421 | { |
| 420 | if (!BN_nnmod(&(val[0]),a,m,ctx)) | 422 | if (!BN_nnmod(val[0],a,m,ctx)) |
| 421 | goto err; | 423 | goto err; |
| 422 | aa= &(val[0]); | 424 | aa= val[0]; |
| 423 | } | 425 | } |
| 424 | else | 426 | else |
| 425 | aa=a; | 427 | aa=a; |
| 426 | if (BN_is_zero(aa)) | 428 | if (BN_is_zero(aa)) |
| 427 | { | 429 | { |
| 428 | ret = BN_zero(rr); | 430 | BN_zero(rr); |
| 431 | ret = 1; | ||
| 429 | goto err; | 432 | goto err; |
| 430 | } | 433 | } |
| 431 | if (!BN_to_montgomery(&(val[0]),aa,mont,ctx)) goto err; /* 1 */ | 434 | if (!BN_to_montgomery(val[0],aa,mont,ctx)) goto err; /* 1 */ |
| 432 | 435 | ||
| 433 | window = BN_window_bits_for_exponent_size(bits); | 436 | window = BN_window_bits_for_exponent_size(bits); |
| 434 | if (window > 1) | 437 | if (window > 1) |
| 435 | { | 438 | { |
| 436 | if (!BN_mod_mul_montgomery(d,&(val[0]),&(val[0]),mont,ctx)) goto err; /* 2 */ | 439 | if (!BN_mod_mul_montgomery(d,val[0],val[0],mont,ctx)) goto err; /* 2 */ |
| 437 | j=1<<(window-1); | 440 | j=1<<(window-1); |
| 438 | for (i=1; i<j; i++) | 441 | for (i=1; i<j; i++) |
| 439 | { | 442 | { |
| 440 | BN_init(&(val[i])); | 443 | if(((val[i] = BN_CTX_get(ctx)) == NULL) || |
| 441 | if (!BN_mod_mul_montgomery(&(val[i]),&(val[i-1]),d,mont,ctx)) | 444 | !BN_mod_mul_montgomery(val[i],val[i-1], |
| 445 | d,mont,ctx)) | ||
| 442 | goto err; | 446 | goto err; |
| 443 | } | 447 | } |
| 444 | ts=i; | ||
| 445 | } | 448 | } |
| 446 | 449 | ||
| 447 | start=1; /* This is used to avoid multiplication etc | 450 | start=1; /* This is used to avoid multiplication etc |
| @@ -494,7 +497,7 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, | |||
| 494 | } | 497 | } |
| 495 | 498 | ||
| 496 | /* wvalue will be an odd number < 2^window */ | 499 | /* wvalue will be an odd number < 2^window */ |
| 497 | if (!BN_mod_mul_montgomery(r,r,&(val[wvalue>>1]),mont,ctx)) | 500 | if (!BN_mod_mul_montgomery(r,r,val[wvalue>>1],mont,ctx)) |
| 498 | goto err; | 501 | goto err; |
| 499 | 502 | ||
| 500 | /* move the 'window' down further */ | 503 | /* move the 'window' down further */ |
| @@ -508,8 +511,7 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, | |||
| 508 | err: | 511 | err: |
| 509 | if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); | 512 | if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); |
| 510 | BN_CTX_end(ctx); | 513 | BN_CTX_end(ctx); |
| 511 | for (i=0; i<ts; i++) | 514 | bn_check_top(rr); |
| 512 | BN_clear_free(&(val[i])); | ||
| 513 | return(ret); | 515 | return(ret); |
| 514 | } | 516 | } |
| 515 | 517 | ||
| @@ -535,7 +537,7 @@ static int MOD_EXP_CTIME_COPY_TO_PREBUF(BIGNUM *b, int top, unsigned char *buf, | |||
| 535 | buf[j] = ((unsigned char*)b->d)[i]; | 537 | buf[j] = ((unsigned char*)b->d)[i]; |
| 536 | } | 538 | } |
| 537 | 539 | ||
| 538 | bn_fix_top(b); | 540 | bn_correct_top(b); |
| 539 | return 1; | 541 | return 1; |
| 540 | } | 542 | } |
| 541 | 543 | ||
| @@ -552,7 +554,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top, unsigned char *buf | |||
| 552 | } | 554 | } |
| 553 | 555 | ||
| 554 | b->top = top; | 556 | b->top = top; |
| 555 | bn_fix_top(b); | 557 | bn_correct_top(b); |
| 556 | return 1; | 558 | return 1; |
| 557 | } | 559 | } |
| 558 | 560 | ||
| @@ -743,9 +745,9 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, | |||
| 743 | #define BN_TO_MONTGOMERY_WORD(r, w, mont) \ | 745 | #define BN_TO_MONTGOMERY_WORD(r, w, mont) \ |
| 744 | (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx)) | 746 | (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx)) |
| 745 | 747 | ||
| 746 | if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0) | 748 | if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) |
| 747 | { | 749 | { |
| 748 | /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */ | 750 | /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ |
| 749 | BNerr(BN_F_BN_MOD_EXP_MONT_WORD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 751 | BNerr(BN_F_BN_MOD_EXP_MONT_WORD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 750 | return -1; | 752 | return -1; |
| 751 | } | 753 | } |
| @@ -753,7 +755,7 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, | |||
| 753 | bn_check_top(p); | 755 | bn_check_top(p); |
| 754 | bn_check_top(m); | 756 | bn_check_top(m); |
| 755 | 757 | ||
| 756 | if (m->top == 0 || !(m->d[0] & 1)) | 758 | if (!BN_is_odd(m)) |
| 757 | { | 759 | { |
| 758 | BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS); | 760 | BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS); |
| 759 | return(0); | 761 | return(0); |
| @@ -769,7 +771,8 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, | |||
| 769 | } | 771 | } |
| 770 | if (a == 0) | 772 | if (a == 0) |
| 771 | { | 773 | { |
| 772 | ret = BN_zero(rr); | 774 | BN_zero(rr); |
| 775 | ret = 1; | ||
| 773 | return ret; | 776 | return ret; |
| 774 | } | 777 | } |
| 775 | 778 | ||
| @@ -863,23 +866,24 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, | |||
| 863 | err: | 866 | err: |
| 864 | if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); | 867 | if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); |
| 865 | BN_CTX_end(ctx); | 868 | BN_CTX_end(ctx); |
| 869 | bn_check_top(rr); | ||
| 866 | return(ret); | 870 | return(ret); |
| 867 | } | 871 | } |
| 868 | 872 | ||
| 869 | 873 | ||
| 870 | /* The old fallback, simple version :-) */ | 874 | /* The old fallback, simple version :-) */ |
| 871 | int BN_mod_exp_simple(BIGNUM *r, | 875 | int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, |
| 872 | const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, | 876 | const BIGNUM *m, BN_CTX *ctx) |
| 873 | BN_CTX *ctx) | ||
| 874 | { | 877 | { |
| 875 | int i,j,bits,ret=0,wstart,wend,window,wvalue,ts=0; | 878 | int i,j,bits,ret=0,wstart,wend,window,wvalue; |
| 876 | int start=1; | 879 | int start=1; |
| 877 | BIGNUM *d; | 880 | BIGNUM *d; |
| 878 | BIGNUM val[TABLE_SIZE]; | 881 | /* Table of variables obtained from 'ctx' */ |
| 882 | BIGNUM *val[TABLE_SIZE]; | ||
| 879 | 883 | ||
| 880 | if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0) | 884 | if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) |
| 881 | { | 885 | { |
| 882 | /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */ | 886 | /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ |
| 883 | BNerr(BN_F_BN_MOD_EXP_SIMPLE,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 887 | BNerr(BN_F_BN_MOD_EXP_SIMPLE,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 884 | return -1; | 888 | return -1; |
| 885 | } | 889 | } |
| @@ -893,30 +897,30 @@ int BN_mod_exp_simple(BIGNUM *r, | |||
| 893 | } | 897 | } |
| 894 | 898 | ||
| 895 | BN_CTX_start(ctx); | 899 | BN_CTX_start(ctx); |
| 896 | if ((d = BN_CTX_get(ctx)) == NULL) goto err; | 900 | d = BN_CTX_get(ctx); |
| 901 | val[0] = BN_CTX_get(ctx); | ||
| 902 | if(!d || !val[0]) goto err; | ||
| 897 | 903 | ||
| 898 | BN_init(&(val[0])); | 904 | if (!BN_nnmod(val[0],a,m,ctx)) goto err; /* 1 */ |
| 899 | ts=1; | 905 | if (BN_is_zero(val[0])) |
| 900 | if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err; /* 1 */ | ||
| 901 | if (BN_is_zero(&(val[0]))) | ||
| 902 | { | 906 | { |
| 903 | ret = BN_zero(r); | 907 | BN_zero(r); |
| 908 | ret = 1; | ||
| 904 | goto err; | 909 | goto err; |
| 905 | } | 910 | } |
| 906 | 911 | ||
| 907 | window = BN_window_bits_for_exponent_size(bits); | 912 | window = BN_window_bits_for_exponent_size(bits); |
| 908 | if (window > 1) | 913 | if (window > 1) |
| 909 | { | 914 | { |
| 910 | if (!BN_mod_mul(d,&(val[0]),&(val[0]),m,ctx)) | 915 | if (!BN_mod_mul(d,val[0],val[0],m,ctx)) |
| 911 | goto err; /* 2 */ | 916 | goto err; /* 2 */ |
| 912 | j=1<<(window-1); | 917 | j=1<<(window-1); |
| 913 | for (i=1; i<j; i++) | 918 | for (i=1; i<j; i++) |
| 914 | { | 919 | { |
| 915 | BN_init(&(val[i])); | 920 | if(((val[i] = BN_CTX_get(ctx)) == NULL) || |
| 916 | if (!BN_mod_mul(&(val[i]),&(val[i-1]),d,m,ctx)) | 921 | !BN_mod_mul(val[i],val[i-1],d,m,ctx)) |
| 917 | goto err; | 922 | goto err; |
| 918 | } | 923 | } |
| 919 | ts=i; | ||
| 920 | } | 924 | } |
| 921 | 925 | ||
| 922 | start=1; /* This is used to avoid multiplication etc | 926 | start=1; /* This is used to avoid multiplication etc |
| @@ -968,7 +972,7 @@ int BN_mod_exp_simple(BIGNUM *r, | |||
| 968 | } | 972 | } |
| 969 | 973 | ||
| 970 | /* wvalue will be an odd number < 2^window */ | 974 | /* wvalue will be an odd number < 2^window */ |
| 971 | if (!BN_mod_mul(r,r,&(val[wvalue>>1]),m,ctx)) | 975 | if (!BN_mod_mul(r,r,val[wvalue>>1],m,ctx)) |
| 972 | goto err; | 976 | goto err; |
| 973 | 977 | ||
| 974 | /* move the 'window' down further */ | 978 | /* move the 'window' down further */ |
| @@ -980,8 +984,7 @@ int BN_mod_exp_simple(BIGNUM *r, | |||
| 980 | ret=1; | 984 | ret=1; |
| 981 | err: | 985 | err: |
| 982 | BN_CTX_end(ctx); | 986 | BN_CTX_end(ctx); |
| 983 | for (i=0; i<ts; i++) | 987 | bn_check_top(r); |
| 984 | BN_clear_free(&(val[i])); | ||
| 985 | return(ret); | 988 | return(ret); |
| 986 | } | 989 | } |
| 987 | 990 | ||
diff --git a/src/lib/libcrypto/bn/bn_exp2.c b/src/lib/libcrypto/bn/bn_exp2.c index 73ccd58a83..b3f43cec8c 100644 --- a/src/lib/libcrypto/bn/bn_exp2.c +++ b/src/lib/libcrypto/bn/bn_exp2.c | |||
| @@ -120,10 +120,11 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, | |||
| 120 | BN_CTX *ctx, BN_MONT_CTX *in_mont) | 120 | BN_CTX *ctx, BN_MONT_CTX *in_mont) |
| 121 | { | 121 | { |
| 122 | int i,j,bits,b,bits1,bits2,ret=0,wpos1,wpos2,window1,window2,wvalue1,wvalue2; | 122 | int i,j,bits,b,bits1,bits2,ret=0,wpos1,wpos2,window1,window2,wvalue1,wvalue2; |
| 123 | int r_is_one=1,ts1=0,ts2=0; | 123 | int r_is_one=1; |
| 124 | BIGNUM *d,*r; | 124 | BIGNUM *d,*r; |
| 125 | const BIGNUM *a_mod_m; | 125 | const BIGNUM *a_mod_m; |
| 126 | BIGNUM val1[TABLE_SIZE], val2[TABLE_SIZE]; | 126 | /* Tables of variables obtained from 'ctx' */ |
| 127 | BIGNUM *val1[TABLE_SIZE], *val2[TABLE_SIZE]; | ||
| 127 | BN_MONT_CTX *mont=NULL; | 128 | BN_MONT_CTX *mont=NULL; |
| 128 | 129 | ||
| 129 | bn_check_top(a1); | 130 | bn_check_top(a1); |
| @@ -150,7 +151,9 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, | |||
| 150 | BN_CTX_start(ctx); | 151 | BN_CTX_start(ctx); |
| 151 | d = BN_CTX_get(ctx); | 152 | d = BN_CTX_get(ctx); |
| 152 | r = BN_CTX_get(ctx); | 153 | r = BN_CTX_get(ctx); |
| 153 | if (d == NULL || r == NULL) goto err; | 154 | val1[0] = BN_CTX_get(ctx); |
| 155 | val2[0] = BN_CTX_get(ctx); | ||
| 156 | if(!d || !r || !val1[0] || !val2[0]) goto err; | ||
| 154 | 157 | ||
| 155 | if (in_mont != NULL) | 158 | if (in_mont != NULL) |
| 156 | mont=in_mont; | 159 | mont=in_mont; |
| @@ -166,69 +169,67 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, | |||
| 166 | /* | 169 | /* |
| 167 | * Build table for a1: val1[i] := a1^(2*i + 1) mod m for i = 0 .. 2^(window1-1) | 170 | * Build table for a1: val1[i] := a1^(2*i + 1) mod m for i = 0 .. 2^(window1-1) |
| 168 | */ | 171 | */ |
| 169 | BN_init(&val1[0]); | ||
| 170 | ts1=1; | ||
| 171 | if (a1->neg || BN_ucmp(a1,m) >= 0) | 172 | if (a1->neg || BN_ucmp(a1,m) >= 0) |
| 172 | { | 173 | { |
| 173 | if (!BN_mod(&(val1[0]),a1,m,ctx)) | 174 | if (!BN_mod(val1[0],a1,m,ctx)) |
| 174 | goto err; | 175 | goto err; |
| 175 | a_mod_m = &(val1[0]); | 176 | a_mod_m = val1[0]; |
| 176 | } | 177 | } |
| 177 | else | 178 | else |
| 178 | a_mod_m = a1; | 179 | a_mod_m = a1; |
| 179 | if (BN_is_zero(a_mod_m)) | 180 | if (BN_is_zero(a_mod_m)) |
| 180 | { | 181 | { |
| 181 | ret = BN_zero(rr); | 182 | BN_zero(rr); |
| 183 | ret = 1; | ||
| 182 | goto err; | 184 | goto err; |
| 183 | } | 185 | } |
| 184 | 186 | ||
| 185 | if (!BN_to_montgomery(&(val1[0]),a_mod_m,mont,ctx)) goto err; | 187 | if (!BN_to_montgomery(val1[0],a_mod_m,mont,ctx)) goto err; |
| 186 | if (window1 > 1) | 188 | if (window1 > 1) |
| 187 | { | 189 | { |
| 188 | if (!BN_mod_mul_montgomery(d,&(val1[0]),&(val1[0]),mont,ctx)) goto err; | 190 | if (!BN_mod_mul_montgomery(d,val1[0],val1[0],mont,ctx)) goto err; |
| 189 | 191 | ||
| 190 | j=1<<(window1-1); | 192 | j=1<<(window1-1); |
| 191 | for (i=1; i<j; i++) | 193 | for (i=1; i<j; i++) |
| 192 | { | 194 | { |
| 193 | BN_init(&(val1[i])); | 195 | if(((val1[i] = BN_CTX_get(ctx)) == NULL) || |
| 194 | if (!BN_mod_mul_montgomery(&(val1[i]),&(val1[i-1]),d,mont,ctx)) | 196 | !BN_mod_mul_montgomery(val1[i],val1[i-1], |
| 197 | d,mont,ctx)) | ||
| 195 | goto err; | 198 | goto err; |
| 196 | } | 199 | } |
| 197 | ts1=i; | ||
| 198 | } | 200 | } |
| 199 | 201 | ||
| 200 | 202 | ||
| 201 | /* | 203 | /* |
| 202 | * Build table for a2: val2[i] := a2^(2*i + 1) mod m for i = 0 .. 2^(window2-1) | 204 | * Build table for a2: val2[i] := a2^(2*i + 1) mod m for i = 0 .. 2^(window2-1) |
| 203 | */ | 205 | */ |
| 204 | BN_init(&val2[0]); | ||
| 205 | ts2=1; | ||
| 206 | if (a2->neg || BN_ucmp(a2,m) >= 0) | 206 | if (a2->neg || BN_ucmp(a2,m) >= 0) |
| 207 | { | 207 | { |
| 208 | if (!BN_mod(&(val2[0]),a2,m,ctx)) | 208 | if (!BN_mod(val2[0],a2,m,ctx)) |
| 209 | goto err; | 209 | goto err; |
| 210 | a_mod_m = &(val2[0]); | 210 | a_mod_m = val2[0]; |
| 211 | } | 211 | } |
| 212 | else | 212 | else |
| 213 | a_mod_m = a2; | 213 | a_mod_m = a2; |
| 214 | if (BN_is_zero(a_mod_m)) | 214 | if (BN_is_zero(a_mod_m)) |
| 215 | { | 215 | { |
| 216 | ret = BN_zero(rr); | 216 | BN_zero(rr); |
| 217 | ret = 1; | ||
| 217 | goto err; | 218 | goto err; |
| 218 | } | 219 | } |
| 219 | if (!BN_to_montgomery(&(val2[0]),a_mod_m,mont,ctx)) goto err; | 220 | if (!BN_to_montgomery(val2[0],a_mod_m,mont,ctx)) goto err; |
| 220 | if (window2 > 1) | 221 | if (window2 > 1) |
| 221 | { | 222 | { |
| 222 | if (!BN_mod_mul_montgomery(d,&(val2[0]),&(val2[0]),mont,ctx)) goto err; | 223 | if (!BN_mod_mul_montgomery(d,val2[0],val2[0],mont,ctx)) goto err; |
| 223 | 224 | ||
| 224 | j=1<<(window2-1); | 225 | j=1<<(window2-1); |
| 225 | for (i=1; i<j; i++) | 226 | for (i=1; i<j; i++) |
| 226 | { | 227 | { |
| 227 | BN_init(&(val2[i])); | 228 | if(((val2[i] = BN_CTX_get(ctx)) == NULL) || |
| 228 | if (!BN_mod_mul_montgomery(&(val2[i]),&(val2[i-1]),d,mont,ctx)) | 229 | !BN_mod_mul_montgomery(val2[i],val2[i-1], |
| 230 | d,mont,ctx)) | ||
| 229 | goto err; | 231 | goto err; |
| 230 | } | 232 | } |
| 231 | ts2=i; | ||
| 232 | } | 233 | } |
| 233 | 234 | ||
| 234 | 235 | ||
| @@ -285,7 +286,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, | |||
| 285 | if (wvalue1 && b == wpos1) | 286 | if (wvalue1 && b == wpos1) |
| 286 | { | 287 | { |
| 287 | /* wvalue1 is odd and < 2^window1 */ | 288 | /* wvalue1 is odd and < 2^window1 */ |
| 288 | if (!BN_mod_mul_montgomery(r,r,&(val1[wvalue1>>1]),mont,ctx)) | 289 | if (!BN_mod_mul_montgomery(r,r,val1[wvalue1>>1],mont,ctx)) |
| 289 | goto err; | 290 | goto err; |
| 290 | wvalue1 = 0; | 291 | wvalue1 = 0; |
| 291 | r_is_one = 0; | 292 | r_is_one = 0; |
| @@ -294,7 +295,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, | |||
| 294 | if (wvalue2 && b == wpos2) | 295 | if (wvalue2 && b == wpos2) |
| 295 | { | 296 | { |
| 296 | /* wvalue2 is odd and < 2^window2 */ | 297 | /* wvalue2 is odd and < 2^window2 */ |
| 297 | if (!BN_mod_mul_montgomery(r,r,&(val2[wvalue2>>1]),mont,ctx)) | 298 | if (!BN_mod_mul_montgomery(r,r,val2[wvalue2>>1],mont,ctx)) |
| 298 | goto err; | 299 | goto err; |
| 299 | wvalue2 = 0; | 300 | wvalue2 = 0; |
| 300 | r_is_one = 0; | 301 | r_is_one = 0; |
| @@ -305,9 +306,6 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, | |||
| 305 | err: | 306 | err: |
| 306 | if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); | 307 | if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); |
| 307 | BN_CTX_end(ctx); | 308 | BN_CTX_end(ctx); |
| 308 | for (i=0; i<ts1; i++) | 309 | bn_check_top(rr); |
| 309 | BN_clear_free(&(val1[i])); | ||
| 310 | for (i=0; i<ts2; i++) | ||
| 311 | BN_clear_free(&(val2[i])); | ||
| 312 | return(ret); | 310 | return(ret); |
| 313 | } | 311 | } |
diff --git a/src/lib/libcrypto/bn/bn_gcd.c b/src/lib/libcrypto/bn/bn_gcd.c index 7649f63fd2..4a352119ba 100644 --- a/src/lib/libcrypto/bn/bn_gcd.c +++ b/src/lib/libcrypto/bn/bn_gcd.c | |||
| @@ -140,6 +140,7 @@ int BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx) | |||
| 140 | ret=1; | 140 | ret=1; |
| 141 | err: | 141 | err: |
| 142 | BN_CTX_end(ctx); | 142 | BN_CTX_end(ctx); |
| 143 | bn_check_top(r); | ||
| 143 | return(ret); | 144 | return(ret); |
| 144 | } | 145 | } |
| 145 | 146 | ||
| @@ -194,6 +195,7 @@ static BIGNUM *euclid(BIGNUM *a, BIGNUM *b) | |||
| 194 | { | 195 | { |
| 195 | if (!BN_lshift(a,a,shifts)) goto err; | 196 | if (!BN_lshift(a,a,shifts)) goto err; |
| 196 | } | 197 | } |
| 198 | bn_check_top(a); | ||
| 197 | return(a); | 199 | return(a); |
| 198 | err: | 200 | err: |
| 199 | return(NULL); | 201 | return(NULL); |
| @@ -201,6 +203,8 @@ err: | |||
| 201 | 203 | ||
| 202 | 204 | ||
| 203 | /* solves ax == 1 (mod n) */ | 205 | /* solves ax == 1 (mod n) */ |
| 206 | static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in, | ||
| 207 | const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx); | ||
| 204 | BIGNUM *BN_mod_inverse(BIGNUM *in, | 208 | BIGNUM *BN_mod_inverse(BIGNUM *in, |
| 205 | const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) | 209 | const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) |
| 206 | { | 210 | { |
| @@ -208,6 +212,11 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, | |||
| 208 | BIGNUM *ret=NULL; | 212 | BIGNUM *ret=NULL; |
| 209 | int sign; | 213 | int sign; |
| 210 | 214 | ||
| 215 | if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(n, BN_FLG_CONSTTIME) != 0)) | ||
| 216 | { | ||
| 217 | return BN_mod_inverse_no_branch(in, a, n, ctx); | ||
| 218 | } | ||
| 219 | |||
| 211 | bn_check_top(a); | 220 | bn_check_top(a); |
| 212 | bn_check_top(n); | 221 | bn_check_top(n); |
| 213 | 222 | ||
| @@ -486,5 +495,160 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, | |||
| 486 | err: | 495 | err: |
| 487 | if ((ret == NULL) && (in == NULL)) BN_free(R); | 496 | if ((ret == NULL) && (in == NULL)) BN_free(R); |
| 488 | BN_CTX_end(ctx); | 497 | BN_CTX_end(ctx); |
| 498 | bn_check_top(ret); | ||
| 499 | return(ret); | ||
| 500 | } | ||
| 501 | |||
| 502 | |||
| 503 | /* BN_mod_inverse_no_branch is a special version of BN_mod_inverse. | ||
| 504 | * It does not contain branches that may leak sensitive information. | ||
| 505 | */ | ||
| 506 | static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in, | ||
| 507 | const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) | ||
| 508 | { | ||
| 509 | BIGNUM *A,*B,*X,*Y,*M,*D,*T,*R=NULL; | ||
| 510 | BIGNUM local_A, local_B; | ||
| 511 | BIGNUM *pA, *pB; | ||
| 512 | BIGNUM *ret=NULL; | ||
| 513 | int sign; | ||
| 514 | |||
| 515 | bn_check_top(a); | ||
| 516 | bn_check_top(n); | ||
| 517 | |||
| 518 | BN_CTX_start(ctx); | ||
| 519 | A = BN_CTX_get(ctx); | ||
| 520 | B = BN_CTX_get(ctx); | ||
| 521 | X = BN_CTX_get(ctx); | ||
| 522 | D = BN_CTX_get(ctx); | ||
| 523 | M = BN_CTX_get(ctx); | ||
| 524 | Y = BN_CTX_get(ctx); | ||
| 525 | T = BN_CTX_get(ctx); | ||
| 526 | if (T == NULL) goto err; | ||
| 527 | |||
| 528 | if (in == NULL) | ||
| 529 | R=BN_new(); | ||
| 530 | else | ||
| 531 | R=in; | ||
| 532 | if (R == NULL) goto err; | ||
| 533 | |||
| 534 | BN_one(X); | ||
| 535 | BN_zero(Y); | ||
| 536 | if (BN_copy(B,a) == NULL) goto err; | ||
| 537 | if (BN_copy(A,n) == NULL) goto err; | ||
| 538 | A->neg = 0; | ||
| 539 | |||
| 540 | if (B->neg || (BN_ucmp(B, A) >= 0)) | ||
| 541 | { | ||
| 542 | /* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked, | ||
| 543 | * BN_div_no_branch will be called eventually. | ||
| 544 | */ | ||
| 545 | pB = &local_B; | ||
| 546 | BN_with_flags(pB, B, BN_FLG_CONSTTIME); | ||
| 547 | if (!BN_nnmod(B, pB, A, ctx)) goto err; | ||
| 548 | } | ||
| 549 | sign = -1; | ||
| 550 | /* From B = a mod |n|, A = |n| it follows that | ||
| 551 | * | ||
| 552 | * 0 <= B < A, | ||
| 553 | * -sign*X*a == B (mod |n|), | ||
| 554 | * sign*Y*a == A (mod |n|). | ||
| 555 | */ | ||
| 556 | |||
| 557 | while (!BN_is_zero(B)) | ||
| 558 | { | ||
| 559 | BIGNUM *tmp; | ||
| 560 | |||
| 561 | /* | ||
| 562 | * 0 < B < A, | ||
| 563 | * (*) -sign*X*a == B (mod |n|), | ||
| 564 | * sign*Y*a == A (mod |n|) | ||
| 565 | */ | ||
| 566 | |||
| 567 | /* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked, | ||
| 568 | * BN_div_no_branch will be called eventually. | ||
| 569 | */ | ||
| 570 | pA = &local_A; | ||
| 571 | BN_with_flags(pA, A, BN_FLG_CONSTTIME); | ||
| 572 | |||
| 573 | /* (D, M) := (A/B, A%B) ... */ | ||
| 574 | if (!BN_div(D,M,pA,B,ctx)) goto err; | ||
| 575 | |||
| 576 | /* Now | ||
| 577 | * A = D*B + M; | ||
| 578 | * thus we have | ||
| 579 | * (**) sign*Y*a == D*B + M (mod |n|). | ||
| 580 | */ | ||
| 581 | |||
| 582 | tmp=A; /* keep the BIGNUM object, the value does not matter */ | ||
| 583 | |||
| 584 | /* (A, B) := (B, A mod B) ... */ | ||
| 585 | A=B; | ||
| 586 | B=M; | ||
| 587 | /* ... so we have 0 <= B < A again */ | ||
| 588 | |||
| 589 | /* Since the former M is now B and the former B is now A, | ||
| 590 | * (**) translates into | ||
| 591 | * sign*Y*a == D*A + B (mod |n|), | ||
| 592 | * i.e. | ||
| 593 | * sign*Y*a - D*A == B (mod |n|). | ||
| 594 | * Similarly, (*) translates into | ||
| 595 | * -sign*X*a == A (mod |n|). | ||
| 596 | * | ||
| 597 | * Thus, | ||
| 598 | * sign*Y*a + D*sign*X*a == B (mod |n|), | ||
| 599 | * i.e. | ||
| 600 | * sign*(Y + D*X)*a == B (mod |n|). | ||
| 601 | * | ||
| 602 | * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at | ||
| 603 | * -sign*X*a == B (mod |n|), | ||
| 604 | * sign*Y*a == A (mod |n|). | ||
| 605 | * Note that X and Y stay non-negative all the time. | ||
| 606 | */ | ||
| 607 | |||
| 608 | if (!BN_mul(tmp,D,X,ctx)) goto err; | ||
| 609 | if (!BN_add(tmp,tmp,Y)) goto err; | ||
| 610 | |||
| 611 | M=Y; /* keep the BIGNUM object, the value does not matter */ | ||
| 612 | Y=X; | ||
| 613 | X=tmp; | ||
| 614 | sign = -sign; | ||
| 615 | } | ||
| 616 | |||
| 617 | /* | ||
| 618 | * The while loop (Euclid's algorithm) ends when | ||
| 619 | * A == gcd(a,n); | ||
| 620 | * we have | ||
| 621 | * sign*Y*a == A (mod |n|), | ||
| 622 | * where Y is non-negative. | ||
| 623 | */ | ||
| 624 | |||
| 625 | if (sign < 0) | ||
| 626 | { | ||
| 627 | if (!BN_sub(Y,n,Y)) goto err; | ||
| 628 | } | ||
| 629 | /* Now Y*a == A (mod |n|). */ | ||
| 630 | |||
| 631 | if (BN_is_one(A)) | ||
| 632 | { | ||
| 633 | /* Y*a == 1 (mod |n|) */ | ||
| 634 | if (!Y->neg && BN_ucmp(Y,n) < 0) | ||
| 635 | { | ||
| 636 | if (!BN_copy(R,Y)) goto err; | ||
| 637 | } | ||
| 638 | else | ||
| 639 | { | ||
| 640 | if (!BN_nnmod(R,Y,n,ctx)) goto err; | ||
| 641 | } | ||
| 642 | } | ||
| 643 | else | ||
| 644 | { | ||
| 645 | BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH,BN_R_NO_INVERSE); | ||
| 646 | goto err; | ||
| 647 | } | ||
| 648 | ret=R; | ||
| 649 | err: | ||
| 650 | if ((ret == NULL) && (in == NULL)) BN_free(R); | ||
| 651 | BN_CTX_end(ctx); | ||
| 652 | bn_check_top(ret); | ||
| 489 | return(ret); | 653 | return(ret); |
| 490 | } | 654 | } |
diff --git a/src/lib/libcrypto/bn/bn_kron.c b/src/lib/libcrypto/bn/bn_kron.c index 49f75594ae..740359b752 100644 --- a/src/lib/libcrypto/bn/bn_kron.c +++ b/src/lib/libcrypto/bn/bn_kron.c | |||
| @@ -53,9 +53,9 @@ | |||
| 53 | * | 53 | * |
| 54 | */ | 54 | */ |
| 55 | 55 | ||
| 56 | #include "cryptlib.h" | ||
| 56 | #include "bn_lcl.h" | 57 | #include "bn_lcl.h" |
| 57 | 58 | ||
| 58 | |||
| 59 | /* least significant word */ | 59 | /* least significant word */ |
| 60 | #define BN_lsw(n) (((n)->top == 0) ? (BN_ULONG) 0 : (n)->d[0]) | 60 | #define BN_lsw(n) (((n)->top == 0) ? (BN_ULONG) 0 : (n)->d[0]) |
| 61 | 61 | ||
| @@ -74,6 +74,9 @@ int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | |||
| 74 | */ | 74 | */ |
| 75 | static const int tab[8] = {0, 1, 0, -1, 0, -1, 0, 1}; | 75 | static const int tab[8] = {0, 1, 0, -1, 0, -1, 0, 1}; |
| 76 | 76 | ||
| 77 | bn_check_top(a); | ||
| 78 | bn_check_top(b); | ||
| 79 | |||
| 77 | BN_CTX_start(ctx); | 80 | BN_CTX_start(ctx); |
| 78 | A = BN_CTX_get(ctx); | 81 | A = BN_CTX_get(ctx); |
| 79 | B = BN_CTX_get(ctx); | 82 | B = BN_CTX_get(ctx); |
| @@ -172,8 +175,7 @@ int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | |||
| 172 | tmp = A; A = B; B = tmp; | 175 | tmp = A; A = B; B = tmp; |
| 173 | tmp->neg = 0; | 176 | tmp->neg = 0; |
| 174 | } | 177 | } |
| 175 | 178 | end: | |
| 176 | end: | ||
| 177 | BN_CTX_end(ctx); | 179 | BN_CTX_end(ctx); |
| 178 | if (err) | 180 | if (err) |
| 179 | return -2; | 181 | return -2; |
diff --git a/src/lib/libcrypto/bn/bn_lcl.h b/src/lib/libcrypto/bn/bn_lcl.h index a84998f2bd..27ac4397a1 100644 --- a/src/lib/libcrypto/bn/bn_lcl.h +++ b/src/lib/libcrypto/bn/bn_lcl.h | |||
| @@ -119,20 +119,6 @@ extern "C" { | |||
| 119 | #endif | 119 | #endif |
| 120 | 120 | ||
| 121 | 121 | ||
| 122 | /* Used for temp variables */ | ||
| 123 | #define BN_CTX_NUM 32 | ||
| 124 | #define BN_CTX_NUM_POS 12 | ||
| 125 | struct bignum_ctx | ||
| 126 | { | ||
| 127 | int tos; | ||
| 128 | BIGNUM bn[BN_CTX_NUM]; | ||
| 129 | int flags; | ||
| 130 | int depth; | ||
| 131 | int pos[BN_CTX_NUM_POS]; | ||
| 132 | int too_many; | ||
| 133 | } /* BN_CTX */; | ||
| 134 | |||
| 135 | |||
| 136 | /* | 122 | /* |
| 137 | * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions | 123 | * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions |
| 138 | * | 124 | * |
| @@ -284,6 +270,15 @@ struct bignum_ctx | |||
| 284 | : "a"(a),"g"(b) \ | 270 | : "a"(a),"g"(b) \ |
| 285 | : "cc"); | 271 | : "cc"); |
| 286 | # endif | 272 | # endif |
| 273 | # elif (defined(_M_AMD64) || defined(_M_X64)) && defined(SIXTY_FOUR_BIT) | ||
| 274 | # if defined(_MSC_VER) && _MSC_VER>=1400 | ||
| 275 | unsigned __int64 __umulh (unsigned __int64 a,unsigned __int64 b); | ||
| 276 | unsigned __int64 _umul128 (unsigned __int64 a,unsigned __int64 b, | ||
| 277 | unsigned __int64 *h); | ||
| 278 | # pragma intrinsic(__umulh,_umul128) | ||
| 279 | # define BN_UMULT_HIGH(a,b) __umulh((a),(b)) | ||
| 280 | # define BN_UMULT_LOHI(low,high,a,b) ((low)=_umul128((a),(b),&(high))) | ||
| 281 | # endif | ||
| 287 | # endif /* cpu */ | 282 | # endif /* cpu */ |
| 288 | #endif /* OPENSSL_NO_ASM */ | 283 | #endif /* OPENSSL_NO_ASM */ |
| 289 | 284 | ||
| @@ -293,44 +288,17 @@ struct bignum_ctx | |||
| 293 | #define Lw(t) (((BN_ULONG)(t))&BN_MASK2) | 288 | #define Lw(t) (((BN_ULONG)(t))&BN_MASK2) |
| 294 | #define Hw(t) (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2) | 289 | #define Hw(t) (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2) |
| 295 | 290 | ||
| 296 | /* This is used for internal error checking and is not normally used */ | 291 | #ifdef BN_DEBUG_RAND |
| 297 | #ifdef BN_DEBUG | 292 | #define bn_clear_top2max(a) \ |
| 298 | # include <assert.h> | ||
| 299 | # define bn_check_top(a) assert ((a)->top >= 0 && (a)->top <= (a)->dmax); | ||
| 300 | #else | ||
| 301 | # define bn_check_top(a) | ||
| 302 | #endif | ||
| 303 | |||
| 304 | /* This macro is to add extra stuff for development checking */ | ||
| 305 | #ifdef BN_DEBUG | ||
| 306 | #define bn_set_max(r) ((r)->max=(r)->top,BN_set_flags((r),BN_FLG_STATIC_DATA)) | ||
| 307 | #else | ||
| 308 | #define bn_set_max(r) | ||
| 309 | #endif | ||
| 310 | |||
| 311 | /* These macros are used to 'take' a section of a bignum for read only use */ | ||
| 312 | #define bn_set_low(r,a,n) \ | ||
| 313 | { \ | ||
| 314 | (r)->top=((a)->top > (n))?(n):(a)->top; \ | ||
| 315 | (r)->d=(a)->d; \ | ||
| 316 | (r)->neg=(a)->neg; \ | ||
| 317 | (r)->flags|=BN_FLG_STATIC_DATA; \ | ||
| 318 | bn_set_max(r); \ | ||
| 319 | } | ||
| 320 | |||
| 321 | #define bn_set_high(r,a,n) \ | ||
| 322 | { \ | 293 | { \ |
| 323 | if ((a)->top > (n)) \ | 294 | int ind = (a)->dmax - (a)->top; \ |
| 324 | { \ | 295 | BN_ULONG *ftl = &(a)->d[(a)->top-1]; \ |
| 325 | (r)->top=(a)->top-n; \ | 296 | for (; ind != 0; ind--) \ |
| 326 | (r)->d= &((a)->d[n]); \ | 297 | *(++ftl) = 0x0; \ |
| 327 | } \ | ||
| 328 | else \ | ||
| 329 | (r)->top=0; \ | ||
| 330 | (r)->neg=(a)->neg; \ | ||
| 331 | (r)->flags|=BN_FLG_STATIC_DATA; \ | ||
| 332 | bn_set_max(r); \ | ||
| 333 | } | 298 | } |
| 299 | #else | ||
| 300 | #define bn_clear_top2max(a) | ||
| 301 | #endif | ||
| 334 | 302 | ||
| 335 | #ifdef BN_LLONG | 303 | #ifdef BN_LLONG |
| 336 | #define mul_add(r,a,w,c) { \ | 304 | #define mul_add(r,a,w,c) { \ |
| @@ -354,6 +322,33 @@ struct bignum_ctx | |||
| 354 | (r1)=Hw(t); \ | 322 | (r1)=Hw(t); \ |
| 355 | } | 323 | } |
| 356 | 324 | ||
| 325 | #elif defined(BN_UMULT_LOHI) | ||
| 326 | #define mul_add(r,a,w,c) { \ | ||
| 327 | BN_ULONG high,low,ret,tmp=(a); \ | ||
| 328 | ret = (r); \ | ||
| 329 | BN_UMULT_LOHI(low,high,w,tmp); \ | ||
| 330 | ret += (c); \ | ||
| 331 | (c) = (ret<(c))?1:0; \ | ||
| 332 | (c) += high; \ | ||
| 333 | ret += low; \ | ||
| 334 | (c) += (ret<low)?1:0; \ | ||
| 335 | (r) = ret; \ | ||
| 336 | } | ||
| 337 | |||
| 338 | #define mul(r,a,w,c) { \ | ||
| 339 | BN_ULONG high,low,ret,ta=(a); \ | ||
| 340 | BN_UMULT_LOHI(low,high,w,ta); \ | ||
| 341 | ret = low + (c); \ | ||
| 342 | (c) = high; \ | ||
| 343 | (c) += (ret<low)?1:0; \ | ||
| 344 | (r) = ret; \ | ||
| 345 | } | ||
| 346 | |||
| 347 | #define sqr(r0,r1,a) { \ | ||
| 348 | BN_ULONG tmp=(a); \ | ||
| 349 | BN_UMULT_LOHI(r0,r1,tmp,tmp); \ | ||
| 350 | } | ||
| 351 | |||
| 357 | #elif defined(BN_UMULT_HIGH) | 352 | #elif defined(BN_UMULT_HIGH) |
| 358 | #define mul_add(r,a,w,c) { \ | 353 | #define mul_add(r,a,w,c) { \ |
| 359 | BN_ULONG high,low,ret,tmp=(a); \ | 354 | BN_ULONG high,low,ret,tmp=(a); \ |
| @@ -472,18 +467,21 @@ void bn_sqr_comba4(BN_ULONG *r,const BN_ULONG *a); | |||
| 472 | int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n); | 467 | int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n); |
| 473 | int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, | 468 | int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, |
| 474 | int cl, int dl); | 469 | int cl, int dl); |
| 475 | #ifdef BN_RECURSION | 470 | void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, |
| 476 | void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | 471 | int dna,int dnb,BN_ULONG *t); |
| 477 | BN_ULONG *t); | 472 | void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, |
| 478 | void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, | 473 | int n,int tna,int tnb,BN_ULONG *t); |
| 479 | int n, BN_ULONG *t); | 474 | void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t); |
| 475 | void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n); | ||
| 480 | void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, | 476 | void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, |
| 481 | BN_ULONG *t); | 477 | BN_ULONG *t); |
| 482 | void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2, | 478 | void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2, |
| 483 | BN_ULONG *t); | 479 | BN_ULONG *t); |
| 484 | void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t); | 480 | BN_ULONG bn_add_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, |
| 485 | #endif | 481 | int cl, int dl); |
| 486 | void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n); | 482 | BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, |
| 483 | int cl, int dl); | ||
| 484 | int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num); | ||
| 487 | 485 | ||
| 488 | #ifdef __cplusplus | 486 | #ifdef __cplusplus |
| 489 | } | 487 | } |
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c index e1660450bc..2649b8c538 100644 --- a/src/lib/libcrypto/bn/bn_lib.c +++ b/src/lib/libcrypto/bn/bn_lib.c | |||
| @@ -67,8 +67,10 @@ | |||
| 67 | #include "cryptlib.h" | 67 | #include "cryptlib.h" |
| 68 | #include "bn_lcl.h" | 68 | #include "bn_lcl.h" |
| 69 | 69 | ||
| 70 | const char *BN_version="Big Number" OPENSSL_VERSION_PTEXT; | 70 | const char BN_version[]="Big Number" OPENSSL_VERSION_PTEXT; |
| 71 | 71 | ||
| 72 | /* This stuff appears to be completely unused, so is deprecated */ | ||
| 73 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 72 | /* For a 32 bit machine | 74 | /* For a 32 bit machine |
| 73 | * 2 - 4 == 128 | 75 | * 2 - 4 == 128 |
| 74 | * 3 - 8 == 256 | 76 | * 3 - 8 == 256 |
| @@ -91,28 +93,28 @@ void BN_set_params(int mult, int high, int low, int mont) | |||
| 91 | { | 93 | { |
| 92 | if (mult >= 0) | 94 | if (mult >= 0) |
| 93 | { | 95 | { |
| 94 | if (mult > (sizeof(int)*8)-1) | 96 | if (mult > (int)(sizeof(int)*8)-1) |
| 95 | mult=sizeof(int)*8-1; | 97 | mult=sizeof(int)*8-1; |
| 96 | bn_limit_bits=mult; | 98 | bn_limit_bits=mult; |
| 97 | bn_limit_num=1<<mult; | 99 | bn_limit_num=1<<mult; |
| 98 | } | 100 | } |
| 99 | if (high >= 0) | 101 | if (high >= 0) |
| 100 | { | 102 | { |
| 101 | if (high > (sizeof(int)*8)-1) | 103 | if (high > (int)(sizeof(int)*8)-1) |
| 102 | high=sizeof(int)*8-1; | 104 | high=sizeof(int)*8-1; |
| 103 | bn_limit_bits_high=high; | 105 | bn_limit_bits_high=high; |
| 104 | bn_limit_num_high=1<<high; | 106 | bn_limit_num_high=1<<high; |
| 105 | } | 107 | } |
| 106 | if (low >= 0) | 108 | if (low >= 0) |
| 107 | { | 109 | { |
| 108 | if (low > (sizeof(int)*8)-1) | 110 | if (low > (int)(sizeof(int)*8)-1) |
| 109 | low=sizeof(int)*8-1; | 111 | low=sizeof(int)*8-1; |
| 110 | bn_limit_bits_low=low; | 112 | bn_limit_bits_low=low; |
| 111 | bn_limit_num_low=1<<low; | 113 | bn_limit_num_low=1<<low; |
| 112 | } | 114 | } |
| 113 | if (mont >= 0) | 115 | if (mont >= 0) |
| 114 | { | 116 | { |
| 115 | if (mont > (sizeof(int)*8)-1) | 117 | if (mont > (int)(sizeof(int)*8)-1) |
| 116 | mont=sizeof(int)*8-1; | 118 | mont=sizeof(int)*8-1; |
| 117 | bn_limit_bits_mont=mont; | 119 | bn_limit_bits_mont=mont; |
| 118 | bn_limit_num_mont=1<<mont; | 120 | bn_limit_num_mont=1<<mont; |
| @@ -127,11 +129,12 @@ int BN_get_params(int which) | |||
| 127 | else if (which == 3) return(bn_limit_bits_mont); | 129 | else if (which == 3) return(bn_limit_bits_mont); |
| 128 | else return(0); | 130 | else return(0); |
| 129 | } | 131 | } |
| 132 | #endif | ||
| 130 | 133 | ||
| 131 | const BIGNUM *BN_value_one(void) | 134 | const BIGNUM *BN_value_one(void) |
| 132 | { | 135 | { |
| 133 | static BN_ULONG data_one=1L; | 136 | static BN_ULONG data_one=1L; |
| 134 | static BIGNUM const_one={&data_one,1,1,0}; | 137 | static BIGNUM const_one={&data_one,1,1,0,BN_FLG_STATIC_DATA}; |
| 135 | 138 | ||
| 136 | return(&const_one); | 139 | return(&const_one); |
| 137 | } | 140 | } |
| @@ -244,16 +247,11 @@ int BN_num_bits_word(BN_ULONG l) | |||
| 244 | 247 | ||
| 245 | int BN_num_bits(const BIGNUM *a) | 248 | int BN_num_bits(const BIGNUM *a) |
| 246 | { | 249 | { |
| 247 | BN_ULONG l; | 250 | int i = a->top - 1; |
| 248 | int i; | ||
| 249 | |||
| 250 | bn_check_top(a); | 251 | bn_check_top(a); |
| 251 | 252 | ||
| 252 | if (a->top == 0) return(0); | 253 | if (BN_is_zero(a)) return 0; |
| 253 | l=a->d[a->top-1]; | 254 | return ((i*BN_BITS2) + BN_num_bits_word(a->d[i])); |
| 254 | assert(l != 0); | ||
| 255 | i=(a->top-1)*BN_BITS2; | ||
| 256 | return(i+BN_num_bits_word(l)); | ||
| 257 | } | 255 | } |
| 258 | 256 | ||
| 259 | void BN_clear_free(BIGNUM *a) | 257 | void BN_clear_free(BIGNUM *a) |
| @@ -261,6 +259,7 @@ void BN_clear_free(BIGNUM *a) | |||
| 261 | int i; | 259 | int i; |
| 262 | 260 | ||
| 263 | if (a == NULL) return; | 261 | if (a == NULL) return; |
| 262 | bn_check_top(a); | ||
| 264 | if (a->d != NULL) | 263 | if (a->d != NULL) |
| 265 | { | 264 | { |
| 266 | OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0])); | 265 | OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0])); |
| @@ -276,16 +275,24 @@ void BN_clear_free(BIGNUM *a) | |||
| 276 | void BN_free(BIGNUM *a) | 275 | void BN_free(BIGNUM *a) |
| 277 | { | 276 | { |
| 278 | if (a == NULL) return; | 277 | if (a == NULL) return; |
| 278 | bn_check_top(a); | ||
| 279 | if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA))) | 279 | if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA))) |
| 280 | OPENSSL_free(a->d); | 280 | OPENSSL_free(a->d); |
| 281 | a->flags|=BN_FLG_FREE; /* REMOVE? */ | ||
| 282 | if (a->flags & BN_FLG_MALLOCED) | 281 | if (a->flags & BN_FLG_MALLOCED) |
| 283 | OPENSSL_free(a); | 282 | OPENSSL_free(a); |
| 283 | else | ||
| 284 | { | ||
| 285 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 286 | a->flags|=BN_FLG_FREE; | ||
| 287 | #endif | ||
| 288 | a->d = NULL; | ||
| 289 | } | ||
| 284 | } | 290 | } |
| 285 | 291 | ||
| 286 | void BN_init(BIGNUM *a) | 292 | void BN_init(BIGNUM *a) |
| 287 | { | 293 | { |
| 288 | memset(a,0,sizeof(BIGNUM)); | 294 | memset(a,0,sizeof(BIGNUM)); |
| 295 | bn_check_top(a); | ||
| 289 | } | 296 | } |
| 290 | 297 | ||
| 291 | BIGNUM *BN_new(void) | 298 | BIGNUM *BN_new(void) |
| @@ -302,6 +309,7 @@ BIGNUM *BN_new(void) | |||
| 302 | ret->neg=0; | 309 | ret->neg=0; |
| 303 | ret->dmax=0; | 310 | ret->dmax=0; |
| 304 | ret->d=NULL; | 311 | ret->d=NULL; |
| 312 | bn_check_top(ret); | ||
| 305 | return(ret); | 313 | return(ret); |
| 306 | } | 314 | } |
| 307 | 315 | ||
| @@ -313,19 +321,19 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) | |||
| 313 | const BN_ULONG *B; | 321 | const BN_ULONG *B; |
| 314 | int i; | 322 | int i; |
| 315 | 323 | ||
| 324 | bn_check_top(b); | ||
| 325 | |||
| 316 | if (words > (INT_MAX/(4*BN_BITS2))) | 326 | if (words > (INT_MAX/(4*BN_BITS2))) |
| 317 | { | 327 | { |
| 318 | BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_BIGNUM_TOO_LONG); | 328 | BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_BIGNUM_TOO_LONG); |
| 319 | return NULL; | 329 | return NULL; |
| 320 | } | 330 | } |
| 321 | |||
| 322 | bn_check_top(b); | ||
| 323 | if (BN_get_flags(b,BN_FLG_STATIC_DATA)) | 331 | if (BN_get_flags(b,BN_FLG_STATIC_DATA)) |
| 324 | { | 332 | { |
| 325 | BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); | 333 | BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); |
| 326 | return(NULL); | 334 | return(NULL); |
| 327 | } | 335 | } |
| 328 | a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*(words+1)); | 336 | a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*words); |
| 329 | if (A == NULL) | 337 | if (A == NULL) |
| 330 | { | 338 | { |
| 331 | BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE); | 339 | BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE); |
| @@ -363,19 +371,8 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) | |||
| 363 | } | 371 | } |
| 364 | } | 372 | } |
| 365 | 373 | ||
| 366 | /* Now need to zero any data between b->top and b->max */ | ||
| 367 | /* XXX Why? */ | ||
| 368 | |||
| 369 | A= &(a[b->top]); | ||
| 370 | for (i=(words - b->top)>>3; i>0; i--,A+=8) | ||
| 371 | { | ||
| 372 | A[0]=0; A[1]=0; A[2]=0; A[3]=0; | ||
| 373 | A[4]=0; A[5]=0; A[6]=0; A[7]=0; | ||
| 374 | } | ||
| 375 | for (i=(words - b->top)&7; i>0; i--,A++) | ||
| 376 | A[0]=0; | ||
| 377 | #else | 374 | #else |
| 378 | memset(A,0,sizeof(BN_ULONG)*(words+1)); | 375 | memset(A,0,sizeof(BN_ULONG)*words); |
| 379 | memcpy(A,b->d,sizeof(b->d[0])*b->top); | 376 | memcpy(A,b->d,sizeof(b->d[0])*b->top); |
| 380 | #endif | 377 | #endif |
| 381 | 378 | ||
| @@ -393,16 +390,19 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) | |||
| 393 | * while bn_dup_expand() makes sure allocation is made only once. | 390 | * while bn_dup_expand() makes sure allocation is made only once. |
| 394 | */ | 391 | */ |
| 395 | 392 | ||
| 393 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 396 | BIGNUM *bn_dup_expand(const BIGNUM *b, int words) | 394 | BIGNUM *bn_dup_expand(const BIGNUM *b, int words) |
| 397 | { | 395 | { |
| 398 | BIGNUM *r = NULL; | 396 | BIGNUM *r = NULL; |
| 399 | 397 | ||
| 398 | bn_check_top(b); | ||
| 399 | |||
| 400 | /* This function does not work if | 400 | /* This function does not work if |
| 401 | * words <= b->dmax && top < words | 401 | * words <= b->dmax && top < words |
| 402 | * because BN_dup() does not preserve 'dmax'! | 402 | * because BN_dup() does not preserve 'dmax'! |
| 403 | * (But bn_dup_expand() is not used anywhere yet.) | 403 | * (But bn_dup_expand() is not used anywhere yet.) |
| 404 | */ | 404 | */ |
| 405 | 405 | ||
| 406 | if (words > b->dmax) | 406 | if (words > b->dmax) |
| 407 | { | 407 | { |
| 408 | BN_ULONG *a = bn_expand_internal(b, words); | 408 | BN_ULONG *a = bn_expand_internal(b, words); |
| @@ -431,48 +431,67 @@ BIGNUM *bn_dup_expand(const BIGNUM *b, int words) | |||
| 431 | r = BN_dup(b); | 431 | r = BN_dup(b); |
| 432 | } | 432 | } |
| 433 | 433 | ||
| 434 | bn_check_top(r); | ||
| 434 | return r; | 435 | return r; |
| 435 | } | 436 | } |
| 437 | #endif | ||
| 436 | 438 | ||
| 437 | /* This is an internal function that should not be used in applications. | 439 | /* This is an internal function that should not be used in applications. |
| 438 | * It ensures that 'b' has enough room for a 'words' word number number. | 440 | * It ensures that 'b' has enough room for a 'words' word number |
| 441 | * and initialises any unused part of b->d with leading zeros. | ||
| 439 | * It is mostly used by the various BIGNUM routines. If there is an error, | 442 | * It is mostly used by the various BIGNUM routines. If there is an error, |
| 440 | * NULL is returned. If not, 'b' is returned. */ | 443 | * NULL is returned. If not, 'b' is returned. */ |
| 441 | 444 | ||
| 442 | BIGNUM *bn_expand2(BIGNUM *b, int words) | 445 | BIGNUM *bn_expand2(BIGNUM *b, int words) |
| 443 | { | 446 | { |
| 447 | bn_check_top(b); | ||
| 448 | |||
| 444 | if (words > b->dmax) | 449 | if (words > b->dmax) |
| 445 | { | 450 | { |
| 446 | BN_ULONG *a = bn_expand_internal(b, words); | 451 | BN_ULONG *a = bn_expand_internal(b, words); |
| 452 | if(!a) return NULL; | ||
| 453 | if(b->d) OPENSSL_free(b->d); | ||
| 454 | b->d=a; | ||
| 455 | b->dmax=words; | ||
| 456 | } | ||
| 447 | 457 | ||
| 448 | if (a) | 458 | /* None of this should be necessary because of what b->top means! */ |
| 459 | #if 0 | ||
| 460 | /* NB: bn_wexpand() calls this only if the BIGNUM really has to grow */ | ||
| 461 | if (b->top < b->dmax) | ||
| 462 | { | ||
| 463 | int i; | ||
| 464 | BN_ULONG *A = &(b->d[b->top]); | ||
| 465 | for (i=(b->dmax - b->top)>>3; i>0; i--,A+=8) | ||
| 449 | { | 466 | { |
| 450 | if (b->d) | 467 | A[0]=0; A[1]=0; A[2]=0; A[3]=0; |
| 451 | OPENSSL_free(b->d); | 468 | A[4]=0; A[5]=0; A[6]=0; A[7]=0; |
| 452 | b->d=a; | ||
| 453 | b->dmax=words; | ||
| 454 | } | 469 | } |
| 455 | else | 470 | for (i=(b->dmax - b->top)&7; i>0; i--,A++) |
| 456 | b = NULL; | 471 | A[0]=0; |
| 472 | assert(A == &(b->d[b->dmax])); | ||
| 457 | } | 473 | } |
| 474 | #endif | ||
| 475 | bn_check_top(b); | ||
| 458 | return b; | 476 | return b; |
| 459 | } | 477 | } |
| 460 | 478 | ||
| 461 | BIGNUM *BN_dup(const BIGNUM *a) | 479 | BIGNUM *BN_dup(const BIGNUM *a) |
| 462 | { | 480 | { |
| 463 | BIGNUM *r, *t; | 481 | BIGNUM *t; |
| 464 | 482 | ||
| 465 | if (a == NULL) return NULL; | 483 | if (a == NULL) return NULL; |
| 466 | |||
| 467 | bn_check_top(a); | 484 | bn_check_top(a); |
| 468 | 485 | ||
| 469 | t = BN_new(); | 486 | t = BN_new(); |
| 470 | if (t == NULL) return(NULL); | 487 | if (t == NULL) return NULL; |
| 471 | r = BN_copy(t, a); | 488 | if(!BN_copy(t, a)) |
| 472 | /* now r == t || r == NULL */ | 489 | { |
| 473 | if (r == NULL) | ||
| 474 | BN_free(t); | 490 | BN_free(t); |
| 475 | return r; | 491 | return NULL; |
| 492 | } | ||
| 493 | bn_check_top(t); | ||
| 494 | return t; | ||
| 476 | } | 495 | } |
| 477 | 496 | ||
| 478 | BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) | 497 | BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) |
| @@ -506,11 +525,9 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) | |||
| 506 | memcpy(a->d,b->d,sizeof(b->d[0])*b->top); | 525 | memcpy(a->d,b->d,sizeof(b->d[0])*b->top); |
| 507 | #endif | 526 | #endif |
| 508 | 527 | ||
| 509 | /* memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/ | ||
| 510 | a->top=b->top; | 528 | a->top=b->top; |
| 511 | if ((a->top == 0) && (a->d != NULL)) | ||
| 512 | a->d[0]=0; | ||
| 513 | a->neg=b->neg; | 529 | a->neg=b->neg; |
| 530 | bn_check_top(a); | ||
| 514 | return(a); | 531 | return(a); |
| 515 | } | 532 | } |
| 516 | 533 | ||
| @@ -520,6 +537,9 @@ void BN_swap(BIGNUM *a, BIGNUM *b) | |||
| 520 | BN_ULONG *tmp_d; | 537 | BN_ULONG *tmp_d; |
| 521 | int tmp_top, tmp_dmax, tmp_neg; | 538 | int tmp_top, tmp_dmax, tmp_neg; |
| 522 | 539 | ||
| 540 | bn_check_top(a); | ||
| 541 | bn_check_top(b); | ||
| 542 | |||
| 523 | flags_old_a = a->flags; | 543 | flags_old_a = a->flags; |
| 524 | flags_old_b = b->flags; | 544 | flags_old_b = b->flags; |
| 525 | 545 | ||
| @@ -540,11 +560,13 @@ void BN_swap(BIGNUM *a, BIGNUM *b) | |||
| 540 | 560 | ||
| 541 | a->flags = (flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA); | 561 | a->flags = (flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA); |
| 542 | b->flags = (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA); | 562 | b->flags = (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA); |
| 563 | bn_check_top(a); | ||
| 564 | bn_check_top(b); | ||
| 543 | } | 565 | } |
| 544 | 566 | ||
| 545 | |||
| 546 | void BN_clear(BIGNUM *a) | 567 | void BN_clear(BIGNUM *a) |
| 547 | { | 568 | { |
| 569 | bn_check_top(a); | ||
| 548 | if (a->d != NULL) | 570 | if (a->d != NULL) |
| 549 | memset(a->d,0,a->dmax*sizeof(a->d[0])); | 571 | memset(a->d,0,a->dmax*sizeof(a->d[0])); |
| 550 | a->top=0; | 572 | a->top=0; |
| @@ -553,49 +575,22 @@ void BN_clear(BIGNUM *a) | |||
| 553 | 575 | ||
| 554 | BN_ULONG BN_get_word(const BIGNUM *a) | 576 | BN_ULONG BN_get_word(const BIGNUM *a) |
| 555 | { | 577 | { |
| 556 | int i,n; | 578 | if (a->top > 1) |
| 557 | BN_ULONG ret=0; | 579 | return BN_MASK2; |
| 558 | 580 | else if (a->top == 1) | |
| 559 | n=BN_num_bytes(a); | 581 | return a->d[0]; |
| 560 | if (n > sizeof(BN_ULONG)) | 582 | /* a->top == 0 */ |
| 561 | return(BN_MASK2); | 583 | return 0; |
| 562 | for (i=a->top-1; i>=0; i--) | ||
| 563 | { | ||
| 564 | #ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */ | ||
| 565 | ret<<=BN_BITS4; /* stops the compiler complaining */ | ||
| 566 | ret<<=BN_BITS4; | ||
| 567 | #else | ||
| 568 | ret=0; | ||
| 569 | #endif | ||
| 570 | ret|=a->d[i]; | ||
| 571 | } | ||
| 572 | return(ret); | ||
| 573 | } | 584 | } |
| 574 | 585 | ||
| 575 | int BN_set_word(BIGNUM *a, BN_ULONG w) | 586 | int BN_set_word(BIGNUM *a, BN_ULONG w) |
| 576 | { | 587 | { |
| 577 | int i,n; | 588 | bn_check_top(a); |
| 578 | if (bn_expand(a,sizeof(BN_ULONG)*8) == NULL) return(0); | 589 | if (bn_expand(a,(int)sizeof(BN_ULONG)*8) == NULL) return(0); |
| 579 | 590 | a->neg = 0; | |
| 580 | n=sizeof(BN_ULONG)/BN_BYTES; | 591 | a->d[0] = w; |
| 581 | a->neg=0; | 592 | a->top = (w ? 1 : 0); |
| 582 | a->top=0; | 593 | bn_check_top(a); |
| 583 | a->d[0]=(BN_ULONG)w&BN_MASK2; | ||
| 584 | if (a->d[0] != 0) a->top=1; | ||
| 585 | for (i=1; i<n; i++) | ||
| 586 | { | ||
| 587 | /* the following is done instead of | ||
| 588 | * w>>=BN_BITS2 so compilers don't complain | ||
| 589 | * on builds where sizeof(long) == BN_TYPES */ | ||
| 590 | #ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */ | ||
| 591 | w>>=BN_BITS4; | ||
| 592 | w>>=BN_BITS4; | ||
| 593 | #else | ||
| 594 | w=0; | ||
| 595 | #endif | ||
| 596 | a->d[i]=(BN_ULONG)w&BN_MASK2; | ||
| 597 | if (a->d[i] != 0) a->top=i+1; | ||
| 598 | } | ||
| 599 | return(1); | 594 | return(1); |
| 600 | } | 595 | } |
| 601 | 596 | ||
| @@ -604,9 +599,12 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) | |||
| 604 | unsigned int i,m; | 599 | unsigned int i,m; |
| 605 | unsigned int n; | 600 | unsigned int n; |
| 606 | BN_ULONG l; | 601 | BN_ULONG l; |
| 602 | BIGNUM *bn = NULL; | ||
| 607 | 603 | ||
| 608 | if (ret == NULL) ret=BN_new(); | 604 | if (ret == NULL) |
| 605 | ret = bn = BN_new(); | ||
| 609 | if (ret == NULL) return(NULL); | 606 | if (ret == NULL) return(NULL); |
| 607 | bn_check_top(ret); | ||
| 610 | l=0; | 608 | l=0; |
| 611 | n=len; | 609 | n=len; |
| 612 | if (n == 0) | 610 | if (n == 0) |
| @@ -614,13 +612,16 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) | |||
| 614 | ret->top=0; | 612 | ret->top=0; |
| 615 | return(ret); | 613 | return(ret); |
| 616 | } | 614 | } |
| 617 | if (bn_expand(ret,(int)(n+2)*8) == NULL) | ||
| 618 | return(NULL); | ||
| 619 | i=((n-1)/BN_BYTES)+1; | 615 | i=((n-1)/BN_BYTES)+1; |
| 620 | m=((n-1)%(BN_BYTES)); | 616 | m=((n-1)%(BN_BYTES)); |
| 617 | if (bn_wexpand(ret, (int)i) == NULL) | ||
| 618 | { | ||
| 619 | if (bn) BN_free(bn); | ||
| 620 | return NULL; | ||
| 621 | } | ||
| 621 | ret->top=i; | 622 | ret->top=i; |
| 622 | ret->neg=0; | 623 | ret->neg=0; |
| 623 | while (n-- > 0) | 624 | while (n--) |
| 624 | { | 625 | { |
| 625 | l=(l<<8L)| *(s++); | 626 | l=(l<<8L)| *(s++); |
| 626 | if (m-- == 0) | 627 | if (m-- == 0) |
| @@ -632,7 +633,7 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) | |||
| 632 | } | 633 | } |
| 633 | /* need to call this due to clear byte at top if avoiding | 634 | /* need to call this due to clear byte at top if avoiding |
| 634 | * having the top bit set (-ve number) */ | 635 | * having the top bit set (-ve number) */ |
| 635 | bn_fix_top(ret); | 636 | bn_correct_top(ret); |
| 636 | return(ret); | 637 | return(ret); |
| 637 | } | 638 | } |
| 638 | 639 | ||
| @@ -642,8 +643,9 @@ int BN_bn2bin(const BIGNUM *a, unsigned char *to) | |||
| 642 | int n,i; | 643 | int n,i; |
| 643 | BN_ULONG l; | 644 | BN_ULONG l; |
| 644 | 645 | ||
| 646 | bn_check_top(a); | ||
| 645 | n=i=BN_num_bytes(a); | 647 | n=i=BN_num_bytes(a); |
| 646 | while (i-- > 0) | 648 | while (i--) |
| 647 | { | 649 | { |
| 648 | l=a->d[i/BN_BYTES]; | 650 | l=a->d[i/BN_BYTES]; |
| 649 | *(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff; | 651 | *(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff; |
| @@ -668,7 +670,7 @@ int BN_ucmp(const BIGNUM *a, const BIGNUM *b) | |||
| 668 | t1= ap[i]; | 670 | t1= ap[i]; |
| 669 | t2= bp[i]; | 671 | t2= bp[i]; |
| 670 | if (t1 != t2) | 672 | if (t1 != t2) |
| 671 | return(t1 > t2?1:-1); | 673 | return((t1 > t2) ? 1 : -1); |
| 672 | } | 674 | } |
| 673 | return(0); | 675 | return(0); |
| 674 | } | 676 | } |
| @@ -718,6 +720,9 @@ int BN_set_bit(BIGNUM *a, int n) | |||
| 718 | { | 720 | { |
| 719 | int i,j,k; | 721 | int i,j,k; |
| 720 | 722 | ||
| 723 | if (n < 0) | ||
| 724 | return 0; | ||
| 725 | |||
| 721 | i=n/BN_BITS2; | 726 | i=n/BN_BITS2; |
| 722 | j=n%BN_BITS2; | 727 | j=n%BN_BITS2; |
| 723 | if (a->top <= i) | 728 | if (a->top <= i) |
| @@ -729,6 +734,7 @@ int BN_set_bit(BIGNUM *a, int n) | |||
| 729 | } | 734 | } |
| 730 | 735 | ||
| 731 | a->d[i]|=(((BN_ULONG)1)<<j); | 736 | a->d[i]|=(((BN_ULONG)1)<<j); |
| 737 | bn_check_top(a); | ||
| 732 | return(1); | 738 | return(1); |
| 733 | } | 739 | } |
| 734 | 740 | ||
| @@ -736,12 +742,15 @@ int BN_clear_bit(BIGNUM *a, int n) | |||
| 736 | { | 742 | { |
| 737 | int i,j; | 743 | int i,j; |
| 738 | 744 | ||
| 745 | bn_check_top(a); | ||
| 746 | if (n < 0) return 0; | ||
| 747 | |||
| 739 | i=n/BN_BITS2; | 748 | i=n/BN_BITS2; |
| 740 | j=n%BN_BITS2; | 749 | j=n%BN_BITS2; |
| 741 | if (a->top <= i) return(0); | 750 | if (a->top <= i) return(0); |
| 742 | 751 | ||
| 743 | a->d[i]&=(~(((BN_ULONG)1)<<j)); | 752 | a->d[i]&=(~(((BN_ULONG)1)<<j)); |
| 744 | bn_fix_top(a); | 753 | bn_correct_top(a); |
| 745 | return(1); | 754 | return(1); |
| 746 | } | 755 | } |
| 747 | 756 | ||
| @@ -749,20 +758,24 @@ int BN_is_bit_set(const BIGNUM *a, int n) | |||
| 749 | { | 758 | { |
| 750 | int i,j; | 759 | int i,j; |
| 751 | 760 | ||
| 752 | if (n < 0) return(0); | 761 | bn_check_top(a); |
| 762 | if (n < 0) return 0; | ||
| 753 | i=n/BN_BITS2; | 763 | i=n/BN_BITS2; |
| 754 | j=n%BN_BITS2; | 764 | j=n%BN_BITS2; |
| 755 | if (a->top <= i) return(0); | 765 | if (a->top <= i) return 0; |
| 756 | return((a->d[i]&(((BN_ULONG)1)<<j))?1:0); | 766 | return(((a->d[i])>>j)&((BN_ULONG)1)); |
| 757 | } | 767 | } |
| 758 | 768 | ||
| 759 | int BN_mask_bits(BIGNUM *a, int n) | 769 | int BN_mask_bits(BIGNUM *a, int n) |
| 760 | { | 770 | { |
| 761 | int b,w; | 771 | int b,w; |
| 762 | 772 | ||
| 773 | bn_check_top(a); | ||
| 774 | if (n < 0) return 0; | ||
| 775 | |||
| 763 | w=n/BN_BITS2; | 776 | w=n/BN_BITS2; |
| 764 | b=n%BN_BITS2; | 777 | b=n%BN_BITS2; |
| 765 | if (w >= a->top) return(0); | 778 | if (w >= a->top) return 0; |
| 766 | if (b == 0) | 779 | if (b == 0) |
| 767 | a->top=w; | 780 | a->top=w; |
| 768 | else | 781 | else |
| @@ -770,10 +783,18 @@ int BN_mask_bits(BIGNUM *a, int n) | |||
| 770 | a->top=w+1; | 783 | a->top=w+1; |
| 771 | a->d[w]&= ~(BN_MASK2<<b); | 784 | a->d[w]&= ~(BN_MASK2<<b); |
| 772 | } | 785 | } |
| 773 | bn_fix_top(a); | 786 | bn_correct_top(a); |
| 774 | return(1); | 787 | return(1); |
| 775 | } | 788 | } |
| 776 | 789 | ||
| 790 | void BN_set_negative(BIGNUM *a, int b) | ||
| 791 | { | ||
| 792 | if (b && !BN_is_zero(a)) | ||
| 793 | a->neg = 1; | ||
| 794 | else | ||
| 795 | a->neg = 0; | ||
| 796 | } | ||
| 797 | |||
| 777 | int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n) | 798 | int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n) |
| 778 | { | 799 | { |
| 779 | int i; | 800 | int i; |
diff --git a/src/lib/libcrypto/bn/bn_mod.c b/src/lib/libcrypto/bn/bn_mod.c index 5cf82480d7..77d6ddb91a 100644 --- a/src/lib/libcrypto/bn/bn_mod.c +++ b/src/lib/libcrypto/bn/bn_mod.c | |||
| @@ -149,7 +149,7 @@ int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_ | |||
| 149 | * and less than m */ | 149 | * and less than m */ |
| 150 | int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m) | 150 | int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m) |
| 151 | { | 151 | { |
| 152 | if (!BN_add(r, a, b)) return 0; | 152 | if (!BN_uadd(r, a, b)) return 0; |
| 153 | if (BN_ucmp(r, m) >= 0) | 153 | if (BN_ucmp(r, m) >= 0) |
| 154 | return BN_usub(r, r, m); | 154 | return BN_usub(r, r, m); |
| 155 | return 1; | 155 | return 1; |
| @@ -192,6 +192,7 @@ int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, | |||
| 192 | else | 192 | else |
| 193 | { if (!BN_mul(t,a,b,ctx)) goto err; } | 193 | { if (!BN_mul(t,a,b,ctx)) goto err; } |
| 194 | if (!BN_nnmod(r,t,m,ctx)) goto err; | 194 | if (!BN_nnmod(r,t,m,ctx)) goto err; |
| 195 | bn_check_top(r); | ||
| 195 | ret=1; | 196 | ret=1; |
| 196 | err: | 197 | err: |
| 197 | BN_CTX_end(ctx); | 198 | BN_CTX_end(ctx); |
| @@ -210,6 +211,7 @@ int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) | |||
| 210 | int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) | 211 | int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) |
| 211 | { | 212 | { |
| 212 | if (!BN_lshift1(r, a)) return 0; | 213 | if (!BN_lshift1(r, a)) return 0; |
| 214 | bn_check_top(r); | ||
| 213 | return BN_nnmod(r, r, m, ctx); | 215 | return BN_nnmod(r, r, m, ctx); |
| 214 | } | 216 | } |
| 215 | 217 | ||
| @@ -219,6 +221,7 @@ int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) | |||
| 219 | int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m) | 221 | int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m) |
| 220 | { | 222 | { |
| 221 | if (!BN_lshift1(r, a)) return 0; | 223 | if (!BN_lshift1(r, a)) return 0; |
| 224 | bn_check_top(r); | ||
| 222 | if (BN_cmp(r, m) >= 0) | 225 | if (BN_cmp(r, m) >= 0) |
| 223 | return BN_sub(r, r, m); | 226 | return BN_sub(r, r, m); |
| 224 | return 1; | 227 | return 1; |
| @@ -240,6 +243,7 @@ int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ct | |||
| 240 | } | 243 | } |
| 241 | 244 | ||
| 242 | ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m)); | 245 | ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m)); |
| 246 | bn_check_top(r); | ||
| 243 | 247 | ||
| 244 | if (abs_m) | 248 | if (abs_m) |
| 245 | BN_free(abs_m); | 249 | BN_free(abs_m); |
| @@ -291,6 +295,7 @@ int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m) | |||
| 291 | if (!BN_sub(r, r, m)) return 0; | 295 | if (!BN_sub(r, r, m)) return 0; |
| 292 | } | 296 | } |
| 293 | } | 297 | } |
| 298 | bn_check_top(r); | ||
| 294 | 299 | ||
| 295 | return 1; | 300 | return 1; |
| 296 | } | 301 | } |
diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c index 726d5f2b1b..4799b152dd 100644 --- a/src/lib/libcrypto/bn/bn_mont.c +++ b/src/lib/libcrypto/bn/bn_mont.c | |||
| @@ -55,6 +55,59 @@ | |||
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. | ||
| 60 | * | ||
| 61 | * Redistribution and use in source and binary forms, with or without | ||
| 62 | * modification, are permitted provided that the following conditions | ||
| 63 | * are met: | ||
| 64 | * | ||
| 65 | * 1. Redistributions of source code must retain the above copyright | ||
| 66 | * notice, this list of conditions and the following disclaimer. | ||
| 67 | * | ||
| 68 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 69 | * notice, this list of conditions and the following disclaimer in | ||
| 70 | * the documentation and/or other materials provided with the | ||
| 71 | * distribution. | ||
| 72 | * | ||
| 73 | * 3. All advertising materials mentioning features or use of this | ||
| 74 | * software must display the following acknowledgment: | ||
| 75 | * "This product includes software developed by the OpenSSL Project | ||
| 76 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 77 | * | ||
| 78 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 79 | * endorse or promote products derived from this software without | ||
| 80 | * prior written permission. For written permission, please contact | ||
| 81 | * openssl-core@openssl.org. | ||
| 82 | * | ||
| 83 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 84 | * nor may "OpenSSL" appear in their names without prior written | ||
| 85 | * permission of the OpenSSL Project. | ||
| 86 | * | ||
| 87 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 88 | * acknowledgment: | ||
| 89 | * "This product includes software developed by the OpenSSL Project | ||
| 90 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 91 | * | ||
| 92 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 93 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 94 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 95 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 96 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 97 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 98 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 99 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 100 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 101 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 102 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 103 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 104 | * ==================================================================== | ||
| 105 | * | ||
| 106 | * This product includes cryptographic software written by Eric Young | ||
| 107 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 108 | * Hudson (tjh@cryptsoft.com). | ||
| 109 | * | ||
| 110 | */ | ||
| 58 | 111 | ||
| 59 | /* | 112 | /* |
| 60 | * Details about Montgomery multiplication algorithms can be found at | 113 | * Details about Montgomery multiplication algorithms can be found at |
| @@ -69,11 +122,50 @@ | |||
| 69 | 122 | ||
| 70 | #define MONT_WORD /* use the faster word-based algorithm */ | 123 | #define MONT_WORD /* use the faster word-based algorithm */ |
| 71 | 124 | ||
| 125 | #if defined(MONT_WORD) && defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32) | ||
| 126 | /* This condition means we have a specific non-default build: | ||
| 127 | * In the 0.9.8 branch, OPENSSL_BN_ASM_MONT is normally not set for any | ||
| 128 | * BN_BITS2<=32 platform; an explicit "enable-montasm" is required. | ||
| 129 | * I.e., if we are here, the user intentionally deviates from the | ||
| 130 | * normal stable build to get better Montgomery performance from | ||
| 131 | * the 0.9.9-dev backport. | ||
| 132 | * | ||
| 133 | * In this case only, we also enable BN_from_montgomery_word() | ||
| 134 | * (another non-stable feature from 0.9.9-dev). | ||
| 135 | */ | ||
| 136 | #define MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD | ||
| 137 | #endif | ||
| 138 | |||
| 139 | #ifdef MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD | ||
| 140 | static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont); | ||
| 141 | #endif | ||
| 142 | |||
| 143 | |||
| 144 | |||
| 72 | int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, | 145 | int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, |
| 73 | BN_MONT_CTX *mont, BN_CTX *ctx) | 146 | BN_MONT_CTX *mont, BN_CTX *ctx) |
| 74 | { | 147 | { |
| 75 | BIGNUM *tmp; | 148 | BIGNUM *tmp; |
| 76 | int ret=0; | 149 | int ret=0; |
| 150 | #if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD) | ||
| 151 | int num = mont->N.top; | ||
| 152 | |||
| 153 | if (num>1 && a->top==num && b->top==num) | ||
| 154 | { | ||
| 155 | if (bn_wexpand(r,num) == NULL) return(0); | ||
| 156 | #if 0 /* for OpenSSL 0.9.9 mont->n0 */ | ||
| 157 | if (bn_mul_mont(r->d,a->d,b->d,mont->N.d,mont->n0,num)) | ||
| 158 | #else | ||
| 159 | if (bn_mul_mont(r->d,a->d,b->d,mont->N.d,&mont->n0,num)) | ||
| 160 | #endif | ||
| 161 | { | ||
| 162 | r->neg = a->neg^b->neg; | ||
| 163 | r->top = num; | ||
| 164 | bn_correct_top(r); | ||
| 165 | return(1); | ||
| 166 | } | ||
| 167 | } | ||
| 168 | #endif | ||
| 77 | 169 | ||
| 78 | BN_CTX_start(ctx); | 170 | BN_CTX_start(ctx); |
| 79 | tmp = BN_CTX_get(ctx); | 171 | tmp = BN_CTX_get(ctx); |
| @@ -89,13 +181,162 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, | |||
| 89 | if (!BN_mul(tmp,a,b,ctx)) goto err; | 181 | if (!BN_mul(tmp,a,b,ctx)) goto err; |
| 90 | } | 182 | } |
| 91 | /* reduce from aRR to aR */ | 183 | /* reduce from aRR to aR */ |
| 184 | #ifdef MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD | ||
| 185 | if (!BN_from_montgomery_word(r,tmp,mont)) goto err; | ||
| 186 | #else | ||
| 92 | if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err; | 187 | if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err; |
| 188 | #endif | ||
| 189 | bn_check_top(r); | ||
| 93 | ret=1; | 190 | ret=1; |
| 94 | err: | 191 | err: |
| 95 | BN_CTX_end(ctx); | 192 | BN_CTX_end(ctx); |
| 96 | return(ret); | 193 | return(ret); |
| 97 | } | 194 | } |
| 98 | 195 | ||
| 196 | #ifdef MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD | ||
| 197 | static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont) | ||
| 198 | { | ||
| 199 | BIGNUM *n; | ||
| 200 | BN_ULONG *ap,*np,*rp,n0,v,*nrp; | ||
| 201 | int al,nl,max,i,x,ri; | ||
| 202 | |||
| 203 | n= &(mont->N); | ||
| 204 | /* mont->ri is the size of mont->N in bits (rounded up | ||
| 205 | to the word size) */ | ||
| 206 | al=ri=mont->ri/BN_BITS2; | ||
| 207 | |||
| 208 | nl=n->top; | ||
| 209 | if ((al == 0) || (nl == 0)) { ret->top=0; return(1); } | ||
| 210 | |||
| 211 | max=(nl+al+1); /* allow for overflow (no?) XXX */ | ||
| 212 | if (bn_wexpand(r,max) == NULL) return(0); | ||
| 213 | |||
| 214 | r->neg^=n->neg; | ||
| 215 | np=n->d; | ||
| 216 | rp=r->d; | ||
| 217 | nrp= &(r->d[nl]); | ||
| 218 | |||
| 219 | /* clear the top words of T */ | ||
| 220 | for (i=r->top; i<max; i++) /* memset? XXX */ | ||
| 221 | r->d[i]=0; | ||
| 222 | |||
| 223 | r->top=max; | ||
| 224 | #if 0 /* for OpenSSL 0.9.9 mont->n0 */ | ||
| 225 | n0=mont->n0[0]; | ||
| 226 | #else | ||
| 227 | n0=mont->n0; | ||
| 228 | #endif | ||
| 229 | |||
| 230 | #ifdef BN_COUNT | ||
| 231 | fprintf(stderr,"word BN_from_montgomery_word %d * %d\n",nl,nl); | ||
| 232 | #endif | ||
| 233 | for (i=0; i<nl; i++) | ||
| 234 | { | ||
| 235 | #ifdef __TANDEM | ||
| 236 | { | ||
| 237 | long long t1; | ||
| 238 | long long t2; | ||
| 239 | long long t3; | ||
| 240 | t1 = rp[0] * (n0 & 0177777); | ||
| 241 | t2 = 037777600000l; | ||
| 242 | t2 = n0 & t2; | ||
| 243 | t3 = rp[0] & 0177777; | ||
| 244 | t2 = (t3 * t2) & BN_MASK2; | ||
| 245 | t1 = t1 + t2; | ||
| 246 | v=bn_mul_add_words(rp,np,nl,(BN_ULONG) t1); | ||
| 247 | } | ||
| 248 | #else | ||
| 249 | v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2); | ||
| 250 | #endif | ||
| 251 | nrp++; | ||
| 252 | rp++; | ||
| 253 | if (((nrp[-1]+=v)&BN_MASK2) >= v) | ||
| 254 | continue; | ||
| 255 | else | ||
| 256 | { | ||
| 257 | if (((++nrp[0])&BN_MASK2) != 0) continue; | ||
| 258 | if (((++nrp[1])&BN_MASK2) != 0) continue; | ||
| 259 | for (x=2; (((++nrp[x])&BN_MASK2) == 0); x++) ; | ||
| 260 | } | ||
| 261 | } | ||
| 262 | bn_correct_top(r); | ||
| 263 | |||
| 264 | /* mont->ri will be a multiple of the word size and below code | ||
| 265 | * is kind of BN_rshift(ret,r,mont->ri) equivalent */ | ||
| 266 | if (r->top <= ri) | ||
| 267 | { | ||
| 268 | ret->top=0; | ||
| 269 | return(1); | ||
| 270 | } | ||
| 271 | al=r->top-ri; | ||
| 272 | |||
| 273 | if (bn_wexpand(ret,ri) == NULL) return(0); | ||
| 274 | x=0-(((al-ri)>>(sizeof(al)*8-1))&1); | ||
| 275 | ret->top=x=(ri&~x)|(al&x); /* min(ri,al) */ | ||
| 276 | ret->neg=r->neg; | ||
| 277 | |||
| 278 | rp=ret->d; | ||
| 279 | ap=&(r->d[ri]); | ||
| 280 | |||
| 281 | { | ||
| 282 | size_t m1,m2; | ||
| 283 | |||
| 284 | v=bn_sub_words(rp,ap,np,ri); | ||
| 285 | /* this ----------------^^ works even in al<ri case | ||
| 286 | * thanks to zealous zeroing of top of the vector in the | ||
| 287 | * beginning. */ | ||
| 288 | |||
| 289 | /* if (al==ri && !v) || al>ri) nrp=rp; else nrp=ap; */ | ||
| 290 | /* in other words if subtraction result is real, then | ||
| 291 | * trick unconditional memcpy below to perform in-place | ||
| 292 | * "refresh" instead of actual copy. */ | ||
| 293 | m1=0-(size_t)(((al-ri)>>(sizeof(al)*8-1))&1); /* al<ri */ | ||
| 294 | m2=0-(size_t)(((ri-al)>>(sizeof(al)*8-1))&1); /* al>ri */ | ||
| 295 | m1|=m2; /* (al!=ri) */ | ||
| 296 | m1|=(0-(size_t)v); /* (al!=ri || v) */ | ||
| 297 | m1&=~m2; /* (al!=ri || v) && !al>ri */ | ||
| 298 | nrp=(BN_ULONG *)(((size_t)rp&~m1)|((size_t)ap&m1)); | ||
| 299 | } | ||
| 300 | |||
| 301 | /* 'i<ri' is chosen to eliminate dependency on input data, even | ||
| 302 | * though it results in redundant copy in al<ri case. */ | ||
| 303 | for (i=0,ri-=4; i<ri; i+=4) | ||
| 304 | { | ||
| 305 | BN_ULONG t1,t2,t3,t4; | ||
| 306 | |||
| 307 | t1=nrp[i+0]; | ||
| 308 | t2=nrp[i+1]; | ||
| 309 | t3=nrp[i+2]; ap[i+0]=0; | ||
| 310 | t4=nrp[i+3]; ap[i+1]=0; | ||
| 311 | rp[i+0]=t1; ap[i+2]=0; | ||
| 312 | rp[i+1]=t2; ap[i+3]=0; | ||
| 313 | rp[i+2]=t3; | ||
| 314 | rp[i+3]=t4; | ||
| 315 | } | ||
| 316 | for (ri+=4; i<ri; i++) | ||
| 317 | rp[i]=nrp[i], ap[i]=0; | ||
| 318 | bn_correct_top(r); | ||
| 319 | bn_correct_top(ret); | ||
| 320 | bn_check_top(ret); | ||
| 321 | |||
| 322 | return(1); | ||
| 323 | } | ||
| 324 | |||
| 325 | int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, | ||
| 326 | BN_CTX *ctx) | ||
| 327 | { | ||
| 328 | int retn=0; | ||
| 329 | BIGNUM *t; | ||
| 330 | |||
| 331 | BN_CTX_start(ctx); | ||
| 332 | if ((t = BN_CTX_get(ctx)) && BN_copy(t,a)) | ||
| 333 | retn = BN_from_montgomery_word(ret,t,mont); | ||
| 334 | BN_CTX_end(ctx); | ||
| 335 | return retn; | ||
| 336 | } | ||
| 337 | |||
| 338 | #else /* !MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD */ | ||
| 339 | |||
| 99 | int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, | 340 | int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, |
| 100 | BN_CTX *ctx) | 341 | BN_CTX *ctx) |
| 101 | { | 342 | { |
| @@ -171,7 +412,7 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, | |||
| 171 | for (x=2; (((++nrp[x])&BN_MASK2) == 0); x++) ; | 412 | for (x=2; (((++nrp[x])&BN_MASK2) == 0); x++) ; |
| 172 | } | 413 | } |
| 173 | } | 414 | } |
| 174 | bn_fix_top(r); | 415 | bn_correct_top(r); |
| 175 | 416 | ||
| 176 | /* mont->ri will be a multiple of the word size and below code | 417 | /* mont->ri will be a multiple of the word size and below code |
| 177 | * is kind of BN_rshift(ret,r,mont->ri) equivalent */ | 418 | * is kind of BN_rshift(ret,r,mont->ri) equivalent */ |
| @@ -230,6 +471,8 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, | |||
| 230 | } | 471 | } |
| 231 | for (ri+=4; i<ri; i++) | 472 | for (ri+=4; i<ri; i++) |
| 232 | rp[i]=nrp[i], ap[i]=0; | 473 | rp[i]=nrp[i], ap[i]=0; |
| 474 | bn_correct_top(r); | ||
| 475 | bn_correct_top(ret); | ||
| 233 | # else | 476 | # else |
| 234 | if (bn_wexpand(ret,al) == NULL) goto err; | 477 | if (bn_wexpand(ret,al) == NULL) goto err; |
| 235 | ret->top=al; | 478 | ret->top=al; |
| @@ -281,10 +524,12 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, | |||
| 281 | } | 524 | } |
| 282 | #endif | 525 | #endif |
| 283 | retn=1; | 526 | retn=1; |
| 527 | bn_check_top(ret); | ||
| 284 | err: | 528 | err: |
| 285 | BN_CTX_end(ctx); | 529 | BN_CTX_end(ctx); |
| 286 | return(retn); | 530 | return(retn); |
| 287 | } | 531 | } |
| 532 | #endif /* MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD */ | ||
| 288 | 533 | ||
| 289 | BN_MONT_CTX *BN_MONT_CTX_new(void) | 534 | BN_MONT_CTX *BN_MONT_CTX_new(void) |
| 290 | { | 535 | { |
| @@ -304,6 +549,11 @@ void BN_MONT_CTX_init(BN_MONT_CTX *ctx) | |||
| 304 | BN_init(&(ctx->RR)); | 549 | BN_init(&(ctx->RR)); |
| 305 | BN_init(&(ctx->N)); | 550 | BN_init(&(ctx->N)); |
| 306 | BN_init(&(ctx->Ni)); | 551 | BN_init(&(ctx->Ni)); |
| 552 | #if 0 /* for OpenSSL 0.9.9 mont->n0 */ | ||
| 553 | ctx->n0[0] = ctx->n0[1] = 0; | ||
| 554 | #else | ||
| 555 | ctx->n0 = 0; | ||
| 556 | #endif | ||
| 307 | ctx->flags=0; | 557 | ctx->flags=0; |
| 308 | } | 558 | } |
| 309 | 559 | ||
| @@ -321,9 +571,11 @@ void BN_MONT_CTX_free(BN_MONT_CTX *mont) | |||
| 321 | 571 | ||
| 322 | int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) | 572 | int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) |
| 323 | { | 573 | { |
| 324 | BIGNUM Ri,*R; | 574 | int ret = 0; |
| 575 | BIGNUM *Ri,*R; | ||
| 325 | 576 | ||
| 326 | BN_init(&Ri); | 577 | BN_CTX_start(ctx); |
| 578 | if((Ri = BN_CTX_get(ctx)) == NULL) goto err; | ||
| 327 | R= &(mont->RR); /* grab RR as a temp */ | 579 | R= &(mont->RR); /* grab RR as a temp */ |
| 328 | if (!BN_copy(&(mont->N),mod)) goto err; /* Set N */ | 580 | if (!BN_copy(&(mont->N),mod)) goto err; /* Set N */ |
| 329 | mont->N.neg = 0; | 581 | mont->N.neg = 0; |
| @@ -334,57 +586,99 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) | |||
| 334 | BN_ULONG buf[2]; | 586 | BN_ULONG buf[2]; |
| 335 | 587 | ||
| 336 | mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2; | 588 | mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2; |
| 337 | if (!(BN_zero(R))) goto err; | 589 | BN_zero(R); |
| 590 | #if 0 /* for OpenSSL 0.9.9 mont->n0, would be "#if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)", | ||
| 591 | only certain BN_BITS2<=32 platforms actually need this */ | ||
| 592 | if (!(BN_set_bit(R,2*BN_BITS2))) goto err; /* R */ | ||
| 593 | #else | ||
| 338 | if (!(BN_set_bit(R,BN_BITS2))) goto err; /* R */ | 594 | if (!(BN_set_bit(R,BN_BITS2))) goto err; /* R */ |
| 595 | #endif | ||
| 339 | 596 | ||
| 340 | buf[0]=mod->d[0]; /* tmod = N mod word size */ | 597 | buf[0]=mod->d[0]; /* tmod = N mod word size */ |
| 341 | buf[1]=0; | 598 | buf[1]=0; |
| 599 | |||
| 600 | BN_init(&tmod); | ||
| 342 | tmod.d=buf; | 601 | tmod.d=buf; |
| 343 | tmod.top=1; | 602 | tmod.top = buf[0] != 0 ? 1 : 0; |
| 344 | tmod.dmax=2; | 603 | tmod.dmax=2; |
| 345 | tmod.neg=0; | 604 | tmod.neg=0; |
| 605 | |||
| 606 | #if 0 /* for OpenSSL 0.9.9 mont->n0, would be "#if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)"; | ||
| 607 | only certain BN_BITS2<=32 platforms actually need this */ | ||
| 608 | tmod.top=0; | ||
| 609 | if ((buf[0] = mod->d[0])) tmod.top=1; | ||
| 610 | if ((buf[1] = mod->top>1 ? mod->d[1] : 0)) tmod.top=2; | ||
| 611 | |||
| 612 | if ((BN_mod_inverse(Ri,R,&tmod,ctx)) == NULL) | ||
| 613 | goto err; | ||
| 614 | if (!BN_lshift(Ri,Ri,2*BN_BITS2)) goto err; /* R*Ri */ | ||
| 615 | if (!BN_is_zero(Ri)) | ||
| 616 | { | ||
| 617 | if (!BN_sub_word(Ri,1)) goto err; | ||
| 618 | } | ||
| 619 | else /* if N mod word size == 1 */ | ||
| 620 | { | ||
| 621 | if (bn_expand(Ri,(int)sizeof(BN_ULONG)*2) == NULL) | ||
| 622 | goto err; | ||
| 623 | /* Ri-- (mod double word size) */ | ||
| 624 | Ri->neg=0; | ||
| 625 | Ri->d[0]=BN_MASK2; | ||
| 626 | Ri->d[1]=BN_MASK2; | ||
| 627 | Ri->top=2; | ||
| 628 | } | ||
| 629 | if (!BN_div(Ri,NULL,Ri,&tmod,ctx)) goto err; | ||
| 630 | /* Ni = (R*Ri-1)/N, | ||
| 631 | * keep only couple of least significant words: */ | ||
| 632 | mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0; | ||
| 633 | mont->n0[1] = (Ri->top > 1) ? Ri->d[1] : 0; | ||
| 634 | #else | ||
| 346 | /* Ri = R^-1 mod N*/ | 635 | /* Ri = R^-1 mod N*/ |
| 347 | if ((BN_mod_inverse(&Ri,R,&tmod,ctx)) == NULL) | 636 | if ((BN_mod_inverse(Ri,R,&tmod,ctx)) == NULL) |
| 348 | goto err; | 637 | goto err; |
| 349 | if (!BN_lshift(&Ri,&Ri,BN_BITS2)) goto err; /* R*Ri */ | 638 | if (!BN_lshift(Ri,Ri,BN_BITS2)) goto err; /* R*Ri */ |
| 350 | if (!BN_is_zero(&Ri)) | 639 | if (!BN_is_zero(Ri)) |
| 351 | { | 640 | { |
| 352 | if (!BN_sub_word(&Ri,1)) goto err; | 641 | if (!BN_sub_word(Ri,1)) goto err; |
| 353 | } | 642 | } |
| 354 | else /* if N mod word size == 1 */ | 643 | else /* if N mod word size == 1 */ |
| 355 | { | 644 | { |
| 356 | if (!BN_set_word(&Ri,BN_MASK2)) goto err; /* Ri-- (mod word size) */ | 645 | if (!BN_set_word(Ri,BN_MASK2)) goto err; /* Ri-- (mod word size) */ |
| 357 | } | 646 | } |
| 358 | if (!BN_div(&Ri,NULL,&Ri,&tmod,ctx)) goto err; | 647 | if (!BN_div(Ri,NULL,Ri,&tmod,ctx)) goto err; |
| 359 | /* Ni = (R*Ri-1)/N, | 648 | /* Ni = (R*Ri-1)/N, |
| 360 | * keep only least significant word: */ | 649 | * keep only least significant word: */ |
| 361 | mont->n0 = (Ri.top > 0) ? Ri.d[0] : 0; | 650 | # if 0 /* for OpenSSL 0.9.9 mont->n0 */ |
| 362 | BN_free(&Ri); | 651 | mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0; |
| 652 | mont->n0[1] = 0; | ||
| 653 | # else | ||
| 654 | mont->n0 = (Ri->top > 0) ? Ri->d[0] : 0; | ||
| 655 | # endif | ||
| 656 | #endif | ||
| 363 | } | 657 | } |
| 364 | #else /* !MONT_WORD */ | 658 | #else /* !MONT_WORD */ |
| 365 | { /* bignum version */ | 659 | { /* bignum version */ |
| 366 | mont->ri=BN_num_bits(&mont->N); | 660 | mont->ri=BN_num_bits(&mont->N); |
| 367 | if (!BN_zero(R)) goto err; | 661 | BN_zero(R); |
| 368 | if (!BN_set_bit(R,mont->ri)) goto err; /* R = 2^ri */ | 662 | if (!BN_set_bit(R,mont->ri)) goto err; /* R = 2^ri */ |
| 369 | /* Ri = R^-1 mod N*/ | 663 | /* Ri = R^-1 mod N*/ |
| 370 | if ((BN_mod_inverse(&Ri,R,&mont->N,ctx)) == NULL) | 664 | if ((BN_mod_inverse(Ri,R,&mont->N,ctx)) == NULL) |
| 371 | goto err; | 665 | goto err; |
| 372 | if (!BN_lshift(&Ri,&Ri,mont->ri)) goto err; /* R*Ri */ | 666 | if (!BN_lshift(Ri,Ri,mont->ri)) goto err; /* R*Ri */ |
| 373 | if (!BN_sub_word(&Ri,1)) goto err; | 667 | if (!BN_sub_word(Ri,1)) goto err; |
| 374 | /* Ni = (R*Ri-1) / N */ | 668 | /* Ni = (R*Ri-1) / N */ |
| 375 | if (!BN_div(&(mont->Ni),NULL,&Ri,&mont->N,ctx)) goto err; | 669 | if (!BN_div(&(mont->Ni),NULL,Ri,&mont->N,ctx)) goto err; |
| 376 | BN_free(&Ri); | ||
| 377 | } | 670 | } |
| 378 | #endif | 671 | #endif |
| 379 | 672 | ||
| 380 | /* setup RR for conversions */ | 673 | /* setup RR for conversions */ |
| 381 | if (!BN_zero(&(mont->RR))) goto err; | 674 | BN_zero(&(mont->RR)); |
| 382 | if (!BN_set_bit(&(mont->RR),mont->ri*2)) goto err; | 675 | if (!BN_set_bit(&(mont->RR),mont->ri*2)) goto err; |
| 383 | if (!BN_mod(&(mont->RR),&(mont->RR),&(mont->N),ctx)) goto err; | 676 | if (!BN_mod(&(mont->RR),&(mont->RR),&(mont->N),ctx)) goto err; |
| 384 | 677 | ||
| 385 | return(1); | 678 | ret = 1; |
| 386 | err: | 679 | err: |
| 387 | return(0); | 680 | BN_CTX_end(ctx); |
| 681 | return ret; | ||
| 388 | } | 682 | } |
| 389 | 683 | ||
| 390 | BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from) | 684 | BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from) |
| @@ -395,27 +689,44 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from) | |||
| 395 | if (!BN_copy(&(to->N),&(from->N))) return NULL; | 689 | if (!BN_copy(&(to->N),&(from->N))) return NULL; |
| 396 | if (!BN_copy(&(to->Ni),&(from->Ni))) return NULL; | 690 | if (!BN_copy(&(to->Ni),&(from->Ni))) return NULL; |
| 397 | to->ri=from->ri; | 691 | to->ri=from->ri; |
| 692 | #if 0 /* for OpenSSL 0.9.9 mont->n0 */ | ||
| 693 | to->n0[0]=from->n0[0]; | ||
| 694 | to->n0[1]=from->n0[1]; | ||
| 695 | #else | ||
| 398 | to->n0=from->n0; | 696 | to->n0=from->n0; |
| 697 | #endif | ||
| 399 | return(to); | 698 | return(to); |
| 400 | } | 699 | } |
| 401 | 700 | ||
| 402 | BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, | 701 | BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, |
| 403 | const BIGNUM *mod, BN_CTX *ctx) | 702 | const BIGNUM *mod, BN_CTX *ctx) |
| 404 | { | 703 | { |
| 405 | if (*pmont) | 704 | int got_write_lock = 0; |
| 406 | return *pmont; | 705 | BN_MONT_CTX *ret; |
| 407 | CRYPTO_w_lock(lock); | 706 | |
| 707 | CRYPTO_r_lock(lock); | ||
| 408 | if (!*pmont) | 708 | if (!*pmont) |
| 409 | { | 709 | { |
| 410 | *pmont = BN_MONT_CTX_new(); | 710 | CRYPTO_r_unlock(lock); |
| 411 | if (*pmont && !BN_MONT_CTX_set(*pmont, mod, ctx)) | 711 | CRYPTO_w_lock(lock); |
| 712 | got_write_lock = 1; | ||
| 713 | |||
| 714 | if (!*pmont) | ||
| 412 | { | 715 | { |
| 413 | BN_MONT_CTX_free(*pmont); | 716 | ret = BN_MONT_CTX_new(); |
| 414 | *pmont = NULL; | 717 | if (ret && !BN_MONT_CTX_set(ret, mod, ctx)) |
| 718 | BN_MONT_CTX_free(ret); | ||
| 719 | else | ||
| 720 | *pmont = ret; | ||
| 415 | } | 721 | } |
| 416 | } | 722 | } |
| 417 | CRYPTO_w_unlock(lock); | 723 | |
| 418 | return *pmont; | 724 | ret = *pmont; |
| 419 | } | 725 | |
| 726 | if (got_write_lock) | ||
| 727 | CRYPTO_w_unlock(lock); | ||
| 728 | else | ||
| 729 | CRYPTO_r_unlock(lock); | ||
| 420 | 730 | ||
| 421 | 731 | return ret; | |
| 732 | } | ||
diff --git a/src/lib/libcrypto/bn/bn_mpi.c b/src/lib/libcrypto/bn/bn_mpi.c index 05fa9d1e9a..a054d21aed 100644 --- a/src/lib/libcrypto/bn/bn_mpi.c +++ b/src/lib/libcrypto/bn/bn_mpi.c | |||
| @@ -124,6 +124,7 @@ BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a) | |||
| 124 | { | 124 | { |
| 125 | BN_clear_bit(a,BN_num_bits(a)-1); | 125 | BN_clear_bit(a,BN_num_bits(a)-1); |
| 126 | } | 126 | } |
| 127 | bn_check_top(a); | ||
| 127 | return(a); | 128 | return(a); |
| 128 | } | 129 | } |
| 129 | 130 | ||
diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c index 3ae3822bc2..b848c8cc60 100644 --- a/src/lib/libcrypto/bn/bn_mul.c +++ b/src/lib/libcrypto/bn/bn_mul.c | |||
| @@ -56,10 +56,325 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef BN_DEBUG | ||
| 60 | # undef NDEBUG /* avoid conflicting definitions */ | ||
| 61 | # define NDEBUG | ||
| 62 | #endif | ||
| 63 | |||
| 59 | #include <stdio.h> | 64 | #include <stdio.h> |
| 65 | #include <assert.h> | ||
| 60 | #include "cryptlib.h" | 66 | #include "cryptlib.h" |
| 61 | #include "bn_lcl.h" | 67 | #include "bn_lcl.h" |
| 62 | 68 | ||
| 69 | #if defined(OPENSSL_NO_ASM) || !defined(OPENSSL_BN_ASM_PART_WORDS) | ||
| 70 | /* Here follows specialised variants of bn_add_words() and | ||
| 71 | bn_sub_words(). They have the property performing operations on | ||
| 72 | arrays of different sizes. The sizes of those arrays is expressed through | ||
| 73 | cl, which is the common length ( basicall, min(len(a),len(b)) ), and dl, | ||
| 74 | which is the delta between the two lengths, calculated as len(a)-len(b). | ||
| 75 | All lengths are the number of BN_ULONGs... For the operations that require | ||
| 76 | a result array as parameter, it must have the length cl+abs(dl). | ||
| 77 | These functions should probably end up in bn_asm.c as soon as there are | ||
| 78 | assembler counterparts for the systems that use assembler files. */ | ||
| 79 | |||
| 80 | BN_ULONG bn_sub_part_words(BN_ULONG *r, | ||
| 81 | const BN_ULONG *a, const BN_ULONG *b, | ||
| 82 | int cl, int dl) | ||
| 83 | { | ||
| 84 | BN_ULONG c, t; | ||
| 85 | |||
| 86 | assert(cl >= 0); | ||
| 87 | c = bn_sub_words(r, a, b, cl); | ||
| 88 | |||
| 89 | if (dl == 0) | ||
| 90 | return c; | ||
| 91 | |||
| 92 | r += cl; | ||
| 93 | a += cl; | ||
| 94 | b += cl; | ||
| 95 | |||
| 96 | if (dl < 0) | ||
| 97 | { | ||
| 98 | #ifdef BN_COUNT | ||
| 99 | fprintf(stderr, " bn_sub_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c); | ||
| 100 | #endif | ||
| 101 | for (;;) | ||
| 102 | { | ||
| 103 | t = b[0]; | ||
| 104 | r[0] = (0-t-c)&BN_MASK2; | ||
| 105 | if (t != 0) c=1; | ||
| 106 | if (++dl >= 0) break; | ||
| 107 | |||
| 108 | t = b[1]; | ||
| 109 | r[1] = (0-t-c)&BN_MASK2; | ||
| 110 | if (t != 0) c=1; | ||
| 111 | if (++dl >= 0) break; | ||
| 112 | |||
| 113 | t = b[2]; | ||
| 114 | r[2] = (0-t-c)&BN_MASK2; | ||
| 115 | if (t != 0) c=1; | ||
| 116 | if (++dl >= 0) break; | ||
| 117 | |||
| 118 | t = b[3]; | ||
| 119 | r[3] = (0-t-c)&BN_MASK2; | ||
| 120 | if (t != 0) c=1; | ||
| 121 | if (++dl >= 0) break; | ||
| 122 | |||
| 123 | b += 4; | ||
| 124 | r += 4; | ||
| 125 | } | ||
| 126 | } | ||
| 127 | else | ||
| 128 | { | ||
| 129 | int save_dl = dl; | ||
| 130 | #ifdef BN_COUNT | ||
| 131 | fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c = %d)\n", cl, dl, c); | ||
| 132 | #endif | ||
| 133 | while(c) | ||
| 134 | { | ||
| 135 | t = a[0]; | ||
| 136 | r[0] = (t-c)&BN_MASK2; | ||
| 137 | if (t != 0) c=0; | ||
| 138 | if (--dl <= 0) break; | ||
| 139 | |||
| 140 | t = a[1]; | ||
| 141 | r[1] = (t-c)&BN_MASK2; | ||
| 142 | if (t != 0) c=0; | ||
| 143 | if (--dl <= 0) break; | ||
| 144 | |||
| 145 | t = a[2]; | ||
| 146 | r[2] = (t-c)&BN_MASK2; | ||
| 147 | if (t != 0) c=0; | ||
| 148 | if (--dl <= 0) break; | ||
| 149 | |||
| 150 | t = a[3]; | ||
| 151 | r[3] = (t-c)&BN_MASK2; | ||
| 152 | if (t != 0) c=0; | ||
| 153 | if (--dl <= 0) break; | ||
| 154 | |||
| 155 | save_dl = dl; | ||
| 156 | a += 4; | ||
| 157 | r += 4; | ||
| 158 | } | ||
| 159 | if (dl > 0) | ||
| 160 | { | ||
| 161 | #ifdef BN_COUNT | ||
| 162 | fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c == 0)\n", cl, dl); | ||
| 163 | #endif | ||
| 164 | if (save_dl > dl) | ||
| 165 | { | ||
| 166 | switch (save_dl - dl) | ||
| 167 | { | ||
| 168 | case 1: | ||
| 169 | r[1] = a[1]; | ||
| 170 | if (--dl <= 0) break; | ||
| 171 | case 2: | ||
| 172 | r[2] = a[2]; | ||
| 173 | if (--dl <= 0) break; | ||
| 174 | case 3: | ||
| 175 | r[3] = a[3]; | ||
| 176 | if (--dl <= 0) break; | ||
| 177 | } | ||
| 178 | a += 4; | ||
| 179 | r += 4; | ||
| 180 | } | ||
| 181 | } | ||
| 182 | if (dl > 0) | ||
| 183 | { | ||
| 184 | #ifdef BN_COUNT | ||
| 185 | fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, copy)\n", cl, dl); | ||
| 186 | #endif | ||
| 187 | for(;;) | ||
| 188 | { | ||
| 189 | r[0] = a[0]; | ||
| 190 | if (--dl <= 0) break; | ||
| 191 | r[1] = a[1]; | ||
| 192 | if (--dl <= 0) break; | ||
| 193 | r[2] = a[2]; | ||
| 194 | if (--dl <= 0) break; | ||
| 195 | r[3] = a[3]; | ||
| 196 | if (--dl <= 0) break; | ||
| 197 | |||
| 198 | a += 4; | ||
| 199 | r += 4; | ||
| 200 | } | ||
| 201 | } | ||
| 202 | } | ||
| 203 | return c; | ||
| 204 | } | ||
| 205 | #endif | ||
| 206 | |||
| 207 | BN_ULONG bn_add_part_words(BN_ULONG *r, | ||
| 208 | const BN_ULONG *a, const BN_ULONG *b, | ||
| 209 | int cl, int dl) | ||
| 210 | { | ||
| 211 | BN_ULONG c, l, t; | ||
| 212 | |||
| 213 | assert(cl >= 0); | ||
| 214 | c = bn_add_words(r, a, b, cl); | ||
| 215 | |||
| 216 | if (dl == 0) | ||
| 217 | return c; | ||
| 218 | |||
| 219 | r += cl; | ||
| 220 | a += cl; | ||
| 221 | b += cl; | ||
| 222 | |||
| 223 | if (dl < 0) | ||
| 224 | { | ||
| 225 | int save_dl = dl; | ||
| 226 | #ifdef BN_COUNT | ||
| 227 | fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c); | ||
| 228 | #endif | ||
| 229 | while (c) | ||
| 230 | { | ||
| 231 | l=(c+b[0])&BN_MASK2; | ||
| 232 | c=(l < c); | ||
| 233 | r[0]=l; | ||
| 234 | if (++dl >= 0) break; | ||
| 235 | |||
| 236 | l=(c+b[1])&BN_MASK2; | ||
| 237 | c=(l < c); | ||
| 238 | r[1]=l; | ||
| 239 | if (++dl >= 0) break; | ||
| 240 | |||
| 241 | l=(c+b[2])&BN_MASK2; | ||
| 242 | c=(l < c); | ||
| 243 | r[2]=l; | ||
| 244 | if (++dl >= 0) break; | ||
| 245 | |||
| 246 | l=(c+b[3])&BN_MASK2; | ||
| 247 | c=(l < c); | ||
| 248 | r[3]=l; | ||
| 249 | if (++dl >= 0) break; | ||
| 250 | |||
| 251 | save_dl = dl; | ||
| 252 | b+=4; | ||
| 253 | r+=4; | ||
| 254 | } | ||
| 255 | if (dl < 0) | ||
| 256 | { | ||
| 257 | #ifdef BN_COUNT | ||
| 258 | fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c == 0)\n", cl, dl); | ||
| 259 | #endif | ||
| 260 | if (save_dl < dl) | ||
| 261 | { | ||
| 262 | switch (dl - save_dl) | ||
| 263 | { | ||
| 264 | case 1: | ||
| 265 | r[1] = b[1]; | ||
| 266 | if (++dl >= 0) break; | ||
| 267 | case 2: | ||
| 268 | r[2] = b[2]; | ||
| 269 | if (++dl >= 0) break; | ||
| 270 | case 3: | ||
| 271 | r[3] = b[3]; | ||
| 272 | if (++dl >= 0) break; | ||
| 273 | } | ||
| 274 | b += 4; | ||
| 275 | r += 4; | ||
| 276 | } | ||
| 277 | } | ||
| 278 | if (dl < 0) | ||
| 279 | { | ||
| 280 | #ifdef BN_COUNT | ||
| 281 | fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, copy)\n", cl, dl); | ||
| 282 | #endif | ||
| 283 | for(;;) | ||
| 284 | { | ||
| 285 | r[0] = b[0]; | ||
| 286 | if (++dl >= 0) break; | ||
| 287 | r[1] = b[1]; | ||
| 288 | if (++dl >= 0) break; | ||
| 289 | r[2] = b[2]; | ||
| 290 | if (++dl >= 0) break; | ||
| 291 | r[3] = b[3]; | ||
| 292 | if (++dl >= 0) break; | ||
| 293 | |||
| 294 | b += 4; | ||
| 295 | r += 4; | ||
| 296 | } | ||
| 297 | } | ||
| 298 | } | ||
| 299 | else | ||
| 300 | { | ||
| 301 | int save_dl = dl; | ||
| 302 | #ifdef BN_COUNT | ||
| 303 | fprintf(stderr, " bn_add_part_words %d + %d (dl > 0)\n", cl, dl); | ||
| 304 | #endif | ||
| 305 | while (c) | ||
| 306 | { | ||
| 307 | t=(a[0]+c)&BN_MASK2; | ||
| 308 | c=(t < c); | ||
| 309 | r[0]=t; | ||
| 310 | if (--dl <= 0) break; | ||
| 311 | |||
| 312 | t=(a[1]+c)&BN_MASK2; | ||
| 313 | c=(t < c); | ||
| 314 | r[1]=t; | ||
| 315 | if (--dl <= 0) break; | ||
| 316 | |||
| 317 | t=(a[2]+c)&BN_MASK2; | ||
| 318 | c=(t < c); | ||
| 319 | r[2]=t; | ||
| 320 | if (--dl <= 0) break; | ||
| 321 | |||
| 322 | t=(a[3]+c)&BN_MASK2; | ||
| 323 | c=(t < c); | ||
| 324 | r[3]=t; | ||
| 325 | if (--dl <= 0) break; | ||
| 326 | |||
| 327 | save_dl = dl; | ||
| 328 | a+=4; | ||
| 329 | r+=4; | ||
| 330 | } | ||
| 331 | #ifdef BN_COUNT | ||
| 332 | fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, c == 0)\n", cl, dl); | ||
| 333 | #endif | ||
| 334 | if (dl > 0) | ||
| 335 | { | ||
| 336 | if (save_dl > dl) | ||
| 337 | { | ||
| 338 | switch (save_dl - dl) | ||
| 339 | { | ||
| 340 | case 1: | ||
| 341 | r[1] = a[1]; | ||
| 342 | if (--dl <= 0) break; | ||
| 343 | case 2: | ||
| 344 | r[2] = a[2]; | ||
| 345 | if (--dl <= 0) break; | ||
| 346 | case 3: | ||
| 347 | r[3] = a[3]; | ||
| 348 | if (--dl <= 0) break; | ||
| 349 | } | ||
| 350 | a += 4; | ||
| 351 | r += 4; | ||
| 352 | } | ||
| 353 | } | ||
| 354 | if (dl > 0) | ||
| 355 | { | ||
| 356 | #ifdef BN_COUNT | ||
| 357 | fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, copy)\n", cl, dl); | ||
| 358 | #endif | ||
| 359 | for(;;) | ||
| 360 | { | ||
| 361 | r[0] = a[0]; | ||
| 362 | if (--dl <= 0) break; | ||
| 363 | r[1] = a[1]; | ||
| 364 | if (--dl <= 0) break; | ||
| 365 | r[2] = a[2]; | ||
| 366 | if (--dl <= 0) break; | ||
| 367 | r[3] = a[3]; | ||
| 368 | if (--dl <= 0) break; | ||
| 369 | |||
| 370 | a += 4; | ||
| 371 | r += 4; | ||
| 372 | } | ||
| 373 | } | ||
| 374 | } | ||
| 375 | return c; | ||
| 376 | } | ||
| 377 | |||
| 63 | #ifdef BN_RECURSION | 378 | #ifdef BN_RECURSION |
| 64 | /* Karatsuba recursive multiplication algorithm | 379 | /* Karatsuba recursive multiplication algorithm |
| 65 | * (cf. Knuth, The Art of Computer Programming, Vol. 2) */ | 380 | * (cf. Knuth, The Art of Computer Programming, Vol. 2) */ |
| @@ -74,15 +389,17 @@ | |||
| 74 | * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0]) | 389 | * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0]) |
| 75 | * a[1]*b[1] | 390 | * a[1]*b[1] |
| 76 | */ | 391 | */ |
| 392 | /* dnX may not be positive, but n2/2+dnX has to be */ | ||
| 77 | void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | 393 | void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, |
| 78 | BN_ULONG *t) | 394 | int dna, int dnb, BN_ULONG *t) |
| 79 | { | 395 | { |
| 80 | int n=n2/2,c1,c2; | 396 | int n=n2/2,c1,c2; |
| 397 | int tna=n+dna, tnb=n+dnb; | ||
| 81 | unsigned int neg,zero; | 398 | unsigned int neg,zero; |
| 82 | BN_ULONG ln,lo,*p; | 399 | BN_ULONG ln,lo,*p; |
| 83 | 400 | ||
| 84 | # ifdef BN_COUNT | 401 | # ifdef BN_COUNT |
| 85 | printf(" bn_mul_recursive %d * %d\n",n2,n2); | 402 | fprintf(stderr," bn_mul_recursive %d%+d * %d%+d\n",n2,dna,n2,dnb); |
| 86 | # endif | 403 | # endif |
| 87 | # ifdef BN_MUL_COMBA | 404 | # ifdef BN_MUL_COMBA |
| 88 | # if 0 | 405 | # if 0 |
| @@ -92,34 +409,40 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 92 | return; | 409 | return; |
| 93 | } | 410 | } |
| 94 | # endif | 411 | # endif |
| 95 | if (n2 == 8) | 412 | /* Only call bn_mul_comba 8 if n2 == 8 and the |
| 413 | * two arrays are complete [steve] | ||
| 414 | */ | ||
| 415 | if (n2 == 8 && dna == 0 && dnb == 0) | ||
| 96 | { | 416 | { |
| 97 | bn_mul_comba8(r,a,b); | 417 | bn_mul_comba8(r,a,b); |
| 98 | return; | 418 | return; |
| 99 | } | 419 | } |
| 100 | # endif /* BN_MUL_COMBA */ | 420 | # endif /* BN_MUL_COMBA */ |
| 421 | /* Else do normal multiply */ | ||
| 101 | if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) | 422 | if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) |
| 102 | { | 423 | { |
| 103 | /* This should not happen */ | 424 | bn_mul_normal(r,a,n2+dna,b,n2+dnb); |
| 104 | bn_mul_normal(r,a,n2,b,n2); | 425 | if ((dna + dnb) < 0) |
| 426 | memset(&r[2*n2 + dna + dnb], 0, | ||
| 427 | sizeof(BN_ULONG) * -(dna + dnb)); | ||
| 105 | return; | 428 | return; |
| 106 | } | 429 | } |
| 107 | /* r=(a[0]-a[1])*(b[1]-b[0]) */ | 430 | /* r=(a[0]-a[1])*(b[1]-b[0]) */ |
| 108 | c1=bn_cmp_words(a,&(a[n]),n); | 431 | c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); |
| 109 | c2=bn_cmp_words(&(b[n]),b,n); | 432 | c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); |
| 110 | zero=neg=0; | 433 | zero=neg=0; |
| 111 | switch (c1*3+c2) | 434 | switch (c1*3+c2) |
| 112 | { | 435 | { |
| 113 | case -4: | 436 | case -4: |
| 114 | bn_sub_words(t, &(a[n]),a, n); /* - */ | 437 | bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ |
| 115 | bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ | 438 | bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ |
| 116 | break; | 439 | break; |
| 117 | case -3: | 440 | case -3: |
| 118 | zero=1; | 441 | zero=1; |
| 119 | break; | 442 | break; |
| 120 | case -2: | 443 | case -2: |
| 121 | bn_sub_words(t, &(a[n]),a, n); /* - */ | 444 | bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ |
| 122 | bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ | 445 | bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */ |
| 123 | neg=1; | 446 | neg=1; |
| 124 | break; | 447 | break; |
| 125 | case -1: | 448 | case -1: |
| @@ -128,21 +451,22 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 128 | zero=1; | 451 | zero=1; |
| 129 | break; | 452 | break; |
| 130 | case 2: | 453 | case 2: |
| 131 | bn_sub_words(t, a, &(a[n]),n); /* + */ | 454 | bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ |
| 132 | bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ | 455 | bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ |
| 133 | neg=1; | 456 | neg=1; |
| 134 | break; | 457 | break; |
| 135 | case 3: | 458 | case 3: |
| 136 | zero=1; | 459 | zero=1; |
| 137 | break; | 460 | break; |
| 138 | case 4: | 461 | case 4: |
| 139 | bn_sub_words(t, a, &(a[n]),n); | 462 | bn_sub_part_words(t, a, &(a[n]),tna,n-tna); |
| 140 | bn_sub_words(&(t[n]),&(b[n]),b, n); | 463 | bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); |
| 141 | break; | 464 | break; |
| 142 | } | 465 | } |
| 143 | 466 | ||
| 144 | # ifdef BN_MUL_COMBA | 467 | # ifdef BN_MUL_COMBA |
| 145 | if (n == 4) | 468 | if (n == 4 && dna == 0 && dnb == 0) /* XXX: bn_mul_comba4 could take |
| 469 | extra args to do this well */ | ||
| 146 | { | 470 | { |
| 147 | if (!zero) | 471 | if (!zero) |
| 148 | bn_mul_comba4(&(t[n2]),t,&(t[n])); | 472 | bn_mul_comba4(&(t[n2]),t,&(t[n])); |
| @@ -152,7 +476,9 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 152 | bn_mul_comba4(r,a,b); | 476 | bn_mul_comba4(r,a,b); |
| 153 | bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n])); | 477 | bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n])); |
| 154 | } | 478 | } |
| 155 | else if (n == 8) | 479 | else if (n == 8 && dna == 0 && dnb == 0) /* XXX: bn_mul_comba8 could |
| 480 | take extra args to do this | ||
| 481 | well */ | ||
| 156 | { | 482 | { |
| 157 | if (!zero) | 483 | if (!zero) |
| 158 | bn_mul_comba8(&(t[n2]),t,&(t[n])); | 484 | bn_mul_comba8(&(t[n2]),t,&(t[n])); |
| @@ -167,11 +493,11 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 167 | { | 493 | { |
| 168 | p= &(t[n2*2]); | 494 | p= &(t[n2*2]); |
| 169 | if (!zero) | 495 | if (!zero) |
| 170 | bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); | 496 | bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p); |
| 171 | else | 497 | else |
| 172 | memset(&(t[n2]),0,n2*sizeof(BN_ULONG)); | 498 | memset(&(t[n2]),0,n2*sizeof(BN_ULONG)); |
| 173 | bn_mul_recursive(r,a,b,n,p); | 499 | bn_mul_recursive(r,a,b,n,0,0,p); |
| 174 | bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p); | 500 | bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,dna,dnb,p); |
| 175 | } | 501 | } |
| 176 | 502 | ||
| 177 | /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign | 503 | /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign |
| @@ -220,39 +546,40 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 220 | 546 | ||
| 221 | /* n+tn is the word length | 547 | /* n+tn is the word length |
| 222 | * t needs to be n*4 is size, as does r */ | 548 | * t needs to be n*4 is size, as does r */ |
| 223 | void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, | 549 | /* tnX may not be negative but less than n */ |
| 224 | int n, BN_ULONG *t) | 550 | void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, |
| 551 | int tna, int tnb, BN_ULONG *t) | ||
| 225 | { | 552 | { |
| 226 | int i,j,n2=n*2; | 553 | int i,j,n2=n*2; |
| 227 | int c1,c2,neg,zero; | 554 | int c1,c2,neg,zero; |
| 228 | BN_ULONG ln,lo,*p; | 555 | BN_ULONG ln,lo,*p; |
| 229 | 556 | ||
| 230 | # ifdef BN_COUNT | 557 | # ifdef BN_COUNT |
| 231 | printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n); | 558 | fprintf(stderr," bn_mul_part_recursive (%d%+d) * (%d%+d)\n", |
| 559 | n, tna, n, tnb); | ||
| 232 | # endif | 560 | # endif |
| 233 | if (n < 8) | 561 | if (n < 8) |
| 234 | { | 562 | { |
| 235 | i=tn+n; | 563 | bn_mul_normal(r,a,n+tna,b,n+tnb); |
| 236 | bn_mul_normal(r,a,i,b,i); | ||
| 237 | return; | 564 | return; |
| 238 | } | 565 | } |
| 239 | 566 | ||
| 240 | /* r=(a[0]-a[1])*(b[1]-b[0]) */ | 567 | /* r=(a[0]-a[1])*(b[1]-b[0]) */ |
| 241 | c1=bn_cmp_words(a,&(a[n]),n); | 568 | c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); |
| 242 | c2=bn_cmp_words(&(b[n]),b,n); | 569 | c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); |
| 243 | zero=neg=0; | 570 | zero=neg=0; |
| 244 | switch (c1*3+c2) | 571 | switch (c1*3+c2) |
| 245 | { | 572 | { |
| 246 | case -4: | 573 | case -4: |
| 247 | bn_sub_words(t, &(a[n]),a, n); /* - */ | 574 | bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ |
| 248 | bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ | 575 | bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ |
| 249 | break; | 576 | break; |
| 250 | case -3: | 577 | case -3: |
| 251 | zero=1; | 578 | zero=1; |
| 252 | /* break; */ | 579 | /* break; */ |
| 253 | case -2: | 580 | case -2: |
| 254 | bn_sub_words(t, &(a[n]),a, n); /* - */ | 581 | bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ |
| 255 | bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ | 582 | bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */ |
| 256 | neg=1; | 583 | neg=1; |
| 257 | break; | 584 | break; |
| 258 | case -1: | 585 | case -1: |
| @@ -261,16 +588,16 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, | |||
| 261 | zero=1; | 588 | zero=1; |
| 262 | /* break; */ | 589 | /* break; */ |
| 263 | case 2: | 590 | case 2: |
| 264 | bn_sub_words(t, a, &(a[n]),n); /* + */ | 591 | bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ |
| 265 | bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ | 592 | bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ |
| 266 | neg=1; | 593 | neg=1; |
| 267 | break; | 594 | break; |
| 268 | case 3: | 595 | case 3: |
| 269 | zero=1; | 596 | zero=1; |
| 270 | /* break; */ | 597 | /* break; */ |
| 271 | case 4: | 598 | case 4: |
| 272 | bn_sub_words(t, a, &(a[n]),n); | 599 | bn_sub_part_words(t, a, &(a[n]),tna,n-tna); |
| 273 | bn_sub_words(&(t[n]),&(b[n]),b, n); | 600 | bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); |
| 274 | break; | 601 | break; |
| 275 | } | 602 | } |
| 276 | /* The zero case isn't yet implemented here. The speedup | 603 | /* The zero case isn't yet implemented here. The speedup |
| @@ -289,54 +616,62 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, | |||
| 289 | { | 616 | { |
| 290 | bn_mul_comba8(&(t[n2]),t,&(t[n])); | 617 | bn_mul_comba8(&(t[n2]),t,&(t[n])); |
| 291 | bn_mul_comba8(r,a,b); | 618 | bn_mul_comba8(r,a,b); |
| 292 | bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); | 619 | bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb); |
| 293 | memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2)); | 620 | memset(&(r[n2+tna+tnb]),0,sizeof(BN_ULONG)*(n2-tna-tnb)); |
| 294 | } | 621 | } |
| 295 | else | 622 | else |
| 296 | { | 623 | { |
| 297 | p= &(t[n2*2]); | 624 | p= &(t[n2*2]); |
| 298 | bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); | 625 | bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p); |
| 299 | bn_mul_recursive(r,a,b,n,p); | 626 | bn_mul_recursive(r,a,b,n,0,0,p); |
| 300 | i=n/2; | 627 | i=n/2; |
| 301 | /* If there is only a bottom half to the number, | 628 | /* If there is only a bottom half to the number, |
| 302 | * just do it */ | 629 | * just do it */ |
| 303 | j=tn-i; | 630 | if (tna > tnb) |
| 631 | j = tna - i; | ||
| 632 | else | ||
| 633 | j = tnb - i; | ||
| 304 | if (j == 0) | 634 | if (j == 0) |
| 305 | { | 635 | { |
| 306 | bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p); | 636 | bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]), |
| 637 | i,tna-i,tnb-i,p); | ||
| 307 | memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2)); | 638 | memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2)); |
| 308 | } | 639 | } |
| 309 | else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */ | 640 | else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */ |
| 310 | { | 641 | { |
| 311 | bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]), | 642 | bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]), |
| 312 | j,i,p); | 643 | i,tna-i,tnb-i,p); |
| 313 | memset(&(r[n2+tn*2]),0, | 644 | memset(&(r[n2+tna+tnb]),0, |
| 314 | sizeof(BN_ULONG)*(n2-tn*2)); | 645 | sizeof(BN_ULONG)*(n2-tna-tnb)); |
| 315 | } | 646 | } |
| 316 | else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */ | 647 | else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */ |
| 317 | { | 648 | { |
| 318 | memset(&(r[n2]),0,sizeof(BN_ULONG)*n2); | 649 | memset(&(r[n2]),0,sizeof(BN_ULONG)*n2); |
| 319 | if (tn < BN_MUL_RECURSIVE_SIZE_NORMAL) | 650 | if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL |
| 651 | && tnb < BN_MUL_RECURSIVE_SIZE_NORMAL) | ||
| 320 | { | 652 | { |
| 321 | bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); | 653 | bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb); |
| 322 | } | 654 | } |
| 323 | else | 655 | else |
| 324 | { | 656 | { |
| 325 | for (;;) | 657 | for (;;) |
| 326 | { | 658 | { |
| 327 | i/=2; | 659 | i/=2; |
| 328 | if (i < tn) | 660 | /* these simplified conditions work |
| 661 | * exclusively because difference | ||
| 662 | * between tna and tnb is 1 or 0 */ | ||
| 663 | if (i < tna || i < tnb) | ||
| 329 | { | 664 | { |
| 330 | bn_mul_part_recursive(&(r[n2]), | 665 | bn_mul_part_recursive(&(r[n2]), |
| 331 | &(a[n]),&(b[n]), | 666 | &(a[n]),&(b[n]), |
| 332 | tn-i,i,p); | 667 | i,tna-i,tnb-i,p); |
| 333 | break; | 668 | break; |
| 334 | } | 669 | } |
| 335 | else if (i == tn) | 670 | else if (i == tna || i == tnb) |
| 336 | { | 671 | { |
| 337 | bn_mul_recursive(&(r[n2]), | 672 | bn_mul_recursive(&(r[n2]), |
| 338 | &(a[n]),&(b[n]), | 673 | &(a[n]),&(b[n]), |
| 339 | i,p); | 674 | i,tna-i,tnb-i,p); |
| 340 | break; | 675 | break; |
| 341 | } | 676 | } |
| 342 | } | 677 | } |
| @@ -397,10 +732,10 @@ void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 397 | int n=n2/2; | 732 | int n=n2/2; |
| 398 | 733 | ||
| 399 | # ifdef BN_COUNT | 734 | # ifdef BN_COUNT |
| 400 | printf(" bn_mul_low_recursive %d * %d\n",n2,n2); | 735 | fprintf(stderr," bn_mul_low_recursive %d * %d\n",n2,n2); |
| 401 | # endif | 736 | # endif |
| 402 | 737 | ||
| 403 | bn_mul_recursive(r,a,b,n,&(t[0])); | 738 | bn_mul_recursive(r,a,b,n,0,0,&(t[0])); |
| 404 | if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) | 739 | if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) |
| 405 | { | 740 | { |
| 406 | bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2])); | 741 | bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2])); |
| @@ -431,7 +766,7 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, | |||
| 431 | BN_ULONG ll,lc,*lp,*mp; | 766 | BN_ULONG ll,lc,*lp,*mp; |
| 432 | 767 | ||
| 433 | # ifdef BN_COUNT | 768 | # ifdef BN_COUNT |
| 434 | printf(" bn_mul_high %d * %d\n",n2,n2); | 769 | fprintf(stderr," bn_mul_high %d * %d\n",n2,n2); |
| 435 | # endif | 770 | # endif |
| 436 | n=n2/2; | 771 | n=n2/2; |
| 437 | 772 | ||
| @@ -484,8 +819,8 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, | |||
| 484 | else | 819 | else |
| 485 | # endif | 820 | # endif |
| 486 | { | 821 | { |
| 487 | bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2])); | 822 | bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,0,0,&(t[n2])); |
| 488 | bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2])); | 823 | bn_mul_recursive(r,&(a[n]),&(b[n]),n,0,0,&(t[n2])); |
| 489 | } | 824 | } |
| 490 | 825 | ||
| 491 | /* s0 == low(al*bl) | 826 | /* s0 == low(al*bl) |
| @@ -610,19 +945,19 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, | |||
| 610 | 945 | ||
| 611 | int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | 946 | int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) |
| 612 | { | 947 | { |
| 948 | int ret=0; | ||
| 613 | int top,al,bl; | 949 | int top,al,bl; |
| 614 | BIGNUM *rr; | 950 | BIGNUM *rr; |
| 615 | int ret = 0; | ||
| 616 | #if defined(BN_MUL_COMBA) || defined(BN_RECURSION) | 951 | #if defined(BN_MUL_COMBA) || defined(BN_RECURSION) |
| 617 | int i; | 952 | int i; |
| 618 | #endif | 953 | #endif |
| 619 | #ifdef BN_RECURSION | 954 | #ifdef BN_RECURSION |
| 620 | BIGNUM *t; | 955 | BIGNUM *t=NULL; |
| 621 | int j,k; | 956 | int j=0,k; |
| 622 | #endif | 957 | #endif |
| 623 | 958 | ||
| 624 | #ifdef BN_COUNT | 959 | #ifdef BN_COUNT |
| 625 | printf("BN_mul %d * %d\n",a->top,b->top); | 960 | fprintf(stderr,"BN_mul %d * %d\n",a->top,b->top); |
| 626 | #endif | 961 | #endif |
| 627 | 962 | ||
| 628 | bn_check_top(a); | 963 | bn_check_top(a); |
| @@ -634,7 +969,7 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | |||
| 634 | 969 | ||
| 635 | if ((al == 0) || (bl == 0)) | 970 | if ((al == 0) || (bl == 0)) |
| 636 | { | 971 | { |
| 637 | if (!BN_zero(r)) goto err; | 972 | BN_zero(r); |
| 638 | return(1); | 973 | return(1); |
| 639 | } | 974 | } |
| 640 | top=al+bl; | 975 | top=al+bl; |
| @@ -675,21 +1010,55 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | |||
| 675 | #ifdef BN_RECURSION | 1010 | #ifdef BN_RECURSION |
| 676 | if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) | 1011 | if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) |
| 677 | { | 1012 | { |
| 678 | if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA) && bl<b->dmax) | 1013 | if (i >= -1 && i <= 1) |
| 679 | { | 1014 | { |
| 680 | #if 0 /* tribute to const-ification, bl<b->dmax above covers for this */ | 1015 | int sav_j =0; |
| 681 | if (bn_wexpand(b,al) == NULL) goto err; | 1016 | /* Find out the power of two lower or equal |
| 682 | #endif | 1017 | to the longest of the two numbers */ |
| 683 | b->d[bl]=0; | 1018 | if (i >= 0) |
| 1019 | { | ||
| 1020 | j = BN_num_bits_word((BN_ULONG)al); | ||
| 1021 | } | ||
| 1022 | if (i == -1) | ||
| 1023 | { | ||
| 1024 | j = BN_num_bits_word((BN_ULONG)bl); | ||
| 1025 | } | ||
| 1026 | sav_j = j; | ||
| 1027 | j = 1<<(j-1); | ||
| 1028 | assert(j <= al || j <= bl); | ||
| 1029 | k = j+j; | ||
| 1030 | t = BN_CTX_get(ctx); | ||
| 1031 | if (al > j || bl > j) | ||
| 1032 | { | ||
| 1033 | bn_wexpand(t,k*4); | ||
| 1034 | bn_wexpand(rr,k*4); | ||
| 1035 | bn_mul_part_recursive(rr->d,a->d,b->d, | ||
| 1036 | j,al-j,bl-j,t->d); | ||
| 1037 | } | ||
| 1038 | else /* al <= j || bl <= j */ | ||
| 1039 | { | ||
| 1040 | bn_wexpand(t,k*2); | ||
| 1041 | bn_wexpand(rr,k*2); | ||
| 1042 | bn_mul_recursive(rr->d,a->d,b->d, | ||
| 1043 | j,al-j,bl-j,t->d); | ||
| 1044 | } | ||
| 1045 | rr->top=top; | ||
| 1046 | goto end; | ||
| 1047 | } | ||
| 1048 | #if 0 | ||
| 1049 | if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA)) | ||
| 1050 | { | ||
| 1051 | BIGNUM *tmp_bn = (BIGNUM *)b; | ||
| 1052 | if (bn_wexpand(tmp_bn,al) == NULL) goto err; | ||
| 1053 | tmp_bn->d[bl]=0; | ||
| 684 | bl++; | 1054 | bl++; |
| 685 | i--; | 1055 | i--; |
| 686 | } | 1056 | } |
| 687 | else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA) && al<a->dmax) | 1057 | else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA)) |
| 688 | { | 1058 | { |
| 689 | #if 0 /* tribute to const-ification, al<a->dmax above covers for this */ | 1059 | BIGNUM *tmp_bn = (BIGNUM *)a; |
| 690 | if (bn_wexpand(a,bl) == NULL) goto err; | 1060 | if (bn_wexpand(tmp_bn,bl) == NULL) goto err; |
| 691 | #endif | 1061 | tmp_bn->d[al]=0; |
| 692 | a->d[al]=0; | ||
| 693 | al++; | 1062 | al++; |
| 694 | i++; | 1063 | i++; |
| 695 | } | 1064 | } |
| @@ -706,26 +1075,17 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | |||
| 706 | if (bn_wexpand(t,k*2) == NULL) goto err; | 1075 | if (bn_wexpand(t,k*2) == NULL) goto err; |
| 707 | if (bn_wexpand(rr,k*2) == NULL) goto err; | 1076 | if (bn_wexpand(rr,k*2) == NULL) goto err; |
| 708 | bn_mul_recursive(rr->d,a->d,b->d,al,t->d); | 1077 | bn_mul_recursive(rr->d,a->d,b->d,al,t->d); |
| 709 | rr->top=top; | ||
| 710 | goto end; | ||
| 711 | } | 1078 | } |
| 712 | #if 0 /* tribute to const-ification, rsa/dsa performance is not affected */ | ||
| 713 | else | 1079 | else |
| 714 | { | 1080 | { |
| 715 | if (bn_wexpand(a,k) == NULL ) goto err; | 1081 | if (bn_wexpand(t,k*4) == NULL) goto err; |
| 716 | if (bn_wexpand(b,k) == NULL ) goto err; | 1082 | if (bn_wexpand(rr,k*4) == NULL) goto err; |
| 717 | if (bn_wexpand(t,k*4) == NULL ) goto err; | ||
| 718 | if (bn_wexpand(rr,k*4) == NULL ) goto err; | ||
| 719 | for (i=a->top; i<k; i++) | ||
| 720 | a->d[i]=0; | ||
| 721 | for (i=b->top; i<k; i++) | ||
| 722 | b->d[i]=0; | ||
| 723 | bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d); | 1083 | bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d); |
| 724 | } | 1084 | } |
| 725 | rr->top=top; | 1085 | rr->top=top; |
| 726 | goto end; | 1086 | goto end; |
| 727 | #endif | ||
| 728 | } | 1087 | } |
| 1088 | #endif | ||
| 729 | } | 1089 | } |
| 730 | #endif /* BN_RECURSION */ | 1090 | #endif /* BN_RECURSION */ |
| 731 | if (bn_wexpand(rr,top) == NULL) goto err; | 1091 | if (bn_wexpand(rr,top) == NULL) goto err; |
| @@ -735,10 +1095,11 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | |||
| 735 | #if defined(BN_MUL_COMBA) || defined(BN_RECURSION) | 1095 | #if defined(BN_MUL_COMBA) || defined(BN_RECURSION) |
| 736 | end: | 1096 | end: |
| 737 | #endif | 1097 | #endif |
| 738 | bn_fix_top(rr); | 1098 | bn_correct_top(rr); |
| 739 | if (r != rr) BN_copy(r,rr); | 1099 | if (r != rr) BN_copy(r,rr); |
| 740 | ret=1; | 1100 | ret=1; |
| 741 | err: | 1101 | err: |
| 1102 | bn_check_top(r); | ||
| 742 | BN_CTX_end(ctx); | 1103 | BN_CTX_end(ctx); |
| 743 | return(ret); | 1104 | return(ret); |
| 744 | } | 1105 | } |
| @@ -748,7 +1109,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) | |||
| 748 | BN_ULONG *rr; | 1109 | BN_ULONG *rr; |
| 749 | 1110 | ||
| 750 | #ifdef BN_COUNT | 1111 | #ifdef BN_COUNT |
| 751 | printf(" bn_mul_normal %d * %d\n",na,nb); | 1112 | fprintf(stderr," bn_mul_normal %d * %d\n",na,nb); |
| 752 | #endif | 1113 | #endif |
| 753 | 1114 | ||
| 754 | if (na < nb) | 1115 | if (na < nb) |
| @@ -761,7 +1122,13 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) | |||
| 761 | 1122 | ||
| 762 | } | 1123 | } |
| 763 | rr= &(r[na]); | 1124 | rr= &(r[na]); |
| 764 | rr[0]=bn_mul_words(r,a,na,b[0]); | 1125 | if (nb <= 0) |
| 1126 | { | ||
| 1127 | (void)bn_mul_words(r,a,na,0); | ||
| 1128 | return; | ||
| 1129 | } | ||
| 1130 | else | ||
| 1131 | rr[0]=bn_mul_words(r,a,na,b[0]); | ||
| 765 | 1132 | ||
| 766 | for (;;) | 1133 | for (;;) |
| 767 | { | 1134 | { |
| @@ -782,7 +1149,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) | |||
| 782 | void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) | 1149 | void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) |
| 783 | { | 1150 | { |
| 784 | #ifdef BN_COUNT | 1151 | #ifdef BN_COUNT |
| 785 | printf(" bn_mul_low_normal %d * %d\n",n,n); | 1152 | fprintf(stderr," bn_mul_low_normal %d * %d\n",n,n); |
| 786 | #endif | 1153 | #endif |
| 787 | bn_mul_words(r,a,n,b[0]); | 1154 | bn_mul_words(r,a,n,b[0]); |
| 788 | 1155 | ||
diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c index f422172f16..7b25979dd1 100644 --- a/src/lib/libcrypto/bn/bn_prime.c +++ b/src/lib/libcrypto/bn/bn_prime.c | |||
| @@ -115,6 +115,11 @@ | |||
| 115 | #include "bn_lcl.h" | 115 | #include "bn_lcl.h" |
| 116 | #include <openssl/rand.h> | 116 | #include <openssl/rand.h> |
| 117 | 117 | ||
| 118 | /* NB: these functions have been "upgraded", the deprecated versions (which are | ||
| 119 | * compatibility wrappers using these functions) are in bn_depr.c. | ||
| 120 | * - Geoff | ||
| 121 | */ | ||
| 122 | |||
| 118 | /* The quick sieve algorithm approach to weeding out primes is | 123 | /* The quick sieve algorithm approach to weeding out primes is |
| 119 | * Philip Zimmermann's, as implemented in PGP. I have had a read of | 124 | * Philip Zimmermann's, as implemented in PGP. I have had a read of |
| 120 | * his comments and implemented my own version. | 125 | * his comments and implemented my own version. |
| @@ -129,51 +134,69 @@ static int probable_prime_dh(BIGNUM *rnd, int bits, | |||
| 129 | static int probable_prime_dh_safe(BIGNUM *rnd, int bits, | 134 | static int probable_prime_dh_safe(BIGNUM *rnd, int bits, |
| 130 | const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx); | 135 | const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx); |
| 131 | 136 | ||
| 132 | BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, | 137 | int BN_GENCB_call(BN_GENCB *cb, int a, int b) |
| 133 | const BIGNUM *add, const BIGNUM *rem, | 138 | { |
| 134 | void (*callback)(int,int,void *), void *cb_arg) | 139 | /* No callback means continue */ |
| 140 | if(!cb) return 1; | ||
| 141 | switch(cb->ver) | ||
| 142 | { | ||
| 143 | case 1: | ||
| 144 | /* Deprecated-style callbacks */ | ||
| 145 | if(!cb->cb.cb_1) | ||
| 146 | return 1; | ||
| 147 | cb->cb.cb_1(a, b, cb->arg); | ||
| 148 | return 1; | ||
| 149 | case 2: | ||
| 150 | /* New-style callbacks */ | ||
| 151 | return cb->cb.cb_2(a, b, cb); | ||
| 152 | default: | ||
| 153 | break; | ||
| 154 | } | ||
| 155 | /* Unrecognised callback type */ | ||
| 156 | return 0; | ||
| 157 | } | ||
| 158 | |||
| 159 | int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, | ||
| 160 | const BIGNUM *add, const BIGNUM *rem, BN_GENCB *cb) | ||
| 135 | { | 161 | { |
| 136 | BIGNUM *rnd=NULL; | 162 | BIGNUM *t; |
| 137 | BIGNUM t; | ||
| 138 | int found=0; | 163 | int found=0; |
| 139 | int i,j,c1=0; | 164 | int i,j,c1=0; |
| 140 | BN_CTX *ctx; | 165 | BN_CTX *ctx; |
| 141 | int checks = BN_prime_checks_for_size(bits); | 166 | int checks = BN_prime_checks_for_size(bits); |
| 142 | 167 | ||
| 143 | BN_init(&t); | ||
| 144 | ctx=BN_CTX_new(); | 168 | ctx=BN_CTX_new(); |
| 145 | if (ctx == NULL) goto err; | 169 | if (ctx == NULL) goto err; |
| 146 | if (ret == NULL) | 170 | BN_CTX_start(ctx); |
| 147 | { | 171 | t = BN_CTX_get(ctx); |
| 148 | if ((rnd=BN_new()) == NULL) goto err; | 172 | if(!t) goto err; |
| 149 | } | ||
| 150 | else | ||
| 151 | rnd=ret; | ||
| 152 | loop: | 173 | loop: |
| 153 | /* make a random number and set the top and bottom bits */ | 174 | /* make a random number and set the top and bottom bits */ |
| 154 | if (add == NULL) | 175 | if (add == NULL) |
| 155 | { | 176 | { |
| 156 | if (!probable_prime(rnd,bits)) goto err; | 177 | if (!probable_prime(ret,bits)) goto err; |
| 157 | } | 178 | } |
| 158 | else | 179 | else |
| 159 | { | 180 | { |
| 160 | if (safe) | 181 | if (safe) |
| 161 | { | 182 | { |
| 162 | if (!probable_prime_dh_safe(rnd,bits,add,rem,ctx)) | 183 | if (!probable_prime_dh_safe(ret,bits,add,rem,ctx)) |
| 163 | goto err; | 184 | goto err; |
| 164 | } | 185 | } |
| 165 | else | 186 | else |
| 166 | { | 187 | { |
| 167 | if (!probable_prime_dh(rnd,bits,add,rem,ctx)) | 188 | if (!probable_prime_dh(ret,bits,add,rem,ctx)) |
| 168 | goto err; | 189 | goto err; |
| 169 | } | 190 | } |
| 170 | } | 191 | } |
| 171 | /* if (BN_mod_word(rnd,(BN_ULONG)3) == 1) goto loop; */ | 192 | /* if (BN_mod_word(ret,(BN_ULONG)3) == 1) goto loop; */ |
| 172 | if (callback != NULL) callback(0,c1++,cb_arg); | 193 | if(!BN_GENCB_call(cb, 0, c1++)) |
| 194 | /* aborted */ | ||
| 195 | goto err; | ||
| 173 | 196 | ||
| 174 | if (!safe) | 197 | if (!safe) |
| 175 | { | 198 | { |
| 176 | i=BN_is_prime_fasttest(rnd,checks,callback,ctx,cb_arg,0); | 199 | i=BN_is_prime_fasttest_ex(ret,checks,ctx,0,cb); |
| 177 | if (i == -1) goto err; | 200 | if (i == -1) goto err; |
| 178 | if (i == 0) goto loop; | 201 | if (i == 0) goto loop; |
| 179 | } | 202 | } |
| @@ -183,41 +206,42 @@ loop: | |||
| 183 | * check that (p-1)/2 is prime. | 206 | * check that (p-1)/2 is prime. |
| 184 | * Since a prime is odd, We just | 207 | * Since a prime is odd, We just |
| 185 | * need to divide by 2 */ | 208 | * need to divide by 2 */ |
| 186 | if (!BN_rshift1(&t,rnd)) goto err; | 209 | if (!BN_rshift1(t,ret)) goto err; |
| 187 | 210 | ||
| 188 | for (i=0; i<checks; i++) | 211 | for (i=0; i<checks; i++) |
| 189 | { | 212 | { |
| 190 | j=BN_is_prime_fasttest(rnd,1,callback,ctx,cb_arg,0); | 213 | j=BN_is_prime_fasttest_ex(ret,1,ctx,0,cb); |
| 191 | if (j == -1) goto err; | 214 | if (j == -1) goto err; |
| 192 | if (j == 0) goto loop; | 215 | if (j == 0) goto loop; |
| 193 | 216 | ||
| 194 | j=BN_is_prime_fasttest(&t,1,callback,ctx,cb_arg,0); | 217 | j=BN_is_prime_fasttest_ex(t,1,ctx,0,cb); |
| 195 | if (j == -1) goto err; | 218 | if (j == -1) goto err; |
| 196 | if (j == 0) goto loop; | 219 | if (j == 0) goto loop; |
| 197 | 220 | ||
| 198 | if (callback != NULL) callback(2,c1-1,cb_arg); | 221 | if(!BN_GENCB_call(cb, 2, c1-1)) |
| 222 | goto err; | ||
| 199 | /* We have a safe prime test pass */ | 223 | /* We have a safe prime test pass */ |
| 200 | } | 224 | } |
| 201 | } | 225 | } |
| 202 | /* we have a prime :-) */ | 226 | /* we have a prime :-) */ |
| 203 | found = 1; | 227 | found = 1; |
| 204 | err: | 228 | err: |
| 205 | if (!found && (ret == NULL) && (rnd != NULL)) BN_free(rnd); | 229 | if (ctx != NULL) |
| 206 | BN_free(&t); | 230 | { |
| 207 | if (ctx != NULL) BN_CTX_free(ctx); | 231 | BN_CTX_end(ctx); |
| 208 | return(found ? rnd : NULL); | 232 | BN_CTX_free(ctx); |
| 233 | } | ||
| 234 | bn_check_top(ret); | ||
| 235 | return found; | ||
| 209 | } | 236 | } |
| 210 | 237 | ||
| 211 | int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int,int,void *), | 238 | int BN_is_prime_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, BN_GENCB *cb) |
| 212 | BN_CTX *ctx_passed, void *cb_arg) | ||
| 213 | { | 239 | { |
| 214 | return BN_is_prime_fasttest(a, checks, callback, ctx_passed, cb_arg, 0); | 240 | return BN_is_prime_fasttest_ex(a, checks, ctx_passed, 0, cb); |
| 215 | } | 241 | } |
| 216 | 242 | ||
| 217 | int BN_is_prime_fasttest(const BIGNUM *a, int checks, | 243 | int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, |
| 218 | void (*callback)(int,int,void *), | 244 | int do_trial_division, BN_GENCB *cb) |
| 219 | BN_CTX *ctx_passed, void *cb_arg, | ||
| 220 | int do_trial_division) | ||
| 221 | { | 245 | { |
| 222 | int i, j, ret = -1; | 246 | int i, j, ret = -1; |
| 223 | int k; | 247 | int k; |
| @@ -236,13 +260,13 @@ int BN_is_prime_fasttest(const BIGNUM *a, int checks, | |||
| 236 | if (!BN_is_odd(a)) | 260 | if (!BN_is_odd(a)) |
| 237 | /* a is even => a is prime if and only if a == 2 */ | 261 | /* a is even => a is prime if and only if a == 2 */ |
| 238 | return BN_is_word(a, 2); | 262 | return BN_is_word(a, 2); |
| 239 | |||
| 240 | if (do_trial_division) | 263 | if (do_trial_division) |
| 241 | { | 264 | { |
| 242 | for (i = 1; i < NUMPRIMES; i++) | 265 | for (i = 1; i < NUMPRIMES; i++) |
| 243 | if (BN_mod_word(a, primes[i]) == 0) | 266 | if (BN_mod_word(a, primes[i]) == 0) |
| 244 | return 0; | 267 | return 0; |
| 245 | if (callback != NULL) callback(1, -1, cb_arg); | 268 | if(!BN_GENCB_call(cb, 1, -1)) |
| 269 | goto err; | ||
| 246 | } | 270 | } |
| 247 | 271 | ||
| 248 | if (ctx_passed != NULL) | 272 | if (ctx_passed != NULL) |
| @@ -308,7 +332,8 @@ int BN_is_prime_fasttest(const BIGNUM *a, int checks, | |||
| 308 | ret=0; | 332 | ret=0; |
| 309 | goto err; | 333 | goto err; |
| 310 | } | 334 | } |
| 311 | if (callback != NULL) callback(1,i,cb_arg); | 335 | if(!BN_GENCB_call(cb, 1, i)) |
| 336 | goto err; | ||
| 312 | } | 337 | } |
| 313 | ret=1; | 338 | ret=1; |
| 314 | err: | 339 | err: |
| @@ -345,20 +370,22 @@ static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1, | |||
| 345 | } | 370 | } |
| 346 | /* If we get here, 'w' is the (a-1)/2-th power of the original 'w', | 371 | /* If we get here, 'w' is the (a-1)/2-th power of the original 'w', |
| 347 | * and it is neither -1 nor +1 -- so 'a' cannot be prime */ | 372 | * and it is neither -1 nor +1 -- so 'a' cannot be prime */ |
| 373 | bn_check_top(w); | ||
| 348 | return 1; | 374 | return 1; |
| 349 | } | 375 | } |
| 350 | 376 | ||
| 351 | static int probable_prime(BIGNUM *rnd, int bits) | 377 | static int probable_prime(BIGNUM *rnd, int bits) |
| 352 | { | 378 | { |
| 353 | int i; | 379 | int i; |
| 354 | BN_ULONG mods[NUMPRIMES]; | 380 | prime_t mods[NUMPRIMES]; |
| 355 | BN_ULONG delta,d; | 381 | BN_ULONG delta,maxdelta; |
| 356 | 382 | ||
| 357 | again: | 383 | again: |
| 358 | if (!BN_rand(rnd,bits,1,1)) return(0); | 384 | if (!BN_rand(rnd,bits,1,1)) return(0); |
| 359 | /* we now have a random number 'rand' to test. */ | 385 | /* we now have a random number 'rand' to test. */ |
| 360 | for (i=1; i<NUMPRIMES; i++) | 386 | for (i=1; i<NUMPRIMES; i++) |
| 361 | mods[i]=BN_mod_word(rnd,(BN_ULONG)primes[i]); | 387 | mods[i]=(prime_t)BN_mod_word(rnd,(BN_ULONG)primes[i]); |
| 388 | maxdelta=BN_MASK2 - primes[NUMPRIMES-1]; | ||
| 362 | delta=0; | 389 | delta=0; |
| 363 | loop: for (i=1; i<NUMPRIMES; i++) | 390 | loop: for (i=1; i<NUMPRIMES; i++) |
| 364 | { | 391 | { |
| @@ -366,16 +393,13 @@ again: | |||
| 366 | * that gcd(rnd-1,primes) == 1 (except for 2) */ | 393 | * that gcd(rnd-1,primes) == 1 (except for 2) */ |
| 367 | if (((mods[i]+delta)%primes[i]) <= 1) | 394 | if (((mods[i]+delta)%primes[i]) <= 1) |
| 368 | { | 395 | { |
| 369 | d=delta; | ||
| 370 | delta+=2; | 396 | delta+=2; |
| 371 | /* perhaps need to check for overflow of | 397 | if (delta > maxdelta) goto again; |
| 372 | * delta (but delta can be up to 2^32) | ||
| 373 | * 21-May-98 eay - added overflow check */ | ||
| 374 | if (delta < d) goto again; | ||
| 375 | goto loop; | 398 | goto loop; |
| 376 | } | 399 | } |
| 377 | } | 400 | } |
| 378 | if (!BN_add_word(rnd,delta)) return(0); | 401 | if (!BN_add_word(rnd,delta)) return(0); |
| 402 | bn_check_top(rnd); | ||
| 379 | return(1); | 403 | return(1); |
| 380 | } | 404 | } |
| 381 | 405 | ||
| @@ -413,6 +437,7 @@ static int probable_prime_dh(BIGNUM *rnd, int bits, | |||
| 413 | ret=1; | 437 | ret=1; |
| 414 | err: | 438 | err: |
| 415 | BN_CTX_end(ctx); | 439 | BN_CTX_end(ctx); |
| 440 | bn_check_top(rnd); | ||
| 416 | return(ret); | 441 | return(ret); |
| 417 | } | 442 | } |
| 418 | 443 | ||
| @@ -464,5 +489,6 @@ static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd, | |||
| 464 | ret=1; | 489 | ret=1; |
| 465 | err: | 490 | err: |
| 466 | BN_CTX_end(ctx); | 491 | BN_CTX_end(ctx); |
| 492 | bn_check_top(p); | ||
| 467 | return(ret); | 493 | return(ret); |
| 468 | } | 494 | } |
diff --git a/src/lib/libcrypto/bn/bn_prime.h b/src/lib/libcrypto/bn/bn_prime.h index b7cf9a9bfe..51d2194feb 100644 --- a/src/lib/libcrypto/bn/bn_prime.h +++ b/src/lib/libcrypto/bn/bn_prime.h | |||
| @@ -58,10 +58,12 @@ | |||
| 58 | 58 | ||
| 59 | #ifndef EIGHT_BIT | 59 | #ifndef EIGHT_BIT |
| 60 | #define NUMPRIMES 2048 | 60 | #define NUMPRIMES 2048 |
| 61 | typedef unsigned short prime_t; | ||
| 61 | #else | 62 | #else |
| 62 | #define NUMPRIMES 54 | 63 | #define NUMPRIMES 54 |
| 64 | typedef unsigned char prime_t; | ||
| 63 | #endif | 65 | #endif |
| 64 | static const unsigned int primes[NUMPRIMES]= | 66 | static const prime_t primes[NUMPRIMES]= |
| 65 | { | 67 | { |
| 66 | 2, 3, 5, 7, 11, 13, 17, 19, | 68 | 2, 3, 5, 7, 11, 13, 17, 19, |
| 67 | 23, 29, 31, 37, 41, 43, 47, 53, | 69 | 23, 29, 31, 37, 41, 43, 47, 53, |
diff --git a/src/lib/libcrypto/bn/bn_prime.pl b/src/lib/libcrypto/bn/bn_prime.pl index 9fc3765486..3fafb6f3e9 100644 --- a/src/lib/libcrypto/bn/bn_prime.pl +++ b/src/lib/libcrypto/bn/bn_prime.pl | |||
| @@ -11,7 +11,7 @@ loop: while ($#primes < $num-1) | |||
| 11 | $p+=2; | 11 | $p+=2; |
| 12 | $s=int(sqrt($p)); | 12 | $s=int(sqrt($p)); |
| 13 | 13 | ||
| 14 | for ($i=0; $primes[$i]<=$s; $i++) | 14 | for ($i=0; defined($primes[$i]) && $primes[$i]<=$s; $i++) |
| 15 | { | 15 | { |
| 16 | next loop if (($p%$primes[$i]) == 0); | 16 | next loop if (($p%$primes[$i]) == 0); |
| 17 | } | 17 | } |
| @@ -101,10 +101,12 @@ for ($i=0; $i <= $#primes; $i++) | |||
| 101 | 101 | ||
| 102 | printf "#ifndef EIGHT_BIT\n"; | 102 | printf "#ifndef EIGHT_BIT\n"; |
| 103 | printf "#define NUMPRIMES %d\n",$num; | 103 | printf "#define NUMPRIMES %d\n",$num; |
| 104 | printf "typedef unsigned short prime_t;\n"; | ||
| 104 | printf "#else\n"; | 105 | printf "#else\n"; |
| 105 | printf "#define NUMPRIMES %d\n",$eight; | 106 | printf "#define NUMPRIMES %d\n",$eight; |
| 107 | printf "typedef unsigned char prime_t;\n"; | ||
| 106 | printf "#endif\n"; | 108 | printf "#endif\n"; |
| 107 | print "static const unsigned int primes[NUMPRIMES]=\n\t{\n\t"; | 109 | print "static const prime_t primes[NUMPRIMES]=\n\t{\n\t"; |
| 108 | $init=0; | 110 | $init=0; |
| 109 | for ($i=0; $i <= $#primes; $i++) | 111 | for ($i=0; $i <= $#primes; $i++) |
| 110 | { | 112 | { |
diff --git a/src/lib/libcrypto/bn/bn_print.c b/src/lib/libcrypto/bn/bn_print.c index acba7ed7ee..810dde34e1 100644 --- a/src/lib/libcrypto/bn/bn_print.c +++ b/src/lib/libcrypto/bn/bn_print.c | |||
| @@ -62,7 +62,7 @@ | |||
| 62 | #include <openssl/buffer.h> | 62 | #include <openssl/buffer.h> |
| 63 | #include "bn_lcl.h" | 63 | #include "bn_lcl.h" |
| 64 | 64 | ||
| 65 | static const char *Hex="0123456789ABCDEF"; | 65 | static const char Hex[]="0123456789ABCDEF"; |
| 66 | 66 | ||
| 67 | /* Must 'OPENSSL_free' the returned data */ | 67 | /* Must 'OPENSSL_free' the returned data */ |
| 68 | char *BN_bn2hex(const BIGNUM *a) | 68 | char *BN_bn2hex(const BIGNUM *a) |
| @@ -102,14 +102,19 @@ err: | |||
| 102 | /* Must 'OPENSSL_free' the returned data */ | 102 | /* Must 'OPENSSL_free' the returned data */ |
| 103 | char *BN_bn2dec(const BIGNUM *a) | 103 | char *BN_bn2dec(const BIGNUM *a) |
| 104 | { | 104 | { |
| 105 | int i=0,num; | 105 | int i=0,num, ok = 0; |
| 106 | char *buf=NULL; | 106 | char *buf=NULL; |
| 107 | char *p; | 107 | char *p; |
| 108 | BIGNUM *t=NULL; | 108 | BIGNUM *t=NULL; |
| 109 | BN_ULONG *bn_data=NULL,*lp; | 109 | BN_ULONG *bn_data=NULL,*lp; |
| 110 | 110 | ||
| 111 | /* get an upper bound for the length of the decimal integer | ||
| 112 | * num <= (BN_num_bits(a) + 1) * log(2) | ||
| 113 | * <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1 (rounding error) | ||
| 114 | * <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1 | ||
| 115 | */ | ||
| 111 | i=BN_num_bits(a)*3; | 116 | i=BN_num_bits(a)*3; |
| 112 | num=(i/10+i/1000+3)+1; | 117 | num=(i/10+i/1000+1)+1; |
| 113 | bn_data=(BN_ULONG *)OPENSSL_malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG)); | 118 | bn_data=(BN_ULONG *)OPENSSL_malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG)); |
| 114 | buf=(char *)OPENSSL_malloc(num+3); | 119 | buf=(char *)OPENSSL_malloc(num+3); |
| 115 | if ((buf == NULL) || (bn_data == NULL)) | 120 | if ((buf == NULL) || (bn_data == NULL)) |
| @@ -122,7 +127,6 @@ char *BN_bn2dec(const BIGNUM *a) | |||
| 122 | #define BUF_REMAIN (num+3 - (size_t)(p - buf)) | 127 | #define BUF_REMAIN (num+3 - (size_t)(p - buf)) |
| 123 | p=buf; | 128 | p=buf; |
| 124 | lp=bn_data; | 129 | lp=bn_data; |
| 125 | if (t->neg) *(p++)='-'; | ||
| 126 | if (BN_is_zero(t)) | 130 | if (BN_is_zero(t)) |
| 127 | { | 131 | { |
| 128 | *(p++)='0'; | 132 | *(p++)='0'; |
| @@ -130,6 +134,9 @@ char *BN_bn2dec(const BIGNUM *a) | |||
| 130 | } | 134 | } |
| 131 | else | 135 | else |
| 132 | { | 136 | { |
| 137 | if (BN_is_negative(t)) | ||
| 138 | *p++ = '-'; | ||
| 139 | |||
| 133 | i=0; | 140 | i=0; |
| 134 | while (!BN_is_zero(t)) | 141 | while (!BN_is_zero(t)) |
| 135 | { | 142 | { |
| @@ -149,9 +156,16 @@ char *BN_bn2dec(const BIGNUM *a) | |||
| 149 | while (*p) p++; | 156 | while (*p) p++; |
| 150 | } | 157 | } |
| 151 | } | 158 | } |
| 159 | ok = 1; | ||
| 152 | err: | 160 | err: |
| 153 | if (bn_data != NULL) OPENSSL_free(bn_data); | 161 | if (bn_data != NULL) OPENSSL_free(bn_data); |
| 154 | if (t != NULL) BN_free(t); | 162 | if (t != NULL) BN_free(t); |
| 163 | if (!ok && buf) | ||
| 164 | { | ||
| 165 | OPENSSL_free(buf); | ||
| 166 | buf = NULL; | ||
| 167 | } | ||
| 168 | |||
| 155 | return(buf); | 169 | return(buf); |
| 156 | } | 170 | } |
| 157 | 171 | ||
| @@ -211,10 +225,11 @@ int BN_hex2bn(BIGNUM **bn, const char *a) | |||
| 211 | j-=(BN_BYTES*2); | 225 | j-=(BN_BYTES*2); |
| 212 | } | 226 | } |
| 213 | ret->top=h; | 227 | ret->top=h; |
| 214 | bn_fix_top(ret); | 228 | bn_correct_top(ret); |
| 215 | ret->neg=neg; | 229 | ret->neg=neg; |
| 216 | 230 | ||
| 217 | *bn=ret; | 231 | *bn=ret; |
| 232 | bn_check_top(ret); | ||
| 218 | return(num); | 233 | return(num); |
| 219 | err: | 234 | err: |
| 220 | if (*bn == NULL) BN_free(ret); | 235 | if (*bn == NULL) BN_free(ret); |
| @@ -270,8 +285,9 @@ int BN_dec2bn(BIGNUM **bn, const char *a) | |||
| 270 | } | 285 | } |
| 271 | ret->neg=neg; | 286 | ret->neg=neg; |
| 272 | 287 | ||
| 273 | bn_fix_top(ret); | 288 | bn_correct_top(ret); |
| 274 | *bn=ret; | 289 | *bn=ret; |
| 290 | bn_check_top(ret); | ||
| 275 | return(num); | 291 | return(num); |
| 276 | err: | 292 | err: |
| 277 | if (*bn == NULL) BN_free(ret); | 293 | if (*bn == NULL) BN_free(ret); |
| @@ -300,7 +316,7 @@ int BN_print(BIO *bp, const BIGNUM *a) | |||
| 300 | int ret=0; | 316 | int ret=0; |
| 301 | 317 | ||
| 302 | if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end; | 318 | if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end; |
| 303 | if ((BN_is_zero(a)) && (BIO_write(bp,"0",1) != 1)) goto end; | 319 | if (BN_is_zero(a) && (BIO_write(bp,"0",1) != 1)) goto end; |
| 304 | for (i=a->top-1; i >=0; i--) | 320 | for (i=a->top-1; i >=0; i--) |
| 305 | { | 321 | { |
| 306 | for (j=BN_BITS2-4; j >= 0; j-=4) | 322 | for (j=BN_BITS2-4; j >= 0; j-=4) |
| @@ -320,14 +336,3 @@ end: | |||
| 320 | return(ret); | 336 | return(ret); |
| 321 | } | 337 | } |
| 322 | #endif | 338 | #endif |
| 323 | |||
| 324 | #ifdef BN_DEBUG | ||
| 325 | void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n) | ||
| 326 | { | ||
| 327 | int i; | ||
| 328 | fprintf(o, "%s=", a); | ||
| 329 | for (i=n-1;i>=0;i--) | ||
| 330 | fprintf(o, "%08lX", b[i]); /* assumes 32-bit BN_ULONG */ | ||
| 331 | fprintf(o, "\n"); | ||
| 332 | } | ||
| 333 | #endif | ||
diff --git a/src/lib/libcrypto/bn/bn_rand.c b/src/lib/libcrypto/bn/bn_rand.c index 893c9d2af9..f51830b12b 100644 --- a/src/lib/libcrypto/bn/bn_rand.c +++ b/src/lib/libcrypto/bn/bn_rand.c | |||
| @@ -134,13 +134,13 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) | |||
| 134 | buf=(unsigned char *)OPENSSL_malloc(bytes); | 134 | buf=(unsigned char *)OPENSSL_malloc(bytes); |
| 135 | if (buf == NULL) | 135 | if (buf == NULL) |
| 136 | { | 136 | { |
| 137 | BNerr(BN_F_BN_RAND,ERR_R_MALLOC_FAILURE); | 137 | BNerr(BN_F_BNRAND,ERR_R_MALLOC_FAILURE); |
| 138 | goto err; | 138 | goto err; |
| 139 | } | 139 | } |
| 140 | 140 | ||
| 141 | /* make a random number and set the top and bottom bits */ | 141 | /* make a random number and set the top and bottom bits */ |
| 142 | time(&tim); | 142 | time(&tim); |
| 143 | RAND_add(&tim,sizeof(tim),0); | 143 | RAND_add(&tim,sizeof(tim),0.0); |
| 144 | 144 | ||
| 145 | if (pseudorand) | 145 | if (pseudorand) |
| 146 | { | 146 | { |
| @@ -204,6 +204,7 @@ err: | |||
| 204 | OPENSSL_cleanse(buf,bytes); | 204 | OPENSSL_cleanse(buf,bytes); |
| 205 | OPENSSL_free(buf); | 205 | OPENSSL_free(buf); |
| 206 | } | 206 | } |
| 207 | bn_check_top(rnd); | ||
| 207 | return(ret); | 208 | return(ret); |
| 208 | } | 209 | } |
| 209 | 210 | ||
| @@ -230,6 +231,7 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range) | |||
| 230 | { | 231 | { |
| 231 | int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand; | 232 | int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand; |
| 232 | int n; | 233 | int n; |
| 234 | int count = 100; | ||
| 233 | 235 | ||
| 234 | if (range->neg || BN_is_zero(range)) | 236 | if (range->neg || BN_is_zero(range)) |
| 235 | { | 237 | { |
| @@ -242,9 +244,7 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range) | |||
| 242 | /* BN_is_bit_set(range, n - 1) always holds */ | 244 | /* BN_is_bit_set(range, n - 1) always holds */ |
| 243 | 245 | ||
| 244 | if (n == 1) | 246 | if (n == 1) |
| 245 | { | 247 | BN_zero(r); |
| 246 | if (!BN_zero(r)) return 0; | ||
| 247 | } | ||
| 248 | else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) | 248 | else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) |
| 249 | { | 249 | { |
| 250 | /* range = 100..._2, | 250 | /* range = 100..._2, |
| @@ -263,6 +263,13 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range) | |||
| 263 | if (BN_cmp(r, range) >= 0) | 263 | if (BN_cmp(r, range) >= 0) |
| 264 | if (!BN_sub(r, r, range)) return 0; | 264 | if (!BN_sub(r, r, range)) return 0; |
| 265 | } | 265 | } |
| 266 | |||
| 267 | if (!--count) | ||
| 268 | { | ||
| 269 | BNerr(BN_F_BN_RAND_RANGE, BN_R_TOO_MANY_ITERATIONS); | ||
| 270 | return 0; | ||
| 271 | } | ||
| 272 | |||
| 266 | } | 273 | } |
| 267 | while (BN_cmp(r, range) >= 0); | 274 | while (BN_cmp(r, range) >= 0); |
| 268 | } | 275 | } |
| @@ -272,10 +279,17 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range) | |||
| 272 | { | 279 | { |
| 273 | /* range = 11..._2 or range = 101..._2 */ | 280 | /* range = 11..._2 or range = 101..._2 */ |
| 274 | if (!bn_rand(r, n, -1, 0)) return 0; | 281 | if (!bn_rand(r, n, -1, 0)) return 0; |
| 282 | |||
| 283 | if (!--count) | ||
| 284 | { | ||
| 285 | BNerr(BN_F_BN_RAND_RANGE, BN_R_TOO_MANY_ITERATIONS); | ||
| 286 | return 0; | ||
| 287 | } | ||
| 275 | } | 288 | } |
| 276 | while (BN_cmp(r, range) >= 0); | 289 | while (BN_cmp(r, range) >= 0); |
| 277 | } | 290 | } |
| 278 | 291 | ||
| 292 | bn_check_top(r); | ||
| 279 | return 1; | 293 | return 1; |
| 280 | } | 294 | } |
| 281 | 295 | ||
diff --git a/src/lib/libcrypto/bn/bn_recp.c b/src/lib/libcrypto/bn/bn_recp.c index ef5fdd4708..2e8efb8dae 100644 --- a/src/lib/libcrypto/bn/bn_recp.c +++ b/src/lib/libcrypto/bn/bn_recp.c | |||
| @@ -94,7 +94,7 @@ void BN_RECP_CTX_free(BN_RECP_CTX *recp) | |||
| 94 | int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx) | 94 | int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx) |
| 95 | { | 95 | { |
| 96 | if (!BN_copy(&(recp->N),d)) return 0; | 96 | if (!BN_copy(&(recp->N),d)) return 0; |
| 97 | if (!BN_zero(&(recp->Nr))) return 0; | 97 | BN_zero(&(recp->Nr)); |
| 98 | recp->num_bits=BN_num_bits(d); | 98 | recp->num_bits=BN_num_bits(d); |
| 99 | recp->shift=0; | 99 | recp->shift=0; |
| 100 | return(1); | 100 | return(1); |
| @@ -123,6 +123,7 @@ int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, | |||
| 123 | ret = BN_div_recp(NULL,r,ca,recp,ctx); | 123 | ret = BN_div_recp(NULL,r,ca,recp,ctx); |
| 124 | err: | 124 | err: |
| 125 | BN_CTX_end(ctx); | 125 | BN_CTX_end(ctx); |
| 126 | bn_check_top(r); | ||
| 126 | return(ret); | 127 | return(ret); |
| 127 | } | 128 | } |
| 128 | 129 | ||
| @@ -147,7 +148,7 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, | |||
| 147 | 148 | ||
| 148 | if (BN_ucmp(m,&(recp->N)) < 0) | 149 | if (BN_ucmp(m,&(recp->N)) < 0) |
| 149 | { | 150 | { |
| 150 | if (!BN_zero(d)) return 0; | 151 | BN_zero(d); |
| 151 | if (!BN_copy(r,m)) return 0; | 152 | if (!BN_copy(r,m)) return 0; |
| 152 | BN_CTX_end(ctx); | 153 | BN_CTX_end(ctx); |
| 153 | return(1); | 154 | return(1); |
| @@ -190,7 +191,7 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, | |||
| 190 | { | 191 | { |
| 191 | if (j++ > 2) | 192 | if (j++ > 2) |
| 192 | { | 193 | { |
| 193 | BNerr(BN_F_BN_MOD_MUL_RECIPROCAL,BN_R_BAD_RECIPROCAL); | 194 | BNerr(BN_F_BN_DIV_RECP,BN_R_BAD_RECIPROCAL); |
| 194 | goto err; | 195 | goto err; |
| 195 | } | 196 | } |
| 196 | if (!BN_usub(r,r,&(recp->N))) goto err; | 197 | if (!BN_usub(r,r,&(recp->N))) goto err; |
| @@ -203,6 +204,8 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, | |||
| 203 | ret=1; | 204 | ret=1; |
| 204 | err: | 205 | err: |
| 205 | BN_CTX_end(ctx); | 206 | BN_CTX_end(ctx); |
| 207 | bn_check_top(dv); | ||
| 208 | bn_check_top(rem); | ||
| 206 | return(ret); | 209 | return(ret); |
| 207 | } | 210 | } |
| 208 | 211 | ||
| @@ -214,17 +217,18 @@ err: | |||
| 214 | int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx) | 217 | int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx) |
| 215 | { | 218 | { |
| 216 | int ret= -1; | 219 | int ret= -1; |
| 217 | BIGNUM t; | 220 | BIGNUM *t; |
| 218 | 221 | ||
| 219 | BN_init(&t); | 222 | BN_CTX_start(ctx); |
| 223 | if((t = BN_CTX_get(ctx)) == NULL) goto err; | ||
| 220 | 224 | ||
| 221 | if (!BN_zero(&t)) goto err; | 225 | if (!BN_set_bit(t,len)) goto err; |
| 222 | if (!BN_set_bit(&t,len)) goto err; | ||
| 223 | 226 | ||
| 224 | if (!BN_div(r,NULL,&t,m,ctx)) goto err; | 227 | if (!BN_div(r,NULL,t,m,ctx)) goto err; |
| 225 | 228 | ||
| 226 | ret=len; | 229 | ret=len; |
| 227 | err: | 230 | err: |
| 228 | BN_free(&t); | 231 | bn_check_top(r); |
| 232 | BN_CTX_end(ctx); | ||
| 229 | return(ret); | 233 | return(ret); |
| 230 | } | 234 | } |
diff --git a/src/lib/libcrypto/bn/bn_shift.c b/src/lib/libcrypto/bn/bn_shift.c index 70f785ea18..de9312dce2 100644 --- a/src/lib/libcrypto/bn/bn_shift.c +++ b/src/lib/libcrypto/bn/bn_shift.c | |||
| @@ -65,6 +65,9 @@ int BN_lshift1(BIGNUM *r, const BIGNUM *a) | |||
| 65 | register BN_ULONG *ap,*rp,t,c; | 65 | register BN_ULONG *ap,*rp,t,c; |
| 66 | int i; | 66 | int i; |
| 67 | 67 | ||
| 68 | bn_check_top(r); | ||
| 69 | bn_check_top(a); | ||
| 70 | |||
| 68 | if (r != a) | 71 | if (r != a) |
| 69 | { | 72 | { |
| 70 | r->neg=a->neg; | 73 | r->neg=a->neg; |
| @@ -89,6 +92,7 @@ int BN_lshift1(BIGNUM *r, const BIGNUM *a) | |||
| 89 | *rp=1; | 92 | *rp=1; |
| 90 | r->top++; | 93 | r->top++; |
| 91 | } | 94 | } |
| 95 | bn_check_top(r); | ||
| 92 | return(1); | 96 | return(1); |
| 93 | } | 97 | } |
| 94 | 98 | ||
| @@ -97,6 +101,9 @@ int BN_rshift1(BIGNUM *r, const BIGNUM *a) | |||
| 97 | BN_ULONG *ap,*rp,t,c; | 101 | BN_ULONG *ap,*rp,t,c; |
| 98 | int i; | 102 | int i; |
| 99 | 103 | ||
| 104 | bn_check_top(r); | ||
| 105 | bn_check_top(a); | ||
| 106 | |||
| 100 | if (BN_is_zero(a)) | 107 | if (BN_is_zero(a)) |
| 101 | { | 108 | { |
| 102 | BN_zero(r); | 109 | BN_zero(r); |
| @@ -117,7 +124,8 @@ int BN_rshift1(BIGNUM *r, const BIGNUM *a) | |||
| 117 | rp[i]=((t>>1)&BN_MASK2)|c; | 124 | rp[i]=((t>>1)&BN_MASK2)|c; |
| 118 | c=(t&1)?BN_TBIT:0; | 125 | c=(t&1)?BN_TBIT:0; |
| 119 | } | 126 | } |
| 120 | bn_fix_top(r); | 127 | bn_correct_top(r); |
| 128 | bn_check_top(r); | ||
| 121 | return(1); | 129 | return(1); |
| 122 | } | 130 | } |
| 123 | 131 | ||
| @@ -127,6 +135,9 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) | |||
| 127 | BN_ULONG *t,*f; | 135 | BN_ULONG *t,*f; |
| 128 | BN_ULONG l; | 136 | BN_ULONG l; |
| 129 | 137 | ||
| 138 | bn_check_top(r); | ||
| 139 | bn_check_top(a); | ||
| 140 | |||
| 130 | r->neg=a->neg; | 141 | r->neg=a->neg; |
| 131 | nw=n/BN_BITS2; | 142 | nw=n/BN_BITS2; |
| 132 | if (bn_wexpand(r,a->top+nw+1) == NULL) return(0); | 143 | if (bn_wexpand(r,a->top+nw+1) == NULL) return(0); |
| @@ -149,7 +160,8 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) | |||
| 149 | /* for (i=0; i<nw; i++) | 160 | /* for (i=0; i<nw; i++) |
| 150 | t[i]=0;*/ | 161 | t[i]=0;*/ |
| 151 | r->top=a->top+nw+1; | 162 | r->top=a->top+nw+1; |
| 152 | bn_fix_top(r); | 163 | bn_correct_top(r); |
| 164 | bn_check_top(r); | ||
| 153 | return(1); | 165 | return(1); |
| 154 | } | 166 | } |
| 155 | 167 | ||
| @@ -159,6 +171,9 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) | |||
| 159 | BN_ULONG *t,*f; | 171 | BN_ULONG *t,*f; |
| 160 | BN_ULONG l,tmp; | 172 | BN_ULONG l,tmp; |
| 161 | 173 | ||
| 174 | bn_check_top(r); | ||
| 175 | bn_check_top(a); | ||
| 176 | |||
| 162 | nw=n/BN_BITS2; | 177 | nw=n/BN_BITS2; |
| 163 | rb=n%BN_BITS2; | 178 | rb=n%BN_BITS2; |
| 164 | lb=BN_BITS2-rb; | 179 | lb=BN_BITS2-rb; |
| @@ -185,13 +200,13 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) | |||
| 185 | 200 | ||
| 186 | if (rb == 0) | 201 | if (rb == 0) |
| 187 | { | 202 | { |
| 188 | for (i=j+1; i > 0; i--) | 203 | for (i=j; i != 0; i--) |
| 189 | *(t++)= *(f++); | 204 | *(t++)= *(f++); |
| 190 | } | 205 | } |
| 191 | else | 206 | else |
| 192 | { | 207 | { |
| 193 | l= *(f++); | 208 | l= *(f++); |
| 194 | for (i=1; i<j; i++) | 209 | for (i=j-1; i != 0; i--) |
| 195 | { | 210 | { |
| 196 | tmp =(l>>rb)&BN_MASK2; | 211 | tmp =(l>>rb)&BN_MASK2; |
| 197 | l= *(f++); | 212 | l= *(f++); |
| @@ -199,7 +214,7 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) | |||
| 199 | } | 214 | } |
| 200 | *(t++) =(l>>rb)&BN_MASK2; | 215 | *(t++) =(l>>rb)&BN_MASK2; |
| 201 | } | 216 | } |
| 202 | *t=0; | 217 | bn_correct_top(r); |
| 203 | bn_fix_top(r); | 218 | bn_check_top(r); |
| 204 | return(1); | 219 | return(1); |
| 205 | } | 220 | } |
diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c index c1d0cca438..270d0cd348 100644 --- a/src/lib/libcrypto/bn/bn_sqr.c +++ b/src/lib/libcrypto/bn/bn_sqr.c | |||
| @@ -77,16 +77,16 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) | |||
| 77 | if (al <= 0) | 77 | if (al <= 0) |
| 78 | { | 78 | { |
| 79 | r->top=0; | 79 | r->top=0; |
| 80 | return(1); | 80 | return 1; |
| 81 | } | 81 | } |
| 82 | 82 | ||
| 83 | BN_CTX_start(ctx); | 83 | BN_CTX_start(ctx); |
| 84 | rr=(a != r) ? r : BN_CTX_get(ctx); | 84 | rr=(a != r) ? r : BN_CTX_get(ctx); |
| 85 | tmp=BN_CTX_get(ctx); | 85 | tmp=BN_CTX_get(ctx); |
| 86 | if (tmp == NULL) goto err; | 86 | if (!rr || !tmp) goto err; |
| 87 | 87 | ||
| 88 | max=(al+al); | 88 | max = 2 * al; /* Non-zero (from above) */ |
| 89 | if (bn_wexpand(rr,max+1) == NULL) goto err; | 89 | if (bn_wexpand(rr,max) == NULL) goto err; |
| 90 | 90 | ||
| 91 | if (al == 4) | 91 | if (al == 4) |
| 92 | { | 92 | { |
| @@ -138,12 +138,18 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) | |||
| 138 | #endif | 138 | #endif |
| 139 | } | 139 | } |
| 140 | 140 | ||
| 141 | rr->top=max; | ||
| 142 | rr->neg=0; | 141 | rr->neg=0; |
| 143 | if ((max > 0) && (rr->d[max-1] == 0)) rr->top--; | 142 | /* If the most-significant half of the top word of 'a' is zero, then |
| 143 | * the square of 'a' will max-1 words. */ | ||
| 144 | if(a->d[al - 1] == (a->d[al - 1] & BN_MASK2l)) | ||
| 145 | rr->top = max - 1; | ||
| 146 | else | ||
| 147 | rr->top = max; | ||
| 144 | if (rr != r) BN_copy(r,rr); | 148 | if (rr != r) BN_copy(r,rr); |
| 145 | ret = 1; | 149 | ret = 1; |
| 146 | err: | 150 | err: |
| 151 | bn_check_top(rr); | ||
| 152 | bn_check_top(tmp); | ||
| 147 | BN_CTX_end(ctx); | 153 | BN_CTX_end(ctx); |
| 148 | return(ret); | 154 | return(ret); |
| 149 | } | 155 | } |
diff --git a/src/lib/libcrypto/bn/bn_sqrt.c b/src/lib/libcrypto/bn/bn_sqrt.c index e2a1105dc8..6beaf9e5e5 100644 --- a/src/lib/libcrypto/bn/bn_sqrt.c +++ b/src/lib/libcrypto/bn/bn_sqrt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* crypto/bn/bn_mod.c */ | 1 | /* crypto/bn/bn_sqrt.c */ |
| 2 | /* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> | 2 | /* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> |
| 3 | * and Bodo Moeller for the OpenSSL project. */ | 3 | * and Bodo Moeller for the OpenSSL project. */ |
| 4 | /* ==================================================================== | 4 | /* ==================================================================== |
| @@ -65,14 +65,12 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 65 | * using the Tonelli/Shanks algorithm (cf. Henri Cohen, "A Course | 65 | * using the Tonelli/Shanks algorithm (cf. Henri Cohen, "A Course |
| 66 | * in Algebraic Computational Number Theory", algorithm 1.5.1). | 66 | * in Algebraic Computational Number Theory", algorithm 1.5.1). |
| 67 | * 'p' must be prime! | 67 | * 'p' must be prime! |
| 68 | * If 'a' is not a square, this is not necessarily detected by | ||
| 69 | * the algorithms; a bogus result must be expected in this case. | ||
| 70 | */ | 68 | */ |
| 71 | { | 69 | { |
| 72 | BIGNUM *ret = in; | 70 | BIGNUM *ret = in; |
| 73 | int err = 1; | 71 | int err = 1; |
| 74 | int r; | 72 | int r; |
| 75 | BIGNUM *b, *q, *t, *x, *y; | 73 | BIGNUM *A, *b, *q, *t, *x, *y; |
| 76 | int e, i, j; | 74 | int e, i, j; |
| 77 | 75 | ||
| 78 | if (!BN_is_odd(p) || BN_abs_is_word(p, 1)) | 76 | if (!BN_is_odd(p) || BN_abs_is_word(p, 1)) |
| @@ -85,9 +83,11 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 85 | goto end; | 83 | goto end; |
| 86 | if (!BN_set_word(ret, BN_is_bit_set(a, 0))) | 84 | if (!BN_set_word(ret, BN_is_bit_set(a, 0))) |
| 87 | { | 85 | { |
| 88 | BN_free(ret); | 86 | if (ret != in) |
| 87 | BN_free(ret); | ||
| 89 | return NULL; | 88 | return NULL; |
| 90 | } | 89 | } |
| 90 | bn_check_top(ret); | ||
| 91 | return ret; | 91 | return ret; |
| 92 | } | 92 | } |
| 93 | 93 | ||
| @@ -103,23 +103,16 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 103 | goto end; | 103 | goto end; |
| 104 | if (!BN_set_word(ret, BN_is_one(a))) | 104 | if (!BN_set_word(ret, BN_is_one(a))) |
| 105 | { | 105 | { |
| 106 | BN_free(ret); | 106 | if (ret != in) |
| 107 | BN_free(ret); | ||
| 107 | return NULL; | 108 | return NULL; |
| 108 | } | 109 | } |
| 110 | bn_check_top(ret); | ||
| 109 | return ret; | 111 | return ret; |
| 110 | } | 112 | } |
| 111 | 113 | ||
| 112 | #if 0 /* if BN_mod_sqrt is used with correct input, this just wastes time */ | ||
| 113 | r = BN_kronecker(a, p, ctx); | ||
| 114 | if (r < -1) return NULL; | ||
| 115 | if (r == -1) | ||
| 116 | { | ||
| 117 | BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE); | ||
| 118 | return(NULL); | ||
| 119 | } | ||
| 120 | #endif | ||
| 121 | |||
| 122 | BN_CTX_start(ctx); | 114 | BN_CTX_start(ctx); |
| 115 | A = BN_CTX_get(ctx); | ||
| 123 | b = BN_CTX_get(ctx); | 116 | b = BN_CTX_get(ctx); |
| 124 | q = BN_CTX_get(ctx); | 117 | q = BN_CTX_get(ctx); |
| 125 | t = BN_CTX_get(ctx); | 118 | t = BN_CTX_get(ctx); |
| @@ -131,6 +124,9 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 131 | ret = BN_new(); | 124 | ret = BN_new(); |
| 132 | if (ret == NULL) goto end; | 125 | if (ret == NULL) goto end; |
| 133 | 126 | ||
| 127 | /* A = a mod p */ | ||
| 128 | if (!BN_nnmod(A, a, p, ctx)) goto end; | ||
| 129 | |||
| 134 | /* now write |p| - 1 as 2^e*q where q is odd */ | 130 | /* now write |p| - 1 as 2^e*q where q is odd */ |
| 135 | e = 1; | 131 | e = 1; |
| 136 | while (!BN_is_bit_set(p, e)) | 132 | while (!BN_is_bit_set(p, e)) |
| @@ -149,9 +145,9 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 149 | if (!BN_rshift(q, p, 2)) goto end; | 145 | if (!BN_rshift(q, p, 2)) goto end; |
| 150 | q->neg = 0; | 146 | q->neg = 0; |
| 151 | if (!BN_add_word(q, 1)) goto end; | 147 | if (!BN_add_word(q, 1)) goto end; |
| 152 | if (!BN_mod_exp(ret, a, q, p, ctx)) goto end; | 148 | if (!BN_mod_exp(ret, A, q, p, ctx)) goto end; |
| 153 | err = 0; | 149 | err = 0; |
| 154 | goto end; | 150 | goto vrfy; |
| 155 | } | 151 | } |
| 156 | 152 | ||
| 157 | if (e == 2) | 153 | if (e == 2) |
| @@ -182,15 +178,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 182 | * November 1992.) | 178 | * November 1992.) |
| 183 | */ | 179 | */ |
| 184 | 180 | ||
| 185 | /* make sure that a is reduced modulo p */ | ||
| 186 | if (a->neg || BN_ucmp(a, p) >= 0) | ||
| 187 | { | ||
| 188 | if (!BN_nnmod(x, a, p, ctx)) goto end; | ||
| 189 | a = x; /* use x as temporary variable */ | ||
| 190 | } | ||
| 191 | |||
| 192 | /* t := 2*a */ | 181 | /* t := 2*a */ |
| 193 | if (!BN_mod_lshift1_quick(t, a, p)) goto end; | 182 | if (!BN_mod_lshift1_quick(t, A, p)) goto end; |
| 194 | 183 | ||
| 195 | /* b := (2*a)^((|p|-5)/8) */ | 184 | /* b := (2*a)^((|p|-5)/8) */ |
| 196 | if (!BN_rshift(q, p, 3)) goto end; | 185 | if (!BN_rshift(q, p, 3)) goto end; |
| @@ -205,12 +194,12 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 205 | if (!BN_sub_word(t, 1)) goto end; | 194 | if (!BN_sub_word(t, 1)) goto end; |
| 206 | 195 | ||
| 207 | /* x = a*b*t */ | 196 | /* x = a*b*t */ |
| 208 | if (!BN_mod_mul(x, a, b, p, ctx)) goto end; | 197 | if (!BN_mod_mul(x, A, b, p, ctx)) goto end; |
| 209 | if (!BN_mod_mul(x, x, t, p, ctx)) goto end; | 198 | if (!BN_mod_mul(x, x, t, p, ctx)) goto end; |
| 210 | 199 | ||
| 211 | if (!BN_copy(ret, x)) goto end; | 200 | if (!BN_copy(ret, x)) goto end; |
| 212 | err = 0; | 201 | err = 0; |
| 213 | goto end; | 202 | goto vrfy; |
| 214 | } | 203 | } |
| 215 | 204 | ||
| 216 | /* e > 2, so we really have to use the Tonelli/Shanks algorithm. | 205 | /* e > 2, so we really have to use the Tonelli/Shanks algorithm. |
| @@ -297,11 +286,11 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 297 | /* x := a^((q-1)/2) */ | 286 | /* x := a^((q-1)/2) */ |
| 298 | if (BN_is_zero(t)) /* special case: p = 2^e + 1 */ | 287 | if (BN_is_zero(t)) /* special case: p = 2^e + 1 */ |
| 299 | { | 288 | { |
| 300 | if (!BN_nnmod(t, a, p, ctx)) goto end; | 289 | if (!BN_nnmod(t, A, p, ctx)) goto end; |
| 301 | if (BN_is_zero(t)) | 290 | if (BN_is_zero(t)) |
| 302 | { | 291 | { |
| 303 | /* special case: a == 0 (mod p) */ | 292 | /* special case: a == 0 (mod p) */ |
| 304 | if (!BN_zero(ret)) goto end; | 293 | BN_zero(ret); |
| 305 | err = 0; | 294 | err = 0; |
| 306 | goto end; | 295 | goto end; |
| 307 | } | 296 | } |
| @@ -310,11 +299,11 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 310 | } | 299 | } |
| 311 | else | 300 | else |
| 312 | { | 301 | { |
| 313 | if (!BN_mod_exp(x, a, t, p, ctx)) goto end; | 302 | if (!BN_mod_exp(x, A, t, p, ctx)) goto end; |
| 314 | if (BN_is_zero(x)) | 303 | if (BN_is_zero(x)) |
| 315 | { | 304 | { |
| 316 | /* special case: a == 0 (mod p) */ | 305 | /* special case: a == 0 (mod p) */ |
| 317 | if (!BN_zero(ret)) goto end; | 306 | BN_zero(ret); |
| 318 | err = 0; | 307 | err = 0; |
| 319 | goto end; | 308 | goto end; |
| 320 | } | 309 | } |
| @@ -322,10 +311,10 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 322 | 311 | ||
| 323 | /* b := a*x^2 (= a^q) */ | 312 | /* b := a*x^2 (= a^q) */ |
| 324 | if (!BN_mod_sqr(b, x, p, ctx)) goto end; | 313 | if (!BN_mod_sqr(b, x, p, ctx)) goto end; |
| 325 | if (!BN_mod_mul(b, b, a, p, ctx)) goto end; | 314 | if (!BN_mod_mul(b, b, A, p, ctx)) goto end; |
| 326 | 315 | ||
| 327 | /* x := a*x (= a^((q+1)/2)) */ | 316 | /* x := a*x (= a^((q+1)/2)) */ |
| 328 | if (!BN_mod_mul(x, x, a, p, ctx)) goto end; | 317 | if (!BN_mod_mul(x, x, A, p, ctx)) goto end; |
| 329 | 318 | ||
| 330 | while (1) | 319 | while (1) |
| 331 | { | 320 | { |
| @@ -342,7 +331,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 342 | { | 331 | { |
| 343 | if (!BN_copy(ret, x)) goto end; | 332 | if (!BN_copy(ret, x)) goto end; |
| 344 | err = 0; | 333 | err = 0; |
| 345 | goto end; | 334 | goto vrfy; |
| 346 | } | 335 | } |
| 347 | 336 | ||
| 348 | 337 | ||
| @@ -373,6 +362,22 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 373 | e = i; | 362 | e = i; |
| 374 | } | 363 | } |
| 375 | 364 | ||
| 365 | vrfy: | ||
| 366 | if (!err) | ||
| 367 | { | ||
| 368 | /* verify the result -- the input might have been not a square | ||
| 369 | * (test added in 0.9.8) */ | ||
| 370 | |||
| 371 | if (!BN_mod_sqr(x, ret, p, ctx)) | ||
| 372 | err = 1; | ||
| 373 | |||
| 374 | if (!err && 0 != BN_cmp(x, A)) | ||
| 375 | { | ||
| 376 | BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE); | ||
| 377 | err = 1; | ||
| 378 | } | ||
| 379 | } | ||
| 380 | |||
| 376 | end: | 381 | end: |
| 377 | if (err) | 382 | if (err) |
| 378 | { | 383 | { |
| @@ -383,5 +388,6 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) | |||
| 383 | ret = NULL; | 388 | ret = NULL; |
| 384 | } | 389 | } |
| 385 | BN_CTX_end(ctx); | 390 | BN_CTX_end(ctx); |
| 391 | bn_check_top(ret); | ||
| 386 | return ret; | 392 | return ret; |
| 387 | } | 393 | } |
diff --git a/src/lib/libcrypto/bn/bn_word.c b/src/lib/libcrypto/bn/bn_word.c index de610ce54c..ee7b87c45c 100644 --- a/src/lib/libcrypto/bn/bn_word.c +++ b/src/lib/libcrypto/bn/bn_word.c | |||
| @@ -69,6 +69,10 @@ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w) | |||
| 69 | #endif | 69 | #endif |
| 70 | int i; | 70 | int i; |
| 71 | 71 | ||
| 72 | if (w == 0) | ||
| 73 | return (BN_ULONG)-1; | ||
| 74 | |||
| 75 | bn_check_top(a); | ||
| 72 | w&=BN_MASK2; | 76 | w&=BN_MASK2; |
| 73 | for (i=a->top-1; i>=0; i--) | 77 | for (i=a->top-1; i>=0; i--) |
| 74 | { | 78 | { |
| @@ -85,12 +89,24 @@ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w) | |||
| 85 | 89 | ||
| 86 | BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w) | 90 | BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w) |
| 87 | { | 91 | { |
| 88 | BN_ULONG ret; | 92 | BN_ULONG ret = 0; |
| 89 | int i; | 93 | int i, j; |
| 94 | |||
| 95 | bn_check_top(a); | ||
| 96 | w &= BN_MASK2; | ||
| 97 | |||
| 98 | if (!w) | ||
| 99 | /* actually this an error (division by zero) */ | ||
| 100 | return (BN_ULONG)-1; | ||
| 101 | if (a->top == 0) | ||
| 102 | return 0; | ||
| 103 | |||
| 104 | /* normalize input (so bn_div_words doesn't complain) */ | ||
| 105 | j = BN_BITS2 - BN_num_bits_word(w); | ||
| 106 | w <<= j; | ||
| 107 | if (!BN_lshift(a, a, j)) | ||
| 108 | return (BN_ULONG)-1; | ||
| 90 | 109 | ||
| 91 | if (a->top == 0) return(0); | ||
| 92 | ret=0; | ||
| 93 | w&=BN_MASK2; | ||
| 94 | for (i=a->top-1; i>=0; i--) | 110 | for (i=a->top-1; i>=0; i--) |
| 95 | { | 111 | { |
| 96 | BN_ULONG l,d; | 112 | BN_ULONG l,d; |
| @@ -102,6 +118,8 @@ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w) | |||
| 102 | } | 118 | } |
| 103 | if ((a->top > 0) && (a->d[a->top-1] == 0)) | 119 | if ((a->top > 0) && (a->d[a->top-1] == 0)) |
| 104 | a->top--; | 120 | a->top--; |
| 121 | ret >>= j; | ||
| 122 | bn_check_top(a); | ||
| 105 | return(ret); | 123 | return(ret); |
| 106 | } | 124 | } |
| 107 | 125 | ||
| @@ -110,9 +128,14 @@ int BN_add_word(BIGNUM *a, BN_ULONG w) | |||
| 110 | BN_ULONG l; | 128 | BN_ULONG l; |
| 111 | int i; | 129 | int i; |
| 112 | 130 | ||
| 113 | if ((w & BN_MASK2) == 0) | 131 | bn_check_top(a); |
| 114 | return(1); | 132 | w &= BN_MASK2; |
| 115 | 133 | ||
| 134 | /* degenerate case: w is zero */ | ||
| 135 | if (!w) return 1; | ||
| 136 | /* degenerate case: a is zero */ | ||
| 137 | if(BN_is_zero(a)) return BN_set_word(a, w); | ||
| 138 | /* handle 'a' when negative */ | ||
| 116 | if (a->neg) | 139 | if (a->neg) |
| 117 | { | 140 | { |
| 118 | a->neg=0; | 141 | a->neg=0; |
| @@ -121,15 +144,17 @@ int BN_add_word(BIGNUM *a, BN_ULONG w) | |||
| 121 | a->neg=!(a->neg); | 144 | a->neg=!(a->neg); |
| 122 | return(i); | 145 | return(i); |
| 123 | } | 146 | } |
| 124 | w&=BN_MASK2; | 147 | /* Only expand (and risk failing) if it's possibly necessary */ |
| 125 | if (bn_wexpand(a,a->top+1) == NULL) return(0); | 148 | if (((BN_ULONG)(a->d[a->top - 1] + 1) == 0) && |
| 149 | (bn_wexpand(a,a->top+1) == NULL)) | ||
| 150 | return(0); | ||
| 126 | i=0; | 151 | i=0; |
| 127 | for (;;) | 152 | for (;;) |
| 128 | { | 153 | { |
| 129 | if (i >= a->top) | 154 | if (i >= a->top) |
| 130 | l=w; | 155 | l=w; |
| 131 | else | 156 | else |
| 132 | l=(a->d[i]+(BN_ULONG)w)&BN_MASK2; | 157 | l=(a->d[i]+w)&BN_MASK2; |
| 133 | a->d[i]=l; | 158 | a->d[i]=l; |
| 134 | if (w > l) | 159 | if (w > l) |
| 135 | w=1; | 160 | w=1; |
| @@ -139,6 +164,7 @@ int BN_add_word(BIGNUM *a, BN_ULONG w) | |||
| 139 | } | 164 | } |
| 140 | if (i >= a->top) | 165 | if (i >= a->top) |
| 141 | a->top++; | 166 | a->top++; |
| 167 | bn_check_top(a); | ||
| 142 | return(1); | 168 | return(1); |
| 143 | } | 169 | } |
| 144 | 170 | ||
| @@ -146,10 +172,21 @@ int BN_sub_word(BIGNUM *a, BN_ULONG w) | |||
| 146 | { | 172 | { |
| 147 | int i; | 173 | int i; |
| 148 | 174 | ||
| 149 | if ((w & BN_MASK2) == 0) | 175 | bn_check_top(a); |
| 150 | return(1); | 176 | w &= BN_MASK2; |
| 151 | 177 | ||
| 152 | if (BN_is_zero(a) || a->neg) | 178 | /* degenerate case: w is zero */ |
| 179 | if (!w) return 1; | ||
| 180 | /* degenerate case: a is zero */ | ||
| 181 | if(BN_is_zero(a)) | ||
| 182 | { | ||
| 183 | i = BN_set_word(a,w); | ||
| 184 | if (i != 0) | ||
| 185 | BN_set_negative(a, 1); | ||
| 186 | return i; | ||
| 187 | } | ||
| 188 | /* handle 'a' when negative */ | ||
| 189 | if (a->neg) | ||
| 153 | { | 190 | { |
| 154 | a->neg=0; | 191 | a->neg=0; |
| 155 | i=BN_add_word(a,w); | 192 | i=BN_add_word(a,w); |
| @@ -157,7 +194,6 @@ int BN_sub_word(BIGNUM *a, BN_ULONG w) | |||
| 157 | return(i); | 194 | return(i); |
| 158 | } | 195 | } |
| 159 | 196 | ||
| 160 | w&=BN_MASK2; | ||
| 161 | if ((a->top == 1) && (a->d[0] < w)) | 197 | if ((a->top == 1) && (a->d[0] < w)) |
| 162 | { | 198 | { |
| 163 | a->d[0]=w-a->d[0]; | 199 | a->d[0]=w-a->d[0]; |
| @@ -181,6 +217,7 @@ int BN_sub_word(BIGNUM *a, BN_ULONG w) | |||
| 181 | } | 217 | } |
| 182 | if ((a->d[i] == 0) && (i == (a->top-1))) | 218 | if ((a->d[i] == 0) && (i == (a->top-1))) |
| 183 | a->top--; | 219 | a->top--; |
| 220 | bn_check_top(a); | ||
| 184 | return(1); | 221 | return(1); |
| 185 | } | 222 | } |
| 186 | 223 | ||
| @@ -188,6 +225,7 @@ int BN_mul_word(BIGNUM *a, BN_ULONG w) | |||
| 188 | { | 225 | { |
| 189 | BN_ULONG ll; | 226 | BN_ULONG ll; |
| 190 | 227 | ||
| 228 | bn_check_top(a); | ||
| 191 | w&=BN_MASK2; | 229 | w&=BN_MASK2; |
| 192 | if (a->top) | 230 | if (a->top) |
| 193 | { | 231 | { |
| @@ -203,6 +241,7 @@ int BN_mul_word(BIGNUM *a, BN_ULONG w) | |||
| 203 | } | 241 | } |
| 204 | } | 242 | } |
| 205 | } | 243 | } |
| 244 | bn_check_top(a); | ||
| 206 | return(1); | 245 | return(1); |
| 207 | } | 246 | } |
| 208 | 247 | ||
diff --git a/src/lib/libcrypto/bn/bntest.c b/src/lib/libcrypto/bn/bntest.c index 792a75ff4f..cf190380f5 100644 --- a/src/lib/libcrypto/bn/bntest.c +++ b/src/lib/libcrypto/bn/bntest.c | |||
| @@ -55,6 +55,25 @@ | |||
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * | ||
| 61 | * Portions of the attached software ("Contribution") are developed by | ||
| 62 | * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. | ||
| 63 | * | ||
| 64 | * The Contribution is licensed pursuant to the Eric Young open source | ||
| 65 | * license provided above. | ||
| 66 | * | ||
| 67 | * The binary polynomial arithmetic software is originally written by | ||
| 68 | * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. | ||
| 69 | * | ||
| 70 | */ | ||
| 71 | |||
| 72 | /* Until the key-gen callbacks are modified to use newer prototypes, we allow | ||
| 73 | * deprecated functions for openssl-internal code */ | ||
| 74 | #ifdef OPENSSL_NO_DEPRECATED | ||
| 75 | #undef OPENSSL_NO_DEPRECATED | ||
| 76 | #endif | ||
| 58 | 77 | ||
| 59 | #include <stdio.h> | 78 | #include <stdio.h> |
| 60 | #include <stdlib.h> | 79 | #include <stdlib.h> |
| @@ -79,6 +98,7 @@ int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_); | |||
| 79 | int test_rshift1(BIO *bp); | 98 | int test_rshift1(BIO *bp); |
| 80 | int test_rshift(BIO *bp,BN_CTX *ctx); | 99 | int test_rshift(BIO *bp,BN_CTX *ctx); |
| 81 | int test_div(BIO *bp,BN_CTX *ctx); | 100 | int test_div(BIO *bp,BN_CTX *ctx); |
| 101 | int test_div_word(BIO *bp); | ||
| 82 | int test_div_recp(BIO *bp,BN_CTX *ctx); | 102 | int test_div_recp(BIO *bp,BN_CTX *ctx); |
| 83 | int test_mul(BIO *bp); | 103 | int test_mul(BIO *bp); |
| 84 | int test_sqr(BIO *bp,BN_CTX *ctx); | 104 | int test_sqr(BIO *bp,BN_CTX *ctx); |
| @@ -88,6 +108,15 @@ int test_mod_mul(BIO *bp,BN_CTX *ctx); | |||
| 88 | int test_mod_exp(BIO *bp,BN_CTX *ctx); | 108 | int test_mod_exp(BIO *bp,BN_CTX *ctx); |
| 89 | int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx); | 109 | int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx); |
| 90 | int test_exp(BIO *bp,BN_CTX *ctx); | 110 | int test_exp(BIO *bp,BN_CTX *ctx); |
| 111 | int test_gf2m_add(BIO *bp); | ||
| 112 | int test_gf2m_mod(BIO *bp); | ||
| 113 | int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx); | ||
| 114 | int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx); | ||
| 115 | int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx); | ||
| 116 | int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx); | ||
| 117 | int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx); | ||
| 118 | int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx); | ||
| 119 | int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx); | ||
| 91 | int test_kron(BIO *bp,BN_CTX *ctx); | 120 | int test_kron(BIO *bp,BN_CTX *ctx); |
| 92 | int test_sqrt(BIO *bp,BN_CTX *ctx); | 121 | int test_sqrt(BIO *bp,BN_CTX *ctx); |
| 93 | int rand_neg(void); | 122 | int rand_neg(void); |
| @@ -155,80 +184,120 @@ int main(int argc, char *argv[]) | |||
| 155 | 184 | ||
| 156 | message(out,"BN_add"); | 185 | message(out,"BN_add"); |
| 157 | if (!test_add(out)) goto err; | 186 | if (!test_add(out)) goto err; |
| 158 | BIO_flush(out); | 187 | (void)BIO_flush(out); |
| 159 | 188 | ||
| 160 | message(out,"BN_sub"); | 189 | message(out,"BN_sub"); |
| 161 | if (!test_sub(out)) goto err; | 190 | if (!test_sub(out)) goto err; |
| 162 | BIO_flush(out); | 191 | (void)BIO_flush(out); |
| 163 | 192 | ||
| 164 | message(out,"BN_lshift1"); | 193 | message(out,"BN_lshift1"); |
| 165 | if (!test_lshift1(out)) goto err; | 194 | if (!test_lshift1(out)) goto err; |
| 166 | BIO_flush(out); | 195 | (void)BIO_flush(out); |
| 167 | 196 | ||
| 168 | message(out,"BN_lshift (fixed)"); | 197 | message(out,"BN_lshift (fixed)"); |
| 169 | if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL))) | 198 | if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL))) |
| 170 | goto err; | 199 | goto err; |
| 171 | BIO_flush(out); | 200 | (void)BIO_flush(out); |
| 172 | 201 | ||
| 173 | message(out,"BN_lshift"); | 202 | message(out,"BN_lshift"); |
| 174 | if (!test_lshift(out,ctx,NULL)) goto err; | 203 | if (!test_lshift(out,ctx,NULL)) goto err; |
| 175 | BIO_flush(out); | 204 | (void)BIO_flush(out); |
| 176 | 205 | ||
| 177 | message(out,"BN_rshift1"); | 206 | message(out,"BN_rshift1"); |
| 178 | if (!test_rshift1(out)) goto err; | 207 | if (!test_rshift1(out)) goto err; |
| 179 | BIO_flush(out); | 208 | (void)BIO_flush(out); |
| 180 | 209 | ||
| 181 | message(out,"BN_rshift"); | 210 | message(out,"BN_rshift"); |
| 182 | if (!test_rshift(out,ctx)) goto err; | 211 | if (!test_rshift(out,ctx)) goto err; |
| 183 | BIO_flush(out); | 212 | (void)BIO_flush(out); |
| 184 | 213 | ||
| 185 | message(out,"BN_sqr"); | 214 | message(out,"BN_sqr"); |
| 186 | if (!test_sqr(out,ctx)) goto err; | 215 | if (!test_sqr(out,ctx)) goto err; |
| 187 | BIO_flush(out); | 216 | (void)BIO_flush(out); |
| 188 | 217 | ||
| 189 | message(out,"BN_mul"); | 218 | message(out,"BN_mul"); |
| 190 | if (!test_mul(out)) goto err; | 219 | if (!test_mul(out)) goto err; |
| 191 | BIO_flush(out); | 220 | (void)BIO_flush(out); |
| 192 | 221 | ||
| 193 | message(out,"BN_div"); | 222 | message(out,"BN_div"); |
| 194 | if (!test_div(out,ctx)) goto err; | 223 | if (!test_div(out,ctx)) goto err; |
| 195 | BIO_flush(out); | 224 | (void)BIO_flush(out); |
| 225 | |||
| 226 | message(out,"BN_div_word"); | ||
| 227 | if (!test_div_word(out)) goto err; | ||
| 228 | (void)BIO_flush(out); | ||
| 196 | 229 | ||
| 197 | message(out,"BN_div_recp"); | 230 | message(out,"BN_div_recp"); |
| 198 | if (!test_div_recp(out,ctx)) goto err; | 231 | if (!test_div_recp(out,ctx)) goto err; |
| 199 | BIO_flush(out); | 232 | (void)BIO_flush(out); |
| 200 | 233 | ||
| 201 | message(out,"BN_mod"); | 234 | message(out,"BN_mod"); |
| 202 | if (!test_mod(out,ctx)) goto err; | 235 | if (!test_mod(out,ctx)) goto err; |
| 203 | BIO_flush(out); | 236 | (void)BIO_flush(out); |
| 204 | 237 | ||
| 205 | message(out,"BN_mod_mul"); | 238 | message(out,"BN_mod_mul"); |
| 206 | if (!test_mod_mul(out,ctx)) goto err; | 239 | if (!test_mod_mul(out,ctx)) goto err; |
| 207 | BIO_flush(out); | 240 | (void)BIO_flush(out); |
| 208 | 241 | ||
| 209 | message(out,"BN_mont"); | 242 | message(out,"BN_mont"); |
| 210 | if (!test_mont(out,ctx)) goto err; | 243 | if (!test_mont(out,ctx)) goto err; |
| 211 | BIO_flush(out); | 244 | (void)BIO_flush(out); |
| 212 | 245 | ||
| 213 | message(out,"BN_mod_exp"); | 246 | message(out,"BN_mod_exp"); |
| 214 | if (!test_mod_exp(out,ctx)) goto err; | 247 | if (!test_mod_exp(out,ctx)) goto err; |
| 215 | BIO_flush(out); | 248 | (void)BIO_flush(out); |
| 216 | 249 | ||
| 217 | message(out,"BN_mod_exp_mont_consttime"); | 250 | message(out,"BN_mod_exp_mont_consttime"); |
| 218 | if (!test_mod_exp_mont_consttime(out,ctx)) goto err; | 251 | if (!test_mod_exp_mont_consttime(out,ctx)) goto err; |
| 219 | BIO_flush(out); | 252 | (void)BIO_flush(out); |
| 220 | 253 | ||
| 221 | message(out,"BN_exp"); | 254 | message(out,"BN_exp"); |
| 222 | if (!test_exp(out,ctx)) goto err; | 255 | if (!test_exp(out,ctx)) goto err; |
| 223 | BIO_flush(out); | 256 | (void)BIO_flush(out); |
| 224 | 257 | ||
| 225 | message(out,"BN_kronecker"); | 258 | message(out,"BN_kronecker"); |
| 226 | if (!test_kron(out,ctx)) goto err; | 259 | if (!test_kron(out,ctx)) goto err; |
| 227 | BIO_flush(out); | 260 | (void)BIO_flush(out); |
| 228 | 261 | ||
| 229 | message(out,"BN_mod_sqrt"); | 262 | message(out,"BN_mod_sqrt"); |
| 230 | if (!test_sqrt(out,ctx)) goto err; | 263 | if (!test_sqrt(out,ctx)) goto err; |
| 231 | BIO_flush(out); | 264 | (void)BIO_flush(out); |
| 265 | |||
| 266 | message(out,"BN_GF2m_add"); | ||
| 267 | if (!test_gf2m_add(out)) goto err; | ||
| 268 | (void)BIO_flush(out); | ||
| 269 | |||
| 270 | message(out,"BN_GF2m_mod"); | ||
| 271 | if (!test_gf2m_mod(out)) goto err; | ||
| 272 | (void)BIO_flush(out); | ||
| 273 | |||
| 274 | message(out,"BN_GF2m_mod_mul"); | ||
| 275 | if (!test_gf2m_mod_mul(out,ctx)) goto err; | ||
| 276 | (void)BIO_flush(out); | ||
| 277 | |||
| 278 | message(out,"BN_GF2m_mod_sqr"); | ||
| 279 | if (!test_gf2m_mod_sqr(out,ctx)) goto err; | ||
| 280 | (void)BIO_flush(out); | ||
| 281 | |||
| 282 | message(out,"BN_GF2m_mod_inv"); | ||
| 283 | if (!test_gf2m_mod_inv(out,ctx)) goto err; | ||
| 284 | (void)BIO_flush(out); | ||
| 285 | |||
| 286 | message(out,"BN_GF2m_mod_div"); | ||
| 287 | if (!test_gf2m_mod_div(out,ctx)) goto err; | ||
| 288 | (void)BIO_flush(out); | ||
| 289 | |||
| 290 | message(out,"BN_GF2m_mod_exp"); | ||
| 291 | if (!test_gf2m_mod_exp(out,ctx)) goto err; | ||
| 292 | (void)BIO_flush(out); | ||
| 293 | |||
| 294 | message(out,"BN_GF2m_mod_sqrt"); | ||
| 295 | if (!test_gf2m_mod_sqrt(out,ctx)) goto err; | ||
| 296 | (void)BIO_flush(out); | ||
| 297 | |||
| 298 | message(out,"BN_GF2m_mod_solve_quad"); | ||
| 299 | if (!test_gf2m_mod_solve_quad(out,ctx)) goto err; | ||
| 300 | (void)BIO_flush(out); | ||
| 232 | 301 | ||
| 233 | BN_CTX_free(ctx); | 302 | BN_CTX_free(ctx); |
| 234 | BIO_free(out); | 303 | BIO_free(out); |
| @@ -237,8 +306,8 @@ int main(int argc, char *argv[]) | |||
| 237 | EXIT(0); | 306 | EXIT(0); |
| 238 | err: | 307 | err: |
| 239 | BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices | 308 | BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices |
| 240 | * the failure, see test_bn in test/Makefile */ | 309 | * the failure, see test_bn in test/Makefile.ssl*/ |
| 241 | BIO_flush(out); | 310 | (void)BIO_flush(out); |
| 242 | ERR_load_crypto_strings(); | 311 | ERR_load_crypto_strings(); |
| 243 | ERR_print_errors_fp(stderr); | 312 | ERR_print_errors_fp(stderr); |
| 244 | EXIT(1); | 313 | EXIT(1); |
| @@ -404,6 +473,78 @@ int test_div(BIO *bp, BN_CTX *ctx) | |||
| 404 | return(1); | 473 | return(1); |
| 405 | } | 474 | } |
| 406 | 475 | ||
| 476 | static void print_word(BIO *bp,BN_ULONG w) | ||
| 477 | { | ||
| 478 | #ifdef SIXTY_FOUR_BIT | ||
| 479 | if (sizeof(w) > sizeof(unsigned long)) | ||
| 480 | { | ||
| 481 | unsigned long h=(unsigned long)(w>>32), | ||
| 482 | l=(unsigned long)(w); | ||
| 483 | |||
| 484 | if (h) BIO_printf(bp,"%lX%08lX",h,l); | ||
| 485 | else BIO_printf(bp,"%lX",l); | ||
| 486 | return; | ||
| 487 | } | ||
| 488 | #endif | ||
| 489 | BIO_printf(bp,"%lX",w); | ||
| 490 | } | ||
| 491 | |||
| 492 | int test_div_word(BIO *bp) | ||
| 493 | { | ||
| 494 | BIGNUM a,b; | ||
| 495 | BN_ULONG r,s; | ||
| 496 | int i; | ||
| 497 | |||
| 498 | BN_init(&a); | ||
| 499 | BN_init(&b); | ||
| 500 | |||
| 501 | for (i=0; i<num0; i++) | ||
| 502 | { | ||
| 503 | do { | ||
| 504 | BN_bntest_rand(&a,512,-1,0); | ||
| 505 | BN_bntest_rand(&b,BN_BITS2,-1,0); | ||
| 506 | s = b.d[0]; | ||
| 507 | } while (!s); | ||
| 508 | |||
| 509 | BN_copy(&b, &a); | ||
| 510 | r = BN_div_word(&b, s); | ||
| 511 | |||
| 512 | if (bp != NULL) | ||
| 513 | { | ||
| 514 | if (!results) | ||
| 515 | { | ||
| 516 | BN_print(bp,&a); | ||
| 517 | BIO_puts(bp," / "); | ||
| 518 | print_word(bp,s); | ||
| 519 | BIO_puts(bp," - "); | ||
| 520 | } | ||
| 521 | BN_print(bp,&b); | ||
| 522 | BIO_puts(bp,"\n"); | ||
| 523 | |||
| 524 | if (!results) | ||
| 525 | { | ||
| 526 | BN_print(bp,&a); | ||
| 527 | BIO_puts(bp," % "); | ||
| 528 | print_word(bp,s); | ||
| 529 | BIO_puts(bp," - "); | ||
| 530 | } | ||
| 531 | print_word(bp,r); | ||
| 532 | BIO_puts(bp,"\n"); | ||
| 533 | } | ||
| 534 | BN_mul_word(&b,s); | ||
| 535 | BN_add_word(&b,r); | ||
| 536 | BN_sub(&b,&a,&b); | ||
| 537 | if(!BN_is_zero(&b)) | ||
| 538 | { | ||
| 539 | fprintf(stderr,"Division (word) test failed!\n"); | ||
| 540 | return 0; | ||
| 541 | } | ||
| 542 | } | ||
| 543 | BN_free(&a); | ||
| 544 | BN_free(&b); | ||
| 545 | return(1); | ||
| 546 | } | ||
| 547 | |||
| 407 | int test_div_recp(BIO *bp, BN_CTX *ctx) | 548 | int test_div_recp(BIO *bp, BN_CTX *ctx) |
| 408 | { | 549 | { |
| 409 | BIGNUM a,b,c,d,e; | 550 | BIGNUM a,b,c,d,e; |
| @@ -919,7 +1060,582 @@ int test_exp(BIO *bp, BN_CTX *ctx) | |||
| 919 | return(1); | 1060 | return(1); |
| 920 | } | 1061 | } |
| 921 | 1062 | ||
| 922 | static void genprime_cb(int p, int n, void *arg) | 1063 | int test_gf2m_add(BIO *bp) |
| 1064 | { | ||
| 1065 | BIGNUM a,b,c; | ||
| 1066 | int i, ret = 0; | ||
| 1067 | |||
| 1068 | BN_init(&a); | ||
| 1069 | BN_init(&b); | ||
| 1070 | BN_init(&c); | ||
| 1071 | |||
| 1072 | for (i=0; i<num0; i++) | ||
| 1073 | { | ||
| 1074 | BN_rand(&a,512,0,0); | ||
| 1075 | BN_copy(&b, BN_value_one()); | ||
| 1076 | a.neg=rand_neg(); | ||
| 1077 | b.neg=rand_neg(); | ||
| 1078 | BN_GF2m_add(&c,&a,&b); | ||
| 1079 | #if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ | ||
| 1080 | if (bp != NULL) | ||
| 1081 | { | ||
| 1082 | if (!results) | ||
| 1083 | { | ||
| 1084 | BN_print(bp,&a); | ||
| 1085 | BIO_puts(bp," ^ "); | ||
| 1086 | BN_print(bp,&b); | ||
| 1087 | BIO_puts(bp," = "); | ||
| 1088 | } | ||
| 1089 | BN_print(bp,&c); | ||
| 1090 | BIO_puts(bp,"\n"); | ||
| 1091 | } | ||
| 1092 | #endif | ||
| 1093 | /* Test that two added values have the correct parity. */ | ||
| 1094 | if((BN_is_odd(&a) && BN_is_odd(&c)) || (!BN_is_odd(&a) && !BN_is_odd(&c))) | ||
| 1095 | { | ||
| 1096 | fprintf(stderr,"GF(2^m) addition test (a) failed!\n"); | ||
| 1097 | goto err; | ||
| 1098 | } | ||
| 1099 | BN_GF2m_add(&c,&c,&c); | ||
| 1100 | /* Test that c + c = 0. */ | ||
| 1101 | if(!BN_is_zero(&c)) | ||
| 1102 | { | ||
| 1103 | fprintf(stderr,"GF(2^m) addition test (b) failed!\n"); | ||
| 1104 | goto err; | ||
| 1105 | } | ||
| 1106 | } | ||
| 1107 | ret = 1; | ||
| 1108 | err: | ||
| 1109 | BN_free(&a); | ||
| 1110 | BN_free(&b); | ||
| 1111 | BN_free(&c); | ||
| 1112 | return ret; | ||
| 1113 | } | ||
| 1114 | |||
| 1115 | int test_gf2m_mod(BIO *bp) | ||
| 1116 | { | ||
| 1117 | BIGNUM *a,*b[2],*c,*d,*e; | ||
| 1118 | int i, j, ret = 0; | ||
| 1119 | unsigned int p0[] = {163,7,6,3,0}; | ||
| 1120 | unsigned int p1[] = {193,15,0}; | ||
| 1121 | |||
| 1122 | a=BN_new(); | ||
| 1123 | b[0]=BN_new(); | ||
| 1124 | b[1]=BN_new(); | ||
| 1125 | c=BN_new(); | ||
| 1126 | d=BN_new(); | ||
| 1127 | e=BN_new(); | ||
| 1128 | |||
| 1129 | BN_GF2m_arr2poly(p0, b[0]); | ||
| 1130 | BN_GF2m_arr2poly(p1, b[1]); | ||
| 1131 | |||
| 1132 | for (i=0; i<num0; i++) | ||
| 1133 | { | ||
| 1134 | BN_bntest_rand(a, 1024, 0, 0); | ||
| 1135 | for (j=0; j < 2; j++) | ||
| 1136 | { | ||
| 1137 | BN_GF2m_mod(c, a, b[j]); | ||
| 1138 | #if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ | ||
| 1139 | if (bp != NULL) | ||
| 1140 | { | ||
| 1141 | if (!results) | ||
| 1142 | { | ||
| 1143 | BN_print(bp,a); | ||
| 1144 | BIO_puts(bp," % "); | ||
| 1145 | BN_print(bp,b[j]); | ||
| 1146 | BIO_puts(bp," - "); | ||
| 1147 | BN_print(bp,c); | ||
| 1148 | BIO_puts(bp,"\n"); | ||
| 1149 | } | ||
| 1150 | } | ||
| 1151 | #endif | ||
| 1152 | BN_GF2m_add(d, a, c); | ||
| 1153 | BN_GF2m_mod(e, d, b[j]); | ||
| 1154 | /* Test that a + (a mod p) mod p == 0. */ | ||
| 1155 | if(!BN_is_zero(e)) | ||
| 1156 | { | ||
| 1157 | fprintf(stderr,"GF(2^m) modulo test failed!\n"); | ||
| 1158 | goto err; | ||
| 1159 | } | ||
| 1160 | } | ||
| 1161 | } | ||
| 1162 | ret = 1; | ||
| 1163 | err: | ||
| 1164 | BN_free(a); | ||
| 1165 | BN_free(b[0]); | ||
| 1166 | BN_free(b[1]); | ||
| 1167 | BN_free(c); | ||
| 1168 | BN_free(d); | ||
| 1169 | BN_free(e); | ||
| 1170 | return ret; | ||
| 1171 | } | ||
| 1172 | |||
| 1173 | int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx) | ||
| 1174 | { | ||
| 1175 | BIGNUM *a,*b[2],*c,*d,*e,*f,*g,*h; | ||
| 1176 | int i, j, ret = 0; | ||
| 1177 | unsigned int p0[] = {163,7,6,3,0}; | ||
| 1178 | unsigned int p1[] = {193,15,0}; | ||
| 1179 | |||
| 1180 | a=BN_new(); | ||
| 1181 | b[0]=BN_new(); | ||
| 1182 | b[1]=BN_new(); | ||
| 1183 | c=BN_new(); | ||
| 1184 | d=BN_new(); | ||
| 1185 | e=BN_new(); | ||
| 1186 | f=BN_new(); | ||
| 1187 | g=BN_new(); | ||
| 1188 | h=BN_new(); | ||
| 1189 | |||
| 1190 | BN_GF2m_arr2poly(p0, b[0]); | ||
| 1191 | BN_GF2m_arr2poly(p1, b[1]); | ||
| 1192 | |||
| 1193 | for (i=0; i<num0; i++) | ||
| 1194 | { | ||
| 1195 | BN_bntest_rand(a, 1024, 0, 0); | ||
| 1196 | BN_bntest_rand(c, 1024, 0, 0); | ||
| 1197 | BN_bntest_rand(d, 1024, 0, 0); | ||
| 1198 | for (j=0; j < 2; j++) | ||
| 1199 | { | ||
| 1200 | BN_GF2m_mod_mul(e, a, c, b[j], ctx); | ||
| 1201 | #if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ | ||
| 1202 | if (bp != NULL) | ||
| 1203 | { | ||
| 1204 | if (!results) | ||
| 1205 | { | ||
| 1206 | BN_print(bp,a); | ||
| 1207 | BIO_puts(bp," * "); | ||
| 1208 | BN_print(bp,c); | ||
| 1209 | BIO_puts(bp," % "); | ||
| 1210 | BN_print(bp,b[j]); | ||
| 1211 | BIO_puts(bp," - "); | ||
| 1212 | BN_print(bp,e); | ||
| 1213 | BIO_puts(bp,"\n"); | ||
| 1214 | } | ||
| 1215 | } | ||
| 1216 | #endif | ||
| 1217 | BN_GF2m_add(f, a, d); | ||
| 1218 | BN_GF2m_mod_mul(g, f, c, b[j], ctx); | ||
| 1219 | BN_GF2m_mod_mul(h, d, c, b[j], ctx); | ||
| 1220 | BN_GF2m_add(f, e, g); | ||
| 1221 | BN_GF2m_add(f, f, h); | ||
| 1222 | /* Test that (a+d)*c = a*c + d*c. */ | ||
| 1223 | if(!BN_is_zero(f)) | ||
| 1224 | { | ||
| 1225 | fprintf(stderr,"GF(2^m) modular multiplication test failed!\n"); | ||
| 1226 | goto err; | ||
| 1227 | } | ||
| 1228 | } | ||
| 1229 | } | ||
| 1230 | ret = 1; | ||
| 1231 | err: | ||
| 1232 | BN_free(a); | ||
| 1233 | BN_free(b[0]); | ||
| 1234 | BN_free(b[1]); | ||
| 1235 | BN_free(c); | ||
| 1236 | BN_free(d); | ||
| 1237 | BN_free(e); | ||
| 1238 | BN_free(f); | ||
| 1239 | BN_free(g); | ||
| 1240 | BN_free(h); | ||
| 1241 | return ret; | ||
| 1242 | } | ||
| 1243 | |||
| 1244 | int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx) | ||
| 1245 | { | ||
| 1246 | BIGNUM *a,*b[2],*c,*d; | ||
| 1247 | int i, j, ret = 0; | ||
| 1248 | unsigned int p0[] = {163,7,6,3,0}; | ||
| 1249 | unsigned int p1[] = {193,15,0}; | ||
| 1250 | |||
| 1251 | a=BN_new(); | ||
| 1252 | b[0]=BN_new(); | ||
| 1253 | b[1]=BN_new(); | ||
| 1254 | c=BN_new(); | ||
| 1255 | d=BN_new(); | ||
| 1256 | |||
| 1257 | BN_GF2m_arr2poly(p0, b[0]); | ||
| 1258 | BN_GF2m_arr2poly(p1, b[1]); | ||
| 1259 | |||
| 1260 | for (i=0; i<num0; i++) | ||
| 1261 | { | ||
| 1262 | BN_bntest_rand(a, 1024, 0, 0); | ||
| 1263 | for (j=0; j < 2; j++) | ||
| 1264 | { | ||
| 1265 | BN_GF2m_mod_sqr(c, a, b[j], ctx); | ||
| 1266 | BN_copy(d, a); | ||
| 1267 | BN_GF2m_mod_mul(d, a, d, b[j], ctx); | ||
| 1268 | #if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ | ||
| 1269 | if (bp != NULL) | ||
| 1270 | { | ||
| 1271 | if (!results) | ||
| 1272 | { | ||
| 1273 | BN_print(bp,a); | ||
| 1274 | BIO_puts(bp," ^ 2 % "); | ||
| 1275 | BN_print(bp,b[j]); | ||
| 1276 | BIO_puts(bp, " = "); | ||
| 1277 | BN_print(bp,c); | ||
| 1278 | BIO_puts(bp,"; a * a = "); | ||
| 1279 | BN_print(bp,d); | ||
| 1280 | BIO_puts(bp,"\n"); | ||
| 1281 | } | ||
| 1282 | } | ||
| 1283 | #endif | ||
| 1284 | BN_GF2m_add(d, c, d); | ||
| 1285 | /* Test that a*a = a^2. */ | ||
| 1286 | if(!BN_is_zero(d)) | ||
| 1287 | { | ||
| 1288 | fprintf(stderr,"GF(2^m) modular squaring test failed!\n"); | ||
| 1289 | goto err; | ||
| 1290 | } | ||
| 1291 | } | ||
| 1292 | } | ||
| 1293 | ret = 1; | ||
| 1294 | err: | ||
| 1295 | BN_free(a); | ||
| 1296 | BN_free(b[0]); | ||
| 1297 | BN_free(b[1]); | ||
| 1298 | BN_free(c); | ||
| 1299 | BN_free(d); | ||
| 1300 | return ret; | ||
| 1301 | } | ||
| 1302 | |||
| 1303 | int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx) | ||
| 1304 | { | ||
| 1305 | BIGNUM *a,*b[2],*c,*d; | ||
| 1306 | int i, j, ret = 0; | ||
| 1307 | unsigned int p0[] = {163,7,6,3,0}; | ||
| 1308 | unsigned int p1[] = {193,15,0}; | ||
| 1309 | |||
| 1310 | a=BN_new(); | ||
| 1311 | b[0]=BN_new(); | ||
| 1312 | b[1]=BN_new(); | ||
| 1313 | c=BN_new(); | ||
| 1314 | d=BN_new(); | ||
| 1315 | |||
| 1316 | BN_GF2m_arr2poly(p0, b[0]); | ||
| 1317 | BN_GF2m_arr2poly(p1, b[1]); | ||
| 1318 | |||
| 1319 | for (i=0; i<num0; i++) | ||
| 1320 | { | ||
| 1321 | BN_bntest_rand(a, 512, 0, 0); | ||
| 1322 | for (j=0; j < 2; j++) | ||
| 1323 | { | ||
| 1324 | BN_GF2m_mod_inv(c, a, b[j], ctx); | ||
| 1325 | BN_GF2m_mod_mul(d, a, c, b[j], ctx); | ||
| 1326 | #if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ | ||
| 1327 | if (bp != NULL) | ||
| 1328 | { | ||
| 1329 | if (!results) | ||
| 1330 | { | ||
| 1331 | BN_print(bp,a); | ||
| 1332 | BIO_puts(bp, " * "); | ||
| 1333 | BN_print(bp,c); | ||
| 1334 | BIO_puts(bp," - 1 % "); | ||
| 1335 | BN_print(bp,b[j]); | ||
| 1336 | BIO_puts(bp,"\n"); | ||
| 1337 | } | ||
| 1338 | } | ||
| 1339 | #endif | ||
| 1340 | /* Test that ((1/a)*a) = 1. */ | ||
| 1341 | if(!BN_is_one(d)) | ||
| 1342 | { | ||
| 1343 | fprintf(stderr,"GF(2^m) modular inversion test failed!\n"); | ||
| 1344 | goto err; | ||
| 1345 | } | ||
| 1346 | } | ||
| 1347 | } | ||
| 1348 | ret = 1; | ||
| 1349 | err: | ||
| 1350 | BN_free(a); | ||
| 1351 | BN_free(b[0]); | ||
| 1352 | BN_free(b[1]); | ||
| 1353 | BN_free(c); | ||
| 1354 | BN_free(d); | ||
| 1355 | return ret; | ||
| 1356 | } | ||
| 1357 | |||
| 1358 | int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx) | ||
| 1359 | { | ||
| 1360 | BIGNUM *a,*b[2],*c,*d,*e,*f; | ||
| 1361 | int i, j, ret = 0; | ||
| 1362 | unsigned int p0[] = {163,7,6,3,0}; | ||
| 1363 | unsigned int p1[] = {193,15,0}; | ||
| 1364 | |||
| 1365 | a=BN_new(); | ||
| 1366 | b[0]=BN_new(); | ||
| 1367 | b[1]=BN_new(); | ||
| 1368 | c=BN_new(); | ||
| 1369 | d=BN_new(); | ||
| 1370 | e=BN_new(); | ||
| 1371 | f=BN_new(); | ||
| 1372 | |||
| 1373 | BN_GF2m_arr2poly(p0, b[0]); | ||
| 1374 | BN_GF2m_arr2poly(p1, b[1]); | ||
| 1375 | |||
| 1376 | for (i=0; i<num0; i++) | ||
| 1377 | { | ||
| 1378 | BN_bntest_rand(a, 512, 0, 0); | ||
| 1379 | BN_bntest_rand(c, 512, 0, 0); | ||
| 1380 | for (j=0; j < 2; j++) | ||
| 1381 | { | ||
| 1382 | BN_GF2m_mod_div(d, a, c, b[j], ctx); | ||
| 1383 | BN_GF2m_mod_mul(e, d, c, b[j], ctx); | ||
| 1384 | BN_GF2m_mod_div(f, a, e, b[j], ctx); | ||
| 1385 | #if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ | ||
| 1386 | if (bp != NULL) | ||
| 1387 | { | ||
| 1388 | if (!results) | ||
| 1389 | { | ||
| 1390 | BN_print(bp,a); | ||
| 1391 | BIO_puts(bp, " = "); | ||
| 1392 | BN_print(bp,c); | ||
| 1393 | BIO_puts(bp," * "); | ||
| 1394 | BN_print(bp,d); | ||
| 1395 | BIO_puts(bp, " % "); | ||
| 1396 | BN_print(bp,b[j]); | ||
| 1397 | BIO_puts(bp,"\n"); | ||
| 1398 | } | ||
| 1399 | } | ||
| 1400 | #endif | ||
| 1401 | /* Test that ((a/c)*c)/a = 1. */ | ||
| 1402 | if(!BN_is_one(f)) | ||
| 1403 | { | ||
| 1404 | fprintf(stderr,"GF(2^m) modular division test failed!\n"); | ||
| 1405 | goto err; | ||
| 1406 | } | ||
| 1407 | } | ||
| 1408 | } | ||
| 1409 | ret = 1; | ||
| 1410 | err: | ||
| 1411 | BN_free(a); | ||
| 1412 | BN_free(b[0]); | ||
| 1413 | BN_free(b[1]); | ||
| 1414 | BN_free(c); | ||
| 1415 | BN_free(d); | ||
| 1416 | BN_free(e); | ||
| 1417 | BN_free(f); | ||
| 1418 | return ret; | ||
| 1419 | } | ||
| 1420 | |||
| 1421 | int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx) | ||
| 1422 | { | ||
| 1423 | BIGNUM *a,*b[2],*c,*d,*e,*f; | ||
| 1424 | int i, j, ret = 0; | ||
| 1425 | unsigned int p0[] = {163,7,6,3,0}; | ||
| 1426 | unsigned int p1[] = {193,15,0}; | ||
| 1427 | |||
| 1428 | a=BN_new(); | ||
| 1429 | b[0]=BN_new(); | ||
| 1430 | b[1]=BN_new(); | ||
| 1431 | c=BN_new(); | ||
| 1432 | d=BN_new(); | ||
| 1433 | e=BN_new(); | ||
| 1434 | f=BN_new(); | ||
| 1435 | |||
| 1436 | BN_GF2m_arr2poly(p0, b[0]); | ||
| 1437 | BN_GF2m_arr2poly(p1, b[1]); | ||
| 1438 | |||
| 1439 | for (i=0; i<num0; i++) | ||
| 1440 | { | ||
| 1441 | BN_bntest_rand(a, 512, 0, 0); | ||
| 1442 | BN_bntest_rand(c, 512, 0, 0); | ||
| 1443 | BN_bntest_rand(d, 512, 0, 0); | ||
| 1444 | for (j=0; j < 2; j++) | ||
| 1445 | { | ||
| 1446 | BN_GF2m_mod_exp(e, a, c, b[j], ctx); | ||
| 1447 | BN_GF2m_mod_exp(f, a, d, b[j], ctx); | ||
| 1448 | BN_GF2m_mod_mul(e, e, f, b[j], ctx); | ||
| 1449 | BN_add(f, c, d); | ||
| 1450 | BN_GF2m_mod_exp(f, a, f, b[j], ctx); | ||
| 1451 | #if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ | ||
| 1452 | if (bp != NULL) | ||
| 1453 | { | ||
| 1454 | if (!results) | ||
| 1455 | { | ||
| 1456 | BN_print(bp,a); | ||
| 1457 | BIO_puts(bp, " ^ ("); | ||
| 1458 | BN_print(bp,c); | ||
| 1459 | BIO_puts(bp," + "); | ||
| 1460 | BN_print(bp,d); | ||
| 1461 | BIO_puts(bp, ") = "); | ||
| 1462 | BN_print(bp,e); | ||
| 1463 | BIO_puts(bp, "; - "); | ||
| 1464 | BN_print(bp,f); | ||
| 1465 | BIO_puts(bp, " % "); | ||
| 1466 | BN_print(bp,b[j]); | ||
| 1467 | BIO_puts(bp,"\n"); | ||
| 1468 | } | ||
| 1469 | } | ||
| 1470 | #endif | ||
| 1471 | BN_GF2m_add(f, e, f); | ||
| 1472 | /* Test that a^(c+d)=a^c*a^d. */ | ||
| 1473 | if(!BN_is_zero(f)) | ||
| 1474 | { | ||
| 1475 | fprintf(stderr,"GF(2^m) modular exponentiation test failed!\n"); | ||
| 1476 | goto err; | ||
| 1477 | } | ||
| 1478 | } | ||
| 1479 | } | ||
| 1480 | ret = 1; | ||
| 1481 | err: | ||
| 1482 | BN_free(a); | ||
| 1483 | BN_free(b[0]); | ||
| 1484 | BN_free(b[1]); | ||
| 1485 | BN_free(c); | ||
| 1486 | BN_free(d); | ||
| 1487 | BN_free(e); | ||
| 1488 | BN_free(f); | ||
| 1489 | return ret; | ||
| 1490 | } | ||
| 1491 | |||
| 1492 | int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx) | ||
| 1493 | { | ||
| 1494 | BIGNUM *a,*b[2],*c,*d,*e,*f; | ||
| 1495 | int i, j, ret = 0; | ||
| 1496 | unsigned int p0[] = {163,7,6,3,0}; | ||
| 1497 | unsigned int p1[] = {193,15,0}; | ||
| 1498 | |||
| 1499 | a=BN_new(); | ||
| 1500 | b[0]=BN_new(); | ||
| 1501 | b[1]=BN_new(); | ||
| 1502 | c=BN_new(); | ||
| 1503 | d=BN_new(); | ||
| 1504 | e=BN_new(); | ||
| 1505 | f=BN_new(); | ||
| 1506 | |||
| 1507 | BN_GF2m_arr2poly(p0, b[0]); | ||
| 1508 | BN_GF2m_arr2poly(p1, b[1]); | ||
| 1509 | |||
| 1510 | for (i=0; i<num0; i++) | ||
| 1511 | { | ||
| 1512 | BN_bntest_rand(a, 512, 0, 0); | ||
| 1513 | for (j=0; j < 2; j++) | ||
| 1514 | { | ||
| 1515 | BN_GF2m_mod(c, a, b[j]); | ||
| 1516 | BN_GF2m_mod_sqrt(d, a, b[j], ctx); | ||
| 1517 | BN_GF2m_mod_sqr(e, d, b[j], ctx); | ||
| 1518 | #if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ | ||
| 1519 | if (bp != NULL) | ||
| 1520 | { | ||
| 1521 | if (!results) | ||
| 1522 | { | ||
| 1523 | BN_print(bp,d); | ||
| 1524 | BIO_puts(bp, " ^ 2 - "); | ||
| 1525 | BN_print(bp,a); | ||
| 1526 | BIO_puts(bp,"\n"); | ||
| 1527 | } | ||
| 1528 | } | ||
| 1529 | #endif | ||
| 1530 | BN_GF2m_add(f, c, e); | ||
| 1531 | /* Test that d^2 = a, where d = sqrt(a). */ | ||
| 1532 | if(!BN_is_zero(f)) | ||
| 1533 | { | ||
| 1534 | fprintf(stderr,"GF(2^m) modular square root test failed!\n"); | ||
| 1535 | goto err; | ||
| 1536 | } | ||
| 1537 | } | ||
| 1538 | } | ||
| 1539 | ret = 1; | ||
| 1540 | err: | ||
| 1541 | BN_free(a); | ||
| 1542 | BN_free(b[0]); | ||
| 1543 | BN_free(b[1]); | ||
| 1544 | BN_free(c); | ||
| 1545 | BN_free(d); | ||
| 1546 | BN_free(e); | ||
| 1547 | BN_free(f); | ||
| 1548 | return ret; | ||
| 1549 | } | ||
| 1550 | |||
| 1551 | int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx) | ||
| 1552 | { | ||
| 1553 | BIGNUM *a,*b[2],*c,*d,*e; | ||
| 1554 | int i, j, s = 0, t, ret = 0; | ||
| 1555 | unsigned int p0[] = {163,7,6,3,0}; | ||
| 1556 | unsigned int p1[] = {193,15,0}; | ||
| 1557 | |||
| 1558 | a=BN_new(); | ||
| 1559 | b[0]=BN_new(); | ||
| 1560 | b[1]=BN_new(); | ||
| 1561 | c=BN_new(); | ||
| 1562 | d=BN_new(); | ||
| 1563 | e=BN_new(); | ||
| 1564 | |||
| 1565 | BN_GF2m_arr2poly(p0, b[0]); | ||
| 1566 | BN_GF2m_arr2poly(p1, b[1]); | ||
| 1567 | |||
| 1568 | for (i=0; i<num0; i++) | ||
| 1569 | { | ||
| 1570 | BN_bntest_rand(a, 512, 0, 0); | ||
| 1571 | for (j=0; j < 2; j++) | ||
| 1572 | { | ||
| 1573 | t = BN_GF2m_mod_solve_quad(c, a, b[j], ctx); | ||
| 1574 | if (t) | ||
| 1575 | { | ||
| 1576 | s++; | ||
| 1577 | BN_GF2m_mod_sqr(d, c, b[j], ctx); | ||
| 1578 | BN_GF2m_add(d, c, d); | ||
| 1579 | BN_GF2m_mod(e, a, b[j]); | ||
| 1580 | #if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ | ||
| 1581 | if (bp != NULL) | ||
| 1582 | { | ||
| 1583 | if (!results) | ||
| 1584 | { | ||
| 1585 | BN_print(bp,c); | ||
| 1586 | BIO_puts(bp, " is root of z^2 + z = "); | ||
| 1587 | BN_print(bp,a); | ||
| 1588 | BIO_puts(bp, " % "); | ||
| 1589 | BN_print(bp,b[j]); | ||
| 1590 | BIO_puts(bp, "\n"); | ||
| 1591 | } | ||
| 1592 | } | ||
| 1593 | #endif | ||
| 1594 | BN_GF2m_add(e, e, d); | ||
| 1595 | /* Test that solution of quadratic c satisfies c^2 + c = a. */ | ||
| 1596 | if(!BN_is_zero(e)) | ||
| 1597 | { | ||
| 1598 | fprintf(stderr,"GF(2^m) modular solve quadratic test failed!\n"); | ||
| 1599 | goto err; | ||
| 1600 | } | ||
| 1601 | |||
| 1602 | } | ||
| 1603 | else | ||
| 1604 | { | ||
| 1605 | #if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ | ||
| 1606 | if (bp != NULL) | ||
| 1607 | { | ||
| 1608 | if (!results) | ||
| 1609 | { | ||
| 1610 | BIO_puts(bp, "There are no roots of z^2 + z = "); | ||
| 1611 | BN_print(bp,a); | ||
| 1612 | BIO_puts(bp, " % "); | ||
| 1613 | BN_print(bp,b[j]); | ||
| 1614 | BIO_puts(bp, "\n"); | ||
| 1615 | } | ||
| 1616 | } | ||
| 1617 | #endif | ||
| 1618 | } | ||
| 1619 | } | ||
| 1620 | } | ||
| 1621 | if (s == 0) | ||
| 1622 | { | ||
| 1623 | fprintf(stderr,"All %i tests of GF(2^m) modular solve quadratic resulted in no roots;\n", num0); | ||
| 1624 | fprintf(stderr,"this is very unlikely and probably indicates an error.\n"); | ||
| 1625 | goto err; | ||
| 1626 | } | ||
| 1627 | ret = 1; | ||
| 1628 | err: | ||
| 1629 | BN_free(a); | ||
| 1630 | BN_free(b[0]); | ||
| 1631 | BN_free(b[1]); | ||
| 1632 | BN_free(c); | ||
| 1633 | BN_free(d); | ||
| 1634 | BN_free(e); | ||
| 1635 | return ret; | ||
| 1636 | } | ||
| 1637 | |||
| 1638 | static int genprime_cb(int p, int n, BN_GENCB *arg) | ||
| 923 | { | 1639 | { |
| 924 | char c='*'; | 1640 | char c='*'; |
| 925 | 1641 | ||
| @@ -929,12 +1645,12 @@ static void genprime_cb(int p, int n, void *arg) | |||
| 929 | if (p == 3) c='\n'; | 1645 | if (p == 3) c='\n'; |
| 930 | putc(c, stderr); | 1646 | putc(c, stderr); |
| 931 | fflush(stderr); | 1647 | fflush(stderr); |
| 932 | (void)n; | 1648 | return 1; |
| 933 | (void)arg; | ||
| 934 | } | 1649 | } |
| 935 | 1650 | ||
| 936 | int test_kron(BIO *bp, BN_CTX *ctx) | 1651 | int test_kron(BIO *bp, BN_CTX *ctx) |
| 937 | { | 1652 | { |
| 1653 | BN_GENCB cb; | ||
| 938 | BIGNUM *a,*b,*r,*t; | 1654 | BIGNUM *a,*b,*r,*t; |
| 939 | int i; | 1655 | int i; |
| 940 | int legendre, kronecker; | 1656 | int legendre, kronecker; |
| @@ -945,6 +1661,8 @@ int test_kron(BIO *bp, BN_CTX *ctx) | |||
| 945 | r = BN_new(); | 1661 | r = BN_new(); |
| 946 | t = BN_new(); | 1662 | t = BN_new(); |
| 947 | if (a == NULL || b == NULL || r == NULL || t == NULL) goto err; | 1663 | if (a == NULL || b == NULL || r == NULL || t == NULL) goto err; |
| 1664 | |||
| 1665 | BN_GENCB_set(&cb, genprime_cb, NULL); | ||
| 948 | 1666 | ||
| 949 | /* We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol). | 1667 | /* We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol). |
| 950 | * In this case we know that if b is prime, then BN_kronecker(a, b, ctx) | 1668 | * In this case we know that if b is prime, then BN_kronecker(a, b, ctx) |
| @@ -955,7 +1673,7 @@ int test_kron(BIO *bp, BN_CTX *ctx) | |||
| 955 | * don't want to test whether b is prime but whether BN_kronecker | 1673 | * don't want to test whether b is prime but whether BN_kronecker |
| 956 | * works.) */ | 1674 | * works.) */ |
| 957 | 1675 | ||
| 958 | if (!BN_generate_prime(b, 512, 0, NULL, NULL, genprime_cb, NULL)) goto err; | 1676 | if (!BN_generate_prime_ex(b, 512, 0, NULL, NULL, &cb)) goto err; |
| 959 | b->neg = rand_neg(); | 1677 | b->neg = rand_neg(); |
| 960 | putc('\n', stderr); | 1678 | putc('\n', stderr); |
| 961 | 1679 | ||
| @@ -1023,6 +1741,7 @@ int test_kron(BIO *bp, BN_CTX *ctx) | |||
| 1023 | 1741 | ||
| 1024 | int test_sqrt(BIO *bp, BN_CTX *ctx) | 1742 | int test_sqrt(BIO *bp, BN_CTX *ctx) |
| 1025 | { | 1743 | { |
| 1744 | BN_GENCB cb; | ||
| 1026 | BIGNUM *a,*p,*r; | 1745 | BIGNUM *a,*p,*r; |
| 1027 | int i, j; | 1746 | int i, j; |
| 1028 | int ret = 0; | 1747 | int ret = 0; |
| @@ -1031,7 +1750,9 @@ int test_sqrt(BIO *bp, BN_CTX *ctx) | |||
| 1031 | p = BN_new(); | 1750 | p = BN_new(); |
| 1032 | r = BN_new(); | 1751 | r = BN_new(); |
| 1033 | if (a == NULL || p == NULL || r == NULL) goto err; | 1752 | if (a == NULL || p == NULL || r == NULL) goto err; |
| 1034 | 1753 | ||
| 1754 | BN_GENCB_set(&cb, genprime_cb, NULL); | ||
| 1755 | |||
| 1035 | for (i = 0; i < 16; i++) | 1756 | for (i = 0; i < 16; i++) |
| 1036 | { | 1757 | { |
| 1037 | if (i < 8) | 1758 | if (i < 8) |
| @@ -1045,7 +1766,7 @@ int test_sqrt(BIO *bp, BN_CTX *ctx) | |||
| 1045 | if (!BN_set_word(a, 32)) goto err; | 1766 | if (!BN_set_word(a, 32)) goto err; |
| 1046 | if (!BN_set_word(r, 2*i + 1)) goto err; | 1767 | if (!BN_set_word(r, 2*i + 1)) goto err; |
| 1047 | 1768 | ||
| 1048 | if (!BN_generate_prime(p, 256, 0, a, r, genprime_cb, NULL)) goto err; | 1769 | if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb)) goto err; |
| 1049 | putc('\n', stderr); | 1770 | putc('\n', stderr); |
| 1050 | } | 1771 | } |
| 1051 | p->neg = rand_neg(); | 1772 | p->neg = rand_neg(); |
diff --git a/src/lib/libcrypto/bn/exptest.c b/src/lib/libcrypto/bn/exptest.c index 28aaac2ac1..f598a07cf5 100644 --- a/src/lib/libcrypto/bn/exptest.c +++ b/src/lib/libcrypto/bn/exptest.c | |||
| @@ -195,6 +195,9 @@ int main(int argc, char *argv[]) | |||
| 195 | err: | 195 | err: |
| 196 | ERR_load_crypto_strings(); | 196 | ERR_load_crypto_strings(); |
| 197 | ERR_print_errors(out); | 197 | ERR_print_errors(out); |
| 198 | #ifdef OPENSSL_SYS_NETWARE | ||
| 199 | printf("ERROR\n"); | ||
| 200 | #endif | ||
| 198 | EXIT(1); | 201 | EXIT(1); |
| 199 | return(1); | 202 | return(1); |
| 200 | } | 203 | } |
diff --git a/src/lib/libcrypto/buffer/buf_err.c b/src/lib/libcrypto/buffer/buf_err.c index 1fc32a6861..3e25bbe879 100644 --- a/src/lib/libcrypto/buffer/buf_err.c +++ b/src/lib/libcrypto/buffer/buf_err.c | |||
| @@ -70,9 +70,12 @@ | |||
| 70 | 70 | ||
| 71 | static ERR_STRING_DATA BUF_str_functs[]= | 71 | static ERR_STRING_DATA BUF_str_functs[]= |
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(BUF_F_BUF_MEMDUP), "BUF_memdup"}, | ||
| 73 | {ERR_FUNC(BUF_F_BUF_MEM_GROW), "BUF_MEM_grow"}, | 74 | {ERR_FUNC(BUF_F_BUF_MEM_GROW), "BUF_MEM_grow"}, |
| 75 | {ERR_FUNC(BUF_F_BUF_MEM_GROW_CLEAN), "BUF_MEM_grow_clean"}, | ||
| 74 | {ERR_FUNC(BUF_F_BUF_MEM_NEW), "BUF_MEM_new"}, | 76 | {ERR_FUNC(BUF_F_BUF_MEM_NEW), "BUF_MEM_new"}, |
| 75 | {ERR_FUNC(BUF_F_BUF_STRDUP), "BUF_strdup"}, | 77 | {ERR_FUNC(BUF_F_BUF_STRDUP), "BUF_strdup"}, |
| 78 | {ERR_FUNC(BUF_F_BUF_STRNDUP), "BUF_strndup"}, | ||
| 76 | {0,NULL} | 79 | {0,NULL} |
| 77 | }; | 80 | }; |
| 78 | 81 | ||
| @@ -85,15 +88,12 @@ static ERR_STRING_DATA BUF_str_reasons[]= | |||
| 85 | 88 | ||
| 86 | void ERR_load_BUF_strings(void) | 89 | void ERR_load_BUF_strings(void) |
| 87 | { | 90 | { |
| 88 | static int init=1; | 91 | #ifndef OPENSSL_NO_ERR |
| 89 | 92 | ||
| 90 | if (init) | 93 | if (ERR_func_error_string(BUF_str_functs[0].error) == NULL) |
| 91 | { | 94 | { |
| 92 | init=0; | ||
| 93 | #ifndef OPENSSL_NO_ERR | ||
| 94 | ERR_load_strings(0,BUF_str_functs); | 95 | ERR_load_strings(0,BUF_str_functs); |
| 95 | ERR_load_strings(0,BUF_str_reasons); | 96 | ERR_load_strings(0,BUF_str_reasons); |
| 96 | #endif | ||
| 97 | |||
| 98 | } | 97 | } |
| 98 | #endif | ||
| 99 | } | 99 | } |
diff --git a/src/lib/libcrypto/buffer/buffer.c b/src/lib/libcrypto/buffer/buffer.c index d96487e7db..3bf03c7eff 100644 --- a/src/lib/libcrypto/buffer/buffer.c +++ b/src/lib/libcrypto/buffer/buffer.c | |||
| @@ -149,7 +149,7 @@ int BUF_MEM_grow_clean(BUF_MEM *str, int len) | |||
| 149 | ret=OPENSSL_realloc_clean(str->data,str->max,n); | 149 | ret=OPENSSL_realloc_clean(str->data,str->max,n); |
| 150 | if (ret == NULL) | 150 | if (ret == NULL) |
| 151 | { | 151 | { |
| 152 | BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE); | 152 | BUFerr(BUF_F_BUF_MEM_GROW_CLEAN,ERR_R_MALLOC_FAILURE); |
| 153 | len=0; | 153 | len=0; |
| 154 | } | 154 | } |
| 155 | else | 155 | else |
| @@ -164,22 +164,41 @@ int BUF_MEM_grow_clean(BUF_MEM *str, int len) | |||
| 164 | 164 | ||
| 165 | char *BUF_strdup(const char *str) | 165 | char *BUF_strdup(const char *str) |
| 166 | { | 166 | { |
| 167 | if (str == NULL) return(NULL); | ||
| 168 | return BUF_strndup(str, strlen(str)); | ||
| 169 | } | ||
| 170 | |||
| 171 | char *BUF_strndup(const char *str, size_t siz) | ||
| 172 | { | ||
| 167 | char *ret; | 173 | char *ret; |
| 168 | int n; | ||
| 169 | 174 | ||
| 170 | if (str == NULL) return(NULL); | 175 | if (str == NULL) return(NULL); |
| 171 | 176 | ||
| 172 | n=strlen(str); | 177 | ret=OPENSSL_malloc(siz+1); |
| 173 | ret=OPENSSL_malloc(n+1); | ||
| 174 | if (ret == NULL) | 178 | if (ret == NULL) |
| 175 | { | 179 | { |
| 176 | BUFerr(BUF_F_BUF_STRDUP,ERR_R_MALLOC_FAILURE); | 180 | BUFerr(BUF_F_BUF_STRNDUP,ERR_R_MALLOC_FAILURE); |
| 177 | return(NULL); | 181 | return(NULL); |
| 178 | } | 182 | } |
| 179 | memcpy(ret,str,n+1); | 183 | BUF_strlcpy(ret,str,siz+1); |
| 180 | return(ret); | 184 | return(ret); |
| 181 | } | 185 | } |
| 182 | 186 | ||
| 187 | void *BUF_memdup(const void *data, size_t siz) | ||
| 188 | { | ||
| 189 | void *ret; | ||
| 190 | |||
| 191 | if (data == NULL) return(NULL); | ||
| 192 | |||
| 193 | ret=OPENSSL_malloc(siz); | ||
| 194 | if (ret == NULL) | ||
| 195 | { | ||
| 196 | BUFerr(BUF_F_BUF_MEMDUP,ERR_R_MALLOC_FAILURE); | ||
| 197 | return(NULL); | ||
| 198 | } | ||
| 199 | return memcpy(ret, data, siz); | ||
| 200 | } | ||
| 201 | |||
| 183 | size_t BUF_strlcpy(char *dst, const char *src, size_t size) | 202 | size_t BUF_strlcpy(char *dst, const char *src, size_t size) |
| 184 | { | 203 | { |
| 185 | size_t l = 0; | 204 | size_t l = 0; |
diff --git a/src/lib/libcrypto/buffer/buffer.h b/src/lib/libcrypto/buffer/buffer.h index 465dc34f3f..1db9607450 100644 --- a/src/lib/libcrypto/buffer/buffer.h +++ b/src/lib/libcrypto/buffer/buffer.h | |||
| @@ -59,25 +59,35 @@ | |||
| 59 | #ifndef HEADER_BUFFER_H | 59 | #ifndef HEADER_BUFFER_H |
| 60 | #define HEADER_BUFFER_H | 60 | #define HEADER_BUFFER_H |
| 61 | 61 | ||
| 62 | #include <openssl/ossl_typ.h> | ||
| 63 | |||
| 62 | #ifdef __cplusplus | 64 | #ifdef __cplusplus |
| 63 | extern "C" { | 65 | extern "C" { |
| 64 | #endif | 66 | #endif |
| 65 | 67 | ||
| 66 | #include <stddef.h> | 68 | #include <stddef.h> |
| 69 | |||
| 70 | #if !defined(NO_SYS_TYPES_H) | ||
| 67 | #include <sys/types.h> | 71 | #include <sys/types.h> |
| 72 | #endif | ||
| 73 | |||
| 74 | /* Already declared in ossl_typ.h */ | ||
| 75 | /* typedef struct buf_mem_st BUF_MEM; */ | ||
| 68 | 76 | ||
| 69 | typedef struct buf_mem_st | 77 | struct buf_mem_st |
| 70 | { | 78 | { |
| 71 | int length; /* current number of bytes */ | 79 | int length; /* current number of bytes */ |
| 72 | char *data; | 80 | char *data; |
| 73 | int max; /* size of buffer */ | 81 | int max; /* size of buffer */ |
| 74 | } BUF_MEM; | 82 | }; |
| 75 | 83 | ||
| 76 | BUF_MEM *BUF_MEM_new(void); | 84 | BUF_MEM *BUF_MEM_new(void); |
| 77 | void BUF_MEM_free(BUF_MEM *a); | 85 | void BUF_MEM_free(BUF_MEM *a); |
| 78 | int BUF_MEM_grow(BUF_MEM *str, int len); | 86 | int BUF_MEM_grow(BUF_MEM *str, int len); |
| 79 | int BUF_MEM_grow_clean(BUF_MEM *str, int len); | 87 | int BUF_MEM_grow_clean(BUF_MEM *str, int len); |
| 80 | char * BUF_strdup(const char *str); | 88 | char * BUF_strdup(const char *str); |
| 89 | char * BUF_strndup(const char *str, size_t siz); | ||
| 90 | void * BUF_memdup(const void *data, size_t siz); | ||
| 81 | 91 | ||
| 82 | /* safe string functions */ | 92 | /* safe string functions */ |
| 83 | size_t BUF_strlcpy(char *dst,const char *src,size_t siz); | 93 | size_t BUF_strlcpy(char *dst,const char *src,size_t siz); |
| @@ -93,9 +103,12 @@ void ERR_load_BUF_strings(void); | |||
| 93 | /* Error codes for the BUF functions. */ | 103 | /* Error codes for the BUF functions. */ |
| 94 | 104 | ||
| 95 | /* Function codes. */ | 105 | /* Function codes. */ |
| 106 | #define BUF_F_BUF_MEMDUP 103 | ||
| 96 | #define BUF_F_BUF_MEM_GROW 100 | 107 | #define BUF_F_BUF_MEM_GROW 100 |
| 108 | #define BUF_F_BUF_MEM_GROW_CLEAN 105 | ||
| 97 | #define BUF_F_BUF_MEM_NEW 101 | 109 | #define BUF_F_BUF_MEM_NEW 101 |
| 98 | #define BUF_F_BUF_STRDUP 102 | 110 | #define BUF_F_BUF_STRDUP 102 |
| 111 | #define BUF_F_BUF_STRNDUP 104 | ||
| 99 | 112 | ||
| 100 | /* Reason codes. */ | 113 | /* Reason codes. */ |
| 101 | 114 | ||
diff --git a/src/lib/libcrypto/cast/c_ecb.c b/src/lib/libcrypto/cast/c_ecb.c index 0b3da9ad87..f2dc606226 100644 --- a/src/lib/libcrypto/cast/c_ecb.c +++ b/src/lib/libcrypto/cast/c_ecb.c | |||
| @@ -60,7 +60,7 @@ | |||
| 60 | #include "cast_lcl.h" | 60 | #include "cast_lcl.h" |
| 61 | #include <openssl/opensslv.h> | 61 | #include <openssl/opensslv.h> |
| 62 | 62 | ||
| 63 | const char *CAST_version="CAST" OPENSSL_VERSION_PTEXT; | 63 | const char CAST_version[]="CAST" OPENSSL_VERSION_PTEXT; |
| 64 | 64 | ||
| 65 | void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, | 65 | void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, |
| 66 | CAST_KEY *ks, int enc) | 66 | CAST_KEY *ks, int enc) |
diff --git a/src/lib/libcrypto/cast/c_skey.c b/src/lib/libcrypto/cast/c_skey.c index db9b7573e0..76e40005c9 100644 --- a/src/lib/libcrypto/cast/c_skey.c +++ b/src/lib/libcrypto/cast/c_skey.c | |||
| @@ -56,10 +56,7 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/crypto.h> | ||
| 60 | #include <openssl/fips.h> | ||
| 61 | #include <openssl/cast.h> | 59 | #include <openssl/cast.h> |
| 62 | |||
| 63 | #include "cast_lcl.h" | 60 | #include "cast_lcl.h" |
| 64 | #include "cast_s.h" | 61 | #include "cast_s.h" |
| 65 | 62 | ||
| @@ -75,7 +72,7 @@ | |||
| 75 | #define S6 CAST_S_table6 | 72 | #define S6 CAST_S_table6 |
| 76 | #define S7 CAST_S_table7 | 73 | #define S7 CAST_S_table7 |
| 77 | 74 | ||
| 78 | FIPS_NON_FIPS_VCIPHER_Init(CAST) | 75 | void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data) |
| 79 | { | 76 | { |
| 80 | CAST_LONG x[16]; | 77 | CAST_LONG x[16]; |
| 81 | CAST_LONG z[16]; | 78 | CAST_LONG z[16]; |
diff --git a/src/lib/libcrypto/cast/cast.h b/src/lib/libcrypto/cast/cast.h index 9e300178d9..90b45b950a 100644 --- a/src/lib/libcrypto/cast/cast.h +++ b/src/lib/libcrypto/cast/cast.h | |||
| @@ -63,6 +63,8 @@ | |||
| 63 | extern "C" { | 63 | extern "C" { |
| 64 | #endif | 64 | #endif |
| 65 | 65 | ||
| 66 | #include <openssl/opensslconf.h> | ||
| 67 | |||
| 66 | #ifdef OPENSSL_NO_CAST | 68 | #ifdef OPENSSL_NO_CAST |
| 67 | #error CAST is disabled. | 69 | #error CAST is disabled. |
| 68 | #endif | 70 | #endif |
| @@ -81,10 +83,7 @@ typedef struct cast_key_st | |||
| 81 | int short_key; /* Use reduced rounds for short key */ | 83 | int short_key; /* Use reduced rounds for short key */ |
| 82 | } CAST_KEY; | 84 | } CAST_KEY; |
| 83 | 85 | ||
| 84 | 86 | ||
| 85 | #ifdef OPENSSL_FIPS | ||
| 86 | void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); | ||
| 87 | #endif | ||
| 88 | void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); | 87 | void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); |
| 89 | void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key, | 88 | void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key, |
| 90 | int enc); | 89 | int enc); |
diff --git a/src/lib/libcrypto/cast/cast_spd.c b/src/lib/libcrypto/cast/cast_spd.c index 76abf50d98..d650af475c 100644 --- a/src/lib/libcrypto/cast/cast_spd.c +++ b/src/lib/libcrypto/cast/cast_spd.c | |||
| @@ -69,7 +69,10 @@ | |||
| 69 | #include OPENSSL_UNISTD_IO | 69 | #include OPENSSL_UNISTD_IO |
| 70 | OPENSSL_DECLARE_EXIT | 70 | OPENSSL_DECLARE_EXIT |
| 71 | 71 | ||
| 72 | #ifndef OPENSSL_SYS_NETWARE | ||
| 72 | #include <signal.h> | 73 | #include <signal.h> |
| 74 | #endif | ||
| 75 | |||
| 73 | #ifndef _IRIX | 76 | #ifndef _IRIX |
| 74 | #include <time.h> | 77 | #include <time.h> |
| 75 | #endif | 78 | #endif |
diff --git a/src/lib/libcrypto/cast/castopts.c b/src/lib/libcrypto/cast/castopts.c index 1b858d153b..33b2c7b06f 100644 --- a/src/lib/libcrypto/cast/castopts.c +++ b/src/lib/libcrypto/cast/castopts.c | |||
| @@ -69,7 +69,10 @@ | |||
| 69 | #include OPENSSL_UNISTD_IO | 69 | #include OPENSSL_UNISTD_IO |
| 70 | OPENSSL_DECLARE_EXIT | 70 | OPENSSL_DECLARE_EXIT |
| 71 | 71 | ||
| 72 | #ifndef OPENSSL_SYS_NETWARE | ||
| 72 | #include <signal.h> | 73 | #include <signal.h> |
| 74 | #endif | ||
| 75 | |||
| 73 | #ifndef _IRIX | 76 | #ifndef _IRIX |
| 74 | #include <time.h> | 77 | #include <time.h> |
| 75 | #endif | 78 | #endif |
diff --git a/src/lib/libcrypto/cast/casttest.c b/src/lib/libcrypto/cast/casttest.c index 83e5a16c73..0d020d6975 100644 --- a/src/lib/libcrypto/cast/casttest.c +++ b/src/lib/libcrypto/cast/casttest.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | #include <openssl/opensslconf.h> /* To see if OPENSSL_NO_CAST is defined */ | ||
| 62 | 63 | ||
| 63 | #include "../e_os.h" | 64 | #include "../e_os.h" |
| 64 | 65 | ||
diff --git a/src/lib/libcrypto/comp/c_zlib.c b/src/lib/libcrypto/comp/c_zlib.c index 5fcb521ffb..0f34597e70 100644 --- a/src/lib/libcrypto/comp/c_zlib.c +++ b/src/lib/libcrypto/comp/c_zlib.c | |||
| @@ -24,6 +24,32 @@ static COMP_METHOD zlib_method_nozlib={ | |||
| 24 | 24 | ||
| 25 | #include <zlib.h> | 25 | #include <zlib.h> |
| 26 | 26 | ||
| 27 | static int zlib_stateful_init(COMP_CTX *ctx); | ||
| 28 | static void zlib_stateful_finish(COMP_CTX *ctx); | ||
| 29 | static int zlib_stateful_compress_block(COMP_CTX *ctx, unsigned char *out, | ||
| 30 | unsigned int olen, unsigned char *in, unsigned int ilen); | ||
| 31 | static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out, | ||
| 32 | unsigned int olen, unsigned char *in, unsigned int ilen); | ||
| 33 | |||
| 34 | |||
| 35 | /* memory allocations functions for zlib intialization */ | ||
| 36 | static void* zlib_zalloc(void* opaque, unsigned int no, unsigned int size) | ||
| 37 | { | ||
| 38 | void *p; | ||
| 39 | |||
| 40 | p=OPENSSL_malloc(no*size); | ||
| 41 | if (p) | ||
| 42 | memset(p, 0, no*size); | ||
| 43 | return p; | ||
| 44 | } | ||
| 45 | |||
| 46 | |||
| 47 | static void zlib_zfree(void* opaque, void* address) | ||
| 48 | { | ||
| 49 | OPENSSL_free(address); | ||
| 50 | } | ||
| 51 | |||
| 52 | #if 0 | ||
| 27 | static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, | 53 | static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, |
| 28 | unsigned int olen, unsigned char *in, unsigned int ilen); | 54 | unsigned int olen, unsigned char *in, unsigned int ilen); |
| 29 | static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out, | 55 | static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out, |
| @@ -32,7 +58,7 @@ static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out, | |||
| 32 | static int zz_uncompress(Bytef *dest, uLongf *destLen, const Bytef *source, | 58 | static int zz_uncompress(Bytef *dest, uLongf *destLen, const Bytef *source, |
| 33 | uLong sourceLen); | 59 | uLong sourceLen); |
| 34 | 60 | ||
| 35 | static COMP_METHOD zlib_method={ | 61 | static COMP_METHOD zlib_stateless_method={ |
| 36 | NID_zlib_compression, | 62 | NID_zlib_compression, |
| 37 | LN_zlib_compression, | 63 | LN_zlib_compression, |
| 38 | NULL, | 64 | NULL, |
| @@ -42,12 +68,24 @@ static COMP_METHOD zlib_method={ | |||
| 42 | NULL, | 68 | NULL, |
| 43 | NULL, | 69 | NULL, |
| 44 | }; | 70 | }; |
| 71 | #endif | ||
| 72 | |||
| 73 | static COMP_METHOD zlib_stateful_method={ | ||
| 74 | NID_zlib_compression, | ||
| 75 | LN_zlib_compression, | ||
| 76 | zlib_stateful_init, | ||
| 77 | zlib_stateful_finish, | ||
| 78 | zlib_stateful_compress_block, | ||
| 79 | zlib_stateful_expand_block, | ||
| 80 | NULL, | ||
| 81 | NULL, | ||
| 82 | }; | ||
| 45 | 83 | ||
| 46 | /* | 84 | /* |
| 47 | * When OpenSSL is built on Windows, we do not want to require that | 85 | * When OpenSSL is built on Windows, we do not want to require that |
| 48 | * the ZLIB.DLL be available in order for the OpenSSL DLLs to | 86 | * the ZLIB.DLL be available in order for the OpenSSL DLLs to |
| 49 | * work. Therefore, all ZLIB routines are loaded at run time | 87 | * work. Therefore, all ZLIB routines are loaded at run time |
| 50 | * and we do not link to a .LIB file. | 88 | * and we do not link to a .LIB file when ZLIB_SHARED is set. |
| 51 | */ | 89 | */ |
| 52 | #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) | 90 | #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) |
| 53 | # include <windows.h> | 91 | # include <windows.h> |
| @@ -63,10 +101,19 @@ typedef int (*inflateEnd_ft)(z_streamp strm); | |||
| 63 | typedef int (*inflate_ft)(z_streamp strm, int flush); | 101 | typedef int (*inflate_ft)(z_streamp strm, int flush); |
| 64 | typedef int (*inflateInit__ft)(z_streamp strm, | 102 | typedef int (*inflateInit__ft)(z_streamp strm, |
| 65 | const char * version, int stream_size); | 103 | const char * version, int stream_size); |
| 104 | typedef int (*deflateEnd_ft)(z_streamp strm); | ||
| 105 | typedef int (*deflate_ft)(z_streamp strm, int flush); | ||
| 106 | typedef int (*deflateInit__ft)(z_streamp strm, int level, | ||
| 107 | const char * version, int stream_size); | ||
| 108 | typedef const char * (*zError__ft)(int err); | ||
| 66 | static compress_ft p_compress=NULL; | 109 | static compress_ft p_compress=NULL; |
| 67 | static inflateEnd_ft p_inflateEnd=NULL; | 110 | static inflateEnd_ft p_inflateEnd=NULL; |
| 68 | static inflate_ft p_inflate=NULL; | 111 | static inflate_ft p_inflate=NULL; |
| 69 | static inflateInit__ft p_inflateInit_=NULL; | 112 | static inflateInit__ft p_inflateInit_=NULL; |
| 113 | static deflateEnd_ft p_deflateEnd=NULL; | ||
| 114 | static deflate_ft p_deflate=NULL; | ||
| 115 | static deflateInit__ft p_deflateInit_=NULL; | ||
| 116 | static zError__ft p_zError=NULL; | ||
| 70 | 117 | ||
| 71 | static int zlib_loaded = 0; /* only attempt to init func pts once */ | 118 | static int zlib_loaded = 0; /* only attempt to init func pts once */ |
| 72 | static DSO *zlib_dso = NULL; | 119 | static DSO *zlib_dso = NULL; |
| @@ -75,10 +122,133 @@ static DSO *zlib_dso = NULL; | |||
| 75 | #define inflateEnd p_inflateEnd | 122 | #define inflateEnd p_inflateEnd |
| 76 | #define inflate p_inflate | 123 | #define inflate p_inflate |
| 77 | #define inflateInit_ p_inflateInit_ | 124 | #define inflateInit_ p_inflateInit_ |
| 125 | #define deflateEnd p_deflateEnd | ||
| 126 | #define deflate p_deflate | ||
| 127 | #define deflateInit_ p_deflateInit_ | ||
| 128 | #define zError p_zError | ||
| 78 | #endif /* ZLIB_SHARED */ | 129 | #endif /* ZLIB_SHARED */ |
| 79 | 130 | ||
| 131 | struct zlib_state | ||
| 132 | { | ||
| 133 | z_stream istream; | ||
| 134 | z_stream ostream; | ||
| 135 | }; | ||
| 136 | |||
| 137 | static int zlib_stateful_ex_idx = -1; | ||
| 138 | |||
| 139 | static void zlib_stateful_free_ex_data(void *obj, void *item, | ||
| 140 | CRYPTO_EX_DATA *ad, int ind,long argl, void *argp) | ||
| 141 | { | ||
| 142 | struct zlib_state *state = (struct zlib_state *)item; | ||
| 143 | inflateEnd(&state->istream); | ||
| 144 | deflateEnd(&state->ostream); | ||
| 145 | OPENSSL_free(state); | ||
| 146 | } | ||
| 147 | |||
| 148 | static int zlib_stateful_init(COMP_CTX *ctx) | ||
| 149 | { | ||
| 150 | int err; | ||
| 151 | struct zlib_state *state = | ||
| 152 | (struct zlib_state *)OPENSSL_malloc(sizeof(struct zlib_state)); | ||
| 153 | |||
| 154 | if (state == NULL) | ||
| 155 | goto err; | ||
| 156 | |||
| 157 | state->istream.zalloc = zlib_zalloc; | ||
| 158 | state->istream.zfree = zlib_zfree; | ||
| 159 | state->istream.opaque = Z_NULL; | ||
| 160 | state->istream.next_in = Z_NULL; | ||
| 161 | state->istream.next_out = Z_NULL; | ||
| 162 | state->istream.avail_in = 0; | ||
| 163 | state->istream.avail_out = 0; | ||
| 164 | err = inflateInit_(&state->istream, | ||
| 165 | ZLIB_VERSION, sizeof(z_stream)); | ||
| 166 | if (err != Z_OK) | ||
| 167 | goto err; | ||
| 168 | |||
| 169 | state->ostream.zalloc = zlib_zalloc; | ||
| 170 | state->ostream.zfree = zlib_zfree; | ||
| 171 | state->ostream.opaque = Z_NULL; | ||
| 172 | state->ostream.next_in = Z_NULL; | ||
| 173 | state->ostream.next_out = Z_NULL; | ||
| 174 | state->ostream.avail_in = 0; | ||
| 175 | state->ostream.avail_out = 0; | ||
| 176 | err = deflateInit_(&state->ostream,Z_DEFAULT_COMPRESSION, | ||
| 177 | ZLIB_VERSION, sizeof(z_stream)); | ||
| 178 | if (err != Z_OK) | ||
| 179 | goto err; | ||
| 180 | |||
| 181 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data); | ||
| 182 | CRYPTO_set_ex_data(&ctx->ex_data,zlib_stateful_ex_idx,state); | ||
| 183 | return 1; | ||
| 184 | err: | ||
| 185 | if (state) OPENSSL_free(state); | ||
| 186 | return 0; | ||
| 187 | } | ||
| 188 | |||
| 189 | static void zlib_stateful_finish(COMP_CTX *ctx) | ||
| 190 | { | ||
| 191 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data); | ||
| 192 | } | ||
| 193 | |||
| 194 | static int zlib_stateful_compress_block(COMP_CTX *ctx, unsigned char *out, | ||
| 195 | unsigned int olen, unsigned char *in, unsigned int ilen) | ||
| 196 | { | ||
| 197 | int err = Z_OK; | ||
| 198 | struct zlib_state *state = | ||
| 199 | (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data, | ||
| 200 | zlib_stateful_ex_idx); | ||
| 201 | |||
| 202 | if (state == NULL) | ||
| 203 | return -1; | ||
| 204 | |||
| 205 | state->ostream.next_in = in; | ||
| 206 | state->ostream.avail_in = ilen; | ||
| 207 | state->ostream.next_out = out; | ||
| 208 | state->ostream.avail_out = olen; | ||
| 209 | if (ilen > 0) | ||
| 210 | err = deflate(&state->ostream, Z_SYNC_FLUSH); | ||
| 211 | if (err != Z_OK) | ||
| 212 | return -1; | ||
| 213 | #ifdef DEBUG_ZLIB | ||
| 214 | fprintf(stderr,"compress(%4d)->%4d %s\n", | ||
| 215 | ilen,olen - state->ostream.avail_out, | ||
| 216 | (ilen != olen - state->ostream.avail_out)?"zlib":"clear"); | ||
| 217 | #endif | ||
| 218 | return olen - state->ostream.avail_out; | ||
| 219 | } | ||
| 220 | |||
| 221 | static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out, | ||
| 222 | unsigned int olen, unsigned char *in, unsigned int ilen) | ||
| 223 | { | ||
| 224 | int err = Z_OK; | ||
| 225 | |||
| 226 | struct zlib_state *state = | ||
| 227 | (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data, | ||
| 228 | zlib_stateful_ex_idx); | ||
| 229 | |||
| 230 | if (state == NULL) | ||
| 231 | return 0; | ||
| 232 | |||
| 233 | state->istream.next_in = in; | ||
| 234 | state->istream.avail_in = ilen; | ||
| 235 | state->istream.next_out = out; | ||
| 236 | state->istream.avail_out = olen; | ||
| 237 | if (ilen > 0) | ||
| 238 | err = inflate(&state->istream, Z_SYNC_FLUSH); | ||
| 239 | if (err != Z_OK) | ||
| 240 | return -1; | ||
| 241 | #ifdef DEBUG_ZLIB | ||
| 242 | fprintf(stderr,"expand(%4d)->%4d %s\n", | ||
| 243 | ilen,olen - state->istream.avail_out, | ||
| 244 | (ilen != olen - state->istream.avail_out)?"zlib":"clear"); | ||
| 245 | #endif | ||
| 246 | return olen - state->istream.avail_out; | ||
| 247 | } | ||
| 248 | |||
| 249 | #if 0 | ||
| 80 | static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, | 250 | static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, |
| 81 | unsigned int olen, unsigned char *in, unsigned int ilen) | 251 | unsigned int olen, unsigned char *in, unsigned int ilen) |
| 82 | { | 252 | { |
| 83 | unsigned long l; | 253 | unsigned long l; |
| 84 | int i; | 254 | int i; |
| @@ -111,7 +281,7 @@ static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, | |||
| 111 | } | 281 | } |
| 112 | 282 | ||
| 113 | static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out, | 283 | static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out, |
| 114 | unsigned int olen, unsigned char *in, unsigned int ilen) | 284 | unsigned int olen, unsigned char *in, unsigned int ilen) |
| 115 | { | 285 | { |
| 116 | unsigned long l; | 286 | unsigned long l; |
| 117 | int i; | 287 | int i; |
| @@ -153,7 +323,8 @@ static int zz_uncompress (Bytef *dest, uLongf *destLen, const Bytef *source, | |||
| 153 | stream.zalloc = (alloc_func)0; | 323 | stream.zalloc = (alloc_func)0; |
| 154 | stream.zfree = (free_func)0; | 324 | stream.zfree = (free_func)0; |
| 155 | 325 | ||
| 156 | err = inflateInit(&stream); | 326 | err = inflateInit_(&stream, |
| 327 | ZLIB_VERSION, sizeof(z_stream)); | ||
| 157 | if (err != Z_OK) return err; | 328 | if (err != Z_OK) return err; |
| 158 | 329 | ||
| 159 | err = inflate(&stream, Z_FINISH); | 330 | err = inflate(&stream, Z_FINISH); |
| @@ -166,6 +337,7 @@ static int zz_uncompress (Bytef *dest, uLongf *destLen, const Bytef *source, | |||
| 166 | err = inflateEnd(&stream); | 337 | err = inflateEnd(&stream); |
| 167 | return err; | 338 | return err; |
| 168 | } | 339 | } |
| 340 | #endif | ||
| 169 | 341 | ||
| 170 | #endif | 342 | #endif |
| 171 | 343 | ||
| @@ -195,9 +367,22 @@ COMP_METHOD *COMP_zlib(void) | |||
| 195 | p_inflateInit_ | 367 | p_inflateInit_ |
| 196 | = (inflateInit__ft) DSO_bind_func(zlib_dso, | 368 | = (inflateInit__ft) DSO_bind_func(zlib_dso, |
| 197 | "inflateInit_"); | 369 | "inflateInit_"); |
| 370 | p_deflateEnd | ||
| 371 | = (deflateEnd_ft) DSO_bind_func(zlib_dso, | ||
| 372 | "deflateEnd"); | ||
| 373 | p_deflate | ||
| 374 | = (deflate_ft) DSO_bind_func(zlib_dso, | ||
| 375 | "deflate"); | ||
| 376 | p_deflateInit_ | ||
| 377 | = (deflateInit__ft) DSO_bind_func(zlib_dso, | ||
| 378 | "deflateInit_"); | ||
| 379 | p_zError | ||
| 380 | = (zError__ft) DSO_bind_func(zlib_dso, | ||
| 381 | "zError"); | ||
| 198 | 382 | ||
| 199 | if (p_compress && p_inflateEnd && p_inflate | 383 | if (p_compress && p_inflateEnd && p_inflate |
| 200 | && p_inflateInit_) | 384 | && p_inflateInit_ && p_deflateEnd |
| 385 | && p_deflate && p_deflateInit_ && p_zError) | ||
| 201 | zlib_loaded++; | 386 | zlib_loaded++; |
| 202 | } | 387 | } |
| 203 | } | 388 | } |
| @@ -207,9 +392,410 @@ COMP_METHOD *COMP_zlib(void) | |||
| 207 | if (zlib_loaded) | 392 | if (zlib_loaded) |
| 208 | #endif | 393 | #endif |
| 209 | #if defined(ZLIB) || defined(ZLIB_SHARED) | 394 | #if defined(ZLIB) || defined(ZLIB_SHARED) |
| 210 | meth = &zlib_method; | 395 | { |
| 396 | /* init zlib_stateful_ex_idx here so that in a multi-process | ||
| 397 | * application it's enough to intialize openssl before forking | ||
| 398 | * (idx will be inherited in all the children) */ | ||
| 399 | if (zlib_stateful_ex_idx == -1) | ||
| 400 | { | ||
| 401 | CRYPTO_w_lock(CRYPTO_LOCK_COMP); | ||
| 402 | if (zlib_stateful_ex_idx == -1) | ||
| 403 | zlib_stateful_ex_idx = | ||
| 404 | CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP, | ||
| 405 | 0,NULL,NULL,NULL,zlib_stateful_free_ex_data); | ||
| 406 | CRYPTO_w_unlock(CRYPTO_LOCK_COMP); | ||
| 407 | if (zlib_stateful_ex_idx == -1) | ||
| 408 | goto err; | ||
| 409 | } | ||
| 410 | |||
| 411 | meth = &zlib_stateful_method; | ||
| 412 | } | ||
| 413 | err: | ||
| 211 | #endif | 414 | #endif |
| 212 | 415 | ||
| 213 | return(meth); | 416 | return(meth); |
| 214 | } | 417 | } |
| 215 | 418 | ||
| 419 | void COMP_zlib_cleanup(void) | ||
| 420 | { | ||
| 421 | #ifdef ZLIB_SHARED | ||
| 422 | if (zlib_dso) | ||
| 423 | DSO_free(zlib_dso); | ||
| 424 | #endif | ||
| 425 | } | ||
| 426 | |||
| 427 | #ifdef ZLIB | ||
| 428 | |||
| 429 | /* Zlib based compression/decompression filter BIO */ | ||
| 430 | |||
| 431 | typedef struct | ||
| 432 | { | ||
| 433 | unsigned char *ibuf; /* Input buffer */ | ||
| 434 | int ibufsize; /* Buffer size */ | ||
| 435 | z_stream zin; /* Input decompress context */ | ||
| 436 | unsigned char *obuf; /* Output buffer */ | ||
| 437 | int obufsize; /* Output buffer size */ | ||
| 438 | unsigned char *optr; /* Position in output buffer */ | ||
| 439 | int ocount; /* Amount of data in output buffer */ | ||
| 440 | int odone; /* deflate EOF */ | ||
| 441 | int comp_level; /* Compression level to use */ | ||
| 442 | z_stream zout; /* Output compression context */ | ||
| 443 | } BIO_ZLIB_CTX; | ||
| 444 | |||
| 445 | #define ZLIB_DEFAULT_BUFSIZE 1024 | ||
| 446 | |||
| 447 | static int bio_zlib_new(BIO *bi); | ||
| 448 | static int bio_zlib_free(BIO *bi); | ||
| 449 | static int bio_zlib_read(BIO *b, char *out, int outl); | ||
| 450 | static int bio_zlib_write(BIO *b, const char *in, int inl); | ||
| 451 | static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr); | ||
| 452 | static long bio_zlib_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp); | ||
| 453 | |||
| 454 | static BIO_METHOD bio_meth_zlib = | ||
| 455 | { | ||
| 456 | BIO_TYPE_COMP, | ||
| 457 | "zlib", | ||
| 458 | bio_zlib_write, | ||
| 459 | bio_zlib_read, | ||
| 460 | NULL, | ||
| 461 | NULL, | ||
| 462 | bio_zlib_ctrl, | ||
| 463 | bio_zlib_new, | ||
| 464 | bio_zlib_free, | ||
| 465 | bio_zlib_callback_ctrl | ||
| 466 | }; | ||
| 467 | |||
| 468 | BIO_METHOD *BIO_f_zlib(void) | ||
| 469 | { | ||
| 470 | return &bio_meth_zlib; | ||
| 471 | } | ||
| 472 | |||
| 473 | |||
| 474 | static int bio_zlib_new(BIO *bi) | ||
| 475 | { | ||
| 476 | BIO_ZLIB_CTX *ctx; | ||
| 477 | #ifdef ZLIB_SHARED | ||
| 478 | (void)COMP_zlib(); | ||
| 479 | if (!zlib_loaded) | ||
| 480 | { | ||
| 481 | COMPerr(COMP_F_BIO_ZLIB_NEW, COMP_R_ZLIB_NOT_SUPPORTED); | ||
| 482 | return 0; | ||
| 483 | } | ||
| 484 | #endif | ||
| 485 | ctx = OPENSSL_malloc(sizeof(BIO_ZLIB_CTX)); | ||
| 486 | if(!ctx) | ||
| 487 | { | ||
| 488 | COMPerr(COMP_F_BIO_ZLIB_NEW, ERR_R_MALLOC_FAILURE); | ||
| 489 | return 0; | ||
| 490 | } | ||
| 491 | ctx->ibuf = NULL; | ||
| 492 | ctx->obuf = NULL; | ||
| 493 | ctx->ibufsize = ZLIB_DEFAULT_BUFSIZE; | ||
| 494 | ctx->obufsize = ZLIB_DEFAULT_BUFSIZE; | ||
| 495 | ctx->zin.zalloc = Z_NULL; | ||
| 496 | ctx->zin.zfree = Z_NULL; | ||
| 497 | ctx->zin.next_in = NULL; | ||
| 498 | ctx->zin.avail_in = 0; | ||
| 499 | ctx->zin.next_out = NULL; | ||
| 500 | ctx->zin.avail_out = 0; | ||
| 501 | ctx->zout.zalloc = Z_NULL; | ||
| 502 | ctx->zout.zfree = Z_NULL; | ||
| 503 | ctx->zout.next_in = NULL; | ||
| 504 | ctx->zout.avail_in = 0; | ||
| 505 | ctx->zout.next_out = NULL; | ||
| 506 | ctx->zout.avail_out = 0; | ||
| 507 | ctx->odone = 0; | ||
| 508 | ctx->comp_level = Z_DEFAULT_COMPRESSION; | ||
| 509 | bi->init = 1; | ||
| 510 | bi->ptr = (char *)ctx; | ||
| 511 | bi->flags = 0; | ||
| 512 | return 1; | ||
| 513 | } | ||
| 514 | |||
| 515 | static int bio_zlib_free(BIO *bi) | ||
| 516 | { | ||
| 517 | BIO_ZLIB_CTX *ctx; | ||
| 518 | if(!bi) return 0; | ||
| 519 | ctx = (BIO_ZLIB_CTX *)bi->ptr; | ||
| 520 | if(ctx->ibuf) | ||
| 521 | { | ||
| 522 | /* Destroy decompress context */ | ||
| 523 | inflateEnd(&ctx->zin); | ||
| 524 | OPENSSL_free(ctx->ibuf); | ||
| 525 | } | ||
| 526 | if(ctx->obuf) | ||
| 527 | { | ||
| 528 | /* Destroy compress context */ | ||
| 529 | deflateEnd(&ctx->zout); | ||
| 530 | OPENSSL_free(ctx->obuf); | ||
| 531 | } | ||
| 532 | OPENSSL_free(ctx); | ||
| 533 | bi->ptr = NULL; | ||
| 534 | bi->init = 0; | ||
| 535 | bi->flags = 0; | ||
| 536 | return 1; | ||
| 537 | } | ||
| 538 | |||
| 539 | static int bio_zlib_read(BIO *b, char *out, int outl) | ||
| 540 | { | ||
| 541 | BIO_ZLIB_CTX *ctx; | ||
| 542 | int ret; | ||
| 543 | z_stream *zin; | ||
| 544 | if(!out || !outl) return 0; | ||
| 545 | ctx = (BIO_ZLIB_CTX *)b->ptr; | ||
| 546 | zin = &ctx->zin; | ||
| 547 | BIO_clear_retry_flags(b); | ||
| 548 | if(!ctx->ibuf) | ||
| 549 | { | ||
| 550 | ctx->ibuf = OPENSSL_malloc(ctx->ibufsize); | ||
| 551 | if(!ctx->ibuf) | ||
| 552 | { | ||
| 553 | COMPerr(COMP_F_BIO_ZLIB_READ, ERR_R_MALLOC_FAILURE); | ||
| 554 | return 0; | ||
| 555 | } | ||
| 556 | inflateInit(zin); | ||
| 557 | zin->next_in = ctx->ibuf; | ||
| 558 | zin->avail_in = 0; | ||
| 559 | } | ||
| 560 | |||
| 561 | /* Copy output data directly to supplied buffer */ | ||
| 562 | zin->next_out = (unsigned char *)out; | ||
| 563 | zin->avail_out = (unsigned int)outl; | ||
| 564 | for(;;) | ||
| 565 | { | ||
| 566 | /* Decompress while data available */ | ||
| 567 | while(zin->avail_in) | ||
| 568 | { | ||
| 569 | ret = inflate(zin, 0); | ||
| 570 | if((ret != Z_OK) && (ret != Z_STREAM_END)) | ||
| 571 | { | ||
| 572 | COMPerr(COMP_F_BIO_ZLIB_READ, | ||
| 573 | COMP_R_ZLIB_INFLATE_ERROR); | ||
| 574 | ERR_add_error_data(2, "zlib error:", | ||
| 575 | zError(ret)); | ||
| 576 | return 0; | ||
| 577 | } | ||
| 578 | /* If EOF or we've read everything then return */ | ||
| 579 | if((ret == Z_STREAM_END) || !zin->avail_out) | ||
| 580 | return outl - zin->avail_out; | ||
| 581 | } | ||
| 582 | |||
| 583 | /* No data in input buffer try to read some in, | ||
| 584 | * if an error then return the total data read. | ||
| 585 | */ | ||
| 586 | ret = BIO_read(b->next_bio, ctx->ibuf, ctx->ibufsize); | ||
| 587 | if(ret <= 0) | ||
| 588 | { | ||
| 589 | /* Total data read */ | ||
| 590 | int tot = outl - zin->avail_out; | ||
| 591 | BIO_copy_next_retry(b); | ||
| 592 | if(ret < 0) return (tot > 0) ? tot : ret; | ||
| 593 | return tot; | ||
| 594 | } | ||
| 595 | zin->avail_in = ret; | ||
| 596 | zin->next_in = ctx->ibuf; | ||
| 597 | } | ||
| 598 | } | ||
| 599 | |||
| 600 | static int bio_zlib_write(BIO *b, const char *in, int inl) | ||
| 601 | { | ||
| 602 | BIO_ZLIB_CTX *ctx; | ||
| 603 | int ret; | ||
| 604 | z_stream *zout; | ||
| 605 | if(!in || !inl) return 0; | ||
| 606 | ctx = (BIO_ZLIB_CTX *)b->ptr; | ||
| 607 | if(ctx->odone) return 0; | ||
| 608 | zout = &ctx->zout; | ||
| 609 | BIO_clear_retry_flags(b); | ||
| 610 | if(!ctx->obuf) | ||
| 611 | { | ||
| 612 | ctx->obuf = OPENSSL_malloc(ctx->obufsize); | ||
| 613 | /* Need error here */ | ||
| 614 | if(!ctx->obuf) | ||
| 615 | { | ||
| 616 | COMPerr(COMP_F_BIO_ZLIB_WRITE, ERR_R_MALLOC_FAILURE); | ||
| 617 | return 0; | ||
| 618 | } | ||
| 619 | ctx->optr = ctx->obuf; | ||
| 620 | ctx->ocount = 0; | ||
| 621 | deflateInit(zout, ctx->comp_level); | ||
| 622 | zout->next_out = ctx->obuf; | ||
| 623 | zout->avail_out = ctx->obufsize; | ||
| 624 | } | ||
| 625 | /* Obtain input data directly from supplied buffer */ | ||
| 626 | zout->next_in = (void *)in; | ||
| 627 | zout->avail_in = inl; | ||
| 628 | for(;;) | ||
| 629 | { | ||
| 630 | /* If data in output buffer write it first */ | ||
| 631 | while(ctx->ocount) { | ||
| 632 | ret = BIO_write(b->next_bio, ctx->optr, ctx->ocount); | ||
| 633 | if(ret <= 0) | ||
| 634 | { | ||
| 635 | /* Total data written */ | ||
| 636 | int tot = inl - zout->avail_in; | ||
| 637 | BIO_copy_next_retry(b); | ||
| 638 | if(ret < 0) return (tot > 0) ? tot : ret; | ||
| 639 | return tot; | ||
| 640 | } | ||
| 641 | ctx->optr += ret; | ||
| 642 | ctx->ocount -= ret; | ||
| 643 | } | ||
| 644 | |||
| 645 | /* Have we consumed all supplied data? */ | ||
| 646 | if(!zout->avail_in) | ||
| 647 | return inl; | ||
| 648 | |||
| 649 | /* Compress some more */ | ||
| 650 | |||
| 651 | /* Reset buffer */ | ||
| 652 | ctx->optr = ctx->obuf; | ||
| 653 | zout->next_out = ctx->obuf; | ||
| 654 | zout->avail_out = ctx->obufsize; | ||
| 655 | /* Compress some more */ | ||
| 656 | ret = deflate(zout, 0); | ||
| 657 | if(ret != Z_OK) | ||
| 658 | { | ||
| 659 | COMPerr(COMP_F_BIO_ZLIB_WRITE, | ||
| 660 | COMP_R_ZLIB_DEFLATE_ERROR); | ||
| 661 | ERR_add_error_data(2, "zlib error:", zError(ret)); | ||
| 662 | return 0; | ||
| 663 | } | ||
| 664 | ctx->ocount = ctx->obufsize - zout->avail_out; | ||
| 665 | } | ||
| 666 | } | ||
| 667 | |||
| 668 | static int bio_zlib_flush(BIO *b) | ||
| 669 | { | ||
| 670 | BIO_ZLIB_CTX *ctx; | ||
| 671 | int ret; | ||
| 672 | z_stream *zout; | ||
| 673 | ctx = (BIO_ZLIB_CTX *)b->ptr; | ||
| 674 | /* If no data written or already flush show success */ | ||
| 675 | if(!ctx->obuf || (ctx->odone && !ctx->ocount)) return 1; | ||
| 676 | zout = &ctx->zout; | ||
| 677 | BIO_clear_retry_flags(b); | ||
| 678 | /* No more input data */ | ||
| 679 | zout->next_in = NULL; | ||
| 680 | zout->avail_in = 0; | ||
| 681 | for(;;) | ||
| 682 | { | ||
| 683 | /* If data in output buffer write it first */ | ||
| 684 | while(ctx->ocount) | ||
| 685 | { | ||
| 686 | ret = BIO_write(b->next_bio, ctx->optr, ctx->ocount); | ||
| 687 | if(ret <= 0) | ||
| 688 | { | ||
| 689 | BIO_copy_next_retry(b); | ||
| 690 | return ret; | ||
| 691 | } | ||
| 692 | ctx->optr += ret; | ||
| 693 | ctx->ocount -= ret; | ||
| 694 | } | ||
| 695 | if(ctx->odone) return 1; | ||
| 696 | |||
| 697 | /* Compress some more */ | ||
| 698 | |||
| 699 | /* Reset buffer */ | ||
| 700 | ctx->optr = ctx->obuf; | ||
| 701 | zout->next_out = ctx->obuf; | ||
| 702 | zout->avail_out = ctx->obufsize; | ||
| 703 | /* Compress some more */ | ||
| 704 | ret = deflate(zout, Z_FINISH); | ||
| 705 | if(ret == Z_STREAM_END) ctx->odone = 1; | ||
| 706 | else if(ret != Z_OK) | ||
| 707 | { | ||
| 708 | COMPerr(COMP_F_BIO_ZLIB_FLUSH, | ||
| 709 | COMP_R_ZLIB_DEFLATE_ERROR); | ||
| 710 | ERR_add_error_data(2, "zlib error:", zError(ret)); | ||
| 711 | return 0; | ||
| 712 | } | ||
| 713 | ctx->ocount = ctx->obufsize - zout->avail_out; | ||
| 714 | } | ||
| 715 | } | ||
| 716 | |||
| 717 | static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr) | ||
| 718 | { | ||
| 719 | BIO_ZLIB_CTX *ctx; | ||
| 720 | int ret, *ip; | ||
| 721 | int ibs, obs; | ||
| 722 | if(!b->next_bio) return 0; | ||
| 723 | ctx = (BIO_ZLIB_CTX *)b->ptr; | ||
| 724 | switch (cmd) | ||
| 725 | { | ||
| 726 | |||
| 727 | case BIO_CTRL_RESET: | ||
| 728 | ctx->ocount = 0; | ||
| 729 | ctx->odone = 0; | ||
| 730 | break; | ||
| 731 | |||
| 732 | case BIO_CTRL_FLUSH: | ||
| 733 | ret = bio_zlib_flush(b); | ||
| 734 | if (ret > 0) | ||
| 735 | ret = BIO_flush(b->next_bio); | ||
| 736 | break; | ||
| 737 | |||
| 738 | case BIO_C_SET_BUFF_SIZE: | ||
| 739 | ibs = -1; | ||
| 740 | obs = -1; | ||
| 741 | if (ptr != NULL) | ||
| 742 | { | ||
| 743 | ip = ptr; | ||
| 744 | if (*ip == 0) | ||
| 745 | ibs = (int) num; | ||
| 746 | else | ||
| 747 | obs = (int) num; | ||
| 748 | } | ||
| 749 | else | ||
| 750 | { | ||
| 751 | ibs = (int)num; | ||
| 752 | obs = ibs; | ||
| 753 | } | ||
| 754 | |||
| 755 | if (ibs != -1) | ||
| 756 | { | ||
| 757 | if (ctx->ibuf) | ||
| 758 | { | ||
| 759 | OPENSSL_free(ctx->ibuf); | ||
| 760 | ctx->ibuf = NULL; | ||
| 761 | } | ||
| 762 | ctx->ibufsize = ibs; | ||
| 763 | } | ||
| 764 | |||
| 765 | if (obs != -1) | ||
| 766 | { | ||
| 767 | if (ctx->obuf) | ||
| 768 | { | ||
| 769 | OPENSSL_free(ctx->obuf); | ||
| 770 | ctx->obuf = NULL; | ||
| 771 | } | ||
| 772 | ctx->obufsize = obs; | ||
| 773 | } | ||
| 774 | |||
| 775 | break; | ||
| 776 | |||
| 777 | case BIO_C_DO_STATE_MACHINE: | ||
| 778 | BIO_clear_retry_flags(b); | ||
| 779 | ret = BIO_ctrl(b->next_bio, cmd, num, ptr); | ||
| 780 | BIO_copy_next_retry(b); | ||
| 781 | break; | ||
| 782 | |||
| 783 | default: | ||
| 784 | ret = BIO_ctrl(b->next_bio, cmd, num, ptr); | ||
| 785 | break; | ||
| 786 | |||
| 787 | } | ||
| 788 | |||
| 789 | return ret; | ||
| 790 | } | ||
| 791 | |||
| 792 | |||
| 793 | static long bio_zlib_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) | ||
| 794 | { | ||
| 795 | if(!b->next_bio) | ||
| 796 | return 0; | ||
| 797 | return | ||
| 798 | BIO_callback_ctrl(b->next_bio, cmd, fp); | ||
| 799 | } | ||
| 800 | |||
| 801 | #endif | ||
diff --git a/src/lib/libcrypto/comp/comp.h b/src/lib/libcrypto/comp/comp.h index ab48b78ae9..4b405c7d49 100644 --- a/src/lib/libcrypto/comp/comp.h +++ b/src/lib/libcrypto/comp/comp.h | |||
| @@ -8,19 +8,26 @@ | |||
| 8 | extern "C" { | 8 | extern "C" { |
| 9 | #endif | 9 | #endif |
| 10 | 10 | ||
| 11 | typedef struct comp_ctx_st COMP_CTX; | ||
| 12 | |||
| 11 | typedef struct comp_method_st | 13 | typedef struct comp_method_st |
| 12 | { | 14 | { |
| 13 | int type; /* NID for compression library */ | 15 | int type; /* NID for compression library */ |
| 14 | const char *name; /* A text string to identify the library */ | 16 | const char *name; /* A text string to identify the library */ |
| 15 | int (*init)(); | 17 | int (*init)(COMP_CTX *ctx); |
| 16 | void (*finish)(); | 18 | void (*finish)(COMP_CTX *ctx); |
| 17 | int (*compress)(); | 19 | int (*compress)(COMP_CTX *ctx, |
| 18 | int (*expand)(); | 20 | unsigned char *out, unsigned int olen, |
| 19 | long (*ctrl)(); | 21 | unsigned char *in, unsigned int ilen); |
| 20 | long (*callback_ctrl)(); | 22 | int (*expand)(COMP_CTX *ctx, |
| 23 | unsigned char *out, unsigned int olen, | ||
| 24 | unsigned char *in, unsigned int ilen); | ||
| 25 | /* The following two do NOTHING, but are kept for backward compatibility */ | ||
| 26 | long (*ctrl)(void); | ||
| 27 | long (*callback_ctrl)(void); | ||
| 21 | } COMP_METHOD; | 28 | } COMP_METHOD; |
| 22 | 29 | ||
| 23 | typedef struct comp_ctx_st | 30 | struct comp_ctx_st |
| 24 | { | 31 | { |
| 25 | COMP_METHOD *meth; | 32 | COMP_METHOD *meth; |
| 26 | unsigned long compress_in; | 33 | unsigned long compress_in; |
| @@ -29,7 +36,7 @@ typedef struct comp_ctx_st | |||
| 29 | unsigned long expand_out; | 36 | unsigned long expand_out; |
| 30 | 37 | ||
| 31 | CRYPTO_EX_DATA ex_data; | 38 | CRYPTO_EX_DATA ex_data; |
| 32 | } COMP_CTX; | 39 | }; |
| 33 | 40 | ||
| 34 | 41 | ||
| 35 | COMP_CTX *COMP_CTX_new(COMP_METHOD *meth); | 42 | COMP_CTX *COMP_CTX_new(COMP_METHOD *meth); |
| @@ -40,6 +47,13 @@ int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen, | |||
| 40 | unsigned char *in, int ilen); | 47 | unsigned char *in, int ilen); |
| 41 | COMP_METHOD *COMP_rle(void ); | 48 | COMP_METHOD *COMP_rle(void ); |
| 42 | COMP_METHOD *COMP_zlib(void ); | 49 | COMP_METHOD *COMP_zlib(void ); |
| 50 | void COMP_zlib_cleanup(void); | ||
| 51 | |||
| 52 | #ifdef HEADER_BIO_H | ||
| 53 | #ifdef ZLIB | ||
| 54 | BIO_METHOD *BIO_f_zlib(void); | ||
| 55 | #endif | ||
| 56 | #endif | ||
| 43 | 57 | ||
| 44 | /* BEGIN ERROR CODES */ | 58 | /* BEGIN ERROR CODES */ |
| 45 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 59 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
| @@ -50,8 +64,15 @@ void ERR_load_COMP_strings(void); | |||
| 50 | /* Error codes for the COMP functions. */ | 64 | /* Error codes for the COMP functions. */ |
| 51 | 65 | ||
| 52 | /* Function codes. */ | 66 | /* Function codes. */ |
| 67 | #define COMP_F_BIO_ZLIB_FLUSH 99 | ||
| 68 | #define COMP_F_BIO_ZLIB_NEW 100 | ||
| 69 | #define COMP_F_BIO_ZLIB_READ 101 | ||
| 70 | #define COMP_F_BIO_ZLIB_WRITE 102 | ||
| 53 | 71 | ||
| 54 | /* Reason codes. */ | 72 | /* Reason codes. */ |
| 73 | #define COMP_R_ZLIB_DEFLATE_ERROR 99 | ||
| 74 | #define COMP_R_ZLIB_INFLATE_ERROR 100 | ||
| 75 | #define COMP_R_ZLIB_NOT_SUPPORTED 101 | ||
| 55 | 76 | ||
| 56 | #ifdef __cplusplus | 77 | #ifdef __cplusplus |
| 57 | } | 78 | } |
diff --git a/src/lib/libcrypto/comp/comp_err.c b/src/lib/libcrypto/comp/comp_err.c index 1652b8c2c4..187d68b725 100644 --- a/src/lib/libcrypto/comp/comp_err.c +++ b/src/lib/libcrypto/comp/comp_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/comp/comp_err.c */ | 1 | /* crypto/comp/comp_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -64,13 +64,24 @@ | |||
| 64 | 64 | ||
| 65 | /* BEGIN ERROR CODES */ | 65 | /* BEGIN ERROR CODES */ |
| 66 | #ifndef OPENSSL_NO_ERR | 66 | #ifndef OPENSSL_NO_ERR |
| 67 | |||
| 68 | #define ERR_FUNC(func) ERR_PACK(ERR_LIB_COMP,func,0) | ||
| 69 | #define ERR_REASON(reason) ERR_PACK(ERR_LIB_COMP,0,reason) | ||
| 70 | |||
| 67 | static ERR_STRING_DATA COMP_str_functs[]= | 71 | static ERR_STRING_DATA COMP_str_functs[]= |
| 68 | { | 72 | { |
| 73 | {ERR_FUNC(COMP_F_BIO_ZLIB_FLUSH), "BIO_ZLIB_FLUSH"}, | ||
| 74 | {ERR_FUNC(COMP_F_BIO_ZLIB_NEW), "BIO_ZLIB_NEW"}, | ||
| 75 | {ERR_FUNC(COMP_F_BIO_ZLIB_READ), "BIO_ZLIB_READ"}, | ||
| 76 | {ERR_FUNC(COMP_F_BIO_ZLIB_WRITE), "BIO_ZLIB_WRITE"}, | ||
| 69 | {0,NULL} | 77 | {0,NULL} |
| 70 | }; | 78 | }; |
| 71 | 79 | ||
| 72 | static ERR_STRING_DATA COMP_str_reasons[]= | 80 | static ERR_STRING_DATA COMP_str_reasons[]= |
| 73 | { | 81 | { |
| 82 | {ERR_REASON(COMP_R_ZLIB_DEFLATE_ERROR) ,"zlib deflate error"}, | ||
| 83 | {ERR_REASON(COMP_R_ZLIB_INFLATE_ERROR) ,"zlib inflate error"}, | ||
| 84 | {ERR_REASON(COMP_R_ZLIB_NOT_SUPPORTED) ,"zlib not supported"}, | ||
| 74 | {0,NULL} | 85 | {0,NULL} |
| 75 | }; | 86 | }; |
| 76 | 87 | ||
| @@ -78,15 +89,12 @@ static ERR_STRING_DATA COMP_str_reasons[]= | |||
| 78 | 89 | ||
| 79 | void ERR_load_COMP_strings(void) | 90 | void ERR_load_COMP_strings(void) |
| 80 | { | 91 | { |
| 81 | static int init=1; | ||
| 82 | |||
| 83 | if (init) | ||
| 84 | { | ||
| 85 | init=0; | ||
| 86 | #ifndef OPENSSL_NO_ERR | 92 | #ifndef OPENSSL_NO_ERR |
| 87 | ERR_load_strings(ERR_LIB_COMP,COMP_str_functs); | ||
| 88 | ERR_load_strings(ERR_LIB_COMP,COMP_str_reasons); | ||
| 89 | #endif | ||
| 90 | 93 | ||
| 94 | if (ERR_func_error_string(COMP_str_functs[0].error) == NULL) | ||
| 95 | { | ||
| 96 | ERR_load_strings(0,COMP_str_functs); | ||
| 97 | ERR_load_strings(0,COMP_str_reasons); | ||
| 91 | } | 98 | } |
| 99 | #endif | ||
| 92 | } | 100 | } |
diff --git a/src/lib/libcrypto/comp/comp_lib.c b/src/lib/libcrypto/comp/comp_lib.c index beb98ce8cc..b60ae371e8 100644 --- a/src/lib/libcrypto/comp/comp_lib.c +++ b/src/lib/libcrypto/comp/comp_lib.c | |||
| @@ -20,17 +20,11 @@ COMP_CTX *COMP_CTX_new(COMP_METHOD *meth) | |||
| 20 | OPENSSL_free(ret); | 20 | OPENSSL_free(ret); |
| 21 | ret=NULL; | 21 | ret=NULL; |
| 22 | } | 22 | } |
| 23 | #if 0 | ||
| 24 | else | ||
| 25 | CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data); | ||
| 26 | #endif | ||
| 27 | return(ret); | 23 | return(ret); |
| 28 | } | 24 | } |
| 29 | 25 | ||
| 30 | void COMP_CTX_free(COMP_CTX *ctx) | 26 | void COMP_CTX_free(COMP_CTX *ctx) |
| 31 | { | 27 | { |
| 32 | /* CRYPTO_free_ex_data(rsa_meth,(char *)ctx,&ctx->ex_data); */ | ||
| 33 | |||
| 34 | if(ctx == NULL) | 28 | if(ctx == NULL) |
| 35 | return; | 29 | return; |
| 36 | 30 | ||
diff --git a/src/lib/libcrypto/conf/conf.h b/src/lib/libcrypto/conf/conf.h index f4671442ab..8aa06bc5ec 100644 --- a/src/lib/libcrypto/conf/conf.h +++ b/src/lib/libcrypto/conf/conf.h | |||
| @@ -65,6 +65,8 @@ | |||
| 65 | #include <openssl/safestack.h> | 65 | #include <openssl/safestack.h> |
| 66 | #include <openssl/e_os2.h> | 66 | #include <openssl/e_os2.h> |
| 67 | 67 | ||
| 68 | #include <openssl/ossl_typ.h> | ||
| 69 | |||
| 68 | #ifdef __cplusplus | 70 | #ifdef __cplusplus |
| 69 | extern "C" { | 71 | extern "C" { |
| 70 | #endif | 72 | #endif |
| @@ -81,7 +83,6 @@ DECLARE_STACK_OF(CONF_MODULE) | |||
| 81 | DECLARE_STACK_OF(CONF_IMODULE) | 83 | DECLARE_STACK_OF(CONF_IMODULE) |
| 82 | 84 | ||
| 83 | struct conf_st; | 85 | struct conf_st; |
| 84 | typedef struct conf_st CONF; | ||
| 85 | struct conf_method_st; | 86 | struct conf_method_st; |
| 86 | typedef struct conf_method_st CONF_METHOD; | 87 | typedef struct conf_method_st CONF_METHOD; |
| 87 | 88 | ||
| @@ -113,6 +114,7 @@ typedef void conf_finish_func(CONF_IMODULE *md); | |||
| 113 | #define CONF_MFLAGS_SILENT 0x4 | 114 | #define CONF_MFLAGS_SILENT 0x4 |
| 114 | #define CONF_MFLAGS_NO_DSO 0x8 | 115 | #define CONF_MFLAGS_NO_DSO 0x8 |
| 115 | #define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10 | 116 | #define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10 |
| 117 | #define CONF_MFLAGS_DEFAULT_SECTION 0x20 | ||
| 116 | 118 | ||
| 117 | int CONF_set_default_method(CONF_METHOD *meth); | 119 | int CONF_set_default_method(CONF_METHOD *meth); |
| 118 | void CONF_set_nconf(CONF *conf,LHASH *hash); | 120 | void CONF_set_nconf(CONF *conf,LHASH *hash); |
| @@ -212,6 +214,8 @@ void ERR_load_CONF_strings(void); | |||
| 212 | #define CONF_F_CONF_LOAD_BIO 102 | 214 | #define CONF_F_CONF_LOAD_BIO 102 |
| 213 | #define CONF_F_CONF_LOAD_FP 103 | 215 | #define CONF_F_CONF_LOAD_FP 103 |
| 214 | #define CONF_F_CONF_MODULES_LOAD 116 | 216 | #define CONF_F_CONF_MODULES_LOAD 116 |
| 217 | #define CONF_F_DEF_LOAD 120 | ||
| 218 | #define CONF_F_DEF_LOAD_BIO 121 | ||
| 215 | #define CONF_F_MODULE_INIT 115 | 219 | #define CONF_F_MODULE_INIT 115 |
| 216 | #define CONF_F_MODULE_LOAD_DSO 117 | 220 | #define CONF_F_MODULE_LOAD_DSO 117 |
| 217 | #define CONF_F_MODULE_RUN 118 | 221 | #define CONF_F_MODULE_RUN 118 |
diff --git a/src/lib/libcrypto/conf/conf_api.c b/src/lib/libcrypto/conf/conf_api.c index 0032baa711..909d72b4b8 100644 --- a/src/lib/libcrypto/conf/conf_api.c +++ b/src/lib/libcrypto/conf/conf_api.c | |||
| @@ -121,7 +121,7 @@ int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value) | |||
| 121 | v = (CONF_VALUE *)lh_insert(conf->data, value); | 121 | v = (CONF_VALUE *)lh_insert(conf->data, value); |
| 122 | if (v != NULL) | 122 | if (v != NULL) |
| 123 | { | 123 | { |
| 124 | sk_CONF_VALUE_delete_ptr(ts,v); | 124 | (void)sk_CONF_VALUE_delete_ptr(ts,v); |
| 125 | OPENSSL_free(v->name); | 125 | OPENSSL_free(v->name); |
| 126 | OPENSSL_free(v->value); | 126 | OPENSSL_free(v->value); |
| 127 | OPENSSL_free(v); | 127 | OPENSSL_free(v); |
diff --git a/src/lib/libcrypto/conf/conf_def.c b/src/lib/libcrypto/conf/conf_def.c index 2464f8ed90..d8bce8732a 100644 --- a/src/lib/libcrypto/conf/conf_def.c +++ b/src/lib/libcrypto/conf/conf_def.c | |||
| @@ -60,6 +60,7 @@ | |||
| 60 | 60 | ||
| 61 | #include <stdio.h> | 61 | #include <stdio.h> |
| 62 | #include <string.h> | 62 | #include <string.h> |
| 63 | #include "cryptlib.h" | ||
| 63 | #include <openssl/stack.h> | 64 | #include <openssl/stack.h> |
| 64 | #include <openssl/lhash.h> | 65 | #include <openssl/lhash.h> |
| 65 | #include <openssl/conf.h> | 66 | #include <openssl/conf.h> |
| @@ -67,7 +68,6 @@ | |||
| 67 | #include "conf_def.h" | 68 | #include "conf_def.h" |
| 68 | #include <openssl/buffer.h> | 69 | #include <openssl/buffer.h> |
| 69 | #include <openssl/err.h> | 70 | #include <openssl/err.h> |
| 70 | #include "cryptlib.h" | ||
| 71 | 71 | ||
| 72 | static char *eat_ws(CONF *conf, char *p); | 72 | static char *eat_ws(CONF *conf, char *p); |
| 73 | static char *eat_alpha_numeric(CONF *conf, char *p); | 73 | static char *eat_alpha_numeric(CONF *conf, char *p); |
| @@ -88,7 +88,7 @@ static int def_dump(const CONF *conf, BIO *bp); | |||
| 88 | static int def_is_number(const CONF *conf, char c); | 88 | static int def_is_number(const CONF *conf, char c); |
| 89 | static int def_to_int(const CONF *conf, char c); | 89 | static int def_to_int(const CONF *conf, char c); |
| 90 | 90 | ||
| 91 | const char *CONF_def_version="CONF_def" OPENSSL_VERSION_PTEXT; | 91 | const char CONF_def_version[]="CONF_def" OPENSSL_VERSION_PTEXT; |
| 92 | 92 | ||
| 93 | static CONF_METHOD default_method = { | 93 | static CONF_METHOD default_method = { |
| 94 | "OpenSSL default", | 94 | "OpenSSL default", |
| @@ -194,9 +194,9 @@ static int def_load(CONF *conf, const char *name, long *line) | |||
| 194 | if (in == NULL) | 194 | if (in == NULL) |
| 195 | { | 195 | { |
| 196 | if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE) | 196 | if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE) |
| 197 | CONFerr(CONF_F_CONF_LOAD,CONF_R_NO_SUCH_FILE); | 197 | CONFerr(CONF_F_DEF_LOAD,CONF_R_NO_SUCH_FILE); |
| 198 | else | 198 | else |
| 199 | CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB); | 199 | CONFerr(CONF_F_DEF_LOAD,ERR_R_SYS_LIB); |
| 200 | return 0; | 200 | return 0; |
| 201 | } | 201 | } |
| 202 | 202 | ||
| @@ -225,28 +225,28 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) | |||
| 225 | 225 | ||
| 226 | if ((buff=BUF_MEM_new()) == NULL) | 226 | if ((buff=BUF_MEM_new()) == NULL) |
| 227 | { | 227 | { |
| 228 | CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB); | 228 | CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_BUF_LIB); |
| 229 | goto err; | 229 | goto err; |
| 230 | } | 230 | } |
| 231 | 231 | ||
| 232 | section=(char *)OPENSSL_malloc(10); | 232 | section=(char *)OPENSSL_malloc(10); |
| 233 | if (section == NULL) | 233 | if (section == NULL) |
| 234 | { | 234 | { |
| 235 | CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE); | 235 | CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_MALLOC_FAILURE); |
| 236 | goto err; | 236 | goto err; |
| 237 | } | 237 | } |
| 238 | BUF_strlcpy(section,"default",10); | 238 | BUF_strlcpy(section,"default",10); |
| 239 | 239 | ||
| 240 | if (_CONF_new_data(conf) == 0) | 240 | if (_CONF_new_data(conf) == 0) |
| 241 | { | 241 | { |
| 242 | CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE); | 242 | CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_MALLOC_FAILURE); |
| 243 | goto err; | 243 | goto err; |
| 244 | } | 244 | } |
| 245 | 245 | ||
| 246 | sv=_CONF_new_section(conf,section); | 246 | sv=_CONF_new_section(conf,section); |
| 247 | if (sv == NULL) | 247 | if (sv == NULL) |
| 248 | { | 248 | { |
| 249 | CONFerr(CONF_F_CONF_LOAD_BIO, | 249 | CONFerr(CONF_F_DEF_LOAD_BIO, |
| 250 | CONF_R_UNABLE_TO_CREATE_NEW_SECTION); | 250 | CONF_R_UNABLE_TO_CREATE_NEW_SECTION); |
| 251 | goto err; | 251 | goto err; |
| 252 | } | 252 | } |
| @@ -258,7 +258,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) | |||
| 258 | { | 258 | { |
| 259 | if (!BUF_MEM_grow(buff,bufnum+CONFBUFSIZE)) | 259 | if (!BUF_MEM_grow(buff,bufnum+CONFBUFSIZE)) |
| 260 | { | 260 | { |
| 261 | CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB); | 261 | CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_BUF_LIB); |
| 262 | goto err; | 262 | goto err; |
| 263 | } | 263 | } |
| 264 | p= &(buff->data[bufnum]); | 264 | p= &(buff->data[bufnum]); |
| @@ -329,7 +329,7 @@ again: | |||
| 329 | ss=p; | 329 | ss=p; |
| 330 | goto again; | 330 | goto again; |
| 331 | } | 331 | } |
| 332 | CONFerr(CONF_F_CONF_LOAD_BIO, | 332 | CONFerr(CONF_F_DEF_LOAD_BIO, |
| 333 | CONF_R_MISSING_CLOSE_SQUARE_BRACKET); | 333 | CONF_R_MISSING_CLOSE_SQUARE_BRACKET); |
| 334 | goto err; | 334 | goto err; |
| 335 | } | 335 | } |
| @@ -339,7 +339,7 @@ again: | |||
| 339 | sv=_CONF_new_section(conf,section); | 339 | sv=_CONF_new_section(conf,section); |
| 340 | if (sv == NULL) | 340 | if (sv == NULL) |
| 341 | { | 341 | { |
| 342 | CONFerr(CONF_F_CONF_LOAD_BIO, | 342 | CONFerr(CONF_F_DEF_LOAD_BIO, |
| 343 | CONF_R_UNABLE_TO_CREATE_NEW_SECTION); | 343 | CONF_R_UNABLE_TO_CREATE_NEW_SECTION); |
| 344 | goto err; | 344 | goto err; |
| 345 | } | 345 | } |
| @@ -362,7 +362,7 @@ again: | |||
| 362 | p=eat_ws(conf, end); | 362 | p=eat_ws(conf, end); |
| 363 | if (*p != '=') | 363 | if (*p != '=') |
| 364 | { | 364 | { |
| 365 | CONFerr(CONF_F_CONF_LOAD_BIO, | 365 | CONFerr(CONF_F_DEF_LOAD_BIO, |
| 366 | CONF_R_MISSING_EQUAL_SIGN); | 366 | CONF_R_MISSING_EQUAL_SIGN); |
| 367 | goto err; | 367 | goto err; |
| 368 | } | 368 | } |
| @@ -379,7 +379,7 @@ again: | |||
| 379 | 379 | ||
| 380 | if (!(v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) | 380 | if (!(v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) |
| 381 | { | 381 | { |
| 382 | CONFerr(CONF_F_CONF_LOAD_BIO, | 382 | CONFerr(CONF_F_DEF_LOAD_BIO, |
| 383 | ERR_R_MALLOC_FAILURE); | 383 | ERR_R_MALLOC_FAILURE); |
| 384 | goto err; | 384 | goto err; |
| 385 | } | 385 | } |
| @@ -388,7 +388,7 @@ again: | |||
| 388 | v->value=NULL; | 388 | v->value=NULL; |
| 389 | if (v->name == NULL) | 389 | if (v->name == NULL) |
| 390 | { | 390 | { |
| 391 | CONFerr(CONF_F_CONF_LOAD_BIO, | 391 | CONFerr(CONF_F_DEF_LOAD_BIO, |
| 392 | ERR_R_MALLOC_FAILURE); | 392 | ERR_R_MALLOC_FAILURE); |
| 393 | goto err; | 393 | goto err; |
| 394 | } | 394 | } |
| @@ -402,7 +402,7 @@ again: | |||
| 402 | tv=_CONF_new_section(conf,psection); | 402 | tv=_CONF_new_section(conf,psection); |
| 403 | if (tv == NULL) | 403 | if (tv == NULL) |
| 404 | { | 404 | { |
| 405 | CONFerr(CONF_F_CONF_LOAD_BIO, | 405 | CONFerr(CONF_F_DEF_LOAD_BIO, |
| 406 | CONF_R_UNABLE_TO_CREATE_NEW_SECTION); | 406 | CONF_R_UNABLE_TO_CREATE_NEW_SECTION); |
| 407 | goto err; | 407 | goto err; |
| 408 | } | 408 | } |
| @@ -416,7 +416,7 @@ again: | |||
| 416 | #if 1 | 416 | #if 1 |
| 417 | if (_CONF_add_string(conf, tv, v) == 0) | 417 | if (_CONF_add_string(conf, tv, v) == 0) |
| 418 | { | 418 | { |
| 419 | CONFerr(CONF_F_CONF_LOAD_BIO, | 419 | CONFerr(CONF_F_DEF_LOAD_BIO, |
| 420 | ERR_R_MALLOC_FAILURE); | 420 | ERR_R_MALLOC_FAILURE); |
| 421 | goto err; | 421 | goto err; |
| 422 | } | 422 | } |
| @@ -424,7 +424,7 @@ again: | |||
| 424 | v->section=tv->section; | 424 | v->section=tv->section; |
| 425 | if (!sk_CONF_VALUE_push(ts,v)) | 425 | if (!sk_CONF_VALUE_push(ts,v)) |
| 426 | { | 426 | { |
| 427 | CONFerr(CONF_F_CONF_LOAD_BIO, | 427 | CONFerr(CONF_F_DEF_LOAD_BIO, |
| 428 | ERR_R_MALLOC_FAILURE); | 428 | ERR_R_MALLOC_FAILURE); |
| 429 | goto err; | 429 | goto err; |
| 430 | } | 430 | } |
| @@ -629,7 +629,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) | |||
| 629 | CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE); | 629 | CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE); |
| 630 | goto err; | 630 | goto err; |
| 631 | } | 631 | } |
| 632 | BUF_MEM_grow_clean(buf,(strlen(p)+len-(e-from))); | 632 | BUF_MEM_grow_clean(buf,(strlen(p)+buf->length-(e-from))); |
| 633 | while (*p) | 633 | while (*p) |
| 634 | buf->data[to++]= *(p++); | 634 | buf->data[to++]= *(p++); |
| 635 | 635 | ||
diff --git a/src/lib/libcrypto/conf/conf_err.c b/src/lib/libcrypto/conf/conf_err.c index f5e2ca4bf0..a16a5e0bd4 100644 --- a/src/lib/libcrypto/conf/conf_err.c +++ b/src/lib/libcrypto/conf/conf_err.c | |||
| @@ -75,6 +75,8 @@ static ERR_STRING_DATA CONF_str_functs[]= | |||
| 75 | {ERR_FUNC(CONF_F_CONF_LOAD_BIO), "CONF_load_bio"}, | 75 | {ERR_FUNC(CONF_F_CONF_LOAD_BIO), "CONF_load_bio"}, |
| 76 | {ERR_FUNC(CONF_F_CONF_LOAD_FP), "CONF_load_fp"}, | 76 | {ERR_FUNC(CONF_F_CONF_LOAD_FP), "CONF_load_fp"}, |
| 77 | {ERR_FUNC(CONF_F_CONF_MODULES_LOAD), "CONF_modules_load"}, | 77 | {ERR_FUNC(CONF_F_CONF_MODULES_LOAD), "CONF_modules_load"}, |
| 78 | {ERR_FUNC(CONF_F_DEF_LOAD), "DEF_LOAD"}, | ||
| 79 | {ERR_FUNC(CONF_F_DEF_LOAD_BIO), "DEF_LOAD_BIO"}, | ||
| 78 | {ERR_FUNC(CONF_F_MODULE_INIT), "MODULE_INIT"}, | 80 | {ERR_FUNC(CONF_F_MODULE_INIT), "MODULE_INIT"}, |
| 79 | {ERR_FUNC(CONF_F_MODULE_LOAD_DSO), "MODULE_LOAD_DSO"}, | 81 | {ERR_FUNC(CONF_F_MODULE_LOAD_DSO), "MODULE_LOAD_DSO"}, |
| 80 | {ERR_FUNC(CONF_F_MODULE_RUN), "MODULE_RUN"}, | 82 | {ERR_FUNC(CONF_F_MODULE_RUN), "MODULE_RUN"}, |
| @@ -116,15 +118,12 @@ static ERR_STRING_DATA CONF_str_reasons[]= | |||
| 116 | 118 | ||
| 117 | void ERR_load_CONF_strings(void) | 119 | void ERR_load_CONF_strings(void) |
| 118 | { | 120 | { |
| 119 | static int init=1; | 121 | #ifndef OPENSSL_NO_ERR |
| 120 | 122 | ||
| 121 | if (init) | 123 | if (ERR_func_error_string(CONF_str_functs[0].error) == NULL) |
| 122 | { | 124 | { |
| 123 | init=0; | ||
| 124 | #ifndef OPENSSL_NO_ERR | ||
| 125 | ERR_load_strings(0,CONF_str_functs); | 125 | ERR_load_strings(0,CONF_str_functs); |
| 126 | ERR_load_strings(0,CONF_str_reasons); | 126 | ERR_load_strings(0,CONF_str_reasons); |
| 127 | #endif | ||
| 128 | |||
| 129 | } | 127 | } |
| 128 | #endif | ||
| 130 | } | 129 | } |
diff --git a/src/lib/libcrypto/conf/conf_lib.c b/src/lib/libcrypto/conf/conf_lib.c index 6a3cf109dd..2a3399d269 100644 --- a/src/lib/libcrypto/conf/conf_lib.c +++ b/src/lib/libcrypto/conf/conf_lib.c | |||
| @@ -63,7 +63,7 @@ | |||
| 63 | #include <openssl/conf_api.h> | 63 | #include <openssl/conf_api.h> |
| 64 | #include <openssl/lhash.h> | 64 | #include <openssl/lhash.h> |
| 65 | 65 | ||
| 66 | const char *CONF_version="CONF" OPENSSL_VERSION_PTEXT; | 66 | const char CONF_version[]="CONF" OPENSSL_VERSION_PTEXT; |
| 67 | 67 | ||
| 68 | static CONF_METHOD *default_CONF_method=NULL; | 68 | static CONF_METHOD *default_CONF_method=NULL; |
| 69 | 69 | ||
| @@ -184,7 +184,7 @@ long CONF_get_number(LHASH *conf,const char *group,const char *name) | |||
| 184 | if (status == 0) | 184 | if (status == 0) |
| 185 | { | 185 | { |
| 186 | /* This function does not believe in errors... */ | 186 | /* This function does not believe in errors... */ |
| 187 | ERR_get_error(); | 187 | ERR_clear_error(); |
| 188 | } | 188 | } |
| 189 | return result; | 189 | return result; |
| 190 | } | 190 | } |
diff --git a/src/lib/libcrypto/conf/conf_mod.c b/src/lib/libcrypto/conf/conf_mod.c index 812e60dc70..58b23ba992 100644 --- a/src/lib/libcrypto/conf/conf_mod.c +++ b/src/lib/libcrypto/conf/conf_mod.c | |||
| @@ -126,17 +126,18 @@ int CONF_modules_load(const CONF *cnf, const char *appname, | |||
| 126 | { | 126 | { |
| 127 | STACK_OF(CONF_VALUE) *values; | 127 | STACK_OF(CONF_VALUE) *values; |
| 128 | CONF_VALUE *vl; | 128 | CONF_VALUE *vl; |
| 129 | char *vsection; | 129 | char *vsection = NULL; |
| 130 | 130 | ||
| 131 | int ret, i; | 131 | int ret, i; |
| 132 | 132 | ||
| 133 | if (!cnf) | 133 | if (!cnf) |
| 134 | return 1; | 134 | return 1; |
| 135 | 135 | ||
| 136 | if (appname == NULL) | 136 | if (appname) |
| 137 | appname = "openssl_conf"; | 137 | vsection = NCONF_get_string(cnf, NULL, appname); |
| 138 | 138 | ||
| 139 | vsection = NCONF_get_string(cnf, NULL, appname); | 139 | if (!appname || (!vsection && (flags & CONF_MFLAGS_DEFAULT_SECTION))) |
| 140 | vsection = NCONF_get_string(cnf, NULL, "openssl_conf"); | ||
| 140 | 141 | ||
| 141 | if (!vsection) | 142 | if (!vsection) |
| 142 | { | 143 | { |
| @@ -231,7 +232,7 @@ static int module_run(const CONF *cnf, char *name, char *value, | |||
| 231 | if (!(flags & CONF_MFLAGS_SILENT)) | 232 | if (!(flags & CONF_MFLAGS_SILENT)) |
| 232 | { | 233 | { |
| 233 | char rcode[DECIMAL_SIZE(ret)+1]; | 234 | char rcode[DECIMAL_SIZE(ret)+1]; |
| 234 | CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR); | 235 | CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR); |
| 235 | BIO_snprintf(rcode, sizeof rcode, "%-8d", ret); | 236 | BIO_snprintf(rcode, sizeof rcode, "%-8d", ret); |
| 236 | ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode); | 237 | ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode); |
| 237 | } | 238 | } |
| @@ -254,7 +255,7 @@ static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value, | |||
| 254 | path = NCONF_get_string(cnf, value, "path"); | 255 | path = NCONF_get_string(cnf, value, "path"); |
| 255 | if (!path) | 256 | if (!path) |
| 256 | { | 257 | { |
| 257 | ERR_get_error(); | 258 | ERR_clear_error(); |
| 258 | path = name; | 259 | path = name; |
| 259 | } | 260 | } |
| 260 | dso = DSO_load(NULL, path, NULL, 0); | 261 | dso = DSO_load(NULL, path, NULL, 0); |
| @@ -431,7 +432,7 @@ void CONF_modules_unload(int all) | |||
| 431 | if (((md->links > 0) || !md->dso) && !all) | 432 | if (((md->links > 0) || !md->dso) && !all) |
| 432 | continue; | 433 | continue; |
| 433 | /* Since we're working in reverse this is OK */ | 434 | /* Since we're working in reverse this is OK */ |
| 434 | sk_CONF_MODULE_delete(supported_modules, i); | 435 | (void)sk_CONF_MODULE_delete(supported_modules, i); |
| 435 | module_free(md); | 436 | module_free(md); |
| 436 | } | 437 | } |
| 437 | if (sk_CONF_MODULE_num(supported_modules) == 0) | 438 | if (sk_CONF_MODULE_num(supported_modules) == 0) |
diff --git a/src/lib/libcrypto/conf/conf_sap.c b/src/lib/libcrypto/conf/conf_sap.c index e15c2e5546..9c53bac1a8 100644 --- a/src/lib/libcrypto/conf/conf_sap.c +++ b/src/lib/libcrypto/conf/conf_sap.c | |||
| @@ -88,8 +88,8 @@ void OPENSSL_config(const char *config_name) | |||
| 88 | 88 | ||
| 89 | 89 | ||
| 90 | ERR_clear_error(); | 90 | ERR_clear_error(); |
| 91 | if (CONF_modules_load_file(NULL, NULL, | 91 | if (CONF_modules_load_file(NULL, config_name, |
| 92 | CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) | 92 | CONF_MFLAGS_DEFAULT_SECTION|CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) |
| 93 | { | 93 | { |
| 94 | BIO *bio_err; | 94 | BIO *bio_err; |
| 95 | ERR_load_crypto_strings(); | 95 | ERR_load_crypto_strings(); |
diff --git a/src/lib/libcrypto/cpt_err.c b/src/lib/libcrypto/cpt_err.c index 06a6109cce..9fd41fff8c 100644 --- a/src/lib/libcrypto/cpt_err.c +++ b/src/lib/libcrypto/cpt_err.c | |||
| @@ -92,15 +92,12 @@ static ERR_STRING_DATA CRYPTO_str_reasons[]= | |||
| 92 | 92 | ||
| 93 | void ERR_load_CRYPTO_strings(void) | 93 | void ERR_load_CRYPTO_strings(void) |
| 94 | { | 94 | { |
| 95 | static int init=1; | 95 | #ifndef OPENSSL_NO_ERR |
| 96 | 96 | ||
| 97 | if (init) | 97 | if (ERR_func_error_string(CRYPTO_str_functs[0].error) == NULL) |
| 98 | { | 98 | { |
| 99 | init=0; | ||
| 100 | #ifndef OPENSSL_NO_ERR | ||
| 101 | ERR_load_strings(0,CRYPTO_str_functs); | 99 | ERR_load_strings(0,CRYPTO_str_functs); |
| 102 | ERR_load_strings(0,CRYPTO_str_reasons); | 100 | ERR_load_strings(0,CRYPTO_str_reasons); |
| 103 | #endif | ||
| 104 | |||
| 105 | } | 101 | } |
| 102 | #endif | ||
| 106 | } | 103 | } |
diff --git a/src/lib/libcrypto/cryptlib.c b/src/lib/libcrypto/cryptlib.c index e63bbe8dba..8c68623828 100644 --- a/src/lib/libcrypto/cryptlib.c +++ b/src/lib/libcrypto/cryptlib.c | |||
| @@ -1,4 +1,57 @@ | |||
| 1 | /* crypto/cryptlib.c */ | 1 | /* crypto/cryptlib.c */ |
| 2 | /* ==================================================================== | ||
| 3 | * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. | ||
| 4 | * | ||
| 5 | * Redistribution and use in source and binary forms, with or without | ||
| 6 | * modification, are permitted provided that the following conditions | ||
| 7 | * are met: | ||
| 8 | * | ||
| 9 | * 1. Redistributions of source code must retain the above copyright | ||
| 10 | * notice, this list of conditions and the following disclaimer. | ||
| 11 | * | ||
| 12 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer in | ||
| 14 | * the documentation and/or other materials provided with the | ||
| 15 | * distribution. | ||
| 16 | * | ||
| 17 | * 3. All advertising materials mentioning features or use of this | ||
| 18 | * software must display the following acknowledgment: | ||
| 19 | * "This product includes software developed by the OpenSSL Project | ||
| 20 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 21 | * | ||
| 22 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 23 | * endorse or promote products derived from this software without | ||
| 24 | * prior written permission. For written permission, please contact | ||
| 25 | * openssl-core@openssl.org. | ||
| 26 | * | ||
| 27 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 28 | * nor may "OpenSSL" appear in their names without prior written | ||
| 29 | * permission of the OpenSSL Project. | ||
| 30 | * | ||
| 31 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 32 | * acknowledgment: | ||
| 33 | * "This product includes software developed by the OpenSSL Project | ||
| 34 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 35 | * | ||
| 36 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 37 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 38 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 39 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 40 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 41 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 42 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 43 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 44 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 45 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 46 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 47 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 48 | * ==================================================================== | ||
| 49 | * | ||
| 50 | * This product includes cryptographic software written by Eric Young | ||
| 51 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 52 | * Hudson (tjh@cryptsoft.com). | ||
| 53 | * | ||
| 54 | */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 55 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 56 | * All rights reserved. |
| 4 | * | 57 | * |
| @@ -55,11 +108,13 @@ | |||
| 55 | * copied and put under another distribution licence | 108 | * copied and put under another distribution licence |
| 56 | * [including the GNU Public Licence.] | 109 | * [including the GNU Public Licence.] |
| 57 | */ | 110 | */ |
| 111 | /* ==================================================================== | ||
| 112 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 113 | * ECDH support in OpenSSL originally developed by | ||
| 114 | * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | ||
| 115 | */ | ||
| 58 | 116 | ||
| 59 | #include <stdio.h> | ||
| 60 | #include <string.h> | ||
| 61 | #include "cryptlib.h" | 117 | #include "cryptlib.h" |
| 62 | #include <openssl/crypto.h> | ||
| 63 | #include <openssl/safestack.h> | 118 | #include <openssl/safestack.h> |
| 64 | 119 | ||
| 65 | #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) | 120 | #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) |
| @@ -70,7 +125,7 @@ DECLARE_STACK_OF(CRYPTO_dynlock) | |||
| 70 | IMPLEMENT_STACK_OF(CRYPTO_dynlock) | 125 | IMPLEMENT_STACK_OF(CRYPTO_dynlock) |
| 71 | 126 | ||
| 72 | /* real #defines in crypto.h, keep these upto date */ | 127 | /* real #defines in crypto.h, keep these upto date */ |
| 73 | static const char* lock_names[CRYPTO_NUM_LOCKS] = | 128 | static const char* const lock_names[CRYPTO_NUM_LOCKS] = |
| 74 | { | 129 | { |
| 75 | "<<ERROR>>", | 130 | "<<ERROR>>", |
| 76 | "err", | 131 | "err", |
| @@ -104,10 +159,14 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] = | |||
| 104 | "dynlock", | 159 | "dynlock", |
| 105 | "engine", | 160 | "engine", |
| 106 | "ui", | 161 | "ui", |
| 107 | "hwcrhk", /* This is a HACK which will disappear in 0.9.8 */ | 162 | "ecdsa", |
| 108 | "fips", | 163 | "ec", |
| 109 | "fips2", | 164 | "ecdh", |
| 110 | #if CRYPTO_NUM_LOCKS != 35 | 165 | "bn", |
| 166 | "ec_pre_comp", | ||
| 167 | "store", | ||
| 168 | "comp", | ||
| 169 | #if CRYPTO_NUM_LOCKS != 39 | ||
| 111 | # error "Inconsistency between crypto.h and cryptlib.c" | 170 | # error "Inconsistency between crypto.h and cryptlib.c" |
| 112 | #endif | 171 | #endif |
| 113 | }; | 172 | }; |
| @@ -218,7 +277,7 @@ int CRYPTO_get_new_dynlockid(void) | |||
| 218 | else | 277 | else |
| 219 | /* If we found a place with a NULL pointer, put our pointer | 278 | /* If we found a place with a NULL pointer, put our pointer |
| 220 | in it. */ | 279 | in it. */ |
| 221 | sk_CRYPTO_dynlock_set(dyn_locks,i,pointer); | 280 | (void)sk_CRYPTO_dynlock_set(dyn_locks,i,pointer); |
| 222 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | 281 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); |
| 223 | 282 | ||
| 224 | if (i == -1) | 283 | if (i == -1) |
| @@ -260,7 +319,7 @@ void CRYPTO_destroy_dynlockid(int i) | |||
| 260 | #endif | 319 | #endif |
| 261 | if (pointer->references <= 0) | 320 | if (pointer->references <= 0) |
| 262 | { | 321 | { |
| 263 | sk_CRYPTO_dynlock_set(dyn_locks, i, NULL); | 322 | (void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL); |
| 264 | } | 323 | } |
| 265 | else | 324 | else |
| 266 | pointer = NULL; | 325 | pointer = NULL; |
| @@ -480,9 +539,48 @@ const char *CRYPTO_get_lock_name(int type) | |||
| 480 | return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); | 539 | return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); |
| 481 | } | 540 | } |
| 482 | 541 | ||
| 483 | int OPENSSL_NONPIC_relocated=0; | 542 | #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ |
| 543 | defined(__INTEL__) || \ | ||
| 544 | defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) | ||
| 545 | |||
| 546 | unsigned long OPENSSL_ia32cap_P=0; | ||
| 547 | unsigned long *OPENSSL_ia32cap_loc(void) { return &OPENSSL_ia32cap_P; } | ||
| 548 | |||
| 549 | #if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY) | ||
| 550 | #define OPENSSL_CPUID_SETUP | ||
| 551 | void OPENSSL_cpuid_setup(void) | ||
| 552 | { static int trigger=0; | ||
| 553 | unsigned long OPENSSL_ia32_cpuid(void); | ||
| 554 | char *env; | ||
| 484 | 555 | ||
| 485 | #if defined(_WIN32) && defined(_WINDLL) | 556 | if (trigger) return; |
| 557 | |||
| 558 | trigger=1; | ||
| 559 | if ((env=getenv("OPENSSL_ia32cap"))) | ||
| 560 | OPENSSL_ia32cap_P = strtoul(env,NULL,0)|(1<<10); | ||
| 561 | else | ||
| 562 | OPENSSL_ia32cap_P = OPENSSL_ia32_cpuid()|(1<<10); | ||
| 563 | /* | ||
| 564 | * |(1<<10) sets a reserved bit to signal that variable | ||
| 565 | * was initialized already... This is to avoid interference | ||
| 566 | * with cpuid snippets in ELF .init segment. | ||
| 567 | */ | ||
| 568 | } | ||
| 569 | #endif | ||
| 570 | |||
| 571 | #else | ||
| 572 | unsigned long *OPENSSL_ia32cap_loc(void) { return NULL; } | ||
| 573 | #endif | ||
| 574 | int OPENSSL_NONPIC_relocated = 0; | ||
| 575 | #if !defined(OPENSSL_CPUID_SETUP) | ||
| 576 | void OPENSSL_cpuid_setup(void) {} | ||
| 577 | #endif | ||
| 578 | |||
| 579 | #if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_WINDLL) | ||
| 580 | #ifdef __CYGWIN__ | ||
| 581 | /* pick DLL_[PROCESS|THREAD]_[ATTACH|DETACH] definitions */ | ||
| 582 | #include <windows.h> | ||
| 583 | #endif | ||
| 486 | 584 | ||
| 487 | /* All we really need to do is remove the 'error' state when a thread | 585 | /* All we really need to do is remove the 'error' state when a thread |
| 488 | * detaches */ | 586 | * detaches */ |
| @@ -493,6 +591,7 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, | |||
| 493 | switch(fdwReason) | 591 | switch(fdwReason) |
| 494 | { | 592 | { |
| 495 | case DLL_PROCESS_ATTACH: | 593 | case DLL_PROCESS_ATTACH: |
| 594 | OPENSSL_cpuid_setup(); | ||
| 496 | #if defined(_WIN32_WINNT) | 595 | #if defined(_WIN32_WINNT) |
| 497 | { | 596 | { |
| 498 | IMAGE_DOS_HEADER *dos_header = (IMAGE_DOS_HEADER *)hinstDLL; | 597 | IMAGE_DOS_HEADER *dos_header = (IMAGE_DOS_HEADER *)hinstDLL; |
| @@ -521,11 +620,11 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, | |||
| 521 | } | 620 | } |
| 522 | #endif | 621 | #endif |
| 523 | 622 | ||
| 524 | #if defined(_WIN32) | 623 | #if defined(_WIN32) && !defined(__CYGWIN__) |
| 525 | #include <tchar.h> | 624 | #include <tchar.h> |
| 526 | 625 | ||
| 527 | #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 | 626 | #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 |
| 528 | static int IsService(void) | 627 | int OPENSSL_isservice(void) |
| 529 | { HWINSTA h; | 628 | { HWINSTA h; |
| 530 | DWORD len; | 629 | DWORD len; |
| 531 | WCHAR *name; | 630 | WCHAR *name; |
| @@ -562,12 +661,15 @@ static int IsService(void) | |||
| 562 | #endif | 661 | #endif |
| 563 | else return 0; | 662 | else return 0; |
| 564 | } | 663 | } |
| 664 | #else | ||
| 665 | int OPENSSL_isservice(void) { return 0; } | ||
| 565 | #endif | 666 | #endif |
| 566 | 667 | ||
| 567 | void OPENSSL_showfatal (const char *fmta,...) | 668 | void OPENSSL_showfatal (const char *fmta,...) |
| 568 | { va_list ap; | 669 | { va_list ap; |
| 569 | TCHAR buf[256]; | 670 | TCHAR buf[256]; |
| 570 | const TCHAR *fmt; | 671 | const TCHAR *fmt; |
| 672 | #ifdef STD_ERROR_HANDLE /* what a dirty trick! */ | ||
| 571 | HANDLE h; | 673 | HANDLE h; |
| 572 | 674 | ||
| 573 | if ((h=GetStdHandle(STD_ERROR_HANDLE)) != NULL && | 675 | if ((h=GetStdHandle(STD_ERROR_HANDLE)) != NULL && |
| @@ -578,6 +680,7 @@ void OPENSSL_showfatal (const char *fmta,...) | |||
| 578 | va_end (ap); | 680 | va_end (ap); |
| 579 | return; | 681 | return; |
| 580 | } | 682 | } |
| 683 | #endif | ||
| 581 | 684 | ||
| 582 | if (sizeof(TCHAR)==sizeof(char)) | 685 | if (sizeof(TCHAR)==sizeof(char)) |
| 583 | fmt=(const TCHAR *)fmta; | 686 | fmt=(const TCHAR *)fmta; |
| @@ -623,7 +726,7 @@ void OPENSSL_showfatal (const char *fmta,...) | |||
| 623 | 726 | ||
| 624 | #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 | 727 | #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 |
| 625 | /* this -------------v--- guards NT-specific calls */ | 728 | /* this -------------v--- guards NT-specific calls */ |
| 626 | if (GetVersion() < 0x80000000 && IsService()) | 729 | if (GetVersion() < 0x80000000 && OPENSSL_isservice()) |
| 627 | { HANDLE h = RegisterEventSource(0,_T("OPENSSL")); | 730 | { HANDLE h = RegisterEventSource(0,_T("OPENSSL")); |
| 628 | const TCHAR *pmsg=buf; | 731 | const TCHAR *pmsg=buf; |
| 629 | ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0); | 732 | ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0); |
| @@ -631,21 +734,7 @@ void OPENSSL_showfatal (const char *fmta,...) | |||
| 631 | } | 734 | } |
| 632 | else | 735 | else |
| 633 | #endif | 736 | #endif |
| 634 | { MSGBOXPARAMS m; | 737 | MessageBox (NULL,buf,_T("OpenSSL: FATAL"),MB_OK|MB_ICONSTOP); |
| 635 | |||
| 636 | m.cbSize = sizeof(m); | ||
| 637 | m.hwndOwner = NULL; | ||
| 638 | m.lpszCaption = _T("OpenSSL: FATAL"); | ||
| 639 | m.dwStyle = MB_OK; | ||
| 640 | m.hInstance = NULL; | ||
| 641 | m.lpszIcon = IDI_ERROR; | ||
| 642 | m.dwContextHelpId = 0; | ||
| 643 | m.lpfnMsgBoxCallback = NULL; | ||
| 644 | m.dwLanguageId = MAKELANGID(LANG_ENGLISH,SUBLANG_ENGLISH_US); | ||
| 645 | m.lpszText = buf; | ||
| 646 | |||
| 647 | MessageBoxIndirect (&m); | ||
| 648 | } | ||
| 649 | } | 738 | } |
| 650 | #else | 739 | #else |
| 651 | void OPENSSL_showfatal (const char *fmta,...) | 740 | void OPENSSL_showfatal (const char *fmta,...) |
| @@ -655,6 +744,7 @@ void OPENSSL_showfatal (const char *fmta,...) | |||
| 655 | vfprintf (stderr,fmta,ap); | 744 | vfprintf (stderr,fmta,ap); |
| 656 | va_end (ap); | 745 | va_end (ap); |
| 657 | } | 746 | } |
| 747 | int OPENSSL_isservice (void) { return 0; } | ||
| 658 | #endif | 748 | #endif |
| 659 | 749 | ||
| 660 | void OpenSSLDie(const char *file,int line,const char *assertion) | 750 | void OpenSSLDie(const char *file,int line,const char *assertion) |
| @@ -666,79 +756,3 @@ void OpenSSLDie(const char *file,int line,const char *assertion) | |||
| 666 | } | 756 | } |
| 667 | 757 | ||
| 668 | void *OPENSSL_stderr(void) { return stderr; } | 758 | void *OPENSSL_stderr(void) { return stderr; } |
| 669 | |||
| 670 | #ifdef OPENSSL_FIPS | ||
| 671 | |||
| 672 | void fips_w_lock(void) { CRYPTO_w_lock(CRYPTO_LOCK_FIPS); } | ||
| 673 | void fips_w_unlock(void) { CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); } | ||
| 674 | void fips_r_lock(void) { CRYPTO_r_lock(CRYPTO_LOCK_FIPS); } | ||
| 675 | void fips_r_unlock(void) { CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); } | ||
| 676 | |||
| 677 | static int fips_started = 0; | ||
| 678 | static unsigned long fips_thread = 0; | ||
| 679 | |||
| 680 | void fips_set_started(void) | ||
| 681 | { | ||
| 682 | fips_started = 1; | ||
| 683 | } | ||
| 684 | |||
| 685 | int fips_is_started(void) | ||
| 686 | { | ||
| 687 | return fips_started; | ||
| 688 | } | ||
| 689 | |||
| 690 | int fips_is_owning_thread(void) | ||
| 691 | { | ||
| 692 | int ret = 0; | ||
| 693 | |||
| 694 | if (fips_is_started()) | ||
| 695 | { | ||
| 696 | CRYPTO_r_lock(CRYPTO_LOCK_FIPS2); | ||
| 697 | if (fips_thread != 0 && fips_thread == CRYPTO_thread_id()) | ||
| 698 | ret = 1; | ||
| 699 | CRYPTO_r_unlock(CRYPTO_LOCK_FIPS2); | ||
| 700 | } | ||
| 701 | return ret; | ||
| 702 | } | ||
| 703 | |||
| 704 | int fips_set_owning_thread(void) | ||
| 705 | { | ||
| 706 | int ret = 0; | ||
| 707 | |||
| 708 | if (fips_is_started()) | ||
| 709 | { | ||
| 710 | CRYPTO_w_lock(CRYPTO_LOCK_FIPS2); | ||
| 711 | if (fips_thread == 0) | ||
| 712 | { | ||
| 713 | fips_thread = CRYPTO_thread_id(); | ||
| 714 | ret = 1; | ||
| 715 | } | ||
| 716 | CRYPTO_w_unlock(CRYPTO_LOCK_FIPS2); | ||
| 717 | } | ||
| 718 | return ret; | ||
| 719 | } | ||
| 720 | |||
| 721 | int fips_clear_owning_thread(void) | ||
| 722 | { | ||
| 723 | int ret = 0; | ||
| 724 | |||
| 725 | if (fips_is_started()) | ||
| 726 | { | ||
| 727 | CRYPTO_w_lock(CRYPTO_LOCK_FIPS2); | ||
| 728 | if (fips_thread == CRYPTO_thread_id()) | ||
| 729 | { | ||
| 730 | fips_thread = 0; | ||
| 731 | ret = 1; | ||
| 732 | } | ||
| 733 | CRYPTO_w_unlock(CRYPTO_LOCK_FIPS2); | ||
| 734 | } | ||
| 735 | return ret; | ||
| 736 | } | ||
| 737 | |||
| 738 | unsigned char *fips_signature_witness(void) | ||
| 739 | { | ||
| 740 | extern unsigned char FIPS_signature[]; | ||
| 741 | return FIPS_signature; | ||
| 742 | } | ||
| 743 | #endif /* OPENSSL_FIPS */ | ||
| 744 | |||
diff --git a/src/lib/libcrypto/cryptlib.h b/src/lib/libcrypto/cryptlib.h index 6f59e08ca6..5ceaa964b5 100644 --- a/src/lib/libcrypto/cryptlib.h +++ b/src/lib/libcrypto/cryptlib.h | |||
| @@ -64,6 +64,11 @@ | |||
| 64 | 64 | ||
| 65 | #include "e_os.h" | 65 | #include "e_os.h" |
| 66 | 66 | ||
| 67 | #ifdef OPENSSL_USE_APPLINK | ||
| 68 | #define BIO_FLAGS_UPLINK 0x8000 | ||
| 69 | #include "ms/uplink.h" | ||
| 70 | #endif | ||
| 71 | |||
| 67 | #include <openssl/crypto.h> | 72 | #include <openssl/crypto.h> |
| 68 | #include <openssl/buffer.h> | 73 | #include <openssl/buffer.h> |
| 69 | #include <openssl/bio.h> | 74 | #include <openssl/bio.h> |
| @@ -93,9 +98,12 @@ extern "C" { | |||
| 93 | #define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) | 98 | #define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) |
| 94 | #define HEX_SIZE(type) (sizeof(type)*2) | 99 | #define HEX_SIZE(type) (sizeof(type)*2) |
| 95 | 100 | ||
| 101 | void OPENSSL_cpuid_setup(void); | ||
| 102 | extern unsigned long OPENSSL_ia32cap_P; | ||
| 96 | void OPENSSL_showfatal(const char *,...); | 103 | void OPENSSL_showfatal(const char *,...); |
| 97 | void *OPENSSL_stderr(void); | 104 | void *OPENSSL_stderr(void); |
| 98 | extern int OPENSSL_NONPIC_relocated; | 105 | extern int OPENSSL_NONPIC_relocated; |
| 106 | int OPENSSL_isservice(void); | ||
| 99 | 107 | ||
| 100 | #ifdef __cplusplus | 108 | #ifdef __cplusplus |
| 101 | } | 109 | } |
diff --git a/src/lib/libcrypto/crypto-lib.com b/src/lib/libcrypto/crypto-lib.com index 427c321f25..8898f30c1f 100644 --- a/src/lib/libcrypto/crypto-lib.com +++ b/src/lib/libcrypto/crypto-lib.com | |||
| @@ -75,12 +75,15 @@ $ ENDIF | |||
| 75 | $! | 75 | $! |
| 76 | $! Define The Different Encryption Types. | 76 | $! Define The Different Encryption Types. |
| 77 | $! | 77 | $! |
| 78 | $ ENCRYPT_TYPES = "Basic,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ - | 78 | $ ENCRYPT_TYPES = "Basic,"+ - |
| 79 | "DES,RC2,RC4,RC5,IDEA,BF,CAST,"+ - | 79 | "OBJECTS,"+ - |
| 80 | "BN,EC,RSA,DSA,DH,DSO,ENGINE,AES,"+ - | 80 | "MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ - |
| 81 | "BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,"+ - | 81 | "DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,"+ - |
| 82 | "BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,"+ - | ||
| 83 | "BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ - | ||
| 82 | "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ - | 84 | "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ - |
| 83 | "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5" | 85 | "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ - |
| 86 | "STORE,CMS,PQUEUE" | ||
| 84 | $! | 87 | $! |
| 85 | $! Check To Make Sure We Have Valid Command Line Parameters. | 88 | $! Check To Make Sure We Have Valid Command Line Parameters. |
| 86 | $! | 89 | $! |
| @@ -158,11 +161,11 @@ $! | |||
| 158 | $ APPS_DES = "DES/DES,CBC3_ENC" | 161 | $ APPS_DES = "DES/DES,CBC3_ENC" |
| 159 | $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" | 162 | $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" |
| 160 | $ | 163 | $ |
| 161 | $ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time,o_str" | 164 | $ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time,o_str,o_dir" |
| 162 | $ LIB_MD2 = "md2_dgst,md2_one" | 165 | $ LIB_MD2 = "md2_dgst,md2_one" |
| 163 | $ LIB_MD4 = "md4_dgst,md4_one" | 166 | $ LIB_MD4 = "md4_dgst,md4_one" |
| 164 | $ LIB_MD5 = "md5_dgst,md5_one" | 167 | $ LIB_MD5 = "md5_dgst,md5_one" |
| 165 | $ LIB_SHA = "sha_dgst,sha1dgst,sha_one,sha1_one" | 168 | $ LIB_SHA = "sha_dgst,sha1dgst,sha_one,sha1_one,sha256,sha512" |
| 166 | $ LIB_MDC2 = "mdc2dgst,mdc2_one" | 169 | $ LIB_MDC2 = "mdc2dgst,mdc2_one" |
| 167 | $ LIB_HMAC = "hmac" | 170 | $ LIB_HMAC = "hmac" |
| 168 | $ LIB_RIPEMD = "rmd_dgst,rmd_one" | 171 | $ LIB_RIPEMD = "rmd_dgst,rmd_one" |
| @@ -179,34 +182,43 @@ $ LIB_RC5 = "rc5_skey,rc5_ecb,rc5_enc,rc5cfb64,rc5ofb64" | |||
| 179 | $ LIB_IDEA = "i_cbc,i_cfb64,i_ofb64,i_ecb,i_skey" | 182 | $ LIB_IDEA = "i_cbc,i_cfb64,i_ofb64,i_ecb,i_skey" |
| 180 | $ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64" | 183 | $ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64" |
| 181 | $ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64" | 184 | $ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64" |
| 185 | $ LIB_CAMELLIA = "camellia,cmll_misc,cmll_ecb,cmll_cbc,cmll_ofb,"+ - | ||
| 186 | "cmll_cfb,cmll_ctr" | ||
| 187 | $ LIB_SEED = "seed,seed_cbc,seed_ecb,seed_cfb,seed_ofb" | ||
| 182 | $ LIB_BN_ASM = "[.asm]vms.mar,vms-helper" | 188 | $ LIB_BN_ASM = "[.asm]vms.mar,vms-helper" |
| 183 | $ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm" | 189 | $ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm" |
| 184 | $ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ - | 190 | $ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ - |
| 185 | "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ - | 191 | "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ - |
| 186 | "bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ - | 192 | "bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ - |
| 187 | "bn_recp,bn_mont,bn_mpi,bn_exp2,bn_x931p" | 193 | "bn_recp,bn_mont,bn_mpi,bn_exp2,bn_gf2m,bn_nist,"+ - |
| 194 | "bn_depr,bn_const" | ||
| 195 | $ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_nist,ec_cvt,ec_mult,"+ - | ||
| 196 | "ec_err,ec_curve,ec_check,ec_print,ec_asn1,ec_key,"+ - | ||
| 197 | "ec2_smpl,ec2_mult" | ||
| 188 | $ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ - | 198 | $ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ - |
| 189 | "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ - | 199 | "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ - |
| 190 | "rsa_pss,rsa_x931,rsa_asn1" | 200 | "rsa_pss,rsa_x931,rsa_asn1,rsa_depr" |
| 191 | $ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_recp,ecp_nist,ec_cvt,ec_mult,"+ - | 201 | $ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,"+ - |
| 192 | "ec_err" | 202 | "dsa_err,dsa_ossl,dsa_depr" |
| 193 | $ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err,dsa_ossl" | 203 | $ LIB_ECDSA = "ecs_lib,ecs_asn1,ecs_ossl,ecs_sign,ecs_vrf,ecs_err" |
| 194 | $ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err" | 204 | $ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr" |
| 205 | $ LIB_ECDH = "ech_lib,ech_ossl,ech_key,ech_err" | ||
| 195 | $ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ - | 206 | $ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ - |
| 196 | "dso_openssl,dso_win32,dso_vms" | 207 | "dso_openssl,dso_win32,dso_vms" |
| 197 | $ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ - | 208 | $ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ - |
| 198 | "eng_table,eng_pkey,eng_fat,eng_all,"+ - | 209 | "eng_table,eng_pkey,eng_fat,eng_all,"+ - |
| 199 | "tb_rsa,tb_dsa,tb_dh,tb_rand,tb_cipher,tb_digest,"+ - | 210 | "tb_rsa,tb_dsa,tb_ecdsa,tb_dh,tb_ecdh,tb_rand,tb_store,"+ - |
| 200 | "eng_openssl,eng_dyn,eng_cnf,"+ - | 211 | "tb_cipher,tb_digest,"+ - |
| 201 | "hw_atalla,hw_cswift,hw_ncipher,hw_nuron,hw_ubsec,"+ - | 212 | "eng_openssl,eng_dyn,eng_cnf,eng_cryptodev,eng_padlock" |
| 202 | "hw_cryptodev,hw_aep,hw_sureware,hw_4758_cca" | 213 | $ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,"+ - |
| 203 | $ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,aes_ctr" | 214 | "aes_ctr,aes_ige,aes_wrap" |
| 204 | $ LIB_BUFFER = "buffer,buf_err" | 215 | $ LIB_BUFFER = "buffer,buf_err" |
| 205 | $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - | 216 | $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - |
| 206 | "bss_mem,bss_null,bss_fd,"+ - | 217 | "bss_mem,bss_null,bss_fd,"+ - |
| 207 | "bss_file,bss_sock,bss_conn,"+ - | 218 | "bss_file,bss_sock,bss_conn,"+ - |
| 208 | "bf_null,bf_buff,b_print,b_dump,"+ - | 219 | "bf_null,bf_buff,b_print,b_dump,"+ - |
| 209 | "b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio,bss_log,"+ - | 220 | "b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio,bss_log,"+ - |
| 221 | "bss_dgram,"+ - | ||
| 210 | "bf_lbuf" | 222 | "bf_lbuf" |
| 211 | $ LIB_STACK = "stack" | 223 | $ LIB_STACK = "stack" |
| 212 | $ LIB_LHASH = "lhash,lh_stats" | 224 | $ LIB_LHASH = "lhash,lh_stats" |
| @@ -215,11 +227,11 @@ $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ - | |||
| 215 | $ LIB_ERR = "err,err_all,err_prn" | 227 | $ LIB_ERR = "err,err_all,err_prn" |
| 216 | $ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err" | 228 | $ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err" |
| 217 | $ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,"+ - | 229 | $ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,"+ - |
| 218 | "e_des,e_bf,e_idea,e_des3,"+ - | 230 | "e_des,e_bf,e_idea,e_des3,e_camellia,e_seed,"+ - |
| 219 | "e_rc4,e_aes,names,"+ - | 231 | "e_rc4,e_aes,names,"+ - |
| 220 | "e_xcbc_d,e_rc2,e_cast,e_rc5" | 232 | "e_xcbc_d,e_rc2,e_cast,e_rc5" |
| 221 | $ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + - | 233 | $ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + - |
| 222 | "m_dss,m_dss1,m_mdc2,m_ripemd,"+ - | 234 | "m_dss,m_dss1,m_mdc2,m_ripemd,m_ecdsa,"+ - |
| 223 | "p_open,p_seal,p_sign,p_verify,p_lib,p_enc,p_dec,"+ - | 235 | "p_open,p_seal,p_sign,p_verify,p_lib,p_enc,p_dec,"+ - |
| 224 | "bio_md,bio_b64,bio_enc,evp_err,e_null,"+ - | 236 | "bio_md,bio_b64,bio_enc,evp_err,e_null,"+ - |
| 225 | "c_all,c_allc,c_alld,evp_lib,bio_ok,"+- | 237 | "c_all,c_allc,c_alld,evp_lib,bio_ok,"+- |
| @@ -233,8 +245,8 @@ $ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ - | |||
| 233 | $ LIB_ASN1_2 = "t_req,t_x509,t_x509a,t_crl,t_pkey,t_spki,t_bitst,"+ - | 245 | $ LIB_ASN1_2 = "t_req,t_x509,t_x509a,t_crl,t_pkey,t_spki,t_bitst,"+ - |
| 234 | "tasn_new,tasn_fre,tasn_enc,tasn_dec,tasn_utl,tasn_typ,"+ - | 246 | "tasn_new,tasn_fre,tasn_enc,tasn_dec,tasn_utl,tasn_typ,"+ - |
| 235 | "f_int,f_string,n_pkey,"+ - | 247 | "f_int,f_string,n_pkey,"+ - |
| 236 | "f_enum,a_hdr,x_pkey,a_bool,x_exten,"+ - | 248 | "f_enum,a_hdr,x_pkey,a_bool,x_exten,asn_mime,"+ - |
| 237 | "asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,a_strnid,"+ - | 249 | "asn1_gen,asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,a_strnid,"+ - |
| 238 | "evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey,asn_moid" | 250 | "evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey,asn_moid" |
| 239 | $ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err,"+ - | 251 | $ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err,"+ - |
| 240 | "pem_x509,pem_xaux,pem_oth,pem_pk8,pem_pkey" | 252 | "pem_x509,pem_xaux,pem_oth,pem_pk8,pem_pkey" |
| @@ -243,11 +255,13 @@ $ LIB_X509 = "x509_def,x509_d2,x509_r2x,x509_cmp,"+ - | |||
| 243 | "x509_set,x509cset,x509rset,x509_err,"+ - | 255 | "x509_set,x509cset,x509rset,x509_err,"+ - |
| 244 | "x509name,x509_v3,x509_ext,x509_att,"+ - | 256 | "x509name,x509_v3,x509_ext,x509_att,"+ - |
| 245 | "x509type,x509_lu,x_all,x509_txt,"+ - | 257 | "x509type,x509_lu,x_all,x509_txt,"+ - |
| 246 | "x509_trs,by_file,by_dir" | 258 | "x509_trs,by_file,by_dir,x509_vpm" |
| 247 | $ LIB_X509V3 = "v3_bcons,v3_bitst,v3_conf,v3_extku,v3_ia5,v3_lib,"+ - | 259 | $ LIB_X509V3 = "v3_bcons,v3_bitst,v3_conf,v3_extku,v3_ia5,v3_lib,"+ - |
| 248 | "v3_prn,v3_utl,v3err,v3_genn,v3_alt,v3_skey,v3_akey,v3_pku,"+ - | 260 | "v3_prn,v3_utl,v3err,v3_genn,v3_alt,v3_skey,v3_akey,v3_pku,"+ - |
| 249 | "v3_int,v3_enum,v3_sxnet,v3_cpols,v3_crld,v3_purp,v3_info,"+ - | 261 | "v3_int,v3_enum,v3_sxnet,v3_cpols,v3_crld,v3_purp,v3_info,"+ - |
| 250 | "v3_ocsp,v3_akeya,v3_pcia,v3_pci" | 262 | "v3_ocsp,v3_akeya,v3_pmaps,v3_pcons,v3_ncons,v3_pcia,v3_pci,"+ - |
| 263 | "pcy_cache,pcy_node,pcy_data,pcy_map,pcy_tree,pcy_lib,"+ - | ||
| 264 | "v3_asid,v3_addr" | ||
| 251 | $ LIB_CONF = "conf_err,conf_lib,conf_api,conf_def,conf_mod,conf_mall,conf_sap" | 265 | $ LIB_CONF = "conf_err,conf_lib,conf_api,conf_def,conf_mod,conf_mall,conf_sap" |
| 252 | $ LIB_TXT_DB = "txt_db" | 266 | $ LIB_TXT_DB = "txt_db" |
| 253 | $ LIB_PKCS7 = "pk7_asn1,pk7_lib,pkcs7err,pk7_doit,pk7_smime,pk7_attr,"+ - | 267 | $ LIB_PKCS7 = "pk7_asn1,pk7_lib,pkcs7err,pk7_doit,pk7_smime,pk7_attr,"+ - |
| @@ -262,13 +276,17 @@ $ LIB_OCSP = "ocsp_asn,ocsp_ext,ocsp_ht,ocsp_lib,ocsp_cl,"+ - | |||
| 262 | $ LIB_UI_COMPAT = ",ui_compat" | 276 | $ LIB_UI_COMPAT = ",ui_compat" |
| 263 | $ LIB_UI = "ui_err,ui_lib,ui_openssl,ui_util"+LIB_UI_COMPAT | 277 | $ LIB_UI = "ui_err,ui_lib,ui_openssl,ui_util"+LIB_UI_COMPAT |
| 264 | $ LIB_KRB5 = "krb5_asn" | 278 | $ LIB_KRB5 = "krb5_asn" |
| 279 | $ LIB_STORE = "str_err,str_lib,str_meth,str_mem" | ||
| 280 | $ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ - | ||
| 281 | "cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess" | ||
| 282 | $ LIB_PQUEUE = "pqueue" | ||
| 265 | $! | 283 | $! |
| 266 | $! Setup exceptional compilations | 284 | $! Setup exceptional compilations |
| 267 | $! | 285 | $! |
| 268 | $ ! Add definitions for no threads on OpenVMS 7.1 and higher | 286 | $ ! Add definitions for no threads on OpenVMS 7.1 and higher |
| 269 | $ COMPILEWITH_CC3 = ",bss_rtcp," | 287 | $ COMPILEWITH_CC3 = ",bss_rtcp," |
| 270 | $ ! Disable the DOLLARID warning | 288 | $ ! Disable the DOLLARID warning |
| 271 | $ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time," | 289 | $ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time,o_dir" |
| 272 | $ ! Disable disjoint optimization | 290 | $ ! Disable disjoint optimization |
| 273 | $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - | 291 | $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - |
| 274 | "sha_dgst,sha1dgst,rmd_dgst,bf_enc," | 292 | "sha_dgst,sha1dgst,rmd_dgst,bf_enc," |
diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h index 22fd939e65..d2b5ffe332 100644 --- a/src/lib/libcrypto/crypto.h +++ b/src/lib/libcrypto/crypto.h | |||
| @@ -1,4 +1,57 @@ | |||
| 1 | /* crypto/crypto.h */ | 1 | /* crypto/crypto.h */ |
| 2 | /* ==================================================================== | ||
| 3 | * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. | ||
| 4 | * | ||
| 5 | * Redistribution and use in source and binary forms, with or without | ||
| 6 | * modification, are permitted provided that the following conditions | ||
| 7 | * are met: | ||
| 8 | * | ||
| 9 | * 1. Redistributions of source code must retain the above copyright | ||
| 10 | * notice, this list of conditions and the following disclaimer. | ||
| 11 | * | ||
| 12 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer in | ||
| 14 | * the documentation and/or other materials provided with the | ||
| 15 | * distribution. | ||
| 16 | * | ||
| 17 | * 3. All advertising materials mentioning features or use of this | ||
| 18 | * software must display the following acknowledgment: | ||
| 19 | * "This product includes software developed by the OpenSSL Project | ||
| 20 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 21 | * | ||
| 22 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 23 | * endorse or promote products derived from this software without | ||
| 24 | * prior written permission. For written permission, please contact | ||
| 25 | * openssl-core@openssl.org. | ||
| 26 | * | ||
| 27 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 28 | * nor may "OpenSSL" appear in their names without prior written | ||
| 29 | * permission of the OpenSSL Project. | ||
| 30 | * | ||
| 31 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 32 | * acknowledgment: | ||
| 33 | * "This product includes software developed by the OpenSSL Project | ||
| 34 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 35 | * | ||
| 36 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 37 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 38 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 39 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 40 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 41 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 42 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 43 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 44 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 45 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 46 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 47 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 48 | * ==================================================================== | ||
| 49 | * | ||
| 50 | * This product includes cryptographic software written by Eric Young | ||
| 51 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 52 | * Hudson (tjh@cryptsoft.com). | ||
| 53 | * | ||
| 54 | */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 55 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 56 | * All rights reserved. |
| 4 | * | 57 | * |
| @@ -55,12 +108,19 @@ | |||
| 55 | * copied and put under another distribution licence | 108 | * copied and put under another distribution licence |
| 56 | * [including the GNU Public Licence.] | 109 | * [including the GNU Public Licence.] |
| 57 | */ | 110 | */ |
| 111 | /* ==================================================================== | ||
| 112 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 113 | * ECDH support in OpenSSL originally developed by | ||
| 114 | * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | ||
| 115 | */ | ||
| 58 | 116 | ||
| 59 | #ifndef HEADER_CRYPTO_H | 117 | #ifndef HEADER_CRYPTO_H |
| 60 | #define HEADER_CRYPTO_H | 118 | #define HEADER_CRYPTO_H |
| 61 | 119 | ||
| 62 | #include <stdlib.h> | 120 | #include <stdlib.h> |
| 63 | 121 | ||
| 122 | #include <openssl/e_os2.h> | ||
| 123 | |||
| 64 | #ifndef OPENSSL_NO_FP_API | 124 | #ifndef OPENSSL_NO_FP_API |
| 65 | #include <stdio.h> | 125 | #include <stdio.h> |
| 66 | #endif | 126 | #endif |
| @@ -68,6 +128,7 @@ | |||
| 68 | #include <openssl/stack.h> | 128 | #include <openssl/stack.h> |
| 69 | #include <openssl/safestack.h> | 129 | #include <openssl/safestack.h> |
| 70 | #include <openssl/opensslv.h> | 130 | #include <openssl/opensslv.h> |
| 131 | #include <openssl/ossl_typ.h> | ||
| 71 | 132 | ||
| 72 | #ifdef CHARSET_EBCDIC | 133 | #ifdef CHARSET_EBCDIC |
| 73 | #include <openssl/ebcdic.h> | 134 | #include <openssl/ebcdic.h> |
| @@ -92,15 +153,39 @@ extern "C" { | |||
| 92 | #define SSLEAY_PLATFORM 4 | 153 | #define SSLEAY_PLATFORM 4 |
| 93 | #define SSLEAY_DIR 5 | 154 | #define SSLEAY_DIR 5 |
| 94 | 155 | ||
| 156 | /* Already declared in ossl_typ.h */ | ||
| 157 | #if 0 | ||
| 158 | typedef struct crypto_ex_data_st CRYPTO_EX_DATA; | ||
| 159 | /* Called when a new object is created */ | ||
| 160 | typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, | ||
| 161 | int idx, long argl, void *argp); | ||
| 162 | /* Called when an object is free()ed */ | ||
| 163 | typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, | ||
| 164 | int idx, long argl, void *argp); | ||
| 165 | /* Called when we need to dup an object */ | ||
| 166 | typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, | ||
| 167 | int idx, long argl, void *argp); | ||
| 168 | #endif | ||
| 169 | |||
| 170 | /* A generic structure to pass assorted data in a expandable way */ | ||
| 171 | typedef struct openssl_item_st | ||
| 172 | { | ||
| 173 | int code; | ||
| 174 | void *value; /* Not used for flag attributes */ | ||
| 175 | size_t value_size; /* Max size of value for output, length for input */ | ||
| 176 | size_t *value_length; /* Returned length of value for output */ | ||
| 177 | } OPENSSL_ITEM; | ||
| 178 | |||
| 179 | |||
| 95 | /* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock | 180 | /* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock |
| 96 | * names in cryptlib.c | 181 | * names in cryptlib.c |
| 97 | */ | 182 | */ |
| 98 | 183 | ||
| 99 | #define CRYPTO_LOCK_ERR 1 | 184 | #define CRYPTO_LOCK_ERR 1 |
| 100 | #define CRYPTO_LOCK_EX_DATA 2 | 185 | #define CRYPTO_LOCK_EX_DATA 2 |
| 101 | #define CRYPTO_LOCK_X509 3 | 186 | #define CRYPTO_LOCK_X509 3 |
| 102 | #define CRYPTO_LOCK_X509_INFO 4 | 187 | #define CRYPTO_LOCK_X509_INFO 4 |
| 103 | #define CRYPTO_LOCK_X509_PKEY 5 | 188 | #define CRYPTO_LOCK_X509_PKEY 5 |
| 104 | #define CRYPTO_LOCK_X509_CRL 6 | 189 | #define CRYPTO_LOCK_X509_CRL 6 |
| 105 | #define CRYPTO_LOCK_X509_REQ 7 | 190 | #define CRYPTO_LOCK_X509_REQ 7 |
| 106 | #define CRYPTO_LOCK_DSA 8 | 191 | #define CRYPTO_LOCK_DSA 8 |
| @@ -127,10 +212,14 @@ extern "C" { | |||
| 127 | #define CRYPTO_LOCK_DYNLOCK 29 | 212 | #define CRYPTO_LOCK_DYNLOCK 29 |
| 128 | #define CRYPTO_LOCK_ENGINE 30 | 213 | #define CRYPTO_LOCK_ENGINE 30 |
| 129 | #define CRYPTO_LOCK_UI 31 | 214 | #define CRYPTO_LOCK_UI 31 |
| 130 | #define CRYPTO_LOCK_HWCRHK 32 /* This is a HACK which will disappear in 0.9.8 */ | 215 | #define CRYPTO_LOCK_ECDSA 32 |
| 131 | #define CRYPTO_LOCK_FIPS 33 | 216 | #define CRYPTO_LOCK_EC 33 |
| 132 | #define CRYPTO_LOCK_FIPS2 34 | 217 | #define CRYPTO_LOCK_ECDH 34 |
| 133 | #define CRYPTO_NUM_LOCKS 35 | 218 | #define CRYPTO_LOCK_BN 35 |
| 219 | #define CRYPTO_LOCK_EC_PRE_COMP 36 | ||
| 220 | #define CRYPTO_LOCK_STORE 37 | ||
| 221 | #define CRYPTO_LOCK_COMP 38 | ||
| 222 | #define CRYPTO_NUM_LOCKS 39 | ||
| 134 | 223 | ||
| 135 | #define CRYPTO_LOCK 1 | 224 | #define CRYPTO_LOCK 1 |
| 136 | #define CRYPTO_UNLOCK 2 | 225 | #define CRYPTO_UNLOCK 2 |
| @@ -191,21 +280,11 @@ typedef struct | |||
| 191 | /* predec of the BIO type */ | 280 | /* predec of the BIO type */ |
| 192 | typedef struct bio_st BIO_dummy; | 281 | typedef struct bio_st BIO_dummy; |
| 193 | 282 | ||
| 194 | typedef struct crypto_ex_data_st | 283 | struct crypto_ex_data_st |
| 195 | { | 284 | { |
| 196 | STACK *sk; | 285 | STACK *sk; |
| 197 | int dummy; /* gcc is screwing up this data structure :-( */ | 286 | int dummy; /* gcc is screwing up this data structure :-( */ |
| 198 | } CRYPTO_EX_DATA; | 287 | }; |
| 199 | |||
| 200 | /* Called when a new object is created */ | ||
| 201 | typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, | ||
| 202 | int idx, long argl, void *argp); | ||
| 203 | /* Called when an object is free()ed */ | ||
| 204 | typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, | ||
| 205 | int idx, long argl, void *argp); | ||
| 206 | /* Called when we need to dup an object */ | ||
| 207 | typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, | ||
| 208 | int idx, long argl, void *argp); | ||
| 209 | 288 | ||
| 210 | /* This stuff is basically class callback functions | 289 | /* This stuff is basically class callback functions |
| 211 | * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */ | 290 | * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */ |
| @@ -237,6 +316,10 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) | |||
| 237 | #define CRYPTO_EX_INDEX_ENGINE 9 | 316 | #define CRYPTO_EX_INDEX_ENGINE 9 |
| 238 | #define CRYPTO_EX_INDEX_X509 10 | 317 | #define CRYPTO_EX_INDEX_X509 10 |
| 239 | #define CRYPTO_EX_INDEX_UI 11 | 318 | #define CRYPTO_EX_INDEX_UI 11 |
| 319 | #define CRYPTO_EX_INDEX_ECDSA 12 | ||
| 320 | #define CRYPTO_EX_INDEX_ECDH 13 | ||
| 321 | #define CRYPTO_EX_INDEX_COMP 14 | ||
| 322 | #define CRYPTO_EX_INDEX_STORE 15 | ||
| 240 | 323 | ||
| 241 | /* Dynamically assigned indexes start from this value (don't use directly, use | 324 | /* Dynamically assigned indexes start from this value (don't use directly, use |
| 242 | * via CRYPTO_ex_data_new_class). */ | 325 | * via CRYPTO_ex_data_new_class). */ |
| @@ -434,61 +517,10 @@ void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb); | |||
| 434 | 517 | ||
| 435 | /* die if we have to */ | 518 | /* die if we have to */ |
| 436 | void OpenSSLDie(const char *file,int line,const char *assertion); | 519 | void OpenSSLDie(const char *file,int line,const char *assertion); |
| 437 | #define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1)) | 520 | #define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1)) |
| 438 | |||
| 439 | #ifdef OPENSSL_FIPS | ||
| 440 | #define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \ | ||
| 441 | alg " previous FIPS forbidden algorithm error ignored"); | ||
| 442 | |||
| 443 | #define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \ | ||
| 444 | #alg " Algorithm forbidden in FIPS mode"); | ||
| 445 | |||
| 446 | #ifdef OPENSSL_FIPS_STRICT | ||
| 447 | #define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg) | ||
| 448 | #else | ||
| 449 | #define FIPS_BAD_ALGORITHM(alg) \ | ||
| 450 | { \ | ||
| 451 | FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \ | ||
| 452 | ERR_add_error_data(2, "Algorithm=", #alg); \ | ||
| 453 | return 0; \ | ||
| 454 | } | ||
| 455 | #endif | ||
| 456 | |||
| 457 | /* Low level digest API blocking macro */ | ||
| 458 | |||
| 459 | #define FIPS_NON_FIPS_MD_Init(alg) \ | ||
| 460 | int alg##_Init(alg##_CTX *c) \ | ||
| 461 | { \ | ||
| 462 | if (FIPS_mode()) \ | ||
| 463 | FIPS_BAD_ALGORITHM(alg) \ | ||
| 464 | return private_##alg##_Init(c); \ | ||
| 465 | } \ | ||
| 466 | int private_##alg##_Init(alg##_CTX *c) | ||
| 467 | |||
| 468 | /* For ciphers the API often varies from cipher to cipher and each needs to | ||
| 469 | * be treated as a special case. Variable key length ciphers (Blowfish, RC4, | ||
| 470 | * CAST) however are very similar and can use a blocking macro. | ||
| 471 | */ | ||
| 472 | |||
| 473 | #define FIPS_NON_FIPS_VCIPHER_Init(alg) \ | ||
| 474 | void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) \ | ||
| 475 | { \ | ||
| 476 | if (FIPS_mode()) \ | ||
| 477 | FIPS_BAD_ABORT(alg) \ | ||
| 478 | private_##alg##_set_key(key, len, data); \ | ||
| 479 | } \ | ||
| 480 | void private_##alg##_set_key(alg##_KEY *key, int len, \ | ||
| 481 | const unsigned char *data) | ||
| 482 | |||
| 483 | #else | ||
| 484 | |||
| 485 | #define FIPS_NON_FIPS_VCIPHER_Init(alg) \ | ||
| 486 | void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) | ||
| 487 | |||
| 488 | #define FIPS_NON_FIPS_MD_Init(alg) \ | ||
| 489 | int alg##_Init(alg##_CTX *c) | ||
| 490 | 521 | ||
| 491 | #endif /* def OPENSSL_FIPS */ | 522 | unsigned long *OPENSSL_ia32cap_loc(void); |
| 523 | #define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc())) | ||
| 492 | 524 | ||
| 493 | /* BEGIN ERROR CODES */ | 525 | /* BEGIN ERROR CODES */ |
| 494 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 526 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
diff --git a/src/lib/libcrypto/cversion.c b/src/lib/libcrypto/cversion.c index beeeb14013..ea9f25fd16 100644 --- a/src/lib/libcrypto/cversion.c +++ b/src/lib/libcrypto/cversion.c | |||
| @@ -56,10 +56,7 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <stdio.h> | ||
| 60 | #include <string.h> | ||
| 61 | #include "cryptlib.h" | 59 | #include "cryptlib.h" |
| 62 | #include <openssl/crypto.h> | ||
| 63 | 60 | ||
| 64 | #ifndef NO_WINDOWS_BRAINDEATH | 61 | #ifndef NO_WINDOWS_BRAINDEATH |
| 65 | #include "buildinf.h" | 62 | #include "buildinf.h" |
diff --git a/src/lib/libcrypto/des/cfb64ede.c b/src/lib/libcrypto/des/cfb64ede.c index f3c6018528..de34ecceb9 100644 --- a/src/lib/libcrypto/des/cfb64ede.c +++ b/src/lib/libcrypto/des/cfb64ede.c | |||
| @@ -152,8 +152,8 @@ void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out, | |||
| 152 | DES_cblock *ivec,int enc) | 152 | DES_cblock *ivec,int enc) |
| 153 | { | 153 | { |
| 154 | register DES_LONG d0,d1,v0,v1; | 154 | register DES_LONG d0,d1,v0,v1; |
| 155 | register long l=length; | 155 | register unsigned long l=length,n=((unsigned int)numbits+7)/8; |
| 156 | register int num=numbits,n=(numbits+7)/8,i; | 156 | register int num=numbits,i; |
| 157 | DES_LONG ti[2]; | 157 | DES_LONG ti[2]; |
| 158 | unsigned char *iv; | 158 | unsigned char *iv; |
| 159 | unsigned char ovec[16]; | 159 | unsigned char ovec[16]; |
diff --git a/src/lib/libcrypto/des/cfb_enc.c b/src/lib/libcrypto/des/cfb_enc.c index 03cabb223c..720f29a28e 100644 --- a/src/lib/libcrypto/des/cfb_enc.c +++ b/src/lib/libcrypto/des/cfb_enc.c | |||
| @@ -58,6 +58,7 @@ | |||
| 58 | 58 | ||
| 59 | #include "e_os.h" | 59 | #include "e_os.h" |
| 60 | #include "des_locl.h" | 60 | #include "des_locl.h" |
| 61 | #include <assert.h> | ||
| 61 | 62 | ||
| 62 | /* The input and output are loaded in multiples of 8 bits. | 63 | /* The input and output are loaded in multiples of 8 bits. |
| 63 | * What this means is that if you hame numbits=12 and length=2 | 64 | * What this means is that if you hame numbits=12 and length=2 |
| @@ -72,19 +73,29 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, | |||
| 72 | int enc) | 73 | int enc) |
| 73 | { | 74 | { |
| 74 | register DES_LONG d0,d1,v0,v1; | 75 | register DES_LONG d0,d1,v0,v1; |
| 75 | register unsigned long l=length,n=(numbits+7)/8; | 76 | register unsigned long l=length; |
| 76 | register int num=numbits,i; | 77 | register int num=numbits/8,n=(numbits+7)/8,i,rem=numbits%8; |
| 77 | DES_LONG ti[2]; | 78 | DES_LONG ti[2]; |
| 78 | unsigned char *iv; | 79 | unsigned char *iv; |
| 80 | #ifndef L_ENDIAN | ||
| 79 | unsigned char ovec[16]; | 81 | unsigned char ovec[16]; |
| 82 | #else | ||
| 83 | unsigned int sh[4]; | ||
| 84 | unsigned char *ovec=(unsigned char *)sh; | ||
| 80 | 85 | ||
| 81 | if (num > 64) return; | 86 | /* I kind of count that compiler optimizes away this assertioni,*/ |
| 87 | assert (sizeof(sh[0])==4); /* as this holds true for all, */ | ||
| 88 | /* but 16-bit platforms... */ | ||
| 89 | |||
| 90 | #endif | ||
| 91 | |||
| 92 | if (numbits<=0 || numbits > 64) return; | ||
| 82 | iv = &(*ivec)[0]; | 93 | iv = &(*ivec)[0]; |
| 83 | c2l(iv,v0); | 94 | c2l(iv,v0); |
| 84 | c2l(iv,v1); | 95 | c2l(iv,v1); |
| 85 | if (enc) | 96 | if (enc) |
| 86 | { | 97 | { |
| 87 | while (l >= n) | 98 | while (l >= (unsigned long)n) |
| 88 | { | 99 | { |
| 89 | l-=n; | 100 | l-=n; |
| 90 | ti[0]=v0; | 101 | ti[0]=v0; |
| @@ -98,35 +109,40 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, | |||
| 98 | out+=n; | 109 | out+=n; |
| 99 | /* 30-08-94 - eay - changed because l>>32 and | 110 | /* 30-08-94 - eay - changed because l>>32 and |
| 100 | * l<<32 are bad under gcc :-( */ | 111 | * l<<32 are bad under gcc :-( */ |
| 101 | if (num == 32) | 112 | if (numbits == 32) |
| 102 | { v0=v1; v1=d0; } | 113 | { v0=v1; v1=d0; } |
| 103 | else if (num == 64) | 114 | else if (numbits == 64) |
| 104 | { v0=d0; v1=d1; } | 115 | { v0=d0; v1=d1; } |
| 105 | else | 116 | else |
| 106 | { | 117 | { |
| 118 | #ifndef L_ENDIAN | ||
| 107 | iv=&ovec[0]; | 119 | iv=&ovec[0]; |
| 108 | l2c(v0,iv); | 120 | l2c(v0,iv); |
| 109 | l2c(v1,iv); | 121 | l2c(v1,iv); |
| 110 | l2c(d0,iv); | 122 | l2c(d0,iv); |
| 111 | l2c(d1,iv); | 123 | l2c(d1,iv); |
| 112 | /* shift ovec left most of the bits... */ | 124 | #else |
| 113 | memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0)); | 125 | sh[0]=v0, sh[1]=v1, sh[2]=d0, sh[3]=d1; |
| 114 | /* now the remaining bits */ | 126 | #endif |
| 115 | if(num%8 != 0) | 127 | if (rem==0) |
| 128 | memmove(ovec,ovec+num,8); | ||
| 129 | else | ||
| 116 | for(i=0 ; i < 8 ; ++i) | 130 | for(i=0 ; i < 8 ; ++i) |
| 117 | { | 131 | ovec[i]=ovec[i+num]<<rem | |
| 118 | ovec[i]<<=num%8; | 132 | ovec[i+num+1]>>(8-rem); |
| 119 | ovec[i]|=ovec[i+1]>>(8-num%8); | 133 | #ifdef L_ENDIAN |
| 120 | } | 134 | v0=sh[0], v1=sh[1]; |
| 135 | #else | ||
| 121 | iv=&ovec[0]; | 136 | iv=&ovec[0]; |
| 122 | c2l(iv,v0); | 137 | c2l(iv,v0); |
| 123 | c2l(iv,v1); | 138 | c2l(iv,v1); |
| 139 | #endif | ||
| 124 | } | 140 | } |
| 125 | } | 141 | } |
| 126 | } | 142 | } |
| 127 | else | 143 | else |
| 128 | { | 144 | { |
| 129 | while (l >= n) | 145 | while (l >= (unsigned long)n) |
| 130 | { | 146 | { |
| 131 | l-=n; | 147 | l-=n; |
| 132 | ti[0]=v0; | 148 | ti[0]=v0; |
| @@ -136,29 +152,34 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, | |||
| 136 | in+=n; | 152 | in+=n; |
| 137 | /* 30-08-94 - eay - changed because l>>32 and | 153 | /* 30-08-94 - eay - changed because l>>32 and |
| 138 | * l<<32 are bad under gcc :-( */ | 154 | * l<<32 are bad under gcc :-( */ |
| 139 | if (num == 32) | 155 | if (numbits == 32) |
| 140 | { v0=v1; v1=d0; } | 156 | { v0=v1; v1=d0; } |
| 141 | else if (num == 64) | 157 | else if (numbits == 64) |
| 142 | { v0=d0; v1=d1; } | 158 | { v0=d0; v1=d1; } |
| 143 | else | 159 | else |
| 144 | { | 160 | { |
| 161 | #ifndef L_ENDIAN | ||
| 145 | iv=&ovec[0]; | 162 | iv=&ovec[0]; |
| 146 | l2c(v0,iv); | 163 | l2c(v0,iv); |
| 147 | l2c(v1,iv); | 164 | l2c(v1,iv); |
| 148 | l2c(d0,iv); | 165 | l2c(d0,iv); |
| 149 | l2c(d1,iv); | 166 | l2c(d1,iv); |
| 150 | /* shift ovec left most of the bits... */ | 167 | #else |
| 151 | memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0)); | 168 | sh[0]=v0, sh[1]=v1, sh[2]=d0, sh[3]=d1; |
| 152 | /* now the remaining bits */ | 169 | #endif |
| 153 | if(num%8 != 0) | 170 | if (rem==0) |
| 171 | memmove(ovec,ovec+num,8); | ||
| 172 | else | ||
| 154 | for(i=0 ; i < 8 ; ++i) | 173 | for(i=0 ; i < 8 ; ++i) |
| 155 | { | 174 | ovec[i]=ovec[i+num]<<rem | |
| 156 | ovec[i]<<=num%8; | 175 | ovec[i+num+1]>>(8-rem); |
| 157 | ovec[i]|=ovec[i+1]>>(8-num%8); | 176 | #ifdef L_ENDIAN |
| 158 | } | 177 | v0=sh[0], v1=sh[1]; |
| 178 | #else | ||
| 159 | iv=&ovec[0]; | 179 | iv=&ovec[0]; |
| 160 | c2l(iv,v0); | 180 | c2l(iv,v0); |
| 161 | c2l(iv,v1); | 181 | c2l(iv,v1); |
| 182 | #endif | ||
| 162 | } | 183 | } |
| 163 | d0^=ti[0]; | 184 | d0^=ti[0]; |
| 164 | d1^=ti[1]; | 185 | d1^=ti[1]; |
diff --git a/src/lib/libcrypto/des/des.h b/src/lib/libcrypto/des/des.h index 81bd874edd..7318593699 100644 --- a/src/lib/libcrypto/des/des.h +++ b/src/lib/libcrypto/des/des.h | |||
| @@ -59,13 +59,13 @@ | |||
| 59 | #ifndef HEADER_DES_H | 59 | #ifndef HEADER_DES_H |
| 60 | #define HEADER_DES_H | 60 | #define HEADER_DES_H |
| 61 | 61 | ||
| 62 | #include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES, | ||
| 63 | DES_LONG (via openssl/opensslconf.h */ | ||
| 64 | |||
| 62 | #ifdef OPENSSL_NO_DES | 65 | #ifdef OPENSSL_NO_DES |
| 63 | #error DES is disabled. | 66 | #error DES is disabled. |
| 64 | #endif | 67 | #endif |
| 65 | 68 | ||
| 66 | #include <openssl/opensslconf.h> /* DES_LONG */ | ||
| 67 | #include <openssl/e_os2.h> /* OPENSSL_EXTERN */ | ||
| 68 | |||
| 69 | #ifdef OPENSSL_BUILD_SHLIBCRYPTO | 69 | #ifdef OPENSSL_BUILD_SHLIBCRYPTO |
| 70 | # undef OPENSSL_EXTERN | 70 | # undef OPENSSL_EXTERN |
| 71 | # define OPENSSL_EXTERN OPENSSL_EXPORT | 71 | # define OPENSSL_EXTERN OPENSSL_EXPORT |
| @@ -130,7 +130,7 @@ OPENSSL_DECLARE_GLOBAL(int,DES_rw_mode); /* defaults to DES_PCBC_MODE */ | |||
| 130 | #define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode) | 130 | #define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode) |
| 131 | 131 | ||
| 132 | const char *DES_options(void); | 132 | const char *DES_options(void); |
| 133 | void DES_ecb3_encrypt(const unsigned char *input, unsigned char *output, | 133 | void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, |
| 134 | DES_key_schedule *ks1,DES_key_schedule *ks2, | 134 | DES_key_schedule *ks1,DES_key_schedule *ks2, |
| 135 | DES_key_schedule *ks3, int enc); | 135 | DES_key_schedule *ks3, int enc); |
| 136 | DES_LONG DES_cbc_cksum(const unsigned char *input,DES_cblock *output, | 136 | DES_LONG DES_cbc_cksum(const unsigned char *input,DES_cblock *output, |
| @@ -197,9 +197,10 @@ void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out, | |||
| 197 | long length,DES_key_schedule *ks1, | 197 | long length,DES_key_schedule *ks1, |
| 198 | DES_key_schedule *ks2,DES_key_schedule *ks3, | 198 | DES_key_schedule *ks2,DES_key_schedule *ks3, |
| 199 | DES_cblock *ivec,int *num); | 199 | DES_cblock *ivec,int *num); |
| 200 | 200 | #if 0 | |
| 201 | void DES_xwhite_in2out(const_DES_cblock *DES_key,const_DES_cblock *in_white, | 201 | void DES_xwhite_in2out(const_DES_cblock *DES_key,const_DES_cblock *in_white, |
| 202 | DES_cblock *out_white); | 202 | DES_cblock *out_white); |
| 203 | #endif | ||
| 203 | 204 | ||
| 204 | int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched, | 205 | int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched, |
| 205 | DES_cblock *iv); | 206 | DES_cblock *iv); |
diff --git a/src/lib/libcrypto/des/des_enc.c b/src/lib/libcrypto/des/des_enc.c index 6a49ec4a55..53705b9f5b 100644 --- a/src/lib/libcrypto/des/des_enc.c +++ b/src/lib/libcrypto/des/des_enc.c | |||
| @@ -58,9 +58,6 @@ | |||
| 58 | 58 | ||
| 59 | #include "des_locl.h" | 59 | #include "des_locl.h" |
| 60 | 60 | ||
| 61 | #ifndef OPENSSL_FIPS | ||
| 62 | #ifndef OPENBSD_DES_ASM | ||
| 63 | |||
| 64 | void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc) | 61 | void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc) |
| 65 | { | 62 | { |
| 66 | register DES_LONG l,r,t,u; | 63 | register DES_LONG l,r,t,u; |
| @@ -291,12 +288,8 @@ void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1, | |||
| 291 | data[1]=r; | 288 | data[1]=r; |
| 292 | } | 289 | } |
| 293 | 290 | ||
| 294 | #endif /* ndef OPENSSL_FIPS */ | ||
| 295 | |||
| 296 | #ifndef DES_DEFAULT_OPTIONS | 291 | #ifndef DES_DEFAULT_OPTIONS |
| 297 | 292 | ||
| 298 | #if !defined(OPENSSL_FIPS_DES_ASM) | ||
| 299 | |||
| 300 | #undef CBC_ENC_C__DONT_UPDATE_IV | 293 | #undef CBC_ENC_C__DONT_UPDATE_IV |
| 301 | #include "ncbc_enc.c" /* DES_ncbc_encrypt */ | 294 | #include "ncbc_enc.c" /* DES_ncbc_encrypt */ |
| 302 | 295 | ||
| @@ -412,6 +405,4 @@ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output, | |||
| 412 | tin[0]=tin[1]=0; | 405 | tin[0]=tin[1]=0; |
| 413 | } | 406 | } |
| 414 | 407 | ||
| 415 | #endif /* !defined(OPENSSL_FIPS_DES_ASM) */ | ||
| 416 | |||
| 417 | #endif /* DES_DEFAULT_OPTIONS */ | 408 | #endif /* DES_DEFAULT_OPTIONS */ |
diff --git a/src/lib/libcrypto/des/des_locl.h b/src/lib/libcrypto/des/des_locl.h index 8f04b18c50..4b9ecff233 100644 --- a/src/lib/libcrypto/des/des_locl.h +++ b/src/lib/libcrypto/des/des_locl.h | |||
| @@ -160,7 +160,7 @@ | |||
| 160 | } \ | 160 | } \ |
| 161 | } | 161 | } |
| 162 | 162 | ||
| 163 | #if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER) | 163 | #if (defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)) || defined(__ICC) |
| 164 | #define ROTATE(a,n) (_lrotr(a,n)) | 164 | #define ROTATE(a,n) (_lrotr(a,n)) |
| 165 | #elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC) | 165 | #elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC) |
| 166 | # if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) | 166 | # if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) |
diff --git a/src/lib/libcrypto/des/des_old.c b/src/lib/libcrypto/des/des_old.c index 88e9802aad..7c33ed7a93 100644 --- a/src/lib/libcrypto/des/des_old.c +++ b/src/lib/libcrypto/des/des_old.c | |||
| @@ -84,7 +84,7 @@ void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock | |||
| 84 | des_key_schedule ks1,des_key_schedule ks2, | 84 | des_key_schedule ks1,des_key_schedule ks2, |
| 85 | des_key_schedule ks3, int enc) | 85 | des_key_schedule ks3, int enc) |
| 86 | { | 86 | { |
| 87 | DES_ecb3_encrypt((const unsigned char *)input, (unsigned char *)output, | 87 | DES_ecb3_encrypt((const_DES_cblock *)input, output, |
| 88 | (DES_key_schedule *)ks1, (DES_key_schedule *)ks2, | 88 | (DES_key_schedule *)ks1, (DES_key_schedule *)ks2, |
| 89 | (DES_key_schedule *)ks3, enc); | 89 | (DES_key_schedule *)ks3, enc); |
| 90 | } | 90 | } |
| @@ -169,11 +169,13 @@ void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out, | |||
| 169 | (DES_key_schedule *)ks3, ivec, num); | 169 | (DES_key_schedule *)ks3, ivec, num); |
| 170 | } | 170 | } |
| 171 | 171 | ||
| 172 | #if 0 /* broken code, preserved just in case anyone specifically looks for this */ | ||
| 172 | void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white), | 173 | void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white), |
| 173 | _ossl_old_des_cblock (*out_white)) | 174 | _ossl_old_des_cblock (*out_white)) |
| 174 | { | 175 | { |
| 175 | DES_xwhite_in2out(des_key, in_white, out_white); | 176 | DES_xwhite_in2out(des_key, in_white, out_white); |
| 176 | } | 177 | } |
| 178 | #endif | ||
| 177 | 179 | ||
| 178 | int _ossl_old_des_enc_read(int fd,char *buf,int len,des_key_schedule sched, | 180 | int _ossl_old_des_enc_read(int fd,char *buf,int len,des_key_schedule sched, |
| 179 | _ossl_old_des_cblock *iv) | 181 | _ossl_old_des_cblock *iv) |
diff --git a/src/lib/libcrypto/des/des_old.h b/src/lib/libcrypto/des/des_old.h index 1d8bf65101..8665ba4e7e 100644 --- a/src/lib/libcrypto/des/des_old.h +++ b/src/lib/libcrypto/des/des_old.h | |||
| @@ -91,6 +91,8 @@ | |||
| 91 | #ifndef HEADER_DES_OLD_H | 91 | #ifndef HEADER_DES_OLD_H |
| 92 | #define HEADER_DES_OLD_H | 92 | #define HEADER_DES_OLD_H |
| 93 | 93 | ||
| 94 | #include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */ | ||
| 95 | |||
| 94 | #ifdef OPENSSL_NO_DES | 96 | #ifdef OPENSSL_NO_DES |
| 95 | #error DES is disabled. | 97 | #error DES is disabled. |
| 96 | #endif | 98 | #endif |
| @@ -103,8 +105,6 @@ | |||
| 103 | #error <openssl/des_old.h> replaces <kerberos/des.h>. | 105 | #error <openssl/des_old.h> replaces <kerberos/des.h>. |
| 104 | #endif | 106 | #endif |
| 105 | 107 | ||
| 106 | #include <openssl/opensslconf.h> /* DES_LONG */ | ||
| 107 | #include <openssl/e_os2.h> /* OPENSSL_EXTERN */ | ||
| 108 | #include <openssl/symhacks.h> | 108 | #include <openssl/symhacks.h> |
| 109 | 109 | ||
| 110 | #ifdef OPENSSL_BUILD_SHLIBCRYPTO | 110 | #ifdef OPENSSL_BUILD_SHLIBCRYPTO |
| @@ -116,6 +116,10 @@ | |||
| 116 | extern "C" { | 116 | extern "C" { |
| 117 | #endif | 117 | #endif |
| 118 | 118 | ||
| 119 | #ifdef _ | ||
| 120 | #undef _ | ||
| 121 | #endif | ||
| 122 | |||
| 119 | typedef unsigned char _ossl_old_des_cblock[8]; | 123 | typedef unsigned char _ossl_old_des_cblock[8]; |
| 120 | typedef struct _ossl_old_des_ks_struct | 124 | typedef struct _ossl_old_des_ks_struct |
| 121 | { | 125 | { |
| @@ -171,9 +175,9 @@ typedef struct _ossl_old_des_ks_struct | |||
| 171 | DES_enc_write((f),(b),(l),&(k),(iv)) | 175 | DES_enc_write((f),(b),(l),&(k),(iv)) |
| 172 | #define des_fcrypt(b,s,r)\ | 176 | #define des_fcrypt(b,s,r)\ |
| 173 | DES_fcrypt((b),(s),(r)) | 177 | DES_fcrypt((b),(s),(r)) |
| 178 | #if 0 | ||
| 174 | #define des_crypt(b,s)\ | 179 | #define des_crypt(b,s)\ |
| 175 | DES_crypt((b),(s)) | 180 | DES_crypt((b),(s)) |
| 176 | #if 0 | ||
| 177 | #if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__) | 181 | #if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__) |
| 178 | #define crypt(b,s)\ | 182 | #define crypt(b,s)\ |
| 179 | DES_crypt((b),(s)) | 183 | DES_crypt((b),(s)) |
| @@ -360,9 +364,10 @@ void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out, | |||
| 360 | void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out, | 364 | void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out, |
| 361 | long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2, | 365 | long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2, |
| 362 | _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num); | 366 | _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num); |
| 363 | 367 | #if 0 | |
| 364 | void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white), | 368 | void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white), |
| 365 | _ossl_old_des_cblock (*out_white)); | 369 | _ossl_old_des_cblock (*out_white)); |
| 370 | #endif | ||
| 366 | 371 | ||
| 367 | int _ossl_old_des_enc_read(int fd,char *buf,int len,_ossl_old_des_key_schedule sched, | 372 | int _ossl_old_des_enc_read(int fd,char *buf,int len,_ossl_old_des_key_schedule sched, |
| 368 | _ossl_old_des_cblock *iv); | 373 | _ossl_old_des_cblock *iv); |
diff --git a/src/lib/libcrypto/des/des_opts.c b/src/lib/libcrypto/des/des_opts.c index 79278b920e..2df82962c5 100644 --- a/src/lib/libcrypto/des/des_opts.c +++ b/src/lib/libcrypto/des/des_opts.c | |||
| @@ -71,7 +71,11 @@ | |||
| 71 | #include <io.h> | 71 | #include <io.h> |
| 72 | extern void exit(); | 72 | extern void exit(); |
| 73 | #endif | 73 | #endif |
| 74 | |||
| 75 | #ifndef OPENSSL_SYS_NETWARE | ||
| 74 | #include <signal.h> | 76 | #include <signal.h> |
| 77 | #endif | ||
| 78 | |||
| 75 | #ifndef _IRIX | 79 | #ifndef _IRIX |
| 76 | #include <time.h> | 80 | #include <time.h> |
| 77 | #endif | 81 | #endif |
diff --git a/src/lib/libcrypto/des/des_ver.h b/src/lib/libcrypto/des/des_ver.h index 379bbadda2..d1ada258a6 100644 --- a/src/lib/libcrypto/des/des_ver.h +++ b/src/lib/libcrypto/des/des_ver.h | |||
| @@ -67,5 +67,5 @@ | |||
| 67 | #define DES_version OSSL_DES_version | 67 | #define DES_version OSSL_DES_version |
| 68 | #define libdes_version OSSL_libdes_version | 68 | #define libdes_version OSSL_libdes_version |
| 69 | 69 | ||
| 70 | OPENSSL_EXTERN const char *OSSL_DES_version; /* SSLeay version string */ | 70 | OPENSSL_EXTERN const char OSSL_DES_version[]; /* SSLeay version string */ |
| 71 | OPENSSL_EXTERN const char *OSSL_libdes_version; /* old libdes version string */ | 71 | OPENSSL_EXTERN const char OSSL_libdes_version[]; /* old libdes version string */ |
diff --git a/src/lib/libcrypto/des/destest.c b/src/lib/libcrypto/des/destest.c index e3e9d77f14..64b92a34fe 100644 --- a/src/lib/libcrypto/des/destest.c +++ b/src/lib/libcrypto/des/destest.c | |||
| @@ -84,7 +84,7 @@ int main(int argc, char *argv[]) | |||
| 84 | #else | 84 | #else |
| 85 | #include <openssl/des.h> | 85 | #include <openssl/des.h> |
| 86 | 86 | ||
| 87 | #define crypt(c,s) (des_crypt((c),(s))) | 87 | #define crypt(c,s) (DES_crypt((c),(s))) |
| 88 | 88 | ||
| 89 | /* tisk tisk - the test keys don't all have odd parity :-( */ | 89 | /* tisk tisk - the test keys don't all have odd parity :-( */ |
| 90 | /* test data */ | 90 | /* test data */ |
| @@ -333,7 +333,8 @@ static int cfb64_test(unsigned char *cfb_cipher); | |||
| 333 | static int ede_cfb64_test(unsigned char *cfb_cipher); | 333 | static int ede_cfb64_test(unsigned char *cfb_cipher); |
| 334 | int main(int argc, char *argv[]) | 334 | int main(int argc, char *argv[]) |
| 335 | { | 335 | { |
| 336 | int i,j,err=0; | 336 | int j,err=0; |
| 337 | unsigned int i; | ||
| 337 | des_cblock in,out,outin,iv3,iv2; | 338 | des_cblock in,out,outin,iv3,iv2; |
| 338 | des_key_schedule ks,ks2,ks3; | 339 | des_key_schedule ks,ks2,ks3; |
| 339 | unsigned char cbc_in[40]; | 340 | unsigned char cbc_in[40]; |
| @@ -391,7 +392,7 @@ int main(int argc, char *argv[]) | |||
| 391 | DES_ede3_cbcm_encrypt(cbc_out,cbc_in,i,&ks,&ks2,&ks3,&iv3,&iv2,DES_DECRYPT); | 392 | DES_ede3_cbcm_encrypt(cbc_out,cbc_in,i,&ks,&ks2,&ks3,&iv3,&iv2,DES_DECRYPT); |
| 392 | if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0) | 393 | if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0) |
| 393 | { | 394 | { |
| 394 | int n; | 395 | unsigned int n; |
| 395 | 396 | ||
| 396 | printf("des_ede3_cbcm_encrypt decrypt error\n"); | 397 | printf("des_ede3_cbcm_encrypt decrypt error\n"); |
| 397 | for(n=0 ; n < i ; ++n) | 398 | for(n=0 ; n < i ; ++n) |
| @@ -439,8 +440,8 @@ int main(int argc, char *argv[]) | |||
| 439 | memcpy(in,plain_data[i],8); | 440 | memcpy(in,plain_data[i],8); |
| 440 | memset(out,0,8); | 441 | memset(out,0,8); |
| 441 | memset(outin,0,8); | 442 | memset(outin,0,8); |
| 442 | des_ecb2_encrypt(in,out,ks,ks2,DES_ENCRYPT); | 443 | des_ecb2_encrypt(&in,&out,ks,ks2,DES_ENCRYPT); |
| 443 | des_ecb2_encrypt(out,outin,ks,ks2,DES_DECRYPT); | 444 | des_ecb2_encrypt(&out,&outin,ks,ks2,DES_DECRYPT); |
| 444 | 445 | ||
| 445 | if (memcmp(out,cipher_ecb2[i],8) != 0) | 446 | if (memcmp(out,cipher_ecb2[i],8) != 0) |
| 446 | { | 447 | { |
| @@ -540,7 +541,7 @@ int main(int argc, char *argv[]) | |||
| 540 | if (memcmp(cbc_out,cbc3_ok, | 541 | if (memcmp(cbc_out,cbc3_ok, |
| 541 | (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0) | 542 | (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0) |
| 542 | { | 543 | { |
| 543 | int n; | 544 | unsigned int n; |
| 544 | 545 | ||
| 545 | printf("des_ede3_cbc_encrypt encrypt error\n"); | 546 | printf("des_ede3_cbc_encrypt encrypt error\n"); |
| 546 | for(n=0 ; n < i ; ++n) | 547 | for(n=0 ; n < i ; ++n) |
| @@ -556,7 +557,7 @@ int main(int argc, char *argv[]) | |||
| 556 | des_ede3_cbc_encrypt(cbc_out,cbc_in,i,ks,ks2,ks3,&iv3,DES_DECRYPT); | 557 | des_ede3_cbc_encrypt(cbc_out,cbc_in,i,ks,ks2,ks3,&iv3,DES_DECRYPT); |
| 557 | if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0) | 558 | if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0) |
| 558 | { | 559 | { |
| 559 | int n; | 560 | unsigned int n; |
| 560 | 561 | ||
| 561 | printf("des_ede3_cbc_encrypt decrypt error\n"); | 562 | printf("des_ede3_cbc_encrypt decrypt error\n"); |
| 562 | for(n=0 ; n < i ; ++n) | 563 | for(n=0 ; n < i ; ++n) |
| @@ -820,6 +821,9 @@ plain[8+4], plain[8+5], plain[8+6], plain[8+7]); | |||
| 820 | printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str); | 821 | printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str); |
| 821 | err=1; | 822 | err=1; |
| 822 | } | 823 | } |
| 824 | #ifdef OPENSSL_SYS_NETWARE | ||
| 825 | if (err) printf("ERROR: %d\n", err); | ||
| 826 | #endif | ||
| 823 | printf("\n"); | 827 | printf("\n"); |
| 824 | return(err); | 828 | return(err); |
| 825 | } | 829 | } |
diff --git a/src/lib/libcrypto/des/ecb3_enc.c b/src/lib/libcrypto/des/ecb3_enc.c index fa0c9c4d4f..c3437bc606 100644 --- a/src/lib/libcrypto/des/ecb3_enc.c +++ b/src/lib/libcrypto/des/ecb3_enc.c | |||
| @@ -58,13 +58,15 @@ | |||
| 58 | 58 | ||
| 59 | #include "des_locl.h" | 59 | #include "des_locl.h" |
| 60 | 60 | ||
| 61 | void DES_ecb3_encrypt(const unsigned char *in, unsigned char *out, | 61 | void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, |
| 62 | DES_key_schedule *ks1, DES_key_schedule *ks2, | 62 | DES_key_schedule *ks1, DES_key_schedule *ks2, |
| 63 | DES_key_schedule *ks3, | 63 | DES_key_schedule *ks3, |
| 64 | int enc) | 64 | int enc) |
| 65 | { | 65 | { |
| 66 | register DES_LONG l0,l1; | 66 | register DES_LONG l0,l1; |
| 67 | DES_LONG ll[2]; | 67 | DES_LONG ll[2]; |
| 68 | const unsigned char *in = &(*input)[0]; | ||
| 69 | unsigned char *out = &(*output)[0]; | ||
| 68 | 70 | ||
| 69 | c2l(in,l0); | 71 | c2l(in,l0); |
| 70 | c2l(in,l1); | 72 | c2l(in,l1); |
diff --git a/src/lib/libcrypto/des/ecb_enc.c b/src/lib/libcrypto/des/ecb_enc.c index 784aa5ba23..00d5b91e8c 100644 --- a/src/lib/libcrypto/des/ecb_enc.c +++ b/src/lib/libcrypto/des/ecb_enc.c | |||
| @@ -62,8 +62,8 @@ | |||
| 62 | #include <openssl/opensslv.h> | 62 | #include <openssl/opensslv.h> |
| 63 | #include <openssl/bio.h> | 63 | #include <openssl/bio.h> |
| 64 | 64 | ||
| 65 | OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT; | 65 | OPENSSL_GLOBAL const char libdes_version[]="libdes" OPENSSL_VERSION_PTEXT; |
| 66 | OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT; | 66 | OPENSSL_GLOBAL const char DES_version[]="DES" OPENSSL_VERSION_PTEXT; |
| 67 | 67 | ||
| 68 | const char *DES_options(void) | 68 | const char *DES_options(void) |
| 69 | { | 69 | { |
diff --git a/src/lib/libcrypto/des/ede_cbcm_enc.c b/src/lib/libcrypto/des/ede_cbcm_enc.c index fa45aa272b..adfcb75cf3 100644 --- a/src/lib/libcrypto/des/ede_cbcm_enc.c +++ b/src/lib/libcrypto/des/ede_cbcm_enc.c | |||
| @@ -68,6 +68,8 @@ http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz | |||
| 68 | 68 | ||
| 69 | */ | 69 | */ |
| 70 | 70 | ||
| 71 | #include <openssl/opensslconf.h> /* To see if OPENSSL_NO_DESCBCM is defined */ | ||
| 72 | |||
| 71 | #ifndef OPENSSL_NO_DESCBCM | 73 | #ifndef OPENSSL_NO_DESCBCM |
| 72 | #include "des_locl.h" | 74 | #include "des_locl.h" |
| 73 | 75 | ||
diff --git a/src/lib/libcrypto/des/fcrypt.c b/src/lib/libcrypto/des/fcrypt.c index 2758c32656..ccbdff250f 100644 --- a/src/lib/libcrypto/des/fcrypt.c +++ b/src/lib/libcrypto/des/fcrypt.c | |||
| @@ -58,9 +58,6 @@ static unsigned const char cov_2char[64]={ | |||
| 58 | 0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A | 58 | 0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A |
| 59 | }; | 59 | }; |
| 60 | 60 | ||
| 61 | void fcrypt_body(DES_LONG *out,DES_key_schedule *ks, | ||
| 62 | DES_LONG Eswap0, DES_LONG Eswap1); | ||
| 63 | |||
| 64 | char *DES_crypt(const char *buf, const char *salt) | 61 | char *DES_crypt(const char *buf, const char *salt) |
| 65 | { | 62 | { |
| 66 | static char buff[14]; | 63 | static char buff[14]; |
diff --git a/src/lib/libcrypto/des/read2pwd.c b/src/lib/libcrypto/des/read2pwd.c index 3a63c4016c..ee6969f76e 100644 --- a/src/lib/libcrypto/des/read2pwd.c +++ b/src/lib/libcrypto/des/read2pwd.c | |||
| @@ -112,6 +112,7 @@ | |||
| 112 | #include <string.h> | 112 | #include <string.h> |
| 113 | #include <openssl/des.h> | 113 | #include <openssl/des.h> |
| 114 | #include <openssl/ui.h> | 114 | #include <openssl/ui.h> |
| 115 | #include <openssl/crypto.h> | ||
| 115 | 116 | ||
| 116 | int DES_read_password(DES_cblock *key, const char *prompt, int verify) | 117 | int DES_read_password(DES_cblock *key, const char *prompt, int verify) |
| 117 | { | 118 | { |
diff --git a/src/lib/libcrypto/des/set_key.c b/src/lib/libcrypto/des/set_key.c index 8881d46a7a..a43ef3c881 100644 --- a/src/lib/libcrypto/des/set_key.c +++ b/src/lib/libcrypto/des/set_key.c | |||
| @@ -65,8 +65,6 @@ | |||
| 65 | */ | 65 | */ |
| 66 | #include "des_locl.h" | 66 | #include "des_locl.h" |
| 67 | 67 | ||
| 68 | #ifndef OPENSSL_FIPS | ||
| 69 | |||
| 70 | OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key); /* defaults to false */ | 68 | OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key); /* defaults to false */ |
| 71 | 69 | ||
| 72 | static const unsigned char odd_parity[256]={ | 70 | static const unsigned char odd_parity[256]={ |
| @@ -89,7 +87,7 @@ static const unsigned char odd_parity[256]={ | |||
| 89 | 87 | ||
| 90 | void DES_set_odd_parity(DES_cblock *key) | 88 | void DES_set_odd_parity(DES_cblock *key) |
| 91 | { | 89 | { |
| 92 | int i; | 90 | unsigned int i; |
| 93 | 91 | ||
| 94 | for (i=0; i<DES_KEY_SZ; i++) | 92 | for (i=0; i<DES_KEY_SZ; i++) |
| 95 | (*key)[i]=odd_parity[(*key)[i]]; | 93 | (*key)[i]=odd_parity[(*key)[i]]; |
| @@ -97,7 +95,7 @@ void DES_set_odd_parity(DES_cblock *key) | |||
| 97 | 95 | ||
| 98 | int DES_check_key_parity(const_DES_cblock *key) | 96 | int DES_check_key_parity(const_DES_cblock *key) |
| 99 | { | 97 | { |
| 100 | int i; | 98 | unsigned int i; |
| 101 | 99 | ||
| 102 | for (i=0; i<DES_KEY_SZ; i++) | 100 | for (i=0; i<DES_KEY_SZ; i++) |
| 103 | { | 101 | { |
| @@ -117,7 +115,7 @@ int DES_check_key_parity(const_DES_cblock *key) | |||
| 117 | * (and actual cblock values). | 115 | * (and actual cblock values). |
| 118 | */ | 116 | */ |
| 119 | #define NUM_WEAK_KEY 16 | 117 | #define NUM_WEAK_KEY 16 |
| 120 | static DES_cblock weak_keys[NUM_WEAK_KEY]={ | 118 | static const DES_cblock weak_keys[NUM_WEAK_KEY]={ |
| 121 | /* weak keys */ | 119 | /* weak keys */ |
| 122 | {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, | 120 | {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, |
| 123 | {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE}, | 121 | {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE}, |
| @@ -407,5 +405,3 @@ void des_fixup_key_parity(des_cblock *key) | |||
| 407 | des_set_odd_parity(key); | 405 | des_set_odd_parity(key); |
| 408 | } | 406 | } |
| 409 | */ | 407 | */ |
| 410 | |||
| 411 | #endif /* ndef OPENSSL_FIPS */ | ||
diff --git a/src/lib/libcrypto/des/speed.c b/src/lib/libcrypto/des/speed.c index 48fc1d49fc..1616f4b7c9 100644 --- a/src/lib/libcrypto/des/speed.c +++ b/src/lib/libcrypto/des/speed.c | |||
| @@ -69,7 +69,11 @@ | |||
| 69 | #include OPENSSL_UNISTD_IO | 69 | #include OPENSSL_UNISTD_IO |
| 70 | OPENSSL_DECLARE_EXIT | 70 | OPENSSL_DECLARE_EXIT |
| 71 | 71 | ||
| 72 | #ifndef OPENSSL_SYS_NETWARE | ||
| 72 | #include <signal.h> | 73 | #include <signal.h> |
| 74 | #define crypt(c,s) (des_crypt((c),(s))) | ||
| 75 | #endif | ||
| 76 | |||
| 73 | #ifndef _IRIX | 77 | #ifndef _IRIX |
| 74 | #include <time.h> | 78 | #include <time.h> |
| 75 | #endif | 79 | #endif |
diff --git a/src/lib/libcrypto/des/str2key.c b/src/lib/libcrypto/des/str2key.c index 0373db469c..9c2054bda6 100644 --- a/src/lib/libcrypto/des/str2key.c +++ b/src/lib/libcrypto/des/str2key.c | |||
| @@ -57,6 +57,7 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include "des_locl.h" | 59 | #include "des_locl.h" |
| 60 | #include <openssl/crypto.h> | ||
| 60 | 61 | ||
| 61 | void DES_string_to_key(const char *str, DES_cblock *key) | 62 | void DES_string_to_key(const char *str, DES_cblock *key) |
| 62 | { | 63 | { |
diff --git a/src/lib/libcrypto/des/xcbc_enc.c b/src/lib/libcrypto/des/xcbc_enc.c index 47246eb466..dc0c761b71 100644 --- a/src/lib/libcrypto/des/xcbc_enc.c +++ b/src/lib/libcrypto/des/xcbc_enc.c | |||
| @@ -60,6 +60,7 @@ | |||
| 60 | 60 | ||
| 61 | /* RSA's DESX */ | 61 | /* RSA's DESX */ |
| 62 | 62 | ||
| 63 | #if 0 /* broken code, preserved just in case anyone specifically looks for this */ | ||
| 63 | static unsigned char desx_white_in2out[256]={ | 64 | static unsigned char desx_white_in2out[256]={ |
| 64 | 0xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0, | 65 | 0xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0, |
| 65 | 0x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A, | 66 | 0x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A, |
| @@ -98,7 +99,7 @@ void DES_xwhite_in2out(const_DES_cblock *des_key, const_DES_cblock *in_white, | |||
| 98 | } | 99 | } |
| 99 | 100 | ||
| 100 | out0=out[0]; | 101 | out0=out[0]; |
| 101 | out1=out[i]; | 102 | out1=out[i]; /* BUG: out-of-bounds read */ |
| 102 | for (i=0; i<8; i++) | 103 | for (i=0; i<8; i++) |
| 103 | { | 104 | { |
| 104 | out[i]=in[i]^desx_white_in2out[out0^out1]; | 105 | out[i]=in[i]^desx_white_in2out[out0^out1]; |
| @@ -106,6 +107,7 @@ void DES_xwhite_in2out(const_DES_cblock *des_key, const_DES_cblock *in_white, | |||
| 106 | out1=(int)out[i&0x07]; | 107 | out1=(int)out[i&0x07]; |
| 107 | } | 108 | } |
| 108 | } | 109 | } |
| 110 | #endif | ||
| 109 | 111 | ||
| 110 | void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out, | 112 | void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out, |
| 111 | long length, DES_key_schedule *schedule, | 113 | long length, DES_key_schedule *schedule, |
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h index 582b34329f..0afabc7dd3 100644 --- a/src/lib/libcrypto/dh/dh.h +++ b/src/lib/libcrypto/dh/dh.h | |||
| @@ -59,6 +59,8 @@ | |||
| 59 | #ifndef HEADER_DH_H | 59 | #ifndef HEADER_DH_H |
| 60 | #define HEADER_DH_H | 60 | #define HEADER_DH_H |
| 61 | 61 | ||
| 62 | #include <openssl/e_os2.h> | ||
| 63 | |||
| 62 | #ifdef OPENSSL_NO_DH | 64 | #ifdef OPENSSL_NO_DH |
| 63 | #error DH is disabled. | 65 | #error DH is disabled. |
| 64 | #endif | 66 | #endif |
| @@ -66,11 +68,14 @@ | |||
| 66 | #ifndef OPENSSL_NO_BIO | 68 | #ifndef OPENSSL_NO_BIO |
| 67 | #include <openssl/bio.h> | 69 | #include <openssl/bio.h> |
| 68 | #endif | 70 | #endif |
| 69 | #include <openssl/bn.h> | ||
| 70 | #include <openssl/crypto.h> | ||
| 71 | #include <openssl/ossl_typ.h> | 71 | #include <openssl/ossl_typ.h> |
| 72 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 73 | #include <openssl/bn.h> | ||
| 74 | #endif | ||
| 72 | 75 | ||
| 73 | #define OPENSSL_DH_MAX_MODULUS_BITS 10000 | 76 | #ifndef OPENSSL_DH_MAX_MODULUS_BITS |
| 77 | # define OPENSSL_DH_MAX_MODULUS_BITS 10000 | ||
| 78 | #endif | ||
| 74 | 79 | ||
| 75 | #define DH_FLAG_CACHE_MONT_P 0x01 | 80 | #define DH_FLAG_CACHE_MONT_P 0x01 |
| 76 | #define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH | 81 | #define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH |
| @@ -85,9 +90,12 @@ | |||
| 85 | extern "C" { | 90 | extern "C" { |
| 86 | #endif | 91 | #endif |
| 87 | 92 | ||
| 88 | typedef struct dh_st DH; | 93 | /* Already defined in ossl_typ.h */ |
| 94 | /* typedef struct dh_st DH; */ | ||
| 95 | /* typedef struct dh_method DH_METHOD; */ | ||
| 89 | 96 | ||
| 90 | typedef struct dh_method { | 97 | struct dh_method |
| 98 | { | ||
| 91 | const char *name; | 99 | const char *name; |
| 92 | /* Methods here */ | 100 | /* Methods here */ |
| 93 | int (*generate_key)(DH *dh); | 101 | int (*generate_key)(DH *dh); |
| @@ -100,7 +108,9 @@ typedef struct dh_method { | |||
| 100 | int (*finish)(DH *dh); | 108 | int (*finish)(DH *dh); |
| 101 | int flags; | 109 | int flags; |
| 102 | char *app_data; | 110 | char *app_data; |
| 103 | } DH_METHOD; | 111 | /* If this is non-NULL, it will be used to generate parameters */ |
| 112 | int (*generate_params)(DH *dh, int prime_len, int generator, BN_GENCB *cb); | ||
| 113 | }; | ||
| 104 | 114 | ||
| 105 | struct dh_st | 115 | struct dh_st |
| 106 | { | 116 | { |
| @@ -115,7 +125,7 @@ struct dh_st | |||
| 115 | BIGNUM *priv_key; /* x */ | 125 | BIGNUM *priv_key; /* x */ |
| 116 | 126 | ||
| 117 | int flags; | 127 | int flags; |
| 118 | char *method_mont_p; | 128 | BN_MONT_CTX *method_mont_p; |
| 119 | /* Place holders if we want to do X9.42 DH */ | 129 | /* Place holders if we want to do X9.42 DH */ |
| 120 | BIGNUM *q; | 130 | BIGNUM *q; |
| 121 | BIGNUM *j; | 131 | BIGNUM *j; |
| @@ -147,21 +157,13 @@ struct dh_st | |||
| 147 | this for backward compatibility: */ | 157 | this for backward compatibility: */ |
| 148 | #define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME | 158 | #define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME |
| 149 | 159 | ||
| 150 | #define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \ | 160 | #define DHparams_dup(x) ASN1_dup_of_const(DH,i2d_DHparams,d2i_DHparams,x) |
| 151 | (char *(*)())d2i_DHparams,(char *)(x)) | ||
| 152 | #define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \ | 161 | #define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \ |
| 153 | (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x)) | 162 | (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x)) |
| 154 | #define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \ | 163 | #define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \ |
| 155 | (unsigned char *)(x)) | 164 | (unsigned char *)(x)) |
| 156 | #define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \ | 165 | #define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x) |
| 157 | (char *(*)())d2i_DHparams,(bp),(unsigned char **)(x)) | 166 | #define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x) |
| 158 | #ifdef __cplusplus | ||
| 159 | #define i2d_DHparams_bio(bp,x) ASN1_i2d_bio((int (*)())i2d_DHparams,(bp), \ | ||
| 160 | (unsigned char *)(x)) | ||
| 161 | #else | ||
| 162 | #define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \ | ||
| 163 | (unsigned char *)(x)) | ||
| 164 | #endif | ||
| 165 | 167 | ||
| 166 | const DH_METHOD *DH_OpenSSL(void); | 168 | const DH_METHOD *DH_OpenSSL(void); |
| 167 | 169 | ||
| @@ -178,8 +180,16 @@ int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, | |||
| 178 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); | 180 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); |
| 179 | int DH_set_ex_data(DH *d, int idx, void *arg); | 181 | int DH_set_ex_data(DH *d, int idx, void *arg); |
| 180 | void *DH_get_ex_data(DH *d, int idx); | 182 | void *DH_get_ex_data(DH *d, int idx); |
| 183 | |||
| 184 | /* Deprecated version */ | ||
| 185 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 181 | DH * DH_generate_parameters(int prime_len,int generator, | 186 | DH * DH_generate_parameters(int prime_len,int generator, |
| 182 | void (*callback)(int,int,void *),void *cb_arg); | 187 | void (*callback)(int,int,void *),void *cb_arg); |
| 188 | #endif /* !defined(OPENSSL_NO_DEPRECATED) */ | ||
| 189 | |||
| 190 | /* New version */ | ||
| 191 | int DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb); | ||
| 192 | |||
| 183 | int DH_check(const DH *dh,int *codes); | 193 | int DH_check(const DH *dh,int *codes); |
| 184 | int DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes); | 194 | int DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes); |
| 185 | int DH_generate_key(DH *dh); | 195 | int DH_generate_key(DH *dh); |
| @@ -204,15 +214,18 @@ void ERR_load_DH_strings(void); | |||
| 204 | /* Error codes for the DH functions. */ | 214 | /* Error codes for the DH functions. */ |
| 205 | 215 | ||
| 206 | /* Function codes. */ | 216 | /* Function codes. */ |
| 217 | #define DH_F_COMPUTE_KEY 102 | ||
| 207 | #define DH_F_DHPARAMS_PRINT 100 | 218 | #define DH_F_DHPARAMS_PRINT 100 |
| 208 | #define DH_F_DHPARAMS_PRINT_FP 101 | 219 | #define DH_F_DHPARAMS_PRINT_FP 101 |
| 209 | #define DH_F_DH_COMPUTE_KEY 102 | 220 | #define DH_F_DH_BUILTIN_GENPARAMS 106 |
| 210 | #define DH_F_DH_GENERATE_KEY 103 | ||
| 211 | #define DH_F_DH_GENERATE_PARAMETERS 104 | ||
| 212 | #define DH_F_DH_NEW_METHOD 105 | 221 | #define DH_F_DH_NEW_METHOD 105 |
| 222 | #define DH_F_GENERATE_KEY 103 | ||
| 223 | #define DH_F_GENERATE_PARAMETERS 104 | ||
| 213 | 224 | ||
| 214 | /* Reason codes. */ | 225 | /* Reason codes. */ |
| 215 | #define DH_R_BAD_GENERATOR 101 | 226 | #define DH_R_BAD_GENERATOR 101 |
| 227 | #define DH_R_INVALID_PUBKEY 102 | ||
| 228 | #define DH_R_MODULUS_TOO_LARGE 103 | ||
| 216 | #define DH_R_NO_PRIVATE_VALUE 100 | 229 | #define DH_R_NO_PRIVATE_VALUE 100 |
| 217 | #define DH_R_INVALID_PUBKEY 102 | 230 | #define DH_R_INVALID_PUBKEY 102 |
| 218 | #define DH_R_MODULUS_TOO_LARGE 103 | 231 | #define DH_R_MODULUS_TOO_LARGE 103 |
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c index 17debff62d..b846913004 100644 --- a/src/lib/libcrypto/dh/dh_check.c +++ b/src/lib/libcrypto/dh/dh_check.c | |||
| @@ -62,7 +62,7 @@ | |||
| 62 | #include <openssl/dh.h> | 62 | #include <openssl/dh.h> |
| 63 | 63 | ||
| 64 | /* Check that p is a safe prime and | 64 | /* Check that p is a safe prime and |
| 65 | * if g is 2, 3 or 5, check that is is a suitable generator | 65 | * if g is 2, 3 or 5, check that it is a suitable generator |
| 66 | * where | 66 | * where |
| 67 | * for 2, p mod 24 == 11 | 67 | * for 2, p mod 24 == 11 |
| 68 | * for 3, p mod 12 == 5 | 68 | * for 3, p mod 12 == 5 |
| @@ -70,8 +70,6 @@ | |||
| 70 | * should hold. | 70 | * should hold. |
| 71 | */ | 71 | */ |
| 72 | 72 | ||
| 73 | #ifndef OPENSSL_FIPS | ||
| 74 | |||
| 75 | int DH_check(const DH *dh, int *ret) | 73 | int DH_check(const DH *dh, int *ret) |
| 76 | { | 74 | { |
| 77 | int ok=0; | 75 | int ok=0; |
| @@ -106,12 +104,12 @@ int DH_check(const DH *dh, int *ret) | |||
| 106 | else | 104 | else |
| 107 | *ret|=DH_UNABLE_TO_CHECK_GENERATOR; | 105 | *ret|=DH_UNABLE_TO_CHECK_GENERATOR; |
| 108 | 106 | ||
| 109 | if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL)) | 107 | if (!BN_is_prime_ex(dh->p,BN_prime_checks,ctx,NULL)) |
| 110 | *ret|=DH_CHECK_P_NOT_PRIME; | 108 | *ret|=DH_CHECK_P_NOT_PRIME; |
| 111 | else | 109 | else |
| 112 | { | 110 | { |
| 113 | if (!BN_rshift1(q,dh->p)) goto err; | 111 | if (!BN_rshift1(q,dh->p)) goto err; |
| 114 | if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL)) | 112 | if (!BN_is_prime_ex(q,BN_prime_checks,ctx,NULL)) |
| 115 | *ret|=DH_CHECK_P_NOT_SAFE_PRIME; | 113 | *ret|=DH_CHECK_P_NOT_SAFE_PRIME; |
| 116 | } | 114 | } |
| 117 | ok=1; | 115 | ok=1; |
| @@ -142,5 +140,3 @@ err: | |||
| 142 | if (q != NULL) BN_free(q); | 140 | if (q != NULL) BN_free(q); |
| 143 | return(ok); | 141 | return(ok); |
| 144 | } | 142 | } |
| 145 | |||
| 146 | #endif | ||
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c index 611067ef4a..b2361c7389 100644 --- a/src/lib/libcrypto/dh/dh_err.c +++ b/src/lib/libcrypto/dh/dh_err.c | |||
| @@ -70,18 +70,21 @@ | |||
| 70 | 70 | ||
| 71 | static ERR_STRING_DATA DH_str_functs[]= | 71 | static ERR_STRING_DATA DH_str_functs[]= |
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"}, | ||
| 73 | {ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"}, | 74 | {ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"}, |
| 74 | {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, | 75 | {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, |
| 75 | {ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"}, | 76 | {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, |
| 76 | {ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"}, | ||
| 77 | {ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"}, | ||
| 78 | {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, | 77 | {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, |
| 78 | {ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"}, | ||
| 79 | {ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"}, | ||
| 79 | {0,NULL} | 80 | {0,NULL} |
| 80 | }; | 81 | }; |
| 81 | 82 | ||
| 82 | static ERR_STRING_DATA DH_str_reasons[]= | 83 | static ERR_STRING_DATA DH_str_reasons[]= |
| 83 | { | 84 | { |
| 84 | {ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"}, | 85 | {ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"}, |
| 86 | {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, | ||
| 87 | {ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, | ||
| 85 | {ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, | 88 | {ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, |
| 86 | {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, | 89 | {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, |
| 87 | {ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, | 90 | {ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, |
| @@ -92,15 +95,12 @@ static ERR_STRING_DATA DH_str_reasons[]= | |||
| 92 | 95 | ||
| 93 | void ERR_load_DH_strings(void) | 96 | void ERR_load_DH_strings(void) |
| 94 | { | 97 | { |
| 95 | static int init=1; | 98 | #ifndef OPENSSL_NO_ERR |
| 96 | 99 | ||
| 97 | if (init) | 100 | if (ERR_func_error_string(DH_str_functs[0].error) == NULL) |
| 98 | { | 101 | { |
| 99 | init=0; | ||
| 100 | #ifndef OPENSSL_NO_ERR | ||
| 101 | ERR_load_strings(0,DH_str_functs); | 102 | ERR_load_strings(0,DH_str_functs); |
| 102 | ERR_load_strings(0,DH_str_reasons); | 103 | ERR_load_strings(0,DH_str_reasons); |
| 103 | #endif | ||
| 104 | |||
| 105 | } | 104 | } |
| 105 | #endif | ||
| 106 | } | 106 | } |
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c index 23777f5a16..cfd5b11868 100644 --- a/src/lib/libcrypto/dh/dh_gen.c +++ b/src/lib/libcrypto/dh/dh_gen.c | |||
| @@ -56,11 +56,25 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | /* NB: These functions have been upgraded - the previous prototypes are in | ||
| 60 | * dh_depr.c as wrappers to these ones. | ||
| 61 | * - Geoff | ||
| 62 | */ | ||
| 63 | |||
| 59 | #include <stdio.h> | 64 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 65 | #include "cryptlib.h" |
| 61 | #include <openssl/bn.h> | 66 | #include <openssl/bn.h> |
| 62 | #include <openssl/dh.h> | 67 | #include <openssl/dh.h> |
| 63 | 68 | ||
| 69 | static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); | ||
| 70 | |||
| 71 | int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) | ||
| 72 | { | ||
| 73 | if(ret->meth->generate_params) | ||
| 74 | return ret->meth->generate_params(ret, prime_len, generator, cb); | ||
| 75 | return dh_builtin_genparams(ret, prime_len, generator, cb); | ||
| 76 | } | ||
| 77 | |||
| 64 | /* We generate DH parameters as follows | 78 | /* We generate DH parameters as follows |
| 65 | * find a prime q which is prime_len/2 bits long. | 79 | * find a prime q which is prime_len/2 bits long. |
| 66 | * p=(2*q)+1 or (p-1)/2 = q | 80 | * p=(2*q)+1 or (p-1)/2 = q |
| @@ -86,29 +100,26 @@ | |||
| 86 | * It's just as OK (and in some sense better) to use a generator of the | 100 | * It's just as OK (and in some sense better) to use a generator of the |
| 87 | * order-q subgroup. | 101 | * order-q subgroup. |
| 88 | */ | 102 | */ |
| 89 | 103 | static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb) | |
| 90 | #ifndef OPENSSL_FIPS | ||
| 91 | |||
| 92 | DH *DH_generate_parameters(int prime_len, int generator, | ||
| 93 | void (*callback)(int,int,void *), void *cb_arg) | ||
| 94 | { | 104 | { |
| 95 | BIGNUM *p=NULL,*t1,*t2; | 105 | BIGNUM *t1,*t2; |
| 96 | DH *ret=NULL; | ||
| 97 | int g,ok= -1; | 106 | int g,ok= -1; |
| 98 | BN_CTX *ctx=NULL; | 107 | BN_CTX *ctx=NULL; |
| 99 | 108 | ||
| 100 | ret=DH_new(); | ||
| 101 | if (ret == NULL) goto err; | ||
| 102 | ctx=BN_CTX_new(); | 109 | ctx=BN_CTX_new(); |
| 103 | if (ctx == NULL) goto err; | 110 | if (ctx == NULL) goto err; |
| 104 | BN_CTX_start(ctx); | 111 | BN_CTX_start(ctx); |
| 105 | t1 = BN_CTX_get(ctx); | 112 | t1 = BN_CTX_get(ctx); |
| 106 | t2 = BN_CTX_get(ctx); | 113 | t2 = BN_CTX_get(ctx); |
| 107 | if (t1 == NULL || t2 == NULL) goto err; | 114 | if (t1 == NULL || t2 == NULL) goto err; |
| 115 | |||
| 116 | /* Make sure 'ret' has the necessary elements */ | ||
| 117 | if(!ret->p && ((ret->p = BN_new()) == NULL)) goto err; | ||
| 118 | if(!ret->g && ((ret->g = BN_new()) == NULL)) goto err; | ||
| 108 | 119 | ||
| 109 | if (generator <= 1) | 120 | if (generator <= 1) |
| 110 | { | 121 | { |
| 111 | DHerr(DH_F_DH_GENERATE_PARAMETERS, DH_R_BAD_GENERATOR); | 122 | DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_BAD_GENERATOR); |
| 112 | goto err; | 123 | goto err; |
| 113 | } | 124 | } |
| 114 | if (generator == DH_GENERATOR_2) | 125 | if (generator == DH_GENERATOR_2) |
| @@ -144,18 +155,14 @@ DH *DH_generate_parameters(int prime_len, int generator, | |||
| 144 | g=generator; | 155 | g=generator; |
| 145 | } | 156 | } |
| 146 | 157 | ||
| 147 | p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg); | 158 | if(!BN_generate_prime_ex(ret->p,prime_len,1,t1,t2,cb)) goto err; |
| 148 | if (p == NULL) goto err; | 159 | if(!BN_GENCB_call(cb, 3, 0)) goto err; |
| 149 | if (callback != NULL) callback(3,0,cb_arg); | ||
| 150 | ret->p=p; | ||
| 151 | ret->g=BN_new(); | ||
| 152 | if (ret->g == NULL) goto err; | ||
| 153 | if (!BN_set_word(ret->g,g)) goto err; | 160 | if (!BN_set_word(ret->g,g)) goto err; |
| 154 | ok=1; | 161 | ok=1; |
| 155 | err: | 162 | err: |
| 156 | if (ok == -1) | 163 | if (ok == -1) |
| 157 | { | 164 | { |
| 158 | DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB); | 165 | DHerr(DH_F_DH_BUILTIN_GENPARAMS,ERR_R_BN_LIB); |
| 159 | ok=0; | 166 | ok=0; |
| 160 | } | 167 | } |
| 161 | 168 | ||
| @@ -164,12 +171,5 @@ err: | |||
| 164 | BN_CTX_end(ctx); | 171 | BN_CTX_end(ctx); |
| 165 | BN_CTX_free(ctx); | 172 | BN_CTX_free(ctx); |
| 166 | } | 173 | } |
| 167 | if (!ok && (ret != NULL)) | 174 | return ok; |
| 168 | { | ||
| 169 | DH_free(ret); | ||
| 170 | ret=NULL; | ||
| 171 | } | ||
| 172 | return(ret); | ||
| 173 | } | 175 | } |
| 174 | |||
| 175 | #endif | ||
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c index 74de589204..e7db440342 100644 --- a/src/lib/libcrypto/dh/dh_key.c +++ b/src/lib/libcrypto/dh/dh_key.c | |||
| @@ -62,8 +62,6 @@ | |||
| 62 | #include <openssl/rand.h> | 62 | #include <openssl/rand.h> |
| 63 | #include <openssl/dh.h> | 63 | #include <openssl/dh.h> |
| 64 | 64 | ||
| 65 | #ifndef OPENSSL_FIPS | ||
| 66 | |||
| 67 | static int generate_key(DH *dh); | 65 | static int generate_key(DH *dh); |
| 68 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); | 66 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); |
| 69 | static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, | 67 | static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, |
| @@ -91,6 +89,7 @@ dh_bn_mod_exp, | |||
| 91 | dh_init, | 89 | dh_init, |
| 92 | dh_finish, | 90 | dh_finish, |
| 93 | 0, | 91 | 0, |
| 92 | NULL, | ||
| 94 | NULL | 93 | NULL |
| 95 | }; | 94 | }; |
| 96 | 95 | ||
| @@ -131,8 +130,7 @@ static int generate_key(DH *dh) | |||
| 131 | 130 | ||
| 132 | if (dh->flags & DH_FLAG_CACHE_MONT_P) | 131 | if (dh->flags & DH_FLAG_CACHE_MONT_P) |
| 133 | { | 132 | { |
| 134 | mont = BN_MONT_CTX_set_locked( | 133 | mont = BN_MONT_CTX_set_locked(&dh->method_mont_p, |
| 135 | (BN_MONT_CTX **)&dh->method_mont_p, | ||
| 136 | CRYPTO_LOCK_DH, dh->p, ctx); | 134 | CRYPTO_LOCK_DH, dh->p, ctx); |
| 137 | if (!mont) | 135 | if (!mont) |
| 138 | goto err; | 136 | goto err; |
| @@ -152,7 +150,7 @@ static int generate_key(DH *dh) | |||
| 152 | { | 150 | { |
| 153 | BN_init(&local_prk); | 151 | BN_init(&local_prk); |
| 154 | prk = &local_prk; | 152 | prk = &local_prk; |
| 155 | BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME); | 153 | BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME); |
| 156 | } | 154 | } |
| 157 | else | 155 | else |
| 158 | prk = priv_key; | 156 | prk = priv_key; |
| @@ -165,7 +163,7 @@ static int generate_key(DH *dh) | |||
| 165 | ok=1; | 163 | ok=1; |
| 166 | err: | 164 | err: |
| 167 | if (ok != 1) | 165 | if (ok != 1) |
| 168 | DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB); | 166 | DHerr(DH_F_GENERATE_KEY,ERR_R_BN_LIB); |
| 169 | 167 | ||
| 170 | if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); | 168 | if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); |
| 171 | if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); | 169 | if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); |
| @@ -175,16 +173,16 @@ err: | |||
| 175 | 173 | ||
| 176 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | 174 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) |
| 177 | { | 175 | { |
| 178 | BN_CTX *ctx; | 176 | BN_CTX *ctx=NULL; |
| 179 | BN_MONT_CTX *mont=NULL; | 177 | BN_MONT_CTX *mont=NULL; |
| 180 | BIGNUM *tmp; | 178 | BIGNUM *tmp; |
| 181 | int ret= -1; | 179 | int ret= -1; |
| 182 | int check_result; | 180 | int check_result; |
| 183 | 181 | ||
| 184 | if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) | 182 | if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) |
| 185 | { | 183 | { |
| 186 | DHerr(DH_F_DH_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE); | 184 | DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE); |
| 187 | return -1; | 185 | goto err; |
| 188 | } | 186 | } |
| 189 | 187 | ||
| 190 | ctx = BN_CTX_new(); | 188 | ctx = BN_CTX_new(); |
| @@ -194,31 +192,32 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | |||
| 194 | 192 | ||
| 195 | if (dh->priv_key == NULL) | 193 | if (dh->priv_key == NULL) |
| 196 | { | 194 | { |
| 197 | DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); | 195 | DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); |
| 198 | goto err; | 196 | goto err; |
| 199 | } | 197 | } |
| 200 | 198 | ||
| 201 | if (dh->flags & DH_FLAG_CACHE_MONT_P) | 199 | if (dh->flags & DH_FLAG_CACHE_MONT_P) |
| 202 | { | 200 | { |
| 203 | mont = BN_MONT_CTX_set_locked( | 201 | mont = BN_MONT_CTX_set_locked(&dh->method_mont_p, |
| 204 | (BN_MONT_CTX **)&dh->method_mont_p, | ||
| 205 | CRYPTO_LOCK_DH, dh->p, ctx); | 202 | CRYPTO_LOCK_DH, dh->p, ctx); |
| 206 | if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) | 203 | if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) |
| 207 | { | 204 | { |
| 208 | /* XXX */ | 205 | /* XXX */ |
| 209 | BN_set_flags(dh->priv_key, BN_FLG_EXP_CONSTTIME); | 206 | BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME); |
| 210 | } | 207 | } |
| 211 | if (!mont) | 208 | if (!mont) |
| 212 | goto err; | 209 | goto err; |
| 213 | } | 210 | } |
| 214 | if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result) | 211 | |
| 212 | if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result) | ||
| 215 | { | 213 | { |
| 216 | DHerr(DH_F_DH_COMPUTE_KEY,DH_R_INVALID_PUBKEY); | 214 | DHerr(DH_F_COMPUTE_KEY,DH_R_INVALID_PUBKEY); |
| 217 | goto err; | 215 | goto err; |
| 218 | } | 216 | } |
| 217 | |||
| 219 | if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont)) | 218 | if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont)) |
| 220 | { | 219 | { |
| 221 | DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); | 220 | DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB); |
| 222 | goto err; | 221 | goto err; |
| 223 | } | 222 | } |
| 224 | 223 | ||
| @@ -259,8 +258,6 @@ static int dh_init(DH *dh) | |||
| 259 | static int dh_finish(DH *dh) | 258 | static int dh_finish(DH *dh) |
| 260 | { | 259 | { |
| 261 | if(dh->method_mont_p) | 260 | if(dh->method_mont_p) |
| 262 | BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p); | 261 | BN_MONT_CTX_free(dh->method_mont_p); |
| 263 | return(1); | 262 | return(1); |
| 264 | } | 263 | } |
| 265 | |||
| 266 | #endif | ||
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c index 09965ee2ea..7aef080e7a 100644 --- a/src/lib/libcrypto/dh/dh_lib.c +++ b/src/lib/libcrypto/dh/dh_lib.c | |||
| @@ -64,7 +64,7 @@ | |||
| 64 | #include <openssl/engine.h> | 64 | #include <openssl/engine.h> |
| 65 | #endif | 65 | #endif |
| 66 | 66 | ||
| 67 | const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; | 67 | const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT; |
| 68 | 68 | ||
| 69 | static const DH_METHOD *default_DH_method = NULL; | 69 | static const DH_METHOD *default_DH_method = NULL; |
| 70 | 70 | ||
diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c index b76dede771..882f5c310a 100644 --- a/src/lib/libcrypto/dh/dhtest.c +++ b/src/lib/libcrypto/dh/dhtest.c | |||
| @@ -56,6 +56,12 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | /* Until the key-gen callbacks are modified to use newer prototypes, we allow | ||
| 60 | * deprecated functions for openssl-internal code */ | ||
| 61 | #ifdef OPENSSL_NO_DEPRECATED | ||
| 62 | #undef OPENSSL_NO_DEPRECATED | ||
| 63 | #endif | ||
| 64 | |||
| 59 | #include <stdio.h> | 65 | #include <stdio.h> |
| 60 | #include <stdlib.h> | 66 | #include <stdlib.h> |
| 61 | #include <string.h> | 67 | #include <string.h> |
| @@ -83,12 +89,13 @@ int main(int argc, char *argv[]) | |||
| 83 | #define MS_CALLBACK | 89 | #define MS_CALLBACK |
| 84 | #endif | 90 | #endif |
| 85 | 91 | ||
| 86 | static void MS_CALLBACK cb(int p, int n, void *arg); | 92 | static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg); |
| 87 | 93 | ||
| 88 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; | 94 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; |
| 89 | 95 | ||
| 90 | int main(int argc, char *argv[]) | 96 | int main(int argc, char *argv[]) |
| 91 | { | 97 | { |
| 98 | BN_GENCB _cb; | ||
| 92 | DH *a; | 99 | DH *a; |
| 93 | DH *b=NULL; | 100 | DH *b=NULL; |
| 94 | char buf[12]; | 101 | char buf[12]; |
| @@ -110,8 +117,10 @@ int main(int argc, char *argv[]) | |||
| 110 | if (out == NULL) EXIT(1); | 117 | if (out == NULL) EXIT(1); |
| 111 | BIO_set_fp(out,stdout,BIO_NOCLOSE); | 118 | BIO_set_fp(out,stdout,BIO_NOCLOSE); |
| 112 | 119 | ||
| 113 | a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out); | 120 | BN_GENCB_set(&_cb, &cb, out); |
| 114 | if (a == NULL) goto err; | 121 | if(((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64, |
| 122 | DH_GENERATOR_5, &_cb)) | ||
| 123 | goto err; | ||
| 115 | 124 | ||
| 116 | if (!DH_check(a, &i)) goto err; | 125 | if (!DH_check(a, &i)) goto err; |
| 117 | if (i & DH_CHECK_P_NOT_PRIME) | 126 | if (i & DH_CHECK_P_NOT_PRIME) |
| @@ -192,14 +201,14 @@ err: | |||
| 192 | if(b != NULL) DH_free(b); | 201 | if(b != NULL) DH_free(b); |
| 193 | if(a != NULL) DH_free(a); | 202 | if(a != NULL) DH_free(a); |
| 194 | BIO_free(out); | 203 | BIO_free(out); |
| 195 | CRYPTO_cleanup_all_ex_data(); | 204 | #ifdef OPENSSL_SYS_NETWARE |
| 196 | ERR_remove_state(0); | 205 | if (ret) printf("ERROR: %d\n", ret); |
| 197 | CRYPTO_mem_leaks_fp(stderr); | 206 | #endif |
| 198 | EXIT(ret); | 207 | EXIT(ret); |
| 199 | return(ret); | 208 | return(ret); |
| 200 | } | 209 | } |
| 201 | 210 | ||
| 202 | static void MS_CALLBACK cb(int p, int n, void *arg) | 211 | static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg) |
| 203 | { | 212 | { |
| 204 | char c='*'; | 213 | char c='*'; |
| 205 | 214 | ||
| @@ -207,10 +216,11 @@ static void MS_CALLBACK cb(int p, int n, void *arg) | |||
| 207 | if (p == 1) c='+'; | 216 | if (p == 1) c='+'; |
| 208 | if (p == 2) c='*'; | 217 | if (p == 2) c='*'; |
| 209 | if (p == 3) c='\n'; | 218 | if (p == 3) c='\n'; |
| 210 | BIO_write((BIO *)arg,&c,1); | 219 | BIO_write(arg->arg,&c,1); |
| 211 | (void)BIO_flush((BIO *)arg); | 220 | (void)BIO_flush(arg->arg); |
| 212 | #ifdef LINT | 221 | #ifdef LINT |
| 213 | p=n; | 222 | p=n; |
| 214 | #endif | 223 | #endif |
| 224 | return 1; | ||
| 215 | } | 225 | } |
| 216 | #endif | 226 | #endif |
diff --git a/src/lib/libcrypto/doc/DH_set_method.pod b/src/lib/libcrypto/doc/DH_set_method.pod index 73261fc467..d5cdc3be0c 100644 --- a/src/lib/libcrypto/doc/DH_set_method.pod +++ b/src/lib/libcrypto/doc/DH_set_method.pod | |||
| @@ -36,7 +36,7 @@ structures created later. B<NB>: This is true only whilst no ENGINE has been set | |||
| 36 | as a default for DH, so this function is no longer recommended. | 36 | as a default for DH, so this function is no longer recommended. |
| 37 | 37 | ||
| 38 | DH_get_default_method() returns a pointer to the current default DH_METHOD. | 38 | DH_get_default_method() returns a pointer to the current default DH_METHOD. |
| 39 | However, the meaningfulness of this result is dependant on whether the ENGINE | 39 | However, the meaningfulness of this result is dependent on whether the ENGINE |
| 40 | API is being used, so this function is no longer recommended. | 40 | API is being used, so this function is no longer recommended. |
| 41 | 41 | ||
| 42 | DH_set_method() selects B<meth> to perform all operations using the key B<dh>. | 42 | DH_set_method() selects B<meth> to perform all operations using the key B<dh>. |
diff --git a/src/lib/libcrypto/doc/DSA_set_method.pod b/src/lib/libcrypto/doc/DSA_set_method.pod index bc3cfb1f0a..9c1434bd8d 100644 --- a/src/lib/libcrypto/doc/DSA_set_method.pod +++ b/src/lib/libcrypto/doc/DSA_set_method.pod | |||
| @@ -36,7 +36,7 @@ structures created later. B<NB>: This is true only whilst no ENGINE has | |||
| 36 | been set as a default for DSA, so this function is no longer recommended. | 36 | been set as a default for DSA, so this function is no longer recommended. |
| 37 | 37 | ||
| 38 | DSA_get_default_method() returns a pointer to the current default | 38 | DSA_get_default_method() returns a pointer to the current default |
| 39 | DSA_METHOD. However, the meaningfulness of this result is dependant on | 39 | DSA_METHOD. However, the meaningfulness of this result is dependent on |
| 40 | whether the ENGINE API is being used, so this function is no longer | 40 | whether the ENGINE API is being used, so this function is no longer |
| 41 | recommended. | 41 | recommended. |
| 42 | 42 | ||
diff --git a/src/lib/libcrypto/doc/EVP_BytesToKey.pod b/src/lib/libcrypto/doc/EVP_BytesToKey.pod index 016381f3e9..d375c46e03 100644 --- a/src/lib/libcrypto/doc/EVP_BytesToKey.pod +++ b/src/lib/libcrypto/doc/EVP_BytesToKey.pod | |||
| @@ -60,7 +60,7 @@ EVP_BytesToKey() returns the size of the derived key in bytes. | |||
| 60 | =head1 SEE ALSO | 60 | =head1 SEE ALSO |
| 61 | 61 | ||
| 62 | L<evp(3)|evp(3)>, L<rand(3)|rand(3)>, | 62 | L<evp(3)|evp(3)>, L<rand(3)|rand(3)>, |
| 63 | L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>, | 63 | L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> |
| 64 | 64 | ||
| 65 | =head1 HISTORY | 65 | =head1 HISTORY |
| 66 | 66 | ||
diff --git a/src/lib/libcrypto/doc/EVP_DigestInit.pod b/src/lib/libcrypto/doc/EVP_DigestInit.pod index faa992286b..236e2fa8d1 100644 --- a/src/lib/libcrypto/doc/EVP_DigestInit.pod +++ b/src/lib/libcrypto/doc/EVP_DigestInit.pod | |||
| @@ -18,7 +18,7 @@ EVP digest routines | |||
| 18 | EVP_MD_CTX *EVP_MD_CTX_create(void); | 18 | EVP_MD_CTX *EVP_MD_CTX_create(void); |
| 19 | 19 | ||
| 20 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); | 20 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); |
| 21 | int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); | 21 | int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); |
| 22 | int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, | 22 | int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, |
| 23 | unsigned int *s); | 23 | unsigned int *s); |
| 24 | 24 | ||
diff --git a/src/lib/libcrypto/doc/EVP_SealInit.pod b/src/lib/libcrypto/doc/EVP_SealInit.pod index 48a0e29954..7d793e19ef 100644 --- a/src/lib/libcrypto/doc/EVP_SealInit.pod +++ b/src/lib/libcrypto/doc/EVP_SealInit.pod | |||
| @@ -8,9 +8,9 @@ EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption | |||
| 8 | 8 | ||
| 9 | #include <openssl/evp.h> | 9 | #include <openssl/evp.h> |
| 10 | 10 | ||
| 11 | int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, | 11 | int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, |
| 12 | unsigned char **ek, int *ekl, unsigned char *iv, | 12 | unsigned char **ek, int *ekl, unsigned char *iv, |
| 13 | EVP_PKEY **pubk, int npubk); | 13 | EVP_PKEY **pubk, int npubk); |
| 14 | int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, | 14 | int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, |
| 15 | int *outl, unsigned char *in, int inl); | 15 | int *outl, unsigned char *in, int inl); |
| 16 | int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, | 16 | int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, |
diff --git a/src/lib/libcrypto/doc/RAND_bytes.pod b/src/lib/libcrypto/doc/RAND_bytes.pod index ce6329ce54..1a9b91e281 100644 --- a/src/lib/libcrypto/doc/RAND_bytes.pod +++ b/src/lib/libcrypto/doc/RAND_bytes.pod | |||
| @@ -25,6 +25,9 @@ unpredictable. They can be used for non-cryptographic purposes and for | |||
| 25 | certain purposes in cryptographic protocols, but usually not for key | 25 | certain purposes in cryptographic protocols, but usually not for key |
| 26 | generation etc. | 26 | generation etc. |
| 27 | 27 | ||
| 28 | The contents of B<buf> is mixed into the entropy pool before retrieving | ||
| 29 | the new pseudo-random bytes unless disabled at compile time (see FAQ). | ||
| 30 | |||
| 28 | =head1 RETURN VALUES | 31 | =head1 RETURN VALUES |
| 29 | 32 | ||
| 30 | RAND_bytes() returns 1 on success, 0 otherwise. The error code can be | 33 | RAND_bytes() returns 1 on success, 0 otherwise. The error code can be |
diff --git a/src/lib/libcrypto/doc/RAND_set_rand_method.pod b/src/lib/libcrypto/doc/RAND_set_rand_method.pod index c9bb6d9f27..e5b780fad0 100644 --- a/src/lib/libcrypto/doc/RAND_set_rand_method.pod +++ b/src/lib/libcrypto/doc/RAND_set_rand_method.pod | |||
| @@ -30,7 +30,7 @@ true only whilst no ENGINE has been set as a default for RAND, so this function | |||
| 30 | is no longer recommended. | 30 | is no longer recommended. |
| 31 | 31 | ||
| 32 | RAND_get_default_method() returns a pointer to the current RAND_METHOD. | 32 | RAND_get_default_method() returns a pointer to the current RAND_METHOD. |
| 33 | However, the meaningfulness of this result is dependant on whether the ENGINE | 33 | However, the meaningfulness of this result is dependent on whether the ENGINE |
| 34 | API is being used, so this function is no longer recommended. | 34 | API is being used, so this function is no longer recommended. |
| 35 | 35 | ||
| 36 | =head1 THE RAND_METHOD STRUCTURE | 36 | =head1 THE RAND_METHOD STRUCTURE |
diff --git a/src/lib/libcrypto/doc/RSA_get_ex_new_index.pod b/src/lib/libcrypto/doc/RSA_get_ex_new_index.pod index 46cc8f5359..7d0fd1f91d 100644 --- a/src/lib/libcrypto/doc/RSA_get_ex_new_index.pod +++ b/src/lib/libcrypto/doc/RSA_get_ex_new_index.pod | |||
| @@ -17,12 +17,12 @@ RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - add application specifi | |||
| 17 | 17 | ||
| 18 | void *RSA_get_ex_data(RSA *r, int idx); | 18 | void *RSA_get_ex_data(RSA *r, int idx); |
| 19 | 19 | ||
| 20 | typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, | 20 | typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, |
| 21 | int idx, long argl, void *argp); | 21 | int idx, long argl, void *argp); |
| 22 | typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, | 22 | typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, |
| 23 | int idx, long argl, void *argp); | 23 | int idx, long argl, void *argp); |
| 24 | typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, | 24 | typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, |
| 25 | int idx, long argl, void *argp); | 25 | int idx, long argl, void *argp); |
| 26 | 26 | ||
| 27 | =head1 DESCRIPTION | 27 | =head1 DESCRIPTION |
| 28 | 28 | ||
diff --git a/src/lib/libcrypto/doc/RSA_set_method.pod b/src/lib/libcrypto/doc/RSA_set_method.pod index 0a305f6b14..2c963d7e5b 100644 --- a/src/lib/libcrypto/doc/RSA_set_method.pod +++ b/src/lib/libcrypto/doc/RSA_set_method.pod | |||
| @@ -42,7 +42,7 @@ structures created later. B<NB>: This is true only whilst no ENGINE has | |||
| 42 | been set as a default for RSA, so this function is no longer recommended. | 42 | been set as a default for RSA, so this function is no longer recommended. |
| 43 | 43 | ||
| 44 | RSA_get_default_method() returns a pointer to the current default | 44 | RSA_get_default_method() returns a pointer to the current default |
| 45 | RSA_METHOD. However, the meaningfulness of this result is dependant on | 45 | RSA_METHOD. However, the meaningfulness of this result is dependent on |
| 46 | whether the ENGINE API is being used, so this function is no longer | 46 | whether the ENGINE API is being used, so this function is no longer |
| 47 | recommended. | 47 | recommended. |
| 48 | 48 | ||
diff --git a/src/lib/libcrypto/doc/RSA_sign.pod b/src/lib/libcrypto/doc/RSA_sign.pod index 71688a665e..8553be8e99 100644 --- a/src/lib/libcrypto/doc/RSA_sign.pod +++ b/src/lib/libcrypto/doc/RSA_sign.pod | |||
| @@ -8,10 +8,10 @@ RSA_sign, RSA_verify - RSA signatures | |||
| 8 | 8 | ||
| 9 | #include <openssl/rsa.h> | 9 | #include <openssl/rsa.h> |
| 10 | 10 | ||
| 11 | int RSA_sign(int type, unsigned char *m, unsigned int m_len, | 11 | int RSA_sign(int type, const unsigned char *m, unsigned int m_len, |
| 12 | unsigned char *sigret, unsigned int *siglen, RSA *rsa); | 12 | unsigned char *sigret, unsigned int *siglen, RSA *rsa); |
| 13 | 13 | ||
| 14 | int RSA_verify(int type, unsigned char *m, unsigned int m_len, | 14 | int RSA_verify(int type, const unsigned char *m, unsigned int m_len, |
| 15 | unsigned char *sigbuf, unsigned int siglen, RSA *rsa); | 15 | unsigned char *sigbuf, unsigned int siglen, RSA *rsa); |
| 16 | 16 | ||
| 17 | =head1 DESCRIPTION | 17 | =head1 DESCRIPTION |
diff --git a/src/lib/libcrypto/doc/bn.pod b/src/lib/libcrypto/doc/bn.pod index 210dfeac08..cd2f8e50c6 100644 --- a/src/lib/libcrypto/doc/bn.pod +++ b/src/lib/libcrypto/doc/bn.pod | |||
| @@ -27,6 +27,9 @@ bn - multiprecision integer arithmetics | |||
| 27 | int BN_num_bits(const BIGNUM *a); | 27 | int BN_num_bits(const BIGNUM *a); |
| 28 | int BN_num_bits_word(BN_ULONG w); | 28 | int BN_num_bits_word(BN_ULONG w); |
| 29 | 29 | ||
| 30 | void BN_set_negative(BIGNUM *a, int n); | ||
| 31 | int BN_is_negative(const BIGNUM *a); | ||
| 32 | |||
| 30 | int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); | 33 | int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); |
| 31 | int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); | 34 | int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); |
| 32 | int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); | 35 | int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); |
| @@ -118,6 +121,25 @@ bn - multiprecision integer arithmetics | |||
| 118 | int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, | 121 | int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, |
| 119 | BN_CTX *ctx); | 122 | BN_CTX *ctx); |
| 120 | 123 | ||
| 124 | BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, | ||
| 125 | BIGNUM *mod); | ||
| 126 | void BN_BLINDING_free(BN_BLINDING *b); | ||
| 127 | int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx); | ||
| 128 | int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); | ||
| 129 | int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); | ||
| 130 | int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, | ||
| 131 | BN_CTX *ctx); | ||
| 132 | int BN_BLINDING_invert_ex(BIGNUM *n,const BIGNUM *r,BN_BLINDING *b, | ||
| 133 | BN_CTX *ctx); | ||
| 134 | unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *); | ||
| 135 | void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long); | ||
| 136 | unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); | ||
| 137 | void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); | ||
| 138 | BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, | ||
| 139 | const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, | ||
| 140 | int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
| 141 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), | ||
| 142 | BN_MONT_CTX *m_ctx); | ||
| 121 | 143 | ||
| 122 | =head1 DESCRIPTION | 144 | =head1 DESCRIPTION |
| 123 | 145 | ||
| @@ -153,6 +175,7 @@ L<BN_cmp(3)|BN_cmp(3)>, L<BN_zero(3)|BN_zero(3)>, L<BN_rand(3)|BN_rand(3)>, | |||
| 153 | L<BN_generate_prime(3)|BN_generate_prime(3)>, L<BN_set_bit(3)|BN_set_bit(3)>, | 175 | L<BN_generate_prime(3)|BN_generate_prime(3)>, L<BN_set_bit(3)|BN_set_bit(3)>, |
| 154 | L<BN_bn2bin(3)|BN_bn2bin(3)>, L<BN_mod_inverse(3)|BN_mod_inverse(3)>, | 176 | L<BN_bn2bin(3)|BN_bn2bin(3)>, L<BN_mod_inverse(3)|BN_mod_inverse(3)>, |
| 155 | L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>, | 177 | L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>, |
| 156 | L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)> | 178 | L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>, |
| 179 | L<BN_BLINDING_new(3)|BN_BLINDING_new(3)> | ||
| 157 | 180 | ||
| 158 | =cut | 181 | =cut |
diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h index aa0669eb7a..c079154625 100644 --- a/src/lib/libcrypto/dsa/dsa.h +++ b/src/lib/libcrypto/dsa/dsa.h | |||
| @@ -65,6 +65,8 @@ | |||
| 65 | #ifndef HEADER_DSA_H | 65 | #ifndef HEADER_DSA_H |
| 66 | #define HEADER_DSA_H | 66 | #define HEADER_DSA_H |
| 67 | 67 | ||
| 68 | #include <openssl/e_os2.h> | ||
| 69 | |||
| 68 | #ifdef OPENSSL_NO_DSA | 70 | #ifdef OPENSSL_NO_DSA |
| 69 | #error DSA is disabled. | 71 | #error DSA is disabled. |
| 70 | #endif | 72 | #endif |
| @@ -72,12 +74,19 @@ | |||
| 72 | #ifndef OPENSSL_NO_BIO | 74 | #ifndef OPENSSL_NO_BIO |
| 73 | #include <openssl/bio.h> | 75 | #include <openssl/bio.h> |
| 74 | #endif | 76 | #endif |
| 75 | #include <openssl/bn.h> | ||
| 76 | #include <openssl/crypto.h> | 77 | #include <openssl/crypto.h> |
| 77 | #include <openssl/ossl_typ.h> | 78 | #include <openssl/ossl_typ.h> |
| 79 | |||
| 80 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 81 | #include <openssl/bn.h> | ||
| 78 | #ifndef OPENSSL_NO_DH | 82 | #ifndef OPENSSL_NO_DH |
| 79 | # include <openssl/dh.h> | 83 | # include <openssl/dh.h> |
| 80 | #endif | 84 | #endif |
| 85 | #endif | ||
| 86 | |||
| 87 | #ifndef OPENSSL_DSA_MAX_MODULUS_BITS | ||
| 88 | # define OPENSSL_DSA_MAX_MODULUS_BITS 10000 | ||
| 89 | #endif | ||
| 81 | 90 | ||
| 82 | #define OPENSSL_DSA_MAX_MODULUS_BITS 3072 | 91 | #define OPENSSL_DSA_MAX_MODULUS_BITS 3072 |
| 83 | 92 | ||
| @@ -90,22 +99,13 @@ | |||
| 90 | * be used for all exponents. | 99 | * be used for all exponents. |
| 91 | */ | 100 | */ |
| 92 | 101 | ||
| 93 | /* If this flag is set external DSA_METHOD callbacks are allowed in FIPS mode | ||
| 94 | * it is then the applications responsibility to ensure the external method | ||
| 95 | * is compliant. | ||
| 96 | */ | ||
| 97 | |||
| 98 | #define DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW 0x04 | ||
| 99 | |||
| 100 | #if defined(OPENSSL_FIPS) | ||
| 101 | #define FIPS_DSA_SIZE_T int | ||
| 102 | #endif | ||
| 103 | |||
| 104 | #ifdef __cplusplus | 102 | #ifdef __cplusplus |
| 105 | extern "C" { | 103 | extern "C" { |
| 106 | #endif | 104 | #endif |
| 107 | 105 | ||
| 108 | typedef struct dsa_st DSA; | 106 | /* Already defined in ossl_typ.h */ |
| 107 | /* typedef struct dsa_st DSA; */ | ||
| 108 | /* typedef struct dsa_method DSA_METHOD; */ | ||
| 109 | 109 | ||
| 110 | typedef struct DSA_SIG_st | 110 | typedef struct DSA_SIG_st |
| 111 | { | 111 | { |
| @@ -113,7 +113,8 @@ typedef struct DSA_SIG_st | |||
| 113 | BIGNUM *s; | 113 | BIGNUM *s; |
| 114 | } DSA_SIG; | 114 | } DSA_SIG; |
| 115 | 115 | ||
| 116 | typedef struct dsa_method { | 116 | struct dsa_method |
| 117 | { | ||
| 117 | const char *name; | 118 | const char *name; |
| 118 | DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa); | 119 | DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa); |
| 119 | int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, | 120 | int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, |
| @@ -130,7 +131,14 @@ typedef struct dsa_method { | |||
| 130 | int (*finish)(DSA *dsa); | 131 | int (*finish)(DSA *dsa); |
| 131 | int flags; | 132 | int flags; |
| 132 | char *app_data; | 133 | char *app_data; |
| 133 | } DSA_METHOD; | 134 | /* If this is non-NULL, it is used to generate DSA parameters */ |
| 135 | int (*dsa_paramgen)(DSA *dsa, int bits, | ||
| 136 | unsigned char *seed, int seed_len, | ||
| 137 | int *counter_ret, unsigned long *h_ret, | ||
| 138 | BN_GENCB *cb); | ||
| 139 | /* If this is non-NULL, it is used to generate DSA keys */ | ||
| 140 | int (*dsa_keygen)(DSA *dsa); | ||
| 141 | }; | ||
| 134 | 142 | ||
| 135 | struct dsa_st | 143 | struct dsa_st |
| 136 | { | 144 | { |
| @@ -151,7 +159,7 @@ struct dsa_st | |||
| 151 | 159 | ||
| 152 | int flags; | 160 | int flags; |
| 153 | /* Normally used to cache montgomery values */ | 161 | /* Normally used to cache montgomery values */ |
| 154 | char *method_mont_p; | 162 | BN_MONT_CTX *method_mont_p; |
| 155 | int references; | 163 | int references; |
| 156 | CRYPTO_EX_DATA ex_data; | 164 | CRYPTO_EX_DATA ex_data; |
| 157 | const DSA_METHOD *meth; | 165 | const DSA_METHOD *meth; |
| @@ -159,16 +167,13 @@ struct dsa_st | |||
| 159 | ENGINE *engine; | 167 | ENGINE *engine; |
| 160 | }; | 168 | }; |
| 161 | 169 | ||
| 162 | #define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \ | 170 | #define DSAparams_dup(x) ASN1_dup_of_const(DSA,i2d_DSAparams,d2i_DSAparams,x) |
| 163 | (char *(*)())d2i_DSAparams,(char *)(x)) | ||
| 164 | #define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \ | 171 | #define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \ |
| 165 | (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x)) | 172 | (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x)) |
| 166 | #define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \ | 173 | #define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \ |
| 167 | (unsigned char *)(x)) | 174 | (unsigned char *)(x)) |
| 168 | #define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \ | 175 | #define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x) |
| 169 | (char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x)) | 176 | #define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x) |
| 170 | #define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \ | ||
| 171 | (unsigned char *)(x)) | ||
| 172 | 177 | ||
| 173 | 178 | ||
| 174 | DSA_SIG * DSA_SIG_new(void); | 179 | DSA_SIG * DSA_SIG_new(void); |
| @@ -206,10 +211,20 @@ void *DSA_get_ex_data(DSA *d, int idx); | |||
| 206 | DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length); | 211 | DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length); |
| 207 | DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length); | 212 | DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length); |
| 208 | DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length); | 213 | DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length); |
| 214 | |||
| 215 | /* Deprecated version */ | ||
| 216 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 209 | DSA * DSA_generate_parameters(int bits, | 217 | DSA * DSA_generate_parameters(int bits, |
| 210 | unsigned char *seed,int seed_len, | 218 | unsigned char *seed,int seed_len, |
| 211 | int *counter_ret, unsigned long *h_ret,void | 219 | int *counter_ret, unsigned long *h_ret,void |
| 212 | (*callback)(int, int, void *),void *cb_arg); | 220 | (*callback)(int, int, void *),void *cb_arg); |
| 221 | #endif /* !defined(OPENSSL_NO_DEPRECATED) */ | ||
| 222 | |||
| 223 | /* New version */ | ||
| 224 | int DSA_generate_parameters_ex(DSA *dsa, int bits, | ||
| 225 | unsigned char *seed,int seed_len, | ||
| 226 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); | ||
| 227 | |||
| 213 | int DSA_generate_key(DSA *a); | 228 | int DSA_generate_key(DSA *a); |
| 214 | int i2d_DSAPublicKey(const DSA *a, unsigned char **pp); | 229 | int i2d_DSAPublicKey(const DSA *a, unsigned char **pp); |
| 215 | int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp); | 230 | int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp); |
diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c index d7fac69154..768711994b 100644 --- a/src/lib/libcrypto/dsa/dsa_err.c +++ b/src/lib/libcrypto/dsa/dsa_err.c | |||
| @@ -100,15 +100,12 @@ static ERR_STRING_DATA DSA_str_reasons[]= | |||
| 100 | 100 | ||
| 101 | void ERR_load_DSA_strings(void) | 101 | void ERR_load_DSA_strings(void) |
| 102 | { | 102 | { |
| 103 | static int init=1; | 103 | #ifndef OPENSSL_NO_ERR |
| 104 | 104 | ||
| 105 | if (init) | 105 | if (ERR_func_error_string(DSA_str_functs[0].error) == NULL) |
| 106 | { | 106 | { |
| 107 | init=0; | ||
| 108 | #ifndef OPENSSL_NO_ERR | ||
| 109 | ERR_load_strings(0,DSA_str_functs); | 107 | ERR_load_strings(0,DSA_str_functs); |
| 110 | ERR_load_strings(0,DSA_str_reasons); | 108 | ERR_load_strings(0,DSA_str_reasons); |
| 111 | #endif | ||
| 112 | |||
| 113 | } | 109 | } |
| 110 | #endif | ||
| 114 | } | 111 | } |
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c index e40afeea51..ca0b86a6cf 100644 --- a/src/lib/libcrypto/dsa/dsa_gen.c +++ b/src/lib/libcrypto/dsa/dsa_gen.c | |||
| @@ -69,6 +69,8 @@ | |||
| 69 | #define HASH EVP_sha1() | 69 | #define HASH EVP_sha1() |
| 70 | #endif | 70 | #endif |
| 71 | 71 | ||
| 72 | #include <openssl/opensslconf.h> /* To see if OPENSSL_NO_SHA is defined */ | ||
| 73 | |||
| 72 | #ifndef OPENSSL_NO_SHA | 74 | #ifndef OPENSSL_NO_SHA |
| 73 | 75 | ||
| 74 | #include <stdio.h> | 76 | #include <stdio.h> |
| @@ -80,12 +82,24 @@ | |||
| 80 | #include <openssl/rand.h> | 82 | #include <openssl/rand.h> |
| 81 | #include <openssl/sha.h> | 83 | #include <openssl/sha.h> |
| 82 | 84 | ||
| 83 | #ifndef OPENSSL_FIPS | 85 | static int dsa_builtin_paramgen(DSA *ret, int bits, |
| 84 | DSA *DSA_generate_parameters(int bits, | 86 | unsigned char *seed_in, int seed_len, |
| 87 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); | ||
| 88 | |||
| 89 | int DSA_generate_parameters_ex(DSA *ret, int bits, | ||
| 90 | unsigned char *seed_in, int seed_len, | ||
| 91 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) | ||
| 92 | { | ||
| 93 | if(ret->meth->dsa_paramgen) | ||
| 94 | return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, | ||
| 95 | counter_ret, h_ret, cb); | ||
| 96 | return dsa_builtin_paramgen(ret, bits, seed_in, seed_len, | ||
| 97 | counter_ret, h_ret, cb); | ||
| 98 | } | ||
| 99 | |||
| 100 | static int dsa_builtin_paramgen(DSA *ret, int bits, | ||
| 85 | unsigned char *seed_in, int seed_len, | 101 | unsigned char *seed_in, int seed_len, |
| 86 | int *counter_ret, unsigned long *h_ret, | 102 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) |
| 87 | void (*callback)(int, int, void *), | ||
| 88 | void *cb_arg) | ||
| 89 | { | 103 | { |
| 90 | int ok=0; | 104 | int ok=0; |
| 91 | unsigned char seed[SHA_DIGEST_LENGTH]; | 105 | unsigned char seed[SHA_DIGEST_LENGTH]; |
| @@ -97,40 +111,43 @@ DSA *DSA_generate_parameters(int bits, | |||
| 97 | int k,n=0,i,b,m=0; | 111 | int k,n=0,i,b,m=0; |
| 98 | int counter=0; | 112 | int counter=0; |
| 99 | int r=0; | 113 | int r=0; |
| 100 | BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL; | 114 | BN_CTX *ctx=NULL; |
| 101 | unsigned int h=2; | 115 | unsigned int h=2; |
| 102 | DSA *ret=NULL; | ||
| 103 | 116 | ||
| 104 | if (bits < 512) bits=512; | 117 | if (bits < 512) bits=512; |
| 105 | bits=(bits+63)/64*64; | 118 | bits=(bits+63)/64*64; |
| 106 | 119 | ||
| 107 | if (seed_len < 20) | 120 | /* NB: seed_len == 0 is special case: copy generated seed to |
| 121 | * seed_in if it is not NULL. | ||
| 122 | */ | ||
| 123 | if (seed_len && (seed_len < 20)) | ||
| 108 | seed_in = NULL; /* seed buffer too small -- ignore */ | 124 | seed_in = NULL; /* seed buffer too small -- ignore */ |
| 109 | if (seed_len > 20) | 125 | if (seed_len > 20) |
| 110 | seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, | 126 | seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, |
| 111 | * but our internal buffers are restricted to 160 bits*/ | 127 | * but our internal buffers are restricted to 160 bits*/ |
| 112 | if ((seed_in != NULL) && (seed_len == 20)) | 128 | if ((seed_in != NULL) && (seed_len == 20)) |
| 129 | { | ||
| 113 | memcpy(seed,seed_in,seed_len); | 130 | memcpy(seed,seed_in,seed_len); |
| 131 | /* set seed_in to NULL to avoid it being copied back */ | ||
| 132 | seed_in = NULL; | ||
| 133 | } | ||
| 114 | 134 | ||
| 115 | if ((ctx=BN_CTX_new()) == NULL) goto err; | 135 | if ((ctx=BN_CTX_new()) == NULL) goto err; |
| 116 | if ((ctx2=BN_CTX_new()) == NULL) goto err; | ||
| 117 | if ((ctx3=BN_CTX_new()) == NULL) goto err; | ||
| 118 | if ((ret=DSA_new()) == NULL) goto err; | ||
| 119 | 136 | ||
| 120 | if ((mont=BN_MONT_CTX_new()) == NULL) goto err; | 137 | if ((mont=BN_MONT_CTX_new()) == NULL) goto err; |
| 121 | 138 | ||
| 122 | BN_CTX_start(ctx2); | 139 | BN_CTX_start(ctx); |
| 123 | r0 = BN_CTX_get(ctx2); | 140 | r0 = BN_CTX_get(ctx); |
| 124 | g = BN_CTX_get(ctx2); | 141 | g = BN_CTX_get(ctx); |
| 125 | W = BN_CTX_get(ctx2); | 142 | W = BN_CTX_get(ctx); |
| 126 | q = BN_CTX_get(ctx2); | 143 | q = BN_CTX_get(ctx); |
| 127 | X = BN_CTX_get(ctx2); | 144 | X = BN_CTX_get(ctx); |
| 128 | c = BN_CTX_get(ctx2); | 145 | c = BN_CTX_get(ctx); |
| 129 | p = BN_CTX_get(ctx2); | 146 | p = BN_CTX_get(ctx); |
| 130 | test = BN_CTX_get(ctx2); | 147 | test = BN_CTX_get(ctx); |
| 131 | if (test == NULL) goto err; | ||
| 132 | 148 | ||
| 133 | if (!BN_lshift(test,BN_value_one(),bits-1)) goto err; | 149 | if (!BN_lshift(test,BN_value_one(),bits-1)) |
| 150 | goto err; | ||
| 134 | 151 | ||
| 135 | for (;;) | 152 | for (;;) |
| 136 | { | 153 | { |
| @@ -139,7 +156,8 @@ DSA *DSA_generate_parameters(int bits, | |||
| 139 | int seed_is_random; | 156 | int seed_is_random; |
| 140 | 157 | ||
| 141 | /* step 1 */ | 158 | /* step 1 */ |
| 142 | if (callback != NULL) callback(0,m++,cb_arg); | 159 | if(!BN_GENCB_call(cb, 0, m++)) |
| 160 | goto err; | ||
| 143 | 161 | ||
| 144 | if (!seed_len) | 162 | if (!seed_len) |
| 145 | { | 163 | { |
| @@ -172,7 +190,8 @@ DSA *DSA_generate_parameters(int bits, | |||
| 172 | if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err; | 190 | if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err; |
| 173 | 191 | ||
| 174 | /* step 4 */ | 192 | /* step 4 */ |
| 175 | r = BN_is_prime_fasttest(q, DSS_prime_checks, callback, ctx3, cb_arg, seed_is_random); | 193 | r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx, |
| 194 | seed_is_random, cb); | ||
| 176 | if (r > 0) | 195 | if (r > 0) |
| 177 | break; | 196 | break; |
| 178 | if (r != 0) | 197 | if (r != 0) |
| @@ -182,8 +201,8 @@ DSA *DSA_generate_parameters(int bits, | |||
| 182 | /* step 5 */ | 201 | /* step 5 */ |
| 183 | } | 202 | } |
| 184 | 203 | ||
| 185 | if (callback != NULL) callback(2,0,cb_arg); | 204 | if(!BN_GENCB_call(cb, 2, 0)) goto err; |
| 186 | if (callback != NULL) callback(3,0,cb_arg); | 205 | if(!BN_GENCB_call(cb, 3, 0)) goto err; |
| 187 | 206 | ||
| 188 | /* step 6 */ | 207 | /* step 6 */ |
| 189 | counter=0; | 208 | counter=0; |
| @@ -194,11 +213,11 @@ DSA *DSA_generate_parameters(int bits, | |||
| 194 | 213 | ||
| 195 | for (;;) | 214 | for (;;) |
| 196 | { | 215 | { |
| 197 | if (callback != NULL && counter != 0) | 216 | if ((counter != 0) && !BN_GENCB_call(cb, 0, counter)) |
| 198 | callback(0,counter,cb_arg); | 217 | goto err; |
| 199 | 218 | ||
| 200 | /* step 7 */ | 219 | /* step 7 */ |
| 201 | if (!BN_zero(W)) goto err; | 220 | BN_zero(W); |
| 202 | /* now 'buf' contains "SEED + offset - 1" */ | 221 | /* now 'buf' contains "SEED + offset - 1" */ |
| 203 | for (k=0; k<=n; k++) | 222 | for (k=0; k<=n; k++) |
| 204 | { | 223 | { |
| @@ -233,7 +252,8 @@ DSA *DSA_generate_parameters(int bits, | |||
| 233 | if (BN_cmp(p,test) >= 0) | 252 | if (BN_cmp(p,test) >= 0) |
| 234 | { | 253 | { |
| 235 | /* step 11 */ | 254 | /* step 11 */ |
| 236 | r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1); | 255 | r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, |
| 256 | ctx, 1, cb); | ||
| 237 | if (r > 0) | 257 | if (r > 0) |
| 238 | goto end; /* found it */ | 258 | goto end; /* found it */ |
| 239 | if (r != 0) | 259 | if (r != 0) |
| @@ -249,7 +269,8 @@ DSA *DSA_generate_parameters(int bits, | |||
| 249 | } | 269 | } |
| 250 | } | 270 | } |
| 251 | end: | 271 | end: |
| 252 | if (callback != NULL) callback(2,1,cb_arg); | 272 | if(!BN_GENCB_call(cb, 2, 1)) |
| 273 | goto err; | ||
| 253 | 274 | ||
| 254 | /* We now need to generate g */ | 275 | /* We now need to generate g */ |
| 255 | /* Set r0=(p-1)/q */ | 276 | /* Set r0=(p-1)/q */ |
| @@ -268,16 +289,16 @@ end: | |||
| 268 | h++; | 289 | h++; |
| 269 | } | 290 | } |
| 270 | 291 | ||
| 271 | if (callback != NULL) callback(3,1,cb_arg); | 292 | if(!BN_GENCB_call(cb, 3, 1)) |
| 293 | goto err; | ||
| 272 | 294 | ||
| 273 | ok=1; | 295 | ok=1; |
| 274 | err: | 296 | err: |
| 275 | if (!ok) | 297 | if (ok) |
| 276 | { | ||
| 277 | if (ret != NULL) DSA_free(ret); | ||
| 278 | } | ||
| 279 | else | ||
| 280 | { | 298 | { |
| 299 | if(ret->p) BN_free(ret->p); | ||
| 300 | if(ret->q) BN_free(ret->q); | ||
| 301 | if(ret->g) BN_free(ret->g); | ||
| 281 | ret->p=BN_dup(p); | 302 | ret->p=BN_dup(p); |
| 282 | ret->q=BN_dup(q); | 303 | ret->q=BN_dup(q); |
| 283 | ret->g=BN_dup(g); | 304 | ret->g=BN_dup(g); |
| @@ -286,20 +307,16 @@ err: | |||
| 286 | ok=0; | 307 | ok=0; |
| 287 | goto err; | 308 | goto err; |
| 288 | } | 309 | } |
| 289 | if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20); | 310 | if (seed_in != NULL) memcpy(seed_in,seed,20); |
| 290 | if (counter_ret != NULL) *counter_ret=counter; | 311 | if (counter_ret != NULL) *counter_ret=counter; |
| 291 | if (h_ret != NULL) *h_ret=h; | 312 | if (h_ret != NULL) *h_ret=h; |
| 292 | } | 313 | } |
| 293 | if (ctx != NULL) BN_CTX_free(ctx); | 314 | if(ctx) |
| 294 | if (ctx2 != NULL) | ||
| 295 | { | 315 | { |
| 296 | BN_CTX_end(ctx2); | 316 | BN_CTX_end(ctx); |
| 297 | BN_CTX_free(ctx2); | 317 | BN_CTX_free(ctx); |
| 298 | } | 318 | } |
| 299 | if (ctx3 != NULL) BN_CTX_free(ctx3); | ||
| 300 | if (mont != NULL) BN_MONT_CTX_free(mont); | 319 | if (mont != NULL) BN_MONT_CTX_free(mont); |
| 301 | return(ok?ret:NULL); | 320 | return ok; |
| 302 | } | 321 | } |
| 303 | #endif /* ndef OPENSSL_FIPS */ | 322 | #endif |
| 304 | #endif /* ndef OPENSSL_NO_SHA */ | ||
| 305 | |||
diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c index 980b6dc2d3..c4aa86bc6d 100644 --- a/src/lib/libcrypto/dsa/dsa_key.c +++ b/src/lib/libcrypto/dsa/dsa_key.c | |||
| @@ -56,17 +56,25 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_SHA | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include <time.h> | 60 | #include <time.h> |
| 62 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 62 | #ifndef OPENSSL_NO_SHA | ||
| 63 | #include <openssl/bn.h> | 63 | #include <openssl/bn.h> |
| 64 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | 66 | ||
| 67 | #ifndef OPENSSL_FIPS | 67 | static int dsa_builtin_keygen(DSA *dsa); |
| 68 | |||
| 68 | int DSA_generate_key(DSA *dsa) | 69 | int DSA_generate_key(DSA *dsa) |
| 69 | { | 70 | { |
| 71 | if(dsa->meth->dsa_keygen) | ||
| 72 | return dsa->meth->dsa_keygen(dsa); | ||
| 73 | return dsa_builtin_keygen(dsa); | ||
| 74 | } | ||
| 75 | |||
| 76 | static int dsa_builtin_keygen(DSA *dsa) | ||
| 77 | { | ||
| 70 | int ok=0; | 78 | int ok=0; |
| 71 | BN_CTX *ctx=NULL; | 79 | BN_CTX *ctx=NULL; |
| 72 | BIGNUM *pub_key=NULL,*priv_key=NULL; | 80 | BIGNUM *pub_key=NULL,*priv_key=NULL; |
| @@ -99,7 +107,7 @@ int DSA_generate_key(DSA *dsa) | |||
| 99 | { | 107 | { |
| 100 | BN_init(&local_prk); | 108 | BN_init(&local_prk); |
| 101 | prk = &local_prk; | 109 | prk = &local_prk; |
| 102 | BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME); | 110 | BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME); |
| 103 | } | 111 | } |
| 104 | else | 112 | else |
| 105 | prk = priv_key; | 113 | prk = priv_key; |
| @@ -118,4 +126,3 @@ err: | |||
| 118 | return(ok); | 126 | return(ok); |
| 119 | } | 127 | } |
| 120 | #endif | 128 | #endif |
| 121 | #endif | ||
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c index 4171af24c6..e9b75902db 100644 --- a/src/lib/libcrypto/dsa/dsa_lib.c +++ b/src/lib/libcrypto/dsa/dsa_lib.c | |||
| @@ -66,8 +66,11 @@ | |||
| 66 | #ifndef OPENSSL_NO_ENGINE | 66 | #ifndef OPENSSL_NO_ENGINE |
| 67 | #include <openssl/engine.h> | 67 | #include <openssl/engine.h> |
| 68 | #endif | 68 | #endif |
| 69 | #ifndef OPENSSL_NO_DH | ||
| 70 | #include <openssl/dh.h> | ||
| 71 | #endif | ||
| 69 | 72 | ||
| 70 | const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT; | 73 | const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT; |
| 71 | 74 | ||
| 72 | static const DSA_METHOD *default_DSA_method = NULL; | 75 | static const DSA_METHOD *default_DSA_method = NULL; |
| 73 | 76 | ||
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c index 5de5fc7e91..75ff7cc4af 100644 --- a/src/lib/libcrypto/dsa/dsa_ossl.c +++ b/src/lib/libcrypto/dsa/dsa_ossl.c | |||
| @@ -65,33 +65,63 @@ | |||
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
| 67 | 67 | ||
| 68 | #ifndef OPENSSL_FIPS | ||
| 69 | static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); | 68 | static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); |
| 70 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); | 69 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); |
| 71 | static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | 70 | static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, |
| 72 | DSA *dsa); | 71 | DSA *dsa); |
| 73 | static int dsa_init(DSA *dsa); | 72 | static int dsa_init(DSA *dsa); |
| 74 | static int dsa_finish(DSA *dsa); | 73 | static int dsa_finish(DSA *dsa); |
| 75 | static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, | ||
| 76 | BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, | ||
| 77 | BN_MONT_CTX *in_mont); | ||
| 78 | static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, | ||
| 79 | const BIGNUM *m, BN_CTX *ctx, | ||
| 80 | BN_MONT_CTX *m_ctx); | ||
| 81 | 74 | ||
| 82 | static DSA_METHOD openssl_dsa_meth = { | 75 | static DSA_METHOD openssl_dsa_meth = { |
| 83 | "OpenSSL DSA method", | 76 | "OpenSSL DSA method", |
| 84 | dsa_do_sign, | 77 | dsa_do_sign, |
| 85 | dsa_sign_setup, | 78 | dsa_sign_setup, |
| 86 | dsa_do_verify, | 79 | dsa_do_verify, |
| 87 | dsa_mod_exp, | 80 | NULL, /* dsa_mod_exp, */ |
| 88 | dsa_bn_mod_exp, | 81 | NULL, /* dsa_bn_mod_exp, */ |
| 89 | dsa_init, | 82 | dsa_init, |
| 90 | dsa_finish, | 83 | dsa_finish, |
| 91 | 0, | 84 | 0, |
| 85 | NULL, | ||
| 86 | NULL, | ||
| 92 | NULL | 87 | NULL |
| 93 | }; | 88 | }; |
| 94 | 89 | ||
| 90 | /* These macro wrappers replace attempts to use the dsa_mod_exp() and | ||
| 91 | * bn_mod_exp() handlers in the DSA_METHOD structure. We avoid the problem of | ||
| 92 | * having a the macro work as an expression by bundling an "err_instr". So; | ||
| 93 | * | ||
| 94 | * if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx, | ||
| 95 | * dsa->method_mont_p)) goto err; | ||
| 96 | * | ||
| 97 | * can be replaced by; | ||
| 98 | * | ||
| 99 | * DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, &k, dsa->p, ctx, | ||
| 100 | * dsa->method_mont_p); | ||
| 101 | */ | ||
| 102 | |||
| 103 | #define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \ | ||
| 104 | do { \ | ||
| 105 | int _tmp_res53; \ | ||
| 106 | if((dsa)->meth->dsa_mod_exp) \ | ||
| 107 | _tmp_res53 = (dsa)->meth->dsa_mod_exp((dsa), (rr), (a1), (p1), \ | ||
| 108 | (a2), (p2), (m), (ctx), (in_mont)); \ | ||
| 109 | else \ | ||
| 110 | _tmp_res53 = BN_mod_exp2_mont((rr), (a1), (p1), (a2), (p2), \ | ||
| 111 | (m), (ctx), (in_mont)); \ | ||
| 112 | if(!_tmp_res53) err_instr; \ | ||
| 113 | } while(0) | ||
| 114 | #define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \ | ||
| 115 | do { \ | ||
| 116 | int _tmp_res53; \ | ||
| 117 | if((dsa)->meth->bn_mod_exp) \ | ||
| 118 | _tmp_res53 = (dsa)->meth->bn_mod_exp((dsa), (r), (a), (p), \ | ||
| 119 | (m), (ctx), (m_ctx)); \ | ||
| 120 | else \ | ||
| 121 | _tmp_res53 = BN_mod_exp_mont((r), (a), (p), (m), (ctx), (m_ctx)); \ | ||
| 122 | if(!_tmp_res53) err_instr; \ | ||
| 123 | } while(0) | ||
| 124 | |||
| 95 | const DSA_METHOD *DSA_OpenSSL(void) | 125 | const DSA_METHOD *DSA_OpenSSL(void) |
| 96 | { | 126 | { |
| 97 | return &openssl_dsa_meth; | 127 | return &openssl_dsa_meth; |
| @@ -199,12 +229,12 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | |||
| 199 | while (BN_is_zero(&k)); | 229 | while (BN_is_zero(&k)); |
| 200 | if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) | 230 | if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) |
| 201 | { | 231 | { |
| 202 | BN_set_flags(&k, BN_FLG_EXP_CONSTTIME); | 232 | BN_set_flags(&k, BN_FLG_CONSTTIME); |
| 203 | } | 233 | } |
| 204 | 234 | ||
| 205 | if (dsa->flags & DSA_FLAG_CACHE_MONT_P) | 235 | if (dsa->flags & DSA_FLAG_CACHE_MONT_P) |
| 206 | { | 236 | { |
| 207 | if (!BN_MONT_CTX_set_locked((BN_MONT_CTX **)&dsa->method_mont_p, | 237 | if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p, |
| 208 | CRYPTO_LOCK_DSA, | 238 | CRYPTO_LOCK_DSA, |
| 209 | dsa->p, ctx)) | 239 | dsa->p, ctx)) |
| 210 | goto err; | 240 | goto err; |
| @@ -234,8 +264,8 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | |||
| 234 | { | 264 | { |
| 235 | K = &k; | 265 | K = &k; |
| 236 | } | 266 | } |
| 237 | if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,K,dsa->p,ctx, | 267 | DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx, |
| 238 | (BN_MONT_CTX *)dsa->method_mont_p)) goto err; | 268 | dsa->method_mont_p); |
| 239 | if (!BN_mod(r,r,dsa->q,ctx)) goto err; | 269 | if (!BN_mod(r,r,dsa->q,ctx)) goto err; |
| 240 | 270 | ||
| 241 | /* Compute part of 's = inv(k) (m + xr) mod q' */ | 271 | /* Compute part of 's = inv(k) (m + xr) mod q' */ |
| @@ -292,12 +322,14 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | |||
| 292 | 322 | ||
| 293 | if ((ctx=BN_CTX_new()) == NULL) goto err; | 323 | if ((ctx=BN_CTX_new()) == NULL) goto err; |
| 294 | 324 | ||
| 295 | if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0) | 325 | if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || |
| 326 | BN_ucmp(sig->r, dsa->q) >= 0) | ||
| 296 | { | 327 | { |
| 297 | ret = 0; | 328 | ret = 0; |
| 298 | goto err; | 329 | goto err; |
| 299 | } | 330 | } |
| 300 | if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0) | 331 | if (BN_is_zero(sig->s) || BN_is_negative(sig->s) || |
| 332 | BN_ucmp(sig->s, dsa->q) >= 0) | ||
| 301 | { | 333 | { |
| 302 | ret = 0; | 334 | ret = 0; |
| 303 | goto err; | 335 | goto err; |
| @@ -319,43 +351,25 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | |||
| 319 | 351 | ||
| 320 | if (dsa->flags & DSA_FLAG_CACHE_MONT_P) | 352 | if (dsa->flags & DSA_FLAG_CACHE_MONT_P) |
| 321 | { | 353 | { |
| 322 | mont = BN_MONT_CTX_set_locked( | 354 | mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p, |
| 323 | (BN_MONT_CTX **)&dsa->method_mont_p, | ||
| 324 | CRYPTO_LOCK_DSA, dsa->p, ctx); | 355 | CRYPTO_LOCK_DSA, dsa->p, ctx); |
| 325 | if (!mont) | 356 | if (!mont) |
| 326 | goto err; | 357 | goto err; |
| 327 | } | 358 | } |
| 328 | 359 | ||
| 329 | #if 0 | 360 | |
| 330 | { | 361 | DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p, ctx, mont); |
| 331 | BIGNUM t2; | ||
| 332 | |||
| 333 | BN_init(&t2); | ||
| 334 | /* v = ( g^u1 * y^u2 mod p ) mod q */ | ||
| 335 | /* let t1 = g ^ u1 mod p */ | ||
| 336 | if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err; | ||
| 337 | /* let t2 = y ^ u2 mod p */ | ||
| 338 | if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err; | ||
| 339 | /* let u1 = t1 * t2 mod p */ | ||
| 340 | if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn; | ||
| 341 | BN_free(&t2); | ||
| 342 | } | ||
| 343 | /* let u1 = u1 mod q */ | ||
| 344 | if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err; | ||
| 345 | #else | ||
| 346 | { | ||
| 347 | if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2, | ||
| 348 | dsa->p,ctx,mont)) goto err; | ||
| 349 | /* BN_copy(&u1,&t1); */ | 362 | /* BN_copy(&u1,&t1); */ |
| 350 | /* let u1 = u1 mod q */ | 363 | /* let u1 = u1 mod q */ |
| 351 | if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err; | 364 | if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err; |
| 352 | } | 365 | |
| 353 | #endif | ||
| 354 | /* V is now in u1. If the signature is correct, it will be | 366 | /* V is now in u1. If the signature is correct, it will be |
| 355 | * equal to R. */ | 367 | * equal to R. */ |
| 356 | ret=(BN_ucmp(&u1, sig->r) == 0); | 368 | ret=(BN_ucmp(&u1, sig->r) == 0); |
| 357 | 369 | ||
| 358 | err: | 370 | err: |
| 371 | /* XXX: surely this is wrong - if ret is 0, it just didn't verify; | ||
| 372 | there is no error in BN. Test should be ret == -1 (Ben) */ | ||
| 359 | if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB); | 373 | if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB); |
| 360 | if (ctx != NULL) BN_CTX_free(ctx); | 374 | if (ctx != NULL) BN_CTX_free(ctx); |
| 361 | BN_free(&u1); | 375 | BN_free(&u1); |
| @@ -373,21 +387,7 @@ static int dsa_init(DSA *dsa) | |||
| 373 | static int dsa_finish(DSA *dsa) | 387 | static int dsa_finish(DSA *dsa) |
| 374 | { | 388 | { |
| 375 | if(dsa->method_mont_p) | 389 | if(dsa->method_mont_p) |
| 376 | BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p); | 390 | BN_MONT_CTX_free(dsa->method_mont_p); |
| 377 | return(1); | 391 | return(1); |
| 378 | } | 392 | } |
| 379 | 393 | ||
| 380 | static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, | ||
| 381 | BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, | ||
| 382 | BN_MONT_CTX *in_mont) | ||
| 383 | { | ||
| 384 | return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont); | ||
| 385 | } | ||
| 386 | |||
| 387 | static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, | ||
| 388 | const BIGNUM *m, BN_CTX *ctx, | ||
| 389 | BN_MONT_CTX *m_ctx) | ||
| 390 | { | ||
| 391 | return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx); | ||
| 392 | } | ||
| 393 | #endif | ||
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c index 37c65efb20..89205026f0 100644 --- a/src/lib/libcrypto/dsa/dsa_sign.c +++ b/src/lib/libcrypto/dsa/dsa_sign.c | |||
| @@ -64,18 +64,9 @@ | |||
| 64 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
| 67 | #ifndef OPENSSL_NO_ENGINE | ||
| 68 | #include <openssl/engine.h> | ||
| 69 | #endif | ||
| 70 | #include <openssl/fips.h> | ||
| 71 | 67 | ||
| 72 | DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | 68 | DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) |
| 73 | { | 69 | { |
| 74 | #ifdef OPENSSL_FIPS | ||
| 75 | if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW) | ||
| 76 | && !FIPS_dsa_check(dsa)) | ||
| 77 | return NULL; | ||
| 78 | #endif | ||
| 79 | return dsa->meth->dsa_do_sign(dgst, dlen, dsa); | 70 | return dsa->meth->dsa_do_sign(dgst, dlen, dsa); |
| 80 | } | 71 | } |
| 81 | 72 | ||
| @@ -96,11 +87,6 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, | |||
| 96 | 87 | ||
| 97 | int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | 88 | int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) |
| 98 | { | 89 | { |
| 99 | #ifdef OPENSSL_FIPS | ||
| 100 | if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW) | ||
| 101 | && !FIPS_dsa_check(dsa)) | ||
| 102 | return 0; | ||
| 103 | #endif | ||
| 104 | return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); | 90 | return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); |
| 105 | } | 91 | } |
| 106 | 92 | ||
diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c index c9784bed48..c4aeddd056 100644 --- a/src/lib/libcrypto/dsa/dsa_vrf.c +++ b/src/lib/libcrypto/dsa/dsa_vrf.c | |||
| @@ -65,19 +65,10 @@ | |||
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
| 67 | #include <openssl/asn1_mac.h> | 67 | #include <openssl/asn1_mac.h> |
| 68 | #ifndef OPENSSL_NO_ENGINE | ||
| 69 | #include <openssl/engine.h> | ||
| 70 | #endif | ||
| 71 | #include <openssl/fips.h> | ||
| 72 | 68 | ||
| 73 | int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | 69 | int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, |
| 74 | DSA *dsa) | 70 | DSA *dsa) |
| 75 | { | 71 | { |
| 76 | #ifdef OPENSSL_FIPS | ||
| 77 | if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW) | ||
| 78 | && !FIPS_dsa_check(dsa)) | ||
| 79 | return -1; | ||
| 80 | #endif | ||
| 81 | return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); | 72 | return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); |
| 82 | } | 73 | } |
| 83 | 74 | ||
diff --git a/src/lib/libcrypto/dsa/dsatest.c b/src/lib/libcrypto/dsa/dsatest.c index 55a3756aff..912317bb44 100644 --- a/src/lib/libcrypto/dsa/dsatest.c +++ b/src/lib/libcrypto/dsa/dsatest.c | |||
| @@ -56,6 +56,12 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | /* Until the key-gen callbacks are modified to use newer prototypes, we allow | ||
| 60 | * deprecated functions for openssl-internal code */ | ||
| 61 | #ifdef OPENSSL_NO_DEPRECATED | ||
| 62 | #undef OPENSSL_NO_DEPRECATED | ||
| 63 | #endif | ||
| 64 | |||
| 59 | #include <stdio.h> | 65 | #include <stdio.h> |
| 60 | #include <stdlib.h> | 66 | #include <stdlib.h> |
| 61 | #include <string.h> | 67 | #include <string.h> |
| @@ -68,6 +74,7 @@ | |||
| 68 | #include <openssl/rand.h> | 74 | #include <openssl/rand.h> |
| 69 | #include <openssl/bio.h> | 75 | #include <openssl/bio.h> |
| 70 | #include <openssl/err.h> | 76 | #include <openssl/err.h> |
| 77 | #include <openssl/bn.h> | ||
| 71 | 78 | ||
| 72 | #ifdef OPENSSL_NO_DSA | 79 | #ifdef OPENSSL_NO_DSA |
| 73 | int main(int argc, char *argv[]) | 80 | int main(int argc, char *argv[]) |
| @@ -84,7 +91,7 @@ int main(int argc, char *argv[]) | |||
| 84 | #define MS_CALLBACK | 91 | #define MS_CALLBACK |
| 85 | #endif | 92 | #endif |
| 86 | 93 | ||
| 87 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg); | 94 | static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg); |
| 88 | 95 | ||
| 89 | /* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to | 96 | /* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to |
| 90 | * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */ | 97 | * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */ |
| @@ -129,6 +136,7 @@ static BIO *bio_err=NULL; | |||
| 129 | 136 | ||
| 130 | int main(int argc, char **argv) | 137 | int main(int argc, char **argv) |
| 131 | { | 138 | { |
| 139 | BN_GENCB cb; | ||
| 132 | DSA *dsa=NULL; | 140 | DSA *dsa=NULL; |
| 133 | int counter,ret=0,i,j; | 141 | int counter,ret=0,i,j; |
| 134 | unsigned char buf[256]; | 142 | unsigned char buf[256]; |
| @@ -148,7 +156,10 @@ int main(int argc, char **argv) | |||
| 148 | 156 | ||
| 149 | BIO_printf(bio_err,"test generation of DSA parameters\n"); | 157 | BIO_printf(bio_err,"test generation of DSA parameters\n"); |
| 150 | 158 | ||
| 151 | dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err); | 159 | BN_GENCB_set(&cb, dsa_cb, bio_err); |
| 160 | if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512, | ||
| 161 | seed, 20, &counter, &h, &cb)) | ||
| 162 | goto end; | ||
| 152 | 163 | ||
| 153 | BIO_printf(bio_err,"seed\n"); | 164 | BIO_printf(bio_err,"seed\n"); |
| 154 | for (i=0; i<20; i+=4) | 165 | for (i=0; i<20; i+=4) |
| @@ -156,7 +167,7 @@ int main(int argc, char **argv) | |||
| 156 | BIO_printf(bio_err,"%02X%02X%02X%02X ", | 167 | BIO_printf(bio_err,"%02X%02X%02X%02X ", |
| 157 | seed[i],seed[i+1],seed[i+2],seed[i+3]); | 168 | seed[i],seed[i+1],seed[i+2],seed[i+3]); |
| 158 | } | 169 | } |
| 159 | BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h); | 170 | BIO_printf(bio_err,"\ncounter=%d h=%ld\n",counter,h); |
| 160 | 171 | ||
| 161 | if (dsa == NULL) goto end; | 172 | if (dsa == NULL) goto end; |
| 162 | DSA_print(bio_err,dsa,0); | 173 | DSA_print(bio_err,dsa,0); |
| @@ -220,17 +231,14 @@ end: | |||
| 220 | BIO_free(bio_err); | 231 | BIO_free(bio_err); |
| 221 | bio_err = NULL; | 232 | bio_err = NULL; |
| 222 | } | 233 | } |
| 234 | #ifdef OPENSSL_SYS_NETWARE | ||
| 235 | if (!ret) printf("ERROR\n"); | ||
| 236 | #endif | ||
| 223 | EXIT(!ret); | 237 | EXIT(!ret); |
| 224 | return(0); | 238 | return(0); |
| 225 | } | 239 | } |
| 226 | 240 | ||
| 227 | static int cb_exit(int ec) | 241 | static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg) |
| 228 | { | ||
| 229 | EXIT(ec); | ||
| 230 | return(0); /* To keep some compilers quiet */ | ||
| 231 | } | ||
| 232 | |||
| 233 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg) | ||
| 234 | { | 242 | { |
| 235 | char c='*'; | 243 | char c='*'; |
| 236 | static int ok=0,num=0; | 244 | static int ok=0,num=0; |
| @@ -239,13 +247,14 @@ static void MS_CALLBACK dsa_cb(int p, int n, void *arg) | |||
| 239 | if (p == 1) c='+'; | 247 | if (p == 1) c='+'; |
| 240 | if (p == 2) { c='*'; ok++; } | 248 | if (p == 2) { c='*'; ok++; } |
| 241 | if (p == 3) c='\n'; | 249 | if (p == 3) c='\n'; |
| 242 | BIO_write(arg,&c,1); | 250 | BIO_write(arg->arg,&c,1); |
| 243 | (void)BIO_flush(arg); | 251 | (void)BIO_flush(arg->arg); |
| 244 | 252 | ||
| 245 | if (!ok && (p == 0) && (num > 1)) | 253 | if (!ok && (p == 0) && (num > 1)) |
| 246 | { | 254 | { |
| 247 | BIO_printf((BIO *)arg,"error in dsatest\n"); | 255 | BIO_printf((BIO *)arg,"error in dsatest\n"); |
| 248 | cb_exit(1); | 256 | return 0; |
| 249 | } | 257 | } |
| 258 | return 1; | ||
| 250 | } | 259 | } |
| 251 | #endif | 260 | #endif |
diff --git a/src/lib/libcrypto/dso/dso.h b/src/lib/libcrypto/dso/dso.h index aa721f7feb..3e51913a72 100644 --- a/src/lib/libcrypto/dso/dso.h +++ b/src/lib/libcrypto/dso/dso.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* dso.h */ | 1 | /* dso.h -*- mode:C; c-file-style: "eay" -*- */ |
| 2 | /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL | 2 | /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| @@ -95,6 +95,13 @@ extern "C" { | |||
| 95 | */ | 95 | */ |
| 96 | #define DSO_FLAG_UPCASE_SYMBOL 0x10 | 96 | #define DSO_FLAG_UPCASE_SYMBOL 0x10 |
| 97 | 97 | ||
| 98 | /* This flag loads the library with public symbols. | ||
| 99 | * Meaning: The exported symbols of this library are public | ||
| 100 | * to all libraries loaded after this library. | ||
| 101 | * At the moment only implemented in unix. | ||
| 102 | */ | ||
| 103 | #define DSO_FLAG_GLOBAL_SYMBOLS 0x20 | ||
| 104 | |||
| 98 | 105 | ||
| 99 | typedef void (*DSO_FUNC_TYPE)(void); | 106 | typedef void (*DSO_FUNC_TYPE)(void); |
| 100 | 107 | ||
| @@ -107,6 +114,22 @@ typedef struct dso_st DSO; | |||
| 107 | * condition) or a newly allocated string containing the transformed form that | 114 | * condition) or a newly allocated string containing the transformed form that |
| 108 | * the caller will need to free with OPENSSL_free() when done. */ | 115 | * the caller will need to free with OPENSSL_free() when done. */ |
| 109 | typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *); | 116 | typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *); |
| 117 | /* The function prototype used for method functions (or caller-provided | ||
| 118 | * callbacks) that merge two file specifications. They are passed a | ||
| 119 | * DSO structure pointer (or NULL if they are to be used independantly of | ||
| 120 | * a DSO object) and two file specifications to merge. They should | ||
| 121 | * either return NULL (if there is an error condition) or a newly allocated | ||
| 122 | * string containing the result of merging that the caller will need | ||
| 123 | * to free with OPENSSL_free() when done. | ||
| 124 | * Here, merging means that bits and pieces are taken from each of the | ||
| 125 | * file specifications and added together in whatever fashion that is | ||
| 126 | * sensible for the DSO method in question. The only rule that really | ||
| 127 | * applies is that if the two specification contain pieces of the same | ||
| 128 | * type, the copy from the first string takes priority. One could see | ||
| 129 | * it as the first specification is the one given by the user and the | ||
| 130 | * second being a bunch of defaults to add on if they're missing in the | ||
| 131 | * first. */ | ||
| 132 | typedef char* (*DSO_MERGER_FUNC)(DSO *, const char *, const char *); | ||
| 110 | 133 | ||
| 111 | typedef struct dso_meth_st | 134 | typedef struct dso_meth_st |
| 112 | { | 135 | { |
| @@ -140,6 +163,9 @@ typedef struct dso_meth_st | |||
| 140 | /* The default DSO_METHOD-specific function for converting filenames to | 163 | /* The default DSO_METHOD-specific function for converting filenames to |
| 141 | * a canonical native form. */ | 164 | * a canonical native form. */ |
| 142 | DSO_NAME_CONVERTER_FUNC dso_name_converter; | 165 | DSO_NAME_CONVERTER_FUNC dso_name_converter; |
| 166 | /* The default DSO_METHOD-specific function for converting filenames to | ||
| 167 | * a canonical native form. */ | ||
| 168 | DSO_MERGER_FUNC dso_merger; | ||
| 143 | 169 | ||
| 144 | /* [De]Initialisation handlers. */ | 170 | /* [De]Initialisation handlers. */ |
| 145 | int (*init)(DSO *dso); | 171 | int (*init)(DSO *dso); |
| @@ -164,9 +190,13 @@ struct dso_st | |||
| 164 | * don't touch meth_data! */ | 190 | * don't touch meth_data! */ |
| 165 | CRYPTO_EX_DATA ex_data; | 191 | CRYPTO_EX_DATA ex_data; |
| 166 | /* If this callback function pointer is set to non-NULL, then it will | 192 | /* If this callback function pointer is set to non-NULL, then it will |
| 167 | * be used on DSO_load() in place of meth->dso_name_converter. NB: This | 193 | * be used in DSO_load() in place of meth->dso_name_converter. NB: This |
| 168 | * should normally set using DSO_set_name_converter(). */ | 194 | * should normally set using DSO_set_name_converter(). */ |
| 169 | DSO_NAME_CONVERTER_FUNC name_converter; | 195 | DSO_NAME_CONVERTER_FUNC name_converter; |
| 196 | /* If this callback function pointer is set to non-NULL, then it will | ||
| 197 | * be used in DSO_load() in place of meth->dso_merger. NB: This | ||
| 198 | * should normally set using DSO_set_merger(). */ | ||
| 199 | DSO_MERGER_FUNC merger; | ||
| 170 | /* This is populated with (a copy of) the platform-independant | 200 | /* This is populated with (a copy of) the platform-independant |
| 171 | * filename used for this DSO. */ | 201 | * filename used for this DSO. */ |
| 172 | char *filename; | 202 | char *filename; |
| @@ -209,6 +239,11 @@ int DSO_set_filename(DSO *dso, const char *filename); | |||
| 209 | * caller-created DSO_METHODs can do the same thing. A non-NULL return value | 239 | * caller-created DSO_METHODs can do the same thing. A non-NULL return value |
| 210 | * will need to be OPENSSL_free()'d. */ | 240 | * will need to be OPENSSL_free()'d. */ |
| 211 | char *DSO_convert_filename(DSO *dso, const char *filename); | 241 | char *DSO_convert_filename(DSO *dso, const char *filename); |
| 242 | /* This function will invoke the DSO's merger callback to merge two file | ||
| 243 | * specifications, or if the callback isn't set it will instead use the | ||
| 244 | * DSO_METHOD's merger. A non-NULL return value will need to be | ||
| 245 | * OPENSSL_free()'d. */ | ||
| 246 | char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2); | ||
| 212 | /* If the DSO is currently loaded, this returns the filename that it was loaded | 247 | /* If the DSO is currently loaded, this returns the filename that it was loaded |
| 213 | * under, otherwise it returns NULL. So it is also useful as a test as to | 248 | * under, otherwise it returns NULL. So it is also useful as a test as to |
| 214 | * whether the DSO is currently loaded. NB: This will not necessarily return | 249 | * whether the DSO is currently loaded. NB: This will not necessarily return |
| @@ -273,11 +308,13 @@ void ERR_load_DSO_strings(void); | |||
| 273 | #define DSO_F_DLFCN_BIND_FUNC 100 | 308 | #define DSO_F_DLFCN_BIND_FUNC 100 |
| 274 | #define DSO_F_DLFCN_BIND_VAR 101 | 309 | #define DSO_F_DLFCN_BIND_VAR 101 |
| 275 | #define DSO_F_DLFCN_LOAD 102 | 310 | #define DSO_F_DLFCN_LOAD 102 |
| 311 | #define DSO_F_DLFCN_MERGER 130 | ||
| 276 | #define DSO_F_DLFCN_NAME_CONVERTER 123 | 312 | #define DSO_F_DLFCN_NAME_CONVERTER 123 |
| 277 | #define DSO_F_DLFCN_UNLOAD 103 | 313 | #define DSO_F_DLFCN_UNLOAD 103 |
| 278 | #define DSO_F_DL_BIND_FUNC 104 | 314 | #define DSO_F_DL_BIND_FUNC 104 |
| 279 | #define DSO_F_DL_BIND_VAR 105 | 315 | #define DSO_F_DL_BIND_VAR 105 |
| 280 | #define DSO_F_DL_LOAD 106 | 316 | #define DSO_F_DL_LOAD 106 |
| 317 | #define DSO_F_DL_MERGER 131 | ||
| 281 | #define DSO_F_DL_NAME_CONVERTER 124 | 318 | #define DSO_F_DL_NAME_CONVERTER 124 |
| 282 | #define DSO_F_DL_UNLOAD 107 | 319 | #define DSO_F_DL_UNLOAD 107 |
| 283 | #define DSO_F_DSO_BIND_FUNC 108 | 320 | #define DSO_F_DSO_BIND_FUNC 108 |
| @@ -288,27 +325,36 @@ void ERR_load_DSO_strings(void); | |||
| 288 | #define DSO_F_DSO_GET_FILENAME 127 | 325 | #define DSO_F_DSO_GET_FILENAME 127 |
| 289 | #define DSO_F_DSO_GET_LOADED_FILENAME 128 | 326 | #define DSO_F_DSO_GET_LOADED_FILENAME 128 |
| 290 | #define DSO_F_DSO_LOAD 112 | 327 | #define DSO_F_DSO_LOAD 112 |
| 328 | #define DSO_F_DSO_MERGE 132 | ||
| 291 | #define DSO_F_DSO_NEW_METHOD 113 | 329 | #define DSO_F_DSO_NEW_METHOD 113 |
| 292 | #define DSO_F_DSO_SET_FILENAME 129 | 330 | #define DSO_F_DSO_SET_FILENAME 129 |
| 293 | #define DSO_F_DSO_SET_NAME_CONVERTER 122 | 331 | #define DSO_F_DSO_SET_NAME_CONVERTER 122 |
| 294 | #define DSO_F_DSO_UP_REF 114 | 332 | #define DSO_F_DSO_UP_REF 114 |
| 295 | #define DSO_F_VMS_BIND_VAR 115 | 333 | #define DSO_F_VMS_BIND_SYM 115 |
| 296 | #define DSO_F_VMS_LOAD 116 | 334 | #define DSO_F_VMS_LOAD 116 |
| 335 | #define DSO_F_VMS_MERGER 133 | ||
| 297 | #define DSO_F_VMS_UNLOAD 117 | 336 | #define DSO_F_VMS_UNLOAD 117 |
| 298 | #define DSO_F_WIN32_BIND_FUNC 118 | 337 | #define DSO_F_WIN32_BIND_FUNC 118 |
| 299 | #define DSO_F_WIN32_BIND_VAR 119 | 338 | #define DSO_F_WIN32_BIND_VAR 119 |
| 339 | #define DSO_F_WIN32_JOINER 135 | ||
| 300 | #define DSO_F_WIN32_LOAD 120 | 340 | #define DSO_F_WIN32_LOAD 120 |
| 341 | #define DSO_F_WIN32_MERGER 134 | ||
| 301 | #define DSO_F_WIN32_NAME_CONVERTER 125 | 342 | #define DSO_F_WIN32_NAME_CONVERTER 125 |
| 343 | #define DSO_F_WIN32_SPLITTER 136 | ||
| 302 | #define DSO_F_WIN32_UNLOAD 121 | 344 | #define DSO_F_WIN32_UNLOAD 121 |
| 303 | 345 | ||
| 304 | /* Reason codes. */ | 346 | /* Reason codes. */ |
| 305 | #define DSO_R_CTRL_FAILED 100 | 347 | #define DSO_R_CTRL_FAILED 100 |
| 306 | #define DSO_R_DSO_ALREADY_LOADED 110 | 348 | #define DSO_R_DSO_ALREADY_LOADED 110 |
| 349 | #define DSO_R_EMPTY_FILE_STRUCTURE 113 | ||
| 350 | #define DSO_R_FAILURE 114 | ||
| 307 | #define DSO_R_FILENAME_TOO_BIG 101 | 351 | #define DSO_R_FILENAME_TOO_BIG 101 |
| 308 | #define DSO_R_FINISH_FAILED 102 | 352 | #define DSO_R_FINISH_FAILED 102 |
| 353 | #define DSO_R_INCORRECT_FILE_SYNTAX 115 | ||
| 309 | #define DSO_R_LOAD_FAILED 103 | 354 | #define DSO_R_LOAD_FAILED 103 |
| 310 | #define DSO_R_NAME_TRANSLATION_FAILED 109 | 355 | #define DSO_R_NAME_TRANSLATION_FAILED 109 |
| 311 | #define DSO_R_NO_FILENAME 111 | 356 | #define DSO_R_NO_FILENAME 111 |
| 357 | #define DSO_R_NO_FILE_SPECIFICATION 116 | ||
| 312 | #define DSO_R_NULL_HANDLE 104 | 358 | #define DSO_R_NULL_HANDLE 104 |
| 313 | #define DSO_R_SET_FILENAME_FAILED 112 | 359 | #define DSO_R_SET_FILENAME_FAILED 112 |
| 314 | #define DSO_R_STACK_ERROR 105 | 360 | #define DSO_R_STACK_ERROR 105 |
diff --git a/src/lib/libcrypto/dso/dso_dl.c b/src/lib/libcrypto/dso/dso_dl.c index f7b4dfc0c3..417abb6ea9 100644 --- a/src/lib/libcrypto/dso/dso_dl.c +++ b/src/lib/libcrypto/dso/dso_dl.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* dso_dl.c */ | 1 | /* dso_dl.c -*- mode:C; c-file-style: "eay" -*- */ |
| 2 | /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL | 2 | /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| @@ -84,6 +84,7 @@ static int dl_finish(DSO *dso); | |||
| 84 | static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg); | 84 | static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg); |
| 85 | #endif | 85 | #endif |
| 86 | static char *dl_name_converter(DSO *dso, const char *filename); | 86 | static char *dl_name_converter(DSO *dso, const char *filename); |
| 87 | static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2); | ||
| 87 | 88 | ||
| 88 | static DSO_METHOD dso_meth_dl = { | 89 | static DSO_METHOD dso_meth_dl = { |
| 89 | "OpenSSL 'dl' shared library method", | 90 | "OpenSSL 'dl' shared library method", |
| @@ -98,6 +99,7 @@ static DSO_METHOD dso_meth_dl = { | |||
| 98 | #endif | 99 | #endif |
| 99 | NULL, /* ctrl */ | 100 | NULL, /* ctrl */ |
| 100 | dl_name_converter, | 101 | dl_name_converter, |
| 102 | dl_merger, | ||
| 101 | NULL, /* init */ | 103 | NULL, /* init */ |
| 102 | NULL /* finish */ | 104 | NULL /* finish */ |
| 103 | }; | 105 | }; |
| @@ -239,6 +241,72 @@ static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname) | |||
| 239 | return((DSO_FUNC_TYPE)sym); | 241 | return((DSO_FUNC_TYPE)sym); |
| 240 | } | 242 | } |
| 241 | 243 | ||
| 244 | static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) | ||
| 245 | { | ||
| 246 | char *merged; | ||
| 247 | |||
| 248 | if(!filespec1 && !filespec2) | ||
| 249 | { | ||
| 250 | DSOerr(DSO_F_DL_MERGER, | ||
| 251 | ERR_R_PASSED_NULL_PARAMETER); | ||
| 252 | return(NULL); | ||
| 253 | } | ||
| 254 | /* If the first file specification is a rooted path, it rules. | ||
| 255 | same goes if the second file specification is missing. */ | ||
| 256 | if (!filespec2 || filespec1[0] == '/') | ||
| 257 | { | ||
| 258 | merged = OPENSSL_malloc(strlen(filespec1) + 1); | ||
| 259 | if(!merged) | ||
| 260 | { | ||
| 261 | DSOerr(DSO_F_DL_MERGER, | ||
| 262 | ERR_R_MALLOC_FAILURE); | ||
| 263 | return(NULL); | ||
| 264 | } | ||
| 265 | strcpy(merged, filespec1); | ||
| 266 | } | ||
| 267 | /* If the first file specification is missing, the second one rules. */ | ||
| 268 | else if (!filespec1) | ||
| 269 | { | ||
| 270 | merged = OPENSSL_malloc(strlen(filespec2) + 1); | ||
| 271 | if(!merged) | ||
| 272 | { | ||
| 273 | DSOerr(DSO_F_DL_MERGER, | ||
| 274 | ERR_R_MALLOC_FAILURE); | ||
| 275 | return(NULL); | ||
| 276 | } | ||
| 277 | strcpy(merged, filespec2); | ||
| 278 | } | ||
| 279 | else | ||
| 280 | /* This part isn't as trivial as it looks. It assumes that | ||
| 281 | the second file specification really is a directory, and | ||
| 282 | makes no checks whatsoever. Therefore, the result becomes | ||
| 283 | the concatenation of filespec2 followed by a slash followed | ||
| 284 | by filespec1. */ | ||
| 285 | { | ||
| 286 | int spec2len, len; | ||
| 287 | |||
| 288 | spec2len = (filespec2 ? strlen(filespec2) : 0); | ||
| 289 | len = spec2len + (filespec1 ? strlen(filespec1) : 0); | ||
| 290 | |||
| 291 | if(filespec2 && filespec2[spec2len - 1] == '/') | ||
| 292 | { | ||
| 293 | spec2len--; | ||
| 294 | len--; | ||
| 295 | } | ||
| 296 | merged = OPENSSL_malloc(len + 2); | ||
| 297 | if(!merged) | ||
| 298 | { | ||
| 299 | DSOerr(DSO_F_DL_MERGER, | ||
| 300 | ERR_R_MALLOC_FAILURE); | ||
| 301 | return(NULL); | ||
| 302 | } | ||
| 303 | strcpy(merged, filespec2); | ||
| 304 | merged[spec2len] = '/'; | ||
| 305 | strcpy(&merged[spec2len + 1], filespec1); | ||
| 306 | } | ||
| 307 | return(merged); | ||
| 308 | } | ||
| 309 | |||
| 242 | /* This function is identical to the one in dso_dlfcn.c, but as it is highly | 310 | /* This function is identical to the one in dso_dlfcn.c, but as it is highly |
| 243 | * unlikely that both the "dl" *and* "dlfcn" variants are being compiled at the | 311 | * unlikely that both the "dl" *and* "dlfcn" variants are being compiled at the |
| 244 | * same time, there's no great duplicating the code. Figuring out an elegant | 312 | * same time, there's no great duplicating the code. Figuring out an elegant |
| @@ -282,36 +350,4 @@ static char *dl_name_converter(DSO *dso, const char *filename) | |||
| 282 | return(translated); | 350 | return(translated); |
| 283 | } | 351 | } |
| 284 | 352 | ||
| 285 | #ifdef OPENSSL_FIPS | ||
| 286 | static void dl_ref_point(){} | ||
| 287 | |||
| 288 | int DSO_pathbyaddr(void *addr,char *path,int sz) | ||
| 289 | { | ||
| 290 | struct shl_descriptor inf; | ||
| 291 | int i,len; | ||
| 292 | |||
| 293 | if (addr == NULL) | ||
| 294 | { | ||
| 295 | union { void(*f)(); void *p; } t = { dl_ref_point }; | ||
| 296 | addr = t.p; | ||
| 297 | } | ||
| 298 | |||
| 299 | for (i=-1;shl_get_r(i,&inf)==0;i++) | ||
| 300 | { | ||
| 301 | if (((size_t)addr >= inf.tstart && (size_t)addr < inf.tend) || | ||
| 302 | ((size_t)addr >= inf.dstart && (size_t)addr < inf.dend)) | ||
| 303 | { | ||
| 304 | len = (int)strlen(inf.filename); | ||
| 305 | if (sz <= 0) return len+1; | ||
| 306 | if (len >= sz) len=sz-1; | ||
| 307 | memcpy(path,inf.filename,len); | ||
| 308 | path[len++] = 0; | ||
| 309 | return len; | ||
| 310 | } | ||
| 311 | } | ||
| 312 | |||
| 313 | return -1; | ||
| 314 | } | ||
| 315 | #endif | ||
| 316 | |||
| 317 | #endif /* DSO_DL */ | 353 | #endif /* DSO_DL */ |
diff --git a/src/lib/libcrypto/dso/dso_dlfcn.c b/src/lib/libcrypto/dso/dso_dlfcn.c index d48b4202f2..f734c1c6b7 100644 --- a/src/lib/libcrypto/dso/dso_dlfcn.c +++ b/src/lib/libcrypto/dso/dso_dlfcn.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* dso_dlfcn.c */ | 1 | /* dso_dlfcn.c -*- mode:C; c-file-style: "eay" -*- */ |
| 2 | /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL | 2 | /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| @@ -56,10 +56,6 @@ | |||
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifdef __linux | ||
| 60 | #define _GNU_SOURCE | ||
| 61 | #endif | ||
| 62 | |||
| 63 | #include <stdio.h> | 59 | #include <stdio.h> |
| 64 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 65 | #include <openssl/dso.h> | 61 | #include <openssl/dso.h> |
| @@ -89,6 +85,8 @@ static int dlfcn_finish(DSO *dso); | |||
| 89 | static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg); | 85 | static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg); |
| 90 | #endif | 86 | #endif |
| 91 | static char *dlfcn_name_converter(DSO *dso, const char *filename); | 87 | static char *dlfcn_name_converter(DSO *dso, const char *filename); |
| 88 | static char *dlfcn_merger(DSO *dso, const char *filespec1, | ||
| 89 | const char *filespec2); | ||
| 92 | 90 | ||
| 93 | static DSO_METHOD dso_meth_dlfcn = { | 91 | static DSO_METHOD dso_meth_dlfcn = { |
| 94 | "OpenSSL 'dlfcn' shared library method", | 92 | "OpenSSL 'dlfcn' shared library method", |
| @@ -103,6 +101,7 @@ static DSO_METHOD dso_meth_dlfcn = { | |||
| 103 | #endif | 101 | #endif |
| 104 | NULL, /* ctrl */ | 102 | NULL, /* ctrl */ |
| 105 | dlfcn_name_converter, | 103 | dlfcn_name_converter, |
| 104 | dlfcn_merger, | ||
| 106 | NULL, /* init */ | 105 | NULL, /* init */ |
| 107 | NULL /* finish */ | 106 | NULL /* finish */ |
| 108 | }; | 107 | }; |
| @@ -145,13 +144,19 @@ static int dlfcn_load(DSO *dso) | |||
| 145 | void *ptr = NULL; | 144 | void *ptr = NULL; |
| 146 | /* See applicable comments in dso_dl.c */ | 145 | /* See applicable comments in dso_dl.c */ |
| 147 | char *filename = DSO_convert_filename(dso, NULL); | 146 | char *filename = DSO_convert_filename(dso, NULL); |
| 147 | int flags = DLOPEN_FLAG; | ||
| 148 | 148 | ||
| 149 | if(filename == NULL) | 149 | if(filename == NULL) |
| 150 | { | 150 | { |
| 151 | DSOerr(DSO_F_DLFCN_LOAD,DSO_R_NO_FILENAME); | 151 | DSOerr(DSO_F_DLFCN_LOAD,DSO_R_NO_FILENAME); |
| 152 | goto err; | 152 | goto err; |
| 153 | } | 153 | } |
| 154 | ptr = dlopen(filename, DLOPEN_FLAG); | 154 | |
| 155 | #ifdef RTLD_GLOBAL | ||
| 156 | if (dso->flags & DSO_FLAG_GLOBAL_SYMBOLS) | ||
| 157 | flags |= RTLD_GLOBAL; | ||
| 158 | #endif | ||
| 159 | ptr = dlopen(filename, flags); | ||
| 155 | if(ptr == NULL) | 160 | if(ptr == NULL) |
| 156 | { | 161 | { |
| 157 | DSOerr(DSO_F_DLFCN_LOAD,DSO_R_LOAD_FAILED); | 162 | DSOerr(DSO_F_DLFCN_LOAD,DSO_R_LOAD_FAILED); |
| @@ -250,7 +255,7 @@ static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname) | |||
| 250 | DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE); | 255 | DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE); |
| 251 | return(NULL); | 256 | return(NULL); |
| 252 | } | 257 | } |
| 253 | *(void**)(tsym) = dlsym(ptr, symname); | 258 | *(void **)(tsym) = dlsym(ptr, symname); |
| 254 | if(sym == NULL) | 259 | if(sym == NULL) |
| 255 | { | 260 | { |
| 256 | DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE); | 261 | DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE); |
| @@ -260,6 +265,73 @@ static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname) | |||
| 260 | return(sym); | 265 | return(sym); |
| 261 | } | 266 | } |
| 262 | 267 | ||
| 268 | static char *dlfcn_merger(DSO *dso, const char *filespec1, | ||
| 269 | const char *filespec2) | ||
| 270 | { | ||
| 271 | char *merged; | ||
| 272 | |||
| 273 | if(!filespec1 && !filespec2) | ||
| 274 | { | ||
| 275 | DSOerr(DSO_F_DLFCN_MERGER, | ||
| 276 | ERR_R_PASSED_NULL_PARAMETER); | ||
| 277 | return(NULL); | ||
| 278 | } | ||
| 279 | /* If the first file specification is a rooted path, it rules. | ||
| 280 | same goes if the second file specification is missing. */ | ||
| 281 | if (!filespec2 || filespec1[0] == '/') | ||
| 282 | { | ||
| 283 | merged = OPENSSL_malloc(strlen(filespec1) + 1); | ||
| 284 | if(!merged) | ||
| 285 | { | ||
| 286 | DSOerr(DSO_F_DLFCN_MERGER, | ||
| 287 | ERR_R_MALLOC_FAILURE); | ||
| 288 | return(NULL); | ||
| 289 | } | ||
| 290 | strcpy(merged, filespec1); | ||
| 291 | } | ||
| 292 | /* If the first file specification is missing, the second one rules. */ | ||
| 293 | else if (!filespec1) | ||
| 294 | { | ||
| 295 | merged = OPENSSL_malloc(strlen(filespec2) + 1); | ||
| 296 | if(!merged) | ||
| 297 | { | ||
| 298 | DSOerr(DSO_F_DLFCN_MERGER, | ||
| 299 | ERR_R_MALLOC_FAILURE); | ||
| 300 | return(NULL); | ||
| 301 | } | ||
| 302 | strcpy(merged, filespec2); | ||
| 303 | } | ||
| 304 | else | ||
| 305 | /* This part isn't as trivial as it looks. It assumes that | ||
| 306 | the second file specification really is a directory, and | ||
| 307 | makes no checks whatsoever. Therefore, the result becomes | ||
| 308 | the concatenation of filespec2 followed by a slash followed | ||
| 309 | by filespec1. */ | ||
| 310 | { | ||
| 311 | int spec2len, len; | ||
| 312 | |||
| 313 | spec2len = (filespec2 ? strlen(filespec2) : 0); | ||
| 314 | len = spec2len + (filespec1 ? strlen(filespec1) : 0); | ||
| 315 | |||
| 316 | if(filespec2 && filespec2[spec2len - 1] == '/') | ||
| 317 | { | ||
| 318 | spec2len--; | ||
| 319 | len--; | ||
| 320 | } | ||
| 321 | merged = OPENSSL_malloc(len + 2); | ||
| 322 | if(!merged) | ||
| 323 | { | ||
| 324 | DSOerr(DSO_F_DLFCN_MERGER, | ||
| 325 | ERR_R_MALLOC_FAILURE); | ||
| 326 | return(NULL); | ||
| 327 | } | ||
| 328 | strcpy(merged, filespec2); | ||
| 329 | merged[spec2len] = '/'; | ||
| 330 | strcpy(&merged[spec2len + 1], filespec1); | ||
| 331 | } | ||
| 332 | return(merged); | ||
| 333 | } | ||
| 334 | |||
| 263 | static char *dlfcn_name_converter(DSO *dso, const char *filename) | 335 | static char *dlfcn_name_converter(DSO *dso, const char *filename) |
| 264 | { | 336 | { |
| 265 | char *translated; | 337 | char *translated; |
| @@ -294,32 +366,4 @@ static char *dlfcn_name_converter(DSO *dso, const char *filename) | |||
| 294 | return(translated); | 366 | return(translated); |
| 295 | } | 367 | } |
| 296 | 368 | ||
| 297 | #ifdef OPENSSL_FIPS | ||
| 298 | static void dlfcn_ref_point(){} | ||
| 299 | |||
| 300 | int DSO_pathbyaddr(void *addr,char *path,int sz) | ||
| 301 | { | ||
| 302 | Dl_info dli; | ||
| 303 | int len; | ||
| 304 | |||
| 305 | if (addr == NULL) | ||
| 306 | { | ||
| 307 | union { void(*f)(void); void *p; } t = { dlfcn_ref_point }; | ||
| 308 | addr = t.p; | ||
| 309 | } | ||
| 310 | |||
| 311 | if (dladdr(addr,&dli)) | ||
| 312 | { | ||
| 313 | len = (int)strlen(dli.dli_fname); | ||
| 314 | if (sz <= 0) return len+1; | ||
| 315 | if (len >= sz) len=sz-1; | ||
| 316 | memcpy(path,dli.dli_fname,len); | ||
| 317 | path[len++]=0; | ||
| 318 | return len; | ||
| 319 | } | ||
| 320 | |||
| 321 | ERR_add_error_data(4, "dlfcn_pathbyaddr(): ", dlerror()); | ||
| 322 | return -1; | ||
| 323 | } | ||
| 324 | #endif | ||
| 325 | #endif /* DSO_DLFCN */ | 369 | #endif /* DSO_DLFCN */ |
diff --git a/src/lib/libcrypto/dso/dso_err.c b/src/lib/libcrypto/dso/dso_err.c index 581677cc36..a8b0a210de 100644 --- a/src/lib/libcrypto/dso/dso_err.c +++ b/src/lib/libcrypto/dso/dso_err.c | |||
| @@ -73,11 +73,13 @@ static ERR_STRING_DATA DSO_str_functs[]= | |||
| 73 | {ERR_FUNC(DSO_F_DLFCN_BIND_FUNC), "DLFCN_BIND_FUNC"}, | 73 | {ERR_FUNC(DSO_F_DLFCN_BIND_FUNC), "DLFCN_BIND_FUNC"}, |
| 74 | {ERR_FUNC(DSO_F_DLFCN_BIND_VAR), "DLFCN_BIND_VAR"}, | 74 | {ERR_FUNC(DSO_F_DLFCN_BIND_VAR), "DLFCN_BIND_VAR"}, |
| 75 | {ERR_FUNC(DSO_F_DLFCN_LOAD), "DLFCN_LOAD"}, | 75 | {ERR_FUNC(DSO_F_DLFCN_LOAD), "DLFCN_LOAD"}, |
| 76 | {ERR_FUNC(DSO_F_DLFCN_MERGER), "DLFCN_MERGER"}, | ||
| 76 | {ERR_FUNC(DSO_F_DLFCN_NAME_CONVERTER), "DLFCN_NAME_CONVERTER"}, | 77 | {ERR_FUNC(DSO_F_DLFCN_NAME_CONVERTER), "DLFCN_NAME_CONVERTER"}, |
| 77 | {ERR_FUNC(DSO_F_DLFCN_UNLOAD), "DLFCN_UNLOAD"}, | 78 | {ERR_FUNC(DSO_F_DLFCN_UNLOAD), "DLFCN_UNLOAD"}, |
| 78 | {ERR_FUNC(DSO_F_DL_BIND_FUNC), "DL_BIND_FUNC"}, | 79 | {ERR_FUNC(DSO_F_DL_BIND_FUNC), "DL_BIND_FUNC"}, |
| 79 | {ERR_FUNC(DSO_F_DL_BIND_VAR), "DL_BIND_VAR"}, | 80 | {ERR_FUNC(DSO_F_DL_BIND_VAR), "DL_BIND_VAR"}, |
| 80 | {ERR_FUNC(DSO_F_DL_LOAD), "DL_LOAD"}, | 81 | {ERR_FUNC(DSO_F_DL_LOAD), "DL_LOAD"}, |
| 82 | {ERR_FUNC(DSO_F_DL_MERGER), "DL_MERGER"}, | ||
| 81 | {ERR_FUNC(DSO_F_DL_NAME_CONVERTER), "DL_NAME_CONVERTER"}, | 83 | {ERR_FUNC(DSO_F_DL_NAME_CONVERTER), "DL_NAME_CONVERTER"}, |
| 82 | {ERR_FUNC(DSO_F_DL_UNLOAD), "DL_UNLOAD"}, | 84 | {ERR_FUNC(DSO_F_DL_UNLOAD), "DL_UNLOAD"}, |
| 83 | {ERR_FUNC(DSO_F_DSO_BIND_FUNC), "DSO_bind_func"}, | 85 | {ERR_FUNC(DSO_F_DSO_BIND_FUNC), "DSO_bind_func"}, |
| @@ -88,17 +90,22 @@ static ERR_STRING_DATA DSO_str_functs[]= | |||
| 88 | {ERR_FUNC(DSO_F_DSO_GET_FILENAME), "DSO_get_filename"}, | 90 | {ERR_FUNC(DSO_F_DSO_GET_FILENAME), "DSO_get_filename"}, |
| 89 | {ERR_FUNC(DSO_F_DSO_GET_LOADED_FILENAME), "DSO_get_loaded_filename"}, | 91 | {ERR_FUNC(DSO_F_DSO_GET_LOADED_FILENAME), "DSO_get_loaded_filename"}, |
| 90 | {ERR_FUNC(DSO_F_DSO_LOAD), "DSO_load"}, | 92 | {ERR_FUNC(DSO_F_DSO_LOAD), "DSO_load"}, |
| 93 | {ERR_FUNC(DSO_F_DSO_MERGE), "DSO_merge"}, | ||
| 91 | {ERR_FUNC(DSO_F_DSO_NEW_METHOD), "DSO_new_method"}, | 94 | {ERR_FUNC(DSO_F_DSO_NEW_METHOD), "DSO_new_method"}, |
| 92 | {ERR_FUNC(DSO_F_DSO_SET_FILENAME), "DSO_set_filename"}, | 95 | {ERR_FUNC(DSO_F_DSO_SET_FILENAME), "DSO_set_filename"}, |
| 93 | {ERR_FUNC(DSO_F_DSO_SET_NAME_CONVERTER), "DSO_set_name_converter"}, | 96 | {ERR_FUNC(DSO_F_DSO_SET_NAME_CONVERTER), "DSO_set_name_converter"}, |
| 94 | {ERR_FUNC(DSO_F_DSO_UP_REF), "DSO_up_ref"}, | 97 | {ERR_FUNC(DSO_F_DSO_UP_REF), "DSO_up_ref"}, |
| 95 | {ERR_FUNC(DSO_F_VMS_BIND_VAR), "VMS_BIND_VAR"}, | 98 | {ERR_FUNC(DSO_F_VMS_BIND_SYM), "VMS_BIND_SYM"}, |
| 96 | {ERR_FUNC(DSO_F_VMS_LOAD), "VMS_LOAD"}, | 99 | {ERR_FUNC(DSO_F_VMS_LOAD), "VMS_LOAD"}, |
| 100 | {ERR_FUNC(DSO_F_VMS_MERGER), "VMS_MERGER"}, | ||
| 97 | {ERR_FUNC(DSO_F_VMS_UNLOAD), "VMS_UNLOAD"}, | 101 | {ERR_FUNC(DSO_F_VMS_UNLOAD), "VMS_UNLOAD"}, |
| 98 | {ERR_FUNC(DSO_F_WIN32_BIND_FUNC), "WIN32_BIND_FUNC"}, | 102 | {ERR_FUNC(DSO_F_WIN32_BIND_FUNC), "WIN32_BIND_FUNC"}, |
| 99 | {ERR_FUNC(DSO_F_WIN32_BIND_VAR), "WIN32_BIND_VAR"}, | 103 | {ERR_FUNC(DSO_F_WIN32_BIND_VAR), "WIN32_BIND_VAR"}, |
| 104 | {ERR_FUNC(DSO_F_WIN32_JOINER), "WIN32_JOINER"}, | ||
| 100 | {ERR_FUNC(DSO_F_WIN32_LOAD), "WIN32_LOAD"}, | 105 | {ERR_FUNC(DSO_F_WIN32_LOAD), "WIN32_LOAD"}, |
| 106 | {ERR_FUNC(DSO_F_WIN32_MERGER), "WIN32_MERGER"}, | ||
| 101 | {ERR_FUNC(DSO_F_WIN32_NAME_CONVERTER), "WIN32_NAME_CONVERTER"}, | 107 | {ERR_FUNC(DSO_F_WIN32_NAME_CONVERTER), "WIN32_NAME_CONVERTER"}, |
| 108 | {ERR_FUNC(DSO_F_WIN32_SPLITTER), "WIN32_SPLITTER"}, | ||
| 102 | {ERR_FUNC(DSO_F_WIN32_UNLOAD), "WIN32_UNLOAD"}, | 109 | {ERR_FUNC(DSO_F_WIN32_UNLOAD), "WIN32_UNLOAD"}, |
| 103 | {0,NULL} | 110 | {0,NULL} |
| 104 | }; | 111 | }; |
| @@ -107,11 +114,15 @@ static ERR_STRING_DATA DSO_str_reasons[]= | |||
| 107 | { | 114 | { |
| 108 | {ERR_REASON(DSO_R_CTRL_FAILED) ,"control command failed"}, | 115 | {ERR_REASON(DSO_R_CTRL_FAILED) ,"control command failed"}, |
| 109 | {ERR_REASON(DSO_R_DSO_ALREADY_LOADED) ,"dso already loaded"}, | 116 | {ERR_REASON(DSO_R_DSO_ALREADY_LOADED) ,"dso already loaded"}, |
| 117 | {ERR_REASON(DSO_R_EMPTY_FILE_STRUCTURE) ,"empty file structure"}, | ||
| 118 | {ERR_REASON(DSO_R_FAILURE) ,"failure"}, | ||
| 110 | {ERR_REASON(DSO_R_FILENAME_TOO_BIG) ,"filename too big"}, | 119 | {ERR_REASON(DSO_R_FILENAME_TOO_BIG) ,"filename too big"}, |
| 111 | {ERR_REASON(DSO_R_FINISH_FAILED) ,"cleanup method function failed"}, | 120 | {ERR_REASON(DSO_R_FINISH_FAILED) ,"cleanup method function failed"}, |
| 121 | {ERR_REASON(DSO_R_INCORRECT_FILE_SYNTAX) ,"incorrect file syntax"}, | ||
| 112 | {ERR_REASON(DSO_R_LOAD_FAILED) ,"could not load the shared library"}, | 122 | {ERR_REASON(DSO_R_LOAD_FAILED) ,"could not load the shared library"}, |
| 113 | {ERR_REASON(DSO_R_NAME_TRANSLATION_FAILED),"name translation failed"}, | 123 | {ERR_REASON(DSO_R_NAME_TRANSLATION_FAILED),"name translation failed"}, |
| 114 | {ERR_REASON(DSO_R_NO_FILENAME) ,"no filename"}, | 124 | {ERR_REASON(DSO_R_NO_FILENAME) ,"no filename"}, |
| 125 | {ERR_REASON(DSO_R_NO_FILE_SPECIFICATION) ,"no file specification"}, | ||
| 115 | {ERR_REASON(DSO_R_NULL_HANDLE) ,"a null shared library handle was used"}, | 126 | {ERR_REASON(DSO_R_NULL_HANDLE) ,"a null shared library handle was used"}, |
| 116 | {ERR_REASON(DSO_R_SET_FILENAME_FAILED) ,"set filename failed"}, | 127 | {ERR_REASON(DSO_R_SET_FILENAME_FAILED) ,"set filename failed"}, |
| 117 | {ERR_REASON(DSO_R_STACK_ERROR) ,"the meth_data stack is corrupt"}, | 128 | {ERR_REASON(DSO_R_STACK_ERROR) ,"the meth_data stack is corrupt"}, |
| @@ -125,15 +136,12 @@ static ERR_STRING_DATA DSO_str_reasons[]= | |||
| 125 | 136 | ||
| 126 | void ERR_load_DSO_strings(void) | 137 | void ERR_load_DSO_strings(void) |
| 127 | { | 138 | { |
| 128 | static int init=1; | 139 | #ifndef OPENSSL_NO_ERR |
| 129 | 140 | ||
| 130 | if (init) | 141 | if (ERR_func_error_string(DSO_str_functs[0].error) == NULL) |
| 131 | { | 142 | { |
| 132 | init=0; | ||
| 133 | #ifndef OPENSSL_NO_ERR | ||
| 134 | ERR_load_strings(0,DSO_str_functs); | 143 | ERR_load_strings(0,DSO_str_functs); |
| 135 | ERR_load_strings(0,DSO_str_reasons); | 144 | ERR_load_strings(0,DSO_str_reasons); |
| 136 | #endif | ||
| 137 | |||
| 138 | } | 145 | } |
| 146 | #endif | ||
| 139 | } | 147 | } |
diff --git a/src/lib/libcrypto/dso/dso_lib.c b/src/lib/libcrypto/dso/dso_lib.c index 48d9fdb25e..49bdd71309 100644 --- a/src/lib/libcrypto/dso/dso_lib.c +++ b/src/lib/libcrypto/dso/dso_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* dso_lib.c */ | 1 | /* dso_lib.c -*- mode:C; c-file-style: "eay" -*- */ |
| 2 | /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL | 2 | /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| @@ -390,6 +390,33 @@ int DSO_set_filename(DSO *dso, const char *filename) | |||
| 390 | return(1); | 390 | return(1); |
| 391 | } | 391 | } |
| 392 | 392 | ||
| 393 | char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2) | ||
| 394 | { | ||
| 395 | char *result = NULL; | ||
| 396 | |||
| 397 | if(dso == NULL || filespec1 == NULL) | ||
| 398 | { | ||
| 399 | DSOerr(DSO_F_DSO_MERGE,ERR_R_PASSED_NULL_PARAMETER); | ||
| 400 | return(NULL); | ||
| 401 | } | ||
| 402 | if(filespec1 == NULL) | ||
| 403 | filespec1 = dso->filename; | ||
| 404 | if(filespec1 == NULL) | ||
| 405 | { | ||
| 406 | DSOerr(DSO_F_DSO_MERGE,DSO_R_NO_FILE_SPECIFICATION); | ||
| 407 | return(NULL); | ||
| 408 | } | ||
| 409 | if((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) | ||
| 410 | { | ||
| 411 | if(dso->merger != NULL) | ||
| 412 | result = dso->merger(dso, filespec1, filespec2); | ||
| 413 | else if(dso->meth->dso_merger != NULL) | ||
| 414 | result = dso->meth->dso_merger(dso, | ||
| 415 | filespec1, filespec2); | ||
| 416 | } | ||
| 417 | return(result); | ||
| 418 | } | ||
| 419 | |||
| 393 | char *DSO_convert_filename(DSO *dso, const char *filename) | 420 | char *DSO_convert_filename(DSO *dso, const char *filename) |
| 394 | { | 421 | { |
| 395 | char *result = NULL; | 422 | char *result = NULL; |
diff --git a/src/lib/libcrypto/dso/dso_null.c b/src/lib/libcrypto/dso/dso_null.c index fa13a7cb0f..4972984651 100644 --- a/src/lib/libcrypto/dso/dso_null.c +++ b/src/lib/libcrypto/dso/dso_null.c | |||
| @@ -75,6 +75,8 @@ static DSO_METHOD dso_meth_null = { | |||
| 75 | NULL, /* unbind_func */ | 75 | NULL, /* unbind_func */ |
| 76 | #endif | 76 | #endif |
| 77 | NULL, /* ctrl */ | 77 | NULL, /* ctrl */ |
| 78 | NULL, /* dso_name_converter */ | ||
| 79 | NULL, /* dso_merger */ | ||
| 78 | NULL, /* init */ | 80 | NULL, /* init */ |
| 79 | NULL /* finish */ | 81 | NULL /* finish */ |
| 80 | }; | 82 | }; |
diff --git a/src/lib/libcrypto/dso/dso_vms.c b/src/lib/libcrypto/dso/dso_vms.c index 1674619d17..2c434ee8a6 100644 --- a/src/lib/libcrypto/dso/dso_vms.c +++ b/src/lib/libcrypto/dso/dso_vms.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* dso_vms.c */ | 1 | /* dso_vms.c -*- mode:C; c-file-style: "eay" -*- */ |
| 2 | /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL | 2 | /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| @@ -63,6 +63,7 @@ | |||
| 63 | #include <openssl/dso.h> | 63 | #include <openssl/dso.h> |
| 64 | #ifdef OPENSSL_SYS_VMS | 64 | #ifdef OPENSSL_SYS_VMS |
| 65 | #pragma message disable DOLLARID | 65 | #pragma message disable DOLLARID |
| 66 | #include <rms.h> | ||
| 66 | #include <lib$routines.h> | 67 | #include <lib$routines.h> |
| 67 | #include <stsdef.h> | 68 | #include <stsdef.h> |
| 68 | #include <descrip.h> | 69 | #include <descrip.h> |
| @@ -89,6 +90,8 @@ static int vms_finish(DSO *dso); | |||
| 89 | static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg); | 90 | static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg); |
| 90 | #endif | 91 | #endif |
| 91 | static char *vms_name_converter(DSO *dso, const char *filename); | 92 | static char *vms_name_converter(DSO *dso, const char *filename); |
| 93 | static char *vms_merger(DSO *dso, const char *filespec1, | ||
| 94 | const char *filespec2); | ||
| 92 | 95 | ||
| 93 | static DSO_METHOD dso_meth_vms = { | 96 | static DSO_METHOD dso_meth_vms = { |
| 94 | "OpenSSL 'VMS' shared library method", | 97 | "OpenSSL 'VMS' shared library method", |
| @@ -103,6 +106,7 @@ static DSO_METHOD dso_meth_vms = { | |||
| 103 | #endif | 106 | #endif |
| 104 | NULL, /* ctrl */ | 107 | NULL, /* ctrl */ |
| 105 | vms_name_converter, | 108 | vms_name_converter, |
| 109 | vms_merger, | ||
| 106 | NULL, /* init */ | 110 | NULL, /* init */ |
| 107 | NULL /* finish */ | 111 | NULL /* finish */ |
| 108 | }; | 112 | }; |
| @@ -140,7 +144,7 @@ static int vms_load(DSO *dso) | |||
| 140 | 144 | ||
| 141 | if(filename == NULL) | 145 | if(filename == NULL) |
| 142 | { | 146 | { |
| 143 | DSOerr(DSO_F_DLFCN_LOAD,DSO_R_NO_FILENAME); | 147 | DSOerr(DSO_F_VMS_LOAD,DSO_R_NO_FILENAME); |
| 144 | goto err; | 148 | goto err; |
| 145 | } | 149 | } |
| 146 | 150 | ||
| @@ -295,19 +299,19 @@ void vms_bind_sym(DSO *dso, const char *symname, void **sym) | |||
| 295 | 299 | ||
| 296 | if((dso == NULL) || (symname == NULL)) | 300 | if((dso == NULL) || (symname == NULL)) |
| 297 | { | 301 | { |
| 298 | DSOerr(DSO_F_VMS_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER); | 302 | DSOerr(DSO_F_VMS_BIND_SYM,ERR_R_PASSED_NULL_PARAMETER); |
| 299 | return; | 303 | return; |
| 300 | } | 304 | } |
| 301 | if(sk_num(dso->meth_data) < 1) | 305 | if(sk_num(dso->meth_data) < 1) |
| 302 | { | 306 | { |
| 303 | DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_STACK_ERROR); | 307 | DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_STACK_ERROR); |
| 304 | return; | 308 | return; |
| 305 | } | 309 | } |
| 306 | ptr = (DSO_VMS_INTERNAL *)sk_value(dso->meth_data, | 310 | ptr = (DSO_VMS_INTERNAL *)sk_value(dso->meth_data, |
| 307 | sk_num(dso->meth_data) - 1); | 311 | sk_num(dso->meth_data) - 1); |
| 308 | if(ptr == NULL) | 312 | if(ptr == NULL) |
| 309 | { | 313 | { |
| 310 | DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_NULL_HANDLE); | 314 | DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_NULL_HANDLE); |
| 311 | return; | 315 | return; |
| 312 | } | 316 | } |
| 313 | 317 | ||
| @@ -336,7 +340,7 @@ void vms_bind_sym(DSO *dso, const char *symname, void **sym) | |||
| 336 | { | 340 | { |
| 337 | errstring[length] = '\0'; | 341 | errstring[length] = '\0'; |
| 338 | 342 | ||
| 339 | DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_SYM_FAILURE); | 343 | DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_SYM_FAILURE); |
| 340 | if (ptr->imagename_dsc.dsc$w_length) | 344 | if (ptr->imagename_dsc.dsc$w_length) |
| 341 | ERR_add_error_data(9, | 345 | ERR_add_error_data(9, |
| 342 | "Symbol ", symname, | 346 | "Symbol ", symname, |
| @@ -368,6 +372,127 @@ static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname) | |||
| 368 | return sym; | 372 | return sym; |
| 369 | } | 373 | } |
| 370 | 374 | ||
| 375 | static char *vms_merger(DSO *dso, const char *filespec1, const char *filespec2) | ||
| 376 | { | ||
| 377 | int status; | ||
| 378 | int filespec1len, filespec2len; | ||
| 379 | struct FAB fab; | ||
| 380 | #ifdef NAML$C_MAXRSS | ||
| 381 | struct NAML nam; | ||
| 382 | char esa[NAML$C_MAXRSS]; | ||
| 383 | #else | ||
| 384 | struct NAM nam; | ||
| 385 | char esa[NAM$C_MAXRSS]; | ||
| 386 | #endif | ||
| 387 | char *merged; | ||
| 388 | |||
| 389 | if (!filespec1) filespec1 = ""; | ||
| 390 | if (!filespec2) filespec2 = ""; | ||
| 391 | filespec1len = strlen(filespec1); | ||
| 392 | filespec2len = strlen(filespec2); | ||
| 393 | |||
| 394 | fab = cc$rms_fab; | ||
| 395 | #ifdef NAML$C_MAXRSS | ||
| 396 | nam = cc$rms_naml; | ||
| 397 | #else | ||
| 398 | nam = cc$rms_nam; | ||
| 399 | #endif | ||
| 400 | |||
| 401 | fab.fab$l_fna = (char *)filespec1; | ||
| 402 | fab.fab$b_fns = filespec1len; | ||
| 403 | fab.fab$l_dna = (char *)filespec2; | ||
| 404 | fab.fab$b_dns = filespec2len; | ||
| 405 | #ifdef NAML$C_MAXRSS | ||
| 406 | if (filespec1len > NAM$C_MAXRSS) | ||
| 407 | { | ||
| 408 | fab.fab$l_fna = 0; | ||
| 409 | fab.fab$b_fns = 0; | ||
| 410 | nam.naml$l_long_filename = (char *)filespec1; | ||
| 411 | nam.naml$l_long_filename_size = filespec1len; | ||
| 412 | } | ||
| 413 | if (filespec2len > NAM$C_MAXRSS) | ||
| 414 | { | ||
| 415 | fab.fab$l_dna = 0; | ||
| 416 | fab.fab$b_dns = 0; | ||
| 417 | nam.naml$l_long_defname = (char *)filespec2; | ||
| 418 | nam.naml$l_long_defname_size = filespec2len; | ||
| 419 | } | ||
| 420 | nam.naml$l_esa = esa; | ||
| 421 | nam.naml$b_ess = NAM$C_MAXRSS; | ||
| 422 | nam.naml$l_long_expand = esa; | ||
| 423 | nam.naml$l_long_expand_alloc = sizeof(esa); | ||
| 424 | nam.naml$b_nop = NAM$M_SYNCHK | NAM$M_PWD; | ||
| 425 | nam.naml$v_no_short_upcase = 1; | ||
| 426 | fab.fab$l_naml = &nam; | ||
| 427 | #else | ||
| 428 | nam.nam$l_esa = esa; | ||
| 429 | nam.nam$b_ess = NAM$C_MAXRSS; | ||
| 430 | nam.nam$b_nop = NAM$M_SYNCHK | NAM$M_PWD; | ||
| 431 | fab.fab$l_nam = &nam; | ||
| 432 | #endif | ||
| 433 | |||
| 434 | status = sys$parse(&fab, 0, 0); | ||
| 435 | |||
| 436 | if(!$VMS_STATUS_SUCCESS(status)) | ||
| 437 | { | ||
| 438 | unsigned short length; | ||
| 439 | char errstring[257]; | ||
| 440 | struct dsc$descriptor_s errstring_dsc; | ||
| 441 | |||
| 442 | errstring_dsc.dsc$w_length = sizeof(errstring); | ||
| 443 | errstring_dsc.dsc$b_dtype = DSC$K_DTYPE_T; | ||
| 444 | errstring_dsc.dsc$b_class = DSC$K_CLASS_S; | ||
| 445 | errstring_dsc.dsc$a_pointer = errstring; | ||
| 446 | |||
| 447 | status = sys$getmsg(status, &length, &errstring_dsc, 1, 0); | ||
| 448 | |||
| 449 | if (!$VMS_STATUS_SUCCESS(status)) | ||
| 450 | lib$signal(status); /* This is really bad. Abort! */ | ||
| 451 | else | ||
| 452 | { | ||
| 453 | errstring[length] = '\0'; | ||
| 454 | |||
| 455 | DSOerr(DSO_F_VMS_MERGER,DSO_R_FAILURE); | ||
| 456 | ERR_add_error_data(7, | ||
| 457 | "filespec \"", filespec1, "\", ", | ||
| 458 | "defaults \"", filespec2, "\": ", | ||
| 459 | errstring); | ||
| 460 | } | ||
| 461 | return(NULL); | ||
| 462 | } | ||
| 463 | #ifdef NAML$C_MAXRSS | ||
| 464 | if (nam.naml$l_long_expand_size) | ||
| 465 | { | ||
| 466 | merged = OPENSSL_malloc(nam.naml$l_long_expand_size + 1); | ||
| 467 | if(!merged) | ||
| 468 | goto malloc_err; | ||
| 469 | strncpy(merged, nam.naml$l_long_expand, | ||
| 470 | nam.naml$l_long_expand_size); | ||
| 471 | merged[nam.naml$l_long_expand_size] = '\0'; | ||
| 472 | } | ||
| 473 | else | ||
| 474 | { | ||
| 475 | merged = OPENSSL_malloc(nam.naml$b_esl + 1); | ||
| 476 | if(!merged) | ||
| 477 | goto malloc_err; | ||
| 478 | strncpy(merged, nam.naml$l_esa, | ||
| 479 | nam.naml$b_esl); | ||
| 480 | merged[nam.naml$b_esl] = '\0'; | ||
| 481 | } | ||
| 482 | #else | ||
| 483 | merged = OPENSSL_malloc(nam.nam$b_esl + 1); | ||
| 484 | if(!merged) | ||
| 485 | goto malloc_err; | ||
| 486 | strncpy(merged, nam.nam$l_esa, | ||
| 487 | nam.nam$b_esl); | ||
| 488 | merged[nam.nam$b_esl] = '\0'; | ||
| 489 | #endif | ||
| 490 | return(merged); | ||
| 491 | malloc_err: | ||
| 492 | DSOerr(DSO_F_VMS_MERGER, | ||
| 493 | ERR_R_MALLOC_FAILURE); | ||
| 494 | } | ||
| 495 | |||
| 371 | static char *vms_name_converter(DSO *dso, const char *filename) | 496 | static char *vms_name_converter(DSO *dso, const char *filename) |
| 372 | { | 497 | { |
| 373 | int len = strlen(filename); | 498 | int len = strlen(filename); |
diff --git a/src/lib/libcrypto/dso/dso_win32.c b/src/lib/libcrypto/dso/dso_win32.c index cc4ac68696..fd3dd6a7fe 100644 --- a/src/lib/libcrypto/dso/dso_win32.c +++ b/src/lib/libcrypto/dso/dso_win32.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* dso_win32.c */ | 1 | /* dso_win32.c -*- mode:C; c-file-style: "eay" -*- */ |
| 2 | /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL | 2 | /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| @@ -85,6 +85,26 @@ static FARPROC GetProcAddressA(HMODULE hModule,LPCSTR lpProcName) | |||
| 85 | # endif | 85 | # endif |
| 86 | # undef GetProcAddress | 86 | # undef GetProcAddress |
| 87 | # define GetProcAddress GetProcAddressA | 87 | # define GetProcAddress GetProcAddressA |
| 88 | |||
| 89 | static HINSTANCE LoadLibraryA(LPCSTR lpLibFileName) | ||
| 90 | { | ||
| 91 | WCHAR *fnamw; | ||
| 92 | size_t len_0=strlen(lpLibFileName)+1,i; | ||
| 93 | |||
| 94 | #ifdef _MSC_VER | ||
| 95 | fnamw = (WCHAR *)_alloca (len_0*sizeof(WCHAR)); | ||
| 96 | #else | ||
| 97 | fnamw = (WCHAR *)alloca (len_0*sizeof(WCHAR)); | ||
| 98 | #endif | ||
| 99 | if (fnamw == NULL) return NULL; | ||
| 100 | |||
| 101 | #if defined(_WIN32_WCE) && _WIN32_WCE>=101 | ||
| 102 | if (!MultiByteToWideChar(CP_ACP,0,lpLibFileName,len_0,fnamw,len_0)) | ||
| 103 | #endif | ||
| 104 | for (i=0;i<len_0;i++) fnamw[i]=(WCHAR)lpLibFileName[i]; | ||
| 105 | |||
| 106 | return LoadLibraryW(fnamw); | ||
| 107 | } | ||
| 88 | #endif | 108 | #endif |
| 89 | 109 | ||
| 90 | /* Part of the hack in "win32_load" ... */ | 110 | /* Part of the hack in "win32_load" ... */ |
| @@ -102,6 +122,10 @@ static int win32_finish(DSO *dso); | |||
| 102 | static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg); | 122 | static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg); |
| 103 | #endif | 123 | #endif |
| 104 | static char *win32_name_converter(DSO *dso, const char *filename); | 124 | static char *win32_name_converter(DSO *dso, const char *filename); |
| 125 | static char *win32_merger(DSO *dso, const char *filespec1, | ||
| 126 | const char *filespec2); | ||
| 127 | |||
| 128 | static const char *openssl_strnchr(const char *string, int c, size_t len); | ||
| 105 | 129 | ||
| 106 | static DSO_METHOD dso_meth_win32 = { | 130 | static DSO_METHOD dso_meth_win32 = { |
| 107 | "OpenSSL 'win32' shared library method", | 131 | "OpenSSL 'win32' shared library method", |
| @@ -116,6 +140,7 @@ static DSO_METHOD dso_meth_win32 = { | |||
| 116 | #endif | 140 | #endif |
| 117 | NULL, /* ctrl */ | 141 | NULL, /* ctrl */ |
| 118 | win32_name_converter, | 142 | win32_name_converter, |
| 143 | win32_merger, | ||
| 119 | NULL, /* init */ | 144 | NULL, /* init */ |
| 120 | NULL /* finish */ | 145 | NULL /* finish */ |
| 121 | }; | 146 | }; |
| @@ -267,6 +292,330 @@ static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname) | |||
| 267 | return((DSO_FUNC_TYPE)sym); | 292 | return((DSO_FUNC_TYPE)sym); |
| 268 | } | 293 | } |
| 269 | 294 | ||
| 295 | struct file_st | ||
| 296 | { | ||
| 297 | const char *node; int nodelen; | ||
| 298 | const char *device; int devicelen; | ||
| 299 | const char *predir; int predirlen; | ||
| 300 | const char *dir; int dirlen; | ||
| 301 | const char *file; int filelen; | ||
| 302 | }; | ||
| 303 | |||
| 304 | static struct file_st *win32_splitter(DSO *dso, const char *filename, | ||
| 305 | int assume_last_is_dir) | ||
| 306 | { | ||
| 307 | struct file_st *result = NULL; | ||
| 308 | enum { IN_NODE, IN_DEVICE, IN_FILE } position; | ||
| 309 | const char *start = filename; | ||
| 310 | char last; | ||
| 311 | |||
| 312 | if (!filename) | ||
| 313 | { | ||
| 314 | DSOerr(DSO_F_WIN32_SPLITTER,DSO_R_NO_FILENAME); | ||
| 315 | /*goto err;*/ | ||
| 316 | return(NULL); | ||
| 317 | } | ||
| 318 | |||
| 319 | result = OPENSSL_malloc(sizeof(struct file_st)); | ||
| 320 | if(result == NULL) | ||
| 321 | { | ||
| 322 | DSOerr(DSO_F_WIN32_SPLITTER, | ||
| 323 | ERR_R_MALLOC_FAILURE); | ||
| 324 | return(NULL); | ||
| 325 | } | ||
| 326 | |||
| 327 | memset(result, 0, sizeof(struct file_st)); | ||
| 328 | position = IN_DEVICE; | ||
| 329 | |||
| 330 | if(filename[0] == '\\' && filename[1] == '\\' | ||
| 331 | || filename[0] == '/' && filename[1] == '/') | ||
| 332 | { | ||
| 333 | position = IN_NODE; | ||
| 334 | filename += 2; | ||
| 335 | start = filename; | ||
| 336 | result->node = start; | ||
| 337 | } | ||
| 338 | |||
| 339 | do | ||
| 340 | { | ||
| 341 | last = filename[0]; | ||
| 342 | switch(last) | ||
| 343 | { | ||
| 344 | case ':': | ||
| 345 | if(position != IN_DEVICE) | ||
| 346 | { | ||
| 347 | DSOerr(DSO_F_WIN32_SPLITTER, | ||
| 348 | DSO_R_INCORRECT_FILE_SYNTAX); | ||
| 349 | /*goto err;*/ | ||
| 350 | return(NULL); | ||
| 351 | } | ||
| 352 | result->device = start; | ||
| 353 | result->devicelen = filename - start; | ||
| 354 | position = IN_FILE; | ||
| 355 | start = ++filename; | ||
| 356 | result->dir = start; | ||
| 357 | break; | ||
| 358 | case '\\': | ||
| 359 | case '/': | ||
| 360 | if(position == IN_NODE) | ||
| 361 | { | ||
| 362 | result->nodelen = filename - start; | ||
| 363 | position = IN_FILE; | ||
| 364 | start = ++filename; | ||
| 365 | result->dir = start; | ||
| 366 | } | ||
| 367 | else if(position == IN_DEVICE) | ||
| 368 | { | ||
| 369 | position = IN_FILE; | ||
| 370 | filename++; | ||
| 371 | result->dir = start; | ||
| 372 | result->dirlen = filename - start; | ||
| 373 | start = filename; | ||
| 374 | } | ||
| 375 | else | ||
| 376 | { | ||
| 377 | filename++; | ||
| 378 | result->dirlen += filename - start; | ||
| 379 | start = filename; | ||
| 380 | } | ||
| 381 | break; | ||
| 382 | case '\0': | ||
| 383 | if(position == IN_NODE) | ||
| 384 | { | ||
| 385 | result->nodelen = filename - start; | ||
| 386 | } | ||
| 387 | else | ||
| 388 | { | ||
| 389 | if(filename - start > 0) | ||
| 390 | { | ||
| 391 | if (assume_last_is_dir) | ||
| 392 | { | ||
| 393 | if (position == IN_DEVICE) | ||
| 394 | { | ||
| 395 | result->dir = start; | ||
| 396 | result->dirlen = 0; | ||
| 397 | } | ||
| 398 | result->dirlen += | ||
| 399 | filename - start; | ||
| 400 | } | ||
| 401 | else | ||
| 402 | { | ||
| 403 | result->file = start; | ||
| 404 | result->filelen = | ||
| 405 | filename - start; | ||
| 406 | } | ||
| 407 | } | ||
| 408 | } | ||
| 409 | break; | ||
| 410 | default: | ||
| 411 | filename++; | ||
| 412 | break; | ||
| 413 | } | ||
| 414 | } | ||
| 415 | while(last); | ||
| 416 | |||
| 417 | if(!result->nodelen) result->node = NULL; | ||
| 418 | if(!result->devicelen) result->device = NULL; | ||
| 419 | if(!result->dirlen) result->dir = NULL; | ||
| 420 | if(!result->filelen) result->file = NULL; | ||
| 421 | |||
| 422 | return(result); | ||
| 423 | } | ||
| 424 | |||
| 425 | static char *win32_joiner(DSO *dso, const struct file_st *file_split) | ||
| 426 | { | ||
| 427 | int len = 0, offset = 0; | ||
| 428 | char *result = NULL; | ||
| 429 | const char *start; | ||
| 430 | |||
| 431 | if(!file_split) | ||
| 432 | { | ||
| 433 | DSOerr(DSO_F_WIN32_JOINER, | ||
| 434 | ERR_R_PASSED_NULL_PARAMETER); | ||
| 435 | return(NULL); | ||
| 436 | } | ||
| 437 | if(file_split->node) | ||
| 438 | { | ||
| 439 | len += 2 + file_split->nodelen; /* 2 for starting \\ */ | ||
| 440 | if(file_split->predir || file_split->dir || file_split->file) | ||
| 441 | len++; /* 1 for ending \ */ | ||
| 442 | } | ||
| 443 | else if(file_split->device) | ||
| 444 | { | ||
| 445 | len += file_split->devicelen + 1; /* 1 for ending : */ | ||
| 446 | } | ||
| 447 | len += file_split->predirlen; | ||
| 448 | if(file_split->predir && (file_split->dir || file_split->file)) | ||
| 449 | { | ||
| 450 | len++; /* 1 for ending \ */ | ||
| 451 | } | ||
| 452 | len += file_split->dirlen; | ||
| 453 | if(file_split->dir && file_split->file) | ||
| 454 | { | ||
| 455 | len++; /* 1 for ending \ */ | ||
| 456 | } | ||
| 457 | len += file_split->filelen; | ||
| 458 | |||
| 459 | if(!len) | ||
| 460 | { | ||
| 461 | DSOerr(DSO_F_WIN32_JOINER, DSO_R_EMPTY_FILE_STRUCTURE); | ||
| 462 | return(NULL); | ||
| 463 | } | ||
| 464 | |||
| 465 | result = OPENSSL_malloc(len + 1); | ||
| 466 | if (!result) | ||
| 467 | { | ||
| 468 | DSOerr(DSO_F_WIN32_JOINER, | ||
| 469 | ERR_R_MALLOC_FAILURE); | ||
| 470 | return(NULL); | ||
| 471 | } | ||
| 472 | |||
| 473 | if(file_split->node) | ||
| 474 | { | ||
| 475 | strcpy(&result[offset], "\\\\"); offset += 2; | ||
| 476 | strncpy(&result[offset], file_split->node, | ||
| 477 | file_split->nodelen); offset += file_split->nodelen; | ||
| 478 | if(file_split->predir || file_split->dir || file_split->file) | ||
| 479 | { | ||
| 480 | result[offset] = '\\'; offset++; | ||
| 481 | } | ||
| 482 | } | ||
| 483 | else if(file_split->device) | ||
| 484 | { | ||
| 485 | strncpy(&result[offset], file_split->device, | ||
| 486 | file_split->devicelen); offset += file_split->devicelen; | ||
| 487 | result[offset] = ':'; offset++; | ||
| 488 | } | ||
| 489 | start = file_split->predir; | ||
| 490 | while(file_split->predirlen > (start - file_split->predir)) | ||
| 491 | { | ||
| 492 | const char *end = openssl_strnchr(start, '/', | ||
| 493 | file_split->predirlen - (start - file_split->predir)); | ||
| 494 | if(!end) | ||
| 495 | end = start | ||
| 496 | + file_split->predirlen | ||
| 497 | - (start - file_split->predir); | ||
| 498 | strncpy(&result[offset], start, | ||
| 499 | end - start); offset += end - start; | ||
| 500 | result[offset] = '\\'; offset++; | ||
| 501 | start = end + 1; | ||
| 502 | } | ||
| 503 | #if 0 /* Not needed, since the directory converter above already appeneded | ||
| 504 | a backslash */ | ||
| 505 | if(file_split->predir && (file_split->dir || file_split->file)) | ||
| 506 | { | ||
| 507 | result[offset] = '\\'; offset++; | ||
| 508 | } | ||
| 509 | #endif | ||
| 510 | start = file_split->dir; | ||
| 511 | while(file_split->dirlen > (start - file_split->dir)) | ||
| 512 | { | ||
| 513 | const char *end = openssl_strnchr(start, '/', | ||
| 514 | file_split->dirlen - (start - file_split->dir)); | ||
| 515 | if(!end) | ||
| 516 | end = start | ||
| 517 | + file_split->dirlen | ||
| 518 | - (start - file_split->dir); | ||
| 519 | strncpy(&result[offset], start, | ||
| 520 | end - start); offset += end - start; | ||
| 521 | result[offset] = '\\'; offset++; | ||
| 522 | start = end + 1; | ||
| 523 | } | ||
| 524 | #if 0 /* Not needed, since the directory converter above already appeneded | ||
| 525 | a backslash */ | ||
| 526 | if(file_split->dir && file_split->file) | ||
| 527 | { | ||
| 528 | result[offset] = '\\'; offset++; | ||
| 529 | } | ||
| 530 | #endif | ||
| 531 | strncpy(&result[offset], file_split->file, | ||
| 532 | file_split->filelen); offset += file_split->filelen; | ||
| 533 | result[offset] = '\0'; | ||
| 534 | return(result); | ||
| 535 | } | ||
| 536 | |||
| 537 | static char *win32_merger(DSO *dso, const char *filespec1, const char *filespec2) | ||
| 538 | { | ||
| 539 | char *merged = NULL; | ||
| 540 | struct file_st *filespec1_split = NULL; | ||
| 541 | struct file_st *filespec2_split = NULL; | ||
| 542 | |||
| 543 | if(!filespec1 && !filespec2) | ||
| 544 | { | ||
| 545 | DSOerr(DSO_F_WIN32_MERGER, | ||
| 546 | ERR_R_PASSED_NULL_PARAMETER); | ||
| 547 | return(NULL); | ||
| 548 | } | ||
| 549 | if (!filespec2) | ||
| 550 | { | ||
| 551 | merged = OPENSSL_malloc(strlen(filespec1) + 1); | ||
| 552 | if(!merged) | ||
| 553 | { | ||
| 554 | DSOerr(DSO_F_WIN32_MERGER, | ||
| 555 | ERR_R_MALLOC_FAILURE); | ||
| 556 | return(NULL); | ||
| 557 | } | ||
| 558 | strcpy(merged, filespec1); | ||
| 559 | } | ||
| 560 | else if (!filespec1) | ||
| 561 | { | ||
| 562 | merged = OPENSSL_malloc(strlen(filespec2) + 1); | ||
| 563 | if(!merged) | ||
| 564 | { | ||
| 565 | DSOerr(DSO_F_WIN32_MERGER, | ||
| 566 | ERR_R_MALLOC_FAILURE); | ||
| 567 | return(NULL); | ||
| 568 | } | ||
| 569 | strcpy(merged, filespec2); | ||
| 570 | } | ||
| 571 | else | ||
| 572 | { | ||
| 573 | filespec1_split = win32_splitter(dso, filespec1, 0); | ||
| 574 | if (!filespec1_split) | ||
| 575 | { | ||
| 576 | DSOerr(DSO_F_WIN32_MERGER, | ||
| 577 | ERR_R_MALLOC_FAILURE); | ||
| 578 | return(NULL); | ||
| 579 | } | ||
| 580 | filespec2_split = win32_splitter(dso, filespec2, 1); | ||
| 581 | if (!filespec2_split) | ||
| 582 | { | ||
| 583 | DSOerr(DSO_F_WIN32_MERGER, | ||
| 584 | ERR_R_MALLOC_FAILURE); | ||
| 585 | OPENSSL_free(filespec1_split); | ||
| 586 | return(NULL); | ||
| 587 | } | ||
| 588 | |||
| 589 | /* Fill in into filespec1_split */ | ||
| 590 | if (!filespec1_split->node && !filespec1_split->device) | ||
| 591 | { | ||
| 592 | filespec1_split->node = filespec2_split->node; | ||
| 593 | filespec1_split->nodelen = filespec2_split->nodelen; | ||
| 594 | filespec1_split->device = filespec2_split->device; | ||
| 595 | filespec1_split->devicelen = filespec2_split->devicelen; | ||
| 596 | } | ||
| 597 | if (!filespec1_split->dir) | ||
| 598 | { | ||
| 599 | filespec1_split->dir = filespec2_split->dir; | ||
| 600 | filespec1_split->dirlen = filespec2_split->dirlen; | ||
| 601 | } | ||
| 602 | else if (filespec1_split->dir[0] != '\\' | ||
| 603 | && filespec1_split->dir[0] != '/') | ||
| 604 | { | ||
| 605 | filespec1_split->predir = filespec2_split->dir; | ||
| 606 | filespec1_split->predirlen = filespec2_split->dirlen; | ||
| 607 | } | ||
| 608 | if (!filespec1_split->file) | ||
| 609 | { | ||
| 610 | filespec1_split->file = filespec2_split->file; | ||
| 611 | filespec1_split->filelen = filespec2_split->filelen; | ||
| 612 | } | ||
| 613 | |||
| 614 | merged = win32_joiner(dso, filespec1_split); | ||
| 615 | } | ||
| 616 | return(merged); | ||
| 617 | } | ||
| 618 | |||
| 270 | static char *win32_name_converter(DSO *dso, const char *filename) | 619 | static char *win32_name_converter(DSO *dso, const char *filename) |
| 271 | { | 620 | { |
| 272 | char *translated; | 621 | char *translated; |
| @@ -295,4 +644,17 @@ static char *win32_name_converter(DSO *dso, const char *filename) | |||
| 295 | return(translated); | 644 | return(translated); |
| 296 | } | 645 | } |
| 297 | 646 | ||
| 647 | static const char *openssl_strnchr(const char *string, int c, size_t len) | ||
| 648 | { | ||
| 649 | size_t i; | ||
| 650 | const char *p; | ||
| 651 | for (i = 0, p = string; i < len && *p; i++, p++) | ||
| 652 | { | ||
| 653 | if (*p == c) | ||
| 654 | return p; | ||
| 655 | } | ||
| 656 | return NULL; | ||
| 657 | } | ||
| 658 | |||
| 659 | |||
| 298 | #endif /* OPENSSL_SYS_WIN32 */ | 660 | #endif /* OPENSSL_SYS_WIN32 */ |
diff --git a/src/lib/libcrypto/ebcdic.c b/src/lib/libcrypto/ebcdic.c index d1bece87f7..43e53bcaf7 100644 --- a/src/lib/libcrypto/ebcdic.c +++ b/src/lib/libcrypto/ebcdic.c | |||
| @@ -1,6 +1,14 @@ | |||
| 1 | /* crypto/ebcdic.c */ | 1 | /* crypto/ebcdic.c */ |
| 2 | 2 | ||
| 3 | #ifdef CHARSET_EBCDIC | 3 | #ifndef CHARSET_EBCDIC |
| 4 | |||
| 5 | #include <openssl/e_os2.h> | ||
| 6 | #if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX) | ||
| 7 | static void *dummy=&dummy; | ||
| 8 | #endif | ||
| 9 | |||
| 10 | #else /*CHARSET_EBCDIC*/ | ||
| 11 | |||
| 4 | #include "ebcdic.h" | 12 | #include "ebcdic.h" |
| 5 | /* Initial Port for Apache-1.3 by <Martin.Kraemer@Mch.SNI.De> | 13 | /* Initial Port for Apache-1.3 by <Martin.Kraemer@Mch.SNI.De> |
| 6 | * Adapted for OpenSSL-0.9.4 by <Martin.Kraemer@Mch.SNI.De> | 14 | * Adapted for OpenSSL-0.9.4 by <Martin.Kraemer@Mch.SNI.De> |
| @@ -210,9 +218,4 @@ ascii2ebcdic(void *dest, const void *srce, size_t count) | |||
| 210 | return dest; | 218 | return dest; |
| 211 | } | 219 | } |
| 212 | 220 | ||
| 213 | #else /*CHARSET_EBCDIC*/ | ||
| 214 | #include <openssl/e_os2.h> | ||
| 215 | #if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX) | ||
| 216 | static void *dummy=&dummy; | ||
| 217 | #endif | ||
| 218 | #endif | 221 | #endif |
diff --git a/src/lib/libcrypto/ec/ec.h b/src/lib/libcrypto/ec/ec.h index 6d6a9b7127..8bc2a235b1 100644 --- a/src/lib/libcrypto/ec/ec.h +++ b/src/lib/libcrypto/ec/ec.h | |||
| @@ -1,6 +1,9 @@ | |||
| 1 | /* crypto/ec/ec.h */ | 1 | /* crypto/ec/ec.h */ |
| 2 | /* | ||
| 3 | * Originally written by Bodo Moeller for the OpenSSL project. | ||
| 4 | */ | ||
| 2 | /* ==================================================================== | 5 | /* ==================================================================== |
| 3 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. |
| 4 | * | 7 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -52,22 +55,48 @@ | |||
| 52 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 53 | * | 56 | * |
| 54 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * | ||
| 61 | * Portions of the attached software ("Contribution") are developed by | ||
| 62 | * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. | ||
| 63 | * | ||
| 64 | * The Contribution is licensed pursuant to the OpenSSL open source | ||
| 65 | * license provided above. | ||
| 66 | * | ||
| 67 | * The elliptic curve binary polynomial software is originally written by | ||
| 68 | * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. | ||
| 69 | * | ||
| 70 | */ | ||
| 55 | 71 | ||
| 56 | #ifndef HEADER_EC_H | 72 | #ifndef HEADER_EC_H |
| 57 | #define HEADER_EC_H | 73 | #define HEADER_EC_H |
| 58 | 74 | ||
| 75 | #include <openssl/opensslconf.h> | ||
| 76 | |||
| 59 | #ifdef OPENSSL_NO_EC | 77 | #ifdef OPENSSL_NO_EC |
| 60 | #error EC is disabled. | 78 | #error EC is disabled. |
| 61 | #endif | 79 | #endif |
| 62 | 80 | ||
| 63 | #include <openssl/bn.h> | 81 | #include <openssl/asn1.h> |
| 64 | #include <openssl/symhacks.h> | 82 | #include <openssl/symhacks.h> |
| 83 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 84 | #include <openssl/bn.h> | ||
| 85 | #endif | ||
| 65 | 86 | ||
| 66 | #ifdef __cplusplus | 87 | #ifdef __cplusplus |
| 67 | extern "C" { | 88 | extern "C" { |
| 89 | #elif defined(__SUNPRO_C) | ||
| 90 | # if __SUNPRO_C >= 0x520 | ||
| 91 | # pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE) | ||
| 92 | # endif | ||
| 68 | #endif | 93 | #endif |
| 69 | 94 | ||
| 70 | 95 | ||
| 96 | #ifndef OPENSSL_ECC_MAX_FIELD_BITS | ||
| 97 | # define OPENSSL_ECC_MAX_FIELD_BITS 661 | ||
| 98 | #endif | ||
| 99 | |||
| 71 | typedef enum { | 100 | typedef enum { |
| 72 | /* values as defined in X9.62 (ECDSA) and elsewhere */ | 101 | /* values as defined in X9.62 (ECDSA) and elsewhere */ |
| 73 | POINT_CONVERSION_COMPRESSED = 2, | 102 | POINT_CONVERSION_COMPRESSED = 2, |
| @@ -84,7 +113,8 @@ typedef struct ec_group_st | |||
| 84 | -- field definition | 113 | -- field definition |
| 85 | -- curve coefficients | 114 | -- curve coefficients |
| 86 | -- optional generator with associated information (order, cofactor) | 115 | -- optional generator with associated information (order, cofactor) |
| 87 | -- optional extra data (TODO: precomputed table for fast computation of multiples of generator) | 116 | -- optional extra data (precomputed table for fast computation of multiples of generator) |
| 117 | -- ASN1 stuff | ||
| 88 | */ | 118 | */ |
| 89 | EC_GROUP; | 119 | EC_GROUP; |
| 90 | 120 | ||
| @@ -96,40 +126,84 @@ typedef struct ec_point_st EC_POINT; | |||
| 96 | */ | 126 | */ |
| 97 | const EC_METHOD *EC_GFp_simple_method(void); | 127 | const EC_METHOD *EC_GFp_simple_method(void); |
| 98 | const EC_METHOD *EC_GFp_mont_method(void); | 128 | const EC_METHOD *EC_GFp_mont_method(void); |
| 99 | #if 0 | 129 | const EC_METHOD *EC_GFp_nist_method(void); |
| 100 | const EC_METHOD *EC_GFp_recp_method(void); /* TODO */ | 130 | |
| 101 | const EC_METHOD *EC_GFp_nist_method(void); /* TODO */ | 131 | /* EC_METHOD for curves over GF(2^m). |
| 102 | #endif | 132 | */ |
| 133 | const EC_METHOD *EC_GF2m_simple_method(void); | ||
| 103 | 134 | ||
| 104 | 135 | ||
| 105 | EC_GROUP *EC_GROUP_new(const EC_METHOD *); | 136 | EC_GROUP *EC_GROUP_new(const EC_METHOD *); |
| 106 | void EC_GROUP_free(EC_GROUP *); | 137 | void EC_GROUP_free(EC_GROUP *); |
| 107 | void EC_GROUP_clear_free(EC_GROUP *); | 138 | void EC_GROUP_clear_free(EC_GROUP *); |
| 108 | int EC_GROUP_copy(EC_GROUP *, const EC_GROUP *); | 139 | int EC_GROUP_copy(EC_GROUP *, const EC_GROUP *); |
| 140 | EC_GROUP *EC_GROUP_dup(const EC_GROUP *); | ||
| 109 | 141 | ||
| 110 | const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *); | 142 | const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *); |
| 111 | 143 | int EC_METHOD_get_field_type(const EC_METHOD *); | |
| 144 | |||
| 145 | int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor); | ||
| 146 | const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *); | ||
| 147 | int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *); | ||
| 148 | int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *); | ||
| 149 | |||
| 150 | void EC_GROUP_set_curve_name(EC_GROUP *, int nid); | ||
| 151 | int EC_GROUP_get_curve_name(const EC_GROUP *); | ||
| 152 | |||
| 153 | void EC_GROUP_set_asn1_flag(EC_GROUP *, int flag); | ||
| 154 | int EC_GROUP_get_asn1_flag(const EC_GROUP *); | ||
| 155 | |||
| 156 | void EC_GROUP_set_point_conversion_form(EC_GROUP *, point_conversion_form_t); | ||
| 157 | point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *); | ||
| 158 | |||
| 159 | unsigned char *EC_GROUP_get0_seed(const EC_GROUP *); | ||
| 160 | size_t EC_GROUP_get_seed_len(const EC_GROUP *); | ||
| 161 | size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len); | ||
| 112 | 162 | ||
| 113 | /* We don't have types for field specifications and field elements in general. | ||
| 114 | * Otherwise we could declare | ||
| 115 | * int EC_GROUP_set_curve(EC_GROUP *, .....); | ||
| 116 | */ | ||
| 117 | int EC_GROUP_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | 163 | int EC_GROUP_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); |
| 118 | int EC_GROUP_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); | 164 | int EC_GROUP_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); |
| 165 | int EC_GROUP_set_curve_GF2m(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | ||
| 166 | int EC_GROUP_get_curve_GF2m(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); | ||
| 167 | |||
| 168 | /* returns the number of bits needed to represent a field element */ | ||
| 169 | int EC_GROUP_get_degree(const EC_GROUP *); | ||
| 170 | |||
| 171 | /* EC_GROUP_check() returns 1 if 'group' defines a valid group, 0 otherwise */ | ||
| 172 | int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx); | ||
| 173 | /* EC_GROUP_check_discriminant() returns 1 if the discriminant of the | ||
| 174 | * elliptic curve is not zero, 0 otherwise */ | ||
| 175 | int EC_GROUP_check_discriminant(const EC_GROUP *, BN_CTX *); | ||
| 119 | 176 | ||
| 120 | /* EC_GROUP_new_GFp() calls EC_GROUP_new() and EC_GROUP_set_GFp() | 177 | /* EC_GROUP_cmp() returns 0 if both groups are equal and 1 otherwise */ |
| 178 | int EC_GROUP_cmp(const EC_GROUP *, const EC_GROUP *, BN_CTX *); | ||
| 179 | |||
| 180 | /* EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*() | ||
| 121 | * after choosing an appropriate EC_METHOD */ | 181 | * after choosing an appropriate EC_METHOD */ |
| 122 | EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | 182 | EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); |
| 183 | EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | ||
| 123 | 184 | ||
| 124 | int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor); | 185 | /* EC_GROUP_new_by_curve_name() creates a EC_GROUP structure |
| 125 | EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *); | 186 | * specified by a curve name (in form of a NID) */ |
| 126 | int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *); | 187 | EC_GROUP *EC_GROUP_new_by_curve_name(int nid); |
| 127 | int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *); | 188 | /* handling of internal curves */ |
| 189 | typedef struct { | ||
| 190 | int nid; | ||
| 191 | const char *comment; | ||
| 192 | } EC_builtin_curve; | ||
| 193 | /* EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number | ||
| 194 | * of all available curves or zero if a error occurred. | ||
| 195 | * In case r ist not zero nitems EC_builtin_curve structures | ||
| 196 | * are filled with the data of the first nitems internal groups */ | ||
| 197 | size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems); | ||
| 198 | |||
| 199 | |||
| 200 | /* EC_POINT functions */ | ||
| 128 | 201 | ||
| 129 | EC_POINT *EC_POINT_new(const EC_GROUP *); | 202 | EC_POINT *EC_POINT_new(const EC_GROUP *); |
| 130 | void EC_POINT_free(EC_POINT *); | 203 | void EC_POINT_free(EC_POINT *); |
| 131 | void EC_POINT_clear_free(EC_POINT *); | 204 | void EC_POINT_clear_free(EC_POINT *); |
| 132 | int EC_POINT_copy(EC_POINT *, const EC_POINT *); | 205 | int EC_POINT_copy(EC_POINT *, const EC_POINT *); |
| 206 | EC_POINT *EC_POINT_dup(const EC_POINT *, const EC_GROUP *); | ||
| 133 | 207 | ||
| 134 | const EC_METHOD *EC_POINT_method_of(const EC_POINT *); | 208 | const EC_METHOD *EC_POINT_method_of(const EC_POINT *); |
| 135 | 209 | ||
| @@ -145,11 +219,28 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *, const EC_POINT *, | |||
| 145 | int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *, EC_POINT *, | 219 | int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *, EC_POINT *, |
| 146 | const BIGNUM *x, int y_bit, BN_CTX *); | 220 | const BIGNUM *x, int y_bit, BN_CTX *); |
| 147 | 221 | ||
| 222 | int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *, EC_POINT *, | ||
| 223 | const BIGNUM *x, const BIGNUM *y, BN_CTX *); | ||
| 224 | int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *, const EC_POINT *, | ||
| 225 | BIGNUM *x, BIGNUM *y, BN_CTX *); | ||
| 226 | int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *, EC_POINT *, | ||
| 227 | const BIGNUM *x, int y_bit, BN_CTX *); | ||
| 228 | |||
| 148 | size_t EC_POINT_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form, | 229 | size_t EC_POINT_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form, |
| 149 | unsigned char *buf, size_t len, BN_CTX *); | 230 | unsigned char *buf, size_t len, BN_CTX *); |
| 150 | int EC_POINT_oct2point(const EC_GROUP *, EC_POINT *, | 231 | int EC_POINT_oct2point(const EC_GROUP *, EC_POINT *, |
| 151 | const unsigned char *buf, size_t len, BN_CTX *); | 232 | const unsigned char *buf, size_t len, BN_CTX *); |
| 152 | 233 | ||
| 234 | /* other interfaces to point2oct/oct2point: */ | ||
| 235 | BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *, | ||
| 236 | point_conversion_form_t form, BIGNUM *, BN_CTX *); | ||
| 237 | EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *, | ||
| 238 | EC_POINT *, BN_CTX *); | ||
| 239 | char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *, | ||
| 240 | point_conversion_form_t form, BN_CTX *); | ||
| 241 | EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *, | ||
| 242 | EC_POINT *, BN_CTX *); | ||
| 243 | |||
| 153 | int EC_POINT_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *); | 244 | int EC_POINT_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *); |
| 154 | int EC_POINT_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *); | 245 | int EC_POINT_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *); |
| 155 | int EC_POINT_invert(const EC_GROUP *, EC_POINT *, BN_CTX *); | 246 | int EC_POINT_invert(const EC_GROUP *, EC_POINT *, BN_CTX *); |
| @@ -164,9 +255,112 @@ int EC_POINTs_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); | |||
| 164 | 255 | ||
| 165 | int EC_POINTs_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, size_t num, const EC_POINT *[], const BIGNUM *[], BN_CTX *); | 256 | int EC_POINTs_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, size_t num, const EC_POINT *[], const BIGNUM *[], BN_CTX *); |
| 166 | int EC_POINT_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, const EC_POINT *, const BIGNUM *, BN_CTX *); | 257 | int EC_POINT_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, const EC_POINT *, const BIGNUM *, BN_CTX *); |
| 258 | |||
| 259 | /* EC_GROUP_precompute_mult() stores multiples of generator for faster point multiplication */ | ||
| 167 | int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *); | 260 | int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *); |
| 261 | /* EC_GROUP_have_precompute_mult() reports whether such precomputation has been done */ | ||
| 262 | int EC_GROUP_have_precompute_mult(const EC_GROUP *); | ||
| 263 | |||
| 264 | |||
| 168 | 265 | ||
| 266 | /* ASN1 stuff */ | ||
| 169 | 267 | ||
| 268 | /* EC_GROUP_get_basis_type() returns the NID of the basis type | ||
| 269 | * used to represent the field elements */ | ||
| 270 | int EC_GROUP_get_basis_type(const EC_GROUP *); | ||
| 271 | int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k); | ||
| 272 | int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1, | ||
| 273 | unsigned int *k2, unsigned int *k3); | ||
| 274 | |||
| 275 | #define OPENSSL_EC_NAMED_CURVE 0x001 | ||
| 276 | |||
| 277 | typedef struct ecpk_parameters_st ECPKPARAMETERS; | ||
| 278 | |||
| 279 | EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len); | ||
| 280 | int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out); | ||
| 281 | |||
| 282 | #define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x) | ||
| 283 | #define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x) | ||
| 284 | #define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \ | ||
| 285 | (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x)) | ||
| 286 | #define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \ | ||
| 287 | (unsigned char *)(x)) | ||
| 288 | |||
| 289 | #ifndef OPENSSL_NO_BIO | ||
| 290 | int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off); | ||
| 291 | #endif | ||
| 292 | #ifndef OPENSSL_NO_FP_API | ||
| 293 | int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off); | ||
| 294 | #endif | ||
| 295 | |||
| 296 | /* the EC_KEY stuff */ | ||
| 297 | typedef struct ec_key_st EC_KEY; | ||
| 298 | |||
| 299 | /* some values for the encoding_flag */ | ||
| 300 | #define EC_PKEY_NO_PARAMETERS 0x001 | ||
| 301 | #define EC_PKEY_NO_PUBKEY 0x002 | ||
| 302 | |||
| 303 | EC_KEY *EC_KEY_new(void); | ||
| 304 | EC_KEY *EC_KEY_new_by_curve_name(int nid); | ||
| 305 | void EC_KEY_free(EC_KEY *); | ||
| 306 | EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *); | ||
| 307 | EC_KEY *EC_KEY_dup(const EC_KEY *); | ||
| 308 | |||
| 309 | int EC_KEY_up_ref(EC_KEY *); | ||
| 310 | |||
| 311 | const EC_GROUP *EC_KEY_get0_group(const EC_KEY *); | ||
| 312 | int EC_KEY_set_group(EC_KEY *, const EC_GROUP *); | ||
| 313 | const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *); | ||
| 314 | int EC_KEY_set_private_key(EC_KEY *, const BIGNUM *); | ||
| 315 | const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *); | ||
| 316 | int EC_KEY_set_public_key(EC_KEY *, const EC_POINT *); | ||
| 317 | unsigned EC_KEY_get_enc_flags(const EC_KEY *); | ||
| 318 | void EC_KEY_set_enc_flags(EC_KEY *, unsigned int); | ||
| 319 | point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *); | ||
| 320 | void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t); | ||
| 321 | /* functions to set/get method specific data */ | ||
| 322 | void *EC_KEY_get_key_method_data(EC_KEY *, | ||
| 323 | void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); | ||
| 324 | void EC_KEY_insert_key_method_data(EC_KEY *, void *data, | ||
| 325 | void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); | ||
| 326 | /* wrapper functions for the underlying EC_GROUP object */ | ||
| 327 | void EC_KEY_set_asn1_flag(EC_KEY *, int); | ||
| 328 | int EC_KEY_precompute_mult(EC_KEY *, BN_CTX *ctx); | ||
| 329 | |||
| 330 | /* EC_KEY_generate_key() creates a ec private (public) key */ | ||
| 331 | int EC_KEY_generate_key(EC_KEY *); | ||
| 332 | /* EC_KEY_check_key() */ | ||
| 333 | int EC_KEY_check_key(const EC_KEY *); | ||
| 334 | |||
| 335 | /* de- and encoding functions for SEC1 ECPrivateKey */ | ||
| 336 | EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len); | ||
| 337 | int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out); | ||
| 338 | /* de- and encoding functions for EC parameters */ | ||
| 339 | EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len); | ||
| 340 | int i2d_ECParameters(EC_KEY *a, unsigned char **out); | ||
| 341 | /* de- and encoding functions for EC public key | ||
| 342 | * (octet string, not DER -- hence 'o2i' and 'i2o') */ | ||
| 343 | EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len); | ||
| 344 | int i2o_ECPublicKey(EC_KEY *a, unsigned char **out); | ||
| 345 | |||
| 346 | #ifndef OPENSSL_NO_BIO | ||
| 347 | int ECParameters_print(BIO *bp, const EC_KEY *x); | ||
| 348 | int EC_KEY_print(BIO *bp, const EC_KEY *x, int off); | ||
| 349 | #endif | ||
| 350 | #ifndef OPENSSL_NO_FP_API | ||
| 351 | int ECParameters_print_fp(FILE *fp, const EC_KEY *x); | ||
| 352 | int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off); | ||
| 353 | #endif | ||
| 354 | |||
| 355 | #define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x) | ||
| 356 | |||
| 357 | #ifndef __cplusplus | ||
| 358 | #if defined(__SUNPRO_C) | ||
| 359 | # if __SUNPRO_C >= 0x520 | ||
| 360 | # pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE) | ||
| 361 | # endif | ||
| 362 | # endif | ||
| 363 | #endif | ||
| 170 | 364 | ||
| 171 | /* BEGIN ERROR CODES */ | 365 | /* BEGIN ERROR CODES */ |
| 172 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 366 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
| @@ -178,51 +372,124 @@ void ERR_load_EC_strings(void); | |||
| 178 | 372 | ||
| 179 | /* Function codes. */ | 373 | /* Function codes. */ |
| 180 | #define EC_F_COMPUTE_WNAF 143 | 374 | #define EC_F_COMPUTE_WNAF 143 |
| 375 | #define EC_F_D2I_ECPARAMETERS 144 | ||
| 376 | #define EC_F_D2I_ECPKPARAMETERS 145 | ||
| 377 | #define EC_F_D2I_ECPRIVATEKEY 146 | ||
| 378 | #define EC_F_ECPARAMETERS_PRINT 147 | ||
| 379 | #define EC_F_ECPARAMETERS_PRINT_FP 148 | ||
| 380 | #define EC_F_ECPKPARAMETERS_PRINT 149 | ||
| 381 | #define EC_F_ECPKPARAMETERS_PRINT_FP 150 | ||
| 382 | #define EC_F_ECP_NIST_MOD_192 203 | ||
| 383 | #define EC_F_ECP_NIST_MOD_224 204 | ||
| 384 | #define EC_F_ECP_NIST_MOD_256 205 | ||
| 385 | #define EC_F_ECP_NIST_MOD_521 206 | ||
| 386 | #define EC_F_EC_ASN1_GROUP2CURVE 153 | ||
| 387 | #define EC_F_EC_ASN1_GROUP2FIELDID 154 | ||
| 388 | #define EC_F_EC_ASN1_GROUP2PARAMETERS 155 | ||
| 389 | #define EC_F_EC_ASN1_GROUP2PKPARAMETERS 156 | ||
| 390 | #define EC_F_EC_ASN1_PARAMETERS2GROUP 157 | ||
| 391 | #define EC_F_EC_ASN1_PKPARAMETERS2GROUP 158 | ||
| 392 | #define EC_F_EC_EX_DATA_SET_DATA 211 | ||
| 393 | #define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208 | ||
| 394 | #define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159 | ||
| 395 | #define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195 | ||
| 396 | #define EC_F_EC_GF2M_SIMPLE_OCT2POINT 160 | ||
| 397 | #define EC_F_EC_GF2M_SIMPLE_POINT2OCT 161 | ||
| 398 | #define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162 | ||
| 399 | #define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163 | ||
| 400 | #define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 164 | ||
| 181 | #define EC_F_EC_GFP_MONT_FIELD_DECODE 133 | 401 | #define EC_F_EC_GFP_MONT_FIELD_DECODE 133 |
| 182 | #define EC_F_EC_GFP_MONT_FIELD_ENCODE 134 | 402 | #define EC_F_EC_GFP_MONT_FIELD_ENCODE 134 |
| 183 | #define EC_F_EC_GFP_MONT_FIELD_MUL 131 | 403 | #define EC_F_EC_GFP_MONT_FIELD_MUL 131 |
| 404 | #define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209 | ||
| 184 | #define EC_F_EC_GFP_MONT_FIELD_SQR 132 | 405 | #define EC_F_EC_GFP_MONT_FIELD_SQR 132 |
| 406 | #define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189 | ||
| 407 | #define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP 135 | ||
| 408 | #define EC_F_EC_GFP_NIST_FIELD_MUL 200 | ||
| 409 | #define EC_F_EC_GFP_NIST_FIELD_SQR 201 | ||
| 410 | #define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202 | ||
| 411 | #define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165 | ||
| 412 | #define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166 | ||
| 185 | #define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP 100 | 413 | #define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP 100 |
| 186 | #define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR 101 | 414 | #define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR 101 |
| 187 | #define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102 | 415 | #define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102 |
| 188 | #define EC_F_EC_GFP_SIMPLE_OCT2POINT 103 | 416 | #define EC_F_EC_GFP_SIMPLE_OCT2POINT 103 |
| 189 | #define EC_F_EC_GFP_SIMPLE_POINT2OCT 104 | 417 | #define EC_F_EC_GFP_SIMPLE_POINT2OCT 104 |
| 190 | #define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137 | 418 | #define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137 |
| 419 | #define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167 | ||
| 191 | #define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105 | 420 | #define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105 |
| 421 | #define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168 | ||
| 192 | #define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128 | 422 | #define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128 |
| 423 | #define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169 | ||
| 193 | #define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129 | 424 | #define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129 |
| 425 | #define EC_F_EC_GROUP_CHECK 170 | ||
| 426 | #define EC_F_EC_GROUP_CHECK_DISCRIMINANT 171 | ||
| 194 | #define EC_F_EC_GROUP_COPY 106 | 427 | #define EC_F_EC_GROUP_COPY 106 |
| 195 | #define EC_F_EC_GROUP_GET0_GENERATOR 139 | 428 | #define EC_F_EC_GROUP_GET0_GENERATOR 139 |
| 196 | #define EC_F_EC_GROUP_GET_COFACTOR 140 | 429 | #define EC_F_EC_GROUP_GET_COFACTOR 140 |
| 430 | #define EC_F_EC_GROUP_GET_CURVE_GF2M 172 | ||
| 197 | #define EC_F_EC_GROUP_GET_CURVE_GFP 130 | 431 | #define EC_F_EC_GROUP_GET_CURVE_GFP 130 |
| 432 | #define EC_F_EC_GROUP_GET_DEGREE 173 | ||
| 198 | #define EC_F_EC_GROUP_GET_ORDER 141 | 433 | #define EC_F_EC_GROUP_GET_ORDER 141 |
| 434 | #define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193 | ||
| 435 | #define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194 | ||
| 199 | #define EC_F_EC_GROUP_NEW 108 | 436 | #define EC_F_EC_GROUP_NEW 108 |
| 437 | #define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 174 | ||
| 438 | #define EC_F_EC_GROUP_NEW_FROM_DATA 175 | ||
| 200 | #define EC_F_EC_GROUP_PRECOMPUTE_MULT 142 | 439 | #define EC_F_EC_GROUP_PRECOMPUTE_MULT 142 |
| 440 | #define EC_F_EC_GROUP_SET_CURVE_GF2M 176 | ||
| 201 | #define EC_F_EC_GROUP_SET_CURVE_GFP 109 | 441 | #define EC_F_EC_GROUP_SET_CURVE_GFP 109 |
| 202 | #define EC_F_EC_GROUP_SET_EXTRA_DATA 110 | 442 | #define EC_F_EC_GROUP_SET_EXTRA_DATA 110 |
| 203 | #define EC_F_EC_GROUP_SET_GENERATOR 111 | 443 | #define EC_F_EC_GROUP_SET_GENERATOR 111 |
| 444 | #define EC_F_EC_KEY_CHECK_KEY 177 | ||
| 445 | #define EC_F_EC_KEY_COPY 178 | ||
| 446 | #define EC_F_EC_KEY_GENERATE_KEY 179 | ||
| 447 | #define EC_F_EC_KEY_NEW 182 | ||
| 448 | #define EC_F_EC_KEY_PRINT 180 | ||
| 449 | #define EC_F_EC_KEY_PRINT_FP 181 | ||
| 204 | #define EC_F_EC_POINTS_MAKE_AFFINE 136 | 450 | #define EC_F_EC_POINTS_MAKE_AFFINE 136 |
| 205 | #define EC_F_EC_POINTS_MUL 138 | 451 | #define EC_F_EC_POINTS_MUL 138 |
| 206 | #define EC_F_EC_POINT_ADD 112 | 452 | #define EC_F_EC_POINT_ADD 112 |
| 207 | #define EC_F_EC_POINT_CMP 113 | 453 | #define EC_F_EC_POINT_CMP 113 |
| 208 | #define EC_F_EC_POINT_COPY 114 | 454 | #define EC_F_EC_POINT_COPY 114 |
| 209 | #define EC_F_EC_POINT_DBL 115 | 455 | #define EC_F_EC_POINT_DBL 115 |
| 456 | #define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 183 | ||
| 210 | #define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116 | 457 | #define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116 |
| 211 | #define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117 | 458 | #define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117 |
| 459 | #define EC_F_EC_POINT_INVERT 210 | ||
| 212 | #define EC_F_EC_POINT_IS_AT_INFINITY 118 | 460 | #define EC_F_EC_POINT_IS_AT_INFINITY 118 |
| 213 | #define EC_F_EC_POINT_IS_ON_CURVE 119 | 461 | #define EC_F_EC_POINT_IS_ON_CURVE 119 |
| 214 | #define EC_F_EC_POINT_MAKE_AFFINE 120 | 462 | #define EC_F_EC_POINT_MAKE_AFFINE 120 |
| 463 | #define EC_F_EC_POINT_MUL 184 | ||
| 215 | #define EC_F_EC_POINT_NEW 121 | 464 | #define EC_F_EC_POINT_NEW 121 |
| 216 | #define EC_F_EC_POINT_OCT2POINT 122 | 465 | #define EC_F_EC_POINT_OCT2POINT 122 |
| 217 | #define EC_F_EC_POINT_POINT2OCT 123 | 466 | #define EC_F_EC_POINT_POINT2OCT 123 |
| 467 | #define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 185 | ||
| 218 | #define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124 | 468 | #define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124 |
| 469 | #define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 186 | ||
| 219 | #define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125 | 470 | #define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125 |
| 220 | #define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126 | 471 | #define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126 |
| 221 | #define EC_F_EC_POINT_SET_TO_INFINITY 127 | 472 | #define EC_F_EC_POINT_SET_TO_INFINITY 127 |
| 222 | #define EC_F_GFP_MONT_GROUP_SET_CURVE_GFP 135 | 473 | #define EC_F_EC_PRE_COMP_DUP 207 |
| 474 | #define EC_F_EC_PRE_COMP_NEW 196 | ||
| 475 | #define EC_F_EC_WNAF_MUL 187 | ||
| 476 | #define EC_F_EC_WNAF_PRECOMPUTE_MULT 188 | ||
| 477 | #define EC_F_I2D_ECPARAMETERS 190 | ||
| 478 | #define EC_F_I2D_ECPKPARAMETERS 191 | ||
| 479 | #define EC_F_I2D_ECPRIVATEKEY 192 | ||
| 480 | #define EC_F_I2O_ECPUBLICKEY 151 | ||
| 481 | #define EC_F_O2I_ECPUBLICKEY 152 | ||
| 223 | 482 | ||
| 224 | /* Reason codes. */ | 483 | /* Reason codes. */ |
| 484 | #define EC_R_ASN1_ERROR 115 | ||
| 485 | #define EC_R_ASN1_UNKNOWN_FIELD 116 | ||
| 225 | #define EC_R_BUFFER_TOO_SMALL 100 | 486 | #define EC_R_BUFFER_TOO_SMALL 100 |
| 487 | #define EC_R_D2I_ECPKPARAMETERS_FAILURE 117 | ||
| 488 | #define EC_R_DISCRIMINANT_IS_ZERO 118 | ||
| 489 | #define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119 | ||
| 490 | #define EC_R_FIELD_TOO_LARGE 138 | ||
| 491 | #define EC_R_GROUP2PKPARAMETERS_FAILURE 120 | ||
| 492 | #define EC_R_I2D_ECPKPARAMETERS_FAILURE 121 | ||
| 226 | #define EC_R_INCOMPATIBLE_OBJECTS 101 | 493 | #define EC_R_INCOMPATIBLE_OBJECTS 101 |
| 227 | #define EC_R_INVALID_ARGUMENT 112 | 494 | #define EC_R_INVALID_ARGUMENT 112 |
| 228 | #define EC_R_INVALID_COMPRESSED_POINT 110 | 495 | #define EC_R_INVALID_COMPRESSED_POINT 110 |
| @@ -230,12 +497,28 @@ void ERR_load_EC_strings(void); | |||
| 230 | #define EC_R_INVALID_ENCODING 102 | 497 | #define EC_R_INVALID_ENCODING 102 |
| 231 | #define EC_R_INVALID_FIELD 103 | 498 | #define EC_R_INVALID_FIELD 103 |
| 232 | #define EC_R_INVALID_FORM 104 | 499 | #define EC_R_INVALID_FORM 104 |
| 500 | #define EC_R_INVALID_GROUP_ORDER 122 | ||
| 501 | #define EC_R_INVALID_PENTANOMIAL_BASIS 132 | ||
| 502 | #define EC_R_INVALID_PRIVATE_KEY 123 | ||
| 503 | #define EC_R_INVALID_TRINOMIAL_BASIS 137 | ||
| 504 | #define EC_R_MISSING_PARAMETERS 124 | ||
| 505 | #define EC_R_MISSING_PRIVATE_KEY 125 | ||
| 506 | #define EC_R_NOT_A_NIST_PRIME 135 | ||
| 507 | #define EC_R_NOT_A_SUPPORTED_NIST_PRIME 136 | ||
| 508 | #define EC_R_NOT_IMPLEMENTED 126 | ||
| 233 | #define EC_R_NOT_INITIALIZED 111 | 509 | #define EC_R_NOT_INITIALIZED 111 |
| 510 | #define EC_R_NO_FIELD_MOD 133 | ||
| 511 | #define EC_R_PASSED_NULL_PARAMETER 134 | ||
| 512 | #define EC_R_PKPARAMETERS2GROUP_FAILURE 127 | ||
| 234 | #define EC_R_POINT_AT_INFINITY 106 | 513 | #define EC_R_POINT_AT_INFINITY 106 |
| 235 | #define EC_R_POINT_IS_NOT_ON_CURVE 107 | 514 | #define EC_R_POINT_IS_NOT_ON_CURVE 107 |
| 236 | #define EC_R_SLOT_FULL 108 | 515 | #define EC_R_SLOT_FULL 108 |
| 237 | #define EC_R_UNDEFINED_GENERATOR 113 | 516 | #define EC_R_UNDEFINED_GENERATOR 113 |
| 517 | #define EC_R_UNDEFINED_ORDER 128 | ||
| 518 | #define EC_R_UNKNOWN_GROUP 129 | ||
| 238 | #define EC_R_UNKNOWN_ORDER 114 | 519 | #define EC_R_UNKNOWN_ORDER 114 |
| 520 | #define EC_R_UNSUPPORTED_FIELD 131 | ||
| 521 | #define EC_R_WRONG_ORDER 130 | ||
| 239 | 522 | ||
| 240 | #ifdef __cplusplus | 523 | #ifdef __cplusplus |
| 241 | } | 524 | } |
diff --git a/src/lib/libcrypto/ec/ec_cvt.c b/src/lib/libcrypto/ec/ec_cvt.c index 45b0ec33a0..d45640bab9 100644 --- a/src/lib/libcrypto/ec/ec_cvt.c +++ b/src/lib/libcrypto/ec/ec_cvt.c | |||
| @@ -1,6 +1,9 @@ | |||
| 1 | /* crypto/ec/ec_cvt.c */ | 1 | /* crypto/ec/ec_cvt.c */ |
| 2 | /* | ||
| 3 | * Originally written by Bodo Moeller for the OpenSSL project. | ||
| 4 | */ | ||
| 2 | /* ==================================================================== | 5 | /* ==================================================================== |
| 3 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. |
| 4 | * | 7 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -52,7 +55,21 @@ | |||
| 52 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 53 | * | 56 | * |
| 54 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * | ||
| 61 | * Portions of the attached software ("Contribution") are developed by | ||
| 62 | * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. | ||
| 63 | * | ||
| 64 | * The Contribution is licensed pursuant to the OpenSSL open source | ||
| 65 | * license provided above. | ||
| 66 | * | ||
| 67 | * The elliptic curve binary polynomial software is originally written by | ||
| 68 | * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. | ||
| 69 | * | ||
| 70 | */ | ||
| 55 | 71 | ||
| 72 | #include <openssl/err.h> | ||
| 56 | #include "ec_lcl.h" | 73 | #include "ec_lcl.h" |
| 57 | 74 | ||
| 58 | 75 | ||
| @@ -60,11 +77,8 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM | |||
| 60 | { | 77 | { |
| 61 | const EC_METHOD *meth; | 78 | const EC_METHOD *meth; |
| 62 | EC_GROUP *ret; | 79 | EC_GROUP *ret; |
| 63 | 80 | ||
| 64 | /* Finally, this will use EC_GFp_nist_method if 'p' is a special | 81 | meth = EC_GFp_nist_method(); |
| 65 | * prime with optimized modular arithmetics (for NIST curves) | ||
| 66 | */ | ||
| 67 | meth = EC_GFp_mont_method(); | ||
| 68 | 82 | ||
| 69 | ret = EC_GROUP_new(meth); | 83 | ret = EC_GROUP_new(meth); |
| 70 | if (ret == NULL) | 84 | if (ret == NULL) |
| @@ -72,6 +86,56 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM | |||
| 72 | 86 | ||
| 73 | if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) | 87 | if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) |
| 74 | { | 88 | { |
| 89 | unsigned long err; | ||
| 90 | |||
| 91 | err = ERR_peek_last_error(); | ||
| 92 | |||
| 93 | if (!(ERR_GET_LIB(err) == ERR_LIB_EC && | ||
| 94 | ((ERR_GET_REASON(err) == EC_R_NOT_A_NIST_PRIME) || | ||
| 95 | (ERR_GET_REASON(err) == EC_R_NOT_A_SUPPORTED_NIST_PRIME)))) | ||
| 96 | { | ||
| 97 | /* real error */ | ||
| 98 | |||
| 99 | EC_GROUP_clear_free(ret); | ||
| 100 | return NULL; | ||
| 101 | } | ||
| 102 | |||
| 103 | |||
| 104 | /* not an actual error, we just cannot use EC_GFp_nist_method */ | ||
| 105 | |||
| 106 | ERR_clear_error(); | ||
| 107 | |||
| 108 | EC_GROUP_clear_free(ret); | ||
| 109 | meth = EC_GFp_mont_method(); | ||
| 110 | |||
| 111 | ret = EC_GROUP_new(meth); | ||
| 112 | if (ret == NULL) | ||
| 113 | return NULL; | ||
| 114 | |||
| 115 | if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) | ||
| 116 | { | ||
| 117 | EC_GROUP_clear_free(ret); | ||
| 118 | return NULL; | ||
| 119 | } | ||
| 120 | } | ||
| 121 | |||
| 122 | return ret; | ||
| 123 | } | ||
| 124 | |||
| 125 | |||
| 126 | EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | ||
| 127 | { | ||
| 128 | const EC_METHOD *meth; | ||
| 129 | EC_GROUP *ret; | ||
| 130 | |||
| 131 | meth = EC_GF2m_simple_method(); | ||
| 132 | |||
| 133 | ret = EC_GROUP_new(meth); | ||
| 134 | if (ret == NULL) | ||
| 135 | return NULL; | ||
| 136 | |||
| 137 | if (!EC_GROUP_set_curve_GF2m(ret, p, a, b, ctx)) | ||
| 138 | { | ||
| 75 | EC_GROUP_clear_free(ret); | 139 | EC_GROUP_clear_free(ret); |
| 76 | return NULL; | 140 | return NULL; |
| 77 | } | 141 | } |
diff --git a/src/lib/libcrypto/ec/ec_err.c b/src/lib/libcrypto/ec/ec_err.c index 5b70f94382..d04c895560 100644 --- a/src/lib/libcrypto/ec/ec_err.c +++ b/src/lib/libcrypto/ec/ec_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/ec/ec_err.c */ | 1 | /* crypto/ec/ec_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -71,54 +71,127 @@ | |||
| 71 | static ERR_STRING_DATA EC_str_functs[]= | 71 | static ERR_STRING_DATA EC_str_functs[]= |
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(EC_F_COMPUTE_WNAF), "COMPUTE_WNAF"}, | 73 | {ERR_FUNC(EC_F_COMPUTE_WNAF), "COMPUTE_WNAF"}, |
| 74 | {ERR_FUNC(EC_F_D2I_ECPARAMETERS), "d2i_ECParameters"}, | ||
| 75 | {ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"}, | ||
| 76 | {ERR_FUNC(EC_F_D2I_ECPRIVATEKEY), "d2i_ECPrivateKey"}, | ||
| 77 | {ERR_FUNC(EC_F_ECPARAMETERS_PRINT), "ECParameters_print"}, | ||
| 78 | {ERR_FUNC(EC_F_ECPARAMETERS_PRINT_FP), "ECParameters_print_fp"}, | ||
| 79 | {ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT), "ECPKParameters_print"}, | ||
| 80 | {ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT_FP), "ECPKParameters_print_fp"}, | ||
| 81 | {ERR_FUNC(EC_F_ECP_NIST_MOD_192), "ECP_NIST_MOD_192"}, | ||
| 82 | {ERR_FUNC(EC_F_ECP_NIST_MOD_224), "ECP_NIST_MOD_224"}, | ||
| 83 | {ERR_FUNC(EC_F_ECP_NIST_MOD_256), "ECP_NIST_MOD_256"}, | ||
| 84 | {ERR_FUNC(EC_F_ECP_NIST_MOD_521), "ECP_NIST_MOD_521"}, | ||
| 85 | {ERR_FUNC(EC_F_EC_ASN1_GROUP2CURVE), "EC_ASN1_GROUP2CURVE"}, | ||
| 86 | {ERR_FUNC(EC_F_EC_ASN1_GROUP2FIELDID), "EC_ASN1_GROUP2FIELDID"}, | ||
| 87 | {ERR_FUNC(EC_F_EC_ASN1_GROUP2PARAMETERS), "EC_ASN1_GROUP2PARAMETERS"}, | ||
| 88 | {ERR_FUNC(EC_F_EC_ASN1_GROUP2PKPARAMETERS), "EC_ASN1_GROUP2PKPARAMETERS"}, | ||
| 89 | {ERR_FUNC(EC_F_EC_ASN1_PARAMETERS2GROUP), "EC_ASN1_PARAMETERS2GROUP"}, | ||
| 90 | {ERR_FUNC(EC_F_EC_ASN1_PKPARAMETERS2GROUP), "EC_ASN1_PKPARAMETERS2GROUP"}, | ||
| 91 | {ERR_FUNC(EC_F_EC_EX_DATA_SET_DATA), "EC_EX_DATA_set_data"}, | ||
| 92 | {ERR_FUNC(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY), "EC_GF2M_MONTGOMERY_POINT_MULTIPLY"}, | ||
| 93 | {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT), "ec_GF2m_simple_group_check_discriminant"}, | ||
| 94 | {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE), "ec_GF2m_simple_group_set_curve"}, | ||
| 95 | {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_OCT2POINT), "ec_GF2m_simple_oct2point"}, | ||
| 96 | {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT2OCT), "ec_GF2m_simple_point2oct"}, | ||
| 97 | {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES), "ec_GF2m_simple_point_get_affine_coordinates"}, | ||
| 98 | {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES), "ec_GF2m_simple_point_set_affine_coordinates"}, | ||
| 99 | {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES), "ec_GF2m_simple_set_compressed_coordinates"}, | ||
| 74 | {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_DECODE), "ec_GFp_mont_field_decode"}, | 100 | {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_DECODE), "ec_GFp_mont_field_decode"}, |
| 75 | {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_ENCODE), "ec_GFp_mont_field_encode"}, | 101 | {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_ENCODE), "ec_GFp_mont_field_encode"}, |
| 76 | {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_MUL), "ec_GFp_mont_field_mul"}, | 102 | {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_MUL), "ec_GFp_mont_field_mul"}, |
| 103 | {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE), "ec_GFp_mont_field_set_to_one"}, | ||
| 77 | {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR), "ec_GFp_mont_field_sqr"}, | 104 | {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR), "ec_GFp_mont_field_sqr"}, |
| 78 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP), "ec_GFp_simple_group_set_curve_GFp"}, | 105 | {ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE), "ec_GFp_mont_group_set_curve"}, |
| 79 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR), "ec_GFp_simple_group_set_generator"}, | 106 | {ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP), "EC_GFP_MONT_GROUP_SET_CURVE_GFP"}, |
| 107 | {ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_MUL), "ec_GFp_nist_field_mul"}, | ||
| 108 | {ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_SQR), "ec_GFp_nist_field_sqr"}, | ||
| 109 | {ERR_FUNC(EC_F_EC_GFP_NIST_GROUP_SET_CURVE), "ec_GFp_nist_group_set_curve"}, | ||
| 110 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT), "ec_GFp_simple_group_check_discriminant"}, | ||
| 111 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE), "ec_GFp_simple_group_set_curve"}, | ||
| 112 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP), "EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP"}, | ||
| 113 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR), "EC_GFP_SIMPLE_GROUP_SET_GENERATOR"}, | ||
| 80 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE), "ec_GFp_simple_make_affine"}, | 114 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE), "ec_GFp_simple_make_affine"}, |
| 81 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_OCT2POINT), "ec_GFp_simple_oct2point"}, | 115 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_OCT2POINT), "ec_GFp_simple_oct2point"}, |
| 82 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT2OCT), "ec_GFp_simple_point2oct"}, | 116 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT2OCT), "ec_GFp_simple_point2oct"}, |
| 83 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE), "ec_GFp_simple_points_make_affine"}, | 117 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE), "ec_GFp_simple_points_make_affine"}, |
| 84 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP), "ec_GFp_simple_point_get_affine_coordinates_GFp"}, | 118 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES), "ec_GFp_simple_point_get_affine_coordinates"}, |
| 85 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP), "ec_GFp_simple_point_set_affine_coordinates_GFp"}, | 119 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP), "EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP"}, |
| 86 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP), "ec_GFp_simple_set_compressed_coordinates_GFp"}, | 120 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES), "ec_GFp_simple_point_set_affine_coordinates"}, |
| 121 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP), "EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP"}, | ||
| 122 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES), "ec_GFp_simple_set_compressed_coordinates"}, | ||
| 123 | {ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP), "EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP"}, | ||
| 124 | {ERR_FUNC(EC_F_EC_GROUP_CHECK), "EC_GROUP_check"}, | ||
| 125 | {ERR_FUNC(EC_F_EC_GROUP_CHECK_DISCRIMINANT), "EC_GROUP_check_discriminant"}, | ||
| 87 | {ERR_FUNC(EC_F_EC_GROUP_COPY), "EC_GROUP_copy"}, | 126 | {ERR_FUNC(EC_F_EC_GROUP_COPY), "EC_GROUP_copy"}, |
| 88 | {ERR_FUNC(EC_F_EC_GROUP_GET0_GENERATOR), "EC_GROUP_get0_generator"}, | 127 | {ERR_FUNC(EC_F_EC_GROUP_GET0_GENERATOR), "EC_GROUP_get0_generator"}, |
| 89 | {ERR_FUNC(EC_F_EC_GROUP_GET_COFACTOR), "EC_GROUP_get_cofactor"}, | 128 | {ERR_FUNC(EC_F_EC_GROUP_GET_COFACTOR), "EC_GROUP_get_cofactor"}, |
| 129 | {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GF2M), "EC_GROUP_get_curve_GF2m"}, | ||
| 90 | {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GFP), "EC_GROUP_get_curve_GFp"}, | 130 | {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GFP), "EC_GROUP_get_curve_GFp"}, |
| 131 | {ERR_FUNC(EC_F_EC_GROUP_GET_DEGREE), "EC_GROUP_get_degree"}, | ||
| 91 | {ERR_FUNC(EC_F_EC_GROUP_GET_ORDER), "EC_GROUP_get_order"}, | 132 | {ERR_FUNC(EC_F_EC_GROUP_GET_ORDER), "EC_GROUP_get_order"}, |
| 133 | {ERR_FUNC(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS), "EC_GROUP_get_pentanomial_basis"}, | ||
| 134 | {ERR_FUNC(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS), "EC_GROUP_get_trinomial_basis"}, | ||
| 92 | {ERR_FUNC(EC_F_EC_GROUP_NEW), "EC_GROUP_new"}, | 135 | {ERR_FUNC(EC_F_EC_GROUP_NEW), "EC_GROUP_new"}, |
| 136 | {ERR_FUNC(EC_F_EC_GROUP_NEW_BY_CURVE_NAME), "EC_GROUP_new_by_curve_name"}, | ||
| 137 | {ERR_FUNC(EC_F_EC_GROUP_NEW_FROM_DATA), "EC_GROUP_NEW_FROM_DATA"}, | ||
| 93 | {ERR_FUNC(EC_F_EC_GROUP_PRECOMPUTE_MULT), "EC_GROUP_precompute_mult"}, | 138 | {ERR_FUNC(EC_F_EC_GROUP_PRECOMPUTE_MULT), "EC_GROUP_precompute_mult"}, |
| 139 | {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GF2M), "EC_GROUP_set_curve_GF2m"}, | ||
| 94 | {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP), "EC_GROUP_set_curve_GFp"}, | 140 | {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP), "EC_GROUP_set_curve_GFp"}, |
| 95 | {ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA), "EC_GROUP_set_extra_data"}, | 141 | {ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA), "EC_GROUP_SET_EXTRA_DATA"}, |
| 96 | {ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR), "EC_GROUP_set_generator"}, | 142 | {ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR), "EC_GROUP_set_generator"}, |
| 143 | {ERR_FUNC(EC_F_EC_KEY_CHECK_KEY), "EC_KEY_check_key"}, | ||
| 144 | {ERR_FUNC(EC_F_EC_KEY_COPY), "EC_KEY_copy"}, | ||
| 145 | {ERR_FUNC(EC_F_EC_KEY_GENERATE_KEY), "EC_KEY_generate_key"}, | ||
| 146 | {ERR_FUNC(EC_F_EC_KEY_NEW), "EC_KEY_new"}, | ||
| 147 | {ERR_FUNC(EC_F_EC_KEY_PRINT), "EC_KEY_print"}, | ||
| 148 | {ERR_FUNC(EC_F_EC_KEY_PRINT_FP), "EC_KEY_print_fp"}, | ||
| 97 | {ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE), "EC_POINTs_make_affine"}, | 149 | {ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE), "EC_POINTs_make_affine"}, |
| 98 | {ERR_FUNC(EC_F_EC_POINTS_MUL), "EC_POINTs_mul"}, | 150 | {ERR_FUNC(EC_F_EC_POINTS_MUL), "EC_POINTs_mul"}, |
| 99 | {ERR_FUNC(EC_F_EC_POINT_ADD), "EC_POINT_add"}, | 151 | {ERR_FUNC(EC_F_EC_POINT_ADD), "EC_POINT_add"}, |
| 100 | {ERR_FUNC(EC_F_EC_POINT_CMP), "EC_POINT_cmp"}, | 152 | {ERR_FUNC(EC_F_EC_POINT_CMP), "EC_POINT_cmp"}, |
| 101 | {ERR_FUNC(EC_F_EC_POINT_COPY), "EC_POINT_copy"}, | 153 | {ERR_FUNC(EC_F_EC_POINT_COPY), "EC_POINT_copy"}, |
| 102 | {ERR_FUNC(EC_F_EC_POINT_DBL), "EC_POINT_dbl"}, | 154 | {ERR_FUNC(EC_F_EC_POINT_DBL), "EC_POINT_dbl"}, |
| 155 | {ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M), "EC_POINT_get_affine_coordinates_GF2m"}, | ||
| 103 | {ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP), "EC_POINT_get_affine_coordinates_GFp"}, | 156 | {ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP), "EC_POINT_get_affine_coordinates_GFp"}, |
| 104 | {ERR_FUNC(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP), "EC_POINT_get_Jprojective_coordinates_GFp"}, | 157 | {ERR_FUNC(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP), "EC_POINT_get_Jprojective_coordinates_GFp"}, |
| 158 | {ERR_FUNC(EC_F_EC_POINT_INVERT), "EC_POINT_invert"}, | ||
| 105 | {ERR_FUNC(EC_F_EC_POINT_IS_AT_INFINITY), "EC_POINT_is_at_infinity"}, | 159 | {ERR_FUNC(EC_F_EC_POINT_IS_AT_INFINITY), "EC_POINT_is_at_infinity"}, |
| 106 | {ERR_FUNC(EC_F_EC_POINT_IS_ON_CURVE), "EC_POINT_is_on_curve"}, | 160 | {ERR_FUNC(EC_F_EC_POINT_IS_ON_CURVE), "EC_POINT_is_on_curve"}, |
| 107 | {ERR_FUNC(EC_F_EC_POINT_MAKE_AFFINE), "EC_POINT_make_affine"}, | 161 | {ERR_FUNC(EC_F_EC_POINT_MAKE_AFFINE), "EC_POINT_make_affine"}, |
| 162 | {ERR_FUNC(EC_F_EC_POINT_MUL), "EC_POINT_mul"}, | ||
| 108 | {ERR_FUNC(EC_F_EC_POINT_NEW), "EC_POINT_new"}, | 163 | {ERR_FUNC(EC_F_EC_POINT_NEW), "EC_POINT_new"}, |
| 109 | {ERR_FUNC(EC_F_EC_POINT_OCT2POINT), "EC_POINT_oct2point"}, | 164 | {ERR_FUNC(EC_F_EC_POINT_OCT2POINT), "EC_POINT_oct2point"}, |
| 110 | {ERR_FUNC(EC_F_EC_POINT_POINT2OCT), "EC_POINT_point2oct"}, | 165 | {ERR_FUNC(EC_F_EC_POINT_POINT2OCT), "EC_POINT_point2oct"}, |
| 166 | {ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M), "EC_POINT_set_affine_coordinates_GF2m"}, | ||
| 111 | {ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP), "EC_POINT_set_affine_coordinates_GFp"}, | 167 | {ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP), "EC_POINT_set_affine_coordinates_GFp"}, |
| 168 | {ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M), "EC_POINT_set_compressed_coordinates_GF2m"}, | ||
| 112 | {ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP), "EC_POINT_set_compressed_coordinates_GFp"}, | 169 | {ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP), "EC_POINT_set_compressed_coordinates_GFp"}, |
| 113 | {ERR_FUNC(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP), "EC_POINT_set_Jprojective_coordinates_GFp"}, | 170 | {ERR_FUNC(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP), "EC_POINT_set_Jprojective_coordinates_GFp"}, |
| 114 | {ERR_FUNC(EC_F_EC_POINT_SET_TO_INFINITY), "EC_POINT_set_to_infinity"}, | 171 | {ERR_FUNC(EC_F_EC_POINT_SET_TO_INFINITY), "EC_POINT_set_to_infinity"}, |
| 115 | {ERR_FUNC(EC_F_GFP_MONT_GROUP_SET_CURVE_GFP), "GFP_MONT_GROUP_SET_CURVE_GFP"}, | 172 | {ERR_FUNC(EC_F_EC_PRE_COMP_DUP), "EC_PRE_COMP_DUP"}, |
| 173 | {ERR_FUNC(EC_F_EC_PRE_COMP_NEW), "EC_PRE_COMP_NEW"}, | ||
| 174 | {ERR_FUNC(EC_F_EC_WNAF_MUL), "ec_wNAF_mul"}, | ||
| 175 | {ERR_FUNC(EC_F_EC_WNAF_PRECOMPUTE_MULT), "ec_wNAF_precompute_mult"}, | ||
| 176 | {ERR_FUNC(EC_F_I2D_ECPARAMETERS), "i2d_ECParameters"}, | ||
| 177 | {ERR_FUNC(EC_F_I2D_ECPKPARAMETERS), "i2d_ECPKParameters"}, | ||
| 178 | {ERR_FUNC(EC_F_I2D_ECPRIVATEKEY), "i2d_ECPrivateKey"}, | ||
| 179 | {ERR_FUNC(EC_F_I2O_ECPUBLICKEY), "i2o_ECPublicKey"}, | ||
| 180 | {ERR_FUNC(EC_F_O2I_ECPUBLICKEY), "o2i_ECPublicKey"}, | ||
| 116 | {0,NULL} | 181 | {0,NULL} |
| 117 | }; | 182 | }; |
| 118 | 183 | ||
| 119 | static ERR_STRING_DATA EC_str_reasons[]= | 184 | static ERR_STRING_DATA EC_str_reasons[]= |
| 120 | { | 185 | { |
| 186 | {ERR_REASON(EC_R_ASN1_ERROR) ,"asn1 error"}, | ||
| 187 | {ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD) ,"asn1 unknown field"}, | ||
| 121 | {ERR_REASON(EC_R_BUFFER_TOO_SMALL) ,"buffer too small"}, | 188 | {ERR_REASON(EC_R_BUFFER_TOO_SMALL) ,"buffer too small"}, |
| 189 | {ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),"d2i ecpkparameters failure"}, | ||
| 190 | {ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO) ,"discriminant is zero"}, | ||
| 191 | {ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),"ec group new by name failure"}, | ||
| 192 | {ERR_REASON(EC_R_FIELD_TOO_LARGE) ,"field too large"}, | ||
| 193 | {ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE),"group2pkparameters failure"}, | ||
| 194 | {ERR_REASON(EC_R_I2D_ECPKPARAMETERS_FAILURE),"i2d ecpkparameters failure"}, | ||
| 122 | {ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS) ,"incompatible objects"}, | 195 | {ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS) ,"incompatible objects"}, |
| 123 | {ERR_REASON(EC_R_INVALID_ARGUMENT) ,"invalid argument"}, | 196 | {ERR_REASON(EC_R_INVALID_ARGUMENT) ,"invalid argument"}, |
| 124 | {ERR_REASON(EC_R_INVALID_COMPRESSED_POINT),"invalid compressed point"}, | 197 | {ERR_REASON(EC_R_INVALID_COMPRESSED_POINT),"invalid compressed point"}, |
| @@ -126,12 +199,28 @@ static ERR_STRING_DATA EC_str_reasons[]= | |||
| 126 | {ERR_REASON(EC_R_INVALID_ENCODING) ,"invalid encoding"}, | 199 | {ERR_REASON(EC_R_INVALID_ENCODING) ,"invalid encoding"}, |
| 127 | {ERR_REASON(EC_R_INVALID_FIELD) ,"invalid field"}, | 200 | {ERR_REASON(EC_R_INVALID_FIELD) ,"invalid field"}, |
| 128 | {ERR_REASON(EC_R_INVALID_FORM) ,"invalid form"}, | 201 | {ERR_REASON(EC_R_INVALID_FORM) ,"invalid form"}, |
| 202 | {ERR_REASON(EC_R_INVALID_GROUP_ORDER) ,"invalid group order"}, | ||
| 203 | {ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS),"invalid pentanomial basis"}, | ||
| 204 | {ERR_REASON(EC_R_INVALID_PRIVATE_KEY) ,"invalid private key"}, | ||
| 205 | {ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS),"invalid trinomial basis"}, | ||
| 206 | {ERR_REASON(EC_R_MISSING_PARAMETERS) ,"missing parameters"}, | ||
| 207 | {ERR_REASON(EC_R_MISSING_PRIVATE_KEY) ,"missing private key"}, | ||
| 208 | {ERR_REASON(EC_R_NOT_A_NIST_PRIME) ,"not a NIST prime"}, | ||
| 209 | {ERR_REASON(EC_R_NOT_A_SUPPORTED_NIST_PRIME),"not a supported NIST prime"}, | ||
| 210 | {ERR_REASON(EC_R_NOT_IMPLEMENTED) ,"not implemented"}, | ||
| 129 | {ERR_REASON(EC_R_NOT_INITIALIZED) ,"not initialized"}, | 211 | {ERR_REASON(EC_R_NOT_INITIALIZED) ,"not initialized"}, |
| 212 | {ERR_REASON(EC_R_NO_FIELD_MOD) ,"no field mod"}, | ||
| 213 | {ERR_REASON(EC_R_PASSED_NULL_PARAMETER) ,"passed null parameter"}, | ||
| 214 | {ERR_REASON(EC_R_PKPARAMETERS2GROUP_FAILURE),"pkparameters2group failure"}, | ||
| 130 | {ERR_REASON(EC_R_POINT_AT_INFINITY) ,"point at infinity"}, | 215 | {ERR_REASON(EC_R_POINT_AT_INFINITY) ,"point at infinity"}, |
| 131 | {ERR_REASON(EC_R_POINT_IS_NOT_ON_CURVE) ,"point is not on curve"}, | 216 | {ERR_REASON(EC_R_POINT_IS_NOT_ON_CURVE) ,"point is not on curve"}, |
| 132 | {ERR_REASON(EC_R_SLOT_FULL) ,"slot full"}, | 217 | {ERR_REASON(EC_R_SLOT_FULL) ,"slot full"}, |
| 133 | {ERR_REASON(EC_R_UNDEFINED_GENERATOR) ,"undefined generator"}, | 218 | {ERR_REASON(EC_R_UNDEFINED_GENERATOR) ,"undefined generator"}, |
| 219 | {ERR_REASON(EC_R_UNDEFINED_ORDER) ,"undefined order"}, | ||
| 220 | {ERR_REASON(EC_R_UNKNOWN_GROUP) ,"unknown group"}, | ||
| 134 | {ERR_REASON(EC_R_UNKNOWN_ORDER) ,"unknown order"}, | 221 | {ERR_REASON(EC_R_UNKNOWN_ORDER) ,"unknown order"}, |
| 222 | {ERR_REASON(EC_R_UNSUPPORTED_FIELD) ,"unsupported field"}, | ||
| 223 | {ERR_REASON(EC_R_WRONG_ORDER) ,"wrong order"}, | ||
| 135 | {0,NULL} | 224 | {0,NULL} |
| 136 | }; | 225 | }; |
| 137 | 226 | ||
| @@ -139,15 +228,12 @@ static ERR_STRING_DATA EC_str_reasons[]= | |||
| 139 | 228 | ||
| 140 | void ERR_load_EC_strings(void) | 229 | void ERR_load_EC_strings(void) |
| 141 | { | 230 | { |
| 142 | static int init=1; | 231 | #ifndef OPENSSL_NO_ERR |
| 143 | 232 | ||
| 144 | if (init) | 233 | if (ERR_func_error_string(EC_str_functs[0].error) == NULL) |
| 145 | { | 234 | { |
| 146 | init=0; | ||
| 147 | #ifndef OPENSSL_NO_ERR | ||
| 148 | ERR_load_strings(0,EC_str_functs); | 235 | ERR_load_strings(0,EC_str_functs); |
| 149 | ERR_load_strings(0,EC_str_reasons); | 236 | ERR_load_strings(0,EC_str_reasons); |
| 150 | #endif | ||
| 151 | |||
| 152 | } | 237 | } |
| 238 | #endif | ||
| 153 | } | 239 | } |
diff --git a/src/lib/libcrypto/ec/ec_lcl.h b/src/lib/libcrypto/ec/ec_lcl.h index cc4cf27755..fdd7aa2755 100644 --- a/src/lib/libcrypto/ec/ec_lcl.h +++ b/src/lib/libcrypto/ec/ec_lcl.h | |||
| @@ -1,6 +1,9 @@ | |||
| 1 | /* crypto/ec/ec_lcl.h */ | 1 | /* crypto/ec/ec_lcl.h */ |
| 2 | /* | ||
| 3 | * Originally written by Bodo Moeller for the OpenSSL project. | ||
| 4 | */ | ||
| 2 | /* ==================================================================== | 5 | /* ==================================================================== |
| 3 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. |
| 4 | * | 7 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -52,35 +55,56 @@ | |||
| 52 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 53 | * | 56 | * |
| 54 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * | ||
| 61 | * Portions of the attached software ("Contribution") are developed by | ||
| 62 | * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. | ||
| 63 | * | ||
| 64 | * The Contribution is licensed pursuant to the OpenSSL open source | ||
| 65 | * license provided above. | ||
| 66 | * | ||
| 67 | * The elliptic curve binary polynomial software is originally written by | ||
| 68 | * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. | ||
| 69 | * | ||
| 70 | */ | ||
| 55 | 71 | ||
| 56 | 72 | ||
| 57 | #include <stdlib.h> | 73 | #include <stdlib.h> |
| 58 | 74 | ||
| 75 | #include <openssl/obj_mac.h> | ||
| 59 | #include <openssl/ec.h> | 76 | #include <openssl/ec.h> |
| 77 | #include <openssl/bn.h> | ||
| 60 | 78 | ||
| 79 | #if defined(__SUNPRO_C) | ||
| 80 | # if __SUNPRO_C >= 0x520 | ||
| 81 | # pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE) | ||
| 82 | # endif | ||
| 83 | #endif | ||
| 61 | 84 | ||
| 62 | /* Structure details are not part of the exported interface, | 85 | /* Structure details are not part of the exported interface, |
| 63 | * so all this may change in future versions. */ | 86 | * so all this may change in future versions. */ |
| 64 | 87 | ||
| 65 | struct ec_method_st { | 88 | struct ec_method_st { |
| 89 | /* used by EC_METHOD_get_field_type: */ | ||
| 90 | int field_type; /* a NID */ | ||
| 91 | |||
| 66 | /* used by EC_GROUP_new, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_copy: */ | 92 | /* used by EC_GROUP_new, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_copy: */ |
| 67 | int (*group_init)(EC_GROUP *); | 93 | int (*group_init)(EC_GROUP *); |
| 68 | void (*group_finish)(EC_GROUP *); | 94 | void (*group_finish)(EC_GROUP *); |
| 69 | void (*group_clear_finish)(EC_GROUP *); | 95 | void (*group_clear_finish)(EC_GROUP *); |
| 70 | int (*group_copy)(EC_GROUP *, const EC_GROUP *); | 96 | int (*group_copy)(EC_GROUP *, const EC_GROUP *); |
| 71 | 97 | ||
| 72 | /* used by EC_GROUP_set_curve_GFp and EC_GROUP_get_curve_GFp: */ | 98 | /* used by EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, */ |
| 73 | int (*group_set_curve_GFp)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | 99 | /* EC_GROUP_set_curve_GF2m, and EC_GROUP_get_curve_GF2m: */ |
| 74 | int (*group_get_curve_GFp)(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); | 100 | int (*group_set_curve)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); |
| 101 | int (*group_get_curve)(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); | ||
| 75 | 102 | ||
| 76 | /* used by EC_GROUP_set_generator, EC_GROUP_get0_generator, | 103 | /* used by EC_GROUP_get_degree: */ |
| 77 | * EC_GROUP_get_order, EC_GROUP_get_cofactor: | 104 | int (*group_get_degree)(const EC_GROUP *); |
| 78 | */ | 105 | |
| 79 | int (*group_set_generator)(EC_GROUP *, const EC_POINT *generator, | 106 | /* used by EC_GROUP_check: */ |
| 80 | const BIGNUM *order, const BIGNUM *cofactor); | 107 | int (*group_check_discriminant)(const EC_GROUP *, BN_CTX *); |
| 81 | EC_POINT *(*group_get0_generator)(const EC_GROUP *); | ||
| 82 | int (*group_get_order)(const EC_GROUP *, BIGNUM *order, BN_CTX *); | ||
| 83 | int (*group_get_cofactor)(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *); | ||
| 84 | 108 | ||
| 85 | /* used by EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy: */ | 109 | /* used by EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy: */ |
| 86 | int (*point_init)(EC_POINT *); | 110 | int (*point_init)(EC_POINT *); |
| @@ -89,20 +113,22 @@ struct ec_method_st { | |||
| 89 | int (*point_copy)(EC_POINT *, const EC_POINT *); | 113 | int (*point_copy)(EC_POINT *, const EC_POINT *); |
| 90 | 114 | ||
| 91 | /* used by EC_POINT_set_to_infinity, | 115 | /* used by EC_POINT_set_to_infinity, |
| 92 | * EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_get_Jprojective_coordinates_GFp, | 116 | * EC_POINT_set_Jprojective_coordinates_GFp, |
| 93 | * EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, | 117 | * EC_POINT_get_Jprojective_coordinates_GFp, |
| 94 | * EC_POINT_set_compressed_coordinates_GFp: | 118 | * EC_POINT_set_affine_coordinates_GFp, ..._GF2m, |
| 119 | * EC_POINT_get_affine_coordinates_GFp, ..._GF2m, | ||
| 120 | * EC_POINT_set_compressed_coordinates_GFp, ..._GF2m: | ||
| 95 | */ | 121 | */ |
| 96 | int (*point_set_to_infinity)(const EC_GROUP *, EC_POINT *); | 122 | int (*point_set_to_infinity)(const EC_GROUP *, EC_POINT *); |
| 97 | int (*point_set_Jprojective_coordinates_GFp)(const EC_GROUP *, EC_POINT *, | 123 | int (*point_set_Jprojective_coordinates_GFp)(const EC_GROUP *, EC_POINT *, |
| 98 | const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *); | 124 | const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *); |
| 99 | int (*point_get_Jprojective_coordinates_GFp)(const EC_GROUP *, const EC_POINT *, | 125 | int (*point_get_Jprojective_coordinates_GFp)(const EC_GROUP *, const EC_POINT *, |
| 100 | BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *); | 126 | BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *); |
| 101 | int (*point_set_affine_coordinates_GFp)(const EC_GROUP *, EC_POINT *, | 127 | int (*point_set_affine_coordinates)(const EC_GROUP *, EC_POINT *, |
| 102 | const BIGNUM *x, const BIGNUM *y, BN_CTX *); | 128 | const BIGNUM *x, const BIGNUM *y, BN_CTX *); |
| 103 | int (*point_get_affine_coordinates_GFp)(const EC_GROUP *, const EC_POINT *, | 129 | int (*point_get_affine_coordinates)(const EC_GROUP *, const EC_POINT *, |
| 104 | BIGNUM *x, BIGNUM *y, BN_CTX *); | 130 | BIGNUM *x, BIGNUM *y, BN_CTX *); |
| 105 | int (*point_set_compressed_coordinates_GFp)(const EC_GROUP *, EC_POINT *, | 131 | int (*point_set_compressed_coordinates)(const EC_GROUP *, EC_POINT *, |
| 106 | const BIGNUM *x, int y_bit, BN_CTX *); | 132 | const BIGNUM *x, int y_bit, BN_CTX *); |
| 107 | 133 | ||
| 108 | /* used by EC_POINT_point2oct, EC_POINT_oct2point: */ | 134 | /* used by EC_POINT_point2oct, EC_POINT_oct2point: */ |
| @@ -125,34 +151,65 @@ struct ec_method_st { | |||
| 125 | int (*make_affine)(const EC_GROUP *, EC_POINT *, BN_CTX *); | 151 | int (*make_affine)(const EC_GROUP *, EC_POINT *, BN_CTX *); |
| 126 | int (*points_make_affine)(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); | 152 | int (*points_make_affine)(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); |
| 127 | 153 | ||
| 154 | /* used by EC_POINTs_mul, EC_POINT_mul, EC_POINT_precompute_mult, EC_POINT_have_precompute_mult | ||
| 155 | * (default implementations are used if the 'mul' pointer is 0): */ | ||
| 156 | int (*mul)(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | ||
| 157 | size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *); | ||
| 158 | int (*precompute_mult)(EC_GROUP *group, BN_CTX *); | ||
| 159 | int (*have_precompute_mult)(const EC_GROUP *group); | ||
| 160 | |||
| 128 | 161 | ||
| 129 | /* internal functions */ | 162 | /* internal functions */ |
| 130 | 163 | ||
| 131 | /* 'field_mul' and 'field_sqr' can be used by 'add' and 'dbl' so that | 164 | /* 'field_mul', 'field_sqr', and 'field_div' can be used by 'add' and 'dbl' so that |
| 132 | * the same implementations of point operations can be used with different | 165 | * the same implementations of point operations can be used with different |
| 133 | * optimized implementations of expensive field operations: */ | 166 | * optimized implementations of expensive field operations: */ |
| 134 | int (*field_mul)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | 167 | int (*field_mul)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); |
| 135 | int (*field_sqr)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); | 168 | int (*field_sqr)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); |
| 169 | int (*field_div)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | ||
| 136 | 170 | ||
| 137 | int (*field_encode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); /* e.g. to Montgomery */ | 171 | int (*field_encode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); /* e.g. to Montgomery */ |
| 138 | int (*field_decode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); /* e.g. from Montgomery */ | 172 | int (*field_decode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); /* e.g. from Montgomery */ |
| 139 | int (*field_set_to_one)(const EC_GROUP *, BIGNUM *r, BN_CTX *); | 173 | int (*field_set_to_one)(const EC_GROUP *, BIGNUM *r, BN_CTX *); |
| 140 | } /* EC_METHOD */; | 174 | } /* EC_METHOD */; |
| 141 | 175 | ||
| 176 | typedef struct ec_extra_data_st { | ||
| 177 | struct ec_extra_data_st *next; | ||
| 178 | void *data; | ||
| 179 | void *(*dup_func)(void *); | ||
| 180 | void (*free_func)(void *); | ||
| 181 | void (*clear_free_func)(void *); | ||
| 182 | } EC_EXTRA_DATA; /* used in EC_GROUP */ | ||
| 142 | 183 | ||
| 143 | struct ec_group_st { | 184 | struct ec_group_st { |
| 144 | const EC_METHOD *meth; | 185 | const EC_METHOD *meth; |
| 145 | 186 | ||
| 146 | void *extra_data; | 187 | EC_POINT *generator; /* optional */ |
| 147 | void *(*extra_data_dup_func)(void *); | 188 | BIGNUM order, cofactor; |
| 148 | void (*extra_data_free_func)(void *); | 189 | |
| 149 | void (*extra_data_clear_free_func)(void *); | 190 | int curve_name;/* optional NID for named curve */ |
| 191 | int asn1_flag; /* flag to control the asn1 encoding */ | ||
| 192 | point_conversion_form_t asn1_form; | ||
| 193 | |||
| 194 | unsigned char *seed; /* optional seed for parameters (appears in ASN1) */ | ||
| 195 | size_t seed_len; | ||
| 150 | 196 | ||
| 151 | /* All members except 'meth' and 'extra_data...' are handled by | 197 | EC_EXTRA_DATA *extra_data; /* linked list */ |
| 152 | * the method functions, even if they appear generic */ | 198 | |
| 199 | /* The following members are handled by the method functions, | ||
| 200 | * even if they appear generic */ | ||
| 153 | 201 | ||
| 154 | BIGNUM field; /* Field specification. | 202 | BIGNUM field; /* Field specification. |
| 155 | * For curves over GF(p), this is the modulus. */ | 203 | * For curves over GF(p), this is the modulus; |
| 204 | * for curves over GF(2^m), this is the | ||
| 205 | * irreducible polynomial defining the field. | ||
| 206 | */ | ||
| 207 | |||
| 208 | unsigned int poly[5]; /* Field specification for curves over GF(2^m). | ||
| 209 | * The irreducible f(t) is then of the form: | ||
| 210 | * t^poly[0] + t^poly[1] + ... + t^poly[k] | ||
| 211 | * where m = poly[0] > poly[1] > ... > poly[k] = 0. | ||
| 212 | */ | ||
| 156 | 213 | ||
| 157 | BIGNUM a, b; /* Curve coefficients. | 214 | BIGNUM a, b; /* Curve coefficients. |
| 158 | * (Here the assumption is that BIGNUMs can be used | 215 | * (Here the assumption is that BIGNUMs can be used |
| @@ -160,29 +217,49 @@ struct ec_group_st { | |||
| 160 | * For characteristic > 3, the curve is defined | 217 | * For characteristic > 3, the curve is defined |
| 161 | * by a Weierstrass equation of the form | 218 | * by a Weierstrass equation of the form |
| 162 | * y^2 = x^3 + a*x + b. | 219 | * y^2 = x^3 + a*x + b. |
| 220 | * For characteristic 2, the curve is defined by | ||
| 221 | * an equation of the form | ||
| 222 | * y^2 + x*y = x^3 + a*x^2 + b. | ||
| 163 | */ | 223 | */ |
| 164 | int a_is_minus3; /* enable optimized point arithmetics for special case */ | ||
| 165 | 224 | ||
| 166 | EC_POINT *generator; /* optional */ | 225 | int a_is_minus3; /* enable optimized point arithmetics for special case */ |
| 167 | BIGNUM order, cofactor; | ||
| 168 | 226 | ||
| 169 | void *field_data1; /* method-specific (e.g., Montgomery structure) */ | 227 | void *field_data1; /* method-specific (e.g., Montgomery structure) */ |
| 170 | void *field_data2; /* method-specific */ | 228 | void *field_data2; /* method-specific */ |
| 229 | int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); /* method-specific */ | ||
| 171 | } /* EC_GROUP */; | 230 | } /* EC_GROUP */; |
| 172 | 231 | ||
| 232 | struct ec_key_st { | ||
| 233 | int version; | ||
| 234 | |||
| 235 | EC_GROUP *group; | ||
| 236 | |||
| 237 | EC_POINT *pub_key; | ||
| 238 | BIGNUM *priv_key; | ||
| 239 | |||
| 240 | unsigned int enc_flag; | ||
| 241 | point_conversion_form_t conv_form; | ||
| 173 | 242 | ||
| 174 | /* Basically a 'mixin' for extra data, but available for EC_GROUPs only | 243 | int references; |
| 244 | |||
| 245 | EC_EXTRA_DATA *method_data; | ||
| 246 | } /* EC_KEY */; | ||
| 247 | |||
| 248 | /* Basically a 'mixin' for extra data, but available for EC_GROUPs/EC_KEYs only | ||
| 175 | * (with visibility limited to 'package' level for now). | 249 | * (with visibility limited to 'package' level for now). |
| 176 | * We use the function pointers as index for retrieval; this obviates | 250 | * We use the function pointers as index for retrieval; this obviates |
| 177 | * global ex_data-style index tables. | 251 | * global ex_data-style index tables. |
| 178 | * (Currently, we have one slot only, but is is possible to extend this | 252 | */ |
| 179 | * if necessary.) */ | 253 | int EC_EX_DATA_set_data(EC_EXTRA_DATA **, void *data, |
| 180 | int EC_GROUP_set_extra_data(EC_GROUP *, void *extra_data, void *(*extra_data_dup_func)(void *), | 254 | void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); |
| 181 | void (*extra_data_free_func)(void *), void (*extra_data_clear_free_func)(void *)); | 255 | void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *, |
| 182 | void *EC_GROUP_get_extra_data(const EC_GROUP *, void *(*extra_data_dup_func)(void *), | 256 | void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); |
| 183 | void (*extra_data_free_func)(void *), void (*extra_data_clear_free_func)(void *)); | 257 | void EC_EX_DATA_free_data(EC_EXTRA_DATA **, |
| 184 | void EC_GROUP_free_extra_data(EC_GROUP *); | 258 | void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); |
| 185 | void EC_GROUP_clear_free_extra_data(EC_GROUP *); | 259 | void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **, |
| 260 | void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); | ||
| 261 | void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **); | ||
| 262 | void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **); | ||
| 186 | 263 | ||
| 187 | 264 | ||
| 188 | 265 | ||
| @@ -201,18 +278,23 @@ struct ec_point_st { | |||
| 201 | 278 | ||
| 202 | 279 | ||
| 203 | 280 | ||
| 281 | /* method functions in ec_mult.c | ||
| 282 | * (ec_lib.c uses these as defaults if group->method->mul is 0) */ | ||
| 283 | int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | ||
| 284 | size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *); | ||
| 285 | int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *); | ||
| 286 | int ec_wNAF_have_precompute_mult(const EC_GROUP *group); | ||
| 287 | |||
| 288 | |||
| 204 | /* method functions in ecp_smpl.c */ | 289 | /* method functions in ecp_smpl.c */ |
| 205 | int ec_GFp_simple_group_init(EC_GROUP *); | 290 | int ec_GFp_simple_group_init(EC_GROUP *); |
| 206 | void ec_GFp_simple_group_finish(EC_GROUP *); | 291 | void ec_GFp_simple_group_finish(EC_GROUP *); |
| 207 | void ec_GFp_simple_group_clear_finish(EC_GROUP *); | 292 | void ec_GFp_simple_group_clear_finish(EC_GROUP *); |
| 208 | int ec_GFp_simple_group_copy(EC_GROUP *, const EC_GROUP *); | 293 | int ec_GFp_simple_group_copy(EC_GROUP *, const EC_GROUP *); |
| 209 | int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | 294 | int ec_GFp_simple_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); |
| 210 | int ec_GFp_simple_group_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); | 295 | int ec_GFp_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); |
| 211 | int ec_GFp_simple_group_set_generator(EC_GROUP *, const EC_POINT *generator, | 296 | int ec_GFp_simple_group_get_degree(const EC_GROUP *); |
| 212 | const BIGNUM *order, const BIGNUM *cofactor); | 297 | int ec_GFp_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *); |
| 213 | EC_POINT *ec_GFp_simple_group_get0_generator(const EC_GROUP *); | ||
| 214 | int ec_GFp_simple_group_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *); | ||
| 215 | int ec_GFp_simple_group_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *); | ||
| 216 | int ec_GFp_simple_point_init(EC_POINT *); | 298 | int ec_GFp_simple_point_init(EC_POINT *); |
| 217 | void ec_GFp_simple_point_finish(EC_POINT *); | 299 | void ec_GFp_simple_point_finish(EC_POINT *); |
| 218 | void ec_GFp_simple_point_clear_finish(EC_POINT *); | 300 | void ec_GFp_simple_point_clear_finish(EC_POINT *); |
| @@ -222,11 +304,11 @@ int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *, EC_POINT *, | |||
| 222 | const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *); | 304 | const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *); |
| 223 | int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *, const EC_POINT *, | 305 | int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *, const EC_POINT *, |
| 224 | BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *); | 306 | BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *); |
| 225 | int ec_GFp_simple_point_set_affine_coordinates_GFp(const EC_GROUP *, EC_POINT *, | 307 | int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *, |
| 226 | const BIGNUM *x, const BIGNUM *y, BN_CTX *); | 308 | const BIGNUM *x, const BIGNUM *y, BN_CTX *); |
| 227 | int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *, const EC_POINT *, | 309 | int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *, const EC_POINT *, |
| 228 | BIGNUM *x, BIGNUM *y, BN_CTX *); | 310 | BIGNUM *x, BIGNUM *y, BN_CTX *); |
| 229 | int ec_GFp_simple_set_compressed_coordinates_GFp(const EC_GROUP *, EC_POINT *, | 311 | int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *, |
| 230 | const BIGNUM *x, int y_bit, BN_CTX *); | 312 | const BIGNUM *x, int y_bit, BN_CTX *); |
| 231 | size_t ec_GFp_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form, | 313 | size_t ec_GFp_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form, |
| 232 | unsigned char *buf, size_t len, BN_CTX *); | 314 | unsigned char *buf, size_t len, BN_CTX *); |
| @@ -246,7 +328,7 @@ int ec_GFp_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX | |||
| 246 | 328 | ||
| 247 | /* method functions in ecp_mont.c */ | 329 | /* method functions in ecp_mont.c */ |
| 248 | int ec_GFp_mont_group_init(EC_GROUP *); | 330 | int ec_GFp_mont_group_init(EC_GROUP *); |
| 249 | int ec_GFp_mont_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | 331 | int ec_GFp_mont_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); |
| 250 | void ec_GFp_mont_group_finish(EC_GROUP *); | 332 | void ec_GFp_mont_group_finish(EC_GROUP *); |
| 251 | void ec_GFp_mont_group_clear_finish(EC_GROUP *); | 333 | void ec_GFp_mont_group_clear_finish(EC_GROUP *); |
| 252 | int ec_GFp_mont_group_copy(EC_GROUP *, const EC_GROUP *); | 334 | int ec_GFp_mont_group_copy(EC_GROUP *, const EC_GROUP *); |
| @@ -257,21 +339,52 @@ int ec_GFp_mont_field_decode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CT | |||
| 257 | int ec_GFp_mont_field_set_to_one(const EC_GROUP *, BIGNUM *r, BN_CTX *); | 339 | int ec_GFp_mont_field_set_to_one(const EC_GROUP *, BIGNUM *r, BN_CTX *); |
| 258 | 340 | ||
| 259 | 341 | ||
| 260 | /* method functions in ecp_recp.c */ | ||
| 261 | int ec_GFp_recp_group_init(EC_GROUP *); | ||
| 262 | int ec_GFp_recp_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | ||
| 263 | void ec_GFp_recp_group_finish(EC_GROUP *); | ||
| 264 | void ec_GFp_recp_group_clear_finish(EC_GROUP *); | ||
| 265 | int ec_GFp_recp_group_copy(EC_GROUP *, const EC_GROUP *); | ||
| 266 | int ec_GFp_recp_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | ||
| 267 | int ec_GFp_recp_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); | ||
| 268 | |||
| 269 | |||
| 270 | /* method functions in ecp_nist.c */ | 342 | /* method functions in ecp_nist.c */ |
| 271 | int ec_GFp_nist_group_init(EC_GROUP *); | 343 | int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src); |
| 272 | int ec_GFp_nist_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | 344 | int ec_GFp_nist_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); |
| 273 | void ec_GFp_nist_group_finish(EC_GROUP *); | ||
| 274 | void ec_GFp_nist_group_clear_finish(EC_GROUP *); | ||
| 275 | int ec_GFp_nist_group_copy(EC_GROUP *, const EC_GROUP *); | ||
| 276 | int ec_GFp_nist_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | 345 | int ec_GFp_nist_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); |
| 277 | int ec_GFp_nist_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); | 346 | int ec_GFp_nist_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); |
| 347 | |||
| 348 | |||
| 349 | /* method functions in ec2_smpl.c */ | ||
| 350 | int ec_GF2m_simple_group_init(EC_GROUP *); | ||
| 351 | void ec_GF2m_simple_group_finish(EC_GROUP *); | ||
| 352 | void ec_GF2m_simple_group_clear_finish(EC_GROUP *); | ||
| 353 | int ec_GF2m_simple_group_copy(EC_GROUP *, const EC_GROUP *); | ||
| 354 | int ec_GF2m_simple_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | ||
| 355 | int ec_GF2m_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); | ||
| 356 | int ec_GF2m_simple_group_get_degree(const EC_GROUP *); | ||
| 357 | int ec_GF2m_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *); | ||
| 358 | int ec_GF2m_simple_point_init(EC_POINT *); | ||
| 359 | void ec_GF2m_simple_point_finish(EC_POINT *); | ||
| 360 | void ec_GF2m_simple_point_clear_finish(EC_POINT *); | ||
| 361 | int ec_GF2m_simple_point_copy(EC_POINT *, const EC_POINT *); | ||
| 362 | int ec_GF2m_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *); | ||
| 363 | int ec_GF2m_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *, | ||
| 364 | const BIGNUM *x, const BIGNUM *y, BN_CTX *); | ||
| 365 | int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *, const EC_POINT *, | ||
| 366 | BIGNUM *x, BIGNUM *y, BN_CTX *); | ||
| 367 | int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *, | ||
| 368 | const BIGNUM *x, int y_bit, BN_CTX *); | ||
| 369 | size_t ec_GF2m_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form, | ||
| 370 | unsigned char *buf, size_t len, BN_CTX *); | ||
| 371 | int ec_GF2m_simple_oct2point(const EC_GROUP *, EC_POINT *, | ||
| 372 | const unsigned char *buf, size_t len, BN_CTX *); | ||
| 373 | int ec_GF2m_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *); | ||
| 374 | int ec_GF2m_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *); | ||
| 375 | int ec_GF2m_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *); | ||
| 376 | int ec_GF2m_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *); | ||
| 377 | int ec_GF2m_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *); | ||
| 378 | int ec_GF2m_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *); | ||
| 379 | int ec_GF2m_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *); | ||
| 380 | int ec_GF2m_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); | ||
| 381 | int ec_GF2m_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | ||
| 382 | int ec_GF2m_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); | ||
| 383 | int ec_GF2m_simple_field_div(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); | ||
| 384 | |||
| 385 | |||
| 386 | /* method functions in ec2_mult.c */ | ||
| 387 | int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | ||
| 388 | size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *); | ||
| 389 | int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx); | ||
| 390 | int ec_GF2m_have_precompute_mult(const EC_GROUP *group); | ||
diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c index deb522060f..5af84376c6 100644 --- a/src/lib/libcrypto/ec/ec_lib.c +++ b/src/lib/libcrypto/ec/ec_lib.c | |||
| @@ -1,6 +1,9 @@ | |||
| 1 | /* crypto/ec/ec_lib.c */ | 1 | /* crypto/ec/ec_lib.c */ |
| 2 | /* | ||
| 3 | * Originally written by Bodo Moeller for the OpenSSL project. | ||
| 4 | */ | ||
| 2 | /* ==================================================================== | 5 | /* ==================================================================== |
| 3 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. |
| 4 | * | 7 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -52,6 +55,11 @@ | |||
| 52 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 53 | * | 56 | * |
| 54 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * Binary polynomial ECC support in OpenSSL originally developed by | ||
| 61 | * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | ||
| 62 | */ | ||
| 55 | 63 | ||
| 56 | #include <string.h> | 64 | #include <string.h> |
| 57 | 65 | ||
| @@ -90,10 +98,18 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth) | |||
| 90 | ret->meth = meth; | 98 | ret->meth = meth; |
| 91 | 99 | ||
| 92 | ret->extra_data = NULL; | 100 | ret->extra_data = NULL; |
| 93 | ret->extra_data_dup_func = 0; | 101 | |
| 94 | ret->extra_data_free_func = 0; | 102 | ret->generator = NULL; |
| 95 | ret->extra_data_clear_free_func = 0; | 103 | BN_init(&ret->order); |
| 96 | 104 | BN_init(&ret->cofactor); | |
| 105 | |||
| 106 | ret->curve_name = 0; | ||
| 107 | ret->asn1_flag = 0; | ||
| 108 | ret->asn1_form = POINT_CONVERSION_UNCOMPRESSED; | ||
| 109 | |||
| 110 | ret->seed = NULL; | ||
| 111 | ret->seed_len = 0; | ||
| 112 | |||
| 97 | if (!meth->group_init(ret)) | 113 | if (!meth->group_init(ret)) |
| 98 | { | 114 | { |
| 99 | OPENSSL_free(ret); | 115 | OPENSSL_free(ret); |
| @@ -111,7 +127,15 @@ void EC_GROUP_free(EC_GROUP *group) | |||
| 111 | if (group->meth->group_finish != 0) | 127 | if (group->meth->group_finish != 0) |
| 112 | group->meth->group_finish(group); | 128 | group->meth->group_finish(group); |
| 113 | 129 | ||
| 114 | EC_GROUP_free_extra_data(group); | 130 | EC_EX_DATA_free_all_data(&group->extra_data); |
| 131 | |||
| 132 | if (group->generator != NULL) | ||
| 133 | EC_POINT_free(group->generator); | ||
| 134 | BN_free(&group->order); | ||
| 135 | BN_free(&group->cofactor); | ||
| 136 | |||
| 137 | if (group->seed) | ||
| 138 | OPENSSL_free(group->seed); | ||
| 115 | 139 | ||
| 116 | OPENSSL_free(group); | 140 | OPENSSL_free(group); |
| 117 | } | 141 | } |
| @@ -123,10 +147,21 @@ void EC_GROUP_clear_free(EC_GROUP *group) | |||
| 123 | 147 | ||
| 124 | if (group->meth->group_clear_finish != 0) | 148 | if (group->meth->group_clear_finish != 0) |
| 125 | group->meth->group_clear_finish(group); | 149 | group->meth->group_clear_finish(group); |
| 126 | else if (group->meth != NULL && group->meth->group_finish != 0) | 150 | else if (group->meth->group_finish != 0) |
| 127 | group->meth->group_finish(group); | 151 | group->meth->group_finish(group); |
| 128 | 152 | ||
| 129 | EC_GROUP_clear_free_extra_data(group); | 153 | EC_EX_DATA_clear_free_all_data(&group->extra_data); |
| 154 | |||
| 155 | if (group->generator != NULL) | ||
| 156 | EC_POINT_clear_free(group->generator); | ||
| 157 | BN_clear_free(&group->order); | ||
| 158 | BN_clear_free(&group->cofactor); | ||
| 159 | |||
| 160 | if (group->seed) | ||
| 161 | { | ||
| 162 | OPENSSL_cleanse(group->seed, group->seed_len); | ||
| 163 | OPENSSL_free(group->seed); | ||
| 164 | } | ||
| 130 | 165 | ||
| 131 | OPENSSL_cleanse(group, sizeof *group); | 166 | OPENSSL_cleanse(group, sizeof *group); |
| 132 | OPENSSL_free(group); | 167 | OPENSSL_free(group); |
| @@ -135,6 +170,8 @@ void EC_GROUP_clear_free(EC_GROUP *group) | |||
| 135 | 170 | ||
| 136 | int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) | 171 | int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) |
| 137 | { | 172 | { |
| 173 | EC_EXTRA_DATA *d; | ||
| 174 | |||
| 138 | if (dest->meth->group_copy == 0) | 175 | if (dest->meth->group_copy == 0) |
| 139 | { | 176 | { |
| 140 | ECerr(EC_F_EC_GROUP_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 177 | ECerr(EC_F_EC_GROUP_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| @@ -148,161 +185,507 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) | |||
| 148 | if (dest == src) | 185 | if (dest == src) |
| 149 | return 1; | 186 | return 1; |
| 150 | 187 | ||
| 151 | EC_GROUP_clear_free_extra_data(dest); | 188 | EC_EX_DATA_free_all_data(&dest->extra_data); |
| 152 | if (src->extra_data_dup_func) | 189 | |
| 190 | for (d = src->extra_data; d != NULL; d = d->next) | ||
| 153 | { | 191 | { |
| 154 | if (src->extra_data != NULL) | 192 | void *t = d->dup_func(d->data); |
| 193 | |||
| 194 | if (t == NULL) | ||
| 195 | return 0; | ||
| 196 | if (!EC_EX_DATA_set_data(&dest->extra_data, t, d->dup_func, d->free_func, d->clear_free_func)) | ||
| 197 | return 0; | ||
| 198 | } | ||
| 199 | |||
| 200 | if (src->generator != NULL) | ||
| 201 | { | ||
| 202 | if (dest->generator == NULL) | ||
| 203 | { | ||
| 204 | dest->generator = EC_POINT_new(dest); | ||
| 205 | if (dest->generator == NULL) return 0; | ||
| 206 | } | ||
| 207 | if (!EC_POINT_copy(dest->generator, src->generator)) return 0; | ||
| 208 | } | ||
| 209 | else | ||
| 210 | { | ||
| 211 | /* src->generator == NULL */ | ||
| 212 | if (dest->generator != NULL) | ||
| 155 | { | 213 | { |
| 156 | dest->extra_data = src->extra_data_dup_func(src->extra_data); | 214 | EC_POINT_clear_free(dest->generator); |
| 157 | if (dest->extra_data == NULL) | 215 | dest->generator = NULL; |
| 158 | return 0; | ||
| 159 | } | 216 | } |
| 217 | } | ||
| 218 | |||
| 219 | if (!BN_copy(&dest->order, &src->order)) return 0; | ||
| 220 | if (!BN_copy(&dest->cofactor, &src->cofactor)) return 0; | ||
| 160 | 221 | ||
| 161 | dest->extra_data_dup_func = src->extra_data_dup_func; | 222 | dest->curve_name = src->curve_name; |
| 162 | dest->extra_data_free_func = src->extra_data_free_func; | 223 | dest->asn1_flag = src->asn1_flag; |
| 163 | dest->extra_data_clear_free_func = src->extra_data_clear_free_func; | 224 | dest->asn1_form = src->asn1_form; |
| 225 | |||
| 226 | if (src->seed) | ||
| 227 | { | ||
| 228 | if (dest->seed) | ||
| 229 | OPENSSL_free(dest->seed); | ||
| 230 | dest->seed = OPENSSL_malloc(src->seed_len); | ||
| 231 | if (dest->seed == NULL) | ||
| 232 | return 0; | ||
| 233 | if (!memcpy(dest->seed, src->seed, src->seed_len)) | ||
| 234 | return 0; | ||
| 235 | dest->seed_len = src->seed_len; | ||
| 236 | } | ||
| 237 | else | ||
| 238 | { | ||
| 239 | if (dest->seed) | ||
| 240 | OPENSSL_free(dest->seed); | ||
| 241 | dest->seed = NULL; | ||
| 242 | dest->seed_len = 0; | ||
| 164 | } | 243 | } |
| 244 | |||
| 165 | 245 | ||
| 166 | return dest->meth->group_copy(dest, src); | 246 | return dest->meth->group_copy(dest, src); |
| 167 | } | 247 | } |
| 168 | 248 | ||
| 169 | 249 | ||
| 250 | EC_GROUP *EC_GROUP_dup(const EC_GROUP *a) | ||
| 251 | { | ||
| 252 | EC_GROUP *t = NULL; | ||
| 253 | int ok = 0; | ||
| 254 | |||
| 255 | if (a == NULL) return NULL; | ||
| 256 | |||
| 257 | if ((t = EC_GROUP_new(a->meth)) == NULL) return(NULL); | ||
| 258 | if (!EC_GROUP_copy(t, a)) goto err; | ||
| 259 | |||
| 260 | ok = 1; | ||
| 261 | |||
| 262 | err: | ||
| 263 | if (!ok) | ||
| 264 | { | ||
| 265 | if (t) EC_GROUP_free(t); | ||
| 266 | return NULL; | ||
| 267 | } | ||
| 268 | else return t; | ||
| 269 | } | ||
| 270 | |||
| 271 | |||
| 170 | const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group) | 272 | const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group) |
| 171 | { | 273 | { |
| 172 | return group->meth; | 274 | return group->meth; |
| 173 | } | 275 | } |
| 174 | 276 | ||
| 175 | 277 | ||
| 278 | int EC_METHOD_get_field_type(const EC_METHOD *meth) | ||
| 279 | { | ||
| 280 | return meth->field_type; | ||
| 281 | } | ||
| 282 | |||
| 283 | |||
| 284 | int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor) | ||
| 285 | { | ||
| 286 | if (generator == NULL) | ||
| 287 | { | ||
| 288 | ECerr(EC_F_EC_GROUP_SET_GENERATOR, ERR_R_PASSED_NULL_PARAMETER); | ||
| 289 | return 0 ; | ||
| 290 | } | ||
| 291 | |||
| 292 | if (group->generator == NULL) | ||
| 293 | { | ||
| 294 | group->generator = EC_POINT_new(group); | ||
| 295 | if (group->generator == NULL) return 0; | ||
| 296 | } | ||
| 297 | if (!EC_POINT_copy(group->generator, generator)) return 0; | ||
| 298 | |||
| 299 | if (order != NULL) | ||
| 300 | { if (!BN_copy(&group->order, order)) return 0; } | ||
| 301 | else | ||
| 302 | BN_zero(&group->order); | ||
| 303 | |||
| 304 | if (cofactor != NULL) | ||
| 305 | { if (!BN_copy(&group->cofactor, cofactor)) return 0; } | ||
| 306 | else | ||
| 307 | BN_zero(&group->cofactor); | ||
| 308 | |||
| 309 | return 1; | ||
| 310 | } | ||
| 311 | |||
| 312 | |||
| 313 | const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group) | ||
| 314 | { | ||
| 315 | return group->generator; | ||
| 316 | } | ||
| 317 | |||
| 318 | |||
| 319 | int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx) | ||
| 320 | { | ||
| 321 | if (!BN_copy(order, &group->order)) | ||
| 322 | return 0; | ||
| 323 | |||
| 324 | return !BN_is_zero(order); | ||
| 325 | } | ||
| 326 | |||
| 327 | |||
| 328 | int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx) | ||
| 329 | { | ||
| 330 | if (!BN_copy(cofactor, &group->cofactor)) | ||
| 331 | return 0; | ||
| 332 | |||
| 333 | return !BN_is_zero(&group->cofactor); | ||
| 334 | } | ||
| 335 | |||
| 336 | |||
| 337 | void EC_GROUP_set_curve_name(EC_GROUP *group, int nid) | ||
| 338 | { | ||
| 339 | group->curve_name = nid; | ||
| 340 | } | ||
| 341 | |||
| 342 | |||
| 343 | int EC_GROUP_get_curve_name(const EC_GROUP *group) | ||
| 344 | { | ||
| 345 | return group->curve_name; | ||
| 346 | } | ||
| 347 | |||
| 348 | |||
| 349 | void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag) | ||
| 350 | { | ||
| 351 | group->asn1_flag = flag; | ||
| 352 | } | ||
| 353 | |||
| 354 | |||
| 355 | int EC_GROUP_get_asn1_flag(const EC_GROUP *group) | ||
| 356 | { | ||
| 357 | return group->asn1_flag; | ||
| 358 | } | ||
| 359 | |||
| 360 | |||
| 361 | void EC_GROUP_set_point_conversion_form(EC_GROUP *group, | ||
| 362 | point_conversion_form_t form) | ||
| 363 | { | ||
| 364 | group->asn1_form = form; | ||
| 365 | } | ||
| 366 | |||
| 367 | |||
| 368 | point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *group) | ||
| 369 | { | ||
| 370 | return group->asn1_form; | ||
| 371 | } | ||
| 372 | |||
| 373 | |||
| 374 | size_t EC_GROUP_set_seed(EC_GROUP *group, const unsigned char *p, size_t len) | ||
| 375 | { | ||
| 376 | if (group->seed) | ||
| 377 | { | ||
| 378 | OPENSSL_free(group->seed); | ||
| 379 | group->seed = NULL; | ||
| 380 | group->seed_len = 0; | ||
| 381 | } | ||
| 382 | |||
| 383 | if (!len || !p) | ||
| 384 | return 1; | ||
| 385 | |||
| 386 | if ((group->seed = OPENSSL_malloc(len)) == NULL) | ||
| 387 | return 0; | ||
| 388 | memcpy(group->seed, p, len); | ||
| 389 | group->seed_len = len; | ||
| 390 | |||
| 391 | return len; | ||
| 392 | } | ||
| 393 | |||
| 394 | |||
| 395 | unsigned char *EC_GROUP_get0_seed(const EC_GROUP *group) | ||
| 396 | { | ||
| 397 | return group->seed; | ||
| 398 | } | ||
| 399 | |||
| 400 | |||
| 401 | size_t EC_GROUP_get_seed_len(const EC_GROUP *group) | ||
| 402 | { | ||
| 403 | return group->seed_len; | ||
| 404 | } | ||
| 405 | |||
| 406 | |||
| 176 | int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | 407 | int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) |
| 177 | { | 408 | { |
| 178 | if (group->meth->group_set_curve_GFp == 0) | 409 | if (group->meth->group_set_curve == 0) |
| 179 | { | 410 | { |
| 180 | ECerr(EC_F_EC_GROUP_SET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 411 | ECerr(EC_F_EC_GROUP_SET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 181 | return 0; | 412 | return 0; |
| 182 | } | 413 | } |
| 183 | return group->meth->group_set_curve_GFp(group, p, a, b, ctx); | 414 | return group->meth->group_set_curve(group, p, a, b, ctx); |
| 184 | } | 415 | } |
| 185 | 416 | ||
| 186 | 417 | ||
| 187 | int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) | 418 | int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) |
| 188 | { | 419 | { |
| 189 | if (group->meth->group_get_curve_GFp == 0) | 420 | if (group->meth->group_get_curve == 0) |
| 190 | { | 421 | { |
| 191 | ECerr(EC_F_EC_GROUP_GET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 422 | ECerr(EC_F_EC_GROUP_GET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 192 | return 0; | 423 | return 0; |
| 193 | } | 424 | } |
| 194 | return group->meth->group_get_curve_GFp(group, p, a, b, ctx); | 425 | return group->meth->group_get_curve(group, p, a, b, ctx); |
| 195 | } | 426 | } |
| 196 | 427 | ||
| 197 | 428 | ||
| 198 | int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor) | 429 | int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) |
| 199 | { | 430 | { |
| 200 | if (group->meth->group_set_generator == 0) | 431 | if (group->meth->group_set_curve == 0) |
| 201 | { | 432 | { |
| 202 | ECerr(EC_F_EC_GROUP_SET_GENERATOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 433 | ECerr(EC_F_EC_GROUP_SET_CURVE_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 203 | return 0; | 434 | return 0; |
| 204 | } | 435 | } |
| 205 | return group->meth->group_set_generator(group, generator, order, cofactor); | 436 | return group->meth->group_set_curve(group, p, a, b, ctx); |
| 206 | } | 437 | } |
| 207 | 438 | ||
| 208 | 439 | ||
| 209 | EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group) | 440 | int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) |
| 210 | { | 441 | { |
| 211 | if (group->meth->group_get0_generator == 0) | 442 | if (group->meth->group_get_curve == 0) |
| 212 | { | 443 | { |
| 213 | ECerr(EC_F_EC_GROUP_GET0_GENERATOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 444 | ECerr(EC_F_EC_GROUP_GET_CURVE_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 214 | return 0; | 445 | return 0; |
| 215 | } | 446 | } |
| 216 | return group->meth->group_get0_generator(group); | 447 | return group->meth->group_get_curve(group, p, a, b, ctx); |
| 217 | } | 448 | } |
| 218 | 449 | ||
| 219 | 450 | ||
| 220 | int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx) | 451 | int EC_GROUP_get_degree(const EC_GROUP *group) |
| 221 | { | 452 | { |
| 222 | if (group->meth->group_get_order == 0) | 453 | if (group->meth->group_get_degree == 0) |
| 223 | { | 454 | { |
| 224 | ECerr(EC_F_EC_GROUP_GET_ORDER, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 455 | ECerr(EC_F_EC_GROUP_GET_DEGREE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 225 | return 0; | 456 | return 0; |
| 226 | } | 457 | } |
| 227 | return group->meth->group_get_order(group, order, ctx); | 458 | return group->meth->group_get_degree(group); |
| 228 | } | 459 | } |
| 229 | 460 | ||
| 230 | 461 | ||
| 231 | int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx) | 462 | int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx) |
| 232 | { | 463 | { |
| 233 | if (group->meth->group_get_cofactor == 0) | 464 | if (group->meth->group_check_discriminant == 0) |
| 234 | { | 465 | { |
| 235 | ECerr(EC_F_EC_GROUP_GET_COFACTOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 466 | ECerr(EC_F_EC_GROUP_CHECK_DISCRIMINANT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 236 | return 0; | 467 | return 0; |
| 237 | } | 468 | } |
| 238 | return group->meth->group_get_cofactor(group, cofactor, ctx); | 469 | return group->meth->group_check_discriminant(group, ctx); |
| 239 | } | 470 | } |
| 240 | 471 | ||
| 241 | 472 | ||
| 242 | /* this has 'package' visibility */ | 473 | int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx) |
| 243 | int EC_GROUP_set_extra_data(EC_GROUP *group, void *extra_data, void *(*extra_data_dup_func)(void *), | ||
| 244 | void (*extra_data_free_func)(void *), void (*extra_data_clear_free_func)(void *)) | ||
| 245 | { | 474 | { |
| 246 | if ((group->extra_data != NULL) | 475 | int r = 0; |
| 247 | || (group->extra_data_dup_func != 0) | 476 | BIGNUM *a1, *a2, *a3, *b1, *b2, *b3; |
| 248 | || (group->extra_data_free_func != 0) | 477 | BN_CTX *ctx_new = NULL; |
| 249 | || (group->extra_data_clear_free_func != 0)) | 478 | |
| 250 | { | 479 | /* compare the field types*/ |
| 251 | ECerr(EC_F_EC_GROUP_SET_EXTRA_DATA, EC_R_SLOT_FULL); | 480 | if (EC_METHOD_get_field_type(EC_GROUP_method_of(a)) != |
| 481 | EC_METHOD_get_field_type(EC_GROUP_method_of(b))) | ||
| 482 | return 1; | ||
| 483 | /* compare the curve name (if present) */ | ||
| 484 | if (EC_GROUP_get_curve_name(a) && EC_GROUP_get_curve_name(b) && | ||
| 485 | EC_GROUP_get_curve_name(a) == EC_GROUP_get_curve_name(b)) | ||
| 252 | return 0; | 486 | return 0; |
| 487 | |||
| 488 | if (!ctx) | ||
| 489 | ctx_new = ctx = BN_CTX_new(); | ||
| 490 | if (!ctx) | ||
| 491 | return -1; | ||
| 492 | |||
| 493 | BN_CTX_start(ctx); | ||
| 494 | a1 = BN_CTX_get(ctx); | ||
| 495 | a2 = BN_CTX_get(ctx); | ||
| 496 | a3 = BN_CTX_get(ctx); | ||
| 497 | b1 = BN_CTX_get(ctx); | ||
| 498 | b2 = BN_CTX_get(ctx); | ||
| 499 | b3 = BN_CTX_get(ctx); | ||
| 500 | if (!b3) | ||
| 501 | { | ||
| 502 | BN_CTX_end(ctx); | ||
| 503 | if (ctx_new) | ||
| 504 | BN_CTX_free(ctx); | ||
| 505 | return -1; | ||
| 253 | } | 506 | } |
| 254 | 507 | ||
| 255 | group->extra_data = extra_data; | 508 | /* XXX This approach assumes that the external representation |
| 256 | group->extra_data_dup_func = extra_data_dup_func; | 509 | * of curves over the same field type is the same. |
| 257 | group->extra_data_free_func = extra_data_free_func; | 510 | */ |
| 258 | group->extra_data_clear_free_func = extra_data_clear_free_func; | 511 | if (!a->meth->group_get_curve(a, a1, a2, a3, ctx) || |
| 259 | return 1; | 512 | !b->meth->group_get_curve(b, b1, b2, b3, ctx)) |
| 513 | r = 1; | ||
| 514 | |||
| 515 | if (r || BN_cmp(a1, b1) || BN_cmp(a2, b2) || BN_cmp(a3, b3)) | ||
| 516 | r = 1; | ||
| 517 | |||
| 518 | /* XXX EC_POINT_cmp() assumes that the methods are equal */ | ||
| 519 | if (r || EC_POINT_cmp(a, EC_GROUP_get0_generator(a), | ||
| 520 | EC_GROUP_get0_generator(b), ctx)) | ||
| 521 | r = 1; | ||
| 522 | |||
| 523 | if (!r) | ||
| 524 | { | ||
| 525 | /* compare the order and cofactor */ | ||
| 526 | if (!EC_GROUP_get_order(a, a1, ctx) || | ||
| 527 | !EC_GROUP_get_order(b, b1, ctx) || | ||
| 528 | !EC_GROUP_get_cofactor(a, a2, ctx) || | ||
| 529 | !EC_GROUP_get_cofactor(b, b2, ctx)) | ||
| 530 | { | ||
| 531 | BN_CTX_end(ctx); | ||
| 532 | if (ctx_new) | ||
| 533 | BN_CTX_free(ctx); | ||
| 534 | return -1; | ||
| 535 | } | ||
| 536 | if (BN_cmp(a1, b1) || BN_cmp(a2, b2)) | ||
| 537 | r = 1; | ||
| 538 | } | ||
| 539 | |||
| 540 | BN_CTX_end(ctx); | ||
| 541 | if (ctx_new) | ||
| 542 | BN_CTX_free(ctx); | ||
| 543 | |||
| 544 | return r; | ||
| 260 | } | 545 | } |
| 261 | 546 | ||
| 262 | 547 | ||
| 263 | /* this has 'package' visibility */ | 548 | /* this has 'package' visibility */ |
| 264 | void *EC_GROUP_get_extra_data(const EC_GROUP *group, void *(*extra_data_dup_func)(void *), | 549 | int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data, |
| 265 | void (*extra_data_free_func)(void *), void (*extra_data_clear_free_func)(void *)) | 550 | void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) |
| 266 | { | 551 | { |
| 267 | if ((group->extra_data_dup_func != extra_data_dup_func) | 552 | EC_EXTRA_DATA *d; |
| 268 | || (group->extra_data_free_func != extra_data_free_func) | 553 | |
| 269 | || (group->extra_data_clear_free_func != extra_data_clear_free_func)) | 554 | if (ex_data == NULL) |
| 555 | return 0; | ||
| 556 | |||
| 557 | for (d = *ex_data; d != NULL; d = d->next) | ||
| 270 | { | 558 | { |
| 271 | #if 0 /* this was an error in 0.9.7, but that does not make a lot of sense */ | 559 | if (d->dup_func == dup_func && d->free_func == free_func && d->clear_free_func == clear_free_func) |
| 272 | ECerr(..._F_EC_GROUP_GET_EXTRA_DATA, ..._R_NO_SUCH_EXTRA_DATA); | 560 | { |
| 273 | #endif | 561 | ECerr(EC_F_EC_EX_DATA_SET_DATA, EC_R_SLOT_FULL); |
| 274 | return NULL; | 562 | return 0; |
| 563 | } | ||
| 275 | } | 564 | } |
| 276 | 565 | ||
| 277 | return group->extra_data; | 566 | if (data == NULL) |
| 567 | /* no explicit entry needed */ | ||
| 568 | return 1; | ||
| 569 | |||
| 570 | d = OPENSSL_malloc(sizeof *d); | ||
| 571 | if (d == NULL) | ||
| 572 | return 0; | ||
| 573 | |||
| 574 | d->data = data; | ||
| 575 | d->dup_func = dup_func; | ||
| 576 | d->free_func = free_func; | ||
| 577 | d->clear_free_func = clear_free_func; | ||
| 578 | |||
| 579 | d->next = *ex_data; | ||
| 580 | *ex_data = d; | ||
| 581 | |||
| 582 | return 1; | ||
| 278 | } | 583 | } |
| 279 | 584 | ||
| 585 | /* this has 'package' visibility */ | ||
| 586 | void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *ex_data, | ||
| 587 | void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) | ||
| 588 | { | ||
| 589 | const EC_EXTRA_DATA *d; | ||
| 590 | |||
| 591 | for (d = ex_data; d != NULL; d = d->next) | ||
| 592 | { | ||
| 593 | if (d->dup_func == dup_func && d->free_func == free_func && d->clear_free_func == clear_free_func) | ||
| 594 | return d->data; | ||
| 595 | } | ||
| 596 | |||
| 597 | return NULL; | ||
| 598 | } | ||
| 280 | 599 | ||
| 281 | /* this has 'package' visibility */ | 600 | /* this has 'package' visibility */ |
| 282 | void EC_GROUP_free_extra_data(EC_GROUP *group) | 601 | void EC_EX_DATA_free_data(EC_EXTRA_DATA **ex_data, |
| 602 | void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) | ||
| 283 | { | 603 | { |
| 284 | if (group->extra_data_free_func) | 604 | EC_EXTRA_DATA **p; |
| 285 | group->extra_data_free_func(group->extra_data); | 605 | |
| 286 | group->extra_data = NULL; | 606 | if (ex_data == NULL) |
| 287 | group->extra_data_dup_func = 0; | 607 | return; |
| 288 | group->extra_data_free_func = 0; | 608 | |
| 289 | group->extra_data_clear_free_func = 0; | 609 | for (p = ex_data; *p != NULL; p = &((*p)->next)) |
| 610 | { | ||
| 611 | if ((*p)->dup_func == dup_func && (*p)->free_func == free_func && (*p)->clear_free_func == clear_free_func) | ||
| 612 | { | ||
| 613 | EC_EXTRA_DATA *next = (*p)->next; | ||
| 614 | |||
| 615 | (*p)->free_func((*p)->data); | ||
| 616 | OPENSSL_free(*p); | ||
| 617 | |||
| 618 | *p = next; | ||
| 619 | return; | ||
| 620 | } | ||
| 621 | } | ||
| 290 | } | 622 | } |
| 291 | 623 | ||
| 624 | /* this has 'package' visibility */ | ||
| 625 | void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **ex_data, | ||
| 626 | void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) | ||
| 627 | { | ||
| 628 | EC_EXTRA_DATA **p; | ||
| 629 | |||
| 630 | if (ex_data == NULL) | ||
| 631 | return; | ||
| 632 | |||
| 633 | for (p = ex_data; *p != NULL; p = &((*p)->next)) | ||
| 634 | { | ||
| 635 | if ((*p)->dup_func == dup_func && (*p)->free_func == free_func && (*p)->clear_free_func == clear_free_func) | ||
| 636 | { | ||
| 637 | EC_EXTRA_DATA *next = (*p)->next; | ||
| 638 | |||
| 639 | (*p)->clear_free_func((*p)->data); | ||
| 640 | OPENSSL_free(*p); | ||
| 641 | |||
| 642 | *p = next; | ||
| 643 | return; | ||
| 644 | } | ||
| 645 | } | ||
| 646 | } | ||
| 292 | 647 | ||
| 293 | /* this has 'package' visibility */ | 648 | /* this has 'package' visibility */ |
| 294 | void EC_GROUP_clear_free_extra_data(EC_GROUP *group) | 649 | void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **ex_data) |
| 295 | { | 650 | { |
| 296 | if (group->extra_data_clear_free_func) | 651 | EC_EXTRA_DATA *d; |
| 297 | group->extra_data_clear_free_func(group->extra_data); | 652 | |
| 298 | else if (group->extra_data_free_func) | 653 | if (ex_data == NULL) |
| 299 | group->extra_data_free_func(group->extra_data); | 654 | return; |
| 300 | group->extra_data = NULL; | 655 | |
| 301 | group->extra_data_dup_func = 0; | 656 | d = *ex_data; |
| 302 | group->extra_data_free_func = 0; | 657 | while (d) |
| 303 | group->extra_data_clear_free_func = 0; | 658 | { |
| 659 | EC_EXTRA_DATA *next = d->next; | ||
| 660 | |||
| 661 | d->free_func(d->data); | ||
| 662 | OPENSSL_free(d); | ||
| 663 | |||
| 664 | d = next; | ||
| 665 | } | ||
| 666 | *ex_data = NULL; | ||
| 304 | } | 667 | } |
| 305 | 668 | ||
| 669 | /* this has 'package' visibility */ | ||
| 670 | void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **ex_data) | ||
| 671 | { | ||
| 672 | EC_EXTRA_DATA *d; | ||
| 673 | |||
| 674 | if (ex_data == NULL) | ||
| 675 | return; | ||
| 676 | |||
| 677 | d = *ex_data; | ||
| 678 | while (d) | ||
| 679 | { | ||
| 680 | EC_EXTRA_DATA *next = d->next; | ||
| 681 | |||
| 682 | d->clear_free_func(d->data); | ||
| 683 | OPENSSL_free(d); | ||
| 684 | |||
| 685 | d = next; | ||
| 686 | } | ||
| 687 | *ex_data = NULL; | ||
| 688 | } | ||
| 306 | 689 | ||
| 307 | 690 | ||
| 308 | /* functions for EC_POINT objects */ | 691 | /* functions for EC_POINT objects */ |
| @@ -382,6 +765,25 @@ int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src) | |||
| 382 | } | 765 | } |
| 383 | 766 | ||
| 384 | 767 | ||
| 768 | EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) | ||
| 769 | { | ||
| 770 | EC_POINT *t; | ||
| 771 | int r; | ||
| 772 | |||
| 773 | if (a == NULL) return NULL; | ||
| 774 | |||
| 775 | t = EC_POINT_new(group); | ||
| 776 | if (t == NULL) return(NULL); | ||
| 777 | r = EC_POINT_copy(t, a); | ||
| 778 | if (!r) | ||
| 779 | { | ||
| 780 | EC_POINT_free(t); | ||
| 781 | return NULL; | ||
| 782 | } | ||
| 783 | else return t; | ||
| 784 | } | ||
| 785 | |||
| 786 | |||
| 385 | const EC_METHOD *EC_POINT_method_of(const EC_POINT *point) | 787 | const EC_METHOD *EC_POINT_method_of(const EC_POINT *point) |
| 386 | { | 788 | { |
| 387 | return point->meth; | 789 | return point->meth; |
| @@ -441,7 +843,7 @@ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group, const EC_POI | |||
| 441 | int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, | 843 | int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, |
| 442 | const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) | 844 | const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) |
| 443 | { | 845 | { |
| 444 | if (group->meth->point_set_affine_coordinates_GFp == 0) | 846 | if (group->meth->point_set_affine_coordinates == 0) |
| 445 | { | 847 | { |
| 446 | ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 848 | ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 447 | return 0; | 849 | return 0; |
| @@ -451,14 +853,31 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, | |||
| 451 | ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS); | 853 | ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS); |
| 452 | return 0; | 854 | return 0; |
| 453 | } | 855 | } |
| 454 | return group->meth->point_set_affine_coordinates_GFp(group, point, x, y, ctx); | 856 | return group->meth->point_set_affine_coordinates(group, point, x, y, ctx); |
| 857 | } | ||
| 858 | |||
| 859 | |||
| 860 | int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *point, | ||
| 861 | const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) | ||
| 862 | { | ||
| 863 | if (group->meth->point_set_affine_coordinates == 0) | ||
| 864 | { | ||
| 865 | ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | ||
| 866 | return 0; | ||
| 867 | } | ||
| 868 | if (group->meth != point->meth) | ||
| 869 | { | ||
| 870 | ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M, EC_R_INCOMPATIBLE_OBJECTS); | ||
| 871 | return 0; | ||
| 872 | } | ||
| 873 | return group->meth->point_set_affine_coordinates(group, point, x, y, ctx); | ||
| 455 | } | 874 | } |
| 456 | 875 | ||
| 457 | 876 | ||
| 458 | int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point, | 877 | int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point, |
| 459 | BIGNUM *x, BIGNUM *y, BN_CTX *ctx) | 878 | BIGNUM *x, BIGNUM *y, BN_CTX *ctx) |
| 460 | { | 879 | { |
| 461 | if (group->meth->point_get_affine_coordinates_GFp == 0) | 880 | if (group->meth->point_get_affine_coordinates == 0) |
| 462 | { | 881 | { |
| 463 | ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 882 | ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 464 | return 0; | 883 | return 0; |
| @@ -468,14 +887,31 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *p | |||
| 468 | ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS); | 887 | ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS); |
| 469 | return 0; | 888 | return 0; |
| 470 | } | 889 | } |
| 471 | return group->meth->point_get_affine_coordinates_GFp(group, point, x, y, ctx); | 890 | return group->meth->point_get_affine_coordinates(group, point, x, y, ctx); |
| 891 | } | ||
| 892 | |||
| 893 | |||
| 894 | int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group, const EC_POINT *point, | ||
| 895 | BIGNUM *x, BIGNUM *y, BN_CTX *ctx) | ||
| 896 | { | ||
| 897 | if (group->meth->point_get_affine_coordinates == 0) | ||
| 898 | { | ||
| 899 | ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | ||
| 900 | return 0; | ||
| 901 | } | ||
| 902 | if (group->meth != point->meth) | ||
| 903 | { | ||
| 904 | ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M, EC_R_INCOMPATIBLE_OBJECTS); | ||
| 905 | return 0; | ||
| 906 | } | ||
| 907 | return group->meth->point_get_affine_coordinates(group, point, x, y, ctx); | ||
| 472 | } | 908 | } |
| 473 | 909 | ||
| 474 | 910 | ||
| 475 | int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, | 911 | int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, |
| 476 | const BIGNUM *x, int y_bit, BN_CTX *ctx) | 912 | const BIGNUM *x, int y_bit, BN_CTX *ctx) |
| 477 | { | 913 | { |
| 478 | if (group->meth->point_set_compressed_coordinates_GFp == 0) | 914 | if (group->meth->point_set_compressed_coordinates == 0) |
| 479 | { | 915 | { |
| 480 | ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 916 | ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 481 | return 0; | 917 | return 0; |
| @@ -485,7 +921,24 @@ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *poi | |||
| 485 | ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS); | 921 | ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS); |
| 486 | return 0; | 922 | return 0; |
| 487 | } | 923 | } |
| 488 | return group->meth->point_set_compressed_coordinates_GFp(group, point, x, y_bit, ctx); | 924 | return group->meth->point_set_compressed_coordinates(group, point, x, y_bit, ctx); |
| 925 | } | ||
| 926 | |||
| 927 | |||
| 928 | int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *point, | ||
| 929 | const BIGNUM *x, int y_bit, BN_CTX *ctx) | ||
| 930 | { | ||
| 931 | if (group->meth->point_set_compressed_coordinates == 0) | ||
| 932 | { | ||
| 933 | ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | ||
| 934 | return 0; | ||
| 935 | } | ||
| 936 | if (group->meth != point->meth) | ||
| 937 | { | ||
| 938 | ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M, EC_R_INCOMPATIBLE_OBJECTS); | ||
| 939 | return 0; | ||
| 940 | } | ||
| 941 | return group->meth->point_set_compressed_coordinates(group, point, x, y_bit, ctx); | ||
| 489 | } | 942 | } |
| 490 | 943 | ||
| 491 | 944 | ||
| @@ -559,12 +1012,12 @@ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx) | |||
| 559 | { | 1012 | { |
| 560 | if (group->meth->dbl == 0) | 1013 | if (group->meth->dbl == 0) |
| 561 | { | 1014 | { |
| 562 | ECerr(EC_F_EC_POINT_DBL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 1015 | ECerr(EC_F_EC_POINT_INVERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 563 | return 0; | 1016 | return 0; |
| 564 | } | 1017 | } |
| 565 | if (group->meth != a->meth) | 1018 | if (group->meth != a->meth) |
| 566 | { | 1019 | { |
| 567 | ECerr(EC_F_EC_POINT_DBL, EC_R_INCOMPATIBLE_OBJECTS); | 1020 | ECerr(EC_F_EC_POINT_INVERT, EC_R_INCOMPATIBLE_OBJECTS); |
| 568 | return 0; | 1021 | return 0; |
| 569 | } | 1022 | } |
| 570 | return group->meth->invert(group, a, ctx); | 1023 | return group->meth->invert(group, a, ctx); |
| @@ -654,3 +1107,58 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], | |||
| 654 | } | 1107 | } |
| 655 | return group->meth->points_make_affine(group, num, points, ctx); | 1108 | return group->meth->points_make_affine(group, num, points, ctx); |
| 656 | } | 1109 | } |
| 1110 | |||
| 1111 | |||
| 1112 | /* Functions for point multiplication. | ||
| 1113 | * | ||
| 1114 | * If group->meth->mul is 0, we use the wNAF-based implementations in ec_mult.c; | ||
| 1115 | * otherwise we dispatch through methods. | ||
| 1116 | */ | ||
| 1117 | |||
| 1118 | int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | ||
| 1119 | size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx) | ||
| 1120 | { | ||
| 1121 | if (group->meth->mul == 0) | ||
| 1122 | /* use default */ | ||
| 1123 | return ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx); | ||
| 1124 | |||
| 1125 | return group->meth->mul(group, r, scalar, num, points, scalars, ctx); | ||
| 1126 | } | ||
| 1127 | |||
| 1128 | int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar, | ||
| 1129 | const EC_POINT *point, const BIGNUM *p_scalar, BN_CTX *ctx) | ||
| 1130 | { | ||
| 1131 | /* just a convenient interface to EC_POINTs_mul() */ | ||
| 1132 | |||
| 1133 | const EC_POINT *points[1]; | ||
| 1134 | const BIGNUM *scalars[1]; | ||
| 1135 | |||
| 1136 | points[0] = point; | ||
| 1137 | scalars[0] = p_scalar; | ||
| 1138 | |||
| 1139 | return EC_POINTs_mul(group, r, g_scalar, (point != NULL && p_scalar != NULL), points, scalars, ctx); | ||
| 1140 | } | ||
| 1141 | |||
| 1142 | int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx) | ||
| 1143 | { | ||
| 1144 | if (group->meth->mul == 0) | ||
| 1145 | /* use default */ | ||
| 1146 | return ec_wNAF_precompute_mult(group, ctx); | ||
| 1147 | |||
| 1148 | if (group->meth->precompute_mult != 0) | ||
| 1149 | return group->meth->precompute_mult(group, ctx); | ||
| 1150 | else | ||
| 1151 | return 1; /* nothing to do, so report success */ | ||
| 1152 | } | ||
| 1153 | |||
| 1154 | int EC_GROUP_have_precompute_mult(const EC_GROUP *group) | ||
| 1155 | { | ||
| 1156 | if (group->meth->mul == 0) | ||
| 1157 | /* use default */ | ||
| 1158 | return ec_wNAF_have_precompute_mult(group); | ||
| 1159 | |||
| 1160 | if (group->meth->have_precompute_mult != 0) | ||
| 1161 | return group->meth->have_precompute_mult(group); | ||
| 1162 | else | ||
| 1163 | return 0; /* cannot tell whether precomputation has been performed */ | ||
| 1164 | } | ||
diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c index 16822a73cf..2ba173ef36 100644 --- a/src/lib/libcrypto/ec/ec_mult.c +++ b/src/lib/libcrypto/ec/ec_mult.c | |||
| @@ -1,6 +1,9 @@ | |||
| 1 | /* crypto/ec/ec_mult.c */ | 1 | /* crypto/ec/ec_mult.c */ |
| 2 | /* | ||
| 3 | * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. | ||
| 4 | */ | ||
| 2 | /* ==================================================================== | 5 | /* ==================================================================== |
| 3 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. |
| 4 | * | 7 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -52,41 +55,161 @@ | |||
| 52 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 53 | * | 56 | * |
| 54 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * Portions of this software developed by SUN MICROSYSTEMS, INC., | ||
| 61 | * and contributed to the OpenSSL project. | ||
| 62 | */ | ||
| 63 | |||
| 64 | #include <string.h> | ||
| 55 | 65 | ||
| 56 | #include <openssl/err.h> | 66 | #include <openssl/err.h> |
| 57 | 67 | ||
| 58 | #include "ec_lcl.h" | 68 | #include "ec_lcl.h" |
| 59 | 69 | ||
| 60 | 70 | ||
| 61 | /* TODO: optional precomputation of multiples of the generator */ | 71 | /* |
| 72 | * This file implements the wNAF-based interleaving multi-exponentation method | ||
| 73 | * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#multiexp>); | ||
| 74 | * for multiplication with precomputation, we use wNAF splitting | ||
| 75 | * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#fastexp>). | ||
| 76 | */ | ||
| 62 | 77 | ||
| 63 | 78 | ||
| 64 | 79 | ||
| 65 | /* | 80 | |
| 66 | * wNAF-based interleaving multi-exponentation method | 81 | /* structure for precomputed multiples of the generator */ |
| 67 | * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#multiexp>) | 82 | typedef struct ec_pre_comp_st { |
| 68 | */ | 83 | const EC_GROUP *group; /* parent EC_GROUP object */ |
| 84 | size_t blocksize; /* block size for wNAF splitting */ | ||
| 85 | size_t numblocks; /* max. number of blocks for which we have precomputation */ | ||
| 86 | size_t w; /* window size */ | ||
| 87 | EC_POINT **points; /* array with pre-calculated multiples of generator: | ||
| 88 | * 'num' pointers to EC_POINT objects followed by a NULL */ | ||
| 89 | size_t num; /* numblocks * 2^(w-1) */ | ||
| 90 | int references; | ||
| 91 | } EC_PRE_COMP; | ||
| 92 | |||
| 93 | /* functions to manage EC_PRE_COMP within the EC_GROUP extra_data framework */ | ||
| 94 | static void *ec_pre_comp_dup(void *); | ||
| 95 | static void ec_pre_comp_free(void *); | ||
| 96 | static void ec_pre_comp_clear_free(void *); | ||
| 97 | |||
| 98 | static EC_PRE_COMP *ec_pre_comp_new(const EC_GROUP *group) | ||
| 99 | { | ||
| 100 | EC_PRE_COMP *ret = NULL; | ||
| 101 | |||
| 102 | if (!group) | ||
| 103 | return NULL; | ||
| 104 | |||
| 105 | ret = (EC_PRE_COMP *)OPENSSL_malloc(sizeof(EC_PRE_COMP)); | ||
| 106 | if (!ret) | ||
| 107 | { | ||
| 108 | ECerr(EC_F_EC_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); | ||
| 109 | return ret; | ||
| 110 | } | ||
| 111 | ret->group = group; | ||
| 112 | ret->blocksize = 8; /* default */ | ||
| 113 | ret->numblocks = 0; | ||
| 114 | ret->w = 4; /* default */ | ||
| 115 | ret->points = NULL; | ||
| 116 | ret->num = 0; | ||
| 117 | ret->references = 1; | ||
| 118 | return ret; | ||
| 119 | } | ||
| 120 | |||
| 121 | static void *ec_pre_comp_dup(void *src_) | ||
| 122 | { | ||
| 123 | EC_PRE_COMP *src = src_; | ||
| 124 | |||
| 125 | /* no need to actually copy, these objects never change! */ | ||
| 126 | |||
| 127 | CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP); | ||
| 128 | |||
| 129 | return src_; | ||
| 130 | } | ||
| 131 | |||
| 132 | static void ec_pre_comp_free(void *pre_) | ||
| 133 | { | ||
| 134 | int i; | ||
| 135 | EC_PRE_COMP *pre = pre_; | ||
| 136 | |||
| 137 | if (!pre) | ||
| 138 | return; | ||
| 139 | |||
| 140 | i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP); | ||
| 141 | if (i > 0) | ||
| 142 | return; | ||
| 143 | |||
| 144 | if (pre->points) | ||
| 145 | { | ||
| 146 | EC_POINT **p; | ||
| 147 | |||
| 148 | for (p = pre->points; *p != NULL; p++) | ||
| 149 | EC_POINT_free(*p); | ||
| 150 | OPENSSL_free(pre->points); | ||
| 151 | } | ||
| 152 | OPENSSL_free(pre); | ||
| 153 | } | ||
| 154 | |||
| 155 | static void ec_pre_comp_clear_free(void *pre_) | ||
| 156 | { | ||
| 157 | int i; | ||
| 158 | EC_PRE_COMP *pre = pre_; | ||
| 159 | |||
| 160 | if (!pre) | ||
| 161 | return; | ||
| 162 | |||
| 163 | i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP); | ||
| 164 | if (i > 0) | ||
| 165 | return; | ||
| 166 | |||
| 167 | if (pre->points) | ||
| 168 | { | ||
| 169 | EC_POINT **p; | ||
| 170 | |||
| 171 | for (p = pre->points; *p != NULL; p++) | ||
| 172 | EC_POINT_clear_free(*p); | ||
| 173 | OPENSSL_cleanse(pre->points, sizeof pre->points); | ||
| 174 | OPENSSL_free(pre->points); | ||
| 175 | } | ||
| 176 | OPENSSL_cleanse(pre, sizeof pre); | ||
| 177 | OPENSSL_free(pre); | ||
| 178 | } | ||
| 179 | |||
| 69 | 180 | ||
| 70 | 181 | ||
| 71 | /* Determine the width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'. | 182 | |
| 183 | /* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'. | ||
| 72 | * This is an array r[] of values that are either zero or odd with an | 184 | * This is an array r[] of values that are either zero or odd with an |
| 73 | * absolute value less than 2^w satisfying | 185 | * absolute value less than 2^w satisfying |
| 74 | * scalar = \sum_j r[j]*2^j | 186 | * scalar = \sum_j r[j]*2^j |
| 75 | * where at most one of any w+1 consecutive digits is non-zero. | 187 | * where at most one of any w+1 consecutive digits is non-zero |
| 188 | * with the exception that the most significant digit may be only | ||
| 189 | * w-1 zeros away from that next non-zero digit. | ||
| 76 | */ | 190 | */ |
| 77 | static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, BN_CTX *ctx) | 191 | static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) |
| 78 | { | 192 | { |
| 79 | BIGNUM *c; | 193 | int window_val; |
| 80 | int ok = 0; | 194 | int ok = 0; |
| 81 | signed char *r = NULL; | 195 | signed char *r = NULL; |
| 82 | int sign = 1; | 196 | int sign = 1; |
| 83 | int bit, next_bit, mask; | 197 | int bit, next_bit, mask; |
| 84 | size_t len = 0, j; | 198 | size_t len = 0, j; |
| 85 | 199 | ||
| 86 | BN_CTX_start(ctx); | 200 | if (BN_is_zero(scalar)) |
| 87 | c = BN_CTX_get(ctx); | 201 | { |
| 88 | if (c == NULL) goto err; | 202 | r = OPENSSL_malloc(1); |
| 89 | 203 | if (!r) | |
| 204 | { | ||
| 205 | ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE); | ||
| 206 | goto err; | ||
| 207 | } | ||
| 208 | r[0] = 0; | ||
| 209 | *ret_len = 1; | ||
| 210 | return r; | ||
| 211 | } | ||
| 212 | |||
| 90 | if (w <= 0 || w > 7) /* 'signed char' can represent integers with absolute values less than 2^7 */ | 213 | if (w <= 0 || w > 7) /* 'signed char' can represent integers with absolute values less than 2^7 */ |
| 91 | { | 214 | { |
| 92 | ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); | 215 | ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); |
| @@ -96,60 +219,90 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, B | |||
| 96 | next_bit = bit << 1; /* at most 256 */ | 219 | next_bit = bit << 1; /* at most 256 */ |
| 97 | mask = next_bit - 1; /* at most 255 */ | 220 | mask = next_bit - 1; /* at most 255 */ |
| 98 | 221 | ||
| 99 | if (!BN_copy(c, scalar)) goto err; | 222 | if (BN_is_negative(scalar)) |
| 100 | if (c->neg) | ||
| 101 | { | 223 | { |
| 102 | sign = -1; | 224 | sign = -1; |
| 103 | c->neg = 0; | ||
| 104 | } | 225 | } |
| 105 | 226 | ||
| 106 | len = BN_num_bits(c) + 1; /* wNAF may be one digit longer than binary representation */ | 227 | len = BN_num_bits(scalar); |
| 107 | r = OPENSSL_malloc(len); | 228 | r = OPENSSL_malloc(len + 1); /* modified wNAF may be one digit longer than binary representation |
| 108 | if (r == NULL) goto err; | 229 | * (*ret_len will be set to the actual length, i.e. at most |
| 230 | * BN_num_bits(scalar) + 1) */ | ||
| 231 | if (r == NULL) | ||
| 232 | { | ||
| 233 | ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE); | ||
| 234 | goto err; | ||
| 235 | } | ||
| 109 | 236 | ||
| 237 | if (scalar->d == NULL || scalar->top == 0) | ||
| 238 | { | ||
| 239 | ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); | ||
| 240 | goto err; | ||
| 241 | } | ||
| 242 | window_val = scalar->d[0] & mask; | ||
| 110 | j = 0; | 243 | j = 0; |
| 111 | while (!BN_is_zero(c)) | 244 | while ((window_val != 0) || (j + w + 1 < len)) /* if j+w+1 >= len, window_val will not increase */ |
| 112 | { | 245 | { |
| 113 | int u = 0; | 246 | int digit = 0; |
| 114 | 247 | ||
| 115 | if (BN_is_odd(c)) | 248 | /* 0 <= window_val <= 2^(w+1) */ |
| 249 | |||
| 250 | if (window_val & 1) | ||
| 116 | { | 251 | { |
| 117 | if (c->d == NULL || c->top == 0) | 252 | /* 0 < window_val < 2^(w+1) */ |
| 253 | |||
| 254 | if (window_val & bit) | ||
| 118 | { | 255 | { |
| 119 | ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); | 256 | digit = window_val - next_bit; /* -2^w < digit < 0 */ |
| 120 | goto err; | 257 | |
| 258 | #if 1 /* modified wNAF */ | ||
| 259 | if (j + w + 1 >= len) | ||
| 260 | { | ||
| 261 | /* special case for generating modified wNAFs: | ||
| 262 | * no new bits will be added into window_val, | ||
| 263 | * so using a positive digit here will decrease | ||
| 264 | * the total length of the representation */ | ||
| 265 | |||
| 266 | digit = window_val & (mask >> 1); /* 0 < digit < 2^w */ | ||
| 267 | } | ||
| 268 | #endif | ||
| 121 | } | 269 | } |
| 122 | u = c->d[0] & mask; | 270 | else |
| 123 | if (u & bit) | ||
| 124 | { | 271 | { |
| 125 | u -= next_bit; | 272 | digit = window_val; /* 0 < digit < 2^w */ |
| 126 | /* u < 0 */ | ||
| 127 | if (!BN_add_word(c, -u)) goto err; | ||
| 128 | } | 273 | } |
| 129 | else | 274 | |
| 275 | if (digit <= -bit || digit >= bit || !(digit & 1)) | ||
| 130 | { | 276 | { |
| 131 | /* u > 0 */ | 277 | ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); |
| 132 | if (!BN_sub_word(c, u)) goto err; | 278 | goto err; |
| 133 | } | 279 | } |
| 134 | 280 | ||
| 135 | if (u <= -bit || u >= bit || !(u & 1) || c->neg) | 281 | window_val -= digit; |
| 282 | |||
| 283 | /* now window_val is 0 or 2^(w+1) in standard wNAF generation; | ||
| 284 | * for modified window NAFs, it may also be 2^w | ||
| 285 | */ | ||
| 286 | if (window_val != 0 && window_val != next_bit && window_val != bit) | ||
| 136 | { | 287 | { |
| 137 | ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); | 288 | ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); |
| 138 | goto err; | 289 | goto err; |
| 139 | } | 290 | } |
| 140 | } | 291 | } |
| 141 | 292 | ||
| 142 | r[j++] = sign * u; | 293 | r[j++] = sign * digit; |
| 143 | 294 | ||
| 144 | if (BN_is_odd(c)) | 295 | window_val >>= 1; |
| 296 | window_val += bit * BN_is_bit_set(scalar, j + w); | ||
| 297 | |||
| 298 | if (window_val > next_bit) | ||
| 145 | { | 299 | { |
| 146 | ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); | 300 | ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); |
| 147 | goto err; | 301 | goto err; |
| 148 | } | 302 | } |
| 149 | if (!BN_rshift1(c, c)) goto err; | ||
| 150 | } | 303 | } |
| 151 | 304 | ||
| 152 | if (j > len) | 305 | if (j > len + 1) |
| 153 | { | 306 | { |
| 154 | ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); | 307 | ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); |
| 155 | goto err; | 308 | goto err; |
| @@ -158,7 +311,6 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, B | |||
| 158 | ok = 1; | 311 | ok = 1; |
| 159 | 312 | ||
| 160 | err: | 313 | err: |
| 161 | BN_CTX_end(ctx); | ||
| 162 | if (!ok) | 314 | if (!ok) |
| 163 | { | 315 | { |
| 164 | OPENSSL_free(r); | 316 | OPENSSL_free(r); |
| @@ -181,7 +333,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, B | |||
| 181 | (b) >= 300 ? 4 : \ | 333 | (b) >= 300 ? 4 : \ |
| 182 | (b) >= 70 ? 3 : \ | 334 | (b) >= 70 ? 3 : \ |
| 183 | (b) >= 20 ? 2 : \ | 335 | (b) >= 20 ? 2 : \ |
| 184 | 1)) | 336 | 1)) |
| 185 | 337 | ||
| 186 | /* Compute | 338 | /* Compute |
| 187 | * \sum scalars[i]*points[i], | 339 | * \sum scalars[i]*points[i], |
| @@ -189,13 +341,15 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, B | |||
| 189 | * scalar*generator | 341 | * scalar*generator |
| 190 | * in the addition if scalar != NULL | 342 | * in the addition if scalar != NULL |
| 191 | */ | 343 | */ |
| 192 | int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | 344 | int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, |
| 193 | size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx) | 345 | size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx) |
| 194 | { | 346 | { |
| 195 | BN_CTX *new_ctx = NULL; | 347 | BN_CTX *new_ctx = NULL; |
| 196 | EC_POINT *generator = NULL; | 348 | const EC_POINT *generator = NULL; |
| 197 | EC_POINT *tmp = NULL; | 349 | EC_POINT *tmp = NULL; |
| 198 | size_t totalnum; | 350 | size_t totalnum; |
| 351 | size_t blocksize = 0, numblocks = 0; /* for wNAF splitting */ | ||
| 352 | size_t pre_points_per_block = 0; | ||
| 199 | size_t i, j; | 353 | size_t i, j; |
| 200 | int k; | 354 | int k; |
| 201 | int r_is_inverted = 0; | 355 | int r_is_inverted = 0; |
| @@ -207,12 +361,15 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | |||
| 207 | size_t num_val; | 361 | size_t num_val; |
| 208 | EC_POINT **val = NULL; /* precomputation */ | 362 | EC_POINT **val = NULL; /* precomputation */ |
| 209 | EC_POINT **v; | 363 | EC_POINT **v; |
| 210 | EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' */ | 364 | EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' or 'pre_comp->points' */ |
| 365 | const EC_PRE_COMP *pre_comp = NULL; | ||
| 366 | int num_scalar = 0; /* flag: will be set to 1 if 'scalar' must be treated like other scalars, | ||
| 367 | * i.e. precomputation is not available */ | ||
| 211 | int ret = 0; | 368 | int ret = 0; |
| 212 | 369 | ||
| 213 | if (group->meth != r->meth) | 370 | if (group->meth != r->meth) |
| 214 | { | 371 | { |
| 215 | ECerr(EC_F_EC_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS); | 372 | ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS); |
| 216 | return 0; | 373 | return 0; |
| 217 | } | 374 | } |
| 218 | 375 | ||
| @@ -221,59 +378,226 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | |||
| 221 | return EC_POINT_set_to_infinity(group, r); | 378 | return EC_POINT_set_to_infinity(group, r); |
| 222 | } | 379 | } |
| 223 | 380 | ||
| 224 | if (scalar != NULL) | 381 | for (i = 0; i < num; i++) |
| 225 | { | 382 | { |
| 226 | generator = EC_GROUP_get0_generator(group); | 383 | if (group->meth != points[i]->meth) |
| 227 | if (generator == NULL) | ||
| 228 | { | 384 | { |
| 229 | ECerr(EC_F_EC_POINTS_MUL, EC_R_UNDEFINED_GENERATOR); | 385 | ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS); |
| 230 | return 0; | 386 | return 0; |
| 231 | } | 387 | } |
| 232 | } | 388 | } |
| 233 | 389 | ||
| 234 | for (i = 0; i < num; i++) | 390 | if (ctx == NULL) |
| 235 | { | 391 | { |
| 236 | if (group->meth != points[i]->meth) | 392 | ctx = new_ctx = BN_CTX_new(); |
| 393 | if (ctx == NULL) | ||
| 394 | goto err; | ||
| 395 | } | ||
| 396 | |||
| 397 | if (scalar != NULL) | ||
| 398 | { | ||
| 399 | generator = EC_GROUP_get0_generator(group); | ||
| 400 | if (generator == NULL) | ||
| 237 | { | 401 | { |
| 238 | ECerr(EC_F_EC_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS); | 402 | ECerr(EC_F_EC_WNAF_MUL, EC_R_UNDEFINED_GENERATOR); |
| 239 | return 0; | 403 | goto err; |
| 240 | } | 404 | } |
| 241 | } | 405 | |
| 406 | /* look if we can use precomputed multiples of generator */ | ||
| 407 | |||
| 408 | pre_comp = EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free); | ||
| 409 | |||
| 410 | if (pre_comp && pre_comp->numblocks && (EC_POINT_cmp(group, generator, pre_comp->points[0], ctx) == 0)) | ||
| 411 | { | ||
| 412 | blocksize = pre_comp->blocksize; | ||
| 242 | 413 | ||
| 243 | totalnum = num + (scalar != NULL); | 414 | /* determine maximum number of blocks that wNAF splitting may yield |
| 415 | * (NB: maximum wNAF length is bit length plus one) */ | ||
| 416 | numblocks = (BN_num_bits(scalar) / blocksize) + 1; | ||
| 244 | 417 | ||
| 245 | wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]); | 418 | /* we cannot use more blocks than we have precomputation for */ |
| 419 | if (numblocks > pre_comp->numblocks) | ||
| 420 | numblocks = pre_comp->numblocks; | ||
| 421 | |||
| 422 | pre_points_per_block = 1u << (pre_comp->w - 1); | ||
| 423 | |||
| 424 | /* check that pre_comp looks sane */ | ||
| 425 | if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) | ||
| 426 | { | ||
| 427 | ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); | ||
| 428 | goto err; | ||
| 429 | } | ||
| 430 | } | ||
| 431 | else | ||
| 432 | { | ||
| 433 | /* can't use precomputation */ | ||
| 434 | pre_comp = NULL; | ||
| 435 | numblocks = 1; | ||
| 436 | num_scalar = 1; /* treat 'scalar' like 'num'-th element of 'scalars' */ | ||
| 437 | } | ||
| 438 | } | ||
| 439 | |||
| 440 | totalnum = num + numblocks; | ||
| 441 | |||
| 442 | wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]); | ||
| 246 | wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]); | 443 | wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]); |
| 247 | wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); | 444 | wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space for pivot */ |
| 248 | if (wNAF != NULL) | 445 | val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]); |
| 446 | |||
| 447 | if (!wsize || !wNAF_len || !wNAF || !val_sub) | ||
| 249 | { | 448 | { |
| 250 | wNAF[0] = NULL; /* preliminary pivot */ | 449 | ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); |
| 450 | goto err; | ||
| 251 | } | 451 | } |
| 252 | if (wsize == NULL || wNAF_len == NULL || wNAF == NULL) goto err; | ||
| 253 | 452 | ||
| 254 | /* num_val := total number of points to precompute */ | 453 | wNAF[0] = NULL; /* preliminary pivot */ |
| 454 | |||
| 455 | /* num_val will be the total number of temporarily precomputed points */ | ||
| 255 | num_val = 0; | 456 | num_val = 0; |
| 256 | for (i = 0; i < totalnum; i++) | 457 | |
| 458 | for (i = 0; i < num + num_scalar; i++) | ||
| 257 | { | 459 | { |
| 258 | size_t bits; | 460 | size_t bits; |
| 259 | 461 | ||
| 260 | bits = i < num ? BN_num_bits(scalars[i]) : BN_num_bits(scalar); | 462 | bits = i < num ? BN_num_bits(scalars[i]) : BN_num_bits(scalar); |
| 261 | wsize[i] = EC_window_bits_for_scalar_size(bits); | 463 | wsize[i] = EC_window_bits_for_scalar_size(bits); |
| 262 | num_val += 1u << (wsize[i] - 1); | 464 | num_val += 1u << (wsize[i] - 1); |
| 465 | wNAF[i + 1] = NULL; /* make sure we always have a pivot */ | ||
| 466 | wNAF[i] = compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i]); | ||
| 467 | if (wNAF[i] == NULL) | ||
| 468 | goto err; | ||
| 469 | if (wNAF_len[i] > max_len) | ||
| 470 | max_len = wNAF_len[i]; | ||
| 471 | } | ||
| 472 | |||
| 473 | if (numblocks) | ||
| 474 | { | ||
| 475 | /* we go here iff scalar != NULL */ | ||
| 476 | |||
| 477 | if (pre_comp == NULL) | ||
| 478 | { | ||
| 479 | if (num_scalar != 1) | ||
| 480 | { | ||
| 481 | ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); | ||
| 482 | goto err; | ||
| 483 | } | ||
| 484 | /* we have already generated a wNAF for 'scalar' */ | ||
| 485 | } | ||
| 486 | else | ||
| 487 | { | ||
| 488 | signed char *tmp_wNAF = NULL; | ||
| 489 | size_t tmp_len = 0; | ||
| 490 | |||
| 491 | if (num_scalar != 0) | ||
| 492 | { | ||
| 493 | ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); | ||
| 494 | goto err; | ||
| 495 | } | ||
| 496 | |||
| 497 | /* use the window size for which we have precomputation */ | ||
| 498 | wsize[num] = pre_comp->w; | ||
| 499 | tmp_wNAF = compute_wNAF(scalar, wsize[num], &tmp_len); | ||
| 500 | if (!tmp_wNAF) | ||
| 501 | goto err; | ||
| 502 | |||
| 503 | if (tmp_len <= max_len) | ||
| 504 | { | ||
| 505 | /* One of the other wNAFs is at least as long | ||
| 506 | * as the wNAF belonging to the generator, | ||
| 507 | * so wNAF splitting will not buy us anything. */ | ||
| 508 | |||
| 509 | numblocks = 1; | ||
| 510 | totalnum = num + 1; /* don't use wNAF splitting */ | ||
| 511 | wNAF[num] = tmp_wNAF; | ||
| 512 | wNAF[num + 1] = NULL; | ||
| 513 | wNAF_len[num] = tmp_len; | ||
| 514 | if (tmp_len > max_len) | ||
| 515 | max_len = tmp_len; | ||
| 516 | /* pre_comp->points starts with the points that we need here: */ | ||
| 517 | val_sub[num] = pre_comp->points; | ||
| 518 | } | ||
| 519 | else | ||
| 520 | { | ||
| 521 | /* don't include tmp_wNAF directly into wNAF array | ||
| 522 | * - use wNAF splitting and include the blocks */ | ||
| 523 | |||
| 524 | signed char *pp; | ||
| 525 | EC_POINT **tmp_points; | ||
| 526 | |||
| 527 | if (tmp_len < numblocks * blocksize) | ||
| 528 | { | ||
| 529 | /* possibly we can do with fewer blocks than estimated */ | ||
| 530 | numblocks = (tmp_len + blocksize - 1) / blocksize; | ||
| 531 | if (numblocks > pre_comp->numblocks) | ||
| 532 | { | ||
| 533 | ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); | ||
| 534 | goto err; | ||
| 535 | } | ||
| 536 | totalnum = num + numblocks; | ||
| 537 | } | ||
| 538 | |||
| 539 | /* split wNAF in 'numblocks' parts */ | ||
| 540 | pp = tmp_wNAF; | ||
| 541 | tmp_points = pre_comp->points; | ||
| 542 | |||
| 543 | for (i = num; i < totalnum; i++) | ||
| 544 | { | ||
| 545 | if (i < totalnum - 1) | ||
| 546 | { | ||
| 547 | wNAF_len[i] = blocksize; | ||
| 548 | if (tmp_len < blocksize) | ||
| 549 | { | ||
| 550 | ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); | ||
| 551 | goto err; | ||
| 552 | } | ||
| 553 | tmp_len -= blocksize; | ||
| 554 | } | ||
| 555 | else | ||
| 556 | /* last block gets whatever is left | ||
| 557 | * (this could be more or less than 'blocksize'!) */ | ||
| 558 | wNAF_len[i] = tmp_len; | ||
| 559 | |||
| 560 | wNAF[i + 1] = NULL; | ||
| 561 | wNAF[i] = OPENSSL_malloc(wNAF_len[i]); | ||
| 562 | if (wNAF[i] == NULL) | ||
| 563 | { | ||
| 564 | ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); | ||
| 565 | OPENSSL_free(tmp_wNAF); | ||
| 566 | goto err; | ||
| 567 | } | ||
| 568 | memcpy(wNAF[i], pp, wNAF_len[i]); | ||
| 569 | if (wNAF_len[i] > max_len) | ||
| 570 | max_len = wNAF_len[i]; | ||
| 571 | |||
| 572 | if (*tmp_points == NULL) | ||
| 573 | { | ||
| 574 | ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); | ||
| 575 | OPENSSL_free(tmp_wNAF); | ||
| 576 | goto err; | ||
| 577 | } | ||
| 578 | val_sub[i] = tmp_points; | ||
| 579 | tmp_points += pre_points_per_block; | ||
| 580 | pp += blocksize; | ||
| 581 | } | ||
| 582 | OPENSSL_free(tmp_wNAF); | ||
| 583 | } | ||
| 584 | } | ||
| 263 | } | 585 | } |
| 264 | 586 | ||
| 265 | /* all precomputed points go into a single array 'val', | 587 | /* All points we precompute now go into a single array 'val'. |
| 266 | * 'val_sub[i]' is a pointer to the subarray for the i-th point */ | 588 | * 'val_sub[i]' is a pointer to the subarray for the i-th point, |
| 589 | * or to a subarray of 'pre_comp->points' if we already have precomputation. */ | ||
| 267 | val = OPENSSL_malloc((num_val + 1) * sizeof val[0]); | 590 | val = OPENSSL_malloc((num_val + 1) * sizeof val[0]); |
| 268 | if (val == NULL) goto err; | 591 | if (val == NULL) |
| 592 | { | ||
| 593 | ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); | ||
| 594 | goto err; | ||
| 595 | } | ||
| 269 | val[num_val] = NULL; /* pivot element */ | 596 | val[num_val] = NULL; /* pivot element */ |
| 270 | 597 | ||
| 271 | val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]); | ||
| 272 | if (val_sub == NULL) goto err; | ||
| 273 | |||
| 274 | /* allocate points for precomputation */ | 598 | /* allocate points for precomputation */ |
| 275 | v = val; | 599 | v = val; |
| 276 | for (i = 0; i < totalnum; i++) | 600 | for (i = 0; i < num + num_scalar; i++) |
| 277 | { | 601 | { |
| 278 | val_sub[i] = v; | 602 | val_sub[i] = v; |
| 279 | for (j = 0; j < (1u << (wsize[i] - 1)); j++) | 603 | for (j = 0; j < (1u << (wsize[i] - 1)); j++) |
| @@ -285,19 +609,12 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | |||
| 285 | } | 609 | } |
| 286 | if (!(v == val + num_val)) | 610 | if (!(v == val + num_val)) |
| 287 | { | 611 | { |
| 288 | ECerr(EC_F_EC_POINTS_MUL, ERR_R_INTERNAL_ERROR); | 612 | ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); |
| 289 | goto err; | 613 | goto err; |
| 290 | } | 614 | } |
| 291 | 615 | ||
| 292 | if (ctx == NULL) | 616 | if (!(tmp = EC_POINT_new(group))) |
| 293 | { | 617 | goto err; |
| 294 | ctx = new_ctx = BN_CTX_new(); | ||
| 295 | if (ctx == NULL) | ||
| 296 | goto err; | ||
| 297 | } | ||
| 298 | |||
| 299 | tmp = EC_POINT_new(group); | ||
| 300 | if (tmp == NULL) goto err; | ||
| 301 | 618 | ||
| 302 | /* prepare precomputed values: | 619 | /* prepare precomputed values: |
| 303 | * val_sub[i][0] := points[i] | 620 | * val_sub[i][0] := points[i] |
| @@ -305,7 +622,7 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | |||
| 305 | * val_sub[i][2] := 5 * points[i] | 622 | * val_sub[i][2] := 5 * points[i] |
| 306 | * ... | 623 | * ... |
| 307 | */ | 624 | */ |
| 308 | for (i = 0; i < totalnum; i++) | 625 | for (i = 0; i < num + num_scalar; i++) |
| 309 | { | 626 | { |
| 310 | if (i < num) | 627 | if (i < num) |
| 311 | { | 628 | { |
| @@ -324,16 +641,11 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | |||
| 324 | if (!EC_POINT_add(group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx)) goto err; | 641 | if (!EC_POINT_add(group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx)) goto err; |
| 325 | } | 642 | } |
| 326 | } | 643 | } |
| 327 | |||
| 328 | wNAF[i + 1] = NULL; /* make sure we always have a pivot */ | ||
| 329 | wNAF[i] = compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i], ctx); | ||
| 330 | if (wNAF[i] == NULL) goto err; | ||
| 331 | if (wNAF_len[i] > max_len) | ||
| 332 | max_len = wNAF_len[i]; | ||
| 333 | } | 644 | } |
| 334 | 645 | ||
| 335 | #if 1 /* optional; EC_window_bits_for_scalar_size assumes we do this step */ | 646 | #if 1 /* optional; EC_window_bits_for_scalar_size assumes we do this step */ |
| 336 | if (!EC_POINTs_make_affine(group, num_val, val, ctx)) goto err; | 647 | if (!EC_POINTs_make_affine(group, num_val, val, ctx)) |
| 648 | goto err; | ||
| 337 | #endif | 649 | #endif |
| 338 | 650 | ||
| 339 | r_is_at_infinity = 1; | 651 | r_is_at_infinity = 1; |
| @@ -429,57 +741,198 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | |||
| 429 | } | 741 | } |
| 430 | 742 | ||
| 431 | 743 | ||
| 432 | int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar, const EC_POINT *point, const BIGNUM *p_scalar, BN_CTX *ctx) | 744 | /* ec_wNAF_precompute_mult() |
| 433 | { | 745 | * creates an EC_PRE_COMP object with preprecomputed multiples of the generator |
| 434 | const EC_POINT *points[1]; | 746 | * for use with wNAF splitting as implemented in ec_wNAF_mul(). |
| 435 | const BIGNUM *scalars[1]; | 747 | * |
| 436 | 748 | * 'pre_comp->points' is an array of multiples of the generator | |
| 437 | points[0] = point; | 749 | * of the following form: |
| 438 | scalars[0] = p_scalar; | 750 | * points[0] = generator; |
| 439 | 751 | * points[1] = 3 * generator; | |
| 440 | return EC_POINTs_mul(group, r, g_scalar, (point != NULL && p_scalar != NULL), points, scalars, ctx); | 752 | * ... |
| 441 | } | 753 | * points[2^(w-1)-1] = (2^(w-1)-1) * generator; |
| 442 | 754 | * points[2^(w-1)] = 2^blocksize * generator; | |
| 443 | 755 | * points[2^(w-1)+1] = 3 * 2^blocksize * generator; | |
| 444 | int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx) | 756 | * ... |
| 757 | * points[2^(w-1)*(numblocks-1)-1] = (2^(w-1)) * 2^(blocksize*(numblocks-2)) * generator | ||
| 758 | * points[2^(w-1)*(numblocks-1)] = 2^(blocksize*(numblocks-1)) * generator | ||
| 759 | * ... | ||
| 760 | * points[2^(w-1)*numblocks-1] = (2^(w-1)) * 2^(blocksize*(numblocks-1)) * generator | ||
| 761 | * points[2^(w-1)*numblocks] = NULL | ||
| 762 | */ | ||
| 763 | int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) | ||
| 445 | { | 764 | { |
| 446 | const EC_POINT *generator; | 765 | const EC_POINT *generator; |
| 766 | EC_POINT *tmp_point = NULL, *base = NULL, **var; | ||
| 447 | BN_CTX *new_ctx = NULL; | 767 | BN_CTX *new_ctx = NULL; |
| 448 | BIGNUM *order; | 768 | BIGNUM *order; |
| 769 | size_t i, bits, w, pre_points_per_block, blocksize, numblocks, num; | ||
| 770 | EC_POINT **points = NULL; | ||
| 771 | EC_PRE_COMP *pre_comp; | ||
| 449 | int ret = 0; | 772 | int ret = 0; |
| 450 | 773 | ||
| 774 | /* if there is an old EC_PRE_COMP object, throw it away */ | ||
| 775 | EC_EX_DATA_free_data(&group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free); | ||
| 776 | |||
| 777 | if ((pre_comp = ec_pre_comp_new(group)) == NULL) | ||
| 778 | return 0; | ||
| 779 | |||
| 451 | generator = EC_GROUP_get0_generator(group); | 780 | generator = EC_GROUP_get0_generator(group); |
| 452 | if (generator == NULL) | 781 | if (generator == NULL) |
| 453 | { | 782 | { |
| 454 | ECerr(EC_F_EC_GROUP_PRECOMPUTE_MULT, EC_R_UNDEFINED_GENERATOR); | 783 | ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNDEFINED_GENERATOR); |
| 455 | return 0; | 784 | goto err; |
| 456 | } | 785 | } |
| 457 | 786 | ||
| 458 | if (ctx == NULL) | 787 | if (ctx == NULL) |
| 459 | { | 788 | { |
| 460 | ctx = new_ctx = BN_CTX_new(); | 789 | ctx = new_ctx = BN_CTX_new(); |
| 461 | if (ctx == NULL) | 790 | if (ctx == NULL) |
| 462 | return 0; | 791 | goto err; |
| 463 | } | 792 | } |
| 464 | 793 | ||
| 465 | BN_CTX_start(ctx); | 794 | BN_CTX_start(ctx); |
| 466 | order = BN_CTX_get(ctx); | 795 | order = BN_CTX_get(ctx); |
| 467 | if (order == NULL) goto err; | 796 | if (order == NULL) goto err; |
| 468 | 797 | ||
| 469 | if (!EC_GROUP_get_order(group, order, ctx)) return 0; | 798 | if (!EC_GROUP_get_order(group, order, ctx)) goto err; |
| 470 | if (BN_is_zero(order)) | 799 | if (BN_is_zero(order)) |
| 471 | { | 800 | { |
| 472 | ECerr(EC_F_EC_GROUP_PRECOMPUTE_MULT, EC_R_UNKNOWN_ORDER); | 801 | ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNKNOWN_ORDER); |
| 473 | goto err; | 802 | goto err; |
| 474 | } | 803 | } |
| 475 | 804 | ||
| 476 | /* TODO */ | 805 | bits = BN_num_bits(order); |
| 806 | /* The following parameters mean we precompute (approximately) | ||
| 807 | * one point per bit. | ||
| 808 | * | ||
| 809 | * TBD: The combination 8, 4 is perfect for 160 bits; for other | ||
| 810 | * bit lengths, other parameter combinations might provide better | ||
| 811 | * efficiency. | ||
| 812 | */ | ||
| 813 | blocksize = 8; | ||
| 814 | w = 4; | ||
| 815 | if (EC_window_bits_for_scalar_size(bits) > w) | ||
| 816 | { | ||
| 817 | /* let's not make the window too small ... */ | ||
| 818 | w = EC_window_bits_for_scalar_size(bits); | ||
| 819 | } | ||
| 820 | |||
| 821 | numblocks = (bits + blocksize - 1) / blocksize; /* max. number of blocks to use for wNAF splitting */ | ||
| 822 | |||
| 823 | pre_points_per_block = 1u << (w - 1); | ||
| 824 | num = pre_points_per_block * numblocks; /* number of points to compute and store */ | ||
| 477 | 825 | ||
| 478 | ret = 1; | 826 | points = OPENSSL_malloc(sizeof (EC_POINT*)*(num + 1)); |
| 827 | if (!points) | ||
| 828 | { | ||
| 829 | ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE); | ||
| 830 | goto err; | ||
| 831 | } | ||
| 832 | |||
| 833 | var = points; | ||
| 834 | var[num] = NULL; /* pivot */ | ||
| 835 | for (i = 0; i < num; i++) | ||
| 836 | { | ||
| 837 | if ((var[i] = EC_POINT_new(group)) == NULL) | ||
| 838 | { | ||
| 839 | ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE); | ||
| 840 | goto err; | ||
| 841 | } | ||
| 842 | } | ||
| 843 | |||
| 844 | if (!(tmp_point = EC_POINT_new(group)) || !(base = EC_POINT_new(group))) | ||
| 845 | { | ||
| 846 | ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE); | ||
| 847 | goto err; | ||
| 848 | } | ||
| 849 | |||
| 850 | if (!EC_POINT_copy(base, generator)) | ||
| 851 | goto err; | ||
| 852 | |||
| 853 | /* do the precomputation */ | ||
| 854 | for (i = 0; i < numblocks; i++) | ||
| 855 | { | ||
| 856 | size_t j; | ||
| 857 | |||
| 858 | if (!EC_POINT_dbl(group, tmp_point, base, ctx)) | ||
| 859 | goto err; | ||
| 860 | |||
| 861 | if (!EC_POINT_copy(*var++, base)) | ||
| 862 | goto err; | ||
| 863 | |||
| 864 | for (j = 1; j < pre_points_per_block; j++, var++) | ||
| 865 | { | ||
| 866 | /* calculate odd multiples of the current base point */ | ||
| 867 | if (!EC_POINT_add(group, *var, tmp_point, *(var - 1), ctx)) | ||
| 868 | goto err; | ||
| 869 | } | ||
| 870 | |||
| 871 | if (i < numblocks - 1) | ||
| 872 | { | ||
| 873 | /* get the next base (multiply current one by 2^blocksize) */ | ||
| 874 | size_t k; | ||
| 875 | |||
| 876 | if (blocksize <= 2) | ||
| 877 | { | ||
| 878 | ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_INTERNAL_ERROR); | ||
| 879 | goto err; | ||
| 880 | } | ||
| 881 | |||
| 882 | if (!EC_POINT_dbl(group, base, tmp_point, ctx)) | ||
| 883 | goto err; | ||
| 884 | for (k = 2; k < blocksize; k++) | ||
| 885 | { | ||
| 886 | if (!EC_POINT_dbl(group,base,base,ctx)) | ||
| 887 | goto err; | ||
| 888 | } | ||
| 889 | } | ||
| 890 | } | ||
| 891 | |||
| 892 | if (!EC_POINTs_make_affine(group, num, points, ctx)) | ||
| 893 | goto err; | ||
| 479 | 894 | ||
| 895 | pre_comp->group = group; | ||
| 896 | pre_comp->blocksize = blocksize; | ||
| 897 | pre_comp->numblocks = numblocks; | ||
| 898 | pre_comp->w = w; | ||
| 899 | pre_comp->points = points; | ||
| 900 | points = NULL; | ||
| 901 | pre_comp->num = num; | ||
| 902 | |||
| 903 | if (!EC_EX_DATA_set_data(&group->extra_data, pre_comp, | ||
| 904 | ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free)) | ||
| 905 | goto err; | ||
| 906 | pre_comp = NULL; | ||
| 907 | |||
| 908 | ret = 1; | ||
| 480 | err: | 909 | err: |
| 481 | BN_CTX_end(ctx); | 910 | if (ctx != NULL) |
| 911 | BN_CTX_end(ctx); | ||
| 482 | if (new_ctx != NULL) | 912 | if (new_ctx != NULL) |
| 483 | BN_CTX_free(new_ctx); | 913 | BN_CTX_free(new_ctx); |
| 914 | if (pre_comp) | ||
| 915 | ec_pre_comp_free(pre_comp); | ||
| 916 | if (points) | ||
| 917 | { | ||
| 918 | EC_POINT **p; | ||
| 919 | |||
| 920 | for (p = points; *p != NULL; p++) | ||
| 921 | EC_POINT_free(*p); | ||
| 922 | OPENSSL_free(points); | ||
| 923 | } | ||
| 924 | if (tmp_point) | ||
| 925 | EC_POINT_free(tmp_point); | ||
| 926 | if (base) | ||
| 927 | EC_POINT_free(base); | ||
| 484 | return ret; | 928 | return ret; |
| 485 | } | 929 | } |
| 930 | |||
| 931 | |||
| 932 | int ec_wNAF_have_precompute_mult(const EC_GROUP *group) | ||
| 933 | { | ||
| 934 | if (EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free) != NULL) | ||
| 935 | return 1; | ||
| 936 | else | ||
| 937 | return 0; | ||
| 938 | } | ||
diff --git a/src/lib/libcrypto/ec/ecp_mont.c b/src/lib/libcrypto/ec/ecp_mont.c index 7b30d4c38a..9fc4a466a5 100644 --- a/src/lib/libcrypto/ec/ecp_mont.c +++ b/src/lib/libcrypto/ec/ecp_mont.c | |||
| @@ -1,4 +1,7 @@ | |||
| 1 | /* crypto/ec/ecp_mont.c */ | 1 | /* crypto/ec/ecp_mont.c */ |
| 2 | /* | ||
| 3 | * Originally written by Bodo Moeller for the OpenSSL project. | ||
| 4 | */ | ||
| 2 | /* ==================================================================== | 5 | /* ==================================================================== |
| 3 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. |
| 4 | * | 7 | * |
| @@ -52,6 +55,11 @@ | |||
| 52 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 53 | * | 56 | * |
| 54 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * Portions of this software developed by SUN MICROSYSTEMS, INC., | ||
| 61 | * and contributed to the OpenSSL project. | ||
| 62 | */ | ||
| 55 | 63 | ||
| 56 | #include <openssl/err.h> | 64 | #include <openssl/err.h> |
| 57 | 65 | ||
| @@ -61,16 +69,15 @@ | |||
| 61 | const EC_METHOD *EC_GFp_mont_method(void) | 69 | const EC_METHOD *EC_GFp_mont_method(void) |
| 62 | { | 70 | { |
| 63 | static const EC_METHOD ret = { | 71 | static const EC_METHOD ret = { |
| 72 | NID_X9_62_prime_field, | ||
| 64 | ec_GFp_mont_group_init, | 73 | ec_GFp_mont_group_init, |
| 65 | ec_GFp_mont_group_finish, | 74 | ec_GFp_mont_group_finish, |
| 66 | ec_GFp_mont_group_clear_finish, | 75 | ec_GFp_mont_group_clear_finish, |
| 67 | ec_GFp_mont_group_copy, | 76 | ec_GFp_mont_group_copy, |
| 68 | ec_GFp_mont_group_set_curve_GFp, | 77 | ec_GFp_mont_group_set_curve, |
| 69 | ec_GFp_simple_group_get_curve_GFp, | 78 | ec_GFp_simple_group_get_curve, |
| 70 | ec_GFp_simple_group_set_generator, | 79 | ec_GFp_simple_group_get_degree, |
| 71 | ec_GFp_simple_group_get0_generator, | 80 | ec_GFp_simple_group_check_discriminant, |
| 72 | ec_GFp_simple_group_get_order, | ||
| 73 | ec_GFp_simple_group_get_cofactor, | ||
| 74 | ec_GFp_simple_point_init, | 81 | ec_GFp_simple_point_init, |
| 75 | ec_GFp_simple_point_finish, | 82 | ec_GFp_simple_point_finish, |
| 76 | ec_GFp_simple_point_clear_finish, | 83 | ec_GFp_simple_point_clear_finish, |
| @@ -78,9 +85,9 @@ const EC_METHOD *EC_GFp_mont_method(void) | |||
| 78 | ec_GFp_simple_point_set_to_infinity, | 85 | ec_GFp_simple_point_set_to_infinity, |
| 79 | ec_GFp_simple_set_Jprojective_coordinates_GFp, | 86 | ec_GFp_simple_set_Jprojective_coordinates_GFp, |
| 80 | ec_GFp_simple_get_Jprojective_coordinates_GFp, | 87 | ec_GFp_simple_get_Jprojective_coordinates_GFp, |
| 81 | ec_GFp_simple_point_set_affine_coordinates_GFp, | 88 | ec_GFp_simple_point_set_affine_coordinates, |
| 82 | ec_GFp_simple_point_get_affine_coordinates_GFp, | 89 | ec_GFp_simple_point_get_affine_coordinates, |
| 83 | ec_GFp_simple_set_compressed_coordinates_GFp, | 90 | ec_GFp_simple_set_compressed_coordinates, |
| 84 | ec_GFp_simple_point2oct, | 91 | ec_GFp_simple_point2oct, |
| 85 | ec_GFp_simple_oct2point, | 92 | ec_GFp_simple_oct2point, |
| 86 | ec_GFp_simple_add, | 93 | ec_GFp_simple_add, |
| @@ -91,8 +98,12 @@ const EC_METHOD *EC_GFp_mont_method(void) | |||
| 91 | ec_GFp_simple_cmp, | 98 | ec_GFp_simple_cmp, |
| 92 | ec_GFp_simple_make_affine, | 99 | ec_GFp_simple_make_affine, |
| 93 | ec_GFp_simple_points_make_affine, | 100 | ec_GFp_simple_points_make_affine, |
| 101 | 0 /* mul */, | ||
| 102 | 0 /* precompute_mult */, | ||
| 103 | 0 /* have_precompute_mult */, | ||
| 94 | ec_GFp_mont_field_mul, | 104 | ec_GFp_mont_field_mul, |
| 95 | ec_GFp_mont_field_sqr, | 105 | ec_GFp_mont_field_sqr, |
| 106 | 0 /* field_div */, | ||
| 96 | ec_GFp_mont_field_encode, | 107 | ec_GFp_mont_field_encode, |
| 97 | ec_GFp_mont_field_decode, | 108 | ec_GFp_mont_field_decode, |
| 98 | ec_GFp_mont_field_set_to_one }; | 109 | ec_GFp_mont_field_set_to_one }; |
| @@ -112,66 +123,6 @@ int ec_GFp_mont_group_init(EC_GROUP *group) | |||
| 112 | } | 123 | } |
| 113 | 124 | ||
| 114 | 125 | ||
| 115 | int ec_GFp_mont_group_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | ||
| 116 | { | ||
| 117 | BN_CTX *new_ctx = NULL; | ||
| 118 | BN_MONT_CTX *mont = NULL; | ||
| 119 | BIGNUM *one = NULL; | ||
| 120 | int ret = 0; | ||
| 121 | |||
| 122 | if (group->field_data1 != NULL) | ||
| 123 | { | ||
| 124 | BN_MONT_CTX_free(group->field_data1); | ||
| 125 | group->field_data1 = NULL; | ||
| 126 | } | ||
| 127 | if (group->field_data2 != NULL) | ||
| 128 | { | ||
| 129 | BN_free(group->field_data2); | ||
| 130 | group->field_data2 = NULL; | ||
| 131 | } | ||
| 132 | |||
| 133 | if (ctx == NULL) | ||
| 134 | { | ||
| 135 | ctx = new_ctx = BN_CTX_new(); | ||
| 136 | if (ctx == NULL) | ||
| 137 | return 0; | ||
| 138 | } | ||
| 139 | |||
| 140 | mont = BN_MONT_CTX_new(); | ||
| 141 | if (mont == NULL) goto err; | ||
| 142 | if (!BN_MONT_CTX_set(mont, p, ctx)) | ||
| 143 | { | ||
| 144 | ECerr(EC_F_GFP_MONT_GROUP_SET_CURVE_GFP, ERR_R_BN_LIB); | ||
| 145 | goto err; | ||
| 146 | } | ||
| 147 | one = BN_new(); | ||
| 148 | if (one == NULL) goto err; | ||
| 149 | if (!BN_to_montgomery(one, BN_value_one(), mont, ctx)) goto err; | ||
| 150 | |||
| 151 | group->field_data1 = mont; | ||
| 152 | mont = NULL; | ||
| 153 | group->field_data2 = one; | ||
| 154 | one = NULL; | ||
| 155 | |||
| 156 | ret = ec_GFp_simple_group_set_curve_GFp(group, p, a, b, ctx); | ||
| 157 | |||
| 158 | if (!ret) | ||
| 159 | { | ||
| 160 | BN_MONT_CTX_free(group->field_data1); | ||
| 161 | group->field_data1 = NULL; | ||
| 162 | BN_free(group->field_data2); | ||
| 163 | group->field_data2 = NULL; | ||
| 164 | } | ||
| 165 | |||
| 166 | err: | ||
| 167 | if (new_ctx != NULL) | ||
| 168 | BN_CTX_free(new_ctx); | ||
| 169 | if (mont != NULL) | ||
| 170 | BN_MONT_CTX_free(mont); | ||
| 171 | return ret; | ||
| 172 | } | ||
| 173 | |||
| 174 | |||
| 175 | void ec_GFp_mont_group_finish(EC_GROUP *group) | 126 | void ec_GFp_mont_group_finish(EC_GROUP *group) |
| 176 | { | 127 | { |
| 177 | if (group->field_data1 != NULL) | 128 | if (group->field_data1 != NULL) |
| @@ -243,6 +194,66 @@ int ec_GFp_mont_group_copy(EC_GROUP *dest, const EC_GROUP *src) | |||
| 243 | } | 194 | } |
| 244 | 195 | ||
| 245 | 196 | ||
| 197 | int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | ||
| 198 | { | ||
| 199 | BN_CTX *new_ctx = NULL; | ||
| 200 | BN_MONT_CTX *mont = NULL; | ||
| 201 | BIGNUM *one = NULL; | ||
| 202 | int ret = 0; | ||
| 203 | |||
| 204 | if (group->field_data1 != NULL) | ||
| 205 | { | ||
| 206 | BN_MONT_CTX_free(group->field_data1); | ||
| 207 | group->field_data1 = NULL; | ||
| 208 | } | ||
| 209 | if (group->field_data2 != NULL) | ||
| 210 | { | ||
| 211 | BN_free(group->field_data2); | ||
| 212 | group->field_data2 = NULL; | ||
| 213 | } | ||
| 214 | |||
| 215 | if (ctx == NULL) | ||
| 216 | { | ||
| 217 | ctx = new_ctx = BN_CTX_new(); | ||
| 218 | if (ctx == NULL) | ||
| 219 | return 0; | ||
| 220 | } | ||
| 221 | |||
| 222 | mont = BN_MONT_CTX_new(); | ||
| 223 | if (mont == NULL) goto err; | ||
| 224 | if (!BN_MONT_CTX_set(mont, p, ctx)) | ||
| 225 | { | ||
| 226 | ECerr(EC_F_EC_GFP_MONT_GROUP_SET_CURVE, ERR_R_BN_LIB); | ||
| 227 | goto err; | ||
| 228 | } | ||
| 229 | one = BN_new(); | ||
| 230 | if (one == NULL) goto err; | ||
| 231 | if (!BN_to_montgomery(one, BN_value_one(), mont, ctx)) goto err; | ||
| 232 | |||
| 233 | group->field_data1 = mont; | ||
| 234 | mont = NULL; | ||
| 235 | group->field_data2 = one; | ||
| 236 | one = NULL; | ||
| 237 | |||
| 238 | ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); | ||
| 239 | |||
| 240 | if (!ret) | ||
| 241 | { | ||
| 242 | BN_MONT_CTX_free(group->field_data1); | ||
| 243 | group->field_data1 = NULL; | ||
| 244 | BN_free(group->field_data2); | ||
| 245 | group->field_data2 = NULL; | ||
| 246 | } | ||
| 247 | |||
| 248 | err: | ||
| 249 | if (new_ctx != NULL) | ||
| 250 | BN_CTX_free(new_ctx); | ||
| 251 | if (mont != NULL) | ||
| 252 | BN_MONT_CTX_free(mont); | ||
| 253 | return ret; | ||
| 254 | } | ||
| 255 | |||
| 256 | |||
| 246 | int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | 257 | int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) |
| 247 | { | 258 | { |
| 248 | if (group->field_data1 == NULL) | 259 | if (group->field_data1 == NULL) |
| @@ -295,7 +306,7 @@ int ec_GFp_mont_field_set_to_one(const EC_GROUP *group, BIGNUM *r, BN_CTX *ctx) | |||
| 295 | { | 306 | { |
| 296 | if (group->field_data2 == NULL) | 307 | if (group->field_data2 == NULL) |
| 297 | { | 308 | { |
| 298 | ECerr(EC_F_EC_GFP_MONT_FIELD_DECODE, EC_R_NOT_INITIALIZED); | 309 | ECerr(EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE, EC_R_NOT_INITIALIZED); |
| 299 | return 0; | 310 | return 0; |
| 300 | } | 311 | } |
| 301 | 312 | ||
diff --git a/src/lib/libcrypto/ec/ecp_nist.c b/src/lib/libcrypto/ec/ecp_nist.c index ed07748675..71893d5eab 100644 --- a/src/lib/libcrypto/ec/ecp_nist.c +++ b/src/lib/libcrypto/ec/ecp_nist.c | |||
| @@ -1,6 +1,9 @@ | |||
| 1 | /* crypto/ec/ecp_nist.c */ | 1 | /* crypto/ec/ecp_nist.c */ |
| 2 | /* | ||
| 3 | * Written by Nils Larsch for the OpenSSL project. | ||
| 4 | */ | ||
| 2 | /* ==================================================================== | 5 | /* ==================================================================== |
| 3 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. |
| 4 | * | 7 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -52,23 +55,30 @@ | |||
| 52 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 53 | * | 56 | * |
| 54 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * Portions of this software developed by SUN MICROSYSTEMS, INC., | ||
| 61 | * and contributed to the OpenSSL project. | ||
| 62 | */ | ||
| 55 | 63 | ||
| 64 | #include <limits.h> | ||
| 65 | |||
| 66 | #include <openssl/err.h> | ||
| 67 | #include <openssl/obj_mac.h> | ||
| 56 | #include "ec_lcl.h" | 68 | #include "ec_lcl.h" |
| 57 | 69 | ||
| 58 | #if 0 | ||
| 59 | const EC_METHOD *EC_GFp_nist_method(void) | 70 | const EC_METHOD *EC_GFp_nist_method(void) |
| 60 | { | 71 | { |
| 61 | static const EC_METHOD ret = { | 72 | static const EC_METHOD ret = { |
| 62 | ec_GFp_nist_group_init, | 73 | NID_X9_62_prime_field, |
| 63 | ec_GFp_nist_group_finish, | 74 | ec_GFp_simple_group_init, |
| 64 | ec_GFp_nist_group_clear_finish, | 75 | ec_GFp_simple_group_finish, |
| 76 | ec_GFp_simple_group_clear_finish, | ||
| 65 | ec_GFp_nist_group_copy, | 77 | ec_GFp_nist_group_copy, |
| 66 | ec_GFp_nist_group_set_curve_GFp, | 78 | ec_GFp_nist_group_set_curve, |
| 67 | ec_GFp_simple_group_get_curve_GFp, | 79 | ec_GFp_simple_group_get_curve, |
| 68 | ec_GFp_simple_group_set_generator, | 80 | ec_GFp_simple_group_get_degree, |
| 69 | ec_GFp_simple_group_get0_generator, | 81 | ec_GFp_simple_group_check_discriminant, |
| 70 | ec_GFp_simple_group_get_order, | ||
| 71 | ec_GFp_simple_group_get_cofactor, | ||
| 72 | ec_GFp_simple_point_init, | 82 | ec_GFp_simple_point_init, |
| 73 | ec_GFp_simple_point_finish, | 83 | ec_GFp_simple_point_finish, |
| 74 | ec_GFp_simple_point_clear_finish, | 84 | ec_GFp_simple_point_clear_finish, |
| @@ -76,9 +86,9 @@ const EC_METHOD *EC_GFp_nist_method(void) | |||
| 76 | ec_GFp_simple_point_set_to_infinity, | 86 | ec_GFp_simple_point_set_to_infinity, |
| 77 | ec_GFp_simple_set_Jprojective_coordinates_GFp, | 87 | ec_GFp_simple_set_Jprojective_coordinates_GFp, |
| 78 | ec_GFp_simple_get_Jprojective_coordinates_GFp, | 88 | ec_GFp_simple_get_Jprojective_coordinates_GFp, |
| 79 | ec_GFp_simple_point_set_affine_coordinates_GFp, | 89 | ec_GFp_simple_point_set_affine_coordinates, |
| 80 | ec_GFp_simple_point_get_affine_coordinates_GFp, | 90 | ec_GFp_simple_point_get_affine_coordinates, |
| 81 | ec_GFp_simple_set_compressed_coordinates_GFp, | 91 | ec_GFp_simple_set_compressed_coordinates, |
| 82 | ec_GFp_simple_point2oct, | 92 | ec_GFp_simple_point2oct, |
| 83 | ec_GFp_simple_oct2point, | 93 | ec_GFp_simple_oct2point, |
| 84 | ec_GFp_simple_add, | 94 | ec_GFp_simple_add, |
| @@ -89,46 +99,138 @@ const EC_METHOD *EC_GFp_nist_method(void) | |||
| 89 | ec_GFp_simple_cmp, | 99 | ec_GFp_simple_cmp, |
| 90 | ec_GFp_simple_make_affine, | 100 | ec_GFp_simple_make_affine, |
| 91 | ec_GFp_simple_points_make_affine, | 101 | ec_GFp_simple_points_make_affine, |
| 102 | 0 /* mul */, | ||
| 103 | 0 /* precompute_mult */, | ||
| 104 | 0 /* have_precompute_mult */, | ||
| 92 | ec_GFp_nist_field_mul, | 105 | ec_GFp_nist_field_mul, |
| 93 | ec_GFp_nist_field_sqr, | 106 | ec_GFp_nist_field_sqr, |
| 107 | 0 /* field_div */, | ||
| 94 | 0 /* field_encode */, | 108 | 0 /* field_encode */, |
| 95 | 0 /* field_decode */, | 109 | 0 /* field_decode */, |
| 96 | 0 /* field_set_to_one */ }; | 110 | 0 /* field_set_to_one */ }; |
| 97 | 111 | ||
| 98 | return &ret; | 112 | return &ret; |
| 99 | } | 113 | } |
| 100 | #endif | ||
| 101 | 114 | ||
| 115 | #if BN_BITS2 == 64 | ||
| 116 | #define NO_32_BIT_TYPE | ||
| 117 | #endif | ||
| 102 | 118 | ||
| 103 | int ec_GFp_nist_group_init(EC_GROUP *group) | 119 | int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src) |
| 104 | { | 120 | { |
| 105 | int ok; | 121 | dest->field_mod_func = src->field_mod_func; |
| 106 | 122 | ||
| 107 | ok = ec_GFp_simple_group_init(group); | 123 | return ec_GFp_simple_group_copy(dest, src); |
| 108 | group->field_data1 = NULL; | ||
| 109 | return ok; | ||
| 110 | } | 124 | } |
| 111 | 125 | ||
| 112 | 126 | int ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p, | |
| 113 | int ec_GFp_nist_group_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); | 127 | const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) |
| 114 | /* TODO */ | 128 | { |
| 115 | 129 | int ret = 0; | |
| 116 | 130 | BN_CTX *new_ctx = NULL; | |
| 117 | void ec_GFp_nist_group_finish(EC_GROUP *group); | 131 | BIGNUM *tmp_bn; |
| 118 | /* TODO */ | 132 | |
| 119 | 133 | if (ctx == NULL) | |
| 120 | 134 | if ((ctx = new_ctx = BN_CTX_new()) == NULL) return 0; | |
| 121 | void ec_GFp_nist_group_clear_finish(EC_GROUP *group); | 135 | |
| 122 | /* TODO */ | 136 | BN_CTX_start(ctx); |
| 123 | 137 | if ((tmp_bn = BN_CTX_get(ctx)) == NULL) goto err; | |
| 124 | 138 | ||
| 125 | int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src); | 139 | if (BN_ucmp(BN_get0_nist_prime_192(), p) == 0) |
| 126 | /* TODO */ | 140 | group->field_mod_func = BN_nist_mod_192; |
| 141 | else if (BN_ucmp(BN_get0_nist_prime_224(), p) == 0) | ||
| 142 | { | ||
| 143 | #ifndef NO_32_BIT_TYPE | ||
| 144 | group->field_mod_func = BN_nist_mod_224; | ||
| 145 | #else | ||
| 146 | ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME); | ||
| 147 | goto err; | ||
| 148 | #endif | ||
| 149 | } | ||
| 150 | else if (BN_ucmp(BN_get0_nist_prime_256(), p) == 0) | ||
| 151 | { | ||
| 152 | #ifndef NO_32_BIT_TYPE | ||
| 153 | group->field_mod_func = BN_nist_mod_256; | ||
| 154 | #else | ||
| 155 | ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME); | ||
| 156 | goto err; | ||
| 157 | #endif | ||
| 158 | } | ||
| 159 | else if (BN_ucmp(BN_get0_nist_prime_384(), p) == 0) | ||
| 160 | { | ||
| 161 | #ifndef NO_32_BIT_TYPE | ||
| 162 | group->field_mod_func = BN_nist_mod_384; | ||
| 163 | #else | ||
| 164 | ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME); | ||
| 165 | goto err; | ||
| 166 | #endif | ||
| 167 | } | ||
| 168 | else if (BN_ucmp(BN_get0_nist_prime_521(), p) == 0) | ||
| 169 | /* this one works in the NO_32_BIT_TYPE case */ | ||
| 170 | group->field_mod_func = BN_nist_mod_521; | ||
| 171 | else | ||
| 172 | { | ||
| 173 | ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_NIST_PRIME); | ||
| 174 | goto err; | ||
| 175 | } | ||
| 176 | |||
| 177 | ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); | ||
| 178 | |||
| 179 | err: | ||
| 180 | BN_CTX_end(ctx); | ||
| 181 | if (new_ctx != NULL) | ||
| 182 | BN_CTX_free(new_ctx); | ||
| 183 | return ret; | ||
| 184 | } | ||
| 127 | 185 | ||
| 128 | 186 | ||
| 129 | int ec_GFp_nist_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); | 187 | int ec_GFp_nist_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, |
| 130 | /* TODO */ | 188 | const BIGNUM *b, BN_CTX *ctx) |
| 189 | { | ||
| 190 | int ret=0; | ||
| 191 | BN_CTX *ctx_new=NULL; | ||
| 192 | |||
| 193 | if (!group || !r || !a || !b) | ||
| 194 | { | ||
| 195 | ECerr(EC_F_EC_GFP_NIST_FIELD_MUL, ERR_R_PASSED_NULL_PARAMETER); | ||
| 196 | goto err; | ||
| 197 | } | ||
| 198 | if (!ctx) | ||
| 199 | if ((ctx_new = ctx = BN_CTX_new()) == NULL) goto err; | ||
| 200 | |||
| 201 | if (!BN_mul(r, a, b, ctx)) goto err; | ||
| 202 | if (!group->field_mod_func(r, r, &group->field, ctx)) | ||
| 203 | goto err; | ||
| 204 | |||
| 205 | ret=1; | ||
| 206 | err: | ||
| 207 | if (ctx_new) | ||
| 208 | BN_CTX_free(ctx_new); | ||
| 209 | return ret; | ||
| 210 | } | ||
| 131 | 211 | ||
| 132 | 212 | ||
| 133 | int ec_GFp_nist_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx); | 213 | int ec_GFp_nist_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, |
| 134 | /* TODO */ | 214 | BN_CTX *ctx) |
| 215 | { | ||
| 216 | int ret=0; | ||
| 217 | BN_CTX *ctx_new=NULL; | ||
| 218 | |||
| 219 | if (!group || !r || !a) | ||
| 220 | { | ||
| 221 | ECerr(EC_F_EC_GFP_NIST_FIELD_SQR, EC_R_PASSED_NULL_PARAMETER); | ||
| 222 | goto err; | ||
| 223 | } | ||
| 224 | if (!ctx) | ||
| 225 | if ((ctx_new = ctx = BN_CTX_new()) == NULL) goto err; | ||
| 226 | |||
| 227 | if (!BN_sqr(r, a, ctx)) goto err; | ||
| 228 | if (!group->field_mod_func(r, r, &group->field, ctx)) | ||
| 229 | goto err; | ||
| 230 | |||
| 231 | ret=1; | ||
| 232 | err: | ||
| 233 | if (ctx_new) | ||
| 234 | BN_CTX_free(ctx_new); | ||
| 235 | return ret; | ||
| 236 | } | ||
diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c index e9a51fb87a..4d26f8bdf6 100644 --- a/src/lib/libcrypto/ec/ecp_smpl.c +++ b/src/lib/libcrypto/ec/ecp_smpl.c | |||
| @@ -1,8 +1,10 @@ | |||
| 1 | /* crypto/ec/ecp_smpl.c */ | 1 | /* crypto/ec/ecp_smpl.c */ |
| 2 | /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> | 2 | /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> |
| 3 | * for the OpenSSL project. */ | 3 | * for the OpenSSL project. |
| 4 | * Includes code written by Bodo Moeller for the OpenSSL project. | ||
| 5 | */ | ||
| 4 | /* ==================================================================== | 6 | /* ==================================================================== |
| 5 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | 7 | * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. |
| 6 | * | 8 | * |
| 7 | * Redistribution and use in source and binary forms, with or without | 9 | * Redistribution and use in source and binary forms, with or without |
| 8 | * modification, are permitted provided that the following conditions | 10 | * modification, are permitted provided that the following conditions |
| @@ -54,25 +56,29 @@ | |||
| 54 | * Hudson (tjh@cryptsoft.com). | 56 | * Hudson (tjh@cryptsoft.com). |
| 55 | * | 57 | * |
| 56 | */ | 58 | */ |
| 59 | /* ==================================================================== | ||
| 60 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 61 | * Portions of this software developed by SUN MICROSYSTEMS, INC., | ||
| 62 | * and contributed to the OpenSSL project. | ||
| 63 | */ | ||
| 57 | 64 | ||
| 58 | #include <openssl/err.h> | 65 | #include <openssl/err.h> |
| 66 | #include <openssl/symhacks.h> | ||
| 59 | 67 | ||
| 60 | #include "ec_lcl.h" | 68 | #include "ec_lcl.h" |
| 61 | 69 | ||
| 62 | |||
| 63 | const EC_METHOD *EC_GFp_simple_method(void) | 70 | const EC_METHOD *EC_GFp_simple_method(void) |
| 64 | { | 71 | { |
| 65 | static const EC_METHOD ret = { | 72 | static const EC_METHOD ret = { |
| 73 | NID_X9_62_prime_field, | ||
| 66 | ec_GFp_simple_group_init, | 74 | ec_GFp_simple_group_init, |
| 67 | ec_GFp_simple_group_finish, | 75 | ec_GFp_simple_group_finish, |
| 68 | ec_GFp_simple_group_clear_finish, | 76 | ec_GFp_simple_group_clear_finish, |
| 69 | ec_GFp_simple_group_copy, | 77 | ec_GFp_simple_group_copy, |
| 70 | ec_GFp_simple_group_set_curve_GFp, | 78 | ec_GFp_simple_group_set_curve, |
| 71 | ec_GFp_simple_group_get_curve_GFp, | 79 | ec_GFp_simple_group_get_curve, |
| 72 | ec_GFp_simple_group_set_generator, | 80 | ec_GFp_simple_group_get_degree, |
| 73 | ec_GFp_simple_group_get0_generator, | 81 | ec_GFp_simple_group_check_discriminant, |
| 74 | ec_GFp_simple_group_get_order, | ||
| 75 | ec_GFp_simple_group_get_cofactor, | ||
| 76 | ec_GFp_simple_point_init, | 82 | ec_GFp_simple_point_init, |
| 77 | ec_GFp_simple_point_finish, | 83 | ec_GFp_simple_point_finish, |
| 78 | ec_GFp_simple_point_clear_finish, | 84 | ec_GFp_simple_point_clear_finish, |
| @@ -80,9 +86,9 @@ const EC_METHOD *EC_GFp_simple_method(void) | |||
| 80 | ec_GFp_simple_point_set_to_infinity, | 86 | ec_GFp_simple_point_set_to_infinity, |
| 81 | ec_GFp_simple_set_Jprojective_coordinates_GFp, | 87 | ec_GFp_simple_set_Jprojective_coordinates_GFp, |
| 82 | ec_GFp_simple_get_Jprojective_coordinates_GFp, | 88 | ec_GFp_simple_get_Jprojective_coordinates_GFp, |
| 83 | ec_GFp_simple_point_set_affine_coordinates_GFp, | 89 | ec_GFp_simple_point_set_affine_coordinates, |
| 84 | ec_GFp_simple_point_get_affine_coordinates_GFp, | 90 | ec_GFp_simple_point_get_affine_coordinates, |
| 85 | ec_GFp_simple_set_compressed_coordinates_GFp, | 91 | ec_GFp_simple_set_compressed_coordinates, |
| 86 | ec_GFp_simple_point2oct, | 92 | ec_GFp_simple_point2oct, |
| 87 | ec_GFp_simple_oct2point, | 93 | ec_GFp_simple_oct2point, |
| 88 | ec_GFp_simple_add, | 94 | ec_GFp_simple_add, |
| @@ -93,8 +99,12 @@ const EC_METHOD *EC_GFp_simple_method(void) | |||
| 93 | ec_GFp_simple_cmp, | 99 | ec_GFp_simple_cmp, |
| 94 | ec_GFp_simple_make_affine, | 100 | ec_GFp_simple_make_affine, |
| 95 | ec_GFp_simple_points_make_affine, | 101 | ec_GFp_simple_points_make_affine, |
| 102 | 0 /* mul */, | ||
| 103 | 0 /* precompute_mult */, | ||
| 104 | 0 /* have_precompute_mult */, | ||
| 96 | ec_GFp_simple_field_mul, | 105 | ec_GFp_simple_field_mul, |
| 97 | ec_GFp_simple_field_sqr, | 106 | ec_GFp_simple_field_sqr, |
| 107 | 0 /* field_div */, | ||
| 98 | 0 /* field_encode */, | 108 | 0 /* field_encode */, |
| 99 | 0 /* field_decode */, | 109 | 0 /* field_decode */, |
| 100 | 0 /* field_set_to_one */ }; | 110 | 0 /* field_set_to_one */ }; |
| @@ -103,15 +113,26 @@ const EC_METHOD *EC_GFp_simple_method(void) | |||
| 103 | } | 113 | } |
| 104 | 114 | ||
| 105 | 115 | ||
| 116 | /* Most method functions in this file are designed to work with | ||
| 117 | * non-trivial representations of field elements if necessary | ||
| 118 | * (see ecp_mont.c): while standard modular addition and subtraction | ||
| 119 | * are used, the field_mul and field_sqr methods will be used for | ||
| 120 | * multiplication, and field_encode and field_decode (if defined) | ||
| 121 | * will be used for converting between representations. | ||
| 122 | |||
| 123 | * Functions ec_GFp_simple_points_make_affine() and | ||
| 124 | * ec_GFp_simple_point_get_affine_coordinates() specifically assume | ||
| 125 | * that if a non-trivial representation is used, it is a Montgomery | ||
| 126 | * representation (i.e. 'encoding' means multiplying by some factor R). | ||
| 127 | */ | ||
| 128 | |||
| 129 | |||
| 106 | int ec_GFp_simple_group_init(EC_GROUP *group) | 130 | int ec_GFp_simple_group_init(EC_GROUP *group) |
| 107 | { | 131 | { |
| 108 | BN_init(&group->field); | 132 | BN_init(&group->field); |
| 109 | BN_init(&group->a); | 133 | BN_init(&group->a); |
| 110 | BN_init(&group->b); | 134 | BN_init(&group->b); |
| 111 | group->a_is_minus3 = 0; | 135 | group->a_is_minus3 = 0; |
| 112 | group->generator = NULL; | ||
| 113 | BN_init(&group->order); | ||
| 114 | BN_init(&group->cofactor); | ||
| 115 | return 1; | 136 | return 1; |
| 116 | } | 137 | } |
| 117 | 138 | ||
| @@ -121,10 +142,6 @@ void ec_GFp_simple_group_finish(EC_GROUP *group) | |||
| 121 | BN_free(&group->field); | 142 | BN_free(&group->field); |
| 122 | BN_free(&group->a); | 143 | BN_free(&group->a); |
| 123 | BN_free(&group->b); | 144 | BN_free(&group->b); |
| 124 | if (group->generator != NULL) | ||
| 125 | EC_POINT_free(group->generator); | ||
| 126 | BN_free(&group->order); | ||
| 127 | BN_free(&group->cofactor); | ||
| 128 | } | 145 | } |
| 129 | 146 | ||
| 130 | 147 | ||
| @@ -133,13 +150,6 @@ void ec_GFp_simple_group_clear_finish(EC_GROUP *group) | |||
| 133 | BN_clear_free(&group->field); | 150 | BN_clear_free(&group->field); |
| 134 | BN_clear_free(&group->a); | 151 | BN_clear_free(&group->a); |
| 135 | BN_clear_free(&group->b); | 152 | BN_clear_free(&group->b); |
| 136 | if (group->generator != NULL) | ||
| 137 | { | ||
| 138 | EC_POINT_clear_free(group->generator); | ||
| 139 | group->generator = NULL; | ||
| 140 | } | ||
| 141 | BN_clear_free(&group->order); | ||
| 142 | BN_clear_free(&group->cofactor); | ||
| 143 | } | 153 | } |
| 144 | 154 | ||
| 145 | 155 | ||
| @@ -151,33 +161,11 @@ int ec_GFp_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src) | |||
| 151 | 161 | ||
| 152 | dest->a_is_minus3 = src->a_is_minus3; | 162 | dest->a_is_minus3 = src->a_is_minus3; |
| 153 | 163 | ||
| 154 | if (src->generator != NULL) | ||
| 155 | { | ||
| 156 | if (dest->generator == NULL) | ||
| 157 | { | ||
| 158 | dest->generator = EC_POINT_new(dest); | ||
| 159 | if (dest->generator == NULL) return 0; | ||
| 160 | } | ||
| 161 | if (!EC_POINT_copy(dest->generator, src->generator)) return 0; | ||
| 162 | } | ||
| 163 | else | ||
| 164 | { | ||
| 165 | /* src->generator == NULL */ | ||
| 166 | if (dest->generator != NULL) | ||
| 167 | { | ||
| 168 | EC_POINT_clear_free(dest->generator); | ||
| 169 | dest->generator = NULL; | ||
| 170 | } | ||
| 171 | } | ||
| 172 | |||
| 173 | if (!BN_copy(&dest->order, &src->order)) return 0; | ||
| 174 | if (!BN_copy(&dest->cofactor, &src->cofactor)) return 0; | ||
| 175 | |||
| 176 | return 1; | 164 | return 1; |
| 177 | } | 165 | } |
| 178 | 166 | ||
| 179 | 167 | ||
| 180 | int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *group, | 168 | int ec_GFp_simple_group_set_curve(EC_GROUP *group, |
| 181 | const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | 169 | const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) |
| 182 | { | 170 | { |
| 183 | int ret = 0; | 171 | int ret = 0; |
| @@ -187,7 +175,7 @@ int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *group, | |||
| 187 | /* p must be a prime > 3 */ | 175 | /* p must be a prime > 3 */ |
| 188 | if (BN_num_bits(p) <= 2 || !BN_is_odd(p)) | 176 | if (BN_num_bits(p) <= 2 || !BN_is_odd(p)) |
| 189 | { | 177 | { |
| 190 | ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP, EC_R_INVALID_FIELD); | 178 | ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_INVALID_FIELD); |
| 191 | return 0; | 179 | return 0; |
| 192 | } | 180 | } |
| 193 | 181 | ||
| @@ -204,7 +192,7 @@ int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *group, | |||
| 204 | 192 | ||
| 205 | /* group->field */ | 193 | /* group->field */ |
| 206 | if (!BN_copy(&group->field, p)) goto err; | 194 | if (!BN_copy(&group->field, p)) goto err; |
| 207 | group->field.neg = 0; | 195 | BN_set_negative(&group->field, 0); |
| 208 | 196 | ||
| 209 | /* group->a */ | 197 | /* group->a */ |
| 210 | if (!BN_nnmod(tmp_a, a, p, ctx)) goto err; | 198 | if (!BN_nnmod(tmp_a, a, p, ctx)) goto err; |
| @@ -232,7 +220,7 @@ int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *group, | |||
| 232 | } | 220 | } |
| 233 | 221 | ||
| 234 | 222 | ||
| 235 | int ec_GFp_simple_group_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) | 223 | int ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) |
| 236 | { | 224 | { |
| 237 | int ret = 0; | 225 | int ret = 0; |
| 238 | BN_CTX *new_ctx = NULL; | 226 | BN_CTX *new_ctx = NULL; |
| @@ -283,58 +271,76 @@ int ec_GFp_simple_group_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM * | |||
| 283 | } | 271 | } |
| 284 | 272 | ||
| 285 | 273 | ||
| 274 | int ec_GFp_simple_group_get_degree(const EC_GROUP *group) | ||
| 275 | { | ||
| 276 | return BN_num_bits(&group->field); | ||
| 277 | } | ||
| 278 | |||
| 286 | 279 | ||
| 287 | int ec_GFp_simple_group_set_generator(EC_GROUP *group, const EC_POINT *generator, | 280 | int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx) |
| 288 | const BIGNUM *order, const BIGNUM *cofactor) | ||
| 289 | { | 281 | { |
| 290 | if (generator == NULL) | 282 | int ret = 0; |
| 283 | BIGNUM *a,*b,*order,*tmp_1,*tmp_2; | ||
| 284 | const BIGNUM *p = &group->field; | ||
| 285 | BN_CTX *new_ctx = NULL; | ||
| 286 | |||
| 287 | if (ctx == NULL) | ||
| 291 | { | 288 | { |
| 292 | ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR, ERR_R_PASSED_NULL_PARAMETER); | 289 | ctx = new_ctx = BN_CTX_new(); |
| 293 | return 0 ; | 290 | if (ctx == NULL) |
| 291 | { | ||
| 292 | ECerr(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT, ERR_R_MALLOC_FAILURE); | ||
| 293 | goto err; | ||
| 294 | } | ||
| 294 | } | 295 | } |
| 296 | BN_CTX_start(ctx); | ||
| 297 | a = BN_CTX_get(ctx); | ||
| 298 | b = BN_CTX_get(ctx); | ||
| 299 | tmp_1 = BN_CTX_get(ctx); | ||
| 300 | tmp_2 = BN_CTX_get(ctx); | ||
| 301 | order = BN_CTX_get(ctx); | ||
| 302 | if (order == NULL) goto err; | ||
| 295 | 303 | ||
| 296 | if (group->generator == NULL) | 304 | if (group->meth->field_decode) |
| 297 | { | 305 | { |
| 298 | group->generator = EC_POINT_new(group); | 306 | if (!group->meth->field_decode(group, a, &group->a, ctx)) goto err; |
| 299 | if (group->generator == NULL) return 0; | 307 | if (!group->meth->field_decode(group, b, &group->b, ctx)) goto err; |
| 300 | } | 308 | } |
| 301 | if (!EC_POINT_copy(group->generator, generator)) return 0; | ||
| 302 | |||
| 303 | if (order != NULL) | ||
| 304 | { if (!BN_copy(&group->order, order)) return 0; } | ||
| 305 | else | ||
| 306 | { if (!BN_zero(&group->order)) return 0; } | ||
| 307 | |||
| 308 | if (cofactor != NULL) | ||
| 309 | { if (!BN_copy(&group->cofactor, cofactor)) return 0; } | ||
| 310 | else | 309 | else |
| 311 | { if (!BN_zero(&group->cofactor)) return 0; } | 310 | { |
| 312 | 311 | if (!BN_copy(a, &group->a)) goto err; | |
| 313 | return 1; | 312 | if (!BN_copy(b, &group->b)) goto err; |
| 314 | } | 313 | } |
| 315 | 314 | ||
| 316 | 315 | /* check the discriminant: | |
| 317 | EC_POINT *ec_GFp_simple_group_get0_generator(const EC_GROUP *group) | 316 | * y^2 = x^3 + a*x + b is an elliptic curve <=> 4*a^3 + 27*b^2 != 0 (mod p) |
| 318 | { | 317 | * 0 =< a, b < p */ |
| 319 | return group->generator; | 318 | if (BN_is_zero(a)) |
| 320 | } | 319 | { |
| 321 | 320 | if (BN_is_zero(b)) goto err; | |
| 322 | 321 | } | |
| 323 | int ec_GFp_simple_group_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx) | 322 | else if (!BN_is_zero(b)) |
| 324 | { | 323 | { |
| 325 | if (!BN_copy(order, &group->order)) | 324 | if (!BN_mod_sqr(tmp_1, a, p, ctx)) goto err; |
| 326 | return 0; | 325 | if (!BN_mod_mul(tmp_2, tmp_1, a, p, ctx)) goto err; |
| 327 | 326 | if (!BN_lshift(tmp_1, tmp_2, 2)) goto err; | |
| 328 | return !BN_is_zero(&group->order); | 327 | /* tmp_1 = 4*a^3 */ |
| 329 | } | ||
| 330 | 328 | ||
| 329 | if (!BN_mod_sqr(tmp_2, b, p, ctx)) goto err; | ||
| 330 | if (!BN_mul_word(tmp_2, 27)) goto err; | ||
| 331 | /* tmp_2 = 27*b^2 */ | ||
| 331 | 332 | ||
| 332 | int ec_GFp_simple_group_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx) | 333 | if (!BN_mod_add(a, tmp_1, tmp_2, p, ctx)) goto err; |
| 333 | { | 334 | if (BN_is_zero(a)) goto err; |
| 334 | if (!BN_copy(cofactor, &group->cofactor)) | 335 | } |
| 335 | return 0; | 336 | ret = 1; |
| 336 | 337 | ||
| 337 | return !BN_is_zero(&group->cofactor); | 338 | err: |
| 339 | if (ctx != NULL) | ||
| 340 | BN_CTX_end(ctx); | ||
| 341 | if (new_ctx != NULL) | ||
| 342 | BN_CTX_free(new_ctx); | ||
| 343 | return ret; | ||
| 338 | } | 344 | } |
| 339 | 345 | ||
| 340 | 346 | ||
| @@ -380,7 +386,8 @@ int ec_GFp_simple_point_copy(EC_POINT *dest, const EC_POINT *src) | |||
| 380 | int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point) | 386 | int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point) |
| 381 | { | 387 | { |
| 382 | point->Z_is_one = 0; | 388 | point->Z_is_one = 0; |
| 383 | return (BN_zero(&point->Z)); | 389 | BN_zero(&point->Z); |
| 390 | return 1; | ||
| 384 | } | 391 | } |
| 385 | 392 | ||
| 386 | 393 | ||
| @@ -497,13 +504,13 @@ int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *group, const E | |||
| 497 | } | 504 | } |
| 498 | 505 | ||
| 499 | 506 | ||
| 500 | int ec_GFp_simple_point_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, | 507 | int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *group, EC_POINT *point, |
| 501 | const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) | 508 | const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) |
| 502 | { | 509 | { |
| 503 | if (x == NULL || y == NULL) | 510 | if (x == NULL || y == NULL) |
| 504 | { | 511 | { |
| 505 | /* unlike for projective coordinates, we do not tolerate this */ | 512 | /* unlike for projective coordinates, we do not tolerate this */ |
| 506 | ECerr(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP, ERR_R_PASSED_NULL_PARAMETER); | 513 | ECerr(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES, ERR_R_PASSED_NULL_PARAMETER); |
| 507 | return 0; | 514 | return 0; |
| 508 | } | 515 | } |
| 509 | 516 | ||
| @@ -511,17 +518,17 @@ int ec_GFp_simple_point_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POI | |||
| 511 | } | 518 | } |
| 512 | 519 | ||
| 513 | 520 | ||
| 514 | int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point, | 521 | int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, |
| 515 | BIGNUM *x, BIGNUM *y, BN_CTX *ctx) | 522 | BIGNUM *x, BIGNUM *y, BN_CTX *ctx) |
| 516 | { | 523 | { |
| 517 | BN_CTX *new_ctx = NULL; | 524 | BN_CTX *new_ctx = NULL; |
| 518 | BIGNUM *X, *Y, *Z, *Z_1, *Z_2, *Z_3; | 525 | BIGNUM *Z, *Z_1, *Z_2, *Z_3; |
| 519 | const BIGNUM *X_, *Y_, *Z_; | 526 | const BIGNUM *Z_; |
| 520 | int ret = 0; | 527 | int ret = 0; |
| 521 | 528 | ||
| 522 | if (EC_POINT_is_at_infinity(group, point)) | 529 | if (EC_POINT_is_at_infinity(group, point)) |
| 523 | { | 530 | { |
| 524 | ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP, EC_R_POINT_AT_INFINITY); | 531 | ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES, EC_R_POINT_AT_INFINITY); |
| 525 | return 0; | 532 | return 0; |
| 526 | } | 533 | } |
| 527 | 534 | ||
| @@ -533,8 +540,6 @@ int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const | |||
| 533 | } | 540 | } |
| 534 | 541 | ||
| 535 | BN_CTX_start(ctx); | 542 | BN_CTX_start(ctx); |
| 536 | X = BN_CTX_get(ctx); | ||
| 537 | Y = BN_CTX_get(ctx); | ||
| 538 | Z = BN_CTX_get(ctx); | 543 | Z = BN_CTX_get(ctx); |
| 539 | Z_1 = BN_CTX_get(ctx); | 544 | Z_1 = BN_CTX_get(ctx); |
| 540 | Z_2 = BN_CTX_get(ctx); | 545 | Z_2 = BN_CTX_get(ctx); |
| @@ -545,34 +550,44 @@ int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const | |||
| 545 | 550 | ||
| 546 | if (group->meth->field_decode) | 551 | if (group->meth->field_decode) |
| 547 | { | 552 | { |
| 548 | if (!group->meth->field_decode(group, X, &point->X, ctx)) goto err; | ||
| 549 | if (!group->meth->field_decode(group, Y, &point->Y, ctx)) goto err; | ||
| 550 | if (!group->meth->field_decode(group, Z, &point->Z, ctx)) goto err; | 553 | if (!group->meth->field_decode(group, Z, &point->Z, ctx)) goto err; |
| 551 | X_ = X; Y_ = Y; Z_ = Z; | 554 | Z_ = Z; |
| 552 | } | 555 | } |
| 553 | else | 556 | else |
| 554 | { | 557 | { |
| 555 | X_ = &point->X; | ||
| 556 | Y_ = &point->Y; | ||
| 557 | Z_ = &point->Z; | 558 | Z_ = &point->Z; |
| 558 | } | 559 | } |
| 559 | 560 | ||
| 560 | if (BN_is_one(Z_)) | 561 | if (BN_is_one(Z_)) |
| 561 | { | 562 | { |
| 562 | if (x != NULL) | 563 | if (group->meth->field_decode) |
| 563 | { | 564 | { |
| 564 | if (!BN_copy(x, X_)) goto err; | 565 | if (x != NULL) |
| 566 | { | ||
| 567 | if (!group->meth->field_decode(group, x, &point->X, ctx)) goto err; | ||
| 568 | } | ||
| 569 | if (y != NULL) | ||
| 570 | { | ||
| 571 | if (!group->meth->field_decode(group, y, &point->Y, ctx)) goto err; | ||
| 572 | } | ||
| 565 | } | 573 | } |
| 566 | if (y != NULL) | 574 | else |
| 567 | { | 575 | { |
| 568 | if (!BN_copy(y, Y_)) goto err; | 576 | if (x != NULL) |
| 577 | { | ||
| 578 | if (!BN_copy(x, &point->X)) goto err; | ||
| 579 | } | ||
| 580 | if (y != NULL) | ||
| 581 | { | ||
| 582 | if (!BN_copy(y, &point->Y)) goto err; | ||
| 583 | } | ||
| 569 | } | 584 | } |
| 570 | } | 585 | } |
| 571 | else | 586 | else |
| 572 | { | 587 | { |
| 573 | if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx)) | 588 | if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx)) |
| 574 | { | 589 | { |
| 575 | ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP, ERR_R_BN_LIB); | 590 | ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES, ERR_R_BN_LIB); |
| 576 | goto err; | 591 | goto err; |
| 577 | } | 592 | } |
| 578 | 593 | ||
| @@ -588,15 +603,8 @@ int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const | |||
| 588 | 603 | ||
| 589 | if (x != NULL) | 604 | if (x != NULL) |
| 590 | { | 605 | { |
| 591 | if (group->meth->field_encode == 0) | 606 | /* in the Montgomery case, field_mul will cancel out Montgomery factor in X: */ |
| 592 | { | 607 | if (!group->meth->field_mul(group, x, &point->X, Z_2, ctx)) goto err; |
| 593 | /* field_mul works on standard representation */ | ||
| 594 | if (!group->meth->field_mul(group, x, X_, Z_2, ctx)) goto err; | ||
| 595 | } | ||
| 596 | else | ||
| 597 | { | ||
| 598 | if (!BN_mod_mul(x, X_, Z_2, &group->field, ctx)) goto err; | ||
| 599 | } | ||
| 600 | } | 608 | } |
| 601 | 609 | ||
| 602 | if (y != NULL) | 610 | if (y != NULL) |
| @@ -605,14 +613,14 @@ int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const | |||
| 605 | { | 613 | { |
| 606 | /* field_mul works on standard representation */ | 614 | /* field_mul works on standard representation */ |
| 607 | if (!group->meth->field_mul(group, Z_3, Z_2, Z_1, ctx)) goto err; | 615 | if (!group->meth->field_mul(group, Z_3, Z_2, Z_1, ctx)) goto err; |
| 608 | if (!group->meth->field_mul(group, y, Y_, Z_3, ctx)) goto err; | ||
| 609 | |||
| 610 | } | 616 | } |
| 611 | else | 617 | else |
| 612 | { | 618 | { |
| 613 | if (!BN_mod_mul(Z_3, Z_2, Z_1, &group->field, ctx)) goto err; | 619 | if (!BN_mod_mul(Z_3, Z_2, Z_1, &group->field, ctx)) goto err; |
| 614 | if (!BN_mod_mul(y, Y_, Z_3, &group->field, ctx)) goto err; | ||
| 615 | } | 620 | } |
| 621 | |||
| 622 | /* in the Montgomery case, field_mul will cancel out Montgomery factor in Y: */ | ||
| 623 | if (!group->meth->field_mul(group, y, &point->Y, Z_3, ctx)) goto err; | ||
| 616 | } | 624 | } |
| 617 | } | 625 | } |
| 618 | 626 | ||
| @@ -626,13 +634,16 @@ int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const | |||
| 626 | } | 634 | } |
| 627 | 635 | ||
| 628 | 636 | ||
| 629 | int ec_GFp_simple_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, | 637 | int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point, |
| 630 | const BIGNUM *x_, int y_bit, BN_CTX *ctx) | 638 | const BIGNUM *x_, int y_bit, BN_CTX *ctx) |
| 631 | { | 639 | { |
| 632 | BN_CTX *new_ctx = NULL; | 640 | BN_CTX *new_ctx = NULL; |
| 633 | BIGNUM *tmp1, *tmp2, *x, *y; | 641 | BIGNUM *tmp1, *tmp2, *x, *y; |
| 634 | int ret = 0; | 642 | int ret = 0; |
| 635 | 643 | ||
| 644 | /* clear error queue*/ | ||
| 645 | ERR_clear_error(); | ||
| 646 | |||
| 636 | if (ctx == NULL) | 647 | if (ctx == NULL) |
| 637 | { | 648 | { |
| 638 | ctx = new_ctx = BN_CTX_new(); | 649 | ctx = new_ctx = BN_CTX_new(); |
| @@ -704,19 +715,17 @@ int ec_GFp_simple_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT | |||
| 704 | 715 | ||
| 705 | if (!BN_mod_sqrt(y, tmp1, &group->field, ctx)) | 716 | if (!BN_mod_sqrt(y, tmp1, &group->field, ctx)) |
| 706 | { | 717 | { |
| 707 | unsigned long err = ERR_peek_error(); | 718 | unsigned long err = ERR_peek_last_error(); |
| 708 | 719 | ||
| 709 | if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) | 720 | if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) |
| 710 | { | 721 | { |
| 711 | (void)ERR_get_error(); | 722 | ERR_clear_error(); |
| 712 | ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, EC_R_INVALID_COMPRESSED_POINT); | 723 | ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT); |
| 713 | } | 724 | } |
| 714 | else | 725 | else |
| 715 | ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, ERR_R_BN_LIB); | 726 | ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_BN_LIB); |
| 716 | goto err; | 727 | goto err; |
| 717 | } | 728 | } |
| 718 | /* If tmp1 is not a square (i.e. there is no point on the curve with | ||
| 719 | * our x), then y now is a nonsense value too */ | ||
| 720 | 729 | ||
| 721 | if (y_bit != BN_is_odd(y)) | 730 | if (y_bit != BN_is_odd(y)) |
| 722 | { | 731 | { |
| @@ -728,16 +737,17 @@ int ec_GFp_simple_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT | |||
| 728 | if (kron == -2) goto err; | 737 | if (kron == -2) goto err; |
| 729 | 738 | ||
| 730 | if (kron == 1) | 739 | if (kron == 1) |
| 731 | ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, EC_R_INVALID_COMPRESSION_BIT); | 740 | ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSION_BIT); |
| 732 | else | 741 | else |
| 733 | ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, EC_R_INVALID_COMPRESSED_POINT); | 742 | /* BN_mod_sqrt() should have cought this error (not a square) */ |
| 743 | ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT); | ||
| 734 | goto err; | 744 | goto err; |
| 735 | } | 745 | } |
| 736 | if (!BN_usub(y, &group->field, y)) goto err; | 746 | if (!BN_usub(y, &group->field, y)) goto err; |
| 737 | } | 747 | } |
| 738 | if (y_bit != BN_is_odd(y)) | 748 | if (y_bit != BN_is_odd(y)) |
| 739 | { | 749 | { |
| 740 | ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, ERR_R_INTERNAL_ERROR); | 750 | ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_INTERNAL_ERROR); |
| 741 | goto err; | 751 | goto err; |
| 742 | } | 752 | } |
| 743 | 753 | ||
| @@ -1088,7 +1098,7 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, con | |||
| 1088 | else | 1098 | else |
| 1089 | { | 1099 | { |
| 1090 | /* a is the inverse of b */ | 1100 | /* a is the inverse of b */ |
| 1091 | if (!BN_zero(&r->Z)) goto end; | 1101 | BN_zero(&r->Z); |
| 1092 | r->Z_is_one = 0; | 1102 | r->Z_is_one = 0; |
| 1093 | ret = 1; | 1103 | ret = 1; |
| 1094 | goto end; | 1104 | goto end; |
| @@ -1164,7 +1174,7 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_ | |||
| 1164 | 1174 | ||
| 1165 | if (EC_POINT_is_at_infinity(group, a)) | 1175 | if (EC_POINT_is_at_infinity(group, a)) |
| 1166 | { | 1176 | { |
| 1167 | if (!BN_zero(&r->Z)) return 0; | 1177 | BN_zero(&r->Z); |
| 1168 | r->Z_is_one = 0; | 1178 | r->Z_is_one = 0; |
| 1169 | return 1; | 1179 | return 1; |
| 1170 | } | 1180 | } |
| @@ -1292,7 +1302,7 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C | |||
| 1292 | int (*field_sqr)(const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *); | 1302 | int (*field_sqr)(const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *); |
| 1293 | const BIGNUM *p; | 1303 | const BIGNUM *p; |
| 1294 | BN_CTX *new_ctx = NULL; | 1304 | BN_CTX *new_ctx = NULL; |
| 1295 | BIGNUM *rh, *tmp1, *tmp2, *Z4, *Z6; | 1305 | BIGNUM *rh, *tmp, *Z4, *Z6; |
| 1296 | int ret = -1; | 1306 | int ret = -1; |
| 1297 | 1307 | ||
| 1298 | if (EC_POINT_is_at_infinity(group, point)) | 1308 | if (EC_POINT_is_at_infinity(group, point)) |
| @@ -1311,8 +1321,7 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C | |||
| 1311 | 1321 | ||
| 1312 | BN_CTX_start(ctx); | 1322 | BN_CTX_start(ctx); |
| 1313 | rh = BN_CTX_get(ctx); | 1323 | rh = BN_CTX_get(ctx); |
| 1314 | tmp1 = BN_CTX_get(ctx); | 1324 | tmp = BN_CTX_get(ctx); |
| 1315 | tmp2 = BN_CTX_get(ctx); | ||
| 1316 | Z4 = BN_CTX_get(ctx); | 1325 | Z4 = BN_CTX_get(ctx); |
| 1317 | Z6 = BN_CTX_get(ctx); | 1326 | Z6 = BN_CTX_get(ctx); |
| 1318 | if (Z6 == NULL) goto err; | 1327 | if (Z6 == NULL) goto err; |
| @@ -1326,59 +1335,49 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C | |||
| 1326 | * To test this, we add up the right-hand side in 'rh'. | 1335 | * To test this, we add up the right-hand side in 'rh'. |
| 1327 | */ | 1336 | */ |
| 1328 | 1337 | ||
| 1329 | /* rh := X^3 */ | 1338 | /* rh := X^2 */ |
| 1330 | if (!field_sqr(group, rh, &point->X, ctx)) goto err; | 1339 | if (!field_sqr(group, rh, &point->X, ctx)) goto err; |
| 1331 | if (!field_mul(group, rh, rh, &point->X, ctx)) goto err; | ||
| 1332 | 1340 | ||
| 1333 | if (!point->Z_is_one) | 1341 | if (!point->Z_is_one) |
| 1334 | { | 1342 | { |
| 1335 | if (!field_sqr(group, tmp1, &point->Z, ctx)) goto err; | 1343 | if (!field_sqr(group, tmp, &point->Z, ctx)) goto err; |
| 1336 | if (!field_sqr(group, Z4, tmp1, ctx)) goto err; | 1344 | if (!field_sqr(group, Z4, tmp, ctx)) goto err; |
| 1337 | if (!field_mul(group, Z6, Z4, tmp1, ctx)) goto err; | 1345 | if (!field_mul(group, Z6, Z4, tmp, ctx)) goto err; |
| 1338 | 1346 | ||
| 1339 | /* rh := rh + a*X*Z^4 */ | 1347 | /* rh := (rh + a*Z^4)*X */ |
| 1340 | if (!field_mul(group, tmp1, &point->X, Z4, ctx)) goto err; | ||
| 1341 | if (group->a_is_minus3) | 1348 | if (group->a_is_minus3) |
| 1342 | { | 1349 | { |
| 1343 | if (!BN_mod_lshift1_quick(tmp2, tmp1, p)) goto err; | 1350 | if (!BN_mod_lshift1_quick(tmp, Z4, p)) goto err; |
| 1344 | if (!BN_mod_add_quick(tmp2, tmp2, tmp1, p)) goto err; | 1351 | if (!BN_mod_add_quick(tmp, tmp, Z4, p)) goto err; |
| 1345 | if (!BN_mod_sub_quick(rh, rh, tmp2, p)) goto err; | 1352 | if (!BN_mod_sub_quick(rh, rh, tmp, p)) goto err; |
| 1353 | if (!field_mul(group, rh, rh, &point->X, ctx)) goto err; | ||
| 1346 | } | 1354 | } |
| 1347 | else | 1355 | else |
| 1348 | { | 1356 | { |
| 1349 | if (!field_mul(group, tmp2, tmp1, &group->a, ctx)) goto err; | 1357 | if (!field_mul(group, tmp, Z4, &group->a, ctx)) goto err; |
| 1350 | if (!BN_mod_add_quick(rh, rh, tmp2, p)) goto err; | 1358 | if (!BN_mod_add_quick(rh, rh, tmp, p)) goto err; |
| 1359 | if (!field_mul(group, rh, rh, &point->X, ctx)) goto err; | ||
| 1351 | } | 1360 | } |
| 1352 | 1361 | ||
| 1353 | /* rh := rh + b*Z^6 */ | 1362 | /* rh := rh + b*Z^6 */ |
| 1354 | if (!field_mul(group, tmp1, &group->b, Z6, ctx)) goto err; | 1363 | if (!field_mul(group, tmp, &group->b, Z6, ctx)) goto err; |
| 1355 | if (!BN_mod_add_quick(rh, rh, tmp1, p)) goto err; | 1364 | if (!BN_mod_add_quick(rh, rh, tmp, p)) goto err; |
| 1356 | } | 1365 | } |
| 1357 | else | 1366 | else |
| 1358 | { | 1367 | { |
| 1359 | /* point->Z_is_one */ | 1368 | /* point->Z_is_one */ |
| 1360 | 1369 | ||
| 1361 | /* rh := rh + a*X */ | 1370 | /* rh := (rh + a)*X */ |
| 1362 | if (group->a_is_minus3) | 1371 | if (!BN_mod_add_quick(rh, rh, &group->a, p)) goto err; |
| 1363 | { | 1372 | if (!field_mul(group, rh, rh, &point->X, ctx)) goto err; |
| 1364 | if (!BN_mod_lshift1_quick(tmp2, &point->X, p)) goto err; | ||
| 1365 | if (!BN_mod_add_quick(tmp2, tmp2, &point->X, p)) goto err; | ||
| 1366 | if (!BN_mod_sub_quick(rh, rh, tmp2, p)) goto err; | ||
| 1367 | } | ||
| 1368 | else | ||
| 1369 | { | ||
| 1370 | if (!field_mul(group, tmp2, &point->X, &group->a, ctx)) goto err; | ||
| 1371 | if (!BN_mod_add_quick(rh, rh, tmp2, p)) goto err; | ||
| 1372 | } | ||
| 1373 | |||
| 1374 | /* rh := rh + b */ | 1373 | /* rh := rh + b */ |
| 1375 | if (!BN_mod_add_quick(rh, rh, &group->b, p)) goto err; | 1374 | if (!BN_mod_add_quick(rh, rh, &group->b, p)) goto err; |
| 1376 | } | 1375 | } |
| 1377 | 1376 | ||
| 1378 | /* 'lh' := Y^2 */ | 1377 | /* 'lh' := Y^2 */ |
| 1379 | if (!field_sqr(group, tmp1, &point->Y, ctx)) goto err; | 1378 | if (!field_sqr(group, tmp, &point->Y, ctx)) goto err; |
| 1380 | 1379 | ||
| 1381 | ret = (0 == BN_cmp(tmp1, rh)); | 1380 | ret = (0 == BN_ucmp(tmp, rh)); |
| 1382 | 1381 | ||
| 1383 | err: | 1382 | err: |
| 1384 | BN_CTX_end(ctx); | 1383 | BN_CTX_end(ctx); |
diff --git a/src/lib/libcrypto/ec/ectest.c b/src/lib/libcrypto/ec/ectest.c index fcf969f3cf..6148d553f9 100644 --- a/src/lib/libcrypto/ec/ectest.c +++ b/src/lib/libcrypto/ec/ectest.c | |||
| @@ -1,4 +1,7 @@ | |||
| 1 | /* crypto/ec/ectest.c */ | 1 | /* crypto/ec/ectest.c */ |
| 2 | /* | ||
| 3 | * Originally written by Bodo Moeller for the OpenSSL project. | ||
| 4 | */ | ||
| 2 | /* ==================================================================== | 5 | /* ==================================================================== |
| 3 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. |
| 4 | * | 7 | * |
| @@ -52,6 +55,19 @@ | |||
| 52 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 53 | * | 56 | * |
| 54 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * | ||
| 61 | * Portions of the attached software ("Contribution") are developed by | ||
| 62 | * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. | ||
| 63 | * | ||
| 64 | * The Contribution is licensed pursuant to the OpenSSL open source | ||
| 65 | * license provided above. | ||
| 66 | * | ||
| 67 | * The elliptic curve binary polynomial software is originally written by | ||
| 68 | * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. | ||
| 69 | * | ||
| 70 | */ | ||
| 55 | 71 | ||
| 56 | #include <stdio.h> | 72 | #include <stdio.h> |
| 57 | #include <stdlib.h> | 73 | #include <stdlib.h> |
| @@ -74,6 +90,15 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur | |||
| 74 | #include <openssl/engine.h> | 90 | #include <openssl/engine.h> |
| 75 | #endif | 91 | #endif |
| 76 | #include <openssl/err.h> | 92 | #include <openssl/err.h> |
| 93 | #include <openssl/obj_mac.h> | ||
| 94 | #include <openssl/objects.h> | ||
| 95 | #include <openssl/rand.h> | ||
| 96 | #include <openssl/bn.h> | ||
| 97 | |||
| 98 | #if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12) | ||
| 99 | /* suppress "too big too optimize" warning */ | ||
| 100 | #pragma warning(disable:4959) | ||
| 101 | #endif | ||
| 77 | 102 | ||
| 78 | #define ABORT do { \ | 103 | #define ABORT do { \ |
| 79 | fflush(stdout); \ | 104 | fflush(stdout); \ |
| @@ -82,47 +107,59 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur | |||
| 82 | EXIT(1); \ | 107 | EXIT(1); \ |
| 83 | } while (0) | 108 | } while (0) |
| 84 | 109 | ||
| 110 | void prime_field_tests(void); | ||
| 111 | void char2_field_tests(void); | ||
| 112 | void internal_curve_test(void); | ||
| 113 | |||
| 114 | #define TIMING_BASE_PT 0 | ||
| 115 | #define TIMING_RAND_PT 1 | ||
| 116 | #define TIMING_SIMUL 2 | ||
| 117 | |||
| 85 | #if 0 | 118 | #if 0 |
| 86 | static void timings(EC_GROUP *group, int multi, BN_CTX *ctx) | 119 | static void timings(EC_GROUP *group, int type, BN_CTX *ctx) |
| 87 | { | 120 | { |
| 88 | clock_t clck; | 121 | clock_t clck; |
| 89 | int i, j; | 122 | int i, j; |
| 90 | BIGNUM *s, *s0; | 123 | BIGNUM *s; |
| 124 | BIGNUM *r[10], *r0[10]; | ||
| 91 | EC_POINT *P; | 125 | EC_POINT *P; |
| 92 | 126 | ||
| 93 | s = BN_new(); | 127 | s = BN_new(); |
| 94 | s0 = BN_new(); | 128 | if (s == NULL) ABORT; |
| 95 | if (s == NULL || s0 == NULL) ABORT; | ||
| 96 | 129 | ||
| 97 | if (!EC_GROUP_get_curve_GFp(group, s, NULL, NULL, ctx)) ABORT; | 130 | fprintf(stdout, "Timings for %d-bit field, ", EC_GROUP_get_degree(group)); |
| 98 | fprintf(stdout, "Timings for %d bit prime, ", (int)BN_num_bits(s)); | ||
| 99 | if (!EC_GROUP_get_order(group, s, ctx)) ABORT; | 131 | if (!EC_GROUP_get_order(group, s, ctx)) ABORT; |
| 100 | fprintf(stdout, "%d bit scalars ", (int)BN_num_bits(s)); | 132 | fprintf(stdout, "%d-bit scalars ", (int)BN_num_bits(s)); |
| 101 | fflush(stdout); | 133 | fflush(stdout); |
| 102 | 134 | ||
| 103 | P = EC_POINT_new(group); | 135 | P = EC_POINT_new(group); |
| 104 | if (P == NULL) ABORT; | 136 | if (P == NULL) ABORT; |
| 105 | EC_POINT_copy(P, EC_GROUP_get0_generator(group)); | 137 | EC_POINT_copy(P, EC_GROUP_get0_generator(group)); |
| 106 | 138 | ||
| 107 | clck = clock(); | ||
| 108 | for (i = 0; i < 10; i++) | 139 | for (i = 0; i < 10; i++) |
| 109 | { | 140 | { |
| 110 | if (!BN_pseudo_rand(s, BN_num_bits(s), 0, 0)) ABORT; | 141 | if ((r[i] = BN_new()) == NULL) ABORT; |
| 111 | if (multi) | 142 | if (!BN_pseudo_rand(r[i], BN_num_bits(s), 0, 0)) ABORT; |
| 143 | if (type != TIMING_BASE_PT) | ||
| 112 | { | 144 | { |
| 113 | if (!BN_pseudo_rand(s0, BN_num_bits(s), 0, 0)) ABORT; | 145 | if ((r0[i] = BN_new()) == NULL) ABORT; |
| 146 | if (!BN_pseudo_rand(r0[i], BN_num_bits(s), 0, 0)) ABORT; | ||
| 114 | } | 147 | } |
| 148 | } | ||
| 149 | |||
| 150 | clck = clock(); | ||
| 151 | for (i = 0; i < 10; i++) | ||
| 152 | { | ||
| 115 | for (j = 0; j < 10; j++) | 153 | for (j = 0; j < 10; j++) |
| 116 | { | 154 | { |
| 117 | if (!EC_POINT_mul(group, P, s, multi ? P : NULL, multi ? s0 : NULL, ctx)) ABORT; | 155 | if (!EC_POINT_mul(group, P, (type != TIMING_RAND_PT) ? r[i] : NULL, |
| 156 | (type != TIMING_BASE_PT) ? P : NULL, (type != TIMING_BASE_PT) ? r0[i] : NULL, ctx)) ABORT; | ||
| 118 | } | 157 | } |
| 119 | fprintf(stdout, "."); | ||
| 120 | fflush(stdout); | ||
| 121 | } | 158 | } |
| 122 | fprintf(stdout, "\n"); | ||
| 123 | |||
| 124 | clck = clock() - clck; | 159 | clck = clock() - clck; |
| 125 | 160 | ||
| 161 | fprintf(stdout, "\n"); | ||
| 162 | |||
| 126 | #ifdef CLOCKS_PER_SEC | 163 | #ifdef CLOCKS_PER_SEC |
| 127 | /* "To determine the time in seconds, the value returned | 164 | /* "To determine the time in seconds, the value returned |
| 128 | * by the clock function should be divided by the value | 165 | * by the clock function should be divided by the value |
| @@ -136,43 +173,40 @@ static void timings(EC_GROUP *group, int multi, BN_CTX *ctx) | |||
| 136 | # define CLOCKS_PER_SEC 1 | 173 | # define CLOCKS_PER_SEC 1 |
| 137 | #endif | 174 | #endif |
| 138 | 175 | ||
| 139 | fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, | 176 | if (type == TIMING_BASE_PT) { |
| 140 | multi ? "s*P+t*Q operations" : "point multiplications", | 177 | fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, |
| 141 | (double)clck/CLOCKS_PER_SEC); | 178 | "base point multiplications", (double)clck/CLOCKS_PER_SEC); |
| 179 | } else if (type == TIMING_RAND_PT) { | ||
| 180 | fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, | ||
| 181 | "random point multiplications", (double)clck/CLOCKS_PER_SEC); | ||
| 182 | } else if (type == TIMING_SIMUL) { | ||
| 183 | fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, | ||
| 184 | "s*P+t*Q operations", (double)clck/CLOCKS_PER_SEC); | ||
| 185 | } | ||
| 142 | fprintf(stdout, "average: %.4f " UNIT "\n", (double)clck/(CLOCKS_PER_SEC*i*j)); | 186 | fprintf(stdout, "average: %.4f " UNIT "\n", (double)clck/(CLOCKS_PER_SEC*i*j)); |
| 143 | 187 | ||
| 144 | EC_POINT_free(P); | 188 | EC_POINT_free(P); |
| 145 | BN_free(s); | 189 | BN_free(s); |
| 146 | BN_free(s0); | 190 | for (i = 0; i < 10; i++) |
| 191 | { | ||
| 192 | BN_free(r[i]); | ||
| 193 | if (type != TIMING_BASE_PT) BN_free(r0[i]); | ||
| 194 | } | ||
| 147 | } | 195 | } |
| 148 | #endif | 196 | #endif |
| 149 | 197 | ||
| 150 | int main(int argc, char *argv[]) | 198 | void prime_field_tests() |
| 151 | { | 199 | { |
| 152 | BN_CTX *ctx = NULL; | 200 | BN_CTX *ctx = NULL; |
| 153 | BIGNUM *p, *a, *b; | 201 | BIGNUM *p, *a, *b; |
| 154 | EC_GROUP *group; | 202 | EC_GROUP *group; |
| 155 | EC_GROUP *P_192 = NULL, *P_224 = NULL, *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; | 203 | EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; |
| 156 | EC_POINT *P, *Q, *R; | 204 | EC_POINT *P, *Q, *R; |
| 157 | BIGNUM *x, *y, *z; | 205 | BIGNUM *x, *y, *z; |
| 158 | unsigned char buf[100]; | 206 | unsigned char buf[100]; |
| 159 | size_t i, len; | 207 | size_t i, len; |
| 160 | int k; | 208 | int k; |
| 161 | 209 | ||
| 162 | /* enable memory leak checking unless explicitly disabled */ | ||
| 163 | if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) | ||
| 164 | { | ||
| 165 | CRYPTO_malloc_debug_init(); | ||
| 166 | CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); | ||
| 167 | } | ||
| 168 | else | ||
| 169 | { | ||
| 170 | /* OPENSSL_DEBUG_MEMORY=off */ | ||
| 171 | CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); | ||
| 172 | } | ||
| 173 | CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); | ||
| 174 | ERR_load_crypto_strings(); | ||
| 175 | |||
| 176 | #if 1 /* optional */ | 210 | #if 1 /* optional */ |
| 177 | ctx = BN_CTX_new(); | 211 | ctx = BN_CTX_new(); |
| 178 | if (!ctx) ABORT; | 212 | if (!ctx) ABORT; |
| @@ -317,10 +351,56 @@ int main(int argc, char *argv[]) | |||
| 317 | if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT; | 351 | if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT; |
| 318 | 352 | ||
| 319 | 353 | ||
| 354 | /* Curve secp160r1 (Certicom Research SEC 2 Version 1.0, section 2.4.2, 2000) | ||
| 355 | * -- not a NIST curve, but commonly used */ | ||
| 356 | |||
| 357 | if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF")) ABORT; | ||
| 358 | if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; | ||
| 359 | if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC")) ABORT; | ||
| 360 | if (!BN_hex2bn(&b, "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45")) ABORT; | ||
| 361 | if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; | ||
| 362 | |||
| 363 | if (!BN_hex2bn(&x, "4A96B5688EF573284664698968C38BB913CBFC82")) ABORT; | ||
| 364 | if (!BN_hex2bn(&y, "23a628553168947d59dcc912042351377ac5fb32")) ABORT; | ||
| 365 | if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT; | ||
| 366 | if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; | ||
| 367 | if (!BN_hex2bn(&z, "0100000000000000000001F4C8F927AED3CA752257")) ABORT; | ||
| 368 | if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT; | ||
| 369 | |||
| 370 | if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT; | ||
| 371 | fprintf(stdout, "\nSEC2 curve secp160r1 -- Generator:\n x = 0x"); | ||
| 372 | BN_print_fp(stdout, x); | ||
| 373 | fprintf(stdout, "\n y = 0x"); | ||
| 374 | BN_print_fp(stdout, y); | ||
| 375 | fprintf(stdout, "\n"); | ||
| 376 | /* G_y value taken from the standard: */ | ||
| 377 | if (!BN_hex2bn(&z, "23a628553168947d59dcc912042351377ac5fb32")) ABORT; | ||
| 378 | if (0 != BN_cmp(y, z)) ABORT; | ||
| 379 | |||
| 380 | fprintf(stdout, "verify degree ..."); | ||
| 381 | if (EC_GROUP_get_degree(group) != 160) ABORT; | ||
| 382 | fprintf(stdout, " ok\n"); | ||
| 383 | |||
| 384 | fprintf(stdout, "verify group order ..."); | ||
| 385 | fflush(stdout); | ||
| 386 | if (!EC_GROUP_get_order(group, z, ctx)) ABORT; | ||
| 387 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; | ||
| 388 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | ||
| 389 | fprintf(stdout, "."); | ||
| 390 | fflush(stdout); | ||
| 391 | if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; | ||
| 392 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; | ||
| 393 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | ||
| 394 | fprintf(stdout, " ok\n"); | ||
| 395 | |||
| 396 | if (!(P_160 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; | ||
| 397 | if (!EC_GROUP_copy(P_160, group)) ABORT; | ||
| 398 | |||
| 399 | |||
| 320 | /* Curve P-192 (FIPS PUB 186-2, App. 6) */ | 400 | /* Curve P-192 (FIPS PUB 186-2, App. 6) */ |
| 321 | 401 | ||
| 322 | if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF")) ABORT; | 402 | if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF")) ABORT; |
| 323 | if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; | 403 | if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; |
| 324 | if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")) ABORT; | 404 | if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")) ABORT; |
| 325 | if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1")) ABORT; | 405 | if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1")) ABORT; |
| 326 | if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; | 406 | if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; |
| @@ -340,6 +420,10 @@ int main(int argc, char *argv[]) | |||
| 340 | /* G_y value taken from the standard: */ | 420 | /* G_y value taken from the standard: */ |
| 341 | if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811")) ABORT; | 421 | if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811")) ABORT; |
| 342 | if (0 != BN_cmp(y, z)) ABORT; | 422 | if (0 != BN_cmp(y, z)) ABORT; |
| 423 | |||
| 424 | fprintf(stdout, "verify degree ..."); | ||
| 425 | if (EC_GROUP_get_degree(group) != 192) ABORT; | ||
| 426 | fprintf(stdout, " ok\n"); | ||
| 343 | 427 | ||
| 344 | fprintf(stdout, "verify group order ..."); | 428 | fprintf(stdout, "verify group order ..."); |
| 345 | fflush(stdout); | 429 | fflush(stdout); |
| @@ -348,7 +432,9 @@ int main(int argc, char *argv[]) | |||
| 348 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | 432 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; |
| 349 | fprintf(stdout, "."); | 433 | fprintf(stdout, "."); |
| 350 | fflush(stdout); | 434 | fflush(stdout); |
| 435 | #if 0 | ||
| 351 | if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; | 436 | if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; |
| 437 | #endif | ||
| 352 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; | 438 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; |
| 353 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | 439 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; |
| 354 | fprintf(stdout, " ok\n"); | 440 | fprintf(stdout, " ok\n"); |
| @@ -360,7 +446,7 @@ int main(int argc, char *argv[]) | |||
| 360 | /* Curve P-224 (FIPS PUB 186-2, App. 6) */ | 446 | /* Curve P-224 (FIPS PUB 186-2, App. 6) */ |
| 361 | 447 | ||
| 362 | if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001")) ABORT; | 448 | if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001")) ABORT; |
| 363 | if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; | 449 | if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; |
| 364 | if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) ABORT; | 450 | if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) ABORT; |
| 365 | if (!BN_hex2bn(&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4")) ABORT; | 451 | if (!BN_hex2bn(&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4")) ABORT; |
| 366 | if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; | 452 | if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; |
| @@ -381,6 +467,10 @@ int main(int argc, char *argv[]) | |||
| 381 | if (!BN_hex2bn(&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34")) ABORT; | 467 | if (!BN_hex2bn(&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34")) ABORT; |
| 382 | if (0 != BN_cmp(y, z)) ABORT; | 468 | if (0 != BN_cmp(y, z)) ABORT; |
| 383 | 469 | ||
| 470 | fprintf(stdout, "verify degree ..."); | ||
| 471 | if (EC_GROUP_get_degree(group) != 224) ABORT; | ||
| 472 | fprintf(stdout, " ok\n"); | ||
| 473 | |||
| 384 | fprintf(stdout, "verify group order ..."); | 474 | fprintf(stdout, "verify group order ..."); |
| 385 | fflush(stdout); | 475 | fflush(stdout); |
| 386 | if (!EC_GROUP_get_order(group, z, ctx)) ABORT; | 476 | if (!EC_GROUP_get_order(group, z, ctx)) ABORT; |
| @@ -388,7 +478,9 @@ int main(int argc, char *argv[]) | |||
| 388 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | 478 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; |
| 389 | fprintf(stdout, "."); | 479 | fprintf(stdout, "."); |
| 390 | fflush(stdout); | 480 | fflush(stdout); |
| 481 | #if 0 | ||
| 391 | if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; | 482 | if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; |
| 483 | #endif | ||
| 392 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; | 484 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; |
| 393 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | 485 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; |
| 394 | fprintf(stdout, " ok\n"); | 486 | fprintf(stdout, " ok\n"); |
| @@ -400,7 +492,7 @@ int main(int argc, char *argv[]) | |||
| 400 | /* Curve P-256 (FIPS PUB 186-2, App. 6) */ | 492 | /* Curve P-256 (FIPS PUB 186-2, App. 6) */ |
| 401 | 493 | ||
| 402 | if (!BN_hex2bn(&p, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF")) ABORT; | 494 | if (!BN_hex2bn(&p, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF")) ABORT; |
| 403 | if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; | 495 | if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; |
| 404 | if (!BN_hex2bn(&a, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC")) ABORT; | 496 | if (!BN_hex2bn(&a, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC")) ABORT; |
| 405 | if (!BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")) ABORT; | 497 | if (!BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")) ABORT; |
| 406 | if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; | 498 | if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; |
| @@ -422,6 +514,10 @@ int main(int argc, char *argv[]) | |||
| 422 | if (!BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5")) ABORT; | 514 | if (!BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5")) ABORT; |
| 423 | if (0 != BN_cmp(y, z)) ABORT; | 515 | if (0 != BN_cmp(y, z)) ABORT; |
| 424 | 516 | ||
| 517 | fprintf(stdout, "verify degree ..."); | ||
| 518 | if (EC_GROUP_get_degree(group) != 256) ABORT; | ||
| 519 | fprintf(stdout, " ok\n"); | ||
| 520 | |||
| 425 | fprintf(stdout, "verify group order ..."); | 521 | fprintf(stdout, "verify group order ..."); |
| 426 | fflush(stdout); | 522 | fflush(stdout); |
| 427 | if (!EC_GROUP_get_order(group, z, ctx)) ABORT; | 523 | if (!EC_GROUP_get_order(group, z, ctx)) ABORT; |
| @@ -429,7 +525,9 @@ int main(int argc, char *argv[]) | |||
| 429 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | 525 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; |
| 430 | fprintf(stdout, "."); | 526 | fprintf(stdout, "."); |
| 431 | fflush(stdout); | 527 | fflush(stdout); |
| 528 | #if 0 | ||
| 432 | if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; | 529 | if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; |
| 530 | #endif | ||
| 433 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; | 531 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; |
| 434 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | 532 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; |
| 435 | fprintf(stdout, " ok\n"); | 533 | fprintf(stdout, " ok\n"); |
| @@ -442,7 +540,7 @@ int main(int argc, char *argv[]) | |||
| 442 | 540 | ||
| 443 | if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" | 541 | if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" |
| 444 | "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF")) ABORT; | 542 | "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF")) ABORT; |
| 445 | if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; | 543 | if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; |
| 446 | if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" | 544 | if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" |
| 447 | "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC")) ABORT; | 545 | "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC")) ABORT; |
| 448 | if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141" | 546 | if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141" |
| @@ -468,6 +566,10 @@ int main(int argc, char *argv[]) | |||
| 468 | "7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F")) ABORT; | 566 | "7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F")) ABORT; |
| 469 | if (0 != BN_cmp(y, z)) ABORT; | 567 | if (0 != BN_cmp(y, z)) ABORT; |
| 470 | 568 | ||
| 569 | fprintf(stdout, "verify degree ..."); | ||
| 570 | if (EC_GROUP_get_degree(group) != 384) ABORT; | ||
| 571 | fprintf(stdout, " ok\n"); | ||
| 572 | |||
| 471 | fprintf(stdout, "verify group order ..."); | 573 | fprintf(stdout, "verify group order ..."); |
| 472 | fflush(stdout); | 574 | fflush(stdout); |
| 473 | if (!EC_GROUP_get_order(group, z, ctx)) ABORT; | 575 | if (!EC_GROUP_get_order(group, z, ctx)) ABORT; |
| @@ -475,7 +577,9 @@ int main(int argc, char *argv[]) | |||
| 475 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | 577 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; |
| 476 | fprintf(stdout, "."); | 578 | fprintf(stdout, "."); |
| 477 | fflush(stdout); | 579 | fflush(stdout); |
| 580 | #if 0 | ||
| 478 | if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; | 581 | if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; |
| 582 | #endif | ||
| 479 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; | 583 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; |
| 480 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | 584 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; |
| 481 | fprintf(stdout, " ok\n"); | 585 | fprintf(stdout, " ok\n"); |
| @@ -489,7 +593,7 @@ int main(int argc, char *argv[]) | |||
| 489 | if (!BN_hex2bn(&p, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" | 593 | if (!BN_hex2bn(&p, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" |
| 490 | "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" | 594 | "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" |
| 491 | "FFFFFFFFFFFFFFFFFFFFFFFFFFFF")) ABORT; | 595 | "FFFFFFFFFFFFFFFFFFFFFFFFFFFF")) ABORT; |
| 492 | if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; | 596 | if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; |
| 493 | if (!BN_hex2bn(&a, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" | 597 | if (!BN_hex2bn(&a, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" |
| 494 | "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" | 598 | "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" |
| 495 | "FFFFFFFFFFFFFFFFFFFFFFFFFFFC")) ABORT; | 599 | "FFFFFFFFFFFFFFFFFFFFFFFFFFFC")) ABORT; |
| @@ -520,6 +624,10 @@ int main(int argc, char *argv[]) | |||
| 520 | "7086A272C24088BE94769FD16650")) ABORT; | 624 | "7086A272C24088BE94769FD16650")) ABORT; |
| 521 | if (0 != BN_cmp(y, z)) ABORT; | 625 | if (0 != BN_cmp(y, z)) ABORT; |
| 522 | 626 | ||
| 627 | fprintf(stdout, "verify degree ..."); | ||
| 628 | if (EC_GROUP_get_degree(group) != 521) ABORT; | ||
| 629 | fprintf(stdout, " ok\n"); | ||
| 630 | |||
| 523 | fprintf(stdout, "verify group order ..."); | 631 | fprintf(stdout, "verify group order ..."); |
| 524 | fflush(stdout); | 632 | fflush(stdout); |
| 525 | if (!EC_GROUP_get_order(group, z, ctx)) ABORT; | 633 | if (!EC_GROUP_get_order(group, z, ctx)) ABORT; |
| @@ -527,7 +635,9 @@ int main(int argc, char *argv[]) | |||
| 527 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | 635 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; |
| 528 | fprintf(stdout, "."); | 636 | fprintf(stdout, "."); |
| 529 | fflush(stdout); | 637 | fflush(stdout); |
| 638 | #if 0 | ||
| 530 | if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; | 639 | if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; |
| 640 | #endif | ||
| 531 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; | 641 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; |
| 532 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | 642 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; |
| 533 | fprintf(stdout, " ok\n"); | 643 | fprintf(stdout, " ok\n"); |
| @@ -549,13 +659,15 @@ int main(int argc, char *argv[]) | |||
| 549 | if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */ | 659 | if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */ |
| 550 | 660 | ||
| 551 | { | 661 | { |
| 552 | const EC_POINT *points[3]; | 662 | const EC_POINT *points[4]; |
| 553 | const BIGNUM *scalars[3]; | 663 | const BIGNUM *scalars[4]; |
| 664 | BIGNUM scalar3; | ||
| 554 | 665 | ||
| 555 | if (EC_POINT_is_at_infinity(group, Q)) ABORT; | 666 | if (EC_POINT_is_at_infinity(group, Q)) ABORT; |
| 556 | points[0] = Q; | 667 | points[0] = Q; |
| 557 | points[1] = Q; | 668 | points[1] = Q; |
| 558 | points[2] = Q; | 669 | points[2] = Q; |
| 670 | points[3] = Q; | ||
| 559 | 671 | ||
| 560 | if (!BN_add(y, z, BN_value_one())) ABORT; | 672 | if (!BN_add(y, z, BN_value_one())) ABORT; |
| 561 | if (BN_is_odd(y)) ABORT; | 673 | if (BN_is_odd(y)) ABORT; |
| @@ -577,7 +689,7 @@ int main(int argc, char *argv[]) | |||
| 577 | 689 | ||
| 578 | if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT; | 690 | if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT; |
| 579 | if (!BN_add(z, z, y)) ABORT; | 691 | if (!BN_add(z, z, y)) ABORT; |
| 580 | z->neg = 1; | 692 | BN_set_negative(z, 1); |
| 581 | scalars[0] = y; | 693 | scalars[0] = y; |
| 582 | scalars[1] = z; /* z = -(order + y) */ | 694 | scalars[1] = z; /* z = -(order + y) */ |
| 583 | 695 | ||
| @@ -589,29 +701,43 @@ int main(int argc, char *argv[]) | |||
| 589 | 701 | ||
| 590 | if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT; | 702 | if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT; |
| 591 | if (!BN_add(z, x, y)) ABORT; | 703 | if (!BN_add(z, x, y)) ABORT; |
| 592 | z->neg = 1; | 704 | BN_set_negative(z, 1); |
| 593 | scalars[0] = x; | 705 | scalars[0] = x; |
| 594 | scalars[1] = y; | 706 | scalars[1] = y; |
| 595 | scalars[2] = z; /* z = -(x+y) */ | 707 | scalars[2] = z; /* z = -(x+y) */ |
| 596 | 708 | ||
| 597 | if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx)) ABORT; | 709 | BN_init(&scalar3); |
| 710 | BN_zero(&scalar3); | ||
| 711 | scalars[3] = &scalar3; | ||
| 712 | |||
| 713 | if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx)) ABORT; | ||
| 598 | if (!EC_POINT_is_at_infinity(group, P)) ABORT; | 714 | if (!EC_POINT_is_at_infinity(group, P)) ABORT; |
| 599 | 715 | ||
| 600 | fprintf(stdout, " ok\n\n"); | 716 | fprintf(stdout, " ok\n\n"); |
| 717 | |||
| 718 | BN_free(&scalar3); | ||
| 601 | } | 719 | } |
| 602 | 720 | ||
| 603 | 721 | ||
| 604 | #if 0 | 722 | #if 0 |
| 605 | timings(P_192, 0, ctx); | 723 | timings(P_160, TIMING_BASE_PT, ctx); |
| 606 | timings(P_192, 1, ctx); | 724 | timings(P_160, TIMING_RAND_PT, ctx); |
| 607 | timings(P_224, 0, ctx); | 725 | timings(P_160, TIMING_SIMUL, ctx); |
| 608 | timings(P_224, 1, ctx); | 726 | timings(P_192, TIMING_BASE_PT, ctx); |
| 609 | timings(P_256, 0, ctx); | 727 | timings(P_192, TIMING_RAND_PT, ctx); |
| 610 | timings(P_256, 1, ctx); | 728 | timings(P_192, TIMING_SIMUL, ctx); |
| 611 | timings(P_384, 0, ctx); | 729 | timings(P_224, TIMING_BASE_PT, ctx); |
| 612 | timings(P_384, 1, ctx); | 730 | timings(P_224, TIMING_RAND_PT, ctx); |
| 613 | timings(P_521, 0, ctx); | 731 | timings(P_224, TIMING_SIMUL, ctx); |
| 614 | timings(P_521, 1, ctx); | 732 | timings(P_256, TIMING_BASE_PT, ctx); |
| 733 | timings(P_256, TIMING_RAND_PT, ctx); | ||
| 734 | timings(P_256, TIMING_SIMUL, ctx); | ||
| 735 | timings(P_384, TIMING_BASE_PT, ctx); | ||
| 736 | timings(P_384, TIMING_RAND_PT, ctx); | ||
| 737 | timings(P_384, TIMING_SIMUL, ctx); | ||
| 738 | timings(P_521, TIMING_BASE_PT, ctx); | ||
| 739 | timings(P_521, TIMING_RAND_PT, ctx); | ||
| 740 | timings(P_521, TIMING_SIMUL, ctx); | ||
| 615 | #endif | 741 | #endif |
| 616 | 742 | ||
| 617 | 743 | ||
| @@ -624,12 +750,587 @@ int main(int argc, char *argv[]) | |||
| 624 | EC_POINT_free(R); | 750 | EC_POINT_free(R); |
| 625 | BN_free(x); BN_free(y); BN_free(z); | 751 | BN_free(x); BN_free(y); BN_free(z); |
| 626 | 752 | ||
| 753 | if (P_160) EC_GROUP_free(P_160); | ||
| 627 | if (P_192) EC_GROUP_free(P_192); | 754 | if (P_192) EC_GROUP_free(P_192); |
| 628 | if (P_224) EC_GROUP_free(P_224); | 755 | if (P_224) EC_GROUP_free(P_224); |
| 629 | if (P_256) EC_GROUP_free(P_256); | 756 | if (P_256) EC_GROUP_free(P_256); |
| 630 | if (P_384) EC_GROUP_free(P_384); | 757 | if (P_384) EC_GROUP_free(P_384); |
| 631 | if (P_521) EC_GROUP_free(P_521); | 758 | if (P_521) EC_GROUP_free(P_521); |
| 632 | 759 | ||
| 760 | } | ||
| 761 | |||
| 762 | /* Change test based on whether binary point compression is enabled or not. */ | ||
| 763 | #ifdef OPENSSL_EC_BIN_PT_COMP | ||
| 764 | #define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ | ||
| 765 | if (!BN_hex2bn(&x, _x)) ABORT; \ | ||
| 766 | if (!EC_POINT_set_compressed_coordinates_GF2m(group, P, x, _y_bit, ctx)) ABORT; \ | ||
| 767 | if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \ | ||
| 768 | if (!BN_hex2bn(&z, _order)) ABORT; \ | ||
| 769 | if (!BN_hex2bn(&cof, _cof)) ABORT; \ | ||
| 770 | if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \ | ||
| 771 | if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \ | ||
| 772 | fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \ | ||
| 773 | BN_print_fp(stdout, x); \ | ||
| 774 | fprintf(stdout, "\n y = 0x"); \ | ||
| 775 | BN_print_fp(stdout, y); \ | ||
| 776 | fprintf(stdout, "\n"); \ | ||
| 777 | /* G_y value taken from the standard: */ \ | ||
| 778 | if (!BN_hex2bn(&z, _y)) ABORT; \ | ||
| 779 | if (0 != BN_cmp(y, z)) ABORT; | ||
| 780 | #else | ||
| 781 | #define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ | ||
| 782 | if (!BN_hex2bn(&x, _x)) ABORT; \ | ||
| 783 | if (!BN_hex2bn(&y, _y)) ABORT; \ | ||
| 784 | if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \ | ||
| 785 | if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \ | ||
| 786 | if (!BN_hex2bn(&z, _order)) ABORT; \ | ||
| 787 | if (!BN_hex2bn(&cof, _cof)) ABORT; \ | ||
| 788 | if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \ | ||
| 789 | fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \ | ||
| 790 | BN_print_fp(stdout, x); \ | ||
| 791 | fprintf(stdout, "\n y = 0x"); \ | ||
| 792 | BN_print_fp(stdout, y); \ | ||
| 793 | fprintf(stdout, "\n"); | ||
| 794 | #endif | ||
| 795 | |||
| 796 | #define CHAR2_CURVE_TEST(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ | ||
| 797 | if (!BN_hex2bn(&p, _p)) ABORT; \ | ||
| 798 | if (!BN_hex2bn(&a, _a)) ABORT; \ | ||
| 799 | if (!BN_hex2bn(&b, _b)) ABORT; \ | ||
| 800 | if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) ABORT; \ | ||
| 801 | CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ | ||
| 802 | fprintf(stdout, "verify degree ..."); \ | ||
| 803 | if (EC_GROUP_get_degree(group) != _degree) ABORT; \ | ||
| 804 | fprintf(stdout, " ok\n"); \ | ||
| 805 | fprintf(stdout, "verify group order ..."); \ | ||
| 806 | fflush(stdout); \ | ||
| 807 | if (!EC_GROUP_get_order(group, z, ctx)) ABORT; \ | ||
| 808 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; \ | ||
| 809 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; \ | ||
| 810 | fprintf(stdout, "."); \ | ||
| 811 | fflush(stdout); \ | ||
| 812 | /* if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; */ \ | ||
| 813 | if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; \ | ||
| 814 | if (!EC_POINT_is_at_infinity(group, Q)) ABORT; \ | ||
| 815 | fprintf(stdout, " ok\n"); \ | ||
| 816 | if (!(_variable = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; \ | ||
| 817 | if (!EC_GROUP_copy(_variable, group)) ABORT; | ||
| 818 | |||
| 819 | void char2_field_tests() | ||
| 820 | { | ||
| 821 | BN_CTX *ctx = NULL; | ||
| 822 | BIGNUM *p, *a, *b; | ||
| 823 | EC_GROUP *group; | ||
| 824 | EC_GROUP *C2_K163 = NULL, *C2_K233 = NULL, *C2_K283 = NULL, *C2_K409 = NULL, *C2_K571 = NULL; | ||
| 825 | EC_GROUP *C2_B163 = NULL, *C2_B233 = NULL, *C2_B283 = NULL, *C2_B409 = NULL, *C2_B571 = NULL; | ||
| 826 | EC_POINT *P, *Q, *R; | ||
| 827 | BIGNUM *x, *y, *z, *cof; | ||
| 828 | unsigned char buf[100]; | ||
| 829 | size_t i, len; | ||
| 830 | int k; | ||
| 831 | |||
| 832 | #if 1 /* optional */ | ||
| 833 | ctx = BN_CTX_new(); | ||
| 834 | if (!ctx) ABORT; | ||
| 835 | #endif | ||
| 836 | |||
| 837 | p = BN_new(); | ||
| 838 | a = BN_new(); | ||
| 839 | b = BN_new(); | ||
| 840 | if (!p || !a || !b) ABORT; | ||
| 841 | |||
| 842 | if (!BN_hex2bn(&p, "13")) ABORT; | ||
| 843 | if (!BN_hex2bn(&a, "3")) ABORT; | ||
| 844 | if (!BN_hex2bn(&b, "1")) ABORT; | ||
| 845 | |||
| 846 | group = EC_GROUP_new(EC_GF2m_simple_method()); /* applications should use EC_GROUP_new_curve_GF2m | ||
| 847 | * so that the library gets to choose the EC_METHOD */ | ||
| 848 | if (!group) ABORT; | ||
| 849 | if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) ABORT; | ||
| 850 | |||
| 851 | { | ||
| 852 | EC_GROUP *tmp; | ||
| 853 | tmp = EC_GROUP_new(EC_GROUP_method_of(group)); | ||
| 854 | if (!tmp) ABORT; | ||
| 855 | if (!EC_GROUP_copy(tmp, group)) ABORT; | ||
| 856 | EC_GROUP_free(group); | ||
| 857 | group = tmp; | ||
| 858 | } | ||
| 859 | |||
| 860 | if (!EC_GROUP_get_curve_GF2m(group, p, a, b, ctx)) ABORT; | ||
| 861 | |||
| 862 | fprintf(stdout, "Curve defined by Weierstrass equation\n y^2 + x*y = x^3 + a*x^2 + b (mod 0x"); | ||
| 863 | BN_print_fp(stdout, p); | ||
| 864 | fprintf(stdout, ")\n a = 0x"); | ||
| 865 | BN_print_fp(stdout, a); | ||
| 866 | fprintf(stdout, "\n b = 0x"); | ||
| 867 | BN_print_fp(stdout, b); | ||
| 868 | fprintf(stdout, "\n(0x... means binary polynomial)\n"); | ||
| 869 | |||
| 870 | P = EC_POINT_new(group); | ||
| 871 | Q = EC_POINT_new(group); | ||
| 872 | R = EC_POINT_new(group); | ||
| 873 | if (!P || !Q || !R) ABORT; | ||
| 874 | |||
| 875 | if (!EC_POINT_set_to_infinity(group, P)) ABORT; | ||
| 876 | if (!EC_POINT_is_at_infinity(group, P)) ABORT; | ||
| 877 | |||
| 878 | buf[0] = 0; | ||
| 879 | if (!EC_POINT_oct2point(group, Q, buf, 1, ctx)) ABORT; | ||
| 880 | |||
| 881 | if (!EC_POINT_add(group, P, P, Q, ctx)) ABORT; | ||
| 882 | if (!EC_POINT_is_at_infinity(group, P)) ABORT; | ||
| 883 | |||
| 884 | x = BN_new(); | ||
| 885 | y = BN_new(); | ||
| 886 | z = BN_new(); | ||
| 887 | cof = BN_new(); | ||
| 888 | if (!x || !y || !z || !cof) ABORT; | ||
| 889 | |||
| 890 | if (!BN_hex2bn(&x, "6")) ABORT; | ||
| 891 | /* Change test based on whether binary point compression is enabled or not. */ | ||
| 892 | #ifdef OPENSSL_EC_BIN_PT_COMP | ||
| 893 | if (!EC_POINT_set_compressed_coordinates_GF2m(group, Q, x, 1, ctx)) ABORT; | ||
| 894 | #else | ||
| 895 | if (!BN_hex2bn(&y, "8")) ABORT; | ||
| 896 | if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx)) ABORT; | ||
| 897 | #endif | ||
| 898 | if (!EC_POINT_is_on_curve(group, Q, ctx)) | ||
| 899 | { | ||
| 900 | /* Change test based on whether binary point compression is enabled or not. */ | ||
| 901 | #ifdef OPENSSL_EC_BIN_PT_COMP | ||
| 902 | if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx)) ABORT; | ||
| 903 | #endif | ||
| 904 | fprintf(stderr, "Point is not on curve: x = 0x"); | ||
| 905 | BN_print_fp(stderr, x); | ||
| 906 | fprintf(stderr, ", y = 0x"); | ||
| 907 | BN_print_fp(stderr, y); | ||
| 908 | fprintf(stderr, "\n"); | ||
| 909 | ABORT; | ||
| 910 | } | ||
| 911 | |||
| 912 | fprintf(stdout, "A cyclic subgroup:\n"); | ||
| 913 | k = 100; | ||
| 914 | do | ||
| 915 | { | ||
| 916 | if (k-- == 0) ABORT; | ||
| 917 | |||
| 918 | if (EC_POINT_is_at_infinity(group, P)) | ||
| 919 | fprintf(stdout, " point at infinity\n"); | ||
| 920 | else | ||
| 921 | { | ||
| 922 | if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; | ||
| 923 | |||
| 924 | fprintf(stdout, " x = 0x"); | ||
| 925 | BN_print_fp(stdout, x); | ||
| 926 | fprintf(stdout, ", y = 0x"); | ||
| 927 | BN_print_fp(stdout, y); | ||
| 928 | fprintf(stdout, "\n"); | ||
| 929 | } | ||
| 930 | |||
| 931 | if (!EC_POINT_copy(R, P)) ABORT; | ||
| 932 | if (!EC_POINT_add(group, P, P, Q, ctx)) ABORT; | ||
| 933 | } | ||
| 934 | while (!EC_POINT_is_at_infinity(group, P)); | ||
| 935 | |||
| 936 | if (!EC_POINT_add(group, P, Q, R, ctx)) ABORT; | ||
| 937 | if (!EC_POINT_is_at_infinity(group, P)) ABORT; | ||
| 938 | |||
| 939 | /* Change test based on whether binary point compression is enabled or not. */ | ||
| 940 | #ifdef OPENSSL_EC_BIN_PT_COMP | ||
| 941 | len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf, sizeof buf, ctx); | ||
| 942 | if (len == 0) ABORT; | ||
| 943 | if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT; | ||
| 944 | if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT; | ||
| 945 | fprintf(stdout, "Generator as octet string, compressed form:\n "); | ||
| 946 | for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]); | ||
| 947 | #endif | ||
| 948 | |||
| 949 | len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf, sizeof buf, ctx); | ||
| 950 | if (len == 0) ABORT; | ||
| 951 | if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT; | ||
| 952 | if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT; | ||
| 953 | fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n "); | ||
| 954 | for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]); | ||
| 955 | |||
| 956 | /* Change test based on whether binary point compression is enabled or not. */ | ||
| 957 | #ifdef OPENSSL_EC_BIN_PT_COMP | ||
| 958 | len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf, ctx); | ||
| 959 | if (len == 0) ABORT; | ||
| 960 | if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT; | ||
| 961 | if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT; | ||
| 962 | fprintf(stdout, "\nGenerator as octet string, hybrid form:\n "); | ||
| 963 | for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]); | ||
| 964 | #endif | ||
| 965 | |||
| 966 | fprintf(stdout, "\n"); | ||
| 967 | |||
| 968 | if (!EC_POINT_invert(group, P, ctx)) ABORT; | ||
| 969 | if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT; | ||
| 970 | |||
| 971 | |||
| 972 | /* Curve K-163 (FIPS PUB 186-2, App. 6) */ | ||
| 973 | CHAR2_CURVE_TEST | ||
| 974 | ( | ||
| 975 | "NIST curve K-163", | ||
| 976 | "0800000000000000000000000000000000000000C9", | ||
| 977 | "1", | ||
| 978 | "1", | ||
| 979 | "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8", | ||
| 980 | "0289070FB05D38FF58321F2E800536D538CCDAA3D9", | ||
| 981 | 1, | ||
| 982 | "04000000000000000000020108A2E0CC0D99F8A5EF", | ||
| 983 | "2", | ||
| 984 | 163, | ||
| 985 | C2_K163 | ||
| 986 | ); | ||
| 987 | |||
| 988 | /* Curve B-163 (FIPS PUB 186-2, App. 6) */ | ||
| 989 | CHAR2_CURVE_TEST | ||
| 990 | ( | ||
| 991 | "NIST curve B-163", | ||
| 992 | "0800000000000000000000000000000000000000C9", | ||
| 993 | "1", | ||
| 994 | "020A601907B8C953CA1481EB10512F78744A3205FD", | ||
| 995 | "03F0EBA16286A2D57EA0991168D4994637E8343E36", | ||
| 996 | "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1", | ||
| 997 | 1, | ||
| 998 | "040000000000000000000292FE77E70C12A4234C33", | ||
| 999 | "2", | ||
| 1000 | 163, | ||
| 1001 | C2_B163 | ||
| 1002 | ); | ||
| 1003 | |||
| 1004 | /* Curve K-233 (FIPS PUB 186-2, App. 6) */ | ||
| 1005 | CHAR2_CURVE_TEST | ||
| 1006 | ( | ||
| 1007 | "NIST curve K-233", | ||
| 1008 | "020000000000000000000000000000000000000004000000000000000001", | ||
| 1009 | "0", | ||
| 1010 | "1", | ||
| 1011 | "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126", | ||
| 1012 | "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3", | ||
| 1013 | 0, | ||
| 1014 | "008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF", | ||
| 1015 | "4", | ||
| 1016 | 233, | ||
| 1017 | C2_K233 | ||
| 1018 | ); | ||
| 1019 | |||
| 1020 | /* Curve B-233 (FIPS PUB 186-2, App. 6) */ | ||
| 1021 | CHAR2_CURVE_TEST | ||
| 1022 | ( | ||
| 1023 | "NIST curve B-233", | ||
| 1024 | "020000000000000000000000000000000000000004000000000000000001", | ||
| 1025 | "000000000000000000000000000000000000000000000000000000000001", | ||
| 1026 | "0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD", | ||
| 1027 | "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B", | ||
| 1028 | "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052", | ||
| 1029 | 1, | ||
| 1030 | "01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7", | ||
| 1031 | "2", | ||
| 1032 | 233, | ||
| 1033 | C2_B233 | ||
| 1034 | ); | ||
| 1035 | |||
| 1036 | /* Curve K-283 (FIPS PUB 186-2, App. 6) */ | ||
| 1037 | CHAR2_CURVE_TEST | ||
| 1038 | ( | ||
| 1039 | "NIST curve K-283", | ||
| 1040 | "0800000000000000000000000000000000000000000000000000000000000000000010A1", | ||
| 1041 | "0", | ||
| 1042 | "1", | ||
| 1043 | "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836", | ||
| 1044 | "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259", | ||
| 1045 | 0, | ||
| 1046 | "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61", | ||
| 1047 | "4", | ||
| 1048 | 283, | ||
| 1049 | C2_K283 | ||
| 1050 | ); | ||
| 1051 | |||
| 1052 | /* Curve B-283 (FIPS PUB 186-2, App. 6) */ | ||
| 1053 | CHAR2_CURVE_TEST | ||
| 1054 | ( | ||
| 1055 | "NIST curve B-283", | ||
| 1056 | "0800000000000000000000000000000000000000000000000000000000000000000010A1", | ||
| 1057 | "000000000000000000000000000000000000000000000000000000000000000000000001", | ||
| 1058 | "027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5", | ||
| 1059 | "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053", | ||
| 1060 | "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4", | ||
| 1061 | 1, | ||
| 1062 | "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307", | ||
| 1063 | "2", | ||
| 1064 | 283, | ||
| 1065 | C2_B283 | ||
| 1066 | ); | ||
| 1067 | |||
| 1068 | /* Curve K-409 (FIPS PUB 186-2, App. 6) */ | ||
| 1069 | CHAR2_CURVE_TEST | ||
| 1070 | ( | ||
| 1071 | "NIST curve K-409", | ||
| 1072 | "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001", | ||
| 1073 | "0", | ||
| 1074 | "1", | ||
| 1075 | "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746", | ||
| 1076 | "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B", | ||
| 1077 | 1, | ||
| 1078 | "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF", | ||
| 1079 | "4", | ||
| 1080 | 409, | ||
| 1081 | C2_K409 | ||
| 1082 | ); | ||
| 1083 | |||
| 1084 | /* Curve B-409 (FIPS PUB 186-2, App. 6) */ | ||
| 1085 | CHAR2_CURVE_TEST | ||
| 1086 | ( | ||
| 1087 | "NIST curve B-409", | ||
| 1088 | "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001", | ||
| 1089 | "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", | ||
| 1090 | "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F", | ||
| 1091 | "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7", | ||
| 1092 | "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706", | ||
| 1093 | 1, | ||
| 1094 | "010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173", | ||
| 1095 | "2", | ||
| 1096 | 409, | ||
| 1097 | C2_B409 | ||
| 1098 | ); | ||
| 1099 | |||
| 1100 | /* Curve K-571 (FIPS PUB 186-2, App. 6) */ | ||
| 1101 | CHAR2_CURVE_TEST | ||
| 1102 | ( | ||
| 1103 | "NIST curve K-571", | ||
| 1104 | "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425", | ||
| 1105 | "0", | ||
| 1106 | "1", | ||
| 1107 | "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972", | ||
| 1108 | "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3", | ||
| 1109 | 0, | ||
| 1110 | "020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001", | ||
| 1111 | "4", | ||
| 1112 | 571, | ||
| 1113 | C2_K571 | ||
| 1114 | ); | ||
| 1115 | |||
| 1116 | /* Curve B-571 (FIPS PUB 186-2, App. 6) */ | ||
| 1117 | CHAR2_CURVE_TEST | ||
| 1118 | ( | ||
| 1119 | "NIST curve B-571", | ||
| 1120 | "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425", | ||
| 1121 | "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", | ||
| 1122 | "02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A", | ||
| 1123 | "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19", | ||
| 1124 | "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B", | ||
| 1125 | 1, | ||
| 1126 | "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47", | ||
| 1127 | "2", | ||
| 1128 | 571, | ||
| 1129 | C2_B571 | ||
| 1130 | ); | ||
| 1131 | |||
| 1132 | /* more tests using the last curve */ | ||
| 1133 | |||
| 1134 | if (!EC_POINT_copy(Q, P)) ABORT; | ||
| 1135 | if (EC_POINT_is_at_infinity(group, Q)) ABORT; | ||
| 1136 | if (!EC_POINT_dbl(group, P, P, ctx)) ABORT; | ||
| 1137 | if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; | ||
| 1138 | if (!EC_POINT_invert(group, Q, ctx)) ABORT; /* P = -2Q */ | ||
| 1139 | |||
| 1140 | if (!EC_POINT_add(group, R, P, Q, ctx)) ABORT; | ||
| 1141 | if (!EC_POINT_add(group, R, R, Q, ctx)) ABORT; | ||
| 1142 | if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */ | ||
| 1143 | |||
| 1144 | { | ||
| 1145 | const EC_POINT *points[3]; | ||
| 1146 | const BIGNUM *scalars[3]; | ||
| 1147 | |||
| 1148 | if (EC_POINT_is_at_infinity(group, Q)) ABORT; | ||
| 1149 | points[0] = Q; | ||
| 1150 | points[1] = Q; | ||
| 1151 | points[2] = Q; | ||
| 1152 | |||
| 1153 | if (!BN_add(y, z, BN_value_one())) ABORT; | ||
| 1154 | if (BN_is_odd(y)) ABORT; | ||
| 1155 | if (!BN_rshift1(y, y)) ABORT; | ||
| 1156 | scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */ | ||
| 1157 | scalars[1] = y; | ||
| 1158 | |||
| 1159 | fprintf(stdout, "combined multiplication ..."); | ||
| 1160 | fflush(stdout); | ||
| 1161 | |||
| 1162 | /* z is still the group order */ | ||
| 1163 | if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT; | ||
| 1164 | if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) ABORT; | ||
| 1165 | if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT; | ||
| 1166 | if (0 != EC_POINT_cmp(group, R, Q, ctx)) ABORT; | ||
| 1167 | |||
| 1168 | fprintf(stdout, "."); | ||
| 1169 | fflush(stdout); | ||
| 1170 | |||
| 1171 | if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT; | ||
| 1172 | if (!BN_add(z, z, y)) ABORT; | ||
| 1173 | BN_set_negative(z, 1); | ||
| 1174 | scalars[0] = y; | ||
| 1175 | scalars[1] = z; /* z = -(order + y) */ | ||
| 1176 | |||
| 1177 | if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT; | ||
| 1178 | if (!EC_POINT_is_at_infinity(group, P)) ABORT; | ||
| 1179 | |||
| 1180 | fprintf(stdout, "."); | ||
| 1181 | fflush(stdout); | ||
| 1182 | |||
| 1183 | if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT; | ||
| 1184 | if (!BN_add(z, x, y)) ABORT; | ||
| 1185 | BN_set_negative(z, 1); | ||
| 1186 | scalars[0] = x; | ||
| 1187 | scalars[1] = y; | ||
| 1188 | scalars[2] = z; /* z = -(x+y) */ | ||
| 1189 | |||
| 1190 | if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx)) ABORT; | ||
| 1191 | if (!EC_POINT_is_at_infinity(group, P)) ABORT; | ||
| 1192 | |||
| 1193 | fprintf(stdout, " ok\n\n"); | ||
| 1194 | } | ||
| 1195 | |||
| 1196 | |||
| 1197 | #if 0 | ||
| 1198 | timings(C2_K163, TIMING_BASE_PT, ctx); | ||
| 1199 | timings(C2_K163, TIMING_RAND_PT, ctx); | ||
| 1200 | timings(C2_K163, TIMING_SIMUL, ctx); | ||
| 1201 | timings(C2_B163, TIMING_BASE_PT, ctx); | ||
| 1202 | timings(C2_B163, TIMING_RAND_PT, ctx); | ||
| 1203 | timings(C2_B163, TIMING_SIMUL, ctx); | ||
| 1204 | timings(C2_K233, TIMING_BASE_PT, ctx); | ||
| 1205 | timings(C2_K233, TIMING_RAND_PT, ctx); | ||
| 1206 | timings(C2_K233, TIMING_SIMUL, ctx); | ||
| 1207 | timings(C2_B233, TIMING_BASE_PT, ctx); | ||
| 1208 | timings(C2_B233, TIMING_RAND_PT, ctx); | ||
| 1209 | timings(C2_B233, TIMING_SIMUL, ctx); | ||
| 1210 | timings(C2_K283, TIMING_BASE_PT, ctx); | ||
| 1211 | timings(C2_K283, TIMING_RAND_PT, ctx); | ||
| 1212 | timings(C2_K283, TIMING_SIMUL, ctx); | ||
| 1213 | timings(C2_B283, TIMING_BASE_PT, ctx); | ||
| 1214 | timings(C2_B283, TIMING_RAND_PT, ctx); | ||
| 1215 | timings(C2_B283, TIMING_SIMUL, ctx); | ||
| 1216 | timings(C2_K409, TIMING_BASE_PT, ctx); | ||
| 1217 | timings(C2_K409, TIMING_RAND_PT, ctx); | ||
| 1218 | timings(C2_K409, TIMING_SIMUL, ctx); | ||
| 1219 | timings(C2_B409, TIMING_BASE_PT, ctx); | ||
| 1220 | timings(C2_B409, TIMING_RAND_PT, ctx); | ||
| 1221 | timings(C2_B409, TIMING_SIMUL, ctx); | ||
| 1222 | timings(C2_K571, TIMING_BASE_PT, ctx); | ||
| 1223 | timings(C2_K571, TIMING_RAND_PT, ctx); | ||
| 1224 | timings(C2_K571, TIMING_SIMUL, ctx); | ||
| 1225 | timings(C2_B571, TIMING_BASE_PT, ctx); | ||
| 1226 | timings(C2_B571, TIMING_RAND_PT, ctx); | ||
| 1227 | timings(C2_B571, TIMING_SIMUL, ctx); | ||
| 1228 | #endif | ||
| 1229 | |||
| 1230 | |||
| 1231 | if (ctx) | ||
| 1232 | BN_CTX_free(ctx); | ||
| 1233 | BN_free(p); BN_free(a); BN_free(b); | ||
| 1234 | EC_GROUP_free(group); | ||
| 1235 | EC_POINT_free(P); | ||
| 1236 | EC_POINT_free(Q); | ||
| 1237 | EC_POINT_free(R); | ||
| 1238 | BN_free(x); BN_free(y); BN_free(z); BN_free(cof); | ||
| 1239 | |||
| 1240 | if (C2_K163) EC_GROUP_free(C2_K163); | ||
| 1241 | if (C2_B163) EC_GROUP_free(C2_B163); | ||
| 1242 | if (C2_K233) EC_GROUP_free(C2_K233); | ||
| 1243 | if (C2_B233) EC_GROUP_free(C2_B233); | ||
| 1244 | if (C2_K283) EC_GROUP_free(C2_K283); | ||
| 1245 | if (C2_B283) EC_GROUP_free(C2_B283); | ||
| 1246 | if (C2_K409) EC_GROUP_free(C2_K409); | ||
| 1247 | if (C2_B409) EC_GROUP_free(C2_B409); | ||
| 1248 | if (C2_K571) EC_GROUP_free(C2_K571); | ||
| 1249 | if (C2_B571) EC_GROUP_free(C2_B571); | ||
| 1250 | |||
| 1251 | } | ||
| 1252 | |||
| 1253 | void internal_curve_test(void) | ||
| 1254 | { | ||
| 1255 | EC_builtin_curve *curves = NULL; | ||
| 1256 | size_t crv_len = 0, n = 0; | ||
| 1257 | int ok = 1; | ||
| 1258 | |||
| 1259 | crv_len = EC_get_builtin_curves(NULL, 0); | ||
| 1260 | |||
| 1261 | curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len); | ||
| 1262 | |||
| 1263 | if (curves == NULL) | ||
| 1264 | return; | ||
| 1265 | |||
| 1266 | if (!EC_get_builtin_curves(curves, crv_len)) | ||
| 1267 | { | ||
| 1268 | OPENSSL_free(curves); | ||
| 1269 | return; | ||
| 1270 | } | ||
| 1271 | |||
| 1272 | fprintf(stdout, "testing internal curves: "); | ||
| 1273 | |||
| 1274 | for (n = 0; n < crv_len; n++) | ||
| 1275 | { | ||
| 1276 | EC_GROUP *group = NULL; | ||
| 1277 | int nid = curves[n].nid; | ||
| 1278 | if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL) | ||
| 1279 | { | ||
| 1280 | ok = 0; | ||
| 1281 | fprintf(stdout, "\nEC_GROUP_new_curve_name() failed with" | ||
| 1282 | " curve %s\n", OBJ_nid2sn(nid)); | ||
| 1283 | /* try next curve */ | ||
| 1284 | continue; | ||
| 1285 | } | ||
| 1286 | if (!EC_GROUP_check(group, NULL)) | ||
| 1287 | { | ||
| 1288 | ok = 0; | ||
| 1289 | fprintf(stdout, "\nEC_GROUP_check() failed with" | ||
| 1290 | " curve %s\n", OBJ_nid2sn(nid)); | ||
| 1291 | EC_GROUP_free(group); | ||
| 1292 | /* try the next curve */ | ||
| 1293 | continue; | ||
| 1294 | } | ||
| 1295 | fprintf(stdout, "."); | ||
| 1296 | fflush(stdout); | ||
| 1297 | EC_GROUP_free(group); | ||
| 1298 | } | ||
| 1299 | if (ok) | ||
| 1300 | fprintf(stdout, " ok\n"); | ||
| 1301 | else | ||
| 1302 | fprintf(stdout, " failed\n"); | ||
| 1303 | OPENSSL_free(curves); | ||
| 1304 | return; | ||
| 1305 | } | ||
| 1306 | |||
| 1307 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; | ||
| 1308 | |||
| 1309 | int main(int argc, char *argv[]) | ||
| 1310 | { | ||
| 1311 | |||
| 1312 | /* enable memory leak checking unless explicitly disabled */ | ||
| 1313 | if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) | ||
| 1314 | { | ||
| 1315 | CRYPTO_malloc_debug_init(); | ||
| 1316 | CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); | ||
| 1317 | } | ||
| 1318 | else | ||
| 1319 | { | ||
| 1320 | /* OPENSSL_DEBUG_MEMORY=off */ | ||
| 1321 | CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); | ||
| 1322 | } | ||
| 1323 | CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); | ||
| 1324 | ERR_load_crypto_strings(); | ||
| 1325 | |||
| 1326 | RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ | ||
| 1327 | |||
| 1328 | prime_field_tests(); | ||
| 1329 | puts(""); | ||
| 1330 | char2_field_tests(); | ||
| 1331 | /* test the internal curves */ | ||
| 1332 | internal_curve_test(); | ||
| 1333 | |||
| 633 | #ifndef OPENSSL_NO_ENGINE | 1334 | #ifndef OPENSSL_NO_ENGINE |
| 634 | ENGINE_cleanup(); | 1335 | ENGINE_cleanup(); |
| 635 | #endif | 1336 | #endif |
diff --git a/src/lib/libcrypto/engine/eng_all.c b/src/lib/libcrypto/engine/eng_all.c index 0f6992a40d..8599046717 100644 --- a/src/lib/libcrypto/engine/eng_all.c +++ b/src/lib/libcrypto/engine/eng_all.c | |||
| @@ -56,8 +56,7 @@ | |||
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/err.h> | 59 | #include "cryptlib.h" |
| 60 | #include <openssl/engine.h> | ||
| 61 | #include "eng_int.h" | 60 | #include "eng_int.h" |
| 62 | 61 | ||
| 63 | void ENGINE_load_builtin_engines(void) | 62 | void ENGINE_load_builtin_engines(void) |
| @@ -69,32 +68,42 @@ void ENGINE_load_builtin_engines(void) | |||
| 69 | #if 0 | 68 | #if 0 |
| 70 | ENGINE_load_openssl(); | 69 | ENGINE_load_openssl(); |
| 71 | #endif | 70 | #endif |
| 71 | #if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) | ||
| 72 | ENGINE_load_padlock(); | ||
| 73 | #endif | ||
| 72 | ENGINE_load_dynamic(); | 74 | ENGINE_load_dynamic(); |
| 75 | #ifndef OPENSSL_NO_STATIC_ENGINE | ||
| 73 | #ifndef OPENSSL_NO_HW | 76 | #ifndef OPENSSL_NO_HW |
| 77 | #ifndef OPENSSL_NO_HW_4758_CCA | ||
| 78 | ENGINE_load_4758cca(); | ||
| 79 | #endif | ||
| 80 | #ifndef OPENSSL_NO_HW_AEP | ||
| 81 | ENGINE_load_aep(); | ||
| 82 | #endif | ||
| 83 | #ifndef OPENSSL_NO_HW_ATALLA | ||
| 84 | ENGINE_load_atalla(); | ||
| 85 | #endif | ||
| 74 | #ifndef OPENSSL_NO_HW_CSWIFT | 86 | #ifndef OPENSSL_NO_HW_CSWIFT |
| 75 | ENGINE_load_cswift(); | 87 | ENGINE_load_cswift(); |
| 76 | #endif | 88 | #endif |
| 77 | #ifndef OPENSSL_NO_HW_NCIPHER | 89 | #ifndef OPENSSL_NO_HW_NCIPHER |
| 78 | ENGINE_load_chil(); | 90 | ENGINE_load_chil(); |
| 79 | #endif | 91 | #endif |
| 80 | #ifndef OPENSSL_NO_HW_ATALLA | ||
| 81 | ENGINE_load_atalla(); | ||
| 82 | #endif | ||
| 83 | #ifndef OPENSSL_NO_HW_NURON | 92 | #ifndef OPENSSL_NO_HW_NURON |
| 84 | ENGINE_load_nuron(); | 93 | ENGINE_load_nuron(); |
| 85 | #endif | 94 | #endif |
| 95 | #ifndef OPENSSL_NO_HW_SUREWARE | ||
| 96 | ENGINE_load_sureware(); | ||
| 97 | #endif | ||
| 86 | #ifndef OPENSSL_NO_HW_UBSEC | 98 | #ifndef OPENSSL_NO_HW_UBSEC |
| 87 | ENGINE_load_ubsec(); | 99 | ENGINE_load_ubsec(); |
| 88 | #endif | 100 | #endif |
| 89 | #ifndef OPENSSL_NO_HW_AEP | ||
| 90 | ENGINE_load_aep(); | ||
| 91 | #endif | 101 | #endif |
| 92 | #ifndef OPENSSL_NO_HW_SUREWARE | 102 | #if !defined(OPENSSL_NO_GMP) && !defined(OPENSSL_NO_HW_GMP) |
| 93 | ENGINE_load_sureware(); | 103 | ENGINE_load_gmp(); |
| 94 | #endif | 104 | #endif |
| 95 | #ifndef OPENSSL_NO_HW_4758_CCA | ||
| 96 | ENGINE_load_4758cca(); | ||
| 97 | #endif | 105 | #endif |
| 106 | #ifndef OPENSSL_NO_HW | ||
| 98 | #if defined(__OpenBSD__) || defined(__FreeBSD__) | 107 | #if defined(__OpenBSD__) || defined(__FreeBSD__) |
| 99 | ENGINE_load_cryptodev(); | 108 | ENGINE_load_cryptodev(); |
| 100 | #endif | 109 | #endif |
diff --git a/src/lib/libcrypto/engine/eng_cnf.c b/src/lib/libcrypto/engine/eng_cnf.c index 4225760af1..a97e01e619 100644 --- a/src/lib/libcrypto/engine/eng_cnf.c +++ b/src/lib/libcrypto/engine/eng_cnf.c | |||
| @@ -56,11 +56,8 @@ | |||
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include "eng_int.h" |
| 60 | #include <openssl/crypto.h> | ||
| 61 | #include "cryptlib.h" | ||
| 62 | #include <openssl/conf.h> | 60 | #include <openssl/conf.h> |
| 63 | #include <openssl/engine.h> | ||
| 64 | 61 | ||
| 65 | /* #define ENGINE_CONF_DEBUG */ | 62 | /* #define ENGINE_CONF_DEBUG */ |
| 66 | 63 | ||
| @@ -210,7 +207,7 @@ static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf) | |||
| 210 | 207 | ||
| 211 | if (!elist) | 208 | if (!elist) |
| 212 | { | 209 | { |
| 213 | ENGINEerr(ENGINE_F_ENGINE_MODULE_INIT, ENGINE_R_ENGINES_SECTION_ERROR); | 210 | ENGINEerr(ENGINE_F_INT_ENGINE_MODULE_INIT, ENGINE_R_ENGINES_SECTION_ERROR); |
| 214 | return 0; | 211 | return 0; |
| 215 | } | 212 | } |
| 216 | 213 | ||
diff --git a/src/lib/libcrypto/engine/eng_ctrl.c b/src/lib/libcrypto/engine/eng_ctrl.c index 412c73fb0f..95b6b455aa 100644 --- a/src/lib/libcrypto/engine/eng_ctrl.c +++ b/src/lib/libcrypto/engine/eng_ctrl.c | |||
| @@ -53,10 +53,7 @@ | |||
| 53 | * | 53 | * |
| 54 | */ | 54 | */ |
| 55 | 55 | ||
| 56 | #include <openssl/crypto.h> | ||
| 57 | #include "cryptlib.h" | ||
| 58 | #include "eng_int.h" | 56 | #include "eng_int.h" |
| 59 | #include <openssl/engine.h> | ||
| 60 | 57 | ||
| 61 | /* When querying a ENGINE-specific control command's 'description', this string | 58 | /* When querying a ENGINE-specific control command's 'description', this string |
| 62 | * is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL. */ | 59 | * is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL. */ |
| @@ -103,7 +100,8 @@ static int int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num) | |||
| 103 | return -1; | 100 | return -1; |
| 104 | } | 101 | } |
| 105 | 102 | ||
| 106 | static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)()) | 103 | static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, |
| 104 | void (*f)(void)) | ||
| 107 | { | 105 | { |
| 108 | int idx; | 106 | int idx; |
| 109 | char *s = (char *)p; | 107 | char *s = (char *)p; |
| @@ -181,7 +179,7 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)()) | |||
| 181 | return -1; | 179 | return -1; |
| 182 | } | 180 | } |
| 183 | 181 | ||
| 184 | int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) | 182 | int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) |
| 185 | { | 183 | { |
| 186 | int ctrl_exists, ref_exists; | 184 | int ctrl_exists, ref_exists; |
| 187 | if(e == NULL) | 185 | if(e == NULL) |
| @@ -251,13 +249,13 @@ int ENGINE_cmd_is_executable(ENGINE *e, int cmd) | |||
| 251 | } | 249 | } |
| 252 | 250 | ||
| 253 | int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, | 251 | int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, |
| 254 | long i, void *p, void (*f)(), int cmd_optional) | 252 | long i, void *p, void (*f)(void), int cmd_optional) |
| 255 | { | 253 | { |
| 256 | int num; | 254 | int num; |
| 257 | 255 | ||
| 258 | if((e == NULL) || (cmd_name == NULL)) | 256 | if((e == NULL) || (cmd_name == NULL)) |
| 259 | { | 257 | { |
| 260 | ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, | 258 | ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD, |
| 261 | ERR_R_PASSED_NULL_PARAMETER); | 259 | ERR_R_PASSED_NULL_PARAMETER); |
| 262 | return 0; | 260 | return 0; |
| 263 | } | 261 | } |
diff --git a/src/lib/libcrypto/engine/eng_dyn.c b/src/lib/libcrypto/engine/eng_dyn.c index 4139a16e76..acb30c34d8 100644 --- a/src/lib/libcrypto/engine/eng_dyn.c +++ b/src/lib/libcrypto/engine/eng_dyn.c | |||
| @@ -57,11 +57,7 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | 59 | ||
| 60 | #include <stdio.h> | ||
| 61 | #include <openssl/crypto.h> | ||
| 62 | #include "cryptlib.h" | ||
| 63 | #include "eng_int.h" | 60 | #include "eng_int.h" |
| 64 | #include <openssl/engine.h> | ||
| 65 | #include <openssl/dso.h> | 61 | #include <openssl/dso.h> |
| 66 | 62 | ||
| 67 | /* Shared libraries implementing ENGINEs for use by the "dynamic" ENGINE loader | 63 | /* Shared libraries implementing ENGINEs for use by the "dynamic" ENGINE loader |
| @@ -70,7 +66,7 @@ | |||
| 70 | /* Our ENGINE handlers */ | 66 | /* Our ENGINE handlers */ |
| 71 | static int dynamic_init(ENGINE *e); | 67 | static int dynamic_init(ENGINE *e); |
| 72 | static int dynamic_finish(ENGINE *e); | 68 | static int dynamic_finish(ENGINE *e); |
| 73 | static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); | 69 | static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); |
| 74 | /* Predeclare our context type */ | 70 | /* Predeclare our context type */ |
| 75 | typedef struct st_dynamic_data_ctx dynamic_data_ctx; | 71 | typedef struct st_dynamic_data_ctx dynamic_data_ctx; |
| 76 | /* The implementation for the important control command */ | 72 | /* The implementation for the important control command */ |
| @@ -80,7 +76,9 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx); | |||
| 80 | #define DYNAMIC_CMD_NO_VCHECK (ENGINE_CMD_BASE + 1) | 76 | #define DYNAMIC_CMD_NO_VCHECK (ENGINE_CMD_BASE + 1) |
| 81 | #define DYNAMIC_CMD_ID (ENGINE_CMD_BASE + 2) | 77 | #define DYNAMIC_CMD_ID (ENGINE_CMD_BASE + 2) |
| 82 | #define DYNAMIC_CMD_LIST_ADD (ENGINE_CMD_BASE + 3) | 78 | #define DYNAMIC_CMD_LIST_ADD (ENGINE_CMD_BASE + 3) |
| 83 | #define DYNAMIC_CMD_LOAD (ENGINE_CMD_BASE + 4) | 79 | #define DYNAMIC_CMD_DIR_LOAD (ENGINE_CMD_BASE + 4) |
| 80 | #define DYNAMIC_CMD_DIR_ADD (ENGINE_CMD_BASE + 5) | ||
| 81 | #define DYNAMIC_CMD_LOAD (ENGINE_CMD_BASE + 6) | ||
| 84 | 82 | ||
| 85 | /* The constants used when creating the ENGINE */ | 83 | /* The constants used when creating the ENGINE */ |
| 86 | static const char *engine_dynamic_id = "dynamic"; | 84 | static const char *engine_dynamic_id = "dynamic"; |
| @@ -102,6 +100,14 @@ static const ENGINE_CMD_DEFN dynamic_cmd_defns[] = { | |||
| 102 | "LIST_ADD", | 100 | "LIST_ADD", |
| 103 | "Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)", | 101 | "Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)", |
| 104 | ENGINE_CMD_FLAG_NUMERIC}, | 102 | ENGINE_CMD_FLAG_NUMERIC}, |
| 103 | {DYNAMIC_CMD_DIR_LOAD, | ||
| 104 | "DIR_LOAD", | ||
| 105 | "Specifies whether to load from 'DIR_ADD' directories (0=no,1=yes,2=mandatory)", | ||
| 106 | ENGINE_CMD_FLAG_NUMERIC}, | ||
| 107 | {DYNAMIC_CMD_DIR_ADD, | ||
| 108 | "DIR_ADD", | ||
| 109 | "Adds a directory from which ENGINEs can be loaded", | ||
| 110 | ENGINE_CMD_FLAG_STRING}, | ||
| 105 | {DYNAMIC_CMD_LOAD, | 111 | {DYNAMIC_CMD_LOAD, |
| 106 | "LOAD", | 112 | "LOAD", |
| 107 | "Load up the ENGINE specified by other settings", | 113 | "Load up the ENGINE specified by other settings", |
| @@ -136,12 +142,18 @@ struct st_dynamic_data_ctx | |||
| 136 | const char *DYNAMIC_F1; | 142 | const char *DYNAMIC_F1; |
| 137 | /* The symbol name for the "initialise ENGINE structure" function */ | 143 | /* The symbol name for the "initialise ENGINE structure" function */ |
| 138 | const char *DYNAMIC_F2; | 144 | const char *DYNAMIC_F2; |
| 145 | /* Whether to never use 'dirs', use 'dirs' as a fallback, or only use | ||
| 146 | * 'dirs' for loading. Default is to use 'dirs' as a fallback. */ | ||
| 147 | int dir_load; | ||
| 148 | /* A stack of directories from which ENGINEs could be loaded */ | ||
| 149 | STACK *dirs; | ||
| 139 | }; | 150 | }; |
| 140 | 151 | ||
| 141 | /* This is the "ex_data" index we obtain and reserve for use with our context | 152 | /* This is the "ex_data" index we obtain and reserve for use with our context |
| 142 | * structure. */ | 153 | * structure. */ |
| 143 | static int dynamic_ex_data_idx = -1; | 154 | static int dynamic_ex_data_idx = -1; |
| 144 | 155 | ||
| 156 | static void int_free_str(void *s) { OPENSSL_free(s); } | ||
| 145 | /* Because our ex_data element may or may not get allocated depending on whether | 157 | /* Because our ex_data element may or may not get allocated depending on whether |
| 146 | * a "first-use" occurs before the ENGINE is freed, we have a memory leak | 158 | * a "first-use" occurs before the ENGINE is freed, we have a memory leak |
| 147 | * problem to solve. We can't declare a "new" handler for the ex_data as we | 159 | * problem to solve. We can't declare a "new" handler for the ex_data as we |
| @@ -161,6 +173,8 @@ static void dynamic_data_ctx_free_func(void *parent, void *ptr, | |||
| 161 | OPENSSL_free((void*)ctx->DYNAMIC_LIBNAME); | 173 | OPENSSL_free((void*)ctx->DYNAMIC_LIBNAME); |
| 162 | if(ctx->engine_id) | 174 | if(ctx->engine_id) |
| 163 | OPENSSL_free((void*)ctx->engine_id); | 175 | OPENSSL_free((void*)ctx->engine_id); |
| 176 | if(ctx->dirs) | ||
| 177 | sk_pop_free(ctx->dirs, int_free_str); | ||
| 164 | OPENSSL_free(ctx); | 178 | OPENSSL_free(ctx); |
| 165 | } | 179 | } |
| 166 | } | 180 | } |
| @@ -175,7 +189,7 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) | |||
| 175 | c = OPENSSL_malloc(sizeof(dynamic_data_ctx)); | 189 | c = OPENSSL_malloc(sizeof(dynamic_data_ctx)); |
| 176 | if(!c) | 190 | if(!c) |
| 177 | { | 191 | { |
| 178 | ENGINEerr(ENGINE_F_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); | 192 | ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); |
| 179 | return 0; | 193 | return 0; |
| 180 | } | 194 | } |
| 181 | memset(c, 0, sizeof(dynamic_data_ctx)); | 195 | memset(c, 0, sizeof(dynamic_data_ctx)); |
| @@ -188,6 +202,14 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) | |||
| 188 | c->list_add_value = 0; | 202 | c->list_add_value = 0; |
| 189 | c->DYNAMIC_F1 = "v_check"; | 203 | c->DYNAMIC_F1 = "v_check"; |
| 190 | c->DYNAMIC_F2 = "bind_engine"; | 204 | c->DYNAMIC_F2 = "bind_engine"; |
| 205 | c->dir_load = 1; | ||
| 206 | c->dirs = sk_new_null(); | ||
| 207 | if(!c->dirs) | ||
| 208 | { | ||
| 209 | ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); | ||
| 210 | OPENSSL_free(c); | ||
| 211 | return 0; | ||
| 212 | } | ||
| 191 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); | 213 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
| 192 | if((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, | 214 | if((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, |
| 193 | dynamic_ex_data_idx)) == NULL) | 215 | dynamic_ex_data_idx)) == NULL) |
| @@ -290,7 +312,7 @@ static int dynamic_finish(ENGINE *e) | |||
| 290 | return 0; | 312 | return 0; |
| 291 | } | 313 | } |
| 292 | 314 | ||
| 293 | static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) | 315 | static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) |
| 294 | { | 316 | { |
| 295 | dynamic_data_ctx *ctx = dynamic_get_data_ctx(e); | 317 | dynamic_data_ctx *ctx = dynamic_get_data_ctx(e); |
| 296 | int initialised; | 318 | int initialised; |
| @@ -346,6 +368,34 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) | |||
| 346 | return 1; | 368 | return 1; |
| 347 | case DYNAMIC_CMD_LOAD: | 369 | case DYNAMIC_CMD_LOAD: |
| 348 | return dynamic_load(e, ctx); | 370 | return dynamic_load(e, ctx); |
| 371 | case DYNAMIC_CMD_DIR_LOAD: | ||
| 372 | if((i < 0) || (i > 2)) | ||
| 373 | { | ||
| 374 | ENGINEerr(ENGINE_F_DYNAMIC_CTRL, | ||
| 375 | ENGINE_R_INVALID_ARGUMENT); | ||
| 376 | return 0; | ||
| 377 | } | ||
| 378 | ctx->dir_load = (int)i; | ||
| 379 | return 1; | ||
| 380 | case DYNAMIC_CMD_DIR_ADD: | ||
| 381 | /* a NULL 'p' or a string of zero-length is the same thing */ | ||
| 382 | if(!p || (strlen((const char *)p) < 1)) | ||
| 383 | { | ||
| 384 | ENGINEerr(ENGINE_F_DYNAMIC_CTRL, | ||
| 385 | ENGINE_R_INVALID_ARGUMENT); | ||
| 386 | return 0; | ||
| 387 | } | ||
| 388 | { | ||
| 389 | char *tmp_str = BUF_strdup(p); | ||
| 390 | if(!tmp_str) | ||
| 391 | { | ||
| 392 | ENGINEerr(ENGINE_F_DYNAMIC_CTRL, | ||
| 393 | ERR_R_MALLOC_FAILURE); | ||
| 394 | return 0; | ||
| 395 | } | ||
| 396 | sk_insert(ctx->dirs, tmp_str, -1); | ||
| 397 | } | ||
| 398 | return 1; | ||
| 349 | default: | 399 | default: |
| 350 | break; | 400 | break; |
| 351 | } | 401 | } |
| @@ -353,16 +403,53 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) | |||
| 353 | return 0; | 403 | return 0; |
| 354 | } | 404 | } |
| 355 | 405 | ||
| 406 | static int int_load(dynamic_data_ctx *ctx) | ||
| 407 | { | ||
| 408 | int num, loop; | ||
| 409 | /* Unless told not to, try a direct load */ | ||
| 410 | if((ctx->dir_load != 2) && (DSO_load(ctx->dynamic_dso, | ||
| 411 | ctx->DYNAMIC_LIBNAME, NULL, 0)) != NULL) | ||
| 412 | return 1; | ||
| 413 | /* If we're not allowed to use 'dirs' or we have none, fail */ | ||
| 414 | if(!ctx->dir_load || ((num = sk_num(ctx->dirs)) < 1)) | ||
| 415 | return 0; | ||
| 416 | for(loop = 0; loop < num; loop++) | ||
| 417 | { | ||
| 418 | const char *s = sk_value(ctx->dirs, loop); | ||
| 419 | char *merge = DSO_merge(ctx->dynamic_dso, ctx->DYNAMIC_LIBNAME, s); | ||
| 420 | if(!merge) | ||
| 421 | return 0; | ||
| 422 | if(DSO_load(ctx->dynamic_dso, merge, NULL, 0)) | ||
| 423 | { | ||
| 424 | /* Found what we're looking for */ | ||
| 425 | OPENSSL_free(merge); | ||
| 426 | return 1; | ||
| 427 | } | ||
| 428 | OPENSSL_free(merge); | ||
| 429 | } | ||
| 430 | return 0; | ||
| 431 | } | ||
| 432 | |||
| 356 | static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) | 433 | static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) |
| 357 | { | 434 | { |
| 358 | ENGINE cpy; | 435 | ENGINE cpy; |
| 359 | dynamic_fns fns; | 436 | dynamic_fns fns; |
| 360 | 437 | ||
| 361 | if(!ctx->DYNAMIC_LIBNAME || ((ctx->dynamic_dso = DSO_load(NULL, | 438 | if(!ctx->dynamic_dso) |
| 362 | ctx->DYNAMIC_LIBNAME, NULL, 0)) == NULL)) | 439 | ctx->dynamic_dso = DSO_new(); |
| 440 | if(!ctx->DYNAMIC_LIBNAME) | ||
| 441 | { | ||
| 442 | if(!ctx->engine_id) | ||
| 443 | return 0; | ||
| 444 | ctx->DYNAMIC_LIBNAME = | ||
| 445 | DSO_convert_filename(ctx->dynamic_dso, ctx->engine_id); | ||
| 446 | } | ||
| 447 | if(!int_load(ctx)) | ||
| 363 | { | 448 | { |
| 364 | ENGINEerr(ENGINE_F_DYNAMIC_LOAD, | 449 | ENGINEerr(ENGINE_F_DYNAMIC_LOAD, |
| 365 | ENGINE_R_DSO_NOT_FOUND); | 450 | ENGINE_R_DSO_NOT_FOUND); |
| 451 | DSO_free(ctx->dynamic_dso); | ||
| 452 | ctx->dynamic_dso = NULL; | ||
| 366 | return 0; | 453 | return 0; |
| 367 | } | 454 | } |
| 368 | /* We have to find a bind function otherwise it'll always end badly */ | 455 | /* We have to find a bind function otherwise it'll always end badly */ |
| @@ -409,6 +496,7 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) | |||
| 409 | * engine.h, much of this would be simplified if each area of code | 496 | * engine.h, much of this would be simplified if each area of code |
| 410 | * provided its own "summary" structure of all related callbacks. It | 497 | * provided its own "summary" structure of all related callbacks. It |
| 411 | * would also increase opaqueness. */ | 498 | * would also increase opaqueness. */ |
| 499 | fns.static_state = ENGINE_get_static_state(); | ||
| 412 | fns.err_fns = ERR_get_implementation(); | 500 | fns.err_fns = ERR_get_implementation(); |
| 413 | fns.ex_data_fns = CRYPTO_get_ex_data_implementation(); | 501 | fns.ex_data_fns = CRYPTO_get_ex_data_implementation(); |
| 414 | CRYPTO_get_mem_functions(&fns.mem_fns.malloc_cb, | 502 | CRYPTO_get_mem_functions(&fns.mem_fns.malloc_cb, |
diff --git a/src/lib/libcrypto/engine/eng_err.c b/src/lib/libcrypto/engine/eng_err.c index fdc0e7be0f..369f2e22d3 100644 --- a/src/lib/libcrypto/engine/eng_err.c +++ b/src/lib/libcrypto/engine/eng_err.c | |||
| @@ -73,6 +73,7 @@ static ERR_STRING_DATA ENGINE_str_functs[]= | |||
| 73 | {ERR_FUNC(ENGINE_F_DYNAMIC_CTRL), "DYNAMIC_CTRL"}, | 73 | {ERR_FUNC(ENGINE_F_DYNAMIC_CTRL), "DYNAMIC_CTRL"}, |
| 74 | {ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX), "DYNAMIC_GET_DATA_CTX"}, | 74 | {ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX), "DYNAMIC_GET_DATA_CTX"}, |
| 75 | {ERR_FUNC(ENGINE_F_DYNAMIC_LOAD), "DYNAMIC_LOAD"}, | 75 | {ERR_FUNC(ENGINE_F_DYNAMIC_LOAD), "DYNAMIC_LOAD"}, |
| 76 | {ERR_FUNC(ENGINE_F_DYNAMIC_SET_DATA_CTX), "DYNAMIC_SET_DATA_CTX"}, | ||
| 76 | {ERR_FUNC(ENGINE_F_ENGINE_ADD), "ENGINE_add"}, | 77 | {ERR_FUNC(ENGINE_F_ENGINE_ADD), "ENGINE_add"}, |
| 77 | {ERR_FUNC(ENGINE_F_ENGINE_BY_ID), "ENGINE_by_id"}, | 78 | {ERR_FUNC(ENGINE_F_ENGINE_BY_ID), "ENGINE_by_id"}, |
| 78 | {ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE), "ENGINE_cmd_is_executable"}, | 79 | {ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE), "ENGINE_cmd_is_executable"}, |
| @@ -80,7 +81,7 @@ static ERR_STRING_DATA ENGINE_str_functs[]= | |||
| 80 | {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD), "ENGINE_ctrl_cmd"}, | 81 | {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD), "ENGINE_ctrl_cmd"}, |
| 81 | {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING), "ENGINE_ctrl_cmd_string"}, | 82 | {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING), "ENGINE_ctrl_cmd_string"}, |
| 82 | {ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"}, | 83 | {ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"}, |
| 83 | {ERR_FUNC(ENGINE_F_ENGINE_FREE), "ENGINE_free"}, | 84 | {ERR_FUNC(ENGINE_F_ENGINE_FREE_UTIL), "ENGINE_FREE_UTIL"}, |
| 84 | {ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"}, | 85 | {ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"}, |
| 85 | {ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"}, | 86 | {ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"}, |
| 86 | {ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"}, | 87 | {ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"}, |
| @@ -91,7 +92,6 @@ static ERR_STRING_DATA ENGINE_str_functs[]= | |||
| 91 | {ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"}, | 92 | {ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"}, |
| 92 | {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"}, | 93 | {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"}, |
| 93 | {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"}, | 94 | {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"}, |
| 94 | {ERR_FUNC(ENGINE_F_ENGINE_MODULE_INIT), "ENGINE_MODULE_INIT"}, | ||
| 95 | {ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"}, | 95 | {ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"}, |
| 96 | {ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"}, | 96 | {ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"}, |
| 97 | {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING), "ENGINE_set_default_string"}, | 97 | {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING), "ENGINE_set_default_string"}, |
| @@ -100,11 +100,12 @@ static ERR_STRING_DATA ENGINE_str_functs[]= | |||
| 100 | {ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"}, | 100 | {ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"}, |
| 101 | {ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "ENGINE_TABLE_REGISTER"}, | 101 | {ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "ENGINE_TABLE_REGISTER"}, |
| 102 | {ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY), "ENGINE_UNLOAD_KEY"}, | 102 | {ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY), "ENGINE_UNLOAD_KEY"}, |
| 103 | {ERR_FUNC(ENGINE_F_ENGINE_UNLOCKED_FINISH), "ENGINE_UNLOCKED_FINISH"}, | ||
| 103 | {ERR_FUNC(ENGINE_F_ENGINE_UP_REF), "ENGINE_up_ref"}, | 104 | {ERR_FUNC(ENGINE_F_ENGINE_UP_REF), "ENGINE_up_ref"}, |
| 104 | {ERR_FUNC(ENGINE_F_INT_CTRL_HELPER), "INT_CTRL_HELPER"}, | 105 | {ERR_FUNC(ENGINE_F_INT_CTRL_HELPER), "INT_CTRL_HELPER"}, |
| 105 | {ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE), "INT_ENGINE_CONFIGURE"}, | 106 | {ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE), "INT_ENGINE_CONFIGURE"}, |
| 107 | {ERR_FUNC(ENGINE_F_INT_ENGINE_MODULE_INIT), "INT_ENGINE_MODULE_INIT"}, | ||
| 106 | {ERR_FUNC(ENGINE_F_LOG_MESSAGE), "LOG_MESSAGE"}, | 108 | {ERR_FUNC(ENGINE_F_LOG_MESSAGE), "LOG_MESSAGE"}, |
| 107 | {ERR_FUNC(ENGINE_F_SET_DATA_CTX), "SET_DATA_CTX"}, | ||
| 108 | {0,NULL} | 109 | {0,NULL} |
| 109 | }; | 110 | }; |
| 110 | 111 | ||
| @@ -156,15 +157,12 @@ static ERR_STRING_DATA ENGINE_str_reasons[]= | |||
| 156 | 157 | ||
| 157 | void ERR_load_ENGINE_strings(void) | 158 | void ERR_load_ENGINE_strings(void) |
| 158 | { | 159 | { |
| 159 | static int init=1; | 160 | #ifndef OPENSSL_NO_ERR |
| 160 | 161 | ||
| 161 | if (init) | 162 | if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL) |
| 162 | { | 163 | { |
| 163 | init=0; | ||
| 164 | #ifndef OPENSSL_NO_ERR | ||
| 165 | ERR_load_strings(0,ENGINE_str_functs); | 164 | ERR_load_strings(0,ENGINE_str_functs); |
| 166 | ERR_load_strings(0,ENGINE_str_reasons); | 165 | ERR_load_strings(0,ENGINE_str_reasons); |
| 167 | #endif | ||
| 168 | |||
| 169 | } | 166 | } |
| 167 | #endif | ||
| 170 | } | 168 | } |
diff --git a/src/lib/libcrypto/engine/eng_fat.c b/src/lib/libcrypto/engine/eng_fat.c index 7ccf7022ee..27c1662f62 100644 --- a/src/lib/libcrypto/engine/eng_fat.c +++ b/src/lib/libcrypto/engine/eng_fat.c | |||
| @@ -52,11 +52,13 @@ | |||
| 52 | * Hudson (tjh@cryptsoft.com). | 52 | * Hudson (tjh@cryptsoft.com). |
| 53 | * | 53 | * |
| 54 | */ | 54 | */ |
| 55 | /* ==================================================================== | ||
| 56 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 57 | * ECDH support in OpenSSL originally developed by | ||
| 58 | * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | ||
| 59 | */ | ||
| 55 | 60 | ||
| 56 | #include <openssl/crypto.h> | ||
| 57 | #include "cryptlib.h" | ||
| 58 | #include "eng_int.h" | 61 | #include "eng_int.h" |
| 59 | #include <openssl/engine.h> | ||
| 60 | #include <openssl/conf.h> | 62 | #include <openssl/conf.h> |
| 61 | 63 | ||
| 62 | int ENGINE_set_default(ENGINE *e, unsigned int flags) | 64 | int ENGINE_set_default(ENGINE *e, unsigned int flags) |
| @@ -77,6 +79,14 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags) | |||
| 77 | if((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e)) | 79 | if((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e)) |
| 78 | return 0; | 80 | return 0; |
| 79 | #endif | 81 | #endif |
| 82 | #ifndef OPENSSL_NO_ECDH | ||
| 83 | if((flags & ENGINE_METHOD_ECDH) && !ENGINE_set_default_ECDH(e)) | ||
| 84 | return 0; | ||
| 85 | #endif | ||
| 86 | #ifndef OPENSSL_NO_ECDSA | ||
| 87 | if((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e)) | ||
| 88 | return 0; | ||
| 89 | #endif | ||
| 80 | if((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e)) | 90 | if((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e)) |
| 81 | return 0; | 91 | return 0; |
| 82 | return 1; | 92 | return 1; |
| @@ -93,6 +103,10 @@ static int int_def_cb(const char *alg, int len, void *arg) | |||
| 93 | *pflags |= ENGINE_METHOD_RSA; | 103 | *pflags |= ENGINE_METHOD_RSA; |
| 94 | else if (!strncmp(alg, "DSA", len)) | 104 | else if (!strncmp(alg, "DSA", len)) |
| 95 | *pflags |= ENGINE_METHOD_DSA; | 105 | *pflags |= ENGINE_METHOD_DSA; |
| 106 | else if (!strncmp(alg, "ECDH", len)) | ||
| 107 | *pflags |= ENGINE_METHOD_ECDH; | ||
| 108 | else if (!strncmp(alg, "ECDSA", len)) | ||
| 109 | *pflags |= ENGINE_METHOD_ECDSA; | ||
| 96 | else if (!strncmp(alg, "DH", len)) | 110 | else if (!strncmp(alg, "DH", len)) |
| 97 | *pflags |= ENGINE_METHOD_DH; | 111 | *pflags |= ENGINE_METHOD_DH; |
| 98 | else if (!strncmp(alg, "RAND", len)) | 112 | else if (!strncmp(alg, "RAND", len)) |
| @@ -133,6 +147,12 @@ int ENGINE_register_complete(ENGINE *e) | |||
| 133 | #ifndef OPENSSL_NO_DH | 147 | #ifndef OPENSSL_NO_DH |
| 134 | ENGINE_register_DH(e); | 148 | ENGINE_register_DH(e); |
| 135 | #endif | 149 | #endif |
| 150 | #ifndef OPENSSL_NO_ECDH | ||
| 151 | ENGINE_register_ECDH(e); | ||
| 152 | #endif | ||
| 153 | #ifndef OPENSSL_NO_ECDSA | ||
| 154 | ENGINE_register_ECDSA(e); | ||
| 155 | #endif | ||
| 136 | ENGINE_register_RAND(e); | 156 | ENGINE_register_RAND(e); |
| 137 | return 1; | 157 | return 1; |
| 138 | } | 158 | } |
diff --git a/src/lib/libcrypto/engine/eng_init.c b/src/lib/libcrypto/engine/eng_init.c index 170c1791b3..7633cf5f1d 100644 --- a/src/lib/libcrypto/engine/eng_init.c +++ b/src/lib/libcrypto/engine/eng_init.c | |||
| @@ -53,10 +53,7 @@ | |||
| 53 | * | 53 | * |
| 54 | */ | 54 | */ |
| 55 | 55 | ||
| 56 | #include <openssl/crypto.h> | ||
| 57 | #include "cryptlib.h" | ||
| 58 | #include "eng_int.h" | 56 | #include "eng_int.h" |
| 59 | #include <openssl/engine.h> | ||
| 60 | 57 | ||
| 61 | /* Initialise a engine type for use (or up its functional reference count | 58 | /* Initialise a engine type for use (or up its functional reference count |
| 62 | * if it's already in use). This version is only used internally. */ | 59 | * if it's already in use). This version is only used internally. */ |
| @@ -114,7 +111,7 @@ int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers) | |||
| 114 | /* Release the structural reference too */ | 111 | /* Release the structural reference too */ |
| 115 | if(!engine_free_util(e, 0)) | 112 | if(!engine_free_util(e, 0)) |
| 116 | { | 113 | { |
| 117 | ENGINEerr(ENGINE_F_ENGINE_FINISH,ENGINE_R_FINISH_FAILED); | 114 | ENGINEerr(ENGINE_F_ENGINE_UNLOCKED_FINISH,ENGINE_R_FINISH_FAILED); |
| 118 | return 0; | 115 | return 0; |
| 119 | } | 116 | } |
| 120 | return to_return; | 117 | return to_return; |
diff --git a/src/lib/libcrypto/engine/eng_int.h b/src/lib/libcrypto/engine/eng_int.h index 38335f99cd..a5b1edebf4 100644 --- a/src/lib/libcrypto/engine/eng_int.h +++ b/src/lib/libcrypto/engine/eng_int.h | |||
| @@ -55,10 +55,16 @@ | |||
| 55 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * ECDH support in OpenSSL originally developed by | ||
| 61 | * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | ||
| 62 | */ | ||
| 58 | 63 | ||
| 59 | #ifndef HEADER_ENGINE_INT_H | 64 | #ifndef HEADER_ENGINE_INT_H |
| 60 | #define HEADER_ENGINE_INT_H | 65 | #define HEADER_ENGINE_INT_H |
| 61 | 66 | ||
| 67 | #include "cryptlib.h" | ||
| 62 | /* Take public definitions from engine.h */ | 68 | /* Take public definitions from engine.h */ |
| 63 | #include <openssl/engine.h> | 69 | #include <openssl/engine.h> |
| 64 | 70 | ||
| @@ -146,7 +152,10 @@ struct engine_st | |||
| 146 | const RSA_METHOD *rsa_meth; | 152 | const RSA_METHOD *rsa_meth; |
| 147 | const DSA_METHOD *dsa_meth; | 153 | const DSA_METHOD *dsa_meth; |
| 148 | const DH_METHOD *dh_meth; | 154 | const DH_METHOD *dh_meth; |
| 155 | const ECDH_METHOD *ecdh_meth; | ||
| 156 | const ECDSA_METHOD *ecdsa_meth; | ||
| 149 | const RAND_METHOD *rand_meth; | 157 | const RAND_METHOD *rand_meth; |
| 158 | const STORE_METHOD *store_meth; | ||
| 150 | /* Cipher handling is via this callback */ | 159 | /* Cipher handling is via this callback */ |
| 151 | ENGINE_CIPHERS_PTR ciphers; | 160 | ENGINE_CIPHERS_PTR ciphers; |
| 152 | /* Digest handling is via this callback */ | 161 | /* Digest handling is via this callback */ |
diff --git a/src/lib/libcrypto/engine/eng_lib.c b/src/lib/libcrypto/engine/eng_lib.c index a66d0f08af..5815b867f4 100644 --- a/src/lib/libcrypto/engine/eng_lib.c +++ b/src/lib/libcrypto/engine/eng_lib.c | |||
| @@ -56,11 +56,8 @@ | |||
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/crypto.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include "eng_int.h" | 59 | #include "eng_int.h" |
| 62 | #include <openssl/rand.h> /* FIXME: This shouldn't be needed */ | 60 | #include <openssl/rand.h> |
| 63 | #include <openssl/engine.h> | ||
| 64 | 61 | ||
| 65 | /* The "new"/"free" stuff first */ | 62 | /* The "new"/"free" stuff first */ |
| 66 | 63 | ||
| @@ -92,6 +89,7 @@ void engine_set_all_null(ENGINE *e) | |||
| 92 | e->dsa_meth = NULL; | 89 | e->dsa_meth = NULL; |
| 93 | e->dh_meth = NULL; | 90 | e->dh_meth = NULL; |
| 94 | e->rand_meth = NULL; | 91 | e->rand_meth = NULL; |
| 92 | e->store_meth = NULL; | ||
| 95 | e->ciphers = NULL; | 93 | e->ciphers = NULL; |
| 96 | e->digests = NULL; | 94 | e->digests = NULL; |
| 97 | e->destroy = NULL; | 95 | e->destroy = NULL; |
| @@ -110,7 +108,7 @@ int engine_free_util(ENGINE *e, int locked) | |||
| 110 | 108 | ||
| 111 | if(e == NULL) | 109 | if(e == NULL) |
| 112 | { | 110 | { |
| 113 | ENGINEerr(ENGINE_F_ENGINE_FREE, | 111 | ENGINEerr(ENGINE_F_ENGINE_FREE_UTIL, |
| 114 | ERR_R_PASSED_NULL_PARAMETER); | 112 | ERR_R_PASSED_NULL_PARAMETER); |
| 115 | return 0; | 113 | return 0; |
| 116 | } | 114 | } |
| @@ -319,3 +317,13 @@ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e) | |||
| 319 | { | 317 | { |
| 320 | return e->cmd_defns; | 318 | return e->cmd_defns; |
| 321 | } | 319 | } |
| 320 | |||
| 321 | /* eng_lib.o is pretty much linked into anything that touches ENGINE already, so | ||
| 322 | * put the "static_state" hack here. */ | ||
| 323 | |||
| 324 | static int internal_static_hack = 0; | ||
| 325 | |||
| 326 | void *ENGINE_get_static_state(void) | ||
| 327 | { | ||
| 328 | return &internal_static_hack; | ||
| 329 | } | ||
diff --git a/src/lib/libcrypto/engine/eng_list.c b/src/lib/libcrypto/engine/eng_list.c index 1cc3217f4c..bd511944ba 100644 --- a/src/lib/libcrypto/engine/eng_list.c +++ b/src/lib/libcrypto/engine/eng_list.c | |||
| @@ -55,11 +55,13 @@ | |||
| 55 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * ECDH support in OpenSSL originally developed by | ||
| 61 | * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | ||
| 62 | */ | ||
| 58 | 63 | ||
| 59 | #include <openssl/crypto.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include "eng_int.h" | 64 | #include "eng_int.h" |
| 62 | #include <openssl/engine.h> | ||
| 63 | 65 | ||
| 64 | /* The linked-list of pointers to engine types. engine_list_head | 66 | /* The linked-list of pointers to engine types. engine_list_head |
| 65 | * incorporates an implicit structural reference but engine_list_tail | 67 | * incorporates an implicit structural reference but engine_list_tail |
| @@ -324,7 +326,14 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src) | |||
| 324 | #ifndef OPENSSL_NO_DH | 326 | #ifndef OPENSSL_NO_DH |
| 325 | dest->dh_meth = src->dh_meth; | 327 | dest->dh_meth = src->dh_meth; |
| 326 | #endif | 328 | #endif |
| 329 | #ifndef OPENSSL_NO_ECDH | ||
| 330 | dest->ecdh_meth = src->ecdh_meth; | ||
| 331 | #endif | ||
| 332 | #ifndef OPENSSL_NO_ECDSA | ||
| 333 | dest->ecdsa_meth = src->ecdsa_meth; | ||
| 334 | #endif | ||
| 327 | dest->rand_meth = src->rand_meth; | 335 | dest->rand_meth = src->rand_meth; |
| 336 | dest->store_meth = src->store_meth; | ||
| 328 | dest->ciphers = src->ciphers; | 337 | dest->ciphers = src->ciphers; |
| 329 | dest->digests = src->digests; | 338 | dest->digests = src->digests; |
| 330 | dest->destroy = src->destroy; | 339 | dest->destroy = src->destroy; |
| @@ -340,6 +349,7 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src) | |||
| 340 | ENGINE *ENGINE_by_id(const char *id) | 349 | ENGINE *ENGINE_by_id(const char *id) |
| 341 | { | 350 | { |
| 342 | ENGINE *iterator; | 351 | ENGINE *iterator; |
| 352 | char *load_dir = NULL; | ||
| 343 | if(id == NULL) | 353 | if(id == NULL) |
| 344 | { | 354 | { |
| 345 | ENGINEerr(ENGINE_F_ENGINE_BY_ID, | 355 | ENGINEerr(ENGINE_F_ENGINE_BY_ID, |
| @@ -373,6 +383,7 @@ ENGINE *ENGINE_by_id(const char *id) | |||
| 373 | } | 383 | } |
| 374 | } | 384 | } |
| 375 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); | 385 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
| 386 | #if 0 | ||
| 376 | if(iterator == NULL) | 387 | if(iterator == NULL) |
| 377 | { | 388 | { |
| 378 | ENGINEerr(ENGINE_F_ENGINE_BY_ID, | 389 | ENGINEerr(ENGINE_F_ENGINE_BY_ID, |
| @@ -380,6 +391,32 @@ ENGINE *ENGINE_by_id(const char *id) | |||
| 380 | ERR_add_error_data(2, "id=", id); | 391 | ERR_add_error_data(2, "id=", id); |
| 381 | } | 392 | } |
| 382 | return iterator; | 393 | return iterator; |
| 394 | #else | ||
| 395 | /* EEK! Experimental code starts */ | ||
| 396 | if(iterator) return iterator; | ||
| 397 | /* Prevent infinite recusrion if we're looking for the dynamic engine. */ | ||
| 398 | if (strcmp(id, "dynamic")) | ||
| 399 | { | ||
| 400 | #ifdef OPENSSL_SYS_VMS | ||
| 401 | if((load_dir = getenv("OPENSSL_ENGINES")) == 0) load_dir = "SSLROOT:[ENGINES]"; | ||
| 402 | #else | ||
| 403 | if((load_dir = getenv("OPENSSL_ENGINES")) == 0) load_dir = ENGINESDIR; | ||
| 404 | #endif | ||
| 405 | iterator = ENGINE_by_id("dynamic"); | ||
| 406 | if(!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) || | ||
| 407 | !ENGINE_ctrl_cmd_string(iterator, "DIR_LOAD", "2", 0) || | ||
| 408 | !ENGINE_ctrl_cmd_string(iterator, "DIR_ADD", | ||
| 409 | load_dir, 0) || | ||
| 410 | !ENGINE_ctrl_cmd_string(iterator, "LOAD", NULL, 0)) | ||
| 411 | goto notfound; | ||
| 412 | return iterator; | ||
| 413 | } | ||
| 414 | notfound: | ||
| 415 | ENGINEerr(ENGINE_F_ENGINE_BY_ID,ENGINE_R_NO_SUCH_ENGINE); | ||
| 416 | ERR_add_error_data(2, "id=", id); | ||
| 417 | return NULL; | ||
| 418 | /* EEK! Experimental code ends */ | ||
| 419 | #endif | ||
| 383 | } | 420 | } |
| 384 | 421 | ||
| 385 | int ENGINE_up_ref(ENGINE *e) | 422 | int ENGINE_up_ref(ENGINE *e) |
diff --git a/src/lib/libcrypto/engine/eng_openssl.c b/src/lib/libcrypto/engine/eng_openssl.c index 54579eea2e..7c139ae2ef 100644 --- a/src/lib/libcrypto/engine/eng_openssl.c +++ b/src/lib/libcrypto/engine/eng_openssl.c | |||
| @@ -55,6 +55,11 @@ | |||
| 55 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * ECDH support in OpenSSL originally developed by | ||
| 61 | * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | ||
| 62 | */ | ||
| 58 | 63 | ||
| 59 | 64 | ||
| 60 | #include <stdio.h> | 65 | #include <stdio.h> |
| @@ -64,6 +69,16 @@ | |||
| 64 | #include <openssl/dso.h> | 69 | #include <openssl/dso.h> |
| 65 | #include <openssl/pem.h> | 70 | #include <openssl/pem.h> |
| 66 | #include <openssl/evp.h> | 71 | #include <openssl/evp.h> |
| 72 | #include <openssl/rand.h> | ||
| 73 | #ifndef OPENSSL_NO_RSA | ||
| 74 | #include <openssl/rsa.h> | ||
| 75 | #endif | ||
| 76 | #ifndef OPENSSL_NO_DSA | ||
| 77 | #include <openssl/dsa.h> | ||
| 78 | #endif | ||
| 79 | #ifndef OPENSSL_NO_DH | ||
| 80 | #include <openssl/dh.h> | ||
| 81 | #endif | ||
| 67 | 82 | ||
| 68 | /* This testing gunk is implemented (and explained) lower down. It also assumes | 83 | /* This testing gunk is implemented (and explained) lower down. It also assumes |
| 69 | * the application explicitly calls "ENGINE_load_openssl()" because this is no | 84 | * the application explicitly calls "ENGINE_load_openssl()" because this is no |
| @@ -125,6 +140,12 @@ static int bind_helper(ENGINE *e) | |||
| 125 | #ifndef OPENSSL_NO_DSA | 140 | #ifndef OPENSSL_NO_DSA |
| 126 | || !ENGINE_set_DSA(e, DSA_get_default_method()) | 141 | || !ENGINE_set_DSA(e, DSA_get_default_method()) |
| 127 | #endif | 142 | #endif |
| 143 | #ifndef OPENSSL_NO_ECDH | ||
| 144 | || !ENGINE_set_ECDH(e, ECDH_OpenSSL()) | ||
| 145 | #endif | ||
| 146 | #ifndef OPENSSL_NO_ECDSA | ||
| 147 | || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL()) | ||
| 148 | #endif | ||
| 128 | #ifndef OPENSSL_NO_DH | 149 | #ifndef OPENSSL_NO_DH |
| 129 | || !ENGINE_set_DH(e, DH_get_default_method()) | 150 | || !ENGINE_set_DH(e, DH_get_default_method()) |
| 130 | #endif | 151 | #endif |
| @@ -236,6 +257,7 @@ static const EVP_CIPHER test_r4_cipher= | |||
| 236 | sizeof(TEST_RC4_KEY), | 257 | sizeof(TEST_RC4_KEY), |
| 237 | NULL, | 258 | NULL, |
| 238 | NULL, | 259 | NULL, |
| 260 | NULL, | ||
| 239 | NULL | 261 | NULL |
| 240 | }; | 262 | }; |
| 241 | static const EVP_CIPHER test_r4_40_cipher= | 263 | static const EVP_CIPHER test_r4_40_cipher= |
| @@ -249,6 +271,7 @@ static const EVP_CIPHER test_r4_40_cipher= | |||
| 249 | sizeof(TEST_RC4_KEY), | 271 | sizeof(TEST_RC4_KEY), |
| 250 | NULL, | 272 | NULL, |
| 251 | NULL, | 273 | NULL, |
| 274 | NULL, | ||
| 252 | NULL | 275 | NULL |
| 253 | }; | 276 | }; |
| 254 | static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | 277 | static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, |
| @@ -290,7 +313,7 @@ static int test_sha1_init(EVP_MD_CTX *ctx) | |||
| 290 | #endif | 313 | #endif |
| 291 | return SHA1_Init(ctx->md_data); | 314 | return SHA1_Init(ctx->md_data); |
| 292 | } | 315 | } |
| 293 | static int test_sha1_update(EVP_MD_CTX *ctx,const void *data,unsigned long count) | 316 | static int test_sha1_update(EVP_MD_CTX *ctx,const void *data,size_t count) |
| 294 | { | 317 | { |
| 295 | #ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE | 318 | #ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE |
| 296 | fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n"); | 319 | fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n"); |
diff --git a/src/lib/libcrypto/engine/eng_pkey.c b/src/lib/libcrypto/engine/eng_pkey.c index 8c69171511..bc8b21abec 100644 --- a/src/lib/libcrypto/engine/eng_pkey.c +++ b/src/lib/libcrypto/engine/eng_pkey.c | |||
| @@ -53,10 +53,7 @@ | |||
| 53 | * | 53 | * |
| 54 | */ | 54 | */ |
| 55 | 55 | ||
| 56 | #include <openssl/crypto.h> | ||
| 57 | #include "cryptlib.h" | ||
| 58 | #include "eng_int.h" | 56 | #include "eng_int.h" |
| 59 | #include <openssl/engine.h> | ||
| 60 | 57 | ||
| 61 | /* Basic get/set stuff */ | 58 | /* Basic get/set stuff */ |
| 62 | 59 | ||
diff --git a/src/lib/libcrypto/engine/eng_table.c b/src/lib/libcrypto/engine/eng_table.c index c69a84a8bf..8879a267d1 100644 --- a/src/lib/libcrypto/engine/eng_table.c +++ b/src/lib/libcrypto/engine/eng_table.c | |||
| @@ -52,49 +52,31 @@ | |||
| 52 | * | 52 | * |
| 53 | */ | 53 | */ |
| 54 | 54 | ||
| 55 | #include "cryptlib.h" | ||
| 55 | #include <openssl/evp.h> | 56 | #include <openssl/evp.h> |
| 56 | #include <openssl/engine.h> | 57 | #include <openssl/lhash.h> |
| 57 | #include "eng_int.h" | 58 | #include "eng_int.h" |
| 58 | 59 | ||
| 59 | /* This is the type of item in the 'implementation' table. Each 'nid' hashes to | ||
| 60 | * a (potentially NULL) ENGINE_PILE structure which contains a stack of ENGINE* | ||
| 61 | * pointers. These pointers aren't references, because they're inserted and | ||
| 62 | * removed during ENGINE creation and ENGINE destruction. They point to ENGINEs | ||
| 63 | * that *exist* (ie. have a structural reference count greater than zero) rather | ||
| 64 | * than ENGINEs that are *functional*. Each pointer in those stacks are to | ||
| 65 | * ENGINEs that implements the algorithm corresponding to each 'nid'. */ | ||
| 66 | |||
| 67 | /* The type of the items in the table */ | 60 | /* The type of the items in the table */ |
| 68 | typedef struct st_engine_pile | 61 | typedef struct st_engine_pile |
| 69 | { | 62 | { |
| 70 | /* The 'nid' of the algorithm/mode this ENGINE_PILE structure represents | 63 | /* The 'nid' of this algorithm/mode */ |
| 71 | * */ | ||
| 72 | int nid; | 64 | int nid; |
| 73 | /* A stack of ENGINE pointers for ENGINEs that support this | 65 | /* ENGINEs that implement this algorithm/mode. */ |
| 74 | * algorithm/mode. In the event that 'funct' is NULL, the first entry in | ||
| 75 | * this stack that initialises will be set as 'funct' and assumed as the | ||
| 76 | * default for operations of this type. */ | ||
| 77 | STACK_OF(ENGINE) *sk; | 66 | STACK_OF(ENGINE) *sk; |
| 78 | /* The default ENGINE to perform this algorithm/mode. */ | 67 | /* The default ENGINE to perform this algorithm/mode. */ |
| 79 | ENGINE *funct; | 68 | ENGINE *funct; |
| 80 | /* This value optimises engine_table_select(). If it is called it sets | 69 | /* Zero if 'sk' is newer than the cached 'funct', non-zero otherwise */ |
| 81 | * this value to 1. Any changes to this ENGINE_PILE resets it to zero. | ||
| 82 | * As such, no ENGINE_init() thrashing is done unless ENGINEs | ||
| 83 | * continually register (and/or unregister). */ | ||
| 84 | int uptodate; | 70 | int uptodate; |
| 85 | } ENGINE_PILE; | 71 | } ENGINE_PILE; |
| 86 | 72 | ||
| 87 | /* The type of the hash table of ENGINE_PILE structures such that each are | 73 | /* The type exposed in eng_int.h */ |
| 88 | * unique and keyed by the 'nid' value. */ | ||
| 89 | struct st_engine_table | 74 | struct st_engine_table |
| 90 | { | 75 | { |
| 91 | LHASH piles; | 76 | LHASH piles; |
| 92 | }; /* ENGINE_TABLE */ | 77 | }; /* ENGINE_TABLE */ |
| 93 | 78 | ||
| 94 | /* This value stores global options controlling behaviour of (mostly) the | 79 | /* Global flags (ENGINE_TABLE_FLAG_***). */ |
| 95 | * engine_table_select() function. It's a bitmask of flag values of the form | ||
| 96 | * ENGINE_TABLE_FLAG_*** (as defined in engine.h) and is controlled by the | ||
| 97 | * ENGINE_[get|set]_table_flags() function. */ | ||
| 98 | static unsigned int table_flags = 0; | 80 | static unsigned int table_flags = 0; |
| 99 | 81 | ||
| 100 | /* API function manipulating 'table_flags' */ | 82 | /* API function manipulating 'table_flags' */ |
| @@ -121,10 +103,8 @@ static IMPLEMENT_LHASH_COMP_FN(engine_pile_cmp, const ENGINE_PILE *) | |||
| 121 | static int int_table_check(ENGINE_TABLE **t, int create) | 103 | static int int_table_check(ENGINE_TABLE **t, int create) |
| 122 | { | 104 | { |
| 123 | LHASH *lh; | 105 | LHASH *lh; |
| 124 | if(*t) | 106 | if(*t) return 1; |
| 125 | return 1; | 107 | if(!create) return 0; |
| 126 | if(!create) | ||
| 127 | return 0; | ||
| 128 | if((lh = lh_new(LHASH_HASH_FN(engine_pile_hash), | 108 | if((lh = lh_new(LHASH_HASH_FN(engine_pile_hash), |
| 129 | LHASH_COMP_FN(engine_pile_cmp))) == NULL) | 109 | LHASH_COMP_FN(engine_pile_cmp))) == NULL) |
| 130 | return 0; | 110 | return 0; |
| @@ -154,8 +134,7 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, | |||
| 154 | if(!fnd) | 134 | if(!fnd) |
| 155 | { | 135 | { |
| 156 | fnd = OPENSSL_malloc(sizeof(ENGINE_PILE)); | 136 | fnd = OPENSSL_malloc(sizeof(ENGINE_PILE)); |
| 157 | if(!fnd) | 137 | if(!fnd) goto end; |
| 158 | goto end; | ||
| 159 | fnd->uptodate = 1; | 138 | fnd->uptodate = 1; |
| 160 | fnd->nid = *nids; | 139 | fnd->nid = *nids; |
| 161 | fnd->sk = sk_ENGINE_new_null(); | 140 | fnd->sk = sk_ENGINE_new_null(); |
| @@ -164,11 +143,11 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, | |||
| 164 | OPENSSL_free(fnd); | 143 | OPENSSL_free(fnd); |
| 165 | goto end; | 144 | goto end; |
| 166 | } | 145 | } |
| 167 | fnd->funct= NULL; | 146 | fnd->funct = NULL; |
| 168 | lh_insert(&(*table)->piles, fnd); | 147 | lh_insert(&(*table)->piles, fnd); |
| 169 | } | 148 | } |
| 170 | /* A registration shouldn't add duplciate entries */ | 149 | /* A registration shouldn't add duplciate entries */ |
| 171 | sk_ENGINE_delete_ptr(fnd->sk, e); | 150 | (void)sk_ENGINE_delete_ptr(fnd->sk, e); |
| 172 | /* if 'setdefault', this ENGINE goes to the head of the list */ | 151 | /* if 'setdefault', this ENGINE goes to the head of the list */ |
| 173 | if(!sk_ENGINE_push(fnd->sk, e)) | 152 | if(!sk_ENGINE_push(fnd->sk, e)) |
| 174 | goto end; | 153 | goto end; |
| @@ -185,6 +164,7 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, | |||
| 185 | if(fnd->funct) | 164 | if(fnd->funct) |
| 186 | engine_unlocked_finish(fnd->funct, 0); | 165 | engine_unlocked_finish(fnd->funct, 0); |
| 187 | fnd->funct = e; | 166 | fnd->funct = e; |
| 167 | fnd->uptodate = 1; | ||
| 188 | } | 168 | } |
| 189 | nids++; | 169 | nids++; |
| 190 | } | 170 | } |
| @@ -199,8 +179,7 @@ static void int_unregister_cb(ENGINE_PILE *pile, ENGINE *e) | |||
| 199 | /* Iterate the 'c->sk' stack removing any occurance of 'e' */ | 179 | /* Iterate the 'c->sk' stack removing any occurance of 'e' */ |
| 200 | while((n = sk_ENGINE_find(pile->sk, e)) >= 0) | 180 | while((n = sk_ENGINE_find(pile->sk, e)) >= 0) |
| 201 | { | 181 | { |
| 202 | sk_ENGINE_delete(pile->sk, n); | 182 | (void)sk_ENGINE_delete(pile->sk, n); |
| 203 | /* "touch" this ENGINE_CIPHER */ | ||
| 204 | pile->uptodate = 0; | 183 | pile->uptodate = 0; |
| 205 | } | 184 | } |
| 206 | if(pile->funct == e) | 185 | if(pile->funct == e) |
| @@ -239,9 +218,7 @@ void engine_table_cleanup(ENGINE_TABLE **table) | |||
| 239 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); | 218 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
| 240 | } | 219 | } |
| 241 | 220 | ||
| 242 | /* Exposed API function to get a functional reference from the implementation | 221 | /* return a functional reference for a given 'nid' */ |
| 243 | * table (ie. try to get a functional reference from the tabled structural | ||
| 244 | * references) for a given cipher 'nid' */ | ||
| 245 | #ifndef ENGINE_TABLE_DEBUG | 222 | #ifndef ENGINE_TABLE_DEBUG |
| 246 | ENGINE *engine_table_select(ENGINE_TABLE **table, int nid) | 223 | ENGINE *engine_table_select(ENGINE_TABLE **table, int nid) |
| 247 | #else | 224 | #else |
| @@ -252,25 +229,21 @@ ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, in | |||
| 252 | ENGINE_PILE tmplate, *fnd=NULL; | 229 | ENGINE_PILE tmplate, *fnd=NULL; |
| 253 | int initres, loop = 0; | 230 | int initres, loop = 0; |
| 254 | 231 | ||
| 255 | /* If 'engine_ciphers' is NULL, then it's absolutely *sure* that no | ||
| 256 | * ENGINEs have registered any implementations! */ | ||
| 257 | if(!(*table)) | 232 | if(!(*table)) |
| 258 | { | 233 | { |
| 259 | #ifdef ENGINE_TABLE_DEBUG | 234 | #ifdef ENGINE_TABLE_DEBUG |
| 260 | fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no " | 235 | fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, nothing " |
| 261 | "registered for anything!\n", f, l, nid); | 236 | "registered!\n", f, l, nid); |
| 262 | #endif | 237 | #endif |
| 263 | return NULL; | 238 | return NULL; |
| 264 | } | 239 | } |
| 265 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); | 240 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
| 266 | /* Check again inside the lock otherwise we could race against cleanup | 241 | /* Check again inside the lock otherwise we could race against cleanup |
| 267 | * operations. But don't worry about a fprintf(stderr). */ | 242 | * operations. But don't worry about a fprintf(stderr). */ |
| 268 | if(!int_table_check(table, 0)) | 243 | if(!int_table_check(table, 0)) goto end; |
| 269 | goto end; | ||
| 270 | tmplate.nid = nid; | 244 | tmplate.nid = nid; |
| 271 | fnd = lh_retrieve(&(*table)->piles, &tmplate); | 245 | fnd = lh_retrieve(&(*table)->piles, &tmplate); |
| 272 | if(!fnd) | 246 | if(!fnd) goto end; |
| 273 | goto end; | ||
| 274 | if(fnd->funct && engine_unlocked_init(fnd->funct)) | 247 | if(fnd->funct && engine_unlocked_init(fnd->funct)) |
| 275 | { | 248 | { |
| 276 | #ifdef ENGINE_TABLE_DEBUG | 249 | #ifdef ENGINE_TABLE_DEBUG |
| @@ -296,34 +269,19 @@ trynext: | |||
| 296 | #endif | 269 | #endif |
| 297 | goto end; | 270 | goto end; |
| 298 | } | 271 | } |
| 299 | #if 0 | 272 | /* Try to initialise the ENGINE? */ |
| 300 | /* Don't need to get a reference if we hold the lock. If the locking has | ||
| 301 | * to change in future, that would be different ... */ | ||
| 302 | ret->struct_ref++; engine_ref_debug(ret, 0, 1) | ||
| 303 | #endif | ||
| 304 | /* Try and initialise the ENGINE if it's already functional *or* if the | ||
| 305 | * ENGINE_TABLE_FLAG_NOINIT flag is not set. */ | ||
| 306 | if((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT)) | 273 | if((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT)) |
| 307 | initres = engine_unlocked_init(ret); | 274 | initres = engine_unlocked_init(ret); |
| 308 | else | 275 | else |
| 309 | initres = 0; | 276 | initres = 0; |
| 310 | #if 0 | ||
| 311 | /* Release the structural reference */ | ||
| 312 | ret->struct_ref--; engine_ref_debug(ret, 0, -1); | ||
| 313 | #endif | ||
| 314 | if(initres) | 277 | if(initres) |
| 315 | { | 278 | { |
| 316 | /* If we didn't have a default (functional reference) for this | 279 | /* Update 'funct' */ |
| 317 | * 'nid' (or we had one but for whatever reason we're now | ||
| 318 | * initialising a different one), use this opportunity to set | ||
| 319 | * 'funct'. */ | ||
| 320 | if((fnd->funct != ret) && engine_unlocked_init(ret)) | 280 | if((fnd->funct != ret) && engine_unlocked_init(ret)) |
| 321 | { | 281 | { |
| 322 | /* If there was a previous default we release it. */ | 282 | /* If there was a previous default we release it. */ |
| 323 | if(fnd->funct) | 283 | if(fnd->funct) |
| 324 | engine_unlocked_finish(fnd->funct, 0); | 284 | engine_unlocked_finish(fnd->funct, 0); |
| 325 | /* We got an extra functional reference for the | ||
| 326 | * per-'nid' default */ | ||
| 327 | fnd->funct = ret; | 285 | fnd->funct = ret; |
| 328 | #ifdef ENGINE_TABLE_DEBUG | 286 | #ifdef ENGINE_TABLE_DEBUG |
| 329 | fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, " | 287 | fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, " |
| @@ -338,13 +296,9 @@ trynext: | |||
| 338 | } | 296 | } |
| 339 | goto trynext; | 297 | goto trynext; |
| 340 | end: | 298 | end: |
| 341 | /* Whatever happened - we should "untouch" our uptodate file seeing as | 299 | /* If it failed, it is unlikely to succeed again until some future |
| 342 | * we have tried our best to find a functional reference for 'nid'. If | 300 | * registrations have taken place. In all cases, we cache. */ |
| 343 | * it failed, it is unlikely to succeed again until some future | 301 | if(fnd) fnd->uptodate = 1; |
| 344 | * registrations (or unregistrations) have taken place that affect that | ||
| 345 | * 'nid'. */ | ||
| 346 | if(fnd) | ||
| 347 | fnd->uptodate = 1; | ||
| 348 | #ifdef ENGINE_TABLE_DEBUG | 302 | #ifdef ENGINE_TABLE_DEBUG |
| 349 | if(ret) | 303 | if(ret) |
| 350 | fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching " | 304 | fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching " |
diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h index 900f75ce8d..3ec59338ff 100644 --- a/src/lib/libcrypto/engine/engine.h +++ b/src/lib/libcrypto/engine/engine.h | |||
| @@ -3,7 +3,7 @@ | |||
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -55,6 +55,11 @@ | |||
| 55 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * ECDH support in OpenSSL originally developed by | ||
| 61 | * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | ||
| 62 | */ | ||
| 58 | 63 | ||
| 59 | #ifndef HEADER_ENGINE_H | 64 | #ifndef HEADER_ENGINE_H |
| 60 | #define HEADER_ENGINE_H | 65 | #define HEADER_ENGINE_H |
| @@ -65,7 +70,7 @@ | |||
| 65 | #error ENGINE is disabled. | 70 | #error ENGINE is disabled. |
| 66 | #endif | 71 | #endif |
| 67 | 72 | ||
| 68 | #include <openssl/ossl_typ.h> | 73 | #ifndef OPENSSL_NO_DEPRECATED |
| 69 | #include <openssl/bn.h> | 74 | #include <openssl/bn.h> |
| 70 | #ifndef OPENSSL_NO_RSA | 75 | #ifndef OPENSSL_NO_RSA |
| 71 | #include <openssl/rsa.h> | 76 | #include <openssl/rsa.h> |
| @@ -76,34 +81,36 @@ | |||
| 76 | #ifndef OPENSSL_NO_DH | 81 | #ifndef OPENSSL_NO_DH |
| 77 | #include <openssl/dh.h> | 82 | #include <openssl/dh.h> |
| 78 | #endif | 83 | #endif |
| 84 | #ifndef OPENSSL_NO_ECDH | ||
| 85 | #include <openssl/ecdh.h> | ||
| 86 | #endif | ||
| 87 | #ifndef OPENSSL_NO_ECDSA | ||
| 88 | #include <openssl/ecdsa.h> | ||
| 89 | #endif | ||
| 79 | #include <openssl/rand.h> | 90 | #include <openssl/rand.h> |
| 91 | #include <openssl/store.h> | ||
| 80 | #include <openssl/ui.h> | 92 | #include <openssl/ui.h> |
| 81 | #include <openssl/symhacks.h> | ||
| 82 | #include <openssl/err.h> | 93 | #include <openssl/err.h> |
| 94 | #endif | ||
| 95 | |||
| 96 | #include <openssl/ossl_typ.h> | ||
| 97 | #include <openssl/symhacks.h> | ||
| 83 | 98 | ||
| 84 | #ifdef __cplusplus | 99 | #ifdef __cplusplus |
| 85 | extern "C" { | 100 | extern "C" { |
| 86 | #endif | 101 | #endif |
| 87 | 102 | ||
| 88 | /* Fixups for missing algorithms */ | ||
| 89 | #ifdef OPENSSL_NO_RSA | ||
| 90 | typedef void RSA_METHOD; | ||
| 91 | #endif | ||
| 92 | #ifdef OPENSSL_NO_DSA | ||
| 93 | typedef void DSA_METHOD; | ||
| 94 | #endif | ||
| 95 | #ifdef OPENSSL_NO_DH | ||
| 96 | typedef void DH_METHOD; | ||
| 97 | #endif | ||
| 98 | |||
| 99 | /* These flags are used to control combinations of algorithm (methods) | 103 | /* These flags are used to control combinations of algorithm (methods) |
| 100 | * by bitwise "OR"ing. */ | 104 | * by bitwise "OR"ing. */ |
| 101 | #define ENGINE_METHOD_RSA (unsigned int)0x0001 | 105 | #define ENGINE_METHOD_RSA (unsigned int)0x0001 |
| 102 | #define ENGINE_METHOD_DSA (unsigned int)0x0002 | 106 | #define ENGINE_METHOD_DSA (unsigned int)0x0002 |
| 103 | #define ENGINE_METHOD_DH (unsigned int)0x0004 | 107 | #define ENGINE_METHOD_DH (unsigned int)0x0004 |
| 104 | #define ENGINE_METHOD_RAND (unsigned int)0x0008 | 108 | #define ENGINE_METHOD_RAND (unsigned int)0x0008 |
| 109 | #define ENGINE_METHOD_ECDH (unsigned int)0x0010 | ||
| 110 | #define ENGINE_METHOD_ECDSA (unsigned int)0x0020 | ||
| 105 | #define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 | 111 | #define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 |
| 106 | #define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 | 112 | #define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 |
| 113 | #define ENGINE_METHOD_STORE (unsigned int)0x0100 | ||
| 107 | /* Obvious all-or-nothing cases. */ | 114 | /* Obvious all-or-nothing cases. */ |
| 108 | #define ENGINE_METHOD_ALL (unsigned int)0xFFFF | 115 | #define ENGINE_METHOD_ALL (unsigned int)0xFFFF |
| 109 | #define ENGINE_METHOD_NONE (unsigned int)0x0000 | 116 | #define ENGINE_METHOD_NONE (unsigned int)0x0000 |
| @@ -173,9 +180,15 @@ typedef void DH_METHOD; | |||
| 173 | handles/connections etc. */ | 180 | handles/connections etc. */ |
| 174 | #define ENGINE_CTRL_SET_USER_INTERFACE 4 /* Alternative to callback */ | 181 | #define ENGINE_CTRL_SET_USER_INTERFACE 4 /* Alternative to callback */ |
| 175 | #define ENGINE_CTRL_SET_CALLBACK_DATA 5 /* User-specific data, used | 182 | #define ENGINE_CTRL_SET_CALLBACK_DATA 5 /* User-specific data, used |
| 176 | when calling the password | 183 | when calling the password |
| 177 | callback and the user | 184 | callback and the user |
| 178 | interface */ | 185 | interface */ |
| 186 | #define ENGINE_CTRL_LOAD_CONFIGURATION 6 /* Load a configuration, given | ||
| 187 | a string that represents a | ||
| 188 | file name or so */ | ||
| 189 | #define ENGINE_CTRL_LOAD_SECTION 7 /* Load data from a given | ||
| 190 | section in the already loaded | ||
| 191 | configuration */ | ||
| 179 | 192 | ||
| 180 | /* These control commands allow an application to deal with an arbitrary engine | 193 | /* These control commands allow an application to deal with an arbitrary engine |
| 181 | * in a dynamic way. Warn: Negative return values indicate errors FOR THESE | 194 | * in a dynamic way. Warn: Negative return values indicate errors FOR THESE |
| @@ -222,7 +235,7 @@ typedef void DH_METHOD; | |||
| 222 | 235 | ||
| 223 | /* ENGINE implementations should start the numbering of their own control | 236 | /* ENGINE implementations should start the numbering of their own control |
| 224 | * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */ | 237 | * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */ |
| 225 | #define ENGINE_CMD_BASE 200 | 238 | #define ENGINE_CMD_BASE 200 |
| 226 | 239 | ||
| 227 | /* NB: These 2 nCipher "chil" control commands are deprecated, and their | 240 | /* NB: These 2 nCipher "chil" control commands are deprecated, and their |
| 228 | * functionality is now available through ENGINE-specific control commands | 241 | * functionality is now available through ENGINE-specific control commands |
| @@ -257,11 +270,11 @@ typedef struct ENGINE_CMD_DEFN_st | |||
| 257 | } ENGINE_CMD_DEFN; | 270 | } ENGINE_CMD_DEFN; |
| 258 | 271 | ||
| 259 | /* Generic function pointer */ | 272 | /* Generic function pointer */ |
| 260 | typedef int (*ENGINE_GEN_FUNC_PTR)(); | 273 | typedef int (*ENGINE_GEN_FUNC_PTR)(void); |
| 261 | /* Generic function pointer taking no arguments */ | 274 | /* Generic function pointer taking no arguments */ |
| 262 | typedef int (*ENGINE_GEN_INT_FUNC_PTR)(ENGINE *); | 275 | typedef int (*ENGINE_GEN_INT_FUNC_PTR)(ENGINE *); |
| 263 | /* Specific control function pointer */ | 276 | /* Specific control function pointer */ |
| 264 | typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, void (*f)()); | 277 | typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, void (*f)(void)); |
| 265 | /* Generic load_key function pointer */ | 278 | /* Generic load_key function pointer */ |
| 266 | typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *, | 279 | typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *, |
| 267 | UI_METHOD *ui_method, void *callback_data); | 280 | UI_METHOD *ui_method, void *callback_data); |
| @@ -305,15 +318,21 @@ ENGINE *ENGINE_by_id(const char *id); | |||
| 305 | /* Add all the built-in engines. */ | 318 | /* Add all the built-in engines. */ |
| 306 | void ENGINE_load_openssl(void); | 319 | void ENGINE_load_openssl(void); |
| 307 | void ENGINE_load_dynamic(void); | 320 | void ENGINE_load_dynamic(void); |
| 308 | void ENGINE_load_cswift(void); | 321 | #ifndef OPENSSL_NO_STATIC_ENGINE |
| 309 | void ENGINE_load_chil(void); | 322 | void ENGINE_load_4758cca(void); |
| 323 | void ENGINE_load_aep(void); | ||
| 310 | void ENGINE_load_atalla(void); | 324 | void ENGINE_load_atalla(void); |
| 325 | void ENGINE_load_chil(void); | ||
| 326 | void ENGINE_load_cswift(void); | ||
| 327 | #ifndef OPENSSL_NO_GMP | ||
| 328 | void ENGINE_load_gmp(void); | ||
| 329 | #endif | ||
| 311 | void ENGINE_load_nuron(void); | 330 | void ENGINE_load_nuron(void); |
| 312 | void ENGINE_load_ubsec(void); | ||
| 313 | void ENGINE_load_aep(void); | ||
| 314 | void ENGINE_load_sureware(void); | 331 | void ENGINE_load_sureware(void); |
| 315 | void ENGINE_load_4758cca(void); | 332 | void ENGINE_load_ubsec(void); |
| 333 | #endif | ||
| 316 | void ENGINE_load_cryptodev(void); | 334 | void ENGINE_load_cryptodev(void); |
| 335 | void ENGINE_load_padlock(void); | ||
| 317 | void ENGINE_load_builtin_engines(void); | 336 | void ENGINE_load_builtin_engines(void); |
| 318 | 337 | ||
| 319 | /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation | 338 | /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation |
| @@ -337,6 +356,14 @@ int ENGINE_register_DSA(ENGINE *e); | |||
| 337 | void ENGINE_unregister_DSA(ENGINE *e); | 356 | void ENGINE_unregister_DSA(ENGINE *e); |
| 338 | void ENGINE_register_all_DSA(void); | 357 | void ENGINE_register_all_DSA(void); |
| 339 | 358 | ||
| 359 | int ENGINE_register_ECDH(ENGINE *e); | ||
| 360 | void ENGINE_unregister_ECDH(ENGINE *e); | ||
| 361 | void ENGINE_register_all_ECDH(void); | ||
| 362 | |||
| 363 | int ENGINE_register_ECDSA(ENGINE *e); | ||
| 364 | void ENGINE_unregister_ECDSA(ENGINE *e); | ||
| 365 | void ENGINE_register_all_ECDSA(void); | ||
| 366 | |||
| 340 | int ENGINE_register_DH(ENGINE *e); | 367 | int ENGINE_register_DH(ENGINE *e); |
| 341 | void ENGINE_unregister_DH(ENGINE *e); | 368 | void ENGINE_unregister_DH(ENGINE *e); |
| 342 | void ENGINE_register_all_DH(void); | 369 | void ENGINE_register_all_DH(void); |
| @@ -345,6 +372,10 @@ int ENGINE_register_RAND(ENGINE *e); | |||
| 345 | void ENGINE_unregister_RAND(ENGINE *e); | 372 | void ENGINE_unregister_RAND(ENGINE *e); |
| 346 | void ENGINE_register_all_RAND(void); | 373 | void ENGINE_register_all_RAND(void); |
| 347 | 374 | ||
| 375 | int ENGINE_register_STORE(ENGINE *e); | ||
| 376 | void ENGINE_unregister_STORE(ENGINE *e); | ||
| 377 | void ENGINE_register_all_STORE(void); | ||
| 378 | |||
| 348 | int ENGINE_register_ciphers(ENGINE *e); | 379 | int ENGINE_register_ciphers(ENGINE *e); |
| 349 | void ENGINE_unregister_ciphers(ENGINE *e); | 380 | void ENGINE_unregister_ciphers(ENGINE *e); |
| 350 | void ENGINE_register_all_ciphers(void); | 381 | void ENGINE_register_all_ciphers(void); |
| @@ -367,7 +398,7 @@ int ENGINE_register_all_complete(void); | |||
| 367 | * reference to an engine, but many control commands may require the engine be | 398 | * reference to an engine, but many control commands may require the engine be |
| 368 | * functional. The caller should be aware of trying commands that require an | 399 | * functional. The caller should be aware of trying commands that require an |
| 369 | * operational ENGINE, and only use functional references in such situations. */ | 400 | * operational ENGINE, and only use functional references in such situations. */ |
| 370 | int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); | 401 | int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); |
| 371 | 402 | ||
| 372 | /* This function tests if an ENGINE-specific command is usable as a "setting". | 403 | /* This function tests if an ENGINE-specific command is usable as a "setting". |
| 373 | * Eg. in an application's config file that gets processed through | 404 | * Eg. in an application's config file that gets processed through |
| @@ -380,7 +411,7 @@ int ENGINE_cmd_is_executable(ENGINE *e, int cmd); | |||
| 380 | * See the comment on ENGINE_ctrl_cmd_string() for an explanation on how to | 411 | * See the comment on ENGINE_ctrl_cmd_string() for an explanation on how to |
| 381 | * use the cmd_name and cmd_optional. */ | 412 | * use the cmd_name and cmd_optional. */ |
| 382 | int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, | 413 | int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, |
| 383 | long i, void *p, void (*f)(), int cmd_optional); | 414 | long i, void *p, void (*f)(void), int cmd_optional); |
| 384 | 415 | ||
| 385 | /* This function passes a command-name and argument to an ENGINE. The cmd_name | 416 | /* This function passes a command-name and argument to an ENGINE. The cmd_name |
| 386 | * is converted to a command number and the control command is called using | 417 | * is converted to a command number and the control command is called using |
| @@ -417,8 +448,11 @@ int ENGINE_set_id(ENGINE *e, const char *id); | |||
| 417 | int ENGINE_set_name(ENGINE *e, const char *name); | 448 | int ENGINE_set_name(ENGINE *e, const char *name); |
| 418 | int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); | 449 | int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); |
| 419 | int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); | 450 | int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); |
| 451 | int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth); | ||
| 452 | int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth); | ||
| 420 | int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth); | 453 | int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth); |
| 421 | int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth); | 454 | int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth); |
| 455 | int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth); | ||
| 422 | int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f); | 456 | int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f); |
| 423 | int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f); | 457 | int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f); |
| 424 | int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f); | 458 | int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f); |
| @@ -429,11 +463,11 @@ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); | |||
| 429 | int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); | 463 | int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); |
| 430 | int ENGINE_set_flags(ENGINE *e, int flags); | 464 | int ENGINE_set_flags(ENGINE *e, int flags); |
| 431 | int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns); | 465 | int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns); |
| 432 | /* These functions (and the "get" function lower down) allow control over any | 466 | /* These functions allow control over any per-structure ENGINE data. */ |
| 433 | * per-structure ENGINE data. */ | ||
| 434 | int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, | 467 | int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, |
| 435 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); | 468 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); |
| 436 | int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg); | 469 | int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg); |
| 470 | void *ENGINE_get_ex_data(const ENGINE *e, int idx); | ||
| 437 | 471 | ||
| 438 | /* This function cleans up anything that needs it. Eg. the ENGINE_add() function | 472 | /* This function cleans up anything that needs it. Eg. the ENGINE_add() function |
| 439 | * automatically ensures the list cleanup function is registered to be called | 473 | * automatically ensures the list cleanup function is registered to be called |
| @@ -449,8 +483,11 @@ const char *ENGINE_get_id(const ENGINE *e); | |||
| 449 | const char *ENGINE_get_name(const ENGINE *e); | 483 | const char *ENGINE_get_name(const ENGINE *e); |
| 450 | const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e); | 484 | const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e); |
| 451 | const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e); | 485 | const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e); |
| 486 | const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e); | ||
| 487 | const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e); | ||
| 452 | const DH_METHOD *ENGINE_get_DH(const ENGINE *e); | 488 | const DH_METHOD *ENGINE_get_DH(const ENGINE *e); |
| 453 | const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e); | 489 | const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e); |
| 490 | const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e); | ||
| 454 | ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e); | 491 | ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e); |
| 455 | ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e); | 492 | ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e); |
| 456 | ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e); | 493 | ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e); |
| @@ -463,7 +500,6 @@ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid); | |||
| 463 | const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid); | 500 | const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid); |
| 464 | const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e); | 501 | const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e); |
| 465 | int ENGINE_get_flags(const ENGINE *e); | 502 | int ENGINE_get_flags(const ENGINE *e); |
| 466 | void *ENGINE_get_ex_data(const ENGINE *e, int idx); | ||
| 467 | 503 | ||
| 468 | /* FUNCTIONAL functions. These functions deal with ENGINE structures | 504 | /* FUNCTIONAL functions. These functions deal with ENGINE structures |
| 469 | * that have (or will) be initialised for use. Broadly speaking, the | 505 | * that have (or will) be initialised for use. Broadly speaking, the |
| @@ -501,6 +537,8 @@ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, | |||
| 501 | ENGINE *ENGINE_get_default_RSA(void); | 537 | ENGINE *ENGINE_get_default_RSA(void); |
| 502 | /* Same for the other "methods" */ | 538 | /* Same for the other "methods" */ |
| 503 | ENGINE *ENGINE_get_default_DSA(void); | 539 | ENGINE *ENGINE_get_default_DSA(void); |
| 540 | ENGINE *ENGINE_get_default_ECDH(void); | ||
| 541 | ENGINE *ENGINE_get_default_ECDSA(void); | ||
| 504 | ENGINE *ENGINE_get_default_DH(void); | 542 | ENGINE *ENGINE_get_default_DH(void); |
| 505 | ENGINE *ENGINE_get_default_RAND(void); | 543 | ENGINE *ENGINE_get_default_RAND(void); |
| 506 | /* These functions can be used to get a functional reference to perform | 544 | /* These functions can be used to get a functional reference to perform |
| @@ -516,6 +554,8 @@ int ENGINE_set_default_RSA(ENGINE *e); | |||
| 516 | int ENGINE_set_default_string(ENGINE *e, const char *def_list); | 554 | int ENGINE_set_default_string(ENGINE *e, const char *def_list); |
| 517 | /* Same for the other "methods" */ | 555 | /* Same for the other "methods" */ |
| 518 | int ENGINE_set_default_DSA(ENGINE *e); | 556 | int ENGINE_set_default_DSA(ENGINE *e); |
| 557 | int ENGINE_set_default_ECDH(ENGINE *e); | ||
| 558 | int ENGINE_set_default_ECDSA(ENGINE *e); | ||
| 519 | int ENGINE_set_default_DH(ENGINE *e); | 559 | int ENGINE_set_default_DH(ENGINE *e); |
| 520 | int ENGINE_set_default_RAND(ENGINE *e); | 560 | int ENGINE_set_default_RAND(ENGINE *e); |
| 521 | int ENGINE_set_default_ciphers(ENGINE *e); | 561 | int ENGINE_set_default_ciphers(ENGINE *e); |
| @@ -538,17 +578,20 @@ void ENGINE_add_conf_module(void); | |||
| 538 | /**************************/ | 578 | /**************************/ |
| 539 | 579 | ||
| 540 | /* Binary/behaviour compatibility levels */ | 580 | /* Binary/behaviour compatibility levels */ |
| 541 | #define OSSL_DYNAMIC_VERSION (unsigned long)0x00010200 | 581 | #define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000 |
| 542 | /* Binary versions older than this are too old for us (whether we're a loader or | 582 | /* Binary versions older than this are too old for us (whether we're a loader or |
| 543 | * a loadee) */ | 583 | * a loadee) */ |
| 544 | #define OSSL_DYNAMIC_OLDEST (unsigned long)0x00010200 | 584 | #define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000 |
| 545 | 585 | ||
| 546 | /* When compiling an ENGINE entirely as an external shared library, loadable by | 586 | /* When compiling an ENGINE entirely as an external shared library, loadable by |
| 547 | * the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' structure | 587 | * the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' structure |
| 548 | * type provides the calling application's (or library's) error functionality | 588 | * type provides the calling application's (or library's) error functionality |
| 549 | * and memory management function pointers to the loaded library. These should | 589 | * and memory management function pointers to the loaded library. These should |
| 550 | * be used/set in the loaded library code so that the loading application's | 590 | * be used/set in the loaded library code so that the loading application's |
| 551 | * 'state' will be used/changed in all operations. */ | 591 | * 'state' will be used/changed in all operations. The 'static_state' pointer |
| 592 | * allows the loaded library to know if it shares the same static data as the | ||
| 593 | * calling application (or library), and thus whether these callbacks need to be | ||
| 594 | * set or not. */ | ||
| 552 | typedef void *(*dyn_MEM_malloc_cb)(size_t); | 595 | typedef void *(*dyn_MEM_malloc_cb)(size_t); |
| 553 | typedef void *(*dyn_MEM_realloc_cb)(void *, size_t); | 596 | typedef void *(*dyn_MEM_realloc_cb)(void *, size_t); |
| 554 | typedef void (*dyn_MEM_free_cb)(void *); | 597 | typedef void (*dyn_MEM_free_cb)(void *); |
| @@ -576,6 +619,7 @@ typedef struct st_dynamic_LOCK_fns { | |||
| 576 | } dynamic_LOCK_fns; | 619 | } dynamic_LOCK_fns; |
| 577 | /* The top-level structure */ | 620 | /* The top-level structure */ |
| 578 | typedef struct st_dynamic_fns { | 621 | typedef struct st_dynamic_fns { |
| 622 | void *static_state; | ||
| 579 | const ERR_FNS *err_fns; | 623 | const ERR_FNS *err_fns; |
| 580 | const CRYPTO_EX_DATA_IMPL *ex_data_fns; | 624 | const CRYPTO_EX_DATA_IMPL *ex_data_fns; |
| 581 | dynamic_MEM_fns mem_fns; | 625 | dynamic_MEM_fns mem_fns; |
| @@ -593,7 +637,7 @@ typedef struct st_dynamic_fns { | |||
| 593 | * can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */ | 637 | * can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */ |
| 594 | typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version); | 638 | typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version); |
| 595 | #define IMPLEMENT_DYNAMIC_CHECK_FN() \ | 639 | #define IMPLEMENT_DYNAMIC_CHECK_FN() \ |
| 596 | unsigned long v_check(unsigned long v) { \ | 640 | OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \ |
| 597 | if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \ | 641 | if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \ |
| 598 | return 0; } | 642 | return 0; } |
| 599 | 643 | ||
| @@ -615,24 +659,35 @@ typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version); | |||
| 615 | typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id, | 659 | typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id, |
| 616 | const dynamic_fns *fns); | 660 | const dynamic_fns *fns); |
| 617 | #define IMPLEMENT_DYNAMIC_BIND_FN(fn) \ | 661 | #define IMPLEMENT_DYNAMIC_BIND_FN(fn) \ |
| 662 | OPENSSL_EXPORT \ | ||
| 618 | int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \ | 663 | int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \ |
| 619 | if (ERR_get_implementation() != fns->err_fns) \ | 664 | if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \ |
| 620 | { \ | 665 | if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ |
| 621 | if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ | 666 | fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ |
| 622 | fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ | 667 | return 0; \ |
| 623 | return 0; \ | 668 | CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \ |
| 624 | CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \ | 669 | CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \ |
| 625 | CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \ | 670 | CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \ |
| 626 | CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \ | 671 | CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \ |
| 627 | CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \ | 672 | CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \ |
| 628 | CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \ | 673 | if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ |
| 629 | if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ | 674 | return 0; \ |
| 630 | return 0; \ | 675 | if(!ERR_set_implementation(fns->err_fns)) return 0; \ |
| 631 | if(!ERR_set_implementation(fns->err_fns)) return 0; \ | 676 | skip_cbs: \ |
| 632 | } \ | ||
| 633 | if(!fn(e,id)) return 0; \ | 677 | if(!fn(e,id)) return 0; \ |
| 634 | return 1; } | 678 | return 1; } |
| 635 | 679 | ||
| 680 | /* If the loading application (or library) and the loaded ENGINE library share | ||
| 681 | * the same static data (eg. they're both dynamically linked to the same | ||
| 682 | * libcrypto.so) we need a way to avoid trying to set system callbacks - this | ||
| 683 | * would fail, and for the same reason that it's unnecessary to try. If the | ||
| 684 | * loaded ENGINE has (or gets from through the loader) its own copy of the | ||
| 685 | * libcrypto static data, we will need to set the callbacks. The easiest way to | ||
| 686 | * detect this is to have a function that returns a pointer to some static data | ||
| 687 | * and let the loading application and loaded ENGINE compare their respective | ||
| 688 | * values. */ | ||
| 689 | void *ENGINE_get_static_state(void); | ||
| 690 | |||
| 636 | #if defined(__OpenBSD__) || defined(__FreeBSD__) | 691 | #if defined(__OpenBSD__) || defined(__FreeBSD__) |
| 637 | void ENGINE_setup_bsd_cryptodev(void); | 692 | void ENGINE_setup_bsd_cryptodev(void); |
| 638 | #endif | 693 | #endif |
| @@ -649,6 +704,7 @@ void ERR_load_ENGINE_strings(void); | |||
| 649 | #define ENGINE_F_DYNAMIC_CTRL 180 | 704 | #define ENGINE_F_DYNAMIC_CTRL 180 |
| 650 | #define ENGINE_F_DYNAMIC_GET_DATA_CTX 181 | 705 | #define ENGINE_F_DYNAMIC_GET_DATA_CTX 181 |
| 651 | #define ENGINE_F_DYNAMIC_LOAD 182 | 706 | #define ENGINE_F_DYNAMIC_LOAD 182 |
| 707 | #define ENGINE_F_DYNAMIC_SET_DATA_CTX 183 | ||
| 652 | #define ENGINE_F_ENGINE_ADD 105 | 708 | #define ENGINE_F_ENGINE_ADD 105 |
| 653 | #define ENGINE_F_ENGINE_BY_ID 106 | 709 | #define ENGINE_F_ENGINE_BY_ID 106 |
| 654 | #define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170 | 710 | #define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170 |
| @@ -656,7 +712,7 @@ void ERR_load_ENGINE_strings(void); | |||
| 656 | #define ENGINE_F_ENGINE_CTRL_CMD 178 | 712 | #define ENGINE_F_ENGINE_CTRL_CMD 178 |
| 657 | #define ENGINE_F_ENGINE_CTRL_CMD_STRING 171 | 713 | #define ENGINE_F_ENGINE_CTRL_CMD_STRING 171 |
| 658 | #define ENGINE_F_ENGINE_FINISH 107 | 714 | #define ENGINE_F_ENGINE_FINISH 107 |
| 659 | #define ENGINE_F_ENGINE_FREE 108 | 715 | #define ENGINE_F_ENGINE_FREE_UTIL 108 |
| 660 | #define ENGINE_F_ENGINE_GET_CIPHER 185 | 716 | #define ENGINE_F_ENGINE_GET_CIPHER 185 |
| 661 | #define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177 | 717 | #define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177 |
| 662 | #define ENGINE_F_ENGINE_GET_DIGEST 186 | 718 | #define ENGINE_F_ENGINE_GET_DIGEST 186 |
| @@ -667,7 +723,6 @@ void ERR_load_ENGINE_strings(void); | |||
| 667 | #define ENGINE_F_ENGINE_LIST_REMOVE 121 | 723 | #define ENGINE_F_ENGINE_LIST_REMOVE 121 |
| 668 | #define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 | 724 | #define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 |
| 669 | #define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 | 725 | #define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 |
| 670 | #define ENGINE_F_ENGINE_MODULE_INIT 187 | ||
| 671 | #define ENGINE_F_ENGINE_NEW 122 | 726 | #define ENGINE_F_ENGINE_NEW 122 |
| 672 | #define ENGINE_F_ENGINE_REMOVE 123 | 727 | #define ENGINE_F_ENGINE_REMOVE 123 |
| 673 | #define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 | 728 | #define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 |
| @@ -676,11 +731,12 @@ void ERR_load_ENGINE_strings(void); | |||
| 676 | #define ENGINE_F_ENGINE_SET_NAME 130 | 731 | #define ENGINE_F_ENGINE_SET_NAME 130 |
| 677 | #define ENGINE_F_ENGINE_TABLE_REGISTER 184 | 732 | #define ENGINE_F_ENGINE_TABLE_REGISTER 184 |
| 678 | #define ENGINE_F_ENGINE_UNLOAD_KEY 152 | 733 | #define ENGINE_F_ENGINE_UNLOAD_KEY 152 |
| 734 | #define ENGINE_F_ENGINE_UNLOCKED_FINISH 191 | ||
| 679 | #define ENGINE_F_ENGINE_UP_REF 190 | 735 | #define ENGINE_F_ENGINE_UP_REF 190 |
| 680 | #define ENGINE_F_INT_CTRL_HELPER 172 | 736 | #define ENGINE_F_INT_CTRL_HELPER 172 |
| 681 | #define ENGINE_F_INT_ENGINE_CONFIGURE 188 | 737 | #define ENGINE_F_INT_ENGINE_CONFIGURE 188 |
| 738 | #define ENGINE_F_INT_ENGINE_MODULE_INIT 187 | ||
| 682 | #define ENGINE_F_LOG_MESSAGE 141 | 739 | #define ENGINE_F_LOG_MESSAGE 141 |
| 683 | #define ENGINE_F_SET_DATA_CTX 183 | ||
| 684 | 740 | ||
| 685 | /* Reason codes. */ | 741 | /* Reason codes. */ |
| 686 | #define ENGINE_R_ALREADY_LOADED 100 | 742 | #define ENGINE_R_ALREADY_LOADED 100 |
diff --git a/src/lib/libcrypto/engine/enginetest.c b/src/lib/libcrypto/engine/enginetest.c index c2d0297392..cf82f490db 100644 --- a/src/lib/libcrypto/engine/enginetest.c +++ b/src/lib/libcrypto/engine/enginetest.c | |||
| @@ -72,7 +72,7 @@ int main(int argc, char *argv[]) | |||
| 72 | #include <openssl/engine.h> | 72 | #include <openssl/engine.h> |
| 73 | #include <openssl/err.h> | 73 | #include <openssl/err.h> |
| 74 | 74 | ||
| 75 | static void display_engine_list() | 75 | static void display_engine_list(void) |
| 76 | { | 76 | { |
| 77 | ENGINE *h; | 77 | ENGINE *h; |
| 78 | int loop; | 78 | int loop; |
diff --git a/src/lib/libcrypto/engine/tb_cipher.c b/src/lib/libcrypto/engine/tb_cipher.c index 50b3cec1fa..177fc1fb73 100644 --- a/src/lib/libcrypto/engine/tb_cipher.c +++ b/src/lib/libcrypto/engine/tb_cipher.c | |||
| @@ -52,8 +52,6 @@ | |||
| 52 | * | 52 | * |
| 53 | */ | 53 | */ |
| 54 | 54 | ||
| 55 | #include <openssl/evp.h> | ||
| 56 | #include <openssl/engine.h> | ||
| 57 | #include "eng_int.h" | 55 | #include "eng_int.h" |
| 58 | 56 | ||
| 59 | /* If this symbol is defined then ENGINE_get_cipher_engine(), the function that | 57 | /* If this symbol is defined then ENGINE_get_cipher_engine(), the function that |
diff --git a/src/lib/libcrypto/engine/tb_dh.c b/src/lib/libcrypto/engine/tb_dh.c index e290e1702b..6e9d428761 100644 --- a/src/lib/libcrypto/engine/tb_dh.c +++ b/src/lib/libcrypto/engine/tb_dh.c | |||
| @@ -52,8 +52,6 @@ | |||
| 52 | * | 52 | * |
| 53 | */ | 53 | */ |
| 54 | 54 | ||
| 55 | #include <openssl/evp.h> | ||
| 56 | #include <openssl/engine.h> | ||
| 57 | #include "eng_int.h" | 55 | #include "eng_int.h" |
| 58 | 56 | ||
| 59 | /* If this symbol is defined then ENGINE_get_default_DH(), the function that is | 57 | /* If this symbol is defined then ENGINE_get_default_DH(), the function that is |
diff --git a/src/lib/libcrypto/engine/tb_digest.c b/src/lib/libcrypto/engine/tb_digest.c index e82d2a17c9..d3f4bb2747 100644 --- a/src/lib/libcrypto/engine/tb_digest.c +++ b/src/lib/libcrypto/engine/tb_digest.c | |||
| @@ -52,8 +52,6 @@ | |||
| 52 | * | 52 | * |
| 53 | */ | 53 | */ |
| 54 | 54 | ||
| 55 | #include <openssl/evp.h> | ||
| 56 | #include <openssl/engine.h> | ||
| 57 | #include "eng_int.h" | 55 | #include "eng_int.h" |
| 58 | 56 | ||
| 59 | /* If this symbol is defined then ENGINE_get_digest_engine(), the function that | 57 | /* If this symbol is defined then ENGINE_get_digest_engine(), the function that |
diff --git a/src/lib/libcrypto/engine/tb_dsa.c b/src/lib/libcrypto/engine/tb_dsa.c index 7efe181927..e4674f5f07 100644 --- a/src/lib/libcrypto/engine/tb_dsa.c +++ b/src/lib/libcrypto/engine/tb_dsa.c | |||
| @@ -52,8 +52,6 @@ | |||
| 52 | * | 52 | * |
| 53 | */ | 53 | */ |
| 54 | 54 | ||
| 55 | #include <openssl/evp.h> | ||
| 56 | #include <openssl/engine.h> | ||
| 57 | #include "eng_int.h" | 55 | #include "eng_int.h" |
| 58 | 56 | ||
| 59 | /* If this symbol is defined then ENGINE_get_default_DSA(), the function that is | 57 | /* If this symbol is defined then ENGINE_get_default_DSA(), the function that is |
diff --git a/src/lib/libcrypto/engine/tb_rand.c b/src/lib/libcrypto/engine/tb_rand.c index 69b67111bc..f36f67c0f6 100644 --- a/src/lib/libcrypto/engine/tb_rand.c +++ b/src/lib/libcrypto/engine/tb_rand.c | |||
| @@ -52,8 +52,6 @@ | |||
| 52 | * | 52 | * |
| 53 | */ | 53 | */ |
| 54 | 54 | ||
| 55 | #include <openssl/evp.h> | ||
| 56 | #include <openssl/engine.h> | ||
| 57 | #include "eng_int.h" | 55 | #include "eng_int.h" |
| 58 | 56 | ||
| 59 | /* If this symbol is defined then ENGINE_get_default_RAND(), the function that is | 57 | /* If this symbol is defined then ENGINE_get_default_RAND(), the function that is |
diff --git a/src/lib/libcrypto/engine/tb_rsa.c b/src/lib/libcrypto/engine/tb_rsa.c index fee4867f52..fbc707fd26 100644 --- a/src/lib/libcrypto/engine/tb_rsa.c +++ b/src/lib/libcrypto/engine/tb_rsa.c | |||
| @@ -52,8 +52,6 @@ | |||
| 52 | * | 52 | * |
| 53 | */ | 53 | */ |
| 54 | 54 | ||
| 55 | #include <openssl/evp.h> | ||
| 56 | #include <openssl/engine.h> | ||
| 57 | #include "eng_int.h" | 55 | #include "eng_int.h" |
| 58 | 56 | ||
| 59 | /* If this symbol is defined then ENGINE_get_default_RSA(), the function that is | 57 | /* If this symbol is defined then ENGINE_get_default_RSA(), the function that is |
diff --git a/src/lib/libcrypto/err/err.c b/src/lib/libcrypto/err/err.c index 53687d79ab..b6ff070e8f 100644 --- a/src/lib/libcrypto/err/err.c +++ b/src/lib/libcrypto/err/err.c | |||
| @@ -112,9 +112,9 @@ | |||
| 112 | #include <stdio.h> | 112 | #include <stdio.h> |
| 113 | #include <stdarg.h> | 113 | #include <stdarg.h> |
| 114 | #include <string.h> | 114 | #include <string.h> |
| 115 | #include "cryptlib.h" | ||
| 115 | #include <openssl/lhash.h> | 116 | #include <openssl/lhash.h> |
| 116 | #include <openssl/crypto.h> | 117 | #include <openssl/crypto.h> |
| 117 | #include "cryptlib.h" | ||
| 118 | #include <openssl/buffer.h> | 118 | #include <openssl/buffer.h> |
| 119 | #include <openssl/bio.h> | 119 | #include <openssl/bio.h> |
| 120 | #include <openssl/err.h> | 120 | #include <openssl/err.h> |
| @@ -149,7 +149,7 @@ static ERR_STRING_DATA ERR_str_libraries[]= | |||
| 149 | {ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"}, | 149 | {ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"}, |
| 150 | {ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"}, | 150 | {ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"}, |
| 151 | {ERR_PACK(ERR_LIB_OCSP,0,0) ,"OCSP routines"}, | 151 | {ERR_PACK(ERR_LIB_OCSP,0,0) ,"OCSP routines"}, |
| 152 | {ERR_PACK(ERR_LIB_FIPS,0,0) ,"FIPS routines"}, | 152 | {ERR_PACK(ERR_LIB_CMS,0,0) ,"CMS routines"}, |
| 153 | {0,NULL}, | 153 | {0,NULL}, |
| 154 | }; | 154 | }; |
| 155 | 155 | ||
| @@ -168,7 +168,6 @@ static ERR_STRING_DATA ERR_str_functs[]= | |||
| 168 | #endif | 168 | #endif |
| 169 | {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"}, | 169 | {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"}, |
| 170 | {ERR_PACK(0,SYS_F_FREAD,0), "fread"}, | 170 | {ERR_PACK(0,SYS_F_FREAD,0), "fread"}, |
| 171 | {ERR_PACK(0,SYS_F_GETADDRINFO,0), "getaddrinfo"}, | ||
| 172 | {0,NULL}, | 171 | {0,NULL}, |
| 173 | }; | 172 | }; |
| 174 | 173 | ||
| @@ -210,6 +209,7 @@ static ERR_STRING_DATA ERR_str_reasons[]= | |||
| 210 | {ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a function you should not call"}, | 209 | {ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a function you should not call"}, |
| 211 | {ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"}, | 210 | {ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"}, |
| 212 | {ERR_R_INTERNAL_ERROR ,"internal error"}, | 211 | {ERR_R_INTERNAL_ERROR ,"internal error"}, |
| 212 | {ERR_R_DISABLED ,"called a function that was disabled at compile-time"}, | ||
| 213 | 213 | ||
| 214 | {0,NULL}, | 214 | {0,NULL}, |
| 215 | }; | 215 | }; |
| @@ -542,16 +542,27 @@ static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; | |||
| 542 | * will be returned for SYSerr(), which always gets an errno | 542 | * will be returned for SYSerr(), which always gets an errno |
| 543 | * value and never one of those 'standard' reason codes. */ | 543 | * value and never one of those 'standard' reason codes. */ |
| 544 | 544 | ||
| 545 | static void build_SYS_str_reasons() | 545 | static void build_SYS_str_reasons(void) |
| 546 | { | 546 | { |
| 547 | /* OPENSSL_malloc cannot be used here, use static storage instead */ | 547 | /* OPENSSL_malloc cannot be used here, use static storage instead */ |
| 548 | static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; | 548 | static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; |
| 549 | int i; | 549 | int i; |
| 550 | static int init = 1; | 550 | static int init = 1; |
| 551 | 551 | ||
| 552 | if (!init) return; | 552 | CRYPTO_r_lock(CRYPTO_LOCK_ERR); |
| 553 | 553 | if (!init) | |
| 554 | { | ||
| 555 | CRYPTO_r_unlock(CRYPTO_LOCK_ERR); | ||
| 556 | return; | ||
| 557 | } | ||
| 558 | |||
| 559 | CRYPTO_r_unlock(CRYPTO_LOCK_ERR); | ||
| 554 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | 560 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); |
| 561 | if (!init) | ||
| 562 | { | ||
| 563 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 564 | return; | ||
| 565 | } | ||
| 555 | 566 | ||
| 556 | for (i = 1; i <= NUM_SYS_STR_REASONS; i++) | 567 | for (i = 1; i <= NUM_SYS_STR_REASONS; i++) |
| 557 | { | 568 | { |
| @@ -583,13 +594,24 @@ static void build_SYS_str_reasons() | |||
| 583 | #endif | 594 | #endif |
| 584 | 595 | ||
| 585 | #define err_clear_data(p,i) \ | 596 | #define err_clear_data(p,i) \ |
| 597 | do { \ | ||
| 586 | if (((p)->err_data[i] != NULL) && \ | 598 | if (((p)->err_data[i] != NULL) && \ |
| 587 | (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \ | 599 | (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \ |
| 588 | { \ | 600 | { \ |
| 589 | OPENSSL_free((p)->err_data[i]); \ | 601 | OPENSSL_free((p)->err_data[i]); \ |
| 590 | (p)->err_data[i]=NULL; \ | 602 | (p)->err_data[i]=NULL; \ |
| 591 | } \ | 603 | } \ |
| 592 | (p)->err_data_flags[i]=0; | 604 | (p)->err_data_flags[i]=0; \ |
| 605 | } while(0) | ||
| 606 | |||
| 607 | #define err_clear(p,i) \ | ||
| 608 | do { \ | ||
| 609 | (p)->err_flags[i]=0; \ | ||
| 610 | (p)->err_buffer[i]=0; \ | ||
| 611 | err_clear_data(p,i); \ | ||
| 612 | (p)->err_file[i]=NULL; \ | ||
| 613 | (p)->err_line[i]= -1; \ | ||
| 614 | } while(0) | ||
| 593 | 615 | ||
| 594 | static void ERR_STATE_free(ERR_STATE *s) | 616 | static void ERR_STATE_free(ERR_STATE *s) |
| 595 | { | 617 | { |
| @@ -682,6 +704,7 @@ void ERR_put_error(int lib, int func, int reason, const char *file, | |||
| 682 | es->top=(es->top+1)%ERR_NUM_ERRORS; | 704 | es->top=(es->top+1)%ERR_NUM_ERRORS; |
| 683 | if (es->top == es->bottom) | 705 | if (es->top == es->bottom) |
| 684 | es->bottom=(es->bottom+1)%ERR_NUM_ERRORS; | 706 | es->bottom=(es->bottom+1)%ERR_NUM_ERRORS; |
| 707 | es->err_flags[es->top]=0; | ||
| 685 | es->err_buffer[es->top]=ERR_PACK(lib,func,reason); | 708 | es->err_buffer[es->top]=ERR_PACK(lib,func,reason); |
| 686 | es->err_file[es->top]=file; | 709 | es->err_file[es->top]=file; |
| 687 | es->err_line[es->top]=line; | 710 | es->err_line[es->top]=line; |
| @@ -697,10 +720,7 @@ void ERR_clear_error(void) | |||
| 697 | 720 | ||
| 698 | for (i=0; i<ERR_NUM_ERRORS; i++) | 721 | for (i=0; i<ERR_NUM_ERRORS; i++) |
| 699 | { | 722 | { |
| 700 | es->err_buffer[i]=0; | 723 | err_clear(es,i); |
| 701 | err_clear_data(es,i); | ||
| 702 | es->err_file[i]=NULL; | ||
| 703 | es->err_line[i]= -1; | ||
| 704 | } | 724 | } |
| 705 | es->top=es->bottom=0; | 725 | es->top=es->bottom=0; |
| 706 | } | 726 | } |
| @@ -937,7 +957,7 @@ static unsigned long err_hash(const void *a_void) | |||
| 937 | { | 957 | { |
| 938 | unsigned long ret,l; | 958 | unsigned long ret,l; |
| 939 | 959 | ||
| 940 | l=((ERR_STRING_DATA *)a_void)->error; | 960 | l=((const ERR_STRING_DATA *)a_void)->error; |
| 941 | ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l); | 961 | ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l); |
| 942 | return(ret^ret%19*13); | 962 | return(ret^ret%19*13); |
| 943 | } | 963 | } |
| @@ -945,21 +965,21 @@ static unsigned long err_hash(const void *a_void) | |||
| 945 | /* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b) */ | 965 | /* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b) */ |
| 946 | static int err_cmp(const void *a_void, const void *b_void) | 966 | static int err_cmp(const void *a_void, const void *b_void) |
| 947 | { | 967 | { |
| 948 | return((int)(((ERR_STRING_DATA *)a_void)->error - | 968 | return((int)(((const ERR_STRING_DATA *)a_void)->error - |
| 949 | ((ERR_STRING_DATA *)b_void)->error)); | 969 | ((const ERR_STRING_DATA *)b_void)->error)); |
| 950 | } | 970 | } |
| 951 | 971 | ||
| 952 | /* static unsigned long pid_hash(ERR_STATE *a) */ | 972 | /* static unsigned long pid_hash(ERR_STATE *a) */ |
| 953 | static unsigned long pid_hash(const void *a_void) | 973 | static unsigned long pid_hash(const void *a_void) |
| 954 | { | 974 | { |
| 955 | return(((ERR_STATE *)a_void)->pid*13); | 975 | return(((const ERR_STATE *)a_void)->pid*13); |
| 956 | } | 976 | } |
| 957 | 977 | ||
| 958 | /* static int pid_cmp(ERR_STATE *a, ERR_STATE *b) */ | 978 | /* static int pid_cmp(ERR_STATE *a, ERR_STATE *b) */ |
| 959 | static int pid_cmp(const void *a_void, const void *b_void) | 979 | static int pid_cmp(const void *a_void, const void *b_void) |
| 960 | { | 980 | { |
| 961 | return((int)((long)((ERR_STATE *)a_void)->pid - | 981 | return((int)((long)((const ERR_STATE *)a_void)->pid - |
| 962 | (long)((ERR_STATE *)b_void)->pid)); | 982 | (long)((const ERR_STATE *)b_void)->pid)); |
| 963 | } | 983 | } |
| 964 | 984 | ||
| 965 | void ERR_remove_state(unsigned long pid) | 985 | void ERR_remove_state(unsigned long pid) |
| @@ -1069,7 +1089,7 @@ void ERR_add_error_data(int num, ...) | |||
| 1069 | else | 1089 | else |
| 1070 | str=p; | 1090 | str=p; |
| 1071 | } | 1091 | } |
| 1072 | BUF_strlcat(str,a,s+1); | 1092 | BUF_strlcat(str,a,(size_t)s+1); |
| 1073 | } | 1093 | } |
| 1074 | } | 1094 | } |
| 1075 | ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING); | 1095 | ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING); |
| @@ -1077,3 +1097,33 @@ void ERR_add_error_data(int num, ...) | |||
| 1077 | err: | 1097 | err: |
| 1078 | va_end(args); | 1098 | va_end(args); |
| 1079 | } | 1099 | } |
| 1100 | |||
| 1101 | int ERR_set_mark(void) | ||
| 1102 | { | ||
| 1103 | ERR_STATE *es; | ||
| 1104 | |||
| 1105 | es=ERR_get_state(); | ||
| 1106 | |||
| 1107 | if (es->bottom == es->top) return 0; | ||
| 1108 | es->err_flags[es->top]|=ERR_FLAG_MARK; | ||
| 1109 | return 1; | ||
| 1110 | } | ||
| 1111 | |||
| 1112 | int ERR_pop_to_mark(void) | ||
| 1113 | { | ||
| 1114 | ERR_STATE *es; | ||
| 1115 | |||
| 1116 | es=ERR_get_state(); | ||
| 1117 | |||
| 1118 | while(es->bottom != es->top | ||
| 1119 | && (es->err_flags[es->top] & ERR_FLAG_MARK) == 0) | ||
| 1120 | { | ||
| 1121 | err_clear(es,es->top); | ||
| 1122 | es->top-=1; | ||
| 1123 | if (es->top == -1) es->top=ERR_NUM_ERRORS-1; | ||
| 1124 | } | ||
| 1125 | |||
| 1126 | if (es->bottom == es->top) return 0; | ||
| 1127 | es->err_flags[es->top]&=~ERR_FLAG_MARK; | ||
| 1128 | return 1; | ||
| 1129 | } | ||
diff --git a/src/lib/libcrypto/err/err.h b/src/lib/libcrypto/err/err.h index 2efa18866a..bf28fce492 100644 --- a/src/lib/libcrypto/err/err.h +++ b/src/lib/libcrypto/err/err.h | |||
| @@ -59,11 +59,14 @@ | |||
| 59 | #ifndef HEADER_ERR_H | 59 | #ifndef HEADER_ERR_H |
| 60 | #define HEADER_ERR_H | 60 | #define HEADER_ERR_H |
| 61 | 61 | ||
| 62 | #include <openssl/e_os2.h> | ||
| 63 | |||
| 62 | #ifndef OPENSSL_NO_FP_API | 64 | #ifndef OPENSSL_NO_FP_API |
| 63 | #include <stdio.h> | 65 | #include <stdio.h> |
| 64 | #include <stdlib.h> | 66 | #include <stdlib.h> |
| 65 | #endif | 67 | #endif |
| 66 | 68 | ||
| 69 | #include <openssl/ossl_typ.h> | ||
| 67 | #ifndef OPENSSL_NO_BIO | 70 | #ifndef OPENSSL_NO_BIO |
| 68 | #include <openssl/bio.h> | 71 | #include <openssl/bio.h> |
| 69 | #endif | 72 | #endif |
| @@ -86,10 +89,13 @@ extern "C" { | |||
| 86 | #define ERR_TXT_MALLOCED 0x01 | 89 | #define ERR_TXT_MALLOCED 0x01 |
| 87 | #define ERR_TXT_STRING 0x02 | 90 | #define ERR_TXT_STRING 0x02 |
| 88 | 91 | ||
| 92 | #define ERR_FLAG_MARK 0x01 | ||
| 93 | |||
| 89 | #define ERR_NUM_ERRORS 16 | 94 | #define ERR_NUM_ERRORS 16 |
| 90 | typedef struct err_state_st | 95 | typedef struct err_state_st |
| 91 | { | 96 | { |
| 92 | unsigned long pid; | 97 | unsigned long pid; |
| 98 | int err_flags[ERR_NUM_ERRORS]; | ||
| 93 | unsigned long err_buffer[ERR_NUM_ERRORS]; | 99 | unsigned long err_buffer[ERR_NUM_ERRORS]; |
| 94 | char *err_data[ERR_NUM_ERRORS]; | 100 | char *err_data[ERR_NUM_ERRORS]; |
| 95 | int err_data_flags[ERR_NUM_ERRORS]; | 101 | int err_data_flags[ERR_NUM_ERRORS]; |
| @@ -131,7 +137,10 @@ typedef struct err_state_st | |||
| 131 | #define ERR_LIB_OCSP 39 | 137 | #define ERR_LIB_OCSP 39 |
| 132 | #define ERR_LIB_UI 40 | 138 | #define ERR_LIB_UI 40 |
| 133 | #define ERR_LIB_COMP 41 | 139 | #define ERR_LIB_COMP 41 |
| 134 | #define ERR_LIB_FIPS 42 | 140 | #define ERR_LIB_ECDSA 42 |
| 141 | #define ERR_LIB_ECDH 43 | ||
| 142 | #define ERR_LIB_STORE 44 | ||
| 143 | #define ERR_LIB_CMS 45 | ||
| 135 | 144 | ||
| 136 | #define ERR_LIB_USER 128 | 145 | #define ERR_LIB_USER 128 |
| 137 | 146 | ||
| @@ -160,7 +169,10 @@ typedef struct err_state_st | |||
| 160 | #define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__) | 169 | #define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__) |
| 161 | #define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__) | 170 | #define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__) |
| 162 | #define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__) | 171 | #define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__) |
| 163 | #define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__) | 172 | #define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__) |
| 173 | #define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__) | ||
| 174 | #define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__) | ||
| 175 | #define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__) | ||
| 164 | 176 | ||
| 165 | /* Borland C seems too stupid to be able to shift and do longs in | 177 | /* Borland C seems too stupid to be able to shift and do longs in |
| 166 | * the pre-processor :-( */ | 178 | * the pre-processor :-( */ |
| @@ -185,7 +197,6 @@ typedef struct err_state_st | |||
| 185 | #define SYS_F_WSASTARTUP 9 /* Winsock stuff */ | 197 | #define SYS_F_WSASTARTUP 9 /* Winsock stuff */ |
| 186 | #define SYS_F_OPENDIR 10 | 198 | #define SYS_F_OPENDIR 10 |
| 187 | #define SYS_F_FREAD 11 | 199 | #define SYS_F_FREAD 11 |
| 188 | #define SYS_F_GETADDRINFO 12 | ||
| 189 | 200 | ||
| 190 | 201 | ||
| 191 | /* reasons */ | 202 | /* reasons */ |
| @@ -214,6 +225,9 @@ typedef struct err_state_st | |||
| 214 | #define ERR_R_OCSP_LIB ERR_LIB_OCSP /* 39 */ | 225 | #define ERR_R_OCSP_LIB ERR_LIB_OCSP /* 39 */ |
| 215 | #define ERR_R_UI_LIB ERR_LIB_UI /* 40 */ | 226 | #define ERR_R_UI_LIB ERR_LIB_UI /* 40 */ |
| 216 | #define ERR_R_COMP_LIB ERR_LIB_COMP /* 41 */ | 227 | #define ERR_R_COMP_LIB ERR_LIB_COMP /* 41 */ |
| 228 | #define ERR_R_ECDSA_LIB ERR_LIB_ECDSA /* 42 */ | ||
| 229 | #define ERR_R_ECDH_LIB ERR_LIB_ECDH /* 43 */ | ||
| 230 | #define ERR_R_STORE_LIB ERR_LIB_STORE /* 44 */ | ||
| 217 | 231 | ||
| 218 | #define ERR_R_NESTED_ASN1_ERROR 58 | 232 | #define ERR_R_NESTED_ASN1_ERROR 58 |
| 219 | #define ERR_R_BAD_ASN1_OBJECT_HEADER 59 | 233 | #define ERR_R_BAD_ASN1_OBJECT_HEADER 59 |
| @@ -228,6 +242,7 @@ typedef struct err_state_st | |||
| 228 | #define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL) | 242 | #define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL) |
| 229 | #define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL) | 243 | #define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL) |
| 230 | #define ERR_R_INTERNAL_ERROR (4|ERR_R_FATAL) | 244 | #define ERR_R_INTERNAL_ERROR (4|ERR_R_FATAL) |
| 245 | #define ERR_R_DISABLED (5|ERR_R_FATAL) | ||
| 231 | 246 | ||
| 232 | /* 99 is the maximum possible ERR_R_... code, higher values | 247 | /* 99 is the maximum possible ERR_R_... code, higher values |
| 233 | * are reserved for the individual libraries */ | 248 | * are reserved for the individual libraries */ |
| @@ -286,8 +301,11 @@ void ERR_release_err_state_table(LHASH **hash); | |||
| 286 | 301 | ||
| 287 | int ERR_get_next_error_library(void); | 302 | int ERR_get_next_error_library(void); |
| 288 | 303 | ||
| 289 | /* This opaque type encapsulates the low-level error-state functions */ | 304 | int ERR_set_mark(void); |
| 290 | typedef struct st_ERR_FNS ERR_FNS; | 305 | int ERR_pop_to_mark(void); |
| 306 | |||
| 307 | /* Already defined in ossl_typ.h */ | ||
| 308 | /* typedef struct st_ERR_FNS ERR_FNS; */ | ||
| 291 | /* An application can use this function and provide the return value to loaded | 309 | /* An application can use this function and provide the return value to loaded |
| 292 | * modules that should use the application's ERR state/functionality */ | 310 | * modules that should use the application's ERR state/functionality */ |
| 293 | const ERR_FNS *ERR_get_implementation(void); | 311 | const ERR_FNS *ERR_get_implementation(void); |
diff --git a/src/lib/libcrypto/err/err_all.c b/src/lib/libcrypto/err/err_all.c index 4dc9300892..5813060ce2 100644 --- a/src/lib/libcrypto/err/err_all.c +++ b/src/lib/libcrypto/err/err_all.c | |||
| @@ -73,6 +73,12 @@ | |||
| 73 | #ifndef OPENSSL_NO_DSA | 73 | #ifndef OPENSSL_NO_DSA |
| 74 | #include <openssl/dsa.h> | 74 | #include <openssl/dsa.h> |
| 75 | #endif | 75 | #endif |
| 76 | #ifndef OPENSSL_NO_ECDSA | ||
| 77 | #include <openssl/ecdsa.h> | ||
| 78 | #endif | ||
| 79 | #ifndef OPENSSL_NO_ECDH | ||
| 80 | #include <openssl/ecdh.h> | ||
| 81 | #endif | ||
| 76 | #include <openssl/evp.h> | 82 | #include <openssl/evp.h> |
| 77 | #include <openssl/objects.h> | 83 | #include <openssl/objects.h> |
| 78 | #include <openssl/pem2.h> | 84 | #include <openssl/pem2.h> |
| @@ -85,16 +91,15 @@ | |||
| 85 | #ifndef OPENSSL_NO_ENGINE | 91 | #ifndef OPENSSL_NO_ENGINE |
| 86 | #include <openssl/engine.h> | 92 | #include <openssl/engine.h> |
| 87 | #endif | 93 | #endif |
| 94 | #include <openssl/ui.h> | ||
| 88 | #include <openssl/ocsp.h> | 95 | #include <openssl/ocsp.h> |
| 89 | #include <openssl/err.h> | 96 | #include <openssl/err.h> |
| 90 | #include <openssl/fips.h> | 97 | #ifndef OPENSSL_NO_CMS |
| 98 | #include <openssl/cms.h> | ||
| 99 | #endif | ||
| 91 | 100 | ||
| 92 | void ERR_load_crypto_strings(void) | 101 | void ERR_load_crypto_strings(void) |
| 93 | { | 102 | { |
| 94 | static int done=0; | ||
| 95 | |||
| 96 | if (done) return; | ||
| 97 | done=1; | ||
| 98 | #ifndef OPENSSL_NO_ERR | 103 | #ifndef OPENSSL_NO_ERR |
| 99 | ERR_load_ERR_strings(); /* include error strings for SYSerr */ | 104 | ERR_load_ERR_strings(); /* include error strings for SYSerr */ |
| 100 | ERR_load_BN_strings(); | 105 | ERR_load_BN_strings(); |
| @@ -118,6 +123,12 @@ void ERR_load_crypto_strings(void) | |||
| 118 | #ifndef OPENSSL_NO_EC | 123 | #ifndef OPENSSL_NO_EC |
| 119 | ERR_load_EC_strings(); | 124 | ERR_load_EC_strings(); |
| 120 | #endif | 125 | #endif |
| 126 | #ifndef OPENSSL_NO_ECDSA | ||
| 127 | ERR_load_ECDSA_strings(); | ||
| 128 | #endif | ||
| 129 | #ifndef OPENSSL_NO_ECDH | ||
| 130 | ERR_load_ECDH_strings(); | ||
| 131 | #endif | ||
| 121 | /* skip ERR_load_SSL_strings() because it is not in this library */ | 132 | /* skip ERR_load_SSL_strings() because it is not in this library */ |
| 122 | ERR_load_BIO_strings(); | 133 | ERR_load_BIO_strings(); |
| 123 | ERR_load_PKCS7_strings(); | 134 | ERR_load_PKCS7_strings(); |
| @@ -130,8 +141,8 @@ void ERR_load_crypto_strings(void) | |||
| 130 | #endif | 141 | #endif |
| 131 | ERR_load_OCSP_strings(); | 142 | ERR_load_OCSP_strings(); |
| 132 | ERR_load_UI_strings(); | 143 | ERR_load_UI_strings(); |
| 144 | #ifndef OPENSSL_NO_CMS | ||
| 145 | ERR_load_CMS_strings(); | ||
| 133 | #endif | 146 | #endif |
| 134 | #ifdef OPENSSL_FIPS | ||
| 135 | ERR_load_FIPS_strings(); | ||
| 136 | #endif | 147 | #endif |
| 137 | } | 148 | } |
diff --git a/src/lib/libcrypto/err/err_prn.c b/src/lib/libcrypto/err/err_prn.c index 81e34bd6ce..2224a901e5 100644 --- a/src/lib/libcrypto/err/err_prn.c +++ b/src/lib/libcrypto/err/err_prn.c | |||
| @@ -57,9 +57,9 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | ||
| 60 | #include <openssl/lhash.h> | 61 | #include <openssl/lhash.h> |
| 61 | #include <openssl/crypto.h> | 62 | #include <openssl/crypto.h> |
| 62 | #include "cryptlib.h" | ||
| 63 | #include <openssl/buffer.h> | 63 | #include <openssl/buffer.h> |
| 64 | #include <openssl/err.h> | 64 | #include <openssl/err.h> |
| 65 | 65 | ||
| @@ -86,7 +86,12 @@ void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), | |||
| 86 | #ifndef OPENSSL_NO_FP_API | 86 | #ifndef OPENSSL_NO_FP_API |
| 87 | static int print_fp(const char *str, size_t len, void *fp) | 87 | static int print_fp(const char *str, size_t len, void *fp) |
| 88 | { | 88 | { |
| 89 | return fprintf((FILE *)fp, "%s", str); | 89 | BIO bio; |
| 90 | |||
| 91 | BIO_set(&bio,BIO_s_file()); | ||
| 92 | BIO_set_fp(&bio,fp,BIO_NOCLOSE); | ||
| 93 | |||
| 94 | return BIO_printf(&bio, "%s", str); | ||
| 90 | } | 95 | } |
| 91 | void ERR_print_errors_fp(FILE *fp) | 96 | void ERR_print_errors_fp(FILE *fp) |
| 92 | { | 97 | { |
diff --git a/src/lib/libcrypto/err/openssl.ec b/src/lib/libcrypto/err/openssl.ec index f8cd6937e7..1938f081ac 100644 --- a/src/lib/libcrypto/err/openssl.ec +++ b/src/lib/libcrypto/err/openssl.ec | |||
| @@ -27,11 +27,16 @@ L DSO crypto/dso/dso.h crypto/dso/dso_err.c | |||
| 27 | L ENGINE crypto/engine/engine.h crypto/engine/eng_err.c | 27 | L ENGINE crypto/engine/engine.h crypto/engine/eng_err.c |
| 28 | L OCSP crypto/ocsp/ocsp.h crypto/ocsp/ocsp_err.c | 28 | L OCSP crypto/ocsp/ocsp.h crypto/ocsp/ocsp_err.c |
| 29 | L UI crypto/ui/ui.h crypto/ui/ui_err.c | 29 | L UI crypto/ui/ui.h crypto/ui/ui_err.c |
| 30 | L FIPS fips-1.0/fips.h fips-1.0/fips_err.h | 30 | L COMP crypto/comp/comp.h crypto/comp/comp_err.c |
| 31 | L ECDSA crypto/ecdsa/ecdsa.h crypto/ecdsa/ecs_err.c | ||
| 32 | L ECDH crypto/ecdh/ecdh.h crypto/ecdh/ech_err.c | ||
| 33 | L STORE crypto/store/store.h crypto/store/str_err.c | ||
| 34 | L CMS crypto/cms/cms.h crypto/cms/cms_err.c | ||
| 31 | 35 | ||
| 32 | # additional header files to be scanned for function names | 36 | # additional header files to be scanned for function names |
| 33 | L NONE crypto/x509/x509_vfy.h NONE | 37 | L NONE crypto/x509/x509_vfy.h NONE |
| 34 | L NONE crypto/ec/ec_lcl.h NONE | 38 | L NONE crypto/ec/ec_lcl.h NONE |
| 39 | L NONE crypto/cms/cms_lcl.h NONE | ||
| 35 | 40 | ||
| 36 | 41 | ||
| 37 | F RSAREF_F_RSA_BN2BIN | 42 | F RSAREF_F_RSA_BN2BIN |
diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c index 33349c2f98..fa5cbc7eb1 100644 --- a/src/lib/libcrypto/evp/bio_b64.c +++ b/src/lib/libcrypto/evp/bio_b64.c | |||
| @@ -165,7 +165,7 @@ static int b64_read(BIO *b, char *out, int outl) | |||
| 165 | { | 165 | { |
| 166 | i=ctx->buf_len-ctx->buf_off; | 166 | i=ctx->buf_len-ctx->buf_off; |
| 167 | if (i > outl) i=outl; | 167 | if (i > outl) i=outl; |
| 168 | OPENSSL_assert(ctx->buf_off+i < sizeof ctx->buf); | 168 | OPENSSL_assert(ctx->buf_off+i < (int)sizeof(ctx->buf)); |
| 169 | memcpy(out,&(ctx->buf[ctx->buf_off]),i); | 169 | memcpy(out,&(ctx->buf[ctx->buf_off]),i); |
| 170 | ret=i; | 170 | ret=i; |
| 171 | out+=i; | 171 | out+=i; |
diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c index b8cda1a9f0..f6ac94c6e1 100644 --- a/src/lib/libcrypto/evp/bio_enc.c +++ b/src/lib/libcrypto/evp/bio_enc.c | |||
| @@ -405,8 +405,8 @@ EVP_CIPHER_ctx *c; | |||
| 405 | } | 405 | } |
| 406 | */ | 406 | */ |
| 407 | 407 | ||
| 408 | void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, unsigned char *k, | 408 | void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k, |
| 409 | unsigned char *i, int e) | 409 | const unsigned char *i, int e) |
| 410 | { | 410 | { |
| 411 | BIO_ENC_CTX *ctx; | 411 | BIO_ENC_CTX *ctx; |
| 412 | 412 | ||
diff --git a/src/lib/libcrypto/evp/bio_md.c b/src/lib/libcrypto/evp/bio_md.c index f4aa41ac4b..d648ac6da6 100644 --- a/src/lib/libcrypto/evp/bio_md.c +++ b/src/lib/libcrypto/evp/bio_md.c | |||
| @@ -153,7 +153,7 @@ static int md_write(BIO *b, const char *in, int inl) | |||
| 153 | { | 153 | { |
| 154 | if (ret > 0) | 154 | if (ret > 0) |
| 155 | { | 155 | { |
| 156 | EVP_DigestUpdate(ctx,(unsigned char *)in, | 156 | EVP_DigestUpdate(ctx,(const unsigned char *)in, |
| 157 | (unsigned int)ret); | 157 | (unsigned int)ret); |
| 158 | } | 158 | } |
| 159 | } | 159 | } |
| @@ -192,8 +192,13 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 192 | ret=0; | 192 | ret=0; |
| 193 | break; | 193 | break; |
| 194 | case BIO_C_GET_MD_CTX: | 194 | case BIO_C_GET_MD_CTX: |
| 195 | pctx=ptr; | 195 | if (b->init) |
| 196 | *pctx=ctx; | 196 | { |
| 197 | pctx=ptr; | ||
| 198 | *pctx=ctx; | ||
| 199 | } | ||
| 200 | else | ||
| 201 | ret=0; | ||
| 197 | break; | 202 | break; |
| 198 | case BIO_C_SET_MD_CTX: | 203 | case BIO_C_SET_MD_CTX: |
| 199 | if (b->init) | 204 | if (b->init) |
diff --git a/src/lib/libcrypto/evp/bio_ok.c b/src/lib/libcrypto/evp/bio_ok.c index 4e3f10141b..98bc1ab409 100644 --- a/src/lib/libcrypto/evp/bio_ok.c +++ b/src/lib/libcrypto/evp/bio_ok.c | |||
| @@ -119,6 +119,7 @@ | |||
| 119 | 119 | ||
| 120 | #include <stdio.h> | 120 | #include <stdio.h> |
| 121 | #include <errno.h> | 121 | #include <errno.h> |
| 122 | #include <assert.h> | ||
| 122 | #include "cryptlib.h" | 123 | #include "cryptlib.h" |
| 123 | #include <openssl/buffer.h> | 124 | #include <openssl/buffer.h> |
| 124 | #include <openssl/bio.h> | 125 | #include <openssl/bio.h> |
| @@ -141,22 +142,12 @@ static void block_in(BIO* b); | |||
| 141 | #define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE) | 142 | #define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE) |
| 142 | #define WELLKNOWN "The quick brown fox jumped over the lazy dog's back." | 143 | #define WELLKNOWN "The quick brown fox jumped over the lazy dog's back." |
| 143 | 144 | ||
| 144 | #ifndef L_ENDIAN | ||
| 145 | #define swapem(x) \ | ||
| 146 | ((unsigned long int)((((unsigned long int)(x) & 0x000000ffU) << 24) | \ | ||
| 147 | (((unsigned long int)(x) & 0x0000ff00U) << 8) | \ | ||
| 148 | (((unsigned long int)(x) & 0x00ff0000U) >> 8) | \ | ||
| 149 | (((unsigned long int)(x) & 0xff000000U) >> 24))) | ||
| 150 | #else | ||
| 151 | #define swapem(x) (x) | ||
| 152 | #endif | ||
| 153 | |||
| 154 | typedef struct ok_struct | 145 | typedef struct ok_struct |
| 155 | { | 146 | { |
| 156 | int buf_len; | 147 | size_t buf_len; |
| 157 | int buf_off; | 148 | size_t buf_off; |
| 158 | int buf_len_save; | 149 | size_t buf_len_save; |
| 159 | int buf_off_save; | 150 | size_t buf_off_save; |
| 160 | int cont; /* <= 0 when finished */ | 151 | int cont; /* <= 0 when finished */ |
| 161 | int finished; | 152 | int finished; |
| 162 | EVP_MD_CTX md; | 153 | EVP_MD_CTX md; |
| @@ -295,6 +286,8 @@ static int ok_write(BIO *b, const char *in, int inl) | |||
| 295 | int ret=0,n,i; | 286 | int ret=0,n,i; |
| 296 | BIO_OK_CTX *ctx; | 287 | BIO_OK_CTX *ctx; |
| 297 | 288 | ||
| 289 | if (inl <= 0) return inl; | ||
| 290 | |||
| 298 | ctx=(BIO_OK_CTX *)b->ptr; | 291 | ctx=(BIO_OK_CTX *)b->ptr; |
| 299 | ret=inl; | 292 | ret=inl; |
| 300 | 293 | ||
| @@ -330,7 +323,7 @@ static int ok_write(BIO *b, const char *in, int inl) | |||
| 330 | if ((in == NULL) || (inl <= 0)) return(0); | 323 | if ((in == NULL) || (inl <= 0)) return(0); |
| 331 | 324 | ||
| 332 | n= (inl+ ctx->buf_len > OK_BLOCK_SIZE+ OK_BLOCK_BLOCK) ? | 325 | n= (inl+ ctx->buf_len > OK_BLOCK_SIZE+ OK_BLOCK_BLOCK) ? |
| 333 | OK_BLOCK_SIZE+ OK_BLOCK_BLOCK- ctx->buf_len : inl; | 326 | (int)(OK_BLOCK_SIZE+OK_BLOCK_BLOCK-ctx->buf_len) : inl; |
| 334 | 327 | ||
| 335 | memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])),(unsigned char *)in,n); | 328 | memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])),(unsigned char *)in,n); |
| 336 | ctx->buf_len+= n; | 329 | ctx->buf_len+= n; |
| @@ -448,16 +441,18 @@ static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) | |||
| 448 | return(ret); | 441 | return(ret); |
| 449 | } | 442 | } |
| 450 | 443 | ||
| 451 | static void longswap(void *_ptr, int len) | 444 | static void longswap(void *_ptr, size_t len) |
| 452 | { | 445 | { const union { long one; char little; } is_endian = {1}; |
| 453 | #ifndef L_ENDIAN | ||
| 454 | int i; | ||
| 455 | char *ptr=_ptr; | ||
| 456 | 446 | ||
| 457 | for(i= 0;i < len;i+= 4){ | 447 | if (is_endian.little) { |
| 458 | *((unsigned long *)&(ptr[i]))= swapem(*((unsigned long *)&(ptr[i]))); | 448 | size_t i; |
| 449 | unsigned char *p=_ptr,c; | ||
| 450 | |||
| 451 | for(i= 0;i < len;i+= 4) { | ||
| 452 | c=p[0],p[0]=p[3],p[3]=c; | ||
| 453 | c=p[1],p[1]=p[2],p[2]=c; | ||
| 454 | } | ||
| 459 | } | 455 | } |
| 460 | #endif | ||
| 461 | } | 456 | } |
| 462 | 457 | ||
| 463 | static void sig_out(BIO* b) | 458 | static void sig_out(BIO* b) |
| @@ -496,7 +491,7 @@ static void sig_in(BIO* b) | |||
| 496 | ctx=b->ptr; | 491 | ctx=b->ptr; |
| 497 | md=&ctx->md; | 492 | md=&ctx->md; |
| 498 | 493 | ||
| 499 | if(ctx->buf_len- ctx->buf_off < 2* md->digest->md_size) return; | 494 | if((int)(ctx->buf_len-ctx->buf_off) < 2*md->digest->md_size) return; |
| 500 | 495 | ||
| 501 | EVP_DigestInit_ex(md, md->digest, NULL); | 496 | EVP_DigestInit_ex(md, md->digest, NULL); |
| 502 | memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size); | 497 | memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size); |
| @@ -533,9 +528,10 @@ static void block_out(BIO* b) | |||
| 533 | md=&ctx->md; | 528 | md=&ctx->md; |
| 534 | 529 | ||
| 535 | tl= ctx->buf_len- OK_BLOCK_BLOCK; | 530 | tl= ctx->buf_len- OK_BLOCK_BLOCK; |
| 536 | tl= swapem(tl); | 531 | ctx->buf[0]=(unsigned char)(tl>>24); |
| 537 | memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK); | 532 | ctx->buf[1]=(unsigned char)(tl>>16); |
| 538 | tl= swapem(tl); | 533 | ctx->buf[2]=(unsigned char)(tl>>8); |
| 534 | ctx->buf[3]=(unsigned char)(tl); | ||
| 539 | EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); | 535 | EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); |
| 540 | EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL); | 536 | EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL); |
| 541 | ctx->buf_len+= md->digest->md_size; | 537 | ctx->buf_len+= md->digest->md_size; |
| @@ -546,14 +542,18 @@ static void block_in(BIO* b) | |||
| 546 | { | 542 | { |
| 547 | BIO_OK_CTX *ctx; | 543 | BIO_OK_CTX *ctx; |
| 548 | EVP_MD_CTX *md; | 544 | EVP_MD_CTX *md; |
| 549 | long tl= 0; | 545 | unsigned long tl= 0; |
| 550 | unsigned char tmp[EVP_MAX_MD_SIZE]; | 546 | unsigned char tmp[EVP_MAX_MD_SIZE]; |
| 551 | 547 | ||
| 552 | ctx=b->ptr; | 548 | ctx=b->ptr; |
| 553 | md=&ctx->md; | 549 | md=&ctx->md; |
| 554 | 550 | ||
| 555 | memcpy(&tl, ctx->buf, OK_BLOCK_BLOCK); | 551 | assert(sizeof(tl)>=OK_BLOCK_BLOCK); /* always true */ |
| 556 | tl= swapem(tl); | 552 | tl =ctx->buf[0]; tl<<=8; |
| 553 | tl|=ctx->buf[1]; tl<<=8; | ||
| 554 | tl|=ctx->buf[2]; tl<<=8; | ||
| 555 | tl|=ctx->buf[3]; | ||
| 556 | |||
| 557 | if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return; | 557 | if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return; |
| 558 | 558 | ||
| 559 | EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); | 559 | EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); |
diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c index fa60a73ead..a5da52e62d 100644 --- a/src/lib/libcrypto/evp/c_all.c +++ b/src/lib/libcrypto/evp/c_all.c | |||
| @@ -74,6 +74,12 @@ void OpenSSL_add_all_algorithms(void) | |||
| 74 | 74 | ||
| 75 | void OPENSSL_add_all_algorithms_noconf(void) | 75 | void OPENSSL_add_all_algorithms_noconf(void) |
| 76 | { | 76 | { |
| 77 | /* | ||
| 78 | * For the moment OPENSSL_cpuid_setup does something | ||
| 79 | * only on IA-32, but we reserve the option for all | ||
| 80 | * platforms... | ||
| 81 | */ | ||
| 82 | OPENSSL_cpuid_setup(); | ||
| 77 | OpenSSL_add_all_ciphers(); | 83 | OpenSSL_add_all_ciphers(); |
| 78 | OpenSSL_add_all_digests(); | 84 | OpenSSL_add_all_digests(); |
| 79 | #ifndef OPENSSL_NO_ENGINE | 85 | #ifndef OPENSSL_NO_ENGINE |
diff --git a/src/lib/libcrypto/evp/c_allc.c b/src/lib/libcrypto/evp/c_allc.c index fc96812365..7054d8125d 100644 --- a/src/lib/libcrypto/evp/c_allc.c +++ b/src/lib/libcrypto/evp/c_allc.c | |||
| @@ -107,6 +107,15 @@ void OpenSSL_add_all_ciphers(void) | |||
| 107 | EVP_add_cipher_alias(SN_idea_cbc,"idea"); | 107 | EVP_add_cipher_alias(SN_idea_cbc,"idea"); |
| 108 | #endif | 108 | #endif |
| 109 | 109 | ||
| 110 | #ifndef OPENSSL_NO_SEED | ||
| 111 | EVP_add_cipher(EVP_seed_ecb()); | ||
| 112 | EVP_add_cipher(EVP_seed_cfb()); | ||
| 113 | EVP_add_cipher(EVP_seed_ofb()); | ||
| 114 | EVP_add_cipher(EVP_seed_cbc()); | ||
| 115 | EVP_add_cipher_alias(SN_seed_cbc,"SEED"); | ||
| 116 | EVP_add_cipher_alias(SN_seed_cbc,"seed"); | ||
| 117 | #endif | ||
| 118 | |||
| 110 | #ifndef OPENSSL_NO_RC2 | 119 | #ifndef OPENSSL_NO_RC2 |
| 111 | EVP_add_cipher(EVP_rc2_ecb()); | 120 | EVP_add_cipher(EVP_rc2_ecb()); |
| 112 | EVP_add_cipher(EVP_rc2_cfb()); | 121 | EVP_add_cipher(EVP_rc2_cfb()); |
| @@ -183,6 +192,34 @@ void OpenSSL_add_all_ciphers(void) | |||
| 183 | EVP_add_cipher_alias(SN_aes_256_cbc,"AES256"); | 192 | EVP_add_cipher_alias(SN_aes_256_cbc,"AES256"); |
| 184 | EVP_add_cipher_alias(SN_aes_256_cbc,"aes256"); | 193 | EVP_add_cipher_alias(SN_aes_256_cbc,"aes256"); |
| 185 | #endif | 194 | #endif |
| 195 | |||
| 196 | #ifndef OPENSSL_NO_CAMELLIA | ||
| 197 | EVP_add_cipher(EVP_camellia_128_ecb()); | ||
| 198 | EVP_add_cipher(EVP_camellia_128_cbc()); | ||
| 199 | EVP_add_cipher(EVP_camellia_128_cfb()); | ||
| 200 | EVP_add_cipher(EVP_camellia_128_cfb1()); | ||
| 201 | EVP_add_cipher(EVP_camellia_128_cfb8()); | ||
| 202 | EVP_add_cipher(EVP_camellia_128_ofb()); | ||
| 203 | EVP_add_cipher_alias(SN_camellia_128_cbc,"CAMELLIA128"); | ||
| 204 | EVP_add_cipher_alias(SN_camellia_128_cbc,"camellia128"); | ||
| 205 | EVP_add_cipher(EVP_camellia_192_ecb()); | ||
| 206 | EVP_add_cipher(EVP_camellia_192_cbc()); | ||
| 207 | EVP_add_cipher(EVP_camellia_192_cfb()); | ||
| 208 | EVP_add_cipher(EVP_camellia_192_cfb1()); | ||
| 209 | EVP_add_cipher(EVP_camellia_192_cfb8()); | ||
| 210 | EVP_add_cipher(EVP_camellia_192_ofb()); | ||
| 211 | EVP_add_cipher_alias(SN_camellia_192_cbc,"CAMELLIA192"); | ||
| 212 | EVP_add_cipher_alias(SN_camellia_192_cbc,"camellia192"); | ||
| 213 | EVP_add_cipher(EVP_camellia_256_ecb()); | ||
| 214 | EVP_add_cipher(EVP_camellia_256_cbc()); | ||
| 215 | EVP_add_cipher(EVP_camellia_256_cfb()); | ||
| 216 | EVP_add_cipher(EVP_camellia_256_cfb1()); | ||
| 217 | EVP_add_cipher(EVP_camellia_256_cfb8()); | ||
| 218 | EVP_add_cipher(EVP_camellia_256_ofb()); | ||
| 219 | EVP_add_cipher_alias(SN_camellia_256_cbc,"CAMELLIA256"); | ||
| 220 | EVP_add_cipher_alias(SN_camellia_256_cbc,"camellia256"); | ||
| 221 | #endif | ||
| 222 | |||
| 186 | PKCS12_PBE_add(); | 223 | PKCS12_PBE_add(); |
| 187 | PKCS5_PBE_add(); | 224 | PKCS5_PBE_add(); |
| 188 | } | 225 | } |
diff --git a/src/lib/libcrypto/evp/c_alld.c b/src/lib/libcrypto/evp/c_alld.c index 929ea56a3e..d270b0ee03 100644 --- a/src/lib/libcrypto/evp/c_alld.c +++ b/src/lib/libcrypto/evp/c_alld.c | |||
| @@ -91,6 +91,9 @@ void OpenSSL_add_all_digests(void) | |||
| 91 | EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1"); | 91 | EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1"); |
| 92 | EVP_add_digest_alias(SN_dsaWithSHA1,"dss1"); | 92 | EVP_add_digest_alias(SN_dsaWithSHA1,"dss1"); |
| 93 | #endif | 93 | #endif |
| 94 | #ifndef OPENSSL_NO_ECDSA | ||
| 95 | EVP_add_digest(EVP_ecdsa()); | ||
| 96 | #endif | ||
| 94 | #endif | 97 | #endif |
| 95 | #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) | 98 | #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) |
| 96 | EVP_add_digest(EVP_mdc2()); | 99 | EVP_add_digest(EVP_mdc2()); |
| @@ -100,7 +103,6 @@ void OpenSSL_add_all_digests(void) | |||
| 100 | EVP_add_digest_alias(SN_ripemd160,"ripemd"); | 103 | EVP_add_digest_alias(SN_ripemd160,"ripemd"); |
| 101 | EVP_add_digest_alias(SN_ripemd160,"rmd160"); | 104 | EVP_add_digest_alias(SN_ripemd160,"rmd160"); |
| 102 | #endif | 105 | #endif |
| 103 | #ifdef OPENSSL_FIPS | ||
| 104 | #ifndef OPENSSL_NO_SHA256 | 106 | #ifndef OPENSSL_NO_SHA256 |
| 105 | EVP_add_digest(EVP_sha224()); | 107 | EVP_add_digest(EVP_sha224()); |
| 106 | EVP_add_digest(EVP_sha256()); | 108 | EVP_add_digest(EVP_sha256()); |
| @@ -109,5 +111,4 @@ void OpenSSL_add_all_digests(void) | |||
| 109 | EVP_add_digest(EVP_sha384()); | 111 | EVP_add_digest(EVP_sha384()); |
| 110 | EVP_add_digest(EVP_sha512()); | 112 | EVP_add_digest(EVP_sha512()); |
| 111 | #endif | 113 | #endif |
| 112 | #endif | ||
| 113 | } | 114 | } |
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c index f21c63842c..762e6d3450 100644 --- a/src/lib/libcrypto/evp/digest.c +++ b/src/lib/libcrypto/evp/digest.c | |||
| @@ -137,39 +137,6 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) | |||
| 137 | return EVP_DigestInit_ex(ctx, type, NULL); | 137 | return EVP_DigestInit_ex(ctx, type, NULL); |
| 138 | } | 138 | } |
| 139 | 139 | ||
| 140 | #ifdef OPENSSL_FIPS | ||
| 141 | |||
| 142 | /* The purpose of these is to trap programs that attempt to use non FIPS | ||
| 143 | * algorithms in FIPS mode and ignore the errors. | ||
| 144 | */ | ||
| 145 | |||
| 146 | static int bad_init(EVP_MD_CTX *ctx) | ||
| 147 | { FIPS_ERROR_IGNORED("Digest init"); return 0;} | ||
| 148 | |||
| 149 | static int bad_update(EVP_MD_CTX *ctx,const void *data,unsigned long count) | ||
| 150 | { FIPS_ERROR_IGNORED("Digest update"); return 0;} | ||
| 151 | |||
| 152 | static int bad_final(EVP_MD_CTX *ctx,unsigned char *md) | ||
| 153 | { FIPS_ERROR_IGNORED("Digest Final"); return 0;} | ||
| 154 | |||
| 155 | static const EVP_MD bad_md = | ||
| 156 | { | ||
| 157 | 0, | ||
| 158 | 0, | ||
| 159 | 0, | ||
| 160 | 0, | ||
| 161 | bad_init, | ||
| 162 | bad_update, | ||
| 163 | bad_final, | ||
| 164 | NULL, | ||
| 165 | NULL, | ||
| 166 | NULL, | ||
| 167 | 0, | ||
| 168 | {0,0,0,0}, | ||
| 169 | }; | ||
| 170 | |||
| 171 | #endif | ||
| 172 | |||
| 173 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | 140 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) |
| 174 | { | 141 | { |
| 175 | EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); | 142 | EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); |
| @@ -192,7 +159,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | |||
| 192 | { | 159 | { |
| 193 | if (!ENGINE_init(impl)) | 160 | if (!ENGINE_init(impl)) |
| 194 | { | 161 | { |
| 195 | EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR); | 162 | EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); |
| 196 | return 0; | 163 | return 0; |
| 197 | } | 164 | } |
| 198 | } | 165 | } |
| @@ -206,7 +173,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | |||
| 206 | if(!d) | 173 | if(!d) |
| 207 | { | 174 | { |
| 208 | /* Same comment from evp_enc.c */ | 175 | /* Same comment from evp_enc.c */ |
| 209 | EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR); | 176 | EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); |
| 210 | return 0; | 177 | return 0; |
| 211 | } | 178 | } |
| 212 | /* We'll use the ENGINE's private digest definition */ | 179 | /* We'll use the ENGINE's private digest definition */ |
| @@ -222,24 +189,12 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | |||
| 222 | else | 189 | else |
| 223 | if(!ctx->digest) | 190 | if(!ctx->digest) |
| 224 | { | 191 | { |
| 225 | EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET); | 192 | EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_NO_DIGEST_SET); |
| 226 | return 0; | 193 | return 0; |
| 227 | } | 194 | } |
| 228 | #endif | 195 | #endif |
| 229 | if (ctx->digest != type) | 196 | if (ctx->digest != type) |
| 230 | { | 197 | { |
| 231 | #ifdef OPENSSL_FIPS | ||
| 232 | if (FIPS_mode()) | ||
| 233 | { | ||
| 234 | if (!(type->flags & EVP_MD_FLAG_FIPS) | ||
| 235 | && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) | ||
| 236 | { | ||
| 237 | EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_DISABLED_FOR_FIPS); | ||
| 238 | ctx->digest = &bad_md; | ||
| 239 | return 0; | ||
| 240 | } | ||
| 241 | } | ||
| 242 | #endif | ||
| 243 | if (ctx->digest && ctx->digest->ctx_size) | 198 | if (ctx->digest && ctx->digest->ctx_size) |
| 244 | OPENSSL_free(ctx->md_data); | 199 | OPENSSL_free(ctx->md_data); |
| 245 | ctx->digest=type; | 200 | ctx->digest=type; |
| @@ -253,9 +208,9 @@ skip_to_init: | |||
| 253 | } | 208 | } |
| 254 | 209 | ||
| 255 | int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, | 210 | int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, |
| 256 | unsigned int count) | 211 | size_t count) |
| 257 | { | 212 | { |
| 258 | return ctx->digest->update(ctx,data,(unsigned long)count); | 213 | return ctx->digest->update(ctx,data,count); |
| 259 | } | 214 | } |
| 260 | 215 | ||
| 261 | /* The caller can assume that this removes any secret data from the context */ | 216 | /* The caller can assume that this removes any secret data from the context */ |
| @@ -296,14 +251,14 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) | |||
| 296 | unsigned char *tmp_buf; | 251 | unsigned char *tmp_buf; |
| 297 | if ((in == NULL) || (in->digest == NULL)) | 252 | if ((in == NULL) || (in->digest == NULL)) |
| 298 | { | 253 | { |
| 299 | EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); | 254 | EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,EVP_R_INPUT_NOT_INITIALIZED); |
| 300 | return 0; | 255 | return 0; |
| 301 | } | 256 | } |
| 302 | #ifndef OPENSSL_NO_ENGINE | 257 | #ifndef OPENSSL_NO_ENGINE |
| 303 | /* Make sure it's safe to copy a digest context using an ENGINE */ | 258 | /* Make sure it's safe to copy a digest context using an ENGINE */ |
| 304 | if (in->engine && !ENGINE_init(in->engine)) | 259 | if (in->engine && !ENGINE_init(in->engine)) |
| 305 | { | 260 | { |
| 306 | EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB); | 261 | EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_ENGINE_LIB); |
| 307 | return 0; | 262 | return 0; |
| 308 | } | 263 | } |
| 309 | #endif | 264 | #endif |
| @@ -330,7 +285,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) | |||
| 330 | return 1; | 285 | return 1; |
| 331 | } | 286 | } |
| 332 | 287 | ||
| 333 | int EVP_Digest(void *data, unsigned int count, | 288 | int EVP_Digest(const void *data, size_t count, |
| 334 | unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl) | 289 | unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl) |
| 335 | { | 290 | { |
| 336 | EVP_MD_CTX ctx; | 291 | EVP_MD_CTX ctx; |
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c index 7b67984fa1..bd6c0a3a62 100644 --- a/src/lib/libcrypto/evp/e_aes.c +++ b/src/lib/libcrypto/evp/e_aes.c | |||
| @@ -48,10 +48,12 @@ | |||
| 48 | * | 48 | * |
| 49 | */ | 49 | */ |
| 50 | 50 | ||
| 51 | #include <openssl/opensslconf.h> | ||
| 51 | #ifndef OPENSSL_NO_AES | 52 | #ifndef OPENSSL_NO_AES |
| 52 | #include <openssl/evp.h> | 53 | #include <openssl/evp.h> |
| 53 | #include <openssl/err.h> | 54 | #include <openssl/err.h> |
| 54 | #include <string.h> | 55 | #include <string.h> |
| 56 | #include <assert.h> | ||
| 55 | #include <openssl/aes.h> | 57 | #include <openssl/aes.h> |
| 56 | #include "evp_locl.h" | 58 | #include "evp_locl.h" |
| 57 | 59 | ||
| @@ -67,32 +69,32 @@ typedef struct | |||
| 67 | 69 | ||
| 68 | IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY, | 70 | IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY, |
| 69 | NID_aes_128, 16, 16, 16, 128, | 71 | NID_aes_128, 16, 16, 16, 128, |
| 70 | EVP_CIPH_FLAG_FIPS, aes_init_key, NULL, | 72 | 0, aes_init_key, NULL, |
| 71 | EVP_CIPHER_set_asn1_iv, | 73 | EVP_CIPHER_set_asn1_iv, |
| 72 | EVP_CIPHER_get_asn1_iv, | 74 | EVP_CIPHER_get_asn1_iv, |
| 73 | NULL) | 75 | NULL) |
| 74 | IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY, | 76 | IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY, |
| 75 | NID_aes_192, 16, 24, 16, 128, | 77 | NID_aes_192, 16, 24, 16, 128, |
| 76 | EVP_CIPH_FLAG_FIPS, aes_init_key, NULL, | 78 | 0, aes_init_key, NULL, |
| 77 | EVP_CIPHER_set_asn1_iv, | 79 | EVP_CIPHER_set_asn1_iv, |
| 78 | EVP_CIPHER_get_asn1_iv, | 80 | EVP_CIPHER_get_asn1_iv, |
| 79 | NULL) | 81 | NULL) |
| 80 | IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY, | 82 | IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY, |
| 81 | NID_aes_256, 16, 32, 16, 128, | 83 | NID_aes_256, 16, 32, 16, 128, |
| 82 | EVP_CIPH_FLAG_FIPS, aes_init_key, NULL, | 84 | 0, aes_init_key, NULL, |
| 83 | EVP_CIPHER_set_asn1_iv, | 85 | EVP_CIPHER_set_asn1_iv, |
| 84 | EVP_CIPHER_get_asn1_iv, | 86 | EVP_CIPHER_get_asn1_iv, |
| 85 | NULL) | 87 | NULL) |
| 86 | 88 | ||
| 87 | #define IMPLEMENT_AES_CFBR(ksize,cbits,flags) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags) | 89 | #define IMPLEMENT_AES_CFBR(ksize,cbits) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16) |
| 88 | 90 | ||
| 89 | IMPLEMENT_AES_CFBR(128,1,EVP_CIPH_FLAG_FIPS) | 91 | IMPLEMENT_AES_CFBR(128,1) |
| 90 | IMPLEMENT_AES_CFBR(192,1,EVP_CIPH_FLAG_FIPS) | 92 | IMPLEMENT_AES_CFBR(192,1) |
| 91 | IMPLEMENT_AES_CFBR(256,1,EVP_CIPH_FLAG_FIPS) | 93 | IMPLEMENT_AES_CFBR(256,1) |
| 92 | 94 | ||
| 93 | IMPLEMENT_AES_CFBR(128,8,EVP_CIPH_FLAG_FIPS) | 95 | IMPLEMENT_AES_CFBR(128,8) |
| 94 | IMPLEMENT_AES_CFBR(192,8,EVP_CIPH_FLAG_FIPS) | 96 | IMPLEMENT_AES_CFBR(192,8) |
| 95 | IMPLEMENT_AES_CFBR(256,8,EVP_CIPH_FLAG_FIPS) | 97 | IMPLEMENT_AES_CFBR(256,8) |
| 96 | 98 | ||
| 97 | static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | 99 | static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
| 98 | const unsigned char *iv, int enc) | 100 | const unsigned char *iv, int enc) |
diff --git a/src/lib/libcrypto/evp/e_bf.c b/src/lib/libcrypto/evp/e_bf.c index e74337567b..cc224e5363 100644 --- a/src/lib/libcrypto/evp/e_bf.c +++ b/src/lib/libcrypto/evp/e_bf.c | |||
| @@ -56,9 +56,9 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_BF | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #ifndef OPENSSL_NO_BF | ||
| 62 | #include <openssl/evp.h> | 62 | #include <openssl/evp.h> |
| 63 | #include "evp_locl.h" | 63 | #include "evp_locl.h" |
| 64 | #include <openssl/objects.h> | 64 | #include <openssl/objects.h> |
diff --git a/src/lib/libcrypto/evp/e_cast.c b/src/lib/libcrypto/evp/e_cast.c index 3400fef187..d77bcd9298 100644 --- a/src/lib/libcrypto/evp/e_cast.c +++ b/src/lib/libcrypto/evp/e_cast.c | |||
| @@ -56,10 +56,10 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_CAST | ||
| 60 | |||
| 61 | #include <stdio.h> | 59 | #include <stdio.h> |
| 62 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_CAST | ||
| 63 | #include <openssl/evp.h> | 63 | #include <openssl/evp.h> |
| 64 | #include <openssl/objects.h> | 64 | #include <openssl/objects.h> |
| 65 | #include "evp_locl.h" | 65 | #include "evp_locl.h" |
diff --git a/src/lib/libcrypto/evp/e_des.c b/src/lib/libcrypto/evp/e_des.c index 46e2899825..856323648c 100644 --- a/src/lib/libcrypto/evp/e_des.c +++ b/src/lib/libcrypto/evp/e_des.c | |||
| @@ -63,9 +63,11 @@ | |||
| 63 | #include <openssl/objects.h> | 63 | #include <openssl/objects.h> |
| 64 | #include "evp_locl.h" | 64 | #include "evp_locl.h" |
| 65 | #include <openssl/des.h> | 65 | #include <openssl/des.h> |
| 66 | #include <openssl/rand.h> | ||
| 66 | 67 | ||
| 67 | static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | 68 | static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
| 68 | const unsigned char *iv, int enc); | 69 | const unsigned char *iv, int enc); |
| 70 | static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); | ||
| 69 | 71 | ||
| 70 | /* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */ | 72 | /* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */ |
| 71 | 73 | ||
| @@ -127,28 +129,48 @@ static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |||
| 127 | } | 129 | } |
| 128 | 130 | ||
| 129 | BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64, | 131 | BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64, |
| 130 | EVP_CIPH_FLAG_FIPS, des_init_key, NULL, | 132 | EVP_CIPH_RAND_KEY, des_init_key, NULL, |
| 131 | EVP_CIPHER_set_asn1_iv, | 133 | EVP_CIPHER_set_asn1_iv, |
| 132 | EVP_CIPHER_get_asn1_iv, | 134 | EVP_CIPHER_get_asn1_iv, |
| 133 | NULL) | 135 | des_ctrl) |
| 134 | 136 | ||
| 135 | BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1, | 137 | BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1, |
| 136 | EVP_CIPH_FLAG_FIPS,des_init_key,NULL, | 138 | EVP_CIPH_RAND_KEY, des_init_key,NULL, |
| 137 | EVP_CIPHER_set_asn1_iv, | 139 | EVP_CIPHER_set_asn1_iv, |
| 138 | EVP_CIPHER_get_asn1_iv,NULL) | 140 | EVP_CIPHER_get_asn1_iv,des_ctrl) |
| 139 | 141 | ||
| 140 | BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8, | 142 | BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8, |
| 141 | EVP_CIPH_FLAG_FIPS,des_init_key,NULL, | 143 | EVP_CIPH_RAND_KEY,des_init_key,NULL, |
| 142 | EVP_CIPHER_set_asn1_iv, | 144 | EVP_CIPHER_set_asn1_iv, |
| 143 | EVP_CIPHER_get_asn1_iv,NULL) | 145 | EVP_CIPHER_get_asn1_iv,des_ctrl) |
| 144 | 146 | ||
| 145 | static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | 147 | static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
| 146 | const unsigned char *iv, int enc) | 148 | const unsigned char *iv, int enc) |
| 147 | { | 149 | { |
| 148 | DES_cblock *deskey = (DES_cblock *)key; | 150 | DES_cblock *deskey = (DES_cblock *)key; |
| 149 | 151 | #ifdef EVP_CHECK_DES_KEY | |
| 152 | if(DES_set_key_checked(deskey,ctx->cipher_data) != 0) | ||
| 153 | return 0; | ||
| 154 | #else | ||
| 150 | DES_set_key_unchecked(deskey,ctx->cipher_data); | 155 | DES_set_key_unchecked(deskey,ctx->cipher_data); |
| 156 | #endif | ||
| 151 | return 1; | 157 | return 1; |
| 152 | } | 158 | } |
| 153 | 159 | ||
| 160 | static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) | ||
| 161 | { | ||
| 162 | |||
| 163 | switch(type) | ||
| 164 | { | ||
| 165 | case EVP_CTRL_RAND_KEY: | ||
| 166 | if (RAND_bytes(ptr, 8) <= 0) | ||
| 167 | return 0; | ||
| 168 | DES_set_odd_parity((DES_cblock *)ptr); | ||
| 169 | return 1; | ||
| 170 | |||
| 171 | default: | ||
| 172 | return -1; | ||
| 173 | } | ||
| 174 | } | ||
| 175 | |||
| 154 | #endif | 176 | #endif |
diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c index 677322bf02..ac148efab2 100644 --- a/src/lib/libcrypto/evp/e_des3.c +++ b/src/lib/libcrypto/evp/e_des3.c | |||
| @@ -63,6 +63,7 @@ | |||
| 63 | #include <openssl/objects.h> | 63 | #include <openssl/objects.h> |
| 64 | #include "evp_locl.h" | 64 | #include "evp_locl.h" |
| 65 | #include <openssl/des.h> | 65 | #include <openssl/des.h> |
| 66 | #include <openssl/rand.h> | ||
| 66 | 67 | ||
| 67 | static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | 68 | static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
| 68 | const unsigned char *iv,int enc); | 69 | const unsigned char *iv,int enc); |
| @@ -70,6 +71,8 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |||
| 70 | static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | 71 | static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
| 71 | const unsigned char *iv,int enc); | 72 | const unsigned char *iv,int enc); |
| 72 | 73 | ||
| 74 | static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); | ||
| 75 | |||
| 73 | typedef struct | 76 | typedef struct |
| 74 | { | 77 | { |
| 75 | DES_key_schedule ks1;/* key schedule */ | 78 | DES_key_schedule ks1;/* key schedule */ |
| @@ -85,7 +88,8 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |||
| 85 | const unsigned char *in, unsigned int inl) | 88 | const unsigned char *in, unsigned int inl) |
| 86 | { | 89 | { |
| 87 | BLOCK_CIPHER_ecb_loop() | 90 | BLOCK_CIPHER_ecb_loop() |
| 88 | DES_ecb3_encrypt(in + i,out + i, | 91 | DES_ecb3_encrypt((const_DES_cblock *)(in + i), |
| 92 | (DES_cblock *)(out + i), | ||
| 89 | &data(ctx)->ks1, &data(ctx)->ks2, | 93 | &data(ctx)->ks1, &data(ctx)->ks2, |
| 90 | &data(ctx)->ks3, | 94 | &data(ctx)->ks3, |
| 91 | ctx->encrypt); | 95 | ctx->encrypt); |
| @@ -160,10 +164,10 @@ static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |||
| 160 | } | 164 | } |
| 161 | 165 | ||
| 162 | BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, | 166 | BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, |
| 163 | EVP_CIPH_FLAG_FIPS, des_ede_init_key, NULL, | 167 | EVP_CIPH_RAND_KEY, des_ede_init_key, NULL, |
| 164 | EVP_CIPHER_set_asn1_iv, | 168 | EVP_CIPHER_set_asn1_iv, |
| 165 | EVP_CIPHER_get_asn1_iv, | 169 | EVP_CIPHER_get_asn1_iv, |
| 166 | NULL) | 170 | des3_ctrl) |
| 167 | 171 | ||
| 168 | #define des_ede3_cfb64_cipher des_ede_cfb64_cipher | 172 | #define des_ede3_cfb64_cipher des_ede_cfb64_cipher |
| 169 | #define des_ede3_ofb_cipher des_ede_ofb_cipher | 173 | #define des_ede3_ofb_cipher des_ede_ofb_cipher |
| @@ -171,28 +175,35 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, | |||
| 171 | #define des_ede3_ecb_cipher des_ede_ecb_cipher | 175 | #define des_ede3_ecb_cipher des_ede_ecb_cipher |
| 172 | 176 | ||
| 173 | BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, | 177 | BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, |
| 174 | EVP_CIPH_FLAG_FIPS, des_ede3_init_key, NULL, | 178 | EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL, |
| 175 | EVP_CIPHER_set_asn1_iv, | 179 | EVP_CIPHER_set_asn1_iv, |
| 176 | EVP_CIPHER_get_asn1_iv, | 180 | EVP_CIPHER_get_asn1_iv, |
| 177 | NULL) | 181 | des3_ctrl) |
| 178 | 182 | ||
| 179 | BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1, | 183 | BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1, |
| 180 | EVP_CIPH_FLAG_FIPS, des_ede3_init_key,NULL, | 184 | EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL, |
| 181 | EVP_CIPHER_set_asn1_iv, | 185 | EVP_CIPHER_set_asn1_iv, |
| 182 | EVP_CIPHER_get_asn1_iv,NULL) | 186 | EVP_CIPHER_get_asn1_iv, |
| 187 | des3_ctrl) | ||
| 183 | 188 | ||
| 184 | BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8, | 189 | BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8, |
| 185 | EVP_CIPH_FLAG_FIPS, des_ede3_init_key,NULL, | 190 | EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL, |
| 186 | EVP_CIPHER_set_asn1_iv, | 191 | EVP_CIPHER_set_asn1_iv, |
| 187 | EVP_CIPHER_get_asn1_iv,NULL) | 192 | EVP_CIPHER_get_asn1_iv, |
| 193 | des3_ctrl) | ||
| 188 | 194 | ||
| 189 | static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | 195 | static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
| 190 | const unsigned char *iv, int enc) | 196 | const unsigned char *iv, int enc) |
| 191 | { | 197 | { |
| 192 | DES_cblock *deskey = (DES_cblock *)key; | 198 | DES_cblock *deskey = (DES_cblock *)key; |
| 193 | 199 | #ifdef EVP_CHECK_DES_KEY | |
| 200 | if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1) | ||
| 201 | !! DES_set_key_checked(&deskey[1],&data(ctx)->ks2)) | ||
| 202 | return 0; | ||
| 203 | #else | ||
| 194 | DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1); | 204 | DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1); |
| 195 | DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2); | 205 | DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2); |
| 206 | #endif | ||
| 196 | memcpy(&data(ctx)->ks3,&data(ctx)->ks1, | 207 | memcpy(&data(ctx)->ks3,&data(ctx)->ks1, |
| 197 | sizeof(data(ctx)->ks1)); | 208 | sizeof(data(ctx)->ks1)); |
| 198 | return 1; | 209 | return 1; |
| @@ -213,13 +224,41 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |||
| 213 | } | 224 | } |
| 214 | #endif /* KSSL_DEBUG */ | 225 | #endif /* KSSL_DEBUG */ |
| 215 | 226 | ||
| 227 | #ifdef EVP_CHECK_DES_KEY | ||
| 228 | if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1) | ||
| 229 | || DES_set_key_checked(&deskey[1],&data(ctx)->ks2) | ||
| 230 | || DES_set_key_checked(&deskey[2],&data(ctx)->ks3)) | ||
| 231 | return 0; | ||
| 232 | #else | ||
| 216 | DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1); | 233 | DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1); |
| 217 | DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2); | 234 | DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2); |
| 218 | DES_set_key_unchecked(&deskey[2],&data(ctx)->ks3); | 235 | DES_set_key_unchecked(&deskey[2],&data(ctx)->ks3); |
| 219 | 236 | #endif | |
| 220 | return 1; | 237 | return 1; |
| 221 | } | 238 | } |
| 222 | 239 | ||
| 240 | static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) | ||
| 241 | { | ||
| 242 | |||
| 243 | DES_cblock *deskey = ptr; | ||
| 244 | |||
| 245 | switch(type) | ||
| 246 | { | ||
| 247 | case EVP_CTRL_RAND_KEY: | ||
| 248 | if (RAND_bytes(ptr, c->key_len) <= 0) | ||
| 249 | return 0; | ||
| 250 | DES_set_odd_parity(deskey); | ||
| 251 | if (c->key_len >= 16) | ||
| 252 | DES_set_odd_parity(deskey + 1); | ||
| 253 | if (c->key_len >= 24) | ||
| 254 | DES_set_odd_parity(deskey + 2); | ||
| 255 | return 1; | ||
| 256 | |||
| 257 | default: | ||
| 258 | return -1; | ||
| 259 | } | ||
| 260 | } | ||
| 261 | |||
| 223 | const EVP_CIPHER *EVP_des_ede(void) | 262 | const EVP_CIPHER *EVP_des_ede(void) |
| 224 | { | 263 | { |
| 225 | return &des_ede_ecb; | 264 | return &des_ede_ecb; |
diff --git a/src/lib/libcrypto/evp/e_idea.c b/src/lib/libcrypto/evp/e_idea.c index b9efa75ae7..48c33a774a 100644 --- a/src/lib/libcrypto/evp/e_idea.c +++ b/src/lib/libcrypto/evp/e_idea.c | |||
| @@ -56,10 +56,10 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_IDEA | ||
| 60 | |||
| 61 | #include <stdio.h> | 59 | #include <stdio.h> |
| 62 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_IDEA | ||
| 63 | #include <openssl/evp.h> | 63 | #include <openssl/evp.h> |
| 64 | #include <openssl/objects.h> | 64 | #include <openssl/objects.h> |
| 65 | #include "evp_locl.h" | 65 | #include "evp_locl.h" |
diff --git a/src/lib/libcrypto/evp/e_null.c b/src/lib/libcrypto/evp/e_null.c index a84b0f14b1..5205259f18 100644 --- a/src/lib/libcrypto/evp/e_null.c +++ b/src/lib/libcrypto/evp/e_null.c | |||
| @@ -69,13 +69,14 @@ static const EVP_CIPHER n_cipher= | |||
| 69 | { | 69 | { |
| 70 | NID_undef, | 70 | NID_undef, |
| 71 | 1,0,0, | 71 | 1,0,0, |
| 72 | EVP_CIPH_FLAG_FIPS, | 72 | 0, |
| 73 | null_init_key, | 73 | null_init_key, |
| 74 | null_cipher, | 74 | null_cipher, |
| 75 | NULL, | 75 | NULL, |
| 76 | 0, | 76 | 0, |
| 77 | NULL, | 77 | NULL, |
| 78 | NULL, | 78 | NULL, |
| 79 | NULL, | ||
| 79 | NULL | 80 | NULL |
| 80 | }; | 81 | }; |
| 81 | 82 | ||
| @@ -95,7 +96,7 @@ static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |||
| 95 | const unsigned char *in, unsigned int inl) | 96 | const unsigned char *in, unsigned int inl) |
| 96 | { | 97 | { |
| 97 | if (in != out) | 98 | if (in != out) |
| 98 | memcpy((char *)out,(char *)in,(int)inl); | 99 | memcpy((char *)out,(const char *)in,(size_t)inl); |
| 99 | return 1; | 100 | return 1; |
| 100 | } | 101 | } |
| 101 | 102 | ||
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c index d42cbfd17e..d37726ffae 100644 --- a/src/lib/libcrypto/evp/e_rc2.c +++ b/src/lib/libcrypto/evp/e_rc2.c | |||
| @@ -56,10 +56,11 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_RC2 | ||
| 60 | |||
| 61 | #include <stdio.h> | 59 | #include <stdio.h> |
| 62 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_RC2 | ||
| 63 | |||
| 63 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 64 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 65 | #include "evp_locl.h" | 66 | #include "evp_locl.h" |
| @@ -167,16 +168,17 @@ static int rc2_magic_to_meth(int i) | |||
| 167 | static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | 168 | static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) |
| 168 | { | 169 | { |
| 169 | long num=0; | 170 | long num=0; |
| 170 | int i=0,l; | 171 | int i=0; |
| 171 | int key_bits; | 172 | int key_bits; |
| 173 | unsigned int l; | ||
| 172 | unsigned char iv[EVP_MAX_IV_LENGTH]; | 174 | unsigned char iv[EVP_MAX_IV_LENGTH]; |
| 173 | 175 | ||
| 174 | if (type != NULL) | 176 | if (type != NULL) |
| 175 | { | 177 | { |
| 176 | l=EVP_CIPHER_CTX_iv_length(c); | 178 | l=EVP_CIPHER_CTX_iv_length(c); |
| 177 | OPENSSL_assert(l <= sizeof iv); | 179 | OPENSSL_assert(l <= sizeof(iv)); |
| 178 | i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l); | 180 | i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l); |
| 179 | if (i != l) | 181 | if (i != (int)l) |
| 180 | return(-1); | 182 | return(-1); |
| 181 | key_bits =rc2_magic_to_meth((int)num); | 183 | key_bits =rc2_magic_to_meth((int)num); |
| 182 | if (!key_bits) | 184 | if (!key_bits) |
diff --git a/src/lib/libcrypto/evp/e_rc4.c b/src/lib/libcrypto/evp/e_rc4.c index 8aa70585b9..67af850bea 100644 --- a/src/lib/libcrypto/evp/e_rc4.c +++ b/src/lib/libcrypto/evp/e_rc4.c | |||
| @@ -56,13 +56,13 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_RC4 | ||
| 60 | |||
| 61 | #include <stdio.h> | 59 | #include <stdio.h> |
| 62 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_RC4 | ||
| 63 | |||
| 63 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 64 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 65 | #include "evp_locl.h" | ||
| 66 | #include <openssl/rc4.h> | 66 | #include <openssl/rc4.h> |
| 67 | 67 | ||
| 68 | /* FIXME: surely this is available elsewhere? */ | 68 | /* FIXME: surely this is available elsewhere? */ |
| @@ -90,6 +90,7 @@ static const EVP_CIPHER r4_cipher= | |||
| 90 | sizeof(EVP_RC4_KEY), | 90 | sizeof(EVP_RC4_KEY), |
| 91 | NULL, | 91 | NULL, |
| 92 | NULL, | 92 | NULL, |
| 93 | NULL, | ||
| 93 | NULL | 94 | NULL |
| 94 | }; | 95 | }; |
| 95 | 96 | ||
| @@ -104,6 +105,7 @@ static const EVP_CIPHER r4_40_cipher= | |||
| 104 | sizeof(EVP_RC4_KEY), | 105 | sizeof(EVP_RC4_KEY), |
| 105 | NULL, | 106 | NULL, |
| 106 | NULL, | 107 | NULL, |
| 108 | NULL, | ||
| 107 | NULL | 109 | NULL |
| 108 | }; | 110 | }; |
| 109 | 111 | ||
diff --git a/src/lib/libcrypto/evp/e_rc5.c b/src/lib/libcrypto/evp/e_rc5.c index 3c7713b181..19a10c6402 100644 --- a/src/lib/libcrypto/evp/e_rc5.c +++ b/src/lib/libcrypto/evp/e_rc5.c | |||
| @@ -56,10 +56,11 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_RC5 | ||
| 60 | |||
| 61 | #include <stdio.h> | 59 | #include <stdio.h> |
| 62 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_RC5 | ||
| 63 | |||
| 63 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 64 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 65 | #include "evp_locl.h" | 66 | #include "evp_locl.h" |
diff --git a/src/lib/libcrypto/evp/e_xcbc_d.c b/src/lib/libcrypto/evp/e_xcbc_d.c index a6f849e93d..8832da2433 100644 --- a/src/lib/libcrypto/evp/e_xcbc_d.c +++ b/src/lib/libcrypto/evp/e_xcbc_d.c | |||
| @@ -56,9 +56,11 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_DES | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_DES | ||
| 63 | |||
| 62 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 63 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 64 | #include <openssl/des.h> | 66 | #include <openssl/des.h> |
| @@ -89,6 +91,7 @@ static const EVP_CIPHER d_xcbc_cipher= | |||
| 89 | sizeof(DESX_CBC_KEY), | 91 | sizeof(DESX_CBC_KEY), |
| 90 | EVP_CIPHER_set_asn1_iv, | 92 | EVP_CIPHER_set_asn1_iv, |
| 91 | EVP_CIPHER_get_asn1_iv, | 93 | EVP_CIPHER_get_asn1_iv, |
| 94 | NULL, | ||
| 92 | NULL | 95 | NULL |
| 93 | }; | 96 | }; |
| 94 | 97 | ||
diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c index 33e540087d..5921f0d710 100644 --- a/src/lib/libcrypto/evp/encode.c +++ b/src/lib/libcrypto/evp/encode.c | |||
| @@ -129,14 +129,14 @@ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx) | |||
| 129 | } | 129 | } |
| 130 | 130 | ||
| 131 | void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, | 131 | void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, |
| 132 | unsigned char *in, int inl) | 132 | const unsigned char *in, int inl) |
| 133 | { | 133 | { |
| 134 | int i,j; | 134 | int i,j; |
| 135 | unsigned int total=0; | 135 | unsigned int total=0; |
| 136 | 136 | ||
| 137 | *outl=0; | 137 | *outl=0; |
| 138 | if (inl == 0) return; | 138 | if (inl == 0) return; |
| 139 | OPENSSL_assert(ctx->length <= sizeof ctx->enc_data); | 139 | OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data)); |
| 140 | if ((ctx->num+inl) < ctx->length) | 140 | if ((ctx->num+inl) < ctx->length) |
| 141 | { | 141 | { |
| 142 | memcpy(&(ctx->enc_data[ctx->num]),in,inl); | 142 | memcpy(&(ctx->enc_data[ctx->num]),in,inl); |
| @@ -233,7 +233,7 @@ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx) | |||
| 233 | * 1 for full line | 233 | * 1 for full line |
| 234 | */ | 234 | */ |
| 235 | int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, | 235 | int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, |
| 236 | unsigned char *in, int inl) | 236 | const unsigned char *in, int inl) |
| 237 | { | 237 | { |
| 238 | int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl; | 238 | int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl; |
| 239 | unsigned char *d; | 239 | unsigned char *d; |
| @@ -259,7 +259,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, | |||
| 259 | /* only save the good data :-) */ | 259 | /* only save the good data :-) */ |
| 260 | if (!B64_NOT_BASE64(v)) | 260 | if (!B64_NOT_BASE64(v)) |
| 261 | { | 261 | { |
| 262 | OPENSSL_assert(n < sizeof ctx->enc_data); | 262 | OPENSSL_assert(n < (int)sizeof(ctx->enc_data)); |
| 263 | d[n++]=tmp; | 263 | d[n++]=tmp; |
| 264 | ln++; | 264 | ln++; |
| 265 | } | 265 | } |
| @@ -323,8 +323,8 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, | |||
| 323 | if (n > 0) | 323 | if (n > 0) |
| 324 | { | 324 | { |
| 325 | v=EVP_DecodeBlock(out,d,n); | 325 | v=EVP_DecodeBlock(out,d,n); |
| 326 | if (v < 0) { rv=0; goto end; } | ||
| 327 | n=0; | 326 | n=0; |
| 327 | if (v < 0) { rv=0; goto end; } | ||
| 328 | ret+=(v-eof); | 328 | ret+=(v-eof); |
| 329 | } | 329 | } |
| 330 | else | 330 | else |
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h index f29e0ba8f0..c19d764c15 100644 --- a/src/lib/libcrypto/evp/evp.h +++ b/src/lib/libcrypto/evp/evp.h | |||
| @@ -75,10 +75,6 @@ | |||
| 75 | #include <openssl/bio.h> | 75 | #include <openssl/bio.h> |
| 76 | #endif | 76 | #endif |
| 77 | 77 | ||
| 78 | #ifdef OPENSSL_FIPS | ||
| 79 | #include <openssl/fips.h> | ||
| 80 | #endif | ||
| 81 | |||
| 82 | /* | 78 | /* |
| 83 | #define EVP_RC2_KEY_SIZE 16 | 79 | #define EVP_RC2_KEY_SIZE 16 |
| 84 | #define EVP_RC4_KEY_SIZE 16 | 80 | #define EVP_RC4_KEY_SIZE 16 |
| @@ -86,7 +82,7 @@ | |||
| 86 | #define EVP_CAST5_KEY_SIZE 16 | 82 | #define EVP_CAST5_KEY_SIZE 16 |
| 87 | #define EVP_RC5_32_12_16_KEY_SIZE 16 | 83 | #define EVP_RC5_32_12_16_KEY_SIZE 16 |
| 88 | */ | 84 | */ |
| 89 | #define EVP_MAX_MD_SIZE 64 /* longest known SHA512 */ | 85 | #define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */ |
| 90 | #define EVP_MAX_KEY_LENGTH 32 | 86 | #define EVP_MAX_KEY_LENGTH 32 |
| 91 | #define EVP_MAX_IV_LENGTH 16 | 87 | #define EVP_MAX_IV_LENGTH 16 |
| 92 | #define EVP_MAX_BLOCK_LENGTH 32 | 88 | #define EVP_MAX_BLOCK_LENGTH 32 |
| @@ -100,11 +96,13 @@ | |||
| 100 | #define EVP_PK_RSA 0x0001 | 96 | #define EVP_PK_RSA 0x0001 |
| 101 | #define EVP_PK_DSA 0x0002 | 97 | #define EVP_PK_DSA 0x0002 |
| 102 | #define EVP_PK_DH 0x0004 | 98 | #define EVP_PK_DH 0x0004 |
| 99 | #define EVP_PK_EC 0x0008 | ||
| 103 | #define EVP_PKT_SIGN 0x0010 | 100 | #define EVP_PKT_SIGN 0x0010 |
| 104 | #define EVP_PKT_ENC 0x0020 | 101 | #define EVP_PKT_ENC 0x0020 |
| 105 | #define EVP_PKT_EXCH 0x0040 | 102 | #define EVP_PKT_EXCH 0x0040 |
| 106 | #define EVP_PKS_RSA 0x0100 | 103 | #define EVP_PKS_RSA 0x0100 |
| 107 | #define EVP_PKS_DSA 0x0200 | 104 | #define EVP_PKS_DSA 0x0200 |
| 105 | #define EVP_PKS_EC 0x0400 | ||
| 108 | #define EVP_PKT_EXP 0x1000 /* <= 512 bit key */ | 106 | #define EVP_PKT_EXP 0x1000 /* <= 512 bit key */ |
| 109 | 107 | ||
| 110 | #define EVP_PKEY_NONE NID_undef | 108 | #define EVP_PKEY_NONE NID_undef |
| @@ -116,6 +114,7 @@ | |||
| 116 | #define EVP_PKEY_DSA3 NID_dsaWithSHA1 | 114 | #define EVP_PKEY_DSA3 NID_dsaWithSHA1 |
| 117 | #define EVP_PKEY_DSA4 NID_dsaWithSHA1_2 | 115 | #define EVP_PKEY_DSA4 NID_dsaWithSHA1_2 |
| 118 | #define EVP_PKEY_DH NID_dhKeyAgreement | 116 | #define EVP_PKEY_DH NID_dhKeyAgreement |
| 117 | #define EVP_PKEY_EC NID_X9_62_id_ecPublicKey | ||
| 119 | 118 | ||
| 120 | #ifdef __cplusplus | 119 | #ifdef __cplusplus |
| 121 | extern "C" { | 120 | extern "C" { |
| @@ -140,6 +139,9 @@ struct evp_pkey_st | |||
| 140 | #ifndef OPENSSL_NO_DH | 139 | #ifndef OPENSSL_NO_DH |
| 141 | struct dh_st *dh; /* DH */ | 140 | struct dh_st *dh; /* DH */ |
| 142 | #endif | 141 | #endif |
| 142 | #ifndef OPENSSL_NO_EC | ||
| 143 | struct ec_key_st *ec; /* ECC */ | ||
| 144 | #endif | ||
| 143 | } pkey; | 145 | } pkey; |
| 144 | int save_parameters; | 146 | int save_parameters; |
| 145 | STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ | 147 | STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ |
| @@ -225,39 +227,58 @@ struct env_md_st | |||
| 225 | int md_size; | 227 | int md_size; |
| 226 | unsigned long flags; | 228 | unsigned long flags; |
| 227 | int (*init)(EVP_MD_CTX *ctx); | 229 | int (*init)(EVP_MD_CTX *ctx); |
| 228 | int (*update)(EVP_MD_CTX *ctx,const void *data,unsigned long count); | 230 | int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count); |
| 229 | int (*final)(EVP_MD_CTX *ctx,unsigned char *md); | 231 | int (*final)(EVP_MD_CTX *ctx,unsigned char *md); |
| 230 | int (*copy)(EVP_MD_CTX *to,const EVP_MD_CTX *from); | 232 | int (*copy)(EVP_MD_CTX *to,const EVP_MD_CTX *from); |
| 231 | int (*cleanup)(EVP_MD_CTX *ctx); | 233 | int (*cleanup)(EVP_MD_CTX *ctx); |
| 232 | 234 | ||
| 233 | /* FIXME: prototype these some day */ | 235 | /* FIXME: prototype these some day */ |
| 234 | int (*sign)(); | 236 | int (*sign)(int type, const unsigned char *m, unsigned int m_length, |
| 235 | int (*verify)(); | 237 | unsigned char *sigret, unsigned int *siglen, void *key); |
| 238 | int (*verify)(int type, const unsigned char *m, unsigned int m_length, | ||
| 239 | const unsigned char *sigbuf, unsigned int siglen, | ||
| 240 | void *key); | ||
| 236 | int required_pkey_type[5]; /*EVP_PKEY_xxx */ | 241 | int required_pkey_type[5]; /*EVP_PKEY_xxx */ |
| 237 | int block_size; | 242 | int block_size; |
| 238 | int ctx_size; /* how big does the ctx->md_data need to be */ | 243 | int ctx_size; /* how big does the ctx->md_data need to be */ |
| 239 | } /* EVP_MD */; | 244 | } /* EVP_MD */; |
| 240 | 245 | ||
| 246 | typedef int evp_sign_method(int type,const unsigned char *m, | ||
| 247 | unsigned int m_length,unsigned char *sigret, | ||
| 248 | unsigned int *siglen, void *key); | ||
| 249 | typedef int evp_verify_method(int type,const unsigned char *m, | ||
| 250 | unsigned int m_length,const unsigned char *sigbuf, | ||
| 251 | unsigned int siglen, void *key); | ||
| 252 | |||
| 241 | #define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single | 253 | #define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single |
| 242 | * block */ | 254 | * block */ |
| 243 | #define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */ | ||
| 244 | 255 | ||
| 245 | #define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} | 256 | #define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} |
| 246 | 257 | ||
| 247 | #ifndef OPENSSL_NO_DSA | 258 | #ifndef OPENSSL_NO_DSA |
| 248 | #define EVP_PKEY_DSA_method DSA_sign,DSA_verify, \ | 259 | #define EVP_PKEY_DSA_method (evp_sign_method *)DSA_sign, \ |
| 260 | (evp_verify_method *)DSA_verify, \ | ||
| 249 | {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \ | 261 | {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \ |
| 250 | EVP_PKEY_DSA4,0} | 262 | EVP_PKEY_DSA4,0} |
| 251 | #else | 263 | #else |
| 252 | #define EVP_PKEY_DSA_method EVP_PKEY_NULL_method | 264 | #define EVP_PKEY_DSA_method EVP_PKEY_NULL_method |
| 253 | #endif | 265 | #endif |
| 254 | 266 | ||
| 267 | #ifndef OPENSSL_NO_ECDSA | ||
| 268 | #define EVP_PKEY_ECDSA_method (evp_sign_method *)ECDSA_sign, \ | ||
| 269 | (evp_verify_method *)ECDSA_verify, \ | ||
| 270 | {EVP_PKEY_EC,0,0,0} | ||
| 271 | #else | ||
| 272 | #define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method | ||
| 273 | #endif | ||
| 274 | |||
| 255 | #ifndef OPENSSL_NO_RSA | 275 | #ifndef OPENSSL_NO_RSA |
| 256 | #define EVP_PKEY_RSA_method RSA_sign,RSA_verify, \ | 276 | #define EVP_PKEY_RSA_method (evp_sign_method *)RSA_sign, \ |
| 277 | (evp_verify_method *)RSA_verify, \ | ||
| 257 | {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} | 278 | {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} |
| 258 | #define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \ | 279 | #define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \ |
| 259 | RSA_sign_ASN1_OCTET_STRING, \ | 280 | (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \ |
| 260 | RSA_verify_ASN1_OCTET_STRING, \ | 281 | (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \ |
| 261 | {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} | 282 | {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} |
| 262 | #else | 283 | #else |
| 263 | #define EVP_PKEY_RSA_method EVP_PKEY_NULL_method | 284 | #define EVP_PKEY_RSA_method EVP_PKEY_NULL_method |
| @@ -283,9 +304,6 @@ struct env_md_ctx_st | |||
| 283 | #define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data | 304 | #define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data |
| 284 | * in EVP_MD_CTX_cleanup */ | 305 | * in EVP_MD_CTX_cleanup */ |
| 285 | 306 | ||
| 286 | #define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest | ||
| 287 | * in FIPS mode */ | ||
| 288 | |||
| 289 | struct evp_cipher_st | 307 | struct evp_cipher_st |
| 290 | { | 308 | { |
| 291 | int nid; | 309 | int nid; |
| @@ -327,10 +345,8 @@ struct evp_cipher_st | |||
| 327 | #define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80 | 345 | #define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80 |
| 328 | /* Don't use standard block padding */ | 346 | /* Don't use standard block padding */ |
| 329 | #define EVP_CIPH_NO_PADDING 0x100 | 347 | #define EVP_CIPH_NO_PADDING 0x100 |
| 330 | /* Note if suitable for use in FIPS mode */ | 348 | /* cipher handles random key generation */ |
| 331 | #define EVP_CIPH_FLAG_FIPS 0x400 | 349 | #define EVP_CIPH_RAND_KEY 0x200 |
| 332 | /* Allow non FIPS cipher in FIPS mode */ | ||
| 333 | #define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x800 | ||
| 334 | 350 | ||
| 335 | /* ctrl() values */ | 351 | /* ctrl() values */ |
| 336 | 352 | ||
| @@ -341,6 +357,7 @@ struct evp_cipher_st | |||
| 341 | #define EVP_CTRL_GET_RC5_ROUNDS 0x4 | 357 | #define EVP_CTRL_GET_RC5_ROUNDS 0x4 |
| 342 | #define EVP_CTRL_SET_RC5_ROUNDS 0x5 | 358 | #define EVP_CTRL_SET_RC5_ROUNDS 0x5 |
| 343 | #define EVP_CTRL_SET_ACSS_MODE 0x6 | 359 | #define EVP_CTRL_SET_ACSS_MODE 0x6 |
| 360 | #define EVP_CTRL_RAND_KEY 0x7 | ||
| 344 | 361 | ||
| 345 | typedef struct evp_cipher_info_st | 362 | typedef struct evp_cipher_info_st |
| 346 | { | 363 | { |
| @@ -402,45 +419,47 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 402 | (char *)(dh)) | 419 | (char *)(dh)) |
| 403 | #endif | 420 | #endif |
| 404 | 421 | ||
| 422 | #ifndef OPENSSL_NO_EC | ||
| 423 | #define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\ | ||
| 424 | (char *)(eckey)) | ||
| 425 | #endif | ||
| 426 | |||
| 405 | /* Add some extra combinations */ | 427 | /* Add some extra combinations */ |
| 406 | #define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a)) | 428 | #define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a)) |
| 407 | #define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a)) | 429 | #define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a)) |
| 408 | #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) | 430 | #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) |
| 409 | #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) | 431 | #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) |
| 410 | 432 | ||
| 411 | #define EVP_MD_type(e) ((e)->type) | 433 | int EVP_MD_type(const EVP_MD *md); |
| 412 | #define EVP_MD_nid(e) EVP_MD_type(e) | 434 | #define EVP_MD_nid(e) EVP_MD_type(e) |
| 413 | #define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e)) | 435 | #define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e)) |
| 414 | #define EVP_MD_pkey_type(e) ((e)->pkey_type) | 436 | int EVP_MD_pkey_type(const EVP_MD *md); |
| 415 | #define EVP_MD_size(e) ((e)->md_size) | 437 | int EVP_MD_size(const EVP_MD *md); |
| 416 | #define EVP_MD_block_size(e) ((e)->block_size) | 438 | int EVP_MD_block_size(const EVP_MD *md); |
| 417 | 439 | ||
| 418 | #define EVP_MD_CTX_md(e) ((e)->digest) | 440 | const EVP_MD * EVP_MD_CTX_md(const EVP_MD_CTX *ctx); |
| 419 | #define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest) | 441 | #define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e)) |
| 420 | #define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest) | 442 | #define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e)) |
| 421 | #define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest) | 443 | #define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e)) |
| 422 | 444 | ||
| 423 | #define EVP_CIPHER_nid(e) ((e)->nid) | 445 | int EVP_CIPHER_nid(const EVP_CIPHER *cipher); |
| 424 | #define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e)) | 446 | #define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e)) |
| 425 | #define EVP_CIPHER_block_size(e) ((e)->block_size) | 447 | int EVP_CIPHER_block_size(const EVP_CIPHER *cipher); |
| 426 | #define EVP_CIPHER_key_length(e) ((e)->key_len) | 448 | int EVP_CIPHER_key_length(const EVP_CIPHER *cipher); |
| 427 | #define EVP_CIPHER_iv_length(e) ((e)->iv_len) | 449 | int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher); |
| 428 | #define EVP_CIPHER_flags(e) ((e)->flags) | 450 | unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher); |
| 429 | #define EVP_CIPHER_mode(e) (((e)->flags) & EVP_CIPH_MODE) | 451 | #define EVP_CIPHER_mode(e) (EVP_CIPHER_flags(e) & EVP_CIPH_MODE) |
| 430 | 452 | ||
| 431 | #define EVP_CIPHER_CTX_cipher(e) ((e)->cipher) | 453 | const EVP_CIPHER * EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx); |
| 432 | #define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid) | 454 | int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx); |
| 433 | #define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size) | 455 | int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx); |
| 434 | #define EVP_CIPHER_CTX_key_length(e) ((e)->key_len) | 456 | int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx); |
| 435 | #define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len) | 457 | int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx); |
| 436 | #define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) | 458 | void * EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx); |
| 437 | #define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d)) | 459 | void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data); |
| 438 | #define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)) | 460 | #define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)) |
| 439 | #define EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags) | 461 | unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx); |
| 440 | #define EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) | 462 | #define EVP_CIPHER_CTX_mode(e) (EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE) |
| 441 | #define EVP_CIPHER_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs)) | ||
| 442 | #define EVP_CIPHER_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs)) | ||
| 443 | #define EVP_CIPHER_CTX_mode(e) ((e)->cipher->flags & EVP_CIPH_MODE) | ||
| 444 | 463 | ||
| 445 | #define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80) | 464 | #define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80) |
| 446 | #define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80) | 465 | #define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80) |
| @@ -465,7 +484,10 @@ void BIO_set_md(BIO *,const EVP_MD *md); | |||
| 465 | #define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL) | 484 | #define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL) |
| 466 | #define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp) | 485 | #define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp) |
| 467 | 486 | ||
| 468 | #define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l)) | 487 | int EVP_Cipher(EVP_CIPHER_CTX *c, |
| 488 | unsigned char *out, | ||
| 489 | const unsigned char *in, | ||
| 490 | unsigned int inl); | ||
| 469 | 491 | ||
| 470 | #define EVP_add_cipher_alias(n,alias) \ | 492 | #define EVP_add_cipher_alias(n,alias) \ |
| 471 | OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n)) | 493 | OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n)) |
| @@ -481,14 +503,14 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); | |||
| 481 | EVP_MD_CTX *EVP_MD_CTX_create(void); | 503 | EVP_MD_CTX *EVP_MD_CTX_create(void); |
| 482 | void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); | 504 | void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); |
| 483 | int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in); | 505 | int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in); |
| 484 | #define EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) | 506 | void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags); |
| 485 | #define EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs)) | 507 | void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags); |
| 486 | #define EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs)) | 508 | int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx,int flags); |
| 487 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); | 509 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); |
| 488 | int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d, | 510 | int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d, |
| 489 | unsigned int cnt); | 511 | size_t cnt); |
| 490 | int EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); | 512 | int EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); |
| 491 | int EVP_Digest(void *data, unsigned int count, | 513 | int EVP_Digest(const void *data, size_t count, |
| 492 | unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl); | 514 | unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl); |
| 493 | 515 | ||
| 494 | int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in); | 516 | int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in); |
| @@ -496,7 +518,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); | |||
| 496 | int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); | 518 | int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); |
| 497 | 519 | ||
| 498 | int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify); | 520 | int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify); |
| 499 | void EVP_set_pw_prompt(char *prompt); | 521 | void EVP_set_pw_prompt(const char *prompt); |
| 500 | char * EVP_get_pw_prompt(void); | 522 | char * EVP_get_pw_prompt(void); |
| 501 | 523 | ||
| 502 | int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md, | 524 | int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md, |
| @@ -535,43 +557,48 @@ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); | |||
| 535 | int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s, | 557 | int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s, |
| 536 | EVP_PKEY *pkey); | 558 | EVP_PKEY *pkey); |
| 537 | 559 | ||
| 538 | int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, | 560 | int EVP_VerifyFinal(EVP_MD_CTX *ctx,const unsigned char *sigbuf, |
| 539 | unsigned int siglen,EVP_PKEY *pkey); | 561 | unsigned int siglen,EVP_PKEY *pkey); |
| 540 | 562 | ||
| 541 | int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,unsigned char *ek, | 563 | int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type, |
| 542 | int ekl,unsigned char *iv,EVP_PKEY *priv); | 564 | const unsigned char *ek, int ekl, const unsigned char *iv, |
| 565 | EVP_PKEY *priv); | ||
| 543 | int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); | 566 | int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); |
| 544 | 567 | ||
| 545 | int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek, | 568 | int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, |
| 546 | int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk); | 569 | unsigned char **ek, int *ekl, unsigned char *iv, |
| 570 | EVP_PKEY **pubk, int npubk); | ||
| 547 | int EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl); | 571 | int EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl); |
| 548 | 572 | ||
| 549 | void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); | 573 | void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); |
| 550 | void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out, | 574 | void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl, |
| 551 | int *outl,unsigned char *in,int inl); | 575 | const unsigned char *in,int inl); |
| 552 | void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl); | 576 | void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl); |
| 553 | int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n); | 577 | int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n); |
| 554 | 578 | ||
| 555 | void EVP_DecodeInit(EVP_ENCODE_CTX *ctx); | 579 | void EVP_DecodeInit(EVP_ENCODE_CTX *ctx); |
| 556 | int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl, | 580 | int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl, |
| 557 | unsigned char *in, int inl); | 581 | const unsigned char *in, int inl); |
| 558 | int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned | 582 | int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned |
| 559 | char *out, int *outl); | 583 | char *out, int *outl); |
| 560 | int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n); | 584 | int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n); |
| 561 | 585 | ||
| 562 | void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); | 586 | void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); |
| 563 | int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); | 587 | int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); |
| 588 | EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void); | ||
| 589 | void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a); | ||
| 564 | int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); | 590 | int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); |
| 565 | int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad); | 591 | int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad); |
| 566 | int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); | 592 | int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); |
| 593 | int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key); | ||
| 567 | 594 | ||
| 568 | #ifndef OPENSSL_NO_BIO | 595 | #ifndef OPENSSL_NO_BIO |
| 569 | BIO_METHOD *BIO_f_md(void); | 596 | BIO_METHOD *BIO_f_md(void); |
| 570 | BIO_METHOD *BIO_f_base64(void); | 597 | BIO_METHOD *BIO_f_base64(void); |
| 571 | BIO_METHOD *BIO_f_cipher(void); | 598 | BIO_METHOD *BIO_f_cipher(void); |
| 572 | BIO_METHOD *BIO_f_reliable(void); | 599 | BIO_METHOD *BIO_f_reliable(void); |
| 573 | void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,unsigned char *k, | 600 | void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,const unsigned char *k, |
| 574 | unsigned char *i, int enc); | 601 | const unsigned char *i, int enc); |
| 575 | #endif | 602 | #endif |
| 576 | 603 | ||
| 577 | const EVP_MD *EVP_md_null(void); | 604 | const EVP_MD *EVP_md_null(void); |
| @@ -589,7 +616,8 @@ const EVP_MD *EVP_sha(void); | |||
| 589 | const EVP_MD *EVP_sha1(void); | 616 | const EVP_MD *EVP_sha1(void); |
| 590 | const EVP_MD *EVP_dss(void); | 617 | const EVP_MD *EVP_dss(void); |
| 591 | const EVP_MD *EVP_dss1(void); | 618 | const EVP_MD *EVP_dss1(void); |
| 592 | #ifdef OPENSSL_FIPS | 619 | const EVP_MD *EVP_ecdsa(void); |
| 620 | #endif | ||
| 593 | #ifndef OPENSSL_NO_SHA256 | 621 | #ifndef OPENSSL_NO_SHA256 |
| 594 | const EVP_MD *EVP_sha224(void); | 622 | const EVP_MD *EVP_sha224(void); |
| 595 | const EVP_MD *EVP_sha256(void); | 623 | const EVP_MD *EVP_sha256(void); |
| @@ -598,8 +626,6 @@ const EVP_MD *EVP_sha256(void); | |||
| 598 | const EVP_MD *EVP_sha384(void); | 626 | const EVP_MD *EVP_sha384(void); |
| 599 | const EVP_MD *EVP_sha512(void); | 627 | const EVP_MD *EVP_sha512(void); |
| 600 | #endif | 628 | #endif |
| 601 | #endif | ||
| 602 | #endif | ||
| 603 | #ifndef OPENSSL_NO_MDC2 | 629 | #ifndef OPENSSL_NO_MDC2 |
| 604 | const EVP_MD *EVP_mdc2(void); | 630 | const EVP_MD *EVP_mdc2(void); |
| 605 | #endif | 631 | #endif |
| @@ -720,6 +746,37 @@ const EVP_CIPHER *EVP_aes_256_ctr(void); | |||
| 720 | #ifndef OPENSSL_NO_ACSS | 746 | #ifndef OPENSSL_NO_ACSS |
| 721 | const EVP_CIPHER *EVP_acss(void); | 747 | const EVP_CIPHER *EVP_acss(void); |
| 722 | #endif | 748 | #endif |
| 749 | #ifndef OPENSSL_NO_CAMELLIA | ||
| 750 | const EVP_CIPHER *EVP_camellia_128_ecb(void); | ||
| 751 | const EVP_CIPHER *EVP_camellia_128_cbc(void); | ||
| 752 | const EVP_CIPHER *EVP_camellia_128_cfb1(void); | ||
| 753 | const EVP_CIPHER *EVP_camellia_128_cfb8(void); | ||
| 754 | const EVP_CIPHER *EVP_camellia_128_cfb128(void); | ||
| 755 | # define EVP_camellia_128_cfb EVP_camellia_128_cfb128 | ||
| 756 | const EVP_CIPHER *EVP_camellia_128_ofb(void); | ||
| 757 | const EVP_CIPHER *EVP_camellia_192_ecb(void); | ||
| 758 | const EVP_CIPHER *EVP_camellia_192_cbc(void); | ||
| 759 | const EVP_CIPHER *EVP_camellia_192_cfb1(void); | ||
| 760 | const EVP_CIPHER *EVP_camellia_192_cfb8(void); | ||
| 761 | const EVP_CIPHER *EVP_camellia_192_cfb128(void); | ||
| 762 | # define EVP_camellia_192_cfb EVP_camellia_192_cfb128 | ||
| 763 | const EVP_CIPHER *EVP_camellia_192_ofb(void); | ||
| 764 | const EVP_CIPHER *EVP_camellia_256_ecb(void); | ||
| 765 | const EVP_CIPHER *EVP_camellia_256_cbc(void); | ||
| 766 | const EVP_CIPHER *EVP_camellia_256_cfb1(void); | ||
| 767 | const EVP_CIPHER *EVP_camellia_256_cfb8(void); | ||
| 768 | const EVP_CIPHER *EVP_camellia_256_cfb128(void); | ||
| 769 | # define EVP_camellia_256_cfb EVP_camellia_256_cfb128 | ||
| 770 | const EVP_CIPHER *EVP_camellia_256_ofb(void); | ||
| 771 | #endif | ||
| 772 | |||
| 773 | #ifndef OPENSSL_NO_SEED | ||
| 774 | const EVP_CIPHER *EVP_seed_ecb(void); | ||
| 775 | const EVP_CIPHER *EVP_seed_cbc(void); | ||
| 776 | const EVP_CIPHER *EVP_seed_cfb128(void); | ||
| 777 | # define EVP_seed_cfb EVP_seed_cfb128 | ||
| 778 | const EVP_CIPHER *EVP_seed_ofb(void); | ||
| 779 | #endif | ||
| 723 | 780 | ||
| 724 | void OPENSSL_add_all_algorithms_noconf(void); | 781 | void OPENSSL_add_all_algorithms_noconf(void); |
| 725 | void OPENSSL_add_all_algorithms_conf(void); | 782 | void OPENSSL_add_all_algorithms_conf(void); |
| @@ -745,10 +802,12 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name); | |||
| 745 | const EVP_MD *EVP_get_digestbyname(const char *name); | 802 | const EVP_MD *EVP_get_digestbyname(const char *name); |
| 746 | void EVP_cleanup(void); | 803 | void EVP_cleanup(void); |
| 747 | 804 | ||
| 748 | int EVP_PKEY_decrypt(unsigned char *dec_key,unsigned char *enc_key, | 805 | int EVP_PKEY_decrypt(unsigned char *dec_key, |
| 749 | int enc_key_len,EVP_PKEY *private_key); | 806 | const unsigned char *enc_key,int enc_key_len, |
| 807 | EVP_PKEY *private_key); | ||
| 750 | int EVP_PKEY_encrypt(unsigned char *enc_key, | 808 | int EVP_PKEY_encrypt(unsigned char *enc_key, |
| 751 | unsigned char *key,int key_len,EVP_PKEY *pub_key); | 809 | const unsigned char *key,int key_len, |
| 810 | EVP_PKEY *pub_key); | ||
| 752 | int EVP_PKEY_type(int type); | 811 | int EVP_PKEY_type(int type); |
| 753 | int EVP_PKEY_bits(EVP_PKEY *pkey); | 812 | int EVP_PKEY_bits(EVP_PKEY *pkey); |
| 754 | int EVP_PKEY_size(EVP_PKEY *pkey); | 813 | int EVP_PKEY_size(EVP_PKEY *pkey); |
| @@ -769,24 +828,31 @@ struct dh_st; | |||
| 769 | int EVP_PKEY_set1_DH(EVP_PKEY *pkey,struct dh_st *key); | 828 | int EVP_PKEY_set1_DH(EVP_PKEY *pkey,struct dh_st *key); |
| 770 | struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey); | 829 | struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey); |
| 771 | #endif | 830 | #endif |
| 772 | 831 | #ifndef OPENSSL_NO_EC | |
| 832 | struct ec_key_st; | ||
| 833 | int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey,struct ec_key_st *key); | ||
| 834 | struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey); | ||
| 835 | #endif | ||
| 773 | 836 | ||
| 774 | EVP_PKEY * EVP_PKEY_new(void); | 837 | EVP_PKEY * EVP_PKEY_new(void); |
| 775 | void EVP_PKEY_free(EVP_PKEY *pkey); | 838 | void EVP_PKEY_free(EVP_PKEY *pkey); |
| 776 | EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp, | 839 | |
| 840 | EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, const unsigned char **pp, | ||
| 777 | long length); | 841 | long length); |
| 778 | int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); | 842 | int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); |
| 779 | 843 | ||
| 780 | EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp, | 844 | EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, const unsigned char **pp, |
| 781 | long length); | 845 | long length); |
| 782 | EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp, | 846 | EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, |
| 783 | long length); | 847 | long length); |
| 784 | int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp); | 848 | int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp); |
| 785 | 849 | ||
| 786 | int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from); | 850 | int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from); |
| 787 | int EVP_PKEY_missing_parameters(EVP_PKEY *pkey); | 851 | int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey); |
| 788 | int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode); | 852 | int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode); |
| 789 | int EVP_PKEY_cmp_parameters(EVP_PKEY *a,EVP_PKEY *b); | 853 | int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b); |
| 854 | |||
| 855 | int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b); | ||
| 790 | 856 | ||
| 791 | int EVP_CIPHER_type(const EVP_CIPHER *ctx); | 857 | int EVP_CIPHER_type(const EVP_CIPHER *ctx); |
| 792 | 858 | ||
| @@ -803,7 +869,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 803 | ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, | 869 | ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, |
| 804 | int en_de); | 870 | int en_de); |
| 805 | int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, | 871 | int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, |
| 806 | unsigned char *salt, int saltlen, int iter, | 872 | const unsigned char *salt, int saltlen, int iter, |
| 807 | int keylen, unsigned char *out); | 873 | int keylen, unsigned char *out); |
| 808 | int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | 874 | int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, |
| 809 | ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, | 875 | ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, |
| @@ -826,30 +892,32 @@ void ERR_load_EVP_strings(void); | |||
| 826 | /* Error codes for the EVP functions. */ | 892 | /* Error codes for the EVP functions. */ |
| 827 | 893 | ||
| 828 | /* Function codes. */ | 894 | /* Function codes. */ |
| 829 | #define EVP_F_AES_INIT_KEY 129 | 895 | #define EVP_F_AES_INIT_KEY 133 |
| 896 | #define EVP_F_CAMELLIA_INIT_KEY 159 | ||
| 830 | #define EVP_F_D2I_PKEY 100 | 897 | #define EVP_F_D2I_PKEY 100 |
| 831 | #define EVP_F_EVP_ADD_CIPHER 130 | 898 | #define EVP_F_DSAPKEY2PKCS8 134 |
| 832 | #define EVP_F_EVP_ADD_DIGEST 131 | 899 | #define EVP_F_DSA_PKEY2PKCS8 135 |
| 833 | #define EVP_F_EVP_CIPHERINIT 123 | 900 | #define EVP_F_ECDSA_PKEY2PKCS8 129 |
| 901 | #define EVP_F_ECKEY_PKEY2PKCS8 132 | ||
| 902 | #define EVP_F_EVP_CIPHERINIT_EX 123 | ||
| 834 | #define EVP_F_EVP_CIPHER_CTX_CTRL 124 | 903 | #define EVP_F_EVP_CIPHER_CTX_CTRL 124 |
| 835 | #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 | 904 | #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 |
| 836 | #define EVP_F_EVP_DECRYPTFINAL 101 | 905 | #define EVP_F_EVP_DECRYPTFINAL_EX 101 |
| 837 | #define EVP_F_EVP_DIGESTINIT 128 | 906 | #define EVP_F_EVP_DIGESTINIT_EX 128 |
| 838 | #define EVP_F_EVP_ENCRYPTFINAL 127 | 907 | #define EVP_F_EVP_ENCRYPTFINAL_EX 127 |
| 839 | #define EVP_F_EVP_GET_CIPHERBYNAME 132 | 908 | #define EVP_F_EVP_MD_CTX_COPY_EX 110 |
| 840 | #define EVP_F_EVP_GET_DIGESTBYNAME 133 | ||
| 841 | #define EVP_F_EVP_MD_CTX_COPY 110 | ||
| 842 | #define EVP_F_EVP_OPENINIT 102 | 909 | #define EVP_F_EVP_OPENINIT 102 |
| 843 | #define EVP_F_EVP_PBE_ALG_ADD 115 | 910 | #define EVP_F_EVP_PBE_ALG_ADD 115 |
| 844 | #define EVP_F_EVP_PBE_CIPHERINIT 116 | 911 | #define EVP_F_EVP_PBE_CIPHERINIT 116 |
| 845 | #define EVP_F_EVP_PKCS82PKEY 111 | 912 | #define EVP_F_EVP_PKCS82PKEY 111 |
| 846 | #define EVP_F_EVP_PKCS8_SET_BROKEN 112 | 913 | #define EVP_F_EVP_PKEY2PKCS8_BROKEN 113 |
| 847 | #define EVP_F_EVP_PKEY2PKCS8 113 | ||
| 848 | #define EVP_F_EVP_PKEY_COPY_PARAMETERS 103 | 914 | #define EVP_F_EVP_PKEY_COPY_PARAMETERS 103 |
| 849 | #define EVP_F_EVP_PKEY_DECRYPT 104 | 915 | #define EVP_F_EVP_PKEY_DECRYPT 104 |
| 850 | #define EVP_F_EVP_PKEY_ENCRYPT 105 | 916 | #define EVP_F_EVP_PKEY_ENCRYPT 105 |
| 851 | #define EVP_F_EVP_PKEY_GET1_DH 119 | 917 | #define EVP_F_EVP_PKEY_GET1_DH 119 |
| 852 | #define EVP_F_EVP_PKEY_GET1_DSA 120 | 918 | #define EVP_F_EVP_PKEY_GET1_DSA 120 |
| 919 | #define EVP_F_EVP_PKEY_GET1_ECDSA 130 | ||
| 920 | #define EVP_F_EVP_PKEY_GET1_EC_KEY 131 | ||
| 853 | #define EVP_F_EVP_PKEY_GET1_RSA 121 | 921 | #define EVP_F_EVP_PKEY_GET1_RSA 121 |
| 854 | #define EVP_F_EVP_PKEY_NEW 106 | 922 | #define EVP_F_EVP_PKEY_NEW 106 |
| 855 | #define EVP_F_EVP_RIJNDAEL 126 | 923 | #define EVP_F_EVP_RIJNDAEL 126 |
| @@ -857,28 +925,32 @@ void ERR_load_EVP_strings(void); | |||
| 857 | #define EVP_F_EVP_VERIFYFINAL 108 | 925 | #define EVP_F_EVP_VERIFYFINAL 108 |
| 858 | #define EVP_F_PKCS5_PBE_KEYIVGEN 117 | 926 | #define EVP_F_PKCS5_PBE_KEYIVGEN 117 |
| 859 | #define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 | 927 | #define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 |
| 928 | #define EVP_F_PKCS8_SET_BROKEN 112 | ||
| 860 | #define EVP_F_RC2_MAGIC_TO_METH 109 | 929 | #define EVP_F_RC2_MAGIC_TO_METH 109 |
| 861 | #define EVP_F_RC5_CTRL 125 | 930 | #define EVP_F_RC5_CTRL 125 |
| 862 | 931 | ||
| 863 | /* Reason codes. */ | 932 | /* Reason codes. */ |
| 864 | #define EVP_R_AES_KEY_SETUP_FAILED 140 | 933 | #define EVP_R_AES_KEY_SETUP_FAILED 143 |
| 934 | #define EVP_R_ASN1_LIB 140 | ||
| 865 | #define EVP_R_BAD_BLOCK_LENGTH 136 | 935 | #define EVP_R_BAD_BLOCK_LENGTH 136 |
| 866 | #define EVP_R_BAD_DECRYPT 100 | 936 | #define EVP_R_BAD_DECRYPT 100 |
| 867 | #define EVP_R_BAD_KEY_LENGTH 137 | 937 | #define EVP_R_BAD_KEY_LENGTH 137 |
| 868 | #define EVP_R_BN_DECODE_ERROR 112 | 938 | #define EVP_R_BN_DECODE_ERROR 112 |
| 869 | #define EVP_R_BN_PUBKEY_ERROR 113 | 939 | #define EVP_R_BN_PUBKEY_ERROR 113 |
| 940 | #define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157 | ||
| 870 | #define EVP_R_CIPHER_PARAMETER_ERROR 122 | 941 | #define EVP_R_CIPHER_PARAMETER_ERROR 122 |
| 871 | #define EVP_R_CTRL_NOT_IMPLEMENTED 132 | 942 | #define EVP_R_CTRL_NOT_IMPLEMENTED 132 |
| 872 | #define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 | 943 | #define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 |
| 873 | #define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 | 944 | #define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 |
| 874 | #define EVP_R_DECODE_ERROR 114 | 945 | #define EVP_R_DECODE_ERROR 114 |
| 875 | #define EVP_R_DIFFERENT_KEY_TYPES 101 | 946 | #define EVP_R_DIFFERENT_KEY_TYPES 101 |
| 876 | #define EVP_R_DISABLED_FOR_FIPS 141 | ||
| 877 | #define EVP_R_ENCODE_ERROR 115 | 947 | #define EVP_R_ENCODE_ERROR 115 |
| 878 | #define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 | 948 | #define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 |
| 879 | #define EVP_R_EXPECTING_AN_RSA_KEY 127 | 949 | #define EVP_R_EXPECTING_AN_RSA_KEY 127 |
| 880 | #define EVP_R_EXPECTING_A_DH_KEY 128 | 950 | #define EVP_R_EXPECTING_A_DH_KEY 128 |
| 881 | #define EVP_R_EXPECTING_A_DSA_KEY 129 | 951 | #define EVP_R_EXPECTING_A_DSA_KEY 129 |
| 952 | #define EVP_R_EXPECTING_A_ECDSA_KEY 141 | ||
| 953 | #define EVP_R_EXPECTING_A_EC_KEY 142 | ||
| 882 | #define EVP_R_INITIALIZATION_ERROR 134 | 954 | #define EVP_R_INITIALIZATION_ERROR 134 |
| 883 | #define EVP_R_INPUT_NOT_INITIALIZED 111 | 955 | #define EVP_R_INPUT_NOT_INITIALIZED 111 |
| 884 | #define EVP_R_INVALID_KEY_LENGTH 130 | 956 | #define EVP_R_INVALID_KEY_LENGTH 130 |
| @@ -903,6 +975,7 @@ void ERR_load_EVP_strings(void); | |||
| 903 | #define EVP_R_UNSUPPORTED_SALT_TYPE 126 | 975 | #define EVP_R_UNSUPPORTED_SALT_TYPE 126 |
| 904 | #define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 | 976 | #define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 |
| 905 | #define EVP_R_WRONG_PUBLIC_KEY_TYPE 110 | 977 | #define EVP_R_WRONG_PUBLIC_KEY_TYPE 110 |
| 978 | #define EVP_R_SEED_KEY_SETUP_FAILED 162 | ||
| 906 | 979 | ||
| 907 | #ifdef __cplusplus | 980 | #ifdef __cplusplus |
| 908 | } | 981 | } |
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c index f549eeb437..a1904993bf 100644 --- a/src/lib/libcrypto/evp/evp_enc.c +++ b/src/lib/libcrypto/evp/evp_enc.c | |||
| @@ -60,12 +60,13 @@ | |||
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/evp.h> | 61 | #include <openssl/evp.h> |
| 62 | #include <openssl/err.h> | 62 | #include <openssl/err.h> |
| 63 | #include <openssl/rand.h> | ||
| 63 | #ifndef OPENSSL_NO_ENGINE | 64 | #ifndef OPENSSL_NO_ENGINE |
| 64 | #include <openssl/engine.h> | 65 | #include <openssl/engine.h> |
| 65 | #endif | 66 | #endif |
| 66 | #include "evp_locl.h" | 67 | #include "evp_locl.h" |
| 67 | 68 | ||
| 68 | const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT; | 69 | const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT; |
| 69 | 70 | ||
| 70 | void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) | 71 | void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) |
| 71 | { | 72 | { |
| @@ -73,6 +74,13 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) | |||
| 73 | /* ctx->cipher=NULL; */ | 74 | /* ctx->cipher=NULL; */ |
| 74 | } | 75 | } |
| 75 | 76 | ||
| 77 | EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) | ||
| 78 | { | ||
| 79 | EVP_CIPHER_CTX *ctx=OPENSSL_malloc(sizeof *ctx); | ||
| 80 | if (ctx) | ||
| 81 | EVP_CIPHER_CTX_init(ctx); | ||
| 82 | return ctx; | ||
| 83 | } | ||
| 76 | 84 | ||
| 77 | int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, | 85 | int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, |
| 78 | const unsigned char *key, const unsigned char *iv, int enc) | 86 | const unsigned char *key, const unsigned char *iv, int enc) |
| @@ -82,48 +90,6 @@ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, | |||
| 82 | return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc); | 90 | return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc); |
| 83 | } | 91 | } |
| 84 | 92 | ||
| 85 | #ifdef OPENSSL_FIPS | ||
| 86 | |||
| 87 | /* The purpose of these is to trap programs that attempt to use non FIPS | ||
| 88 | * algorithms in FIPS mode and ignore the errors. | ||
| 89 | */ | ||
| 90 | |||
| 91 | int bad_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, | ||
| 92 | const unsigned char *iv, int enc) | ||
| 93 | { FIPS_ERROR_IGNORED("Cipher init"); return 0;} | ||
| 94 | |||
| 95 | int bad_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
| 96 | const unsigned char *in, unsigned int inl) | ||
| 97 | { FIPS_ERROR_IGNORED("Cipher update"); return 0;} | ||
| 98 | |||
| 99 | /* NB: no cleanup because it is allowed after failed init */ | ||
| 100 | |||
| 101 | int bad_set_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ) | ||
| 102 | { FIPS_ERROR_IGNORED("Cipher set_asn1"); return 0;} | ||
| 103 | int bad_get_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ) | ||
| 104 | { FIPS_ERROR_IGNORED("Cipher get_asn1"); return 0;} | ||
| 105 | int bad_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) | ||
| 106 | { FIPS_ERROR_IGNORED("Cipher ctrl"); return 0;} | ||
| 107 | |||
| 108 | static const EVP_CIPHER bad_cipher = | ||
| 109 | { | ||
| 110 | 0, | ||
| 111 | 0, | ||
| 112 | 0, | ||
| 113 | 0, | ||
| 114 | 0, | ||
| 115 | bad_init, | ||
| 116 | bad_do_cipher, | ||
| 117 | NULL, | ||
| 118 | 0, | ||
| 119 | bad_set_asn1, | ||
| 120 | bad_get_asn1, | ||
| 121 | bad_ctrl, | ||
| 122 | NULL | ||
| 123 | }; | ||
| 124 | |||
| 125 | #endif | ||
| 126 | |||
| 127 | int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, | 93 | int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, |
| 128 | const unsigned char *key, const unsigned char *iv, int enc) | 94 | const unsigned char *key, const unsigned char *iv, int enc) |
| 129 | { | 95 | { |
| @@ -158,7 +124,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 158 | { | 124 | { |
| 159 | if (!ENGINE_init(impl)) | 125 | if (!ENGINE_init(impl)) |
| 160 | { | 126 | { |
| 161 | EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR); | 127 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); |
| 162 | return 0; | 128 | return 0; |
| 163 | } | 129 | } |
| 164 | } | 130 | } |
| @@ -175,7 +141,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 175 | * control history, is that we should at least | 141 | * control history, is that we should at least |
| 176 | * be able to avoid using US mispellings of | 142 | * be able to avoid using US mispellings of |
| 177 | * "initialisation"? */ | 143 | * "initialisation"? */ |
| 178 | EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR); | 144 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); |
| 179 | return 0; | 145 | return 0; |
| 180 | } | 146 | } |
| 181 | /* We'll use the ENGINE's private cipher definition */ | 147 | /* We'll use the ENGINE's private cipher definition */ |
| @@ -188,13 +154,14 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 188 | else | 154 | else |
| 189 | ctx->engine = NULL; | 155 | ctx->engine = NULL; |
| 190 | #endif | 156 | #endif |
| 157 | |||
| 191 | ctx->cipher=cipher; | 158 | ctx->cipher=cipher; |
| 192 | if (ctx->cipher->ctx_size) | 159 | if (ctx->cipher->ctx_size) |
| 193 | { | 160 | { |
| 194 | ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); | 161 | ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); |
| 195 | if (!ctx->cipher_data) | 162 | if (!ctx->cipher_data) |
| 196 | { | 163 | { |
| 197 | EVPerr(EVP_F_EVP_CIPHERINIT, ERR_R_MALLOC_FAILURE); | 164 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE); |
| 198 | return 0; | 165 | return 0; |
| 199 | } | 166 | } |
| 200 | } | 167 | } |
| @@ -208,14 +175,14 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 208 | { | 175 | { |
| 209 | if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) | 176 | if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) |
| 210 | { | 177 | { |
| 211 | EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR); | 178 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); |
| 212 | return 0; | 179 | return 0; |
| 213 | } | 180 | } |
| 214 | } | 181 | } |
| 215 | } | 182 | } |
| 216 | else if(!ctx->cipher) | 183 | else if(!ctx->cipher) |
| 217 | { | 184 | { |
| 218 | EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET); | 185 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET); |
| 219 | return 0; | 186 | return 0; |
| 220 | } | 187 | } |
| 221 | #ifndef OPENSSL_NO_ENGINE | 188 | #ifndef OPENSSL_NO_ENGINE |
| @@ -240,7 +207,8 @@ skip_to_init: | |||
| 240 | 207 | ||
| 241 | case EVP_CIPH_CBC_MODE: | 208 | case EVP_CIPH_CBC_MODE: |
| 242 | 209 | ||
| 243 | OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof ctx->iv); | 210 | OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= |
| 211 | (int)sizeof(ctx->iv)); | ||
| 244 | if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); | 212 | if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); |
| 245 | memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); | 213 | memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); |
| 246 | break; | 214 | break; |
| @@ -251,24 +219,6 @@ skip_to_init: | |||
| 251 | } | 219 | } |
| 252 | } | 220 | } |
| 253 | 221 | ||
| 254 | #ifdef OPENSSL_FIPS | ||
| 255 | /* After 'key' is set no further parameters changes are permissible. | ||
| 256 | * So only check for non FIPS enabling at this point. | ||
| 257 | */ | ||
| 258 | if (key && FIPS_mode()) | ||
| 259 | { | ||
| 260 | if (!(ctx->cipher->flags & EVP_CIPH_FLAG_FIPS) | ||
| 261 | & !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) | ||
| 262 | { | ||
| 263 | EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_DISABLED_FOR_FIPS); | ||
| 264 | ERR_add_error_data(2, "cipher=", | ||
| 265 | EVP_CIPHER_name(ctx->cipher)); | ||
| 266 | ctx->cipher = &bad_cipher; | ||
| 267 | return 0; | ||
| 268 | } | ||
| 269 | } | ||
| 270 | #endif | ||
| 271 | |||
| 272 | if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { | 222 | if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { |
| 273 | if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; | 223 | if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; |
| 274 | } | 224 | } |
| @@ -345,7 +295,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, | |||
| 345 | } | 295 | } |
| 346 | i=ctx->buf_len; | 296 | i=ctx->buf_len; |
| 347 | bl=ctx->cipher->block_size; | 297 | bl=ctx->cipher->block_size; |
| 348 | OPENSSL_assert(bl <= sizeof ctx->buf); | 298 | OPENSSL_assert(bl <= (int)sizeof(ctx->buf)); |
| 349 | if (i != 0) | 299 | if (i != 0) |
| 350 | { | 300 | { |
| 351 | if (i+inl < bl) | 301 | if (i+inl < bl) |
| @@ -391,7 +341,8 @@ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | |||
| 391 | 341 | ||
| 392 | int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | 342 | int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) |
| 393 | { | 343 | { |
| 394 | int i,n,b,bl,ret; | 344 | int n,ret; |
| 345 | unsigned int i, b, bl; | ||
| 395 | 346 | ||
| 396 | b=ctx->cipher->block_size; | 347 | b=ctx->cipher->block_size; |
| 397 | OPENSSL_assert(b <= sizeof ctx->buf); | 348 | OPENSSL_assert(b <= sizeof ctx->buf); |
| @@ -405,7 +356,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | |||
| 405 | { | 356 | { |
| 406 | if(bl) | 357 | if(bl) |
| 407 | { | 358 | { |
| 408 | EVPerr(EVP_F_EVP_ENCRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); | 359 | EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); |
| 409 | return 0; | 360 | return 0; |
| 410 | } | 361 | } |
| 411 | *outl = 0; | 362 | *outl = 0; |
| @@ -427,7 +378,8 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | |||
| 427 | int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, | 378 | int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, |
| 428 | const unsigned char *in, int inl) | 379 | const unsigned char *in, int inl) |
| 429 | { | 380 | { |
| 430 | int b, fix_len; | 381 | int fix_len; |
| 382 | unsigned int b; | ||
| 431 | 383 | ||
| 432 | if (inl == 0) | 384 | if (inl == 0) |
| 433 | { | 385 | { |
| @@ -480,8 +432,8 @@ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | |||
| 480 | 432 | ||
| 481 | int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | 433 | int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) |
| 482 | { | 434 | { |
| 483 | int i,b; | 435 | int i,n; |
| 484 | int n; | 436 | unsigned int b; |
| 485 | 437 | ||
| 486 | *outl=0; | 438 | *outl=0; |
| 487 | b=ctx->cipher->block_size; | 439 | b=ctx->cipher->block_size; |
| @@ -489,7 +441,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | |||
| 489 | { | 441 | { |
| 490 | if(ctx->buf_len) | 442 | if(ctx->buf_len) |
| 491 | { | 443 | { |
| 492 | EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); | 444 | EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); |
| 493 | return 0; | 445 | return 0; |
| 494 | } | 446 | } |
| 495 | *outl = 0; | 447 | *outl = 0; |
| @@ -499,21 +451,21 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | |||
| 499 | { | 451 | { |
| 500 | if (ctx->buf_len || !ctx->final_used) | 452 | if (ctx->buf_len || !ctx->final_used) |
| 501 | { | 453 | { |
| 502 | EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH); | 454 | EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH); |
| 503 | return(0); | 455 | return(0); |
| 504 | } | 456 | } |
| 505 | OPENSSL_assert(b <= sizeof ctx->final); | 457 | OPENSSL_assert(b <= sizeof ctx->final); |
| 506 | n=ctx->final[b-1]; | 458 | n=ctx->final[b-1]; |
| 507 | if (n > b) | 459 | if (n == 0 || n > (int)b) |
| 508 | { | 460 | { |
| 509 | EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT); | 461 | EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); |
| 510 | return(0); | 462 | return(0); |
| 511 | } | 463 | } |
| 512 | for (i=0; i<n; i++) | 464 | for (i=0; i<n; i++) |
| 513 | { | 465 | { |
| 514 | if (ctx->final[--b] != n) | 466 | if (ctx->final[--b] != n) |
| 515 | { | 467 | { |
| 516 | EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT); | 468 | EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); |
| 517 | return(0); | 469 | return(0); |
| 518 | } | 470 | } |
| 519 | } | 471 | } |
| @@ -527,6 +479,15 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | |||
| 527 | return(1); | 479 | return(1); |
| 528 | } | 480 | } |
| 529 | 481 | ||
| 482 | void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) | ||
| 483 | { | ||
| 484 | if (ctx) | ||
| 485 | { | ||
| 486 | EVP_CIPHER_CTX_cleanup(ctx); | ||
| 487 | OPENSSL_free(ctx); | ||
| 488 | } | ||
| 489 | } | ||
| 490 | |||
| 530 | int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) | 491 | int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) |
| 531 | { | 492 | { |
| 532 | if (c->cipher != NULL) | 493 | if (c->cipher != NULL) |
| @@ -590,3 +551,13 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) | |||
| 590 | } | 551 | } |
| 591 | return ret; | 552 | return ret; |
| 592 | } | 553 | } |
| 554 | |||
| 555 | int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) | ||
| 556 | { | ||
| 557 | if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) | ||
| 558 | return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key); | ||
| 559 | if (RAND_bytes(key, ctx->key_len) <= 0) | ||
| 560 | return 0; | ||
| 561 | return 1; | ||
| 562 | } | ||
| 563 | |||
diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c index 77eee070d3..e8c9e8de9c 100644 --- a/src/lib/libcrypto/evp/evp_err.c +++ b/src/lib/libcrypto/evp/evp_err.c | |||
| @@ -71,29 +71,31 @@ | |||
| 71 | static ERR_STRING_DATA EVP_str_functs[]= | 71 | static ERR_STRING_DATA EVP_str_functs[]= |
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"}, | 73 | {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"}, |
| 74 | {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"}, | ||
| 74 | {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"}, | 75 | {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"}, |
| 75 | {ERR_FUNC(EVP_F_EVP_ADD_CIPHER), "EVP_add_cipher"}, | 76 | {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"}, |
| 76 | {ERR_FUNC(EVP_F_EVP_ADD_DIGEST), "EVP_add_digest"}, | 77 | {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"}, |
| 77 | {ERR_FUNC(EVP_F_EVP_CIPHERINIT), "EVP_CipherInit"}, | 78 | {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"}, |
| 79 | {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"}, | ||
| 80 | {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, | ||
| 78 | {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"}, | 81 | {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"}, |
| 79 | {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"}, | 82 | {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"}, |
| 80 | {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL), "EVP_DecryptFinal"}, | 83 | {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"}, |
| 81 | {ERR_FUNC(EVP_F_EVP_DIGESTINIT), "EVP_DigestInit"}, | 84 | {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, |
| 82 | {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL), "EVP_EncryptFinal"}, | 85 | {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"}, |
| 83 | {ERR_FUNC(EVP_F_EVP_GET_CIPHERBYNAME), "EVP_get_cipherbyname"}, | 86 | {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"}, |
| 84 | {ERR_FUNC(EVP_F_EVP_GET_DIGESTBYNAME), "EVP_get_digestbyname"}, | ||
| 85 | {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY), "EVP_MD_CTX_copy"}, | ||
| 86 | {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"}, | 87 | {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"}, |
| 87 | {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"}, | 88 | {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"}, |
| 88 | {ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"}, | 89 | {ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"}, |
| 89 | {ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"}, | 90 | {ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"}, |
| 90 | {ERR_FUNC(EVP_F_EVP_PKCS8_SET_BROKEN), "EVP_PKCS8_SET_BROKEN"}, | 91 | {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"}, |
| 91 | {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8), "EVP_PKEY2PKCS8"}, | ||
| 92 | {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"}, | 92 | {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"}, |
| 93 | {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"}, | 93 | {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"}, |
| 94 | {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"}, | 94 | {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"}, |
| 95 | {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"}, | 95 | {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"}, |
| 96 | {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"}, | 96 | {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"}, |
| 97 | {ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"}, | ||
| 98 | {ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"}, | ||
| 97 | {ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"}, | 99 | {ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"}, |
| 98 | {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"}, | 100 | {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"}, |
| 99 | {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"}, | 101 | {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"}, |
| @@ -101,6 +103,7 @@ static ERR_STRING_DATA EVP_str_functs[]= | |||
| 101 | {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"}, | 103 | {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"}, |
| 102 | {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"}, | 104 | {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"}, |
| 103 | {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"}, | 105 | {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"}, |
| 106 | {ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"}, | ||
| 104 | {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"}, | 107 | {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"}, |
| 105 | {ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"}, | 108 | {ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"}, |
| 106 | {0,NULL} | 109 | {0,NULL} |
| @@ -109,23 +112,26 @@ static ERR_STRING_DATA EVP_str_functs[]= | |||
| 109 | static ERR_STRING_DATA EVP_str_reasons[]= | 112 | static ERR_STRING_DATA EVP_str_reasons[]= |
| 110 | { | 113 | { |
| 111 | {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) ,"aes key setup failed"}, | 114 | {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) ,"aes key setup failed"}, |
| 115 | {ERR_REASON(EVP_R_ASN1_LIB) ,"asn1 lib"}, | ||
| 112 | {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) ,"bad block length"}, | 116 | {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) ,"bad block length"}, |
| 113 | {ERR_REASON(EVP_R_BAD_DECRYPT) ,"bad decrypt"}, | 117 | {ERR_REASON(EVP_R_BAD_DECRYPT) ,"bad decrypt"}, |
| 114 | {ERR_REASON(EVP_R_BAD_KEY_LENGTH) ,"bad key length"}, | 118 | {ERR_REASON(EVP_R_BAD_KEY_LENGTH) ,"bad key length"}, |
| 115 | {ERR_REASON(EVP_R_BN_DECODE_ERROR) ,"bn decode error"}, | 119 | {ERR_REASON(EVP_R_BN_DECODE_ERROR) ,"bn decode error"}, |
| 116 | {ERR_REASON(EVP_R_BN_PUBKEY_ERROR) ,"bn pubkey error"}, | 120 | {ERR_REASON(EVP_R_BN_PUBKEY_ERROR) ,"bn pubkey error"}, |
| 121 | {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),"camellia key setup failed"}, | ||
| 117 | {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"}, | 122 | {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"}, |
| 118 | {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) ,"ctrl not implemented"}, | 123 | {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) ,"ctrl not implemented"}, |
| 119 | {ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),"ctrl operation not implemented"}, | 124 | {ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),"ctrl operation not implemented"}, |
| 120 | {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"}, | 125 | {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"}, |
| 121 | {ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"}, | 126 | {ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"}, |
| 122 | {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"}, | 127 | {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"}, |
| 123 | {ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"}, | ||
| 124 | {ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, | 128 | {ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, |
| 125 | {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, | 129 | {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, |
| 126 | {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, | 130 | {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, |
| 127 | {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"}, | 131 | {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"}, |
| 128 | {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"}, | 132 | {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"}, |
| 133 | {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"}, | ||
| 134 | {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"}, | ||
| 129 | {ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"}, | 135 | {ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"}, |
| 130 | {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"}, | 136 | {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"}, |
| 131 | {ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"}, | 137 | {ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"}, |
| @@ -157,15 +163,12 @@ static ERR_STRING_DATA EVP_str_reasons[]= | |||
| 157 | 163 | ||
| 158 | void ERR_load_EVP_strings(void) | 164 | void ERR_load_EVP_strings(void) |
| 159 | { | 165 | { |
| 160 | static int init=1; | 166 | #ifndef OPENSSL_NO_ERR |
| 161 | 167 | ||
| 162 | if (init) | 168 | if (ERR_func_error_string(EVP_str_functs[0].error) == NULL) |
| 163 | { | 169 | { |
| 164 | init=0; | ||
| 165 | #ifndef OPENSSL_NO_ERR | ||
| 166 | ERR_load_strings(0,EVP_str_functs); | 170 | ERR_load_strings(0,EVP_str_functs); |
| 167 | ERR_load_strings(0,EVP_str_reasons); | 171 | ERR_load_strings(0,EVP_str_reasons); |
| 168 | #endif | ||
| 169 | |||
| 170 | } | 172 | } |
| 173 | #endif | ||
| 171 | } | 174 | } |
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c index f8650d5df6..361ea69ab6 100644 --- a/src/lib/libcrypto/evp/evp_key.c +++ b/src/lib/libcrypto/evp/evp_key.c | |||
| @@ -66,7 +66,7 @@ | |||
| 66 | /* should be init to zeros. */ | 66 | /* should be init to zeros. */ |
| 67 | static char prompt_string[80]; | 67 | static char prompt_string[80]; |
| 68 | 68 | ||
| 69 | void EVP_set_pw_prompt(char *prompt) | 69 | void EVP_set_pw_prompt(const char *prompt) |
| 70 | { | 70 | { |
| 71 | if (prompt == NULL) | 71 | if (prompt == NULL) |
| 72 | prompt_string[0]='\0'; | 72 | prompt_string[0]='\0'; |
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c index a63ba19317..edb28ef38e 100644 --- a/src/lib/libcrypto/evp/evp_lib.c +++ b/src/lib/libcrypto/evp/evp_lib.c | |||
| @@ -68,7 +68,7 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | |||
| 68 | if (c->cipher->set_asn1_parameters != NULL) | 68 | if (c->cipher->set_asn1_parameters != NULL) |
| 69 | ret=c->cipher->set_asn1_parameters(c,type); | 69 | ret=c->cipher->set_asn1_parameters(c,type); |
| 70 | else | 70 | else |
| 71 | return -1; | 71 | ret=-1; |
| 72 | return(ret); | 72 | return(ret); |
| 73 | } | 73 | } |
| 74 | 74 | ||
| @@ -79,20 +79,21 @@ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | |||
| 79 | if (c->cipher->get_asn1_parameters != NULL) | 79 | if (c->cipher->get_asn1_parameters != NULL) |
| 80 | ret=c->cipher->get_asn1_parameters(c,type); | 80 | ret=c->cipher->get_asn1_parameters(c,type); |
| 81 | else | 81 | else |
| 82 | return -1; | 82 | ret=-1; |
| 83 | return(ret); | 83 | return(ret); |
| 84 | } | 84 | } |
| 85 | 85 | ||
| 86 | int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | 86 | int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) |
| 87 | { | 87 | { |
| 88 | int i=0,l; | 88 | int i=0; |
| 89 | unsigned int l; | ||
| 89 | 90 | ||
| 90 | if (type != NULL) | 91 | if (type != NULL) |
| 91 | { | 92 | { |
| 92 | l=EVP_CIPHER_CTX_iv_length(c); | 93 | l=EVP_CIPHER_CTX_iv_length(c); |
| 93 | OPENSSL_assert(l <= sizeof c->iv); | 94 | OPENSSL_assert(l <= sizeof(c->iv)); |
| 94 | i=ASN1_TYPE_get_octetstring(type,c->oiv,l); | 95 | i=ASN1_TYPE_get_octetstring(type,c->oiv,l); |
| 95 | if (i != l) | 96 | if (i != (int)l) |
| 96 | return(-1); | 97 | return(-1); |
| 97 | else if (i > 0) | 98 | else if (i > 0) |
| 98 | memcpy(c->iv,c->oiv,l); | 99 | memcpy(c->iv,c->oiv,l); |
| @@ -102,12 +103,13 @@ int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | |||
| 102 | 103 | ||
| 103 | int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | 104 | int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) |
| 104 | { | 105 | { |
| 105 | int i=0,j; | 106 | int i=0; |
| 107 | unsigned int j; | ||
| 106 | 108 | ||
| 107 | if (type != NULL) | 109 | if (type != NULL) |
| 108 | { | 110 | { |
| 109 | j=EVP_CIPHER_CTX_iv_length(c); | 111 | j=EVP_CIPHER_CTX_iv_length(c); |
| 110 | OPENSSL_assert(j <= sizeof c->iv); | 112 | OPENSSL_assert(j <= sizeof(c->iv)); |
| 111 | i=ASN1_TYPE_set_octetstring(type,c->oiv,j); | 113 | i=ASN1_TYPE_set_octetstring(type,c->oiv,j); |
| 112 | } | 114 | } |
| 113 | return(i); | 115 | return(i); |
| @@ -166,3 +168,112 @@ int EVP_CIPHER_type(const EVP_CIPHER *ctx) | |||
| 166 | } | 168 | } |
| 167 | } | 169 | } |
| 168 | 170 | ||
| 171 | int EVP_CIPHER_block_size(const EVP_CIPHER *e) | ||
| 172 | { | ||
| 173 | return e->block_size; | ||
| 174 | } | ||
| 175 | |||
| 176 | int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx) | ||
| 177 | { | ||
| 178 | return ctx->cipher->block_size; | ||
| 179 | } | ||
| 180 | |||
| 181 | int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) | ||
| 182 | { | ||
| 183 | return ctx->cipher->do_cipher(ctx,out,in,inl); | ||
| 184 | } | ||
| 185 | |||
| 186 | const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx) | ||
| 187 | { | ||
| 188 | return ctx->cipher; | ||
| 189 | } | ||
| 190 | |||
| 191 | unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher) | ||
| 192 | { | ||
| 193 | return cipher->flags; | ||
| 194 | } | ||
| 195 | |||
| 196 | unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) | ||
| 197 | { | ||
| 198 | return ctx->cipher->flags; | ||
| 199 | } | ||
| 200 | |||
| 201 | void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) | ||
| 202 | { | ||
| 203 | return ctx->app_data; | ||
| 204 | } | ||
| 205 | |||
| 206 | void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data) | ||
| 207 | { | ||
| 208 | ctx->app_data = data; | ||
| 209 | } | ||
| 210 | |||
| 211 | int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher) | ||
| 212 | { | ||
| 213 | return cipher->iv_len; | ||
| 214 | } | ||
| 215 | |||
| 216 | int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) | ||
| 217 | { | ||
| 218 | return ctx->cipher->iv_len; | ||
| 219 | } | ||
| 220 | |||
| 221 | int EVP_CIPHER_key_length(const EVP_CIPHER *cipher) | ||
| 222 | { | ||
| 223 | return cipher->key_len; | ||
| 224 | } | ||
| 225 | |||
| 226 | int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) | ||
| 227 | { | ||
| 228 | return ctx->key_len; | ||
| 229 | } | ||
| 230 | |||
| 231 | int EVP_CIPHER_nid(const EVP_CIPHER *cipher) | ||
| 232 | { | ||
| 233 | return cipher->nid; | ||
| 234 | } | ||
| 235 | |||
| 236 | int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx) | ||
| 237 | { | ||
| 238 | return ctx->cipher->nid; | ||
| 239 | } | ||
| 240 | |||
| 241 | int EVP_MD_block_size(const EVP_MD *md) | ||
| 242 | { | ||
| 243 | return md->block_size; | ||
| 244 | } | ||
| 245 | |||
| 246 | int EVP_MD_type(const EVP_MD *md) | ||
| 247 | { | ||
| 248 | return md->type; | ||
| 249 | } | ||
| 250 | |||
| 251 | int EVP_MD_pkey_type(const EVP_MD *md) | ||
| 252 | { | ||
| 253 | return md->pkey_type; | ||
| 254 | } | ||
| 255 | |||
| 256 | int EVP_MD_size(const EVP_MD *md) | ||
| 257 | { | ||
| 258 | return md->md_size; | ||
| 259 | } | ||
| 260 | |||
| 261 | const EVP_MD * EVP_MD_CTX_md(const EVP_MD_CTX *ctx) | ||
| 262 | { | ||
| 263 | return ctx->digest; | ||
| 264 | } | ||
| 265 | |||
| 266 | void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags) | ||
| 267 | { | ||
| 268 | ctx->flags |= flags; | ||
| 269 | } | ||
| 270 | |||
| 271 | void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags) | ||
| 272 | { | ||
| 273 | ctx->flags &= ~flags; | ||
| 274 | } | ||
| 275 | |||
| 276 | int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags) | ||
| 277 | { | ||
| 278 | return (ctx->flags & flags); | ||
| 279 | } | ||
diff --git a/src/lib/libcrypto/evp/evp_locl.h b/src/lib/libcrypto/evp/evp_locl.h index f8c5343620..073b0adcff 100644 --- a/src/lib/libcrypto/evp/evp_locl.h +++ b/src/lib/libcrypto/evp/evp_locl.h | |||
| @@ -65,7 +65,7 @@ | |||
| 65 | bl = ctx->cipher->block_size;\ | 65 | bl = ctx->cipher->block_size;\ |
| 66 | if(inl < bl) return 1;\ | 66 | if(inl < bl) return 1;\ |
| 67 | inl -= bl; \ | 67 | inl -= bl; \ |
| 68 | for(i=0; i <= inl; i+=bl) \ | 68 | for(i=0; i <= inl; i+=bl) |
| 69 | 69 | ||
| 70 | #define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ | 70 | #define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ |
| 71 | static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ | 71 | static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ |
| @@ -92,7 +92,7 @@ static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const uns | |||
| 92 | #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ | 92 | #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ |
| 93 | static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ | 93 | static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ |
| 94 | {\ | 94 | {\ |
| 95 | cprefix##_cfb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ | 95 | cprefix##_cfb##cbits##_encrypt(in, out, (long)(cbits==1?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ |
| 96 | return 1;\ | 96 | return 1;\ |
| 97 | } | 97 | } |
| 98 | 98 | ||
| @@ -226,27 +226,11 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } | |||
| 226 | 226 | ||
| 227 | #define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data) | 227 | #define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data) |
| 228 | 228 | ||
| 229 | #define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,flags) \ | 229 | #define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \ |
| 230 | BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \ | 230 | BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \ |
| 231 | BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \ | 231 | BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \ |
| 232 | NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \ | 232 | NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \ |
| 233 | flags, cipher##_init_key, NULL, \ | 233 | 0, cipher##_init_key, NULL, \ |
| 234 | EVP_CIPHER_set_asn1_iv, \ | 234 | EVP_CIPHER_set_asn1_iv, \ |
| 235 | EVP_CIPHER_get_asn1_iv, \ | 235 | EVP_CIPHER_get_asn1_iv, \ |
| 236 | NULL) | 236 | NULL) |
| 237 | |||
| 238 | #ifdef OPENSSL_FIPS | ||
| 239 | #define RC2_set_key private_RC2_set_key | ||
| 240 | #define RC4_set_key private_RC4_set_key | ||
| 241 | #define CAST_set_key private_CAST_set_key | ||
| 242 | #define RC5_32_set_key private_RC5_32_set_key | ||
| 243 | #define BF_set_key private_BF_set_key | ||
| 244 | #define idea_set_encrypt_key private_idea_set_encrypt_key | ||
| 245 | |||
| 246 | #define MD5_Init private_MD5_Init | ||
| 247 | #define MD4_Init private_MD4_Init | ||
| 248 | #define MD2_Init private_MD2_Init | ||
| 249 | #define MDC2_Init private_MDC2_Init | ||
| 250 | #define SHA_Init private_SHA_Init | ||
| 251 | |||
| 252 | #endif | ||
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c index 91e545a141..c26d2de0f3 100644 --- a/src/lib/libcrypto/evp/evp_pbe.c +++ b/src/lib/libcrypto/evp/evp_pbe.c | |||
| @@ -74,7 +74,7 @@ const EVP_MD *md; | |||
| 74 | EVP_PBE_KEYGEN *keygen; | 74 | EVP_PBE_KEYGEN *keygen; |
| 75 | } EVP_PBE_CTL; | 75 | } EVP_PBE_CTL; |
| 76 | 76 | ||
| 77 | int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen, | 77 | int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, |
| 78 | ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de) | 78 | ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de) |
| 79 | { | 79 | { |
| 80 | 80 | ||
| @@ -106,7 +106,8 @@ int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen, | |||
| 106 | 106 | ||
| 107 | static int pbe_cmp(const char * const *a, const char * const *b) | 107 | static int pbe_cmp(const char * const *a, const char * const *b) |
| 108 | { | 108 | { |
| 109 | EVP_PBE_CTL **pbe1 = (EVP_PBE_CTL **) a, **pbe2 = (EVP_PBE_CTL **)b; | 109 | const EVP_PBE_CTL * const *pbe1 = (const EVP_PBE_CTL * const *) a, |
| 110 | * const *pbe2 = (const EVP_PBE_CTL * const *)b; | ||
| 110 | return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid); | 111 | return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid); |
| 111 | } | 112 | } |
| 112 | 113 | ||
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c index 47a69932a5..0147f3e02a 100644 --- a/src/lib/libcrypto/evp/evp_pkey.c +++ b/src/lib/libcrypto/evp/evp_pkey.c | |||
| @@ -3,7 +3,7 @@ | |||
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -61,14 +61,24 @@ | |||
| 61 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 62 | #include <openssl/x509.h> | 62 | #include <openssl/x509.h> |
| 63 | #include <openssl/rand.h> | 63 | #include <openssl/rand.h> |
| 64 | #ifndef OPENSSL_NO_RSA | ||
| 65 | #include <openssl/rsa.h> | ||
| 66 | #endif | ||
| 67 | #ifndef OPENSSL_NO_DSA | ||
| 68 | #include <openssl/dsa.h> | ||
| 69 | #endif | ||
| 70 | #include <openssl/bn.h> | ||
| 64 | 71 | ||
| 65 | #ifndef OPENSSL_NO_DSA | 72 | #ifndef OPENSSL_NO_DSA |
| 66 | static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); | 73 | static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); |
| 67 | #endif | 74 | #endif |
| 75 | #ifndef OPENSSL_NO_EC | ||
| 76 | static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); | ||
| 77 | #endif | ||
| 68 | 78 | ||
| 69 | /* Extract a private key from a PKCS8 structure */ | 79 | /* Extract a private key from a PKCS8 structure */ |
| 70 | 80 | ||
| 71 | EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) | 81 | EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) |
| 72 | { | 82 | { |
| 73 | EVP_PKEY *pkey = NULL; | 83 | EVP_PKEY *pkey = NULL; |
| 74 | #ifndef OPENSSL_NO_RSA | 84 | #ifndef OPENSSL_NO_RSA |
| @@ -76,16 +86,24 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) | |||
| 76 | #endif | 86 | #endif |
| 77 | #ifndef OPENSSL_NO_DSA | 87 | #ifndef OPENSSL_NO_DSA |
| 78 | DSA *dsa = NULL; | 88 | DSA *dsa = NULL; |
| 89 | ASN1_TYPE *t1, *t2; | ||
| 79 | ASN1_INTEGER *privkey; | 90 | ASN1_INTEGER *privkey; |
| 80 | ASN1_TYPE *t1, *t2, *param = NULL; | ||
| 81 | STACK_OF(ASN1_TYPE) *ndsa = NULL; | 91 | STACK_OF(ASN1_TYPE) *ndsa = NULL; |
| 92 | #endif | ||
| 93 | #ifndef OPENSSL_NO_EC | ||
| 94 | EC_KEY *eckey = NULL; | ||
| 95 | const unsigned char *p_tmp; | ||
| 96 | #endif | ||
| 97 | #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) | ||
| 98 | ASN1_TYPE *param = NULL; | ||
| 82 | BN_CTX *ctx = NULL; | 99 | BN_CTX *ctx = NULL; |
| 83 | int plen; | 100 | int plen; |
| 84 | #endif | 101 | #endif |
| 85 | X509_ALGOR *a; | 102 | X509_ALGOR *a; |
| 86 | unsigned char *p; | 103 | const unsigned char *p; |
| 87 | const unsigned char *cp; | 104 | const unsigned char *cp; |
| 88 | int pkeylen; | 105 | int pkeylen; |
| 106 | int nid; | ||
| 89 | char obj_tmp[80]; | 107 | char obj_tmp[80]; |
| 90 | 108 | ||
| 91 | if(p8->pkey->type == V_ASN1_OCTET_STRING) { | 109 | if(p8->pkey->type == V_ASN1_OCTET_STRING) { |
| @@ -102,7 +120,8 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) | |||
| 102 | return NULL; | 120 | return NULL; |
| 103 | } | 121 | } |
| 104 | a = p8->pkeyalg; | 122 | a = p8->pkeyalg; |
| 105 | switch (OBJ_obj2nid(a->algorithm)) | 123 | nid = OBJ_obj2nid(a->algorithm); |
| 124 | switch(nid) | ||
| 106 | { | 125 | { |
| 107 | #ifndef OPENSSL_NO_RSA | 126 | #ifndef OPENSSL_NO_RSA |
| 108 | case NID_rsaEncryption: | 127 | case NID_rsaEncryption: |
| @@ -208,6 +227,112 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) | |||
| 208 | return NULL; | 227 | return NULL; |
| 209 | break; | 228 | break; |
| 210 | #endif | 229 | #endif |
| 230 | #ifndef OPENSSL_NO_EC | ||
| 231 | case NID_X9_62_id_ecPublicKey: | ||
| 232 | p_tmp = p; | ||
| 233 | /* extract the ec parameters */ | ||
| 234 | param = p8->pkeyalg->parameter; | ||
| 235 | |||
| 236 | if (!param || ((param->type != V_ASN1_SEQUENCE) && | ||
| 237 | (param->type != V_ASN1_OBJECT))) | ||
| 238 | { | ||
| 239 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | ||
| 240 | goto ecerr; | ||
| 241 | } | ||
| 242 | |||
| 243 | if (param->type == V_ASN1_SEQUENCE) | ||
| 244 | { | ||
| 245 | cp = p = param->value.sequence->data; | ||
| 246 | plen = param->value.sequence->length; | ||
| 247 | |||
| 248 | if (!(eckey = d2i_ECParameters(NULL, &cp, plen))) | ||
| 249 | { | ||
| 250 | EVPerr(EVP_F_EVP_PKCS82PKEY, | ||
| 251 | EVP_R_DECODE_ERROR); | ||
| 252 | goto ecerr; | ||
| 253 | } | ||
| 254 | } | ||
| 255 | else | ||
| 256 | { | ||
| 257 | EC_GROUP *group; | ||
| 258 | cp = p = param->value.object->data; | ||
| 259 | plen = param->value.object->length; | ||
| 260 | |||
| 261 | /* type == V_ASN1_OBJECT => the parameters are given | ||
| 262 | * by an asn1 OID | ||
| 263 | */ | ||
| 264 | if ((eckey = EC_KEY_new()) == NULL) | ||
| 265 | { | ||
| 266 | EVPerr(EVP_F_EVP_PKCS82PKEY, | ||
| 267 | ERR_R_MALLOC_FAILURE); | ||
| 268 | goto ecerr; | ||
| 269 | } | ||
| 270 | group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object)); | ||
| 271 | if (group == NULL) | ||
| 272 | goto ecerr; | ||
| 273 | EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); | ||
| 274 | if (EC_KEY_set_group(eckey, group) == 0) | ||
| 275 | goto ecerr; | ||
| 276 | EC_GROUP_free(group); | ||
| 277 | } | ||
| 278 | |||
| 279 | /* We have parameters now set private key */ | ||
| 280 | if (!d2i_ECPrivateKey(&eckey, &p_tmp, pkeylen)) | ||
| 281 | { | ||
| 282 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | ||
| 283 | goto ecerr; | ||
| 284 | } | ||
| 285 | |||
| 286 | /* calculate public key (if necessary) */ | ||
| 287 | if (EC_KEY_get0_public_key(eckey) == NULL) | ||
| 288 | { | ||
| 289 | const BIGNUM *priv_key; | ||
| 290 | const EC_GROUP *group; | ||
| 291 | EC_POINT *pub_key; | ||
| 292 | /* the public key was not included in the SEC1 private | ||
| 293 | * key => calculate the public key */ | ||
| 294 | group = EC_KEY_get0_group(eckey); | ||
| 295 | pub_key = EC_POINT_new(group); | ||
| 296 | if (pub_key == NULL) | ||
| 297 | { | ||
| 298 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); | ||
| 299 | goto ecerr; | ||
| 300 | } | ||
| 301 | if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) | ||
| 302 | { | ||
| 303 | EC_POINT_free(pub_key); | ||
| 304 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); | ||
| 305 | goto ecerr; | ||
| 306 | } | ||
| 307 | priv_key = EC_KEY_get0_private_key(eckey); | ||
| 308 | if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) | ||
| 309 | { | ||
| 310 | EC_POINT_free(pub_key); | ||
| 311 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); | ||
| 312 | goto ecerr; | ||
| 313 | } | ||
| 314 | if (EC_KEY_set_public_key(eckey, pub_key) == 0) | ||
| 315 | { | ||
| 316 | EC_POINT_free(pub_key); | ||
| 317 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); | ||
| 318 | goto ecerr; | ||
| 319 | } | ||
| 320 | EC_POINT_free(pub_key); | ||
| 321 | } | ||
| 322 | |||
| 323 | EVP_PKEY_assign_EC_KEY(pkey, eckey); | ||
| 324 | if (ctx) | ||
| 325 | BN_CTX_free(ctx); | ||
| 326 | break; | ||
| 327 | ecerr: | ||
| 328 | if (ctx) | ||
| 329 | BN_CTX_free(ctx); | ||
| 330 | if (eckey) | ||
| 331 | EC_KEY_free(eckey); | ||
| 332 | if (pkey) | ||
| 333 | EVP_PKEY_free(pkey); | ||
| 334 | return NULL; | ||
| 335 | #endif | ||
| 211 | default: | 336 | default: |
| 212 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); | 337 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); |
| 213 | if (!a->algorithm) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp); | 338 | if (!a->algorithm) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp); |
| @@ -231,17 +356,17 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) | |||
| 231 | PKCS8_PRIV_KEY_INFO *p8; | 356 | PKCS8_PRIV_KEY_INFO *p8; |
| 232 | 357 | ||
| 233 | if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { | 358 | if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { |
| 234 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 359 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); |
| 235 | return NULL; | 360 | return NULL; |
| 236 | } | 361 | } |
| 237 | p8->broken = broken; | 362 | p8->broken = broken; |
| 238 | if (!ASN1_INTEGER_set(p8->version, 0)) { | 363 | if (!ASN1_INTEGER_set(p8->version, 0)) { |
| 239 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 364 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); |
| 240 | PKCS8_PRIV_KEY_INFO_free (p8); | 365 | PKCS8_PRIV_KEY_INFO_free (p8); |
| 241 | return NULL; | 366 | return NULL; |
| 242 | } | 367 | } |
| 243 | if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) { | 368 | if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) { |
| 244 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 369 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); |
| 245 | PKCS8_PRIV_KEY_INFO_free (p8); | 370 | PKCS8_PRIV_KEY_INFO_free (p8); |
| 246 | return NULL; | 371 | return NULL; |
| 247 | } | 372 | } |
| @@ -254,9 +379,9 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) | |||
| 254 | 379 | ||
| 255 | p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption); | 380 | p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption); |
| 256 | p8->pkeyalg->parameter->type = V_ASN1_NULL; | 381 | p8->pkeyalg->parameter->type = V_ASN1_NULL; |
| 257 | if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey, | 382 | if (!ASN1_pack_string_of (EVP_PKEY,pkey, i2d_PrivateKey, |
| 258 | &p8->pkey->value.octet_string)) { | 383 | &p8->pkey->value.octet_string)) { |
| 259 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 384 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); |
| 260 | PKCS8_PRIV_KEY_INFO_free (p8); | 385 | PKCS8_PRIV_KEY_INFO_free (p8); |
| 261 | return NULL; | 386 | return NULL; |
| 262 | } | 387 | } |
| @@ -271,13 +396,22 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) | |||
| 271 | 396 | ||
| 272 | break; | 397 | break; |
| 273 | #endif | 398 | #endif |
| 399 | #ifndef OPENSSL_NO_EC | ||
| 400 | case EVP_PKEY_EC: | ||
| 401 | if (!eckey_pkey2pkcs8(p8, pkey)) | ||
| 402 | { | ||
| 403 | PKCS8_PRIV_KEY_INFO_free(p8); | ||
| 404 | return(NULL); | ||
| 405 | } | ||
| 406 | break; | ||
| 407 | #endif | ||
| 274 | default: | 408 | default: |
| 275 | EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); | 409 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); |
| 276 | PKCS8_PRIV_KEY_INFO_free (p8); | 410 | PKCS8_PRIV_KEY_INFO_free (p8); |
| 277 | return NULL; | 411 | return NULL; |
| 278 | } | 412 | } |
| 279 | RAND_add(p8->pkey->value.octet_string->data, | 413 | RAND_add(p8->pkey->value.octet_string->data, |
| 280 | p8->pkey->value.octet_string->length, 0); | 414 | p8->pkey->value.octet_string->length, 0.0); |
| 281 | return p8; | 415 | return p8; |
| 282 | } | 416 | } |
| 283 | 417 | ||
| @@ -297,10 +431,8 @@ PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken) | |||
| 297 | break; | 431 | break; |
| 298 | 432 | ||
| 299 | default: | 433 | default: |
| 300 | EVPerr(EVP_F_EVP_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE); | 434 | EVPerr(EVP_F_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE); |
| 301 | return NULL; | 435 | return NULL; |
| 302 | break; | ||
| 303 | |||
| 304 | } | 436 | } |
| 305 | } | 437 | } |
| 306 | 438 | ||
| @@ -317,24 +449,24 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) | |||
| 317 | p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); | 449 | p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); |
| 318 | len = i2d_DSAparams (pkey->pkey.dsa, NULL); | 450 | len = i2d_DSAparams (pkey->pkey.dsa, NULL); |
| 319 | if (!(p = OPENSSL_malloc(len))) { | 451 | if (!(p = OPENSSL_malloc(len))) { |
| 320 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 452 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 321 | goto err; | 453 | goto err; |
| 322 | } | 454 | } |
| 323 | q = p; | 455 | q = p; |
| 324 | i2d_DSAparams (pkey->pkey.dsa, &q); | 456 | i2d_DSAparams (pkey->pkey.dsa, &q); |
| 325 | if (!(params = ASN1_STRING_new())) { | 457 | if (!(params = ASN1_STRING_new())) { |
| 326 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 458 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 327 | goto err; | 459 | goto err; |
| 328 | } | 460 | } |
| 329 | if (!ASN1_STRING_set(params, p, len)) { | 461 | if (!ASN1_STRING_set(params, p, len)) { |
| 330 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 462 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 331 | goto err; | 463 | goto err; |
| 332 | } | 464 | } |
| 333 | OPENSSL_free(p); | 465 | OPENSSL_free(p); |
| 334 | p = NULL; | 466 | p = NULL; |
| 335 | /* Get private key into integer */ | 467 | /* Get private key into integer */ |
| 336 | if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) { | 468 | if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) { |
| 337 | EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR); | 469 | EVPerr(EVP_F_DSA_PKEY2PKCS8,EVP_R_ENCODE_ERROR); |
| 338 | goto err; | 470 | goto err; |
| 339 | } | 471 | } |
| 340 | 472 | ||
| @@ -343,9 +475,9 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) | |||
| 343 | case PKCS8_OK: | 475 | case PKCS8_OK: |
| 344 | case PKCS8_NO_OCTET: | 476 | case PKCS8_NO_OCTET: |
| 345 | 477 | ||
| 346 | if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER, | 478 | if (!ASN1_pack_string_of(ASN1_INTEGER,prkey, i2d_ASN1_INTEGER, |
| 347 | &p8->pkey->value.octet_string)) { | 479 | &p8->pkey->value.octet_string)) { |
| 348 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 480 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 349 | goto err; | 481 | goto err; |
| 350 | } | 482 | } |
| 351 | 483 | ||
| @@ -363,39 +495,39 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) | |||
| 363 | params = NULL; | 495 | params = NULL; |
| 364 | p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; | 496 | p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; |
| 365 | if (!(ndsa = sk_ASN1_TYPE_new_null())) { | 497 | if (!(ndsa = sk_ASN1_TYPE_new_null())) { |
| 366 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 498 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 367 | goto err; | 499 | goto err; |
| 368 | } | 500 | } |
| 369 | if (!(ttmp = ASN1_TYPE_new())) { | 501 | if (!(ttmp = ASN1_TYPE_new())) { |
| 370 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 502 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 371 | goto err; | 503 | goto err; |
| 372 | } | 504 | } |
| 373 | if (!(ttmp->value.integer = | 505 | if (!(ttmp->value.integer = |
| 374 | BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) { | 506 | BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) { |
| 375 | EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR); | 507 | EVPerr(EVP_F_DSA_PKEY2PKCS8,EVP_R_ENCODE_ERROR); |
| 376 | goto err; | 508 | goto err; |
| 377 | } | 509 | } |
| 378 | ttmp->type = V_ASN1_INTEGER; | 510 | ttmp->type = V_ASN1_INTEGER; |
| 379 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { | 511 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { |
| 380 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 512 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 381 | goto err; | 513 | goto err; |
| 382 | } | 514 | } |
| 383 | 515 | ||
| 384 | if (!(ttmp = ASN1_TYPE_new())) { | 516 | if (!(ttmp = ASN1_TYPE_new())) { |
| 385 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 517 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 386 | goto err; | 518 | goto err; |
| 387 | } | 519 | } |
| 388 | ttmp->value.integer = prkey; | 520 | ttmp->value.integer = prkey; |
| 389 | prkey = NULL; | 521 | prkey = NULL; |
| 390 | ttmp->type = V_ASN1_INTEGER; | 522 | ttmp->type = V_ASN1_INTEGER; |
| 391 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { | 523 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { |
| 392 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 524 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 393 | goto err; | 525 | goto err; |
| 394 | } | 526 | } |
| 395 | ttmp = NULL; | 527 | ttmp = NULL; |
| 396 | 528 | ||
| 397 | if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { | 529 | if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { |
| 398 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 530 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 399 | goto err; | 531 | goto err; |
| 400 | } | 532 | } |
| 401 | 533 | ||
| @@ -403,7 +535,7 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) | |||
| 403 | &p8->pkey->value.octet_string->data, | 535 | &p8->pkey->value.octet_string->data, |
| 404 | &p8->pkey->value.octet_string->length)) { | 536 | &p8->pkey->value.octet_string->length)) { |
| 405 | 537 | ||
| 406 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 538 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 407 | goto err; | 539 | goto err; |
| 408 | } | 540 | } |
| 409 | sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); | 541 | sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); |
| @@ -413,36 +545,36 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) | |||
| 413 | 545 | ||
| 414 | p8->pkeyalg->parameter->type = V_ASN1_NULL; | 546 | p8->pkeyalg->parameter->type = V_ASN1_NULL; |
| 415 | if (!(ndsa = sk_ASN1_TYPE_new_null())) { | 547 | if (!(ndsa = sk_ASN1_TYPE_new_null())) { |
| 416 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 548 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 417 | goto err; | 549 | goto err; |
| 418 | } | 550 | } |
| 419 | if (!(ttmp = ASN1_TYPE_new())) { | 551 | if (!(ttmp = ASN1_TYPE_new())) { |
| 420 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 552 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 421 | goto err; | 553 | goto err; |
| 422 | } | 554 | } |
| 423 | ttmp->value.sequence = params; | 555 | ttmp->value.sequence = params; |
| 424 | params = NULL; | 556 | params = NULL; |
| 425 | ttmp->type = V_ASN1_SEQUENCE; | 557 | ttmp->type = V_ASN1_SEQUENCE; |
| 426 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { | 558 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { |
| 427 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 559 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 428 | goto err; | 560 | goto err; |
| 429 | } | 561 | } |
| 430 | 562 | ||
| 431 | if (!(ttmp = ASN1_TYPE_new())) { | 563 | if (!(ttmp = ASN1_TYPE_new())) { |
| 432 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 564 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 433 | goto err; | 565 | goto err; |
| 434 | } | 566 | } |
| 435 | ttmp->value.integer = prkey; | 567 | ttmp->value.integer = prkey; |
| 436 | prkey = NULL; | 568 | prkey = NULL; |
| 437 | ttmp->type = V_ASN1_INTEGER; | 569 | ttmp->type = V_ASN1_INTEGER; |
| 438 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { | 570 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { |
| 439 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 571 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 440 | goto err; | 572 | goto err; |
| 441 | } | 573 | } |
| 442 | ttmp = NULL; | 574 | ttmp = NULL; |
| 443 | 575 | ||
| 444 | if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { | 576 | if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { |
| 445 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 577 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 446 | goto err; | 578 | goto err; |
| 447 | } | 579 | } |
| 448 | 580 | ||
| @@ -450,7 +582,7 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) | |||
| 450 | &p8->pkey->value.octet_string->data, | 582 | &p8->pkey->value.octet_string->data, |
| 451 | &p8->pkey->value.octet_string->length)) { | 583 | &p8->pkey->value.octet_string->length)) { |
| 452 | 584 | ||
| 453 | EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); | 585 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
| 454 | goto err; | 586 | goto err; |
| 455 | } | 587 | } |
| 456 | sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); | 588 | sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); |
| @@ -466,3 +598,197 @@ err: | |||
| 466 | return 0; | 598 | return 0; |
| 467 | } | 599 | } |
| 468 | #endif | 600 | #endif |
| 601 | |||
| 602 | #ifndef OPENSSL_NO_EC | ||
| 603 | static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) | ||
| 604 | { | ||
| 605 | EC_KEY *ec_key; | ||
| 606 | const EC_GROUP *group; | ||
| 607 | unsigned char *p, *pp; | ||
| 608 | int nid, i, ret = 0; | ||
| 609 | unsigned int tmp_flags, old_flags; | ||
| 610 | |||
| 611 | ec_key = pkey->pkey.ec; | ||
| 612 | if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) | ||
| 613 | { | ||
| 614 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS); | ||
| 615 | return 0; | ||
| 616 | } | ||
| 617 | |||
| 618 | /* set the ec parameters OID */ | ||
| 619 | if (p8->pkeyalg->algorithm) | ||
| 620 | ASN1_OBJECT_free(p8->pkeyalg->algorithm); | ||
| 621 | |||
| 622 | p8->pkeyalg->algorithm = OBJ_nid2obj(NID_X9_62_id_ecPublicKey); | ||
| 623 | |||
| 624 | /* set the ec parameters */ | ||
| 625 | |||
| 626 | if (p8->pkeyalg->parameter) | ||
| 627 | { | ||
| 628 | ASN1_TYPE_free(p8->pkeyalg->parameter); | ||
| 629 | p8->pkeyalg->parameter = NULL; | ||
| 630 | } | ||
| 631 | |||
| 632 | if ((p8->pkeyalg->parameter = ASN1_TYPE_new()) == NULL) | ||
| 633 | { | ||
| 634 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | ||
| 635 | return 0; | ||
| 636 | } | ||
| 637 | |||
| 638 | if (EC_GROUP_get_asn1_flag(group) | ||
| 639 | && (nid = EC_GROUP_get_curve_name(group))) | ||
| 640 | { | ||
| 641 | /* we have a 'named curve' => just set the OID */ | ||
| 642 | p8->pkeyalg->parameter->type = V_ASN1_OBJECT; | ||
| 643 | p8->pkeyalg->parameter->value.object = OBJ_nid2obj(nid); | ||
| 644 | } | ||
| 645 | else /* explicit parameters */ | ||
| 646 | { | ||
| 647 | if ((i = i2d_ECParameters(ec_key, NULL)) == 0) | ||
| 648 | { | ||
| 649 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); | ||
| 650 | return 0; | ||
| 651 | } | ||
| 652 | if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL) | ||
| 653 | { | ||
| 654 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | ||
| 655 | return 0; | ||
| 656 | } | ||
| 657 | pp = p; | ||
| 658 | if (!i2d_ECParameters(ec_key, &pp)) | ||
| 659 | { | ||
| 660 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); | ||
| 661 | OPENSSL_free(p); | ||
| 662 | return 0; | ||
| 663 | } | ||
| 664 | p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; | ||
| 665 | if ((p8->pkeyalg->parameter->value.sequence | ||
| 666 | = ASN1_STRING_new()) == NULL) | ||
| 667 | { | ||
| 668 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_ASN1_LIB); | ||
| 669 | OPENSSL_free(p); | ||
| 670 | return 0; | ||
| 671 | } | ||
| 672 | ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, i); | ||
| 673 | OPENSSL_free(p); | ||
| 674 | } | ||
| 675 | |||
| 676 | /* set the private key */ | ||
| 677 | |||
| 678 | /* do not include the parameters in the SEC1 private key | ||
| 679 | * see PKCS#11 12.11 */ | ||
| 680 | old_flags = EC_KEY_get_enc_flags(pkey->pkey.ec); | ||
| 681 | tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS; | ||
| 682 | EC_KEY_set_enc_flags(pkey->pkey.ec, tmp_flags); | ||
| 683 | i = i2d_ECPrivateKey(pkey->pkey.ec, NULL); | ||
| 684 | if (!i) | ||
| 685 | { | ||
| 686 | EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); | ||
| 687 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); | ||
| 688 | return 0; | ||
| 689 | } | ||
| 690 | p = (unsigned char *) OPENSSL_malloc(i); | ||
| 691 | if (!p) | ||
| 692 | { | ||
| 693 | EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); | ||
| 694 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | ||
| 695 | return 0; | ||
| 696 | } | ||
| 697 | pp = p; | ||
| 698 | if (!i2d_ECPrivateKey(pkey->pkey.ec, &pp)) | ||
| 699 | { | ||
| 700 | EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); | ||
| 701 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); | ||
| 702 | OPENSSL_free(p); | ||
| 703 | return 0; | ||
| 704 | } | ||
| 705 | /* restore old encoding flags */ | ||
| 706 | EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); | ||
| 707 | |||
| 708 | switch(p8->broken) { | ||
| 709 | |||
| 710 | case PKCS8_OK: | ||
| 711 | p8->pkey->value.octet_string = ASN1_OCTET_STRING_new(); | ||
| 712 | if (!p8->pkey->value.octet_string || | ||
| 713 | !M_ASN1_OCTET_STRING_set(p8->pkey->value.octet_string, | ||
| 714 | (const void *)p, i)) | ||
| 715 | |||
| 716 | { | ||
| 717 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | ||
| 718 | } | ||
| 719 | else | ||
| 720 | ret = 1; | ||
| 721 | break; | ||
| 722 | case PKCS8_NO_OCTET: /* RSA specific */ | ||
| 723 | case PKCS8_NS_DB: /* DSA specific */ | ||
| 724 | case PKCS8_EMBEDDED_PARAM: /* DSA specific */ | ||
| 725 | default: | ||
| 726 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8,EVP_R_ENCODE_ERROR); | ||
| 727 | } | ||
| 728 | OPENSSL_cleanse(p, (size_t)i); | ||
| 729 | OPENSSL_free(p); | ||
| 730 | return ret; | ||
| 731 | } | ||
| 732 | #endif | ||
| 733 | |||
| 734 | /* EVP_PKEY attribute functions */ | ||
| 735 | |||
| 736 | int EVP_PKEY_get_attr_count(const EVP_PKEY *key) | ||
| 737 | { | ||
| 738 | return X509at_get_attr_count(key->attributes); | ||
| 739 | } | ||
| 740 | |||
| 741 | int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, | ||
| 742 | int lastpos) | ||
| 743 | { | ||
| 744 | return X509at_get_attr_by_NID(key->attributes, nid, lastpos); | ||
| 745 | } | ||
| 746 | |||
| 747 | int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, | ||
| 748 | int lastpos) | ||
| 749 | { | ||
| 750 | return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos); | ||
| 751 | } | ||
| 752 | |||
| 753 | X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc) | ||
| 754 | { | ||
| 755 | return X509at_get_attr(key->attributes, loc); | ||
| 756 | } | ||
| 757 | |||
| 758 | X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc) | ||
| 759 | { | ||
| 760 | return X509at_delete_attr(key->attributes, loc); | ||
| 761 | } | ||
| 762 | |||
| 763 | int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr) | ||
| 764 | { | ||
| 765 | if(X509at_add1_attr(&key->attributes, attr)) return 1; | ||
| 766 | return 0; | ||
| 767 | } | ||
| 768 | |||
| 769 | int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, | ||
| 770 | const ASN1_OBJECT *obj, int type, | ||
| 771 | const unsigned char *bytes, int len) | ||
| 772 | { | ||
| 773 | if(X509at_add1_attr_by_OBJ(&key->attributes, obj, | ||
| 774 | type, bytes, len)) return 1; | ||
| 775 | return 0; | ||
| 776 | } | ||
| 777 | |||
| 778 | int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, | ||
| 779 | int nid, int type, | ||
| 780 | const unsigned char *bytes, int len) | ||
| 781 | { | ||
| 782 | if(X509at_add1_attr_by_NID(&key->attributes, nid, | ||
| 783 | type, bytes, len)) return 1; | ||
| 784 | return 0; | ||
| 785 | } | ||
| 786 | |||
| 787 | int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, | ||
| 788 | const char *attrname, int type, | ||
| 789 | const unsigned char *bytes, int len) | ||
| 790 | { | ||
| 791 | if(X509at_add1_attr_by_txt(&key->attributes, attrname, | ||
| 792 | type, bytes, len)) return 1; | ||
| 793 | return 0; | ||
| 794 | } | ||
diff --git a/src/lib/libcrypto/evp/evp_test.c b/src/lib/libcrypto/evp/evp_test.c index a624cfd248..bb6f02c2e9 100644 --- a/src/lib/libcrypto/evp/evp_test.c +++ b/src/lib/libcrypto/evp/evp_test.c | |||
| @@ -52,6 +52,7 @@ | |||
| 52 | 52 | ||
| 53 | #include "../e_os.h" | 53 | #include "../e_os.h" |
| 54 | 54 | ||
| 55 | #include <openssl/opensslconf.h> | ||
| 55 | #include <openssl/evp.h> | 56 | #include <openssl/evp.h> |
| 56 | #ifndef OPENSSL_NO_ENGINE | 57 | #ifndef OPENSSL_NO_ENGINE |
| 57 | #include <openssl/engine.h> | 58 | #include <openssl/engine.h> |
| @@ -136,7 +137,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 136 | const unsigned char *iv,int in, | 137 | const unsigned char *iv,int in, |
| 137 | const unsigned char *plaintext,int pn, | 138 | const unsigned char *plaintext,int pn, |
| 138 | const unsigned char *ciphertext,int cn, | 139 | const unsigned char *ciphertext,int cn, |
| 139 | int encdec,int multiplier) | 140 | int encdec) |
| 140 | { | 141 | { |
| 141 | EVP_CIPHER_CTX ctx; | 142 | EVP_CIPHER_CTX ctx; |
| 142 | unsigned char out[4096]; | 143 | unsigned char out[4096]; |
| @@ -167,7 +168,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 167 | } | 168 | } |
| 168 | EVP_CIPHER_CTX_set_padding(&ctx,0); | 169 | EVP_CIPHER_CTX_set_padding(&ctx,0); |
| 169 | 170 | ||
| 170 | if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn*multiplier)) | 171 | if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn)) |
| 171 | { | 172 | { |
| 172 | fprintf(stderr,"Encrypt failed\n"); | 173 | fprintf(stderr,"Encrypt failed\n"); |
| 173 | ERR_print_errors_fp(stderr); | 174 | ERR_print_errors_fp(stderr); |
| @@ -180,7 +181,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 180 | test1_exit(7); | 181 | test1_exit(7); |
| 181 | } | 182 | } |
| 182 | 183 | ||
| 183 | if(outl+outl2 != cn*multiplier) | 184 | if(outl+outl2 != cn) |
| 184 | { | 185 | { |
| 185 | fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n", | 186 | fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n", |
| 186 | outl+outl2,cn); | 187 | outl+outl2,cn); |
| @@ -206,7 +207,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 206 | } | 207 | } |
| 207 | EVP_CIPHER_CTX_set_padding(&ctx,0); | 208 | EVP_CIPHER_CTX_set_padding(&ctx,0); |
| 208 | 209 | ||
| 209 | if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn*multiplier)) | 210 | if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn)) |
| 210 | { | 211 | { |
| 211 | fprintf(stderr,"Decrypt failed\n"); | 212 | fprintf(stderr,"Decrypt failed\n"); |
| 212 | ERR_print_errors_fp(stderr); | 213 | ERR_print_errors_fp(stderr); |
| @@ -219,7 +220,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 219 | test1_exit(7); | 220 | test1_exit(7); |
| 220 | } | 221 | } |
| 221 | 222 | ||
| 222 | if(outl+outl2 != cn*multiplier) | 223 | if(outl+outl2 != cn) |
| 223 | { | 224 | { |
| 224 | fprintf(stderr,"Plaintext length mismatch got %d expected %d\n", | 225 | fprintf(stderr,"Plaintext length mismatch got %d expected %d\n", |
| 225 | outl+outl2,cn); | 226 | outl+outl2,cn); |
| @@ -244,7 +245,7 @@ static int test_cipher(const char *cipher,const unsigned char *key,int kn, | |||
| 244 | const unsigned char *iv,int in, | 245 | const unsigned char *iv,int in, |
| 245 | const unsigned char *plaintext,int pn, | 246 | const unsigned char *plaintext,int pn, |
| 246 | const unsigned char *ciphertext,int cn, | 247 | const unsigned char *ciphertext,int cn, |
| 247 | int encdec,int multiplier) | 248 | int encdec) |
| 248 | { | 249 | { |
| 249 | const EVP_CIPHER *c; | 250 | const EVP_CIPHER *c; |
| 250 | 251 | ||
| @@ -252,7 +253,7 @@ static int test_cipher(const char *cipher,const unsigned char *key,int kn, | |||
| 252 | if(!c) | 253 | if(!c) |
| 253 | return 0; | 254 | return 0; |
| 254 | 255 | ||
| 255 | test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec,multiplier); | 256 | test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec); |
| 256 | 257 | ||
| 257 | return 1; | 258 | return 1; |
| 258 | } | 259 | } |
| @@ -368,7 +369,6 @@ int main(int argc,char **argv) | |||
| 368 | unsigned char *iv,*key,*plaintext,*ciphertext; | 369 | unsigned char *iv,*key,*plaintext,*ciphertext; |
| 369 | int encdec; | 370 | int encdec; |
| 370 | int kn,in,pn,cn; | 371 | int kn,in,pn,cn; |
| 371 | int multiplier=1; | ||
| 372 | 372 | ||
| 373 | if(!fgets((char *)line,sizeof line,f)) | 373 | if(!fgets((char *)line,sizeof line,f)) |
| 374 | break; | 374 | break; |
| @@ -393,17 +393,44 @@ int main(int argc,char **argv) | |||
| 393 | pn=convert(plaintext); | 393 | pn=convert(plaintext); |
| 394 | cn=convert(ciphertext); | 394 | cn=convert(ciphertext); |
| 395 | 395 | ||
| 396 | if(strchr(cipher,'*')) | 396 | if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec) |
| 397 | { | ||
| 398 | p=cipher; | ||
| 399 | sstrsep(&p,"*"); | ||
| 400 | multiplier=atoi(sstrsep(&p,"*")); | ||
| 401 | } | ||
| 402 | |||
| 403 | if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec, | ||
| 404 | multiplier) | ||
| 405 | && !test_digest(cipher,plaintext,pn,ciphertext,cn)) | 397 | && !test_digest(cipher,plaintext,pn,ciphertext,cn)) |
| 406 | { | 398 | { |
| 399 | #ifdef OPENSSL_NO_AES | ||
| 400 | if (strstr(cipher, "AES") == cipher) | ||
| 401 | { | ||
| 402 | fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); | ||
| 403 | continue; | ||
| 404 | } | ||
| 405 | #endif | ||
| 406 | #ifdef OPENSSL_NO_DES | ||
| 407 | if (strstr(cipher, "DES") == cipher) | ||
| 408 | { | ||
| 409 | fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); | ||
| 410 | continue; | ||
| 411 | } | ||
| 412 | #endif | ||
| 413 | #ifdef OPENSSL_NO_RC4 | ||
| 414 | if (strstr(cipher, "RC4") == cipher) | ||
| 415 | { | ||
| 416 | fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); | ||
| 417 | continue; | ||
| 418 | } | ||
| 419 | #endif | ||
| 420 | #ifdef OPENSSL_NO_CAMELLIA | ||
| 421 | if (strstr(cipher, "CAMELLIA") == cipher) | ||
| 422 | { | ||
| 423 | fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); | ||
| 424 | continue; | ||
| 425 | } | ||
| 426 | #endif | ||
| 427 | #ifdef OPENSSL_NO_SEED | ||
| 428 | if (strstr(cipher, "SEED") == cipher) | ||
| 429 | { | ||
| 430 | fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); | ||
| 431 | continue; | ||
| 432 | } | ||
| 433 | #endif | ||
| 407 | fprintf(stderr,"Can't find %s\n",cipher); | 434 | fprintf(stderr,"Can't find %s\n",cipher); |
| 408 | EXIT(3); | 435 | EXIT(3); |
| 409 | } | 436 | } |
diff --git a/src/lib/libcrypto/evp/evptests.txt b/src/lib/libcrypto/evp/evptests.txt index dfe91a5bc0..beb12144b6 100644 --- a/src/lib/libcrypto/evp/evptests.txt +++ b/src/lib/libcrypto/evp/evptests.txt | |||
| @@ -92,102 +92,7 @@ AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000 | |||
| 92 | AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:F58C4C04D6E5F1BA779EABFB5F7BFBD6:AE2D8A571E03AC9C9EB76FAC45AF8E51:9CFC4E967EDB808D679F777BC6702C7D | 92 | AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:F58C4C04D6E5F1BA779EABFB5F7BFBD6:AE2D8A571E03AC9C9EB76FAC45AF8E51:9CFC4E967EDB808D679F777BC6702C7D |
| 93 | AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:9CFC4E967EDB808D679F777BC6702C7D:30C81C46A35CE411E5FBC1191A0A52EF:39F23369A9D9BACFA530E26304231461 | 93 | AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:9CFC4E967EDB808D679F777BC6702C7D:30C81C46A35CE411E5FBC1191A0A52EF:39F23369A9D9BACFA530E26304231461 |
| 94 | AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39F23369A9D9BACFA530E26304231461:F69F2445DF4F9B17AD2B417BE66C3710:B2EB05E2C39BE9FCDA6C19078C6A9D1B | 94 | AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39F23369A9D9BACFA530E26304231461:F69F2445DF4F9B17AD2B417BE66C3710:B2EB05E2C39BE9FCDA6C19078C6A9D1B |
| 95 | 95 | # We don't support CFB{1,8}-AESxxx.{En,De}crypt | |
| 96 | # CFB1-AES128.Encrypt | ||
| 97 | |||
| 98 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:00:00:1 | ||
| 99 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:00020406080a0c0e10121416181a1c1e:80:80:1 | ||
| 100 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0004080c1014181c2024282c3034383d:80:80:1 | ||
| 101 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0008101820283038404850586068707b:00:00:1 | ||
| 102 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:00102030405060708090a0b0c0d0e0f6:80:80:1 | ||
| 103 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0020406080a0c0e10121416181a1c1ed:00:00:1 | ||
| 104 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:004080c1014181c2024282c3034383da:80:00:1 | ||
| 105 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:008101820283038404850586068707b4:80:00:1 | ||
| 106 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0102030405060708090a0b0c0d0e0f68:80:80:1 | ||
| 107 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:020406080a0c0e10121416181a1c1ed1:80:00:1 | ||
| 108 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:04080c1014181c2024282c3034383da2:00:80:1 | ||
| 109 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:08101820283038404850586068707b45:00:80:1 | ||
| 110 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:102030405060708090a0b0c0d0e0f68b:00:00:1 | ||
| 111 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:20406080a0c0e10121416181a1c1ed16:00:00:1 | ||
| 112 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:4080c1014181c2024282c3034383da2c:00:80:1 | ||
| 113 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:8101820283038404850586068707b459:80:80:1 | ||
| 114 | # all of the above packed into one... | ||
| 115 | # in: 0110 1011 1100 0001 = 6bc1 | ||
| 116 | # out: 0110 1000 1011 0011 = 68b3 | ||
| 117 | AES-128-CFB1*8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6bc1:68b3:1 | ||
| 118 | |||
| 119 | # CFB1-AES128.Decrypt | ||
| 120 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:00:00:0 | ||
| 121 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:00020406080a0c0e10121416181a1c1e:80:80:0 | ||
| 122 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0004080c1014181c2024282c3034383d:80:80:0 | ||
| 123 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0008101820283038404850586068707b:00:00:0 | ||
| 124 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:00102030405060708090a0b0c0d0e0f6:80:80:0 | ||
| 125 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0020406080a0c0e10121416181a1c1ed:00:00:0 | ||
| 126 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:004080c1014181c2024282c3034383da:80:00:0 | ||
| 127 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:008101820283038404850586068707b4:80:00:0 | ||
| 128 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0102030405060708090a0b0c0d0e0f68:80:80:0 | ||
| 129 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:020406080a0c0e10121416181a1c1ed1:80:00:0 | ||
| 130 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:04080c1014181c2024282c3034383da2:00:80:0 | ||
| 131 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:08101820283038404850586068707b45:00:80:0 | ||
| 132 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:102030405060708090a0b0c0d0e0f68b:00:00:0 | ||
| 133 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:20406080a0c0e10121416181a1c1ed16:00:00:0 | ||
| 134 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:4080c1014181c2024282c3034383da2c:00:80:0 | ||
| 135 | AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:8101820283038404850586068707b459:80:80:0 | ||
| 136 | # all of the above packed into one... | ||
| 137 | # in: 0110 1000 1011 0011 = 68b3 | ||
| 138 | # out: 0110 1011 1100 0001 = 6bc1 | ||
| 139 | AES-128-CFB1*8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6bc1:68b3:0 | ||
| 140 | |||
| 141 | # TODO: CFB1-AES192 and 256 | ||
| 142 | |||
| 143 | # CFB8-AES128.Encrypt | ||
| 144 | |||
| 145 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6b:3b:1 | ||
| 146 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0102030405060708090a0b0c0d0e0f3b:c1:79:1 | ||
| 147 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:02030405060708090a0b0c0d0e0f3b79:be:42:1 | ||
| 148 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:030405060708090a0b0c0d0e0f3b7942:e2:4c:1 | ||
| 149 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0405060708090a0b0c0d0e0f3b79424c:2e:9c:1 | ||
| 150 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:05060708090a0b0c0d0e0f3b79424c9c:40:0d:1 | ||
| 151 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:060708090a0b0c0d0e0f3b79424c9c0d:9f:d4:1 | ||
| 152 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0708090a0b0c0d0e0f3b79424c9c0dd4:96:36:1 | ||
| 153 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:08090a0b0c0d0e0f3b79424c9c0dd436:e9:ba:1 | ||
| 154 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:090a0b0c0d0e0f3b79424c9c0dd436ba:3d:ce:1 | ||
| 155 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0a0b0c0d0e0f3b79424c9c0dd436bace:7e:9e:1 | ||
| 156 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0b0c0d0e0f3b79424c9c0dd436bace9e:11:0e:1 | ||
| 157 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0c0d0e0f3b79424c9c0dd436bace9e0e:73:d4:1 | ||
| 158 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0d0e0f3b79424c9c0dd436bace9e0ed4:93:58:1 | ||
| 159 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0e0f3b79424c9c0dd436bace9e0ed458:17:6a:1 | ||
| 160 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0f3b79424c9c0dd436bace9e0ed4586a:2a:4f:1 | ||
| 161 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:3b79424c9c0dd436bace9e0ed4586a4f:ae:32:1 | ||
| 162 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:79424c9c0dd436bace9e0ed4586a4f32:2d:b9:1 | ||
| 163 | # all of the above packed into one | ||
| 164 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6bc1bee22e409f96e93d7e117393172aae2d:3b79424c9c0dd436bace9e0ed4586a4f32b9:1 | ||
| 165 | |||
| 166 | # CFB8-AES128.Decrypt | ||
| 167 | |||
| 168 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6b:3b:0 | ||
| 169 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0102030405060708090a0b0c0d0e0f3b:c1:79:0 | ||
| 170 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:02030405060708090a0b0c0d0e0f3b79:be:42:0 | ||
| 171 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:030405060708090a0b0c0d0e0f3b7942:e2:4c:0 | ||
| 172 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0405060708090a0b0c0d0e0f3b79424c:2e:9c:0 | ||
| 173 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:05060708090a0b0c0d0e0f3b79424c9c:40:0d:0 | ||
| 174 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:060708090a0b0c0d0e0f3b79424c9c0d:9f:d4:0 | ||
| 175 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0708090a0b0c0d0e0f3b79424c9c0dd4:96:36:0 | ||
| 176 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:08090a0b0c0d0e0f3b79424c9c0dd436:e9:ba:0 | ||
| 177 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:090a0b0c0d0e0f3b79424c9c0dd436ba:3d:ce:0 | ||
| 178 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0a0b0c0d0e0f3b79424c9c0dd436bace:7e:9e:0 | ||
| 179 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0b0c0d0e0f3b79424c9c0dd436bace9e:11:0e:0 | ||
| 180 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0c0d0e0f3b79424c9c0dd436bace9e0e:73:d4:0 | ||
| 181 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0d0e0f3b79424c9c0dd436bace9e0ed4:93:58:0 | ||
| 182 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0e0f3b79424c9c0dd436bace9e0ed458:17:6a:0 | ||
| 183 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0f3b79424c9c0dd436bace9e0ed4586a:2a:4f:0 | ||
| 184 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:3b79424c9c0dd436bace9e0ed4586a4f:ae:32:0 | ||
| 185 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:79424c9c0dd436bace9e0ed4586a4f32:2d:b9:0 | ||
| 186 | # all of the above packed into one | ||
| 187 | AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6bc1bee22e409f96e93d7e117393172aae2d:3b79424c9c0dd436bace9e0ed4586a4f32b9:0 | ||
| 188 | |||
| 189 | # TODO: 192 and 256 bit keys | ||
| 190 | |||
| 191 | # For all CFB128 encrypts and decrypts, the transformed sequence is | 96 | # For all CFB128 encrypts and decrypts, the transformed sequence is |
| 192 | # AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec | 97 | # AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec |
| 193 | # CFB128-AES128.Encrypt | 98 | # CFB128-AES128.Encrypt |
| @@ -269,16 +174,6 @@ DESX-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363 | |||
| 269 | # DES EDE3 CBC tests (from destest) | 174 | # DES EDE3 CBC tests (from destest) |
| 270 | DES-EDE3-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675 | 175 | DES-EDE3-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675 |
| 271 | 176 | ||
| 272 | # DES CFB1 from FIPS 81 | ||
| 273 | # plaintext: 0100 1110 0110 1111 0111 0111 = 4e6f77 | ||
| 274 | # ciphertext: 1100 1101 0001 1110 1100 1001 = cd1ec9 | ||
| 275 | |||
| 276 | DES-CFB1*8:0123456789abcdef:1234567890abcdef:4e6f77:cd1ec9 | ||
| 277 | |||
| 278 | # DES CFB8 from FIPS 81 | ||
| 279 | |||
| 280 | DES-CFB8:0123456789abcdef:1234567890abcdef:4e6f7720697320746865:f31fda07011462ee187f | ||
| 281 | |||
| 282 | # RC4 tests (from rc4test) | 177 | # RC4 tests (from rc4test) |
| 283 | RC4:0123456789abcdef0123456789abcdef::0123456789abcdef:75b7878099e0c596 | 178 | RC4:0123456789abcdef0123456789abcdef::0123456789abcdef:75b7878099e0c596 |
| 284 | RC4:0123456789abcdef0123456789abcdef::0000000000000000:7494c2e7104b0879 | 179 | RC4:0123456789abcdef0123456789abcdef::0000000000000000:7494c2e7104b0879 |
| @@ -286,3 +181,141 @@ RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a | |||
| 286 | RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858 | 181 | RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858 |
| 287 | RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf | 182 | RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf |
| 288 | RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61 | 183 | RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61 |
| 184 | |||
| 185 | |||
| 186 | # Camellia tests from RFC3713 | ||
| 187 | # For all ECB encrypts and decrypts, the transformed sequence is | ||
| 188 | # CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec | ||
| 189 | CAMELLIA-128-ECB:0123456789abcdeffedcba9876543210::0123456789abcdeffedcba9876543210:67673138549669730857065648eabe43 | ||
| 190 | CAMELLIA-192-ECB:0123456789abcdeffedcba98765432100011223344556677::0123456789abcdeffedcba9876543210:b4993401b3e996f84ee5cee7d79b09b9 | ||
| 191 | CAMELLIA-256-ECB:0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff::0123456789abcdeffedcba9876543210:9acc237dff16d76c20ef7c919e3a7509 | ||
| 192 | |||
| 193 | # ECB-CAMELLIA128.Encrypt | ||
| 194 | CAMELLIA-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:77CF412067AF8270613529149919546F:1 | ||
| 195 | CAMELLIA-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:B22F3C36B72D31329EEE8ADDC2906C68:1 | ||
| 196 | CAMELLIA-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:2EDF1F3418D53B88841FC8985FB1ECF2:1 | ||
| 197 | |||
| 198 | # ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt | ||
| 199 | CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:432FC5DCD628115B7C388D770B270C96 | ||
| 200 | CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:0BE1F14023782A22E8384C5ABB7FAB2B | ||
| 201 | CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:A0A1ABCD1893AB6FE0FE5B65DF5F8636 | ||
| 202 | CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:E61925E0D5DFAA9BB29F815B3076E51A | ||
| 203 | |||
| 204 | # ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt | ||
| 205 | CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:CCCC6C4E138B45848514D48D0D3439D3 | ||
| 206 | CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:5713C62C14B2EC0F8393B6AFD6F5785A | ||
| 207 | CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:B40ED2B60EB54D09D030CF511FEEF366 | ||
| 208 | CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:909DBD95799096748CB27357E73E1D26 | ||
| 209 | |||
| 210 | # ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt | ||
| 211 | CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:BEFD219B112FA00098919CD101C9CCFA | ||
| 212 | CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:C91D3A8F1AEA08A9386CF4B66C0169EA | ||
| 213 | CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:A623D711DC5F25A51BB8A80D56397D28 | ||
| 214 | CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:7960109FB6DC42947FCFE59EA3C5EB6B | ||
| 215 | |||
| 216 | # For all CBC encrypts and decrypts, the transformed sequence is | ||
| 217 | # CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec | ||
| 218 | # CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt | ||
| 219 | CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:1607CF494B36BBF00DAEB0B503C831AB | ||
| 220 | CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:1607CF494B36BBF00DAEB0B503C831AB:AE2D8A571E03AC9C9EB76FAC45AF8E51:A2F2CF671629EF7840C5A5DFB5074887 | ||
| 221 | CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:A2F2CF671629EF7840C5A5DFB5074887:30C81C46A35CE411E5FBC1191A0A52EF:0F06165008CF8B8B5A63586362543E54 | ||
| 222 | CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:36A84CDAFD5F9A85ADA0F0A993D6D577:F69F2445DF4F9B17AD2B417BE66C3710:74C64268CDB8B8FAF5B34E8AF3732980 | ||
| 223 | |||
| 224 | # CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt | ||
| 225 | CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:2A4830AB5AC4A1A2405955FD2195CF93 | ||
| 226 | CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2A4830AB5AC4A1A2405955FD2195CF93:AE2D8A571E03AC9C9EB76FAC45AF8E51:5D5A869BD14CE54264F892A6DD2EC3D5 | ||
| 227 | CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:5D5A869BD14CE54264F892A6DD2EC3D5:30C81C46A35CE411E5FBC1191A0A52EF:37D359C3349836D884E310ADDF68C449 | ||
| 228 | CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:37D359C3349836D884E310ADDF68C449:F69F2445DF4F9B17AD2B417BE66C3710:01FAAA930B4AB9916E9668E1428C6B08 | ||
| 229 | |||
| 230 | # CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt | ||
| 231 | CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:E6CFA35FC02B134A4D2C0B6737AC3EDA | ||
| 232 | CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E6CFA35FC02B134A4D2C0B6737AC3EDA:AE2D8A571E03AC9C9EB76FAC45AF8E51:36CBEB73BD504B4070B1B7DE2B21EB50 | ||
| 233 | CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:36CBEB73BD504B4070B1B7DE2B21EB50:30C81C46A35CE411E5FBC1191A0A52EF:E31A6055297D96CA3330CDF1B1860A83 | ||
| 234 | CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E31A6055297D96CA3330CDF1B1860A83:F69F2445DF4F9B17AD2B417BE66C3710:5D563F6D1CCCF236051C0C5C1C58F28F | ||
| 235 | |||
| 236 | # We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt | ||
| 237 | # For all CFB128 encrypts and decrypts, the transformed sequence is | ||
| 238 | # CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec | ||
| 239 | # CFB128-CAMELLIA128.Encrypt | ||
| 240 | CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1 | ||
| 241 | CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:1 | ||
| 242 | CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:1 | ||
| 243 | CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:1 | ||
| 244 | |||
| 245 | # CFB128-CAMELLIA128.Decrypt | ||
| 246 | CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0 | ||
| 247 | CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:0 | ||
| 248 | CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:0 | ||
| 249 | CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:0 | ||
| 250 | |||
| 251 | # CFB128-CAMELLIA192.Encrypt | ||
| 252 | CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1 | ||
| 253 | CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:1 | ||
| 254 | CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:1 | ||
| 255 | CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:1 | ||
| 256 | |||
| 257 | # CFB128-CAMELLIA192.Decrypt | ||
| 258 | CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0 | ||
| 259 | CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:0 | ||
| 260 | CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:0 | ||
| 261 | CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:0 | ||
| 262 | |||
| 263 | # CFB128-CAMELLIA256.Encrypt | ||
| 264 | CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1 | ||
| 265 | CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:1 | ||
| 266 | CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:1 | ||
| 267 | CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:1 | ||
| 268 | |||
| 269 | # CFB128-CAMELLIA256.Decrypt | ||
| 270 | CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0 | ||
| 271 | CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:0 | ||
| 272 | CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:0 | ||
| 273 | CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:0 | ||
| 274 | |||
| 275 | # For all OFB encrypts and decrypts, the transformed sequence is | ||
| 276 | # CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec | ||
| 277 | # OFB-CAMELLIA128.Encrypt | ||
| 278 | CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1 | ||
| 279 | CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:1 | ||
| 280 | CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:1 | ||
| 281 | CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:1 | ||
| 282 | |||
| 283 | # OFB-CAMELLIA128.Decrypt | ||
| 284 | CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0 | ||
| 285 | CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:0 | ||
| 286 | CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:0 | ||
| 287 | CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:0 | ||
| 288 | |||
| 289 | # OFB-CAMELLIA192.Encrypt | ||
| 290 | CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1 | ||
| 291 | CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:1 | ||
| 292 | CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:1 | ||
| 293 | CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:1 | ||
| 294 | |||
| 295 | # OFB-CAMELLIA192.Decrypt | ||
| 296 | CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0 | ||
| 297 | CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:0 | ||
| 298 | CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:0 | ||
| 299 | CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:0 | ||
| 300 | |||
| 301 | # OFB-CAMELLIA256.Encrypt | ||
| 302 | CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1 | ||
| 303 | CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:1 | ||
| 304 | CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:1 | ||
| 305 | CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:1 | ||
| 306 | |||
| 307 | # OFB-CAMELLIA256.Decrypt | ||
| 308 | CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0 | ||
| 309 | CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:0 | ||
| 310 | CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:0 | ||
| 311 | CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:0 | ||
| 312 | |||
| 313 | # SEED test vectors from RFC4269 | ||
| 314 | SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:0 | ||
| 315 | SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:0 | ||
| 316 | SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:0 | ||
| 317 | SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:0 | ||
| 318 | SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:1 | ||
| 319 | SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:1 | ||
| 320 | SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:1 | ||
| 321 | SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:1 | ||
diff --git a/src/lib/libcrypto/evp/m_dss.c b/src/lib/libcrypto/evp/m_dss.c index d393eb3400..a948c77fa4 100644 --- a/src/lib/libcrypto/evp/m_dss.c +++ b/src/lib/libcrypto/evp/m_dss.c | |||
| @@ -61,12 +61,16 @@ | |||
| 61 | #include <openssl/evp.h> | 61 | #include <openssl/evp.h> |
| 62 | #include <openssl/objects.h> | 62 | #include <openssl/objects.h> |
| 63 | #include <openssl/x509.h> | 63 | #include <openssl/x509.h> |
| 64 | #ifndef OPENSSL_NO_DSA | ||
| 65 | #include <openssl/dsa.h> | ||
| 66 | #endif | ||
| 64 | 67 | ||
| 65 | #ifndef OPENSSL_NO_SHA | 68 | #ifndef OPENSSL_NO_SHA |
| 69 | |||
| 66 | static int init(EVP_MD_CTX *ctx) | 70 | static int init(EVP_MD_CTX *ctx) |
| 67 | { return SHA1_Init(ctx->md_data); } | 71 | { return SHA1_Init(ctx->md_data); } |
| 68 | 72 | ||
| 69 | static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) | 73 | static int update(EVP_MD_CTX *ctx,const void *data,size_t count) |
| 70 | { return SHA1_Update(ctx->md_data,data,count); } | 74 | { return SHA1_Update(ctx->md_data,data,count); } |
| 71 | 75 | ||
| 72 | static int final(EVP_MD_CTX *ctx,unsigned char *md) | 76 | static int final(EVP_MD_CTX *ctx,unsigned char *md) |
| @@ -77,7 +81,7 @@ static const EVP_MD dsa_md= | |||
| 77 | NID_dsaWithSHA, | 81 | NID_dsaWithSHA, |
| 78 | NID_dsaWithSHA, | 82 | NID_dsaWithSHA, |
| 79 | SHA_DIGEST_LENGTH, | 83 | SHA_DIGEST_LENGTH, |
| 80 | EVP_MD_FLAG_FIPS, | 84 | 0, |
| 81 | init, | 85 | init, |
| 82 | update, | 86 | update, |
| 83 | final, | 87 | final, |
diff --git a/src/lib/libcrypto/evp/m_dss1.c b/src/lib/libcrypto/evp/m_dss1.c index 23b90d0538..c12e13972b 100644 --- a/src/lib/libcrypto/evp/m_dss1.c +++ b/src/lib/libcrypto/evp/m_dss1.c | |||
| @@ -56,25 +56,23 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_SHA | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_SHA | ||
| 63 | |||
| 62 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 63 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 64 | #include <openssl/x509.h> | 66 | #include <openssl/x509.h> |
| 67 | #ifndef OPENSSL_NO_DSA | ||
| 68 | #include <openssl/dsa.h> | ||
| 69 | #endif | ||
| 65 | 70 | ||
| 66 | static int init(EVP_MD_CTX *ctx) | 71 | static int init(EVP_MD_CTX *ctx) |
| 67 | { return SHA1_Init(ctx->md_data); } | 72 | { return SHA1_Init(ctx->md_data); } |
| 68 | 73 | ||
| 69 | static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) | 74 | static int update(EVP_MD_CTX *ctx,const void *data,size_t count) |
| 70 | #ifndef OPENSSL_FIPS | ||
| 71 | { return SHA1_Update(ctx->md_data,data,count); } | 75 | { return SHA1_Update(ctx->md_data,data,count); } |
| 72 | #else | ||
| 73 | { | ||
| 74 | OPENSSL_assert(sizeof(count)<=sizeof(size_t)); | ||
| 75 | return SHA1_Update(ctx->md_data,data,count); | ||
| 76 | } | ||
| 77 | #endif | ||
| 78 | 76 | ||
| 79 | static int final(EVP_MD_CTX *ctx,unsigned char *md) | 77 | static int final(EVP_MD_CTX *ctx,unsigned char *md) |
| 80 | { return SHA1_Final(md,ctx->md_data); } | 78 | { return SHA1_Final(md,ctx->md_data); } |
| @@ -84,7 +82,7 @@ static const EVP_MD dss1_md= | |||
| 84 | NID_dsa, | 82 | NID_dsa, |
| 85 | NID_dsaWithSHA1, | 83 | NID_dsaWithSHA1, |
| 86 | SHA_DIGEST_LENGTH, | 84 | SHA_DIGEST_LENGTH, |
| 87 | EVP_MD_FLAG_FIPS, | 85 | 0, |
| 88 | init, | 86 | init, |
| 89 | update, | 87 | update, |
| 90 | final, | 88 | final, |
diff --git a/src/lib/libcrypto/evp/m_md2.c b/src/lib/libcrypto/evp/m_md2.c index 0df48e5199..5ce849f161 100644 --- a/src/lib/libcrypto/evp/m_md2.c +++ b/src/lib/libcrypto/evp/m_md2.c | |||
| @@ -56,19 +56,23 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_MD2 | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_MD2 | ||
| 63 | |||
| 62 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 63 | #include "evp_locl.h" | ||
| 64 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 65 | #include <openssl/x509.h> | 66 | #include <openssl/x509.h> |
| 66 | #include <openssl/md2.h> | 67 | #include <openssl/md2.h> |
| 68 | #ifndef OPENSSL_NO_RSA | ||
| 69 | #include <openssl/rsa.h> | ||
| 70 | #endif | ||
| 67 | 71 | ||
| 68 | static int init(EVP_MD_CTX *ctx) | 72 | static int init(EVP_MD_CTX *ctx) |
| 69 | { return MD2_Init(ctx->md_data); } | 73 | { return MD2_Init(ctx->md_data); } |
| 70 | 74 | ||
| 71 | static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) | 75 | static int update(EVP_MD_CTX *ctx,const void *data,size_t count) |
| 72 | { return MD2_Update(ctx->md_data,data,count); } | 76 | { return MD2_Update(ctx->md_data,data,count); } |
| 73 | 77 | ||
| 74 | static int final(EVP_MD_CTX *ctx,unsigned char *md) | 78 | static int final(EVP_MD_CTX *ctx,unsigned char *md) |
diff --git a/src/lib/libcrypto/evp/m_md4.c b/src/lib/libcrypto/evp/m_md4.c index 0605e4b707..1e0b7c5b42 100644 --- a/src/lib/libcrypto/evp/m_md4.c +++ b/src/lib/libcrypto/evp/m_md4.c | |||
| @@ -56,19 +56,23 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_MD4 | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_MD4 | ||
| 63 | |||
| 62 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 63 | #include "evp_locl.h" | ||
| 64 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 65 | #include <openssl/x509.h> | 66 | #include <openssl/x509.h> |
| 66 | #include <openssl/md4.h> | 67 | #include <openssl/md4.h> |
| 68 | #ifndef OPENSSL_NO_RSA | ||
| 69 | #include <openssl/rsa.h> | ||
| 70 | #endif | ||
| 67 | 71 | ||
| 68 | static int init(EVP_MD_CTX *ctx) | 72 | static int init(EVP_MD_CTX *ctx) |
| 69 | { return MD4_Init(ctx->md_data); } | 73 | { return MD4_Init(ctx->md_data); } |
| 70 | 74 | ||
| 71 | static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) | 75 | static int update(EVP_MD_CTX *ctx,const void *data,size_t count) |
| 72 | { return MD4_Update(ctx->md_data,data,count); } | 76 | { return MD4_Update(ctx->md_data,data,count); } |
| 73 | 77 | ||
| 74 | static int final(EVP_MD_CTX *ctx,unsigned char *md) | 78 | static int final(EVP_MD_CTX *ctx,unsigned char *md) |
diff --git a/src/lib/libcrypto/evp/m_md5.c b/src/lib/libcrypto/evp/m_md5.c index 752615d473..63c142119e 100644 --- a/src/lib/libcrypto/evp/m_md5.c +++ b/src/lib/libcrypto/evp/m_md5.c | |||
| @@ -56,19 +56,23 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_MD5 | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_MD5 | ||
| 63 | |||
| 62 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 63 | #include "evp_locl.h" | ||
| 64 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 65 | #include <openssl/x509.h> | 66 | #include <openssl/x509.h> |
| 66 | #include <openssl/md5.h> | 67 | #include <openssl/md5.h> |
| 68 | #ifndef OPENSSL_NO_RSA | ||
| 69 | #include <openssl/rsa.h> | ||
| 70 | #endif | ||
| 67 | 71 | ||
| 68 | static int init(EVP_MD_CTX *ctx) | 72 | static int init(EVP_MD_CTX *ctx) |
| 69 | { return MD5_Init(ctx->md_data); } | 73 | { return MD5_Init(ctx->md_data); } |
| 70 | 74 | ||
| 71 | static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) | 75 | static int update(EVP_MD_CTX *ctx,const void *data,size_t count) |
| 72 | { return MD5_Update(ctx->md_data,data,count); } | 76 | { return MD5_Update(ctx->md_data,data,count); } |
| 73 | 77 | ||
| 74 | static int final(EVP_MD_CTX *ctx,unsigned char *md) | 78 | static int final(EVP_MD_CTX *ctx,unsigned char *md) |
diff --git a/src/lib/libcrypto/evp/m_mdc2.c b/src/lib/libcrypto/evp/m_mdc2.c index 62de1336b8..36c4e9b134 100644 --- a/src/lib/libcrypto/evp/m_mdc2.c +++ b/src/lib/libcrypto/evp/m_mdc2.c | |||
| @@ -56,19 +56,21 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_MDC2 | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_MDC2 | ||
| 63 | |||
| 62 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 63 | #include "evp_locl.h" | ||
| 64 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 65 | #include <openssl/x509.h> | 66 | #include <openssl/x509.h> |
| 66 | #include <openssl/mdc2.h> | 67 | #include <openssl/mdc2.h> |
| 68 | #include <openssl/rsa.h> | ||
| 67 | 69 | ||
| 68 | static int init(EVP_MD_CTX *ctx) | 70 | static int init(EVP_MD_CTX *ctx) |
| 69 | { return MDC2_Init(ctx->md_data); } | 71 | { return MDC2_Init(ctx->md_data); } |
| 70 | 72 | ||
| 71 | static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) | 73 | static int update(EVP_MD_CTX *ctx,const void *data,size_t count) |
| 72 | { return MDC2_Update(ctx->md_data,data,count); } | 74 | { return MDC2_Update(ctx->md_data,data,count); } |
| 73 | 75 | ||
| 74 | static int final(EVP_MD_CTX *ctx,unsigned char *md) | 76 | static int final(EVP_MD_CTX *ctx,unsigned char *md) |
diff --git a/src/lib/libcrypto/evp/m_null.c b/src/lib/libcrypto/evp/m_null.c index f6f0a1d2c0..cb0721699d 100644 --- a/src/lib/libcrypto/evp/m_null.c +++ b/src/lib/libcrypto/evp/m_null.c | |||
| @@ -65,7 +65,7 @@ | |||
| 65 | static int init(EVP_MD_CTX *ctx) | 65 | static int init(EVP_MD_CTX *ctx) |
| 66 | { return 1; } | 66 | { return 1; } |
| 67 | 67 | ||
| 68 | static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) | 68 | static int update(EVP_MD_CTX *ctx,const void *data,size_t count) |
| 69 | { return 1; } | 69 | { return 1; } |
| 70 | 70 | ||
| 71 | static int final(EVP_MD_CTX *ctx,unsigned char *md) | 71 | static int final(EVP_MD_CTX *ctx,unsigned char *md) |
diff --git a/src/lib/libcrypto/evp/m_ripemd.c b/src/lib/libcrypto/evp/m_ripemd.c index 64725528dc..a1d60ee78d 100644 --- a/src/lib/libcrypto/evp/m_ripemd.c +++ b/src/lib/libcrypto/evp/m_ripemd.c | |||
| @@ -56,18 +56,23 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_RIPEMD | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_RIPEMD | ||
| 63 | |||
| 62 | #include <openssl/ripemd.h> | 64 | #include <openssl/ripemd.h> |
| 63 | #include <openssl/evp.h> | 65 | #include <openssl/evp.h> |
| 64 | #include <openssl/objects.h> | 66 | #include <openssl/objects.h> |
| 65 | #include <openssl/x509.h> | 67 | #include <openssl/x509.h> |
| 68 | #ifndef OPENSSL_NO_RSA | ||
| 69 | #include <openssl/rsa.h> | ||
| 70 | #endif | ||
| 66 | 71 | ||
| 67 | static int init(EVP_MD_CTX *ctx) | 72 | static int init(EVP_MD_CTX *ctx) |
| 68 | { return RIPEMD160_Init(ctx->md_data); } | 73 | { return RIPEMD160_Init(ctx->md_data); } |
| 69 | 74 | ||
| 70 | static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) | 75 | static int update(EVP_MD_CTX *ctx,const void *data,size_t count) |
| 71 | { return RIPEMD160_Update(ctx->md_data,data,count); } | 76 | { return RIPEMD160_Update(ctx->md_data,data,count); } |
| 72 | 77 | ||
| 73 | static int final(EVP_MD_CTX *ctx,unsigned char *md) | 78 | static int final(EVP_MD_CTX *ctx,unsigned char *md) |
diff --git a/src/lib/libcrypto/evp/m_sha.c b/src/lib/libcrypto/evp/m_sha.c index ed54909b16..acccc8f92d 100644 --- a/src/lib/libcrypto/evp/m_sha.c +++ b/src/lib/libcrypto/evp/m_sha.c | |||
| @@ -56,21 +56,22 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 62 | /* Including sha.h prior evp.h masks FIPS SHA declarations, but that's | 61 | |
| 63 | * exactly what we want to achieve here... */ | 62 | #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) |
| 64 | #include <openssl/sha.h> | 63 | |
| 65 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 66 | #include "evp_locl.h" | ||
| 67 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 68 | #include <openssl/x509.h> | 66 | #include <openssl/x509.h> |
| 67 | #ifndef OPENSSL_NO_RSA | ||
| 68 | #include <openssl/rsa.h> | ||
| 69 | #endif | ||
| 69 | 70 | ||
| 70 | static int init(EVP_MD_CTX *ctx) | 71 | static int init(EVP_MD_CTX *ctx) |
| 71 | { return SHA_Init(ctx->md_data); } | 72 | { return SHA_Init(ctx->md_data); } |
| 72 | 73 | ||
| 73 | static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) | 74 | static int update(EVP_MD_CTX *ctx,const void *data,size_t count) |
| 74 | { return SHA_Update(ctx->md_data,data,count); } | 75 | { return SHA_Update(ctx->md_data,data,count); } |
| 75 | 76 | ||
| 76 | static int final(EVP_MD_CTX *ctx,unsigned char *md) | 77 | static int final(EVP_MD_CTX *ctx,unsigned char *md) |
diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c index 60da93873c..4679b1c463 100644 --- a/src/lib/libcrypto/evp/m_sha1.c +++ b/src/lib/libcrypto/evp/m_sha1.c | |||
| @@ -56,25 +56,23 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_SHA | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_SHA | ||
| 63 | |||
| 62 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 63 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 64 | #include <openssl/x509.h> | 66 | #include <openssl/x509.h> |
| 67 | #ifndef OPENSSL_NO_RSA | ||
| 68 | #include <openssl/rsa.h> | ||
| 69 | #endif | ||
| 65 | 70 | ||
| 66 | static int init(EVP_MD_CTX *ctx) | 71 | static int init(EVP_MD_CTX *ctx) |
| 67 | { return SHA1_Init(ctx->md_data); } | 72 | { return SHA1_Init(ctx->md_data); } |
| 68 | 73 | ||
| 69 | static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) | 74 | static int update(EVP_MD_CTX *ctx,const void *data,size_t count) |
| 70 | #ifndef OPENSSL_FIPS | ||
| 71 | { return SHA1_Update(ctx->md_data,data,count); } | 75 | { return SHA1_Update(ctx->md_data,data,count); } |
| 72 | #else | ||
| 73 | { | ||
| 74 | OPENSSL_assert(sizeof(count)<=sizeof(size_t)); | ||
| 75 | return SHA1_Update(ctx->md_data,data,count); | ||
| 76 | } | ||
| 77 | #endif | ||
| 78 | 76 | ||
| 79 | static int final(EVP_MD_CTX *ctx,unsigned char *md) | 77 | static int final(EVP_MD_CTX *ctx,unsigned char *md) |
| 80 | { return SHA1_Final(md,ctx->md_data); } | 78 | { return SHA1_Final(md,ctx->md_data); } |
| @@ -84,7 +82,7 @@ static const EVP_MD sha1_md= | |||
| 84 | NID_sha1, | 82 | NID_sha1, |
| 85 | NID_sha1WithRSAEncryption, | 83 | NID_sha1WithRSAEncryption, |
| 86 | SHA_DIGEST_LENGTH, | 84 | SHA_DIGEST_LENGTH, |
| 87 | EVP_MD_FLAG_FIPS, | 85 | 0, |
| 88 | init, | 86 | init, |
| 89 | update, | 87 | update, |
| 90 | final, | 88 | final, |
| @@ -101,7 +99,6 @@ const EVP_MD *EVP_sha1(void) | |||
| 101 | } | 99 | } |
| 102 | #endif | 100 | #endif |
| 103 | 101 | ||
| 104 | #ifdef OPENSSL_FIPS | ||
| 105 | #ifndef OPENSSL_NO_SHA256 | 102 | #ifndef OPENSSL_NO_SHA256 |
| 106 | static int init224(EVP_MD_CTX *ctx) | 103 | static int init224(EVP_MD_CTX *ctx) |
| 107 | { return SHA224_Init(ctx->md_data); } | 104 | { return SHA224_Init(ctx->md_data); } |
| @@ -112,11 +109,8 @@ static int init256(EVP_MD_CTX *ctx) | |||
| 112 | * SHA256 functions even in SHA224 context. This is what happens | 109 | * SHA256 functions even in SHA224 context. This is what happens |
| 113 | * there anyway, so we can spare few CPU cycles:-) | 110 | * there anyway, so we can spare few CPU cycles:-) |
| 114 | */ | 111 | */ |
| 115 | static int update256(EVP_MD_CTX *ctx,const void *data,unsigned long count) | 112 | static int update256(EVP_MD_CTX *ctx,const void *data,size_t count) |
| 116 | { | 113 | { return SHA256_Update(ctx->md_data,data,count); } |
| 117 | OPENSSL_assert(sizeof(count)<=sizeof(size_t)); | ||
| 118 | return SHA256_Update(ctx->md_data,data,count); | ||
| 119 | } | ||
| 120 | static int final256(EVP_MD_CTX *ctx,unsigned char *md) | 114 | static int final256(EVP_MD_CTX *ctx,unsigned char *md) |
| 121 | { return SHA256_Final(md,ctx->md_data); } | 115 | { return SHA256_Final(md,ctx->md_data); } |
| 122 | 116 | ||
| @@ -125,7 +119,7 @@ static const EVP_MD sha224_md= | |||
| 125 | NID_sha224, | 119 | NID_sha224, |
| 126 | NID_sha224WithRSAEncryption, | 120 | NID_sha224WithRSAEncryption, |
| 127 | SHA224_DIGEST_LENGTH, | 121 | SHA224_DIGEST_LENGTH, |
| 128 | EVP_MD_FLAG_FIPS, | 122 | 0, |
| 129 | init224, | 123 | init224, |
| 130 | update256, | 124 | update256, |
| 131 | final256, | 125 | final256, |
| @@ -144,7 +138,7 @@ static const EVP_MD sha256_md= | |||
| 144 | NID_sha256, | 138 | NID_sha256, |
| 145 | NID_sha256WithRSAEncryption, | 139 | NID_sha256WithRSAEncryption, |
| 146 | SHA256_DIGEST_LENGTH, | 140 | SHA256_DIGEST_LENGTH, |
| 147 | EVP_MD_FLAG_FIPS, | 141 | 0, |
| 148 | init256, | 142 | init256, |
| 149 | update256, | 143 | update256, |
| 150 | final256, | 144 | final256, |
| @@ -157,7 +151,7 @@ static const EVP_MD sha256_md= | |||
| 157 | 151 | ||
| 158 | const EVP_MD *EVP_sha256(void) | 152 | const EVP_MD *EVP_sha256(void) |
| 159 | { return(&sha256_md); } | 153 | { return(&sha256_md); } |
| 160 | #endif /* ifndef OPENSSL_NO_SHA256 */ | 154 | #endif /* ifndef OPENSSL_NO_SHA256 */ |
| 161 | 155 | ||
| 162 | #ifndef OPENSSL_NO_SHA512 | 156 | #ifndef OPENSSL_NO_SHA512 |
| 163 | static int init384(EVP_MD_CTX *ctx) | 157 | static int init384(EVP_MD_CTX *ctx) |
| @@ -165,11 +159,8 @@ static int init384(EVP_MD_CTX *ctx) | |||
| 165 | static int init512(EVP_MD_CTX *ctx) | 159 | static int init512(EVP_MD_CTX *ctx) |
| 166 | { return SHA512_Init(ctx->md_data); } | 160 | { return SHA512_Init(ctx->md_data); } |
| 167 | /* See comment in SHA224/256 section */ | 161 | /* See comment in SHA224/256 section */ |
| 168 | static int update512(EVP_MD_CTX *ctx,const void *data,unsigned long count) | 162 | static int update512(EVP_MD_CTX *ctx,const void *data,size_t count) |
| 169 | { | 163 | { return SHA512_Update(ctx->md_data,data,count); } |
| 170 | OPENSSL_assert(sizeof(count)<=sizeof(size_t)); | ||
| 171 | return SHA512_Update(ctx->md_data,data,count); | ||
| 172 | } | ||
| 173 | static int final512(EVP_MD_CTX *ctx,unsigned char *md) | 164 | static int final512(EVP_MD_CTX *ctx,unsigned char *md) |
| 174 | { return SHA512_Final(md,ctx->md_data); } | 165 | { return SHA512_Final(md,ctx->md_data); } |
| 175 | 166 | ||
| @@ -178,7 +169,7 @@ static const EVP_MD sha384_md= | |||
| 178 | NID_sha384, | 169 | NID_sha384, |
| 179 | NID_sha384WithRSAEncryption, | 170 | NID_sha384WithRSAEncryption, |
| 180 | SHA384_DIGEST_LENGTH, | 171 | SHA384_DIGEST_LENGTH, |
| 181 | EVP_MD_FLAG_FIPS, | 172 | 0, |
| 182 | init384, | 173 | init384, |
| 183 | update512, | 174 | update512, |
| 184 | final512, | 175 | final512, |
| @@ -197,7 +188,7 @@ static const EVP_MD sha512_md= | |||
| 197 | NID_sha512, | 188 | NID_sha512, |
| 198 | NID_sha512WithRSAEncryption, | 189 | NID_sha512WithRSAEncryption, |
| 199 | SHA512_DIGEST_LENGTH, | 190 | SHA512_DIGEST_LENGTH, |
| 200 | EVP_MD_FLAG_FIPS, | 191 | 0, |
| 201 | init512, | 192 | init512, |
| 202 | update512, | 193 | update512, |
| 203 | final512, | 194 | final512, |
| @@ -210,5 +201,4 @@ static const EVP_MD sha512_md= | |||
| 210 | 201 | ||
| 211 | const EVP_MD *EVP_sha512(void) | 202 | const EVP_MD *EVP_sha512(void) |
| 212 | { return(&sha512_md); } | 203 | { return(&sha512_md); } |
| 213 | #endif /* ifndef OPENSSL_NO_SHA512 */ | 204 | #endif /* ifndef OPENSSL_NO_SHA512 */ |
| 214 | #endif /* ifdef OPENSSL_FIPS */ | ||
diff --git a/src/lib/libcrypto/evp/names.c b/src/lib/libcrypto/evp/names.c index 7712453046..88c1e780dd 100644 --- a/src/lib/libcrypto/evp/names.c +++ b/src/lib/libcrypto/evp/names.c | |||
| @@ -61,17 +61,14 @@ | |||
| 61 | #include <openssl/evp.h> | 61 | #include <openssl/evp.h> |
| 62 | #include <openssl/objects.h> | 62 | #include <openssl/objects.h> |
| 63 | #include <openssl/x509.h> | 63 | #include <openssl/x509.h> |
| 64 | #ifdef OPENSSL_FIPS | ||
| 65 | #include <openssl/fips.h> | ||
| 66 | #endif | ||
| 67 | 64 | ||
| 68 | int EVP_add_cipher(const EVP_CIPHER *c) | 65 | int EVP_add_cipher(const EVP_CIPHER *c) |
| 69 | { | 66 | { |
| 70 | int r; | 67 | int r; |
| 71 | 68 | ||
| 72 | r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c); | 69 | r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c); |
| 73 | if (r == 0) return(0); | 70 | if (r == 0) return(0); |
| 74 | r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c); | 71 | r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c); |
| 75 | return(r); | 72 | return(r); |
| 76 | } | 73 | } |
| 77 | 74 | ||
| @@ -81,9 +78,9 @@ int EVP_add_digest(const EVP_MD *md) | |||
| 81 | const char *name; | 78 | const char *name; |
| 82 | 79 | ||
| 83 | name=OBJ_nid2sn(md->type); | 80 | name=OBJ_nid2sn(md->type); |
| 84 | r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(char *)md); | 81 | r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(const char *)md); |
| 85 | if (r == 0) return(0); | 82 | if (r == 0) return(0); |
| 86 | r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(char *)md); | 83 | r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(const char *)md); |
| 87 | if (r == 0) return(0); | 84 | if (r == 0) return(0); |
| 88 | 85 | ||
| 89 | if (md->type != md->pkey_type) | 86 | if (md->type != md->pkey_type) |
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c index a1874e83b2..48d50014a0 100644 --- a/src/lib/libcrypto/evp/p5_crpt.c +++ b/src/lib/libcrypto/evp/p5_crpt.c | |||
| @@ -110,12 +110,18 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, | |||
| 110 | int i; | 110 | int i; |
| 111 | PBEPARAM *pbe; | 111 | PBEPARAM *pbe; |
| 112 | int saltlen, iter; | 112 | int saltlen, iter; |
| 113 | unsigned char *salt, *pbuf; | 113 | unsigned char *salt; |
| 114 | const unsigned char *pbuf; | ||
| 114 | 115 | ||
| 115 | /* Extract useful info from parameter */ | 116 | /* Extract useful info from parameter */ |
| 117 | if (param == NULL || param->type != V_ASN1_SEQUENCE || | ||
| 118 | param->value.sequence == NULL) { | ||
| 119 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); | ||
| 120 | return 0; | ||
| 121 | } | ||
| 122 | |||
| 116 | pbuf = param->value.sequence->data; | 123 | pbuf = param->value.sequence->data; |
| 117 | if (!param || (param->type != V_ASN1_SEQUENCE) || | 124 | if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { |
| 118 | !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) { | ||
| 119 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); | 125 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); |
| 120 | return 0; | 126 | return 0; |
| 121 | } | 127 | } |
| @@ -140,7 +146,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, | |||
| 140 | EVP_DigestFinal_ex (&ctx, md_tmp, NULL); | 146 | EVP_DigestFinal_ex (&ctx, md_tmp, NULL); |
| 141 | } | 147 | } |
| 142 | EVP_MD_CTX_cleanup(&ctx); | 148 | EVP_MD_CTX_cleanup(&ctx); |
| 143 | OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= sizeof md_tmp); | 149 | OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp)); |
| 144 | memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); | 150 | memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); |
| 145 | OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16); | 151 | OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16); |
| 146 | memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), | 152 | memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), |
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c index 1d5fabc4b2..c969d5a206 100644 --- a/src/lib/libcrypto/evp/p5_crpt2.c +++ b/src/lib/libcrypto/evp/p5_crpt2.c | |||
| @@ -55,10 +55,10 @@ | |||
| 55 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | #if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA) | ||
| 59 | #include <stdio.h> | 58 | #include <stdio.h> |
| 60 | #include <stdlib.h> | 59 | #include <stdlib.h> |
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA) | ||
| 62 | #include <openssl/x509.h> | 62 | #include <openssl/x509.h> |
| 63 | #include <openssl/evp.h> | 63 | #include <openssl/evp.h> |
| 64 | #include <openssl/hmac.h> | 64 | #include <openssl/hmac.h> |
| @@ -77,7 +77,7 @@ | |||
| 77 | */ | 77 | */ |
| 78 | 78 | ||
| 79 | int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, | 79 | int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, |
| 80 | unsigned char *salt, int saltlen, int iter, | 80 | const unsigned char *salt, int saltlen, int iter, |
| 81 | int keylen, unsigned char *out) | 81 | int keylen, unsigned char *out) |
| 82 | { | 82 | { |
| 83 | unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4]; | 83 | unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4]; |
| @@ -148,16 +148,23 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 148 | ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, | 148 | ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, |
| 149 | int en_de) | 149 | int en_de) |
| 150 | { | 150 | { |
| 151 | unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH]; | 151 | unsigned char *salt, key[EVP_MAX_KEY_LENGTH]; |
| 152 | int saltlen, keylen, iter, plen; | 152 | const unsigned char *pbuf; |
| 153 | int saltlen, iter, plen; | ||
| 154 | unsigned int keylen; | ||
| 153 | PBE2PARAM *pbe2 = NULL; | 155 | PBE2PARAM *pbe2 = NULL; |
| 154 | const EVP_CIPHER *cipher; | 156 | const EVP_CIPHER *cipher; |
| 155 | PBKDF2PARAM *kdf = NULL; | 157 | PBKDF2PARAM *kdf = NULL; |
| 156 | 158 | ||
| 159 | if (param == NULL || param->type != V_ASN1_SEQUENCE || | ||
| 160 | param->value.sequence == NULL) { | ||
| 161 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); | ||
| 162 | return 0; | ||
| 163 | } | ||
| 164 | |||
| 157 | pbuf = param->value.sequence->data; | 165 | pbuf = param->value.sequence->data; |
| 158 | plen = param->value.sequence->length; | 166 | plen = param->value.sequence->length; |
| 159 | if(!param || (param->type != V_ASN1_SEQUENCE) || | 167 | if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { |
| 160 | !(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { | ||
| 161 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); | 168 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); |
| 162 | return 0; | 169 | return 0; |
| 163 | } | 170 | } |
| @@ -213,7 +220,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 213 | 220 | ||
| 214 | /* Now check the parameters of the kdf */ | 221 | /* Now check the parameters of the kdf */ |
| 215 | 222 | ||
| 216 | if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != keylen)){ | 223 | if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){ |
| 217 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, | 224 | EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, |
| 218 | EVP_R_UNSUPPORTED_KEYLENGTH); | 225 | EVP_R_UNSUPPORTED_KEYLENGTH); |
| 219 | goto err; | 226 | goto err; |
diff --git a/src/lib/libcrypto/evp/p_dec.c b/src/lib/libcrypto/evp/p_dec.c index 8af620400e..f64901f653 100644 --- a/src/lib/libcrypto/evp/p_dec.c +++ b/src/lib/libcrypto/evp/p_dec.c | |||
| @@ -66,7 +66,7 @@ | |||
| 66 | #include <openssl/objects.h> | 66 | #include <openssl/objects.h> |
| 67 | #include <openssl/x509.h> | 67 | #include <openssl/x509.h> |
| 68 | 68 | ||
| 69 | int EVP_PKEY_decrypt(unsigned char *key, unsigned char *ek, int ekl, | 69 | int EVP_PKEY_decrypt(unsigned char *key, const unsigned char *ek, int ekl, |
| 70 | EVP_PKEY *priv) | 70 | EVP_PKEY *priv) |
| 71 | { | 71 | { |
| 72 | int ret= -1; | 72 | int ret= -1; |
diff --git a/src/lib/libcrypto/evp/p_enc.c b/src/lib/libcrypto/evp/p_enc.c index 656883b996..c2dfdc52ad 100644 --- a/src/lib/libcrypto/evp/p_enc.c +++ b/src/lib/libcrypto/evp/p_enc.c | |||
| @@ -66,7 +66,7 @@ | |||
| 66 | #include <openssl/objects.h> | 66 | #include <openssl/objects.h> |
| 67 | #include <openssl/x509.h> | 67 | #include <openssl/x509.h> |
| 68 | 68 | ||
| 69 | int EVP_PKEY_encrypt(unsigned char *ek, unsigned char *key, int key_len, | 69 | int EVP_PKEY_encrypt(unsigned char *ek, const unsigned char *key, int key_len, |
| 70 | EVP_PKEY *pubk) | 70 | EVP_PKEY *pubk) |
| 71 | { | 71 | { |
| 72 | int ret=0; | 72 | int ret=0; |
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c index 215b94292a..22155ecf62 100644 --- a/src/lib/libcrypto/evp/p_lib.c +++ b/src/lib/libcrypto/evp/p_lib.c | |||
| @@ -58,24 +58,60 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/bn.h> | ||
| 62 | #include <openssl/err.h> | ||
| 61 | #include <openssl/objects.h> | 63 | #include <openssl/objects.h> |
| 62 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 63 | #include <openssl/asn1_mac.h> | 65 | #include <openssl/asn1_mac.h> |
| 64 | #include <openssl/x509.h> | 66 | #include <openssl/x509.h> |
| 67 | #ifndef OPENSSL_NO_RSA | ||
| 68 | #include <openssl/rsa.h> | ||
| 69 | #endif | ||
| 70 | #ifndef OPENSSL_NO_DSA | ||
| 71 | #include <openssl/dsa.h> | ||
| 72 | #endif | ||
| 73 | #ifndef OPENSSL_NO_DH | ||
| 74 | #include <openssl/dh.h> | ||
| 75 | #endif | ||
| 65 | 76 | ||
| 66 | static void EVP_PKEY_free_it(EVP_PKEY *x); | 77 | static void EVP_PKEY_free_it(EVP_PKEY *x); |
| 67 | 78 | ||
| 68 | int EVP_PKEY_bits(EVP_PKEY *pkey) | 79 | int EVP_PKEY_bits(EVP_PKEY *pkey) |
| 69 | { | 80 | { |
| 81 | if (0) | ||
| 82 | return 0; | ||
| 70 | #ifndef OPENSSL_NO_RSA | 83 | #ifndef OPENSSL_NO_RSA |
| 71 | if (pkey->type == EVP_PKEY_RSA) | 84 | else if (pkey->type == EVP_PKEY_RSA) |
| 72 | return(BN_num_bits(pkey->pkey.rsa->n)); | 85 | return(BN_num_bits(pkey->pkey.rsa->n)); |
| 73 | else | ||
| 74 | #endif | 86 | #endif |
| 75 | #ifndef OPENSSL_NO_DSA | 87 | #ifndef OPENSSL_NO_DSA |
| 76 | if (pkey->type == EVP_PKEY_DSA) | 88 | else if (pkey->type == EVP_PKEY_DSA) |
| 77 | return(BN_num_bits(pkey->pkey.dsa->p)); | 89 | return(BN_num_bits(pkey->pkey.dsa->p)); |
| 78 | #endif | 90 | #endif |
| 91 | #ifndef OPENSSL_NO_EC | ||
| 92 | else if (pkey->type == EVP_PKEY_EC) | ||
| 93 | { | ||
| 94 | BIGNUM *order = BN_new(); | ||
| 95 | const EC_GROUP *group; | ||
| 96 | int ret; | ||
| 97 | |||
| 98 | if (!order) | ||
| 99 | { | ||
| 100 | ERR_clear_error(); | ||
| 101 | return 0; | ||
| 102 | } | ||
| 103 | group = EC_KEY_get0_group(pkey->pkey.ec); | ||
| 104 | if (!EC_GROUP_get_order(group, order, NULL)) | ||
| 105 | { | ||
| 106 | ERR_clear_error(); | ||
| 107 | return 0; | ||
| 108 | } | ||
| 109 | |||
| 110 | ret = BN_num_bits(order); | ||
| 111 | BN_free(order); | ||
| 112 | return ret; | ||
| 113 | } | ||
| 114 | #endif | ||
| 79 | return(0); | 115 | return(0); |
| 80 | } | 116 | } |
| 81 | 117 | ||
| @@ -92,6 +128,11 @@ int EVP_PKEY_size(EVP_PKEY *pkey) | |||
| 92 | if (pkey->type == EVP_PKEY_DSA) | 128 | if (pkey->type == EVP_PKEY_DSA) |
| 93 | return(DSA_size(pkey->pkey.dsa)); | 129 | return(DSA_size(pkey->pkey.dsa)); |
| 94 | #endif | 130 | #endif |
| 131 | #ifndef OPENSSL_NO_ECDSA | ||
| 132 | if (pkey->type == EVP_PKEY_EC) | ||
| 133 | return(ECDSA_size(pkey->pkey.ec)); | ||
| 134 | #endif | ||
| 135 | |||
| 95 | return(0); | 136 | return(0); |
| 96 | } | 137 | } |
| 97 | 138 | ||
| @@ -107,10 +148,20 @@ int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) | |||
| 107 | return(ret); | 148 | return(ret); |
| 108 | } | 149 | } |
| 109 | #endif | 150 | #endif |
| 151 | #ifndef OPENSSL_NO_EC | ||
| 152 | if (pkey->type == EVP_PKEY_EC) | ||
| 153 | { | ||
| 154 | int ret = pkey->save_parameters; | ||
| 155 | |||
| 156 | if (mode >= 0) | ||
| 157 | pkey->save_parameters = mode; | ||
| 158 | return(ret); | ||
| 159 | } | ||
| 160 | #endif | ||
| 110 | return(0); | 161 | return(0); |
| 111 | } | 162 | } |
| 112 | 163 | ||
| 113 | int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from) | 164 | int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) |
| 114 | { | 165 | { |
| 115 | if (to->type != from->type) | 166 | if (to->type != from->type) |
| 116 | { | 167 | { |
| @@ -141,12 +192,23 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from) | |||
| 141 | to->pkey.dsa->g=a; | 192 | to->pkey.dsa->g=a; |
| 142 | } | 193 | } |
| 143 | #endif | 194 | #endif |
| 195 | #ifndef OPENSSL_NO_EC | ||
| 196 | if (to->type == EVP_PKEY_EC) | ||
| 197 | { | ||
| 198 | EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec)); | ||
| 199 | if (group == NULL) | ||
| 200 | goto err; | ||
| 201 | if (EC_KEY_set_group(to->pkey.ec, group) == 0) | ||
| 202 | goto err; | ||
| 203 | EC_GROUP_free(group); | ||
| 204 | } | ||
| 205 | #endif | ||
| 144 | return(1); | 206 | return(1); |
| 145 | err: | 207 | err: |
| 146 | return(0); | 208 | return(0); |
| 147 | } | 209 | } |
| 148 | 210 | ||
| 149 | int EVP_PKEY_missing_parameters(EVP_PKEY *pkey) | 211 | int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) |
| 150 | { | 212 | { |
| 151 | #ifndef OPENSSL_NO_DSA | 213 | #ifndef OPENSSL_NO_DSA |
| 152 | if (pkey->type == EVP_PKEY_DSA) | 214 | if (pkey->type == EVP_PKEY_DSA) |
| @@ -158,10 +220,18 @@ int EVP_PKEY_missing_parameters(EVP_PKEY *pkey) | |||
| 158 | return(1); | 220 | return(1); |
| 159 | } | 221 | } |
| 160 | #endif | 222 | #endif |
| 223 | #ifndef OPENSSL_NO_EC | ||
| 224 | if (pkey->type == EVP_PKEY_EC) | ||
| 225 | { | ||
| 226 | if (EC_KEY_get0_group(pkey->pkey.ec) == NULL) | ||
| 227 | return(1); | ||
| 228 | } | ||
| 229 | #endif | ||
| 230 | |||
| 161 | return(0); | 231 | return(0); |
| 162 | } | 232 | } |
| 163 | 233 | ||
| 164 | int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b) | 234 | int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) |
| 165 | { | 235 | { |
| 166 | #ifndef OPENSSL_NO_DSA | 236 | #ifndef OPENSSL_NO_DSA |
| 167 | if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA)) | 237 | if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA)) |
| @@ -174,9 +244,72 @@ int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b) | |||
| 174 | return(1); | 244 | return(1); |
| 175 | } | 245 | } |
| 176 | #endif | 246 | #endif |
| 247 | #ifndef OPENSSL_NO_EC | ||
| 248 | if (a->type == EVP_PKEY_EC && b->type == EVP_PKEY_EC) | ||
| 249 | { | ||
| 250 | const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec), | ||
| 251 | *group_b = EC_KEY_get0_group(b->pkey.ec); | ||
| 252 | if (EC_GROUP_cmp(group_a, group_b, NULL)) | ||
| 253 | return 0; | ||
| 254 | else | ||
| 255 | return 1; | ||
| 256 | } | ||
| 257 | #endif | ||
| 177 | return(-1); | 258 | return(-1); |
| 178 | } | 259 | } |
| 179 | 260 | ||
| 261 | int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) | ||
| 262 | { | ||
| 263 | if (a->type != b->type) | ||
| 264 | return -1; | ||
| 265 | |||
| 266 | if (EVP_PKEY_cmp_parameters(a, b) == 0) | ||
| 267 | return 0; | ||
| 268 | |||
| 269 | switch (a->type) | ||
| 270 | { | ||
| 271 | #ifndef OPENSSL_NO_RSA | ||
| 272 | case EVP_PKEY_RSA: | ||
| 273 | if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0 | ||
| 274 | || BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0) | ||
| 275 | return 0; | ||
| 276 | break; | ||
| 277 | #endif | ||
| 278 | #ifndef OPENSSL_NO_DSA | ||
| 279 | case EVP_PKEY_DSA: | ||
| 280 | if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0) | ||
| 281 | return 0; | ||
| 282 | break; | ||
| 283 | #endif | ||
| 284 | #ifndef OPENSSL_NO_EC | ||
| 285 | case EVP_PKEY_EC: | ||
| 286 | { | ||
| 287 | int r; | ||
| 288 | const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec); | ||
| 289 | const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec), | ||
| 290 | *pb = EC_KEY_get0_public_key(b->pkey.ec); | ||
| 291 | r = EC_POINT_cmp(group, pa, pb, NULL); | ||
| 292 | if (r != 0) | ||
| 293 | { | ||
| 294 | if (r == 1) | ||
| 295 | return 0; | ||
| 296 | else | ||
| 297 | return -2; | ||
| 298 | } | ||
| 299 | } | ||
| 300 | break; | ||
| 301 | #endif | ||
| 302 | #ifndef OPENSSL_NO_DH | ||
| 303 | case EVP_PKEY_DH: | ||
| 304 | return -2; | ||
| 305 | #endif | ||
| 306 | default: | ||
| 307 | return -2; | ||
| 308 | } | ||
| 309 | |||
| 310 | return 1; | ||
| 311 | } | ||
| 312 | |||
| 180 | EVP_PKEY *EVP_PKEY_new(void) | 313 | EVP_PKEY *EVP_PKEY_new(void) |
| 181 | { | 314 | { |
| 182 | EVP_PKEY *ret; | 315 | EVP_PKEY *ret; |
| @@ -246,6 +379,29 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) | |||
| 246 | } | 379 | } |
| 247 | #endif | 380 | #endif |
| 248 | 381 | ||
| 382 | #ifndef OPENSSL_NO_EC | ||
| 383 | |||
| 384 | int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) | ||
| 385 | { | ||
| 386 | int ret = EVP_PKEY_assign_EC_KEY(pkey,key); | ||
| 387 | if (ret) | ||
| 388 | EC_KEY_up_ref(key); | ||
| 389 | return ret; | ||
| 390 | } | ||
| 391 | |||
| 392 | EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) | ||
| 393 | { | ||
| 394 | if (pkey->type != EVP_PKEY_EC) | ||
| 395 | { | ||
| 396 | EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); | ||
| 397 | return NULL; | ||
| 398 | } | ||
| 399 | EC_KEY_up_ref(pkey->pkey.ec); | ||
| 400 | return pkey->pkey.ec; | ||
| 401 | } | ||
| 402 | #endif | ||
| 403 | |||
| 404 | |||
| 249 | #ifndef OPENSSL_NO_DH | 405 | #ifndef OPENSSL_NO_DH |
| 250 | 406 | ||
| 251 | int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) | 407 | int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) |
| @@ -282,6 +438,8 @@ int EVP_PKEY_type(int type) | |||
| 282 | return(EVP_PKEY_DSA); | 438 | return(EVP_PKEY_DSA); |
| 283 | case EVP_PKEY_DH: | 439 | case EVP_PKEY_DH: |
| 284 | return(EVP_PKEY_DH); | 440 | return(EVP_PKEY_DH); |
| 441 | case EVP_PKEY_EC: | ||
| 442 | return(EVP_PKEY_EC); | ||
| 285 | default: | 443 | default: |
| 286 | return(NID_undef); | 444 | return(NID_undef); |
| 287 | } | 445 | } |
| @@ -306,6 +464,8 @@ void EVP_PKEY_free(EVP_PKEY *x) | |||
| 306 | } | 464 | } |
| 307 | #endif | 465 | #endif |
| 308 | EVP_PKEY_free_it(x); | 466 | EVP_PKEY_free_it(x); |
| 467 | if (x->attributes) | ||
| 468 | sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); | ||
| 309 | OPENSSL_free(x); | 469 | OPENSSL_free(x); |
| 310 | } | 470 | } |
| 311 | 471 | ||
| @@ -327,6 +487,11 @@ static void EVP_PKEY_free_it(EVP_PKEY *x) | |||
| 327 | DSA_free(x->pkey.dsa); | 487 | DSA_free(x->pkey.dsa); |
| 328 | break; | 488 | break; |
| 329 | #endif | 489 | #endif |
| 490 | #ifndef OPENSSL_NO_EC | ||
| 491 | case EVP_PKEY_EC: | ||
| 492 | EC_KEY_free(x->pkey.ec); | ||
| 493 | break; | ||
| 494 | #endif | ||
| 330 | #ifndef OPENSSL_NO_DH | 495 | #ifndef OPENSSL_NO_DH |
| 331 | case EVP_PKEY_DH: | 496 | case EVP_PKEY_DH: |
| 332 | DH_free(x->pkey.dh); | 497 | DH_free(x->pkey.dh); |
diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c index 5a933d1cda..9935206d0f 100644 --- a/src/lib/libcrypto/evp/p_open.c +++ b/src/lib/libcrypto/evp/p_open.c | |||
| @@ -56,15 +56,19 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_RSA | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | |||
| 62 | #ifndef OPENSSL_NO_RSA | ||
| 63 | |||
| 62 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 63 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 64 | #include <openssl/x509.h> | 66 | #include <openssl/x509.h> |
| 67 | #include <openssl/rsa.h> | ||
| 65 | 68 | ||
| 66 | int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *ek, | 69 | int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, |
| 67 | int ekl, unsigned char *iv, EVP_PKEY *priv) | 70 | const unsigned char *ek, int ekl, const unsigned char *iv, |
| 71 | EVP_PKEY *priv) | ||
| 68 | { | 72 | { |
| 69 | unsigned char *key=NULL; | 73 | unsigned char *key=NULL; |
| 70 | int i,size=0,ret=0; | 74 | int i,size=0,ret=0; |
diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c index 37e547fe72..8cc8fcb0bd 100644 --- a/src/lib/libcrypto/evp/p_seal.c +++ b/src/lib/libcrypto/evp/p_seal.c | |||
| @@ -78,7 +78,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek | |||
| 78 | } | 78 | } |
| 79 | if ((npubk <= 0) || !pubk) | 79 | if ((npubk <= 0) || !pubk) |
| 80 | return 1; | 80 | return 1; |
| 81 | if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) <= 0) | 81 | if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) |
| 82 | return 0; | 82 | return 0; |
| 83 | if (EVP_CIPHER_CTX_iv_length(ctx)) | 83 | if (EVP_CIPHER_CTX_iv_length(ctx)) |
| 84 | RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx)); | 84 | RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx)); |
diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c index d854d743a5..21a40a375e 100644 --- a/src/lib/libcrypto/evp/p_verify.c +++ b/src/lib/libcrypto/evp/p_verify.c | |||
| @@ -62,7 +62,7 @@ | |||
| 62 | #include <openssl/objects.h> | 62 | #include <openssl/objects.h> |
| 63 | #include <openssl/x509.h> | 63 | #include <openssl/x509.h> |
| 64 | 64 | ||
| 65 | int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, | 65 | int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, |
| 66 | unsigned int siglen, EVP_PKEY *pkey) | 66 | unsigned int siglen, EVP_PKEY *pkey) |
| 67 | { | 67 | { |
| 68 | unsigned char m[EVP_MAX_MD_SIZE]; | 68 | unsigned char m[EVP_MAX_MD_SIZE]; |
diff --git a/src/lib/libcrypto/ex_data.c b/src/lib/libcrypto/ex_data.c index 5b2e345c27..3b11e7a556 100644 --- a/src/lib/libcrypto/ex_data.c +++ b/src/lib/libcrypto/ex_data.c | |||
| @@ -138,12 +138,8 @@ | |||
| 138 | * | 138 | * |
| 139 | */ | 139 | */ |
| 140 | 140 | ||
| 141 | #include <stdio.h> | ||
| 142 | #include <stdlib.h> | ||
| 143 | #include <openssl/buffer.h> | ||
| 144 | #include <openssl/bio.h> | ||
| 145 | #include <openssl/lhash.h> | ||
| 146 | #include "cryptlib.h" | 141 | #include "cryptlib.h" |
| 142 | #include <openssl/lhash.h> | ||
| 147 | 143 | ||
| 148 | /* What an "implementation of ex_data functionality" looks like */ | 144 | /* What an "implementation of ex_data functionality" looks like */ |
| 149 | struct st_CRYPTO_EX_DATA_IMPL | 145 | struct st_CRYPTO_EX_DATA_IMPL |
| @@ -287,7 +283,7 @@ static void def_cleanup_util_cb(CRYPTO_EX_DATA_FUNCS *funcs) | |||
| 287 | /* This callback is used in lh_doall to destroy all EX_CLASS_ITEM values from | 283 | /* This callback is used in lh_doall to destroy all EX_CLASS_ITEM values from |
| 288 | * "ex_data" prior to the ex_data hash table being itself destroyed. Doesn't do | 284 | * "ex_data" prior to the ex_data hash table being itself destroyed. Doesn't do |
| 289 | * any locking. */ | 285 | * any locking. */ |
| 290 | static void def_cleanup_cb(const void *a_void) | 286 | static void def_cleanup_cb(void *a_void) |
| 291 | { | 287 | { |
| 292 | EX_CLASS_ITEM *item = (EX_CLASS_ITEM *)a_void; | 288 | EX_CLASS_ITEM *item = (EX_CLASS_ITEM *)a_void; |
| 293 | sk_CRYPTO_EX_DATA_FUNCS_pop_free(item->meth, def_cleanup_util_cb); | 289 | sk_CRYPTO_EX_DATA_FUNCS_pop_free(item->meth, def_cleanup_util_cb); |
| @@ -358,7 +354,7 @@ static int def_add_index(EX_CLASS_ITEM *item, long argl, void *argp, | |||
| 358 | } | 354 | } |
| 359 | } | 355 | } |
| 360 | toret = item->meth_num++; | 356 | toret = item->meth_num++; |
| 361 | sk_CRYPTO_EX_DATA_FUNCS_set(item->meth, toret, a); | 357 | (void)sk_CRYPTO_EX_DATA_FUNCS_set(item->meth, toret, a); |
| 362 | err: | 358 | err: |
| 363 | CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); | 359 | CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); |
| 364 | return toret; | 360 | return toret; |
diff --git a/src/lib/libcrypto/hmac/hmac.c b/src/lib/libcrypto/hmac/hmac.c index 6c110bd52b..c45e001492 100644 --- a/src/lib/libcrypto/hmac/hmac.c +++ b/src/lib/libcrypto/hmac/hmac.c | |||
| @@ -58,10 +58,8 @@ | |||
| 58 | #include <stdio.h> | 58 | #include <stdio.h> |
| 59 | #include <stdlib.h> | 59 | #include <stdlib.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/hmac.h> | ||
| 62 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 63 | 62 | #include <openssl/hmac.h> | |
| 64 | #ifndef OPENSSL_FIPS | ||
| 65 | 63 | ||
| 66 | void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, | 64 | void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, |
| 67 | const EVP_MD *md, ENGINE *impl) | 65 | const EVP_MD *md, ENGINE *impl) |
| @@ -81,7 +79,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, | |||
| 81 | { | 79 | { |
| 82 | reset=1; | 80 | reset=1; |
| 83 | j=EVP_MD_block_size(md); | 81 | j=EVP_MD_block_size(md); |
| 84 | OPENSSL_assert(j <= sizeof ctx->key); | 82 | OPENSSL_assert(j <= (int)sizeof(ctx->key)); |
| 85 | if (j < len) | 83 | if (j < len) |
| 86 | { | 84 | { |
| 87 | EVP_DigestInit_ex(&ctx->md_ctx,md, impl); | 85 | EVP_DigestInit_ex(&ctx->md_ctx,md, impl); |
| @@ -91,7 +89,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, | |||
| 91 | } | 89 | } |
| 92 | else | 90 | else |
| 93 | { | 91 | { |
| 94 | OPENSSL_assert(len <= sizeof ctx->key); | 92 | OPENSSL_assert(len>=0 && len<=(int)sizeof(ctx->key)); |
| 95 | memcpy(ctx->key,key,len); | 93 | memcpy(ctx->key,key,len); |
| 96 | ctx->key_length=len; | 94 | ctx->key_length=len; |
| 97 | } | 95 | } |
| @@ -123,7 +121,7 @@ void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, | |||
| 123 | HMAC_Init_ex(ctx,key,len,md, NULL); | 121 | HMAC_Init_ex(ctx,key,len,md, NULL); |
| 124 | } | 122 | } |
| 125 | 123 | ||
| 126 | void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len) | 124 | void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len) |
| 127 | { | 125 | { |
| 128 | EVP_DigestUpdate(&ctx->md_ctx,data,len); | 126 | EVP_DigestUpdate(&ctx->md_ctx,data,len); |
| 129 | } | 127 | } |
| @@ -158,7 +156,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx) | |||
| 158 | } | 156 | } |
| 159 | 157 | ||
| 160 | unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, | 158 | unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, |
| 161 | const unsigned char *d, int n, unsigned char *md, | 159 | const unsigned char *d, size_t n, unsigned char *md, |
| 162 | unsigned int *md_len) | 160 | unsigned int *md_len) |
| 163 | { | 161 | { |
| 164 | HMAC_CTX c; | 162 | HMAC_CTX c; |
| @@ -173,11 +171,3 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, | |||
| 173 | return(md); | 171 | return(md); |
| 174 | } | 172 | } |
| 175 | 173 | ||
| 176 | void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) | ||
| 177 | { | ||
| 178 | EVP_MD_CTX_set_flags(&ctx->i_ctx, flags); | ||
| 179 | EVP_MD_CTX_set_flags(&ctx->o_ctx, flags); | ||
| 180 | EVP_MD_CTX_set_flags(&ctx->md_ctx, flags); | ||
| 181 | } | ||
| 182 | |||
| 183 | #endif | ||
diff --git a/src/lib/libcrypto/hmac/hmac.h b/src/lib/libcrypto/hmac/hmac.h index c6489c04c8..719fc408ac 100644 --- a/src/lib/libcrypto/hmac/hmac.h +++ b/src/lib/libcrypto/hmac/hmac.h | |||
| @@ -58,17 +58,15 @@ | |||
| 58 | #ifndef HEADER_HMAC_H | 58 | #ifndef HEADER_HMAC_H |
| 59 | #define HEADER_HMAC_H | 59 | #define HEADER_HMAC_H |
| 60 | 60 | ||
| 61 | #include <openssl/opensslconf.h> | ||
| 62 | |||
| 61 | #ifdef OPENSSL_NO_HMAC | 63 | #ifdef OPENSSL_NO_HMAC |
| 62 | #error HMAC is disabled. | 64 | #error HMAC is disabled. |
| 63 | #endif | 65 | #endif |
| 64 | 66 | ||
| 65 | #include <openssl/evp.h> | 67 | #include <openssl/evp.h> |
| 66 | 68 | ||
| 67 | #ifdef OPENSSL_FIPS | 69 | #define HMAC_MAX_MD_CBLOCK 128 /* largest known is SHA512 */ |
| 68 | #define HMAC_MAX_MD_CBLOCK 128 | ||
| 69 | #else | ||
| 70 | #define HMAC_MAX_MD_CBLOCK 64 | ||
| 71 | #endif | ||
| 72 | 70 | ||
| 73 | #ifdef __cplusplus | 71 | #ifdef __cplusplus |
| 74 | extern "C" { | 72 | extern "C" { |
| @@ -96,13 +94,12 @@ void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, | |||
| 96 | const EVP_MD *md); /* deprecated */ | 94 | const EVP_MD *md); /* deprecated */ |
| 97 | void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, | 95 | void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, |
| 98 | const EVP_MD *md, ENGINE *impl); | 96 | const EVP_MD *md, ENGINE *impl); |
| 99 | void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len); | 97 | void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len); |
| 100 | void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); | 98 | void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); |
| 101 | unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, | 99 | unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, |
| 102 | const unsigned char *d, int n, unsigned char *md, | 100 | const unsigned char *d, size_t n, unsigned char *md, |
| 103 | unsigned int *md_len); | 101 | unsigned int *md_len); |
| 104 | 102 | ||
| 105 | void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags); | ||
| 106 | 103 | ||
| 107 | #ifdef __cplusplus | 104 | #ifdef __cplusplus |
| 108 | } | 105 | } |
diff --git a/src/lib/libcrypto/idea/idea.h b/src/lib/libcrypto/idea/idea.h index bf41844fd7..bf97a37e39 100644 --- a/src/lib/libcrypto/idea/idea.h +++ b/src/lib/libcrypto/idea/idea.h | |||
| @@ -59,6 +59,8 @@ | |||
| 59 | #ifndef HEADER_IDEA_H | 59 | #ifndef HEADER_IDEA_H |
| 60 | #define HEADER_IDEA_H | 60 | #define HEADER_IDEA_H |
| 61 | 61 | ||
| 62 | #include <openssl/opensslconf.h> /* IDEA_INT, OPENSSL_NO_IDEA */ | ||
| 63 | |||
| 62 | #ifdef OPENSSL_NO_IDEA | 64 | #ifdef OPENSSL_NO_IDEA |
| 63 | #error IDEA is disabled. | 65 | #error IDEA is disabled. |
| 64 | #endif | 66 | #endif |
| @@ -66,7 +68,6 @@ | |||
| 66 | #define IDEA_ENCRYPT 1 | 68 | #define IDEA_ENCRYPT 1 |
| 67 | #define IDEA_DECRYPT 0 | 69 | #define IDEA_DECRYPT 0 |
| 68 | 70 | ||
| 69 | #include <openssl/opensslconf.h> /* IDEA_INT */ | ||
| 70 | #define IDEA_BLOCK 8 | 71 | #define IDEA_BLOCK 8 |
| 71 | #define IDEA_KEY_LENGTH 16 | 72 | #define IDEA_KEY_LENGTH 16 |
| 72 | 73 | ||
| @@ -82,12 +83,8 @@ typedef struct idea_key_st | |||
| 82 | const char *idea_options(void); | 83 | const char *idea_options(void); |
| 83 | void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, | 84 | void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, |
| 84 | IDEA_KEY_SCHEDULE *ks); | 85 | IDEA_KEY_SCHEDULE *ks); |
| 85 | #ifdef OPENSSL_FIPS | ||
| 86 | void private_idea_set_encrypt_key(const unsigned char *key, | ||
| 87 | IDEA_KEY_SCHEDULE *ks); | ||
| 88 | #endif | ||
| 89 | void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); | 86 | void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); |
| 90 | void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); | 87 | void idea_set_decrypt_key(const IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); |
| 91 | void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, | 88 | void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, |
| 92 | long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc); | 89 | long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc); |
| 93 | void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, | 90 | void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, |
diff --git a/src/lib/libcrypto/install.com b/src/lib/libcrypto/install.com index b3d155e964..58a4fecdaa 100644 --- a/src/lib/libcrypto/install.com +++ b/src/lib/libcrypto/install.com | |||
| @@ -32,14 +32,18 @@ $ IF F$PARSE("WRK_SSLALIB:") .EQS. "" THEN - | |||
| 32 | $ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN - | 32 | $ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN - |
| 33 | CREATE/DIR/LOG WRK_SSLINCLUDE: | 33 | CREATE/DIR/LOG WRK_SSLINCLUDE: |
| 34 | $ | 34 | $ |
| 35 | $ SDIRS := ,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,- | 35 | $ SDIRS := ,- |
| 36 | DES,RC2,RC4,RC5,IDEA,BF,CAST,- | 36 | OBJECTS,- |
| 37 | BN,EC,RSA,DSA,DH,DSO,ENGINE,AES,- | 37 | MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,- |
| 38 | BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,- | 38 | DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,- |
| 39 | BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,- | ||
| 40 | BUFFER,BIO,STACK,LHASH,RAND,ERR,- | ||
| 39 | EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,- | 41 | EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,- |
| 40 | UI,KRB5 | 42 | UI,KRB5,- |
| 43 | STORE,CMS,PQUEUE | ||
| 41 | $ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,- | 44 | $ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,- |
| 42 | symhacks.h,ossl_typ.h | 45 | symhacks.h,ossl_typ.h |
| 46 | $ EXHEADER_OBJECTS := objects.h,obj_mac.h | ||
| 43 | $ EXHEADER_MD2 := md2.h | 47 | $ EXHEADER_MD2 := md2.h |
| 44 | $ EXHEADER_MD4 := md4.h | 48 | $ EXHEADER_MD4 := md4.h |
| 45 | $ EXHEADER_MD5 := md5.h | 49 | $ EXHEADER_MD5 := md5.h |
| @@ -54,11 +58,15 @@ $ EXHEADER_RC5 := rc5.h | |||
| 54 | $ EXHEADER_IDEA := idea.h | 58 | $ EXHEADER_IDEA := idea.h |
| 55 | $ EXHEADER_BF := blowfish.h | 59 | $ EXHEADER_BF := blowfish.h |
| 56 | $ EXHEADER_CAST := cast.h | 60 | $ EXHEADER_CAST := cast.h |
| 61 | $ EXHEADER_CAMELLIA := camellia.h | ||
| 62 | $ EXHEADER_SEED := seed.h | ||
| 57 | $ EXHEADER_BN := bn.h | 63 | $ EXHEADER_BN := bn.h |
| 58 | $ EXHEADER_EC := ec.h | 64 | $ EXHEADER_EC := ec.h |
| 59 | $ EXHEADER_RSA := rsa.h | 65 | $ EXHEADER_RSA := rsa.h |
| 60 | $ EXHEADER_DSA := dsa.h | 66 | $ EXHEADER_DSA := dsa.h |
| 67 | $ EXHEADER_ECDSA := ecdsa.h | ||
| 61 | $ EXHEADER_DH := dh.h | 68 | $ EXHEADER_DH := dh.h |
| 69 | $ EXHEADER_ECDH := ecdh.h | ||
| 62 | $ EXHEADER_DSO := dso.h | 70 | $ EXHEADER_DSO := dso.h |
| 63 | $ EXHEADER_ENGINE := engine.h | 71 | $ EXHEADER_ENGINE := engine.h |
| 64 | $ EXHEADER_AES := aes.h | 72 | $ EXHEADER_AES := aes.h |
| @@ -68,7 +76,6 @@ $ EXHEADER_STACK := stack.h,safestack.h | |||
| 68 | $ EXHEADER_LHASH := lhash.h | 76 | $ EXHEADER_LHASH := lhash.h |
| 69 | $ EXHEADER_RAND := rand.h | 77 | $ EXHEADER_RAND := rand.h |
| 70 | $ EXHEADER_ERR := err.h | 78 | $ EXHEADER_ERR := err.h |
| 71 | $ EXHEADER_OBJECTS := objects.h,obj_mac.h | ||
| 72 | $ EXHEADER_EVP := evp.h | 79 | $ EXHEADER_EVP := evp.h |
| 73 | $ EXHEADER_ASN1 := asn1.h,asn1_mac.h,asn1t.h | 80 | $ EXHEADER_ASN1 := asn1.h,asn1_mac.h,asn1t.h |
| 74 | $ EXHEADER_PEM := pem.h,pem2.h | 81 | $ EXHEADER_PEM := pem.h,pem2.h |
| @@ -82,6 +89,10 @@ $ EXHEADER_COMP := comp.h | |||
| 82 | $ EXHEADER_OCSP := ocsp.h | 89 | $ EXHEADER_OCSP := ocsp.h |
| 83 | $ EXHEADER_UI := ui.h,ui_compat.h | 90 | $ EXHEADER_UI := ui.h,ui_compat.h |
| 84 | $ EXHEADER_KRB5 := krb5_asn.h | 91 | $ EXHEADER_KRB5 := krb5_asn.h |
| 92 | $! EXHEADER_STORE := store.h,str_compat.h | ||
| 93 | $ EXHEADER_STORE := store.h | ||
| 94 | $ EXHEADER_PQUEUE := pqueue.h,pq_compat.h | ||
| 95 | $ EXHEADER_CMS := cms.h | ||
| 85 | $ LIBS := LIBCRYPTO | 96 | $ LIBS := LIBCRYPTO |
| 86 | $ | 97 | $ |
| 87 | $ VEXE_DIR := [-.VAX.EXE.CRYPTO] | 98 | $ VEXE_DIR := [-.VAX.EXE.CRYPTO] |
diff --git a/src/lib/libcrypto/krb5/krb5_asn.h b/src/lib/libcrypto/krb5/krb5_asn.h index 3329477b07..41725d0dc4 100644 --- a/src/lib/libcrypto/krb5/krb5_asn.h +++ b/src/lib/libcrypto/krb5/krb5_asn.h | |||
| @@ -225,7 +225,7 @@ DECLARE_STACK_OF(KRB5_AUTHENTBODY) | |||
| 225 | ** void name##_free(type *a); | 225 | ** void name##_free(type *a); |
| 226 | ** DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) = | 226 | ** DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) = |
| 227 | ** DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) = | 227 | ** DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) = |
| 228 | ** type *d2i_##name(type **a, unsigned char **in, long len); | 228 | ** type *d2i_##name(type **a, const unsigned char **in, long len); |
| 229 | ** int i2d_##name(type *a, unsigned char **out); | 229 | ** int i2d_##name(type *a, unsigned char **out); |
| 230 | ** DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it | 230 | ** DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it |
| 231 | */ | 231 | */ |
diff --git a/src/lib/libcrypto/lhash/lhash.c b/src/lib/libcrypto/lhash/lhash.c index 0a16fcf27d..04ea80203c 100644 --- a/src/lib/libcrypto/lhash/lhash.c +++ b/src/lib/libcrypto/lhash/lhash.c | |||
| @@ -100,7 +100,7 @@ | |||
| 100 | #include <openssl/crypto.h> | 100 | #include <openssl/crypto.h> |
| 101 | #include <openssl/lhash.h> | 101 | #include <openssl/lhash.h> |
| 102 | 102 | ||
| 103 | const char *lh_version="lhash" OPENSSL_VERSION_PTEXT; | 103 | const char lh_version[]="lhash" OPENSSL_VERSION_PTEXT; |
| 104 | 104 | ||
| 105 | #undef MIN_NODES | 105 | #undef MIN_NODES |
| 106 | #define MIN_NODES 16 | 106 | #define MIN_NODES 16 |
| @@ -176,11 +176,11 @@ void lh_free(LHASH *lh) | |||
| 176 | OPENSSL_free(lh); | 176 | OPENSSL_free(lh); |
| 177 | } | 177 | } |
| 178 | 178 | ||
| 179 | void *lh_insert(LHASH *lh, const void *data) | 179 | void *lh_insert(LHASH *lh, void *data) |
| 180 | { | 180 | { |
| 181 | unsigned long hash; | 181 | unsigned long hash; |
| 182 | LHASH_NODE *nn,**rn; | 182 | LHASH_NODE *nn,**rn; |
| 183 | const void *ret; | 183 | void *ret; |
| 184 | 184 | ||
| 185 | lh->error=0; | 185 | lh->error=0; |
| 186 | if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)) | 186 | if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)) |
| @@ -211,14 +211,14 @@ void *lh_insert(LHASH *lh, const void *data) | |||
| 211 | (*rn)->data=data; | 211 | (*rn)->data=data; |
| 212 | lh->num_replace++; | 212 | lh->num_replace++; |
| 213 | } | 213 | } |
| 214 | return((void *)ret); | 214 | return(ret); |
| 215 | } | 215 | } |
| 216 | 216 | ||
| 217 | void *lh_delete(LHASH *lh, const void *data) | 217 | void *lh_delete(LHASH *lh, const void *data) |
| 218 | { | 218 | { |
| 219 | unsigned long hash; | 219 | unsigned long hash; |
| 220 | LHASH_NODE *nn,**rn; | 220 | LHASH_NODE *nn,**rn; |
| 221 | const void *ret; | 221 | void *ret; |
| 222 | 222 | ||
| 223 | lh->error=0; | 223 | lh->error=0; |
| 224 | rn=getrn(lh,data,&hash); | 224 | rn=getrn(lh,data,&hash); |
| @@ -242,14 +242,14 @@ void *lh_delete(LHASH *lh, const void *data) | |||
| 242 | (lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))) | 242 | (lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))) |
| 243 | contract(lh); | 243 | contract(lh); |
| 244 | 244 | ||
| 245 | return((void *)ret); | 245 | return(ret); |
| 246 | } | 246 | } |
| 247 | 247 | ||
| 248 | void *lh_retrieve(LHASH *lh, const void *data) | 248 | void *lh_retrieve(LHASH *lh, const void *data) |
| 249 | { | 249 | { |
| 250 | unsigned long hash; | 250 | unsigned long hash; |
| 251 | LHASH_NODE **rn; | 251 | LHASH_NODE **rn; |
| 252 | const void *ret; | 252 | void *ret; |
| 253 | 253 | ||
| 254 | lh->error=0; | 254 | lh->error=0; |
| 255 | rn=getrn(lh,data,&hash); | 255 | rn=getrn(lh,data,&hash); |
| @@ -264,7 +264,7 @@ void *lh_retrieve(LHASH *lh, const void *data) | |||
| 264 | ret= (*rn)->data; | 264 | ret= (*rn)->data; |
| 265 | lh->num_retrieve++; | 265 | lh->num_retrieve++; |
| 266 | } | 266 | } |
| 267 | return((void *)ret); | 267 | return(ret); |
| 268 | } | 268 | } |
| 269 | 269 | ||
| 270 | static void doall_util_fn(LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func, | 270 | static void doall_util_fn(LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func, |
| @@ -339,7 +339,7 @@ static void expand(LHASH *lh) | |||
| 339 | { | 339 | { |
| 340 | j=(int)lh->num_alloc_nodes*2; | 340 | j=(int)lh->num_alloc_nodes*2; |
| 341 | n=(LHASH_NODE **)OPENSSL_realloc(lh->b, | 341 | n=(LHASH_NODE **)OPENSSL_realloc(lh->b, |
| 342 | (unsigned int)sizeof(LHASH_NODE *)*j); | 342 | (int)(sizeof(LHASH_NODE *)*j)); |
| 343 | if (n == NULL) | 343 | if (n == NULL) |
| 344 | { | 344 | { |
| 345 | /* fputs("realloc error in lhash",stderr); */ | 345 | /* fputs("realloc error in lhash",stderr); */ |
| @@ -401,7 +401,7 @@ static LHASH_NODE **getrn(LHASH *lh, const void *data, unsigned long *rhash) | |||
| 401 | { | 401 | { |
| 402 | LHASH_NODE **ret,*n1; | 402 | LHASH_NODE **ret,*n1; |
| 403 | unsigned long hash,nn; | 403 | unsigned long hash,nn; |
| 404 | int (*cf)(); | 404 | LHASH_COMP_FN_TYPE cf; |
| 405 | 405 | ||
| 406 | hash=(*(lh->hash))(data); | 406 | hash=(*(lh->hash))(data); |
| 407 | lh->num_hash_calls++; | 407 | lh->num_hash_calls++; |
diff --git a/src/lib/libcrypto/lhash/lhash.h b/src/lib/libcrypto/lhash/lhash.h index dee8207333..d392d0cd80 100644 --- a/src/lib/libcrypto/lhash/lhash.h +++ b/src/lib/libcrypto/lhash/lhash.h | |||
| @@ -63,6 +63,7 @@ | |||
| 63 | #ifndef HEADER_LHASH_H | 63 | #ifndef HEADER_LHASH_H |
| 64 | #define HEADER_LHASH_H | 64 | #define HEADER_LHASH_H |
| 65 | 65 | ||
| 66 | #include <openssl/e_os2.h> | ||
| 66 | #ifndef OPENSSL_NO_FP_API | 67 | #ifndef OPENSSL_NO_FP_API |
| 67 | #include <stdio.h> | 68 | #include <stdio.h> |
| 68 | #endif | 69 | #endif |
| @@ -77,7 +78,7 @@ extern "C" { | |||
| 77 | 78 | ||
| 78 | typedef struct lhash_node_st | 79 | typedef struct lhash_node_st |
| 79 | { | 80 | { |
| 80 | const void *data; | 81 | void *data; |
| 81 | struct lhash_node_st *next; | 82 | struct lhash_node_st *next; |
| 82 | #ifndef OPENSSL_NO_HASH_COMP | 83 | #ifndef OPENSSL_NO_HASH_COMP |
| 83 | unsigned long hash; | 84 | unsigned long hash; |
| @@ -86,8 +87,8 @@ typedef struct lhash_node_st | |||
| 86 | 87 | ||
| 87 | typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *); | 88 | typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *); |
| 88 | typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *); | 89 | typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *); |
| 89 | typedef void (*LHASH_DOALL_FN_TYPE)(const void *); | 90 | typedef void (*LHASH_DOALL_FN_TYPE)(void *); |
| 90 | typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, void *); | 91 | typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *); |
| 91 | 92 | ||
| 92 | /* Macros for declaring and implementing type-safe wrappers for LHASH callbacks. | 93 | /* Macros for declaring and implementing type-safe wrappers for LHASH callbacks. |
| 93 | * This way, callbacks can be provided to LHASH structures without function | 94 | * This way, callbacks can be provided to LHASH structures without function |
| @@ -117,18 +118,18 @@ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, void *); | |||
| 117 | 118 | ||
| 118 | /* Third: "doall" functions */ | 119 | /* Third: "doall" functions */ |
| 119 | #define DECLARE_LHASH_DOALL_FN(f_name,o_type) \ | 120 | #define DECLARE_LHASH_DOALL_FN(f_name,o_type) \ |
| 120 | void f_name##_LHASH_DOALL(const void *); | 121 | void f_name##_LHASH_DOALL(void *); |
| 121 | #define IMPLEMENT_LHASH_DOALL_FN(f_name,o_type) \ | 122 | #define IMPLEMENT_LHASH_DOALL_FN(f_name,o_type) \ |
| 122 | void f_name##_LHASH_DOALL(const void *arg) { \ | 123 | void f_name##_LHASH_DOALL(void *arg) { \ |
| 123 | o_type a = (o_type)arg; \ | 124 | o_type a = (o_type)arg; \ |
| 124 | f_name(a); } | 125 | f_name(a); } |
| 125 | #define LHASH_DOALL_FN(f_name) f_name##_LHASH_DOALL | 126 | #define LHASH_DOALL_FN(f_name) f_name##_LHASH_DOALL |
| 126 | 127 | ||
| 127 | /* Fourth: "doall_arg" functions */ | 128 | /* Fourth: "doall_arg" functions */ |
| 128 | #define DECLARE_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \ | 129 | #define DECLARE_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \ |
| 129 | void f_name##_LHASH_DOALL_ARG(const void *, void *); | 130 | void f_name##_LHASH_DOALL_ARG(void *, void *); |
| 130 | #define IMPLEMENT_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \ | 131 | #define IMPLEMENT_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \ |
| 131 | void f_name##_LHASH_DOALL_ARG(const void *arg1, void *arg2) { \ | 132 | void f_name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \ |
| 132 | o_type a = (o_type)arg1; \ | 133 | o_type a = (o_type)arg1; \ |
| 133 | a_type b = (a_type)arg2; \ | 134 | a_type b = (a_type)arg2; \ |
| 134 | f_name(a,b); } | 135 | f_name(a,b); } |
| @@ -172,7 +173,7 @@ typedef struct lhash_st | |||
| 172 | 173 | ||
| 173 | LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c); | 174 | LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c); |
| 174 | void lh_free(LHASH *lh); | 175 | void lh_free(LHASH *lh); |
| 175 | void *lh_insert(LHASH *lh, const void *data); | 176 | void *lh_insert(LHASH *lh, void *data); |
| 176 | void *lh_delete(LHASH *lh, const void *data); | 177 | void *lh_delete(LHASH *lh, const void *data); |
| 177 | void *lh_retrieve(LHASH *lh, const void *data); | 178 | void *lh_retrieve(LHASH *lh, const void *data); |
| 178 | void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func); | 179 | void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func); |
diff --git a/src/lib/libcrypto/md2/md2.h b/src/lib/libcrypto/md2/md2.h index d0ef9da08e..a46120e7d4 100644 --- a/src/lib/libcrypto/md2/md2.h +++ b/src/lib/libcrypto/md2/md2.h | |||
| @@ -59,13 +59,14 @@ | |||
| 59 | #ifndef HEADER_MD2_H | 59 | #ifndef HEADER_MD2_H |
| 60 | #define HEADER_MD2_H | 60 | #define HEADER_MD2_H |
| 61 | 61 | ||
| 62 | #include <openssl/opensslconf.h> /* OPENSSL_NO_MD2, MD2_INT */ | ||
| 62 | #ifdef OPENSSL_NO_MD2 | 63 | #ifdef OPENSSL_NO_MD2 |
| 63 | #error MD2 is disabled. | 64 | #error MD2 is disabled. |
| 64 | #endif | 65 | #endif |
| 66 | #include <stddef.h> | ||
| 65 | 67 | ||
| 66 | #define MD2_DIGEST_LENGTH 16 | 68 | #define MD2_DIGEST_LENGTH 16 |
| 67 | #define MD2_BLOCK 16 | 69 | #define MD2_BLOCK 16 |
| 68 | #include <openssl/opensslconf.h> /* MD2_INT */ | ||
| 69 | 70 | ||
| 70 | #ifdef __cplusplus | 71 | #ifdef __cplusplus |
| 71 | extern "C" { | 72 | extern "C" { |
| @@ -73,20 +74,17 @@ extern "C" { | |||
| 73 | 74 | ||
| 74 | typedef struct MD2state_st | 75 | typedef struct MD2state_st |
| 75 | { | 76 | { |
| 76 | int num; | 77 | unsigned int num; |
| 77 | unsigned char data[MD2_BLOCK]; | 78 | unsigned char data[MD2_BLOCK]; |
| 78 | MD2_INT cksm[MD2_BLOCK]; | 79 | MD2_INT cksm[MD2_BLOCK]; |
| 79 | MD2_INT state[MD2_BLOCK]; | 80 | MD2_INT state[MD2_BLOCK]; |
| 80 | } MD2_CTX; | 81 | } MD2_CTX; |
| 81 | 82 | ||
| 82 | const char *MD2_options(void); | 83 | const char *MD2_options(void); |
| 83 | #ifdef OPENSSL_FIPS | ||
| 84 | int private_MD2_Init(MD2_CTX *c); | ||
| 85 | #endif | ||
| 86 | int MD2_Init(MD2_CTX *c); | 84 | int MD2_Init(MD2_CTX *c); |
| 87 | int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len); | 85 | int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len); |
| 88 | int MD2_Final(unsigned char *md, MD2_CTX *c); | 86 | int MD2_Final(unsigned char *md, MD2_CTX *c); |
| 89 | unsigned char *MD2(const unsigned char *d, unsigned long n,unsigned char *md); | 87 | unsigned char *MD2(const unsigned char *d, size_t n,unsigned char *md); |
| 90 | #ifdef __cplusplus | 88 | #ifdef __cplusplus |
| 91 | } | 89 | } |
| 92 | #endif | 90 | #endif |
diff --git a/src/lib/libcrypto/md2/md2_dgst.c b/src/lib/libcrypto/md2/md2_dgst.c index 8124acd687..6f68b25c6a 100644 --- a/src/lib/libcrypto/md2/md2_dgst.c +++ b/src/lib/libcrypto/md2/md2_dgst.c | |||
| @@ -62,10 +62,8 @@ | |||
| 62 | #include <openssl/md2.h> | 62 | #include <openssl/md2.h> |
| 63 | #include <openssl/opensslv.h> | 63 | #include <openssl/opensslv.h> |
| 64 | #include <openssl/crypto.h> | 64 | #include <openssl/crypto.h> |
| 65 | #include <openssl/fips.h> | ||
| 66 | #include <openssl/err.h> | ||
| 67 | 65 | ||
| 68 | const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT; | 66 | const char MD2_version[]="MD2" OPENSSL_VERSION_PTEXT; |
| 69 | 67 | ||
| 70 | /* Implemented from RFC1319 The MD2 Message-Digest Algorithm | 68 | /* Implemented from RFC1319 The MD2 Message-Digest Algorithm |
| 71 | */ | 69 | */ |
| @@ -118,7 +116,7 @@ const char *MD2_options(void) | |||
| 118 | return("md2(int)"); | 116 | return("md2(int)"); |
| 119 | } | 117 | } |
| 120 | 118 | ||
| 121 | FIPS_NON_FIPS_MD_Init(MD2) | 119 | int MD2_Init(MD2_CTX *c) |
| 122 | { | 120 | { |
| 123 | c->num=0; | 121 | c->num=0; |
| 124 | memset(c->state,0,sizeof c->state); | 122 | memset(c->state,0,sizeof c->state); |
| @@ -127,7 +125,7 @@ FIPS_NON_FIPS_MD_Init(MD2) | |||
| 127 | return 1; | 125 | return 1; |
| 128 | } | 126 | } |
| 129 | 127 | ||
| 130 | int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len) | 128 | int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len) |
| 131 | { | 129 | { |
| 132 | register UCHAR *p; | 130 | register UCHAR *p; |
| 133 | 131 | ||
| @@ -147,7 +145,7 @@ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len) | |||
| 147 | } | 145 | } |
| 148 | else | 146 | else |
| 149 | { | 147 | { |
| 150 | memcpy(&(p[c->num]),data,(int)len); | 148 | memcpy(&(p[c->num]),data,len); |
| 151 | /* data+=len; */ | 149 | /* data+=len; */ |
| 152 | c->num+=(int)len; | 150 | c->num+=(int)len; |
| 153 | return 1; | 151 | return 1; |
| @@ -161,7 +159,7 @@ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len) | |||
| 161 | data+=MD2_BLOCK; | 159 | data+=MD2_BLOCK; |
| 162 | len-=MD2_BLOCK; | 160 | len-=MD2_BLOCK; |
| 163 | } | 161 | } |
| 164 | memcpy(p,data,(int)len); | 162 | memcpy(p,data,len); |
| 165 | c->num=(int)len; | 163 | c->num=(int)len; |
| 166 | return 1; | 164 | return 1; |
| 167 | } | 165 | } |
diff --git a/src/lib/libcrypto/md2/md2_one.c b/src/lib/libcrypto/md2/md2_one.c index 8c36ba5779..f7fef5cc0a 100644 --- a/src/lib/libcrypto/md2/md2_one.c +++ b/src/lib/libcrypto/md2/md2_one.c | |||
| @@ -63,7 +63,7 @@ | |||
| 63 | /* This is a separate file so that #defines in cryptlib.h can | 63 | /* This is a separate file so that #defines in cryptlib.h can |
| 64 | * map my MD functions to different names */ | 64 | * map my MD functions to different names */ |
| 65 | 65 | ||
| 66 | unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md) | 66 | unsigned char *MD2(const unsigned char *d, size_t n, unsigned char *md) |
| 67 | { | 67 | { |
| 68 | MD2_CTX c; | 68 | MD2_CTX c; |
| 69 | static unsigned char m[MD2_DIGEST_LENGTH]; | 69 | static unsigned char m[MD2_DIGEST_LENGTH]; |
diff --git a/src/lib/libcrypto/md2/md2test.c b/src/lib/libcrypto/md2/md2test.c index 9c1e28b6ce..db5f5bc6d2 100644 --- a/src/lib/libcrypto/md2/md2test.c +++ b/src/lib/libcrypto/md2/md2test.c | |||
| @@ -110,7 +110,7 @@ int main(int argc, char *argv[]) | |||
| 110 | i=1; | 110 | i=1; |
| 111 | while (*P != NULL) | 111 | while (*P != NULL) |
| 112 | { | 112 | { |
| 113 | EVP_Digest((unsigned char *)*P,(unsigned long)strlen(*P),md,NULL,EVP_md2(), NULL); | 113 | EVP_Digest((unsigned char *)*P,strlen(*P),md,NULL,EVP_md2(), NULL); |
| 114 | p=pt(md); | 114 | p=pt(md); |
| 115 | if (strcmp(p,*R) != 0) | 115 | if (strcmp(p,*R) != 0) |
| 116 | { | 116 | { |
| @@ -124,7 +124,11 @@ int main(int argc, char *argv[]) | |||
| 124 | R++; | 124 | R++; |
| 125 | P++; | 125 | P++; |
| 126 | } | 126 | } |
| 127 | #ifdef OPENSSL_SYS_NETWARE | ||
| 128 | if (err) printf("ERROR: %d\n", err); | ||
| 129 | #endif | ||
| 127 | EXIT(err); | 130 | EXIT(err); |
| 131 | return err; | ||
| 128 | } | 132 | } |
| 129 | 133 | ||
| 130 | static char *pt(unsigned char *md) | 134 | static char *pt(unsigned char *md) |
diff --git a/src/lib/libcrypto/md32_common.h b/src/lib/libcrypto/md32_common.h index 733da6acaf..089c450290 100644 --- a/src/lib/libcrypto/md32_common.h +++ b/src/lib/libcrypto/md32_common.h | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/md32_common.h */ | 1 | /* crypto/md32_common.h */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -47,10 +47,6 @@ | |||
| 47 | * OF THE POSSIBILITY OF SUCH DAMAGE. | 47 | * OF THE POSSIBILITY OF SUCH DAMAGE. |
| 48 | * ==================================================================== | 48 | * ==================================================================== |
| 49 | * | 49 | * |
| 50 | * This product includes cryptographic software written by Eric Young | ||
| 51 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 52 | * Hudson (tjh@cryptsoft.com). | ||
| 53 | * | ||
| 54 | */ | 50 | */ |
| 55 | 51 | ||
| 56 | /* | 52 | /* |
| @@ -76,40 +72,27 @@ | |||
| 76 | * typedef struct { | 72 | * typedef struct { |
| 77 | * ... | 73 | * ... |
| 78 | * HASH_LONG Nl,Nh; | 74 | * HASH_LONG Nl,Nh; |
| 75 | * either { | ||
| 79 | * HASH_LONG data[HASH_LBLOCK]; | 76 | * HASH_LONG data[HASH_LBLOCK]; |
| 80 | * int num; | 77 | * unsigned char data[HASH_CBLOCK]; |
| 78 | * }; | ||
| 79 | * unsigned int num; | ||
| 81 | * ... | 80 | * ... |
| 82 | * } HASH_CTX; | 81 | * } HASH_CTX; |
| 82 | * data[] vector is expected to be zeroed upon first call to | ||
| 83 | * HASH_UPDATE. | ||
| 83 | * HASH_UPDATE | 84 | * HASH_UPDATE |
| 84 | * name of "Update" function, implemented here. | 85 | * name of "Update" function, implemented here. |
| 85 | * HASH_TRANSFORM | 86 | * HASH_TRANSFORM |
| 86 | * name of "Transform" function, implemented here. | 87 | * name of "Transform" function, implemented here. |
| 87 | * HASH_FINAL | 88 | * HASH_FINAL |
| 88 | * name of "Final" function, implemented here. | 89 | * name of "Final" function, implemented here. |
| 89 | * HASH_BLOCK_HOST_ORDER | ||
| 90 | * name of "block" function treating *aligned* input message | ||
| 91 | * in host byte order, implemented externally. | ||
| 92 | * HASH_BLOCK_DATA_ORDER | 90 | * HASH_BLOCK_DATA_ORDER |
| 93 | * name of "block" function treating *unaligned* input message | 91 | * name of "block" function capable of treating *unaligned* input |
| 94 | * in original (data) byte order, implemented externally (it | 92 | * message in original (data) byte order, implemented externally. |
| 95 | * actually is optional if data and host are of the same | ||
| 96 | * "endianess"). | ||
| 97 | * HASH_MAKE_STRING | 93 | * HASH_MAKE_STRING |
| 98 | * macro convering context variables to an ASCII hash string. | 94 | * macro convering context variables to an ASCII hash string. |
| 99 | * | 95 | * |
| 100 | * Optional macros: | ||
| 101 | * | ||
| 102 | * B_ENDIAN or L_ENDIAN | ||
| 103 | * defines host byte-order. | ||
| 104 | * HASH_LONG_LOG2 | ||
| 105 | * defaults to 2 if not states otherwise. | ||
| 106 | * HASH_LBLOCK | ||
| 107 | * assumed to be HASH_CBLOCK/4 if not stated otherwise. | ||
| 108 | * HASH_BLOCK_DATA_ORDER_ALIGNED | ||
| 109 | * alternative "block" function capable of treating | ||
| 110 | * aligned input message in original (data) order, | ||
| 111 | * implemented externally. | ||
| 112 | * | ||
| 113 | * MD5 example: | 96 | * MD5 example: |
| 114 | * | 97 | * |
| 115 | * #define DATA_ORDER_IS_LITTLE_ENDIAN | 98 | * #define DATA_ORDER_IS_LITTLE_ENDIAN |
| @@ -118,20 +101,14 @@ | |||
| 118 | * #define HASH_LONG_LOG2 MD5_LONG_LOG2 | 101 | * #define HASH_LONG_LOG2 MD5_LONG_LOG2 |
| 119 | * #define HASH_CTX MD5_CTX | 102 | * #define HASH_CTX MD5_CTX |
| 120 | * #define HASH_CBLOCK MD5_CBLOCK | 103 | * #define HASH_CBLOCK MD5_CBLOCK |
| 121 | * #define HASH_LBLOCK MD5_LBLOCK | ||
| 122 | * #define HASH_UPDATE MD5_Update | 104 | * #define HASH_UPDATE MD5_Update |
| 123 | * #define HASH_TRANSFORM MD5_Transform | 105 | * #define HASH_TRANSFORM MD5_Transform |
| 124 | * #define HASH_FINAL MD5_Final | 106 | * #define HASH_FINAL MD5_Final |
| 125 | * #define HASH_BLOCK_HOST_ORDER md5_block_host_order | ||
| 126 | * #define HASH_BLOCK_DATA_ORDER md5_block_data_order | 107 | * #define HASH_BLOCK_DATA_ORDER md5_block_data_order |
| 127 | * | 108 | * |
| 128 | * <appro@fy.chalmers.se> | 109 | * <appro@fy.chalmers.se> |
| 129 | */ | 110 | */ |
| 130 | 111 | ||
| 131 | #include <openssl/crypto.h> | ||
| 132 | #include <openssl/fips.h> | ||
| 133 | #include <openssl/err.h> | ||
| 134 | |||
| 135 | #if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN) | 112 | #if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN) |
| 136 | #error "DATA_ORDER must be defined!" | 113 | #error "DATA_ORDER must be defined!" |
| 137 | #endif | 114 | #endif |
| @@ -156,34 +133,16 @@ | |||
| 156 | #error "HASH_FINAL must be defined!" | 133 | #error "HASH_FINAL must be defined!" |
| 157 | #endif | 134 | #endif |
| 158 | 135 | ||
| 159 | #ifndef HASH_BLOCK_HOST_ORDER | ||
| 160 | #error "HASH_BLOCK_HOST_ORDER must be defined!" | ||
| 161 | #endif | ||
| 162 | |||
| 163 | #if 0 | ||
| 164 | /* | ||
| 165 | * Moved below as it's required only if HASH_BLOCK_DATA_ORDER_ALIGNED | ||
| 166 | * isn't defined. | ||
| 167 | */ | ||
| 168 | #ifndef HASH_BLOCK_DATA_ORDER | 136 | #ifndef HASH_BLOCK_DATA_ORDER |
| 169 | #error "HASH_BLOCK_DATA_ORDER must be defined!" | 137 | #error "HASH_BLOCK_DATA_ORDER must be defined!" |
| 170 | #endif | 138 | #endif |
| 171 | #endif | ||
| 172 | |||
| 173 | #ifndef HASH_LBLOCK | ||
| 174 | #define HASH_LBLOCK (HASH_CBLOCK/4) | ||
| 175 | #endif | ||
| 176 | |||
| 177 | #ifndef HASH_LONG_LOG2 | ||
| 178 | #define HASH_LONG_LOG2 2 | ||
| 179 | #endif | ||
| 180 | 139 | ||
| 181 | /* | 140 | /* |
| 182 | * Engage compiler specific rotate intrinsic function if available. | 141 | * Engage compiler specific rotate intrinsic function if available. |
| 183 | */ | 142 | */ |
| 184 | #undef ROTATE | 143 | #undef ROTATE |
| 185 | #ifndef PEDANTIC | 144 | #ifndef PEDANTIC |
| 186 | # if 0 /* defined(_MSC_VER) */ | 145 | # if defined(_MSC_VER) || defined(__ICC) |
| 187 | # define ROTATE(a,n) _lrotl(a,n) | 146 | # define ROTATE(a,n) _lrotl(a,n) |
| 188 | # elif defined(__MWERKS__) | 147 | # elif defined(__MWERKS__) |
| 189 | # if defined(__POWERPC__) | 148 | # if defined(__POWERPC__) |
| @@ -199,7 +158,6 @@ | |||
| 199 | * Some GNU C inline assembler templates. Note that these are | 158 | * Some GNU C inline assembler templates. Note that these are |
| 200 | * rotates by *constant* number of bits! But that's exactly | 159 | * rotates by *constant* number of bits! But that's exactly |
| 201 | * what we need here... | 160 | * what we need here... |
| 202 | * | ||
| 203 | * <appro@fy.chalmers.se> | 161 | * <appro@fy.chalmers.se> |
| 204 | */ | 162 | */ |
| 205 | # if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) | 163 | # if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) |
| @@ -211,7 +169,8 @@ | |||
| 211 | : "cc"); \ | 169 | : "cc"); \ |
| 212 | ret; \ | 170 | ret; \ |
| 213 | }) | 171 | }) |
| 214 | # elif defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__) | 172 | # elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \ |
| 173 | defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__) | ||
| 215 | # define ROTATE(a,n) ({ register unsigned int ret; \ | 174 | # define ROTATE(a,n) ({ register unsigned int ret; \ |
| 216 | asm ( \ | 175 | asm ( \ |
| 217 | "rlwinm %0,%1,%2,0,31" \ | 176 | "rlwinm %0,%1,%2,0,31" \ |
| @@ -219,194 +178,100 @@ | |||
| 219 | : "r"(a), "I"(n)); \ | 178 | : "r"(a), "I"(n)); \ |
| 220 | ret; \ | 179 | ret; \ |
| 221 | }) | 180 | }) |
| 222 | # endif | 181 | # elif defined(__s390x__) |
| 223 | # endif | 182 | # define ROTATE(a,n) ({ register unsigned int ret; \ |
| 224 | 183 | asm ("rll %0,%1,%2" \ | |
| 225 | /* | 184 | : "=r"(ret) \ |
| 226 | * Engage compiler specific "fetch in reverse byte order" | 185 | : "r"(a), "I"(n)); \ |
| 227 | * intrinsic function if available. | 186 | ret; \ |
| 228 | */ | ||
| 229 | # if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) | ||
| 230 | /* some GNU C inline assembler templates by <appro@fy.chalmers.se> */ | ||
| 231 | # if (defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)) && !defined(I386_ONLY) | ||
| 232 | # define BE_FETCH32(a) ({ register unsigned int l=(a);\ | ||
| 233 | asm ( \ | ||
| 234 | "bswapl %0" \ | ||
| 235 | : "=r"(l) : "0"(l)); \ | ||
| 236 | l; \ | ||
| 237 | }) | ||
| 238 | # elif defined(__powerpc) | ||
| 239 | # define LE_FETCH32(a) ({ register unsigned int l; \ | ||
| 240 | asm ( \ | ||
| 241 | "lwbrx %0,0,%1" \ | ||
| 242 | : "=r"(l) \ | ||
| 243 | : "r"(a)); \ | ||
| 244 | l; \ | ||
| 245 | }) | ||
| 246 | |||
| 247 | # elif defined(__sparc) && defined(OPENSSL_SYS_ULTRASPARC) | ||
| 248 | # define LE_FETCH32(a) ({ register unsigned int l; \ | ||
| 249 | asm ( \ | ||
| 250 | "lda [%1]#ASI_PRIMARY_LITTLE,%0"\ | ||
| 251 | : "=r"(l) \ | ||
| 252 | : "r"(a)); \ | ||
| 253 | l; \ | ||
| 254 | }) | 187 | }) |
| 255 | # endif | 188 | # endif |
| 256 | # endif | 189 | # endif |
| 257 | #endif /* PEDANTIC */ | 190 | #endif /* PEDANTIC */ |
| 258 | 191 | ||
| 259 | #if HASH_LONG_LOG2==2 /* Engage only if sizeof(HASH_LONG)== 4 */ | ||
| 260 | /* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */ | ||
| 261 | #ifdef ROTATE | ||
| 262 | /* 5 instructions with rotate instruction, else 9 */ | ||
| 263 | #define REVERSE_FETCH32(a,l) ( \ | ||
| 264 | l=*(const HASH_LONG *)(a), \ | ||
| 265 | ((ROTATE(l,8)&0x00FF00FF)|(ROTATE((l&0x00FF00FF),24))) \ | ||
| 266 | ) | ||
| 267 | #else | ||
| 268 | /* 6 instructions with rotate instruction, else 8 */ | ||
| 269 | #define REVERSE_FETCH32(a,l) ( \ | ||
| 270 | l=*(const HASH_LONG *)(a), \ | ||
| 271 | l=(((l>>8)&0x00FF00FF)|((l&0x00FF00FF)<<8)), \ | ||
| 272 | ROTATE(l,16) \ | ||
| 273 | ) | ||
| 274 | /* | ||
| 275 | * Originally the middle line started with l=(((l&0xFF00FF00)>>8)|... | ||
| 276 | * It's rewritten as above for two reasons: | ||
| 277 | * - RISCs aren't good at long constants and have to explicitely | ||
| 278 | * compose 'em with several (well, usually 2) instructions in a | ||
| 279 | * register before performing the actual operation and (as you | ||
| 280 | * already realized:-) having same constant should inspire the | ||
| 281 | * compiler to permanently allocate the only register for it; | ||
| 282 | * - most modern CPUs have two ALUs, but usually only one has | ||
| 283 | * circuitry for shifts:-( this minor tweak inspires compiler | ||
| 284 | * to schedule shift instructions in a better way... | ||
| 285 | * | ||
| 286 | * <appro@fy.chalmers.se> | ||
| 287 | */ | ||
| 288 | #endif | ||
| 289 | #endif | ||
| 290 | |||
| 291 | #ifndef ROTATE | 192 | #ifndef ROTATE |
| 292 | #define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) | 193 | #define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) |
| 293 | #endif | 194 | #endif |
| 294 | 195 | ||
| 295 | /* | 196 | #if defined(DATA_ORDER_IS_BIG_ENDIAN) |
| 296 | * Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED | ||
| 297 | * and HASH_BLOCK_HOST_ORDER ought to be the same if input data | ||
| 298 | * and host are of the same "endianess". It's possible to mask | ||
| 299 | * this with blank #define HASH_BLOCK_DATA_ORDER though... | ||
| 300 | * | ||
| 301 | * <appro@fy.chalmers.se> | ||
| 302 | */ | ||
| 303 | #if defined(B_ENDIAN) | ||
| 304 | # if defined(DATA_ORDER_IS_BIG_ENDIAN) | ||
| 305 | # if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2 | ||
| 306 | # define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER | ||
| 307 | # endif | ||
| 308 | # elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) | ||
| 309 | # ifndef HOST_FETCH32 | ||
| 310 | # ifdef LE_FETCH32 | ||
| 311 | # define HOST_FETCH32(p,l) LE_FETCH32(p) | ||
| 312 | # elif defined(REVERSE_FETCH32) | ||
| 313 | # define HOST_FETCH32(p,l) REVERSE_FETCH32(p,l) | ||
| 314 | # endif | ||
| 315 | # endif | ||
| 316 | # endif | ||
| 317 | #elif defined(L_ENDIAN) | ||
| 318 | # if defined(DATA_ORDER_IS_LITTLE_ENDIAN) | ||
| 319 | # if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2 | ||
| 320 | # define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER | ||
| 321 | # endif | ||
| 322 | # elif defined(DATA_ORDER_IS_BIG_ENDIAN) | ||
| 323 | # ifndef HOST_FETCH32 | ||
| 324 | # ifdef BE_FETCH32 | ||
| 325 | # define HOST_FETCH32(p,l) BE_FETCH32(p) | ||
| 326 | # elif defined(REVERSE_FETCH32) | ||
| 327 | # define HOST_FETCH32(p,l) REVERSE_FETCH32(p,l) | ||
| 328 | # endif | ||
| 329 | # endif | ||
| 330 | # endif | ||
| 331 | #endif | ||
| 332 | 197 | ||
| 333 | #if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) | 198 | #ifndef PEDANTIC |
| 334 | #ifndef HASH_BLOCK_DATA_ORDER | 199 | # if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) |
| 335 | #error "HASH_BLOCK_DATA_ORDER must be defined!" | 200 | # if ((defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)) || \ |
| 201 | (defined(__x86_64) || defined(__x86_64__)) | ||
| 202 | # if !defined(B_ENDIAN) | ||
| 203 | /* | ||
| 204 | * This gives ~30-40% performance improvement in SHA-256 compiled | ||
| 205 | * with gcc [on P4]. Well, first macro to be frank. We can pull | ||
| 206 | * this trick on x86* platforms only, because these CPUs can fetch | ||
| 207 | * unaligned data without raising an exception. | ||
| 208 | */ | ||
| 209 | # define HOST_c2l(c,l) ({ unsigned int r=*((const unsigned int *)(c)); \ | ||
| 210 | asm ("bswapl %0":"=r"(r):"0"(r)); \ | ||
| 211 | (c)+=4; (l)=r; }) | ||
| 212 | # define HOST_l2c(l,c) ({ unsigned int r=(l); \ | ||
| 213 | asm ("bswapl %0":"=r"(r):"0"(r)); \ | ||
| 214 | *((unsigned int *)(c))=r; (c)+=4; r; }) | ||
| 215 | # endif | ||
| 216 | # endif | ||
| 217 | # endif | ||
| 336 | #endif | 218 | #endif |
| 219 | #if defined(__s390__) || defined(__s390x__) | ||
| 220 | # define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l)) | ||
| 221 | # define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l)) | ||
| 337 | #endif | 222 | #endif |
| 338 | 223 | ||
| 339 | #if defined(DATA_ORDER_IS_BIG_ENDIAN) | 224 | #ifndef HOST_c2l |
| 340 | |||
| 341 | #define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ | 225 | #define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ |
| 342 | l|=(((unsigned long)(*((c)++)))<<16), \ | 226 | l|=(((unsigned long)(*((c)++)))<<16), \ |
| 343 | l|=(((unsigned long)(*((c)++)))<< 8), \ | 227 | l|=(((unsigned long)(*((c)++)))<< 8), \ |
| 344 | l|=(((unsigned long)(*((c)++))) ), \ | 228 | l|=(((unsigned long)(*((c)++))) ), \ |
| 345 | l) | 229 | l) |
| 346 | #define HOST_p_c2l(c,l,n) { \ | 230 | #endif |
| 347 | switch (n) { \ | 231 | #ifndef HOST_l2c |
| 348 | case 0: l =((unsigned long)(*((c)++)))<<24; \ | ||
| 349 | case 1: l|=((unsigned long)(*((c)++)))<<16; \ | ||
| 350 | case 2: l|=((unsigned long)(*((c)++)))<< 8; \ | ||
| 351 | case 3: l|=((unsigned long)(*((c)++))); \ | ||
| 352 | } } | ||
| 353 | #define HOST_p_c2l_p(c,l,sc,len) { \ | ||
| 354 | switch (sc) { \ | ||
| 355 | case 0: l =((unsigned long)(*((c)++)))<<24; \ | ||
| 356 | if (--len == 0) break; \ | ||
| 357 | case 1: l|=((unsigned long)(*((c)++)))<<16; \ | ||
| 358 | if (--len == 0) break; \ | ||
| 359 | case 2: l|=((unsigned long)(*((c)++)))<< 8; \ | ||
| 360 | } } | ||
| 361 | /* NOTE the pointer is not incremented at the end of this */ | ||
| 362 | #define HOST_c2l_p(c,l,n) { \ | ||
| 363 | l=0; (c)+=n; \ | ||
| 364 | switch (n) { \ | ||
| 365 | case 3: l =((unsigned long)(*(--(c))))<< 8; \ | ||
| 366 | case 2: l|=((unsigned long)(*(--(c))))<<16; \ | ||
| 367 | case 1: l|=((unsigned long)(*(--(c))))<<24; \ | ||
| 368 | } } | ||
| 369 | #define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ | 232 | #define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ |
| 370 | *((c)++)=(unsigned char)(((l)>>16)&0xff), \ | 233 | *((c)++)=(unsigned char)(((l)>>16)&0xff), \ |
| 371 | *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ | 234 | *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ |
| 372 | *((c)++)=(unsigned char)(((l) )&0xff), \ | 235 | *((c)++)=(unsigned char)(((l) )&0xff), \ |
| 373 | l) | 236 | l) |
| 237 | #endif | ||
| 374 | 238 | ||
| 375 | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) | 239 | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) |
| 376 | 240 | ||
| 241 | #ifndef PEDANTIC | ||
| 242 | # if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) | ||
| 243 | # if defined(__s390x__) | ||
| 244 | # define HOST_c2l(c,l) ({ asm ("lrv %0,0(%1)" \ | ||
| 245 | :"=r"(l) : "r"(c)); \ | ||
| 246 | (c)+=4; (l); }) | ||
| 247 | # define HOST_l2c(l,c) ({ asm ("strv %0,0(%1)" \ | ||
| 248 | : : "r"(l),"r"(c) : "memory"); \ | ||
| 249 | (c)+=4; (l); }) | ||
| 250 | # endif | ||
| 251 | # endif | ||
| 252 | #endif | ||
| 253 | #if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) | ||
| 254 | # ifndef B_ENDIAN | ||
| 255 | /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */ | ||
| 256 | # define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, l) | ||
| 257 | # define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, l) | ||
| 258 | # endif | ||
| 259 | #endif | ||
| 260 | |||
| 261 | #ifndef HOST_c2l | ||
| 377 | #define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \ | 262 | #define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \ |
| 378 | l|=(((unsigned long)(*((c)++)))<< 8), \ | 263 | l|=(((unsigned long)(*((c)++)))<< 8), \ |
| 379 | l|=(((unsigned long)(*((c)++)))<<16), \ | 264 | l|=(((unsigned long)(*((c)++)))<<16), \ |
| 380 | l|=(((unsigned long)(*((c)++)))<<24), \ | 265 | l|=(((unsigned long)(*((c)++)))<<24), \ |
| 381 | l) | 266 | l) |
| 382 | #define HOST_p_c2l(c,l,n) { \ | 267 | #endif |
| 383 | switch (n) { \ | 268 | #ifndef HOST_l2c |
| 384 | case 0: l =((unsigned long)(*((c)++))); \ | ||
| 385 | case 1: l|=((unsigned long)(*((c)++)))<< 8; \ | ||
| 386 | case 2: l|=((unsigned long)(*((c)++)))<<16; \ | ||
| 387 | case 3: l|=((unsigned long)(*((c)++)))<<24; \ | ||
| 388 | } } | ||
| 389 | #define HOST_p_c2l_p(c,l,sc,len) { \ | ||
| 390 | switch (sc) { \ | ||
| 391 | case 0: l =((unsigned long)(*((c)++))); \ | ||
| 392 | if (--len == 0) break; \ | ||
| 393 | case 1: l|=((unsigned long)(*((c)++)))<< 8; \ | ||
| 394 | if (--len == 0) break; \ | ||
| 395 | case 2: l|=((unsigned long)(*((c)++)))<<16; \ | ||
| 396 | } } | ||
| 397 | /* NOTE the pointer is not incremented at the end of this */ | ||
| 398 | #define HOST_c2l_p(c,l,n) { \ | ||
| 399 | l=0; (c)+=n; \ | ||
| 400 | switch (n) { \ | ||
| 401 | case 3: l =((unsigned long)(*(--(c))))<<16; \ | ||
| 402 | case 2: l|=((unsigned long)(*(--(c))))<< 8; \ | ||
| 403 | case 1: l|=((unsigned long)(*(--(c)))); \ | ||
| 404 | } } | ||
| 405 | #define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ | 269 | #define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ |
| 406 | *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ | 270 | *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ |
| 407 | *((c)++)=(unsigned char)(((l)>>16)&0xff), \ | 271 | *((c)++)=(unsigned char)(((l)>>16)&0xff), \ |
| 408 | *((c)++)=(unsigned char)(((l)>>24)&0xff), \ | 272 | *((c)++)=(unsigned char)(((l)>>24)&0xff), \ |
| 409 | l) | 273 | l) |
| 274 | #endif | ||
| 410 | 275 | ||
| 411 | #endif | 276 | #endif |
| 412 | 277 | ||
| @@ -414,118 +279,60 @@ | |||
| 414 | * Time for some action:-) | 279 | * Time for some action:-) |
| 415 | */ | 280 | */ |
| 416 | 281 | ||
| 417 | int HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len) | 282 | int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len) |
| 418 | { | 283 | { |
| 419 | const unsigned char *data=data_; | 284 | const unsigned char *data=data_; |
| 420 | register HASH_LONG * p; | 285 | unsigned char *p; |
| 421 | register unsigned long l; | 286 | HASH_LONG l; |
| 422 | int sw,sc,ew,ec; | 287 | size_t n; |
| 423 | 288 | ||
| 424 | if (len==0) return 1; | 289 | if (len==0) return 1; |
| 425 | 290 | ||
| 426 | l=(c->Nl+(len<<3))&0xffffffffL; | 291 | l=(c->Nl+(((HASH_LONG)len)<<3))&0xffffffffUL; |
| 427 | /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to | 292 | /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to |
| 428 | * Wei Dai <weidai@eskimo.com> for pointing it out. */ | 293 | * Wei Dai <weidai@eskimo.com> for pointing it out. */ |
| 429 | if (l < c->Nl) /* overflow */ | 294 | if (l < c->Nl) /* overflow */ |
| 430 | c->Nh++; | 295 | c->Nh++; |
| 431 | c->Nh+=(len>>29); | 296 | c->Nh+=(len>>29); /* might cause compiler warning on 16-bit */ |
| 432 | c->Nl=l; | 297 | c->Nl=l; |
| 433 | 298 | ||
| 434 | if (c->num != 0) | 299 | n = c->num; |
| 300 | if (n != 0) | ||
| 435 | { | 301 | { |
| 436 | p=c->data; | 302 | p=(unsigned char *)c->data; |
| 437 | sw=c->num>>2; | ||
| 438 | sc=c->num&0x03; | ||
| 439 | 303 | ||
| 440 | if ((c->num+len) >= HASH_CBLOCK) | 304 | if ((n+len) >= HASH_CBLOCK) |
| 441 | { | 305 | { |
| 442 | l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l; | 306 | memcpy (p+n,data,HASH_CBLOCK-n); |
| 443 | for (; sw<HASH_LBLOCK; sw++) | 307 | HASH_BLOCK_DATA_ORDER (c,p,1); |
| 444 | { | 308 | n = HASH_CBLOCK-n; |
| 445 | HOST_c2l(data,l); p[sw]=l; | 309 | data += n; |
| 446 | } | 310 | len -= n; |
| 447 | HASH_BLOCK_HOST_ORDER (c,p,1); | 311 | c->num = 0; |
| 448 | len-=(HASH_CBLOCK-c->num); | 312 | memset (p,0,HASH_CBLOCK); /* keep it zeroed */ |
| 449 | c->num=0; | ||
| 450 | /* drop through and do the rest */ | ||
| 451 | } | 313 | } |
| 452 | else | 314 | else |
| 453 | { | 315 | { |
| 454 | c->num+=len; | 316 | memcpy (p+n,data,len); |
| 455 | if ((sc+len) < 4) /* ugly, add char's to a word */ | 317 | c->num += (unsigned int)len; |
| 456 | { | ||
| 457 | l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l; | ||
| 458 | } | ||
| 459 | else | ||
| 460 | { | ||
| 461 | ew=(c->num>>2); | ||
| 462 | ec=(c->num&0x03); | ||
| 463 | if (sc) | ||
| 464 | l=p[sw]; | ||
| 465 | HOST_p_c2l(data,l,sc); | ||
| 466 | p[sw++]=l; | ||
| 467 | for (; sw < ew; sw++) | ||
| 468 | { | ||
| 469 | HOST_c2l(data,l); p[sw]=l; | ||
| 470 | } | ||
| 471 | if (ec) | ||
| 472 | { | ||
| 473 | HOST_c2l_p(data,l,ec); p[sw]=l; | ||
| 474 | } | ||
| 475 | } | ||
| 476 | return 1; | 318 | return 1; |
| 477 | } | 319 | } |
| 478 | } | 320 | } |
| 479 | 321 | ||
| 480 | sw=len/HASH_CBLOCK; | 322 | n = len/HASH_CBLOCK; |
| 481 | if (sw > 0) | 323 | if (n > 0) |
| 482 | { | 324 | { |
| 483 | #if defined(HASH_BLOCK_DATA_ORDER_ALIGNED) | 325 | HASH_BLOCK_DATA_ORDER (c,data,n); |
| 484 | /* | 326 | n *= HASH_CBLOCK; |
| 485 | * Note that HASH_BLOCK_DATA_ORDER_ALIGNED gets defined | 327 | data += n; |
| 486 | * only if sizeof(HASH_LONG)==4. | 328 | len -= n; |
| 487 | */ | ||
| 488 | if ((((unsigned long)data)%4) == 0) | ||
| 489 | { | ||
| 490 | /* data is properly aligned so that we can cast it: */ | ||
| 491 | HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,sw); | ||
| 492 | sw*=HASH_CBLOCK; | ||
| 493 | data+=sw; | ||
| 494 | len-=sw; | ||
| 495 | } | ||
| 496 | else | ||
| 497 | #if !defined(HASH_BLOCK_DATA_ORDER) | ||
| 498 | while (sw--) | ||
| 499 | { | ||
| 500 | memcpy (p=c->data,data,HASH_CBLOCK); | ||
| 501 | HASH_BLOCK_DATA_ORDER_ALIGNED(c,p,1); | ||
| 502 | data+=HASH_CBLOCK; | ||
| 503 | len-=HASH_CBLOCK; | ||
| 504 | } | ||
| 505 | #endif | ||
| 506 | #endif | ||
| 507 | #if defined(HASH_BLOCK_DATA_ORDER) | ||
| 508 | { | ||
| 509 | HASH_BLOCK_DATA_ORDER(c,data,sw); | ||
| 510 | sw*=HASH_CBLOCK; | ||
| 511 | data+=sw; | ||
| 512 | len-=sw; | ||
| 513 | } | ||
| 514 | #endif | ||
| 515 | } | 329 | } |
| 516 | 330 | ||
| 517 | if (len!=0) | 331 | if (len != 0) |
| 518 | { | 332 | { |
| 519 | p = c->data; | 333 | p = (unsigned char *)c->data; |
| 520 | c->num = len; | 334 | c->num = len; |
| 521 | ew=len>>2; /* words to copy */ | 335 | memcpy (p,data,len); |
| 522 | ec=len&0x03; | ||
| 523 | for (; ew; ew--,p++) | ||
| 524 | { | ||
| 525 | HOST_c2l(data,l); *p=l; | ||
| 526 | } | ||
| 527 | HOST_c2l_p(data,l,ec); | ||
| 528 | *p=l; | ||
| 529 | } | 336 | } |
| 530 | return 1; | 337 | return 1; |
| 531 | } | 338 | } |
| @@ -533,81 +340,38 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len) | |||
| 533 | 340 | ||
| 534 | void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data) | 341 | void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data) |
| 535 | { | 342 | { |
| 536 | #if defined(HASH_BLOCK_DATA_ORDER_ALIGNED) | ||
| 537 | if ((((unsigned long)data)%4) == 0) | ||
| 538 | /* data is properly aligned so that we can cast it: */ | ||
| 539 | HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,1); | ||
| 540 | else | ||
| 541 | #if !defined(HASH_BLOCK_DATA_ORDER) | ||
| 542 | { | ||
| 543 | memcpy (c->data,data,HASH_CBLOCK); | ||
| 544 | HASH_BLOCK_DATA_ORDER_ALIGNED (c,c->data,1); | ||
| 545 | } | ||
| 546 | #endif | ||
| 547 | #endif | ||
| 548 | #if defined(HASH_BLOCK_DATA_ORDER) | ||
| 549 | HASH_BLOCK_DATA_ORDER (c,data,1); | 343 | HASH_BLOCK_DATA_ORDER (c,data,1); |
| 550 | #endif | ||
| 551 | } | 344 | } |
| 552 | 345 | ||
| 553 | 346 | ||
| 554 | int HASH_FINAL (unsigned char *md, HASH_CTX *c) | 347 | int HASH_FINAL (unsigned char *md, HASH_CTX *c) |
| 555 | { | 348 | { |
| 556 | register HASH_LONG *p; | 349 | unsigned char *p = (unsigned char *)c->data; |
| 557 | register unsigned long l; | 350 | size_t n = c->num; |
| 558 | register int i,j; | ||
| 559 | static const unsigned char end[4]={0x80,0x00,0x00,0x00}; | ||
| 560 | const unsigned char *cp=end; | ||
| 561 | |||
| 562 | #if 0 | ||
| 563 | if(FIPS_mode() && !FIPS_md5_allowed()) | ||
| 564 | { | ||
| 565 | FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); | ||
| 566 | return 0; | ||
| 567 | } | ||
| 568 | #endif | ||
| 569 | 351 | ||
| 570 | /* c->num should definitly have room for at least one more byte. */ | 352 | p[n] = 0x80; /* there is always room for one */ |
| 571 | p=c->data; | 353 | n++; |
| 572 | i=c->num>>2; | ||
| 573 | j=c->num&0x03; | ||
| 574 | |||
| 575 | #if 0 | ||
| 576 | /* purify often complains about the following line as an | ||
| 577 | * Uninitialized Memory Read. While this can be true, the | ||
| 578 | * following p_c2l macro will reset l when that case is true. | ||
| 579 | * This is because j&0x03 contains the number of 'valid' bytes | ||
| 580 | * already in p[i]. If and only if j&0x03 == 0, the UMR will | ||
| 581 | * occur but this is also the only time p_c2l will do | ||
| 582 | * l= *(cp++) instead of l|= *(cp++) | ||
| 583 | * Many thanks to Alex Tang <altitude@cic.net> for pickup this | ||
| 584 | * 'potential bug' */ | ||
| 585 | #ifdef PURIFY | ||
| 586 | if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */ | ||
| 587 | #endif | ||
| 588 | l=p[i]; | ||
| 589 | #else | ||
| 590 | l = (j==0) ? 0 : p[i]; | ||
| 591 | #endif | ||
| 592 | HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */ | ||
| 593 | 354 | ||
| 594 | if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */ | 355 | if (n > (HASH_CBLOCK-8)) |
| 595 | { | 356 | { |
| 596 | if (i<HASH_LBLOCK) p[i]=0; | 357 | memset (p+n,0,HASH_CBLOCK-n); |
| 597 | HASH_BLOCK_HOST_ORDER (c,p,1); | 358 | n=0; |
| 598 | i=0; | 359 | HASH_BLOCK_DATA_ORDER (c,p,1); |
| 599 | } | 360 | } |
| 600 | for (; i<(HASH_LBLOCK-2); i++) | 361 | memset (p+n,0,HASH_CBLOCK-8-n); |
| 601 | p[i]=0; | ||
| 602 | 362 | ||
| 363 | p += HASH_CBLOCK-8; | ||
| 603 | #if defined(DATA_ORDER_IS_BIG_ENDIAN) | 364 | #if defined(DATA_ORDER_IS_BIG_ENDIAN) |
| 604 | p[HASH_LBLOCK-2]=c->Nh; | 365 | (void)HOST_l2c(c->Nh,p); |
| 605 | p[HASH_LBLOCK-1]=c->Nl; | 366 | (void)HOST_l2c(c->Nl,p); |
| 606 | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) | 367 | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) |
| 607 | p[HASH_LBLOCK-2]=c->Nl; | 368 | (void)HOST_l2c(c->Nl,p); |
| 608 | p[HASH_LBLOCK-1]=c->Nh; | 369 | (void)HOST_l2c(c->Nh,p); |
| 609 | #endif | 370 | #endif |
| 610 | HASH_BLOCK_HOST_ORDER (c,p,1); | 371 | p -= HASH_CBLOCK; |
| 372 | HASH_BLOCK_DATA_ORDER (c,p,1); | ||
| 373 | c->num=0; | ||
| 374 | memset (p,0,HASH_CBLOCK); | ||
| 611 | 375 | ||
| 612 | #ifndef HASH_MAKE_STRING | 376 | #ifndef HASH_MAKE_STRING |
| 613 | #error "HASH_MAKE_STRING must be defined!" | 377 | #error "HASH_MAKE_STRING must be defined!" |
| @@ -615,11 +379,6 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c) | |||
| 615 | HASH_MAKE_STRING(c,md); | 379 | HASH_MAKE_STRING(c,md); |
| 616 | #endif | 380 | #endif |
| 617 | 381 | ||
| 618 | c->num=0; | ||
| 619 | /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack | ||
| 620 | * but I'm not worried :-) | ||
| 621 | OPENSSL_cleanse((void *)c,sizeof(HASH_CTX)); | ||
| 622 | */ | ||
| 623 | return 1; | 382 | return 1; |
| 624 | } | 383 | } |
| 625 | 384 | ||
diff --git a/src/lib/libcrypto/md4/md4.h b/src/lib/libcrypto/md4/md4.h index 7e761efb62..5598c93a4f 100644 --- a/src/lib/libcrypto/md4/md4.h +++ b/src/lib/libcrypto/md4/md4.h | |||
| @@ -60,6 +60,7 @@ | |||
| 60 | #define HEADER_MD4_H | 60 | #define HEADER_MD4_H |
| 61 | 61 | ||
| 62 | #include <openssl/e_os2.h> | 62 | #include <openssl/e_os2.h> |
| 63 | #include <stddef.h> | ||
| 63 | 64 | ||
| 64 | #ifdef __cplusplus | 65 | #ifdef __cplusplus |
| 65 | extern "C" { | 66 | extern "C" { |
| @@ -101,16 +102,13 @@ typedef struct MD4state_st | |||
| 101 | MD4_LONG A,B,C,D; | 102 | MD4_LONG A,B,C,D; |
| 102 | MD4_LONG Nl,Nh; | 103 | MD4_LONG Nl,Nh; |
| 103 | MD4_LONG data[MD4_LBLOCK]; | 104 | MD4_LONG data[MD4_LBLOCK]; |
| 104 | int num; | 105 | unsigned int num; |
| 105 | } MD4_CTX; | 106 | } MD4_CTX; |
| 106 | 107 | ||
| 107 | #ifdef OPENSSL_FIPS | ||
| 108 | int private_MD4_Init(MD4_CTX *c); | ||
| 109 | #endif | ||
| 110 | int MD4_Init(MD4_CTX *c); | 108 | int MD4_Init(MD4_CTX *c); |
| 111 | int MD4_Update(MD4_CTX *c, const void *data, unsigned long len); | 109 | int MD4_Update(MD4_CTX *c, const void *data, size_t len); |
| 112 | int MD4_Final(unsigned char *md, MD4_CTX *c); | 110 | int MD4_Final(unsigned char *md, MD4_CTX *c); |
| 113 | unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md); | 111 | unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md); |
| 114 | void MD4_Transform(MD4_CTX *c, const unsigned char *b); | 112 | void MD4_Transform(MD4_CTX *c, const unsigned char *b); |
| 115 | #ifdef __cplusplus | 113 | #ifdef __cplusplus |
| 116 | } | 114 | } |
diff --git a/src/lib/libcrypto/md4/md4_dgst.c b/src/lib/libcrypto/md4/md4_dgst.c index ee7cc72262..cfef94af39 100644 --- a/src/lib/libcrypto/md4/md4_dgst.c +++ b/src/lib/libcrypto/md4/md4_dgst.c | |||
| @@ -60,7 +60,7 @@ | |||
| 60 | #include "md4_locl.h" | 60 | #include "md4_locl.h" |
| 61 | #include <openssl/opensslv.h> | 61 | #include <openssl/opensslv.h> |
| 62 | 62 | ||
| 63 | const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT; | 63 | const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT; |
| 64 | 64 | ||
| 65 | /* Implemented from RFC1186 The MD4 Message-Digest Algorithm | 65 | /* Implemented from RFC1186 The MD4 Message-Digest Algorithm |
| 66 | */ | 66 | */ |
| @@ -70,7 +70,7 @@ const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT; | |||
| 70 | #define INIT_DATA_C (unsigned long)0x98badcfeL | 70 | #define INIT_DATA_C (unsigned long)0x98badcfeL |
| 71 | #define INIT_DATA_D (unsigned long)0x10325476L | 71 | #define INIT_DATA_D (unsigned long)0x10325476L |
| 72 | 72 | ||
| 73 | FIPS_NON_FIPS_MD_Init(MD4) | 73 | int MD4_Init(MD4_CTX *c) |
| 74 | { | 74 | { |
| 75 | c->A=INIT_DATA_A; | 75 | c->A=INIT_DATA_A; |
| 76 | c->B=INIT_DATA_B; | 76 | c->B=INIT_DATA_B; |
| @@ -82,84 +82,11 @@ FIPS_NON_FIPS_MD_Init(MD4) | |||
| 82 | return 1; | 82 | return 1; |
| 83 | } | 83 | } |
| 84 | 84 | ||
| 85 | #ifndef md4_block_host_order | ||
| 86 | void md4_block_host_order (MD4_CTX *c, const void *data, int num) | ||
| 87 | { | ||
| 88 | const MD4_LONG *X=data; | ||
| 89 | register unsigned MD32_REG_T A,B,C,D; | ||
| 90 | |||
| 91 | A=c->A; | ||
| 92 | B=c->B; | ||
| 93 | C=c->C; | ||
| 94 | D=c->D; | ||
| 95 | |||
| 96 | for (;num--;X+=HASH_LBLOCK) | ||
| 97 | { | ||
| 98 | /* Round 0 */ | ||
| 99 | R0(A,B,C,D,X[ 0], 3,0); | ||
| 100 | R0(D,A,B,C,X[ 1], 7,0); | ||
| 101 | R0(C,D,A,B,X[ 2],11,0); | ||
| 102 | R0(B,C,D,A,X[ 3],19,0); | ||
| 103 | R0(A,B,C,D,X[ 4], 3,0); | ||
| 104 | R0(D,A,B,C,X[ 5], 7,0); | ||
| 105 | R0(C,D,A,B,X[ 6],11,0); | ||
| 106 | R0(B,C,D,A,X[ 7],19,0); | ||
| 107 | R0(A,B,C,D,X[ 8], 3,0); | ||
| 108 | R0(D,A,B,C,X[ 9], 7,0); | ||
| 109 | R0(C,D,A,B,X[10],11,0); | ||
| 110 | R0(B,C,D,A,X[11],19,0); | ||
| 111 | R0(A,B,C,D,X[12], 3,0); | ||
| 112 | R0(D,A,B,C,X[13], 7,0); | ||
| 113 | R0(C,D,A,B,X[14],11,0); | ||
| 114 | R0(B,C,D,A,X[15],19,0); | ||
| 115 | /* Round 1 */ | ||
| 116 | R1(A,B,C,D,X[ 0], 3,0x5A827999L); | ||
| 117 | R1(D,A,B,C,X[ 4], 5,0x5A827999L); | ||
| 118 | R1(C,D,A,B,X[ 8], 9,0x5A827999L); | ||
| 119 | R1(B,C,D,A,X[12],13,0x5A827999L); | ||
| 120 | R1(A,B,C,D,X[ 1], 3,0x5A827999L); | ||
| 121 | R1(D,A,B,C,X[ 5], 5,0x5A827999L); | ||
| 122 | R1(C,D,A,B,X[ 9], 9,0x5A827999L); | ||
| 123 | R1(B,C,D,A,X[13],13,0x5A827999L); | ||
| 124 | R1(A,B,C,D,X[ 2], 3,0x5A827999L); | ||
| 125 | R1(D,A,B,C,X[ 6], 5,0x5A827999L); | ||
| 126 | R1(C,D,A,B,X[10], 9,0x5A827999L); | ||
| 127 | R1(B,C,D,A,X[14],13,0x5A827999L); | ||
| 128 | R1(A,B,C,D,X[ 3], 3,0x5A827999L); | ||
| 129 | R1(D,A,B,C,X[ 7], 5,0x5A827999L); | ||
| 130 | R1(C,D,A,B,X[11], 9,0x5A827999L); | ||
| 131 | R1(B,C,D,A,X[15],13,0x5A827999L); | ||
| 132 | /* Round 2 */ | ||
| 133 | R2(A,B,C,D,X[ 0], 3,0x6ED9EBA1); | ||
| 134 | R2(D,A,B,C,X[ 8], 9,0x6ED9EBA1); | ||
| 135 | R2(C,D,A,B,X[ 4],11,0x6ED9EBA1); | ||
| 136 | R2(B,C,D,A,X[12],15,0x6ED9EBA1); | ||
| 137 | R2(A,B,C,D,X[ 2], 3,0x6ED9EBA1); | ||
| 138 | R2(D,A,B,C,X[10], 9,0x6ED9EBA1); | ||
| 139 | R2(C,D,A,B,X[ 6],11,0x6ED9EBA1); | ||
| 140 | R2(B,C,D,A,X[14],15,0x6ED9EBA1); | ||
| 141 | R2(A,B,C,D,X[ 1], 3,0x6ED9EBA1); | ||
| 142 | R2(D,A,B,C,X[ 9], 9,0x6ED9EBA1); | ||
| 143 | R2(C,D,A,B,X[ 5],11,0x6ED9EBA1); | ||
| 144 | R2(B,C,D,A,X[13],15,0x6ED9EBA1); | ||
| 145 | R2(A,B,C,D,X[ 3], 3,0x6ED9EBA1); | ||
| 146 | R2(D,A,B,C,X[11], 9,0x6ED9EBA1); | ||
| 147 | R2(C,D,A,B,X[ 7],11,0x6ED9EBA1); | ||
| 148 | R2(B,C,D,A,X[15],15,0x6ED9EBA1); | ||
| 149 | |||
| 150 | A = c->A += A; | ||
| 151 | B = c->B += B; | ||
| 152 | C = c->C += C; | ||
| 153 | D = c->D += D; | ||
| 154 | } | ||
| 155 | } | ||
| 156 | #endif | ||
| 157 | |||
| 158 | #ifndef md4_block_data_order | 85 | #ifndef md4_block_data_order |
| 159 | #ifdef X | 86 | #ifdef X |
| 160 | #undef X | 87 | #undef X |
| 161 | #endif | 88 | #endif |
| 162 | void md4_block_data_order (MD4_CTX *c, const void *data_, int num) | 89 | void md4_block_data_order (MD4_CTX *c, const void *data_, size_t num) |
| 163 | { | 90 | { |
| 164 | const unsigned char *data=data_; | 91 | const unsigned char *data=data_; |
| 165 | register unsigned MD32_REG_T A,B,C,D,l; | 92 | register unsigned MD32_REG_T A,B,C,D,l; |
| @@ -240,19 +167,3 @@ void md4_block_data_order (MD4_CTX *c, const void *data_, int num) | |||
| 240 | } | 167 | } |
| 241 | } | 168 | } |
| 242 | #endif | 169 | #endif |
| 243 | |||
| 244 | #ifdef undef | ||
| 245 | int printit(unsigned long *l) | ||
| 246 | { | ||
| 247 | int i,ii; | ||
| 248 | |||
| 249 | for (i=0; i<2; i++) | ||
| 250 | { | ||
| 251 | for (ii=0; ii<8; ii++) | ||
| 252 | { | ||
| 253 | fprintf(stderr,"%08lx ",l[i*8+ii]); | ||
| 254 | } | ||
| 255 | fprintf(stderr,"\n"); | ||
| 256 | } | ||
| 257 | } | ||
| 258 | #endif | ||
diff --git a/src/lib/libcrypto/md4/md4_locl.h b/src/lib/libcrypto/md4/md4_locl.h index a8d31d7a73..c8085b0ead 100644 --- a/src/lib/libcrypto/md4/md4_locl.h +++ b/src/lib/libcrypto/md4/md4_locl.h | |||
| @@ -65,41 +65,13 @@ | |||
| 65 | #define MD4_LONG_LOG2 2 /* default to 32 bits */ | 65 | #define MD4_LONG_LOG2 2 /* default to 32 bits */ |
| 66 | #endif | 66 | #endif |
| 67 | 67 | ||
| 68 | void md4_block_host_order (MD4_CTX *c, const void *p,int num); | 68 | void md4_block_data_order (MD4_CTX *c, const void *p,size_t num); |
| 69 | void md4_block_data_order (MD4_CTX *c, const void *p,int num); | ||
| 70 | |||
| 71 | #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) | ||
| 72 | /* | ||
| 73 | * *_block_host_order is expected to handle aligned data while | ||
| 74 | * *_block_data_order - unaligned. As algorithm and host (x86) | ||
| 75 | * are in this case of the same "endianness" these two are | ||
| 76 | * otherwise indistinguishable. But normally you don't want to | ||
| 77 | * call the same function because unaligned access in places | ||
| 78 | * where alignment is expected is usually a "Bad Thing". Indeed, | ||
| 79 | * on RISCs you get punished with BUS ERROR signal or *severe* | ||
| 80 | * performance degradation. Intel CPUs are in turn perfectly | ||
| 81 | * capable of loading unaligned data without such drastic side | ||
| 82 | * effect. Yes, they say it's slower than aligned load, but no | ||
| 83 | * exception is generated and therefore performance degradation | ||
| 84 | * is *incomparable* with RISCs. What we should weight here is | ||
| 85 | * costs of unaligned access against costs of aligning data. | ||
| 86 | * According to my measurements allowing unaligned access results | ||
| 87 | * in ~9% performance improvement on Pentium II operating at | ||
| 88 | * 266MHz. I won't be surprised if the difference will be higher | ||
| 89 | * on faster systems:-) | ||
| 90 | * | ||
| 91 | * <appro@fy.chalmers.se> | ||
| 92 | */ | ||
| 93 | #define md4_block_data_order md4_block_host_order | ||
| 94 | #endif | ||
| 95 | 69 | ||
| 96 | #define DATA_ORDER_IS_LITTLE_ENDIAN | 70 | #define DATA_ORDER_IS_LITTLE_ENDIAN |
| 97 | 71 | ||
| 98 | #define HASH_LONG MD4_LONG | 72 | #define HASH_LONG MD4_LONG |
| 99 | #define HASH_LONG_LOG2 MD4_LONG_LOG2 | ||
| 100 | #define HASH_CTX MD4_CTX | 73 | #define HASH_CTX MD4_CTX |
| 101 | #define HASH_CBLOCK MD4_CBLOCK | 74 | #define HASH_CBLOCK MD4_CBLOCK |
| 102 | #define HASH_LBLOCK MD4_LBLOCK | ||
| 103 | #define HASH_UPDATE MD4_Update | 75 | #define HASH_UPDATE MD4_Update |
| 104 | #define HASH_TRANSFORM MD4_Transform | 76 | #define HASH_TRANSFORM MD4_Transform |
| 105 | #define HASH_FINAL MD4_Final | 77 | #define HASH_FINAL MD4_Final |
| @@ -110,21 +82,7 @@ void md4_block_data_order (MD4_CTX *c, const void *p,int num); | |||
| 110 | ll=(c)->C; HOST_l2c(ll,(s)); \ | 82 | ll=(c)->C; HOST_l2c(ll,(s)); \ |
| 111 | ll=(c)->D; HOST_l2c(ll,(s)); \ | 83 | ll=(c)->D; HOST_l2c(ll,(s)); \ |
| 112 | } while (0) | 84 | } while (0) |
| 113 | #define HASH_BLOCK_HOST_ORDER md4_block_host_order | ||
| 114 | #if !defined(L_ENDIAN) || defined(md4_block_data_order) | ||
| 115 | #define HASH_BLOCK_DATA_ORDER md4_block_data_order | 85 | #define HASH_BLOCK_DATA_ORDER md4_block_data_order |
| 116 | /* | ||
| 117 | * Little-endians (Intel and Alpha) feel better without this. | ||
| 118 | * It looks like memcpy does better job than generic | ||
| 119 | * md4_block_data_order on copying-n-aligning input data. | ||
| 120 | * But frankly speaking I didn't expect such result on Alpha. | ||
| 121 | * On the other hand I've got this with egcs-1.0.2 and if | ||
| 122 | * program is compiled with another (better?) compiler it | ||
| 123 | * might turn out other way around. | ||
| 124 | * | ||
| 125 | * <appro@fy.chalmers.se> | ||
| 126 | */ | ||
| 127 | #endif | ||
| 128 | 86 | ||
| 129 | #include "md32_common.h" | 87 | #include "md32_common.h" |
| 130 | 88 | ||
diff --git a/src/lib/libcrypto/md4/md4_one.c b/src/lib/libcrypto/md4/md4_one.c index 50f79352f6..bb64362638 100644 --- a/src/lib/libcrypto/md4/md4_one.c +++ b/src/lib/libcrypto/md4/md4_one.c | |||
| @@ -65,7 +65,7 @@ | |||
| 65 | #include <openssl/ebcdic.h> | 65 | #include <openssl/ebcdic.h> |
| 66 | #endif | 66 | #endif |
| 67 | 67 | ||
| 68 | unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md) | 68 | unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md) |
| 69 | { | 69 | { |
| 70 | MD4_CTX c; | 70 | MD4_CTX c; |
| 71 | static unsigned char m[MD4_DIGEST_LENGTH]; | 71 | static unsigned char m[MD4_DIGEST_LENGTH]; |
diff --git a/src/lib/libcrypto/md4/md4test.c b/src/lib/libcrypto/md4/md4test.c index 21a77d96f7..56591728a1 100644 --- a/src/lib/libcrypto/md4/md4test.c +++ b/src/lib/libcrypto/md4/md4test.c | |||
| @@ -97,16 +97,16 @@ static char *pt(unsigned char *md); | |||
| 97 | int main(int argc, char *argv[]) | 97 | int main(int argc, char *argv[]) |
| 98 | { | 98 | { |
| 99 | int i,err=0; | 99 | int i,err=0; |
| 100 | unsigned char **P,**R; | 100 | char **P,**R; |
| 101 | char *p; | 101 | char *p; |
| 102 | unsigned char md[MD4_DIGEST_LENGTH]; | 102 | unsigned char md[MD4_DIGEST_LENGTH]; |
| 103 | 103 | ||
| 104 | P=(unsigned char **)test; | 104 | P=test; |
| 105 | R=(unsigned char **)ret; | 105 | R=ret; |
| 106 | i=1; | 106 | i=1; |
| 107 | while (*P != NULL) | 107 | while (*P != NULL) |
| 108 | { | 108 | { |
| 109 | EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL); | 109 | EVP_Digest(&(P[0][0]),strlen((char *)*P),md,NULL,EVP_md4(), NULL); |
| 110 | p=pt(md); | 110 | p=pt(md); |
| 111 | if (strcmp(p,(char *)*R) != 0) | 111 | if (strcmp(p,(char *)*R) != 0) |
| 112 | { | 112 | { |
diff --git a/src/lib/libcrypto/md5/asm/md5-586.pl b/src/lib/libcrypto/md5/asm/md5-586.pl index fa3fa3bed5..76ac235f7d 100644 --- a/src/lib/libcrypto/md5/asm/md5-586.pl +++ b/src/lib/libcrypto/md5/asm/md5-586.pl | |||
| @@ -29,7 +29,7 @@ $X="esi"; | |||
| 29 | 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9, # R3 | 29 | 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9, # R3 |
| 30 | ); | 30 | ); |
| 31 | 31 | ||
| 32 | &md5_block("md5_block_asm_host_order"); | 32 | &md5_block("md5_block_asm_data_order"); |
| 33 | &asm_finish(); | 33 | &asm_finish(); |
| 34 | 34 | ||
| 35 | sub Np | 35 | sub Np |
diff --git a/src/lib/libcrypto/md5/md5.h b/src/lib/libcrypto/md5/md5.h index c663dd1816..dbdc0e1abc 100644 --- a/src/lib/libcrypto/md5/md5.h +++ b/src/lib/libcrypto/md5/md5.h | |||
| @@ -60,6 +60,7 @@ | |||
| 60 | #define HEADER_MD5_H | 60 | #define HEADER_MD5_H |
| 61 | 61 | ||
| 62 | #include <openssl/e_os2.h> | 62 | #include <openssl/e_os2.h> |
| 63 | #include <stddef.h> | ||
| 63 | 64 | ||
| 64 | #ifdef __cplusplus | 65 | #ifdef __cplusplus |
| 65 | extern "C" { | 66 | extern "C" { |
| @@ -101,16 +102,13 @@ typedef struct MD5state_st | |||
| 101 | MD5_LONG A,B,C,D; | 102 | MD5_LONG A,B,C,D; |
| 102 | MD5_LONG Nl,Nh; | 103 | MD5_LONG Nl,Nh; |
| 103 | MD5_LONG data[MD5_LBLOCK]; | 104 | MD5_LONG data[MD5_LBLOCK]; |
| 104 | int num; | 105 | unsigned int num; |
| 105 | } MD5_CTX; | 106 | } MD5_CTX; |
| 106 | 107 | ||
| 107 | #ifdef OPENSSL_FIPS | ||
| 108 | int private_MD5_Init(MD5_CTX *c); | ||
| 109 | #endif | ||
| 110 | int MD5_Init(MD5_CTX *c); | 108 | int MD5_Init(MD5_CTX *c); |
| 111 | int MD5_Update(MD5_CTX *c, const void *data, unsigned long len); | 109 | int MD5_Update(MD5_CTX *c, const void *data, size_t len); |
| 112 | int MD5_Final(unsigned char *md, MD5_CTX *c); | 110 | int MD5_Final(unsigned char *md, MD5_CTX *c); |
| 113 | unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md); | 111 | unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md); |
| 114 | void MD5_Transform(MD5_CTX *c, const unsigned char *b); | 112 | void MD5_Transform(MD5_CTX *c, const unsigned char *b); |
| 115 | #ifdef __cplusplus | 113 | #ifdef __cplusplus |
| 116 | } | 114 | } |
diff --git a/src/lib/libcrypto/md5/md5_dgst.c b/src/lib/libcrypto/md5/md5_dgst.c index 54b33c6509..b96e332ba4 100644 --- a/src/lib/libcrypto/md5/md5_dgst.c +++ b/src/lib/libcrypto/md5/md5_dgst.c | |||
| @@ -60,7 +60,7 @@ | |||
| 60 | #include "md5_locl.h" | 60 | #include "md5_locl.h" |
| 61 | #include <openssl/opensslv.h> | 61 | #include <openssl/opensslv.h> |
| 62 | 62 | ||
| 63 | const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT; | 63 | const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT; |
| 64 | 64 | ||
| 65 | /* Implemented from RFC1321 The MD5 Message-Digest Algorithm | 65 | /* Implemented from RFC1321 The MD5 Message-Digest Algorithm |
| 66 | */ | 66 | */ |
| @@ -70,7 +70,7 @@ const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT; | |||
| 70 | #define INIT_DATA_C (unsigned long)0x98badcfeL | 70 | #define INIT_DATA_C (unsigned long)0x98badcfeL |
| 71 | #define INIT_DATA_D (unsigned long)0x10325476L | 71 | #define INIT_DATA_D (unsigned long)0x10325476L |
| 72 | 72 | ||
| 73 | FIPS_NON_FIPS_MD_Init(MD5) | 73 | int MD5_Init(MD5_CTX *c) |
| 74 | { | 74 | { |
| 75 | c->A=INIT_DATA_A; | 75 | c->A=INIT_DATA_A; |
| 76 | c->B=INIT_DATA_B; | 76 | c->B=INIT_DATA_B; |
| @@ -82,101 +82,11 @@ FIPS_NON_FIPS_MD_Init(MD5) | |||
| 82 | return 1; | 82 | return 1; |
| 83 | } | 83 | } |
| 84 | 84 | ||
| 85 | #ifndef md5_block_host_order | ||
| 86 | void md5_block_host_order (MD5_CTX *c, const void *data, int num) | ||
| 87 | { | ||
| 88 | const MD5_LONG *X=data; | ||
| 89 | register unsigned MD32_REG_T A,B,C,D; | ||
| 90 | |||
| 91 | A=c->A; | ||
| 92 | B=c->B; | ||
| 93 | C=c->C; | ||
| 94 | D=c->D; | ||
| 95 | |||
| 96 | for (;num--;X+=HASH_LBLOCK) | ||
| 97 | { | ||
| 98 | /* Round 0 */ | ||
| 99 | R0(A,B,C,D,X[ 0], 7,0xd76aa478L); | ||
| 100 | R0(D,A,B,C,X[ 1],12,0xe8c7b756L); | ||
| 101 | R0(C,D,A,B,X[ 2],17,0x242070dbL); | ||
| 102 | R0(B,C,D,A,X[ 3],22,0xc1bdceeeL); | ||
| 103 | R0(A,B,C,D,X[ 4], 7,0xf57c0fafL); | ||
| 104 | R0(D,A,B,C,X[ 5],12,0x4787c62aL); | ||
| 105 | R0(C,D,A,B,X[ 6],17,0xa8304613L); | ||
| 106 | R0(B,C,D,A,X[ 7],22,0xfd469501L); | ||
| 107 | R0(A,B,C,D,X[ 8], 7,0x698098d8L); | ||
| 108 | R0(D,A,B,C,X[ 9],12,0x8b44f7afL); | ||
| 109 | R0(C,D,A,B,X[10],17,0xffff5bb1L); | ||
| 110 | R0(B,C,D,A,X[11],22,0x895cd7beL); | ||
| 111 | R0(A,B,C,D,X[12], 7,0x6b901122L); | ||
| 112 | R0(D,A,B,C,X[13],12,0xfd987193L); | ||
| 113 | R0(C,D,A,B,X[14],17,0xa679438eL); | ||
| 114 | R0(B,C,D,A,X[15],22,0x49b40821L); | ||
| 115 | /* Round 1 */ | ||
| 116 | R1(A,B,C,D,X[ 1], 5,0xf61e2562L); | ||
| 117 | R1(D,A,B,C,X[ 6], 9,0xc040b340L); | ||
| 118 | R1(C,D,A,B,X[11],14,0x265e5a51L); | ||
| 119 | R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL); | ||
| 120 | R1(A,B,C,D,X[ 5], 5,0xd62f105dL); | ||
| 121 | R1(D,A,B,C,X[10], 9,0x02441453L); | ||
| 122 | R1(C,D,A,B,X[15],14,0xd8a1e681L); | ||
| 123 | R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L); | ||
| 124 | R1(A,B,C,D,X[ 9], 5,0x21e1cde6L); | ||
| 125 | R1(D,A,B,C,X[14], 9,0xc33707d6L); | ||
| 126 | R1(C,D,A,B,X[ 3],14,0xf4d50d87L); | ||
| 127 | R1(B,C,D,A,X[ 8],20,0x455a14edL); | ||
| 128 | R1(A,B,C,D,X[13], 5,0xa9e3e905L); | ||
| 129 | R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L); | ||
| 130 | R1(C,D,A,B,X[ 7],14,0x676f02d9L); | ||
| 131 | R1(B,C,D,A,X[12],20,0x8d2a4c8aL); | ||
| 132 | /* Round 2 */ | ||
| 133 | R2(A,B,C,D,X[ 5], 4,0xfffa3942L); | ||
| 134 | R2(D,A,B,C,X[ 8],11,0x8771f681L); | ||
| 135 | R2(C,D,A,B,X[11],16,0x6d9d6122L); | ||
| 136 | R2(B,C,D,A,X[14],23,0xfde5380cL); | ||
| 137 | R2(A,B,C,D,X[ 1], 4,0xa4beea44L); | ||
| 138 | R2(D,A,B,C,X[ 4],11,0x4bdecfa9L); | ||
| 139 | R2(C,D,A,B,X[ 7],16,0xf6bb4b60L); | ||
| 140 | R2(B,C,D,A,X[10],23,0xbebfbc70L); | ||
| 141 | R2(A,B,C,D,X[13], 4,0x289b7ec6L); | ||
| 142 | R2(D,A,B,C,X[ 0],11,0xeaa127faL); | ||
| 143 | R2(C,D,A,B,X[ 3],16,0xd4ef3085L); | ||
| 144 | R2(B,C,D,A,X[ 6],23,0x04881d05L); | ||
| 145 | R2(A,B,C,D,X[ 9], 4,0xd9d4d039L); | ||
| 146 | R2(D,A,B,C,X[12],11,0xe6db99e5L); | ||
| 147 | R2(C,D,A,B,X[15],16,0x1fa27cf8L); | ||
| 148 | R2(B,C,D,A,X[ 2],23,0xc4ac5665L); | ||
| 149 | /* Round 3 */ | ||
| 150 | R3(A,B,C,D,X[ 0], 6,0xf4292244L); | ||
| 151 | R3(D,A,B,C,X[ 7],10,0x432aff97L); | ||
| 152 | R3(C,D,A,B,X[14],15,0xab9423a7L); | ||
| 153 | R3(B,C,D,A,X[ 5],21,0xfc93a039L); | ||
| 154 | R3(A,B,C,D,X[12], 6,0x655b59c3L); | ||
| 155 | R3(D,A,B,C,X[ 3],10,0x8f0ccc92L); | ||
| 156 | R3(C,D,A,B,X[10],15,0xffeff47dL); | ||
| 157 | R3(B,C,D,A,X[ 1],21,0x85845dd1L); | ||
| 158 | R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL); | ||
| 159 | R3(D,A,B,C,X[15],10,0xfe2ce6e0L); | ||
| 160 | R3(C,D,A,B,X[ 6],15,0xa3014314L); | ||
| 161 | R3(B,C,D,A,X[13],21,0x4e0811a1L); | ||
| 162 | R3(A,B,C,D,X[ 4], 6,0xf7537e82L); | ||
| 163 | R3(D,A,B,C,X[11],10,0xbd3af235L); | ||
| 164 | R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL); | ||
| 165 | R3(B,C,D,A,X[ 9],21,0xeb86d391L); | ||
| 166 | |||
| 167 | A = c->A += A; | ||
| 168 | B = c->B += B; | ||
| 169 | C = c->C += C; | ||
| 170 | D = c->D += D; | ||
| 171 | } | ||
| 172 | } | ||
| 173 | #endif | ||
| 174 | |||
| 175 | #ifndef md5_block_data_order | 85 | #ifndef md5_block_data_order |
| 176 | #ifdef X | 86 | #ifdef X |
| 177 | #undef X | 87 | #undef X |
| 178 | #endif | 88 | #endif |
| 179 | void md5_block_data_order (MD5_CTX *c, const void *data_, int num) | 89 | void md5_block_data_order (MD5_CTX *c, const void *data_, size_t num) |
| 180 | { | 90 | { |
| 181 | const unsigned char *data=data_; | 91 | const unsigned char *data=data_; |
| 182 | register unsigned MD32_REG_T A,B,C,D,l; | 92 | register unsigned MD32_REG_T A,B,C,D,l; |
| @@ -274,19 +184,3 @@ void md5_block_data_order (MD5_CTX *c, const void *data_, int num) | |||
| 274 | } | 184 | } |
| 275 | } | 185 | } |
| 276 | #endif | 186 | #endif |
| 277 | |||
| 278 | #ifdef undef | ||
| 279 | int printit(unsigned long *l) | ||
| 280 | { | ||
| 281 | int i,ii; | ||
| 282 | |||
| 283 | for (i=0; i<2; i++) | ||
| 284 | { | ||
| 285 | for (ii=0; ii<8; ii++) | ||
| 286 | { | ||
| 287 | fprintf(stderr,"%08lx ",l[i*8+ii]); | ||
| 288 | } | ||
| 289 | fprintf(stderr,"\n"); | ||
| 290 | } | ||
| 291 | } | ||
| 292 | #endif | ||
diff --git a/src/lib/libcrypto/md5/md5_locl.h b/src/lib/libcrypto/md5/md5_locl.h index 9e360da732..84e81b960d 100644 --- a/src/lib/libcrypto/md5/md5_locl.h +++ b/src/lib/libcrypto/md5/md5_locl.h | |||
| @@ -66,49 +66,19 @@ | |||
| 66 | #endif | 66 | #endif |
| 67 | 67 | ||
| 68 | #ifdef MD5_ASM | 68 | #ifdef MD5_ASM |
| 69 | # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) | 69 | # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || \ |
| 70 | # define md5_block_host_order md5_block_asm_host_order | 70 | defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64) |
| 71 | # elif defined(__sparc) && defined(OPENSSL_SYS_ULTRASPARC) | 71 | # define md5_block_data_order md5_block_asm_data_order |
| 72 | void md5_block_asm_data_order_aligned (MD5_CTX *c, const MD5_LONG *p,int num); | ||
| 73 | # define HASH_BLOCK_DATA_ORDER_ALIGNED md5_block_asm_data_order_aligned | ||
| 74 | # endif | 72 | # endif |
| 75 | #endif | 73 | #endif |
| 76 | 74 | ||
| 77 | void md5_block_host_order (MD5_CTX *c, const void *p,int num); | 75 | void md5_block_data_order (MD5_CTX *c, const void *p,size_t num); |
| 78 | void md5_block_data_order (MD5_CTX *c, const void *p,int num); | ||
| 79 | |||
| 80 | #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) | ||
| 81 | /* | ||
| 82 | * *_block_host_order is expected to handle aligned data while | ||
| 83 | * *_block_data_order - unaligned. As algorithm and host (x86) | ||
| 84 | * are in this case of the same "endianness" these two are | ||
| 85 | * otherwise indistinguishable. But normally you don't want to | ||
| 86 | * call the same function because unaligned access in places | ||
| 87 | * where alignment is expected is usually a "Bad Thing". Indeed, | ||
| 88 | * on RISCs you get punished with BUS ERROR signal or *severe* | ||
| 89 | * performance degradation. Intel CPUs are in turn perfectly | ||
| 90 | * capable of loading unaligned data without such drastic side | ||
| 91 | * effect. Yes, they say it's slower than aligned load, but no | ||
| 92 | * exception is generated and therefore performance degradation | ||
| 93 | * is *incomparable* with RISCs. What we should weight here is | ||
| 94 | * costs of unaligned access against costs of aligning data. | ||
| 95 | * According to my measurements allowing unaligned access results | ||
| 96 | * in ~9% performance improvement on Pentium II operating at | ||
| 97 | * 266MHz. I won't be surprised if the difference will be higher | ||
| 98 | * on faster systems:-) | ||
| 99 | * | ||
| 100 | * <appro@fy.chalmers.se> | ||
| 101 | */ | ||
| 102 | #define md5_block_data_order md5_block_host_order | ||
| 103 | #endif | ||
| 104 | 76 | ||
| 105 | #define DATA_ORDER_IS_LITTLE_ENDIAN | 77 | #define DATA_ORDER_IS_LITTLE_ENDIAN |
| 106 | 78 | ||
| 107 | #define HASH_LONG MD5_LONG | 79 | #define HASH_LONG MD5_LONG |
| 108 | #define HASH_LONG_LOG2 MD5_LONG_LOG2 | ||
| 109 | #define HASH_CTX MD5_CTX | 80 | #define HASH_CTX MD5_CTX |
| 110 | #define HASH_CBLOCK MD5_CBLOCK | 81 | #define HASH_CBLOCK MD5_CBLOCK |
| 111 | #define HASH_LBLOCK MD5_LBLOCK | ||
| 112 | #define HASH_UPDATE MD5_Update | 82 | #define HASH_UPDATE MD5_Update |
| 113 | #define HASH_TRANSFORM MD5_Transform | 83 | #define HASH_TRANSFORM MD5_Transform |
| 114 | #define HASH_FINAL MD5_Final | 84 | #define HASH_FINAL MD5_Final |
| @@ -119,21 +89,7 @@ void md5_block_data_order (MD5_CTX *c, const void *p,int num); | |||
| 119 | ll=(c)->C; HOST_l2c(ll,(s)); \ | 89 | ll=(c)->C; HOST_l2c(ll,(s)); \ |
| 120 | ll=(c)->D; HOST_l2c(ll,(s)); \ | 90 | ll=(c)->D; HOST_l2c(ll,(s)); \ |
| 121 | } while (0) | 91 | } while (0) |
| 122 | #define HASH_BLOCK_HOST_ORDER md5_block_host_order | ||
| 123 | #if !defined(L_ENDIAN) || defined(md5_block_data_order) | ||
| 124 | #define HASH_BLOCK_DATA_ORDER md5_block_data_order | 92 | #define HASH_BLOCK_DATA_ORDER md5_block_data_order |
| 125 | /* | ||
| 126 | * Little-endians (Intel and Alpha) feel better without this. | ||
| 127 | * It looks like memcpy does better job than generic | ||
| 128 | * md5_block_data_order on copying-n-aligning input data. | ||
| 129 | * But frankly speaking I didn't expect such result on Alpha. | ||
| 130 | * On the other hand I've got this with egcs-1.0.2 and if | ||
| 131 | * program is compiled with another (better?) compiler it | ||
| 132 | * might turn out other way around. | ||
| 133 | * | ||
| 134 | * <appro@fy.chalmers.se> | ||
| 135 | */ | ||
| 136 | #endif | ||
| 137 | 93 | ||
| 138 | #include "md32_common.h" | 94 | #include "md32_common.h" |
| 139 | 95 | ||
diff --git a/src/lib/libcrypto/md5/md5_one.c b/src/lib/libcrypto/md5/md5_one.c index 44c6c455d1..43fee89379 100644 --- a/src/lib/libcrypto/md5/md5_one.c +++ b/src/lib/libcrypto/md5/md5_one.c | |||
| @@ -65,7 +65,7 @@ | |||
| 65 | #include <openssl/ebcdic.h> | 65 | #include <openssl/ebcdic.h> |
| 66 | #endif | 66 | #endif |
| 67 | 67 | ||
| 68 | unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md) | 68 | unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md) |
| 69 | { | 69 | { |
| 70 | MD5_CTX c; | 70 | MD5_CTX c; |
| 71 | static unsigned char m[MD5_DIGEST_LENGTH]; | 71 | static unsigned char m[MD5_DIGEST_LENGTH]; |
diff --git a/src/lib/libcrypto/md5/md5test.c b/src/lib/libcrypto/md5/md5test.c index bfd62629ed..2b37190e32 100644 --- a/src/lib/libcrypto/md5/md5test.c +++ b/src/lib/libcrypto/md5/md5test.c | |||
| @@ -97,16 +97,16 @@ static char *pt(unsigned char *md); | |||
| 97 | int main(int argc, char *argv[]) | 97 | int main(int argc, char *argv[]) |
| 98 | { | 98 | { |
| 99 | int i,err=0; | 99 | int i,err=0; |
| 100 | unsigned char **P,**R; | 100 | char **P,**R; |
| 101 | char *p; | 101 | char *p; |
| 102 | unsigned char md[MD5_DIGEST_LENGTH]; | 102 | unsigned char md[MD5_DIGEST_LENGTH]; |
| 103 | 103 | ||
| 104 | P=(unsigned char **)test; | 104 | P=test; |
| 105 | R=(unsigned char **)ret; | 105 | R=ret; |
| 106 | i=1; | 106 | i=1; |
| 107 | while (*P != NULL) | 107 | while (*P != NULL) |
| 108 | { | 108 | { |
| 109 | EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md5(), NULL); | 109 | EVP_Digest(&(P[0][0]),strlen((char *)*P),md,NULL,EVP_md5(), NULL); |
| 110 | p=pt(md); | 110 | p=pt(md); |
| 111 | if (strcmp(p,(char *)*R) != 0) | 111 | if (strcmp(p,(char *)*R) != 0) |
| 112 | { | 112 | { |
| @@ -120,6 +120,10 @@ int main(int argc, char *argv[]) | |||
| 120 | R++; | 120 | R++; |
| 121 | P++; | 121 | P++; |
| 122 | } | 122 | } |
| 123 | |||
| 124 | #ifdef OPENSSL_SYS_NETWARE | ||
| 125 | if (err) printf("ERROR: %d\n", err); | ||
| 126 | #endif | ||
| 123 | EXIT(err); | 127 | EXIT(err); |
| 124 | return(0); | 128 | return(0); |
| 125 | } | 129 | } |
diff --git a/src/lib/libcrypto/mdc2/Makefile b/src/lib/libcrypto/mdc2/Makefile index b8e9a9a4fa..1d064f17a6 100644 --- a/src/lib/libcrypto/mdc2/Makefile +++ b/src/lib/libcrypto/mdc2/Makefile | |||
| @@ -7,11 +7,6 @@ TOP= ../.. | |||
| 7 | CC= cc | 7 | CC= cc |
| 8 | INCLUDES= | 8 | INCLUDES= |
| 9 | CFLAG=-g | 9 | CFLAG=-g |
| 10 | INSTALL_PREFIX= | ||
| 11 | OPENSSLDIR= /usr/local/ssl | ||
| 12 | INSTALLTOP=/usr/local/ssl | ||
| 13 | MAKEDEPPROG= makedepend | ||
| 14 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | ||
| 15 | MAKEFILE= Makefile | 10 | MAKEFILE= Makefile |
| 16 | AR= ar r | 11 | AR= ar r |
| 17 | 12 | ||
| @@ -51,6 +46,7 @@ links: | |||
| 51 | @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) | 46 | @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) |
| 52 | 47 | ||
| 53 | install: | 48 | install: |
| 49 | @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... | ||
| 54 | @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ | 50 | @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ |
| 55 | do \ | 51 | do \ |
| 56 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ | 52 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ |
| @@ -66,6 +62,7 @@ lint: | |||
| 66 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 62 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 67 | 63 | ||
| 68 | depend: | 64 | depend: |
| 65 | @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... | ||
| 69 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) | 66 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 70 | 67 | ||
| 71 | dclean: | 68 | dclean: |
| @@ -83,16 +80,14 @@ mdc2_one.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | |||
| 83 | mdc2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 80 | mdc2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 84 | mdc2_one.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h | 81 | mdc2_one.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h |
| 85 | mdc2_one.o: ../../include/openssl/opensslconf.h | 82 | mdc2_one.o: ../../include/openssl/opensslconf.h |
| 86 | mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h | 83 | mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 87 | mdc2_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 84 | mdc2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 88 | mdc2_one.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 85 | mdc2_one.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 89 | mdc2_one.o: ../cryptlib.h mdc2_one.c | 86 | mdc2_one.o: ../../include/openssl/ui_compat.h ../cryptlib.h mdc2_one.c |
| 90 | mdc2dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | ||
| 91 | mdc2dgst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | 87 | mdc2dgst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 92 | mdc2dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 88 | mdc2dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/mdc2.h |
| 93 | mdc2dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | 89 | mdc2dgst.o: ../../include/openssl/opensslconf.h |
| 94 | mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h | 90 | mdc2dgst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 95 | mdc2dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h | ||
| 96 | mdc2dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 91 | mdc2dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 97 | mdc2dgst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 92 | mdc2dgst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 98 | mdc2dgst.o: mdc2dgst.c | 93 | mdc2dgst.o: mdc2dgst.c |
diff --git a/src/lib/libcrypto/mdc2/mdc2.h b/src/lib/libcrypto/mdc2/mdc2.h index 4cba101f37..72778a5212 100644 --- a/src/lib/libcrypto/mdc2/mdc2.h +++ b/src/lib/libcrypto/mdc2/mdc2.h | |||
| @@ -74,19 +74,17 @@ extern "C" { | |||
| 74 | 74 | ||
| 75 | typedef struct mdc2_ctx_st | 75 | typedef struct mdc2_ctx_st |
| 76 | { | 76 | { |
| 77 | int num; | 77 | unsigned int num; |
| 78 | unsigned char data[MDC2_BLOCK]; | 78 | unsigned char data[MDC2_BLOCK]; |
| 79 | DES_cblock h,hh; | 79 | DES_cblock h,hh; |
| 80 | int pad_type; /* either 1 or 2, default 1 */ | 80 | int pad_type; /* either 1 or 2, default 1 */ |
| 81 | } MDC2_CTX; | 81 | } MDC2_CTX; |
| 82 | 82 | ||
| 83 | #ifdef OPENSSL_FIPS | 83 | |
| 84 | int private_MDC2_Init(MDC2_CTX *c); | ||
| 85 | #endif | ||
| 86 | int MDC2_Init(MDC2_CTX *c); | 84 | int MDC2_Init(MDC2_CTX *c); |
| 87 | int MDC2_Update(MDC2_CTX *c, const unsigned char *data, unsigned long len); | 85 | int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len); |
| 88 | int MDC2_Final(unsigned char *md, MDC2_CTX *c); | 86 | int MDC2_Final(unsigned char *md, MDC2_CTX *c); |
| 89 | unsigned char *MDC2(const unsigned char *d, unsigned long n, | 87 | unsigned char *MDC2(const unsigned char *d, size_t n, |
| 90 | unsigned char *md); | 88 | unsigned char *md); |
| 91 | 89 | ||
| 92 | #ifdef __cplusplus | 90 | #ifdef __cplusplus |
diff --git a/src/lib/libcrypto/mem.c b/src/lib/libcrypto/mem.c index dd86733b77..6635167228 100644 --- a/src/lib/libcrypto/mem.c +++ b/src/lib/libcrypto/mem.c | |||
| @@ -324,8 +324,8 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line) | |||
| 324 | if (str == NULL) | 324 | if (str == NULL) |
| 325 | return CRYPTO_malloc(num, file, line); | 325 | return CRYPTO_malloc(num, file, line); |
| 326 | 326 | ||
| 327 | if (num <= 0) return NULL; | 327 | if (num <= 0) return NULL; |
| 328 | 328 | ||
| 329 | if (realloc_debug_func != NULL) | 329 | if (realloc_debug_func != NULL) |
| 330 | realloc_debug_func(str, NULL, num, file, line, 0); | 330 | realloc_debug_func(str, NULL, num, file, line, 0); |
| 331 | ret = realloc_ex_func(str,num,file,line); | 331 | ret = realloc_ex_func(str,num,file,line); |
| @@ -345,9 +345,9 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file, | |||
| 345 | 345 | ||
| 346 | if (str == NULL) | 346 | if (str == NULL) |
| 347 | return CRYPTO_malloc(num, file, line); | 347 | return CRYPTO_malloc(num, file, line); |
| 348 | 348 | ||
| 349 | if (num <= 0) return NULL; | 349 | if (num <= 0) return NULL; |
| 350 | 350 | ||
| 351 | if (realloc_debug_func != NULL) | 351 | if (realloc_debug_func != NULL) |
| 352 | realloc_debug_func(str, NULL, num, file, line, 0); | 352 | realloc_debug_func(str, NULL, num, file, line, 0); |
| 353 | ret=malloc_ex_func(num,file,line); | 353 | ret=malloc_ex_func(num,file,line); |
diff --git a/src/lib/libcrypto/mem_dbg.c b/src/lib/libcrypto/mem_dbg.c index e212de27e4..8316485217 100644 --- a/src/lib/libcrypto/mem_dbg.c +++ b/src/lib/libcrypto/mem_dbg.c | |||
| @@ -59,11 +59,11 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 61 | #include <time.h> | 61 | #include <time.h> |
| 62 | #include "cryptlib.h" | ||
| 62 | #include <openssl/crypto.h> | 63 | #include <openssl/crypto.h> |
| 63 | #include <openssl/buffer.h> | 64 | #include <openssl/buffer.h> |
| 64 | #include <openssl/bio.h> | 65 | #include <openssl/bio.h> |
| 65 | #include <openssl/lhash.h> | 66 | #include <openssl/lhash.h> |
| 66 | #include "cryptlib.h" | ||
| 67 | 67 | ||
| 68 | static int mh_mode=CRYPTO_MEM_CHECK_OFF; | 68 | static int mh_mode=CRYPTO_MEM_CHECK_OFF; |
| 69 | /* The state changes to CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE | 69 | /* The state changes to CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE |
| @@ -252,8 +252,16 @@ long CRYPTO_dbg_get_options(void) | |||
| 252 | /* static int mem_cmp(MEM *a, MEM *b) */ | 252 | /* static int mem_cmp(MEM *a, MEM *b) */ |
| 253 | static int mem_cmp(const void *a_void, const void *b_void) | 253 | static int mem_cmp(const void *a_void, const void *b_void) |
| 254 | { | 254 | { |
| 255 | #ifdef _WIN64 | ||
| 256 | const char *a=(const char *)((const MEM *)a_void)->addr, | ||
| 257 | *b=(const char *)((const MEM *)b_void)->addr; | ||
| 258 | if (a==b) return 0; | ||
| 259 | else if (a>b) return 1; | ||
| 260 | else return -1; | ||
| 261 | #else | ||
| 255 | return((const char *)((const MEM *)a_void)->addr | 262 | return((const char *)((const MEM *)a_void)->addr |
| 256 | - (const char *)((const MEM *)b_void)->addr); | 263 | - (const char *)((const MEM *)b_void)->addr); |
| 264 | #endif | ||
| 257 | } | 265 | } |
| 258 | 266 | ||
| 259 | /* static unsigned long mem_hash(MEM *a) */ | 267 | /* static unsigned long mem_hash(MEM *a) */ |
diff --git a/src/lib/libcrypto/objects/o_names.c b/src/lib/libcrypto/objects/o_names.c index 28c9370ca3..adb5731f76 100644 --- a/src/lib/libcrypto/objects/o_names.c +++ b/src/lib/libcrypto/objects/o_names.c | |||
| @@ -111,8 +111,8 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), | |||
| 111 | static int obj_name_cmp(const void *a_void, const void *b_void) | 111 | static int obj_name_cmp(const void *a_void, const void *b_void) |
| 112 | { | 112 | { |
| 113 | int ret; | 113 | int ret; |
| 114 | OBJ_NAME *a = (OBJ_NAME *)a_void; | 114 | const OBJ_NAME *a = (const OBJ_NAME *)a_void; |
| 115 | OBJ_NAME *b = (OBJ_NAME *)b_void; | 115 | const OBJ_NAME *b = (const OBJ_NAME *)b_void; |
| 116 | 116 | ||
| 117 | ret=a->type-b->type; | 117 | ret=a->type-b->type; |
| 118 | if (ret == 0) | 118 | if (ret == 0) |
| @@ -133,7 +133,7 @@ static int obj_name_cmp(const void *a_void, const void *b_void) | |||
| 133 | static unsigned long obj_name_hash(const void *a_void) | 133 | static unsigned long obj_name_hash(const void *a_void) |
| 134 | { | 134 | { |
| 135 | unsigned long ret; | 135 | unsigned long ret; |
| 136 | OBJ_NAME *a = (OBJ_NAME *)a_void; | 136 | const OBJ_NAME *a = (const OBJ_NAME *)a_void; |
| 137 | 137 | ||
| 138 | if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) | 138 | if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) |
| 139 | { | 139 | { |
diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c index f549d078ef..7fd7433241 100644 --- a/src/lib/libcrypto/objects/obj_dat.c +++ b/src/lib/libcrypto/objects/obj_dat.c | |||
| @@ -58,10 +58,12 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <ctype.h> | 60 | #include <ctype.h> |
| 61 | #include <limits.h> | ||
| 61 | #include "cryptlib.h" | 62 | #include "cryptlib.h" |
| 62 | #include <openssl/lhash.h> | 63 | #include <openssl/lhash.h> |
| 63 | #include <openssl/asn1.h> | 64 | #include <openssl/asn1.h> |
| 64 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 66 | #include <openssl/bn.h> | ||
| 65 | 67 | ||
| 66 | /* obj_dat.h is generated from objects.h by obj_dat.pl */ | 68 | /* obj_dat.h is generated from objects.h by obj_dat.pl */ |
| 67 | #ifndef OPENSSL_NO_OBJECT | 69 | #ifndef OPENSSL_NO_OBJECT |
| @@ -115,7 +117,7 @@ static unsigned long add_hash(const void *ca_void) | |||
| 115 | int i; | 117 | int i; |
| 116 | unsigned long ret=0; | 118 | unsigned long ret=0; |
| 117 | unsigned char *p; | 119 | unsigned char *p; |
| 118 | ADDED_OBJ *ca = (ADDED_OBJ *)ca_void; | 120 | const ADDED_OBJ *ca = (const ADDED_OBJ *)ca_void; |
| 119 | 121 | ||
| 120 | a=ca->obj; | 122 | a=ca->obj; |
| 121 | switch (ca->type) | 123 | switch (ca->type) |
| @@ -149,8 +151,8 @@ static int add_cmp(const void *ca_void, const void *cb_void) | |||
| 149 | { | 151 | { |
| 150 | ASN1_OBJECT *a,*b; | 152 | ASN1_OBJECT *a,*b; |
| 151 | int i; | 153 | int i; |
| 152 | ADDED_OBJ *ca = (ADDED_OBJ *)ca_void; | 154 | const ADDED_OBJ *ca = (const ADDED_OBJ *)ca_void; |
| 153 | ADDED_OBJ *cb = (ADDED_OBJ *)cb_void; | 155 | const ADDED_OBJ *cb = (const ADDED_OBJ *)cb_void; |
| 154 | 156 | ||
| 155 | i=ca->type-cb->type; | 157 | i=ca->type-cb->type; |
| 156 | if (i) return(i); | 158 | if (i) return(i); |
| @@ -161,7 +163,7 @@ static int add_cmp(const void *ca_void, const void *cb_void) | |||
| 161 | case ADDED_DATA: | 163 | case ADDED_DATA: |
| 162 | i=(a->length - b->length); | 164 | i=(a->length - b->length); |
| 163 | if (i) return(i); | 165 | if (i) return(i); |
| 164 | return(memcmp(a->data,b->data,a->length)); | 166 | return(memcmp(a->data,b->data,(size_t)a->length)); |
| 165 | case ADDED_SNAME: | 167 | case ADDED_SNAME: |
| 166 | if (a->sn == NULL) return(-1); | 168 | if (a->sn == NULL) return(-1); |
| 167 | else if (b->sn == NULL) return(1); | 169 | else if (b->sn == NULL) return(1); |
| @@ -382,8 +384,8 @@ int OBJ_obj2nid(const ASN1_OBJECT *a) | |||
| 382 | adp=(ADDED_OBJ *)lh_retrieve(added,&ad); | 384 | adp=(ADDED_OBJ *)lh_retrieve(added,&ad); |
| 383 | if (adp != NULL) return (adp->obj->nid); | 385 | if (adp != NULL) return (adp->obj->nid); |
| 384 | } | 386 | } |
| 385 | op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ, | 387 | op=(ASN1_OBJECT **)OBJ_bsearch((const char *)&a,(const char *)obj_objs, |
| 386 | sizeof(ASN1_OBJECT *),obj_cmp); | 388 | NUM_OBJ, sizeof(ASN1_OBJECT *),obj_cmp); |
| 387 | if (op == NULL) | 389 | if (op == NULL) |
| 388 | return(NID_undef); | 390 | return(NID_undef); |
| 389 | return((*op)->nid); | 391 | return((*op)->nid); |
| @@ -399,7 +401,9 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) | |||
| 399 | { | 401 | { |
| 400 | int nid = NID_undef; | 402 | int nid = NID_undef; |
| 401 | ASN1_OBJECT *op=NULL; | 403 | ASN1_OBJECT *op=NULL; |
| 402 | unsigned char *buf,*p; | 404 | unsigned char *buf; |
| 405 | unsigned char *p; | ||
| 406 | const unsigned char *cp; | ||
| 403 | int i, j; | 407 | int i, j; |
| 404 | 408 | ||
| 405 | if(!no_name) { | 409 | if(!no_name) { |
| @@ -411,8 +415,8 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) | |||
| 411 | /* Work out size of content octets */ | 415 | /* Work out size of content octets */ |
| 412 | i=a2d_ASN1_OBJECT(NULL,0,s,-1); | 416 | i=a2d_ASN1_OBJECT(NULL,0,s,-1); |
| 413 | if (i <= 0) { | 417 | if (i <= 0) { |
| 414 | /* Clear the error */ | 418 | /* Don't clear the error */ |
| 415 | ERR_get_error(); | 419 | /*ERR_clear_error();*/ |
| 416 | return NULL; | 420 | return NULL; |
| 417 | } | 421 | } |
| 418 | /* Work out total size */ | 422 | /* Work out total size */ |
| @@ -425,75 +429,170 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) | |||
| 425 | ASN1_put_object(&p,0,i,V_ASN1_OBJECT,V_ASN1_UNIVERSAL); | 429 | ASN1_put_object(&p,0,i,V_ASN1_OBJECT,V_ASN1_UNIVERSAL); |
| 426 | /* Write out contents */ | 430 | /* Write out contents */ |
| 427 | a2d_ASN1_OBJECT(p,i,s,-1); | 431 | a2d_ASN1_OBJECT(p,i,s,-1); |
| 428 | 432 | ||
| 429 | p=buf; | 433 | cp=buf; |
| 430 | op=d2i_ASN1_OBJECT(NULL,&p,j); | 434 | op=d2i_ASN1_OBJECT(NULL,&cp,j); |
| 431 | OPENSSL_free(buf); | 435 | OPENSSL_free(buf); |
| 432 | return op; | 436 | return op; |
| 433 | } | 437 | } |
| 434 | 438 | ||
| 435 | int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) | 439 | int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) |
| 436 | { | 440 | { |
| 437 | int i,idx=0,n=0,len,nid; | 441 | int i,n=0,len,nid, first, use_bn; |
| 442 | BIGNUM *bl; | ||
| 438 | unsigned long l; | 443 | unsigned long l; |
| 439 | unsigned char *p; | 444 | unsigned char *p; |
| 440 | const char *s; | ||
| 441 | char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2]; | 445 | char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2]; |
| 442 | 446 | ||
| 443 | if (buf_len <= 0) return(0); | ||
| 444 | |||
| 445 | if ((a == NULL) || (a->data == NULL)) { | 447 | if ((a == NULL) || (a->data == NULL)) { |
| 446 | buf[0]='\0'; | 448 | buf[0]='\0'; |
| 447 | return(0); | 449 | return(0); |
| 448 | } | 450 | } |
| 449 | 451 | ||
| 450 | if (no_name || (nid=OBJ_obj2nid(a)) == NID_undef) { | ||
| 451 | len=a->length; | ||
| 452 | p=a->data; | ||
| 453 | 452 | ||
| 454 | idx=0; | 453 | if (!no_name && (nid=OBJ_obj2nid(a)) != NID_undef) |
| 455 | l=0; | 454 | { |
| 456 | while (idx < a->length) { | 455 | const char *s; |
| 457 | l|=(p[idx]&0x7f); | 456 | s=OBJ_nid2ln(nid); |
| 458 | if (!(p[idx] & 0x80)) break; | 457 | if (s == NULL) |
| 459 | l<<=7L; | 458 | s=OBJ_nid2sn(nid); |
| 460 | idx++; | 459 | if (buf) |
| 460 | BUF_strlcpy(buf,s,buf_len); | ||
| 461 | n=strlen(s); | ||
| 462 | return n; | ||
| 461 | } | 463 | } |
| 462 | idx++; | ||
| 463 | i=(int)(l/40); | ||
| 464 | if (i > 2) i=2; | ||
| 465 | l-=(long)(i*40); | ||
| 466 | |||
| 467 | BIO_snprintf(tbuf,sizeof tbuf,"%d.%lu",i,l); | ||
| 468 | i=strlen(tbuf); | ||
| 469 | BUF_strlcpy(buf,tbuf,buf_len); | ||
| 470 | buf_len-=i; | ||
| 471 | buf+=i; | ||
| 472 | n+=i; | ||
| 473 | 464 | ||
| 465 | |||
| 466 | len=a->length; | ||
| 467 | p=a->data; | ||
| 468 | |||
| 469 | first = 1; | ||
| 470 | bl = NULL; | ||
| 471 | |||
| 472 | while (len > 0) | ||
| 473 | { | ||
| 474 | l=0; | 474 | l=0; |
| 475 | for (; idx<len; idx++) { | 475 | use_bn = 0; |
| 476 | l|=p[idx]&0x7f; | 476 | for (;;) |
| 477 | if (!(p[idx] & 0x80)) { | 477 | { |
| 478 | BIO_snprintf(tbuf,sizeof tbuf,".%lu",l); | 478 | unsigned char c = *p++; |
| 479 | i=strlen(tbuf); | 479 | len--; |
| 480 | if ((len == 0) && (c & 0x80)) | ||
| 481 | goto err; | ||
| 482 | if (use_bn) | ||
| 483 | { | ||
| 484 | if (!BN_add_word(bl, c & 0x7f)) | ||
| 485 | goto err; | ||
| 486 | } | ||
| 487 | else | ||
| 488 | l |= c & 0x7f; | ||
| 489 | if (!(c & 0x80)) | ||
| 490 | break; | ||
| 491 | if (!use_bn && (l > (ULONG_MAX >> 7L))) | ||
| 492 | { | ||
| 493 | if (!bl && !(bl = BN_new())) | ||
| 494 | goto err; | ||
| 495 | if (!BN_set_word(bl, l)) | ||
| 496 | goto err; | ||
| 497 | use_bn = 1; | ||
| 498 | } | ||
| 499 | if (use_bn) | ||
| 500 | { | ||
| 501 | if (!BN_lshift(bl, bl, 7)) | ||
| 502 | goto err; | ||
| 503 | } | ||
| 504 | else | ||
| 505 | l<<=7L; | ||
| 506 | } | ||
| 507 | |||
| 508 | if (first) | ||
| 509 | { | ||
| 510 | first = 0; | ||
| 511 | if (l >= 80) | ||
| 512 | { | ||
| 513 | i = 2; | ||
| 514 | if (use_bn) | ||
| 515 | { | ||
| 516 | if (!BN_sub_word(bl, 80)) | ||
| 517 | goto err; | ||
| 518 | } | ||
| 519 | else | ||
| 520 | l -= 80; | ||
| 521 | } | ||
| 522 | else | ||
| 523 | { | ||
| 524 | i=(int)(l/40); | ||
| 525 | l-=(long)(i*40); | ||
| 526 | } | ||
| 527 | if (buf && (buf_len > 0)) | ||
| 528 | { | ||
| 529 | *buf++ = i + '0'; | ||
| 530 | buf_len--; | ||
| 531 | } | ||
| 532 | n++; | ||
| 533 | } | ||
| 534 | |||
| 535 | if (use_bn) | ||
| 536 | { | ||
| 537 | char *bndec; | ||
| 538 | bndec = BN_bn2dec(bl); | ||
| 539 | if (!bndec) | ||
| 540 | goto err; | ||
| 541 | i = strlen(bndec); | ||
| 542 | if (buf) | ||
| 543 | { | ||
| 480 | if (buf_len > 0) | 544 | if (buf_len > 0) |
| 481 | BUF_strlcpy(buf,tbuf,buf_len); | 545 | { |
| 482 | buf_len-=i; | 546 | *buf++ = '.'; |
| 483 | buf+=i; | 547 | buf_len--; |
| 484 | n+=i; | 548 | } |
| 485 | l=0; | 549 | BUF_strlcpy(buf,bndec,buf_len); |
| 550 | if (i > buf_len) | ||
| 551 | { | ||
| 552 | buf += buf_len; | ||
| 553 | buf_len = 0; | ||
| 554 | } | ||
| 555 | else | ||
| 556 | { | ||
| 557 | buf+=i; | ||
| 558 | buf_len-=i; | ||
| 559 | } | ||
| 560 | } | ||
| 561 | n++; | ||
| 562 | n += i; | ||
| 563 | OPENSSL_free(bndec); | ||
| 564 | } | ||
| 565 | else | ||
| 566 | { | ||
| 567 | BIO_snprintf(tbuf,sizeof tbuf,".%lu",l); | ||
| 568 | i=strlen(tbuf); | ||
| 569 | if (buf && (buf_len > 0)) | ||
| 570 | { | ||
| 571 | BUF_strlcpy(buf,tbuf,buf_len); | ||
| 572 | if (i > buf_len) | ||
| 573 | { | ||
| 574 | buf += buf_len; | ||
| 575 | buf_len = 0; | ||
| 576 | } | ||
| 577 | else | ||
| 578 | { | ||
| 579 | buf+=i; | ||
| 580 | buf_len-=i; | ||
| 581 | } | ||
| 582 | } | ||
| 583 | n+=i; | ||
| 584 | l=0; | ||
| 486 | } | 585 | } |
| 487 | l<<=7L; | ||
| 488 | } | 586 | } |
| 489 | } else { | 587 | |
| 490 | s=OBJ_nid2ln(nid); | 588 | if (bl) |
| 491 | if (s == NULL) | 589 | BN_free(bl); |
| 492 | s=OBJ_nid2sn(nid); | 590 | return n; |
| 493 | BUF_strlcpy(buf,s,buf_len); | 591 | |
| 494 | n=strlen(s); | 592 | err: |
| 495 | } | 593 | if (bl) |
| 496 | return(n); | 594 | BN_free(bl); |
| 595 | return -1; | ||
| 497 | } | 596 | } |
| 498 | 597 | ||
| 499 | int OBJ_txt2nid(const char *s) | 598 | int OBJ_txt2nid(const char *s) |
| @@ -519,7 +618,7 @@ int OBJ_ln2nid(const char *s) | |||
| 519 | adp=(ADDED_OBJ *)lh_retrieve(added,&ad); | 618 | adp=(ADDED_OBJ *)lh_retrieve(added,&ad); |
| 520 | if (adp != NULL) return (adp->obj->nid); | 619 | if (adp != NULL) return (adp->obj->nid); |
| 521 | } | 620 | } |
| 522 | op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN, | 621 | op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs, NUM_LN, |
| 523 | sizeof(ASN1_OBJECT *),ln_cmp); | 622 | sizeof(ASN1_OBJECT *),ln_cmp); |
| 524 | if (op == NULL) return(NID_undef); | 623 | if (op == NULL) return(NID_undef); |
| 525 | return((*op)->nid); | 624 | return((*op)->nid); |
| @@ -547,8 +646,8 @@ int OBJ_sn2nid(const char *s) | |||
| 547 | static int obj_cmp(const void *ap, const void *bp) | 646 | static int obj_cmp(const void *ap, const void *bp) |
| 548 | { | 647 | { |
| 549 | int j; | 648 | int j; |
| 550 | ASN1_OBJECT *a= *(ASN1_OBJECT **)ap; | 649 | const ASN1_OBJECT *a= *(ASN1_OBJECT * const *)ap; |
| 551 | ASN1_OBJECT *b= *(ASN1_OBJECT **)bp; | 650 | const ASN1_OBJECT *b= *(ASN1_OBJECT * const *)bp; |
| 552 | 651 | ||
| 553 | j=(a->length - b->length); | 652 | j=(a->length - b->length); |
| 554 | if (j) return(j); | 653 | if (j) return(j); |
| @@ -558,8 +657,14 @@ static int obj_cmp(const void *ap, const void *bp) | |||
| 558 | const char *OBJ_bsearch(const char *key, const char *base, int num, int size, | 657 | const char *OBJ_bsearch(const char *key, const char *base, int num, int size, |
| 559 | int (*cmp)(const void *, const void *)) | 658 | int (*cmp)(const void *, const void *)) |
| 560 | { | 659 | { |
| 561 | int l,h,i,c; | 660 | return OBJ_bsearch_ex(key, base, num, size, cmp, 0); |
| 562 | const char *p; | 661 | } |
| 662 | |||
| 663 | const char *OBJ_bsearch_ex(const char *key, const char *base, int num, | ||
| 664 | int size, int (*cmp)(const void *, const void *), int flags) | ||
| 665 | { | ||
| 666 | int l,h,i=0,c=0; | ||
| 667 | const char *p = NULL; | ||
| 563 | 668 | ||
| 564 | if (num == 0) return(NULL); | 669 | if (num == 0) return(NULL); |
| 565 | l=0; | 670 | l=0; |
| @@ -574,20 +679,33 @@ const char *OBJ_bsearch(const char *key, const char *base, int num, int size, | |||
| 574 | else if (c > 0) | 679 | else if (c > 0) |
| 575 | l=i+1; | 680 | l=i+1; |
| 576 | else | 681 | else |
| 577 | return(p); | 682 | break; |
| 578 | } | 683 | } |
| 579 | #ifdef CHARSET_EBCDIC | 684 | #ifdef CHARSET_EBCDIC |
| 580 | /* THIS IS A KLUDGE - Because the *_obj is sorted in ASCII order, and | 685 | /* THIS IS A KLUDGE - Because the *_obj is sorted in ASCII order, and |
| 581 | * I don't have perl (yet), we revert to a *LINEAR* search | 686 | * I don't have perl (yet), we revert to a *LINEAR* search |
| 582 | * when the object wasn't found in the binary search. | 687 | * when the object wasn't found in the binary search. |
| 583 | */ | 688 | */ |
| 584 | for (i=0; i<num; ++i) { | 689 | if (c != 0) |
| 585 | p= &(base[i*size]); | 690 | { |
| 586 | if ((*cmp)(key,p) == 0) | 691 | for (i=0; i<num; ++i) |
| 587 | return p; | 692 | { |
| 588 | } | 693 | p= &(base[i*size]); |
| 694 | c = (*cmp)(key,p); | ||
| 695 | if (c == 0 || (c < 0 && (flags & OBJ_BSEARCH_VALUE_ON_NOMATCH))) | ||
| 696 | return p; | ||
| 697 | } | ||
| 698 | } | ||
| 589 | #endif | 699 | #endif |
| 590 | return(NULL); | 700 | if (c != 0 && !(flags & OBJ_BSEARCH_VALUE_ON_NOMATCH)) |
| 701 | p = NULL; | ||
| 702 | else if (c == 0 && (flags & OBJ_BSEARCH_FIRST_VALUE_ON_MATCH)) | ||
| 703 | { | ||
| 704 | while(i > 0 && (*cmp)(key,&(base[(i-1)*size])) == 0) | ||
| 705 | i--; | ||
| 706 | p = &(base[i*size]); | ||
| 707 | } | ||
| 708 | return(p); | ||
| 591 | } | 709 | } |
| 592 | 710 | ||
| 593 | int OBJ_create_objects(BIO *in) | 711 | int OBJ_create_objects(BIO *in) |
diff --git a/src/lib/libcrypto/objects/obj_dat.pl b/src/lib/libcrypto/objects/obj_dat.pl index d0371661f9..8a09a46ee6 100644 --- a/src/lib/libcrypto/objects/obj_dat.pl +++ b/src/lib/libcrypto/objects/obj_dat.pl | |||
| @@ -94,7 +94,7 @@ for ($i=0; $i<$n; $i++) | |||
| 94 | { | 94 | { |
| 95 | if (!defined($nid{$i})) | 95 | if (!defined($nid{$i})) |
| 96 | { | 96 | { |
| 97 | push(@out,"{NULL,NULL,NID_undef,0,NULL},\n"); | 97 | push(@out,"{NULL,NULL,NID_undef,0,NULL,0},\n"); |
| 98 | } | 98 | } |
| 99 | else | 99 | else |
| 100 | { | 100 | { |
| @@ -138,7 +138,7 @@ for ($i=0; $i<$n; $i++) | |||
| 138 | } | 138 | } |
| 139 | else | 139 | else |
| 140 | { | 140 | { |
| 141 | $out.="0,NULL"; | 141 | $out.="0,NULL,0"; |
| 142 | } | 142 | } |
| 143 | $out.="},\n"; | 143 | $out.="},\n"; |
| 144 | push(@out,$out); | 144 | push(@out,$out); |
diff --git a/src/lib/libcrypto/objects/obj_err.c b/src/lib/libcrypto/objects/obj_err.c index 0682979b38..12b48850c6 100644 --- a/src/lib/libcrypto/objects/obj_err.c +++ b/src/lib/libcrypto/objects/obj_err.c | |||
| @@ -91,15 +91,12 @@ static ERR_STRING_DATA OBJ_str_reasons[]= | |||
| 91 | 91 | ||
| 92 | void ERR_load_OBJ_strings(void) | 92 | void ERR_load_OBJ_strings(void) |
| 93 | { | 93 | { |
| 94 | static int init=1; | 94 | #ifndef OPENSSL_NO_ERR |
| 95 | 95 | ||
| 96 | if (init) | 96 | if (ERR_func_error_string(OBJ_str_functs[0].error) == NULL) |
| 97 | { | 97 | { |
| 98 | init=0; | ||
| 99 | #ifndef OPENSSL_NO_ERR | ||
| 100 | ERR_load_strings(0,OBJ_str_functs); | 98 | ERR_load_strings(0,OBJ_str_functs); |
| 101 | ERR_load_strings(0,OBJ_str_reasons); | 99 | ERR_load_strings(0,OBJ_str_reasons); |
| 102 | #endif | ||
| 103 | |||
| 104 | } | 100 | } |
| 101 | #endif | ||
| 105 | } | 102 | } |
diff --git a/src/lib/libcrypto/objects/obj_lib.c b/src/lib/libcrypto/objects/obj_lib.c index b0b0f2ff24..706fa0b0e7 100644 --- a/src/lib/libcrypto/objects/obj_lib.c +++ b/src/lib/libcrypto/objects/obj_lib.c | |||
| @@ -82,7 +82,8 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) | |||
| 82 | r->data=OPENSSL_malloc(o->length); | 82 | r->data=OPENSSL_malloc(o->length); |
| 83 | if (r->data == NULL) | 83 | if (r->data == NULL) |
| 84 | goto err; | 84 | goto err; |
| 85 | memcpy(r->data,o->data,o->length); | 85 | if (o->data != NULL) |
| 86 | memcpy(r->data,o->data,o->length); | ||
| 86 | r->length=o->length; | 87 | r->length=o->length; |
| 87 | r->nid=o->nid; | 88 | r->nid=o->nid; |
| 88 | r->ln=r->sn=NULL; | 89 | r->ln=r->sn=NULL; |
diff --git a/src/lib/libcrypto/objects/obj_mac.num b/src/lib/libcrypto/objects/obj_mac.num index 84555d936e..47815b1e4e 100644 --- a/src/lib/libcrypto/objects/obj_mac.num +++ b/src/lib/libcrypto/objects/obj_mac.num | |||
| @@ -673,3 +673,118 @@ sha256 672 | |||
| 673 | sha384 673 | 673 | sha384 673 |
| 674 | sha512 674 | 674 | sha512 674 |
| 675 | sha224 675 | 675 | sha224 675 |
| 676 | identified_organization 676 | ||
| 677 | certicom_arc 677 | ||
| 678 | wap 678 | ||
| 679 | wap_wsg 679 | ||
| 680 | X9_62_id_characteristic_two_basis 680 | ||
| 681 | X9_62_onBasis 681 | ||
| 682 | X9_62_tpBasis 682 | ||
| 683 | X9_62_ppBasis 683 | ||
| 684 | X9_62_c2pnb163v1 684 | ||
| 685 | X9_62_c2pnb163v2 685 | ||
| 686 | X9_62_c2pnb163v3 686 | ||
| 687 | X9_62_c2pnb176v1 687 | ||
| 688 | X9_62_c2tnb191v1 688 | ||
| 689 | X9_62_c2tnb191v2 689 | ||
| 690 | X9_62_c2tnb191v3 690 | ||
| 691 | X9_62_c2onb191v4 691 | ||
| 692 | X9_62_c2onb191v5 692 | ||
| 693 | X9_62_c2pnb208w1 693 | ||
| 694 | X9_62_c2tnb239v1 694 | ||
| 695 | X9_62_c2tnb239v2 695 | ||
| 696 | X9_62_c2tnb239v3 696 | ||
| 697 | X9_62_c2onb239v4 697 | ||
| 698 | X9_62_c2onb239v5 698 | ||
| 699 | X9_62_c2pnb272w1 699 | ||
| 700 | X9_62_c2pnb304w1 700 | ||
| 701 | X9_62_c2tnb359v1 701 | ||
| 702 | X9_62_c2pnb368w1 702 | ||
| 703 | X9_62_c2tnb431r1 703 | ||
| 704 | secp112r1 704 | ||
| 705 | secp112r2 705 | ||
| 706 | secp128r1 706 | ||
| 707 | secp128r2 707 | ||
| 708 | secp160k1 708 | ||
| 709 | secp160r1 709 | ||
| 710 | secp160r2 710 | ||
| 711 | secp192k1 711 | ||
| 712 | secp224k1 712 | ||
| 713 | secp224r1 713 | ||
| 714 | secp256k1 714 | ||
| 715 | secp384r1 715 | ||
| 716 | secp521r1 716 | ||
| 717 | sect113r1 717 | ||
| 718 | sect113r2 718 | ||
| 719 | sect131r1 719 | ||
| 720 | sect131r2 720 | ||
| 721 | sect163k1 721 | ||
| 722 | sect163r1 722 | ||
| 723 | sect163r2 723 | ||
| 724 | sect193r1 724 | ||
| 725 | sect193r2 725 | ||
| 726 | sect233k1 726 | ||
| 727 | sect233r1 727 | ||
| 728 | sect239k1 728 | ||
| 729 | sect283k1 729 | ||
| 730 | sect283r1 730 | ||
| 731 | sect409k1 731 | ||
| 732 | sect409r1 732 | ||
| 733 | sect571k1 733 | ||
| 734 | sect571r1 734 | ||
| 735 | wap_wsg_idm_ecid_wtls1 735 | ||
| 736 | wap_wsg_idm_ecid_wtls3 736 | ||
| 737 | wap_wsg_idm_ecid_wtls4 737 | ||
| 738 | wap_wsg_idm_ecid_wtls5 738 | ||
| 739 | wap_wsg_idm_ecid_wtls6 739 | ||
| 740 | wap_wsg_idm_ecid_wtls7 740 | ||
| 741 | wap_wsg_idm_ecid_wtls8 741 | ||
| 742 | wap_wsg_idm_ecid_wtls9 742 | ||
| 743 | wap_wsg_idm_ecid_wtls10 743 | ||
| 744 | wap_wsg_idm_ecid_wtls11 744 | ||
| 745 | wap_wsg_idm_ecid_wtls12 745 | ||
| 746 | any_policy 746 | ||
| 747 | policy_mappings 747 | ||
| 748 | inhibit_any_policy 748 | ||
| 749 | ipsec3 749 | ||
| 750 | ipsec4 750 | ||
| 751 | camellia_128_cbc 751 | ||
| 752 | camellia_192_cbc 752 | ||
| 753 | camellia_256_cbc 753 | ||
| 754 | camellia_128_ecb 754 | ||
| 755 | camellia_192_ecb 755 | ||
| 756 | camellia_256_ecb 756 | ||
| 757 | camellia_128_cfb128 757 | ||
| 758 | camellia_192_cfb128 758 | ||
| 759 | camellia_256_cfb128 759 | ||
| 760 | camellia_128_cfb1 760 | ||
| 761 | camellia_192_cfb1 761 | ||
| 762 | camellia_256_cfb1 762 | ||
| 763 | camellia_128_cfb8 763 | ||
| 764 | camellia_192_cfb8 764 | ||
| 765 | camellia_256_cfb8 765 | ||
| 766 | camellia_128_ofb128 766 | ||
| 767 | camellia_192_ofb128 767 | ||
| 768 | camellia_256_ofb128 768 | ||
| 769 | subject_directory_attributes 769 | ||
| 770 | issuing_distribution_point 770 | ||
| 771 | certificate_issuer 771 | ||
| 772 | korea 772 | ||
| 773 | kisa 773 | ||
| 774 | kftc 774 | ||
| 775 | npki_alg 775 | ||
| 776 | seed_ecb 776 | ||
| 777 | seed_cbc 777 | ||
| 778 | seed_ofb128 778 | ||
| 779 | seed_cfb128 779 | ||
| 780 | hmac_md5 780 | ||
| 781 | hmac_sha1 781 | ||
| 782 | id_PasswordBasedMAC 782 | ||
| 783 | id_DHBasedMac 783 | ||
| 784 | id_it_suppLangTags 784 | ||
| 785 | caRepository 785 | ||
| 786 | id_smime_ct_compressedData 786 | ||
| 787 | id_ct_asciiTextWithCRLF 787 | ||
| 788 | id_aes128_wrap 788 | ||
| 789 | id_aes192_wrap 789 | ||
| 790 | id_aes256_wrap 790 | ||
diff --git a/src/lib/libcrypto/objects/objects.h b/src/lib/libcrypto/objects/objects.h index f859d859b8..7242f76fb0 100644 --- a/src/lib/libcrypto/objects/objects.h +++ b/src/lib/libcrypto/objects/objects.h | |||
| @@ -966,7 +966,10 @@ | |||
| 966 | #define OBJ_NAME_TYPE_COMP_METH 0x04 | 966 | #define OBJ_NAME_TYPE_COMP_METH 0x04 |
| 967 | #define OBJ_NAME_TYPE_NUM 0x05 | 967 | #define OBJ_NAME_TYPE_NUM 0x05 |
| 968 | 968 | ||
| 969 | #define OBJ_NAME_ALIAS 0x8000 | 969 | #define OBJ_NAME_ALIAS 0x8000 |
| 970 | |||
| 971 | #define OBJ_BSEARCH_VALUE_ON_NOMATCH 0x01 | ||
| 972 | #define OBJ_BSEARCH_FIRST_VALUE_ON_MATCH 0x02 | ||
| 970 | 973 | ||
| 971 | 974 | ||
| 972 | #ifdef __cplusplus | 975 | #ifdef __cplusplus |
| @@ -1010,6 +1013,8 @@ int OBJ_sn2nid(const char *s); | |||
| 1010 | int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b); | 1013 | int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b); |
| 1011 | const char * OBJ_bsearch(const char *key,const char *base,int num,int size, | 1014 | const char * OBJ_bsearch(const char *key,const char *base,int num,int size, |
| 1012 | int (*cmp)(const void *, const void *)); | 1015 | int (*cmp)(const void *, const void *)); |
| 1016 | const char * OBJ_bsearch_ex(const char *key,const char *base,int num, | ||
| 1017 | int size, int (*cmp)(const void *, const void *), int flags); | ||
| 1013 | 1018 | ||
| 1014 | int OBJ_new_nid(int num); | 1019 | int OBJ_new_nid(int num); |
| 1015 | int OBJ_add_object(const ASN1_OBJECT *obj); | 1020 | int OBJ_add_object(const ASN1_OBJECT *obj); |
diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt index 2635c4e667..34c8d1d647 100644 --- a/src/lib/libcrypto/objects/objects.txt +++ b/src/lib/libcrypto/objects/objects.txt | |||
| @@ -1,12 +1,28 @@ | |||
| 1 | 0 : CCITT : ccitt | 1 | # CCITT was renamed to ITU-T quite some time ago |
| 2 | 0 : ITU-T : itu-t | ||
| 3 | !Alias ccitt itu-t | ||
| 2 | 4 | ||
| 3 | 1 : ISO : iso | 5 | 1 : ISO : iso |
| 4 | 6 | ||
| 5 | 2 : JOINT-ISO-CCITT : joint-iso-ccitt | 7 | 2 : JOINT-ISO-ITU-T : joint-iso-itu-t |
| 8 | !Alias joint-iso-ccitt joint-iso-itu-t | ||
| 6 | 9 | ||
| 7 | iso 2 : member-body : ISO Member Body | 10 | iso 2 : member-body : ISO Member Body |
| 8 | 11 | ||
| 9 | joint-iso-ccitt 5 1 5 : selected-attribute-types : Selected Attribute Types | 12 | iso 3 : identified-organization |
| 13 | |||
| 14 | # HMAC OIDs | ||
| 15 | identified-organization 6 1 5 5 8 1 1 : HMAC-MD5 : hmac-md5 | ||
| 16 | identified-organization 6 1 5 5 8 1 2 : HMAC-SHA1 : hmac-sha1 | ||
| 17 | |||
| 18 | identified-organization 132 : certicom-arc | ||
| 19 | |||
| 20 | joint-iso-itu-t 23 : international-organizations : International Organizations | ||
| 21 | |||
| 22 | international-organizations 43 : wap | ||
| 23 | wap 13 : wap-wsg | ||
| 24 | |||
| 25 | joint-iso-itu-t 5 1 5 : selected-attribute-types : Selected Attribute Types | ||
| 10 | 26 | ||
| 11 | selected-attribute-types 55 : clearance | 27 | selected-attribute-types 55 : clearance |
| 12 | 28 | ||
| @@ -24,12 +40,34 @@ ISO-US 10045 : ansi-X9-62 : ANSI X9.62 | |||
| 24 | !Alias id-fieldType ansi-X9-62 1 | 40 | !Alias id-fieldType ansi-X9-62 1 |
| 25 | X9-62_id-fieldType 1 : prime-field | 41 | X9-62_id-fieldType 1 : prime-field |
| 26 | X9-62_id-fieldType 2 : characteristic-two-field | 42 | X9-62_id-fieldType 2 : characteristic-two-field |
| 27 | # ... characteristic-two-field OID subtree | 43 | X9-62_characteristic-two-field 3 : id-characteristic-two-basis |
| 44 | X9-62_id-characteristic-two-basis 1 : onBasis | ||
| 45 | X9-62_id-characteristic-two-basis 2 : tpBasis | ||
| 46 | X9-62_id-characteristic-two-basis 3 : ppBasis | ||
| 28 | !Alias id-publicKeyType ansi-X9-62 2 | 47 | !Alias id-publicKeyType ansi-X9-62 2 |
| 29 | X9-62_id-publicKeyType 1 : id-ecPublicKey | 48 | X9-62_id-publicKeyType 1 : id-ecPublicKey |
| 30 | !Alias ellipticCurve ansi-X9-62 3 | 49 | !Alias ellipticCurve ansi-X9-62 3 |
| 31 | !Alias c-TwoCurve X9-62_ellipticCurve 0 | 50 | !Alias c-TwoCurve X9-62_ellipticCurve 0 |
| 32 | # ... characteristic 2 curve OIDs | 51 | X9-62_c-TwoCurve 1 : c2pnb163v1 |
| 52 | X9-62_c-TwoCurve 2 : c2pnb163v2 | ||
| 53 | X9-62_c-TwoCurve 3 : c2pnb163v3 | ||
| 54 | X9-62_c-TwoCurve 4 : c2pnb176v1 | ||
| 55 | X9-62_c-TwoCurve 5 : c2tnb191v1 | ||
| 56 | X9-62_c-TwoCurve 6 : c2tnb191v2 | ||
| 57 | X9-62_c-TwoCurve 7 : c2tnb191v3 | ||
| 58 | X9-62_c-TwoCurve 8 : c2onb191v4 | ||
| 59 | X9-62_c-TwoCurve 9 : c2onb191v5 | ||
| 60 | X9-62_c-TwoCurve 10 : c2pnb208w1 | ||
| 61 | X9-62_c-TwoCurve 11 : c2tnb239v1 | ||
| 62 | X9-62_c-TwoCurve 12 : c2tnb239v2 | ||
| 63 | X9-62_c-TwoCurve 13 : c2tnb239v3 | ||
| 64 | X9-62_c-TwoCurve 14 : c2onb239v4 | ||
| 65 | X9-62_c-TwoCurve 15 : c2onb239v5 | ||
| 66 | X9-62_c-TwoCurve 16 : c2pnb272w1 | ||
| 67 | X9-62_c-TwoCurve 17 : c2pnb304w1 | ||
| 68 | X9-62_c-TwoCurve 18 : c2tnb359v1 | ||
| 69 | X9-62_c-TwoCurve 19 : c2pnb368w1 | ||
| 70 | X9-62_c-TwoCurve 20 : c2tnb431r1 | ||
| 33 | !Alias primeCurve X9-62_ellipticCurve 1 | 71 | !Alias primeCurve X9-62_ellipticCurve 1 |
| 34 | X9-62_primeCurve 1 : prime192v1 | 72 | X9-62_primeCurve 1 : prime192v1 |
| 35 | X9-62_primeCurve 2 : prime192v2 | 73 | X9-62_primeCurve 2 : prime192v2 |
| @@ -42,6 +80,60 @@ X9-62_primeCurve 7 : prime256v1 | |||
| 42 | !global | 80 | !global |
| 43 | X9-62_id-ecSigType 1 : ecdsa-with-SHA1 | 81 | X9-62_id-ecSigType 1 : ecdsa-with-SHA1 |
| 44 | 82 | ||
| 83 | # SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters" | ||
| 84 | # (http://www.secg.org/) | ||
| 85 | !Alias secg_ellipticCurve certicom-arc 0 | ||
| 86 | # SECG prime curves OIDs | ||
| 87 | secg-ellipticCurve 6 : secp112r1 | ||
| 88 | secg-ellipticCurve 7 : secp112r2 | ||
| 89 | secg-ellipticCurve 28 : secp128r1 | ||
| 90 | secg-ellipticCurve 29 : secp128r2 | ||
| 91 | secg-ellipticCurve 9 : secp160k1 | ||
| 92 | secg-ellipticCurve 8 : secp160r1 | ||
| 93 | secg-ellipticCurve 30 : secp160r2 | ||
| 94 | secg-ellipticCurve 31 : secp192k1 | ||
| 95 | # NOTE: the curve secp192r1 is the same as prime192v1 defined above | ||
| 96 | # and is therefore omitted | ||
| 97 | secg-ellipticCurve 32 : secp224k1 | ||
| 98 | secg-ellipticCurve 33 : secp224r1 | ||
| 99 | secg-ellipticCurve 10 : secp256k1 | ||
| 100 | # NOTE: the curve secp256r1 is the same as prime256v1 defined above | ||
| 101 | # and is therefore omitted | ||
| 102 | secg-ellipticCurve 34 : secp384r1 | ||
| 103 | secg-ellipticCurve 35 : secp521r1 | ||
| 104 | # SECG characteristic two curves OIDs | ||
| 105 | secg-ellipticCurve 4 : sect113r1 | ||
| 106 | secg-ellipticCurve 5 : sect113r2 | ||
| 107 | secg-ellipticCurve 22 : sect131r1 | ||
| 108 | secg-ellipticCurve 23 : sect131r2 | ||
| 109 | secg-ellipticCurve 1 : sect163k1 | ||
| 110 | secg-ellipticCurve 2 : sect163r1 | ||
| 111 | secg-ellipticCurve 15 : sect163r2 | ||
| 112 | secg-ellipticCurve 24 : sect193r1 | ||
| 113 | secg-ellipticCurve 25 : sect193r2 | ||
| 114 | secg-ellipticCurve 26 : sect233k1 | ||
| 115 | secg-ellipticCurve 27 : sect233r1 | ||
| 116 | secg-ellipticCurve 3 : sect239k1 | ||
| 117 | secg-ellipticCurve 16 : sect283k1 | ||
| 118 | secg-ellipticCurve 17 : sect283r1 | ||
| 119 | secg-ellipticCurve 36 : sect409k1 | ||
| 120 | secg-ellipticCurve 37 : sect409r1 | ||
| 121 | secg-ellipticCurve 38 : sect571k1 | ||
| 122 | secg-ellipticCurve 39 : sect571r1 | ||
| 123 | |||
| 124 | # WAP/TLS curve OIDs (http://www.wapforum.org/) | ||
| 125 | !Alias wap-wsg-idm-ecid wap-wsg 4 | ||
| 126 | wap-wsg-idm-ecid 1 : wap-wsg-idm-ecid-wtls1 | ||
| 127 | wap-wsg-idm-ecid 3 : wap-wsg-idm-ecid-wtls3 | ||
| 128 | wap-wsg-idm-ecid 4 : wap-wsg-idm-ecid-wtls4 | ||
| 129 | wap-wsg-idm-ecid 5 : wap-wsg-idm-ecid-wtls5 | ||
| 130 | wap-wsg-idm-ecid 6 : wap-wsg-idm-ecid-wtls6 | ||
| 131 | wap-wsg-idm-ecid 7 : wap-wsg-idm-ecid-wtls7 | ||
| 132 | wap-wsg-idm-ecid 8 : wap-wsg-idm-ecid-wtls8 | ||
| 133 | wap-wsg-idm-ecid 9 : wap-wsg-idm-ecid-wtls9 | ||
| 134 | wap-wsg-idm-ecid 10 : wap-wsg-idm-ecid-wtls10 | ||
| 135 | wap-wsg-idm-ecid 11 : wap-wsg-idm-ecid-wtls11 | ||
| 136 | wap-wsg-idm-ecid 12 : wap-wsg-idm-ecid-wtls12 | ||
| 45 | 137 | ||
| 46 | 138 | ||
| 47 | ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc | 139 | ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc |
| @@ -53,6 +145,10 @@ ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc | |||
| 53 | !Cname pbeWithMD5AndCast5-CBC | 145 | !Cname pbeWithMD5AndCast5-CBC |
| 54 | ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC | 146 | ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC |
| 55 | 147 | ||
| 148 | # Macs for CMP and CRMF | ||
| 149 | ISO-US 113533 7 66 13 : id-PasswordBasedMAC : password based MAC | ||
| 150 | ISO-US 113533 7 66 30 : id-DHBasedMac : Diffie-Hellman based MAC | ||
| 151 | |||
| 56 | ISO-US 113549 : rsadsi : RSA Data Security, Inc. | 152 | ISO-US 113549 : rsadsi : RSA Data Security, Inc. |
| 57 | 153 | ||
| 58 | rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS | 154 | rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS |
| @@ -149,6 +245,8 @@ id-smime-ct 5 : id-smime-ct-TDTInfo | |||
| 149 | id-smime-ct 6 : id-smime-ct-contentInfo | 245 | id-smime-ct 6 : id-smime-ct-contentInfo |
| 150 | id-smime-ct 7 : id-smime-ct-DVCSRequestData | 246 | id-smime-ct 7 : id-smime-ct-DVCSRequestData |
| 151 | id-smime-ct 8 : id-smime-ct-DVCSResponseData | 247 | id-smime-ct 8 : id-smime-ct-DVCSResponseData |
| 248 | id-smime-ct 9 : id-smime-ct-compressedData | ||
| 249 | id-smime-ct 27 : id-ct-asciiTextWithCRLF | ||
| 152 | 250 | ||
| 153 | # S/MIME Attributes | 251 | # S/MIME Attributes |
| 154 | id-smime-aa 1 : id-smime-aa-receiptRequest | 252 | id-smime-aa 1 : id-smime-aa-receiptRequest |
| @@ -396,6 +494,7 @@ id-it 12 : id-it-revPassphrase | |||
| 396 | id-it 13 : id-it-implicitConfirm | 494 | id-it 13 : id-it-implicitConfirm |
| 397 | id-it 14 : id-it-confirmWaitTime | 495 | id-it 14 : id-it-confirmWaitTime |
| 398 | id-it 15 : id-it-origPKIMessage | 496 | id-it 15 : id-it-origPKIMessage |
| 497 | id-it 16 : id-it-suppLangTags | ||
| 399 | 498 | ||
| 400 | # CRMF registration | 499 | # CRMF registration |
| 401 | id-pkip 1 : id-regCtrl | 500 | id-pkip 1 : id-regCtrl |
| @@ -482,6 +581,7 @@ id-ad 2 : caIssuers : CA Issuers | |||
| 482 | id-ad 3 : ad_timestamping : AD Time Stamping | 581 | id-ad 3 : ad_timestamping : AD Time Stamping |
| 483 | !Cname ad-dvcs | 582 | !Cname ad-dvcs |
| 484 | id-ad 4 : AD_DVCS : ad dvcs | 583 | id-ad 4 : AD_DVCS : ad dvcs |
| 584 | id-ad 5 : caRepository : CA Repository | ||
| 485 | 585 | ||
| 486 | 586 | ||
| 487 | !Alias id-pkix-OCSP ad-OCSP | 587 | !Alias id-pkix-OCSP ad-OCSP |
| @@ -569,6 +669,8 @@ X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA | |||
| 569 | X500algorithms 3 101 : MDC2 : mdc2 | 669 | X500algorithms 3 101 : MDC2 : mdc2 |
| 570 | 670 | ||
| 571 | X500 29 : id-ce | 671 | X500 29 : id-ce |
| 672 | !Cname subject-directory-attributes | ||
| 673 | id-ce 9 : subjectDirectoryAttributes : X509v3 Subject Directory Attributes | ||
| 572 | !Cname subject-key-identifier | 674 | !Cname subject-key-identifier |
| 573 | id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier | 675 | id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier |
| 574 | !Cname key-usage | 676 | !Cname key-usage |
| @@ -589,18 +691,28 @@ id-ce 21 : CRLReason : X509v3 CRL Reason Code | |||
| 589 | id-ce 24 : invalidityDate : Invalidity Date | 691 | id-ce 24 : invalidityDate : Invalidity Date |
| 590 | !Cname delta-crl | 692 | !Cname delta-crl |
| 591 | id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator | 693 | id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator |
| 694 | !Cname issuing-distribution-point | ||
| 695 | id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distrubution Point | ||
| 696 | !Cname certificate-issuer | ||
| 697 | id-ce 29 : certificateIssuer : X509v3 Certificate Issuer | ||
| 592 | !Cname name-constraints | 698 | !Cname name-constraints |
| 593 | id-ce 30 : nameConstraints : X509v3 Name Constraints | 699 | id-ce 30 : nameConstraints : X509v3 Name Constraints |
| 594 | !Cname crl-distribution-points | 700 | !Cname crl-distribution-points |
| 595 | id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points | 701 | id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points |
| 596 | !Cname certificate-policies | 702 | !Cname certificate-policies |
| 597 | id-ce 32 : certificatePolicies : X509v3 Certificate Policies | 703 | id-ce 32 : certificatePolicies : X509v3 Certificate Policies |
| 704 | !Cname any-policy | ||
| 705 | certificate-policies 0 : anyPolicy : X509v3 Any Policy | ||
| 706 | !Cname policy-mappings | ||
| 707 | id-ce 33 : policyMappings : X509v3 Policy Mappings | ||
| 598 | !Cname authority-key-identifier | 708 | !Cname authority-key-identifier |
| 599 | id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier | 709 | id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier |
| 600 | !Cname policy-constraints | 710 | !Cname policy-constraints |
| 601 | id-ce 36 : policyConstraints : X509v3 Policy Constraints | 711 | id-ce 36 : policyConstraints : X509v3 Policy Constraints |
| 602 | !Cname ext-key-usage | 712 | !Cname ext-key-usage |
| 603 | id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage | 713 | id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage |
| 714 | !Cname inhibit-any-policy | ||
| 715 | id-ce 54 : inhibitAnyPolicy : X509v3 Inhibit Any Policy | ||
| 604 | !Cname target-information | 716 | !Cname target-information |
| 605 | id-ce 55 : targetInformation : X509v3 AC Targeting | 717 | id-ce 55 : targetInformation : X509v3 AC Targeting |
| 606 | !Cname no-rev-avail | 718 | !Cname no-rev-avail |
| @@ -668,7 +780,7 @@ mime-mhs-headings 2 : id-hex-multipart-message : id-hex-multipart-message | |||
| 668 | !Cname rle-compression | 780 | !Cname rle-compression |
| 669 | 1 1 1 1 666 1 : RLE : run length compression | 781 | 1 1 1 1 666 1 : RLE : run length compression |
| 670 | !Cname zlib-compression | 782 | !Cname zlib-compression |
| 671 | 1 1 1 1 666 2 : ZLIB : zlib compression | 783 | id-smime-alg 8 : ZLIB : zlib compression |
| 672 | 784 | ||
| 673 | # AES aka Rijndael | 785 | # AES aka Rijndael |
| 674 | 786 | ||
| @@ -710,6 +822,10 @@ aes 44 : AES-256-CFB : aes-256-cfb | |||
| 710 | : DES-EDE3-CFB1 : des-ede3-cfb1 | 822 | : DES-EDE3-CFB1 : des-ede3-cfb1 |
| 711 | : DES-EDE3-CFB8 : des-ede3-cfb8 | 823 | : DES-EDE3-CFB8 : des-ede3-cfb8 |
| 712 | 824 | ||
| 825 | aes 5 : id-aes128-wrap | ||
| 826 | aes 25 : id-aes192-wrap | ||
| 827 | aes 45 : id-aes256-wrap | ||
| 828 | |||
| 713 | # OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84. | 829 | # OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84. |
| 714 | !Alias nist_hashalgs nistAlgorithms 2 | 830 | !Alias nist_hashalgs nistAlgorithms 2 |
| 715 | nist_hashalgs 1 : SHA256 : sha256 | 831 | nist_hashalgs 1 : SHA256 : sha256 |
| @@ -728,9 +844,9 @@ holdInstruction 2 : holdInstructionCallIssuer : Hold Instruction Call Issuer | |||
| 728 | !Cname hold-instruction-reject | 844 | !Cname hold-instruction-reject |
| 729 | holdInstruction 3 : holdInstructionReject : Hold Instruction Reject | 845 | holdInstruction 3 : holdInstructionReject : Hold Instruction Reject |
| 730 | 846 | ||
| 731 | # OID's from CCITT. Most of this is defined in RFC 1274. A couple of | 847 | # OID's from ITU-T. Most of this is defined in RFC 1274. A couple of |
| 732 | # them are also mentioned in RFC 2247 | 848 | # them are also mentioned in RFC 2247 |
| 733 | ccitt 9 : data | 849 | itu-t 9 : data |
| 734 | data 2342 : pss | 850 | data 2342 : pss |
| 735 | pss 19200300 : ucl | 851 | pss 19200300 : ucl |
| 736 | ucl 100 : pilot | 852 | ucl 100 : pilot |
| @@ -804,7 +920,7 @@ pilotAttributeType 54 : : dITRedirect | |||
| 804 | pilotAttributeType 55 : audio | 920 | pilotAttributeType 55 : audio |
| 805 | pilotAttributeType 56 : : documentPublisher | 921 | pilotAttributeType 56 : : documentPublisher |
| 806 | 922 | ||
| 807 | 2 23 42 : id-set : Secure Electronic Transactions | 923 | international-organizations 42 : id-set : Secure Electronic Transactions |
| 808 | 924 | ||
| 809 | id-set 0 : set-ctype : content types | 925 | id-set 0 : set-ctype : content types |
| 810 | id-set 1 : set-msgExt : message extensions | 926 | id-set 1 : set-msgExt : message extensions |
| @@ -950,3 +1066,54 @@ set-brand 6011 : set-brand-Novus | |||
| 950 | 1066 | ||
| 951 | rsadsi 3 10 : DES-CDMF : des-cdmf | 1067 | rsadsi 3 10 : DES-CDMF : des-cdmf |
| 952 | rsadsi 1 1 6 : rsaOAEPEncryptionSET | 1068 | rsadsi 1 1 6 : rsaOAEPEncryptionSET |
| 1069 | |||
| 1070 | : Oakley-EC2N-3 : ipsec3 | ||
| 1071 | : Oakley-EC2N-4 : ipsec4 | ||
| 1072 | |||
| 1073 | |||
| 1074 | # Definitions for Camellia cipher - CBC MODE | ||
| 1075 | 1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc | ||
| 1076 | 1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC : camellia-192-cbc | ||
| 1077 | 1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC : camellia-256-cbc | ||
| 1078 | |||
| 1079 | # Definitions for Camellia cipher - ECB, CFB, OFB MODE | ||
| 1080 | !Alias ntt-ds 0 3 4401 5 | ||
| 1081 | !Alias camellia ntt-ds 3 1 9 | ||
| 1082 | |||
| 1083 | camellia 1 : CAMELLIA-128-ECB : camellia-128-ecb | ||
| 1084 | !Cname camellia-128-ofb128 | ||
| 1085 | camellia 3 : CAMELLIA-128-OFB : camellia-128-ofb | ||
| 1086 | !Cname camellia-128-cfb128 | ||
| 1087 | camellia 4 : CAMELLIA-128-CFB : camellia-128-cfb | ||
| 1088 | |||
| 1089 | camellia 21 : CAMELLIA-192-ECB : camellia-192-ecb | ||
| 1090 | !Cname camellia-192-ofb128 | ||
| 1091 | camellia 23 : CAMELLIA-192-OFB : camellia-192-ofb | ||
| 1092 | !Cname camellia-192-cfb128 | ||
| 1093 | camellia 24 : CAMELLIA-192-CFB : camellia-192-cfb | ||
| 1094 | |||
| 1095 | camellia 41 : CAMELLIA-256-ECB : camellia-256-ecb | ||
| 1096 | !Cname camellia-256-ofb128 | ||
| 1097 | camellia 43 : CAMELLIA-256-OFB : camellia-256-ofb | ||
| 1098 | !Cname camellia-256-cfb128 | ||
| 1099 | camellia 44 : CAMELLIA-256-CFB : camellia-256-cfb | ||
| 1100 | |||
| 1101 | # There are no OIDs for these modes... | ||
| 1102 | |||
| 1103 | : CAMELLIA-128-CFB1 : camellia-128-cfb1 | ||
| 1104 | : CAMELLIA-192-CFB1 : camellia-192-cfb1 | ||
| 1105 | : CAMELLIA-256-CFB1 : camellia-256-cfb1 | ||
| 1106 | : CAMELLIA-128-CFB8 : camellia-128-cfb8 | ||
| 1107 | : CAMELLIA-192-CFB8 : camellia-192-cfb8 | ||
| 1108 | : CAMELLIA-256-CFB8 : camellia-256-cfb8 | ||
| 1109 | |||
| 1110 | |||
| 1111 | # Definitions for SEED cipher - ECB, CBC, OFB mode | ||
| 1112 | |||
| 1113 | member-body 410 200004 : KISA : kisa | ||
| 1114 | kisa 1 3 : SEED-ECB : seed-ecb | ||
| 1115 | kisa 1 4 : SEED-CBC : seed-cbc | ||
| 1116 | !Cname seed-cfb128 | ||
| 1117 | kisa 1 5 : SEED-CFB : seed-cfb | ||
| 1118 | !Cname seed-ofb128 | ||
| 1119 | kisa 1 6 : SEED-OFB : seed-ofb | ||
diff --git a/src/lib/libcrypto/ocsp/ocsp.h b/src/lib/libcrypto/ocsp/ocsp.h index fab3c03182..a0577a717e 100644 --- a/src/lib/libcrypto/ocsp/ocsp.h +++ b/src/lib/libcrypto/ocsp/ocsp.h | |||
| @@ -186,11 +186,11 @@ typedef struct ocsp_resp_bytes_st | |||
| 186 | * responseStatus OCSPResponseStatus, | 186 | * responseStatus OCSPResponseStatus, |
| 187 | * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL } | 187 | * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL } |
| 188 | */ | 188 | */ |
| 189 | typedef struct ocsp_response_st | 189 | struct ocsp_response_st |
| 190 | { | 190 | { |
| 191 | ASN1_ENUMERATED *responseStatus; | 191 | ASN1_ENUMERATED *responseStatus; |
| 192 | OCSP_RESPBYTES *responseBytes; | 192 | OCSP_RESPBYTES *responseBytes; |
| 193 | } OCSP_RESPONSE; | 193 | }; |
| 194 | 194 | ||
| 195 | /* ResponderID ::= CHOICE { | 195 | /* ResponderID ::= CHOICE { |
| 196 | * byName [1] Name, | 196 | * byName [1] Name, |
| @@ -198,14 +198,18 @@ typedef struct ocsp_response_st | |||
| 198 | */ | 198 | */ |
| 199 | #define V_OCSP_RESPID_NAME 0 | 199 | #define V_OCSP_RESPID_NAME 0 |
| 200 | #define V_OCSP_RESPID_KEY 1 | 200 | #define V_OCSP_RESPID_KEY 1 |
| 201 | typedef struct ocsp_responder_id_st | 201 | struct ocsp_responder_id_st |
| 202 | { | 202 | { |
| 203 | int type; | 203 | int type; |
| 204 | union { | 204 | union { |
| 205 | X509_NAME* byName; | 205 | X509_NAME* byName; |
| 206 | ASN1_OCTET_STRING *byKey; | 206 | ASN1_OCTET_STRING *byKey; |
| 207 | } value; | 207 | } value; |
| 208 | } OCSP_RESPID; | 208 | }; |
| 209 | |||
| 210 | DECLARE_STACK_OF(OCSP_RESPID) | ||
| 211 | DECLARE_ASN1_FUNCTIONS(OCSP_RESPID) | ||
| 212 | |||
| 209 | /* KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key | 213 | /* KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key |
| 210 | * --(excluding the tag and length fields) | 214 | * --(excluding the tag and length fields) |
| 211 | */ | 215 | */ |
| @@ -349,13 +353,9 @@ typedef struct ocsp_service_locator_st | |||
| 349 | #define PEM_STRING_OCSP_REQUEST "OCSP REQUEST" | 353 | #define PEM_STRING_OCSP_REQUEST "OCSP REQUEST" |
| 350 | #define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE" | 354 | #define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE" |
| 351 | 355 | ||
| 352 | #define d2i_OCSP_REQUEST_bio(bp,p) (OCSP_REQUEST*)ASN1_d2i_bio((char*(*)()) \ | 356 | #define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p) |
| 353 | OCSP_REQUEST_new,(char *(*)())d2i_OCSP_REQUEST, (bp),\ | ||
| 354 | (unsigned char **)(p)) | ||
| 355 | 357 | ||
| 356 | #define d2i_OCSP_RESPONSE_bio(bp,p) (OCSP_RESPONSE*)ASN1_d2i_bio((char*(*)())\ | 358 | #define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p) |
| 357 | OCSP_REQUEST_new,(char *(*)())d2i_OCSP_RESPONSE, (bp),\ | ||
| 358 | (unsigned char **)(p)) | ||
| 359 | 359 | ||
| 360 | #define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \ | 360 | #define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \ |
| 361 | (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL) | 361 | (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL) |
| @@ -371,11 +371,9 @@ typedef struct ocsp_service_locator_st | |||
| 371 | PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\ | 371 | PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\ |
| 372 | bp,(char *)o, NULL,NULL,0,NULL,NULL) | 372 | bp,(char *)o, NULL,NULL,0,NULL,NULL) |
| 373 | 373 | ||
| 374 | #define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio(i2d_OCSP_RESPONSE,bp,\ | 374 | #define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o) |
| 375 | (unsigned char *)o) | ||
| 376 | 375 | ||
| 377 | #define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio(i2d_OCSP_REQUEST,bp,\ | 376 | #define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o) |
| 378 | (unsigned char *)o) | ||
| 379 | 377 | ||
| 380 | #define OCSP_REQUEST_sign(o,pkey,md) \ | 378 | #define OCSP_REQUEST_sign(o,pkey,md) \ |
| 381 | ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\ | 379 | ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\ |
| @@ -396,14 +394,17 @@ typedef struct ocsp_service_locator_st | |||
| 396 | #define ASN1_BIT_STRING_digest(data,type,md,len) \ | 394 | #define ASN1_BIT_STRING_digest(data,type,md,len) \ |
| 397 | ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len) | 395 | ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len) |
| 398 | 396 | ||
| 399 | #define OCSP_CERTID_dup(cid) (OCSP_CERTID*)ASN1_dup((int(*)())i2d_OCSP_CERTID,\ | 397 | #define OCSP_CERTID_dup(cid) ASN1_dup_of(OCSP_CERTID,i2d_OCSP_CERTID,d2i_OCSP_CERTID,cid) |
| 400 | (char *(*)())d2i_OCSP_CERTID,(char *)(cid)) | ||
| 401 | 398 | ||
| 402 | #define OCSP_CERTSTATUS_dup(cs)\ | 399 | #define OCSP_CERTSTATUS_dup(cs)\ |
| 403 | (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\ | 400 | (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\ |
| 404 | (char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs)) | 401 | (char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs)) |
| 405 | 402 | ||
| 406 | OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req); | 403 | OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req); |
| 404 | OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, | ||
| 405 | int maxline); | ||
| 406 | int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx); | ||
| 407 | void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx); | ||
| 407 | 408 | ||
| 408 | OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer); | 409 | OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer); |
| 409 | 410 | ||
| @@ -473,8 +474,10 @@ int OCSP_basic_sign(OCSP_BASICRESP *brsp, | |||
| 473 | X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, | 474 | X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, |
| 474 | STACK_OF(X509) *certs, unsigned long flags); | 475 | STACK_OF(X509) *certs, unsigned long flags); |
| 475 | 476 | ||
| 476 | ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, int (*i2d)(), | 477 | ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, |
| 477 | char *data, STACK_OF(ASN1_OBJECT) *sk); | 478 | void *data, STACK_OF(ASN1_OBJECT) *sk); |
| 479 | #define ASN1_STRING_encode_of(type,s,i2d,data,sk) \ | ||
| 480 | ASN1_STRING_encode(s, CHECKED_I2D_OF(type, i2d), data, sk) | ||
| 478 | 481 | ||
| 479 | X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim); | 482 | X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim); |
| 480 | 483 | ||
| @@ -564,11 +567,11 @@ void ERR_load_OCSP_strings(void); | |||
| 564 | 567 | ||
| 565 | /* Function codes. */ | 568 | /* Function codes. */ |
| 566 | #define OCSP_F_ASN1_STRING_ENCODE 100 | 569 | #define OCSP_F_ASN1_STRING_ENCODE 100 |
| 567 | #define OCSP_F_CERT_ID_NEW 101 | ||
| 568 | #define OCSP_F_D2I_OCSP_NONCE 102 | 570 | #define OCSP_F_D2I_OCSP_NONCE 102 |
| 569 | #define OCSP_F_OCSP_BASIC_ADD1_STATUS 103 | 571 | #define OCSP_F_OCSP_BASIC_ADD1_STATUS 103 |
| 570 | #define OCSP_F_OCSP_BASIC_SIGN 104 | 572 | #define OCSP_F_OCSP_BASIC_SIGN 104 |
| 571 | #define OCSP_F_OCSP_BASIC_VERIFY 105 | 573 | #define OCSP_F_OCSP_BASIC_VERIFY 105 |
| 574 | #define OCSP_F_OCSP_CERT_ID_NEW 101 | ||
| 572 | #define OCSP_F_OCSP_CHECK_DELEGATED 106 | 575 | #define OCSP_F_OCSP_CHECK_DELEGATED 106 |
| 573 | #define OCSP_F_OCSP_CHECK_IDS 107 | 576 | #define OCSP_F_OCSP_CHECK_IDS 107 |
| 574 | #define OCSP_F_OCSP_CHECK_ISSUER 108 | 577 | #define OCSP_F_OCSP_CHECK_ISSUER 108 |
| @@ -579,6 +582,7 @@ void ERR_load_OCSP_strings(void); | |||
| 579 | #define OCSP_F_OCSP_REQUEST_VERIFY 116 | 582 | #define OCSP_F_OCSP_REQUEST_VERIFY 116 |
| 580 | #define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111 | 583 | #define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111 |
| 581 | #define OCSP_F_OCSP_SENDREQ_BIO 112 | 584 | #define OCSP_F_OCSP_SENDREQ_BIO 112 |
| 585 | #define OCSP_F_PARSE_HTTP_LINE1 117 | ||
| 582 | #define OCSP_F_REQUEST_VERIFY 113 | 586 | #define OCSP_F_REQUEST_VERIFY 113 |
| 583 | 587 | ||
| 584 | /* Reason codes. */ | 588 | /* Reason codes. */ |
diff --git a/src/lib/libcrypto/ocsp/ocsp_asn.c b/src/lib/libcrypto/ocsp/ocsp_asn.c index 6a3a360d54..39b7a1c568 100644 --- a/src/lib/libcrypto/ocsp/ocsp_asn.c +++ b/src/lib/libcrypto/ocsp/ocsp_asn.c | |||
| @@ -62,7 +62,7 @@ | |||
| 62 | ASN1_SEQUENCE(OCSP_SIGNATURE) = { | 62 | ASN1_SEQUENCE(OCSP_SIGNATURE) = { |
| 63 | ASN1_SIMPLE(OCSP_SIGNATURE, signatureAlgorithm, X509_ALGOR), | 63 | ASN1_SIMPLE(OCSP_SIGNATURE, signatureAlgorithm, X509_ALGOR), |
| 64 | ASN1_SIMPLE(OCSP_SIGNATURE, signature, ASN1_BIT_STRING), | 64 | ASN1_SIMPLE(OCSP_SIGNATURE, signature, ASN1_BIT_STRING), |
| 65 | ASN1_EXP_SEQUENCE_OF(OCSP_SIGNATURE, certs, X509, 0) | 65 | ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SIGNATURE, certs, X509, 0) |
| 66 | } ASN1_SEQUENCE_END(OCSP_SIGNATURE) | 66 | } ASN1_SEQUENCE_END(OCSP_SIGNATURE) |
| 67 | 67 | ||
| 68 | IMPLEMENT_ASN1_FUNCTIONS(OCSP_SIGNATURE) | 68 | IMPLEMENT_ASN1_FUNCTIONS(OCSP_SIGNATURE) |
diff --git a/src/lib/libcrypto/ocsp/ocsp_cl.c b/src/lib/libcrypto/ocsp/ocsp_cl.c index 9b3e6dd8ca..17bab5fc59 100644 --- a/src/lib/libcrypto/ocsp/ocsp_cl.c +++ b/src/lib/libcrypto/ocsp/ocsp_cl.c | |||
| @@ -101,6 +101,8 @@ int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm) | |||
| 101 | { | 101 | { |
| 102 | GENERAL_NAME *gen; | 102 | GENERAL_NAME *gen; |
| 103 | gen = GENERAL_NAME_new(); | 103 | gen = GENERAL_NAME_new(); |
| 104 | if (gen == NULL) | ||
| 105 | return 0; | ||
| 104 | if (!X509_NAME_set(&gen->d.directoryName, nm)) | 106 | if (!X509_NAME_set(&gen->d.directoryName, nm)) |
| 105 | { | 107 | { |
| 106 | GENERAL_NAME_free(gen); | 108 | GENERAL_NAME_free(gen); |
diff --git a/src/lib/libcrypto/ocsp/ocsp_err.c b/src/lib/libcrypto/ocsp/ocsp_err.c index 65e6093fbc..d2f2e79f44 100644 --- a/src/lib/libcrypto/ocsp/ocsp_err.c +++ b/src/lib/libcrypto/ocsp/ocsp_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/ocsp/ocsp_err.c */ | 1 | /* crypto/ocsp/ocsp_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -71,11 +71,11 @@ | |||
| 71 | static ERR_STRING_DATA OCSP_str_functs[]= | 71 | static ERR_STRING_DATA OCSP_str_functs[]= |
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(OCSP_F_ASN1_STRING_ENCODE), "ASN1_STRING_encode"}, | 73 | {ERR_FUNC(OCSP_F_ASN1_STRING_ENCODE), "ASN1_STRING_encode"}, |
| 74 | {ERR_FUNC(OCSP_F_CERT_ID_NEW), "CERT_ID_NEW"}, | ||
| 75 | {ERR_FUNC(OCSP_F_D2I_OCSP_NONCE), "D2I_OCSP_NONCE"}, | 74 | {ERR_FUNC(OCSP_F_D2I_OCSP_NONCE), "D2I_OCSP_NONCE"}, |
| 76 | {ERR_FUNC(OCSP_F_OCSP_BASIC_ADD1_STATUS), "OCSP_basic_add1_status"}, | 75 | {ERR_FUNC(OCSP_F_OCSP_BASIC_ADD1_STATUS), "OCSP_basic_add1_status"}, |
| 77 | {ERR_FUNC(OCSP_F_OCSP_BASIC_SIGN), "OCSP_basic_sign"}, | 76 | {ERR_FUNC(OCSP_F_OCSP_BASIC_SIGN), "OCSP_basic_sign"}, |
| 78 | {ERR_FUNC(OCSP_F_OCSP_BASIC_VERIFY), "OCSP_basic_verify"}, | 77 | {ERR_FUNC(OCSP_F_OCSP_BASIC_VERIFY), "OCSP_basic_verify"}, |
| 78 | {ERR_FUNC(OCSP_F_OCSP_CERT_ID_NEW), "OCSP_cert_id_new"}, | ||
| 79 | {ERR_FUNC(OCSP_F_OCSP_CHECK_DELEGATED), "OCSP_CHECK_DELEGATED"}, | 79 | {ERR_FUNC(OCSP_F_OCSP_CHECK_DELEGATED), "OCSP_CHECK_DELEGATED"}, |
| 80 | {ERR_FUNC(OCSP_F_OCSP_CHECK_IDS), "OCSP_CHECK_IDS"}, | 80 | {ERR_FUNC(OCSP_F_OCSP_CHECK_IDS), "OCSP_CHECK_IDS"}, |
| 81 | {ERR_FUNC(OCSP_F_OCSP_CHECK_ISSUER), "OCSP_CHECK_ISSUER"}, | 81 | {ERR_FUNC(OCSP_F_OCSP_CHECK_ISSUER), "OCSP_CHECK_ISSUER"}, |
| @@ -86,6 +86,7 @@ static ERR_STRING_DATA OCSP_str_functs[]= | |||
| 86 | {ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY), "OCSP_request_verify"}, | 86 | {ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY), "OCSP_request_verify"}, |
| 87 | {ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC), "OCSP_response_get1_basic"}, | 87 | {ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC), "OCSP_response_get1_basic"}, |
| 88 | {ERR_FUNC(OCSP_F_OCSP_SENDREQ_BIO), "OCSP_sendreq_bio"}, | 88 | {ERR_FUNC(OCSP_F_OCSP_SENDREQ_BIO), "OCSP_sendreq_bio"}, |
| 89 | {ERR_FUNC(OCSP_F_PARSE_HTTP_LINE1), "PARSE_HTTP_LINE1"}, | ||
| 89 | {ERR_FUNC(OCSP_F_REQUEST_VERIFY), "REQUEST_VERIFY"}, | 90 | {ERR_FUNC(OCSP_F_REQUEST_VERIFY), "REQUEST_VERIFY"}, |
| 90 | {0,NULL} | 91 | {0,NULL} |
| 91 | }; | 92 | }; |
| @@ -129,15 +130,12 @@ static ERR_STRING_DATA OCSP_str_reasons[]= | |||
| 129 | 130 | ||
| 130 | void ERR_load_OCSP_strings(void) | 131 | void ERR_load_OCSP_strings(void) |
| 131 | { | 132 | { |
| 132 | static int init=1; | 133 | #ifndef OPENSSL_NO_ERR |
| 133 | 134 | ||
| 134 | if (init) | 135 | if (ERR_func_error_string(OCSP_str_functs[0].error) == NULL) |
| 135 | { | 136 | { |
| 136 | init=0; | ||
| 137 | #ifndef OPENSSL_NO_ERR | ||
| 138 | ERR_load_strings(0,OCSP_str_functs); | 137 | ERR_load_strings(0,OCSP_str_functs); |
| 139 | ERR_load_strings(0,OCSP_str_reasons); | 138 | ERR_load_strings(0,OCSP_str_reasons); |
| 140 | #endif | ||
| 141 | |||
| 142 | } | 139 | } |
| 140 | #endif | ||
| 143 | } | 141 | } |
diff --git a/src/lib/libcrypto/ocsp/ocsp_ext.c b/src/lib/libcrypto/ocsp/ocsp_ext.c index 57399433fc..815cc29d58 100644 --- a/src/lib/libcrypto/ocsp/ocsp_ext.c +++ b/src/lib/libcrypto/ocsp/ocsp_ext.c | |||
| @@ -265,8 +265,8 @@ int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc) | |||
| 265 | 265 | ||
| 266 | /* also CRL Entry Extensions */ | 266 | /* also CRL Entry Extensions */ |
| 267 | 267 | ||
| 268 | ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, int (*i2d)(), | 268 | ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, |
| 269 | char *data, STACK_OF(ASN1_OBJECT) *sk) | 269 | void *data, STACK_OF(ASN1_OBJECT) *sk) |
| 270 | { | 270 | { |
| 271 | int i; | 271 | int i; |
| 272 | unsigned char *p, *b = NULL; | 272 | unsigned char *p, *b = NULL; |
| @@ -274,18 +274,23 @@ ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, int (*i2d)(), | |||
| 274 | if (data) | 274 | if (data) |
| 275 | { | 275 | { |
| 276 | if ((i=i2d(data,NULL)) <= 0) goto err; | 276 | if ((i=i2d(data,NULL)) <= 0) goto err; |
| 277 | if (!(b=p=(unsigned char*)OPENSSL_malloc((unsigned int)i))) | 277 | if (!(b=p=OPENSSL_malloc((unsigned int)i))) |
| 278 | goto err; | 278 | goto err; |
| 279 | if (i2d(data, &p) <= 0) goto err; | 279 | if (i2d(data, &p) <= 0) goto err; |
| 280 | } | 280 | } |
| 281 | else if (sk) | 281 | else if (sk) |
| 282 | { | 282 | { |
| 283 | if ((i=i2d_ASN1_SET_OF_ASN1_OBJECT(sk,NULL,i2d,V_ASN1_SEQUENCE, | 283 | if ((i=i2d_ASN1_SET_OF_ASN1_OBJECT(sk,NULL, |
| 284 | V_ASN1_UNIVERSAL,IS_SEQUENCE))<=0) goto err; | 284 | (I2D_OF(ASN1_OBJECT))i2d, |
| 285 | if (!(b=p=(unsigned char*)OPENSSL_malloc((unsigned int)i))) | 285 | V_ASN1_SEQUENCE, |
| 286 | V_ASN1_UNIVERSAL, | ||
| 287 | IS_SEQUENCE))<=0) goto err; | ||
| 288 | if (!(b=p=OPENSSL_malloc((unsigned int)i))) | ||
| 286 | goto err; | 289 | goto err; |
| 287 | if (i2d_ASN1_SET_OF_ASN1_OBJECT(sk,&p,i2d,V_ASN1_SEQUENCE, | 290 | if (i2d_ASN1_SET_OF_ASN1_OBJECT(sk,&p,(I2D_OF(ASN1_OBJECT))i2d, |
| 288 | V_ASN1_UNIVERSAL,IS_SEQUENCE)<=0) goto err; | 291 | V_ASN1_SEQUENCE, |
| 292 | V_ASN1_UNIVERSAL, | ||
| 293 | IS_SEQUENCE)<=0) goto err; | ||
| 289 | } | 294 | } |
| 290 | else | 295 | else |
| 291 | { | 296 | { |
| @@ -439,7 +444,8 @@ X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim) | |||
| 439 | } | 444 | } |
| 440 | if (!(x = X509_EXTENSION_new())) goto err; | 445 | if (!(x = X509_EXTENSION_new())) goto err; |
| 441 | if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_CrlID))) goto err; | 446 | if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_CrlID))) goto err; |
| 442 | if (!(ASN1_STRING_encode(x->value,i2d_OCSP_CRLID,(char*)cid,NULL))) | 447 | if (!(ASN1_STRING_encode_of(OCSP_CRLID,x->value,i2d_OCSP_CRLID,cid, |
| 448 | NULL))) | ||
| 443 | goto err; | 449 | goto err; |
| 444 | OCSP_CRLID_free(cid); | 450 | OCSP_CRLID_free(cid); |
| 445 | return x; | 451 | return x; |
| @@ -467,7 +473,8 @@ X509_EXTENSION *OCSP_accept_responses_new(char **oids) | |||
| 467 | if (!(x = X509_EXTENSION_new())) goto err; | 473 | if (!(x = X509_EXTENSION_new())) goto err; |
| 468 | if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_acceptableResponses))) | 474 | if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_acceptableResponses))) |
| 469 | goto err; | 475 | goto err; |
| 470 | if (!(ASN1_STRING_encode(x->value,i2d_ASN1_OBJECT,NULL,sk))) | 476 | if (!(ASN1_STRING_encode_of(ASN1_OBJECT,x->value,i2d_ASN1_OBJECT,NULL, |
| 477 | sk))) | ||
| 471 | goto err; | 478 | goto err; |
| 472 | sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free); | 479 | sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free); |
| 473 | return x; | 480 | return x; |
| @@ -487,8 +494,8 @@ X509_EXTENSION *OCSP_archive_cutoff_new(char* tim) | |||
| 487 | if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err; | 494 | if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err; |
| 488 | if (!(x = X509_EXTENSION_new())) goto err; | 495 | if (!(x = X509_EXTENSION_new())) goto err; |
| 489 | if (!(x->object=OBJ_nid2obj(NID_id_pkix_OCSP_archiveCutoff)))goto err; | 496 | if (!(x->object=OBJ_nid2obj(NID_id_pkix_OCSP_archiveCutoff)))goto err; |
| 490 | if (!(ASN1_STRING_encode(x->value,i2d_ASN1_GENERALIZEDTIME, | 497 | if (!(ASN1_STRING_encode_of(ASN1_GENERALIZEDTIME,x->value, |
| 491 | (char*)gt,NULL))) goto err; | 498 | i2d_ASN1_GENERALIZEDTIME,gt,NULL))) goto err; |
| 492 | ASN1_GENERALIZEDTIME_free(gt); | 499 | ASN1_GENERALIZEDTIME_free(gt); |
| 493 | return x; | 500 | return x; |
| 494 | err: | 501 | err: |
| @@ -526,8 +533,8 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, char **urls) | |||
| 526 | if (!(x = X509_EXTENSION_new())) goto err; | 533 | if (!(x = X509_EXTENSION_new())) goto err; |
| 527 | if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_serviceLocator))) | 534 | if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_serviceLocator))) |
| 528 | goto err; | 535 | goto err; |
| 529 | if (!(ASN1_STRING_encode(x->value, i2d_OCSP_SERVICELOC, | 536 | if (!(ASN1_STRING_encode_of(OCSP_SERVICELOC,x->value, |
| 530 | (char*)sloc, NULL))) goto err; | 537 | i2d_OCSP_SERVICELOC,sloc,NULL))) goto err; |
| 531 | OCSP_SERVICELOC_free(sloc); | 538 | OCSP_SERVICELOC_free(sloc); |
| 532 | return x; | 539 | return x; |
| 533 | err: | 540 | err: |
diff --git a/src/lib/libcrypto/ocsp/ocsp_ht.c b/src/lib/libcrypto/ocsp/ocsp_ht.c index 2c48171883..a8e569b74a 100644 --- a/src/lib/libcrypto/ocsp/ocsp_ht.c +++ b/src/lib/libcrypto/ocsp/ocsp_ht.c | |||
| @@ -1,9 +1,9 @@ | |||
| 1 | /* ocsp_ht.c */ | 1 | /* ocsp_ht.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2006. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 2000 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 2006 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -68,106 +68,404 @@ | |||
| 68 | #define strtoul (unsigned long)strtol | 68 | #define strtoul (unsigned long)strtol |
| 69 | #endif /* OPENSSL_SYS_SUNOS */ | 69 | #endif /* OPENSSL_SYS_SUNOS */ |
| 70 | 70 | ||
| 71 | /* Quick and dirty HTTP OCSP request handler. | 71 | /* Stateful OCSP request code, supporting non-blocking I/O */ |
| 72 | * Could make this a bit cleverer by adding | ||
| 73 | * support for non blocking BIOs and a few | ||
| 74 | * other refinements. | ||
| 75 | */ | ||
| 76 | 72 | ||
| 77 | OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req) | 73 | /* Opaque OCSP request status structure */ |
| 78 | { | 74 | |
| 79 | BIO *mem = NULL; | 75 | struct ocsp_req_ctx_st { |
| 80 | char tmpbuf[1024]; | 76 | int state; /* Current I/O state */ |
| 81 | OCSP_RESPONSE *resp = NULL; | 77 | unsigned char *iobuf; /* Line buffer */ |
| 82 | char *p, *q, *r; | 78 | int iobuflen; /* Line buffer length */ |
| 83 | int len, retcode; | 79 | BIO *io; /* BIO to perform I/O with */ |
| 84 | static char req_txt[] = | 80 | BIO *mem; /* Memory BIO response is built into */ |
| 85 | "POST %s HTTP/1.0\r\n\ | 81 | unsigned long asn1_len; /* ASN1 length of response */ |
| 86 | Content-Type: application/ocsp-request\r\n\ | 82 | }; |
| 87 | Content-Length: %d\r\n\r\n"; | 83 | |
| 88 | 84 | #define OCSP_MAX_REQUEST_LENGTH (100 * 1024) | |
| 89 | len = i2d_OCSP_REQUEST(req, NULL); | 85 | #define OCSP_MAX_LINE_LEN 4096; |
| 90 | if(BIO_printf(b, req_txt, path, len) < 0) { | 86 | |
| 91 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR); | 87 | /* OCSP states */ |
| 92 | goto err; | 88 | |
| 93 | } | 89 | /* If set no reading should be performed */ |
| 94 | if(i2d_OCSP_REQUEST_bio(b, req) <= 0) { | 90 | #define OHS_NOREAD 0x1000 |
| 95 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR); | 91 | /* Error condition */ |
| 96 | goto err; | 92 | #define OHS_ERROR (0 | OHS_NOREAD) |
| 93 | /* First line being read */ | ||
| 94 | #define OHS_FIRSTLINE 1 | ||
| 95 | /* MIME headers being read */ | ||
| 96 | #define OHS_HEADERS 2 | ||
| 97 | /* OCSP initial header (tag + length) being read */ | ||
| 98 | #define OHS_ASN1_HEADER 3 | ||
| 99 | /* OCSP content octets being read */ | ||
| 100 | #define OHS_ASN1_CONTENT 4 | ||
| 101 | /* Request being sent */ | ||
| 102 | #define OHS_ASN1_WRITE (6 | OHS_NOREAD) | ||
| 103 | /* Request being flushed */ | ||
| 104 | #define OHS_ASN1_FLUSH (7 | OHS_NOREAD) | ||
| 105 | /* Completed */ | ||
| 106 | #define OHS_DONE (8 | OHS_NOREAD) | ||
| 107 | |||
| 108 | |||
| 109 | static int parse_http_line1(char *line); | ||
| 110 | |||
| 111 | void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx) | ||
| 112 | { | ||
| 113 | if (rctx->mem) | ||
| 114 | BIO_free(rctx->mem); | ||
| 115 | if (rctx->iobuf) | ||
| 116 | OPENSSL_free(rctx->iobuf); | ||
| 117 | OPENSSL_free(rctx); | ||
| 97 | } | 118 | } |
| 98 | if(!(mem = BIO_new(BIO_s_mem()))) goto err; | 119 | |
| 99 | /* Copy response to a memory BIO: socket bios can't do gets! */ | 120 | OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, |
| 100 | while ((len = BIO_read(b, tmpbuf, sizeof tmpbuf))) { | 121 | int maxline) |
| 101 | if(len < 0) { | 122 | { |
| 102 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_READ_ERROR); | 123 | static char post_hdr[] = "POST %s HTTP/1.0\r\n" |
| 103 | goto err; | 124 | "Content-Type: application/ocsp-request\r\n" |
| 125 | "Content-Length: %d\r\n\r\n"; | ||
| 126 | |||
| 127 | OCSP_REQ_CTX *rctx; | ||
| 128 | rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX)); | ||
| 129 | rctx->state = OHS_FIRSTLINE; | ||
| 130 | rctx->mem = BIO_new(BIO_s_mem()); | ||
| 131 | rctx->io = io; | ||
| 132 | if (maxline > 0) | ||
| 133 | rctx->iobuflen = maxline; | ||
| 134 | else | ||
| 135 | rctx->iobuflen = OCSP_MAX_LINE_LEN; | ||
| 136 | rctx->iobuf = OPENSSL_malloc(rctx->iobuflen); | ||
| 137 | if (!path) | ||
| 138 | path = "/"; | ||
| 139 | |||
| 140 | if (BIO_printf(rctx->mem, post_hdr, path, | ||
| 141 | i2d_OCSP_REQUEST(req, NULL)) <= 0) | ||
| 142 | { | ||
| 143 | rctx->state = OHS_ERROR; | ||
| 144 | return 0; | ||
| 104 | } | 145 | } |
| 105 | BIO_write(mem, tmpbuf, len); | 146 | if (i2d_OCSP_REQUEST_bio(rctx->mem, req) <= 0) |
| 106 | } | 147 | { |
| 107 | if(BIO_gets(mem, tmpbuf, 512) <= 0) { | 148 | rctx->state = OHS_ERROR; |
| 108 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); | 149 | return 0; |
| 109 | goto err; | 150 | } |
| 151 | rctx->state = OHS_ASN1_WRITE; | ||
| 152 | rctx->asn1_len = BIO_get_mem_data(rctx->mem, NULL); | ||
| 153 | |||
| 154 | return rctx; | ||
| 110 | } | 155 | } |
| 111 | /* Parse the HTTP response. This will look like this: | ||
| 112 | * "HTTP/1.0 200 OK". We need to obtain the numeric code and | ||
| 113 | * (optional) informational message. | ||
| 114 | */ | ||
| 115 | 156 | ||
| 157 | /* Parse the HTTP response. This will look like this: | ||
| 158 | * "HTTP/1.0 200 OK". We need to obtain the numeric code and | ||
| 159 | * (optional) informational message. | ||
| 160 | */ | ||
| 161 | |||
| 162 | static int parse_http_line1(char *line) | ||
| 163 | { | ||
| 164 | int retcode; | ||
| 165 | char *p, *q, *r; | ||
| 116 | /* Skip to first white space (passed protocol info) */ | 166 | /* Skip to first white space (passed protocol info) */ |
| 117 | for(p = tmpbuf; *p && !isspace((unsigned char)*p); p++) continue; | 167 | |
| 118 | if(!*p) { | 168 | for(p = line; *p && !isspace((unsigned char)*p); p++) |
| 119 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); | 169 | continue; |
| 120 | goto err; | 170 | if(!*p) |
| 121 | } | 171 | { |
| 172 | OCSPerr(OCSP_F_PARSE_HTTP_LINE1, | ||
| 173 | OCSP_R_SERVER_RESPONSE_PARSE_ERROR); | ||
| 174 | return 0; | ||
| 175 | } | ||
| 176 | |||
| 122 | /* Skip past white space to start of response code */ | 177 | /* Skip past white space to start of response code */ |
| 123 | while(isspace((unsigned char)*p)) p++; | 178 | while(*p && isspace((unsigned char)*p)) |
| 124 | if(!*p) { | 179 | p++; |
| 125 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); | 180 | |
| 126 | goto err; | 181 | if(!*p) |
| 127 | } | 182 | { |
| 183 | OCSPerr(OCSP_F_PARSE_HTTP_LINE1, | ||
| 184 | OCSP_R_SERVER_RESPONSE_PARSE_ERROR); | ||
| 185 | return 0; | ||
| 186 | } | ||
| 187 | |||
| 128 | /* Find end of response code: first whitespace after start of code */ | 188 | /* Find end of response code: first whitespace after start of code */ |
| 129 | for(q = p; *q && !isspace((unsigned char)*q); q++) continue; | 189 | for(q = p; *q && !isspace((unsigned char)*q); q++) |
| 130 | if(!*q) { | 190 | continue; |
| 131 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); | 191 | |
| 132 | goto err; | 192 | if(!*q) |
| 133 | } | 193 | { |
| 194 | OCSPerr(OCSP_F_PARSE_HTTP_LINE1, | ||
| 195 | OCSP_R_SERVER_RESPONSE_PARSE_ERROR); | ||
| 196 | return 0; | ||
| 197 | } | ||
| 198 | |||
| 134 | /* Set end of response code and start of message */ | 199 | /* Set end of response code and start of message */ |
| 135 | *q++ = 0; | 200 | *q++ = 0; |
| 201 | |||
| 136 | /* Attempt to parse numeric code */ | 202 | /* Attempt to parse numeric code */ |
| 137 | retcode = strtoul(p, &r, 10); | 203 | retcode = strtoul(p, &r, 10); |
| 138 | if(*r) goto err; | 204 | |
| 205 | if(*r) | ||
| 206 | return 0; | ||
| 207 | |||
| 139 | /* Skip over any leading white space in message */ | 208 | /* Skip over any leading white space in message */ |
| 140 | while(isspace((unsigned char)*q)) q++; | 209 | while(*q && isspace((unsigned char)*q)) |
| 141 | if(*q) { | 210 | q++; |
| 142 | /* Finally zap any trailing white space in message (include CRLF) */ | 211 | |
| 143 | /* We know q has a non white space character so this is OK */ | 212 | if(*q) |
| 144 | for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) *r = 0; | 213 | { |
| 145 | } | 214 | /* Finally zap any trailing white space in message (include |
| 146 | if(retcode != 200) { | 215 | * CRLF) */ |
| 147 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_ERROR); | 216 | |
| 148 | if(!*q) { | 217 | /* We know q has a non white space character so this is OK */ |
| 149 | ERR_add_error_data(2, "Code=", p); | 218 | for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) |
| 219 | *r = 0; | ||
| 150 | } | 220 | } |
| 151 | else { | 221 | if(retcode != 200) |
| 222 | { | ||
| 223 | OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_ERROR); | ||
| 224 | if(!*q) | ||
| 225 | ERR_add_error_data(2, "Code=", p); | ||
| 226 | else | ||
| 152 | ERR_add_error_data(4, "Code=", p, ",Reason=", q); | 227 | ERR_add_error_data(4, "Code=", p, ",Reason=", q); |
| 228 | return 0; | ||
| 153 | } | 229 | } |
| 154 | goto err; | 230 | |
| 231 | |||
| 232 | return 1; | ||
| 233 | |||
| 155 | } | 234 | } |
| 156 | /* Find blank line marking beginning of content */ | 235 | |
| 157 | while(BIO_gets(mem, tmpbuf, 512) > 0) | 236 | int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx) |
| 158 | { | 237 | { |
| 159 | for(p = tmpbuf; isspace((unsigned char)*p); p++) continue; | 238 | int i, n; |
| 160 | if(!*p) break; | 239 | const unsigned char *p; |
| 161 | } | 240 | next_io: |
| 162 | if(*p) { | 241 | if (!(rctx->state & OHS_NOREAD)) |
| 163 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_NO_CONTENT); | 242 | { |
| 164 | goto err; | 243 | n = BIO_read(rctx->io, rctx->iobuf, rctx->iobuflen); |
| 244 | |||
| 245 | if (n <= 0) | ||
| 246 | { | ||
| 247 | if (BIO_should_retry(rctx->io)) | ||
| 248 | return -1; | ||
| 249 | return 0; | ||
| 250 | } | ||
| 251 | |||
| 252 | /* Write data to memory BIO */ | ||
| 253 | |||
| 254 | if (BIO_write(rctx->mem, rctx->iobuf, n) != n) | ||
| 255 | return 0; | ||
| 256 | } | ||
| 257 | |||
| 258 | switch(rctx->state) | ||
| 259 | { | ||
| 260 | |||
| 261 | case OHS_ASN1_WRITE: | ||
| 262 | n = BIO_get_mem_data(rctx->mem, &p); | ||
| 263 | |||
| 264 | i = BIO_write(rctx->io, | ||
| 265 | p + (n - rctx->asn1_len), rctx->asn1_len); | ||
| 266 | |||
| 267 | if (i <= 0) | ||
| 268 | { | ||
| 269 | if (BIO_should_retry(rctx->io)) | ||
| 270 | return -1; | ||
| 271 | rctx->state = OHS_ERROR; | ||
| 272 | return 0; | ||
| 273 | } | ||
| 274 | |||
| 275 | rctx->asn1_len -= i; | ||
| 276 | |||
| 277 | if (rctx->asn1_len > 0) | ||
| 278 | goto next_io; | ||
| 279 | |||
| 280 | rctx->state = OHS_ASN1_FLUSH; | ||
| 281 | |||
| 282 | (void)BIO_reset(rctx->mem); | ||
| 283 | |||
| 284 | case OHS_ASN1_FLUSH: | ||
| 285 | |||
| 286 | i = BIO_flush(rctx->io); | ||
| 287 | |||
| 288 | if (i > 0) | ||
| 289 | { | ||
| 290 | rctx->state = OHS_FIRSTLINE; | ||
| 291 | goto next_io; | ||
| 292 | } | ||
| 293 | |||
| 294 | if (BIO_should_retry(rctx->io)) | ||
| 295 | return -1; | ||
| 296 | |||
| 297 | rctx->state = OHS_ERROR; | ||
| 298 | return 0; | ||
| 299 | |||
| 300 | case OHS_ERROR: | ||
| 301 | return 0; | ||
| 302 | |||
| 303 | case OHS_FIRSTLINE: | ||
| 304 | case OHS_HEADERS: | ||
| 305 | |||
| 306 | /* Attempt to read a line in */ | ||
| 307 | |||
| 308 | next_line: | ||
| 309 | /* Due to &%^*$" memory BIO behaviour with BIO_gets we | ||
| 310 | * have to check there's a complete line in there before | ||
| 311 | * calling BIO_gets or we'll just get a partial read. | ||
| 312 | */ | ||
| 313 | n = BIO_get_mem_data(rctx->mem, &p); | ||
| 314 | if ((n <= 0) || !memchr(p, '\n', n)) | ||
| 315 | { | ||
| 316 | if (n >= rctx->iobuflen) | ||
| 317 | { | ||
| 318 | rctx->state = OHS_ERROR; | ||
| 319 | return 0; | ||
| 320 | } | ||
| 321 | goto next_io; | ||
| 322 | } | ||
| 323 | n = BIO_gets(rctx->mem, (char *)rctx->iobuf, rctx->iobuflen); | ||
| 324 | |||
| 325 | if (n <= 0) | ||
| 326 | { | ||
| 327 | if (BIO_should_retry(rctx->mem)) | ||
| 328 | goto next_io; | ||
| 329 | rctx->state = OHS_ERROR; | ||
| 330 | return 0; | ||
| 331 | } | ||
| 332 | |||
| 333 | /* Don't allow excessive lines */ | ||
| 334 | if (n == rctx->iobuflen) | ||
| 335 | { | ||
| 336 | rctx->state = OHS_ERROR; | ||
| 337 | return 0; | ||
| 338 | } | ||
| 339 | |||
| 340 | /* First line */ | ||
| 341 | if (rctx->state == OHS_FIRSTLINE) | ||
| 342 | { | ||
| 343 | if (parse_http_line1((char *)rctx->iobuf)) | ||
| 344 | { | ||
| 345 | rctx->state = OHS_HEADERS; | ||
| 346 | goto next_line; | ||
| 347 | } | ||
| 348 | else | ||
| 349 | { | ||
| 350 | rctx->state = OHS_ERROR; | ||
| 351 | return 0; | ||
| 352 | } | ||
| 353 | } | ||
| 354 | else | ||
| 355 | { | ||
| 356 | /* Look for blank line: end of headers */ | ||
| 357 | for (p = rctx->iobuf; *p; p++) | ||
| 358 | { | ||
| 359 | if ((*p != '\r') && (*p != '\n')) | ||
| 360 | break; | ||
| 361 | } | ||
| 362 | if (*p) | ||
| 363 | goto next_line; | ||
| 364 | |||
| 365 | rctx->state = OHS_ASN1_HEADER; | ||
| 366 | |||
| 367 | } | ||
| 368 | |||
| 369 | /* Fall thru */ | ||
| 370 | |||
| 371 | |||
| 372 | case OHS_ASN1_HEADER: | ||
| 373 | /* Now reading ASN1 header: can read at least 6 bytes which | ||
| 374 | * is more than enough for any valid ASN1 SEQUENCE header | ||
| 375 | */ | ||
| 376 | n = BIO_get_mem_data(rctx->mem, &p); | ||
| 377 | if (n < 6) | ||
| 378 | goto next_io; | ||
| 379 | |||
| 380 | /* Check it is an ASN1 SEQUENCE */ | ||
| 381 | if (*p++ != (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) | ||
| 382 | { | ||
| 383 | rctx->state = OHS_ERROR; | ||
| 384 | return 0; | ||
| 385 | } | ||
| 386 | |||
| 387 | /* Check out length field */ | ||
| 388 | if (*p & 0x80) | ||
| 389 | { | ||
| 390 | n = *p & 0x7F; | ||
| 391 | /* Not NDEF or excessive length */ | ||
| 392 | if (!n || (n > 4)) | ||
| 393 | { | ||
| 394 | rctx->state = OHS_ERROR; | ||
| 395 | return 0; | ||
| 396 | } | ||
| 397 | p++; | ||
| 398 | rctx->asn1_len = 0; | ||
| 399 | for (i = 0; i < n; i++) | ||
| 400 | { | ||
| 401 | rctx->asn1_len <<= 8; | ||
| 402 | rctx->asn1_len |= *p++; | ||
| 403 | } | ||
| 404 | |||
| 405 | if (rctx->asn1_len > OCSP_MAX_REQUEST_LENGTH) | ||
| 406 | { | ||
| 407 | rctx->state = OHS_ERROR; | ||
| 408 | return 0; | ||
| 409 | } | ||
| 410 | |||
| 411 | rctx->asn1_len += n + 2; | ||
| 412 | } | ||
| 413 | else | ||
| 414 | rctx->asn1_len = *p + 2; | ||
| 415 | |||
| 416 | rctx->state = OHS_ASN1_CONTENT; | ||
| 417 | |||
| 418 | /* Fall thru */ | ||
| 419 | |||
| 420 | case OHS_ASN1_CONTENT: | ||
| 421 | n = BIO_get_mem_data(rctx->mem, &p); | ||
| 422 | if (n < (int)rctx->asn1_len) | ||
| 423 | goto next_io; | ||
| 424 | |||
| 425 | |||
| 426 | *presp = d2i_OCSP_RESPONSE(NULL, &p, rctx->asn1_len); | ||
| 427 | if (*presp) | ||
| 428 | { | ||
| 429 | rctx->state = OHS_DONE; | ||
| 430 | return 1; | ||
| 431 | } | ||
| 432 | |||
| 433 | rctx->state = OHS_ERROR; | ||
| 434 | return 0; | ||
| 435 | |||
| 436 | break; | ||
| 437 | |||
| 438 | case OHS_DONE: | ||
| 439 | return 1; | ||
| 440 | |||
| 441 | } | ||
| 442 | |||
| 443 | |||
| 444 | |||
| 445 | return 0; | ||
| 446 | |||
| 447 | |||
| 165 | } | 448 | } |
| 166 | if(!(resp = d2i_OCSP_RESPONSE_bio(mem, NULL))) { | 449 | |
| 167 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,ERR_R_NESTED_ASN1_ERROR); | 450 | /* Blocking OCSP request handler: now a special case of non-blocking I/O */ |
| 168 | goto err; | 451 | |
| 452 | OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req) | ||
| 453 | { | ||
| 454 | OCSP_RESPONSE *resp = NULL; | ||
| 455 | OCSP_REQ_CTX *ctx; | ||
| 456 | int rv; | ||
| 457 | |||
| 458 | ctx = OCSP_sendreq_new(b, path, req, -1); | ||
| 459 | |||
| 460 | do | ||
| 461 | { | ||
| 462 | rv = OCSP_sendreq_nbio(&resp, ctx); | ||
| 463 | } while ((rv == -1) && BIO_should_retry(b)); | ||
| 464 | |||
| 465 | OCSP_REQ_CTX_free(ctx); | ||
| 466 | |||
| 467 | if (rv) | ||
| 468 | return resp; | ||
| 469 | |||
| 470 | return NULL; | ||
| 169 | } | 471 | } |
| 170 | err: | ||
| 171 | BIO_free(mem); | ||
| 172 | return resp; | ||
| 173 | } | ||
diff --git a/src/lib/libcrypto/ocsp/ocsp_lib.c b/src/lib/libcrypto/ocsp/ocsp_lib.c index 9e87fc7895..27450811d7 100644 --- a/src/lib/libcrypto/ocsp/ocsp_lib.c +++ b/src/lib/libcrypto/ocsp/ocsp_lib.c | |||
| @@ -112,7 +112,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, | |||
| 112 | if (alg->algorithm != NULL) ASN1_OBJECT_free(alg->algorithm); | 112 | if (alg->algorithm != NULL) ASN1_OBJECT_free(alg->algorithm); |
| 113 | if ((nid = EVP_MD_type(dgst)) == NID_undef) | 113 | if ((nid = EVP_MD_type(dgst)) == NID_undef) |
| 114 | { | 114 | { |
| 115 | OCSPerr(OCSP_F_CERT_ID_NEW,OCSP_R_UNKNOWN_NID); | 115 | OCSPerr(OCSP_F_OCSP_CERT_ID_NEW,OCSP_R_UNKNOWN_NID); |
| 116 | goto err; | 116 | goto err; |
| 117 | } | 117 | } |
| 118 | if (!(alg->algorithm=OBJ_nid2obj(nid))) goto err; | 118 | if (!(alg->algorithm=OBJ_nid2obj(nid))) goto err; |
| @@ -134,7 +134,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, | |||
| 134 | } | 134 | } |
| 135 | return cid; | 135 | return cid; |
| 136 | digerr: | 136 | digerr: |
| 137 | OCSPerr(OCSP_F_CERT_ID_NEW,OCSP_R_DIGEST_ERR); | 137 | OCSPerr(OCSP_F_OCSP_CERT_ID_NEW,OCSP_R_DIGEST_ERR); |
| 138 | err: | 138 | err: |
| 139 | if (cid) OCSP_CERTID_free(cid); | 139 | if (cid) OCSP_CERTID_free(cid); |
| 140 | return NULL; | 140 | return NULL; |
diff --git a/src/lib/libcrypto/ocsp/ocsp_prn.c b/src/lib/libcrypto/ocsp/ocsp_prn.c index 4b7bc28769..3dfb51c1e4 100644 --- a/src/lib/libcrypto/ocsp/ocsp_prn.c +++ b/src/lib/libcrypto/ocsp/ocsp_prn.c | |||
| @@ -194,7 +194,7 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags) | |||
| 194 | 194 | ||
| 195 | if (BIO_puts(bp,"OCSP Response Data:\n") <= 0) goto err; | 195 | if (BIO_puts(bp,"OCSP Response Data:\n") <= 0) goto err; |
| 196 | l=ASN1_ENUMERATED_get(o->responseStatus); | 196 | l=ASN1_ENUMERATED_get(o->responseStatus); |
| 197 | if (BIO_printf(bp," OCSP Response Status: %s (0x%x)\n", | 197 | if (BIO_printf(bp," OCSP Response Status: %s (0x%lx)\n", |
| 198 | OCSP_response_status_str(l), l) <= 0) goto err; | 198 | OCSP_response_status_str(l), l) <= 0) goto err; |
| 199 | if (rb == NULL) return 1; | 199 | if (rb == NULL) return 1; |
| 200 | if (BIO_puts(bp," Response Type: ") <= 0) | 200 | if (BIO_puts(bp," Response Type: ") <= 0) |
| @@ -252,7 +252,7 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags) | |||
| 252 | { | 252 | { |
| 253 | l=ASN1_ENUMERATED_get(rev->revocationReason); | 253 | l=ASN1_ENUMERATED_get(rev->revocationReason); |
| 254 | if (BIO_printf(bp, | 254 | if (BIO_printf(bp, |
| 255 | "\n Revocation Reason: %s (0x%x)", | 255 | "\n Revocation Reason: %s (0x%lx)", |
| 256 | OCSP_crl_reason_str(l), l) <= 0) | 256 | OCSP_crl_reason_str(l), l) <= 0) |
| 257 | goto err; | 257 | goto err; |
| 258 | } | 258 | } |
diff --git a/src/lib/libcrypto/ocsp/ocsp_vfy.c b/src/lib/libcrypto/ocsp/ocsp_vfy.c index 3d58dfb06c..23ea41c847 100644 --- a/src/lib/libcrypto/ocsp/ocsp_vfy.c +++ b/src/lib/libcrypto/ocsp/ocsp_vfy.c | |||
| @@ -367,7 +367,7 @@ int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, X509_STORE *st | |||
| 367 | return 0; | 367 | return 0; |
| 368 | } | 368 | } |
| 369 | gen = req->tbsRequest->requestorName; | 369 | gen = req->tbsRequest->requestorName; |
| 370 | if (gen->type != GEN_DIRNAME) | 370 | if (!gen || gen->type != GEN_DIRNAME) |
| 371 | { | 371 | { |
| 372 | OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE); | 372 | OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE); |
| 373 | return 0; | 373 | return 0; |
diff --git a/src/lib/libcrypto/opensslconf.h.in b/src/lib/libcrypto/opensslconf.h.in index 685e83b7a3..cee83acf98 100644 --- a/src/lib/libcrypto/opensslconf.h.in +++ b/src/lib/libcrypto/opensslconf.h.in | |||
| @@ -5,6 +5,7 @@ | |||
| 5 | 5 | ||
| 6 | #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ | 6 | #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ |
| 7 | #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) | 7 | #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) |
| 8 | #define ENGINESDIR "/usr/local/lib/engines" | ||
| 8 | #define OPENSSLDIR "/usr/local/ssl" | 9 | #define OPENSSLDIR "/usr/local/ssl" |
| 9 | #endif | 10 | #endif |
| 10 | #endif | 11 | #endif |
diff --git a/src/lib/libcrypto/opensslv.h b/src/lib/libcrypto/opensslv.h index e50c1baf00..b308894f18 100644 --- a/src/lib/libcrypto/opensslv.h +++ b/src/lib/libcrypto/opensslv.h | |||
| @@ -12,7 +12,7 @@ | |||
| 12 | * 0.9.3-beta2 0x00903002 (same as ...beta2-dev) | 12 | * 0.9.3-beta2 0x00903002 (same as ...beta2-dev) |
| 13 | * 0.9.3 0x0090300f | 13 | * 0.9.3 0x0090300f |
| 14 | * 0.9.3a 0x0090301f | 14 | * 0.9.3a 0x0090301f |
| 15 | * 0.9.4 0x0090400f | 15 | * 0.9.4 0x0090400f |
| 16 | * 1.2.3z 0x102031af | 16 | * 1.2.3z 0x102031af |
| 17 | * | 17 | * |
| 18 | * For continuity reasons (because 0.9.5 is already out, and is coded | 18 | * For continuity reasons (because 0.9.5 is already out, and is coded |
| @@ -25,11 +25,11 @@ | |||
| 25 | * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for | 25 | * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for |
| 26 | * major minor fix final patch/beta) | 26 | * major minor fix final patch/beta) |
| 27 | */ | 27 | */ |
| 28 | #define OPENSSL_VERSION_NUMBER 0x009070afL | 28 | #define OPENSSL_VERSION_NUMBER 0x0090808fL |
| 29 | #ifdef OPENSSL_FIPS | 29 | #ifdef OPENSSL_FIPS |
| 30 | #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7j-fips 04 May 2006" | 30 | #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8h-fips 28 May 2008" |
| 31 | #else | 31 | #else |
| 32 | #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7j 04 May 2006" | 32 | #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8h 28 May 2008" |
| 33 | #endif | 33 | #endif |
| 34 | #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT | 34 | #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT |
| 35 | 35 | ||
| @@ -83,7 +83,7 @@ | |||
| 83 | * should only keep the versions that are binary compatible with the current. | 83 | * should only keep the versions that are binary compatible with the current. |
| 84 | */ | 84 | */ |
| 85 | #define SHLIB_VERSION_HISTORY "" | 85 | #define SHLIB_VERSION_HISTORY "" |
| 86 | #define SHLIB_VERSION_NUMBER "0.9.7" | 86 | #define SHLIB_VERSION_NUMBER "0.9.8" |
| 87 | 87 | ||
| 88 | 88 | ||
| 89 | #endif /* HEADER_OPENSSLV_H */ | 89 | #endif /* HEADER_OPENSSLV_H */ |
diff --git a/src/lib/libcrypto/ossl_typ.h b/src/lib/libcrypto/ossl_typ.h index 285fd0b1d9..345fb1dc4d 100644 --- a/src/lib/libcrypto/ossl_typ.h +++ b/src/lib/libcrypto/ossl_typ.h | |||
| @@ -97,15 +97,43 @@ typedef int ASN1_NULL; | |||
| 97 | 97 | ||
| 98 | #ifdef OPENSSL_SYS_WIN32 | 98 | #ifdef OPENSSL_SYS_WIN32 |
| 99 | #undef X509_NAME | 99 | #undef X509_NAME |
| 100 | #undef X509_EXTENSIONS | ||
| 101 | #undef X509_CERT_PAIR | ||
| 100 | #undef PKCS7_ISSUER_AND_SERIAL | 102 | #undef PKCS7_ISSUER_AND_SERIAL |
| 101 | #endif | 103 | #endif |
| 102 | 104 | ||
| 105 | #ifdef BIGNUM | ||
| 106 | #undef BIGNUM | ||
| 107 | #endif | ||
| 108 | typedef struct bignum_st BIGNUM; | ||
| 109 | typedef struct bignum_ctx BN_CTX; | ||
| 110 | typedef struct bn_blinding_st BN_BLINDING; | ||
| 111 | typedef struct bn_mont_ctx_st BN_MONT_CTX; | ||
| 112 | typedef struct bn_recp_ctx_st BN_RECP_CTX; | ||
| 113 | typedef struct bn_gencb_st BN_GENCB; | ||
| 114 | |||
| 115 | typedef struct buf_mem_st BUF_MEM; | ||
| 116 | |||
| 103 | typedef struct evp_cipher_st EVP_CIPHER; | 117 | typedef struct evp_cipher_st EVP_CIPHER; |
| 104 | typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX; | 118 | typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX; |
| 105 | typedef struct env_md_st EVP_MD; | 119 | typedef struct env_md_st EVP_MD; |
| 106 | typedef struct env_md_ctx_st EVP_MD_CTX; | 120 | typedef struct env_md_ctx_st EVP_MD_CTX; |
| 107 | typedef struct evp_pkey_st EVP_PKEY; | 121 | typedef struct evp_pkey_st EVP_PKEY; |
| 108 | 122 | ||
| 123 | typedef struct dh_st DH; | ||
| 124 | typedef struct dh_method DH_METHOD; | ||
| 125 | |||
| 126 | typedef struct dsa_st DSA; | ||
| 127 | typedef struct dsa_method DSA_METHOD; | ||
| 128 | |||
| 129 | typedef struct rsa_st RSA; | ||
| 130 | typedef struct rsa_meth_st RSA_METHOD; | ||
| 131 | |||
| 132 | typedef struct rand_meth_st RAND_METHOD; | ||
| 133 | |||
| 134 | typedef struct ecdh_method ECDH_METHOD; | ||
| 135 | typedef struct ecdsa_method ECDSA_METHOD; | ||
| 136 | |||
| 109 | typedef struct x509_st X509; | 137 | typedef struct x509_st X509; |
| 110 | typedef struct X509_algor_st X509_ALGOR; | 138 | typedef struct X509_algor_st X509_ALGOR; |
| 111 | typedef struct X509_crl_st X509_CRL; | 139 | typedef struct X509_crl_st X509_CRL; |
| @@ -113,10 +141,39 @@ typedef struct X509_name_st X509_NAME; | |||
| 113 | typedef struct x509_store_st X509_STORE; | 141 | typedef struct x509_store_st X509_STORE; |
| 114 | typedef struct x509_store_ctx_st X509_STORE_CTX; | 142 | typedef struct x509_store_ctx_st X509_STORE_CTX; |
| 115 | 143 | ||
| 144 | typedef struct v3_ext_ctx X509V3_CTX; | ||
| 145 | typedef struct conf_st CONF; | ||
| 146 | |||
| 147 | typedef struct store_st STORE; | ||
| 148 | typedef struct store_method_st STORE_METHOD; | ||
| 149 | |||
| 150 | typedef struct ui_st UI; | ||
| 151 | typedef struct ui_method_st UI_METHOD; | ||
| 152 | |||
| 153 | typedef struct st_ERR_FNS ERR_FNS; | ||
| 154 | |||
| 116 | typedef struct engine_st ENGINE; | 155 | typedef struct engine_st ENGINE; |
| 117 | 156 | ||
| 157 | typedef struct X509_POLICY_NODE_st X509_POLICY_NODE; | ||
| 158 | typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL; | ||
| 159 | typedef struct X509_POLICY_TREE_st X509_POLICY_TREE; | ||
| 160 | typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE; | ||
| 161 | |||
| 118 | /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */ | 162 | /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */ |
| 119 | #define DECLARE_PKCS12_STACK_OF(type) /* Nothing */ | 163 | #define DECLARE_PKCS12_STACK_OF(type) /* Nothing */ |
| 120 | #define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */ | 164 | #define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */ |
| 121 | 165 | ||
| 166 | typedef struct crypto_ex_data_st CRYPTO_EX_DATA; | ||
| 167 | /* Callback types for crypto.h */ | ||
| 168 | typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, | ||
| 169 | int idx, long argl, void *argp); | ||
| 170 | typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, | ||
| 171 | int idx, long argl, void *argp); | ||
| 172 | typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, | ||
| 173 | int idx, long argl, void *argp); | ||
| 174 | |||
| 175 | typedef struct ocsp_req_ctx_st OCSP_REQ_CTX; | ||
| 176 | typedef struct ocsp_response_st OCSP_RESPONSE; | ||
| 177 | typedef struct ocsp_responder_id_st OCSP_RESPID; | ||
| 178 | |||
| 122 | #endif /* def HEADER_OPENSSL_TYPES_H */ | 179 | #endif /* def HEADER_OPENSSL_TYPES_H */ |
diff --git a/src/lib/libcrypto/pem/pem.h b/src/lib/libcrypto/pem/pem.h index d330cbf9a3..670afa670b 100644 --- a/src/lib/libcrypto/pem/pem.h +++ b/src/lib/libcrypto/pem/pem.h | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #ifndef HEADER_PEM_H | 59 | #ifndef HEADER_PEM_H |
| 60 | #define HEADER_PEM_H | 60 | #define HEADER_PEM_H |
| 61 | 61 | ||
| 62 | #include <openssl/e_os2.h> | ||
| 62 | #ifndef OPENSSL_NO_BIO | 63 | #ifndef OPENSSL_NO_BIO |
| 63 | #include <openssl/bio.h> | 64 | #include <openssl/bio.h> |
| 64 | #endif | 65 | #endif |
| @@ -68,7 +69,6 @@ | |||
| 68 | #include <openssl/evp.h> | 69 | #include <openssl/evp.h> |
| 69 | #include <openssl/x509.h> | 70 | #include <openssl/x509.h> |
| 70 | #include <openssl/pem2.h> | 71 | #include <openssl/pem2.h> |
| 71 | #include <openssl/e_os2.h> | ||
| 72 | 72 | ||
| 73 | #ifdef __cplusplus | 73 | #ifdef __cplusplus |
| 74 | extern "C" { | 74 | extern "C" { |
| @@ -91,6 +91,9 @@ extern "C" { | |||
| 91 | #define PEM_OBJ_DHPARAMS 17 | 91 | #define PEM_OBJ_DHPARAMS 17 |
| 92 | #define PEM_OBJ_DSAPARAMS 18 | 92 | #define PEM_OBJ_DSAPARAMS 18 |
| 93 | #define PEM_OBJ_PRIV_RSA_PUBLIC 19 | 93 | #define PEM_OBJ_PRIV_RSA_PUBLIC 19 |
| 94 | #define PEM_OBJ_PRIV_ECDSA 20 | ||
| 95 | #define PEM_OBJ_PUB_ECDSA 21 | ||
| 96 | #define PEM_OBJ_ECPARAMETERS 22 | ||
| 94 | 97 | ||
| 95 | #define PEM_ERROR 30 | 98 | #define PEM_ERROR 30 |
| 96 | #define PEM_DEK_DES_CBC 40 | 99 | #define PEM_DEK_DES_CBC 40 |
| @@ -110,6 +113,7 @@ extern "C" { | |||
| 110 | 113 | ||
| 111 | #define PEM_STRING_X509_OLD "X509 CERTIFICATE" | 114 | #define PEM_STRING_X509_OLD "X509 CERTIFICATE" |
| 112 | #define PEM_STRING_X509 "CERTIFICATE" | 115 | #define PEM_STRING_X509 "CERTIFICATE" |
| 116 | #define PEM_STRING_X509_PAIR "CERTIFICATE PAIR" | ||
| 113 | #define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE" | 117 | #define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE" |
| 114 | #define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST" | 118 | #define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST" |
| 115 | #define PEM_STRING_X509_REQ "CERTIFICATE REQUEST" | 119 | #define PEM_STRING_X509_REQ "CERTIFICATE REQUEST" |
| @@ -126,6 +130,10 @@ extern "C" { | |||
| 126 | #define PEM_STRING_DHPARAMS "DH PARAMETERS" | 130 | #define PEM_STRING_DHPARAMS "DH PARAMETERS" |
| 127 | #define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS" | 131 | #define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS" |
| 128 | #define PEM_STRING_DSAPARAMS "DSA PARAMETERS" | 132 | #define PEM_STRING_DSAPARAMS "DSA PARAMETERS" |
| 133 | #define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY" | ||
| 134 | #define PEM_STRING_ECPARAMETERS "EC PARAMETERS" | ||
| 135 | #define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY" | ||
| 136 | #define PEM_STRING_CMS "CMS" | ||
| 129 | 137 | ||
| 130 | /* Note that this structure is initialised by PEM_SealInit and cleaned up | 138 | /* Note that this structure is initialised by PEM_SealInit and cleaned up |
| 131 | by PEM_SealFinal (at least for now) */ | 139 | by PEM_SealFinal (at least for now) */ |
| @@ -213,24 +221,50 @@ typedef struct pem_ctx_st | |||
| 213 | #define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \ | 221 | #define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \ |
| 214 | type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\ | 222 | type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\ |
| 215 | { \ | 223 | { \ |
| 216 | return((type *)PEM_ASN1_read((char *(*)())d2i_##asn1, str,fp,(char **)x,\ | 224 | return (type*)PEM_ASN1_read(CHECKED_D2I_OF(type, d2i_##asn1), \ |
| 217 | cb,u)); \ | 225 | str, fp, \ |
| 218 | } \ | 226 | CHECKED_PPTR_OF(type, x), \ |
| 227 | cb, u); \ | ||
| 228 | } | ||
| 219 | 229 | ||
| 220 | #define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \ | 230 | #define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \ |
| 221 | int PEM_write_##name(FILE *fp, type *x) \ | 231 | int PEM_write_##name(FILE *fp, type *x) \ |
| 222 | { \ | 232 | { \ |
| 223 | return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, (char *)x, \ | 233 | return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \ |
| 224 | NULL,NULL,0,NULL,NULL)); \ | 234 | str, fp, \ |
| 225 | } | 235 | CHECKED_PTR_OF(type, x), \ |
| 236 | NULL, NULL, 0, NULL, NULL); \ | ||
| 237 | } | ||
| 238 | |||
| 239 | #define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \ | ||
| 240 | int PEM_write_##name(FILE *fp, const type *x) \ | ||
| 241 | { \ | ||
| 242 | return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \ | ||
| 243 | str, fp, \ | ||
| 244 | CHECKED_PTR_OF(const type, x), \ | ||
| 245 | NULL, NULL, 0, NULL, NULL); \ | ||
| 246 | } | ||
| 226 | 247 | ||
| 227 | #define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ | 248 | #define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ |
| 228 | int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ | 249 | int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ |
| 229 | unsigned char *kstr, int klen, pem_password_cb *cb, \ | 250 | unsigned char *kstr, int klen, pem_password_cb *cb, \ |
| 230 | void *u) \ | 251 | void *u) \ |
| 231 | { \ | 252 | { \ |
| 232 | return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, \ | 253 | return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \ |
| 233 | (char *)x,enc,kstr,klen,cb,u)); \ | 254 | str, fp, \ |
| 255 | CHECKED_PTR_OF(type, x), \ | ||
| 256 | enc, kstr, klen, cb, u); \ | ||
| 257 | } | ||
| 258 | |||
| 259 | #define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \ | ||
| 260 | int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ | ||
| 261 | unsigned char *kstr, int klen, pem_password_cb *cb, \ | ||
| 262 | void *u) \ | ||
| 263 | { \ | ||
| 264 | return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \ | ||
| 265 | str, fp, \ | ||
| 266 | CHECKED_PTR_OF(const type, x), \ | ||
| 267 | enc, kstr, klen, cb, u); \ | ||
| 234 | } | 268 | } |
| 235 | 269 | ||
| 236 | #endif | 270 | #endif |
| @@ -238,33 +272,66 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ | |||
| 238 | #define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ | 272 | #define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ |
| 239 | type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\ | 273 | type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\ |
| 240 | { \ | 274 | { \ |
| 241 | return((type *)PEM_ASN1_read_bio((char *(*)())d2i_##asn1, str,bp,\ | 275 | return (type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i_##asn1), \ |
| 242 | (char **)x,cb,u)); \ | 276 | str, bp, \ |
| 277 | CHECKED_PPTR_OF(type, x), \ | ||
| 278 | cb, u); \ | ||
| 243 | } | 279 | } |
| 244 | 280 | ||
| 245 | #define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ | 281 | #define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ |
| 246 | int PEM_write_bio_##name(BIO *bp, type *x) \ | 282 | int PEM_write_bio_##name(BIO *bp, type *x) \ |
| 247 | { \ | 283 | { \ |
| 248 | return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, (char *)x, \ | 284 | return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \ |
| 249 | NULL,NULL,0,NULL,NULL)); \ | 285 | str, bp, \ |
| 286 | CHECKED_PTR_OF(type, x), \ | ||
| 287 | NULL, NULL, 0, NULL, NULL); \ | ||
| 288 | } | ||
| 289 | |||
| 290 | #define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ | ||
| 291 | int PEM_write_bio_##name(BIO *bp, const type *x) \ | ||
| 292 | { \ | ||
| 293 | return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \ | ||
| 294 | str, bp, \ | ||
| 295 | CHECKED_PTR_OF(const type, x), \ | ||
| 296 | NULL, NULL, 0, NULL, NULL); \ | ||
| 250 | } | 297 | } |
| 251 | 298 | ||
| 252 | #define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ | 299 | #define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ |
| 253 | int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ | 300 | int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ |
| 254 | unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ | 301 | unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ |
| 255 | { \ | 302 | { \ |
| 256 | return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, \ | 303 | return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \ |
| 257 | (char *)x,enc,kstr,klen,cb,u)); \ | 304 | str, bp, \ |
| 305 | CHECKED_PTR_OF(type, x), \ | ||
| 306 | enc, kstr, klen, cb, u); \ | ||
| 307 | } | ||
| 308 | |||
| 309 | #define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ | ||
| 310 | int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ | ||
| 311 | unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ | ||
| 312 | { \ | ||
| 313 | return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \ | ||
| 314 | str, bp, \ | ||
| 315 | CHECKED_PTR_OF(const type, x), \ | ||
| 316 | enc, kstr, klen, cb, u); \ | ||
| 258 | } | 317 | } |
| 259 | 318 | ||
| 260 | #define IMPLEMENT_PEM_write(name, type, str, asn1) \ | 319 | #define IMPLEMENT_PEM_write(name, type, str, asn1) \ |
| 261 | IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ | 320 | IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ |
| 262 | IMPLEMENT_PEM_write_fp(name, type, str, asn1) | 321 | IMPLEMENT_PEM_write_fp(name, type, str, asn1) |
| 263 | 322 | ||
| 323 | #define IMPLEMENT_PEM_write_const(name, type, str, asn1) \ | ||
| 324 | IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ | ||
| 325 | IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) | ||
| 326 | |||
| 264 | #define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \ | 327 | #define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \ |
| 265 | IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ | 328 | IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ |
| 266 | IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) | 329 | IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) |
| 267 | 330 | ||
| 331 | #define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \ | ||
| 332 | IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ | ||
| 333 | IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) | ||
| 334 | |||
| 268 | #define IMPLEMENT_PEM_read(name, type, str, asn1) \ | 335 | #define IMPLEMENT_PEM_read(name, type, str, asn1) \ |
| 269 | IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ | 336 | IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ |
| 270 | IMPLEMENT_PEM_read_fp(name, type, str, asn1) | 337 | IMPLEMENT_PEM_read_fp(name, type, str, asn1) |
| @@ -273,6 +340,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ | |||
| 273 | IMPLEMENT_PEM_read(name, type, str, asn1) \ | 340 | IMPLEMENT_PEM_read(name, type, str, asn1) \ |
| 274 | IMPLEMENT_PEM_write(name, type, str, asn1) | 341 | IMPLEMENT_PEM_write(name, type, str, asn1) |
| 275 | 342 | ||
| 343 | #define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \ | ||
| 344 | IMPLEMENT_PEM_read(name, type, str, asn1) \ | ||
| 345 | IMPLEMENT_PEM_write_const(name, type, str, asn1) | ||
| 346 | |||
| 276 | #define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \ | 347 | #define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \ |
| 277 | IMPLEMENT_PEM_read(name, type, str, asn1) \ | 348 | IMPLEMENT_PEM_read(name, type, str, asn1) \ |
| 278 | IMPLEMENT_PEM_write_cb(name, type, str, asn1) | 349 | IMPLEMENT_PEM_write_cb(name, type, str, asn1) |
| @@ -293,6 +364,9 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ | |||
| 293 | #define DECLARE_PEM_write_fp(name, type) \ | 364 | #define DECLARE_PEM_write_fp(name, type) \ |
| 294 | int PEM_write_##name(FILE *fp, type *x); | 365 | int PEM_write_##name(FILE *fp, type *x); |
| 295 | 366 | ||
| 367 | #define DECLARE_PEM_write_fp_const(name, type) \ | ||
| 368 | int PEM_write_##name(FILE *fp, const type *x); | ||
| 369 | |||
| 296 | #define DECLARE_PEM_write_cb_fp(name, type) \ | 370 | #define DECLARE_PEM_write_cb_fp(name, type) \ |
| 297 | int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ | 371 | int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ |
| 298 | unsigned char *kstr, int klen, pem_password_cb *cb, void *u); | 372 | unsigned char *kstr, int klen, pem_password_cb *cb, void *u); |
| @@ -306,6 +380,9 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ | |||
| 306 | #define DECLARE_PEM_write_bio(name, type) \ | 380 | #define DECLARE_PEM_write_bio(name, type) \ |
| 307 | int PEM_write_bio_##name(BIO *bp, type *x); | 381 | int PEM_write_bio_##name(BIO *bp, type *x); |
| 308 | 382 | ||
| 383 | #define DECLARE_PEM_write_bio_const(name, type) \ | ||
| 384 | int PEM_write_bio_##name(BIO *bp, const type *x); | ||
| 385 | |||
| 309 | #define DECLARE_PEM_write_cb_bio(name, type) \ | 386 | #define DECLARE_PEM_write_cb_bio(name, type) \ |
| 310 | int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ | 387 | int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ |
| 311 | unsigned char *kstr, int klen, pem_password_cb *cb, void *u); | 388 | unsigned char *kstr, int klen, pem_password_cb *cb, void *u); |
| @@ -322,6 +399,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ | |||
| 322 | DECLARE_PEM_write_bio(name, type) \ | 399 | DECLARE_PEM_write_bio(name, type) \ |
| 323 | DECLARE_PEM_write_fp(name, type) | 400 | DECLARE_PEM_write_fp(name, type) |
| 324 | 401 | ||
| 402 | #define DECLARE_PEM_write_const(name, type) \ | ||
| 403 | DECLARE_PEM_write_bio_const(name, type) \ | ||
| 404 | DECLARE_PEM_write_fp_const(name, type) | ||
| 405 | |||
| 325 | #define DECLARE_PEM_write_cb(name, type) \ | 406 | #define DECLARE_PEM_write_cb(name, type) \ |
| 326 | DECLARE_PEM_write_cb_bio(name, type) \ | 407 | DECLARE_PEM_write_cb_bio(name, type) \ |
| 327 | DECLARE_PEM_write_cb_fp(name, type) | 408 | DECLARE_PEM_write_cb_fp(name, type) |
| @@ -334,6 +415,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ | |||
| 334 | DECLARE_PEM_read(name, type) \ | 415 | DECLARE_PEM_read(name, type) \ |
| 335 | DECLARE_PEM_write(name, type) | 416 | DECLARE_PEM_write(name, type) |
| 336 | 417 | ||
| 418 | #define DECLARE_PEM_rw_const(name, type) \ | ||
| 419 | DECLARE_PEM_read(name, type) \ | ||
| 420 | DECLARE_PEM_write_const(name, type) | ||
| 421 | |||
| 337 | #define DECLARE_PEM_rw_cb(name, type) \ | 422 | #define DECLARE_PEM_rw_cb(name, type) \ |
| 338 | DECLARE_PEM_read(name, type) \ | 423 | DECLARE_PEM_read(name, type) \ |
| 339 | DECLARE_PEM_write_cb(name, type) | 424 | DECLARE_PEM_write_cb(name, type) |
| @@ -403,9 +488,6 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ | |||
| 403 | (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\ | 488 | (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\ |
| 404 | (char **)x,cb,u) | 489 | (char **)x,cb,u) |
| 405 | 490 | ||
| 406 | #define PEM_write_bio_SSL_SESSION(bp,x) \ | ||
| 407 | PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \ | ||
| 408 | PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL) | ||
| 409 | #define PEM_write_bio_X509(bp,x) \ | 491 | #define PEM_write_bio_X509(bp,x) \ |
| 410 | PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \ | 492 | PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \ |
| 411 | (char *)x, NULL,NULL,0,NULL,NULL) | 493 | (char *)x, NULL,NULL,0,NULL,NULL) |
| @@ -444,8 +526,6 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ | |||
| 444 | PEM_STRING_X509,bp, \ | 526 | PEM_STRING_X509,bp, \ |
| 445 | (char *)x, NULL,NULL,0,NULL,NULL) | 527 | (char *)x, NULL,NULL,0,NULL,NULL) |
| 446 | 528 | ||
| 447 | #define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \ | ||
| 448 | (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u) | ||
| 449 | #define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \ | 529 | #define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \ |
| 450 | (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u) | 530 | (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u) |
| 451 | #define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \ | 531 | #define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \ |
| @@ -494,11 +574,25 @@ int PEM_write_bio(BIO *bp,const char *name,char *hdr,unsigned char *data, | |||
| 494 | long len); | 574 | long len); |
| 495 | int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp, | 575 | int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp, |
| 496 | pem_password_cb *cb, void *u); | 576 | pem_password_cb *cb, void *u); |
| 497 | char * PEM_ASN1_read_bio(char *(*d2i)(),const char *name,BIO *bp,char **x, | 577 | void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, |
| 498 | pem_password_cb *cb, void *u); | 578 | void **x, pem_password_cb *cb, void *u); |
| 499 | int PEM_ASN1_write_bio(int (*i2d)(),const char *name,BIO *bp,char *x, | 579 | |
| 580 | #define PEM_ASN1_read_bio_of(type,d2i,name,bp,x,cb,u) \ | ||
| 581 | ((type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i), \ | ||
| 582 | name, bp, \ | ||
| 583 | CHECKED_PPTR_OF(type, x), \ | ||
| 584 | cb, u)) | ||
| 585 | |||
| 586 | int PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp,char *x, | ||
| 500 | const EVP_CIPHER *enc,unsigned char *kstr,int klen, | 587 | const EVP_CIPHER *enc,unsigned char *kstr,int klen, |
| 501 | pem_password_cb *cb, void *u); | 588 | pem_password_cb *cb, void *u); |
| 589 | |||
| 590 | #define PEM_ASN1_write_bio_of(type,i2d,name,bp,x,enc,kstr,klen,cb,u) \ | ||
| 591 | (PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d), \ | ||
| 592 | name, bp, \ | ||
| 593 | CHECKED_PTR_OF(type, x), \ | ||
| 594 | enc, kstr, klen, cb, u)) | ||
| 595 | |||
| 502 | STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); | 596 | STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); |
| 503 | int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc, | 597 | int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc, |
| 504 | unsigned char *kstr, int klen, pem_password_cb *cd, void *u); | 598 | unsigned char *kstr, int klen, pem_password_cb *cd, void *u); |
| @@ -508,11 +602,11 @@ int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc, | |||
| 508 | int PEM_read(FILE *fp, char **name, char **header, | 602 | int PEM_read(FILE *fp, char **name, char **header, |
| 509 | unsigned char **data,long *len); | 603 | unsigned char **data,long *len); |
| 510 | int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len); | 604 | int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len); |
| 511 | char * PEM_ASN1_read(char *(*d2i)(),const char *name,FILE *fp,char **x, | 605 | void * PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, |
| 512 | pem_password_cb *cb, void *u); | 606 | pem_password_cb *cb, void *u); |
| 513 | int PEM_ASN1_write(int (*i2d)(),const char *name,FILE *fp,char *x, | 607 | int PEM_ASN1_write(i2d_of_void *i2d,const char *name,FILE *fp, |
| 514 | const EVP_CIPHER *enc,unsigned char *kstr,int klen, | 608 | char *x,const EVP_CIPHER *enc,unsigned char *kstr, |
| 515 | pem_password_cb *callback, void *u); | 609 | int klen,pem_password_cb *callback, void *u); |
| 516 | STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, | 610 | STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, |
| 517 | pem_password_cb *cb, void *u); | 611 | pem_password_cb *cb, void *u); |
| 518 | #endif | 612 | #endif |
| @@ -542,6 +636,8 @@ DECLARE_PEM_rw(X509, X509) | |||
| 542 | 636 | ||
| 543 | DECLARE_PEM_rw(X509_AUX, X509) | 637 | DECLARE_PEM_rw(X509_AUX, X509) |
| 544 | 638 | ||
| 639 | DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR) | ||
| 640 | |||
| 545 | DECLARE_PEM_rw(X509_REQ, X509_REQ) | 641 | DECLARE_PEM_rw(X509_REQ, X509_REQ) |
| 546 | DECLARE_PEM_write(X509_REQ_NEW, X509_REQ) | 642 | DECLARE_PEM_write(X509_REQ_NEW, X509_REQ) |
| 547 | 643 | ||
| @@ -559,7 +655,7 @@ DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) | |||
| 559 | 655 | ||
| 560 | DECLARE_PEM_rw_cb(RSAPrivateKey, RSA) | 656 | DECLARE_PEM_rw_cb(RSAPrivateKey, RSA) |
| 561 | 657 | ||
| 562 | DECLARE_PEM_rw(RSAPublicKey, RSA) | 658 | DECLARE_PEM_rw_const(RSAPublicKey, RSA) |
| 563 | DECLARE_PEM_rw(RSA_PUBKEY, RSA) | 659 | DECLARE_PEM_rw(RSA_PUBKEY, RSA) |
| 564 | 660 | ||
| 565 | #endif | 661 | #endif |
| @@ -570,13 +666,19 @@ DECLARE_PEM_rw_cb(DSAPrivateKey, DSA) | |||
| 570 | 666 | ||
| 571 | DECLARE_PEM_rw(DSA_PUBKEY, DSA) | 667 | DECLARE_PEM_rw(DSA_PUBKEY, DSA) |
| 572 | 668 | ||
| 573 | DECLARE_PEM_rw(DSAparams, DSA) | 669 | DECLARE_PEM_rw_const(DSAparams, DSA) |
| 670 | |||
| 671 | #endif | ||
| 574 | 672 | ||
| 673 | #ifndef OPENSSL_NO_EC | ||
| 674 | DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP) | ||
| 675 | DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY) | ||
| 676 | DECLARE_PEM_rw(EC_PUBKEY, EC_KEY) | ||
| 575 | #endif | 677 | #endif |
| 576 | 678 | ||
| 577 | #ifndef OPENSSL_NO_DH | 679 | #ifndef OPENSSL_NO_DH |
| 578 | 680 | ||
| 579 | DECLARE_PEM_rw(DHparams, DH) | 681 | DECLARE_PEM_rw_const(DHparams, DH) |
| 580 | 682 | ||
| 581 | #endif | 683 | #endif |
| 582 | 684 | ||
| @@ -626,24 +728,27 @@ void ERR_load_PEM_strings(void); | |||
| 626 | /* Function codes. */ | 728 | /* Function codes. */ |
| 627 | #define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120 | 729 | #define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120 |
| 628 | #define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121 | 730 | #define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121 |
| 629 | #define PEM_F_DEF_CALLBACK 100 | 731 | #define PEM_F_DO_PK8PKEY 126 |
| 732 | #define PEM_F_DO_PK8PKEY_FP 125 | ||
| 630 | #define PEM_F_LOAD_IV 101 | 733 | #define PEM_F_LOAD_IV 101 |
| 631 | #define PEM_F_PEM_ASN1_READ 102 | 734 | #define PEM_F_PEM_ASN1_READ 102 |
| 632 | #define PEM_F_PEM_ASN1_READ_BIO 103 | 735 | #define PEM_F_PEM_ASN1_READ_BIO 103 |
| 633 | #define PEM_F_PEM_ASN1_WRITE 104 | 736 | #define PEM_F_PEM_ASN1_WRITE 104 |
| 634 | #define PEM_F_PEM_ASN1_WRITE_BIO 105 | 737 | #define PEM_F_PEM_ASN1_WRITE_BIO 105 |
| 738 | #define PEM_F_PEM_DEF_CALLBACK 100 | ||
| 635 | #define PEM_F_PEM_DO_HEADER 106 | 739 | #define PEM_F_PEM_DO_HEADER 106 |
| 636 | #define PEM_F_PEM_F_DO_PK8KEY_FP 122 | ||
| 637 | #define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118 | 740 | #define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118 |
| 638 | #define PEM_F_PEM_GET_EVP_CIPHER_INFO 107 | 741 | #define PEM_F_PEM_GET_EVP_CIPHER_INFO 107 |
| 742 | #define PEM_F_PEM_PK8PKEY 119 | ||
| 639 | #define PEM_F_PEM_READ 108 | 743 | #define PEM_F_PEM_READ 108 |
| 640 | #define PEM_F_PEM_READ_BIO 109 | 744 | #define PEM_F_PEM_READ_BIO 109 |
| 745 | #define PEM_F_PEM_READ_BIO_PRIVATEKEY 123 | ||
| 746 | #define PEM_F_PEM_READ_PRIVATEKEY 124 | ||
| 641 | #define PEM_F_PEM_SEALFINAL 110 | 747 | #define PEM_F_PEM_SEALFINAL 110 |
| 642 | #define PEM_F_PEM_SEALINIT 111 | 748 | #define PEM_F_PEM_SEALINIT 111 |
| 643 | #define PEM_F_PEM_SIGNFINAL 112 | 749 | #define PEM_F_PEM_SIGNFINAL 112 |
| 644 | #define PEM_F_PEM_WRITE 113 | 750 | #define PEM_F_PEM_WRITE 113 |
| 645 | #define PEM_F_PEM_WRITE_BIO 114 | 751 | #define PEM_F_PEM_WRITE_BIO 114 |
| 646 | #define PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY 119 | ||
| 647 | #define PEM_F_PEM_X509_INFO_READ 115 | 752 | #define PEM_F_PEM_X509_INFO_READ 115 |
| 648 | #define PEM_F_PEM_X509_INFO_READ_BIO 116 | 753 | #define PEM_F_PEM_X509_INFO_READ_BIO 116 |
| 649 | #define PEM_F_PEM_X509_INFO_WRITE_BIO 117 | 754 | #define PEM_F_PEM_X509_INFO_WRITE_BIO 117 |
diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c index 07963314c9..66cbc7eb82 100644 --- a/src/lib/libcrypto/pem/pem_all.c +++ b/src/lib/libcrypto/pem/pem_all.c | |||
| @@ -55,6 +55,59 @@ | |||
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. | ||
| 60 | * | ||
| 61 | * Redistribution and use in source and binary forms, with or without | ||
| 62 | * modification, are permitted provided that the following conditions | ||
| 63 | * are met: | ||
| 64 | * | ||
| 65 | * 1. Redistributions of source code must retain the above copyright | ||
| 66 | * notice, this list of conditions and the following disclaimer. | ||
| 67 | * | ||
| 68 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 69 | * notice, this list of conditions and the following disclaimer in | ||
| 70 | * the documentation and/or other materials provided with the | ||
| 71 | * distribution. | ||
| 72 | * | ||
| 73 | * 3. All advertising materials mentioning features or use of this | ||
| 74 | * software must display the following acknowledgment: | ||
| 75 | * "This product includes software developed by the OpenSSL Project | ||
| 76 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 77 | * | ||
| 78 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 79 | * endorse or promote products derived from this software without | ||
| 80 | * prior written permission. For written permission, please contact | ||
| 81 | * openssl-core@openssl.org. | ||
| 82 | * | ||
| 83 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 84 | * nor may "OpenSSL" appear in their names without prior written | ||
| 85 | * permission of the OpenSSL Project. | ||
| 86 | * | ||
| 87 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 88 | * acknowledgment: | ||
| 89 | * "This product includes software developed by the OpenSSL Project | ||
| 90 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 91 | * | ||
| 92 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 93 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 94 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 95 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 96 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 97 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 98 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 99 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 100 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 101 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 102 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 103 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 104 | * ==================================================================== | ||
| 105 | * | ||
| 106 | * This product includes cryptographic software written by Eric Young | ||
| 107 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 108 | * Hudson (tjh@cryptsoft.com). | ||
| 109 | * | ||
| 110 | */ | ||
| 58 | 111 | ||
| 59 | #include <stdio.h> | 112 | #include <stdio.h> |
| 60 | #undef SSLEAY_MACROS | 113 | #undef SSLEAY_MACROS |
| @@ -64,7 +117,15 @@ | |||
| 64 | #include <openssl/x509.h> | 117 | #include <openssl/x509.h> |
| 65 | #include <openssl/pkcs7.h> | 118 | #include <openssl/pkcs7.h> |
| 66 | #include <openssl/pem.h> | 119 | #include <openssl/pem.h> |
| 67 | #include <openssl/fips.h> | 120 | #ifndef OPENSSL_NO_RSA |
| 121 | #include <openssl/rsa.h> | ||
| 122 | #endif | ||
| 123 | #ifndef OPENSSL_NO_DSA | ||
| 124 | #include <openssl/dsa.h> | ||
| 125 | #endif | ||
| 126 | #ifndef OPENSSL_NO_DH | ||
| 127 | #include <openssl/dh.h> | ||
| 128 | #endif | ||
| 68 | 129 | ||
| 69 | #ifndef OPENSSL_NO_RSA | 130 | #ifndef OPENSSL_NO_RSA |
| 70 | static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); | 131 | static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); |
| @@ -73,6 +134,10 @@ static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); | |||
| 73 | static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa); | 134 | static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa); |
| 74 | #endif | 135 | #endif |
| 75 | 136 | ||
| 137 | #ifndef OPENSSL_NO_EC | ||
| 138 | static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey); | ||
| 139 | #endif | ||
| 140 | |||
| 76 | IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ) | 141 | IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ) |
| 77 | 142 | ||
| 78 | IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ) | 143 | IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ) |
| @@ -129,50 +194,8 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, | |||
| 129 | 194 | ||
| 130 | #endif | 195 | #endif |
| 131 | 196 | ||
| 132 | #ifdef OPENSSL_FIPS | 197 | IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) |
| 133 | 198 | IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) | |
| 134 | int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc, | ||
| 135 | unsigned char *kstr, int klen, | ||
| 136 | pem_password_cb *cb, void *u) | ||
| 137 | { | ||
| 138 | EVP_PKEY *k; | ||
| 139 | int ret; | ||
| 140 | k = EVP_PKEY_new(); | ||
| 141 | if (!k) | ||
| 142 | return 0; | ||
| 143 | EVP_PKEY_set1_RSA(k, x); | ||
| 144 | |||
| 145 | ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); | ||
| 146 | EVP_PKEY_free(k); | ||
| 147 | return ret; | ||
| 148 | } | ||
| 149 | |||
| 150 | #ifndef OPENSSL_NO_FP_API | ||
| 151 | int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc, | ||
| 152 | unsigned char *kstr, int klen, | ||
| 153 | pem_password_cb *cb, void *u) | ||
| 154 | { | ||
| 155 | EVP_PKEY *k; | ||
| 156 | int ret; | ||
| 157 | k = EVP_PKEY_new(); | ||
| 158 | if (!k) | ||
| 159 | return 0; | ||
| 160 | |||
| 161 | EVP_PKEY_set1_RSA(k, x); | ||
| 162 | |||
| 163 | ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); | ||
| 164 | EVP_PKEY_free(k); | ||
| 165 | return ret; | ||
| 166 | } | ||
| 167 | #endif | ||
| 168 | |||
| 169 | #else | ||
| 170 | |||
| 171 | IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) | ||
| 172 | |||
| 173 | #endif | ||
| 174 | |||
| 175 | IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) | ||
| 176 | IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) | 199 | IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) |
| 177 | 200 | ||
| 178 | #endif | 201 | #endif |
| @@ -201,69 +224,73 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, | |||
| 201 | return pkey_get_dsa(pktmp, dsa); | 224 | return pkey_get_dsa(pktmp, dsa); |
| 202 | } | 225 | } |
| 203 | 226 | ||
| 227 | IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) | ||
| 228 | IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) | ||
| 204 | 229 | ||
| 205 | #ifdef OPENSSL_FIPS | 230 | #ifndef OPENSSL_NO_FP_API |
| 206 | 231 | ||
| 207 | int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc, | 232 | DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, |
| 208 | unsigned char *kstr, int klen, | 233 | void *u) |
| 209 | pem_password_cb *cb, void *u) | ||
| 210 | { | 234 | { |
| 211 | EVP_PKEY *k; | 235 | EVP_PKEY *pktmp; |
| 212 | int ret; | 236 | pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); |
| 213 | k = EVP_PKEY_new(); | 237 | return pkey_get_dsa(pktmp, dsa); |
| 214 | if (!k) | ||
| 215 | return 0; | ||
| 216 | EVP_PKEY_set1_DSA(k, x); | ||
| 217 | |||
| 218 | ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); | ||
| 219 | EVP_PKEY_free(k); | ||
| 220 | return ret; | ||
| 221 | } | 238 | } |
| 222 | 239 | ||
| 223 | #ifndef OPENSSL_NO_FP_API | 240 | #endif |
| 224 | int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc, | 241 | |
| 225 | unsigned char *kstr, int klen, | 242 | IMPLEMENT_PEM_rw_const(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams) |
| 226 | pem_password_cb *cb, void *u) | 243 | |
| 244 | #endif | ||
| 245 | |||
| 246 | |||
| 247 | #ifndef OPENSSL_NO_EC | ||
| 248 | static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey) | ||
| 227 | { | 249 | { |
| 228 | EVP_PKEY *k; | 250 | EC_KEY *dtmp; |
| 229 | int ret; | 251 | if(!key) return NULL; |
| 230 | k = EVP_PKEY_new(); | 252 | dtmp = EVP_PKEY_get1_EC_KEY(key); |
| 231 | if (!k) | 253 | EVP_PKEY_free(key); |
| 232 | return 0; | 254 | if(!dtmp) return NULL; |
| 233 | EVP_PKEY_set1_DSA(k, x); | 255 | if(eckey) |
| 234 | ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); | 256 | { |
| 235 | EVP_PKEY_free(k); | 257 | EC_KEY_free(*eckey); |
| 236 | return ret; | 258 | *eckey = dtmp; |
| 259 | } | ||
| 260 | return dtmp; | ||
| 237 | } | 261 | } |
| 238 | #endif | ||
| 239 | 262 | ||
| 240 | #else | 263 | EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, |
| 264 | void *u) | ||
| 265 | { | ||
| 266 | EVP_PKEY *pktmp; | ||
| 267 | pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); | ||
| 268 | return pkey_get_eckey(pktmp, key); | ||
| 269 | } | ||
| 241 | 270 | ||
| 242 | IMPLEMENT_PEM_write_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) | 271 | IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters) |
| 243 | 272 | ||
| 244 | #endif | 273 | IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey) |
| 245 | 274 | ||
| 246 | IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) | 275 | IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) |
| 247 | 276 | ||
| 248 | #ifndef OPENSSL_NO_FP_API | 277 | #ifndef OPENSSL_NO_FP_API |
| 249 | 278 | ||
| 250 | DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, | 279 | EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb, |
| 251 | void *u) | 280 | void *u) |
| 252 | { | 281 | { |
| 253 | EVP_PKEY *pktmp; | 282 | EVP_PKEY *pktmp; |
| 254 | pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); | 283 | pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); |
| 255 | return pkey_get_dsa(pktmp, dsa); | 284 | return pkey_get_eckey(pktmp, eckey); |
| 256 | } | 285 | } |
| 257 | 286 | ||
| 258 | #endif | 287 | #endif |
| 259 | 288 | ||
| 260 | IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams) | ||
| 261 | |||
| 262 | #endif | 289 | #endif |
| 263 | 290 | ||
| 264 | #ifndef OPENSSL_NO_DH | 291 | #ifndef OPENSSL_NO_DH |
| 265 | 292 | ||
| 266 | IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) | 293 | IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) |
| 267 | 294 | ||
| 268 | #endif | 295 | #endif |
| 269 | 296 | ||
| @@ -274,42 +301,8 @@ IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) | |||
| 274 | * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything | 301 | * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything |
| 275 | * appropriate.) | 302 | * appropriate.) |
| 276 | */ | 303 | */ |
| 277 | 304 | IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:\ | |
| 278 | #ifdef OPENSSL_FIPS | 305 | (x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPRIVATEKEY), PrivateKey) |
| 279 | |||
| 280 | int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, | ||
| 281 | unsigned char *kstr, int klen, | ||
| 282 | pem_password_cb *cb, void *u) | ||
| 283 | { | ||
| 284 | if (FIPS_mode()) | ||
| 285 | return PEM_write_bio_PKCS8PrivateKey(bp, x, enc, | ||
| 286 | (char *)kstr, klen, cb, u); | ||
| 287 | else | ||
| 288 | return PEM_ASN1_write_bio((int (*)())i2d_PrivateKey, | ||
| 289 | (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), | ||
| 290 | bp,(char *)x,enc,kstr,klen,cb,u); | ||
| 291 | } | ||
| 292 | |||
| 293 | #ifndef OPENSSL_NO_FP_API | ||
| 294 | int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, | ||
| 295 | unsigned char *kstr, int klen, | ||
| 296 | pem_password_cb *cb, void *u) | ||
| 297 | { | ||
| 298 | if (FIPS_mode()) | ||
| 299 | return PEM_write_PKCS8PrivateKey(fp, x, enc, | ||
| 300 | (char *)kstr, klen, cb, u); | ||
| 301 | else | ||
| 302 | return PEM_ASN1_write((int (*)())i2d_PrivateKey, | ||
| 303 | (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), | ||
| 304 | fp,(char *)x,enc,kstr,klen,cb,u); | ||
| 305 | } | ||
| 306 | #endif | ||
| 307 | |||
| 308 | #else | ||
| 309 | |||
| 310 | IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), PrivateKey) | ||
| 311 | |||
| 312 | #endif | ||
| 313 | 306 | ||
| 314 | IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) | 307 | IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) |
| 315 | 308 | ||
diff --git a/src/lib/libcrypto/pem/pem_err.c b/src/lib/libcrypto/pem/pem_err.c index 8527028ebc..3133563d77 100644 --- a/src/lib/libcrypto/pem/pem_err.c +++ b/src/lib/libcrypto/pem/pem_err.c | |||
| @@ -72,24 +72,27 @@ static ERR_STRING_DATA PEM_str_functs[]= | |||
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"}, | 73 | {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"}, |
| 74 | {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"}, | 74 | {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"}, |
| 75 | {ERR_FUNC(PEM_F_DEF_CALLBACK), "DEF_CALLBACK"}, | 75 | {ERR_FUNC(PEM_F_DO_PK8PKEY), "DO_PK8PKEY"}, |
| 76 | {ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "DO_PK8PKEY_FP"}, | ||
| 76 | {ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"}, | 77 | {ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"}, |
| 77 | {ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"}, | 78 | {ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"}, |
| 78 | {ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"}, | 79 | {ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"}, |
| 79 | {ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"}, | 80 | {ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"}, |
| 80 | {ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"}, | 81 | {ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"}, |
| 82 | {ERR_FUNC(PEM_F_PEM_DEF_CALLBACK), "PEM_def_callback"}, | ||
| 81 | {ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"}, | 83 | {ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"}, |
| 82 | {ERR_FUNC(PEM_F_PEM_F_DO_PK8KEY_FP), "PEM_F_DO_PK8KEY_FP"}, | ||
| 83 | {ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY), "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"}, | 84 | {ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY), "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"}, |
| 84 | {ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"}, | 85 | {ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"}, |
| 86 | {ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"}, | ||
| 85 | {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"}, | 87 | {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"}, |
| 86 | {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"}, | 88 | {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"}, |
| 89 | {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_READ_BIO_PRIVATEKEY"}, | ||
| 90 | {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_READ_PRIVATEKEY"}, | ||
| 87 | {ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"}, | 91 | {ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"}, |
| 88 | {ERR_FUNC(PEM_F_PEM_SEALINIT), "PEM_SealInit"}, | 92 | {ERR_FUNC(PEM_F_PEM_SEALINIT), "PEM_SealInit"}, |
| 89 | {ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"}, | 93 | {ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"}, |
| 90 | {ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"}, | 94 | {ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"}, |
| 91 | {ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"}, | 95 | {ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"}, |
| 92 | {ERR_FUNC(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY), "PEM_write_bio_PKCS8PrivateKey"}, | ||
| 93 | {ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"}, | 96 | {ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"}, |
| 94 | {ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"}, | 97 | {ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"}, |
| 95 | {ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"}, | 98 | {ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"}, |
| @@ -121,15 +124,12 @@ static ERR_STRING_DATA PEM_str_reasons[]= | |||
| 121 | 124 | ||
| 122 | void ERR_load_PEM_strings(void) | 125 | void ERR_load_PEM_strings(void) |
| 123 | { | 126 | { |
| 124 | static int init=1; | 127 | #ifndef OPENSSL_NO_ERR |
| 125 | 128 | ||
| 126 | if (init) | 129 | if (ERR_func_error_string(PEM_str_functs[0].error) == NULL) |
| 127 | { | 130 | { |
| 128 | init=0; | ||
| 129 | #ifndef OPENSSL_NO_ERR | ||
| 130 | ERR_load_strings(0,PEM_str_functs); | 131 | ERR_load_strings(0,PEM_str_functs); |
| 131 | ERR_load_strings(0,PEM_str_reasons); | 132 | ERR_load_strings(0,PEM_str_reasons); |
| 132 | #endif | ||
| 133 | |||
| 134 | } | 133 | } |
| 134 | #endif | ||
| 135 | } | 135 | } |
diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c index 9e4af29c95..3a273f6f70 100644 --- a/src/lib/libcrypto/pem/pem_info.c +++ b/src/lib/libcrypto/pem/pem_info.c | |||
| @@ -63,6 +63,12 @@ | |||
| 63 | #include <openssl/evp.h> | 63 | #include <openssl/evp.h> |
| 64 | #include <openssl/x509.h> | 64 | #include <openssl/x509.h> |
| 65 | #include <openssl/pem.h> | 65 | #include <openssl/pem.h> |
| 66 | #ifndef OPENSSL_NO_RSA | ||
| 67 | #include <openssl/rsa.h> | ||
| 68 | #endif | ||
| 69 | #ifndef OPENSSL_NO_DSA | ||
| 70 | #include <openssl/dsa.h> | ||
| 71 | #endif | ||
| 66 | 72 | ||
| 67 | #ifndef OPENSSL_NO_FP_API | 73 | #ifndef OPENSSL_NO_FP_API |
| 68 | STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) | 74 | STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) |
| @@ -85,13 +91,15 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_p | |||
| 85 | STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) | 91 | STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) |
| 86 | { | 92 | { |
| 87 | X509_INFO *xi=NULL; | 93 | X509_INFO *xi=NULL; |
| 88 | char *name=NULL,*header=NULL,**pp; | 94 | char *name=NULL,*header=NULL; |
| 89 | unsigned char *data=NULL,*p; | 95 | void *pp; |
| 96 | unsigned char *data=NULL; | ||
| 97 | const unsigned char *p; | ||
| 90 | long len,error=0; | 98 | long len,error=0; |
| 91 | int ok=0; | 99 | int ok=0; |
| 92 | STACK_OF(X509_INFO) *ret=NULL; | 100 | STACK_OF(X509_INFO) *ret=NULL; |
| 93 | unsigned int i,raw; | 101 | unsigned int i,raw; |
| 94 | char *(*d2i)(); | 102 | d2i_of_void *d2i; |
| 95 | 103 | ||
| 96 | if (sk == NULL) | 104 | if (sk == NULL) |
| 97 | { | 105 | { |
| @@ -123,42 +131,42 @@ start: | |||
| 123 | if ( (strcmp(name,PEM_STRING_X509) == 0) || | 131 | if ( (strcmp(name,PEM_STRING_X509) == 0) || |
| 124 | (strcmp(name,PEM_STRING_X509_OLD) == 0)) | 132 | (strcmp(name,PEM_STRING_X509_OLD) == 0)) |
| 125 | { | 133 | { |
| 126 | d2i=(char *(*)())d2i_X509; | 134 | d2i=(D2I_OF(void))d2i_X509; |
| 127 | if (xi->x509 != NULL) | 135 | if (xi->x509 != NULL) |
| 128 | { | 136 | { |
| 129 | if (!sk_X509_INFO_push(ret,xi)) goto err; | 137 | if (!sk_X509_INFO_push(ret,xi)) goto err; |
| 130 | if ((xi=X509_INFO_new()) == NULL) goto err; | 138 | if ((xi=X509_INFO_new()) == NULL) goto err; |
| 131 | goto start; | 139 | goto start; |
| 132 | } | 140 | } |
| 133 | pp=(char **)&(xi->x509); | 141 | pp=&(xi->x509); |
| 134 | } | 142 | } |
| 135 | else if ((strcmp(name,PEM_STRING_X509_TRUSTED) == 0)) | 143 | else if ((strcmp(name,PEM_STRING_X509_TRUSTED) == 0)) |
| 136 | { | 144 | { |
| 137 | d2i=(char *(*)())d2i_X509_AUX; | 145 | d2i=(D2I_OF(void))d2i_X509_AUX; |
| 138 | if (xi->x509 != NULL) | 146 | if (xi->x509 != NULL) |
| 139 | { | 147 | { |
| 140 | if (!sk_X509_INFO_push(ret,xi)) goto err; | 148 | if (!sk_X509_INFO_push(ret,xi)) goto err; |
| 141 | if ((xi=X509_INFO_new()) == NULL) goto err; | 149 | if ((xi=X509_INFO_new()) == NULL) goto err; |
| 142 | goto start; | 150 | goto start; |
| 143 | } | 151 | } |
| 144 | pp=(char **)&(xi->x509); | 152 | pp=&(xi->x509); |
| 145 | } | 153 | } |
| 146 | else if (strcmp(name,PEM_STRING_X509_CRL) == 0) | 154 | else if (strcmp(name,PEM_STRING_X509_CRL) == 0) |
| 147 | { | 155 | { |
| 148 | d2i=(char *(*)())d2i_X509_CRL; | 156 | d2i=(D2I_OF(void))d2i_X509_CRL; |
| 149 | if (xi->crl != NULL) | 157 | if (xi->crl != NULL) |
| 150 | { | 158 | { |
| 151 | if (!sk_X509_INFO_push(ret,xi)) goto err; | 159 | if (!sk_X509_INFO_push(ret,xi)) goto err; |
| 152 | if ((xi=X509_INFO_new()) == NULL) goto err; | 160 | if ((xi=X509_INFO_new()) == NULL) goto err; |
| 153 | goto start; | 161 | goto start; |
| 154 | } | 162 | } |
| 155 | pp=(char **)&(xi->crl); | 163 | pp=&(xi->crl); |
| 156 | } | 164 | } |
| 157 | else | 165 | else |
| 158 | #ifndef OPENSSL_NO_RSA | 166 | #ifndef OPENSSL_NO_RSA |
| 159 | if (strcmp(name,PEM_STRING_RSA) == 0) | 167 | if (strcmp(name,PEM_STRING_RSA) == 0) |
| 160 | { | 168 | { |
| 161 | d2i=(char *(*)())d2i_RSAPrivateKey; | 169 | d2i=(D2I_OF(void))d2i_RSAPrivateKey; |
| 162 | if (xi->x_pkey != NULL) | 170 | if (xi->x_pkey != NULL) |
| 163 | { | 171 | { |
| 164 | if (!sk_X509_INFO_push(ret,xi)) goto err; | 172 | if (!sk_X509_INFO_push(ret,xi)) goto err; |
| @@ -173,7 +181,7 @@ start: | |||
| 173 | if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) | 181 | if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) |
| 174 | goto err; | 182 | goto err; |
| 175 | xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA; | 183 | xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA; |
| 176 | pp=(char **)&(xi->x_pkey->dec_pkey->pkey.rsa); | 184 | pp=&(xi->x_pkey->dec_pkey->pkey.rsa); |
| 177 | if ((int)strlen(header) > 10) /* assume encrypted */ | 185 | if ((int)strlen(header) > 10) /* assume encrypted */ |
| 178 | raw=1; | 186 | raw=1; |
| 179 | } | 187 | } |
| @@ -182,7 +190,7 @@ start: | |||
| 182 | #ifndef OPENSSL_NO_DSA | 190 | #ifndef OPENSSL_NO_DSA |
| 183 | if (strcmp(name,PEM_STRING_DSA) == 0) | 191 | if (strcmp(name,PEM_STRING_DSA) == 0) |
| 184 | { | 192 | { |
| 185 | d2i=(char *(*)())d2i_DSAPrivateKey; | 193 | d2i=(D2I_OF(void))d2i_DSAPrivateKey; |
| 186 | if (xi->x_pkey != NULL) | 194 | if (xi->x_pkey != NULL) |
| 187 | { | 195 | { |
| 188 | if (!sk_X509_INFO_push(ret,xi)) goto err; | 196 | if (!sk_X509_INFO_push(ret,xi)) goto err; |
| @@ -197,12 +205,36 @@ start: | |||
| 197 | if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) | 205 | if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) |
| 198 | goto err; | 206 | goto err; |
| 199 | xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA; | 207 | xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA; |
| 200 | pp=(char **)&(xi->x_pkey->dec_pkey->pkey.dsa); | 208 | pp=&xi->x_pkey->dec_pkey->pkey.dsa; |
| 201 | if ((int)strlen(header) > 10) /* assume encrypted */ | 209 | if ((int)strlen(header) > 10) /* assume encrypted */ |
| 202 | raw=1; | 210 | raw=1; |
| 203 | } | 211 | } |
| 204 | else | 212 | else |
| 205 | #endif | 213 | #endif |
| 214 | #ifndef OPENSSL_NO_EC | ||
| 215 | if (strcmp(name,PEM_STRING_ECPRIVATEKEY) == 0) | ||
| 216 | { | ||
| 217 | d2i=(D2I_OF(void))d2i_ECPrivateKey; | ||
| 218 | if (xi->x_pkey != NULL) | ||
| 219 | { | ||
| 220 | if (!sk_X509_INFO_push(ret,xi)) goto err; | ||
| 221 | if ((xi=X509_INFO_new()) == NULL) goto err; | ||
| 222 | goto start; | ||
| 223 | } | ||
| 224 | |||
| 225 | xi->enc_data=NULL; | ||
| 226 | xi->enc_len=0; | ||
| 227 | |||
| 228 | xi->x_pkey=X509_PKEY_new(); | ||
| 229 | if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) | ||
| 230 | goto err; | ||
| 231 | xi->x_pkey->dec_pkey->type=EVP_PKEY_EC; | ||
| 232 | pp=&(xi->x_pkey->dec_pkey->pkey.ec); | ||
| 233 | if ((int)strlen(header) > 10) /* assume encrypted */ | ||
| 234 | raw=1; | ||
| 235 | } | ||
| 236 | else | ||
| 237 | #endif | ||
| 206 | { | 238 | { |
| 207 | d2i=NULL; | 239 | d2i=NULL; |
| 208 | pp=NULL; | 240 | pp=NULL; |
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c index 82815067b3..9bae4c8850 100644 --- a/src/lib/libcrypto/pem/pem_lib.c +++ b/src/lib/libcrypto/pem/pem_lib.c | |||
| @@ -69,7 +69,7 @@ | |||
| 69 | #include <openssl/des.h> | 69 | #include <openssl/des.h> |
| 70 | #endif | 70 | #endif |
| 71 | 71 | ||
| 72 | const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT; | 72 | const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT; |
| 73 | 73 | ||
| 74 | #define MIN_LENGTH 4 | 74 | #define MIN_LENGTH 4 |
| 75 | 75 | ||
| @@ -81,7 +81,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key) | |||
| 81 | #ifdef OPENSSL_NO_FP_API | 81 | #ifdef OPENSSL_NO_FP_API |
| 82 | /* We should not ever call the default callback routine from | 82 | /* We should not ever call the default callback routine from |
| 83 | * windows. */ | 83 | * windows. */ |
| 84 | PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 84 | PEMerr(PEM_F_PEM_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 85 | return(-1); | 85 | return(-1); |
| 86 | #else | 86 | #else |
| 87 | int i,j; | 87 | int i,j; |
| @@ -102,7 +102,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key) | |||
| 102 | i=EVP_read_pw_string(buf,num,prompt,w); | 102 | i=EVP_read_pw_string(buf,num,prompt,w); |
| 103 | if (i != 0) | 103 | if (i != 0) |
| 104 | { | 104 | { |
| 105 | PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD); | 105 | PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD); |
| 106 | memset(buf,0,(unsigned int)num); | 106 | memset(buf,0,(unsigned int)num); |
| 107 | return(-1); | 107 | return(-1); |
| 108 | } | 108 | } |
| @@ -158,11 +158,11 @@ void PEM_dek_info(char *buf, const char *type, int len, char *str) | |||
| 158 | } | 158 | } |
| 159 | 159 | ||
| 160 | #ifndef OPENSSL_NO_FP_API | 160 | #ifndef OPENSSL_NO_FP_API |
| 161 | char *PEM_ASN1_read(char *(*d2i)(), const char *name, FILE *fp, char **x, | 161 | void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, |
| 162 | pem_password_cb *cb, void *u) | 162 | pem_password_cb *cb, void *u) |
| 163 | { | 163 | { |
| 164 | BIO *b; | 164 | BIO *b; |
| 165 | char *ret; | 165 | void *ret; |
| 166 | 166 | ||
| 167 | if ((b=BIO_new(BIO_s_file())) == NULL) | 167 | if ((b=BIO_new(BIO_s_file())) == NULL) |
| 168 | { | 168 | { |
| @@ -195,6 +195,8 @@ static int check_pem(const char *nm, const char *name) | |||
| 195 | if(!strcmp(nm,PEM_STRING_DSA) && | 195 | if(!strcmp(nm,PEM_STRING_DSA) && |
| 196 | !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; | 196 | !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; |
| 197 | 197 | ||
| 198 | if(!strcmp(nm,PEM_STRING_ECPRIVATEKEY) && | ||
| 199 | !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; | ||
| 198 | /* Permit older strings */ | 200 | /* Permit older strings */ |
| 199 | 201 | ||
| 200 | if(!strcmp(nm,PEM_STRING_X509_OLD) && | 202 | if(!strcmp(nm,PEM_STRING_X509_OLD) && |
| @@ -258,9 +260,9 @@ err: | |||
| 258 | } | 260 | } |
| 259 | 261 | ||
| 260 | #ifndef OPENSSL_NO_FP_API | 262 | #ifndef OPENSSL_NO_FP_API |
| 261 | int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x, | 263 | int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, |
| 262 | const EVP_CIPHER *enc, unsigned char *kstr, int klen, | 264 | char *x, const EVP_CIPHER *enc, unsigned char *kstr, |
| 263 | pem_password_cb *callback, void *u) | 265 | int klen, pem_password_cb *callback, void *u) |
| 264 | { | 266 | { |
| 265 | BIO *b; | 267 | BIO *b; |
| 266 | int ret; | 268 | int ret; |
| @@ -277,9 +279,9 @@ int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x, | |||
| 277 | } | 279 | } |
| 278 | #endif | 280 | #endif |
| 279 | 281 | ||
| 280 | int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, | 282 | int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, |
| 281 | const EVP_CIPHER *enc, unsigned char *kstr, int klen, | 283 | char *x, const EVP_CIPHER *enc, unsigned char *kstr, |
| 282 | pem_password_cb *callback, void *u) | 284 | int klen, pem_password_cb *callback, void *u) |
| 283 | { | 285 | { |
| 284 | EVP_CIPHER_CTX ctx; | 286 | EVP_CIPHER_CTX ctx; |
| 285 | int dsize=0,i,j,ret=0; | 287 | int dsize=0,i,j,ret=0; |
| @@ -336,7 +338,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, | |||
| 336 | kstr=(unsigned char *)buf; | 338 | kstr=(unsigned char *)buf; |
| 337 | } | 339 | } |
| 338 | RAND_add(data,i,0);/* put in the RSA key. */ | 340 | RAND_add(data,i,0);/* put in the RSA key. */ |
| 339 | OPENSSL_assert(enc->iv_len <= sizeof iv); | 341 | OPENSSL_assert(enc->iv_len <= (int)sizeof(iv)); |
| 340 | if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */ | 342 | if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */ |
| 341 | goto err; | 343 | goto err; |
| 342 | /* The 'iv' is used as the iv and as a salt. It is | 344 | /* The 'iv' is used as the iv and as a salt. It is |
| @@ -577,6 +579,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, | |||
| 577 | } | 579 | } |
| 578 | EVP_EncodeFinal(&ctx,buf,&outl); | 580 | EVP_EncodeFinal(&ctx,buf,&outl); |
| 579 | if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err; | 581 | if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err; |
| 582 | OPENSSL_cleanse(buf, PEM_BUFSIZE*8); | ||
| 580 | OPENSSL_free(buf); | 583 | OPENSSL_free(buf); |
| 581 | buf = NULL; | 584 | buf = NULL; |
| 582 | if ( (BIO_write(bp,"-----END ",9) != 9) || | 585 | if ( (BIO_write(bp,"-----END ",9) != 9) || |
| @@ -585,8 +588,10 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, | |||
| 585 | goto err; | 588 | goto err; |
| 586 | return(i+outl); | 589 | return(i+outl); |
| 587 | err: | 590 | err: |
| 588 | if (buf) | 591 | if (buf) { |
| 592 | OPENSSL_cleanse(buf, PEM_BUFSIZE*8); | ||
| 589 | OPENSSL_free(buf); | 593 | OPENSSL_free(buf); |
| 594 | } | ||
| 590 | PEMerr(PEM_F_PEM_WRITE_BIO,reason); | 595 | PEMerr(PEM_F_PEM_WRITE_BIO,reason); |
| 591 | return(0); | 596 | return(0); |
| 592 | } | 597 | } |
diff --git a/src/lib/libcrypto/pem/pem_oth.c b/src/lib/libcrypto/pem/pem_oth.c index 8d9064ea7c..b33868d25a 100644 --- a/src/lib/libcrypto/pem/pem_oth.c +++ b/src/lib/libcrypto/pem/pem_oth.c | |||
| @@ -67,10 +67,11 @@ | |||
| 67 | 67 | ||
| 68 | /* Handle 'other' PEMs: not private keys */ | 68 | /* Handle 'other' PEMs: not private keys */ |
| 69 | 69 | ||
| 70 | char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x, | 70 | void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x, |
| 71 | pem_password_cb *cb, void *u) | 71 | pem_password_cb *cb, void *u) |
| 72 | { | 72 | { |
| 73 | unsigned char *p=NULL,*data=NULL; | 73 | const unsigned char *p=NULL; |
| 74 | unsigned char *data=NULL; | ||
| 74 | long len; | 75 | long len; |
| 75 | char *ret=NULL; | 76 | char *ret=NULL; |
| 76 | 77 | ||
diff --git a/src/lib/libcrypto/pem/pem_pk8.c b/src/lib/libcrypto/pem/pem_pk8.c index db38a2a79d..6deab8c338 100644 --- a/src/lib/libcrypto/pem/pem_pk8.c +++ b/src/lib/libcrypto/pem/pem_pk8.c | |||
| @@ -118,7 +118,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER | |||
| 118 | char buf[PEM_BUFSIZE]; | 118 | char buf[PEM_BUFSIZE]; |
| 119 | int ret; | 119 | int ret; |
| 120 | if(!(p8inf = EVP_PKEY2PKCS8(x))) { | 120 | if(!(p8inf = EVP_PKEY2PKCS8(x))) { |
| 121 | PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY, | 121 | PEMerr(PEM_F_DO_PK8PKEY, |
| 122 | PEM_R_ERROR_CONVERTING_PRIVATE_KEY); | 122 | PEM_R_ERROR_CONVERTING_PRIVATE_KEY); |
| 123 | return 0; | 123 | return 0; |
| 124 | } | 124 | } |
| @@ -127,8 +127,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER | |||
| 127 | if(!cb) klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u); | 127 | if(!cb) klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u); |
| 128 | else klen = cb(buf, PEM_BUFSIZE, 1, u); | 128 | else klen = cb(buf, PEM_BUFSIZE, 1, u); |
| 129 | if(klen <= 0) { | 129 | if(klen <= 0) { |
| 130 | PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY, | 130 | PEMerr(PEM_F_DO_PK8PKEY,PEM_R_READ_KEY); |
| 131 | PEM_R_READ_KEY); | ||
| 132 | PKCS8_PRIV_KEY_INFO_free(p8inf); | 131 | PKCS8_PRIV_KEY_INFO_free(p8inf); |
| 133 | return 0; | 132 | return 0; |
| 134 | } | 133 | } |
| @@ -215,7 +214,7 @@ static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CI | |||
| 215 | BIO *bp; | 214 | BIO *bp; |
| 216 | int ret; | 215 | int ret; |
| 217 | if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { | 216 | if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { |
| 218 | PEMerr(PEM_F_PEM_F_DO_PK8KEY_FP,ERR_R_BUF_LIB); | 217 | PEMerr(PEM_F_DO_PK8PKEY_FP,ERR_R_BUF_LIB); |
| 219 | return(0); | 218 | return(0); |
| 220 | } | 219 | } |
| 221 | ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u); | 220 | ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u); |
diff --git a/src/lib/libcrypto/pem/pem_pkey.c b/src/lib/libcrypto/pem/pem_pkey.c index 9ecdbd5419..4da4c31ce5 100644 --- a/src/lib/libcrypto/pem/pem_pkey.c +++ b/src/lib/libcrypto/pem/pem_pkey.c | |||
| @@ -70,7 +70,8 @@ | |||
| 70 | EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) | 70 | EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) |
| 71 | { | 71 | { |
| 72 | char *nm=NULL; | 72 | char *nm=NULL; |
| 73 | unsigned char *p=NULL,*data=NULL; | 73 | const unsigned char *p=NULL; |
| 74 | unsigned char *data=NULL; | ||
| 74 | long len; | 75 | long len; |
| 75 | EVP_PKEY *ret=NULL; | 76 | EVP_PKEY *ret=NULL; |
| 76 | 77 | ||
| @@ -82,6 +83,8 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo | |||
| 82 | ret=d2i_PrivateKey(EVP_PKEY_RSA,x,&p,len); | 83 | ret=d2i_PrivateKey(EVP_PKEY_RSA,x,&p,len); |
| 83 | else if (strcmp(nm,PEM_STRING_DSA) == 0) | 84 | else if (strcmp(nm,PEM_STRING_DSA) == 0) |
| 84 | ret=d2i_PrivateKey(EVP_PKEY_DSA,x,&p,len); | 85 | ret=d2i_PrivateKey(EVP_PKEY_DSA,x,&p,len); |
| 86 | else if (strcmp(nm,PEM_STRING_ECPRIVATEKEY) == 0) | ||
| 87 | ret=d2i_PrivateKey(EVP_PKEY_EC,x,&p,len); | ||
| 85 | else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) { | 88 | else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) { |
| 86 | PKCS8_PRIV_KEY_INFO *p8inf; | 89 | PKCS8_PRIV_KEY_INFO *p8inf; |
| 87 | p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len); | 90 | p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len); |
| @@ -102,7 +105,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo | |||
| 102 | if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u); | 105 | if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u); |
| 103 | else klen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u); | 106 | else klen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u); |
| 104 | if (klen <= 0) { | 107 | if (klen <= 0) { |
| 105 | PEMerr(PEM_F_PEM_ASN1_READ_BIO, | 108 | PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, |
| 106 | PEM_R_BAD_PASSWORD_READ); | 109 | PEM_R_BAD_PASSWORD_READ); |
| 107 | X509_SIG_free(p8); | 110 | X509_SIG_free(p8); |
| 108 | goto err; | 111 | goto err; |
| @@ -119,9 +122,10 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo | |||
| 119 | } | 122 | } |
| 120 | p8err: | 123 | p8err: |
| 121 | if (ret == NULL) | 124 | if (ret == NULL) |
| 122 | PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB); | 125 | PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,ERR_R_ASN1_LIB); |
| 123 | err: | 126 | err: |
| 124 | OPENSSL_free(nm); | 127 | OPENSSL_free(nm); |
| 128 | OPENSSL_cleanse(data, len); | ||
| 125 | OPENSSL_free(data); | 129 | OPENSSL_free(data); |
| 126 | return(ret); | 130 | return(ret); |
| 127 | } | 131 | } |
| @@ -134,7 +138,7 @@ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void | |||
| 134 | 138 | ||
| 135 | if ((b=BIO_new(BIO_s_file())) == NULL) | 139 | if ((b=BIO_new(BIO_s_file())) == NULL) |
| 136 | { | 140 | { |
| 137 | PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB); | 141 | PEMerr(PEM_F_PEM_READ_PRIVATEKEY,ERR_R_BUF_LIB); |
| 138 | return(0); | 142 | return(0); |
| 139 | } | 143 | } |
| 140 | BIO_set_fp(b,fp,BIO_NOCLOSE); | 144 | BIO_set_fp(b,fp,BIO_NOCLOSE); |
diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c index 56e08abd70..4e554e5481 100644 --- a/src/lib/libcrypto/pem/pem_seal.c +++ b/src/lib/libcrypto/pem/pem_seal.c | |||
| @@ -56,6 +56,7 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/opensslconf.h> /* for OPENSSL_NO_RSA */ | ||
| 59 | #ifndef OPENSSL_NO_RSA | 60 | #ifndef OPENSSL_NO_RSA |
| 60 | #include <stdio.h> | 61 | #include <stdio.h> |
| 61 | #include "cryptlib.h" | 62 | #include "cryptlib.h" |
| @@ -64,6 +65,7 @@ | |||
| 64 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 65 | #include <openssl/x509.h> | 66 | #include <openssl/x509.h> |
| 66 | #include <openssl/pem.h> | 67 | #include <openssl/pem.h> |
| 68 | #include <openssl/rsa.h> | ||
| 67 | 69 | ||
| 68 | int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, | 70 | int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, |
| 69 | unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, | 71 | unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, |
diff --git a/src/lib/libcrypto/pem/pem_xaux.c b/src/lib/libcrypto/pem/pem_xaux.c index 2f579b5421..63ce660cf1 100644 --- a/src/lib/libcrypto/pem/pem_xaux.c +++ b/src/lib/libcrypto/pem/pem_xaux.c | |||
| @@ -66,3 +66,4 @@ | |||
| 66 | #include <openssl/pem.h> | 66 | #include <openssl/pem.h> |
| 67 | 67 | ||
| 68 | IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX) | 68 | IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX) |
| 69 | IMPLEMENT_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR, PEM_STRING_X509_PAIR, X509_CERT_PAIR) | ||
diff --git a/src/lib/libcrypto/perlasm/cbc.pl b/src/lib/libcrypto/perlasm/cbc.pl index 22149c680e..e43dc9ae15 100644 --- a/src/lib/libcrypto/perlasm/cbc.pl +++ b/src/lib/libcrypto/perlasm/cbc.pl | |||
| @@ -322,7 +322,8 @@ sub cbc | |||
| 322 | 322 | ||
| 323 | &function_end_A($name); | 323 | &function_end_A($name); |
| 324 | 324 | ||
| 325 | &set_label("cbc_enc_jmp_table",1); | 325 | &align(64); |
| 326 | &set_label("cbc_enc_jmp_table"); | ||
| 326 | &data_word("0"); | 327 | &data_word("0"); |
| 327 | &data_word(&label("ej1")."-".&label("PIC_point")); | 328 | &data_word(&label("ej1")."-".&label("PIC_point")); |
| 328 | &data_word(&label("ej2")."-".&label("PIC_point")); | 329 | &data_word(&label("ej2")."-".&label("PIC_point")); |
| @@ -341,6 +342,7 @@ sub cbc | |||
| 341 | #&data_word(&label("dj5")."-".&label("PIC_point")); | 342 | #&data_word(&label("dj5")."-".&label("PIC_point")); |
| 342 | #&data_word(&label("dj6")."-".&label("PIC_point")); | 343 | #&data_word(&label("dj6")."-".&label("PIC_point")); |
| 343 | #&data_word(&label("dj7")."-".&label("PIC_point")); | 344 | #&data_word(&label("dj7")."-".&label("PIC_point")); |
| 345 | &align(64); | ||
| 344 | 346 | ||
| 345 | &function_end_B($name); | 347 | &function_end_B($name); |
| 346 | 348 | ||
diff --git a/src/lib/libcrypto/perlasm/x86asm.pl b/src/lib/libcrypto/perlasm/x86asm.pl index c3de90c65d..f535c9c7fa 100644 --- a/src/lib/libcrypto/perlasm/x86asm.pl +++ b/src/lib/libcrypto/perlasm/x86asm.pl | |||
| @@ -18,7 +18,7 @@ sub main'asm_init | |||
| 18 | ($type,$fn,$i386)=@_; | 18 | ($type,$fn,$i386)=@_; |
| 19 | $filename=$fn; | 19 | $filename=$fn; |
| 20 | 20 | ||
| 21 | $elf=$cpp=$sol=$aout=$win32=$gaswin=$openbsd=0; | 21 | $elf=$cpp=$coff=$aout=$win32=$netware=$mwerks=$openbsd=0; |
| 22 | if ( ($type eq "elf")) | 22 | if ( ($type eq "elf")) |
| 23 | { $elf=1; require "x86unix.pl"; } | 23 | { $elf=1; require "x86unix.pl"; } |
| 24 | elsif ( ($type eq "openbsd-elf")) | 24 | elsif ( ($type eq "openbsd-elf")) |
| @@ -27,28 +27,31 @@ sub main'asm_init | |||
| 27 | { $openbsd=1; require "x86unix.pl"; } | 27 | { $openbsd=1; require "x86unix.pl"; } |
| 28 | elsif ( ($type eq "a.out")) | 28 | elsif ( ($type eq "a.out")) |
| 29 | { $aout=1; require "x86unix.pl"; } | 29 | { $aout=1; require "x86unix.pl"; } |
| 30 | elsif ( ($type eq "gaswin")) | 30 | elsif ( ($type eq "coff" or $type eq "gaswin")) |
| 31 | { $gaswin=1; $aout=1; require "x86unix.pl"; } | 31 | { $coff=1; require "x86unix.pl"; } |
| 32 | elsif ( ($type eq "sol")) | ||
| 33 | { $sol=1; require "x86unix.pl"; } | ||
| 34 | elsif ( ($type eq "cpp")) | 32 | elsif ( ($type eq "cpp")) |
| 35 | { $cpp=1; require "x86unix.pl"; } | 33 | { $cpp=1; require "x86unix.pl"; } |
| 36 | elsif ( ($type eq "win32")) | 34 | elsif ( ($type eq "win32")) |
| 37 | { $win32=1; require "x86ms.pl"; } | 35 | { $win32=1; require "x86ms.pl"; } |
| 38 | elsif ( ($type eq "win32n")) | 36 | elsif ( ($type eq "win32n")) |
| 39 | { $win32=1; require "x86nasm.pl"; } | 37 | { $win32=1; require "x86nasm.pl"; } |
| 38 | elsif ( ($type eq "nw-nasm")) | ||
| 39 | { $netware=1; require "x86nasm.pl"; } | ||
| 40 | elsif ( ($type eq "nw-mwasm")) | ||
| 41 | { $netware=1; $mwerks=1; require "x86nasm.pl"; } | ||
| 40 | else | 42 | else |
| 41 | { | 43 | { |
| 42 | print STDERR <<"EOF"; | 44 | print STDERR <<"EOF"; |
| 43 | Pick one target type from | 45 | Pick one target type from |
| 44 | elf - linux, FreeBSD etc | 46 | elf - Linux, FreeBSD, Solaris x86, etc. |
| 45 | a.out - old linux | 47 | a.out - OpenBSD, DJGPP, etc. |
| 46 | sol - x86 solaris | 48 | coff - GAS/COFF such as Win32 targets |
| 47 | cpp - format so x86unix.cpp can be used | ||
| 48 | win32 - Windows 95/Windows NT | 49 | win32 - Windows 95/Windows NT |
| 49 | win32n - Windows 95/Windows NT NASM format | 50 | win32n - Windows 95/Windows NT NASM format |
| 50 | openbsd-elf - OpenBSD elf | 51 | openbsd-elf - OpenBSD elf |
| 51 | openbsd-a.out - OpenBSD a.out | 52 | openbsd-a.out - OpenBSD a.out |
| 53 | nw-nasm - NetWare NASM format | ||
| 54 | nw-mwasm- NetWare Metrowerks Assembler | ||
| 52 | EOF | 55 | EOF |
| 53 | exit(1); | 56 | exit(1); |
| 54 | } | 57 | } |
| @@ -61,7 +64,7 @@ EOF | |||
| 61 | &comment("Don't even think of reading this code"); | 64 | &comment("Don't even think of reading this code"); |
| 62 | &comment("It was automatically generated by $filename"); | 65 | &comment("It was automatically generated by $filename"); |
| 63 | &comment("Which is a perl program used to generate the x86 assember for"); | 66 | &comment("Which is a perl program used to generate the x86 assember for"); |
| 64 | &comment("any of elf, a.out, BSDI, Win32, gaswin (for GNU as on Win32) or Solaris"); | 67 | &comment("any of ELF, a.out, COFF, Win32, ..."); |
| 65 | &comment("eric <eay\@cryptsoft.com>"); | 68 | &comment("eric <eay\@cryptsoft.com>"); |
| 66 | &comment(""); | 69 | &comment(""); |
| 67 | 70 | ||
| @@ -96,7 +99,7 @@ $tmp | |||
| 96 | #ifdef OUT | 99 | #ifdef OUT |
| 97 | #define OK 1 | 100 | #define OK 1 |
| 98 | #define ALIGN 4 | 101 | #define ALIGN 4 |
| 99 | #if defined(__CYGWIN__) || defined(__DJGPP__) || defined(__MINGW32__) | 102 | #if defined(__CYGWIN__) || defined(__DJGPP__) || (__MINGW32__) |
| 100 | #undef SIZE | 103 | #undef SIZE |
| 101 | #undef TYPE | 104 | #undef TYPE |
| 102 | #define SIZE(a,b) | 105 | #define SIZE(a,b) |
| @@ -130,6 +133,4 @@ BSDI - a.out with a very primative version of as. | |||
| 130 | EOF | 133 | EOF |
| 131 | } | 134 | } |
| 132 | 135 | ||
| 133 | sub main'align() {} # swallow align statements in 0.9.7 context | ||
| 134 | |||
| 135 | 1; | 136 | 1; |
diff --git a/src/lib/libcrypto/perlasm/x86ms.pl b/src/lib/libcrypto/perlasm/x86ms.pl index b6bd744057..a0be2934c2 100644 --- a/src/lib/libcrypto/perlasm/x86ms.pl +++ b/src/lib/libcrypto/perlasm/x86ms.pl | |||
| @@ -27,7 +27,13 @@ $label="L000"; | |||
| 27 | sub main'asm_init_output { @out=(); } | 27 | sub main'asm_init_output { @out=(); } |
| 28 | sub main'asm_get_output { return(@out); } | 28 | sub main'asm_get_output { return(@out); } |
| 29 | sub main'get_labels { return(@labels); } | 29 | sub main'get_labels { return(@labels); } |
| 30 | sub main'external_label { push(@labels,@_); } | 30 | sub main'external_label |
| 31 | { | ||
| 32 | push(@labels,@_); | ||
| 33 | foreach (@_) { | ||
| 34 | push(@out, "EXTRN\t_$_:DWORD\n"); | ||
| 35 | } | ||
| 36 | } | ||
| 31 | 37 | ||
| 32 | sub main'LB | 38 | sub main'LB |
| 33 | { | 39 | { |
| @@ -51,6 +57,11 @@ sub main'DWP | |||
| 51 | &get_mem("DWORD",@_); | 57 | &get_mem("DWORD",@_); |
| 52 | } | 58 | } |
| 53 | 59 | ||
| 60 | sub main'QWP | ||
| 61 | { | ||
| 62 | &get_mem("QWORD",@_); | ||
| 63 | } | ||
| 64 | |||
| 54 | sub main'BC | 65 | sub main'BC |
| 55 | { | 66 | { |
| 56 | return @_; | 67 | return @_; |
| @@ -87,7 +98,7 @@ sub get_mem | |||
| 87 | $reg2=&conv($1); | 98 | $reg2=&conv($1); |
| 88 | $addr="_$2"; | 99 | $addr="_$2"; |
| 89 | } | 100 | } |
| 90 | elsif ($addr =~ /^[_a-zA-Z]/) | 101 | elsif ($addr =~ /^[_a-z][_a-z0-9]*$/i) |
| 91 | { | 102 | { |
| 92 | $addr="_$addr"; | 103 | $addr="_$addr"; |
| 93 | } | 104 | } |
| @@ -128,12 +139,14 @@ sub main'xorb { &out2("xor",@_); } | |||
| 128 | sub main'add { &out2("add",@_); } | 139 | sub main'add { &out2("add",@_); } |
| 129 | sub main'adc { &out2("adc",@_); } | 140 | sub main'adc { &out2("adc",@_); } |
| 130 | sub main'sub { &out2("sub",@_); } | 141 | sub main'sub { &out2("sub",@_); } |
| 142 | sub main'sbb { &out2("sbb",@_); } | ||
| 131 | sub main'rotl { &out2("rol",@_); } | 143 | sub main'rotl { &out2("rol",@_); } |
| 132 | sub main'rotr { &out2("ror",@_); } | 144 | sub main'rotr { &out2("ror",@_); } |
| 133 | sub main'exch { &out2("xchg",@_); } | 145 | sub main'exch { &out2("xchg",@_); } |
| 134 | sub main'cmp { &out2("cmp",@_); } | 146 | sub main'cmp { &out2("cmp",@_); } |
| 135 | sub main'lea { &out2("lea",@_); } | 147 | sub main'lea { &out2("lea",@_); } |
| 136 | sub main'mul { &out1("mul",@_); } | 148 | sub main'mul { &out1("mul",@_); } |
| 149 | sub main'imul { &out2("imul",@_); } | ||
| 137 | sub main'div { &out1("div",@_); } | 150 | sub main'div { &out1("div",@_); } |
| 138 | sub main'dec { &out1("dec",@_); } | 151 | sub main'dec { &out1("dec",@_); } |
| 139 | sub main'inc { &out1("inc",@_); } | 152 | sub main'inc { &out1("inc",@_); } |
| @@ -155,26 +168,54 @@ sub main'jne { &out1("jne",@_); } | |||
| 155 | sub main'jno { &out1("jno",@_); } | 168 | sub main'jno { &out1("jno",@_); } |
| 156 | sub main'push { &out1("push",@_); $stack+=4; } | 169 | sub main'push { &out1("push",@_); $stack+=4; } |
| 157 | sub main'pop { &out1("pop",@_); $stack-=4; } | 170 | sub main'pop { &out1("pop",@_); $stack-=4; } |
| 171 | sub main'pushf { &out0("pushfd"); $stack+=4; } | ||
| 172 | sub main'popf { &out0("popfd"); $stack-=4; } | ||
| 158 | sub main'bswap { &out1("bswap",@_); &using486(); } | 173 | sub main'bswap { &out1("bswap",@_); &using486(); } |
| 159 | sub main'not { &out1("not",@_); } | 174 | sub main'not { &out1("not",@_); } |
| 160 | sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); } | 175 | sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); } |
| 176 | sub main'call_ptr { &out1p("call",@_); } | ||
| 161 | sub main'ret { &out0("ret"); } | 177 | sub main'ret { &out0("ret"); } |
| 162 | sub main'nop { &out0("nop"); } | 178 | sub main'nop { &out0("nop"); } |
| 179 | sub main'test { &out2("test",@_); } | ||
| 180 | sub main'bt { &out2("bt",@_); } | ||
| 181 | sub main'leave { &out0("leave"); } | ||
| 182 | sub main'cpuid { &out0("DW\t0A20Fh"); } | ||
| 183 | sub main'rdtsc { &out0("DW\t0310Fh"); } | ||
| 184 | sub main'halt { &out0("hlt"); } | ||
| 163 | sub main'movz { &out2("movzx",@_); } | 185 | sub main'movz { &out2("movzx",@_); } |
| 186 | sub main'neg { &out1("neg",@_); } | ||
| 187 | sub main'cld { &out0("cld"); } | ||
| 188 | |||
| 189 | # SSE2 | ||
| 190 | sub main'emms { &out0("emms"); } | ||
| 191 | sub main'movd { &out2("movd",@_); } | ||
| 192 | sub main'movq { &out2("movq",@_); } | ||
| 193 | sub main'movdqu { &out2("movdqu",@_); } | ||
| 194 | sub main'movdqa { &out2("movdqa",@_); } | ||
| 195 | sub main'movdq2q{ &out2("movdq2q",@_); } | ||
| 196 | sub main'movq2dq{ &out2("movq2dq",@_); } | ||
| 197 | sub main'paddq { &out2("paddq",@_); } | ||
| 198 | sub main'pmuludq{ &out2("pmuludq",@_); } | ||
| 199 | sub main'psrlq { &out2("psrlq",@_); } | ||
| 200 | sub main'psllq { &out2("psllq",@_); } | ||
| 201 | sub main'pxor { &out2("pxor",@_); } | ||
| 202 | sub main'por { &out2("por",@_); } | ||
| 203 | sub main'pand { &out2("pand",@_); } | ||
| 164 | 204 | ||
| 165 | sub out2 | 205 | sub out2 |
| 166 | { | 206 | { |
| 167 | local($name,$p1,$p2)=@_; | 207 | local($name,$p1,$p2)=@_; |
| 168 | local($l,$t); | 208 | local($l,$t,$line); |
| 169 | 209 | ||
| 170 | push(@out,"\t$name\t"); | 210 | $line="\t$name\t"; |
| 171 | $t=&conv($p1).","; | 211 | $t=&conv($p1).","; |
| 172 | $l=length($t); | 212 | $l=length($t); |
| 173 | push(@out,$t); | 213 | $line.="$t"; |
| 174 | $l=4-($l+9)/8; | 214 | $l=4-($l+9)/8; |
| 175 | push(@out,"\t" x $l); | 215 | $line.="\t" x $l; |
| 176 | push(@out,&conv($p2)); | 216 | $line.=&conv($p2); |
| 177 | push(@out,"\n"); | 217 | if ($line=~/\bxmm[0-7]\b/i) { $line=~s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i; } |
| 218 | push(@out,$line."\n"); | ||
| 178 | } | 219 | } |
| 179 | 220 | ||
| 180 | sub out0 | 221 | sub out0 |
| @@ -214,7 +255,9 @@ sub main'file | |||
| 214 | local($tmp)=<<"EOF"; | 255 | local($tmp)=<<"EOF"; |
| 215 | TITLE $file.asm | 256 | TITLE $file.asm |
| 216 | .386 | 257 | .386 |
| 217 | .model FLAT | 258 | .model FLAT |
| 259 | _TEXT\$ SEGMENT PAGE 'CODE' | ||
| 260 | |||
| 218 | EOF | 261 | EOF |
| 219 | push(@out,$tmp); | 262 | push(@out,$tmp); |
| 220 | } | 263 | } |
| @@ -226,7 +269,6 @@ sub main'function_begin | |||
| 226 | push(@labels,$func); | 269 | push(@labels,$func); |
| 227 | 270 | ||
| 228 | local($tmp)=<<"EOF"; | 271 | local($tmp)=<<"EOF"; |
| 229 | _TEXT SEGMENT | ||
| 230 | PUBLIC _$func | 272 | PUBLIC _$func |
| 231 | $extra | 273 | $extra |
| 232 | _$func PROC NEAR | 274 | _$func PROC NEAR |
| @@ -244,7 +286,6 @@ sub main'function_begin_B | |||
| 244 | local($func,$extra)=@_; | 286 | local($func,$extra)=@_; |
| 245 | 287 | ||
| 246 | local($tmp)=<<"EOF"; | 288 | local($tmp)=<<"EOF"; |
| 247 | _TEXT SEGMENT | ||
| 248 | PUBLIC _$func | 289 | PUBLIC _$func |
| 249 | $extra | 290 | $extra |
| 250 | _$func PROC NEAR | 291 | _$func PROC NEAR |
| @@ -264,7 +305,6 @@ sub main'function_end | |||
| 264 | pop ebp | 305 | pop ebp |
| 265 | ret | 306 | ret |
| 266 | _$func ENDP | 307 | _$func ENDP |
| 267 | _TEXT ENDS | ||
| 268 | EOF | 308 | EOF |
| 269 | push(@out,$tmp); | 309 | push(@out,$tmp); |
| 270 | $stack=0; | 310 | $stack=0; |
| @@ -277,7 +317,6 @@ sub main'function_end_B | |||
| 277 | 317 | ||
| 278 | local($tmp)=<<"EOF"; | 318 | local($tmp)=<<"EOF"; |
| 279 | _$func ENDP | 319 | _$func ENDP |
| 280 | _TEXT ENDS | ||
| 281 | EOF | 320 | EOF |
| 282 | push(@out,$tmp); | 321 | push(@out,$tmp); |
| 283 | $stack=0; | 322 | $stack=0; |
| @@ -300,6 +339,20 @@ EOF | |||
| 300 | 339 | ||
| 301 | sub main'file_end | 340 | sub main'file_end |
| 302 | { | 341 | { |
| 342 | # try to detect if SSE2 or MMX extensions were used... | ||
| 343 | my $xmmheader=<<___; | ||
| 344 | .686 | ||
| 345 | .XMM | ||
| 346 | IF \@Version LT 800 | ||
| 347 | XMMWORD STRUCT 16 | ||
| 348 | DQ 2 dup (?) | ||
| 349 | XMMWORD ENDS | ||
| 350 | ENDIF | ||
| 351 | ___ | ||
| 352 | if (grep {/\b[x]?mm[0-7]\b/i} @out) { | ||
| 353 | grep {s/\.[3-7]86/$xmmheader/} @out; | ||
| 354 | } | ||
| 355 | push(@out,"_TEXT\$ ENDS\n"); | ||
| 303 | push(@out,"END\n"); | 356 | push(@out,"END\n"); |
| 304 | } | 357 | } |
| 305 | 358 | ||
| @@ -331,6 +384,12 @@ sub main'comment | |||
| 331 | } | 384 | } |
| 332 | } | 385 | } |
| 333 | 386 | ||
| 387 | sub main'public_label | ||
| 388 | { | ||
| 389 | $label{$_[0]}="_$_[0]" if (!defined($label{$_[0]})); | ||
| 390 | push(@out,"PUBLIC\t$label{$_[0]}\n"); | ||
| 391 | } | ||
| 392 | |||
| 334 | sub main'label | 393 | sub main'label |
| 335 | { | 394 | { |
| 336 | if (!defined($label{$_[0]})) | 395 | if (!defined($label{$_[0]})) |
| @@ -348,19 +407,37 @@ sub main'set_label | |||
| 348 | $label{$_[0]}="\$${label}${_[0]}"; | 407 | $label{$_[0]}="\$${label}${_[0]}"; |
| 349 | $label++; | 408 | $label++; |
| 350 | } | 409 | } |
| 410 | if ($_[1]!=0 && $_[1]>1) | ||
| 411 | { | ||
| 412 | main'align($_[1]); | ||
| 413 | } | ||
| 351 | if((defined $_[2]) && ($_[2] == 1)) | 414 | if((defined $_[2]) && ($_[2] == 1)) |
| 352 | { | 415 | { |
| 353 | push(@out,"$label{$_[0]}::\n"); | 416 | push(@out,"$label{$_[0]}::\n"); |
| 354 | } | 417 | } |
| 418 | elsif ($label{$_[0]} !~ /^\$/) | ||
| 419 | { | ||
| 420 | push(@out,"$label{$_[0]}\tLABEL PTR\n"); | ||
| 421 | } | ||
| 355 | else | 422 | else |
| 356 | { | 423 | { |
| 357 | push(@out,"$label{$_[0]}:\n"); | 424 | push(@out,"$label{$_[0]}:\n"); |
| 358 | } | 425 | } |
| 359 | } | 426 | } |
| 360 | 427 | ||
| 428 | sub main'data_byte | ||
| 429 | { | ||
| 430 | push(@out,"\tDB\t".join(',',@_)."\n"); | ||
| 431 | } | ||
| 432 | |||
| 361 | sub main'data_word | 433 | sub main'data_word |
| 362 | { | 434 | { |
| 363 | push(@out,"\tDD\t$_[0]\n"); | 435 | push(@out,"\tDD\t".join(',',@_)."\n"); |
| 436 | } | ||
| 437 | |||
| 438 | sub main'align | ||
| 439 | { | ||
| 440 | push(@out,"\tALIGN\t$_[0]\n"); | ||
| 364 | } | 441 | } |
| 365 | 442 | ||
| 366 | sub out1p | 443 | sub out1p |
| @@ -368,7 +445,7 @@ sub out1p | |||
| 368 | local($name,$p1)=@_; | 445 | local($name,$p1)=@_; |
| 369 | local($l,$t); | 446 | local($l,$t); |
| 370 | 447 | ||
| 371 | push(@out,"\t$name\t ".&conv($p1)."\n"); | 448 | push(@out,"\t$name\t".&conv($p1)."\n"); |
| 372 | } | 449 | } |
| 373 | 450 | ||
| 374 | sub main'picmeup | 451 | sub main'picmeup |
| @@ -378,3 +455,18 @@ sub main'picmeup | |||
| 378 | } | 455 | } |
| 379 | 456 | ||
| 380 | sub main'blindpop { &out1("pop",@_); } | 457 | sub main'blindpop { &out1("pop",@_); } |
| 458 | |||
| 459 | sub main'initseg | ||
| 460 | { | ||
| 461 | local($f)=@_; | ||
| 462 | local($tmp)=<<___; | ||
| 463 | OPTION DOTNAME | ||
| 464 | .CRT\$XCU SEGMENT DWORD PUBLIC 'DATA' | ||
| 465 | EXTRN _$f:NEAR | ||
| 466 | DD _$f | ||
| 467 | .CRT\$XCU ENDS | ||
| 468 | ___ | ||
| 469 | push(@out,$tmp); | ||
| 470 | } | ||
| 471 | |||
| 472 | 1; | ||
diff --git a/src/lib/libcrypto/perlasm/x86nasm.pl b/src/lib/libcrypto/perlasm/x86nasm.pl index 4bdb3fe180..fa38f89c09 100644 --- a/src/lib/libcrypto/perlasm/x86nasm.pl +++ b/src/lib/libcrypto/perlasm/x86nasm.pl | |||
| @@ -3,6 +3,7 @@ | |||
| 3 | package x86nasm; | 3 | package x86nasm; |
| 4 | 4 | ||
| 5 | $label="L000"; | 5 | $label="L000"; |
| 6 | $under=($main'netware)?'':'_'; | ||
| 6 | 7 | ||
| 7 | %lb=( 'eax', 'al', | 8 | %lb=( 'eax', 'al', |
| 8 | 'ebx', 'bl', | 9 | 'ebx', 'bl', |
| @@ -32,7 +33,8 @@ sub main'external_label | |||
| 32 | { | 33 | { |
| 33 | push(@labels,@_); | 34 | push(@labels,@_); |
| 34 | foreach (@_) { | 35 | foreach (@_) { |
| 35 | push(@out, "extern\t_$_\n"); | 36 | push(@out,".") if ($main'mwerks); |
| 37 | push(@out, "extern\t${under}$_\n"); | ||
| 36 | } | 38 | } |
| 37 | } | 39 | } |
| 38 | 40 | ||
| @@ -58,14 +60,19 @@ sub main'DWP | |||
| 58 | &get_mem("DWORD",@_); | 60 | &get_mem("DWORD",@_); |
| 59 | } | 61 | } |
| 60 | 62 | ||
| 63 | sub main'QWP | ||
| 64 | { | ||
| 65 | &get_mem("",@_); | ||
| 66 | } | ||
| 67 | |||
| 61 | sub main'BC | 68 | sub main'BC |
| 62 | { | 69 | { |
| 63 | return "BYTE @_"; | 70 | return (($main'mwerks)?"":"BYTE ")."@_"; |
| 64 | } | 71 | } |
| 65 | 72 | ||
| 66 | sub main'DWC | 73 | sub main'DWC |
| 67 | { | 74 | { |
| 68 | return "DWORD @_"; | 75 | return (($main'mwerks)?"":"DWORD ")."@_"; |
| 69 | } | 76 | } |
| 70 | 77 | ||
| 71 | sub main'stack_push | 78 | sub main'stack_push |
| @@ -86,16 +93,22 @@ sub get_mem | |||
| 86 | { | 93 | { |
| 87 | my($size,$addr,$reg1,$reg2,$idx)=@_; | 94 | my($size,$addr,$reg1,$reg2,$idx)=@_; |
| 88 | my($t,$post); | 95 | my($t,$post); |
| 89 | my($ret)="$size ["; | 96 | my($ret)=$size; |
| 97 | if ($ret ne "") | ||
| 98 | { | ||
| 99 | $ret .= " PTR" if ($main'mwerks); | ||
| 100 | $ret .= " "; | ||
| 101 | } | ||
| 102 | $ret .= "["; | ||
| 90 | $addr =~ s/^\s+//; | 103 | $addr =~ s/^\s+//; |
| 91 | if ($addr =~ /^(.+)\+(.+)$/) | 104 | if ($addr =~ /^(.+)\+(.+)$/) |
| 92 | { | 105 | { |
| 93 | $reg2=&conv($1); | 106 | $reg2=&conv($1); |
| 94 | $addr="_$2"; | 107 | $addr="$under$2"; |
| 95 | } | 108 | } |
| 96 | elsif ($addr =~ /^[_a-zA-Z]/) | 109 | elsif ($addr =~ /^[_a-z][_a-z0-9]*$/i) |
| 97 | { | 110 | { |
| 98 | $addr="_$addr"; | 111 | $addr="$under$addr"; |
| 99 | } | 112 | } |
| 100 | 113 | ||
| 101 | if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; } | 114 | if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; } |
| @@ -134,12 +147,14 @@ sub main'xorb { &out2("xor",@_); } | |||
| 134 | sub main'add { &out2("add",@_); } | 147 | sub main'add { &out2("add",@_); } |
| 135 | sub main'adc { &out2("adc",@_); } | 148 | sub main'adc { &out2("adc",@_); } |
| 136 | sub main'sub { &out2("sub",@_); } | 149 | sub main'sub { &out2("sub",@_); } |
| 150 | sub main'sbb { &out2("sbb",@_); } | ||
| 137 | sub main'rotl { &out2("rol",@_); } | 151 | sub main'rotl { &out2("rol",@_); } |
| 138 | sub main'rotr { &out2("ror",@_); } | 152 | sub main'rotr { &out2("ror",@_); } |
| 139 | sub main'exch { &out2("xchg",@_); } | 153 | sub main'exch { &out2("xchg",@_); } |
| 140 | sub main'cmp { &out2("cmp",@_); } | 154 | sub main'cmp { &out2("cmp",@_); } |
| 141 | sub main'lea { &out2("lea",@_); } | 155 | sub main'lea { &out2("lea",@_); } |
| 142 | sub main'mul { &out1("mul",@_); } | 156 | sub main'mul { &out1("mul",@_); } |
| 157 | sub main'imul { &out2("imul",@_); } | ||
| 143 | sub main'div { &out1("div",@_); } | 158 | sub main'div { &out1("div",@_); } |
| 144 | sub main'dec { &out1("dec",@_); } | 159 | sub main'dec { &out1("dec",@_); } |
| 145 | sub main'inc { &out1("inc",@_); } | 160 | sub main'inc { &out1("inc",@_); } |
| @@ -147,29 +162,57 @@ sub main'jmp { &out1("jmp",@_); } | |||
| 147 | sub main'jmp_ptr { &out1p("jmp",@_); } | 162 | sub main'jmp_ptr { &out1p("jmp",@_); } |
| 148 | 163 | ||
| 149 | # This is a bit of a kludge: declare all branches as NEAR. | 164 | # This is a bit of a kludge: declare all branches as NEAR. |
| 150 | sub main'je { &out1("je NEAR",@_); } | 165 | $near=($main'mwerks)?'':'NEAR'; |
| 151 | sub main'jle { &out1("jle NEAR",@_); } | 166 | sub main'je { &out1("je $near",@_); } |
| 152 | sub main'jz { &out1("jz NEAR",@_); } | 167 | sub main'jle { &out1("jle $near",@_); } |
| 153 | sub main'jge { &out1("jge NEAR",@_); } | 168 | sub main'jz { &out1("jz $near",@_); } |
| 154 | sub main'jl { &out1("jl NEAR",@_); } | 169 | sub main'jge { &out1("jge $near",@_); } |
| 155 | sub main'ja { &out1("ja NEAR",@_); } | 170 | sub main'jl { &out1("jl $near",@_); } |
| 156 | sub main'jae { &out1("jae NEAR",@_); } | 171 | sub main'ja { &out1("ja $near",@_); } |
| 157 | sub main'jb { &out1("jb NEAR",@_); } | 172 | sub main'jae { &out1("jae $near",@_); } |
| 158 | sub main'jbe { &out1("jbe NEAR",@_); } | 173 | sub main'jb { &out1("jb $near",@_); } |
| 159 | sub main'jc { &out1("jc NEAR",@_); } | 174 | sub main'jbe { &out1("jbe $near",@_); } |
| 160 | sub main'jnc { &out1("jnc NEAR",@_); } | 175 | sub main'jc { &out1("jc $near",@_); } |
| 161 | sub main'jnz { &out1("jnz NEAR",@_); } | 176 | sub main'jnc { &out1("jnc $near",@_); } |
| 162 | sub main'jne { &out1("jne NEAR",@_); } | 177 | sub main'jnz { &out1("jnz $near",@_); } |
| 163 | sub main'jno { &out1("jno NEAR",@_); } | 178 | sub main'jne { &out1("jne $near",@_); } |
| 179 | sub main'jno { &out1("jno $near",@_); } | ||
| 164 | 180 | ||
| 165 | sub main'push { &out1("push",@_); $stack+=4; } | 181 | sub main'push { &out1("push",@_); $stack+=4; } |
| 166 | sub main'pop { &out1("pop",@_); $stack-=4; } | 182 | sub main'pop { &out1("pop",@_); $stack-=4; } |
| 183 | sub main'pushf { &out0("pushfd"); $stack+=4; } | ||
| 184 | sub main'popf { &out0("popfd"); $stack-=4; } | ||
| 167 | sub main'bswap { &out1("bswap",@_); &using486(); } | 185 | sub main'bswap { &out1("bswap",@_); &using486(); } |
| 168 | sub main'not { &out1("not",@_); } | 186 | sub main'not { &out1("not",@_); } |
| 169 | sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); } | 187 | sub main'call { &out1("call",($_[0]=~/^\@L/?'':$under).$_[0]); } |
| 188 | sub main'call_ptr { &out1p("call",@_); } | ||
| 170 | sub main'ret { &out0("ret"); } | 189 | sub main'ret { &out0("ret"); } |
| 171 | sub main'nop { &out0("nop"); } | 190 | sub main'nop { &out0("nop"); } |
| 191 | sub main'test { &out2("test",@_); } | ||
| 192 | sub main'bt { &out2("bt",@_); } | ||
| 193 | sub main'leave { &out0("leave"); } | ||
| 194 | sub main'cpuid { &out0("cpuid"); } | ||
| 195 | sub main'rdtsc { &out0("rdtsc"); } | ||
| 196 | sub main'halt { &out0("hlt"); } | ||
| 172 | sub main'movz { &out2("movzx",@_); } | 197 | sub main'movz { &out2("movzx",@_); } |
| 198 | sub main'neg { &out1("neg",@_); } | ||
| 199 | sub main'cld { &out0("cld"); } | ||
| 200 | |||
| 201 | # SSE2 | ||
| 202 | sub main'emms { &out0("emms"); } | ||
| 203 | sub main'movd { &out2("movd",@_); } | ||
| 204 | sub main'movq { &out2("movq",@_); } | ||
| 205 | sub main'movdqu { &out2("movdqu",@_); } | ||
| 206 | sub main'movdqa { &out2("movdqa",@_); } | ||
| 207 | sub main'movdq2q{ &out2("movdq2q",@_); } | ||
| 208 | sub main'movq2dq{ &out2("movq2dq",@_); } | ||
| 209 | sub main'paddq { &out2("paddq",@_); } | ||
| 210 | sub main'pmuludq{ &out2("pmuludq",@_); } | ||
| 211 | sub main'psrlq { &out2("psrlq",@_); } | ||
| 212 | sub main'psllq { &out2("psllq",@_); } | ||
| 213 | sub main'pxor { &out2("pxor",@_); } | ||
| 214 | sub main'por { &out2("por",@_); } | ||
| 215 | sub main'pand { &out2("pand",@_); } | ||
| 173 | 216 | ||
| 174 | sub out2 | 217 | sub out2 |
| 175 | { | 218 | { |
| @@ -177,7 +220,7 @@ sub out2 | |||
| 177 | my($l,$t); | 220 | my($l,$t); |
| 178 | 221 | ||
| 179 | push(@out,"\t$name\t"); | 222 | push(@out,"\t$name\t"); |
| 180 | if ($name eq "lea") | 223 | if (!$main'mwerks and $name eq "lea") |
| 181 | { | 224 | { |
| 182 | $p1 =~ s/^[^\[]*\[/\[/; | 225 | $p1 =~ s/^[^\[]*\[/\[/; |
| 183 | $p2 =~ s/^[^\[]*\[/\[/; | 226 | $p2 =~ s/^[^\[]*\[/\[/; |
| @@ -221,15 +264,17 @@ sub using486 | |||
| 221 | 264 | ||
| 222 | sub main'file | 265 | sub main'file |
| 223 | { | 266 | { |
| 224 | local $tmp; | 267 | if ($main'mwerks) { push(@out,".section\t.text\n"); } |
| 225 | $tmp=<<___; | 268 | else { |
| 269 | local $tmp=<<___; | ||
| 226 | %ifdef __omf__ | 270 | %ifdef __omf__ |
| 227 | section code use32 class=code | 271 | section code use32 class=code |
| 228 | %else | 272 | %else |
| 229 | section .text | 273 | section .text |
| 230 | %endif | 274 | %endif |
| 231 | ___ | 275 | ___ |
| 232 | push(@out,$tmp); | 276 | push(@out,$tmp); |
| 277 | } | ||
| 233 | } | 278 | } |
| 234 | 279 | ||
| 235 | sub main'function_begin | 280 | sub main'function_begin |
| @@ -237,9 +282,10 @@ sub main'function_begin | |||
| 237 | my($func,$extra)=@_; | 282 | my($func,$extra)=@_; |
| 238 | 283 | ||
| 239 | push(@labels,$func); | 284 | push(@labels,$func); |
| 285 | push(@out,".") if ($main'mwerks); | ||
| 240 | my($tmp)=<<"EOF"; | 286 | my($tmp)=<<"EOF"; |
| 241 | global _$func | 287 | global $under$func |
| 242 | _$func: | 288 | $under$func: |
| 243 | push ebp | 289 | push ebp |
| 244 | push ebx | 290 | push ebx |
| 245 | push esi | 291 | push esi |
| @@ -252,9 +298,10 @@ EOF | |||
| 252 | sub main'function_begin_B | 298 | sub main'function_begin_B |
| 253 | { | 299 | { |
| 254 | my($func,$extra)=@_; | 300 | my($func,$extra)=@_; |
| 301 | push(@out,".") if ($main'mwerks); | ||
| 255 | my($tmp)=<<"EOF"; | 302 | my($tmp)=<<"EOF"; |
| 256 | global _$func | 303 | global $under$func |
| 257 | _$func: | 304 | $under$func: |
| 258 | EOF | 305 | EOF |
| 259 | push(@out,$tmp); | 306 | push(@out,$tmp); |
| 260 | $stack=4; | 307 | $stack=4; |
| @@ -328,11 +375,18 @@ sub main'comment | |||
| 328 | } | 375 | } |
| 329 | } | 376 | } |
| 330 | 377 | ||
| 378 | sub main'public_label | ||
| 379 | { | ||
| 380 | $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]})); | ||
| 381 | push(@out,".") if ($main'mwerks); | ||
| 382 | push(@out,"global\t$label{$_[0]}\n"); | ||
| 383 | } | ||
| 384 | |||
| 331 | sub main'label | 385 | sub main'label |
| 332 | { | 386 | { |
| 333 | if (!defined($label{$_[0]})) | 387 | if (!defined($label{$_[0]})) |
| 334 | { | 388 | { |
| 335 | $label{$_[0]}="\$${label}${_[0]}"; | 389 | $label{$_[0]}="\@${label}${_[0]}"; |
| 336 | $label++; | 390 | $label++; |
| 337 | } | 391 | } |
| 338 | return($label{$_[0]}); | 392 | return($label{$_[0]}); |
| @@ -342,15 +396,30 @@ sub main'set_label | |||
| 342 | { | 396 | { |
| 343 | if (!defined($label{$_[0]})) | 397 | if (!defined($label{$_[0]})) |
| 344 | { | 398 | { |
| 345 | $label{$_[0]}="\$${label}${_[0]}"; | 399 | $label{$_[0]}="\@${label}${_[0]}"; |
| 346 | $label++; | 400 | $label++; |
| 347 | } | 401 | } |
| 402 | if ($_[1]!=0 && $_[1]>1) | ||
| 403 | { | ||
| 404 | main'align($_[1]); | ||
| 405 | } | ||
| 348 | push(@out,"$label{$_[0]}:\n"); | 406 | push(@out,"$label{$_[0]}:\n"); |
| 349 | } | 407 | } |
| 350 | 408 | ||
| 409 | sub main'data_byte | ||
| 410 | { | ||
| 411 | push(@out,(($main'mwerks)?".byte\t":"DB\t").join(',',@_)."\n"); | ||
| 412 | } | ||
| 413 | |||
| 351 | sub main'data_word | 414 | sub main'data_word |
| 352 | { | 415 | { |
| 353 | push(@out,"\tDD\t$_[0]\n"); | 416 | push(@out,(($main'mwerks)?".long\t":"DD\t").join(',',@_)."\n"); |
| 417 | } | ||
| 418 | |||
| 419 | sub main'align | ||
| 420 | { | ||
| 421 | push(@out,".") if ($main'mwerks); | ||
| 422 | push(@out,"align\t$_[0]\n"); | ||
| 354 | } | 423 | } |
| 355 | 424 | ||
| 356 | sub out1p | 425 | sub out1p |
| @@ -358,7 +427,7 @@ sub out1p | |||
| 358 | my($name,$p1)=@_; | 427 | my($name,$p1)=@_; |
| 359 | my($l,$t); | 428 | my($l,$t); |
| 360 | 429 | ||
| 361 | push(@out,"\t$name\t ".&conv($p1)."\n"); | 430 | push(@out,"\t$name\t".&conv($p1)."\n"); |
| 362 | } | 431 | } |
| 363 | 432 | ||
| 364 | sub main'picmeup | 433 | sub main'picmeup |
| @@ -368,3 +437,19 @@ sub main'picmeup | |||
| 368 | } | 437 | } |
| 369 | 438 | ||
| 370 | sub main'blindpop { &out1("pop",@_); } | 439 | sub main'blindpop { &out1("pop",@_); } |
| 440 | |||
| 441 | sub main'initseg | ||
| 442 | { | ||
| 443 | local($f)=@_; | ||
| 444 | if ($main'win32) | ||
| 445 | { | ||
| 446 | local($tmp)=<<___; | ||
| 447 | segment .CRT\$XCU data | ||
| 448 | extern $under$f | ||
| 449 | DD $under$f | ||
| 450 | ___ | ||
| 451 | push(@out,$tmp); | ||
| 452 | } | ||
| 453 | } | ||
| 454 | |||
| 455 | 1; | ||
diff --git a/src/lib/libcrypto/perlasm/x86unix.pl b/src/lib/libcrypto/perlasm/x86unix.pl index b61425e951..02d72a32bc 100644 --- a/src/lib/libcrypto/perlasm/x86unix.pl +++ b/src/lib/libcrypto/perlasm/x86unix.pl | |||
| @@ -1,14 +1,15 @@ | |||
| 1 | #!/usr/local/bin/perl | 1 | #!/usr/local/bin/perl |
| 2 | 2 | ||
| 3 | package x86unix; | 3 | package x86unix; # GAS actually... |
| 4 | 4 | ||
| 5 | $label="L000"; | 5 | $label="L000"; |
| 6 | $const=""; | 6 | $const=""; |
| 7 | $constl=0; | 7 | $constl=0; |
| 8 | 8 | ||
| 9 | $align=($main'aout)?"4":"16"; | 9 | $align=($main'aout)?"4":"16"; |
| 10 | $under=($main'aout)?"_":""; | 10 | $under=($main'aout or $main'coff)?"_":""; |
| 11 | $com_start=($main'sol)?"/":"#"; | 11 | $dot=($main'aout)?"":"."; |
| 12 | $com_start="#" if ($main'aout or $main'coff); | ||
| 12 | 13 | ||
| 13 | sub main'asm_init_output { @out=(); } | 14 | sub main'asm_init_output { @out=(); } |
| 14 | sub main'asm_get_output { return(@out); } | 15 | sub main'asm_get_output { return(@out); } |
| @@ -57,6 +58,24 @@ if ($main'cpp) | |||
| 57 | 'edi', '%edi', | 58 | 'edi', '%edi', |
| 58 | 'ebp', '%ebp', | 59 | 'ebp', '%ebp', |
| 59 | 'esp', '%esp', | 60 | 'esp', '%esp', |
| 61 | |||
| 62 | 'mm0', '%mm0', | ||
| 63 | 'mm1', '%mm1', | ||
| 64 | 'mm2', '%mm2', | ||
| 65 | 'mm3', '%mm3', | ||
| 66 | 'mm4', '%mm4', | ||
| 67 | 'mm5', '%mm5', | ||
| 68 | 'mm6', '%mm6', | ||
| 69 | 'mm7', '%mm7', | ||
| 70 | |||
| 71 | 'xmm0', '%xmm0', | ||
| 72 | 'xmm1', '%xmm1', | ||
| 73 | 'xmm2', '%xmm2', | ||
| 74 | 'xmm3', '%xmm3', | ||
| 75 | 'xmm4', '%xmm4', | ||
| 76 | 'xmm5', '%xmm5', | ||
| 77 | 'xmm6', '%xmm6', | ||
| 78 | 'xmm7', '%xmm7', | ||
| 60 | ); | 79 | ); |
| 61 | 80 | ||
| 62 | %reg_val=( | 81 | %reg_val=( |
| @@ -103,6 +122,11 @@ sub main'DWP | |||
| 103 | return($ret); | 122 | return($ret); |
| 104 | } | 123 | } |
| 105 | 124 | ||
| 125 | sub main'QWP | ||
| 126 | { | ||
| 127 | return(&main'DWP(@_)); | ||
| 128 | } | ||
| 129 | |||
| 106 | sub main'BP | 130 | sub main'BP |
| 107 | { | 131 | { |
| 108 | return(&main'DWP(@_)); | 132 | return(&main'DWP(@_)); |
| @@ -146,12 +170,14 @@ sub main'xorb { &out2("xorb",@_); } | |||
| 146 | sub main'add { &out2($_[0]=~/%[a-d][lh]/?"addb":"addl",@_); } | 170 | sub main'add { &out2($_[0]=~/%[a-d][lh]/?"addb":"addl",@_); } |
| 147 | sub main'adc { &out2("adcl",@_); } | 171 | sub main'adc { &out2("adcl",@_); } |
| 148 | sub main'sub { &out2("subl",@_); } | 172 | sub main'sub { &out2("subl",@_); } |
| 173 | sub main'sbb { &out2("sbbl",@_); } | ||
| 149 | sub main'rotl { &out2("roll",@_); } | 174 | sub main'rotl { &out2("roll",@_); } |
| 150 | sub main'rotr { &out2("rorl",@_); } | 175 | sub main'rotr { &out2("rorl",@_); } |
| 151 | sub main'exch { &out2($_[0]=~/%[a-d][lh]/?"xchgb":"xchgl",@_); } | 176 | sub main'exch { &out2($_[0]=~/%[a-d][lh]/?"xchgb":"xchgl",@_); } |
| 152 | sub main'cmp { &out2("cmpl",@_); } | 177 | sub main'cmp { &out2("cmpl",@_); } |
| 153 | sub main'lea { &out2("leal",@_); } | 178 | sub main'lea { &out2("leal",@_); } |
| 154 | sub main'mul { &out1("mull",@_); } | 179 | sub main'mul { &out1("mull",@_); } |
| 180 | sub main'imul { &out2("imull",@_); } | ||
| 155 | sub main'div { &out1("divl",@_); } | 181 | sub main'div { &out1("divl",@_); } |
| 156 | sub main'jmp { &out1("jmp",@_); } | 182 | sub main'jmp { &out1("jmp",@_); } |
| 157 | sub main'jmp_ptr { &out1p("jmp",@_); } | 183 | sub main'jmp_ptr { &out1p("jmp",@_); } |
| @@ -173,15 +199,48 @@ sub main'dec { &out1("decl",@_); } | |||
| 173 | sub main'inc { &out1($_[0]=~/%[a-d][hl]/?"incb":"incl",@_); } | 199 | sub main'inc { &out1($_[0]=~/%[a-d][hl]/?"incb":"incl",@_); } |
| 174 | sub main'push { &out1("pushl",@_); $stack+=4; } | 200 | sub main'push { &out1("pushl",@_); $stack+=4; } |
| 175 | sub main'pop { &out1("popl",@_); $stack-=4; } | 201 | sub main'pop { &out1("popl",@_); $stack-=4; } |
| 176 | sub main'pushf { &out0("pushf"); $stack+=4; } | 202 | sub main'pushf { &out0("pushfl"); $stack+=4; } |
| 177 | sub main'popf { &out0("popf"); $stack-=4; } | 203 | sub main'popf { &out0("popfl"); $stack-=4; } |
| 178 | sub main'not { &out1("notl",@_); } | 204 | sub main'not { &out1("notl",@_); } |
| 179 | sub main'call { &out1("call",($_[0]=~/^\.L/?'':$under).$_[0]); } | 205 | sub main'call { my $pre=$under; |
| 206 | foreach $i (%label) | ||
| 207 | { if ($label{$i} eq $_[0]) { $pre=''; last; } } | ||
| 208 | &out1("call",$pre.$_[0]); | ||
| 209 | } | ||
| 210 | sub main'call_ptr { &out1p("call",@_); } | ||
| 180 | sub main'ret { &out0("ret"); } | 211 | sub main'ret { &out0("ret"); } |
| 181 | sub main'nop { &out0("nop"); } | 212 | sub main'nop { &out0("nop"); } |
| 182 | sub main'test { &out2("testl",@_); } | 213 | sub main'test { &out2("testl",@_); } |
| 214 | sub main'bt { &out2("btl",@_); } | ||
| 215 | sub main'leave { &out0("leave"); } | ||
| 216 | sub main'cpuid { &out0(".byte\t0x0f,0xa2"); } | ||
| 217 | sub main'rdtsc { &out0(".byte\t0x0f,0x31"); } | ||
| 218 | sub main'halt { &out0("hlt"); } | ||
| 183 | sub main'movz { &out2("movzbl",@_); } | 219 | sub main'movz { &out2("movzbl",@_); } |
| 184 | sub main'neg { &out1("negl",@_); } | 220 | sub main'neg { &out1("negl",@_); } |
| 221 | sub main'cld { &out0("cld"); } | ||
| 222 | |||
| 223 | # SSE2 | ||
| 224 | sub main'emms { &out0("emms"); } | ||
| 225 | sub main'movd { &out2("movd",@_); } | ||
| 226 | sub main'movdqu { &out2("movdqu",@_); } | ||
| 227 | sub main'movdqa { &out2("movdqa",@_); } | ||
| 228 | sub main'movdq2q{ &out2("movdq2q",@_); } | ||
| 229 | sub main'movq2dq{ &out2("movq2dq",@_); } | ||
| 230 | sub main'paddq { &out2("paddq",@_); } | ||
| 231 | sub main'pmuludq{ &out2("pmuludq",@_); } | ||
| 232 | sub main'psrlq { &out2("psrlq",@_); } | ||
| 233 | sub main'psllq { &out2("psllq",@_); } | ||
| 234 | sub main'pxor { &out2("pxor",@_); } | ||
| 235 | sub main'por { &out2("por",@_); } | ||
| 236 | sub main'pand { &out2("pand",@_); } | ||
| 237 | sub main'movq { | ||
| 238 | local($p1,$p2,$optimize)=@_; | ||
| 239 | if ($optimize && $p1=~/^mm[0-7]$/ && $p2=~/^mm[0-7]$/) | ||
| 240 | # movq between mmx registers can sink Intel CPUs | ||
| 241 | { push(@out,"\tpshufw\t\$0xe4,%$p2,%$p1\n"); } | ||
| 242 | else { &out2("movq",@_); } | ||
| 243 | } | ||
| 185 | 244 | ||
| 186 | # The bswapl instruction is new for the 486. Emulate if i386. | 245 | # The bswapl instruction is new for the 486. Emulate if i386. |
| 187 | sub main'bswap | 246 | sub main'bswap |
| @@ -290,8 +349,6 @@ sub main'file | |||
| 290 | 349 | ||
| 291 | local($tmp)=<<"EOF"; | 350 | local($tmp)=<<"EOF"; |
| 292 | .file "$file.s" | 351 | .file "$file.s" |
| 293 | .version "01.01" | ||
| 294 | gcc2_compiled.: | ||
| 295 | EOF | 352 | EOF |
| 296 | push(@out,$tmp); | 353 | push(@out,$tmp); |
| 297 | } | 354 | } |
| @@ -308,15 +365,17 @@ sub main'function_begin | |||
| 308 | 365 | ||
| 309 | local($tmp)=<<"EOF"; | 366 | local($tmp)=<<"EOF"; |
| 310 | .text | 367 | .text |
| 311 | .align $align | 368 | .globl $func |
| 312 | .globl $func | ||
| 313 | EOF | 369 | EOF |
| 314 | push(@out,$tmp); | 370 | push(@out,$tmp); |
| 315 | if ($main'cpp) | 371 | if ($main'cpp) |
| 316 | { $tmp=push(@out,"\tTYPE($func,\@function)\n"); } | 372 | { $tmp=push(@out,"TYPE($func,\@function)\n"); } |
| 317 | elsif ($main'gaswin) | 373 | elsif ($main'coff) |
| 318 | { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } | 374 | { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } |
| 319 | else { $tmp=push(@out,"\t.type\t$func,\@function\n"); } | 375 | elsif ($main'aout and !$main'pic) |
| 376 | { } | ||
| 377 | else { $tmp=push(@out,".type\t$func,\@function\n"); } | ||
| 378 | push(@out,".align\t$align\n"); | ||
| 320 | push(@out,"$func:\n"); | 379 | push(@out,"$func:\n"); |
| 321 | skip: | 380 | skip: |
| 322 | $tmp=<<"EOF"; | 381 | $tmp=<<"EOF"; |
| @@ -342,15 +401,17 @@ sub main'function_begin_B | |||
| 342 | 401 | ||
| 343 | local($tmp)=<<"EOF"; | 402 | local($tmp)=<<"EOF"; |
| 344 | .text | 403 | .text |
| 345 | .align $align | 404 | .globl $func |
| 346 | .globl $func | ||
| 347 | EOF | 405 | EOF |
| 348 | push(@out,$tmp); | 406 | push(@out,$tmp); |
| 349 | if ($main'cpp) | 407 | if ($main'cpp) |
| 350 | { push(@out,"\tTYPE($func,\@function)\n"); } | 408 | { push(@out,"TYPE($func,\@function)\n"); } |
| 351 | elsif ($main'gaswin) | 409 | elsif ($main'coff) |
| 352 | { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } | 410 | { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } |
| 353 | else { push(@out,"\t.type $func,\@function\n"); } | 411 | elsif ($main'aout and !$main'pic) |
| 412 | { } | ||
| 413 | else { push(@out,".type $func,\@function\n"); } | ||
| 414 | push(@out,".align\t$align\n"); | ||
| 354 | push(@out,"$func:\n"); | 415 | push(@out,"$func:\n"); |
| 355 | skip: | 416 | skip: |
| 356 | $stack=4; | 417 | $stack=4; |
| @@ -368,15 +429,15 @@ sub main'function_end | |||
| 368 | popl %ebx | 429 | popl %ebx |
| 369 | popl %ebp | 430 | popl %ebp |
| 370 | ret | 431 | ret |
| 371 | .L_${func}_end: | 432 | ${dot}L_${func}_end: |
| 372 | EOF | 433 | EOF |
| 373 | push(@out,$tmp); | 434 | push(@out,$tmp); |
| 374 | 435 | ||
| 375 | if ($main'cpp) | 436 | if ($main'cpp) |
| 376 | { push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); } | 437 | { push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); } |
| 377 | elsif ($main'gaswin) | 438 | elsif ($main'coff or $main'aout) |
| 378 | { $tmp=push(@out,"\t.align 4\n"); } | 439 | { } |
| 379 | else { push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); } | 440 | else { push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); } |
| 380 | push(@out,".ident \"$func\"\n"); | 441 | push(@out,".ident \"$func\"\n"); |
| 381 | $stack=0; | 442 | $stack=0; |
| 382 | %label=(); | 443 | %label=(); |
| @@ -402,13 +463,13 @@ sub main'function_end_B | |||
| 402 | 463 | ||
| 403 | $func=$under.$func; | 464 | $func=$under.$func; |
| 404 | 465 | ||
| 405 | push(@out,".L_${func}_end:\n"); | 466 | push(@out,"${dot}L_${func}_end:\n"); |
| 406 | if ($main'cpp) | 467 | if ($main'cpp) |
| 407 | { push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); } | 468 | { push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); } |
| 408 | elsif ($main'gaswin) | 469 | elsif ($main'coff or $main'aout) |
| 409 | { push(@out,"\t.align 4\n"); } | 470 | { } |
| 410 | else { push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); } | 471 | else { push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); } |
| 411 | push(@out,".ident \"desasm.pl\"\n"); | 472 | push(@out,".ident \"$func\"\n"); |
| 412 | $stack=0; | 473 | $stack=0; |
| 413 | %label=(); | 474 | %label=(); |
| 414 | } | 475 | } |
| @@ -449,10 +510,10 @@ sub main'swtmp | |||
| 449 | 510 | ||
| 450 | sub main'comment | 511 | sub main'comment |
| 451 | { | 512 | { |
| 452 | if (!$main'openbsd && $main'elf) | 513 | if (!defined($com_start) or $main'elf) |
| 514 | { # Regarding $main'elf above... | ||
| 453 | # GNU and SVR4 as'es use different comment delimiters, | 515 | # GNU and SVR4 as'es use different comment delimiters, |
| 454 | { # so we just skip comments... | 516 | push(@out,"\n"); # so we just skip ELF comments... |
| 455 | push(@out,"\n"); | ||
| 456 | return; | 517 | return; |
| 457 | } | 518 | } |
| 458 | foreach (@_) | 519 | foreach (@_) |
| @@ -465,16 +526,16 @@ sub main'comment | |||
| 465 | } | 526 | } |
| 466 | 527 | ||
| 467 | sub main'public_label | 528 | sub main'public_label |
| 468 | { | 529 | { |
| 469 | $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]})); | 530 | $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]})); |
| 470 | push(@out,".globl\t$label{$_[0]}\n"); | 531 | push(@out,".globl\t$label{$_[0]}\n"); |
| 471 | } | 532 | } |
| 472 | 533 | ||
| 473 | sub main'label | 534 | sub main'label |
| 474 | { | 535 | { |
| 475 | if (!defined($label{$_[0]})) | 536 | if (!defined($label{$_[0]})) |
| 476 | { | 537 | { |
| 477 | $label{$_[0]}=".${label}${_[0]}"; | 538 | $label{$_[0]}="${dot}${label}${_[0]}"; |
| 478 | $label++; | 539 | $label++; |
| 479 | } | 540 | } |
| 480 | return($label{$_[0]}); | 541 | return($label{$_[0]}); |
| @@ -484,18 +545,35 @@ sub main'set_label | |||
| 484 | { | 545 | { |
| 485 | if (!defined($label{$_[0]})) | 546 | if (!defined($label{$_[0]})) |
| 486 | { | 547 | { |
| 487 | $label{$_[0]}=".${label}${_[0]}"; | 548 | $label{$_[0]}="${dot}${label}${_[0]}"; |
| 488 | $label++; | 549 | $label++; |
| 489 | } | 550 | } |
| 490 | if ($main'openbsd) | 551 | if ($_[1]!=0) |
| 491 | { push(@out,"_ALIGN_TEXT\n") if ($_[1] != 0); } | 552 | { |
| 492 | else | 553 | if ($_[1]>1) { main'align($_[1]); } |
| 493 | { push(@out,".align $align\n") if ($_[1] != 0); } | 554 | else |
| 555 | { | ||
| 556 | if ($main'openbsd) | ||
| 557 | { push(@out,"_ALIGN_TEXT\n"); } | ||
| 558 | else | ||
| 559 | { push(@out,".align $align\n"); } | ||
| 560 | } | ||
| 561 | } | ||
| 494 | push(@out,"$label{$_[0]}:\n"); | 562 | push(@out,"$label{$_[0]}:\n"); |
| 495 | } | 563 | } |
| 496 | 564 | ||
| 497 | sub main'file_end | 565 | sub main'file_end |
| 498 | { | 566 | { |
| 567 | # try to detect if SSE2 or MMX extensions were used on ELF platform... | ||
| 568 | if ($main'elf && grep {/\b%[x]*mm[0-7]\b|OPENSSL_ia32cap_P\b/i} @out) { | ||
| 569 | local($tmp); | ||
| 570 | |||
| 571 | push (@out,"\n.section\t.bss\n"); | ||
| 572 | push (@out,".comm\t${under}OPENSSL_ia32cap_P,4,4\n"); | ||
| 573 | |||
| 574 | return; | ||
| 575 | } | ||
| 576 | |||
| 499 | if ($const ne "") | 577 | if ($const ne "") |
| 500 | { | 578 | { |
| 501 | push(@out,".section .rodata\n"); | 579 | push(@out,".section .rodata\n"); |
| @@ -504,11 +582,31 @@ sub main'file_end | |||
| 504 | } | 582 | } |
| 505 | } | 583 | } |
| 506 | 584 | ||
| 585 | sub main'data_byte | ||
| 586 | { | ||
| 587 | push(@out,"\t.byte\t".join(',',@_)."\n"); | ||
| 588 | } | ||
| 589 | |||
| 507 | sub main'data_word | 590 | sub main'data_word |
| 508 | { | 591 | { |
| 509 | push(@out,"\t.long\t".join(',',@_)."\n"); | 592 | push(@out,"\t.long\t".join(',',@_)."\n"); |
| 510 | } | 593 | } |
| 511 | 594 | ||
| 595 | sub main'align | ||
| 596 | { | ||
| 597 | my $val=$_[0],$p2,$i; | ||
| 598 | if ($main'aout) { | ||
| 599 | for ($p2=0;$val!=0;$val>>=1) { $p2++; } | ||
| 600 | $val=$p2-1; | ||
| 601 | $val.=",0x90"; | ||
| 602 | } | ||
| 603 | push(@out,".align\t$val\n"); | ||
| 604 | if ($main'openbsd) | ||
| 605 | { push(@out,"_ALIGN_TEXT\n"); } | ||
| 606 | else | ||
| 607 | { push(@out,".align $tval\n"); } | ||
| 608 | } | ||
| 609 | |||
| 512 | # debug output functions: puts, putx, printf | 610 | # debug output functions: puts, putx, printf |
| 513 | 611 | ||
| 514 | sub main'puts | 612 | sub main'puts |
| @@ -588,7 +686,6 @@ sub main'picmeup | |||
| 588 | { | 686 | { |
| 589 | local($tmp)=<<___; | 687 | local($tmp)=<<___; |
| 590 | #if (defined(ELF) || defined(SOL)) && defined(PIC) | 688 | #if (defined(ELF) || defined(SOL)) && defined(PIC) |
| 591 | .align 8 | ||
| 592 | call 1f | 689 | call 1f |
| 593 | 1: popl $regs{$dst} | 690 | 1: popl $regs{$dst} |
| 594 | addl \$_GLOBAL_OFFSET_TABLE_+[.-1b],$regs{$dst} | 691 | addl \$_GLOBAL_OFFSET_TABLE_+[.-1b],$regs{$dst} |
| @@ -611,13 +708,12 @@ ___ | |||
| 611 | } | 708 | } |
| 612 | elsif ($main'pic && ($main'elf || $main'aout)) | 709 | elsif ($main'pic && ($main'elf || $main'aout)) |
| 613 | { | 710 | { |
| 614 | push(@out,"\t.align\t8\n"); | ||
| 615 | &main'call(&main'label("PIC_me_up")); | 711 | &main'call(&main'label("PIC_me_up")); |
| 616 | &main'set_label("PIC_me_up"); | 712 | &main'set_label("PIC_me_up"); |
| 617 | &main'blindpop($dst); | 713 | &main'blindpop($dst); |
| 618 | &main'add($dst,"\$$under"."_GLOBAL_OFFSET_TABLE_+[.-". | 714 | &main'add($dst,"\$${under}_GLOBAL_OFFSET_TABLE_+[.-". |
| 619 | &main'label("PIC_me_up") . "]"); | 715 | &main'label("PIC_me_up") . "]"); |
| 620 | &main'mov($dst,&main'DWP($sym."\@GOT",$dst)); | 716 | &main'mov($dst,&main'DWP($under.$sym."\@GOT",$dst)); |
| 621 | } | 717 | } |
| 622 | else | 718 | else |
| 623 | { | 719 | { |
| @@ -626,3 +722,41 @@ ___ | |||
| 626 | } | 722 | } |
| 627 | 723 | ||
| 628 | sub main'blindpop { &out1("popl",@_); } | 724 | sub main'blindpop { &out1("popl",@_); } |
| 725 | |||
| 726 | sub main'initseg | ||
| 727 | { | ||
| 728 | local($f)=@_; | ||
| 729 | local($tmp); | ||
| 730 | if ($main'elf) | ||
| 731 | { | ||
| 732 | $tmp=<<___; | ||
| 733 | .section .init | ||
| 734 | call $under$f | ||
| 735 | jmp .Linitalign | ||
| 736 | .align $align | ||
| 737 | .Linitalign: | ||
| 738 | ___ | ||
| 739 | } | ||
| 740 | elsif ($main'coff) | ||
| 741 | { | ||
| 742 | $tmp=<<___; # applies to both Cygwin and Mingw | ||
| 743 | .section .ctors | ||
| 744 | .long $under$f | ||
| 745 | ___ | ||
| 746 | } | ||
| 747 | elsif ($main'aout) | ||
| 748 | { | ||
| 749 | local($ctor)="${under}_GLOBAL_\$I\$$f"; | ||
| 750 | $tmp=".text\n"; | ||
| 751 | $tmp.=".type $ctor,\@function\n" if ($main'pic); | ||
| 752 | $tmp.=<<___; # OpenBSD way... | ||
| 753 | .globl $ctor | ||
| 754 | .align 2 | ||
| 755 | $ctor: | ||
| 756 | jmp $under$f | ||
| 757 | ___ | ||
| 758 | } | ||
| 759 | push(@out,$tmp) if ($tmp); | ||
| 760 | } | ||
| 761 | |||
| 762 | 1; | ||
diff --git a/src/lib/libcrypto/pkcs12/p12_add.c b/src/lib/libcrypto/pkcs12/p12_add.c index 27015dd8c3..41bdc00551 100644 --- a/src/lib/libcrypto/pkcs12/p12_add.c +++ b/src/lib/libcrypto/pkcs12/p12_add.c | |||
| @@ -68,16 +68,16 @@ PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid | |||
| 68 | PKCS12_BAGS *bag; | 68 | PKCS12_BAGS *bag; |
| 69 | PKCS12_SAFEBAG *safebag; | 69 | PKCS12_SAFEBAG *safebag; |
| 70 | if (!(bag = PKCS12_BAGS_new())) { | 70 | if (!(bag = PKCS12_BAGS_new())) { |
| 71 | PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); | 71 | PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); |
| 72 | return NULL; | 72 | return NULL; |
| 73 | } | 73 | } |
| 74 | bag->type = OBJ_nid2obj(nid1); | 74 | bag->type = OBJ_nid2obj(nid1); |
| 75 | if (!ASN1_item_pack(obj, it, &bag->value.octet)) { | 75 | if (!ASN1_item_pack(obj, it, &bag->value.octet)) { |
| 76 | PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); | 76 | PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); |
| 77 | return NULL; | 77 | return NULL; |
| 78 | } | 78 | } |
| 79 | if (!(safebag = PKCS12_SAFEBAG_new())) { | 79 | if (!(safebag = PKCS12_SAFEBAG_new())) { |
| 80 | PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); | 80 | PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); |
| 81 | return NULL; | 81 | return NULL; |
| 82 | } | 82 | } |
| 83 | safebag->value.bag = bag; | 83 | safebag->value.bag = bag; |
diff --git a/src/lib/libcrypto/pkcs12/p12_crpt.c b/src/lib/libcrypto/pkcs12/p12_crpt.c index 003ec7a33e..3ad33c49d8 100644 --- a/src/lib/libcrypto/pkcs12/p12_crpt.c +++ b/src/lib/libcrypto/pkcs12/p12_crpt.c | |||
| @@ -84,19 +84,25 @@ EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(), | |||
| 84 | #endif | 84 | #endif |
| 85 | } | 85 | } |
| 86 | 86 | ||
| 87 | int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | 87 | int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, |
| 88 | ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de) | 88 | ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de) |
| 89 | { | 89 | { |
| 90 | PBEPARAM *pbe; | 90 | PBEPARAM *pbe; |
| 91 | int saltlen, iter, ret; | 91 | int saltlen, iter, ret; |
| 92 | unsigned char *salt, *pbuf; | 92 | unsigned char *salt; |
| 93 | const unsigned char *pbuf; | ||
| 93 | unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; | 94 | unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; |
| 94 | 95 | ||
| 95 | /* Extract useful info from parameter */ | 96 | /* Extract useful info from parameter */ |
| 97 | if (param == NULL || param->type != V_ASN1_SEQUENCE || | ||
| 98 | param->value.sequence == NULL) { | ||
| 99 | PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_DECODE_ERROR); | ||
| 100 | return 0; | ||
| 101 | } | ||
| 102 | |||
| 96 | pbuf = param->value.sequence->data; | 103 | pbuf = param->value.sequence->data; |
| 97 | if (!param || (param->type != V_ASN1_SEQUENCE) || | 104 | if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { |
| 98 | !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) { | 105 | PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_DECODE_ERROR); |
| 99 | EVPerr(PKCS12_F_PKCS12_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); | ||
| 100 | return 0; | 106 | return 0; |
| 101 | } | 107 | } |
| 102 | 108 | ||
diff --git a/src/lib/libcrypto/pkcs12/p12_crt.c b/src/lib/libcrypto/pkcs12/p12_crt.c index 40340a7bef..dbafda17b6 100644 --- a/src/lib/libcrypto/pkcs12/p12_crt.c +++ b/src/lib/libcrypto/pkcs12/p12_crt.c | |||
| @@ -1,9 +1,9 @@ | |||
| 1 | /* p12_crt.c */ | 1 | /* p12_crt.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL |
| 3 | * project 1999. | 3 | * project. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -60,113 +60,289 @@ | |||
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/pkcs12.h> | 61 | #include <openssl/pkcs12.h> |
| 62 | 62 | ||
| 63 | |||
| 64 | static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag); | ||
| 65 | |||
| 63 | PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, | 66 | PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, |
| 64 | STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter, | 67 | STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter, |
| 65 | int keytype) | 68 | int keytype) |
| 66 | { | 69 | { |
| 67 | PKCS12 *p12; | 70 | PKCS12 *p12 = NULL; |
| 68 | STACK_OF(PKCS12_SAFEBAG) *bags; | 71 | STACK_OF(PKCS7) *safes = NULL; |
| 69 | STACK_OF(PKCS7) *safes; | 72 | STACK_OF(PKCS12_SAFEBAG) *bags = NULL; |
| 70 | PKCS12_SAFEBAG *bag; | 73 | PKCS12_SAFEBAG *bag = NULL; |
| 71 | PKCS8_PRIV_KEY_INFO *p8; | ||
| 72 | PKCS7 *authsafe; | ||
| 73 | X509 *tcert; | ||
| 74 | int i; | 74 | int i; |
| 75 | unsigned char keyid[EVP_MAX_MD_SIZE]; | 75 | unsigned char keyid[EVP_MAX_MD_SIZE]; |
| 76 | unsigned int keyidlen; | 76 | unsigned int keyidlen = 0; |
| 77 | 77 | ||
| 78 | /* Set defaults */ | 78 | /* Set defaults */ |
| 79 | if(!nid_cert) | 79 | if (!nid_cert) |
| 80 | { | 80 | nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; |
| 81 | #ifdef OPENSSL_FIPS | 81 | if (!nid_key) |
| 82 | if (FIPS_mode()) | 82 | nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; |
| 83 | nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; | 83 | if (!iter) |
| 84 | else | 84 | iter = PKCS12_DEFAULT_ITER; |
| 85 | #endif | 85 | if (!mac_iter) |
| 86 | nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; | 86 | mac_iter = 1; |
| 87 | } | ||
| 88 | if(!nid_key) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; | ||
| 89 | if(!iter) iter = PKCS12_DEFAULT_ITER; | ||
| 90 | if(!mac_iter) mac_iter = 1; | ||
| 91 | 87 | ||
| 92 | if(!pkey || !cert) { | 88 | if(!pkey && !cert && !ca) |
| 89 | { | ||
| 93 | PKCS12err(PKCS12_F_PKCS12_CREATE,PKCS12_R_INVALID_NULL_ARGUMENT); | 90 | PKCS12err(PKCS12_F_PKCS12_CREATE,PKCS12_R_INVALID_NULL_ARGUMENT); |
| 94 | return NULL; | 91 | return NULL; |
| 95 | } | 92 | } |
| 96 | |||
| 97 | if(!X509_check_private_key(cert, pkey)) return NULL; | ||
| 98 | 93 | ||
| 99 | if(!(bags = sk_PKCS12_SAFEBAG_new_null ())) { | 94 | if (pkey && cert) |
| 100 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); | 95 | { |
| 101 | return NULL; | 96 | if(!X509_check_private_key(cert, pkey)) |
| 102 | } | 97 | return NULL; |
| 98 | X509_digest(cert, EVP_sha1(), keyid, &keyidlen); | ||
| 99 | } | ||
| 103 | 100 | ||
| 104 | /* Add user certificate */ | 101 | if (cert) |
| 105 | if(!(bag = PKCS12_x5092certbag(cert))) return NULL; | 102 | { |
| 106 | if(name && !PKCS12_add_friendlyname(bag, name, -1)) return NULL; | 103 | bag = PKCS12_add_cert(&bags, cert); |
| 107 | X509_digest(cert, EVP_sha1(), keyid, &keyidlen); | 104 | if(name && !PKCS12_add_friendlyname(bag, name, -1)) |
| 108 | if(!PKCS12_add_localkeyid(bag, keyid, keyidlen)) return NULL; | 105 | goto err; |
| 106 | if(keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen)) | ||
| 107 | goto err; | ||
| 108 | } | ||
| 109 | 109 | ||
| 110 | if(!sk_PKCS12_SAFEBAG_push(bags, bag)) { | ||
| 111 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); | ||
| 112 | return NULL; | ||
| 113 | } | ||
| 114 | |||
| 115 | /* Add all other certificates */ | 110 | /* Add all other certificates */ |
| 116 | if(ca) { | 111 | for(i = 0; i < sk_X509_num(ca); i++) |
| 117 | for(i = 0; i < sk_X509_num(ca); i++) { | 112 | { |
| 118 | tcert = sk_X509_value(ca, i); | 113 | if (!PKCS12_add_cert(&bags, sk_X509_value(ca, i))) |
| 119 | if(!(bag = PKCS12_x5092certbag(tcert))) return NULL; | 114 | goto err; |
| 120 | if(!sk_PKCS12_SAFEBAG_push(bags, bag)) { | 115 | } |
| 121 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); | 116 | |
| 122 | return NULL; | 117 | if (bags && !PKCS12_add_safe(&safes, bags, nid_cert, iter, pass)) |
| 118 | goto err; | ||
| 119 | |||
| 120 | sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); | ||
| 121 | bags = NULL; | ||
| 122 | |||
| 123 | if (pkey) | ||
| 124 | { | ||
| 125 | int cspidx; | ||
| 126 | bag = PKCS12_add_key(&bags, pkey, keytype, iter, nid_key, pass); | ||
| 127 | |||
| 128 | if (!bag) | ||
| 129 | goto err; | ||
| 130 | |||
| 131 | cspidx = EVP_PKEY_get_attr_by_NID(pkey, NID_ms_csp_name, -1); | ||
| 132 | if (cspidx >= 0) | ||
| 133 | { | ||
| 134 | X509_ATTRIBUTE *cspattr; | ||
| 135 | cspattr = EVP_PKEY_get_attr(pkey, cspidx); | ||
| 136 | if (!X509at_add1_attr(&bag->attrib, cspattr)) | ||
| 137 | goto err; | ||
| 123 | } | 138 | } |
| 139 | |||
| 140 | if(name && !PKCS12_add_friendlyname(bag, name, -1)) | ||
| 141 | goto err; | ||
| 142 | if(keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen)) | ||
| 143 | goto err; | ||
| 124 | } | 144 | } |
| 125 | } | ||
| 126 | 145 | ||
| 127 | /* Turn certbags into encrypted authsafe */ | 146 | if (bags && !PKCS12_add_safe(&safes, bags, -1, 0, NULL)) |
| 128 | authsafe = PKCS12_pack_p7encdata (nid_cert, pass, -1, NULL, 0, | 147 | goto err; |
| 129 | iter, bags); | 148 | |
| 130 | sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); | 149 | sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); |
| 150 | bags = NULL; | ||
| 131 | 151 | ||
| 132 | if (!authsafe) return NULL; | 152 | p12 = PKCS12_add_safes(safes, 0); |
| 153 | |||
| 154 | sk_PKCS7_pop_free(safes, PKCS7_free); | ||
| 155 | |||
| 156 | safes = NULL; | ||
| 157 | |||
| 158 | if ((mac_iter != -1) && | ||
| 159 | !PKCS12_set_mac(p12, pass, -1, NULL, 0, mac_iter, NULL)) | ||
| 160 | goto err; | ||
| 161 | |||
| 162 | return p12; | ||
| 163 | |||
| 164 | err: | ||
| 165 | |||
| 166 | if (p12) | ||
| 167 | PKCS12_free(p12); | ||
| 168 | if (safes) | ||
| 169 | sk_PKCS7_pop_free(safes, PKCS7_free); | ||
| 170 | if (bags) | ||
| 171 | sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); | ||
| 172 | return NULL; | ||
| 173 | |||
| 174 | } | ||
| 175 | |||
| 176 | PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert) | ||
| 177 | { | ||
| 178 | PKCS12_SAFEBAG *bag = NULL; | ||
| 179 | char *name; | ||
| 180 | int namelen = -1; | ||
| 181 | unsigned char *keyid; | ||
| 182 | int keyidlen = -1; | ||
| 183 | |||
| 184 | /* Add user certificate */ | ||
| 185 | if(!(bag = PKCS12_x5092certbag(cert))) | ||
| 186 | goto err; | ||
| 187 | |||
| 188 | /* Use friendlyName and localKeyID in certificate. | ||
| 189 | * (if present) | ||
| 190 | */ | ||
| 191 | |||
| 192 | name = (char *)X509_alias_get0(cert, &namelen); | ||
| 193 | |||
| 194 | if(name && !PKCS12_add_friendlyname(bag, name, namelen)) | ||
| 195 | goto err; | ||
| 196 | |||
| 197 | keyid = X509_keyid_get0(cert, &keyidlen); | ||
| 198 | |||
| 199 | if(keyid && !PKCS12_add_localkeyid(bag, keyid, keyidlen)) | ||
| 200 | goto err; | ||
| 201 | |||
| 202 | if (!pkcs12_add_bag(pbags, bag)) | ||
| 203 | goto err; | ||
| 204 | |||
| 205 | return bag; | ||
| 206 | |||
| 207 | err: | ||
| 208 | |||
| 209 | if (bag) | ||
| 210 | PKCS12_SAFEBAG_free(bag); | ||
| 211 | |||
| 212 | return NULL; | ||
| 133 | 213 | ||
| 134 | if(!(safes = sk_PKCS7_new_null ()) | ||
| 135 | || !sk_PKCS7_push(safes, authsafe)) { | ||
| 136 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); | ||
| 137 | return NULL; | ||
| 138 | } | 214 | } |
| 139 | 215 | ||
| 140 | /* Make a shrouded key bag */ | 216 | PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key, |
| 141 | if(!(p8 = EVP_PKEY2PKCS8 (pkey))) return NULL; | 217 | int key_usage, int iter, |
| 142 | if(keytype && !PKCS8_add_keyusage(p8, keytype)) return NULL; | 218 | int nid_key, char *pass) |
| 143 | bag = PKCS12_MAKE_SHKEYBAG (nid_key, pass, -1, NULL, 0, iter, p8); | 219 | { |
| 144 | if(!bag) return NULL; | 220 | |
| 145 | PKCS8_PRIV_KEY_INFO_free(p8); | 221 | PKCS12_SAFEBAG *bag = NULL; |
| 146 | if (name && !PKCS12_add_friendlyname (bag, name, -1)) return NULL; | 222 | PKCS8_PRIV_KEY_INFO *p8 = NULL; |
| 147 | if(!PKCS12_add_localkeyid (bag, keyid, keyidlen)) return NULL; | 223 | |
| 148 | if(!(bags = sk_PKCS12_SAFEBAG_new_null()) | 224 | /* Make a PKCS#8 structure */ |
| 149 | || !sk_PKCS12_SAFEBAG_push (bags, bag)) { | 225 | if(!(p8 = EVP_PKEY2PKCS8(key))) |
| 150 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); | 226 | goto err; |
| 151 | return NULL; | 227 | if(key_usage && !PKCS8_add_keyusage(p8, key_usage)) |
| 228 | goto err; | ||
| 229 | if (nid_key != -1) | ||
| 230 | { | ||
| 231 | bag = PKCS12_MAKE_SHKEYBAG(nid_key, pass, -1, NULL, 0, iter, p8); | ||
| 232 | PKCS8_PRIV_KEY_INFO_free(p8); | ||
| 233 | } | ||
| 234 | else | ||
| 235 | bag = PKCS12_MAKE_KEYBAG(p8); | ||
| 236 | |||
| 237 | if(!bag) | ||
| 238 | goto err; | ||
| 239 | |||
| 240 | if (!pkcs12_add_bag(pbags, bag)) | ||
| 241 | goto err; | ||
| 242 | |||
| 243 | return bag; | ||
| 244 | |||
| 245 | err: | ||
| 246 | |||
| 247 | if (bag) | ||
| 248 | PKCS12_SAFEBAG_free(bag); | ||
| 249 | |||
| 250 | return NULL; | ||
| 251 | |||
| 152 | } | 252 | } |
| 153 | /* Turn it into unencrypted safe bag */ | 253 | |
| 154 | if(!(authsafe = PKCS12_pack_p7data (bags))) return NULL; | 254 | int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, |
| 155 | sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); | 255 | int nid_safe, int iter, char *pass) |
| 156 | if(!sk_PKCS7_push(safes, authsafe)) { | 256 | { |
| 157 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); | 257 | PKCS7 *p7 = NULL; |
| 158 | return NULL; | 258 | int free_safes = 0; |
| 259 | |||
| 260 | if (!*psafes) | ||
| 261 | { | ||
| 262 | *psafes = sk_PKCS7_new_null(); | ||
| 263 | if (!*psafes) | ||
| 264 | return 0; | ||
| 265 | free_safes = 1; | ||
| 266 | } | ||
| 267 | else | ||
| 268 | free_safes = 0; | ||
| 269 | |||
| 270 | if (nid_safe == 0) | ||
| 271 | nid_safe = NID_pbe_WithSHA1And40BitRC2_CBC; | ||
| 272 | |||
| 273 | if (nid_safe == -1) | ||
| 274 | p7 = PKCS12_pack_p7data(bags); | ||
| 275 | else | ||
| 276 | p7 = PKCS12_pack_p7encdata(nid_safe, pass, -1, NULL, 0, | ||
| 277 | iter, bags); | ||
| 278 | if (!p7) | ||
| 279 | goto err; | ||
| 280 | |||
| 281 | if (!sk_PKCS7_push(*psafes, p7)) | ||
| 282 | goto err; | ||
| 283 | |||
| 284 | return 1; | ||
| 285 | |||
| 286 | err: | ||
| 287 | if (free_safes) | ||
| 288 | { | ||
| 289 | sk_PKCS7_free(*psafes); | ||
| 290 | *psafes = NULL; | ||
| 291 | } | ||
| 292 | |||
| 293 | if (p7) | ||
| 294 | PKCS7_free(p7); | ||
| 295 | |||
| 296 | return 0; | ||
| 297 | |||
| 159 | } | 298 | } |
| 160 | 299 | ||
| 161 | if(!(p12 = PKCS12_init (NID_pkcs7_data))) return NULL; | 300 | static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag) |
| 301 | { | ||
| 302 | int free_bags; | ||
| 303 | if (!pbags) | ||
| 304 | return 1; | ||
| 305 | if (!*pbags) | ||
| 306 | { | ||
| 307 | *pbags = sk_PKCS12_SAFEBAG_new_null(); | ||
| 308 | if (!*pbags) | ||
| 309 | return 0; | ||
| 310 | free_bags = 1; | ||
| 311 | } | ||
| 312 | else | ||
| 313 | free_bags = 0; | ||
| 162 | 314 | ||
| 163 | if(!PKCS12_pack_authsafes (p12, safes)) return NULL; | 315 | if (!sk_PKCS12_SAFEBAG_push(*pbags, bag)) |
| 316 | { | ||
| 317 | if (free_bags) | ||
| 318 | { | ||
| 319 | sk_PKCS12_SAFEBAG_free(*pbags); | ||
| 320 | *pbags = NULL; | ||
| 321 | } | ||
| 322 | return 0; | ||
| 323 | } | ||
| 164 | 324 | ||
| 165 | sk_PKCS7_pop_free(safes, PKCS7_free); | 325 | return 1; |
| 326 | |||
| 327 | } | ||
| 328 | |||
| 329 | |||
| 330 | PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int nid_p7) | ||
| 331 | { | ||
| 332 | PKCS12 *p12; | ||
| 333 | if (nid_p7 <= 0) | ||
| 334 | nid_p7 = NID_pkcs7_data; | ||
| 335 | p12 = PKCS12_init(nid_p7); | ||
| 336 | |||
| 337 | if (!p12) | ||
| 338 | return NULL; | ||
| 166 | 339 | ||
| 167 | if(!PKCS12_set_mac (p12, pass, -1, NULL, 0, mac_iter, NULL)) | 340 | if(!PKCS12_pack_authsafes(p12, safes)) |
| 168 | return NULL; | 341 | { |
| 342 | PKCS12_free(p12); | ||
| 343 | return NULL; | ||
| 344 | } | ||
| 169 | 345 | ||
| 170 | return p12; | 346 | return p12; |
| 171 | 347 | ||
| 172 | } | 348 | } |
diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c index b5684a83ba..74c961a92b 100644 --- a/src/lib/libcrypto/pkcs12/p12_decr.c +++ b/src/lib/libcrypto/pkcs12/p12_decr.c | |||
| @@ -113,13 +113,14 @@ unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, | |||
| 113 | void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, | 113 | void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, |
| 114 | const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf) | 114 | const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf) |
| 115 | { | 115 | { |
| 116 | unsigned char *out, *p; | 116 | unsigned char *out; |
| 117 | const unsigned char *p; | ||
| 117 | void *ret; | 118 | void *ret; |
| 118 | int outlen; | 119 | int outlen; |
| 119 | 120 | ||
| 120 | if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length, | 121 | if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length, |
| 121 | &out, &outlen, 0)) { | 122 | &out, &outlen, 0)) { |
| 122 | PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_PKCS12_PBE_CRYPT_ERROR); | 123 | PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I,PKCS12_R_PKCS12_PBE_CRYPT_ERROR); |
| 123 | return NULL; | 124 | return NULL; |
| 124 | } | 125 | } |
| 125 | p = out; | 126 | p = out; |
| @@ -137,7 +138,7 @@ void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, | |||
| 137 | #endif | 138 | #endif |
| 138 | ret = ASN1_item_d2i(NULL, &p, outlen, it); | 139 | ret = ASN1_item_d2i(NULL, &p, outlen, it); |
| 139 | if (zbuf) OPENSSL_cleanse(out, outlen); | 140 | if (zbuf) OPENSSL_cleanse(out, outlen); |
| 140 | if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); | 141 | if(!ret) PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); |
| 141 | OPENSSL_free(out); | 142 | OPENSSL_free(out); |
| 142 | return ret; | 143 | return ret; |
| 143 | } | 144 | } |
| @@ -154,17 +155,17 @@ ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *i | |||
| 154 | unsigned char *in = NULL; | 155 | unsigned char *in = NULL; |
| 155 | int inlen; | 156 | int inlen; |
| 156 | if (!(oct = M_ASN1_OCTET_STRING_new ())) { | 157 | if (!(oct = M_ASN1_OCTET_STRING_new ())) { |
| 157 | PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE); | 158 | PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE); |
| 158 | return NULL; | 159 | return NULL; |
| 159 | } | 160 | } |
| 160 | inlen = ASN1_item_i2d(obj, &in, it); | 161 | inlen = ASN1_item_i2d(obj, &in, it); |
| 161 | if (!in) { | 162 | if (!in) { |
| 162 | PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR); | 163 | PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR); |
| 163 | return NULL; | 164 | return NULL; |
| 164 | } | 165 | } |
| 165 | if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data, | 166 | if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data, |
| 166 | &oct->length, 1)) { | 167 | &oct->length, 1)) { |
| 167 | PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR); | 168 | PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR); |
| 168 | OPENSSL_free(in); | 169 | OPENSSL_free(in); |
| 169 | return NULL; | 170 | return NULL; |
| 170 | } | 171 | } |
diff --git a/src/lib/libcrypto/pkcs12/p12_init.c b/src/lib/libcrypto/pkcs12/p12_init.c index 5276b12669..6bdc132631 100644 --- a/src/lib/libcrypto/pkcs12/p12_init.c +++ b/src/lib/libcrypto/pkcs12/p12_init.c | |||
| @@ -62,7 +62,7 @@ | |||
| 62 | 62 | ||
| 63 | /* Initialise a PKCS12 structure to take data */ | 63 | /* Initialise a PKCS12 structure to take data */ |
| 64 | 64 | ||
| 65 | PKCS12 *PKCS12_init (int mode) | 65 | PKCS12 *PKCS12_init(int mode) |
| 66 | { | 66 | { |
| 67 | PKCS12 *pkcs12; | 67 | PKCS12 *pkcs12; |
| 68 | if (!(pkcs12 = PKCS12_new())) { | 68 | if (!(pkcs12 = PKCS12_new())) { |
diff --git a/src/lib/libcrypto/pkcs12/p12_key.c b/src/lib/libcrypto/pkcs12/p12_key.c index 9196a34b4a..18e72d0a1b 100644 --- a/src/lib/libcrypto/pkcs12/p12_key.c +++ b/src/lib/libcrypto/pkcs12/p12_key.c | |||
| @@ -59,7 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/pkcs12.h> | 61 | #include <openssl/pkcs12.h> |
| 62 | 62 | #include <openssl/bn.h> | |
| 63 | 63 | ||
| 64 | /* Uncomment out this line to get debugging info about key generation */ | 64 | /* Uncomment out this line to get debugging info about key generation */ |
| 65 | /*#define DEBUG_KEYGEN*/ | 65 | /*#define DEBUG_KEYGEN*/ |
diff --git a/src/lib/libcrypto/pkcs12/p12_kiss.c b/src/lib/libcrypto/pkcs12/p12_kiss.c index 2b31999e11..c2ee2cc6f3 100644 --- a/src/lib/libcrypto/pkcs12/p12_kiss.c +++ b/src/lib/libcrypto/pkcs12/p12_kiss.c | |||
| @@ -80,7 +80,7 @@ static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen, | |||
| 80 | * passed unitialised. | 80 | * passed unitialised. |
| 81 | */ | 81 | */ |
| 82 | 82 | ||
| 83 | int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, | 83 | int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, |
| 84 | STACK_OF(X509) **ca) | 84 | STACK_OF(X509) **ca) |
| 85 | { | 85 | { |
| 86 | 86 | ||
| @@ -141,7 +141,7 @@ int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, | |||
| 141 | 141 | ||
| 142 | /* Parse the outer PKCS#12 structure */ | 142 | /* Parse the outer PKCS#12 structure */ |
| 143 | 143 | ||
| 144 | static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen, | 144 | static int parse_pk12(PKCS12 *p12, const char *pass, int passlen, |
| 145 | EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) | 145 | EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) |
| 146 | { | 146 | { |
| 147 | STACK_OF(PKCS7) *asafes; | 147 | STACK_OF(PKCS7) *asafes; |
| @@ -178,10 +178,10 @@ static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen, | |||
| 178 | } | 178 | } |
| 179 | 179 | ||
| 180 | 180 | ||
| 181 | static int parse_bags (STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, | 181 | static int parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, |
| 182 | int passlen, EVP_PKEY **pkey, X509 **cert, | 182 | int passlen, EVP_PKEY **pkey, X509 **cert, |
| 183 | STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid, | 183 | STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid, |
| 184 | char *keymatch) | 184 | char *keymatch) |
| 185 | { | 185 | { |
| 186 | int i; | 186 | int i; |
| 187 | for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) { | 187 | for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) { |
| @@ -197,9 +197,9 @@ static int parse_bags (STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, | |||
| 197 | #define MATCH_ALL 0x3 | 197 | #define MATCH_ALL 0x3 |
| 198 | 198 | ||
| 199 | static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, | 199 | static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, |
| 200 | EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca, | 200 | EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca, |
| 201 | ASN1_OCTET_STRING **keyid, | 201 | ASN1_OCTET_STRING **keyid, |
| 202 | char *keymatch) | 202 | char *keymatch) |
| 203 | { | 203 | { |
| 204 | PKCS8_PRIV_KEY_INFO *p8; | 204 | PKCS8_PRIV_KEY_INFO *p8; |
| 205 | X509 *x509; | 205 | X509 *x509; |
| @@ -221,7 +221,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, | |||
| 221 | if (M_ASN1_OCTET_STRING_cmp(*keyid, lkey)) lkey = NULL; | 221 | if (M_ASN1_OCTET_STRING_cmp(*keyid, lkey)) lkey = NULL; |
| 222 | } else { | 222 | } else { |
| 223 | if (!(*keyid = M_ASN1_OCTET_STRING_dup(lkey))) { | 223 | if (!(*keyid = M_ASN1_OCTET_STRING_dup(lkey))) { |
| 224 | PKCS12err(PKCS12_F_PARSE_BAGS,ERR_R_MALLOC_FAILURE); | 224 | PKCS12err(PKCS12_F_PARSE_BAG,ERR_R_MALLOC_FAILURE); |
| 225 | return 0; | 225 | return 0; |
| 226 | } | 226 | } |
| 227 | } | 227 | } |
diff --git a/src/lib/libcrypto/pkcs12/p12_mutl.c b/src/lib/libcrypto/pkcs12/p12_mutl.c index 140d21155e..c408cc8ab8 100644 --- a/src/lib/libcrypto/pkcs12/p12_mutl.c +++ b/src/lib/libcrypto/pkcs12/p12_mutl.c | |||
| @@ -64,12 +64,12 @@ | |||
| 64 | #include <openssl/pkcs12.h> | 64 | #include <openssl/pkcs12.h> |
| 65 | 65 | ||
| 66 | /* Generate a MAC */ | 66 | /* Generate a MAC */ |
| 67 | int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen, | 67 | int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, |
| 68 | unsigned char *mac, unsigned int *maclen) | 68 | unsigned char *mac, unsigned int *maclen) |
| 69 | { | 69 | { |
| 70 | const EVP_MD *md_type; | 70 | const EVP_MD *md_type; |
| 71 | HMAC_CTX hmac; | 71 | HMAC_CTX hmac; |
| 72 | unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt; | 72 | unsigned char key[EVP_MAX_MD_SIZE], *salt; |
| 73 | int saltlen, iter; | 73 | int saltlen, iter; |
| 74 | 74 | ||
| 75 | if (!PKCS7_type_is_data(p12->authsafes)) | 75 | if (!PKCS7_type_is_data(p12->authsafes)) |
| @@ -88,12 +88,12 @@ int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen, | |||
| 88 | return 0; | 88 | return 0; |
| 89 | } | 89 | } |
| 90 | if(!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, | 90 | if(!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, |
| 91 | PKCS12_MAC_KEY_LENGTH, key, md_type)) { | 91 | EVP_MD_size(md_type), key, md_type)) { |
| 92 | PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_KEY_GEN_ERROR); | 92 | PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_KEY_GEN_ERROR); |
| 93 | return 0; | 93 | return 0; |
| 94 | } | 94 | } |
| 95 | HMAC_CTX_init(&hmac); | 95 | HMAC_CTX_init(&hmac); |
| 96 | HMAC_Init_ex(&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type, NULL); | 96 | HMAC_Init_ex(&hmac, key, EVP_MD_size(md_type), md_type, NULL); |
| 97 | HMAC_Update(&hmac, p12->authsafes->d.data->data, | 97 | HMAC_Update(&hmac, p12->authsafes->d.data->data, |
| 98 | p12->authsafes->d.data->length); | 98 | p12->authsafes->d.data->length); |
| 99 | HMAC_Final(&hmac, mac, maclen); | 99 | HMAC_Final(&hmac, mac, maclen); |
| @@ -102,16 +102,16 @@ int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen, | |||
| 102 | } | 102 | } |
| 103 | 103 | ||
| 104 | /* Verify the mac */ | 104 | /* Verify the mac */ |
| 105 | int PKCS12_verify_mac (PKCS12 *p12, const char *pass, int passlen) | 105 | int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen) |
| 106 | { | 106 | { |
| 107 | unsigned char mac[EVP_MAX_MD_SIZE]; | 107 | unsigned char mac[EVP_MAX_MD_SIZE]; |
| 108 | unsigned int maclen; | 108 | unsigned int maclen; |
| 109 | if(p12->mac == NULL) { | 109 | if(p12->mac == NULL) { |
| 110 | PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_ABSENT); | 110 | PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC,PKCS12_R_MAC_ABSENT); |
| 111 | return 0; | 111 | return 0; |
| 112 | } | 112 | } |
| 113 | if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) { | 113 | if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) { |
| 114 | PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_GENERATION_ERROR); | 114 | PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC,PKCS12_R_MAC_GENERATION_ERROR); |
| 115 | return 0; | 115 | return 0; |
| 116 | } | 116 | } |
| 117 | if ((maclen != (unsigned int)p12->mac->dinfo->digest->length) | 117 | if ((maclen != (unsigned int)p12->mac->dinfo->digest->length) |
| @@ -121,7 +121,7 @@ int PKCS12_verify_mac (PKCS12 *p12, const char *pass, int passlen) | |||
| 121 | 121 | ||
| 122 | /* Set a mac */ | 122 | /* Set a mac */ |
| 123 | 123 | ||
| 124 | int PKCS12_set_mac (PKCS12 *p12, const char *pass, int passlen, | 124 | int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, |
| 125 | unsigned char *salt, int saltlen, int iter, const EVP_MD *md_type) | 125 | unsigned char *salt, int saltlen, int iter, const EVP_MD *md_type) |
| 126 | { | 126 | { |
| 127 | unsigned char mac[EVP_MAX_MD_SIZE]; | 127 | unsigned char mac[EVP_MAX_MD_SIZE]; |
| @@ -145,7 +145,7 @@ int PKCS12_set_mac (PKCS12 *p12, const char *pass, int passlen, | |||
| 145 | } | 145 | } |
| 146 | 146 | ||
| 147 | /* Set up a mac structure */ | 147 | /* Set up a mac structure */ |
| 148 | int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen, | 148 | int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, |
| 149 | const EVP_MD *md_type) | 149 | const EVP_MD *md_type) |
| 150 | { | 150 | { |
| 151 | if (!(p12->mac = PKCS12_MAC_DATA_new())) return PKCS12_ERROR; | 151 | if (!(p12->mac = PKCS12_MAC_DATA_new())) return PKCS12_ERROR; |
diff --git a/src/lib/libcrypto/pkcs12/p12_npas.c b/src/lib/libcrypto/pkcs12/p12_npas.c index af708a2743..48eacc5c49 100644 --- a/src/lib/libcrypto/pkcs12/p12_npas.c +++ b/src/lib/libcrypto/pkcs12/p12_npas.c | |||
| @@ -77,28 +77,26 @@ static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen); | |||
| 77 | 77 | ||
| 78 | int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass) | 78 | int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass) |
| 79 | { | 79 | { |
| 80 | /* Check for NULL PKCS12 structure */ | ||
| 80 | 81 | ||
| 81 | /* Check for NULL PKCS12 structure */ | 82 | if(!p12) { |
| 82 | 83 | PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_INVALID_NULL_PKCS12_POINTER); | |
| 83 | if(!p12) { | 84 | return 0; |
| 84 | PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_INVALID_NULL_PKCS12_POINTER); | 85 | } |
| 85 | return 0; | ||
| 86 | } | ||
| 87 | |||
| 88 | /* Check the mac */ | ||
| 89 | |||
| 90 | if (!PKCS12_verify_mac(p12, oldpass, -1)) { | ||
| 91 | PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_MAC_VERIFY_FAILURE); | ||
| 92 | return 0; | ||
| 93 | } | ||
| 94 | 86 | ||
| 95 | if (!newpass_p12(p12, oldpass, newpass)) { | 87 | /* Check the mac */ |
| 96 | PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_PARSE_ERROR); | 88 | |
| 97 | return 0; | 89 | if (!PKCS12_verify_mac(p12, oldpass, -1)) { |
| 98 | } | 90 | PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_MAC_VERIFY_FAILURE); |
| 91 | return 0; | ||
| 92 | } | ||
| 99 | 93 | ||
| 100 | return 1; | 94 | if (!newpass_p12(p12, oldpass, newpass)) { |
| 95 | PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_PARSE_ERROR); | ||
| 96 | return 0; | ||
| 97 | } | ||
| 101 | 98 | ||
| 99 | return 1; | ||
| 102 | } | 100 | } |
| 103 | 101 | ||
| 104 | /* Parse the outer PKCS#12 structure */ | 102 | /* Parse the outer PKCS#12 structure */ |
| @@ -206,7 +204,8 @@ static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass) | |||
| 206 | static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen) | 204 | static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen) |
| 207 | { | 205 | { |
| 208 | PBEPARAM *pbe; | 206 | PBEPARAM *pbe; |
| 209 | unsigned char *p; | 207 | const unsigned char *p; |
| 208 | |||
| 210 | p = alg->parameter->value.sequence->data; | 209 | p = alg->parameter->value.sequence->data; |
| 211 | pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); | 210 | pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); |
| 212 | *pnid = OBJ_obj2nid(alg->algorithm); | 211 | *pnid = OBJ_obj2nid(alg->algorithm); |
diff --git a/src/lib/libcrypto/pkcs12/pk12err.c b/src/lib/libcrypto/pkcs12/pk12err.c index a33b37b1c7..07a1fb6907 100644 --- a/src/lib/libcrypto/pkcs12/pk12err.c +++ b/src/lib/libcrypto/pkcs12/pk12err.c | |||
| @@ -70,16 +70,18 @@ | |||
| 70 | 70 | ||
| 71 | static ERR_STRING_DATA PKCS12_str_functs[]= | 71 | static ERR_STRING_DATA PKCS12_str_functs[]= |
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(PKCS12_F_PARSE_BAG), "PARSE_BAG"}, | ||
| 73 | {ERR_FUNC(PKCS12_F_PARSE_BAGS), "PARSE_BAGS"}, | 74 | {ERR_FUNC(PKCS12_F_PARSE_BAGS), "PARSE_BAGS"}, |
| 74 | {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME), "PKCS12_ADD_FRIENDLYNAME"}, | 75 | {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME), "PKCS12_ADD_FRIENDLYNAME"}, |
| 75 | {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC), "PKCS12_add_friendlyname_asc"}, | 76 | {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC), "PKCS12_add_friendlyname_asc"}, |
| 76 | {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI), "PKCS12_add_friendlyname_uni"}, | 77 | {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI), "PKCS12_add_friendlyname_uni"}, |
| 77 | {ERR_FUNC(PKCS12_F_PKCS12_ADD_LOCALKEYID), "PKCS12_add_localkeyid"}, | 78 | {ERR_FUNC(PKCS12_F_PKCS12_ADD_LOCALKEYID), "PKCS12_add_localkeyid"}, |
| 78 | {ERR_FUNC(PKCS12_F_PKCS12_CREATE), "PKCS12_create"}, | 79 | {ERR_FUNC(PKCS12_F_PKCS12_CREATE), "PKCS12_create"}, |
| 79 | {ERR_FUNC(PKCS12_F_PKCS12_DECRYPT_D2I), "PKCS12_DECRYPT_D2I"}, | ||
| 80 | {ERR_FUNC(PKCS12_F_PKCS12_GEN_MAC), "PKCS12_gen_mac"}, | 80 | {ERR_FUNC(PKCS12_F_PKCS12_GEN_MAC), "PKCS12_gen_mac"}, |
| 81 | {ERR_FUNC(PKCS12_F_PKCS12_I2D_ENCRYPT), "PKCS12_I2D_ENCRYPT"}, | ||
| 82 | {ERR_FUNC(PKCS12_F_PKCS12_INIT), "PKCS12_init"}, | 81 | {ERR_FUNC(PKCS12_F_PKCS12_INIT), "PKCS12_init"}, |
| 82 | {ERR_FUNC(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I), "PKCS12_item_decrypt_d2i"}, | ||
| 83 | {ERR_FUNC(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT), "PKCS12_item_i2d_encrypt"}, | ||
| 84 | {ERR_FUNC(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG), "PKCS12_item_pack_safebag"}, | ||
| 83 | {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_ASC), "PKCS12_key_gen_asc"}, | 85 | {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_ASC), "PKCS12_key_gen_asc"}, |
| 84 | {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_UNI), "PKCS12_key_gen_uni"}, | 86 | {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_UNI), "PKCS12_key_gen_uni"}, |
| 85 | {ERR_FUNC(PKCS12_F_PKCS12_MAKE_KEYBAG), "PKCS12_MAKE_KEYBAG"}, | 87 | {ERR_FUNC(PKCS12_F_PKCS12_MAKE_KEYBAG), "PKCS12_MAKE_KEYBAG"}, |
| @@ -87,7 +89,6 @@ static ERR_STRING_DATA PKCS12_str_functs[]= | |||
| 87 | {ERR_FUNC(PKCS12_F_PKCS12_NEWPASS), "PKCS12_newpass"}, | 89 | {ERR_FUNC(PKCS12_F_PKCS12_NEWPASS), "PKCS12_newpass"}, |
| 88 | {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7DATA), "PKCS12_pack_p7data"}, | 90 | {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7DATA), "PKCS12_pack_p7data"}, |
| 89 | {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7ENCDATA), "PKCS12_pack_p7encdata"}, | 91 | {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7ENCDATA), "PKCS12_pack_p7encdata"}, |
| 90 | {ERR_FUNC(PKCS12_F_PKCS12_PACK_SAFEBAG), "PKCS12_PACK_SAFEBAG"}, | ||
| 91 | {ERR_FUNC(PKCS12_F_PKCS12_PARSE), "PKCS12_parse"}, | 92 | {ERR_FUNC(PKCS12_F_PKCS12_PARSE), "PKCS12_parse"}, |
| 92 | {ERR_FUNC(PKCS12_F_PKCS12_PBE_CRYPT), "PKCS12_pbe_crypt"}, | 93 | {ERR_FUNC(PKCS12_F_PKCS12_PBE_CRYPT), "PKCS12_pbe_crypt"}, |
| 93 | {ERR_FUNC(PKCS12_F_PKCS12_PBE_KEYIVGEN), "PKCS12_PBE_keyivgen"}, | 94 | {ERR_FUNC(PKCS12_F_PKCS12_PBE_KEYIVGEN), "PKCS12_PBE_keyivgen"}, |
| @@ -95,9 +96,9 @@ static ERR_STRING_DATA PKCS12_str_functs[]= | |||
| 95 | {ERR_FUNC(PKCS12_F_PKCS12_SET_MAC), "PKCS12_set_mac"}, | 96 | {ERR_FUNC(PKCS12_F_PKCS12_SET_MAC), "PKCS12_set_mac"}, |
| 96 | {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES), "PKCS12_unpack_authsafes"}, | 97 | {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES), "PKCS12_unpack_authsafes"}, |
| 97 | {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_P7DATA), "PKCS12_unpack_p7data"}, | 98 | {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_P7DATA), "PKCS12_unpack_p7data"}, |
| 99 | {ERR_FUNC(PKCS12_F_PKCS12_VERIFY_MAC), "PKCS12_verify_mac"}, | ||
| 98 | {ERR_FUNC(PKCS12_F_PKCS8_ADD_KEYUSAGE), "PKCS8_add_keyusage"}, | 100 | {ERR_FUNC(PKCS12_F_PKCS8_ADD_KEYUSAGE), "PKCS8_add_keyusage"}, |
| 99 | {ERR_FUNC(PKCS12_F_PKCS8_ENCRYPT), "PKCS8_encrypt"}, | 101 | {ERR_FUNC(PKCS12_F_PKCS8_ENCRYPT), "PKCS8_encrypt"}, |
| 100 | {ERR_FUNC(PKCS12_F_VERIFY_MAC), "VERIFY_MAC"}, | ||
| 101 | {0,NULL} | 102 | {0,NULL} |
| 102 | }; | 103 | }; |
| 103 | 104 | ||
| @@ -132,15 +133,12 @@ static ERR_STRING_DATA PKCS12_str_reasons[]= | |||
| 132 | 133 | ||
| 133 | void ERR_load_PKCS12_strings(void) | 134 | void ERR_load_PKCS12_strings(void) |
| 134 | { | 135 | { |
| 135 | static int init=1; | 136 | #ifndef OPENSSL_NO_ERR |
| 136 | 137 | ||
| 137 | if (init) | 138 | if (ERR_func_error_string(PKCS12_str_functs[0].error) == NULL) |
| 138 | { | 139 | { |
| 139 | init=0; | ||
| 140 | #ifndef OPENSSL_NO_ERR | ||
| 141 | ERR_load_strings(0,PKCS12_str_functs); | 140 | ERR_load_strings(0,PKCS12_str_functs); |
| 142 | ERR_load_strings(0,PKCS12_str_reasons); | 141 | ERR_load_strings(0,PKCS12_str_reasons); |
| 143 | #endif | ||
| 144 | |||
| 145 | } | 142 | } |
| 143 | #endif | ||
| 146 | } | 144 | } |
diff --git a/src/lib/libcrypto/pkcs12/pkcs12.h b/src/lib/libcrypto/pkcs12/pkcs12.h index fb8af82d4f..a2d7e359a0 100644 --- a/src/lib/libcrypto/pkcs12/pkcs12.h +++ b/src/lib/libcrypto/pkcs12/pkcs12.h | |||
| @@ -249,6 +249,15 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, | |||
| 249 | PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, | 249 | PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, |
| 250 | STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, | 250 | STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, |
| 251 | int mac_iter, int keytype); | 251 | int mac_iter, int keytype); |
| 252 | |||
| 253 | PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert); | ||
| 254 | PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key, | ||
| 255 | int key_usage, int iter, | ||
| 256 | int key_nid, char *pass); | ||
| 257 | int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, | ||
| 258 | int safe_nid, int iter, char *pass); | ||
| 259 | PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid); | ||
| 260 | |||
| 252 | int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12); | 261 | int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12); |
| 253 | int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); | 262 | int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); |
| 254 | PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12); | 263 | PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12); |
| @@ -264,16 +273,18 @@ void ERR_load_PKCS12_strings(void); | |||
| 264 | /* Error codes for the PKCS12 functions. */ | 273 | /* Error codes for the PKCS12 functions. */ |
| 265 | 274 | ||
| 266 | /* Function codes. */ | 275 | /* Function codes. */ |
| 276 | #define PKCS12_F_PARSE_BAG 129 | ||
| 267 | #define PKCS12_F_PARSE_BAGS 103 | 277 | #define PKCS12_F_PARSE_BAGS 103 |
| 268 | #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100 | 278 | #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100 |
| 269 | #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127 | 279 | #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127 |
| 270 | #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102 | 280 | #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102 |
| 271 | #define PKCS12_F_PKCS12_ADD_LOCALKEYID 104 | 281 | #define PKCS12_F_PKCS12_ADD_LOCALKEYID 104 |
| 272 | #define PKCS12_F_PKCS12_CREATE 105 | 282 | #define PKCS12_F_PKCS12_CREATE 105 |
| 273 | #define PKCS12_F_PKCS12_DECRYPT_D2I 106 | ||
| 274 | #define PKCS12_F_PKCS12_GEN_MAC 107 | 283 | #define PKCS12_F_PKCS12_GEN_MAC 107 |
| 275 | #define PKCS12_F_PKCS12_I2D_ENCRYPT 108 | ||
| 276 | #define PKCS12_F_PKCS12_INIT 109 | 284 | #define PKCS12_F_PKCS12_INIT 109 |
| 285 | #define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106 | ||
| 286 | #define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108 | ||
| 287 | #define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117 | ||
| 277 | #define PKCS12_F_PKCS12_KEY_GEN_ASC 110 | 288 | #define PKCS12_F_PKCS12_KEY_GEN_ASC 110 |
| 278 | #define PKCS12_F_PKCS12_KEY_GEN_UNI 111 | 289 | #define PKCS12_F_PKCS12_KEY_GEN_UNI 111 |
| 279 | #define PKCS12_F_PKCS12_MAKE_KEYBAG 112 | 290 | #define PKCS12_F_PKCS12_MAKE_KEYBAG 112 |
| @@ -281,17 +292,16 @@ void ERR_load_PKCS12_strings(void); | |||
| 281 | #define PKCS12_F_PKCS12_NEWPASS 128 | 292 | #define PKCS12_F_PKCS12_NEWPASS 128 |
| 282 | #define PKCS12_F_PKCS12_PACK_P7DATA 114 | 293 | #define PKCS12_F_PKCS12_PACK_P7DATA 114 |
| 283 | #define PKCS12_F_PKCS12_PACK_P7ENCDATA 115 | 294 | #define PKCS12_F_PKCS12_PACK_P7ENCDATA 115 |
| 284 | #define PKCS12_F_PKCS12_PACK_SAFEBAG 117 | ||
| 285 | #define PKCS12_F_PKCS12_PARSE 118 | 295 | #define PKCS12_F_PKCS12_PARSE 118 |
| 286 | #define PKCS12_F_PKCS12_PBE_CRYPT 119 | 296 | #define PKCS12_F_PKCS12_PBE_CRYPT 119 |
| 287 | #define PKCS12_F_PKCS12_PBE_KEYIVGEN 120 | 297 | #define PKCS12_F_PKCS12_PBE_KEYIVGEN 120 |
| 288 | #define PKCS12_F_PKCS12_SETUP_MAC 122 | 298 | #define PKCS12_F_PKCS12_SETUP_MAC 122 |
| 289 | #define PKCS12_F_PKCS12_SET_MAC 123 | 299 | #define PKCS12_F_PKCS12_SET_MAC 123 |
| 290 | #define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 129 | 300 | #define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130 |
| 291 | #define PKCS12_F_PKCS12_UNPACK_P7DATA 130 | 301 | #define PKCS12_F_PKCS12_UNPACK_P7DATA 131 |
| 302 | #define PKCS12_F_PKCS12_VERIFY_MAC 126 | ||
| 292 | #define PKCS12_F_PKCS8_ADD_KEYUSAGE 124 | 303 | #define PKCS12_F_PKCS8_ADD_KEYUSAGE 124 |
| 293 | #define PKCS12_F_PKCS8_ENCRYPT 125 | 304 | #define PKCS12_F_PKCS8_ENCRYPT 125 |
| 294 | #define PKCS12_F_VERIFY_MAC 126 | ||
| 295 | 305 | ||
| 296 | /* Reason codes. */ | 306 | /* Reason codes. */ |
| 297 | #define PKCS12_R_CANT_PACK_STRUCTURE 100 | 307 | #define PKCS12_R_CANT_PACK_STRUCTURE 100 |
diff --git a/src/lib/libcrypto/pkcs7/bio_ber.c b/src/lib/libcrypto/pkcs7/bio_ber.c index 895a91177b..31973fcd1f 100644 --- a/src/lib/libcrypto/pkcs7/bio_ber.c +++ b/src/lib/libcrypto/pkcs7/bio_ber.c | |||
| @@ -204,7 +204,7 @@ int bio_ber_get_header(BIO *bio, BIO_BER_CTX *ctx) | |||
| 204 | if ((ctx->buf_len < BER_BUF_SIZE) && | 204 | if ((ctx->buf_len < BER_BUF_SIZE) && |
| 205 | (ERR_GET_REASON(ERR_peek_error()) == ASN1_R_TOO_LONG)) | 205 | (ERR_GET_REASON(ERR_peek_error()) == ASN1_R_TOO_LONG)) |
| 206 | { | 206 | { |
| 207 | ERR_get_error(); /* clear the error */ | 207 | ERR_clear_error(); /* clear the error */ |
| 208 | BIO_set_retry_read(b); | 208 | BIO_set_retry_read(b); |
| 209 | } | 209 | } |
| 210 | return(-1); | 210 | return(-1); |
diff --git a/src/lib/libcrypto/pkcs7/example.c b/src/lib/libcrypto/pkcs7/example.c index c993947cc3..2953d04b5c 100644 --- a/src/lib/libcrypto/pkcs7/example.c +++ b/src/lib/libcrypto/pkcs7/example.c | |||
| @@ -123,7 +123,7 @@ int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2) | |||
| 123 | so=PKCS7_get_signed_attribute(si,signed_seq2string_nid); | 123 | so=PKCS7_get_signed_attribute(si,signed_seq2string_nid); |
| 124 | if (so && (so->type == V_ASN1_SEQUENCE)) | 124 | if (so && (so->type == V_ASN1_SEQUENCE)) |
| 125 | { | 125 | { |
| 126 | ASN1_CTX c; | 126 | ASN1_const_CTX c; |
| 127 | ASN1_STRING *s; | 127 | ASN1_STRING *s; |
| 128 | long length; | 128 | long length; |
| 129 | ASN1_OCTET_STRING *os1,*os2; | 129 | ASN1_OCTET_STRING *os1,*os2; |
| @@ -144,7 +144,7 @@ int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2) | |||
| 144 | goto err; | 144 | goto err; |
| 145 | c.slen-=(c.p-c.q); | 145 | c.slen-=(c.p-c.q); |
| 146 | 146 | ||
| 147 | if (!asn1_Finish(&c)) goto err; | 147 | if (!asn1_const_Finish(&c)) goto err; |
| 148 | *str1=malloc(os1->length+1); | 148 | *str1=malloc(os1->length+1); |
| 149 | *str2=malloc(os2->length+1); | 149 | *str2=malloc(os2->length+1); |
| 150 | memcpy(*str1,os1->data,os1->length); | 150 | memcpy(*str1,os1->data,os1->length); |
| @@ -290,7 +290,7 @@ int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2) | |||
| 290 | so=PKCS7_get_signed_attribute(&si,signed_seq2string_nid); | 290 | so=PKCS7_get_signed_attribute(&si,signed_seq2string_nid); |
| 291 | if (so->type == V_ASN1_SEQUENCE) | 291 | if (so->type == V_ASN1_SEQUENCE) |
| 292 | { | 292 | { |
| 293 | ASN1_CTX c; | 293 | ASN1_const_CTX c; |
| 294 | ASN1_STRING *s; | 294 | ASN1_STRING *s; |
| 295 | long length; | 295 | long length; |
| 296 | ASN1_OCTET_STRING *os1,*os2; | 296 | ASN1_OCTET_STRING *os1,*os2; |
| @@ -311,7 +311,7 @@ int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2) | |||
| 311 | goto err; | 311 | goto err; |
| 312 | c.slen-=(c.p-c.q); | 312 | c.slen-=(c.p-c.q); |
| 313 | 313 | ||
| 314 | if (!asn1_Finish(&c)) goto err; | 314 | if (!asn1_const_Finish(&c)) goto err; |
| 315 | *str1=malloc(os1->length+1); | 315 | *str1=malloc(os1->length+1); |
| 316 | *str2=malloc(os2->length+1); | 316 | *str2=malloc(os2->length+1); |
| 317 | memcpy(*str1,os1->data,os1->length); | 317 | memcpy(*str1,os1->data,os1->length); |
diff --git a/src/lib/libcrypto/pkcs7/pk7_asn1.c b/src/lib/libcrypto/pkcs7/pk7_asn1.c index 46f0fc9375..77931feeb4 100644 --- a/src/lib/libcrypto/pkcs7/pk7_asn1.c +++ b/src/lib/libcrypto/pkcs7/pk7_asn1.c | |||
| @@ -69,30 +69,31 @@ | |||
| 69 | ASN1_ADB_TEMPLATE(p7default) = ASN1_EXP_OPT(PKCS7, d.other, ASN1_ANY, 0); | 69 | ASN1_ADB_TEMPLATE(p7default) = ASN1_EXP_OPT(PKCS7, d.other, ASN1_ANY, 0); |
| 70 | 70 | ||
| 71 | ASN1_ADB(PKCS7) = { | 71 | ASN1_ADB(PKCS7) = { |
| 72 | ADB_ENTRY(NID_pkcs7_data, ASN1_EXP_OPT(PKCS7, d.data, ASN1_OCTET_STRING, 0)), | 72 | ADB_ENTRY(NID_pkcs7_data, ASN1_NDEF_EXP_OPT(PKCS7, d.data, ASN1_OCTET_STRING_NDEF, 0)), |
| 73 | ADB_ENTRY(NID_pkcs7_signed, ASN1_EXP_OPT(PKCS7, d.sign, PKCS7_SIGNED, 0)), | 73 | ADB_ENTRY(NID_pkcs7_signed, ASN1_NDEF_EXP_OPT(PKCS7, d.sign, PKCS7_SIGNED, 0)), |
| 74 | ADB_ENTRY(NID_pkcs7_enveloped, ASN1_EXP_OPT(PKCS7, d.enveloped, PKCS7_ENVELOPE, 0)), | 74 | ADB_ENTRY(NID_pkcs7_enveloped, ASN1_NDEF_EXP_OPT(PKCS7, d.enveloped, PKCS7_ENVELOPE, 0)), |
| 75 | ADB_ENTRY(NID_pkcs7_signedAndEnveloped, ASN1_EXP_OPT(PKCS7, d.signed_and_enveloped, PKCS7_SIGN_ENVELOPE, 0)), | 75 | ADB_ENTRY(NID_pkcs7_signedAndEnveloped, ASN1_NDEF_EXP_OPT(PKCS7, d.signed_and_enveloped, PKCS7_SIGN_ENVELOPE, 0)), |
| 76 | ADB_ENTRY(NID_pkcs7_digest, ASN1_EXP_OPT(PKCS7, d.digest, PKCS7_DIGEST, 0)), | 76 | ADB_ENTRY(NID_pkcs7_digest, ASN1_NDEF_EXP_OPT(PKCS7, d.digest, PKCS7_DIGEST, 0)), |
| 77 | ADB_ENTRY(NID_pkcs7_encrypted, ASN1_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0)) | 77 | ADB_ENTRY(NID_pkcs7_encrypted, ASN1_NDEF_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0)) |
| 78 | } ASN1_ADB_END(PKCS7, 0, type, 0, &p7default_tt, NULL); | 78 | } ASN1_ADB_END(PKCS7, 0, type, 0, &p7default_tt, NULL); |
| 79 | 79 | ||
| 80 | ASN1_SEQUENCE(PKCS7) = { | 80 | ASN1_NDEF_SEQUENCE(PKCS7) = { |
| 81 | ASN1_SIMPLE(PKCS7, type, ASN1_OBJECT), | 81 | ASN1_SIMPLE(PKCS7, type, ASN1_OBJECT), |
| 82 | ASN1_ADB_OBJECT(PKCS7) | 82 | ASN1_ADB_OBJECT(PKCS7) |
| 83 | }ASN1_SEQUENCE_END(PKCS7) | 83 | }ASN1_NDEF_SEQUENCE_END(PKCS7) |
| 84 | 84 | ||
| 85 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7) | 85 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7) |
| 86 | IMPLEMENT_ASN1_NDEF_FUNCTION(PKCS7) | ||
| 86 | IMPLEMENT_ASN1_DUP_FUNCTION(PKCS7) | 87 | IMPLEMENT_ASN1_DUP_FUNCTION(PKCS7) |
| 87 | 88 | ||
| 88 | ASN1_SEQUENCE(PKCS7_SIGNED) = { | 89 | ASN1_NDEF_SEQUENCE(PKCS7_SIGNED) = { |
| 89 | ASN1_SIMPLE(PKCS7_SIGNED, version, ASN1_INTEGER), | 90 | ASN1_SIMPLE(PKCS7_SIGNED, version, ASN1_INTEGER), |
| 90 | ASN1_SET_OF(PKCS7_SIGNED, md_algs, X509_ALGOR), | 91 | ASN1_SET_OF(PKCS7_SIGNED, md_algs, X509_ALGOR), |
| 91 | ASN1_SIMPLE(PKCS7_SIGNED, contents, PKCS7), | 92 | ASN1_SIMPLE(PKCS7_SIGNED, contents, PKCS7), |
| 92 | ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNED, cert, X509, 0), | 93 | ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNED, cert, X509, 0), |
| 93 | ASN1_IMP_SET_OF_OPT(PKCS7_SIGNED, crl, X509_CRL, 1), | 94 | ASN1_IMP_SET_OF_OPT(PKCS7_SIGNED, crl, X509_CRL, 1), |
| 94 | ASN1_SET_OF(PKCS7_SIGNED, signer_info, PKCS7_SIGNER_INFO) | 95 | ASN1_SET_OF(PKCS7_SIGNED, signer_info, PKCS7_SIGNER_INFO) |
| 95 | } ASN1_SEQUENCE_END(PKCS7_SIGNED) | 96 | } ASN1_NDEF_SEQUENCE_END(PKCS7_SIGNED) |
| 96 | 97 | ||
| 97 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNED) | 98 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNED) |
| 98 | 99 | ||
| @@ -130,11 +131,11 @@ ASN1_SEQUENCE(PKCS7_ISSUER_AND_SERIAL) = { | |||
| 130 | 131 | ||
| 131 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL) | 132 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL) |
| 132 | 133 | ||
| 133 | ASN1_SEQUENCE(PKCS7_ENVELOPE) = { | 134 | ASN1_NDEF_SEQUENCE(PKCS7_ENVELOPE) = { |
| 134 | ASN1_SIMPLE(PKCS7_ENVELOPE, version, ASN1_INTEGER), | 135 | ASN1_SIMPLE(PKCS7_ENVELOPE, version, ASN1_INTEGER), |
| 135 | ASN1_SET_OF(PKCS7_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO), | 136 | ASN1_SET_OF(PKCS7_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO), |
| 136 | ASN1_SIMPLE(PKCS7_ENVELOPE, enc_data, PKCS7_ENC_CONTENT) | 137 | ASN1_SIMPLE(PKCS7_ENVELOPE, enc_data, PKCS7_ENC_CONTENT) |
| 137 | } ASN1_SEQUENCE_END(PKCS7_ENVELOPE) | 138 | } ASN1_NDEF_SEQUENCE_END(PKCS7_ENVELOPE) |
| 138 | 139 | ||
| 139 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENVELOPE) | 140 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENVELOPE) |
| 140 | 141 | ||
| @@ -157,15 +158,15 @@ ASN1_SEQUENCE_cb(PKCS7_RECIP_INFO, ri_cb) = { | |||
| 157 | 158 | ||
| 158 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_RECIP_INFO) | 159 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_RECIP_INFO) |
| 159 | 160 | ||
| 160 | ASN1_SEQUENCE(PKCS7_ENC_CONTENT) = { | 161 | ASN1_NDEF_SEQUENCE(PKCS7_ENC_CONTENT) = { |
| 161 | ASN1_SIMPLE(PKCS7_ENC_CONTENT, content_type, ASN1_OBJECT), | 162 | ASN1_SIMPLE(PKCS7_ENC_CONTENT, content_type, ASN1_OBJECT), |
| 162 | ASN1_SIMPLE(PKCS7_ENC_CONTENT, algorithm, X509_ALGOR), | 163 | ASN1_SIMPLE(PKCS7_ENC_CONTENT, algorithm, X509_ALGOR), |
| 163 | ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING, 0) | 164 | ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING, 0) |
| 164 | } ASN1_SEQUENCE_END(PKCS7_ENC_CONTENT) | 165 | } ASN1_NDEF_SEQUENCE_END(PKCS7_ENC_CONTENT) |
| 165 | 166 | ||
| 166 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT) | 167 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT) |
| 167 | 168 | ||
| 168 | ASN1_SEQUENCE(PKCS7_SIGN_ENVELOPE) = { | 169 | ASN1_NDEF_SEQUENCE(PKCS7_SIGN_ENVELOPE) = { |
| 169 | ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, version, ASN1_INTEGER), | 170 | ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, version, ASN1_INTEGER), |
| 170 | ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO), | 171 | ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO), |
| 171 | ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, md_algs, X509_ALGOR), | 172 | ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, md_algs, X509_ALGOR), |
| @@ -173,23 +174,23 @@ ASN1_SEQUENCE(PKCS7_SIGN_ENVELOPE) = { | |||
| 173 | ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, cert, X509, 0), | 174 | ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, cert, X509, 0), |
| 174 | ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, crl, X509_CRL, 1), | 175 | ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, crl, X509_CRL, 1), |
| 175 | ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, signer_info, PKCS7_SIGNER_INFO) | 176 | ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, signer_info, PKCS7_SIGNER_INFO) |
| 176 | } ASN1_SEQUENCE_END(PKCS7_SIGN_ENVELOPE) | 177 | } ASN1_NDEF_SEQUENCE_END(PKCS7_SIGN_ENVELOPE) |
| 177 | 178 | ||
| 178 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE) | 179 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE) |
| 179 | 180 | ||
| 180 | ASN1_SEQUENCE(PKCS7_ENCRYPT) = { | 181 | ASN1_NDEF_SEQUENCE(PKCS7_ENCRYPT) = { |
| 181 | ASN1_SIMPLE(PKCS7_ENCRYPT, version, ASN1_INTEGER), | 182 | ASN1_SIMPLE(PKCS7_ENCRYPT, version, ASN1_INTEGER), |
| 182 | ASN1_SIMPLE(PKCS7_ENCRYPT, enc_data, PKCS7_ENC_CONTENT) | 183 | ASN1_SIMPLE(PKCS7_ENCRYPT, enc_data, PKCS7_ENC_CONTENT) |
| 183 | } ASN1_SEQUENCE_END(PKCS7_ENCRYPT) | 184 | } ASN1_NDEF_SEQUENCE_END(PKCS7_ENCRYPT) |
| 184 | 185 | ||
| 185 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENCRYPT) | 186 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENCRYPT) |
| 186 | 187 | ||
| 187 | ASN1_SEQUENCE(PKCS7_DIGEST) = { | 188 | ASN1_NDEF_SEQUENCE(PKCS7_DIGEST) = { |
| 188 | ASN1_SIMPLE(PKCS7_DIGEST, version, ASN1_INTEGER), | 189 | ASN1_SIMPLE(PKCS7_DIGEST, version, ASN1_INTEGER), |
| 189 | ASN1_SIMPLE(PKCS7_DIGEST, md, X509_ALGOR), | 190 | ASN1_SIMPLE(PKCS7_DIGEST, md, X509_ALGOR), |
| 190 | ASN1_SIMPLE(PKCS7_DIGEST, contents, PKCS7), | 191 | ASN1_SIMPLE(PKCS7_DIGEST, contents, PKCS7), |
| 191 | ASN1_SIMPLE(PKCS7_DIGEST, digest, ASN1_OCTET_STRING) | 192 | ASN1_SIMPLE(PKCS7_DIGEST, digest, ASN1_OCTET_STRING) |
| 192 | } ASN1_SEQUENCE_END(PKCS7_DIGEST) | 193 | } ASN1_NDEF_SEQUENCE_END(PKCS7_DIGEST) |
| 193 | 194 | ||
| 194 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_DIGEST) | 195 | IMPLEMENT_ASN1_FUNCTIONS(PKCS7_DIGEST) |
| 195 | 196 | ||
diff --git a/src/lib/libcrypto/pkcs7/pk7_attr.c b/src/lib/libcrypto/pkcs7/pk7_attr.c index 039141027a..735c8800e1 100644 --- a/src/lib/libcrypto/pkcs7/pk7_attr.c +++ b/src/lib/libcrypto/pkcs7/pk7_attr.c | |||
| @@ -96,7 +96,8 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap) | |||
| 96 | STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si) | 96 | STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si) |
| 97 | { | 97 | { |
| 98 | ASN1_TYPE *cap; | 98 | ASN1_TYPE *cap; |
| 99 | unsigned char *p; | 99 | const unsigned char *p; |
| 100 | |||
| 100 | cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities); | 101 | cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities); |
| 101 | if (!cap || (cap->type != V_ASN1_SEQUENCE)) | 102 | if (!cap || (cap->type != V_ASN1_SEQUENCE)) |
| 102 | return NULL; | 103 | return NULL; |
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c index 4ac29ae14d..a03d7ebedf 100644 --- a/src/lib/libcrypto/pkcs7/pk7_doit.c +++ b/src/lib/libcrypto/pkcs7/pk7_doit.c | |||
| @@ -62,6 +62,7 @@ | |||
| 62 | #include <openssl/objects.h> | 62 | #include <openssl/objects.h> |
| 63 | #include <openssl/x509.h> | 63 | #include <openssl/x509.h> |
| 64 | #include <openssl/x509v3.h> | 64 | #include <openssl/x509v3.h> |
| 65 | #include <openssl/err.h> | ||
| 65 | 66 | ||
| 66 | static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, | 67 | static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, |
| 67 | void *value); | 68 | void *value); |
| @@ -101,18 +102,54 @@ static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7) | |||
| 101 | return NULL; | 102 | return NULL; |
| 102 | } | 103 | } |
| 103 | 104 | ||
| 105 | static int PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg) | ||
| 106 | { | ||
| 107 | BIO *btmp; | ||
| 108 | const EVP_MD *md; | ||
| 109 | if ((btmp=BIO_new(BIO_f_md())) == NULL) | ||
| 110 | { | ||
| 111 | PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST,ERR_R_BIO_LIB); | ||
| 112 | goto err; | ||
| 113 | } | ||
| 114 | |||
| 115 | md=EVP_get_digestbyobj(alg->algorithm); | ||
| 116 | if (md == NULL) | ||
| 117 | { | ||
| 118 | PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST,PKCS7_R_UNKNOWN_DIGEST_TYPE); | ||
| 119 | goto err; | ||
| 120 | } | ||
| 121 | |||
| 122 | BIO_set_md(btmp,md); | ||
| 123 | if (*pbio == NULL) | ||
| 124 | *pbio=btmp; | ||
| 125 | else if (!BIO_push(*pbio,btmp)) | ||
| 126 | { | ||
| 127 | PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST,ERR_R_BIO_LIB); | ||
| 128 | goto err; | ||
| 129 | } | ||
| 130 | btmp=NULL; | ||
| 131 | |||
| 132 | return 1; | ||
| 133 | |||
| 134 | err: | ||
| 135 | if (btmp) | ||
| 136 | BIO_free(btmp); | ||
| 137 | return 0; | ||
| 138 | |||
| 139 | } | ||
| 140 | |||
| 104 | BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) | 141 | BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) |
| 105 | { | 142 | { |
| 106 | int i; | 143 | int i; |
| 107 | BIO *out=NULL,*btmp=NULL; | 144 | BIO *out=NULL,*btmp=NULL; |
| 108 | X509_ALGOR *xa; | 145 | X509_ALGOR *xa = NULL; |
| 109 | const EVP_MD *evp_md; | ||
| 110 | const EVP_CIPHER *evp_cipher=NULL; | 146 | const EVP_CIPHER *evp_cipher=NULL; |
| 111 | STACK_OF(X509_ALGOR) *md_sk=NULL; | 147 | STACK_OF(X509_ALGOR) *md_sk=NULL; |
| 112 | STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL; | 148 | STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL; |
| 113 | X509_ALGOR *xalg=NULL; | 149 | X509_ALGOR *xalg=NULL; |
| 114 | PKCS7_RECIP_INFO *ri=NULL; | 150 | PKCS7_RECIP_INFO *ri=NULL; |
| 115 | EVP_PKEY *pkey; | 151 | EVP_PKEY *pkey; |
| 152 | ASN1_OCTET_STRING *os=NULL; | ||
| 116 | 153 | ||
| 117 | i=OBJ_obj2nid(p7->type); | 154 | i=OBJ_obj2nid(p7->type); |
| 118 | p7->state=PKCS7_S_HEADER; | 155 | p7->state=PKCS7_S_HEADER; |
| @@ -121,6 +158,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) | |||
| 121 | { | 158 | { |
| 122 | case NID_pkcs7_signed: | 159 | case NID_pkcs7_signed: |
| 123 | md_sk=p7->d.sign->md_algs; | 160 | md_sk=p7->d.sign->md_algs; |
| 161 | os = PKCS7_get_octet_string(p7->d.sign->contents); | ||
| 124 | break; | 162 | break; |
| 125 | case NID_pkcs7_signedAndEnveloped: | 163 | case NID_pkcs7_signedAndEnveloped: |
| 126 | rsk=p7->d.signed_and_enveloped->recipientinfo; | 164 | rsk=p7->d.signed_and_enveloped->recipientinfo; |
| @@ -145,37 +183,21 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) | |||
| 145 | goto err; | 183 | goto err; |
| 146 | } | 184 | } |
| 147 | break; | 185 | break; |
| 186 | case NID_pkcs7_digest: | ||
| 187 | xa = p7->d.digest->md; | ||
| 188 | os = PKCS7_get_octet_string(p7->d.digest->contents); | ||
| 189 | break; | ||
| 148 | default: | 190 | default: |
| 149 | PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); | 191 | PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); |
| 150 | goto err; | 192 | goto err; |
| 151 | } | 193 | } |
| 152 | 194 | ||
| 153 | if (md_sk != NULL) | 195 | for (i=0; i<sk_X509_ALGOR_num(md_sk); i++) |
| 154 | { | 196 | if (!PKCS7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i))) |
| 155 | for (i=0; i<sk_X509_ALGOR_num(md_sk); i++) | 197 | goto err; |
| 156 | { | ||
| 157 | xa=sk_X509_ALGOR_value(md_sk,i); | ||
| 158 | if ((btmp=BIO_new(BIO_f_md())) == NULL) | ||
| 159 | { | ||
| 160 | PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_BIO_LIB); | ||
| 161 | goto err; | ||
| 162 | } | ||
| 163 | |||
| 164 | evp_md=EVP_get_digestbyobj(xa->algorithm); | ||
| 165 | if (evp_md == NULL) | ||
| 166 | { | ||
| 167 | PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE); | ||
| 168 | goto err; | ||
| 169 | } | ||
| 170 | 198 | ||
| 171 | BIO_set_md(btmp,evp_md); | 199 | if (xa && !PKCS7_bio_add_digest(&out, xa)) |
| 172 | if (out == NULL) | 200 | goto err; |
| 173 | out=btmp; | ||
| 174 | else | ||
| 175 | BIO_push(out,btmp); | ||
| 176 | btmp=NULL; | ||
| 177 | } | ||
| 178 | } | ||
| 179 | 201 | ||
| 180 | if (evp_cipher != NULL) | 202 | if (evp_cipher != NULL) |
| 181 | { | 203 | { |
| @@ -194,17 +216,25 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) | |||
| 194 | BIO_get_cipher_ctx(btmp, &ctx); | 216 | BIO_get_cipher_ctx(btmp, &ctx); |
| 195 | keylen=EVP_CIPHER_key_length(evp_cipher); | 217 | keylen=EVP_CIPHER_key_length(evp_cipher); |
| 196 | ivlen=EVP_CIPHER_iv_length(evp_cipher); | 218 | ivlen=EVP_CIPHER_iv_length(evp_cipher); |
| 197 | if (RAND_bytes(key,keylen) <= 0) | ||
| 198 | goto err; | ||
| 199 | xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher)); | 219 | xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher)); |
| 200 | if (ivlen > 0) RAND_pseudo_bytes(iv,ivlen); | 220 | if (ivlen > 0) |
| 201 | EVP_CipherInit_ex(ctx, evp_cipher, NULL, key, iv, 1); | 221 | if (RAND_pseudo_bytes(iv,ivlen) <= 0) |
| 222 | goto err; | ||
| 223 | if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1)<=0) | ||
| 224 | goto err; | ||
| 225 | if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) | ||
| 226 | goto err; | ||
| 227 | if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0) | ||
| 228 | goto err; | ||
| 202 | 229 | ||
| 203 | if (ivlen > 0) { | 230 | if (ivlen > 0) { |
| 204 | if (xalg->parameter == NULL) | 231 | if (xalg->parameter == NULL) { |
| 205 | xalg->parameter=ASN1_TYPE_new(); | 232 | xalg->parameter = ASN1_TYPE_new(); |
| 233 | if (xalg->parameter == NULL) | ||
| 234 | goto err; | ||
| 235 | } | ||
| 206 | if(EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0) | 236 | if(EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0) |
| 207 | goto err; | 237 | goto err; |
| 208 | } | 238 | } |
| 209 | 239 | ||
| 210 | /* Lets do the pub key stuff :-) */ | 240 | /* Lets do the pub key stuff :-) */ |
| @@ -217,7 +247,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) | |||
| 217 | PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_MISSING_CERIPEND_INFO); | 247 | PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_MISSING_CERIPEND_INFO); |
| 218 | goto err; | 248 | goto err; |
| 219 | } | 249 | } |
| 220 | pkey=X509_get_pubkey(ri->cert); | 250 | if ((pkey=X509_get_pubkey(ri->cert)) == NULL) |
| 251 | goto err; | ||
| 221 | jj=EVP_PKEY_size(pkey); | 252 | jj=EVP_PKEY_size(pkey); |
| 222 | EVP_PKEY_free(pkey); | 253 | EVP_PKEY_free(pkey); |
| 223 | if (max < jj) max=jj; | 254 | if (max < jj) max=jj; |
| @@ -230,7 +261,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) | |||
| 230 | for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++) | 261 | for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++) |
| 231 | { | 262 | { |
| 232 | ri=sk_PKCS7_RECIP_INFO_value(rsk,i); | 263 | ri=sk_PKCS7_RECIP_INFO_value(rsk,i); |
| 233 | pkey=X509_get_pubkey(ri->cert); | 264 | if ((pkey=X509_get_pubkey(ri->cert)) == NULL) |
| 265 | goto err; | ||
| 234 | jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey); | 266 | jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey); |
| 235 | EVP_PKEY_free(pkey); | 267 | EVP_PKEY_free(pkey); |
| 236 | if (jj <= 0) | 268 | if (jj <= 0) |
| @@ -261,24 +293,16 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) | |||
| 261 | { | 293 | { |
| 262 | if (PKCS7_is_detached(p7)) | 294 | if (PKCS7_is_detached(p7)) |
| 263 | bio=BIO_new(BIO_s_null()); | 295 | bio=BIO_new(BIO_s_null()); |
| 264 | else | 296 | else if (os && os->length > 0) |
| 297 | bio = BIO_new_mem_buf(os->data, os->length); | ||
| 298 | if(bio == NULL) | ||
| 265 | { | 299 | { |
| 266 | if (PKCS7_type_is_signed(p7)) | 300 | bio=BIO_new(BIO_s_mem()); |
| 267 | { | 301 | if (bio == NULL) |
| 268 | ASN1_OCTET_STRING *os; | 302 | goto err; |
| 269 | os = PKCS7_get_octet_string( | 303 | BIO_set_mem_eof_return(bio,0); |
| 270 | p7->d.sign->contents); | ||
| 271 | if (os && os->length > 0) | ||
| 272 | bio = BIO_new_mem_buf(os->data, | ||
| 273 | os->length); | ||
| 274 | } | ||
| 275 | if(bio == NULL) | ||
| 276 | { | ||
| 277 | bio=BIO_new(BIO_s_mem()); | ||
| 278 | BIO_set_mem_eof_return(bio,0); | ||
| 279 | } | ||
| 280 | } | 304 | } |
| 281 | } | 305 | } |
| 282 | BIO_push(out,bio); | 306 | BIO_push(out,bio); |
| 283 | bio=NULL; | 307 | bio=NULL; |
| 284 | if (0) | 308 | if (0) |
| @@ -293,6 +317,17 @@ err: | |||
| 293 | return(out); | 317 | return(out); |
| 294 | } | 318 | } |
| 295 | 319 | ||
| 320 | static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert) | ||
| 321 | { | ||
| 322 | int ret; | ||
| 323 | ret = X509_NAME_cmp(ri->issuer_and_serial->issuer, | ||
| 324 | pcert->cert_info->issuer); | ||
| 325 | if (ret) | ||
| 326 | return ret; | ||
| 327 | return M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber, | ||
| 328 | ri->issuer_and_serial->serial); | ||
| 329 | } | ||
| 330 | |||
| 296 | /* int */ | 331 | /* int */ |
| 297 | BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) | 332 | BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) |
| 298 | { | 333 | { |
| @@ -403,18 +438,18 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) | |||
| 403 | * (if any) | 438 | * (if any) |
| 404 | */ | 439 | */ |
| 405 | 440 | ||
| 406 | for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++) { | 441 | if (pcert) { |
| 407 | ri=sk_PKCS7_RECIP_INFO_value(rsk,i); | 442 | for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++) { |
| 408 | if(!X509_NAME_cmp(ri->issuer_and_serial->issuer, | 443 | ri=sk_PKCS7_RECIP_INFO_value(rsk,i); |
| 409 | pcert->cert_info->issuer) && | 444 | if (!pkcs7_cmp_ri(ri, pcert)) |
| 410 | !M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber, | 445 | break; |
| 411 | ri->issuer_and_serial->serial)) break; | 446 | ri=NULL; |
| 412 | ri=NULL; | 447 | } |
| 413 | } | 448 | if (ri == NULL) { |
| 414 | if (ri == NULL) { | 449 | PKCS7err(PKCS7_F_PKCS7_DATADECODE, |
| 415 | PKCS7err(PKCS7_F_PKCS7_DATADECODE, | 450 | PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE); |
| 416 | PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE); | 451 | goto err; |
| 417 | goto err; | 452 | } |
| 418 | } | 453 | } |
| 419 | 454 | ||
| 420 | jj=EVP_PKEY_size(pkey); | 455 | jj=EVP_PKEY_size(pkey); |
| @@ -425,17 +460,46 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) | |||
| 425 | goto err; | 460 | goto err; |
| 426 | } | 461 | } |
| 427 | 462 | ||
| 428 | jj=EVP_PKEY_decrypt(tmp, M_ASN1_STRING_data(ri->enc_key), | 463 | /* If we haven't got a certificate try each ri in turn */ |
| 429 | M_ASN1_STRING_length(ri->enc_key), pkey); | 464 | |
| 430 | if (jj <= 0) | 465 | if (pcert == NULL) |
| 431 | { | 466 | { |
| 432 | PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_EVP_LIB); | 467 | for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++) |
| 433 | goto err; | 468 | { |
| 469 | ri=sk_PKCS7_RECIP_INFO_value(rsk,i); | ||
| 470 | jj=EVP_PKEY_decrypt(tmp, | ||
| 471 | M_ASN1_STRING_data(ri->enc_key), | ||
| 472 | M_ASN1_STRING_length(ri->enc_key), | ||
| 473 | pkey); | ||
| 474 | if (jj > 0) | ||
| 475 | break; | ||
| 476 | ERR_clear_error(); | ||
| 477 | ri = NULL; | ||
| 478 | } | ||
| 479 | if (ri == NULL) | ||
| 480 | { | ||
| 481 | PKCS7err(PKCS7_F_PKCS7_DATADECODE, | ||
| 482 | PKCS7_R_NO_RECIPIENT_MATCHES_KEY); | ||
| 483 | goto err; | ||
| 484 | } | ||
| 485 | } | ||
| 486 | else | ||
| 487 | { | ||
| 488 | jj=EVP_PKEY_decrypt(tmp, | ||
| 489 | M_ASN1_STRING_data(ri->enc_key), | ||
| 490 | M_ASN1_STRING_length(ri->enc_key), pkey); | ||
| 491 | if (jj <= 0) | ||
| 492 | { | ||
| 493 | PKCS7err(PKCS7_F_PKCS7_DATADECODE, | ||
| 494 | ERR_R_EVP_LIB); | ||
| 495 | goto err; | ||
| 496 | } | ||
| 434 | } | 497 | } |
| 435 | 498 | ||
| 436 | evp_ctx=NULL; | 499 | evp_ctx=NULL; |
| 437 | BIO_get_cipher_ctx(etmp,&evp_ctx); | 500 | BIO_get_cipher_ctx(etmp,&evp_ctx); |
| 438 | EVP_CipherInit_ex(evp_ctx,evp_cipher,NULL,NULL,NULL,0); | 501 | if (EVP_CipherInit_ex(evp_ctx,evp_cipher,NULL,NULL,NULL,0) <= 0) |
| 502 | goto err; | ||
| 439 | if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0) | 503 | if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0) |
| 440 | goto err; | 504 | goto err; |
| 441 | 505 | ||
| @@ -451,7 +515,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) | |||
| 451 | goto err; | 515 | goto err; |
| 452 | } | 516 | } |
| 453 | } | 517 | } |
| 454 | EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0); | 518 | if (EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0) <= 0) |
| 519 | goto err; | ||
| 455 | 520 | ||
| 456 | OPENSSL_cleanse(tmp,jj); | 521 | OPENSSL_cleanse(tmp,jj); |
| 457 | 522 | ||
| @@ -485,6 +550,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) | |||
| 485 | bio=BIO_new(BIO_s_mem()); | 550 | bio=BIO_new(BIO_s_mem()); |
| 486 | BIO_set_mem_eof_return(bio,0); | 551 | BIO_set_mem_eof_return(bio,0); |
| 487 | } | 552 | } |
| 553 | if (bio == NULL) | ||
| 554 | goto err; | ||
| 488 | #endif | 555 | #endif |
| 489 | } | 556 | } |
| 490 | BIO_push(out,bio); | 557 | BIO_push(out,bio); |
| @@ -504,6 +571,29 @@ err: | |||
| 504 | return(out); | 571 | return(out); |
| 505 | } | 572 | } |
| 506 | 573 | ||
| 574 | static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid) | ||
| 575 | { | ||
| 576 | for (;;) | ||
| 577 | { | ||
| 578 | bio=BIO_find_type(bio,BIO_TYPE_MD); | ||
| 579 | if (bio == NULL) | ||
| 580 | { | ||
| 581 | PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); | ||
| 582 | return NULL; | ||
| 583 | } | ||
| 584 | BIO_get_md_ctx(bio,pmd); | ||
| 585 | if (*pmd == NULL) | ||
| 586 | { | ||
| 587 | PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,ERR_R_INTERNAL_ERROR); | ||
| 588 | return NULL; | ||
| 589 | } | ||
| 590 | if (EVP_MD_CTX_type(*pmd) == nid) | ||
| 591 | return bio; | ||
| 592 | bio=BIO_next(bio); | ||
| 593 | } | ||
| 594 | return NULL; | ||
| 595 | } | ||
| 596 | |||
| 507 | int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) | 597 | int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) |
| 508 | { | 598 | { |
| 509 | int ret=0; | 599 | int ret=0; |
| @@ -528,7 +618,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) | |||
| 528 | si_sk=p7->d.signed_and_enveloped->signer_info; | 618 | si_sk=p7->d.signed_and_enveloped->signer_info; |
| 529 | if (!(os=M_ASN1_OCTET_STRING_new())) | 619 | if (!(os=M_ASN1_OCTET_STRING_new())) |
| 530 | { | 620 | { |
| 531 | PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_MALLOC_FAILURE); | 621 | PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE); |
| 532 | goto err; | 622 | goto err; |
| 533 | } | 623 | } |
| 534 | p7->d.signed_and_enveloped->enc_data->enc_data=os; | 624 | p7->d.signed_and_enveloped->enc_data->enc_data=os; |
| @@ -537,7 +627,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) | |||
| 537 | /* XXXXXXXXXXXXXXXX */ | 627 | /* XXXXXXXXXXXXXXXX */ |
| 538 | if (!(os=M_ASN1_OCTET_STRING_new())) | 628 | if (!(os=M_ASN1_OCTET_STRING_new())) |
| 539 | { | 629 | { |
| 540 | PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_MALLOC_FAILURE); | 630 | PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE); |
| 541 | goto err; | 631 | goto err; |
| 542 | } | 632 | } |
| 543 | p7->d.enveloped->enc_data->enc_data=os; | 633 | p7->d.enveloped->enc_data->enc_data=os; |
| @@ -551,13 +641,24 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) | |||
| 551 | p7->d.sign->contents->d.data = NULL; | 641 | p7->d.sign->contents->d.data = NULL; |
| 552 | } | 642 | } |
| 553 | break; | 643 | break; |
| 644 | |||
| 645 | case NID_pkcs7_digest: | ||
| 646 | os=PKCS7_get_octet_string(p7->d.digest->contents); | ||
| 647 | /* If detached data then the content is excluded */ | ||
| 648 | if(PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) | ||
| 649 | { | ||
| 650 | M_ASN1_OCTET_STRING_free(os); | ||
| 651 | p7->d.digest->contents->d.data = NULL; | ||
| 652 | } | ||
| 653 | break; | ||
| 654 | |||
| 554 | } | 655 | } |
| 555 | 656 | ||
| 556 | if (si_sk != NULL) | 657 | if (si_sk != NULL) |
| 557 | { | 658 | { |
| 558 | if ((buf=BUF_MEM_new()) == NULL) | 659 | if ((buf=BUF_MEM_new()) == NULL) |
| 559 | { | 660 | { |
| 560 | PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB); | 661 | PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_BIO_LIB); |
| 561 | goto err; | 662 | goto err; |
| 562 | } | 663 | } |
| 563 | for (i=0; i<sk_PKCS7_SIGNER_INFO_num(si_sk); i++) | 664 | for (i=0; i<sk_PKCS7_SIGNER_INFO_num(si_sk); i++) |
| @@ -568,32 +669,18 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) | |||
| 568 | j=OBJ_obj2nid(si->digest_alg->algorithm); | 669 | j=OBJ_obj2nid(si->digest_alg->algorithm); |
| 569 | 670 | ||
| 570 | btmp=bio; | 671 | btmp=bio; |
| 571 | for (;;) | 672 | |
| 572 | { | 673 | btmp = PKCS7_find_digest(&mdc, btmp, j); |
| 573 | if ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) | 674 | |
| 574 | == NULL) | 675 | if (btmp == NULL) |
| 575 | { | 676 | goto err; |
| 576 | PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); | 677 | |
| 577 | goto err; | ||
| 578 | } | ||
| 579 | BIO_get_md_ctx(btmp,&mdc); | ||
| 580 | if (mdc == NULL) | ||
| 581 | { | ||
| 582 | PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_INTERNAL_ERROR); | ||
| 583 | goto err; | ||
| 584 | } | ||
| 585 | if (EVP_MD_CTX_type(mdc) == j) | ||
| 586 | break; | ||
| 587 | else | ||
| 588 | btmp=BIO_next(btmp); | ||
| 589 | } | ||
| 590 | |||
| 591 | /* We now have the EVP_MD_CTX, lets do the | 678 | /* We now have the EVP_MD_CTX, lets do the |
| 592 | * signing. */ | 679 | * signing. */ |
| 593 | EVP_MD_CTX_copy_ex(&ctx_tmp,mdc); | 680 | EVP_MD_CTX_copy_ex(&ctx_tmp,mdc); |
| 594 | if (!BUF_MEM_grow_clean(buf,EVP_PKEY_size(si->pkey))) | 681 | if (!BUF_MEM_grow_clean(buf,EVP_PKEY_size(si->pkey))) |
| 595 | { | 682 | { |
| 596 | PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB); | 683 | PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_BIO_LIB); |
| 597 | goto err; | 684 | goto err; |
| 598 | } | 685 | } |
| 599 | 686 | ||
| @@ -615,13 +702,17 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) | |||
| 615 | { | 702 | { |
| 616 | if (!(sign_time=X509_gmtime_adj(NULL,0))) | 703 | if (!(sign_time=X509_gmtime_adj(NULL,0))) |
| 617 | { | 704 | { |
| 618 | PKCS7err(PKCS7_F_PKCS7_DATASIGN, | 705 | PKCS7err(PKCS7_F_PKCS7_DATAFINAL, |
| 619 | ERR_R_MALLOC_FAILURE); | 706 | ERR_R_MALLOC_FAILURE); |
| 620 | goto err; | 707 | goto err; |
| 621 | } | 708 | } |
| 622 | PKCS7_add_signed_attribute(si, | 709 | if (!PKCS7_add_signed_attribute(si, |
| 623 | NID_pkcs9_signingTime, | 710 | NID_pkcs9_signingTime, |
| 624 | V_ASN1_UTCTIME,sign_time); | 711 | V_ASN1_UTCTIME,sign_time)) |
| 712 | { | ||
| 713 | M_ASN1_UTCTIME_free(sign_time); | ||
| 714 | goto err; | ||
| 715 | } | ||
| 625 | } | 716 | } |
| 626 | 717 | ||
| 627 | /* Add digest */ | 718 | /* Add digest */ |
| @@ -629,20 +720,25 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) | |||
| 629 | EVP_DigestFinal_ex(&ctx_tmp,md_data,&md_len); | 720 | EVP_DigestFinal_ex(&ctx_tmp,md_data,&md_len); |
| 630 | if (!(digest=M_ASN1_OCTET_STRING_new())) | 721 | if (!(digest=M_ASN1_OCTET_STRING_new())) |
| 631 | { | 722 | { |
| 632 | PKCS7err(PKCS7_F_PKCS7_DATASIGN, | 723 | PKCS7err(PKCS7_F_PKCS7_DATAFINAL, |
| 633 | ERR_R_MALLOC_FAILURE); | 724 | ERR_R_MALLOC_FAILURE); |
| 634 | goto err; | 725 | goto err; |
| 635 | } | 726 | } |
| 636 | if (!M_ASN1_OCTET_STRING_set(digest,md_data, | 727 | if (!M_ASN1_OCTET_STRING_set(digest,md_data, |
| 637 | md_len)) | 728 | md_len)) |
| 638 | { | 729 | { |
| 639 | PKCS7err(PKCS7_F_PKCS7_DATASIGN, | 730 | PKCS7err(PKCS7_F_PKCS7_DATAFINAL, |
| 640 | ERR_R_MALLOC_FAILURE); | 731 | ERR_R_MALLOC_FAILURE); |
| 732 | M_ASN1_OCTET_STRING_free(digest); | ||
| 641 | goto err; | 733 | goto err; |
| 642 | } | 734 | } |
| 643 | PKCS7_add_signed_attribute(si, | 735 | if (!PKCS7_add_signed_attribute(si, |
| 644 | NID_pkcs9_messageDigest, | 736 | NID_pkcs9_messageDigest, |
| 645 | V_ASN1_OCTET_STRING,digest); | 737 | V_ASN1_OCTET_STRING,digest)) |
| 738 | { | ||
| 739 | M_ASN1_OCTET_STRING_free(digest); | ||
| 740 | goto err; | ||
| 741 | } | ||
| 646 | 742 | ||
| 647 | /* Now sign the attributes */ | 743 | /* Now sign the attributes */ |
| 648 | EVP_SignInit_ex(&ctx_tmp,md_tmp,NULL); | 744 | EVP_SignInit_ex(&ctx_tmp,md_tmp,NULL); |
| @@ -657,28 +753,42 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) | |||
| 657 | if (si->pkey->type == EVP_PKEY_DSA) | 753 | if (si->pkey->type == EVP_PKEY_DSA) |
| 658 | ctx_tmp.digest=EVP_dss1(); | 754 | ctx_tmp.digest=EVP_dss1(); |
| 659 | #endif | 755 | #endif |
| 756 | #ifndef OPENSSL_NO_ECDSA | ||
| 757 | if (si->pkey->type == EVP_PKEY_EC) | ||
| 758 | ctx_tmp.digest=EVP_ecdsa(); | ||
| 759 | #endif | ||
| 660 | 760 | ||
| 661 | if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data, | 761 | if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data, |
| 662 | (unsigned int *)&buf->length,si->pkey)) | 762 | (unsigned int *)&buf->length,si->pkey)) |
| 663 | { | 763 | { |
| 664 | PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_EVP_LIB); | 764 | PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_EVP_LIB); |
| 665 | goto err; | 765 | goto err; |
| 666 | } | 766 | } |
| 667 | if (!ASN1_STRING_set(si->enc_digest, | 767 | if (!ASN1_STRING_set(si->enc_digest, |
| 668 | (unsigned char *)buf->data,buf->length)) | 768 | (unsigned char *)buf->data,buf->length)) |
| 669 | { | 769 | { |
| 670 | PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_ASN1_LIB); | 770 | PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_ASN1_LIB); |
| 671 | goto err; | 771 | goto err; |
| 672 | } | 772 | } |
| 673 | } | 773 | } |
| 674 | } | 774 | } |
| 775 | else if (i == NID_pkcs7_digest) | ||
| 776 | { | ||
| 777 | unsigned char md_data[EVP_MAX_MD_SIZE]; | ||
| 778 | unsigned int md_len; | ||
| 779 | if (!PKCS7_find_digest(&mdc, bio, | ||
| 780 | OBJ_obj2nid(p7->d.digest->md->algorithm))) | ||
| 781 | goto err; | ||
| 782 | EVP_DigestFinal_ex(mdc,md_data,&md_len); | ||
| 783 | M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len); | ||
| 784 | } | ||
| 675 | 785 | ||
| 676 | if (!PKCS7_is_detached(p7)) | 786 | if (!PKCS7_is_detached(p7)) |
| 677 | { | 787 | { |
| 678 | btmp=BIO_find_type(bio,BIO_TYPE_MEM); | 788 | btmp=BIO_find_type(bio,BIO_TYPE_MEM); |
| 679 | if (btmp == NULL) | 789 | if (btmp == NULL) |
| 680 | { | 790 | { |
| 681 | PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MEM_BIO); | 791 | PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MEM_BIO); |
| 682 | goto err; | 792 | goto err; |
| 683 | } | 793 | } |
| 684 | BIO_get_mem_ptr(btmp,&buf_mem); | 794 | BIO_get_mem_ptr(btmp,&buf_mem); |
| @@ -859,6 +969,9 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n"); | |||
| 859 | #ifndef OPENSSL_NO_DSA | 969 | #ifndef OPENSSL_NO_DSA |
| 860 | if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1(); | 970 | if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1(); |
| 861 | #endif | 971 | #endif |
| 972 | #ifndef OPENSSL_NO_ECDSA | ||
| 973 | if (pkey->type == EVP_PKEY_EC) mdc_tmp.digest=EVP_ecdsa(); | ||
| 974 | #endif | ||
| 862 | 975 | ||
| 863 | i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey); | 976 | i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey); |
| 864 | EVP_PKEY_free(pkey); | 977 | EVP_PKEY_free(pkey); |
| @@ -883,8 +996,13 @@ PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx) | |||
| 883 | int i; | 996 | int i; |
| 884 | 997 | ||
| 885 | i=OBJ_obj2nid(p7->type); | 998 | i=OBJ_obj2nid(p7->type); |
| 886 | if (i != NID_pkcs7_signedAndEnveloped) return(NULL); | 999 | if (i != NID_pkcs7_signedAndEnveloped) |
| 1000 | return NULL; | ||
| 1001 | if (p7->d.signed_and_enveloped == NULL) | ||
| 1002 | return NULL; | ||
| 887 | rsk=p7->d.signed_and_enveloped->recipientinfo; | 1003 | rsk=p7->d.signed_and_enveloped->recipientinfo; |
| 1004 | if (rsk == NULL) | ||
| 1005 | return NULL; | ||
| 888 | ri=sk_PKCS7_RECIP_INFO_value(rsk,0); | 1006 | ri=sk_PKCS7_RECIP_INFO_value(rsk,0); |
| 889 | if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) return(NULL); | 1007 | if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) return(NULL); |
| 890 | ri=sk_PKCS7_RECIP_INFO_value(rsk,idx); | 1008 | ri=sk_PKCS7_RECIP_INFO_value(rsk,idx); |
| @@ -938,6 +1056,8 @@ int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si, | |||
| 938 | if (p7si->auth_attr != NULL) | 1056 | if (p7si->auth_attr != NULL) |
| 939 | sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,X509_ATTRIBUTE_free); | 1057 | sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,X509_ATTRIBUTE_free); |
| 940 | p7si->auth_attr=sk_X509_ATTRIBUTE_dup(sk); | 1058 | p7si->auth_attr=sk_X509_ATTRIBUTE_dup(sk); |
| 1059 | if (p7si->auth_attr == NULL) | ||
| 1060 | return 0; | ||
| 941 | for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++) | 1061 | for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++) |
| 942 | { | 1062 | { |
| 943 | if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr,i, | 1063 | if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr,i, |
| @@ -956,6 +1076,8 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk) | |||
| 956 | sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, | 1076 | sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, |
| 957 | X509_ATTRIBUTE_free); | 1077 | X509_ATTRIBUTE_free); |
| 958 | p7si->unauth_attr=sk_X509_ATTRIBUTE_dup(sk); | 1078 | p7si->unauth_attr=sk_X509_ATTRIBUTE_dup(sk); |
| 1079 | if (p7si->unauth_attr == NULL) | ||
| 1080 | return 0; | ||
| 959 | for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++) | 1081 | for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++) |
| 960 | { | 1082 | { |
| 961 | if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr,i, | 1083 | if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr,i, |
| @@ -985,10 +1107,16 @@ static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, | |||
| 985 | 1107 | ||
| 986 | if (*sk == NULL) | 1108 | if (*sk == NULL) |
| 987 | { | 1109 | { |
| 988 | *sk = sk_X509_ATTRIBUTE_new_null(); | 1110 | if (!(*sk = sk_X509_ATTRIBUTE_new_null())) |
| 1111 | return 0; | ||
| 989 | new_attrib: | 1112 | new_attrib: |
| 990 | attr=X509_ATTRIBUTE_create(nid,atrtype,value); | 1113 | if (!(attr=X509_ATTRIBUTE_create(nid,atrtype,value))) |
| 991 | sk_X509_ATTRIBUTE_push(*sk,attr); | 1114 | return 0; |
| 1115 | if (!sk_X509_ATTRIBUTE_push(*sk,attr)) | ||
| 1116 | { | ||
| 1117 | X509_ATTRIBUTE_free(attr); | ||
| 1118 | return 0; | ||
| 1119 | } | ||
| 992 | } | 1120 | } |
| 993 | else | 1121 | else |
| 994 | { | 1122 | { |
| @@ -1001,7 +1129,13 @@ new_attrib: | |||
| 1001 | { | 1129 | { |
| 1002 | X509_ATTRIBUTE_free(attr); | 1130 | X509_ATTRIBUTE_free(attr); |
| 1003 | attr=X509_ATTRIBUTE_create(nid,atrtype,value); | 1131 | attr=X509_ATTRIBUTE_create(nid,atrtype,value); |
| 1004 | sk_X509_ATTRIBUTE_set(*sk,i,attr); | 1132 | if (attr == NULL) |
| 1133 | return 0; | ||
| 1134 | if (!sk_X509_ATTRIBUTE_set(*sk,i,attr)) | ||
| 1135 | { | ||
| 1136 | X509_ATTRIBUTE_free(attr); | ||
| 1137 | return 0; | ||
| 1138 | } | ||
| 1005 | goto end; | 1139 | goto end; |
| 1006 | } | 1140 | } |
| 1007 | } | 1141 | } |
diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c index ee1817c7af..f2490941a3 100644 --- a/src/lib/libcrypto/pkcs7/pk7_lib.c +++ b/src/lib/libcrypto/pkcs7/pk7_lib.c | |||
| @@ -138,6 +138,10 @@ int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data) | |||
| 138 | p7->d.sign->contents=p7_data; | 138 | p7->d.sign->contents=p7_data; |
| 139 | break; | 139 | break; |
| 140 | case NID_pkcs7_digest: | 140 | case NID_pkcs7_digest: |
| 141 | if (p7->d.digest->contents != NULL) | ||
| 142 | PKCS7_free(p7->d.digest->contents); | ||
| 143 | p7->d.digest->contents=p7_data; | ||
| 144 | break; | ||
| 141 | case NID_pkcs7_data: | 145 | case NID_pkcs7_data: |
| 142 | case NID_pkcs7_enveloped: | 146 | case NID_pkcs7_enveloped: |
| 143 | case NID_pkcs7_signedAndEnveloped: | 147 | case NID_pkcs7_signedAndEnveloped: |
| @@ -206,6 +210,12 @@ int PKCS7_set_type(PKCS7 *p7, int type) | |||
| 206 | break; | 210 | break; |
| 207 | 211 | ||
| 208 | case NID_pkcs7_digest: | 212 | case NID_pkcs7_digest: |
| 213 | p7->type=obj; | ||
| 214 | if ((p7->d.digest=PKCS7_DIGEST_new()) | ||
| 215 | == NULL) goto err; | ||
| 216 | if (!ASN1_INTEGER_set(p7->d.digest->version,0)) | ||
| 217 | goto err; | ||
| 218 | break; | ||
| 209 | default: | 219 | default: |
| 210 | PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); | 220 | PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); |
| 211 | goto err; | 221 | goto err; |
| @@ -215,6 +225,13 @@ err: | |||
| 215 | return(0); | 225 | return(0); |
| 216 | } | 226 | } |
| 217 | 227 | ||
| 228 | int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other) | ||
| 229 | { | ||
| 230 | p7->type = OBJ_nid2obj(type); | ||
| 231 | p7->d.other = other; | ||
| 232 | return 1; | ||
| 233 | } | ||
| 234 | |||
| 218 | int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) | 235 | int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) |
| 219 | { | 236 | { |
| 220 | int i,j,nid; | 237 | int i,j,nid; |
| @@ -254,16 +271,23 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) | |||
| 254 | if (!j) /* we need to add another algorithm */ | 271 | if (!j) /* we need to add another algorithm */ |
| 255 | { | 272 | { |
| 256 | if(!(alg=X509_ALGOR_new()) | 273 | if(!(alg=X509_ALGOR_new()) |
| 257 | || !(alg->parameter = ASN1_TYPE_new())) { | 274 | || !(alg->parameter = ASN1_TYPE_new())) |
| 275 | { | ||
| 276 | X509_ALGOR_free(alg); | ||
| 258 | PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,ERR_R_MALLOC_FAILURE); | 277 | PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,ERR_R_MALLOC_FAILURE); |
| 259 | return(0); | 278 | return(0); |
| 260 | } | 279 | } |
| 261 | alg->algorithm=OBJ_nid2obj(nid); | 280 | alg->algorithm=OBJ_nid2obj(nid); |
| 262 | alg->parameter->type = V_ASN1_NULL; | 281 | alg->parameter->type = V_ASN1_NULL; |
| 263 | sk_X509_ALGOR_push(md_sk,alg); | 282 | if (!sk_X509_ALGOR_push(md_sk,alg)) |
| 283 | { | ||
| 284 | X509_ALGOR_free(alg); | ||
| 285 | return 0; | ||
| 286 | } | ||
| 264 | } | 287 | } |
| 265 | 288 | ||
| 266 | sk_PKCS7_SIGNER_INFO_push(signer_sk,psi); | 289 | if (!sk_PKCS7_SIGNER_INFO_push(signer_sk,psi)) |
| 290 | return 0; | ||
| 267 | return(1); | 291 | return(1); |
| 268 | } | 292 | } |
| 269 | 293 | ||
| @@ -288,8 +312,17 @@ int PKCS7_add_certificate(PKCS7 *p7, X509 *x509) | |||
| 288 | 312 | ||
| 289 | if (*sk == NULL) | 313 | if (*sk == NULL) |
| 290 | *sk=sk_X509_new_null(); | 314 | *sk=sk_X509_new_null(); |
| 315 | if (*sk == NULL) | ||
| 316 | { | ||
| 317 | PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,ERR_R_MALLOC_FAILURE); | ||
| 318 | return 0; | ||
| 319 | } | ||
| 291 | CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); | 320 | CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); |
| 292 | sk_X509_push(*sk,x509); | 321 | if (!sk_X509_push(*sk,x509)) |
| 322 | { | ||
| 323 | X509_free(x509); | ||
| 324 | return 0; | ||
| 325 | } | ||
| 293 | return(1); | 326 | return(1); |
| 294 | } | 327 | } |
| 295 | 328 | ||
| @@ -314,18 +347,31 @@ int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl) | |||
| 314 | 347 | ||
| 315 | if (*sk == NULL) | 348 | if (*sk == NULL) |
| 316 | *sk=sk_X509_CRL_new_null(); | 349 | *sk=sk_X509_CRL_new_null(); |
| 350 | if (*sk == NULL) | ||
| 351 | { | ||
| 352 | PKCS7err(PKCS7_F_PKCS7_ADD_CRL,ERR_R_MALLOC_FAILURE); | ||
| 353 | return 0; | ||
| 354 | } | ||
| 317 | 355 | ||
| 318 | CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL); | 356 | CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL); |
| 319 | sk_X509_CRL_push(*sk,crl); | 357 | if (!sk_X509_CRL_push(*sk,crl)) |
| 358 | { | ||
| 359 | X509_CRL_free(crl); | ||
| 360 | return 0; | ||
| 361 | } | ||
| 320 | return(1); | 362 | return(1); |
| 321 | } | 363 | } |
| 322 | 364 | ||
| 323 | int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, | 365 | int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, |
| 324 | const EVP_MD *dgst) | 366 | const EVP_MD *dgst) |
| 325 | { | 367 | { |
| 368 | int nid; | ||
| 326 | char is_dsa; | 369 | char is_dsa; |
| 327 | if (pkey->type == EVP_PKEY_DSA) is_dsa = 1; | 370 | |
| 328 | else is_dsa = 0; | 371 | if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_EC) |
| 372 | is_dsa = 1; | ||
| 373 | else | ||
| 374 | is_dsa = 0; | ||
| 329 | /* We now need to add another PKCS7_SIGNER_INFO entry */ | 375 | /* We now need to add another PKCS7_SIGNER_INFO entry */ |
| 330 | if (!ASN1_INTEGER_set(p7i->version,1)) | 376 | if (!ASN1_INTEGER_set(p7i->version,1)) |
| 331 | goto err; | 377 | goto err; |
| @@ -355,16 +401,38 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, | |||
| 355 | goto err; | 401 | goto err; |
| 356 | p7i->digest_alg->parameter->type=V_ASN1_NULL; | 402 | p7i->digest_alg->parameter->type=V_ASN1_NULL; |
| 357 | 403 | ||
| 358 | p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_PKEY_type(pkey->type)); | ||
| 359 | |||
| 360 | if (p7i->digest_enc_alg->parameter != NULL) | 404 | if (p7i->digest_enc_alg->parameter != NULL) |
| 361 | ASN1_TYPE_free(p7i->digest_enc_alg->parameter); | 405 | ASN1_TYPE_free(p7i->digest_enc_alg->parameter); |
| 362 | if(is_dsa) p7i->digest_enc_alg->parameter = NULL; | 406 | nid = EVP_PKEY_type(pkey->type); |
| 363 | else { | 407 | if (nid == EVP_PKEY_RSA) |
| 408 | { | ||
| 409 | p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_rsaEncryption); | ||
| 364 | if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) | 410 | if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) |
| 365 | goto err; | 411 | goto err; |
| 366 | p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; | 412 | p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; |
| 367 | } | 413 | } |
| 414 | else if (nid == EVP_PKEY_DSA) | ||
| 415 | { | ||
| 416 | #if 1 | ||
| 417 | /* use 'dsaEncryption' OID for compatibility with other software | ||
| 418 | * (PKCS #7 v1.5 does specify how to handle DSA) ... */ | ||
| 419 | p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsa); | ||
| 420 | #else | ||
| 421 | /* ... although the 'dsaWithSHA1' OID (as required by RFC 2630 for CMS) | ||
| 422 | * would make more sense. */ | ||
| 423 | p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsaWithSHA1); | ||
| 424 | #endif | ||
| 425 | p7i->digest_enc_alg->parameter = NULL; /* special case for DSA: omit 'parameter'! */ | ||
| 426 | } | ||
| 427 | else if (nid == EVP_PKEY_EC) | ||
| 428 | { | ||
| 429 | p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_ecdsa_with_SHA1); | ||
| 430 | if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) | ||
| 431 | goto err; | ||
| 432 | p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; | ||
| 433 | } | ||
| 434 | else | ||
| 435 | return(0); | ||
| 368 | 436 | ||
| 369 | return(1); | 437 | return(1); |
| 370 | err: | 438 | err: |
| @@ -381,9 +449,28 @@ PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, | |||
| 381 | if (!PKCS7_add_signer(p7,si)) goto err; | 449 | if (!PKCS7_add_signer(p7,si)) goto err; |
| 382 | return(si); | 450 | return(si); |
| 383 | err: | 451 | err: |
| 452 | PKCS7_SIGNER_INFO_free(si); | ||
| 384 | return(NULL); | 453 | return(NULL); |
| 385 | } | 454 | } |
| 386 | 455 | ||
| 456 | int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md) | ||
| 457 | { | ||
| 458 | if (PKCS7_type_is_digest(p7)) | ||
| 459 | { | ||
| 460 | if(!(p7->d.digest->md->parameter = ASN1_TYPE_new())) | ||
| 461 | { | ||
| 462 | PKCS7err(PKCS7_F_PKCS7_SET_DIGEST,ERR_R_MALLOC_FAILURE); | ||
| 463 | return 0; | ||
| 464 | } | ||
| 465 | p7->d.digest->md->parameter->type = V_ASN1_NULL; | ||
| 466 | p7->d.digest->md->algorithm = OBJ_nid2obj(EVP_MD_nid(md)); | ||
| 467 | return 1; | ||
| 468 | } | ||
| 469 | |||
| 470 | PKCS7err(PKCS7_F_PKCS7_SET_DIGEST,PKCS7_R_WRONG_CONTENT_TYPE); | ||
| 471 | return 1; | ||
| 472 | } | ||
| 473 | |||
| 387 | STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) | 474 | STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) |
| 388 | { | 475 | { |
| 389 | if (PKCS7_type_is_signed(p7)) | 476 | if (PKCS7_type_is_signed(p7)) |
| @@ -407,6 +494,7 @@ PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) | |||
| 407 | if (!PKCS7_add_recipient_info(p7,ri)) goto err; | 494 | if (!PKCS7_add_recipient_info(p7,ri)) goto err; |
| 408 | return(ri); | 495 | return(ri); |
| 409 | err: | 496 | err: |
| 497 | PKCS7_RECIP_INFO_free(ri); | ||
| 410 | return(NULL); | 498 | return(NULL); |
| 411 | } | 499 | } |
| 412 | 500 | ||
| @@ -429,7 +517,8 @@ int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) | |||
| 429 | return(0); | 517 | return(0); |
| 430 | } | 518 | } |
| 431 | 519 | ||
| 432 | sk_PKCS7_RECIP_INFO_push(sk,ri); | 520 | if (!sk_PKCS7_RECIP_INFO_push(sk,ri)) |
| 521 | return 0; | ||
| 433 | return(1); | 522 | return(1); |
| 434 | } | 523 | } |
| 435 | 524 | ||
diff --git a/src/lib/libcrypto/pkcs7/pk7_mime.c b/src/lib/libcrypto/pkcs7/pk7_mime.c index 927b88c3e7..17b68992f7 100644 --- a/src/lib/libcrypto/pkcs7/pk7_mime.c +++ b/src/lib/libcrypto/pkcs7/pk7_mime.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* pk7_mime.c */ | 1 | /* pk7_mime.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL |
| 3 | * project 1999. | 3 | * project. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. |
| @@ -86,6 +86,7 @@ STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */ | |||
| 86 | DECLARE_STACK_OF(MIME_HEADER) | 86 | DECLARE_STACK_OF(MIME_HEADER) |
| 87 | IMPLEMENT_STACK_OF(MIME_HEADER) | 87 | IMPLEMENT_STACK_OF(MIME_HEADER) |
| 88 | 88 | ||
| 89 | static int pkcs7_output_data(BIO *bio, BIO *data, PKCS7 *p7, int flags); | ||
| 89 | static int B64_write_PKCS7(BIO *bio, PKCS7 *p7); | 90 | static int B64_write_PKCS7(BIO *bio, PKCS7 *p7); |
| 90 | static PKCS7 *B64_read_PKCS7(BIO *bio); | 91 | static PKCS7 *B64_read_PKCS7(BIO *bio); |
| 91 | static char * strip_ends(char *name); | 92 | static char * strip_ends(char *name); |
| @@ -109,9 +110,6 @@ static void mime_hdr_free(MIME_HEADER *hdr); | |||
| 109 | #define MAX_SMLEN 1024 | 110 | #define MAX_SMLEN 1024 |
| 110 | #define mime_debug(x) /* x */ | 111 | #define mime_debug(x) /* x */ |
| 111 | 112 | ||
| 112 | |||
| 113 | typedef void (*stkfree)(); | ||
| 114 | |||
| 115 | /* Base 64 read and write of PKCS#7 structure */ | 113 | /* Base 64 read and write of PKCS#7 structure */ |
| 116 | 114 | ||
| 117 | static int B64_write_PKCS7(BIO *bio, PKCS7 *p7) | 115 | static int B64_write_PKCS7(BIO *bio, PKCS7 *p7) |
| @@ -123,7 +121,7 @@ static int B64_write_PKCS7(BIO *bio, PKCS7 *p7) | |||
| 123 | } | 121 | } |
| 124 | bio = BIO_push(b64, bio); | 122 | bio = BIO_push(b64, bio); |
| 125 | i2d_PKCS7_bio(bio, p7); | 123 | i2d_PKCS7_bio(bio, p7); |
| 126 | BIO_flush(bio); | 124 | (void)BIO_flush(bio); |
| 127 | bio = BIO_pop(bio); | 125 | bio = BIO_pop(bio); |
| 128 | BIO_free(b64); | 126 | BIO_free(b64); |
| 129 | return 1; | 127 | return 1; |
| @@ -140,7 +138,7 @@ static PKCS7 *B64_read_PKCS7(BIO *bio) | |||
| 140 | bio = BIO_push(b64, bio); | 138 | bio = BIO_push(b64, bio); |
| 141 | if(!(p7 = d2i_PKCS7_bio(bio, NULL))) | 139 | if(!(p7 = d2i_PKCS7_bio(bio, NULL))) |
| 142 | PKCS7err(PKCS7_F_B64_READ_PKCS7,PKCS7_R_DECODE_ERROR); | 140 | PKCS7err(PKCS7_F_B64_READ_PKCS7,PKCS7_R_DECODE_ERROR); |
| 143 | BIO_flush(bio); | 141 | (void)BIO_flush(bio); |
| 144 | bio = BIO_pop(bio); | 142 | bio = BIO_pop(bio); |
| 145 | BIO_free(b64); | 143 | BIO_free(b64); |
| 146 | return p7; | 144 | return p7; |
| @@ -182,7 +180,7 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) | |||
| 182 | mime_eol, mime_eol); | 180 | mime_eol, mime_eol); |
| 183 | /* Now write out the first part */ | 181 | /* Now write out the first part */ |
| 184 | BIO_printf(bio, "------%s%s", bound, mime_eol); | 182 | BIO_printf(bio, "------%s%s", bound, mime_eol); |
| 185 | SMIME_crlf_copy(data, bio, flags); | 183 | pkcs7_output_data(bio, data, p7, flags); |
| 186 | BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol); | 184 | BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol); |
| 187 | 185 | ||
| 188 | /* Headers for signature */ | 186 | /* Headers for signature */ |
| @@ -196,7 +194,7 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) | |||
| 196 | mime_eol, mime_eol); | 194 | mime_eol, mime_eol); |
| 197 | B64_write_PKCS7(bio, p7); | 195 | B64_write_PKCS7(bio, p7); |
| 198 | BIO_printf(bio,"%s------%s--%s%s", mime_eol, bound, | 196 | BIO_printf(bio,"%s------%s--%s%s", mime_eol, bound, |
| 199 | mime_eol, mime_eol); | 197 | mime_eol, mime_eol); |
| 200 | return 1; | 198 | return 1; |
| 201 | } | 199 | } |
| 202 | 200 | ||
| @@ -231,6 +229,46 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) | |||
| 231 | return 1; | 229 | return 1; |
| 232 | } | 230 | } |
| 233 | 231 | ||
| 232 | /* Handle output of PKCS#7 data */ | ||
| 233 | |||
| 234 | |||
| 235 | static int pkcs7_output_data(BIO *out, BIO *data, PKCS7 *p7, int flags) | ||
| 236 | { | ||
| 237 | BIO *tmpbio, *p7bio; | ||
| 238 | |||
| 239 | if (!(flags & PKCS7_STREAM)) | ||
| 240 | { | ||
| 241 | SMIME_crlf_copy(data, out, flags); | ||
| 242 | return 1; | ||
| 243 | } | ||
| 244 | |||
| 245 | /* Partial sign operation */ | ||
| 246 | |||
| 247 | /* Initialize sign operation */ | ||
| 248 | p7bio = PKCS7_dataInit(p7, out); | ||
| 249 | |||
| 250 | /* Copy data across, computing digests etc */ | ||
| 251 | SMIME_crlf_copy(data, p7bio, flags); | ||
| 252 | |||
| 253 | /* Must be detached */ | ||
| 254 | PKCS7_set_detached(p7, 1); | ||
| 255 | |||
| 256 | /* Finalize signatures */ | ||
| 257 | PKCS7_dataFinal(p7, p7bio); | ||
| 258 | |||
| 259 | /* Now remove any digests prepended to the BIO */ | ||
| 260 | |||
| 261 | while (p7bio != out) | ||
| 262 | { | ||
| 263 | tmpbio = BIO_pop(p7bio); | ||
| 264 | BIO_free(p7bio); | ||
| 265 | p7bio = tmpbio; | ||
| 266 | } | ||
| 267 | |||
| 268 | return 1; | ||
| 269 | |||
| 270 | } | ||
| 271 | |||
| 234 | /* SMIME reader: handle multipart/signed and opaque signing. | 272 | /* SMIME reader: handle multipart/signed and opaque signing. |
| 235 | * in multipart case the content is placed in a memory BIO | 273 | * in multipart case the content is placed in a memory BIO |
| 236 | * pointed to by "bcont". In opaque this is set to NULL | 274 | * pointed to by "bcont". In opaque this is set to NULL |
| @@ -339,56 +377,6 @@ PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont) | |||
| 339 | 377 | ||
| 340 | } | 378 | } |
| 341 | 379 | ||
| 342 | /* Copy text from one BIO to another making the output CRLF at EOL */ | ||
| 343 | int SMIME_crlf_copy(BIO *in, BIO *out, int flags) | ||
| 344 | { | ||
| 345 | char eol; | ||
| 346 | int len; | ||
| 347 | char linebuf[MAX_SMLEN]; | ||
| 348 | if(flags & PKCS7_BINARY) { | ||
| 349 | while((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0) | ||
| 350 | BIO_write(out, linebuf, len); | ||
| 351 | return 1; | ||
| 352 | } | ||
| 353 | if(flags & PKCS7_TEXT) BIO_printf(out, "Content-Type: text/plain\r\n\r\n"); | ||
| 354 | while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) { | ||
| 355 | eol = strip_eol(linebuf, &len); | ||
| 356 | if (len) | ||
| 357 | BIO_write(out, linebuf, len); | ||
| 358 | if(eol) BIO_write(out, "\r\n", 2); | ||
| 359 | } | ||
| 360 | return 1; | ||
| 361 | } | ||
| 362 | |||
| 363 | /* Strip off headers if they are text/plain */ | ||
| 364 | int SMIME_text(BIO *in, BIO *out) | ||
| 365 | { | ||
| 366 | char iobuf[4096]; | ||
| 367 | int len; | ||
| 368 | STACK_OF(MIME_HEADER) *headers; | ||
| 369 | MIME_HEADER *hdr; | ||
| 370 | |||
| 371 | if (!(headers = mime_parse_hdr(in))) { | ||
| 372 | PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_PARSE_ERROR); | ||
| 373 | return 0; | ||
| 374 | } | ||
| 375 | if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) { | ||
| 376 | PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_NO_CONTENT_TYPE); | ||
| 377 | sk_MIME_HEADER_pop_free(headers, mime_hdr_free); | ||
| 378 | return 0; | ||
| 379 | } | ||
| 380 | if (strcmp (hdr->value, "text/plain")) { | ||
| 381 | PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_INVALID_MIME_TYPE); | ||
| 382 | ERR_add_error_data(2, "type: ", hdr->value); | ||
| 383 | sk_MIME_HEADER_pop_free(headers, mime_hdr_free); | ||
| 384 | return 0; | ||
| 385 | } | ||
| 386 | sk_MIME_HEADER_pop_free(headers, mime_hdr_free); | ||
| 387 | while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0) | ||
| 388 | BIO_write(out, iobuf, len); | ||
| 389 | return 1; | ||
| 390 | } | ||
| 391 | |||
| 392 | /* Split a multipart/XXX message body into component parts: result is | 380 | /* Split a multipart/XXX message body into component parts: result is |
| 393 | * canonical parts in a STACK of bios | 381 | * canonical parts in a STACK of bios |
| 394 | */ | 382 | */ |
diff --git a/src/lib/libcrypto/pkcs7/pk7_smime.c b/src/lib/libcrypto/pkcs7/pk7_smime.c index 99a0d63f38..5c6b0fe24b 100644 --- a/src/lib/libcrypto/pkcs7/pk7_smime.c +++ b/src/lib/libcrypto/pkcs7/pk7_smime.c | |||
| @@ -1,9 +1,9 @@ | |||
| 1 | /* pk7_smime.c */ | 1 | /* pk7_smime.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL |
| 3 | * project 1999. | 3 | * project. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -66,10 +66,10 @@ | |||
| 66 | PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, | 66 | PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, |
| 67 | BIO *data, int flags) | 67 | BIO *data, int flags) |
| 68 | { | 68 | { |
| 69 | PKCS7 *p7; | 69 | PKCS7 *p7 = NULL; |
| 70 | PKCS7_SIGNER_INFO *si; | 70 | PKCS7_SIGNER_INFO *si; |
| 71 | BIO *p7bio; | 71 | BIO *p7bio = NULL; |
| 72 | STACK_OF(X509_ALGOR) *smcap; | 72 | STACK_OF(X509_ALGOR) *smcap = NULL; |
| 73 | int i; | 73 | int i; |
| 74 | 74 | ||
| 75 | if(!X509_check_private_key(signcert, pkey)) { | 75 | if(!X509_check_private_key(signcert, pkey)) { |
| @@ -82,66 +82,87 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, | |||
| 82 | return NULL; | 82 | return NULL; |
| 83 | } | 83 | } |
| 84 | 84 | ||
| 85 | PKCS7_set_type(p7, NID_pkcs7_signed); | 85 | if (!PKCS7_set_type(p7, NID_pkcs7_signed)) |
| 86 | goto err; | ||
| 86 | 87 | ||
| 87 | PKCS7_content_new(p7, NID_pkcs7_data); | 88 | if (!PKCS7_content_new(p7, NID_pkcs7_data)) |
| 89 | goto err; | ||
| 88 | 90 | ||
| 89 | if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) { | 91 | if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) { |
| 90 | PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR); | 92 | PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR); |
| 91 | return NULL; | 93 | goto err; |
| 92 | } | 94 | } |
| 93 | 95 | ||
| 94 | if(!(flags & PKCS7_NOCERTS)) { | 96 | if(!(flags & PKCS7_NOCERTS)) { |
| 95 | PKCS7_add_certificate(p7, signcert); | 97 | if (!PKCS7_add_certificate(p7, signcert)) |
| 98 | goto err; | ||
| 96 | if(certs) for(i = 0; i < sk_X509_num(certs); i++) | 99 | if(certs) for(i = 0; i < sk_X509_num(certs); i++) |
| 97 | PKCS7_add_certificate(p7, sk_X509_value(certs, i)); | 100 | if (!PKCS7_add_certificate(p7, sk_X509_value(certs, i))) |
| 98 | } | 101 | goto err; |
| 99 | |||
| 100 | if(!(p7bio = PKCS7_dataInit(p7, NULL))) { | ||
| 101 | PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); | ||
| 102 | return NULL; | ||
| 103 | } | 102 | } |
| 104 | 103 | ||
| 105 | |||
| 106 | SMIME_crlf_copy(data, p7bio, flags); | ||
| 107 | |||
| 108 | if(!(flags & PKCS7_NOATTR)) { | 104 | if(!(flags & PKCS7_NOATTR)) { |
| 109 | PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, | 105 | if (!PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, |
| 110 | V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data)); | 106 | V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data))) |
| 107 | goto err; | ||
| 111 | /* Add SMIMECapabilities */ | 108 | /* Add SMIMECapabilities */ |
| 112 | if(!(flags & PKCS7_NOSMIMECAP)) | 109 | if(!(flags & PKCS7_NOSMIMECAP)) |
| 113 | { | 110 | { |
| 114 | if(!(smcap = sk_X509_ALGOR_new_null())) { | 111 | if(!(smcap = sk_X509_ALGOR_new_null())) { |
| 115 | PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); | 112 | PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); |
| 116 | return NULL; | 113 | goto err; |
| 117 | } | 114 | } |
| 118 | #ifndef OPENSSL_NO_DES | 115 | #ifndef OPENSSL_NO_DES |
| 119 | PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1); | 116 | if (!PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1)) |
| 117 | goto err; | ||
| 120 | #endif | 118 | #endif |
| 121 | #ifndef OPENSSL_NO_RC2 | 119 | #ifndef OPENSSL_NO_RC2 |
| 122 | PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128); | 120 | if (!PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128)) |
| 123 | PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64); | 121 | goto err; |
| 122 | if (!PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64)) | ||
| 123 | goto err; | ||
| 124 | #endif | 124 | #endif |
| 125 | #ifndef OPENSSL_NO_DES | 125 | #ifndef OPENSSL_NO_DES |
| 126 | PKCS7_simple_smimecap (smcap, NID_des_cbc, -1); | 126 | if (!PKCS7_simple_smimecap (smcap, NID_des_cbc, -1)) |
| 127 | goto err; | ||
| 127 | #endif | 128 | #endif |
| 128 | #ifndef OPENSSL_NO_RC2 | 129 | #ifndef OPENSSL_NO_RC2 |
| 129 | PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40); | 130 | if (!PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40)) |
| 131 | goto err; | ||
| 130 | #endif | 132 | #endif |
| 131 | PKCS7_add_attrib_smimecap (si, smcap); | 133 | if (!PKCS7_add_attrib_smimecap (si, smcap)) |
| 134 | goto err; | ||
| 132 | sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); | 135 | sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); |
| 136 | smcap = NULL; | ||
| 133 | } | 137 | } |
| 134 | } | 138 | } |
| 135 | 139 | ||
| 136 | if(flags & PKCS7_DETACHED)PKCS7_set_detached(p7, 1); | 140 | if(flags & PKCS7_DETACHED)PKCS7_set_detached(p7, 1); |
| 137 | 141 | ||
| 138 | if (!PKCS7_dataFinal(p7,p7bio)) { | 142 | if (flags & PKCS7_STREAM) |
| 143 | return p7; | ||
| 144 | |||
| 145 | |||
| 146 | if (!(p7bio = PKCS7_dataInit(p7, NULL))) { | ||
| 147 | PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); | ||
| 148 | goto err; | ||
| 149 | } | ||
| 150 | |||
| 151 | SMIME_crlf_copy(data, p7bio, flags); | ||
| 152 | |||
| 153 | |||
| 154 | if (!PKCS7_dataFinal(p7,p7bio)) { | ||
| 139 | PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN); | 155 | PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN); |
| 140 | return NULL; | 156 | goto err; |
| 141 | } | 157 | } |
| 142 | 158 | ||
| 143 | BIO_free_all(p7bio); | 159 | BIO_free_all(p7bio); |
| 144 | return p7; | 160 | return p7; |
| 161 | err: | ||
| 162 | sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); | ||
| 163 | BIO_free_all(p7bio); | ||
| 164 | PKCS7_free(p7); | ||
| 165 | return NULL; | ||
| 145 | } | 166 | } |
| 146 | 167 | ||
| 147 | int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, | 168 | int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, |
| @@ -215,6 +236,8 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, | |||
| 215 | sk_X509_free(signers); | 236 | sk_X509_free(signers); |
| 216 | return 0; | 237 | return 0; |
| 217 | } | 238 | } |
| 239 | if (!(flags & PKCS7_NOCRL)) | ||
| 240 | X509_STORE_CTX_set0_crls(&cert_ctx, p7->d.sign->crl); | ||
| 218 | i = X509_verify_cert(&cert_ctx); | 241 | i = X509_verify_cert(&cert_ctx); |
| 219 | if (i <= 0) j = X509_STORE_CTX_get_error(&cert_ctx); | 242 | if (i <= 0) j = X509_STORE_CTX_get_error(&cert_ctx); |
| 220 | X509_STORE_CTX_cleanup(&cert_ctx); | 243 | X509_STORE_CTX_cleanup(&cert_ctx); |
| @@ -251,7 +274,8 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, | |||
| 251 | tmpin = indata; | 274 | tmpin = indata; |
| 252 | 275 | ||
| 253 | 276 | ||
| 254 | p7bio=PKCS7_dataInit(p7,tmpin); | 277 | if (!(p7bio=PKCS7_dataInit(p7,tmpin))) |
| 278 | goto err; | ||
| 255 | 279 | ||
| 256 | if(flags & PKCS7_TEXT) { | 280 | if(flags & PKCS7_TEXT) { |
| 257 | if(!(tmpout = BIO_new(BIO_s_mem()))) { | 281 | if(!(tmpout = BIO_new(BIO_s_mem()))) { |
| @@ -330,7 +354,7 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) | |||
| 330 | 354 | ||
| 331 | if(sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) { | 355 | if(sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) { |
| 332 | PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_NO_SIGNERS); | 356 | PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_NO_SIGNERS); |
| 333 | return 0; | 357 | return NULL; |
| 334 | } | 358 | } |
| 335 | 359 | ||
| 336 | if(!(signers = sk_X509_new_null())) { | 360 | if(!(signers = sk_X509_new_null())) { |
| @@ -353,10 +377,13 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) | |||
| 353 | if (!signer) { | 377 | if (!signer) { |
| 354 | PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND); | 378 | PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND); |
| 355 | sk_X509_free(signers); | 379 | sk_X509_free(signers); |
| 356 | return 0; | 380 | return NULL; |
| 357 | } | 381 | } |
| 358 | 382 | ||
| 359 | sk_X509_push(signers, signer); | 383 | if (!sk_X509_push(signers, signer)) { |
| 384 | sk_X509_free(signers); | ||
| 385 | return NULL; | ||
| 386 | } | ||
| 360 | } | 387 | } |
| 361 | return signers; | 388 | return signers; |
| 362 | } | 389 | } |
| @@ -376,7 +403,8 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, | |||
| 376 | return NULL; | 403 | return NULL; |
| 377 | } | 404 | } |
| 378 | 405 | ||
| 379 | PKCS7_set_type(p7, NID_pkcs7_enveloped); | 406 | if (!PKCS7_set_type(p7, NID_pkcs7_enveloped)) |
| 407 | goto err; | ||
| 380 | if(!PKCS7_set_cipher(p7, cipher)) { | 408 | if(!PKCS7_set_cipher(p7, cipher)) { |
| 381 | PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_ERROR_SETTING_CIPHER); | 409 | PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_ERROR_SETTING_CIPHER); |
| 382 | goto err; | 410 | goto err; |
| @@ -398,7 +426,7 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, | |||
| 398 | 426 | ||
| 399 | SMIME_crlf_copy(in, p7bio, flags); | 427 | SMIME_crlf_copy(in, p7bio, flags); |
| 400 | 428 | ||
| 401 | BIO_flush(p7bio); | 429 | (void)BIO_flush(p7bio); |
| 402 | 430 | ||
| 403 | if (!PKCS7_dataFinal(p7,p7bio)) { | 431 | if (!PKCS7_dataFinal(p7,p7bio)) { |
| 404 | PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_PKCS7_DATAFINAL_ERROR); | 432 | PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_PKCS7_DATAFINAL_ERROR); |
| @@ -410,7 +438,7 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, | |||
| 410 | 438 | ||
| 411 | err: | 439 | err: |
| 412 | 440 | ||
| 413 | BIO_free(p7bio); | 441 | BIO_free_all(p7bio); |
| 414 | PKCS7_free(p7); | 442 | PKCS7_free(p7); |
| 415 | return NULL; | 443 | return NULL; |
| 416 | 444 | ||
| @@ -432,7 +460,7 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) | |||
| 432 | return 0; | 460 | return 0; |
| 433 | } | 461 | } |
| 434 | 462 | ||
| 435 | if(!X509_check_private_key(cert, pkey)) { | 463 | if(cert && !X509_check_private_key(cert, pkey)) { |
| 436 | PKCS7err(PKCS7_F_PKCS7_DECRYPT, | 464 | PKCS7err(PKCS7_F_PKCS7_DECRYPT, |
| 437 | PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); | 465 | PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); |
| 438 | return 0; | 466 | return 0; |
| @@ -448,10 +476,13 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) | |||
| 448 | /* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */ | 476 | /* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */ |
| 449 | if(!(tmpbuf = BIO_new(BIO_f_buffer()))) { | 477 | if(!(tmpbuf = BIO_new(BIO_f_buffer()))) { |
| 450 | PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE); | 478 | PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE); |
| 479 | BIO_free_all(tmpmem); | ||
| 451 | return 0; | 480 | return 0; |
| 452 | } | 481 | } |
| 453 | if(!(bread = BIO_push(tmpbuf, tmpmem))) { | 482 | if(!(bread = BIO_push(tmpbuf, tmpmem))) { |
| 454 | PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE); | 483 | PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE); |
| 484 | BIO_free_all(tmpbuf); | ||
| 485 | BIO_free_all(tmpmem); | ||
| 455 | return 0; | 486 | return 0; |
| 456 | } | 487 | } |
| 457 | ret = SMIME_text(bread, data); | 488 | ret = SMIME_text(bread, data); |
diff --git a/src/lib/libcrypto/pkcs7/pkcs7.h b/src/lib/libcrypto/pkcs7/pkcs7.h index 15372e18f8..cc092d262d 100644 --- a/src/lib/libcrypto/pkcs7/pkcs7.h +++ b/src/lib/libcrypto/pkcs7/pkcs7.h | |||
| @@ -233,6 +233,8 @@ DECLARE_PKCS12_STACK_OF(PKCS7) | |||
| 233 | (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped) | 233 | (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped) |
| 234 | #define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) | 234 | #define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) |
| 235 | 235 | ||
| 236 | #define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) | ||
| 237 | |||
| 236 | #define PKCS7_set_detached(p,v) \ | 238 | #define PKCS7_set_detached(p,v) \ |
| 237 | PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL) | 239 | PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL) |
| 238 | #define PKCS7_get_detached(p) \ | 240 | #define PKCS7_get_detached(p) \ |
| @@ -262,6 +264,8 @@ DECLARE_PKCS12_STACK_OF(PKCS7) | |||
| 262 | #define PKCS7_NOSMIMECAP 0x200 | 264 | #define PKCS7_NOSMIMECAP 0x200 |
| 263 | #define PKCS7_NOOLDMIMETYPE 0x400 | 265 | #define PKCS7_NOOLDMIMETYPE 0x400 |
| 264 | #define PKCS7_CRLFEOL 0x800 | 266 | #define PKCS7_CRLFEOL 0x800 |
| 267 | #define PKCS7_STREAM 0x1000 | ||
| 268 | #define PKCS7_NOCRL 0x2000 | ||
| 265 | 269 | ||
| 266 | /* Flags: for compatibility with older code */ | 270 | /* Flags: for compatibility with older code */ |
| 267 | 271 | ||
| @@ -302,10 +306,12 @@ DECLARE_ASN1_FUNCTIONS(PKCS7) | |||
| 302 | DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN) | 306 | DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN) |
| 303 | DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY) | 307 | DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY) |
| 304 | 308 | ||
| 309 | DECLARE_ASN1_NDEF_FUNCTION(PKCS7) | ||
| 305 | 310 | ||
| 306 | long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg); | 311 | long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg); |
| 307 | 312 | ||
| 308 | int PKCS7_set_type(PKCS7 *p7, int type); | 313 | int PKCS7_set_type(PKCS7 *p7, int type); |
| 314 | int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other); | ||
| 309 | int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data); | 315 | int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data); |
| 310 | int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, | 316 | int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, |
| 311 | const EVP_MD *dgst); | 317 | const EVP_MD *dgst); |
| @@ -326,6 +332,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert); | |||
| 326 | PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, | 332 | PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, |
| 327 | EVP_PKEY *pkey, const EVP_MD *dgst); | 333 | EVP_PKEY *pkey, const EVP_MD *dgst); |
| 328 | X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si); | 334 | X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si); |
| 335 | int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md); | ||
| 329 | STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7); | 336 | STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7); |
| 330 | 337 | ||
| 331 | PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509); | 338 | PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509); |
| @@ -381,16 +388,20 @@ void ERR_load_PKCS7_strings(void); | |||
| 381 | #define PKCS7_F_PKCS7_ADD_CRL 101 | 388 | #define PKCS7_F_PKCS7_ADD_CRL 101 |
| 382 | #define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102 | 389 | #define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102 |
| 383 | #define PKCS7_F_PKCS7_ADD_SIGNER 103 | 390 | #define PKCS7_F_PKCS7_ADD_SIGNER 103 |
| 391 | #define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125 | ||
| 384 | #define PKCS7_F_PKCS7_CTRL 104 | 392 | #define PKCS7_F_PKCS7_CTRL 104 |
| 385 | #define PKCS7_F_PKCS7_DATADECODE 112 | 393 | #define PKCS7_F_PKCS7_DATADECODE 112 |
| 394 | #define PKCS7_F_PKCS7_DATAFINAL 128 | ||
| 386 | #define PKCS7_F_PKCS7_DATAINIT 105 | 395 | #define PKCS7_F_PKCS7_DATAINIT 105 |
| 387 | #define PKCS7_F_PKCS7_DATASIGN 106 | 396 | #define PKCS7_F_PKCS7_DATASIGN 106 |
| 388 | #define PKCS7_F_PKCS7_DATAVERIFY 107 | 397 | #define PKCS7_F_PKCS7_DATAVERIFY 107 |
| 389 | #define PKCS7_F_PKCS7_DECRYPT 114 | 398 | #define PKCS7_F_PKCS7_DECRYPT 114 |
| 390 | #define PKCS7_F_PKCS7_ENCRYPT 115 | 399 | #define PKCS7_F_PKCS7_ENCRYPT 115 |
| 400 | #define PKCS7_F_PKCS7_FIND_DIGEST 127 | ||
| 391 | #define PKCS7_F_PKCS7_GET0_SIGNERS 124 | 401 | #define PKCS7_F_PKCS7_GET0_SIGNERS 124 |
| 392 | #define PKCS7_F_PKCS7_SET_CIPHER 108 | 402 | #define PKCS7_F_PKCS7_SET_CIPHER 108 |
| 393 | #define PKCS7_F_PKCS7_SET_CONTENT 109 | 403 | #define PKCS7_F_PKCS7_SET_CONTENT 109 |
| 404 | #define PKCS7_F_PKCS7_SET_DIGEST 126 | ||
| 394 | #define PKCS7_F_PKCS7_SET_TYPE 110 | 405 | #define PKCS7_F_PKCS7_SET_TYPE 110 |
| 395 | #define PKCS7_F_PKCS7_SIGN 116 | 406 | #define PKCS7_F_PKCS7_SIGN 116 |
| 396 | #define PKCS7_F_PKCS7_SIGNATUREVERIFY 113 | 407 | #define PKCS7_F_PKCS7_SIGNATUREVERIFY 113 |
| @@ -421,13 +432,15 @@ void ERR_load_PKCS7_strings(void); | |||
| 421 | #define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136 | 432 | #define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136 |
| 422 | #define PKCS7_R_NO_MULTIPART_BOUNDARY 137 | 433 | #define PKCS7_R_NO_MULTIPART_BOUNDARY 137 |
| 423 | #define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115 | 434 | #define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115 |
| 435 | #define PKCS7_R_NO_RECIPIENT_MATCHES_KEY 146 | ||
| 424 | #define PKCS7_R_NO_SIGNATURES_ON_DATA 123 | 436 | #define PKCS7_R_NO_SIGNATURES_ON_DATA 123 |
| 425 | #define PKCS7_R_NO_SIGNERS 142 | 437 | #define PKCS7_R_NO_SIGNERS 142 |
| 426 | #define PKCS7_R_NO_SIG_CONTENT_TYPE 138 | 438 | #define PKCS7_R_NO_SIG_CONTENT_TYPE 138 |
| 427 | #define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104 | 439 | #define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104 |
| 428 | #define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124 | 440 | #define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124 |
| 441 | #define PKCS7_R_PKCS7_DATAFINAL 126 | ||
| 429 | #define PKCS7_R_PKCS7_DATAFINAL_ERROR 125 | 442 | #define PKCS7_R_PKCS7_DATAFINAL_ERROR 125 |
| 430 | #define PKCS7_R_PKCS7_DATASIGN 126 | 443 | #define PKCS7_R_PKCS7_DATASIGN 145 |
| 431 | #define PKCS7_R_PKCS7_PARSE_ERROR 139 | 444 | #define PKCS7_R_PKCS7_PARSE_ERROR 139 |
| 432 | #define PKCS7_R_PKCS7_SIG_PARSE_ERROR 140 | 445 | #define PKCS7_R_PKCS7_SIG_PARSE_ERROR 140 |
| 433 | #define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127 | 446 | #define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127 |
diff --git a/src/lib/libcrypto/pkcs7/pkcs7err.c b/src/lib/libcrypto/pkcs7/pkcs7err.c index 19894c80a4..c0e3d4cd33 100644 --- a/src/lib/libcrypto/pkcs7/pkcs7err.c +++ b/src/lib/libcrypto/pkcs7/pkcs7err.c | |||
| @@ -77,16 +77,20 @@ static ERR_STRING_DATA PKCS7_str_functs[]= | |||
| 77 | {ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL), "PKCS7_add_crl"}, | 77 | {ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL), "PKCS7_add_crl"}, |
| 78 | {ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO), "PKCS7_add_recipient_info"}, | 78 | {ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO), "PKCS7_add_recipient_info"}, |
| 79 | {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER), "PKCS7_add_signer"}, | 79 | {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER), "PKCS7_add_signer"}, |
| 80 | {ERR_FUNC(PKCS7_F_PKCS7_BIO_ADD_DIGEST), "PKCS7_BIO_ADD_DIGEST"}, | ||
| 80 | {ERR_FUNC(PKCS7_F_PKCS7_CTRL), "PKCS7_ctrl"}, | 81 | {ERR_FUNC(PKCS7_F_PKCS7_CTRL), "PKCS7_ctrl"}, |
| 81 | {ERR_FUNC(PKCS7_F_PKCS7_DATADECODE), "PKCS7_dataDecode"}, | 82 | {ERR_FUNC(PKCS7_F_PKCS7_DATADECODE), "PKCS7_dataDecode"}, |
| 83 | {ERR_FUNC(PKCS7_F_PKCS7_DATAFINAL), "PKCS7_dataFinal"}, | ||
| 82 | {ERR_FUNC(PKCS7_F_PKCS7_DATAINIT), "PKCS7_dataInit"}, | 84 | {ERR_FUNC(PKCS7_F_PKCS7_DATAINIT), "PKCS7_dataInit"}, |
| 83 | {ERR_FUNC(PKCS7_F_PKCS7_DATASIGN), "PKCS7_DATASIGN"}, | 85 | {ERR_FUNC(PKCS7_F_PKCS7_DATASIGN), "PKCS7_DATASIGN"}, |
| 84 | {ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY), "PKCS7_dataVerify"}, | 86 | {ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY), "PKCS7_dataVerify"}, |
| 85 | {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT), "PKCS7_decrypt"}, | 87 | {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT), "PKCS7_decrypt"}, |
| 86 | {ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT), "PKCS7_encrypt"}, | 88 | {ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT), "PKCS7_encrypt"}, |
| 89 | {ERR_FUNC(PKCS7_F_PKCS7_FIND_DIGEST), "PKCS7_FIND_DIGEST"}, | ||
| 87 | {ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS), "PKCS7_get0_signers"}, | 90 | {ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS), "PKCS7_get0_signers"}, |
| 88 | {ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER), "PKCS7_set_cipher"}, | 91 | {ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER), "PKCS7_set_cipher"}, |
| 89 | {ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT), "PKCS7_set_content"}, | 92 | {ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT), "PKCS7_set_content"}, |
| 93 | {ERR_FUNC(PKCS7_F_PKCS7_SET_DIGEST), "PKCS7_set_digest"}, | ||
| 90 | {ERR_FUNC(PKCS7_F_PKCS7_SET_TYPE), "PKCS7_set_type"}, | 94 | {ERR_FUNC(PKCS7_F_PKCS7_SET_TYPE), "PKCS7_set_type"}, |
| 91 | {ERR_FUNC(PKCS7_F_PKCS7_SIGN), "PKCS7_sign"}, | 95 | {ERR_FUNC(PKCS7_F_PKCS7_SIGN), "PKCS7_sign"}, |
| 92 | {ERR_FUNC(PKCS7_F_PKCS7_SIGNATUREVERIFY), "PKCS7_signatureVerify"}, | 96 | {ERR_FUNC(PKCS7_F_PKCS7_SIGNATUREVERIFY), "PKCS7_signatureVerify"}, |
| @@ -120,11 +124,13 @@ static ERR_STRING_DATA PKCS7_str_reasons[]= | |||
| 120 | {ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"}, | 124 | {ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"}, |
| 121 | {ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"}, | 125 | {ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"}, |
| 122 | {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),"no recipient matches certificate"}, | 126 | {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),"no recipient matches certificate"}, |
| 127 | {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_KEY),"no recipient matches key"}, | ||
| 123 | {ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA),"no signatures on data"}, | 128 | {ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA),"no signatures on data"}, |
| 124 | {ERR_REASON(PKCS7_R_NO_SIGNERS) ,"no signers"}, | 129 | {ERR_REASON(PKCS7_R_NO_SIGNERS) ,"no signers"}, |
| 125 | {ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE) ,"no sig content type"}, | 130 | {ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE) ,"no sig content type"}, |
| 126 | {ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),"operation not supported on this type"}, | 131 | {ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),"operation not supported on this type"}, |
| 127 | {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),"pkcs7 add signature error"}, | 132 | {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),"pkcs7 add signature error"}, |
| 133 | {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL) ,"pkcs7 datafinal"}, | ||
| 128 | {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR),"pkcs7 datafinal error"}, | 134 | {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR),"pkcs7 datafinal error"}, |
| 129 | {ERR_REASON(PKCS7_R_PKCS7_DATASIGN) ,"pkcs7 datasign"}, | 135 | {ERR_REASON(PKCS7_R_PKCS7_DATASIGN) ,"pkcs7 datasign"}, |
| 130 | {ERR_REASON(PKCS7_R_PKCS7_PARSE_ERROR) ,"pkcs7 parse error"}, | 136 | {ERR_REASON(PKCS7_R_PKCS7_PARSE_ERROR) ,"pkcs7 parse error"}, |
| @@ -150,15 +156,12 @@ static ERR_STRING_DATA PKCS7_str_reasons[]= | |||
| 150 | 156 | ||
| 151 | void ERR_load_PKCS7_strings(void) | 157 | void ERR_load_PKCS7_strings(void) |
| 152 | { | 158 | { |
| 153 | static int init=1; | 159 | #ifndef OPENSSL_NO_ERR |
| 154 | 160 | ||
| 155 | if (init) | 161 | if (ERR_func_error_string(PKCS7_str_functs[0].error) == NULL) |
| 156 | { | 162 | { |
| 157 | init=0; | ||
| 158 | #ifndef OPENSSL_NO_ERR | ||
| 159 | ERR_load_strings(0,PKCS7_str_functs); | 163 | ERR_load_strings(0,PKCS7_str_functs); |
| 160 | ERR_load_strings(0,PKCS7_str_reasons); | 164 | ERR_load_strings(0,PKCS7_str_reasons); |
| 161 | #endif | ||
| 162 | |||
| 163 | } | 165 | } |
| 166 | #endif | ||
| 164 | } | 167 | } |
diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c index c84968df88..9783d0c23e 100644 --- a/src/lib/libcrypto/rand/md_rand.c +++ b/src/lib/libcrypto/rand/md_rand.c | |||
| @@ -126,7 +126,6 @@ | |||
| 126 | 126 | ||
| 127 | #include <openssl/crypto.h> | 127 | #include <openssl/crypto.h> |
| 128 | #include <openssl/err.h> | 128 | #include <openssl/err.h> |
| 129 | #include <openssl/fips.h> | ||
| 130 | 129 | ||
| 131 | #ifdef BN_DEBUG | 130 | #ifdef BN_DEBUG |
| 132 | # define PREDICT | 131 | # define PREDICT |
| @@ -153,7 +152,7 @@ static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */ | |||
| 153 | int rand_predictable=0; | 152 | int rand_predictable=0; |
| 154 | #endif | 153 | #endif |
| 155 | 154 | ||
| 156 | const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT; | 155 | const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT; |
| 157 | 156 | ||
| 158 | static void ssleay_rand_cleanup(void); | 157 | static void ssleay_rand_cleanup(void); |
| 159 | static void ssleay_rand_seed(const void *buf, int num); | 158 | static void ssleay_rand_seed(const void *buf, int num); |
| @@ -301,7 +300,7 @@ static void ssleay_rand_add(const void *buf, int num, double add) | |||
| 301 | * other thread's seeding remains without effect (except for | 300 | * other thread's seeding remains without effect (except for |
| 302 | * the incremented counter). By XORing it we keep at least as | 301 | * the incremented counter). By XORing it we keep at least as |
| 303 | * much entropy as fits into md. */ | 302 | * much entropy as fits into md. */ |
| 304 | for (k = 0; k < sizeof md; k++) | 303 | for (k = 0; k < (int)sizeof(md); k++) |
| 305 | { | 304 | { |
| 306 | md[k] ^= local_md[k]; | 305 | md[k] ^= local_md[k]; |
| 307 | } | 306 | } |
| @@ -316,7 +315,7 @@ static void ssleay_rand_add(const void *buf, int num, double add) | |||
| 316 | 315 | ||
| 317 | static void ssleay_rand_seed(const void *buf, int num) | 316 | static void ssleay_rand_seed(const void *buf, int num) |
| 318 | { | 317 | { |
| 319 | ssleay_rand_add(buf, num, num); | 318 | ssleay_rand_add(buf, num, (double)num); |
| 320 | } | 319 | } |
| 321 | 320 | ||
| 322 | static int ssleay_rand_bytes(unsigned char *buf, int num) | 321 | static int ssleay_rand_bytes(unsigned char *buf, int num) |
| @@ -333,14 +332,6 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) | |||
| 333 | #endif | 332 | #endif |
| 334 | int do_stir_pool = 0; | 333 | int do_stir_pool = 0; |
| 335 | 334 | ||
| 336 | #ifdef OPENSSL_FIPS | ||
| 337 | if(FIPS_mode()) | ||
| 338 | { | ||
| 339 | FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD); | ||
| 340 | return 0; | ||
| 341 | } | ||
| 342 | #endif | ||
| 343 | |||
| 344 | #ifdef PREDICT | 335 | #ifdef PREDICT |
| 345 | if (rand_predictable) | 336 | if (rand_predictable) |
| 346 | { | 337 | { |
| @@ -529,7 +520,7 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) | |||
| 529 | err = ERR_peek_error(); | 520 | err = ERR_peek_error(); |
| 530 | if (ERR_GET_LIB(err) == ERR_LIB_RAND && | 521 | if (ERR_GET_LIB(err) == ERR_LIB_RAND && |
| 531 | ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED) | 522 | ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED) |
| 532 | (void)ERR_get_error(); | 523 | ERR_clear_error(); |
| 533 | } | 524 | } |
| 534 | return (ret); | 525 | return (ret); |
| 535 | } | 526 | } |
diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h index 604df9be6c..ac6c021763 100644 --- a/src/lib/libcrypto/rand/rand.h +++ b/src/lib/libcrypto/rand/rand.h | |||
| @@ -72,10 +72,13 @@ extern "C" { | |||
| 72 | #endif | 72 | #endif |
| 73 | 73 | ||
| 74 | #if defined(OPENSSL_FIPS) | 74 | #if defined(OPENSSL_FIPS) |
| 75 | #define FIPS_RAND_SIZE_T int | 75 | #define FIPS_RAND_SIZE_T size_t |
| 76 | #endif | 76 | #endif |
| 77 | 77 | ||
| 78 | typedef struct rand_meth_st | 78 | /* Already defined in ossl_typ.h */ |
| 79 | /* typedef struct rand_meth_st RAND_METHOD; */ | ||
| 80 | |||
| 81 | struct rand_meth_st | ||
| 79 | { | 82 | { |
| 80 | void (*seed)(const void *buf, int num); | 83 | void (*seed)(const void *buf, int num); |
| 81 | int (*bytes)(unsigned char *buf, int num); | 84 | int (*bytes)(unsigned char *buf, int num); |
| @@ -83,7 +86,7 @@ typedef struct rand_meth_st | |||
| 83 | void (*add)(const void *buf, int num, double entropy); | 86 | void (*add)(const void *buf, int num, double entropy); |
| 84 | int (*pseudorand)(unsigned char *buf, int num); | 87 | int (*pseudorand)(unsigned char *buf, int num); |
| 85 | int (*status)(void); | 88 | int (*status)(void); |
| 86 | } RAND_METHOD; | 89 | }; |
| 87 | 90 | ||
| 88 | #ifdef BN_DEBUG | 91 | #ifdef BN_DEBUG |
| 89 | extern int rand_predictable; | 92 | extern int rand_predictable; |
| @@ -125,17 +128,11 @@ void ERR_load_RAND_strings(void); | |||
| 125 | /* Error codes for the RAND functions. */ | 128 | /* Error codes for the RAND functions. */ |
| 126 | 129 | ||
| 127 | /* Function codes. */ | 130 | /* Function codes. */ |
| 128 | #define RAND_F_FIPS_RAND_BYTES 102 | ||
| 129 | #define RAND_F_RAND_GET_RAND_METHOD 101 | 131 | #define RAND_F_RAND_GET_RAND_METHOD 101 |
| 130 | #define RAND_F_SSLEAY_RAND_BYTES 100 | 132 | #define RAND_F_SSLEAY_RAND_BYTES 100 |
| 131 | 133 | ||
| 132 | /* Reason codes. */ | 134 | /* Reason codes. */ |
| 133 | #define RAND_R_NON_FIPS_METHOD 101 | ||
| 134 | #define RAND_R_PRNG_ASKING_FOR_TOO_MUCH 105 | ||
| 135 | #define RAND_R_PRNG_NOT_REKEYED 103 | ||
| 136 | #define RAND_R_PRNG_NOT_RESEEDED 104 | ||
| 137 | #define RAND_R_PRNG_NOT_SEEDED 100 | 135 | #define RAND_R_PRNG_NOT_SEEDED 100 |
| 138 | #define RAND_R_PRNG_STUCK 102 | ||
| 139 | 136 | ||
| 140 | #ifdef __cplusplus | 137 | #ifdef __cplusplus |
| 141 | } | 138 | } |
diff --git a/src/lib/libcrypto/rand/rand_egd.c b/src/lib/libcrypto/rand/rand_egd.c index cd666abfcb..50bce6caba 100644 --- a/src/lib/libcrypto/rand/rand_egd.c +++ b/src/lib/libcrypto/rand/rand_egd.c | |||
| @@ -95,7 +95,7 @@ | |||
| 95 | * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. | 95 | * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. |
| 96 | */ | 96 | */ |
| 97 | 97 | ||
| 98 | #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_VOS) | 98 | #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) |
| 99 | int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) | 99 | int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) |
| 100 | { | 100 | { |
| 101 | return(-1); | 101 | return(-1); |
diff --git a/src/lib/libcrypto/rand/rand_err.c b/src/lib/libcrypto/rand/rand_err.c index 97f96e1aee..386934dcd1 100644 --- a/src/lib/libcrypto/rand/rand_err.c +++ b/src/lib/libcrypto/rand/rand_err.c | |||
| @@ -70,7 +70,6 @@ | |||
| 70 | 70 | ||
| 71 | static ERR_STRING_DATA RAND_str_functs[]= | 71 | static ERR_STRING_DATA RAND_str_functs[]= |
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(RAND_F_FIPS_RAND_BYTES), "FIPS_RAND_BYTES"}, | ||
| 74 | {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"}, | 73 | {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"}, |
| 75 | {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, | 74 | {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, |
| 76 | {0,NULL} | 75 | {0,NULL} |
| @@ -78,12 +77,7 @@ static ERR_STRING_DATA RAND_str_functs[]= | |||
| 78 | 77 | ||
| 79 | static ERR_STRING_DATA RAND_str_reasons[]= | 78 | static ERR_STRING_DATA RAND_str_reasons[]= |
| 80 | { | 79 | { |
| 81 | {ERR_REASON(RAND_R_NON_FIPS_METHOD) ,"non fips method"}, | ||
| 82 | {ERR_REASON(RAND_R_PRNG_ASKING_FOR_TOO_MUCH),"prng asking for too much"}, | ||
| 83 | {ERR_REASON(RAND_R_PRNG_NOT_REKEYED) ,"prng not rekeyed"}, | ||
| 84 | {ERR_REASON(RAND_R_PRNG_NOT_RESEEDED) ,"prng not reseeded"}, | ||
| 85 | {ERR_REASON(RAND_R_PRNG_NOT_SEEDED) ,"PRNG not seeded"}, | 80 | {ERR_REASON(RAND_R_PRNG_NOT_SEEDED) ,"PRNG not seeded"}, |
| 86 | {ERR_REASON(RAND_R_PRNG_STUCK) ,"prng stuck"}, | ||
| 87 | {0,NULL} | 81 | {0,NULL} |
| 88 | }; | 82 | }; |
| 89 | 83 | ||
| @@ -91,15 +85,12 @@ static ERR_STRING_DATA RAND_str_reasons[]= | |||
| 91 | 85 | ||
| 92 | void ERR_load_RAND_strings(void) | 86 | void ERR_load_RAND_strings(void) |
| 93 | { | 87 | { |
| 94 | static int init=1; | 88 | #ifndef OPENSSL_NO_ERR |
| 95 | 89 | ||
| 96 | if (init) | 90 | if (ERR_func_error_string(RAND_str_functs[0].error) == NULL) |
| 97 | { | 91 | { |
| 98 | init=0; | ||
| 99 | #ifndef OPENSSL_NO_ERR | ||
| 100 | ERR_load_strings(0,RAND_str_functs); | 92 | ERR_load_strings(0,RAND_str_functs); |
| 101 | ERR_load_strings(0,RAND_str_reasons); | 93 | ERR_load_strings(0,RAND_str_reasons); |
| 102 | #endif | ||
| 103 | |||
| 104 | } | 94 | } |
| 95 | #endif | ||
| 105 | } | 96 | } |
diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c index a21bde79de..513e338985 100644 --- a/src/lib/libcrypto/rand/rand_lib.c +++ b/src/lib/libcrypto/rand/rand_lib.c | |||
| @@ -63,8 +63,6 @@ | |||
| 63 | #ifndef OPENSSL_NO_ENGINE | 63 | #ifndef OPENSSL_NO_ENGINE |
| 64 | #include <openssl/engine.h> | 64 | #include <openssl/engine.h> |
| 65 | #endif | 65 | #endif |
| 66 | #include <openssl/fips.h> | ||
| 67 | #include <openssl/fips_rand.h> | ||
| 68 | 66 | ||
| 69 | #ifndef OPENSSL_NO_ENGINE | 67 | #ifndef OPENSSL_NO_ENGINE |
| 70 | /* non-NULL if default_RAND_meth is ENGINE-provided */ | 68 | /* non-NULL if default_RAND_meth is ENGINE-provided */ |
| @@ -104,22 +102,8 @@ const RAND_METHOD *RAND_get_rand_method(void) | |||
| 104 | funct_ref = e; | 102 | funct_ref = e; |
| 105 | else | 103 | else |
| 106 | #endif | 104 | #endif |
| 107 | #ifdef OPENSSL_FIPS | 105 | default_RAND_meth = RAND_SSLeay(); |
| 108 | if(FIPS_mode()) | ||
| 109 | default_RAND_meth=FIPS_rand_method(); | ||
| 110 | else | ||
| 111 | #endif | ||
| 112 | default_RAND_meth = RAND_SSLeay(); | ||
| 113 | } | 106 | } |
| 114 | |||
| 115 | #ifdef OPENSSL_FIPS | ||
| 116 | if(FIPS_mode() | ||
| 117 | && default_RAND_meth != FIPS_rand_check()) | ||
| 118 | { | ||
| 119 | RANDerr(RAND_F_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD); | ||
| 120 | return 0; | ||
| 121 | } | ||
| 122 | #endif | ||
| 123 | return default_RAND_meth; | 107 | return default_RAND_meth; |
| 124 | } | 108 | } |
| 125 | 109 | ||
diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c index 9376554fae..6c2be5cb96 100644 --- a/src/lib/libcrypto/rand/rand_unix.c +++ b/src/lib/libcrypto/rand/rand_unix.c | |||
| @@ -56,7 +56,7 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | 58 | /* ==================================================================== |
| 59 | * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. | 59 | * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. |
| 60 | * | 60 | * |
| 61 | * Redistribution and use in source and binary forms, with or without | 61 | * Redistribution and use in source and binary forms, with or without |
| 62 | * modification, are permitted provided that the following conditions | 62 | * modification, are permitted provided that the following conditions |
| @@ -108,6 +108,7 @@ | |||
| 108 | * Hudson (tjh@cryptsoft.com). | 108 | * Hudson (tjh@cryptsoft.com). |
| 109 | * | 109 | * |
| 110 | */ | 110 | */ |
| 111 | #include <stdio.h> | ||
| 111 | 112 | ||
| 112 | #define USE_SOCKETS | 113 | #define USE_SOCKETS |
| 113 | #include "e_os.h" | 114 | #include "e_os.h" |
| @@ -115,7 +116,7 @@ | |||
| 115 | #include <openssl/rand.h> | 116 | #include <openssl/rand.h> |
| 116 | #include "rand_lcl.h" | 117 | #include "rand_lcl.h" |
| 117 | 118 | ||
| 118 | #if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS)) | 119 | #if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) |
| 119 | 120 | ||
| 120 | #include <sys/types.h> | 121 | #include <sys/types.h> |
| 121 | #include <sys/time.h> | 122 | #include <sys/time.h> |
| @@ -124,6 +125,13 @@ | |||
| 124 | #include <fcntl.h> | 125 | #include <fcntl.h> |
| 125 | #include <unistd.h> | 126 | #include <unistd.h> |
| 126 | #include <time.h> | 127 | #include <time.h> |
| 128 | #if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually everywhere */ | ||
| 129 | # include <poll.h> | ||
| 130 | #endif | ||
| 131 | #include <limits.h> | ||
| 132 | #ifndef FD_SETSIZE | ||
| 133 | # define FD_SETSIZE (8*sizeof(fd_set)) | ||
| 134 | #endif | ||
| 127 | 135 | ||
| 128 | #ifdef __OpenBSD__ | 136 | #ifdef __OpenBSD__ |
| 129 | int RAND_poll(void) | 137 | int RAND_poll(void) |
| @@ -142,7 +150,7 @@ int RAND_poll(void) | |||
| 142 | 150 | ||
| 143 | return 1; | 151 | return 1; |
| 144 | } | 152 | } |
| 145 | #else | 153 | #else /* !defined(__OpenBSD__) */ |
| 146 | int RAND_poll(void) | 154 | int RAND_poll(void) |
| 147 | { | 155 | { |
| 148 | unsigned long l; | 156 | unsigned long l; |
| @@ -154,7 +162,8 @@ int RAND_poll(void) | |||
| 154 | #ifdef DEVRANDOM | 162 | #ifdef DEVRANDOM |
| 155 | static const char *randomfiles[] = { DEVRANDOM }; | 163 | static const char *randomfiles[] = { DEVRANDOM }; |
| 156 | struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])]; | 164 | struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])]; |
| 157 | int fd,i; | 165 | int fd; |
| 166 | size_t i; | ||
| 158 | #endif | 167 | #endif |
| 159 | #ifdef DEVRANDOM_EGD | 168 | #ifdef DEVRANDOM_EGD |
| 160 | static const char *egdsockets[] = { DEVRANDOM_EGD, NULL }; | 169 | static const char *egdsockets[] = { DEVRANDOM_EGD, NULL }; |
| @@ -182,10 +191,9 @@ int RAND_poll(void) | |||
| 182 | #endif | 191 | #endif |
| 183 | )) >= 0) | 192 | )) >= 0) |
| 184 | { | 193 | { |
| 185 | struct timeval t = { 0, 10*1000 }; /* Spend 10ms on | 194 | int usec = 10*1000; /* spend 10ms on each file */ |
| 186 | each file. */ | 195 | int r; |
| 187 | int r,j; | 196 | size_t j; |
| 188 | fd_set fset; | ||
| 189 | struct stat *st=&randomstats[i]; | 197 | struct stat *st=&randomstats[i]; |
| 190 | 198 | ||
| 191 | /* Avoid using same input... Used to be O_NOFOLLOW | 199 | /* Avoid using same input... Used to be O_NOFOLLOW |
| @@ -201,35 +209,75 @@ int RAND_poll(void) | |||
| 201 | 209 | ||
| 202 | do | 210 | do |
| 203 | { | 211 | { |
| 204 | FD_ZERO(&fset); | 212 | int try_read = 0; |
| 205 | FD_SET(fd, &fset); | ||
| 206 | r = -1; | ||
| 207 | 213 | ||
| 208 | if (select(fd+1,&fset,NULL,NULL,&t) < 0) | 214 | #if defined(OPENSSL_SYS_LINUX) |
| 209 | t.tv_usec=0; | 215 | /* use poll() */ |
| 210 | else if (FD_ISSET(fd, &fset)) | 216 | struct pollfd pset; |
| 217 | |||
| 218 | pset.fd = fd; | ||
| 219 | pset.events = POLLIN; | ||
| 220 | pset.revents = 0; | ||
| 221 | |||
| 222 | if (poll(&pset, 1, usec / 1000) < 0) | ||
| 223 | usec = 0; | ||
| 224 | else | ||
| 225 | try_read = (pset.revents & POLLIN) != 0; | ||
| 226 | |||
| 227 | #else | ||
| 228 | /* use select() */ | ||
| 229 | fd_set fset; | ||
| 230 | struct timeval t; | ||
| 231 | |||
| 232 | t.tv_sec = 0; | ||
| 233 | t.tv_usec = usec; | ||
| 234 | |||
| 235 | if (FD_SETSIZE > 0 && fd >= FD_SETSIZE) | ||
| 236 | { | ||
| 237 | /* can't use select, so just try to read once anyway */ | ||
| 238 | try_read = 1; | ||
| 239 | } | ||
| 240 | else | ||
| 241 | { | ||
| 242 | FD_ZERO(&fset); | ||
| 243 | FD_SET(fd, &fset); | ||
| 244 | |||
| 245 | if (select(fd+1,&fset,NULL,NULL,&t) >= 0) | ||
| 246 | { | ||
| 247 | usec = t.tv_usec; | ||
| 248 | if (FD_ISSET(fd, &fset)) | ||
| 249 | try_read = 1; | ||
| 250 | } | ||
| 251 | else | ||
| 252 | usec = 0; | ||
| 253 | } | ||
| 254 | #endif | ||
| 255 | |||
| 256 | if (try_read) | ||
| 211 | { | 257 | { |
| 212 | r=read(fd,(unsigned char *)tmpbuf+n, | 258 | r = read(fd,(unsigned char *)tmpbuf+n, ENTROPY_NEEDED-n); |
| 213 | ENTROPY_NEEDED-n); | ||
| 214 | if (r > 0) | 259 | if (r > 0) |
| 215 | n += r; | 260 | n += r; |
| 216 | } | 261 | } |
| 217 | 262 | else | |
| 218 | /* Some Unixen will update t, some | 263 | r = -1; |
| 219 | won't. For those who won't, give | 264 | |
| 220 | up here, otherwise, we will do | 265 | /* Some Unixen will update t in select(), some |
| 266 | won't. For those who won't, or if we | ||
| 267 | didn't use select() in the first place, | ||
| 268 | give up here, otherwise, we will do | ||
| 221 | this once again for the remaining | 269 | this once again for the remaining |
| 222 | time. */ | 270 | time. */ |
| 223 | if (t.tv_usec == 10*1000) | 271 | if (usec == 10*1000) |
| 224 | t.tv_usec=0; | 272 | usec = 0; |
| 225 | } | 273 | } |
| 226 | while ((r > 0 || (errno == EINTR || errno == EAGAIN)) | 274 | while ((r > 0 || |
| 227 | && t.tv_usec != 0 && n < ENTROPY_NEEDED); | 275 | (errno == EINTR || errno == EAGAIN)) && usec != 0 && n < ENTROPY_NEEDED); |
| 228 | 276 | ||
| 229 | close(fd); | 277 | close(fd); |
| 230 | } | 278 | } |
| 231 | } | 279 | } |
| 232 | #endif | 280 | #endif /* defined(DEVRANDOM) */ |
| 233 | 281 | ||
| 234 | #ifdef DEVRANDOM_EGD | 282 | #ifdef DEVRANDOM_EGD |
| 235 | /* Use an EGD socket to read entropy from an EGD or PRNGD entropy | 283 | /* Use an EGD socket to read entropy from an EGD or PRNGD entropy |
| @@ -244,24 +292,24 @@ int RAND_poll(void) | |||
| 244 | if (r > 0) | 292 | if (r > 0) |
| 245 | n += r; | 293 | n += r; |
| 246 | } | 294 | } |
| 247 | #endif | 295 | #endif /* defined(DEVRANDOM_EGD) */ |
| 248 | 296 | ||
| 249 | #if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) | 297 | #if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) |
| 250 | if (n > 0) | 298 | if (n > 0) |
| 251 | { | 299 | { |
| 252 | RAND_add(tmpbuf,sizeof tmpbuf,n); | 300 | RAND_add(tmpbuf,sizeof tmpbuf,(double)n); |
| 253 | OPENSSL_cleanse(tmpbuf,n); | 301 | OPENSSL_cleanse(tmpbuf,n); |
| 254 | } | 302 | } |
| 255 | #endif | 303 | #endif |
| 256 | 304 | ||
| 257 | /* put in some default random data, we need more than just this */ | 305 | /* put in some default random data, we need more than just this */ |
| 258 | l=curr_pid; | 306 | l=curr_pid; |
| 259 | RAND_add(&l,sizeof(l),0); | 307 | RAND_add(&l,sizeof(l),0.0); |
| 260 | l=getuid(); | 308 | l=getuid(); |
| 261 | RAND_add(&l,sizeof(l),0); | 309 | RAND_add(&l,sizeof(l),0.0); |
| 262 | 310 | ||
| 263 | l=time(NULL); | 311 | l=time(NULL); |
| 264 | RAND_add(&l,sizeof(l),0); | 312 | RAND_add(&l,sizeof(l),0.0); |
| 265 | 313 | ||
| 266 | #if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) | 314 | #if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) |
| 267 | return 1; | 315 | return 1; |
| @@ -270,12 +318,13 @@ int RAND_poll(void) | |||
| 270 | #endif | 318 | #endif |
| 271 | } | 319 | } |
| 272 | 320 | ||
| 273 | #endif | 321 | #endif /* defined(__OpenBSD__) */ |
| 274 | #endif | 322 | #endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */ |
| 323 | |||
| 275 | 324 | ||
| 276 | #if defined(OPENSSL_SYS_VXWORKS) | 325 | #if defined(OPENSSL_SYS_VXWORKS) |
| 277 | int RAND_poll(void) | 326 | int RAND_poll(void) |
| 278 | { | 327 | { |
| 279 | return 0; | 328 | return 0; |
| 280 | } | 329 | } |
| 281 | #endif | 330 | #endif |
diff --git a/src/lib/libcrypto/rand/rand_win.c b/src/lib/libcrypto/rand/rand_win.c index 30c69161ef..00dbe4232c 100644 --- a/src/lib/libcrypto/rand/rand_win.c +++ b/src/lib/libcrypto/rand/rand_win.c | |||
| @@ -121,6 +121,10 @@ | |||
| 121 | #include <wincrypt.h> | 121 | #include <wincrypt.h> |
| 122 | #include <tlhelp32.h> | 122 | #include <tlhelp32.h> |
| 123 | 123 | ||
| 124 | /* Limit the time spent walking through the heap, processes, threads and modules to | ||
| 125 | a maximum of 1000 miliseconds each, unless CryptoGenRandom failed */ | ||
| 126 | #define MAXDELAY 1000 | ||
| 127 | |||
| 124 | /* Intel hardware RNG CSP -- available from | 128 | /* Intel hardware RNG CSP -- available from |
| 125 | * http://developer.intel.com/design/security/rng/redist_license.htm | 129 | * http://developer.intel.com/design/security/rng/redist_license.htm |
| 126 | */ | 130 | */ |
| @@ -152,6 +156,7 @@ typedef struct tagCURSORINFO | |||
| 152 | #define CURSOR_SHOWING 0x00000001 | 156 | #define CURSOR_SHOWING 0x00000001 |
| 153 | #endif /* CURSOR_SHOWING */ | 157 | #endif /* CURSOR_SHOWING */ |
| 154 | 158 | ||
| 159 | #if !defined(OPENSSL_SYS_WINCE) | ||
| 155 | typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTW)(HCRYPTPROV *, LPCWSTR, LPCWSTR, | 160 | typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTW)(HCRYPTPROV *, LPCWSTR, LPCWSTR, |
| 156 | DWORD, DWORD); | 161 | DWORD, DWORD); |
| 157 | typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV, DWORD, BYTE *); | 162 | typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV, DWORD, BYTE *); |
| @@ -163,7 +168,7 @@ typedef DWORD (WINAPI *GETQUEUESTATUS)(UINT); | |||
| 163 | 168 | ||
| 164 | typedef HANDLE (WINAPI *CREATETOOLHELP32SNAPSHOT)(DWORD, DWORD); | 169 | typedef HANDLE (WINAPI *CREATETOOLHELP32SNAPSHOT)(DWORD, DWORD); |
| 165 | typedef BOOL (WINAPI *CLOSETOOLHELP32SNAPSHOT)(HANDLE); | 170 | typedef BOOL (WINAPI *CLOSETOOLHELP32SNAPSHOT)(HANDLE); |
| 166 | typedef BOOL (WINAPI *HEAP32FIRST)(LPHEAPENTRY32, DWORD, DWORD); | 171 | typedef BOOL (WINAPI *HEAP32FIRST)(LPHEAPENTRY32, DWORD, size_t); |
| 167 | typedef BOOL (WINAPI *HEAP32NEXT)(LPHEAPENTRY32); | 172 | typedef BOOL (WINAPI *HEAP32NEXT)(LPHEAPENTRY32); |
| 168 | typedef BOOL (WINAPI *HEAP32LIST)(HANDLE, LPHEAPLIST32); | 173 | typedef BOOL (WINAPI *HEAP32LIST)(HANDLE, LPHEAPLIST32); |
| 169 | typedef BOOL (WINAPI *PROCESS32)(HANDLE, LPPROCESSENTRY32); | 174 | typedef BOOL (WINAPI *PROCESS32)(HANDLE, LPPROCESSENTRY32); |
| @@ -171,9 +176,7 @@ typedef BOOL (WINAPI *THREAD32)(HANDLE, LPTHREADENTRY32); | |||
| 171 | typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32); | 176 | typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32); |
| 172 | 177 | ||
| 173 | #include <lmcons.h> | 178 | #include <lmcons.h> |
| 174 | #ifndef OPENSSL_SYS_WINCE | ||
| 175 | #include <lmstats.h> | 179 | #include <lmstats.h> |
| 176 | #endif | ||
| 177 | #if 1 /* The NET API is Unicode only. It requires the use of the UNICODE | 180 | #if 1 /* The NET API is Unicode only. It requires the use of the UNICODE |
| 178 | * macro. When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was | 181 | * macro. When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was |
| 179 | * was added to the Platform SDK to allow the NET API to be used in | 182 | * was added to the Platform SDK to allow the NET API to be used in |
| @@ -184,26 +187,14 @@ typedef NET_API_STATUS (NET_API_FUNCTION * NETSTATGET) | |||
| 184 | (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE*); | 187 | (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE*); |
| 185 | typedef NET_API_STATUS (NET_API_FUNCTION * NETFREE)(LPBYTE); | 188 | typedef NET_API_STATUS (NET_API_FUNCTION * NETFREE)(LPBYTE); |
| 186 | #endif /* 1 */ | 189 | #endif /* 1 */ |
| 190 | #endif /* !OPENSSL_SYS_WINCE */ | ||
| 187 | 191 | ||
| 188 | int RAND_poll(void) | 192 | int RAND_poll(void) |
| 189 | { | 193 | { |
| 190 | MEMORYSTATUS m; | 194 | MEMORYSTATUS m; |
| 191 | HCRYPTPROV hProvider = 0; | 195 | HCRYPTPROV hProvider = 0; |
| 192 | BYTE buf[64]; | ||
| 193 | DWORD w; | 196 | DWORD w; |
| 194 | HWND h; | 197 | int good = 0; |
| 195 | |||
| 196 | HMODULE advapi, kernel, user, netapi; | ||
| 197 | CRYPTACQUIRECONTEXTW acquire = 0; | ||
| 198 | CRYPTGENRANDOM gen = 0; | ||
| 199 | CRYPTRELEASECONTEXT release = 0; | ||
| 200 | #if 1 /* There was previously a problem with NETSTATGET. Currently, this | ||
| 201 | * section is still experimental, but if all goes well, this conditional | ||
| 202 | * will be removed | ||
| 203 | */ | ||
| 204 | NETSTATGET netstatget = 0; | ||
| 205 | NETFREE netfree = 0; | ||
| 206 | #endif /* 1 */ | ||
| 207 | 198 | ||
| 208 | /* Determine the OS version we are on so we can turn off things | 199 | /* Determine the OS version we are on so we can turn off things |
| 209 | * that do not work properly. | 200 | * that do not work properly. |
| @@ -212,21 +203,24 @@ int RAND_poll(void) | |||
| 212 | osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ; | 203 | osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ; |
| 213 | GetVersionEx( &osverinfo ) ; | 204 | GetVersionEx( &osverinfo ) ; |
| 214 | 205 | ||
| 215 | #if defined(OPENSSL_SYS_WINCE) && WCEPLATFORM!=MS_HPC_PRO | 206 | #if defined(OPENSSL_SYS_WINCE) |
| 216 | #ifndef CryptAcquireContext | 207 | # if defined(_WIN32_WCE) && _WIN32_WCE>=300 |
| 217 | #define CryptAcquireContext CryptAcquireContextW | 208 | /* Even though MSDN says _WIN32_WCE>=210, it doesn't seem to be available |
| 218 | #endif | 209 | * in commonly available implementations prior 300... */ |
| 210 | { | ||
| 211 | BYTE buf[64]; | ||
| 219 | /* poll the CryptoAPI PRNG */ | 212 | /* poll the CryptoAPI PRNG */ |
| 220 | /* The CryptoAPI returns sizeof(buf) bytes of randomness */ | 213 | /* The CryptoAPI returns sizeof(buf) bytes of randomness */ |
| 221 | if (CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) | 214 | if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL, |
| 215 | CRYPT_VERIFYCONTEXT)) | ||
| 222 | { | 216 | { |
| 223 | if (CryptGenRandom(hProvider, sizeof(buf), buf)) | 217 | if (CryptGenRandom(hProvider, sizeof(buf), buf)) |
| 224 | RAND_add(buf, sizeof(buf), sizeof(buf)); | 218 | RAND_add(buf, sizeof(buf), sizeof(buf)); |
| 225 | CryptReleaseContext(hProvider, 0); | 219 | CryptReleaseContext(hProvider, 0); |
| 226 | } | 220 | } |
| 227 | #endif | 221 | } |
| 228 | 222 | # endif | |
| 229 | #ifndef OPENSSL_SYS_WINCE | 223 | #else /* OPENSSL_SYS_WINCE */ |
| 230 | /* | 224 | /* |
| 231 | * None of below libraries are present on Windows CE, which is | 225 | * None of below libraries are present on Windows CE, which is |
| 232 | * why we #ifndef the whole section. This also excuses us from | 226 | * why we #ifndef the whole section. This also excuses us from |
| @@ -240,17 +234,19 @@ int RAND_poll(void) | |||
| 240 | * implement own shim routine, which would accept ANSI argument | 234 | * implement own shim routine, which would accept ANSI argument |
| 241 | * and expand it to Unicode. | 235 | * and expand it to Unicode. |
| 242 | */ | 236 | */ |
| 243 | 237 | { | |
| 244 | /* load functions dynamically - not available on all systems */ | 238 | /* load functions dynamically - not available on all systems */ |
| 245 | advapi = LoadLibrary(TEXT("ADVAPI32.DLL")); | 239 | HMODULE advapi = LoadLibrary(TEXT("ADVAPI32.DLL")); |
| 246 | kernel = LoadLibrary(TEXT("KERNEL32.DLL")); | 240 | HMODULE kernel = LoadLibrary(TEXT("KERNEL32.DLL")); |
| 247 | user = LoadLibrary(TEXT("USER32.DLL")); | 241 | HMODULE user = NULL; |
| 248 | netapi = LoadLibrary(TEXT("NETAPI32.DLL")); | 242 | HMODULE netapi = LoadLibrary(TEXT("NETAPI32.DLL")); |
| 249 | 243 | CRYPTACQUIRECONTEXTW acquire = NULL; | |
| 250 | #if 1 /* There was previously a problem with NETSTATGET. Currently, this | 244 | CRYPTGENRANDOM gen = NULL; |
| 251 | * section is still experimental, but if all goes well, this conditional | 245 | CRYPTRELEASECONTEXT release = NULL; |
| 252 | * will be removed | 246 | NETSTATGET netstatget = NULL; |
| 253 | */ | 247 | NETFREE netfree = NULL; |
| 248 | BYTE buf[64]; | ||
| 249 | |||
| 254 | if (netapi) | 250 | if (netapi) |
| 255 | { | 251 | { |
| 256 | netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet"); | 252 | netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet"); |
| @@ -280,7 +276,6 @@ int RAND_poll(void) | |||
| 280 | 276 | ||
| 281 | if (netapi) | 277 | if (netapi) |
| 282 | FreeLibrary(netapi); | 278 | FreeLibrary(netapi); |
| 283 | #endif /* 1 */ | ||
| 284 | 279 | ||
| 285 | /* It appears like this can cause an exception deep within ADVAPI32.DLL | 280 | /* It appears like this can cause an exception deep within ADVAPI32.DLL |
| 286 | * at random times on Windows 2000. Reported by Jeffrey Altman. | 281 | * at random times on Windows 2000. Reported by Jeffrey Altman. |
| @@ -356,12 +351,13 @@ int RAND_poll(void) | |||
| 356 | { | 351 | { |
| 357 | /* poll the CryptoAPI PRNG */ | 352 | /* poll the CryptoAPI PRNG */ |
| 358 | /* The CryptoAPI returns sizeof(buf) bytes of randomness */ | 353 | /* The CryptoAPI returns sizeof(buf) bytes of randomness */ |
| 359 | if (acquire(&hProvider, 0, 0, PROV_RSA_FULL, | 354 | if (acquire(&hProvider, NULL, NULL, PROV_RSA_FULL, |
| 360 | CRYPT_VERIFYCONTEXT)) | 355 | CRYPT_VERIFYCONTEXT)) |
| 361 | { | 356 | { |
| 362 | if (gen(hProvider, sizeof(buf), buf) != 0) | 357 | if (gen(hProvider, sizeof(buf), buf) != 0) |
| 363 | { | 358 | { |
| 364 | RAND_add(buf, sizeof(buf), 0); | 359 | RAND_add(buf, sizeof(buf), 0); |
| 360 | good = 1; | ||
| 365 | #if 0 | 361 | #if 0 |
| 366 | printf("randomness from PROV_RSA_FULL\n"); | 362 | printf("randomness from PROV_RSA_FULL\n"); |
| 367 | #endif | 363 | #endif |
| @@ -375,6 +371,7 @@ int RAND_poll(void) | |||
| 375 | if (gen(hProvider, sizeof(buf), buf) != 0) | 371 | if (gen(hProvider, sizeof(buf), buf) != 0) |
| 376 | { | 372 | { |
| 377 | RAND_add(buf, sizeof(buf), sizeof(buf)); | 373 | RAND_add(buf, sizeof(buf), sizeof(buf)); |
| 374 | good = 1; | ||
| 378 | #if 0 | 375 | #if 0 |
| 379 | printf("randomness from PROV_INTEL_SEC\n"); | 376 | printf("randomness from PROV_INTEL_SEC\n"); |
| 380 | #endif | 377 | #endif |
| @@ -386,7 +383,9 @@ int RAND_poll(void) | |||
| 386 | if (advapi) | 383 | if (advapi) |
| 387 | FreeLibrary(advapi); | 384 | FreeLibrary(advapi); |
| 388 | 385 | ||
| 389 | if (user) | 386 | if ((osverinfo.dwPlatformId != VER_PLATFORM_WIN32_NT || |
| 387 | !OPENSSL_isservice()) && | ||
| 388 | (user = LoadLibrary(TEXT("USER32.DLL")))) | ||
| 390 | { | 389 | { |
| 391 | GETCURSORINFO cursor; | 390 | GETCURSORINFO cursor; |
| 392 | GETFOREGROUNDWINDOW win; | 391 | GETFOREGROUNDWINDOW win; |
| @@ -399,7 +398,7 @@ int RAND_poll(void) | |||
| 399 | if (win) | 398 | if (win) |
| 400 | { | 399 | { |
| 401 | /* window handle */ | 400 | /* window handle */ |
| 402 | h = win(); | 401 | HWND h = win(); |
| 403 | RAND_add(&h, sizeof(h), 0); | 402 | RAND_add(&h, sizeof(h), 0); |
| 404 | } | 403 | } |
| 405 | if (cursor) | 404 | if (cursor) |
| @@ -464,6 +463,7 @@ int RAND_poll(void) | |||
| 464 | PROCESSENTRY32 p; | 463 | PROCESSENTRY32 p; |
| 465 | THREADENTRY32 t; | 464 | THREADENTRY32 t; |
| 466 | MODULEENTRY32 m; | 465 | MODULEENTRY32 m; |
| 466 | DWORD stoptime = 0; | ||
| 467 | 467 | ||
| 468 | snap = (CREATETOOLHELP32SNAPSHOT) | 468 | snap = (CREATETOOLHELP32SNAPSHOT) |
| 469 | GetProcAddress(kernel, "CreateToolhelp32Snapshot"); | 469 | GetProcAddress(kernel, "CreateToolhelp32Snapshot"); |
| @@ -495,6 +495,7 @@ int RAND_poll(void) | |||
| 495 | * of entropy. | 495 | * of entropy. |
| 496 | */ | 496 | */ |
| 497 | hlist.dwSize = sizeof(HEAPLIST32); | 497 | hlist.dwSize = sizeof(HEAPLIST32); |
| 498 | if (good) stoptime = GetTickCount() + MAXDELAY; | ||
| 498 | if (heaplist_first(handle, &hlist)) | 499 | if (heaplist_first(handle, &hlist)) |
| 499 | do | 500 | do |
| 500 | { | 501 | { |
| @@ -512,18 +513,20 @@ int RAND_poll(void) | |||
| 512 | && --entrycnt > 0); | 513 | && --entrycnt > 0); |
| 513 | } | 514 | } |
| 514 | } while (heaplist_next(handle, | 515 | } while (heaplist_next(handle, |
| 515 | &hlist)); | 516 | &hlist) && GetTickCount() < stoptime); |
| 516 | 517 | ||
| 517 | /* process walking */ | 518 | /* process walking */ |
| 518 | /* PROCESSENTRY32 contains 9 fields that will change | 519 | /* PROCESSENTRY32 contains 9 fields that will change |
| 519 | * with each entry. Consider each field a source of | 520 | * with each entry. Consider each field a source of |
| 520 | * 1 byte of entropy. | 521 | * 1 byte of entropy. |
| 521 | */ | 522 | */ |
| 522 | p.dwSize = sizeof(PROCESSENTRY32); | 523 | p.dwSize = sizeof(PROCESSENTRY32); |
| 524 | |||
| 525 | if (good) stoptime = GetTickCount() + MAXDELAY; | ||
| 523 | if (process_first(handle, &p)) | 526 | if (process_first(handle, &p)) |
| 524 | do | 527 | do |
| 525 | RAND_add(&p, p.dwSize, 9); | 528 | RAND_add(&p, p.dwSize, 9); |
| 526 | while (process_next(handle, &p)); | 529 | while (process_next(handle, &p) && GetTickCount() < stoptime); |
| 527 | 530 | ||
| 528 | /* thread walking */ | 531 | /* thread walking */ |
| 529 | /* THREADENTRY32 contains 6 fields that will change | 532 | /* THREADENTRY32 contains 6 fields that will change |
| @@ -531,10 +534,11 @@ int RAND_poll(void) | |||
| 531 | * 1 byte of entropy. | 534 | * 1 byte of entropy. |
| 532 | */ | 535 | */ |
| 533 | t.dwSize = sizeof(THREADENTRY32); | 536 | t.dwSize = sizeof(THREADENTRY32); |
| 537 | if (good) stoptime = GetTickCount() + MAXDELAY; | ||
| 534 | if (thread_first(handle, &t)) | 538 | if (thread_first(handle, &t)) |
| 535 | do | 539 | do |
| 536 | RAND_add(&t, t.dwSize, 6); | 540 | RAND_add(&t, t.dwSize, 6); |
| 537 | while (thread_next(handle, &t)); | 541 | while (thread_next(handle, &t) && GetTickCount() < stoptime); |
| 538 | 542 | ||
| 539 | /* module walking */ | 543 | /* module walking */ |
| 540 | /* MODULEENTRY32 contains 9 fields that will change | 544 | /* MODULEENTRY32 contains 9 fields that will change |
| @@ -542,18 +546,22 @@ int RAND_poll(void) | |||
| 542 | * 1 byte of entropy. | 546 | * 1 byte of entropy. |
| 543 | */ | 547 | */ |
| 544 | m.dwSize = sizeof(MODULEENTRY32); | 548 | m.dwSize = sizeof(MODULEENTRY32); |
| 549 | if (good) stoptime = GetTickCount() + MAXDELAY; | ||
| 545 | if (module_first(handle, &m)) | 550 | if (module_first(handle, &m)) |
| 546 | do | 551 | do |
| 547 | RAND_add(&m, m.dwSize, 9); | 552 | RAND_add(&m, m.dwSize, 9); |
| 548 | while (module_next(handle, &m)); | 553 | while (module_next(handle, &m) |
| 554 | && (GetTickCount() < stoptime)); | ||
| 549 | if (close_snap) | 555 | if (close_snap) |
| 550 | close_snap(handle); | 556 | close_snap(handle); |
| 551 | else | 557 | else |
| 552 | CloseHandle(handle); | 558 | CloseHandle(handle); |
| 559 | |||
| 553 | } | 560 | } |
| 554 | 561 | ||
| 555 | FreeLibrary(kernel); | 562 | FreeLibrary(kernel); |
| 556 | } | 563 | } |
| 564 | } | ||
| 557 | #endif /* !OPENSSL_SYS_WINCE */ | 565 | #endif /* !OPENSSL_SYS_WINCE */ |
| 558 | 566 | ||
| 559 | /* timer data */ | 567 | /* timer data */ |
| @@ -693,6 +701,9 @@ static void readscreen(void) | |||
| 693 | int y; /* y-coordinate of screen lines to grab */ | 701 | int y; /* y-coordinate of screen lines to grab */ |
| 694 | int n = 16; /* number of screen lines to grab at a time */ | 702 | int n = 16; /* number of screen lines to grab at a time */ |
| 695 | 703 | ||
| 704 | if (GetVersion() >= 0x80000000 || !OPENSSL_isservice()) | ||
| 705 | return; | ||
| 706 | |||
| 696 | /* Create a screen DC and a memory DC compatible to screen DC */ | 707 | /* Create a screen DC and a memory DC compatible to screen DC */ |
| 697 | hScrDC = CreateDC(TEXT("DISPLAY"), NULL, NULL, NULL); | 708 | hScrDC = CreateDC(TEXT("DISPLAY"), NULL, NULL, NULL); |
| 698 | hMemDC = CreateCompatibleDC(hScrDC); | 709 | hMemDC = CreateCompatibleDC(hScrDC); |
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c index d847d8ebdf..005cb38cb0 100644 --- a/src/lib/libcrypto/rand/randfile.c +++ b/src/lib/libcrypto/rand/randfile.c | |||
| @@ -102,10 +102,8 @@ int RAND_load_file(const char *file, long bytes) | |||
| 102 | 102 | ||
| 103 | if (file == NULL) return(0); | 103 | if (file == NULL) return(0); |
| 104 | 104 | ||
| 105 | i=stat(file,&sb); | 105 | if (stat(file,&sb) < 0) return(0); |
| 106 | /* If the state fails, put some crap in anyway */ | 106 | RAND_add(&sb,sizeof(sb),0.0); |
| 107 | RAND_add(&sb,sizeof(sb),0); | ||
| 108 | if (i < 0) return(0); | ||
| 109 | if (bytes == 0) return(ret); | 107 | if (bytes == 0) return(ret); |
| 110 | 108 | ||
| 111 | in=fopen(file,"rb"); | 109 | in=fopen(file,"rb"); |
| @@ -128,8 +126,12 @@ int RAND_load_file(const char *file, long bytes) | |||
| 128 | n = BUFSIZE; | 126 | n = BUFSIZE; |
| 129 | i=fread(buf,1,n,in); | 127 | i=fread(buf,1,n,in); |
| 130 | if (i <= 0) break; | 128 | if (i <= 0) break; |
| 129 | #ifdef PURIFY | ||
| 130 | RAND_add(buf,i,(double)i); | ||
| 131 | #else | ||
| 131 | /* even if n != i, use the full array */ | 132 | /* even if n != i, use the full array */ |
| 132 | RAND_add(buf,n,i); | 133 | RAND_add(buf,n,(double)i); |
| 134 | #endif | ||
| 133 | ret+=i; | 135 | ret+=i; |
| 134 | if (bytes > 0) | 136 | if (bytes > 0) |
| 135 | { | 137 | { |
diff --git a/src/lib/libcrypto/rand/randtest.c b/src/lib/libcrypto/rand/randtest.c index 701932e6ee..9e92a70b03 100644 --- a/src/lib/libcrypto/rand/randtest.c +++ b/src/lib/libcrypto/rand/randtest.c | |||
| @@ -65,7 +65,7 @@ | |||
| 65 | /* some FIPS 140-1 random number test */ | 65 | /* some FIPS 140-1 random number test */ |
| 66 | /* some simple tests */ | 66 | /* some simple tests */ |
| 67 | 67 | ||
| 68 | int main() | 68 | int main(int argc,char **argv) |
| 69 | { | 69 | { |
| 70 | unsigned char buf[2500]; | 70 | unsigned char buf[2500]; |
| 71 | int i,j,k,s,sign,nsign,err=0; | 71 | int i,j,k,s,sign,nsign,err=0; |
| @@ -211,6 +211,9 @@ int main() | |||
| 211 | printf("test 4 done\n"); | 211 | printf("test 4 done\n"); |
| 212 | err: | 212 | err: |
| 213 | err=((err)?1:0); | 213 | err=((err)?1:0); |
| 214 | #ifdef OPENSSL_SYS_NETWARE | ||
| 215 | if (err) printf("ERROR: %d\n", err); | ||
| 216 | #endif | ||
| 214 | EXIT(err); | 217 | EXIT(err); |
| 215 | return(err); | 218 | return(err); |
| 216 | } | 219 | } |
diff --git a/src/lib/libcrypto/rc2/rc2.h b/src/lib/libcrypto/rc2/rc2.h index 71788158d8..34c8362317 100644 --- a/src/lib/libcrypto/rc2/rc2.h +++ b/src/lib/libcrypto/rc2/rc2.h | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #ifndef HEADER_RC2_H | 59 | #ifndef HEADER_RC2_H |
| 60 | #define HEADER_RC2_H | 60 | #define HEADER_RC2_H |
| 61 | 61 | ||
| 62 | #include <openssl/opensslconf.h> /* OPENSSL_NO_RC2, RC2_INT */ | ||
| 62 | #ifdef OPENSSL_NO_RC2 | 63 | #ifdef OPENSSL_NO_RC2 |
| 63 | #error RC2 is disabled. | 64 | #error RC2 is disabled. |
| 64 | #endif | 65 | #endif |
| @@ -66,7 +67,6 @@ | |||
| 66 | #define RC2_ENCRYPT 1 | 67 | #define RC2_ENCRYPT 1 |
| 67 | #define RC2_DECRYPT 0 | 68 | #define RC2_DECRYPT 0 |
| 68 | 69 | ||
| 69 | #include <openssl/opensslconf.h> /* RC2_INT */ | ||
| 70 | #define RC2_BLOCK 8 | 70 | #define RC2_BLOCK 8 |
| 71 | #define RC2_KEY_LENGTH 16 | 71 | #define RC2_KEY_LENGTH 16 |
| 72 | 72 | ||
| @@ -79,10 +79,7 @@ typedef struct rc2_key_st | |||
| 79 | RC2_INT data[64]; | 79 | RC2_INT data[64]; |
| 80 | } RC2_KEY; | 80 | } RC2_KEY; |
| 81 | 81 | ||
| 82 | #ifdef OPENSSL_FIPS | 82 | |
| 83 | void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, | ||
| 84 | int bits); | ||
| 85 | #endif | ||
| 86 | void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); | 83 | void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); |
| 87 | void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, | 84 | void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, |
| 88 | int enc); | 85 | int enc); |
diff --git a/src/lib/libcrypto/rc2/rc2_ecb.c b/src/lib/libcrypto/rc2/rc2_ecb.c index d3e8c2718a..fff86c7af8 100644 --- a/src/lib/libcrypto/rc2/rc2_ecb.c +++ b/src/lib/libcrypto/rc2/rc2_ecb.c | |||
| @@ -60,7 +60,7 @@ | |||
| 60 | #include "rc2_locl.h" | 60 | #include "rc2_locl.h" |
| 61 | #include <openssl/opensslv.h> | 61 | #include <openssl/opensslv.h> |
| 62 | 62 | ||
| 63 | const char *RC2_version="RC2" OPENSSL_VERSION_PTEXT; | 63 | const char RC2_version[]="RC2" OPENSSL_VERSION_PTEXT; |
| 64 | 64 | ||
| 65 | /* RC2 as implemented frm a posting from | 65 | /* RC2 as implemented frm a posting from |
| 66 | * Newsgroups: sci.crypt | 66 | * Newsgroups: sci.crypt |
diff --git a/src/lib/libcrypto/rc2/rc2_skey.c b/src/lib/libcrypto/rc2/rc2_skey.c index 9652865188..4953642056 100644 --- a/src/lib/libcrypto/rc2/rc2_skey.c +++ b/src/lib/libcrypto/rc2/rc2_skey.c | |||
| @@ -57,8 +57,6 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/rc2.h> | 59 | #include <openssl/rc2.h> |
| 60 | #include <openssl/crypto.h> | ||
| 61 | #include <openssl/fips.h> | ||
| 62 | #include "rc2_locl.h" | 60 | #include "rc2_locl.h" |
| 63 | 61 | ||
| 64 | static unsigned char key_table[256]={ | 62 | static unsigned char key_table[256]={ |
| @@ -86,25 +84,17 @@ static unsigned char key_table[256]={ | |||
| 86 | 0xfe,0x7f,0xc1,0xad, | 84 | 0xfe,0x7f,0xc1,0xad, |
| 87 | }; | 85 | }; |
| 88 | 86 | ||
| 87 | #if defined(_MSC_VER) && defined(_ARM_) | ||
| 88 | #pragma optimize("g",off) | ||
| 89 | #endif | ||
| 90 | |||
| 89 | /* It has come to my attention that there are 2 versions of the RC2 | 91 | /* It has come to my attention that there are 2 versions of the RC2 |
| 90 | * key schedule. One which is normal, and anther which has a hook to | 92 | * key schedule. One which is normal, and anther which has a hook to |
| 91 | * use a reduced key length. | 93 | * use a reduced key length. |
| 92 | * BSAFE uses the 'retarded' version. What I previously shipped is | 94 | * BSAFE uses the 'retarded' version. What I previously shipped is |
| 93 | * the same as specifying 1024 for the 'bits' parameter. Bsafe uses | 95 | * the same as specifying 1024 for the 'bits' parameter. Bsafe uses |
| 94 | * a version where the bits parameter is the same as len*8 */ | 96 | * a version where the bits parameter is the same as len*8 */ |
| 95 | |||
| 96 | #ifdef OPENSSL_FIPS | ||
| 97 | void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) | ||
| 98 | { | ||
| 99 | if (FIPS_mode()) | ||
| 100 | FIPS_BAD_ABORT(RC2) | ||
| 101 | private_RC2_set_key(key, len, data, bits); | ||
| 102 | } | ||
| 103 | void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, | ||
| 104 | int bits) | ||
| 105 | #else | ||
| 106 | void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) | 97 | void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) |
| 107 | #endif | ||
| 108 | { | 98 | { |
| 109 | int i,j; | 99 | int i,j; |
| 110 | unsigned char *k; | 100 | unsigned char *k; |
| @@ -150,3 +140,6 @@ void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) | |||
| 150 | *(ki--)=((k[i]<<8)|k[i-1])&0xffff; | 140 | *(ki--)=((k[i]<<8)|k[i-1])&0xffff; |
| 151 | } | 141 | } |
| 152 | 142 | ||
| 143 | #if defined(_MSC_VER) | ||
| 144 | #pragma optimize("",on) | ||
| 145 | #endif | ||
diff --git a/src/lib/libcrypto/rc2/rc2speed.c b/src/lib/libcrypto/rc2/rc2speed.c index 4d0e1242ea..85cf6f65bf 100644 --- a/src/lib/libcrypto/rc2/rc2speed.c +++ b/src/lib/libcrypto/rc2/rc2speed.c | |||
| @@ -69,7 +69,10 @@ | |||
| 69 | #include OPENSSL_UNISTD_IO | 69 | #include OPENSSL_UNISTD_IO |
| 70 | OPENSSL_DECLARE_EXIT | 70 | OPENSSL_DECLARE_EXIT |
| 71 | 71 | ||
| 72 | #ifndef OPENSSL_SYS_NETWARE | ||
| 72 | #include <signal.h> | 73 | #include <signal.h> |
| 74 | #endif | ||
| 75 | |||
| 73 | #ifndef _IRIX | 76 | #ifndef _IRIX |
| 74 | #include <time.h> | 77 | #include <time.h> |
| 75 | #endif | 78 | #endif |
diff --git a/src/lib/libcrypto/rc2/rc2test.c b/src/lib/libcrypto/rc2/rc2test.c index b67bafb49f..0e117436bb 100644 --- a/src/lib/libcrypto/rc2/rc2test.c +++ b/src/lib/libcrypto/rc2/rc2test.c | |||
| @@ -205,6 +205,9 @@ int main(int argc, char *argv[]) | |||
| 205 | printf("ok\n"); | 205 | printf("ok\n"); |
| 206 | #endif | 206 | #endif |
| 207 | 207 | ||
| 208 | #ifdef OPENSSL_SYS_NETWARE | ||
| 209 | if (err) printf("ERROR: %d\n", err); | ||
| 210 | #endif | ||
| 208 | EXIT(err); | 211 | EXIT(err); |
| 209 | return(err); | 212 | return(err); |
| 210 | } | 213 | } |
diff --git a/src/lib/libcrypto/rc4/asm/rc4-586.pl b/src/lib/libcrypto/rc4/asm/rc4-586.pl index d6e98f0811..ef7eee766c 100644 --- a/src/lib/libcrypto/rc4/asm/rc4-586.pl +++ b/src/lib/libcrypto/rc4/asm/rc4-586.pl | |||
| @@ -200,22 +200,23 @@ sub RC4 | |||
| 200 | 200 | ||
| 201 | &lea ($ty,&DWP(0,$in,$ty)); | 201 | &lea ($ty,&DWP(0,$in,$ty)); |
| 202 | &mov (&swtmp(2),$ty); | 202 | &mov (&swtmp(2),$ty); |
| 203 | &movz ($tx,&BP(0,$d,$x)); | ||
| 203 | 204 | ||
| 204 | # strangely enough unrolled loop performs over 20% slower... | 205 | # strangely enough unrolled loop performs over 20% slower... |
| 205 | &set_label("RC4_CHAR_loop"); | 206 | &set_label("RC4_CHAR_loop"); |
| 206 | &movz ($tx,&BP(0,$d,$x)); | ||
| 207 | &add (&LB($y),&LB($tx)); | 207 | &add (&LB($y),&LB($tx)); |
| 208 | &movz ($ty,&BP(0,$d,$y)); | 208 | &movz ($ty,&BP(0,$d,$y)); |
| 209 | &movb (&BP(0,$d,$y),&LB($tx)); | 209 | &movb (&BP(0,$d,$y),&LB($tx)); |
| 210 | &movb (&BP(0,$d,$x),&LB($ty)); | 210 | &movb (&BP(0,$d,$x),&LB($ty)); |
| 211 | &add (&LB($ty),&LB($tx)); | 211 | &add (&LB($ty),&LB($tx)); |
| 212 | &movz ($ty,&BP(0,$d,$ty)); | 212 | &movz ($ty,&BP(0,$d,$ty)); |
| 213 | &add (&LB($x),1); | ||
| 213 | &xorb (&LB($ty),&BP(0,$in)); | 214 | &xorb (&LB($ty),&BP(0,$in)); |
| 214 | &movb (&BP(0,$out),&LB($ty)); | 215 | &lea ($in,&DWP(1,$in)); |
| 215 | &inc (&LB($x)); | 216 | &movz ($tx,&BP(0,$d,$x)); |
| 216 | &inc ($in); | ||
| 217 | &inc ($out); | ||
| 218 | &cmp ($in,&swtmp(2)); | 217 | &cmp ($in,&swtmp(2)); |
| 218 | &movb (&BP(0,$out),&LB($ty)); | ||
| 219 | &lea ($out,&DWP(1,$out)); | ||
| 219 | &jb (&label("RC4_CHAR_loop")); | 220 | &jb (&label("RC4_CHAR_loop")); |
| 220 | 221 | ||
| 221 | &set_label("finished"); | 222 | &set_label("finished"); |
diff --git a/src/lib/libcrypto/rc4/rc4.c b/src/lib/libcrypto/rc4/rc4.c index b39c070292..c900b26055 100644 --- a/src/lib/libcrypto/rc4/rc4.c +++ b/src/lib/libcrypto/rc4/rc4.c | |||
| @@ -60,6 +60,7 @@ | |||
| 60 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | #include <openssl/rc4.h> | 62 | #include <openssl/rc4.h> |
| 63 | #include <openssl/evp.h> | ||
| 63 | 64 | ||
| 64 | char *usage[]={ | 65 | char *usage[]={ |
| 65 | "usage: rc4 args\n", | 66 | "usage: rc4 args\n", |
| @@ -162,7 +163,7 @@ bad: | |||
| 162 | keystr=buf; | 163 | keystr=buf; |
| 163 | } | 164 | } |
| 164 | 165 | ||
| 165 | EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5()); | 166 | EVP_Digest((unsigned char *)keystr,strlen(keystr),md,NULL,EVP_md5(),NULL); |
| 166 | OPENSSL_cleanse(keystr,strlen(keystr)); | 167 | OPENSSL_cleanse(keystr,strlen(keystr)); |
| 167 | RC4_set_key(&key,MD5_DIGEST_LENGTH,md); | 168 | RC4_set_key(&key,MD5_DIGEST_LENGTH,md); |
| 168 | 169 | ||
diff --git a/src/lib/libcrypto/rc4/rc4.h b/src/lib/libcrypto/rc4/rc4.h index ae0cea75b8..7aec04fe93 100644 --- a/src/lib/libcrypto/rc4/rc4.h +++ b/src/lib/libcrypto/rc4/rc4.h | |||
| @@ -59,12 +59,11 @@ | |||
| 59 | #ifndef HEADER_RC4_H | 59 | #ifndef HEADER_RC4_H |
| 60 | #define HEADER_RC4_H | 60 | #define HEADER_RC4_H |
| 61 | 61 | ||
| 62 | #include <openssl/opensslconf.h> /* OPENSSL_NO_RC4, RC4_INT */ | ||
| 62 | #ifdef OPENSSL_NO_RC4 | 63 | #ifdef OPENSSL_NO_RC4 |
| 63 | #error RC4 is disabled. | 64 | #error RC4 is disabled. |
| 64 | #endif | 65 | #endif |
| 65 | 66 | ||
| 66 | #include <openssl/opensslconf.h> /* RC4_INT */ | ||
| 67 | |||
| 68 | #ifdef __cplusplus | 67 | #ifdef __cplusplus |
| 69 | extern "C" { | 68 | extern "C" { |
| 70 | #endif | 69 | #endif |
| @@ -77,9 +76,6 @@ typedef struct rc4_key_st | |||
| 77 | 76 | ||
| 78 | 77 | ||
| 79 | const char *RC4_options(void); | 78 | const char *RC4_options(void); |
| 80 | #ifdef OPENSSL_FIPS | ||
| 81 | void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); | ||
| 82 | #endif | ||
| 83 | void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); | 79 | void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); |
| 84 | void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, | 80 | void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, |
| 85 | unsigned char *outdata); | 81 | unsigned char *outdata); |
diff --git a/src/lib/libcrypto/rc4/rc4_enc.c b/src/lib/libcrypto/rc4/rc4_enc.c index d5f18a3a70..0660ea60a2 100644 --- a/src/lib/libcrypto/rc4/rc4_enc.c +++ b/src/lib/libcrypto/rc4/rc4_enc.c | |||
| @@ -157,7 +157,7 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, | |||
| 157 | if (!is_endian.little) | 157 | if (!is_endian.little) |
| 158 | { /* BIG-ENDIAN CASE */ | 158 | { /* BIG-ENDIAN CASE */ |
| 159 | # define BESHFT(c) (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1)) | 159 | # define BESHFT(c) (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1)) |
| 160 | for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK)) | 160 | for (;len&~(sizeof(RC4_CHUNK)-1);len-=sizeof(RC4_CHUNK)) |
| 161 | { | 161 | { |
| 162 | ichunk = *(RC4_CHUNK *)indata; | 162 | ichunk = *(RC4_CHUNK *)indata; |
| 163 | otp = RC4_STEP<<BESHFT(0); | 163 | otp = RC4_STEP<<BESHFT(0); |
| @@ -210,7 +210,7 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, | |||
| 210 | else | 210 | else |
| 211 | { /* LITTLE-ENDIAN CASE */ | 211 | { /* LITTLE-ENDIAN CASE */ |
| 212 | # define LESHFT(c) (((c)*8)&(sizeof(RC4_CHUNK)*8-1)) | 212 | # define LESHFT(c) (((c)*8)&(sizeof(RC4_CHUNK)*8-1)) |
| 213 | for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK)) | 213 | for (;len&~(sizeof(RC4_CHUNK)-1);len-=sizeof(RC4_CHUNK)) |
| 214 | { | 214 | { |
| 215 | ichunk = *(RC4_CHUNK *)indata; | 215 | ichunk = *(RC4_CHUNK *)indata; |
| 216 | otp = RC4_STEP; | 216 | otp = RC4_STEP; |
diff --git a/src/lib/libcrypto/rc4/rc4_skey.c b/src/lib/libcrypto/rc4/rc4_skey.c index 60510624fd..46b77ec321 100644 --- a/src/lib/libcrypto/rc4/rc4_skey.c +++ b/src/lib/libcrypto/rc4/rc4_skey.c | |||
| @@ -57,12 +57,10 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/rc4.h> | 59 | #include <openssl/rc4.h> |
| 60 | #include <openssl/crypto.h> | ||
| 61 | #include <openssl/fips.h> | ||
| 62 | #include "rc4_locl.h" | 60 | #include "rc4_locl.h" |
| 63 | #include <openssl/opensslv.h> | 61 | #include <openssl/opensslv.h> |
| 64 | 62 | ||
| 65 | const char *RC4_version="RC4" OPENSSL_VERSION_PTEXT; | 63 | const char RC4_version[]="RC4" OPENSSL_VERSION_PTEXT; |
| 66 | 64 | ||
| 67 | const char *RC4_options(void) | 65 | const char *RC4_options(void) |
| 68 | { | 66 | { |
| @@ -87,7 +85,7 @@ const char *RC4_options(void) | |||
| 87 | * Date: Wed, 14 Sep 1994 06:35:31 GMT | 85 | * Date: Wed, 14 Sep 1994 06:35:31 GMT |
| 88 | */ | 86 | */ |
| 89 | 87 | ||
| 90 | FIPS_NON_FIPS_VCIPHER_Init(RC4) | 88 | void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) |
| 91 | { | 89 | { |
| 92 | register RC4_INT tmp; | 90 | register RC4_INT tmp; |
| 93 | register int id1,id2; | 91 | register int id1,id2; |
| @@ -95,26 +93,59 @@ FIPS_NON_FIPS_VCIPHER_Init(RC4) | |||
| 95 | unsigned int i; | 93 | unsigned int i; |
| 96 | 94 | ||
| 97 | d= &(key->data[0]); | 95 | d= &(key->data[0]); |
| 98 | |||
| 99 | for (i=0; i<256; i++) | ||
| 100 | d[i]=i; | ||
| 101 | key->x = 0; | 96 | key->x = 0; |
| 102 | key->y = 0; | 97 | key->y = 0; |
| 103 | id1=id2=0; | 98 | id1=id2=0; |
| 104 | 99 | ||
| 105 | #define SK_LOOP(n) { \ | 100 | #define SK_LOOP(d,n) { \ |
| 106 | tmp=d[(n)]; \ | 101 | tmp=d[(n)]; \ |
| 107 | id2 = (data[id1] + tmp + id2) & 0xff; \ | 102 | id2 = (data[id1] + tmp + id2) & 0xff; \ |
| 108 | if (++id1 == len) id1=0; \ | 103 | if (++id1 == len) id1=0; \ |
| 109 | d[(n)]=d[id2]; \ | 104 | d[(n)]=d[id2]; \ |
| 110 | d[id2]=tmp; } | 105 | d[id2]=tmp; } |
| 111 | 106 | ||
| 107 | #if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) | ||
| 108 | # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ | ||
| 109 | defined(__INTEL__) || \ | ||
| 110 | defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) | ||
| 111 | if (sizeof(RC4_INT) > 1) { | ||
| 112 | /* | ||
| 113 | * Unlike all other x86 [and x86_64] implementations, | ||
| 114 | * Intel P4 core [including EM64T] was found to perform | ||
| 115 | * poorly with wider RC4_INT. Performance improvement | ||
| 116 | * for IA-32 hand-coded assembler turned out to be 2.8x | ||
| 117 | * if re-coded for RC4_CHAR! It's however inappropriate | ||
| 118 | * to just switch to RC4_CHAR for x86[_64], as non-P4 | ||
| 119 | * implementations suffer from significant performance | ||
| 120 | * losses then, e.g. PIII exhibits >2x deterioration, | ||
| 121 | * and so does Opteron. In order to assure optimal | ||
| 122 | * all-round performance, we detect P4 at run-time by | ||
| 123 | * checking upon reserved bit 20 in CPU capability | ||
| 124 | * vector and set up compressed key schedule, which is | ||
| 125 | * recognized by correspondingly updated assembler | ||
| 126 | * module... Bit 20 is set up by OPENSSL_ia32_cpuid. | ||
| 127 | * | ||
| 128 | * <appro@fy.chalmers.se> | ||
| 129 | */ | ||
| 130 | if (OPENSSL_ia32cap_P & (1<<20)) { | ||
| 131 | unsigned char *cp=(unsigned char *)d; | ||
| 132 | |||
| 133 | for (i=0;i<256;i++) cp[i]=i; | ||
| 134 | for (i=0;i<256;i++) SK_LOOP(cp,i); | ||
| 135 | /* mark schedule as compressed! */ | ||
| 136 | d[256/sizeof(RC4_INT)]=-1; | ||
| 137 | return; | ||
| 138 | } | ||
| 139 | } | ||
| 140 | # endif | ||
| 141 | #endif | ||
| 142 | for (i=0; i < 256; i++) d[i]=i; | ||
| 112 | for (i=0; i < 256; i+=4) | 143 | for (i=0; i < 256; i+=4) |
| 113 | { | 144 | { |
| 114 | SK_LOOP(i+0); | 145 | SK_LOOP(d,i+0); |
| 115 | SK_LOOP(i+1); | 146 | SK_LOOP(d,i+1); |
| 116 | SK_LOOP(i+2); | 147 | SK_LOOP(d,i+2); |
| 117 | SK_LOOP(i+3); | 148 | SK_LOOP(d,i+3); |
| 118 | } | 149 | } |
| 119 | } | 150 | } |
| 120 | 151 | ||
diff --git a/src/lib/libcrypto/rc4/rc4speed.c b/src/lib/libcrypto/rc4/rc4speed.c index ced98c52df..0ebd38123d 100644 --- a/src/lib/libcrypto/rc4/rc4speed.c +++ b/src/lib/libcrypto/rc4/rc4speed.c | |||
| @@ -69,7 +69,10 @@ | |||
| 69 | #include OPENSSL_UNISTD_IO | 69 | #include OPENSSL_UNISTD_IO |
| 70 | OPENSSL_DECLARE_EXIT | 70 | OPENSSL_DECLARE_EXIT |
| 71 | 71 | ||
| 72 | #ifndef OPENSSL_SYS_NETWARE | ||
| 72 | #include <signal.h> | 73 | #include <signal.h> |
| 74 | #endif | ||
| 75 | |||
| 73 | #ifndef _IRIX | 76 | #ifndef _IRIX |
| 74 | #include <time.h> | 77 | #include <time.h> |
| 75 | #endif | 78 | #endif |
diff --git a/src/lib/libcrypto/rc4/rc4test.c b/src/lib/libcrypto/rc4/rc4test.c index b9d8f20975..54b597fa26 100644 --- a/src/lib/libcrypto/rc4/rc4test.c +++ b/src/lib/libcrypto/rc4/rc4test.c | |||
| @@ -70,6 +70,7 @@ int main(int argc, char *argv[]) | |||
| 70 | } | 70 | } |
| 71 | #else | 71 | #else |
| 72 | #include <openssl/rc4.h> | 72 | #include <openssl/rc4.h> |
| 73 | #include <openssl/sha.h> | ||
| 73 | 74 | ||
| 74 | static unsigned char keys[7][30]={ | 75 | static unsigned char keys[7][30]={ |
| 75 | {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}, | 76 | {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}, |
| @@ -113,13 +114,11 @@ static unsigned char output[7][30]={ | |||
| 113 | 114 | ||
| 114 | int main(int argc, char *argv[]) | 115 | int main(int argc, char *argv[]) |
| 115 | { | 116 | { |
| 116 | int i,err=0; | 117 | int err=0; |
| 117 | int j; | 118 | unsigned int i, j; |
| 118 | unsigned char *p; | 119 | unsigned char *p; |
| 119 | RC4_KEY key; | 120 | RC4_KEY key; |
| 120 | unsigned char buf[512],obuf[512]; | 121 | unsigned char obuf[512]; |
| 121 | |||
| 122 | for (i=0; i<512; i++) buf[i]=0x01; | ||
| 123 | 122 | ||
| 124 | for (i=0; i<6; i++) | 123 | for (i=0; i<6; i++) |
| 125 | { | 124 | { |
| @@ -130,12 +129,12 @@ int main(int argc, char *argv[]) | |||
| 130 | { | 129 | { |
| 131 | printf("error calculating RC4\n"); | 130 | printf("error calculating RC4\n"); |
| 132 | printf("output:"); | 131 | printf("output:"); |
| 133 | for (j=0; j<data_len[i]+1; j++) | 132 | for (j=0; j<data_len[i]+1U; j++) |
| 134 | printf(" %02x",obuf[j]); | 133 | printf(" %02x",obuf[j]); |
| 135 | printf("\n"); | 134 | printf("\n"); |
| 136 | printf("expect:"); | 135 | printf("expect:"); |
| 137 | p= &(output[i][0]); | 136 | p= &(output[i][0]); |
| 138 | for (j=0; j<data_len[i]+1; j++) | 137 | for (j=0; j<data_len[i]+1U; j++) |
| 139 | printf(" %02x",*(p++)); | 138 | printf(" %02x",*(p++)); |
| 140 | printf("\n"); | 139 | printf("\n"); |
| 141 | err++; | 140 | err++; |
| @@ -181,12 +180,12 @@ int main(int argc, char *argv[]) | |||
| 181 | { | 180 | { |
| 182 | printf("error in RC4 multi-call processing\n"); | 181 | printf("error in RC4 multi-call processing\n"); |
| 183 | printf("output:"); | 182 | printf("output:"); |
| 184 | for (j=0; j<data_len[3]+1; j++) | 183 | for (j=0; j<data_len[3]+1U; j++) |
| 185 | printf(" %02x",obuf[j]); | 184 | printf(" %02x",obuf[j]); |
| 186 | printf("\n"); | 185 | printf("\n"); |
| 187 | printf("expect:"); | 186 | printf("expect:"); |
| 188 | p= &(output[3][0]); | 187 | p= &(output[3][0]); |
| 189 | for (j=0; j<data_len[3]+1; j++) | 188 | for (j=0; j<data_len[3]+1U; j++) |
| 190 | printf(" %02x",*(p++)); | 189 | printf(" %02x",*(p++)); |
| 191 | err++; | 190 | err++; |
| 192 | } | 191 | } |
| @@ -197,6 +196,40 @@ int main(int argc, char *argv[]) | |||
| 197 | } | 196 | } |
| 198 | } | 197 | } |
| 199 | printf("done\n"); | 198 | printf("done\n"); |
| 199 | printf("bulk test "); | ||
| 200 | { unsigned char buf[513]; | ||
| 201 | SHA_CTX c; | ||
| 202 | unsigned char md[SHA_DIGEST_LENGTH]; | ||
| 203 | static unsigned char expected[]={ | ||
| 204 | 0xa4,0x7b,0xcc,0x00,0x3d,0xd0,0xbd,0xe1,0xac,0x5f, | ||
| 205 | 0x12,0x1e,0x45,0xbc,0xfb,0x1a,0xa1,0xf2,0x7f,0xc5 }; | ||
| 206 | |||
| 207 | RC4_set_key(&key,keys[0][0],&(keys[3][1])); | ||
| 208 | memset(buf,'\0',sizeof(buf)); | ||
| 209 | SHA1_Init(&c); | ||
| 210 | for (i=0;i<2571;i++) { | ||
| 211 | RC4(&key,sizeof(buf),buf,buf); | ||
| 212 | SHA1_Update(&c,buf,sizeof(buf)); | ||
| 213 | } | ||
| 214 | SHA1_Final(md,&c); | ||
| 215 | |||
| 216 | if (memcmp(md,expected,sizeof(md))) { | ||
| 217 | printf("error in RC4 bulk test\n"); | ||
| 218 | printf("output:"); | ||
| 219 | for (j=0; j<sizeof(md); j++) | ||
| 220 | printf(" %02x",md[j]); | ||
| 221 | printf("\n"); | ||
| 222 | printf("expect:"); | ||
| 223 | for (j=0; j<sizeof(md); j++) | ||
| 224 | printf(" %02x",expected[j]); | ||
| 225 | printf("\n"); | ||
| 226 | err++; | ||
| 227 | } | ||
| 228 | else printf("ok\n"); | ||
| 229 | } | ||
| 230 | #ifdef OPENSSL_SYS_NETWARE | ||
| 231 | if (err) printf("ERROR: %d\n", err); | ||
| 232 | #endif | ||
| 200 | EXIT(err); | 233 | EXIT(err); |
| 201 | return(0); | 234 | return(0); |
| 202 | } | 235 | } |
diff --git a/src/lib/libcrypto/rc5/rc5.h b/src/lib/libcrypto/rc5/rc5.h index aa3f26920b..4b3c153b50 100644 --- a/src/lib/libcrypto/rc5/rc5.h +++ b/src/lib/libcrypto/rc5/rc5.h | |||
| @@ -59,6 +59,8 @@ | |||
| 59 | #ifndef HEADER_RC5_H | 59 | #ifndef HEADER_RC5_H |
| 60 | #define HEADER_RC5_H | 60 | #define HEADER_RC5_H |
| 61 | 61 | ||
| 62 | #include <openssl/opensslconf.h> /* OPENSSL_NO_RC5 */ | ||
| 63 | |||
| 62 | #ifdef __cplusplus | 64 | #ifdef __cplusplus |
| 63 | extern "C" { | 65 | extern "C" { |
| 64 | #endif | 66 | #endif |
| @@ -92,10 +94,7 @@ typedef struct rc5_key_st | |||
| 92 | RC5_32_INT data[2*(RC5_16_ROUNDS+1)]; | 94 | RC5_32_INT data[2*(RC5_16_ROUNDS+1)]; |
| 93 | } RC5_32_KEY; | 95 | } RC5_32_KEY; |
| 94 | 96 | ||
| 95 | #ifdef OPENSSL_FIPS | 97 | |
| 96 | void private_RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, | ||
| 97 | int rounds); | ||
| 98 | #endif | ||
| 99 | void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, | 98 | void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, |
| 100 | int rounds); | 99 | int rounds); |
| 101 | void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key, | 100 | void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key, |
diff --git a/src/lib/libcrypto/ripemd/asm/rmd-586.pl b/src/lib/libcrypto/ripemd/asm/rmd-586.pl index 0ab6f76bff..4f3c4c967f 100644 --- a/src/lib/libcrypto/ripemd/asm/rmd-586.pl +++ b/src/lib/libcrypto/ripemd/asm/rmd-586.pl | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | #!/usr/local/bin/perl | 1 | #!/usr/local/bin/perl |
| 2 | 2 | ||
| 3 | # Normal is the | 3 | # Normal is the |
| 4 | # ripemd160_block_asm_host_order(RIPEMD160_CTX *c, ULONG *X,int blocks); | 4 | # ripemd160_block_asm_data_order(RIPEMD160_CTX *c, ULONG *X,int blocks); |
| 5 | 5 | ||
| 6 | $normal=0; | 6 | $normal=0; |
| 7 | 7 | ||
| @@ -56,7 +56,7 @@ $KR3=0x7A6D76E9; | |||
| 56 | 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11, | 56 | 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11, |
| 57 | ); | 57 | ); |
| 58 | 58 | ||
| 59 | &ripemd160_block("ripemd160_block_asm_host_order"); | 59 | &ripemd160_block("ripemd160_block_asm_data_order"); |
| 60 | &asm_finish(); | 60 | &asm_finish(); |
| 61 | 61 | ||
| 62 | sub Xv | 62 | sub Xv |
diff --git a/src/lib/libcrypto/ripemd/ripemd.h b/src/lib/libcrypto/ripemd/ripemd.h index 7d0d998189..033a5965b5 100644 --- a/src/lib/libcrypto/ripemd/ripemd.h +++ b/src/lib/libcrypto/ripemd/ripemd.h | |||
| @@ -60,6 +60,7 @@ | |||
| 60 | #define HEADER_RIPEMD_H | 60 | #define HEADER_RIPEMD_H |
| 61 | 61 | ||
| 62 | #include <openssl/e_os2.h> | 62 | #include <openssl/e_os2.h> |
| 63 | #include <stddef.h> | ||
| 63 | 64 | ||
| 64 | #ifdef __cplusplus | 65 | #ifdef __cplusplus |
| 65 | extern "C" { | 66 | extern "C" { |
| @@ -87,16 +88,13 @@ typedef struct RIPEMD160state_st | |||
| 87 | RIPEMD160_LONG A,B,C,D,E; | 88 | RIPEMD160_LONG A,B,C,D,E; |
| 88 | RIPEMD160_LONG Nl,Nh; | 89 | RIPEMD160_LONG Nl,Nh; |
| 89 | RIPEMD160_LONG data[RIPEMD160_LBLOCK]; | 90 | RIPEMD160_LONG data[RIPEMD160_LBLOCK]; |
| 90 | int num; | 91 | unsigned int num; |
| 91 | } RIPEMD160_CTX; | 92 | } RIPEMD160_CTX; |
| 92 | 93 | ||
| 93 | #ifdef OPENSSL_FIPS | ||
| 94 | int private_RIPEMD160_Init(RIPEMD160_CTX *c); | ||
| 95 | #endif | ||
| 96 | int RIPEMD160_Init(RIPEMD160_CTX *c); | 94 | int RIPEMD160_Init(RIPEMD160_CTX *c); |
| 97 | int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, unsigned long len); | 95 | int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len); |
| 98 | int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); | 96 | int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); |
| 99 | unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, | 97 | unsigned char *RIPEMD160(const unsigned char *d, size_t n, |
| 100 | unsigned char *md); | 98 | unsigned char *md); |
| 101 | void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b); | 99 | void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b); |
| 102 | #ifdef __cplusplus | 100 | #ifdef __cplusplus |
diff --git a/src/lib/libcrypto/ripemd/rmd_dgst.c b/src/lib/libcrypto/ripemd/rmd_dgst.c index 58ff010d11..1f2401aa7e 100644 --- a/src/lib/libcrypto/ripemd/rmd_dgst.c +++ b/src/lib/libcrypto/ripemd/rmd_dgst.c | |||
| @@ -58,19 +58,18 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "rmd_locl.h" | 60 | #include "rmd_locl.h" |
| 61 | #include <openssl/fips.h> | ||
| 62 | #include <openssl/opensslv.h> | 61 | #include <openssl/opensslv.h> |
| 63 | 62 | ||
| 64 | const char *RMD160_version="RIPE-MD160" OPENSSL_VERSION_PTEXT; | 63 | const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT; |
| 65 | 64 | ||
| 66 | # ifdef RMD160_ASM | 65 | # ifdef RMD160_ASM |
| 67 | void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p,int num); | 66 | void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p,size_t num); |
| 68 | # define ripemd160_block ripemd160_block_x86 | 67 | # define ripemd160_block ripemd160_block_x86 |
| 69 | # else | 68 | # else |
| 70 | void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,int num); | 69 | void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,size_t num); |
| 71 | # endif | 70 | # endif |
| 72 | 71 | ||
| 73 | FIPS_NON_FIPS_MD_Init(RIPEMD160) | 72 | int RIPEMD160_Init(RIPEMD160_CTX *c) |
| 74 | { | 73 | { |
| 75 | c->A=RIPEMD160_A; | 74 | c->A=RIPEMD160_A; |
| 76 | c->B=RIPEMD160_B; | 75 | c->B=RIPEMD160_B; |
| @@ -83,212 +82,11 @@ FIPS_NON_FIPS_MD_Init(RIPEMD160) | |||
| 83 | return 1; | 82 | return 1; |
| 84 | } | 83 | } |
| 85 | 84 | ||
| 86 | #ifndef ripemd160_block_host_order | ||
| 87 | #ifdef X | ||
| 88 | #undef X | ||
| 89 | #endif | ||
| 90 | #define X(i) XX[i] | ||
| 91 | void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num) | ||
| 92 | { | ||
| 93 | const RIPEMD160_LONG *XX=p; | ||
| 94 | register volatile unsigned MD32_REG_T A,B,C,D,E; | ||
| 95 | register unsigned MD32_REG_T a,b,c,d,e; | ||
| 96 | |||
| 97 | for (;num--;XX+=HASH_LBLOCK) | ||
| 98 | { | ||
| 99 | |||
| 100 | A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; | ||
| 101 | |||
| 102 | RIP1(A,B,C,D,E,WL00,SL00); | ||
| 103 | RIP1(E,A,B,C,D,WL01,SL01); | ||
| 104 | RIP1(D,E,A,B,C,WL02,SL02); | ||
| 105 | RIP1(C,D,E,A,B,WL03,SL03); | ||
| 106 | RIP1(B,C,D,E,A,WL04,SL04); | ||
| 107 | RIP1(A,B,C,D,E,WL05,SL05); | ||
| 108 | RIP1(E,A,B,C,D,WL06,SL06); | ||
| 109 | RIP1(D,E,A,B,C,WL07,SL07); | ||
| 110 | RIP1(C,D,E,A,B,WL08,SL08); | ||
| 111 | RIP1(B,C,D,E,A,WL09,SL09); | ||
| 112 | RIP1(A,B,C,D,E,WL10,SL10); | ||
| 113 | RIP1(E,A,B,C,D,WL11,SL11); | ||
| 114 | RIP1(D,E,A,B,C,WL12,SL12); | ||
| 115 | RIP1(C,D,E,A,B,WL13,SL13); | ||
| 116 | RIP1(B,C,D,E,A,WL14,SL14); | ||
| 117 | RIP1(A,B,C,D,E,WL15,SL15); | ||
| 118 | |||
| 119 | RIP2(E,A,B,C,D,WL16,SL16,KL1); | ||
| 120 | RIP2(D,E,A,B,C,WL17,SL17,KL1); | ||
| 121 | RIP2(C,D,E,A,B,WL18,SL18,KL1); | ||
| 122 | RIP2(B,C,D,E,A,WL19,SL19,KL1); | ||
| 123 | RIP2(A,B,C,D,E,WL20,SL20,KL1); | ||
| 124 | RIP2(E,A,B,C,D,WL21,SL21,KL1); | ||
| 125 | RIP2(D,E,A,B,C,WL22,SL22,KL1); | ||
| 126 | RIP2(C,D,E,A,B,WL23,SL23,KL1); | ||
| 127 | RIP2(B,C,D,E,A,WL24,SL24,KL1); | ||
| 128 | RIP2(A,B,C,D,E,WL25,SL25,KL1); | ||
| 129 | RIP2(E,A,B,C,D,WL26,SL26,KL1); | ||
| 130 | RIP2(D,E,A,B,C,WL27,SL27,KL1); | ||
| 131 | RIP2(C,D,E,A,B,WL28,SL28,KL1); | ||
| 132 | RIP2(B,C,D,E,A,WL29,SL29,KL1); | ||
| 133 | RIP2(A,B,C,D,E,WL30,SL30,KL1); | ||
| 134 | RIP2(E,A,B,C,D,WL31,SL31,KL1); | ||
| 135 | |||
| 136 | RIP3(D,E,A,B,C,WL32,SL32,KL2); | ||
| 137 | RIP3(C,D,E,A,B,WL33,SL33,KL2); | ||
| 138 | RIP3(B,C,D,E,A,WL34,SL34,KL2); | ||
| 139 | RIP3(A,B,C,D,E,WL35,SL35,KL2); | ||
| 140 | RIP3(E,A,B,C,D,WL36,SL36,KL2); | ||
| 141 | RIP3(D,E,A,B,C,WL37,SL37,KL2); | ||
| 142 | RIP3(C,D,E,A,B,WL38,SL38,KL2); | ||
| 143 | RIP3(B,C,D,E,A,WL39,SL39,KL2); | ||
| 144 | RIP3(A,B,C,D,E,WL40,SL40,KL2); | ||
| 145 | RIP3(E,A,B,C,D,WL41,SL41,KL2); | ||
| 146 | RIP3(D,E,A,B,C,WL42,SL42,KL2); | ||
| 147 | RIP3(C,D,E,A,B,WL43,SL43,KL2); | ||
| 148 | RIP3(B,C,D,E,A,WL44,SL44,KL2); | ||
| 149 | RIP3(A,B,C,D,E,WL45,SL45,KL2); | ||
| 150 | RIP3(E,A,B,C,D,WL46,SL46,KL2); | ||
| 151 | RIP3(D,E,A,B,C,WL47,SL47,KL2); | ||
| 152 | |||
| 153 | RIP4(C,D,E,A,B,WL48,SL48,KL3); | ||
| 154 | RIP4(B,C,D,E,A,WL49,SL49,KL3); | ||
| 155 | RIP4(A,B,C,D,E,WL50,SL50,KL3); | ||
| 156 | RIP4(E,A,B,C,D,WL51,SL51,KL3); | ||
| 157 | RIP4(D,E,A,B,C,WL52,SL52,KL3); | ||
| 158 | RIP4(C,D,E,A,B,WL53,SL53,KL3); | ||
| 159 | RIP4(B,C,D,E,A,WL54,SL54,KL3); | ||
| 160 | RIP4(A,B,C,D,E,WL55,SL55,KL3); | ||
| 161 | RIP4(E,A,B,C,D,WL56,SL56,KL3); | ||
| 162 | RIP4(D,E,A,B,C,WL57,SL57,KL3); | ||
| 163 | RIP4(C,D,E,A,B,WL58,SL58,KL3); | ||
| 164 | RIP4(B,C,D,E,A,WL59,SL59,KL3); | ||
| 165 | RIP4(A,B,C,D,E,WL60,SL60,KL3); | ||
| 166 | RIP4(E,A,B,C,D,WL61,SL61,KL3); | ||
| 167 | RIP4(D,E,A,B,C,WL62,SL62,KL3); | ||
| 168 | RIP4(C,D,E,A,B,WL63,SL63,KL3); | ||
| 169 | |||
| 170 | RIP5(B,C,D,E,A,WL64,SL64,KL4); | ||
| 171 | RIP5(A,B,C,D,E,WL65,SL65,KL4); | ||
| 172 | RIP5(E,A,B,C,D,WL66,SL66,KL4); | ||
| 173 | RIP5(D,E,A,B,C,WL67,SL67,KL4); | ||
| 174 | RIP5(C,D,E,A,B,WL68,SL68,KL4); | ||
| 175 | RIP5(B,C,D,E,A,WL69,SL69,KL4); | ||
| 176 | RIP5(A,B,C,D,E,WL70,SL70,KL4); | ||
| 177 | RIP5(E,A,B,C,D,WL71,SL71,KL4); | ||
| 178 | RIP5(D,E,A,B,C,WL72,SL72,KL4); | ||
| 179 | RIP5(C,D,E,A,B,WL73,SL73,KL4); | ||
| 180 | RIP5(B,C,D,E,A,WL74,SL74,KL4); | ||
| 181 | RIP5(A,B,C,D,E,WL75,SL75,KL4); | ||
| 182 | RIP5(E,A,B,C,D,WL76,SL76,KL4); | ||
| 183 | RIP5(D,E,A,B,C,WL77,SL77,KL4); | ||
| 184 | RIP5(C,D,E,A,B,WL78,SL78,KL4); | ||
| 185 | RIP5(B,C,D,E,A,WL79,SL79,KL4); | ||
| 186 | |||
| 187 | a=A; b=B; c=C; d=D; e=E; | ||
| 188 | /* Do other half */ | ||
| 189 | A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; | ||
| 190 | |||
| 191 | RIP5(A,B,C,D,E,WR00,SR00,KR0); | ||
| 192 | RIP5(E,A,B,C,D,WR01,SR01,KR0); | ||
| 193 | RIP5(D,E,A,B,C,WR02,SR02,KR0); | ||
| 194 | RIP5(C,D,E,A,B,WR03,SR03,KR0); | ||
| 195 | RIP5(B,C,D,E,A,WR04,SR04,KR0); | ||
| 196 | RIP5(A,B,C,D,E,WR05,SR05,KR0); | ||
| 197 | RIP5(E,A,B,C,D,WR06,SR06,KR0); | ||
| 198 | RIP5(D,E,A,B,C,WR07,SR07,KR0); | ||
| 199 | RIP5(C,D,E,A,B,WR08,SR08,KR0); | ||
| 200 | RIP5(B,C,D,E,A,WR09,SR09,KR0); | ||
| 201 | RIP5(A,B,C,D,E,WR10,SR10,KR0); | ||
| 202 | RIP5(E,A,B,C,D,WR11,SR11,KR0); | ||
| 203 | RIP5(D,E,A,B,C,WR12,SR12,KR0); | ||
| 204 | RIP5(C,D,E,A,B,WR13,SR13,KR0); | ||
| 205 | RIP5(B,C,D,E,A,WR14,SR14,KR0); | ||
| 206 | RIP5(A,B,C,D,E,WR15,SR15,KR0); | ||
| 207 | |||
| 208 | RIP4(E,A,B,C,D,WR16,SR16,KR1); | ||
| 209 | RIP4(D,E,A,B,C,WR17,SR17,KR1); | ||
| 210 | RIP4(C,D,E,A,B,WR18,SR18,KR1); | ||
| 211 | RIP4(B,C,D,E,A,WR19,SR19,KR1); | ||
| 212 | RIP4(A,B,C,D,E,WR20,SR20,KR1); | ||
| 213 | RIP4(E,A,B,C,D,WR21,SR21,KR1); | ||
| 214 | RIP4(D,E,A,B,C,WR22,SR22,KR1); | ||
| 215 | RIP4(C,D,E,A,B,WR23,SR23,KR1); | ||
| 216 | RIP4(B,C,D,E,A,WR24,SR24,KR1); | ||
| 217 | RIP4(A,B,C,D,E,WR25,SR25,KR1); | ||
| 218 | RIP4(E,A,B,C,D,WR26,SR26,KR1); | ||
| 219 | RIP4(D,E,A,B,C,WR27,SR27,KR1); | ||
| 220 | RIP4(C,D,E,A,B,WR28,SR28,KR1); | ||
| 221 | RIP4(B,C,D,E,A,WR29,SR29,KR1); | ||
| 222 | RIP4(A,B,C,D,E,WR30,SR30,KR1); | ||
| 223 | RIP4(E,A,B,C,D,WR31,SR31,KR1); | ||
| 224 | |||
| 225 | RIP3(D,E,A,B,C,WR32,SR32,KR2); | ||
| 226 | RIP3(C,D,E,A,B,WR33,SR33,KR2); | ||
| 227 | RIP3(B,C,D,E,A,WR34,SR34,KR2); | ||
| 228 | RIP3(A,B,C,D,E,WR35,SR35,KR2); | ||
| 229 | RIP3(E,A,B,C,D,WR36,SR36,KR2); | ||
| 230 | RIP3(D,E,A,B,C,WR37,SR37,KR2); | ||
| 231 | RIP3(C,D,E,A,B,WR38,SR38,KR2); | ||
| 232 | RIP3(B,C,D,E,A,WR39,SR39,KR2); | ||
| 233 | RIP3(A,B,C,D,E,WR40,SR40,KR2); | ||
| 234 | RIP3(E,A,B,C,D,WR41,SR41,KR2); | ||
| 235 | RIP3(D,E,A,B,C,WR42,SR42,KR2); | ||
| 236 | RIP3(C,D,E,A,B,WR43,SR43,KR2); | ||
| 237 | RIP3(B,C,D,E,A,WR44,SR44,KR2); | ||
| 238 | RIP3(A,B,C,D,E,WR45,SR45,KR2); | ||
| 239 | RIP3(E,A,B,C,D,WR46,SR46,KR2); | ||
| 240 | RIP3(D,E,A,B,C,WR47,SR47,KR2); | ||
| 241 | |||
| 242 | RIP2(C,D,E,A,B,WR48,SR48,KR3); | ||
| 243 | RIP2(B,C,D,E,A,WR49,SR49,KR3); | ||
| 244 | RIP2(A,B,C,D,E,WR50,SR50,KR3); | ||
| 245 | RIP2(E,A,B,C,D,WR51,SR51,KR3); | ||
| 246 | RIP2(D,E,A,B,C,WR52,SR52,KR3); | ||
| 247 | RIP2(C,D,E,A,B,WR53,SR53,KR3); | ||
| 248 | RIP2(B,C,D,E,A,WR54,SR54,KR3); | ||
| 249 | RIP2(A,B,C,D,E,WR55,SR55,KR3); | ||
| 250 | RIP2(E,A,B,C,D,WR56,SR56,KR3); | ||
| 251 | RIP2(D,E,A,B,C,WR57,SR57,KR3); | ||
| 252 | RIP2(C,D,E,A,B,WR58,SR58,KR3); | ||
| 253 | RIP2(B,C,D,E,A,WR59,SR59,KR3); | ||
| 254 | RIP2(A,B,C,D,E,WR60,SR60,KR3); | ||
| 255 | RIP2(E,A,B,C,D,WR61,SR61,KR3); | ||
| 256 | RIP2(D,E,A,B,C,WR62,SR62,KR3); | ||
| 257 | RIP2(C,D,E,A,B,WR63,SR63,KR3); | ||
| 258 | |||
| 259 | RIP1(B,C,D,E,A,WR64,SR64); | ||
| 260 | RIP1(A,B,C,D,E,WR65,SR65); | ||
| 261 | RIP1(E,A,B,C,D,WR66,SR66); | ||
| 262 | RIP1(D,E,A,B,C,WR67,SR67); | ||
| 263 | RIP1(C,D,E,A,B,WR68,SR68); | ||
| 264 | RIP1(B,C,D,E,A,WR69,SR69); | ||
| 265 | RIP1(A,B,C,D,E,WR70,SR70); | ||
| 266 | RIP1(E,A,B,C,D,WR71,SR71); | ||
| 267 | RIP1(D,E,A,B,C,WR72,SR72); | ||
| 268 | RIP1(C,D,E,A,B,WR73,SR73); | ||
| 269 | RIP1(B,C,D,E,A,WR74,SR74); | ||
| 270 | RIP1(A,B,C,D,E,WR75,SR75); | ||
| 271 | RIP1(E,A,B,C,D,WR76,SR76); | ||
| 272 | RIP1(D,E,A,B,C,WR77,SR77); | ||
| 273 | RIP1(C,D,E,A,B,WR78,SR78); | ||
| 274 | RIP1(B,C,D,E,A,WR79,SR79); | ||
| 275 | |||
| 276 | D =ctx->B+c+D; | ||
| 277 | ctx->B=ctx->C+d+E; | ||
| 278 | ctx->C=ctx->D+e+A; | ||
| 279 | ctx->D=ctx->E+a+B; | ||
| 280 | ctx->E=ctx->A+b+C; | ||
| 281 | ctx->A=D; | ||
| 282 | |||
| 283 | } | ||
| 284 | } | ||
| 285 | #endif | ||
| 286 | |||
| 287 | #ifndef ripemd160_block_data_order | 85 | #ifndef ripemd160_block_data_order |
| 288 | #ifdef X | 86 | #ifdef X |
| 289 | #undef X | 87 | #undef X |
| 290 | #endif | 88 | #endif |
| 291 | void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, int num) | 89 | void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, size_t num) |
| 292 | { | 90 | { |
| 293 | const unsigned char *data=p; | 91 | const unsigned char *data=p; |
| 294 | register volatile unsigned MD32_REG_T A,B,C,D,E; | 92 | register volatile unsigned MD32_REG_T A,B,C,D,E; |
diff --git a/src/lib/libcrypto/ripemd/rmd_locl.h b/src/lib/libcrypto/ripemd/rmd_locl.h index 7b835dfbd4..f14b346e66 100644 --- a/src/lib/libcrypto/ripemd/rmd_locl.h +++ b/src/lib/libcrypto/ripemd/rmd_locl.h | |||
| @@ -72,28 +72,20 @@ | |||
| 72 | */ | 72 | */ |
| 73 | #ifdef RMD160_ASM | 73 | #ifdef RMD160_ASM |
| 74 | # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) | 74 | # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) |
| 75 | # define ripemd160_block_host_order ripemd160_block_asm_host_order | 75 | # define ripemd160_block_data_order ripemd160_block_asm_data_order |
| 76 | # endif | 76 | # endif |
| 77 | #endif | 77 | #endif |
| 78 | 78 | ||
| 79 | void ripemd160_block_host_order (RIPEMD160_CTX *c, const void *p,int num); | 79 | void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,size_t num); |
| 80 | void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,int num); | ||
| 81 | |||
| 82 | #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) | ||
| 83 | #define ripemd160_block_data_order ripemd160_block_host_order | ||
| 84 | #endif | ||
| 85 | 80 | ||
| 86 | #define DATA_ORDER_IS_LITTLE_ENDIAN | 81 | #define DATA_ORDER_IS_LITTLE_ENDIAN |
| 87 | 82 | ||
| 88 | #define HASH_LONG RIPEMD160_LONG | 83 | #define HASH_LONG RIPEMD160_LONG |
| 89 | #define HASH_LONG_LOG2 RIPEMD160_LONG_LOG2 | ||
| 90 | #define HASH_CTX RIPEMD160_CTX | 84 | #define HASH_CTX RIPEMD160_CTX |
| 91 | #define HASH_CBLOCK RIPEMD160_CBLOCK | 85 | #define HASH_CBLOCK RIPEMD160_CBLOCK |
| 92 | #define HASH_LBLOCK RIPEMD160_LBLOCK | ||
| 93 | #define HASH_UPDATE RIPEMD160_Update | 86 | #define HASH_UPDATE RIPEMD160_Update |
| 94 | #define HASH_TRANSFORM RIPEMD160_Transform | 87 | #define HASH_TRANSFORM RIPEMD160_Transform |
| 95 | #define HASH_FINAL RIPEMD160_Final | 88 | #define HASH_FINAL RIPEMD160_Final |
| 96 | #define HASH_BLOCK_HOST_ORDER ripemd160_block_host_order | ||
| 97 | #define HASH_MAKE_STRING(c,s) do { \ | 89 | #define HASH_MAKE_STRING(c,s) do { \ |
| 98 | unsigned long ll; \ | 90 | unsigned long ll; \ |
| 99 | ll=(c)->A; HOST_l2c(ll,(s)); \ | 91 | ll=(c)->A; HOST_l2c(ll,(s)); \ |
| @@ -102,9 +94,7 @@ void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,int num); | |||
| 102 | ll=(c)->D; HOST_l2c(ll,(s)); \ | 94 | ll=(c)->D; HOST_l2c(ll,(s)); \ |
| 103 | ll=(c)->E; HOST_l2c(ll,(s)); \ | 95 | ll=(c)->E; HOST_l2c(ll,(s)); \ |
| 104 | } while (0) | 96 | } while (0) |
| 105 | #if !defined(L_ENDIAN) || defined(ripemd160_block_data_order) | ||
| 106 | #define HASH_BLOCK_DATA_ORDER ripemd160_block_data_order | 97 | #define HASH_BLOCK_DATA_ORDER ripemd160_block_data_order |
| 107 | #endif | ||
| 108 | 98 | ||
| 109 | #include "md32_common.h" | 99 | #include "md32_common.h" |
| 110 | 100 | ||
diff --git a/src/lib/libcrypto/ripemd/rmd_one.c b/src/lib/libcrypto/ripemd/rmd_one.c index b88446b267..3efb13758f 100644 --- a/src/lib/libcrypto/ripemd/rmd_one.c +++ b/src/lib/libcrypto/ripemd/rmd_one.c | |||
| @@ -61,7 +61,7 @@ | |||
| 61 | #include <openssl/ripemd.h> | 61 | #include <openssl/ripemd.h> |
| 62 | #include <openssl/crypto.h> | 62 | #include <openssl/crypto.h> |
| 63 | 63 | ||
| 64 | unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, | 64 | unsigned char *RIPEMD160(const unsigned char *d, size_t n, |
| 65 | unsigned char *md) | 65 | unsigned char *md) |
| 66 | { | 66 | { |
| 67 | RIPEMD160_CTX c; | 67 | RIPEMD160_CTX c; |
diff --git a/src/lib/libcrypto/ripemd/rmdtest.c b/src/lib/libcrypto/ripemd/rmdtest.c index d4c709e646..fb34e0e836 100644 --- a/src/lib/libcrypto/ripemd/rmdtest.c +++ b/src/lib/libcrypto/ripemd/rmdtest.c | |||
| @@ -103,19 +103,19 @@ static char *pt(unsigned char *md); | |||
| 103 | int main(int argc, char *argv[]) | 103 | int main(int argc, char *argv[]) |
| 104 | { | 104 | { |
| 105 | int i,err=0; | 105 | int i,err=0; |
| 106 | unsigned char **P,**R; | 106 | char **P,**R; |
| 107 | char *p; | 107 | char *p; |
| 108 | unsigned char md[RIPEMD160_DIGEST_LENGTH]; | 108 | unsigned char md[RIPEMD160_DIGEST_LENGTH]; |
| 109 | 109 | ||
| 110 | P=(unsigned char **)test; | 110 | P=test; |
| 111 | R=(unsigned char **)ret; | 111 | R=ret; |
| 112 | i=1; | 112 | i=1; |
| 113 | while (*P != NULL) | 113 | while (*P != NULL) |
| 114 | { | 114 | { |
| 115 | #ifdef CHARSET_EBCDIC | 115 | #ifdef CHARSET_EBCDIC |
| 116 | ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P)); | 116 | ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P)); |
| 117 | #endif | 117 | #endif |
| 118 | EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_ripemd160(), NULL); | 118 | EVP_Digest(&(P[0][0]),strlen((char *)*P),md,NULL,EVP_ripemd160(), NULL); |
| 119 | p=pt(md); | 119 | p=pt(md); |
| 120 | if (strcmp(p,(char *)*R) != 0) | 120 | if (strcmp(p,(char *)*R) != 0) |
| 121 | { | 121 | { |
diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h index dbed701e89..6b5e4f8a9a 100644 --- a/src/lib/libcrypto/rsa/rsa.h +++ b/src/lib/libcrypto/rsa/rsa.h | |||
| @@ -64,25 +64,25 @@ | |||
| 64 | #ifndef OPENSSL_NO_BIO | 64 | #ifndef OPENSSL_NO_BIO |
| 65 | #include <openssl/bio.h> | 65 | #include <openssl/bio.h> |
| 66 | #endif | 66 | #endif |
| 67 | #include <openssl/bn.h> | ||
| 68 | #include <openssl/crypto.h> | 67 | #include <openssl/crypto.h> |
| 69 | #include <openssl/ossl_typ.h> | 68 | #include <openssl/ossl_typ.h> |
| 69 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 70 | #include <openssl/bn.h> | ||
| 71 | #endif | ||
| 70 | 72 | ||
| 71 | #ifdef OPENSSL_NO_RSA | 73 | #ifdef OPENSSL_NO_RSA |
| 72 | #error RSA is disabled. | 74 | #error RSA is disabled. |
| 73 | #endif | 75 | #endif |
| 74 | 76 | ||
| 75 | #if defined(OPENSSL_FIPS) | ||
| 76 | #define FIPS_RSA_SIZE_T int | ||
| 77 | #endif | ||
| 78 | |||
| 79 | #ifdef __cplusplus | 77 | #ifdef __cplusplus |
| 80 | extern "C" { | 78 | extern "C" { |
| 81 | #endif | 79 | #endif |
| 82 | 80 | ||
| 83 | typedef struct rsa_st RSA; | 81 | /* Declared already in ossl_typ.h */ |
| 82 | /* typedef struct rsa_st RSA; */ | ||
| 83 | /* typedef struct rsa_meth_st RSA_METHOD; */ | ||
| 84 | 84 | ||
| 85 | typedef struct rsa_meth_st | 85 | struct rsa_meth_st |
| 86 | { | 86 | { |
| 87 | const char *name; | 87 | const char *name; |
| 88 | int (*rsa_pub_enc)(int flen,const unsigned char *from, | 88 | int (*rsa_pub_enc)(int flen,const unsigned char *from, |
| @@ -97,7 +97,7 @@ typedef struct rsa_meth_st | |||
| 97 | int (*rsa_priv_dec)(int flen,const unsigned char *from, | 97 | int (*rsa_priv_dec)(int flen,const unsigned char *from, |
| 98 | unsigned char *to, | 98 | unsigned char *to, |
| 99 | RSA *rsa,int padding); | 99 | RSA *rsa,int padding); |
| 100 | int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa); /* Can be null */ | 100 | int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa,BN_CTX *ctx); /* Can be null */ |
| 101 | int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | 101 | int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, |
| 102 | const BIGNUM *m, BN_CTX *ctx, | 102 | const BIGNUM *m, BN_CTX *ctx, |
| 103 | BN_MONT_CTX *m_ctx); /* Can be null */ | 103 | BN_MONT_CTX *m_ctx); /* Can be null */ |
| @@ -118,8 +118,12 @@ typedef struct rsa_meth_st | |||
| 118 | int (*rsa_verify)(int dtype, | 118 | int (*rsa_verify)(int dtype, |
| 119 | const unsigned char *m, unsigned int m_length, | 119 | const unsigned char *m, unsigned int m_length, |
| 120 | unsigned char *sigbuf, unsigned int siglen, const RSA *rsa); | 120 | unsigned char *sigbuf, unsigned int siglen, const RSA *rsa); |
| 121 | 121 | /* If this callback is NULL, the builtin software RSA key-gen will be used. This | |
| 122 | } RSA_METHOD; | 122 | * is for behavioural compatibility whilst the code gets rewired, but one day |
| 123 | * it would be nice to assume there are no such things as "builtin software" | ||
| 124 | * implementations. */ | ||
| 125 | int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); | ||
| 126 | }; | ||
| 123 | 127 | ||
| 124 | struct rsa_st | 128 | struct rsa_st |
| 125 | { | 129 | { |
| @@ -152,12 +156,19 @@ struct rsa_st | |||
| 152 | * NULL */ | 156 | * NULL */ |
| 153 | char *bignum_data; | 157 | char *bignum_data; |
| 154 | BN_BLINDING *blinding; | 158 | BN_BLINDING *blinding; |
| 159 | BN_BLINDING *mt_blinding; | ||
| 155 | }; | 160 | }; |
| 156 | 161 | ||
| 157 | #define OPENSSL_RSA_MAX_MODULUS_BITS 16384 | 162 | #ifndef OPENSSL_RSA_MAX_MODULUS_BITS |
| 163 | # define OPENSSL_RSA_MAX_MODULUS_BITS 16384 | ||
| 164 | #endif | ||
| 158 | 165 | ||
| 159 | #define OPENSSL_RSA_SMALL_MODULUS_BITS 3072 | 166 | #ifndef OPENSSL_RSA_SMALL_MODULUS_BITS |
| 160 | #define OPENSSL_RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "small" modulus only */ | 167 | # define OPENSSL_RSA_SMALL_MODULUS_BITS 3072 |
| 168 | #endif | ||
| 169 | #ifndef OPENSSL_RSA_MAX_PUBEXP_BITS | ||
| 170 | # define OPENSSL_RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "large" modulus only */ | ||
| 171 | #endif | ||
| 161 | 172 | ||
| 162 | #define RSA_3 0x3L | 173 | #define RSA_3 0x3L |
| 163 | #define RSA_F4 0x10001L | 174 | #define RSA_F4 0x10001L |
| @@ -184,13 +195,27 @@ struct rsa_st | |||
| 184 | * default (ignoring RSA_FLAG_BLINDING), | 195 | * default (ignoring RSA_FLAG_BLINDING), |
| 185 | * but other engines might not need it | 196 | * but other engines might not need it |
| 186 | */ | 197 | */ |
| 187 | #define RSA_FLAG_NO_EXP_CONSTTIME 0x0100 /* new with 0.9.7h; the built-in RSA | 198 | #define RSA_FLAG_NO_CONSTTIME 0x0100 /* new with 0.9.8f; the built-in RSA |
| 199 | * implementation now uses constant time | ||
| 200 | * operations by default in private key operations, | ||
| 201 | * e.g., constant time modular exponentiation, | ||
| 202 | * modular inverse without leaking branches, | ||
| 203 | * division without leaking branches. This | ||
| 204 | * flag disables these constant time | ||
| 205 | * operations and results in faster RSA | ||
| 206 | * private key operations. | ||
| 207 | */ | ||
| 208 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 209 | #define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME /* deprecated name for the flag*/ | ||
| 210 | /* new with 0.9.7h; the built-in RSA | ||
| 188 | * implementation now uses constant time | 211 | * implementation now uses constant time |
| 189 | * modular exponentiation for secret exponents | 212 | * modular exponentiation for secret exponents |
| 190 | * by default. This flag causes the | 213 | * by default. This flag causes the |
| 191 | * faster variable sliding window method to | 214 | * faster variable sliding window method to |
| 192 | * be used for all exponents. | 215 | * be used for all exponents. |
| 193 | */ | 216 | */ |
| 217 | #endif | ||
| 218 | |||
| 194 | 219 | ||
| 195 | #define RSA_PKCS1_PADDING 1 | 220 | #define RSA_PKCS1_PADDING 1 |
| 196 | #define RSA_SSLV23_PADDING 2 | 221 | #define RSA_SSLV23_PADDING 2 |
| @@ -206,18 +231,17 @@ struct rsa_st | |||
| 206 | RSA * RSA_new(void); | 231 | RSA * RSA_new(void); |
| 207 | RSA * RSA_new_method(ENGINE *engine); | 232 | RSA * RSA_new_method(ENGINE *engine); |
| 208 | int RSA_size(const RSA *); | 233 | int RSA_size(const RSA *); |
| 234 | |||
| 235 | /* Deprecated version */ | ||
| 236 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 209 | RSA * RSA_generate_key(int bits, unsigned long e,void | 237 | RSA * RSA_generate_key(int bits, unsigned long e,void |
| 210 | (*callback)(int,int,void *),void *cb_arg); | 238 | (*callback)(int,int,void *),void *cb_arg); |
| 239 | #endif /* !defined(OPENSSL_NO_DEPRECATED) */ | ||
| 240 | |||
| 241 | /* New version */ | ||
| 242 | int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); | ||
| 243 | |||
| 211 | int RSA_check_key(const RSA *); | 244 | int RSA_check_key(const RSA *); |
| 212 | #ifdef OPENSSL_FIPS | ||
| 213 | int RSA_X931_derive(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2, | ||
| 214 | void (*cb)(int, int, void *), void *cb_arg, | ||
| 215 | const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp, | ||
| 216 | const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq, | ||
| 217 | const BIGNUM *e); | ||
| 218 | RSA *RSA_X931_generate_key(int bits, const BIGNUM *e, | ||
| 219 | void (*cb)(int,int,void *), void *cb_arg); | ||
| 220 | #endif | ||
| 221 | /* next 4 return -1 on error */ | 245 | /* next 4 return -1 on error */ |
| 222 | int RSA_public_encrypt(int flen, const unsigned char *from, | 246 | int RSA_public_encrypt(int flen, const unsigned char *from, |
| 223 | unsigned char *to, RSA *rsa,int padding); | 247 | unsigned char *to, RSA *rsa,int padding); |
| @@ -257,11 +281,19 @@ int RSA_print_fp(FILE *fp, const RSA *r,int offset); | |||
| 257 | int RSA_print(BIO *bp, const RSA *r,int offset); | 281 | int RSA_print(BIO *bp, const RSA *r,int offset); |
| 258 | #endif | 282 | #endif |
| 259 | 283 | ||
| 260 | int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey); | 284 | int i2d_RSA_NET(const RSA *a, unsigned char **pp, |
| 261 | RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey); | 285 | int (*cb)(char *buf, int len, const char *prompt, int verify), |
| 286 | int sgckey); | ||
| 287 | RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, | ||
| 288 | int (*cb)(char *buf, int len, const char *prompt, int verify), | ||
| 289 | int sgckey); | ||
| 262 | 290 | ||
| 263 | int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)()); | 291 | int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, |
| 264 | RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)()); | 292 | int (*cb)(char *buf, int len, const char *prompt, |
| 293 | int verify)); | ||
| 294 | RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, | ||
| 295 | int (*cb)(char *buf, int len, const char *prompt, | ||
| 296 | int verify)); | ||
| 265 | 297 | ||
| 266 | /* The following 2 functions sign and verify a X509_SIG ASN1 object | 298 | /* The following 2 functions sign and verify a X509_SIG ASN1 object |
| 267 | * inside PKCS#1 padded RSA encryption */ | 299 | * inside PKCS#1 padded RSA encryption */ |
| @@ -281,6 +313,7 @@ int RSA_verify_ASN1_OCTET_STRING(int type, | |||
| 281 | 313 | ||
| 282 | int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); | 314 | int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); |
| 283 | void RSA_blinding_off(RSA *rsa); | 315 | void RSA_blinding_off(RSA *rsa); |
| 316 | BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx); | ||
| 284 | 317 | ||
| 285 | int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen, | 318 | int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen, |
| 286 | const unsigned char *f,int fl); | 319 | const unsigned char *f,int fl); |
| @@ -336,14 +369,21 @@ void ERR_load_RSA_strings(void); | |||
| 336 | 369 | ||
| 337 | /* Function codes. */ | 370 | /* Function codes. */ |
| 338 | #define RSA_F_MEMORY_LOCK 100 | 371 | #define RSA_F_MEMORY_LOCK 100 |
| 372 | #define RSA_F_RSA_BUILTIN_KEYGEN 129 | ||
| 339 | #define RSA_F_RSA_CHECK_KEY 123 | 373 | #define RSA_F_RSA_CHECK_KEY 123 |
| 340 | #define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 | 374 | #define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 |
| 341 | #define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 | 375 | #define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 |
| 342 | #define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 | 376 | #define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 |
| 343 | #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 | 377 | #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 |
| 344 | #define RSA_F_RSA_GENERATE_KEY 105 | 378 | #define RSA_F_RSA_GENERATE_KEY 105 |
| 379 | #define RSA_F_RSA_MEMORY_LOCK 130 | ||
| 345 | #define RSA_F_RSA_NEW_METHOD 106 | 380 | #define RSA_F_RSA_NEW_METHOD 106 |
| 346 | #define RSA_F_RSA_NULL 124 | 381 | #define RSA_F_RSA_NULL 124 |
| 382 | #define RSA_F_RSA_NULL_MOD_EXP 131 | ||
| 383 | #define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132 | ||
| 384 | #define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133 | ||
| 385 | #define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134 | ||
| 386 | #define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135 | ||
| 347 | #define RSA_F_RSA_PADDING_ADD_NONE 107 | 387 | #define RSA_F_RSA_PADDING_ADD_NONE 107 |
| 348 | #define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 | 388 | #define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 |
| 349 | #define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125 | 389 | #define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125 |
| @@ -359,6 +399,7 @@ void ERR_load_RSA_strings(void); | |||
| 359 | #define RSA_F_RSA_PADDING_CHECK_X931 128 | 399 | #define RSA_F_RSA_PADDING_CHECK_X931 128 |
| 360 | #define RSA_F_RSA_PRINT 115 | 400 | #define RSA_F_RSA_PRINT 115 |
| 361 | #define RSA_F_RSA_PRINT_FP 116 | 401 | #define RSA_F_RSA_PRINT_FP 116 |
| 402 | #define RSA_F_RSA_SETUP_BLINDING 136 | ||
| 362 | #define RSA_F_RSA_SIGN 117 | 403 | #define RSA_F_RSA_SIGN 117 |
| 363 | #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 | 404 | #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 |
| 364 | #define RSA_F_RSA_VERIFY 119 | 405 | #define RSA_F_RSA_VERIFY 119 |
| @@ -392,6 +433,7 @@ void ERR_load_RSA_strings(void); | |||
| 392 | #define RSA_R_KEY_SIZE_TOO_SMALL 120 | 433 | #define RSA_R_KEY_SIZE_TOO_SMALL 120 |
| 393 | #define RSA_R_LAST_OCTET_INVALID 134 | 434 | #define RSA_R_LAST_OCTET_INVALID 134 |
| 394 | #define RSA_R_MODULUS_TOO_LARGE 105 | 435 | #define RSA_R_MODULUS_TOO_LARGE 105 |
| 436 | #define RSA_R_NO_PUBLIC_EXPONENT 140 | ||
| 395 | #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 | 437 | #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 |
| 396 | #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 | 438 | #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 |
| 397 | #define RSA_R_OAEP_DECODING_ERROR 121 | 439 | #define RSA_R_OAEP_DECODING_ERROR 121 |
diff --git a/src/lib/libcrypto/rsa/rsa_asn1.c b/src/lib/libcrypto/rsa/rsa_asn1.c index 1455a7e0e4..bbbf26d50e 100644 --- a/src/lib/libcrypto/rsa/rsa_asn1.c +++ b/src/lib/libcrypto/rsa/rsa_asn1.c | |||
| @@ -63,10 +63,10 @@ | |||
| 63 | #include <openssl/asn1t.h> | 63 | #include <openssl/asn1t.h> |
| 64 | 64 | ||
| 65 | static ASN1_METHOD method={ | 65 | static ASN1_METHOD method={ |
| 66 | (int (*)()) i2d_RSAPrivateKey, | 66 | (I2D_OF(void)) i2d_RSAPrivateKey, |
| 67 | (char *(*)())d2i_RSAPrivateKey, | 67 | (D2I_OF(void)) d2i_RSAPrivateKey, |
| 68 | (char *(*)())RSA_new, | 68 | (void *(*)(void)) RSA_new, |
| 69 | (void (*)()) RSA_free}; | 69 | (void (*)(void *)) RSA_free}; |
| 70 | 70 | ||
| 71 | ASN1_METHOD *RSAPrivateKey_asn1_meth(void) | 71 | ASN1_METHOD *RSAPrivateKey_asn1_meth(void) |
| 72 | { | 72 | { |
diff --git a/src/lib/libcrypto/rsa/rsa_chk.c b/src/lib/libcrypto/rsa/rsa_chk.c index 002f2cb487..9d848db8c6 100644 --- a/src/lib/libcrypto/rsa/rsa_chk.c +++ b/src/lib/libcrypto/rsa/rsa_chk.c | |||
| @@ -75,7 +75,7 @@ int RSA_check_key(const RSA *key) | |||
| 75 | } | 75 | } |
| 76 | 76 | ||
| 77 | /* p prime? */ | 77 | /* p prime? */ |
| 78 | r = BN_is_prime(key->p, BN_prime_checks, NULL, NULL, NULL); | 78 | r = BN_is_prime_ex(key->p, BN_prime_checks, NULL, NULL); |
| 79 | if (r != 1) | 79 | if (r != 1) |
| 80 | { | 80 | { |
| 81 | ret = r; | 81 | ret = r; |
| @@ -85,7 +85,7 @@ int RSA_check_key(const RSA *key) | |||
| 85 | } | 85 | } |
| 86 | 86 | ||
| 87 | /* q prime? */ | 87 | /* q prime? */ |
| 88 | r = BN_is_prime(key->q, BN_prime_checks, NULL, NULL, NULL); | 88 | r = BN_is_prime_ex(key->q, BN_prime_checks, NULL, NULL); |
| 89 | if (r != 1) | 89 | if (r != 1) |
| 90 | { | 90 | { |
| 91 | ret = r; | 91 | ret = r; |
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c index 610889dc80..bb77d0f67e 100644 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ b/src/lib/libcrypto/rsa/rsa_eay.c | |||
| @@ -56,7 +56,7 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | 58 | /* ==================================================================== |
| 59 | * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. | 59 | * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. |
| 60 | * | 60 | * |
| 61 | * Redistribution and use in source and binary forms, with or without | 61 | * Redistribution and use in source and binary forms, with or without |
| 62 | * modification, are permitted provided that the following conditions | 62 | * modification, are permitted provided that the following conditions |
| @@ -115,7 +115,7 @@ | |||
| 115 | #include <openssl/rsa.h> | 115 | #include <openssl/rsa.h> |
| 116 | #include <openssl/rand.h> | 116 | #include <openssl/rand.h> |
| 117 | 117 | ||
| 118 | #if !defined(RSA_NULL) && !defined(OPENSSL_FIPS) | 118 | #ifndef RSA_NULL |
| 119 | 119 | ||
| 120 | static int RSA_eay_public_encrypt(int flen, const unsigned char *from, | 120 | static int RSA_eay_public_encrypt(int flen, const unsigned char *from, |
| 121 | unsigned char *to, RSA *rsa,int padding); | 121 | unsigned char *to, RSA *rsa,int padding); |
| @@ -125,7 +125,7 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, | |||
| 125 | unsigned char *to, RSA *rsa,int padding); | 125 | unsigned char *to, RSA *rsa,int padding); |
| 126 | static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | 126 | static int RSA_eay_private_decrypt(int flen, const unsigned char *from, |
| 127 | unsigned char *to, RSA *rsa,int padding); | 127 | unsigned char *to, RSA *rsa,int padding); |
| 128 | static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa); | 128 | static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx); |
| 129 | static int RSA_eay_init(RSA *rsa); | 129 | static int RSA_eay_init(RSA *rsa); |
| 130 | static int RSA_eay_finish(RSA *rsa); | 130 | static int RSA_eay_finish(RSA *rsa); |
| 131 | static RSA_METHOD rsa_pkcs1_eay_meth={ | 131 | static RSA_METHOD rsa_pkcs1_eay_meth={ |
| @@ -141,7 +141,8 @@ static RSA_METHOD rsa_pkcs1_eay_meth={ | |||
| 141 | 0, /* flags */ | 141 | 0, /* flags */ |
| 142 | NULL, | 142 | NULL, |
| 143 | 0, /* rsa_sign */ | 143 | 0, /* rsa_sign */ |
| 144 | 0 /* rsa_verify */ | 144 | 0, /* rsa_verify */ |
| 145 | NULL /* rsa_keygen */ | ||
| 145 | }; | 146 | }; |
| 146 | 147 | ||
| 147 | const RSA_METHOD *RSA_PKCS1_SSLeay(void) | 148 | const RSA_METHOD *RSA_PKCS1_SSLeay(void) |
| @@ -149,19 +150,53 @@ const RSA_METHOD *RSA_PKCS1_SSLeay(void) | |||
| 149 | return(&rsa_pkcs1_eay_meth); | 150 | return(&rsa_pkcs1_eay_meth); |
| 150 | } | 151 | } |
| 151 | 152 | ||
| 153 | /* Usage example; | ||
| 154 | * MONT_HELPER(rsa->_method_mod_p, bn_ctx, rsa->p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); | ||
| 155 | */ | ||
| 156 | #define MONT_HELPER(method_mod, ctx, m, pre_cond, err_instr) \ | ||
| 157 | if ((pre_cond) && ((method_mod) == NULL) && \ | ||
| 158 | !BN_MONT_CTX_set_locked(&(method_mod), \ | ||
| 159 | CRYPTO_LOCK_RSA, \ | ||
| 160 | (m), (ctx))) \ | ||
| 161 | err_instr | ||
| 162 | |||
| 152 | static int RSA_eay_public_encrypt(int flen, const unsigned char *from, | 163 | static int RSA_eay_public_encrypt(int flen, const unsigned char *from, |
| 153 | unsigned char *to, RSA *rsa, int padding) | 164 | unsigned char *to, RSA *rsa, int padding) |
| 154 | { | 165 | { |
| 155 | BIGNUM f,ret; | 166 | BIGNUM *f,*ret; |
| 156 | int i,j,k,num=0,r= -1; | 167 | int i,j,k,num=0,r= -1; |
| 157 | unsigned char *buf=NULL; | 168 | unsigned char *buf=NULL; |
| 158 | BN_CTX *ctx=NULL; | 169 | BN_CTX *ctx=NULL; |
| 159 | 170 | ||
| 160 | BN_init(&f); | 171 | if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) |
| 161 | BN_init(&ret); | 172 | { |
| 173 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE); | ||
| 174 | return -1; | ||
| 175 | } | ||
| 176 | |||
| 177 | if (BN_ucmp(rsa->n, rsa->e) <= 0) | ||
| 178 | { | ||
| 179 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); | ||
| 180 | return -1; | ||
| 181 | } | ||
| 182 | |||
| 183 | /* for large moduli, enforce exponent limit */ | ||
| 184 | if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) | ||
| 185 | { | ||
| 186 | if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) | ||
| 187 | { | ||
| 188 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); | ||
| 189 | return -1; | ||
| 190 | } | ||
| 191 | } | ||
| 192 | |||
| 162 | if ((ctx=BN_CTX_new()) == NULL) goto err; | 193 | if ((ctx=BN_CTX_new()) == NULL) goto err; |
| 194 | BN_CTX_start(ctx); | ||
| 195 | f = BN_CTX_get(ctx); | ||
| 196 | ret = BN_CTX_get(ctx); | ||
| 163 | num=BN_num_bytes(rsa->n); | 197 | num=BN_num_bytes(rsa->n); |
| 164 | if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) | 198 | buf = OPENSSL_malloc(num); |
| 199 | if (!f || !ret || !buf) | ||
| 165 | { | 200 | { |
| 166 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); | 201 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); |
| 167 | goto err; | 202 | goto err; |
| @@ -189,37 +224,34 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from, | |||
| 189 | } | 224 | } |
| 190 | if (i <= 0) goto err; | 225 | if (i <= 0) goto err; |
| 191 | 226 | ||
| 192 | if (BN_bin2bn(buf,num,&f) == NULL) goto err; | 227 | if (BN_bin2bn(buf,num,f) == NULL) goto err; |
| 193 | 228 | ||
| 194 | if (BN_ucmp(&f, rsa->n) >= 0) | 229 | if (BN_ucmp(f, rsa->n) >= 0) |
| 195 | { | 230 | { |
| 196 | /* usually the padding functions would catch this */ | 231 | /* usually the padding functions would catch this */ |
| 197 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); | 232 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); |
| 198 | goto err; | 233 | goto err; |
| 199 | } | 234 | } |
| 200 | 235 | ||
| 201 | if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) | 236 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); |
| 202 | { | ||
| 203 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, | ||
| 204 | CRYPTO_LOCK_RSA, rsa->n, ctx)) | ||
| 205 | goto err; | ||
| 206 | } | ||
| 207 | 237 | ||
| 208 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, | 238 | if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, |
| 209 | rsa->_method_mod_n)) goto err; | 239 | rsa->_method_mod_n)) goto err; |
| 210 | 240 | ||
| 211 | /* put in leading 0 bytes if the number is less than the | 241 | /* put in leading 0 bytes if the number is less than the |
| 212 | * length of the modulus */ | 242 | * length of the modulus */ |
| 213 | j=BN_num_bytes(&ret); | 243 | j=BN_num_bytes(ret); |
| 214 | i=BN_bn2bin(&ret,&(to[num-j])); | 244 | i=BN_bn2bin(ret,&(to[num-j])); |
| 215 | for (k=0; k<(num-i); k++) | 245 | for (k=0; k<(num-i); k++) |
| 216 | to[k]=0; | 246 | to[k]=0; |
| 217 | 247 | ||
| 218 | r=num; | 248 | r=num; |
| 219 | err: | 249 | err: |
| 220 | if (ctx != NULL) BN_CTX_free(ctx); | 250 | if (ctx != NULL) |
| 221 | BN_clear_free(&f); | 251 | { |
| 222 | BN_clear_free(&ret); | 252 | BN_CTX_end(ctx); |
| 253 | BN_CTX_free(ctx); | ||
| 254 | } | ||
| 223 | if (buf != NULL) | 255 | if (buf != NULL) |
| 224 | { | 256 | { |
| 225 | OPENSSL_cleanse(buf,num); | 257 | OPENSSL_cleanse(buf,num); |
| @@ -228,64 +260,101 @@ err: | |||
| 228 | return(r); | 260 | return(r); |
| 229 | } | 261 | } |
| 230 | 262 | ||
| 231 | static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx) | 263 | static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) |
| 232 | { | 264 | { |
| 233 | int ret = 1; | 265 | BN_BLINDING *ret; |
| 234 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); | 266 | int got_write_lock = 0; |
| 235 | /* Check again inside the lock - the macro's check is racey */ | ||
| 236 | if(rsa->blinding == NULL) | ||
| 237 | ret = RSA_blinding_on(rsa, ctx); | ||
| 238 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); | ||
| 239 | return ret; | ||
| 240 | } | ||
| 241 | 267 | ||
| 242 | #define BLINDING_HELPER(rsa, ctx, err_instr) \ | 268 | CRYPTO_r_lock(CRYPTO_LOCK_RSA); |
| 243 | do { \ | ||
| 244 | if((!((rsa)->flags & RSA_FLAG_NO_BLINDING)) && \ | ||
| 245 | ((rsa)->blinding == NULL) && \ | ||
| 246 | !rsa_eay_blinding(rsa, ctx)) \ | ||
| 247 | err_instr \ | ||
| 248 | } while(0) | ||
| 249 | 269 | ||
| 250 | static BN_BLINDING *setup_blinding(RSA *rsa, BN_CTX *ctx) | 270 | if (rsa->blinding == NULL) |
| 251 | { | 271 | { |
| 252 | BIGNUM *A, *Ai; | 272 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); |
| 253 | BN_BLINDING *ret = NULL; | 273 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); |
| 274 | got_write_lock = 1; | ||
| 254 | 275 | ||
| 255 | /* added in OpenSSL 0.9.6j and 0.9.7b */ | 276 | if (rsa->blinding == NULL) |
| 277 | rsa->blinding = RSA_setup_blinding(rsa, ctx); | ||
| 278 | } | ||
| 256 | 279 | ||
| 257 | /* NB: similar code appears in RSA_blinding_on (rsa_lib.c); | 280 | ret = rsa->blinding; |
| 258 | * this should be placed in a new function of its own, but for reasons | 281 | if (ret == NULL) |
| 259 | * of binary compatibility can't */ | 282 | goto err; |
| 260 | 283 | ||
| 261 | BN_CTX_start(ctx); | 284 | if (BN_BLINDING_get_thread_id(ret) == CRYPTO_thread_id()) |
| 262 | A = BN_CTX_get(ctx); | ||
| 263 | if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) | ||
| 264 | { | 285 | { |
| 265 | /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */ | 286 | /* rsa->blinding is ours! */ |
| 266 | RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0); | 287 | |
| 267 | if (!BN_pseudo_rand_range(A,rsa->n)) goto err; | 288 | *local = 1; |
| 268 | } | 289 | } |
| 269 | else | 290 | else |
| 270 | { | 291 | { |
| 271 | if (!BN_rand_range(A,rsa->n)) goto err; | 292 | /* resort to rsa->mt_blinding instead */ |
| 293 | |||
| 294 | *local = 0; /* instructs rsa_blinding_convert(), rsa_blinding_invert() | ||
| 295 | * that the BN_BLINDING is shared, meaning that accesses | ||
| 296 | * require locks, and that the blinding factor must be | ||
| 297 | * stored outside the BN_BLINDING | ||
| 298 | */ | ||
| 299 | |||
| 300 | if (rsa->mt_blinding == NULL) | ||
| 301 | { | ||
| 302 | if (!got_write_lock) | ||
| 303 | { | ||
| 304 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); | ||
| 305 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); | ||
| 306 | got_write_lock = 1; | ||
| 307 | } | ||
| 308 | |||
| 309 | if (rsa->mt_blinding == NULL) | ||
| 310 | rsa->mt_blinding = RSA_setup_blinding(rsa, ctx); | ||
| 311 | } | ||
| 312 | ret = rsa->mt_blinding; | ||
| 272 | } | 313 | } |
| 273 | if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; | ||
| 274 | 314 | ||
| 275 | if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) | 315 | err: |
| 276 | goto err; | 316 | if (got_write_lock) |
| 277 | ret = BN_BLINDING_new(A,Ai,rsa->n); | 317 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); |
| 278 | BN_free(Ai); | 318 | else |
| 279 | err: | 319 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); |
| 280 | BN_CTX_end(ctx); | ||
| 281 | return ret; | 320 | return ret; |
| 282 | } | 321 | } |
| 322 | |||
| 323 | static int rsa_blinding_convert(BN_BLINDING *b, int local, BIGNUM *f, | ||
| 324 | BIGNUM *r, BN_CTX *ctx) | ||
| 325 | { | ||
| 326 | if (local) | ||
| 327 | return BN_BLINDING_convert_ex(f, NULL, b, ctx); | ||
| 328 | else | ||
| 329 | { | ||
| 330 | int ret; | ||
| 331 | CRYPTO_r_lock(CRYPTO_LOCK_RSA_BLINDING); | ||
| 332 | ret = BN_BLINDING_convert_ex(f, r, b, ctx); | ||
| 333 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA_BLINDING); | ||
| 334 | return ret; | ||
| 335 | } | ||
| 336 | } | ||
| 337 | |||
| 338 | static int rsa_blinding_invert(BN_BLINDING *b, int local, BIGNUM *f, | ||
| 339 | BIGNUM *r, BN_CTX *ctx) | ||
| 340 | { | ||
| 341 | if (local) | ||
| 342 | return BN_BLINDING_invert_ex(f, NULL, b, ctx); | ||
| 343 | else | ||
| 344 | { | ||
| 345 | int ret; | ||
| 346 | CRYPTO_w_lock(CRYPTO_LOCK_RSA_BLINDING); | ||
| 347 | ret = BN_BLINDING_invert_ex(f, r, b, ctx); | ||
| 348 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA_BLINDING); | ||
| 349 | return ret; | ||
| 350 | } | ||
| 351 | } | ||
| 283 | 352 | ||
| 284 | /* signing */ | 353 | /* signing */ |
| 285 | static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | 354 | static int RSA_eay_private_encrypt(int flen, const unsigned char *from, |
| 286 | unsigned char *to, RSA *rsa, int padding) | 355 | unsigned char *to, RSA *rsa, int padding) |
| 287 | { | 356 | { |
| 288 | BIGNUM f,ret, *res; | 357 | BIGNUM *f, *ret, *br, *res; |
| 289 | int i,j,k,num=0,r= -1; | 358 | int i,j,k,num=0,r= -1; |
| 290 | unsigned char *buf=NULL; | 359 | unsigned char *buf=NULL; |
| 291 | BN_CTX *ctx=NULL; | 360 | BN_CTX *ctx=NULL; |
| @@ -318,8 +387,13 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 318 | } | 387 | } |
| 319 | 388 | ||
| 320 | if ((ctx=BN_CTX_new()) == NULL) goto err; | 389 | if ((ctx=BN_CTX_new()) == NULL) goto err; |
| 321 | num=BN_num_bytes(rsa->n); | 390 | BN_CTX_start(ctx); |
| 322 | if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) | 391 | f = BN_CTX_get(ctx); |
| 392 | br = BN_CTX_get(ctx); | ||
| 393 | ret = BN_CTX_get(ctx); | ||
| 394 | num = BN_num_bytes(rsa->n); | ||
| 395 | buf = OPENSSL_malloc(num); | ||
| 396 | if(!f || !ret || !buf) | ||
| 323 | { | 397 | { |
| 324 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); | 398 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); |
| 325 | goto err; | 399 | goto err; |
| @@ -330,6 +404,9 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 330 | case RSA_PKCS1_PADDING: | 404 | case RSA_PKCS1_PADDING: |
| 331 | i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); | 405 | i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); |
| 332 | break; | 406 | break; |
| 407 | case RSA_X931_PADDING: | ||
| 408 | i=RSA_padding_add_X931(buf,num,from,flen); | ||
| 409 | break; | ||
| 333 | case RSA_NO_PADDING: | 410 | case RSA_NO_PADDING: |
| 334 | i=RSA_padding_add_none(buf,num,from,flen); | 411 | i=RSA_padding_add_none(buf,num,from,flen); |
| 335 | break; | 412 | break; |
| @@ -340,26 +417,18 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 340 | } | 417 | } |
| 341 | if (i <= 0) goto err; | 418 | if (i <= 0) goto err; |
| 342 | 419 | ||
| 343 | if (BN_bin2bn(buf,num,&f) == NULL) goto err; | 420 | if (BN_bin2bn(buf,num,f) == NULL) goto err; |
| 344 | 421 | ||
| 345 | if (BN_ucmp(&f, rsa->n) >= 0) | 422 | if (BN_ucmp(f, rsa->n) >= 0) |
| 346 | { | 423 | { |
| 347 | /* usually the padding functions would catch this */ | 424 | /* usually the padding functions would catch this */ |
| 348 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); | 425 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); |
| 349 | goto err; | 426 | goto err; |
| 350 | } | 427 | } |
| 351 | 428 | ||
| 352 | BLINDING_HELPER(rsa, ctx, goto err;); | ||
| 353 | blinding = rsa->blinding; | ||
| 354 | |||
| 355 | /* Now unless blinding is disabled, 'blinding' is non-NULL. | ||
| 356 | * But the BN_BLINDING object may be owned by some other thread | ||
| 357 | * (we don't want to keep it constant and we don't want to use | ||
| 358 | * lots of locking to avoid race conditions, so only a single | ||
| 359 | * thread can use it; other threads have to use local blinding | ||
| 360 | * factors) */ | ||
| 361 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) | 429 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) |
| 362 | { | 430 | { |
| 431 | blinding = rsa_get_blinding(rsa, &local_blinding, ctx); | ||
| 363 | if (blinding == NULL) | 432 | if (blinding == NULL) |
| 364 | { | 433 | { |
| 365 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR); | 434 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR); |
| @@ -368,20 +437,8 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 368 | } | 437 | } |
| 369 | 438 | ||
| 370 | if (blinding != NULL) | 439 | if (blinding != NULL) |
| 371 | { | 440 | if (!rsa_blinding_convert(blinding, local_blinding, f, br, ctx)) |
| 372 | if (blinding->thread_id != CRYPTO_thread_id()) | 441 | goto err; |
| 373 | { | ||
| 374 | /* we need a local one-time blinding factor */ | ||
| 375 | |||
| 376 | blinding = setup_blinding(rsa, ctx); | ||
| 377 | if (blinding == NULL) | ||
| 378 | goto err; | ||
| 379 | local_blinding = 1; | ||
| 380 | } | ||
| 381 | } | ||
| 382 | |||
| 383 | if (blinding) | ||
| 384 | if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; | ||
| 385 | 442 | ||
| 386 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || | 443 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || |
| 387 | ((rsa->p != NULL) && | 444 | ((rsa->p != NULL) && |
| @@ -390,37 +447,42 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 390 | (rsa->dmq1 != NULL) && | 447 | (rsa->dmq1 != NULL) && |
| 391 | (rsa->iqmp != NULL)) ) | 448 | (rsa->iqmp != NULL)) ) |
| 392 | { | 449 | { |
| 393 | if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; | 450 | if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) goto err; |
| 394 | } | 451 | } |
| 395 | else | 452 | else |
| 396 | { | 453 | { |
| 397 | BIGNUM local_d; | 454 | BIGNUM local_d; |
| 398 | BIGNUM *d = NULL; | 455 | BIGNUM *d = NULL; |
| 399 | 456 | ||
| 400 | if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME)) | 457 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
| 401 | { | 458 | { |
| 402 | BN_init(&local_d); | 459 | BN_init(&local_d); |
| 403 | d = &local_d; | 460 | d = &local_d; |
| 404 | BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME); | 461 | BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); |
| 405 | } | 462 | } |
| 406 | else | 463 | else |
| 407 | d = rsa->d; | 464 | d= rsa->d; |
| 408 | if (!rsa->meth->bn_mod_exp(&ret,&f,d,rsa->n,ctx,NULL)) goto err; | 465 | |
| 466 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); | ||
| 467 | |||
| 468 | if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, | ||
| 469 | rsa->_method_mod_n)) goto err; | ||
| 409 | } | 470 | } |
| 410 | 471 | ||
| 411 | if (blinding) | 472 | if (blinding) |
| 412 | if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; | 473 | if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx)) |
| 474 | goto err; | ||
| 413 | 475 | ||
| 414 | if (padding == RSA_X931_PADDING) | 476 | if (padding == RSA_X931_PADDING) |
| 415 | { | 477 | { |
| 416 | BN_sub(&f, rsa->n, &ret); | 478 | BN_sub(f, rsa->n, ret); |
| 417 | if (BN_cmp(&ret, &f)) | 479 | if (BN_cmp(ret, f)) |
| 418 | res = &f; | 480 | res = f; |
| 419 | else | 481 | else |
| 420 | res = &ret; | 482 | res = ret; |
| 421 | } | 483 | } |
| 422 | else | 484 | else |
| 423 | res = &ret; | 485 | res = ret; |
| 424 | 486 | ||
| 425 | /* put in leading 0 bytes if the number is less than the | 487 | /* put in leading 0 bytes if the number is less than the |
| 426 | * length of the modulus */ | 488 | * length of the modulus */ |
| @@ -431,11 +493,11 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 431 | 493 | ||
| 432 | r=num; | 494 | r=num; |
| 433 | err: | 495 | err: |
| 434 | if (ctx != NULL) BN_CTX_free(ctx); | 496 | if (ctx != NULL) |
| 435 | BN_clear_free(&ret); | 497 | { |
| 436 | BN_clear_free(&f); | 498 | BN_CTX_end(ctx); |
| 437 | if (local_blinding) | 499 | BN_CTX_free(ctx); |
| 438 | BN_BLINDING_free(blinding); | 500 | } |
| 439 | if (buf != NULL) | 501 | if (buf != NULL) |
| 440 | { | 502 | { |
| 441 | OPENSSL_cleanse(buf,num); | 503 | OPENSSL_cleanse(buf,num); |
| @@ -447,7 +509,7 @@ err: | |||
| 447 | static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | 509 | static int RSA_eay_private_decrypt(int flen, const unsigned char *from, |
| 448 | unsigned char *to, RSA *rsa, int padding) | 510 | unsigned char *to, RSA *rsa, int padding) |
| 449 | { | 511 | { |
| 450 | BIGNUM f,ret; | 512 | BIGNUM *f, *ret, *br; |
| 451 | int j,num=0,r= -1; | 513 | int j,num=0,r= -1; |
| 452 | unsigned char *p; | 514 | unsigned char *p; |
| 453 | unsigned char *buf=NULL; | 515 | unsigned char *buf=NULL; |
| @@ -455,14 +517,14 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | |||
| 455 | int local_blinding = 0; | 517 | int local_blinding = 0; |
| 456 | BN_BLINDING *blinding = NULL; | 518 | BN_BLINDING *blinding = NULL; |
| 457 | 519 | ||
| 458 | BN_init(&f); | 520 | if((ctx = BN_CTX_new()) == NULL) goto err; |
| 459 | BN_init(&ret); | 521 | BN_CTX_start(ctx); |
| 460 | ctx=BN_CTX_new(); | 522 | f = BN_CTX_get(ctx); |
| 461 | if (ctx == NULL) goto err; | 523 | br = BN_CTX_get(ctx); |
| 462 | 524 | ret = BN_CTX_get(ctx); | |
| 463 | num=BN_num_bytes(rsa->n); | 525 | num = BN_num_bytes(rsa->n); |
| 464 | 526 | buf = OPENSSL_malloc(num); | |
| 465 | if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) | 527 | if(!f || !ret || !buf) |
| 466 | { | 528 | { |
| 467 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); | 529 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); |
| 468 | goto err; | 530 | goto err; |
| @@ -477,25 +539,17 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | |||
| 477 | } | 539 | } |
| 478 | 540 | ||
| 479 | /* make data into a big number */ | 541 | /* make data into a big number */ |
| 480 | if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err; | 542 | if (BN_bin2bn(from,(int)flen,f) == NULL) goto err; |
| 481 | 543 | ||
| 482 | if (BN_ucmp(&f, rsa->n) >= 0) | 544 | if (BN_ucmp(f, rsa->n) >= 0) |
| 483 | { | 545 | { |
| 484 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); | 546 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); |
| 485 | goto err; | 547 | goto err; |
| 486 | } | 548 | } |
| 487 | 549 | ||
| 488 | BLINDING_HELPER(rsa, ctx, goto err;); | ||
| 489 | blinding = rsa->blinding; | ||
| 490 | |||
| 491 | /* Now unless blinding is disabled, 'blinding' is non-NULL. | ||
| 492 | * But the BN_BLINDING object may be owned by some other thread | ||
| 493 | * (we don't want to keep it constant and we don't want to use | ||
| 494 | * lots of locking to avoid race conditions, so only a single | ||
| 495 | * thread can use it; other threads have to use local blinding | ||
| 496 | * factors) */ | ||
| 497 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) | 550 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) |
| 498 | { | 551 | { |
| 552 | blinding = rsa_get_blinding(rsa, &local_blinding, ctx); | ||
| 499 | if (blinding == NULL) | 553 | if (blinding == NULL) |
| 500 | { | 554 | { |
| 501 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR); | 555 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR); |
| @@ -504,20 +558,8 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | |||
| 504 | } | 558 | } |
| 505 | 559 | ||
| 506 | if (blinding != NULL) | 560 | if (blinding != NULL) |
| 507 | { | 561 | if (!rsa_blinding_convert(blinding, local_blinding, f, br, ctx)) |
| 508 | if (blinding->thread_id != CRYPTO_thread_id()) | 562 | goto err; |
| 509 | { | ||
| 510 | /* we need a local one-time blinding factor */ | ||
| 511 | |||
| 512 | blinding = setup_blinding(rsa, ctx); | ||
| 513 | if (blinding == NULL) | ||
| 514 | goto err; | ||
| 515 | local_blinding = 1; | ||
| 516 | } | ||
| 517 | } | ||
| 518 | |||
| 519 | if (blinding) | ||
| 520 | if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; | ||
| 521 | 563 | ||
| 522 | /* do the decrypt */ | 564 | /* do the decrypt */ |
| 523 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || | 565 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || |
| @@ -527,29 +569,33 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | |||
| 527 | (rsa->dmq1 != NULL) && | 569 | (rsa->dmq1 != NULL) && |
| 528 | (rsa->iqmp != NULL)) ) | 570 | (rsa->iqmp != NULL)) ) |
| 529 | { | 571 | { |
| 530 | if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; | 572 | if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) goto err; |
| 531 | } | 573 | } |
| 532 | else | 574 | else |
| 533 | { | 575 | { |
| 534 | BIGNUM local_d; | 576 | BIGNUM local_d; |
| 535 | BIGNUM *d = NULL; | 577 | BIGNUM *d = NULL; |
| 536 | 578 | ||
| 537 | if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME)) | 579 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
| 538 | { | 580 | { |
| 539 | d = &local_d; | 581 | d = &local_d; |
| 540 | BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME); | 582 | BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); |
| 541 | } | 583 | } |
| 542 | else | 584 | else |
| 543 | d = rsa->d; | 585 | d = rsa->d; |
| 544 | if (!rsa->meth->bn_mod_exp(&ret,&f,d,rsa->n,ctx,NULL)) | 586 | |
| 545 | goto err; | 587 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); |
| 588 | if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, | ||
| 589 | rsa->_method_mod_n)) | ||
| 590 | goto err; | ||
| 546 | } | 591 | } |
| 547 | 592 | ||
| 548 | if (blinding) | 593 | if (blinding) |
| 549 | if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; | 594 | if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx)) |
| 595 | goto err; | ||
| 550 | 596 | ||
| 551 | p=buf; | 597 | p=buf; |
| 552 | j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */ | 598 | j=BN_bn2bin(ret,p); /* j is only used with no-padding mode */ |
| 553 | 599 | ||
| 554 | switch (padding) | 600 | switch (padding) |
| 555 | { | 601 | { |
| @@ -575,11 +621,11 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | |||
| 575 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED); | 621 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED); |
| 576 | 622 | ||
| 577 | err: | 623 | err: |
| 578 | if (ctx != NULL) BN_CTX_free(ctx); | 624 | if (ctx != NULL) |
| 579 | BN_clear_free(&f); | 625 | { |
| 580 | BN_clear_free(&ret); | 626 | BN_CTX_end(ctx); |
| 581 | if (local_blinding) | 627 | BN_CTX_free(ctx); |
| 582 | BN_BLINDING_free(blinding); | 628 | } |
| 583 | if (buf != NULL) | 629 | if (buf != NULL) |
| 584 | { | 630 | { |
| 585 | OPENSSL_cleanse(buf,num); | 631 | OPENSSL_cleanse(buf,num); |
| @@ -592,7 +638,7 @@ err: | |||
| 592 | static int RSA_eay_public_decrypt(int flen, const unsigned char *from, | 638 | static int RSA_eay_public_decrypt(int flen, const unsigned char *from, |
| 593 | unsigned char *to, RSA *rsa, int padding) | 639 | unsigned char *to, RSA *rsa, int padding) |
| 594 | { | 640 | { |
| 595 | BIGNUM f,ret; | 641 | BIGNUM *f,*ret; |
| 596 | int i,num=0,r= -1; | 642 | int i,num=0,r= -1; |
| 597 | unsigned char *p; | 643 | unsigned char *p; |
| 598 | unsigned char *buf=NULL; | 644 | unsigned char *buf=NULL; |
| @@ -619,15 +665,14 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, | |||
| 619 | return -1; | 665 | return -1; |
| 620 | } | 666 | } |
| 621 | } | 667 | } |
| 622 | 668 | ||
| 623 | BN_init(&f); | 669 | if((ctx = BN_CTX_new()) == NULL) goto err; |
| 624 | BN_init(&ret); | 670 | BN_CTX_start(ctx); |
| 625 | ctx=BN_CTX_new(); | 671 | f = BN_CTX_get(ctx); |
| 626 | if (ctx == NULL) goto err; | 672 | ret = BN_CTX_get(ctx); |
| 627 | |||
| 628 | num=BN_num_bytes(rsa->n); | 673 | num=BN_num_bytes(rsa->n); |
| 629 | buf=(unsigned char *)OPENSSL_malloc(num); | 674 | buf = OPENSSL_malloc(num); |
| 630 | if (buf == NULL) | 675 | if(!f || !ret || !buf) |
| 631 | { | 676 | { |
| 632 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); | 677 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); |
| 633 | goto err; | 678 | goto err; |
| @@ -641,37 +686,33 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, | |||
| 641 | goto err; | 686 | goto err; |
| 642 | } | 687 | } |
| 643 | 688 | ||
| 644 | if (BN_bin2bn(from,flen,&f) == NULL) goto err; | 689 | if (BN_bin2bn(from,flen,f) == NULL) goto err; |
| 645 | 690 | ||
| 646 | if (BN_ucmp(&f, rsa->n) >= 0) | 691 | if (BN_ucmp(f, rsa->n) >= 0) |
| 647 | { | 692 | { |
| 648 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); | 693 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); |
| 649 | goto err; | 694 | goto err; |
| 650 | } | 695 | } |
| 651 | 696 | ||
| 652 | /* do the decrypt */ | 697 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); |
| 653 | |||
| 654 | if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) | ||
| 655 | { | ||
| 656 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, | ||
| 657 | CRYPTO_LOCK_RSA, rsa->n, ctx)) | ||
| 658 | goto err; | ||
| 659 | } | ||
| 660 | 698 | ||
| 661 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, | 699 | if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, |
| 662 | rsa->_method_mod_n)) goto err; | 700 | rsa->_method_mod_n)) goto err; |
| 663 | 701 | ||
| 664 | if ((padding == RSA_X931_PADDING) && ((ret.d[0] & 0xf) != 12)) | 702 | if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12)) |
| 665 | BN_sub(&ret, rsa->n, &ret); | 703 | BN_sub(ret, rsa->n, ret); |
| 666 | 704 | ||
| 667 | p=buf; | 705 | p=buf; |
| 668 | i=BN_bn2bin(&ret,p); | 706 | i=BN_bn2bin(ret,p); |
| 669 | 707 | ||
| 670 | switch (padding) | 708 | switch (padding) |
| 671 | { | 709 | { |
| 672 | case RSA_PKCS1_PADDING: | 710 | case RSA_PKCS1_PADDING: |
| 673 | r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num); | 711 | r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num); |
| 674 | break; | 712 | break; |
| 713 | case RSA_X931_PADDING: | ||
| 714 | r=RSA_padding_check_X931(to,num,buf,i,num); | ||
| 715 | break; | ||
| 675 | case RSA_NO_PADDING: | 716 | case RSA_NO_PADDING: |
| 676 | r=RSA_padding_check_none(to,num,buf,i,num); | 717 | r=RSA_padding_check_none(to,num,buf,i,num); |
| 677 | break; | 718 | break; |
| @@ -683,9 +724,11 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, | |||
| 683 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED); | 724 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED); |
| 684 | 725 | ||
| 685 | err: | 726 | err: |
| 686 | if (ctx != NULL) BN_CTX_free(ctx); | 727 | if (ctx != NULL) |
| 687 | BN_clear_free(&f); | 728 | { |
| 688 | BN_clear_free(&ret); | 729 | BN_CTX_end(ctx); |
| 730 | BN_CTX_free(ctx); | ||
| 731 | } | ||
| 689 | if (buf != NULL) | 732 | if (buf != NULL) |
| 690 | { | 733 | { |
| 691 | OPENSSL_cleanse(buf,num); | 734 | OPENSSL_cleanse(buf,num); |
| @@ -694,59 +737,111 @@ err: | |||
| 694 | return(r); | 737 | return(r); |
| 695 | } | 738 | } |
| 696 | 739 | ||
| 697 | static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | 740 | static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) |
| 698 | { | 741 | { |
| 699 | BIGNUM r1,m1,vrfy; | 742 | BIGNUM *r1,*m1,*vrfy; |
| 700 | BIGNUM local_dmp1, local_dmq1; | 743 | BIGNUM local_dmp1,local_dmq1,local_c,local_r1; |
| 701 | BIGNUM *dmp1, *dmq1; | 744 | BIGNUM *dmp1,*dmq1,*c,*pr1; |
| 702 | int ret=0; | 745 | int ret=0; |
| 703 | BN_CTX *ctx; | ||
| 704 | 746 | ||
| 705 | BN_init(&m1); | 747 | BN_CTX_start(ctx); |
| 706 | BN_init(&r1); | 748 | r1 = BN_CTX_get(ctx); |
| 707 | BN_init(&vrfy); | 749 | m1 = BN_CTX_get(ctx); |
| 708 | if ((ctx=BN_CTX_new()) == NULL) goto err; | 750 | vrfy = BN_CTX_get(ctx); |
| 751 | |||
| 752 | { | ||
| 753 | BIGNUM local_p, local_q; | ||
| 754 | BIGNUM *p = NULL, *q = NULL; | ||
| 755 | |||
| 756 | /* Make sure BN_mod_inverse in Montgomery intialization uses the | ||
| 757 | * BN_FLG_CONSTTIME flag (unless RSA_FLAG_NO_CONSTTIME is set) | ||
| 758 | */ | ||
| 759 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | ||
| 760 | { | ||
| 761 | BN_init(&local_p); | ||
| 762 | p = &local_p; | ||
| 763 | BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME); | ||
| 764 | |||
| 765 | BN_init(&local_q); | ||
| 766 | q = &local_q; | ||
| 767 | BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME); | ||
| 768 | } | ||
| 769 | else | ||
| 770 | { | ||
| 771 | p = rsa->p; | ||
| 772 | q = rsa->q; | ||
| 773 | } | ||
| 774 | |||
| 775 | MONT_HELPER(rsa->_method_mod_p, ctx, p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); | ||
| 776 | MONT_HELPER(rsa->_method_mod_q, ctx, q, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); | ||
| 777 | } | ||
| 709 | 778 | ||
| 710 | if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) | 779 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); |
| 780 | |||
| 781 | /* compute I mod q */ | ||
| 782 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | ||
| 711 | { | 783 | { |
| 712 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p, | 784 | c = &local_c; |
| 713 | CRYPTO_LOCK_RSA, rsa->p, ctx)) | 785 | BN_with_flags(c, I, BN_FLG_CONSTTIME); |
| 714 | goto err; | 786 | if (!BN_mod(r1,c,rsa->q,ctx)) goto err; |
| 715 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q, | 787 | } |
| 716 | CRYPTO_LOCK_RSA, rsa->q, ctx)) | 788 | else |
| 717 | goto err; | 789 | { |
| 790 | if (!BN_mod(r1,I,rsa->q,ctx)) goto err; | ||
| 718 | } | 791 | } |
| 719 | 792 | ||
| 720 | if (!BN_mod(&r1,I,rsa->q,ctx)) goto err; | 793 | /* compute r1^dmq1 mod q */ |
| 721 | if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME)) | 794 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
| 722 | { | 795 | { |
| 723 | dmq1 = &local_dmq1; | 796 | dmq1 = &local_dmq1; |
| 724 | BN_with_flags(dmq1, rsa->dmq1, BN_FLG_EXP_CONSTTIME); | 797 | BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME); |
| 725 | } | 798 | } |
| 726 | else | 799 | else |
| 727 | dmq1 = rsa->dmq1; | 800 | dmq1 = rsa->dmq1; |
| 728 | if (!rsa->meth->bn_mod_exp(&m1,&r1,dmq1,rsa->q,ctx, | 801 | if (!rsa->meth->bn_mod_exp(m1,r1,dmq1,rsa->q,ctx, |
| 729 | rsa->_method_mod_q)) goto err; | 802 | rsa->_method_mod_q)) goto err; |
| 730 | 803 | ||
| 731 | if (!BN_mod(&r1,I,rsa->p,ctx)) goto err; | 804 | /* compute I mod p */ |
| 732 | if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME)) | 805 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
| 806 | { | ||
| 807 | c = &local_c; | ||
| 808 | BN_with_flags(c, I, BN_FLG_CONSTTIME); | ||
| 809 | if (!BN_mod(r1,c,rsa->p,ctx)) goto err; | ||
| 810 | } | ||
| 811 | else | ||
| 812 | { | ||
| 813 | if (!BN_mod(r1,I,rsa->p,ctx)) goto err; | ||
| 814 | } | ||
| 815 | |||
| 816 | /* compute r1^dmp1 mod p */ | ||
| 817 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | ||
| 733 | { | 818 | { |
| 734 | dmp1 = &local_dmp1; | 819 | dmp1 = &local_dmp1; |
| 735 | BN_with_flags(dmp1, rsa->dmp1, BN_FLG_EXP_CONSTTIME); | 820 | BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME); |
| 736 | } | 821 | } |
| 737 | else | 822 | else |
| 738 | dmp1 = rsa->dmp1; | 823 | dmp1 = rsa->dmp1; |
| 739 | if (!rsa->meth->bn_mod_exp(r0,&r1,dmp1,rsa->p,ctx, | 824 | if (!rsa->meth->bn_mod_exp(r0,r1,dmp1,rsa->p,ctx, |
| 740 | rsa->_method_mod_p)) goto err; | 825 | rsa->_method_mod_p)) goto err; |
| 741 | 826 | ||
| 742 | if (!BN_sub(r0,r0,&m1)) goto err; | 827 | if (!BN_sub(r0,r0,m1)) goto err; |
| 743 | /* This will help stop the size of r0 increasing, which does | 828 | /* This will help stop the size of r0 increasing, which does |
| 744 | * affect the multiply if it optimised for a power of 2 size */ | 829 | * affect the multiply if it optimised for a power of 2 size */ |
| 745 | if (r0->neg) | 830 | if (BN_is_negative(r0)) |
| 746 | if (!BN_add(r0,r0,rsa->p)) goto err; | 831 | if (!BN_add(r0,r0,rsa->p)) goto err; |
| 747 | 832 | ||
| 748 | if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err; | 833 | if (!BN_mul(r1,r0,rsa->iqmp,ctx)) goto err; |
| 749 | if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err; | 834 | |
| 835 | /* Turn BN_FLG_CONSTTIME flag on before division operation */ | ||
| 836 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | ||
| 837 | { | ||
| 838 | pr1 = &local_r1; | ||
| 839 | BN_with_flags(pr1, r1, BN_FLG_CONSTTIME); | ||
| 840 | } | ||
| 841 | else | ||
| 842 | pr1 = r1; | ||
| 843 | if (!BN_mod(r0,pr1,rsa->p,ctx)) goto err; | ||
| 844 | |||
| 750 | /* If p < q it is occasionally possible for the correction of | 845 | /* If p < q it is occasionally possible for the correction of |
| 751 | * adding 'p' if r0 is negative above to leave the result still | 846 | * adding 'p' if r0 is negative above to leave the result still |
| 752 | * negative. This can break the private key operations: the following | 847 | * negative. This can break the private key operations: the following |
| @@ -754,23 +849,23 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | |||
| 754 | * This will *never* happen with OpenSSL generated keys because | 849 | * This will *never* happen with OpenSSL generated keys because |
| 755 | * they ensure p > q [steve] | 850 | * they ensure p > q [steve] |
| 756 | */ | 851 | */ |
| 757 | if (r0->neg) | 852 | if (BN_is_negative(r0)) |
| 758 | if (!BN_add(r0,r0,rsa->p)) goto err; | 853 | if (!BN_add(r0,r0,rsa->p)) goto err; |
| 759 | if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; | 854 | if (!BN_mul(r1,r0,rsa->q,ctx)) goto err; |
| 760 | if (!BN_add(r0,&r1,&m1)) goto err; | 855 | if (!BN_add(r0,r1,m1)) goto err; |
| 761 | 856 | ||
| 762 | if (rsa->e && rsa->n) | 857 | if (rsa->e && rsa->n) |
| 763 | { | 858 | { |
| 764 | if (!rsa->meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err; | 859 | if (!rsa->meth->bn_mod_exp(vrfy,r0,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) goto err; |
| 765 | /* If 'I' was greater than (or equal to) rsa->n, the operation | 860 | /* If 'I' was greater than (or equal to) rsa->n, the operation |
| 766 | * will be equivalent to using 'I mod n'. However, the result of | 861 | * will be equivalent to using 'I mod n'. However, the result of |
| 767 | * the verify will *always* be less than 'n' so we don't check | 862 | * the verify will *always* be less than 'n' so we don't check |
| 768 | * for absolute equality, just congruency. */ | 863 | * for absolute equality, just congruency. */ |
| 769 | if (!BN_sub(&vrfy, &vrfy, I)) goto err; | 864 | if (!BN_sub(vrfy, vrfy, I)) goto err; |
| 770 | if (!BN_mod(&vrfy, &vrfy, rsa->n, ctx)) goto err; | 865 | if (!BN_mod(vrfy, vrfy, rsa->n, ctx)) goto err; |
| 771 | if (vrfy.neg) | 866 | if (BN_is_negative(vrfy)) |
| 772 | if (!BN_add(&vrfy, &vrfy, rsa->n)) goto err; | 867 | if (!BN_add(vrfy, vrfy, rsa->n)) goto err; |
| 773 | if (!BN_is_zero(&vrfy)) | 868 | if (!BN_is_zero(vrfy)) |
| 774 | { | 869 | { |
| 775 | /* 'I' and 'vrfy' aren't congruent mod n. Don't leak | 870 | /* 'I' and 'vrfy' aren't congruent mod n. Don't leak |
| 776 | * miscalculated CRT output, just do a raw (slower) | 871 | * miscalculated CRT output, just do a raw (slower) |
| @@ -779,22 +874,20 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | |||
| 779 | BIGNUM local_d; | 874 | BIGNUM local_d; |
| 780 | BIGNUM *d = NULL; | 875 | BIGNUM *d = NULL; |
| 781 | 876 | ||
| 782 | if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME)) | 877 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
| 783 | { | 878 | { |
| 784 | d = &local_d; | 879 | d = &local_d; |
| 785 | BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME); | 880 | BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); |
| 786 | } | 881 | } |
| 787 | else | 882 | else |
| 788 | d = rsa->d; | 883 | d = rsa->d; |
| 789 | if (!rsa->meth->bn_mod_exp(r0,I,d,rsa->n,ctx,NULL)) goto err; | 884 | if (!rsa->meth->bn_mod_exp(r0,I,d,rsa->n,ctx, |
| 885 | rsa->_method_mod_n)) goto err; | ||
| 790 | } | 886 | } |
| 791 | } | 887 | } |
| 792 | ret=1; | 888 | ret=1; |
| 793 | err: | 889 | err: |
| 794 | BN_clear_free(&m1); | 890 | BN_CTX_end(ctx); |
| 795 | BN_clear_free(&r1); | ||
| 796 | BN_clear_free(&vrfy); | ||
| 797 | BN_CTX_free(ctx); | ||
| 798 | return(ret); | 891 | return(ret); |
| 799 | } | 892 | } |
| 800 | 893 | ||
diff --git a/src/lib/libcrypto/rsa/rsa_err.c b/src/lib/libcrypto/rsa/rsa_err.c index ddcb28e663..fe3ba1b44b 100644 --- a/src/lib/libcrypto/rsa/rsa_err.c +++ b/src/lib/libcrypto/rsa/rsa_err.c | |||
| @@ -71,14 +71,21 @@ | |||
| 71 | static ERR_STRING_DATA RSA_str_functs[]= | 71 | static ERR_STRING_DATA RSA_str_functs[]= |
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"}, | 73 | {ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"}, |
| 74 | {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, | ||
| 74 | {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, | 75 | {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, |
| 75 | {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"}, | 76 | {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"}, |
| 76 | {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"}, | 77 | {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"}, |
| 77 | {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, | 78 | {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, |
| 78 | {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, | 79 | {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, |
| 79 | {ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"}, | 80 | {ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"}, |
| 81 | {ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"}, | ||
| 80 | {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"}, | 82 | {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"}, |
| 81 | {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"}, | 83 | {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"}, |
| 84 | {ERR_FUNC(RSA_F_RSA_NULL_MOD_EXP), "RSA_NULL_MOD_EXP"}, | ||
| 85 | {ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_DECRYPT), "RSA_NULL_PRIVATE_DECRYPT"}, | ||
| 86 | {ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_ENCRYPT), "RSA_NULL_PRIVATE_ENCRYPT"}, | ||
| 87 | {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_DECRYPT), "RSA_NULL_PUBLIC_DECRYPT"}, | ||
| 88 | {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_NULL_PUBLIC_ENCRYPT"}, | ||
| 82 | {ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"}, | 89 | {ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"}, |
| 83 | {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"}, | 90 | {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"}, |
| 84 | {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"}, | 91 | {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"}, |
| @@ -94,6 +101,7 @@ static ERR_STRING_DATA RSA_str_functs[]= | |||
| 94 | {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"}, | 101 | {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"}, |
| 95 | {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"}, | 102 | {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"}, |
| 96 | {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"}, | 103 | {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"}, |
| 104 | {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"}, | ||
| 97 | {ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"}, | 105 | {ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"}, |
| 98 | {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"}, | 106 | {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"}, |
| 99 | {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"}, | 107 | {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"}, |
| @@ -130,20 +138,21 @@ static ERR_STRING_DATA RSA_str_reasons[]= | |||
| 130 | {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, | 138 | {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, |
| 131 | {ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"}, | 139 | {ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"}, |
| 132 | {ERR_REASON(RSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, | 140 | {ERR_REASON(RSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, |
| 141 | {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"}, | ||
| 133 | {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, | 142 | {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, |
| 134 | {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, | 143 | {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, |
| 135 | {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, | 144 | {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, |
| 136 | {ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED) ,"salt length recovery failed"}, | ||
| 137 | {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, | 145 | {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, |
| 138 | {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, | 146 | {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, |
| 139 | {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, | 147 | {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, |
| 140 | {ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),"rsa operations not supported"}, | 148 | {ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),"rsa operations not supported"}, |
| 149 | {ERR_REASON(RSA_R_SLEN_CHECK_FAILED) ,"salt length check failed"}, | ||
| 150 | {ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED) ,"salt length recovery failed"}, | ||
| 141 | {ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) ,"sslv3 rollback attack"}, | 151 | {ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) ,"sslv3 rollback attack"}, |
| 142 | {ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"}, | 152 | {ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"}, |
| 143 | {ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"}, | 153 | {ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"}, |
| 144 | {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"}, | 154 | {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"}, |
| 145 | {ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"}, | 155 | {ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"}, |
| 146 | {ERR_REASON(RSA_R_SLEN_CHECK_FAILED) ,"salt length check failed"}, | ||
| 147 | {0,NULL} | 156 | {0,NULL} |
| 148 | }; | 157 | }; |
| 149 | 158 | ||
| @@ -151,15 +160,12 @@ static ERR_STRING_DATA RSA_str_reasons[]= | |||
| 151 | 160 | ||
| 152 | void ERR_load_RSA_strings(void) | 161 | void ERR_load_RSA_strings(void) |
| 153 | { | 162 | { |
| 154 | static int init=1; | 163 | #ifndef OPENSSL_NO_ERR |
| 155 | 164 | ||
| 156 | if (init) | 165 | if (ERR_func_error_string(RSA_str_functs[0].error) == NULL) |
| 157 | { | 166 | { |
| 158 | init=0; | ||
| 159 | #ifndef OPENSSL_NO_ERR | ||
| 160 | ERR_load_strings(0,RSA_str_functs); | 167 | ERR_load_strings(0,RSA_str_functs); |
| 161 | ERR_load_strings(0,RSA_str_reasons); | 168 | ERR_load_strings(0,RSA_str_reasons); |
| 162 | #endif | ||
| 163 | |||
| 164 | } | 169 | } |
| 170 | #endif | ||
| 165 | } | 171 | } |
diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c index dd1422cc98..767f7ab682 100644 --- a/src/lib/libcrypto/rsa/rsa_gen.c +++ b/src/lib/libcrypto/rsa/rsa_gen.c | |||
| @@ -56,26 +56,42 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | |||
| 60 | /* NB: these functions have been "upgraded", the deprecated versions (which are | ||
| 61 | * compatibility wrappers using these functions) are in rsa_depr.c. | ||
| 62 | * - Geoff | ||
| 63 | */ | ||
| 64 | |||
| 59 | #include <stdio.h> | 65 | #include <stdio.h> |
| 60 | #include <time.h> | 66 | #include <time.h> |
| 61 | #include "cryptlib.h" | 67 | #include "cryptlib.h" |
| 62 | #include <openssl/bn.h> | 68 | #include <openssl/bn.h> |
| 63 | #include <openssl/rsa.h> | 69 | #include <openssl/rsa.h> |
| 64 | 70 | ||
| 65 | #ifndef OPENSSL_FIPS | 71 | static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb); |
| 66 | 72 | ||
| 67 | RSA *RSA_generate_key(int bits, unsigned long e_value, | 73 | /* NB: this wrapper would normally be placed in rsa_lib.c and the static |
| 68 | void (*callback)(int,int,void *), void *cb_arg) | 74 | * implementation would probably be in rsa_eay.c. Nonetheless, is kept here so |
| 75 | * that we don't introduce a new linker dependency. Eg. any application that | ||
| 76 | * wasn't previously linking object code related to key-generation won't have to | ||
| 77 | * now just because key-generation is part of RSA_METHOD. */ | ||
| 78 | int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) | ||
| 79 | { | ||
| 80 | if(rsa->meth->rsa_keygen) | ||
| 81 | return rsa->meth->rsa_keygen(rsa, bits, e_value, cb); | ||
| 82 | return rsa_builtin_keygen(rsa, bits, e_value, cb); | ||
| 83 | } | ||
| 84 | |||
| 85 | static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) | ||
| 69 | { | 86 | { |
| 70 | RSA *rsa=NULL; | ||
| 71 | BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp; | 87 | BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp; |
| 72 | int bitsp,bitsq,ok= -1,n=0,i; | 88 | BIGNUM local_r0,local_d,local_p; |
| 73 | BN_CTX *ctx=NULL,*ctx2=NULL; | 89 | BIGNUM *pr0,*d,*p; |
| 90 | int bitsp,bitsq,ok= -1,n=0; | ||
| 91 | BN_CTX *ctx=NULL; | ||
| 74 | 92 | ||
| 75 | ctx=BN_CTX_new(); | 93 | ctx=BN_CTX_new(); |
| 76 | if (ctx == NULL) goto err; | 94 | if (ctx == NULL) goto err; |
| 77 | ctx2=BN_CTX_new(); | ||
| 78 | if (ctx2 == NULL) goto err; | ||
| 79 | BN_CTX_start(ctx); | 95 | BN_CTX_start(ctx); |
| 80 | r0 = BN_CTX_get(ctx); | 96 | r0 = BN_CTX_get(ctx); |
| 81 | r1 = BN_CTX_get(ctx); | 97 | r1 = BN_CTX_get(ctx); |
| @@ -85,49 +101,58 @@ RSA *RSA_generate_key(int bits, unsigned long e_value, | |||
| 85 | 101 | ||
| 86 | bitsp=(bits+1)/2; | 102 | bitsp=(bits+1)/2; |
| 87 | bitsq=bits-bitsp; | 103 | bitsq=bits-bitsp; |
| 88 | rsa=RSA_new(); | ||
| 89 | if (rsa == NULL) goto err; | ||
| 90 | 104 | ||
| 91 | /* set e */ | 105 | /* We need the RSA components non-NULL */ |
| 92 | rsa->e=BN_new(); | 106 | if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; |
| 93 | if (rsa->e == NULL) goto err; | 107 | if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; |
| 108 | if(!rsa->e && ((rsa->e=BN_new()) == NULL)) goto err; | ||
| 109 | if(!rsa->p && ((rsa->p=BN_new()) == NULL)) goto err; | ||
| 110 | if(!rsa->q && ((rsa->q=BN_new()) == NULL)) goto err; | ||
| 111 | if(!rsa->dmp1 && ((rsa->dmp1=BN_new()) == NULL)) goto err; | ||
| 112 | if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err; | ||
| 113 | if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err; | ||
| 94 | 114 | ||
| 95 | #if 1 | 115 | BN_copy(rsa->e, e_value); |
| 96 | /* The problem is when building with 8, 16, or 32 BN_ULONG, | ||
| 97 | * unsigned long can be larger */ | ||
| 98 | for (i=0; i<sizeof(unsigned long)*8; i++) | ||
| 99 | { | ||
| 100 | if (e_value & (1UL<<i)) | ||
| 101 | BN_set_bit(rsa->e,i); | ||
| 102 | } | ||
| 103 | #else | ||
| 104 | if (!BN_set_word(rsa->e,e_value)) goto err; | ||
| 105 | #endif | ||
| 106 | 116 | ||
| 107 | /* generate p and q */ | 117 | /* generate p and q */ |
| 108 | for (;;) | 118 | for (;;) |
| 109 | { | 119 | { |
| 110 | rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg); | 120 | if(!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb)) |
| 111 | if (rsa->p == NULL) goto err; | 121 | goto err; |
| 112 | if (!BN_sub(r2,rsa->p,BN_value_one())) goto err; | 122 | if (!BN_sub(r2,rsa->p,BN_value_one())) goto err; |
| 113 | if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; | 123 | if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; |
| 114 | if (BN_is_one(r1)) break; | 124 | if (BN_is_one(r1)) break; |
| 115 | if (callback != NULL) callback(2,n++,cb_arg); | 125 | if(!BN_GENCB_call(cb, 2, n++)) |
| 116 | BN_free(rsa->p); | 126 | goto err; |
| 117 | } | 127 | } |
| 118 | if (callback != NULL) callback(3,0,cb_arg); | 128 | if(!BN_GENCB_call(cb, 3, 0)) |
| 129 | goto err; | ||
| 119 | for (;;) | 130 | for (;;) |
| 120 | { | 131 | { |
| 121 | rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg); | 132 | /* When generating ridiculously small keys, we can get stuck |
| 122 | if (rsa->q == NULL) goto err; | 133 | * continually regenerating the same prime values. Check for |
| 134 | * this and bail if it happens 3 times. */ | ||
| 135 | unsigned int degenerate = 0; | ||
| 136 | do | ||
| 137 | { | ||
| 138 | if(!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) | ||
| 139 | goto err; | ||
| 140 | } while((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3)); | ||
| 141 | if(degenerate == 3) | ||
| 142 | { | ||
| 143 | ok = 0; /* we set our own err */ | ||
| 144 | RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,RSA_R_KEY_SIZE_TOO_SMALL); | ||
| 145 | goto err; | ||
| 146 | } | ||
| 123 | if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; | 147 | if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; |
| 124 | if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; | 148 | if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; |
| 125 | if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0)) | 149 | if (BN_is_one(r1)) |
| 126 | break; | 150 | break; |
| 127 | if (callback != NULL) callback(2,n++,cb_arg); | 151 | if(!BN_GENCB_call(cb, 2, n++)) |
| 128 | BN_free(rsa->q); | 152 | goto err; |
| 129 | } | 153 | } |
| 130 | if (callback != NULL) callback(3,1,cb_arg); | 154 | if(!BN_GENCB_call(cb, 3, 1)) |
| 155 | goto err; | ||
| 131 | if (BN_cmp(rsa->p,rsa->q) < 0) | 156 | if (BN_cmp(rsa->p,rsa->q) < 0) |
| 132 | { | 157 | { |
| 133 | tmp=rsa->p; | 158 | tmp=rsa->p; |
| @@ -136,66 +161,59 @@ RSA *RSA_generate_key(int bits, unsigned long e_value, | |||
| 136 | } | 161 | } |
| 137 | 162 | ||
| 138 | /* calculate n */ | 163 | /* calculate n */ |
| 139 | rsa->n=BN_new(); | ||
| 140 | if (rsa->n == NULL) goto err; | ||
| 141 | if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err; | 164 | if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err; |
| 142 | 165 | ||
| 143 | /* calculate d */ | 166 | /* calculate d */ |
| 144 | if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */ | 167 | if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */ |
| 145 | if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */ | 168 | if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */ |
| 146 | if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */ | 169 | if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */ |
| 147 | 170 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | |
| 148 | /* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */ | ||
| 149 | /* for (;;) | ||
| 150 | { | 171 | { |
| 151 | if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err; | 172 | pr0 = &local_r0; |
| 152 | if (BN_is_one(r3)) break; | 173 | BN_with_flags(pr0, r0, BN_FLG_CONSTTIME); |
| 174 | } | ||
| 175 | else | ||
| 176 | pr0 = r0; | ||
| 177 | if (!BN_mod_inverse(rsa->d,rsa->e,pr0,ctx)) goto err; /* d */ | ||
| 153 | 178 | ||
| 154 | if (1) | 179 | /* set up d for correct BN_FLG_CONSTTIME flag */ |
| 155 | { | 180 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
| 156 | if (!BN_add_word(rsa->e,2L)) goto err; | 181 | { |
| 157 | continue; | 182 | d = &local_d; |
| 158 | } | 183 | BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); |
| 159 | RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE); | ||
| 160 | goto err; | ||
| 161 | } | 184 | } |
| 162 | */ | 185 | else |
| 163 | rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */ | 186 | d = rsa->d; |
| 164 | if (rsa->d == NULL) goto err; | ||
| 165 | 187 | ||
| 166 | /* calculate d mod (p-1) */ | 188 | /* calculate d mod (p-1) */ |
| 167 | rsa->dmp1=BN_new(); | 189 | if (!BN_mod(rsa->dmp1,d,r1,ctx)) goto err; |
| 168 | if (rsa->dmp1 == NULL) goto err; | ||
| 169 | if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err; | ||
| 170 | 190 | ||
| 171 | /* calculate d mod (q-1) */ | 191 | /* calculate d mod (q-1) */ |
| 172 | rsa->dmq1=BN_new(); | 192 | if (!BN_mod(rsa->dmq1,d,r2,ctx)) goto err; |
| 173 | if (rsa->dmq1 == NULL) goto err; | ||
| 174 | if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err; | ||
| 175 | 193 | ||
| 176 | /* calculate inverse of q mod p */ | 194 | /* calculate inverse of q mod p */ |
| 177 | rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2); | 195 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
| 178 | if (rsa->iqmp == NULL) goto err; | 196 | { |
| 197 | p = &local_p; | ||
| 198 | BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME); | ||
| 199 | } | ||
| 200 | else | ||
| 201 | p = rsa->p; | ||
| 202 | if (!BN_mod_inverse(rsa->iqmp,rsa->q,p,ctx)) goto err; | ||
| 179 | 203 | ||
| 180 | ok=1; | 204 | ok=1; |
| 181 | err: | 205 | err: |
| 182 | if (ok == -1) | 206 | if (ok == -1) |
| 183 | { | 207 | { |
| 184 | RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN); | 208 | RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,ERR_LIB_BN); |
| 185 | ok=0; | 209 | ok=0; |
| 186 | } | 210 | } |
| 187 | if (ctx != NULL) | 211 | if (ctx != NULL) |
| 188 | BN_CTX_end(ctx); | ||
| 189 | BN_CTX_free(ctx); | ||
| 190 | BN_CTX_free(ctx2); | ||
| 191 | |||
| 192 | if (!ok) | ||
| 193 | { | 212 | { |
| 194 | if (rsa != NULL) RSA_free(rsa); | 213 | BN_CTX_end(ctx); |
| 195 | return(NULL); | 214 | BN_CTX_free(ctx); |
| 196 | } | 215 | } |
| 197 | else | 216 | |
| 198 | return(rsa); | 217 | return ok; |
| 199 | } | 218 | } |
| 200 | 219 | ||
| 201 | #endif | ||
diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c index e4d622851e..104aa4c1f2 100644 --- a/src/lib/libcrypto/rsa/rsa_lib.c +++ b/src/lib/libcrypto/rsa/rsa_lib.c | |||
| @@ -67,7 +67,7 @@ | |||
| 67 | #include <openssl/engine.h> | 67 | #include <openssl/engine.h> |
| 68 | #endif | 68 | #endif |
| 69 | 69 | ||
| 70 | const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT; | 70 | const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT; |
| 71 | 71 | ||
| 72 | static const RSA_METHOD *default_RSA_meth=NULL; | 72 | static const RSA_METHOD *default_RSA_meth=NULL; |
| 73 | 73 | ||
| @@ -179,6 +179,7 @@ RSA *RSA_new_method(ENGINE *engine) | |||
| 179 | ret->_method_mod_p=NULL; | 179 | ret->_method_mod_p=NULL; |
| 180 | ret->_method_mod_q=NULL; | 180 | ret->_method_mod_q=NULL; |
| 181 | ret->blinding=NULL; | 181 | ret->blinding=NULL; |
| 182 | ret->mt_blinding=NULL; | ||
| 182 | ret->bignum_data=NULL; | 183 | ret->bignum_data=NULL; |
| 183 | ret->flags=ret->meth->flags; | 184 | ret->flags=ret->meth->flags; |
| 184 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); | 185 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); |
| @@ -232,6 +233,7 @@ void RSA_free(RSA *r) | |||
| 232 | if (r->dmq1 != NULL) BN_clear_free(r->dmq1); | 233 | if (r->dmq1 != NULL) BN_clear_free(r->dmq1); |
| 233 | if (r->iqmp != NULL) BN_clear_free(r->iqmp); | 234 | if (r->iqmp != NULL) BN_clear_free(r->iqmp); |
| 234 | if (r->blinding != NULL) BN_BLINDING_free(r->blinding); | 235 | if (r->blinding != NULL) BN_BLINDING_free(r->blinding); |
| 236 | if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding); | ||
| 235 | if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); | 237 | if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); |
| 236 | OPENSSL_free(r); | 238 | OPENSSL_free(r); |
| 237 | } | 239 | } |
| @@ -314,59 +316,117 @@ void RSA_blinding_off(RSA *rsa) | |||
| 314 | rsa->flags |= RSA_FLAG_NO_BLINDING; | 316 | rsa->flags |= RSA_FLAG_NO_BLINDING; |
| 315 | } | 317 | } |
| 316 | 318 | ||
| 317 | int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) | 319 | int RSA_blinding_on(RSA *rsa, BN_CTX *ctx) |
| 318 | { | 320 | { |
| 319 | BIGNUM *A,*Ai = NULL; | ||
| 320 | BN_CTX *ctx; | ||
| 321 | int ret=0; | 321 | int ret=0; |
| 322 | 322 | ||
| 323 | if (p_ctx == NULL) | 323 | if (rsa->blinding != NULL) |
| 324 | RSA_blinding_off(rsa); | ||
| 325 | |||
| 326 | rsa->blinding = RSA_setup_blinding(rsa, ctx); | ||
| 327 | if (rsa->blinding == NULL) | ||
| 328 | goto err; | ||
| 329 | |||
| 330 | rsa->flags |= RSA_FLAG_BLINDING; | ||
| 331 | rsa->flags &= ~RSA_FLAG_NO_BLINDING; | ||
| 332 | ret=1; | ||
| 333 | err: | ||
| 334 | return(ret); | ||
| 335 | } | ||
| 336 | |||
| 337 | static BIGNUM *rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, | ||
| 338 | const BIGNUM *q, BN_CTX *ctx) | ||
| 339 | { | ||
| 340 | BIGNUM *ret = NULL, *r0, *r1, *r2; | ||
| 341 | |||
| 342 | if (d == NULL || p == NULL || q == NULL) | ||
| 343 | return NULL; | ||
| 344 | |||
| 345 | BN_CTX_start(ctx); | ||
| 346 | r0 = BN_CTX_get(ctx); | ||
| 347 | r1 = BN_CTX_get(ctx); | ||
| 348 | r2 = BN_CTX_get(ctx); | ||
| 349 | if (r2 == NULL) | ||
| 350 | goto err; | ||
| 351 | |||
| 352 | if (!BN_sub(r1, p, BN_value_one())) goto err; | ||
| 353 | if (!BN_sub(r2, q, BN_value_one())) goto err; | ||
| 354 | if (!BN_mul(r0, r1, r2, ctx)) goto err; | ||
| 355 | |||
| 356 | ret = BN_mod_inverse(NULL, d, r0, ctx); | ||
| 357 | err: | ||
| 358 | BN_CTX_end(ctx); | ||
| 359 | return ret; | ||
| 360 | } | ||
| 361 | |||
| 362 | BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) | ||
| 363 | { | ||
| 364 | BIGNUM local_n; | ||
| 365 | BIGNUM *e,*n; | ||
| 366 | BN_CTX *ctx; | ||
| 367 | BN_BLINDING *ret = NULL; | ||
| 368 | |||
| 369 | if (in_ctx == NULL) | ||
| 324 | { | 370 | { |
| 325 | if ((ctx=BN_CTX_new()) == NULL) goto err; | 371 | if ((ctx = BN_CTX_new()) == NULL) return 0; |
| 326 | } | 372 | } |
| 327 | else | 373 | else |
| 328 | ctx=p_ctx; | 374 | ctx = in_ctx; |
| 329 | 375 | ||
| 330 | /* XXXXX: Shouldn't this be RSA_blinding_off(rsa)? */ | 376 | BN_CTX_start(ctx); |
| 331 | if (rsa->blinding != NULL) | 377 | e = BN_CTX_get(ctx); |
| 378 | if (e == NULL) | ||
| 332 | { | 379 | { |
| 333 | BN_BLINDING_free(rsa->blinding); | 380 | RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE); |
| 334 | rsa->blinding = NULL; | 381 | goto err; |
| 335 | } | 382 | } |
| 336 | 383 | ||
| 337 | /* NB: similar code appears in setup_blinding (rsa_eay.c); | 384 | if (rsa->e == NULL) |
| 338 | * this should be placed in a new function of its own, but for reasons | 385 | { |
| 339 | * of binary compatibility can't */ | 386 | e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx); |
| 387 | if (e == NULL) | ||
| 388 | { | ||
| 389 | RSAerr(RSA_F_RSA_SETUP_BLINDING, RSA_R_NO_PUBLIC_EXPONENT); | ||
| 390 | goto err; | ||
| 391 | } | ||
| 392 | } | ||
| 393 | else | ||
| 394 | e = rsa->e; | ||
| 340 | 395 | ||
| 341 | BN_CTX_start(ctx); | 396 | |
| 342 | A = BN_CTX_get(ctx); | ||
| 343 | if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) | 397 | if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) |
| 344 | { | 398 | { |
| 345 | /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */ | 399 | /* if PRNG is not properly seeded, resort to secret |
| 346 | RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0); | 400 | * exponent as unpredictable seed */ |
| 347 | if (!BN_pseudo_rand_range(A,rsa->n)) goto err; | 401 | RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0); |
| 348 | } | 402 | } |
| 349 | else | 403 | |
| 404 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | ||
| 350 | { | 405 | { |
| 351 | if (!BN_rand_range(A,rsa->n)) goto err; | 406 | /* Set BN_FLG_CONSTTIME flag */ |
| 407 | n = &local_n; | ||
| 408 | BN_with_flags(n, rsa->n, BN_FLG_CONSTTIME); | ||
| 352 | } | 409 | } |
| 353 | if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; | 410 | else |
| 411 | n = rsa->n; | ||
| 354 | 412 | ||
| 355 | if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) | 413 | ret = BN_BLINDING_create_param(NULL, e, n, ctx, |
| 414 | rsa->meth->bn_mod_exp, rsa->_method_mod_n); | ||
| 415 | if (ret == NULL) | ||
| 416 | { | ||
| 417 | RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB); | ||
| 356 | goto err; | 418 | goto err; |
| 357 | if ((rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n)) == NULL) goto err; | 419 | } |
| 358 | /* to make things thread-safe without excessive locking, | 420 | BN_BLINDING_set_thread_id(ret, CRYPTO_thread_id()); |
| 359 | * rsa->blinding will be used just by the current thread: */ | ||
| 360 | rsa->blinding->thread_id = CRYPTO_thread_id(); | ||
| 361 | rsa->flags |= RSA_FLAG_BLINDING; | ||
| 362 | rsa->flags &= ~RSA_FLAG_NO_BLINDING; | ||
| 363 | ret=1; | ||
| 364 | err: | 421 | err: |
| 365 | if (Ai != NULL) BN_free(Ai); | ||
| 366 | BN_CTX_end(ctx); | 422 | BN_CTX_end(ctx); |
| 367 | if (ctx != p_ctx) BN_CTX_free(ctx); | 423 | if (in_ctx == NULL) |
| 368 | return(ret); | 424 | BN_CTX_free(ctx); |
| 369 | } | 425 | if(rsa->e == NULL) |
| 426 | BN_free(e); | ||
| 427 | |||
| 428 | return ret; | ||
| 429 | } | ||
| 370 | 430 | ||
| 371 | int RSA_memory_lock(RSA *r) | 431 | int RSA_memory_lock(RSA *r) |
| 372 | { | 432 | { |
| @@ -389,7 +449,7 @@ int RSA_memory_lock(RSA *r) | |||
| 389 | j+= (*t[i])->top; | 449 | j+= (*t[i])->top; |
| 390 | if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) | 450 | if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) |
| 391 | { | 451 | { |
| 392 | RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); | 452 | RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); |
| 393 | return(0); | 453 | return(0); |
| 394 | } | 454 | } |
| 395 | bn=(BIGNUM *)p; | 455 | bn=(BIGNUM *)p; |
diff --git a/src/lib/libcrypto/rsa/rsa_null.c b/src/lib/libcrypto/rsa/rsa_null.c index 64057fbdcf..491572c82b 100644 --- a/src/lib/libcrypto/rsa/rsa_null.c +++ b/src/lib/libcrypto/rsa/rsa_null.c | |||
| @@ -94,6 +94,9 @@ static RSA_METHOD rsa_null_meth={ | |||
| 94 | RSA_null_finish, | 94 | RSA_null_finish, |
| 95 | 0, | 95 | 0, |
| 96 | NULL, | 96 | NULL, |
| 97 | NULL, | ||
| 98 | NULL, | ||
| 99 | NULL | ||
| 97 | }; | 100 | }; |
| 98 | 101 | ||
| 99 | const RSA_METHOD *RSA_null_method(void) | 102 | const RSA_METHOD *RSA_null_method(void) |
| @@ -104,35 +107,35 @@ const RSA_METHOD *RSA_null_method(void) | |||
| 104 | static int RSA_null_public_encrypt(int flen, const unsigned char *from, | 107 | static int RSA_null_public_encrypt(int flen, const unsigned char *from, |
| 105 | unsigned char *to, RSA *rsa, int padding) | 108 | unsigned char *to, RSA *rsa, int padding) |
| 106 | { | 109 | { |
| 107 | RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); | 110 | RSAerr(RSA_F_RSA_NULL_PUBLIC_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); |
| 108 | return -1; | 111 | return -1; |
| 109 | } | 112 | } |
| 110 | 113 | ||
| 111 | static int RSA_null_private_encrypt(int flen, const unsigned char *from, | 114 | static int RSA_null_private_encrypt(int flen, const unsigned char *from, |
| 112 | unsigned char *to, RSA *rsa, int padding) | 115 | unsigned char *to, RSA *rsa, int padding) |
| 113 | { | 116 | { |
| 114 | RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); | 117 | RSAerr(RSA_F_RSA_NULL_PRIVATE_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); |
| 115 | return -1; | 118 | return -1; |
| 116 | } | 119 | } |
| 117 | 120 | ||
| 118 | static int RSA_null_private_decrypt(int flen, const unsigned char *from, | 121 | static int RSA_null_private_decrypt(int flen, const unsigned char *from, |
| 119 | unsigned char *to, RSA *rsa, int padding) | 122 | unsigned char *to, RSA *rsa, int padding) |
| 120 | { | 123 | { |
| 121 | RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); | 124 | RSAerr(RSA_F_RSA_NULL_PRIVATE_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); |
| 122 | return -1; | 125 | return -1; |
| 123 | } | 126 | } |
| 124 | 127 | ||
| 125 | static int RSA_null_public_decrypt(int flen, const unsigned char *from, | 128 | static int RSA_null_public_decrypt(int flen, const unsigned char *from, |
| 126 | unsigned char *to, RSA *rsa, int padding) | 129 | unsigned char *to, RSA *rsa, int padding) |
| 127 | { | 130 | { |
| 128 | RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); | 131 | RSAerr(RSA_F_RSA_NULL_PUBLIC_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); |
| 129 | return -1; | 132 | return -1; |
| 130 | } | 133 | } |
| 131 | 134 | ||
| 132 | #if 0 /* not currently used */ | 135 | #if 0 /* not currently used */ |
| 133 | static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) | 136 | static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) |
| 134 | { | 137 | { |
| 135 | RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); | 138 | ...err(RSA_F_RSA_NULL_MOD_EXP, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); |
| 136 | return -1; | 139 | return -1; |
| 137 | } | 140 | } |
| 138 | #endif | 141 | #endif |
| @@ -146,5 +149,3 @@ static int RSA_null_finish(RSA *rsa) | |||
| 146 | { | 149 | { |
| 147 | return(1); | 150 | return(1); |
| 148 | } | 151 | } |
| 149 | |||
| 150 | |||
diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c index d43ecaca63..3652677a99 100644 --- a/src/lib/libcrypto/rsa/rsa_oaep.c +++ b/src/lib/libcrypto/rsa/rsa_oaep.c | |||
| @@ -28,6 +28,9 @@ | |||
| 28 | #include <openssl/rand.h> | 28 | #include <openssl/rand.h> |
| 29 | #include <openssl/sha.h> | 29 | #include <openssl/sha.h> |
| 30 | 30 | ||
| 31 | int MGF1(unsigned char *mask, long len, | ||
| 32 | const unsigned char *seed, long seedlen); | ||
| 33 | |||
| 31 | int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, | 34 | int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, |
| 32 | const unsigned char *from, int flen, | 35 | const unsigned char *from, int flen, |
| 33 | const unsigned char *param, int plen) | 36 | const unsigned char *param, int plen) |
| @@ -73,13 +76,11 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, | |||
| 73 | 20); | 76 | 20); |
| 74 | #endif | 77 | #endif |
| 75 | 78 | ||
| 76 | PKCS1_MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH, | 79 | MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH); |
| 77 | EVP_sha1()); | ||
| 78 | for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++) | 80 | for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++) |
| 79 | db[i] ^= dbmask[i]; | 81 | db[i] ^= dbmask[i]; |
| 80 | 82 | ||
| 81 | PKCS1_MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH, | 83 | MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH); |
| 82 | EVP_sha1()); | ||
| 83 | for (i = 0; i < SHA_DIGEST_LENGTH; i++) | 84 | for (i = 0; i < SHA_DIGEST_LENGTH; i++) |
| 84 | seed[i] ^= seedmask[i]; | 85 | seed[i] ^= seedmask[i]; |
| 85 | 86 | ||
| @@ -95,6 +96,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, | |||
| 95 | const unsigned char *maskeddb; | 96 | const unsigned char *maskeddb; |
| 96 | int lzero; | 97 | int lzero; |
| 97 | unsigned char *db = NULL, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH]; | 98 | unsigned char *db = NULL, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH]; |
| 99 | unsigned char *padded_from; | ||
| 98 | int bad = 0; | 100 | int bad = 0; |
| 99 | 101 | ||
| 100 | if (--num < 2 * SHA_DIGEST_LENGTH + 1) | 102 | if (--num < 2 * SHA_DIGEST_LENGTH + 1) |
| @@ -105,8 +107,6 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, | |||
| 105 | lzero = num - flen; | 107 | lzero = num - flen; |
| 106 | if (lzero < 0) | 108 | if (lzero < 0) |
| 107 | { | 109 | { |
| 108 | /* lzero == -1 */ | ||
| 109 | |||
| 110 | /* signalling this error immediately after detection might allow | 110 | /* signalling this error immediately after detection might allow |
| 111 | * for side-channel attacks (e.g. timing if 'plen' is huge | 111 | * for side-channel attacks (e.g. timing if 'plen' is huge |
| 112 | * -- cf. James H. Manger, "A Chosen Ciphertext Attack on RSA Optimal | 112 | * -- cf. James H. Manger, "A Chosen Ciphertext Attack on RSA Optimal |
| @@ -114,22 +114,30 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, | |||
| 114 | * so we use a 'bad' flag */ | 114 | * so we use a 'bad' flag */ |
| 115 | bad = 1; | 115 | bad = 1; |
| 116 | lzero = 0; | 116 | lzero = 0; |
| 117 | flen = num; /* don't overflow the memcpy to padded_from */ | ||
| 117 | } | 118 | } |
| 118 | maskeddb = from - lzero + SHA_DIGEST_LENGTH; | ||
| 119 | 119 | ||
| 120 | dblen = num - SHA_DIGEST_LENGTH; | 120 | dblen = num - SHA_DIGEST_LENGTH; |
| 121 | db = OPENSSL_malloc(dblen); | 121 | db = OPENSSL_malloc(dblen + num); |
| 122 | if (db == NULL) | 122 | if (db == NULL) |
| 123 | { | 123 | { |
| 124 | RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); | 124 | RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); |
| 125 | return -1; | 125 | return -1; |
| 126 | } | 126 | } |
| 127 | 127 | ||
| 128 | PKCS1_MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen, EVP_sha1()); | 128 | /* Always do this zero-padding copy (even when lzero == 0) |
| 129 | for (i = lzero; i < SHA_DIGEST_LENGTH; i++) | 129 | * to avoid leaking timing info about the value of lzero. */ |
| 130 | seed[i] ^= from[i - lzero]; | 130 | padded_from = db + dblen; |
| 131 | memset(padded_from, 0, lzero); | ||
| 132 | memcpy(padded_from + lzero, from, flen); | ||
| 133 | |||
| 134 | maskeddb = padded_from + SHA_DIGEST_LENGTH; | ||
| 135 | |||
| 136 | MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen); | ||
| 137 | for (i = 0; i < SHA_DIGEST_LENGTH; i++) | ||
| 138 | seed[i] ^= padded_from[i]; | ||
| 131 | 139 | ||
| 132 | PKCS1_MGF1(db, dblen, seed, SHA_DIGEST_LENGTH, EVP_sha1()); | 140 | MGF1(db, dblen, seed, SHA_DIGEST_LENGTH); |
| 133 | for (i = 0; i < dblen; i++) | 141 | for (i = 0; i < dblen; i++) |
| 134 | db[i] ^= maskeddb[i]; | 142 | db[i] ^= maskeddb[i]; |
| 135 | 143 | ||
| @@ -142,13 +150,13 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, | |||
| 142 | for (i = SHA_DIGEST_LENGTH; i < dblen; i++) | 150 | for (i = SHA_DIGEST_LENGTH; i < dblen; i++) |
| 143 | if (db[i] != 0x00) | 151 | if (db[i] != 0x00) |
| 144 | break; | 152 | break; |
| 145 | if (db[i] != 0x01 || i++ >= dblen) | 153 | if (i == dblen || db[i] != 0x01) |
| 146 | goto decoding_err; | 154 | goto decoding_err; |
| 147 | else | 155 | else |
| 148 | { | 156 | { |
| 149 | /* everything looks OK */ | 157 | /* everything looks OK */ |
| 150 | 158 | ||
| 151 | mlen = dblen - i; | 159 | mlen = dblen - ++i; |
| 152 | if (tlen < mlen) | 160 | if (tlen < mlen) |
| 153 | { | 161 | { |
| 154 | RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE); | 162 | RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE); |
diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c index 24fc94835e..f98e0a80a6 100644 --- a/src/lib/libcrypto/rsa/rsa_saos.c +++ b/src/lib/libcrypto/rsa/rsa_saos.c | |||
| @@ -107,7 +107,8 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, | |||
| 107 | RSA *rsa) | 107 | RSA *rsa) |
| 108 | { | 108 | { |
| 109 | int i,ret=0; | 109 | int i,ret=0; |
| 110 | unsigned char *p,*s; | 110 | unsigned char *s; |
| 111 | const unsigned char *p; | ||
| 111 | ASN1_OCTET_STRING *sig=NULL; | 112 | ASN1_OCTET_STRING *sig=NULL; |
| 112 | 113 | ||
| 113 | if (siglen != (unsigned int)RSA_size(rsa)) | 114 | if (siglen != (unsigned int)RSA_size(rsa)) |
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c index db86f1ac58..71aabeea1b 100644 --- a/src/lib/libcrypto/rsa/rsa_sign.c +++ b/src/lib/libcrypto/rsa/rsa_sign.c | |||
| @@ -146,7 +146,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 146 | unsigned char *sigbuf, unsigned int siglen, RSA *rsa) | 146 | unsigned char *sigbuf, unsigned int siglen, RSA *rsa) |
| 147 | { | 147 | { |
| 148 | int i,ret=0,sigtype; | 148 | int i,ret=0,sigtype; |
| 149 | unsigned char *p,*s; | 149 | unsigned char *s; |
| 150 | X509_SIG *sig=NULL; | 150 | X509_SIG *sig=NULL; |
| 151 | 151 | ||
| 152 | if (siglen != (unsigned int)RSA_size(rsa)) | 152 | if (siglen != (unsigned int)RSA_size(rsa)) |
| @@ -181,7 +181,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 181 | RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); | 181 | RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); |
| 182 | else ret = 1; | 182 | else ret = 1; |
| 183 | } else { | 183 | } else { |
| 184 | p=s; | 184 | const unsigned char *p=s; |
| 185 | sig=d2i_X509_SIG(NULL,&p,(long)i); | 185 | sig=d2i_X509_SIG(NULL,&p,(long)i); |
| 186 | 186 | ||
| 187 | if (sig == NULL) goto err; | 187 | if (sig == NULL) goto err; |
diff --git a/src/lib/libcrypto/rsa/rsa_test.c b/src/lib/libcrypto/rsa/rsa_test.c index 218bb2a39b..4080de8bcf 100644 --- a/src/lib/libcrypto/rsa/rsa_test.c +++ b/src/lib/libcrypto/rsa/rsa_test.c | |||
| @@ -8,6 +8,7 @@ | |||
| 8 | #include <openssl/crypto.h> | 8 | #include <openssl/crypto.h> |
| 9 | #include <openssl/err.h> | 9 | #include <openssl/err.h> |
| 10 | #include <openssl/rand.h> | 10 | #include <openssl/rand.h> |
| 11 | #include <openssl/bn.h> | ||
| 11 | #ifdef OPENSSL_NO_RSA | 12 | #ifdef OPENSSL_NO_RSA |
| 12 | int main(int argc, char *argv[]) | 13 | int main(int argc, char *argv[]) |
| 13 | { | 14 | { |
| @@ -218,6 +219,7 @@ int main(int argc, char *argv[]) | |||
| 218 | int plen; | 219 | int plen; |
| 219 | int clen = 0; | 220 | int clen = 0; |
| 220 | int num; | 221 | int num; |
| 222 | int n; | ||
| 221 | 223 | ||
| 222 | CRYPTO_malloc_debug_init(); | 224 | CRYPTO_malloc_debug_init(); |
| 223 | CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); | 225 | CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); |
| @@ -241,7 +243,7 @@ int main(int argc, char *argv[]) | |||
| 241 | clen = key3(key, ctext_ex); | 243 | clen = key3(key, ctext_ex); |
| 242 | break; | 244 | break; |
| 243 | } | 245 | } |
| 244 | if (v/3 > 1) key->flags |= RSA_FLAG_NO_EXP_CONSTTIME; | 246 | if (v/3 >= 1) key->flags |= RSA_FLAG_NO_CONSTTIME; |
| 245 | 247 | ||
| 246 | num = RSA_public_encrypt(plen, ptext_ex, ctext, key, | 248 | num = RSA_public_encrypt(plen, ptext_ex, ctext, key, |
| 247 | RSA_PKCS1_PADDING); | 249 | RSA_PKCS1_PADDING); |
| @@ -277,7 +279,7 @@ int main(int argc, char *argv[]) | |||
| 277 | err=1; | 279 | err=1; |
| 278 | goto next; | 280 | goto next; |
| 279 | } | 281 | } |
| 280 | 282 | ||
| 281 | num = RSA_private_decrypt(num, ctext, ptext, key, | 283 | num = RSA_private_decrypt(num, ctext, ptext, key, |
| 282 | RSA_PKCS1_OAEP_PADDING); | 284 | RSA_PKCS1_OAEP_PADDING); |
| 283 | if (num != plen || memcmp(ptext, ptext_ex, num) != 0) | 285 | if (num != plen || memcmp(ptext, ptext_ex, num) != 0) |
| @@ -286,10 +288,7 @@ int main(int argc, char *argv[]) | |||
| 286 | err=1; | 288 | err=1; |
| 287 | } | 289 | } |
| 288 | else if (memcmp(ctext, ctext_ex, num) == 0) | 290 | else if (memcmp(ctext, ctext_ex, num) == 0) |
| 289 | { | ||
| 290 | printf("OAEP test vector %d passed!\n", v); | 291 | printf("OAEP test vector %d passed!\n", v); |
| 291 | goto next; | ||
| 292 | } | ||
| 293 | 292 | ||
| 294 | /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT). | 293 | /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT). |
| 295 | Try decrypting ctext_ex */ | 294 | Try decrypting ctext_ex */ |
| @@ -304,6 +303,26 @@ int main(int argc, char *argv[]) | |||
| 304 | } | 303 | } |
| 305 | else | 304 | else |
| 306 | printf("OAEP encryption/decryption ok\n"); | 305 | printf("OAEP encryption/decryption ok\n"); |
| 306 | |||
| 307 | /* Try decrypting corrupted ciphertexts */ | ||
| 308 | for(n = 0 ; n < clen ; ++n) | ||
| 309 | { | ||
| 310 | int b; | ||
| 311 | unsigned char saved = ctext[n]; | ||
| 312 | for(b = 0 ; b < 256 ; ++b) | ||
| 313 | { | ||
| 314 | if(b == saved) | ||
| 315 | continue; | ||
| 316 | ctext[n] = b; | ||
| 317 | num = RSA_private_decrypt(num, ctext, ptext, key, | ||
| 318 | RSA_PKCS1_OAEP_PADDING); | ||
| 319 | if(num > 0) | ||
| 320 | { | ||
| 321 | printf("Corrupt data decrypted!\n"); | ||
| 322 | err = 1; | ||
| 323 | } | ||
| 324 | } | ||
| 325 | } | ||
| 307 | next: | 326 | next: |
| 308 | RSA_free(key); | 327 | RSA_free(key); |
| 309 | } | 328 | } |
| @@ -313,6 +332,9 @@ int main(int argc, char *argv[]) | |||
| 313 | 332 | ||
| 314 | CRYPTO_mem_leaks_fp(stderr); | 333 | CRYPTO_mem_leaks_fp(stderr); |
| 315 | 334 | ||
| 335 | #ifdef OPENSSL_SYS_NETWARE | ||
| 336 | if (err) printf("ERROR: %d\n", err); | ||
| 337 | #endif | ||
| 316 | return err; | 338 | return err; |
| 317 | } | 339 | } |
| 318 | #endif | 340 | #endif |
diff --git a/src/lib/libcrypto/sha/asm/sha1-586.pl b/src/lib/libcrypto/sha/asm/sha1-586.pl index 041acc0348..0b4dab2bd5 100644 --- a/src/lib/libcrypto/sha/asm/sha1-586.pl +++ b/src/lib/libcrypto/sha/asm/sha1-586.pl | |||
| @@ -1,4 +1,16 @@ | |||
| 1 | #!/usr/local/bin/perl | 1 | #!/usr/bin/env perl |
| 2 | |||
| 3 | # ==================================================================== | ||
| 4 | # [Re]written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL | ||
| 5 | # project. The module is, however, dual licensed under OpenSSL and | ||
| 6 | # CRYPTOGAMS licenses depending on where you obtain it. For further | ||
| 7 | # details see http://www.openssl.org/~appro/cryptogams/. | ||
| 8 | # ==================================================================== | ||
| 9 | |||
| 10 | # "[Re]written" was achieved in two major overhauls. In 2004 BODY_* | ||
| 11 | # functions were re-implemented to address P4 performance issue [see | ||
| 12 | # commentary below], and in 2006 the rest was rewritten in order to | ||
| 13 | # gain freedom to liberate licensing terms. | ||
| 2 | 14 | ||
| 3 | # It was noted that Intel IA-32 C compiler generates code which | 15 | # It was noted that Intel IA-32 C compiler generates code which |
| 4 | # performs ~30% *faster* on P4 CPU than original *hand-coded* | 16 | # performs ~30% *faster* on P4 CPU than original *hand-coded* |
| @@ -9,7 +21,7 @@ | |||
| 9 | # | 21 | # |
| 10 | # compared with original compared with Intel cc | 22 | # compared with original compared with Intel cc |
| 11 | # assembler impl. generated code | 23 | # assembler impl. generated code |
| 12 | # Pentium -25% +37% | 24 | # Pentium -16% +48% |
| 13 | # PIII/AMD +8% +16% | 25 | # PIII/AMD +8% +16% |
| 14 | # P4 +85%(!) +45% | 26 | # P4 +85%(!) +45% |
| 15 | # | 27 | # |
| @@ -17,174 +29,115 @@ | |||
| 17 | # improvement on P4 outweights the loss and incorporate this | 29 | # improvement on P4 outweights the loss and incorporate this |
| 18 | # re-tuned code to 0.9.7 and later. | 30 | # re-tuned code to 0.9.7 and later. |
| 19 | # ---------------------------------------------------------------- | 31 | # ---------------------------------------------------------------- |
| 20 | # Those who for any particular reason absolutely must score on | ||
| 21 | # Pentium can replace this module with one from 0.9.6 distribution. | ||
| 22 | # This "offer" shall be revoked the moment programming interface to | ||
| 23 | # this module is changed, in which case this paragraph should be | ||
| 24 | # removed. | ||
| 25 | # ---------------------------------------------------------------- | ||
| 26 | # <appro@fy.chalmers.se> | 32 | # <appro@fy.chalmers.se> |
| 27 | 33 | ||
| 28 | $normal=0; | 34 | $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; |
| 29 | 35 | push(@INC,"${dir}","${dir}../../perlasm"); | |
| 30 | push(@INC,"perlasm","../../perlasm"); | ||
| 31 | require "x86asm.pl"; | 36 | require "x86asm.pl"; |
| 32 | 37 | ||
| 33 | &asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386"); | 38 | &asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386"); |
| 34 | 39 | ||
| 35 | $A="eax"; | 40 | $A="eax"; |
| 36 | $B="ecx"; | 41 | $B="ebx"; |
| 37 | $C="ebx"; | 42 | $C="ecx"; |
| 38 | $D="edx"; | 43 | $D="edx"; |
| 39 | $E="edi"; | 44 | $E="edi"; |
| 40 | $T="esi"; | 45 | $T="esi"; |
| 41 | $tmp1="ebp"; | 46 | $tmp1="ebp"; |
| 42 | 47 | ||
| 43 | $off=9*4; | 48 | @V=($A,$B,$C,$D,$E,$T); |
| 44 | |||
| 45 | @K=(0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6); | ||
| 46 | |||
| 47 | &sha1_block_data("sha1_block_asm_data_order"); | ||
| 48 | |||
| 49 | &asm_finish(); | ||
| 50 | |||
| 51 | sub Nn | ||
| 52 | { | ||
| 53 | local($p)=@_; | ||
| 54 | local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E); | ||
| 55 | return($n{$p}); | ||
| 56 | } | ||
| 57 | |||
| 58 | sub Np | ||
| 59 | { | ||
| 60 | local($p)=@_; | ||
| 61 | local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E); | ||
| 62 | local(%n)=($A,$B,$B,$C,$C,$D,$D,$E,$E,$T,$T,$A); | ||
| 63 | return($n{$p}); | ||
| 64 | } | ||
| 65 | |||
| 66 | sub Na | ||
| 67 | { | ||
| 68 | local($n)=@_; | ||
| 69 | return( (($n )&0x0f), | ||
| 70 | (($n+ 2)&0x0f), | ||
| 71 | (($n+ 8)&0x0f), | ||
| 72 | (($n+13)&0x0f), | ||
| 73 | (($n+ 1)&0x0f)); | ||
| 74 | } | ||
| 75 | |||
| 76 | sub X_expand | ||
| 77 | { | ||
| 78 | local($in)=@_; | ||
| 79 | |||
| 80 | &comment("First, load the words onto the stack in network byte order"); | ||
| 81 | for ($i=0; $i<16; $i+=2) | ||
| 82 | { | ||
| 83 | &mov($A,&DWP(($i+0)*4,$in,"",0));# unless $i == 0; | ||
| 84 | &mov($B,&DWP(($i+1)*4,$in,"",0)); | ||
| 85 | &bswap($A); | ||
| 86 | &bswap($B); | ||
| 87 | &mov(&swtmp($i+0),$A); | ||
| 88 | &mov(&swtmp($i+1),$B); | ||
| 89 | } | ||
| 90 | |||
| 91 | &comment("We now have the X array on the stack"); | ||
| 92 | &comment("starting at sp-4"); | ||
| 93 | } | ||
| 94 | |||
| 95 | # Rules of engagement | ||
| 96 | # F is always trashable at the start, the running total. | ||
| 97 | # E becomes the next F so it can be trashed after it has been 'accumulated' | ||
| 98 | # F becomes A in the next round. We don't need to access it much. | ||
| 99 | # During the X update part, the result ends up in $X[$n0]. | ||
| 100 | 49 | ||
| 101 | sub BODY_00_15 | 50 | sub BODY_00_15 |
| 102 | { | 51 | { |
| 103 | local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; | 52 | local($n,$a,$b,$c,$d,$e,$f)=@_; |
| 104 | 53 | ||
| 105 | &comment("00_15 $n"); | 54 | &comment("00_15 $n"); |
| 106 | 55 | ||
| 107 | &mov($tmp1,$a); | 56 | &mov($f,$c); # f to hold F_00_19(b,c,d) |
| 108 | &mov($f,$c); # f to hold F_00_19(b,c,d) | 57 | if ($n==0) { &mov($tmp1,$a); } |
| 58 | else { &mov($a,$tmp1); } | ||
| 109 | &rotl($tmp1,5); # tmp1=ROTATE(a,5) | 59 | &rotl($tmp1,5); # tmp1=ROTATE(a,5) |
| 110 | &xor($f,$d); | 60 | &xor($f,$d); |
| 111 | &and($f,$b); | ||
| 112 | &rotr($b,2); # b=ROTATE(b,30) | ||
| 113 | &add($tmp1,$e); # tmp1+=e; | 61 | &add($tmp1,$e); # tmp1+=e; |
| 114 | &mov($e,&swtmp($n)); # e becomes volatile and | 62 | &and($f,$b); |
| 115 | # is loaded with xi | 63 | &mov($e,&swtmp($n%16)); # e becomes volatile and is loaded |
| 116 | &xor($f,$d); # f holds F_00_19(b,c,d) | 64 | # with xi, also note that e becomes |
| 117 | &lea($tmp1,&DWP($K,$tmp1,$e,1));# tmp1+=K_00_19+xi | 65 | # f in next round... |
| 118 | 66 | &xor($f,$d); # f holds F_00_19(b,c,d) | |
| 119 | &add($f,$tmp1); # f+=tmp1 | 67 | &rotr($b,2); # b=ROTATE(b,30) |
| 68 | &lea($tmp1,&DWP(0x5a827999,$tmp1,$e)); # tmp1+=K_00_19+xi | ||
| 69 | |||
| 70 | if ($n==15) { &add($f,$tmp1); } # f+=tmp1 | ||
| 71 | else { &add($tmp1,$f); } # f becomes a in next round | ||
| 120 | } | 72 | } |
| 121 | 73 | ||
| 122 | sub BODY_16_19 | 74 | sub BODY_16_19 |
| 123 | { | 75 | { |
| 124 | local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; | 76 | local($n,$a,$b,$c,$d,$e,$f)=@_; |
| 125 | local($n0,$n1,$n2,$n3,$np)=&Na($n); | ||
| 126 | 77 | ||
| 127 | &comment("16_19 $n"); | 78 | &comment("16_19 $n"); |
| 128 | 79 | ||
| 129 | &mov($f,&swtmp($n1)); # f to hold Xupdate(xi,xa,xb,xc,xd) | 80 | &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) |
| 130 | &mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d) | 81 | &mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d) |
| 131 | &xor($f,&swtmp($n0)); | 82 | &xor($f,&swtmp(($n+2)%16)); |
| 132 | &xor($tmp1,$d); | 83 | &xor($tmp1,$d); |
| 133 | &xor($f,&swtmp($n2)); | 84 | &xor($f,&swtmp(($n+8)%16)); |
| 134 | &and($tmp1,$b); # tmp1 holds F_00_19(b,c,d) | 85 | &and($tmp1,$b); # tmp1 holds F_00_19(b,c,d) |
| 135 | &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd | 86 | &rotr($b,2); # b=ROTATE(b,30) |
| 136 | &rotr($b,2); # b=ROTATE(b,30) | 87 | &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd |
| 137 | &xor($tmp1,$d); # tmp1=F_00_19(b,c,d) | 88 | &rotl($f,1); # f=ROTATE(f,1) |
| 138 | &rotl($f,1); # f=ROATE(f,1) | 89 | &xor($tmp1,$d); # tmp1=F_00_19(b,c,d) |
| 139 | &mov(&swtmp($n0),$f); # xi=f | 90 | &mov(&swtmp($n%16),$f); # xi=f |
| 140 | &lea($f,&DWP($K,$f,$e,1)); # f+=K_00_19+e | 91 | &lea($f,&DWP(0x5a827999,$f,$e));# f+=K_00_19+e |
| 141 | &mov($e,$a); # e becomes volatile | 92 | &mov($e,$a); # e becomes volatile |
| 142 | &add($f,$tmp1); # f+=F_00_19(b,c,d) | 93 | &rotl($e,5); # e=ROTATE(a,5) |
| 143 | &rotl($e,5); # e=ROTATE(a,5) | 94 | &add($f,$tmp1); # f+=F_00_19(b,c,d) |
| 144 | &add($f,$e); # f+=ROTATE(a,5) | 95 | &add($f,$e); # f+=ROTATE(a,5) |
| 145 | } | 96 | } |
| 146 | 97 | ||
| 147 | sub BODY_20_39 | 98 | sub BODY_20_39 |
| 148 | { | 99 | { |
| 149 | local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; | 100 | local($n,$a,$b,$c,$d,$e,$f)=@_; |
| 101 | local $K=($n<40)?0x6ed9eba1:0xca62c1d6; | ||
| 150 | 102 | ||
| 151 | &comment("20_39 $n"); | 103 | &comment("20_39 $n"); |
| 152 | local($n0,$n1,$n2,$n3,$np)=&Na($n); | ||
| 153 | 104 | ||
| 154 | &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd) | 105 | &mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d) |
| 155 | &mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d) | 106 | &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) |
| 156 | &xor($f,&swtmp($n1)); | 107 | &rotr($b,2); # b=ROTATE(b,30) |
| 157 | &rotr($b,2); # b=ROTATE(b,30) | 108 | &xor($f,&swtmp(($n+2)%16)); |
| 158 | &xor($f,&swtmp($n2)); | 109 | &xor($tmp1,$c); |
| 159 | &xor($tmp1,$c); | 110 | &xor($f,&swtmp(($n+8)%16)); |
| 160 | &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd | 111 | &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d) |
| 161 | &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d) | 112 | &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd |
| 162 | &rotl($f,1); # f=ROTATE(f,1) | 113 | &rotl($f,1); # f=ROTATE(f,1) |
| 163 | &mov(&swtmp($n0),$f); # xi=f | 114 | &add($tmp1,$e); |
| 164 | &lea($f,&DWP($K,$f,$e,1)); # f+=K_20_39+e | 115 | &mov(&swtmp($n%16),$f); # xi=f |
| 165 | &mov($e,$a); # e becomes volatile | 116 | &mov($e,$a); # e becomes volatile |
| 166 | &rotl($e,5); # e=ROTATE(a,5) | 117 | &rotl($e,5); # e=ROTATE(a,5) |
| 167 | &add($f,$tmp1); # f+=F_20_39(b,c,d) | 118 | &lea($f,&DWP($K,$f,$tmp1)); # f+=K_20_39+e |
| 168 | &add($f,$e); # f+=ROTATE(a,5) | 119 | &add($f,$e); # f+=ROTATE(a,5) |
| 169 | } | 120 | } |
| 170 | 121 | ||
| 171 | sub BODY_40_59 | 122 | sub BODY_40_59 |
| 172 | { | 123 | { |
| 173 | local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; | 124 | local($n,$a,$b,$c,$d,$e,$f)=@_; |
| 174 | 125 | ||
| 175 | &comment("40_59 $n"); | 126 | &comment("40_59 $n"); |
| 176 | local($n0,$n1,$n2,$n3,$np)=&Na($n); | ||
| 177 | 127 | ||
| 178 | &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd) | 128 | &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) |
| 129 | &mov($tmp1,&swtmp(($n+2)%16)); | ||
| 130 | &xor($f,$tmp1); | ||
| 131 | &mov($tmp1,&swtmp(($n+8)%16)); | ||
| 132 | &xor($f,$tmp1); | ||
| 133 | &mov($tmp1,&swtmp(($n+13)%16)); | ||
| 134 | &xor($f,$tmp1); # f holds xa^xb^xc^xd | ||
| 179 | &mov($tmp1,$b); # tmp1 to hold F_40_59(b,c,d) | 135 | &mov($tmp1,$b); # tmp1 to hold F_40_59(b,c,d) |
| 180 | &xor($f,&swtmp($n1)); | 136 | &rotl($f,1); # f=ROTATE(f,1) |
| 181 | &or($tmp1,$c); | 137 | &or($tmp1,$c); |
| 182 | &xor($f,&swtmp($n2)); | 138 | &mov(&swtmp($n%16),$f); # xi=f |
| 183 | &and($tmp1,$d); | 139 | &and($tmp1,$d); |
| 184 | &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd | 140 | &lea($f,&DWP(0x8f1bbcdc,$f,$e));# f+=K_40_59+e |
| 185 | &rotl($f,1); # f=ROTATE(f,1) | ||
| 186 | &mov(&swtmp($n0),$f); # xi=f | ||
| 187 | &lea($f,&DWP($K,$f,$e,1)); # f+=K_40_59+e | ||
| 188 | &mov($e,$b); # e becomes volatile and is used | 141 | &mov($e,$b); # e becomes volatile and is used |
| 189 | # to calculate F_40_59(b,c,d) | 142 | # to calculate F_40_59(b,c,d) |
| 190 | &rotr($b,2); # b=ROTATE(b,30) | 143 | &rotr($b,2); # b=ROTATE(b,30) |
| @@ -192,234 +145,75 @@ sub BODY_40_59 | |||
| 192 | &or($tmp1,$e); # tmp1 holds F_40_59(b,c,d) | 145 | &or($tmp1,$e); # tmp1 holds F_40_59(b,c,d) |
| 193 | &mov($e,$a); | 146 | &mov($e,$a); |
| 194 | &rotl($e,5); # e=ROTATE(a,5) | 147 | &rotl($e,5); # e=ROTATE(a,5) |
| 195 | &add($tmp1,$e); # tmp1+=ROTATE(a,5) | 148 | &add($f,$tmp1); # f+=tmp1; |
| 196 | &add($f,$tmp1); # f+=tmp1; | 149 | &add($f,$e); # f+=ROTATE(a,5) |
| 197 | } | ||
| 198 | |||
| 199 | sub BODY_60_79 | ||
| 200 | { | ||
| 201 | &BODY_20_39(@_); | ||
| 202 | } | 150 | } |
| 203 | 151 | ||
| 204 | sub sha1_block_host | 152 | &function_begin("sha1_block_data_order",16); |
| 205 | { | 153 | &mov($tmp1,&wparam(0)); # SHA_CTX *c |
| 206 | local($name, $sclabel)=@_; | 154 | &mov($T,&wparam(1)); # const void *input |
| 155 | &mov($A,&wparam(2)); # size_t num | ||
| 156 | &stack_push(16); # allocate X[16] | ||
| 157 | &shl($A,6); | ||
| 158 | &add($A,$T); | ||
| 159 | &mov(&wparam(2),$A); # pointer beyond the end of input | ||
| 160 | &mov($E,&DWP(16,$tmp1));# pre-load E | ||
| 207 | 161 | ||
| 208 | &function_begin_B($name,""); | 162 | &set_label("loop",16); |
| 209 | 163 | ||
| 210 | # parameter 1 is the MD5_CTX structure. | 164 | # copy input chunk to X, but reversing byte order! |
| 211 | # A 0 | 165 | for ($i=0; $i<16; $i+=4) |
| 212 | # B 4 | ||
| 213 | # C 8 | ||
| 214 | # D 12 | ||
| 215 | # E 16 | ||
| 216 | |||
| 217 | &mov("ecx", &wparam(2)); | ||
| 218 | &push("esi"); | ||
| 219 | &shl("ecx",6); | ||
| 220 | &mov("esi", &wparam(1)); | ||
| 221 | &push("ebp"); | ||
| 222 | &add("ecx","esi"); # offset to leave on | ||
| 223 | &push("ebx"); | ||
| 224 | &mov("ebp", &wparam(0)); | ||
| 225 | &push("edi"); | ||
| 226 | &mov($D, &DWP(12,"ebp","",0)); | ||
| 227 | &stack_push(18+9); | ||
| 228 | &mov($E, &DWP(16,"ebp","",0)); | ||
| 229 | &mov($C, &DWP( 8,"ebp","",0)); | ||
| 230 | &mov(&swtmp(17),"ecx"); | ||
| 231 | |||
| 232 | &comment("First we need to setup the X array"); | ||
| 233 | |||
| 234 | for ($i=0; $i<16; $i+=2) | ||
| 235 | { | 166 | { |
| 236 | &mov($A,&DWP(($i+0)*4,"esi","",0));# unless $i == 0; | 167 | &mov($A,&DWP(4*($i+0),$T)); |
| 237 | &mov($B,&DWP(($i+1)*4,"esi","",0)); | 168 | &mov($B,&DWP(4*($i+1),$T)); |
| 169 | &mov($C,&DWP(4*($i+2),$T)); | ||
| 170 | &mov($D,&DWP(4*($i+3),$T)); | ||
| 171 | &bswap($A); | ||
| 172 | &bswap($B); | ||
| 173 | &bswap($C); | ||
| 174 | &bswap($D); | ||
| 238 | &mov(&swtmp($i+0),$A); | 175 | &mov(&swtmp($i+0),$A); |
| 239 | &mov(&swtmp($i+1),$B); | 176 | &mov(&swtmp($i+1),$B); |
| 177 | &mov(&swtmp($i+2),$C); | ||
| 178 | &mov(&swtmp($i+3),$D); | ||
| 240 | } | 179 | } |
| 241 | &jmp($sclabel); | 180 | &mov(&wparam(1),$T); # redundant in 1st spin |
| 242 | &function_end_B($name); | 181 | |
| 243 | } | 182 | &mov($A,&DWP(0,$tmp1)); # load SHA_CTX |
| 244 | 183 | &mov($B,&DWP(4,$tmp1)); | |
| 245 | 184 | &mov($C,&DWP(8,$tmp1)); | |
| 246 | sub sha1_block_data | 185 | &mov($D,&DWP(12,$tmp1)); |
| 247 | { | 186 | # E is pre-loaded |
| 248 | local($name)=@_; | 187 | |
| 249 | 188 | for($i=0;$i<16;$i++) { &BODY_00_15($i,@V); unshift(@V,pop(@V)); } | |
| 250 | &function_begin_B($name,""); | 189 | for(;$i<20;$i++) { &BODY_16_19($i,@V); unshift(@V,pop(@V)); } |
| 251 | 190 | for(;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } | |
| 252 | # parameter 1 is the MD5_CTX structure. | 191 | for(;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); } |
| 253 | # A 0 | 192 | for(;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } |
| 254 | # B 4 | 193 | |
| 255 | # C 8 | 194 | (($V[5] eq $D) and ($V[0] eq $E)) or die; # double-check |
| 256 | # D 12 | 195 | |
| 257 | # E 16 | 196 | &mov($tmp1,&wparam(0)); # re-load SHA_CTX* |
| 258 | 197 | &mov($D,&wparam(1)); # D is last "T" and is discarded | |
| 259 | &mov("ecx", &wparam(2)); | 198 | |
| 260 | &push("esi"); | 199 | &add($E,&DWP(0,$tmp1)); # E is last "A"... |
| 261 | &shl("ecx",6); | 200 | &add($T,&DWP(4,$tmp1)); |
| 262 | &mov("esi", &wparam(1)); | 201 | &add($A,&DWP(8,$tmp1)); |
| 263 | &push("ebp"); | 202 | &add($B,&DWP(12,$tmp1)); |
| 264 | &add("ecx","esi"); # offset to leave on | 203 | &add($C,&DWP(16,$tmp1)); |
| 265 | &push("ebx"); | 204 | |
| 266 | &mov("ebp", &wparam(0)); | 205 | &mov(&DWP(0,$tmp1),$E); # update SHA_CTX |
| 267 | &push("edi"); | 206 | &add($D,64); # advance input pointer |
| 268 | &mov($D, &DWP(12,"ebp","",0)); | 207 | &mov(&DWP(4,$tmp1),$T); |
| 269 | &stack_push(18+9); | 208 | &cmp($D,&wparam(2)); # have we reached the end yet? |
| 270 | &mov($E, &DWP(16,"ebp","",0)); | 209 | &mov(&DWP(8,$tmp1),$A); |
| 271 | &mov($C, &DWP( 8,"ebp","",0)); | 210 | &mov($E,$C); # C is last "E" which needs to be "pre-loaded" |
| 272 | &mov(&swtmp(17),"ecx"); | 211 | &mov(&DWP(12,$tmp1),$B); |
| 273 | 212 | &mov($T,$D); # input pointer | |
| 274 | &comment("First we need to setup the X array"); | 213 | &mov(&DWP(16,$tmp1),$C); |
| 275 | 214 | &jb(&label("loop")); | |
| 276 | &set_label("start") unless $normal; | 215 | |
| 277 | 216 | &stack_pop(16); | |
| 278 | &X_expand("esi"); | 217 | &function_end("sha1_block_data_order"); |
| 279 | &mov(&wparam(1),"esi"); | ||
| 280 | |||
| 281 | &set_label("shortcut", 0, 1); | ||
| 282 | &comment(""); | ||
| 283 | &comment("Start processing"); | ||
| 284 | |||
| 285 | # odd start | ||
| 286 | &mov($A, &DWP( 0,"ebp","",0)); | ||
| 287 | &mov($B, &DWP( 4,"ebp","",0)); | ||
| 288 | $X="esp"; | ||
| 289 | &BODY_00_15(-2,$K[0],$X, 0,$A,$B,$C,$D,$E,$T); | ||
| 290 | &BODY_00_15( 0,$K[0],$X, 1,$T,$A,$B,$C,$D,$E); | ||
| 291 | &BODY_00_15( 0,$K[0],$X, 2,$E,$T,$A,$B,$C,$D); | ||
| 292 | &BODY_00_15( 0,$K[0],$X, 3,$D,$E,$T,$A,$B,$C); | ||
| 293 | &BODY_00_15( 0,$K[0],$X, 4,$C,$D,$E,$T,$A,$B); | ||
| 294 | &BODY_00_15( 0,$K[0],$X, 5,$B,$C,$D,$E,$T,$A); | ||
| 295 | &BODY_00_15( 0,$K[0],$X, 6,$A,$B,$C,$D,$E,$T); | ||
| 296 | &BODY_00_15( 0,$K[0],$X, 7,$T,$A,$B,$C,$D,$E); | ||
| 297 | &BODY_00_15( 0,$K[0],$X, 8,$E,$T,$A,$B,$C,$D); | ||
| 298 | &BODY_00_15( 0,$K[0],$X, 9,$D,$E,$T,$A,$B,$C); | ||
| 299 | &BODY_00_15( 0,$K[0],$X,10,$C,$D,$E,$T,$A,$B); | ||
| 300 | &BODY_00_15( 0,$K[0],$X,11,$B,$C,$D,$E,$T,$A); | ||
| 301 | &BODY_00_15( 0,$K[0],$X,12,$A,$B,$C,$D,$E,$T); | ||
| 302 | &BODY_00_15( 0,$K[0],$X,13,$T,$A,$B,$C,$D,$E); | ||
| 303 | &BODY_00_15( 0,$K[0],$X,14,$E,$T,$A,$B,$C,$D); | ||
| 304 | &BODY_00_15( 1,$K[0],$X,15,$D,$E,$T,$A,$B,$C); | ||
| 305 | &BODY_16_19(-1,$K[0],$X,16,$C,$D,$E,$T,$A,$B); | ||
| 306 | &BODY_16_19( 0,$K[0],$X,17,$B,$C,$D,$E,$T,$A); | ||
| 307 | &BODY_16_19( 0,$K[0],$X,18,$A,$B,$C,$D,$E,$T); | ||
| 308 | &BODY_16_19( 1,$K[0],$X,19,$T,$A,$B,$C,$D,$E); | ||
| 309 | |||
| 310 | &BODY_20_39(-1,$K[1],$X,20,$E,$T,$A,$B,$C,$D); | ||
| 311 | &BODY_20_39( 0,$K[1],$X,21,$D,$E,$T,$A,$B,$C); | ||
| 312 | &BODY_20_39( 0,$K[1],$X,22,$C,$D,$E,$T,$A,$B); | ||
| 313 | &BODY_20_39( 0,$K[1],$X,23,$B,$C,$D,$E,$T,$A); | ||
| 314 | &BODY_20_39( 0,$K[1],$X,24,$A,$B,$C,$D,$E,$T); | ||
| 315 | &BODY_20_39( 0,$K[1],$X,25,$T,$A,$B,$C,$D,$E); | ||
| 316 | &BODY_20_39( 0,$K[1],$X,26,$E,$T,$A,$B,$C,$D); | ||
| 317 | &BODY_20_39( 0,$K[1],$X,27,$D,$E,$T,$A,$B,$C); | ||
| 318 | &BODY_20_39( 0,$K[1],$X,28,$C,$D,$E,$T,$A,$B); | ||
| 319 | &BODY_20_39( 0,$K[1],$X,29,$B,$C,$D,$E,$T,$A); | ||
| 320 | &BODY_20_39( 0,$K[1],$X,30,$A,$B,$C,$D,$E,$T); | ||
| 321 | &BODY_20_39( 0,$K[1],$X,31,$T,$A,$B,$C,$D,$E); | ||
| 322 | &BODY_20_39( 0,$K[1],$X,32,$E,$T,$A,$B,$C,$D); | ||
| 323 | &BODY_20_39( 0,$K[1],$X,33,$D,$E,$T,$A,$B,$C); | ||
| 324 | &BODY_20_39( 0,$K[1],$X,34,$C,$D,$E,$T,$A,$B); | ||
| 325 | &BODY_20_39( 0,$K[1],$X,35,$B,$C,$D,$E,$T,$A); | ||
| 326 | &BODY_20_39( 0,$K[1],$X,36,$A,$B,$C,$D,$E,$T); | ||
| 327 | &BODY_20_39( 0,$K[1],$X,37,$T,$A,$B,$C,$D,$E); | ||
| 328 | &BODY_20_39( 0,$K[1],$X,38,$E,$T,$A,$B,$C,$D); | ||
| 329 | &BODY_20_39( 1,$K[1],$X,39,$D,$E,$T,$A,$B,$C); | ||
| 330 | |||
| 331 | &BODY_40_59(-1,$K[2],$X,40,$C,$D,$E,$T,$A,$B); | ||
| 332 | &BODY_40_59( 0,$K[2],$X,41,$B,$C,$D,$E,$T,$A); | ||
| 333 | &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T); | ||
| 334 | &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E); | ||
| 335 | &BODY_40_59( 0,$K[2],$X,44,$E,$T,$A,$B,$C,$D); | ||
| 336 | &BODY_40_59( 0,$K[2],$X,45,$D,$E,$T,$A,$B,$C); | ||
| 337 | &BODY_40_59( 0,$K[2],$X,46,$C,$D,$E,$T,$A,$B); | ||
| 338 | &BODY_40_59( 0,$K[2],$X,47,$B,$C,$D,$E,$T,$A); | ||
| 339 | &BODY_40_59( 0,$K[2],$X,48,$A,$B,$C,$D,$E,$T); | ||
| 340 | &BODY_40_59( 0,$K[2],$X,49,$T,$A,$B,$C,$D,$E); | ||
| 341 | &BODY_40_59( 0,$K[2],$X,50,$E,$T,$A,$B,$C,$D); | ||
| 342 | &BODY_40_59( 0,$K[2],$X,51,$D,$E,$T,$A,$B,$C); | ||
| 343 | &BODY_40_59( 0,$K[2],$X,52,$C,$D,$E,$T,$A,$B); | ||
| 344 | &BODY_40_59( 0,$K[2],$X,53,$B,$C,$D,$E,$T,$A); | ||
| 345 | &BODY_40_59( 0,$K[2],$X,54,$A,$B,$C,$D,$E,$T); | ||
| 346 | &BODY_40_59( 0,$K[2],$X,55,$T,$A,$B,$C,$D,$E); | ||
| 347 | &BODY_40_59( 0,$K[2],$X,56,$E,$T,$A,$B,$C,$D); | ||
| 348 | &BODY_40_59( 0,$K[2],$X,57,$D,$E,$T,$A,$B,$C); | ||
| 349 | &BODY_40_59( 0,$K[2],$X,58,$C,$D,$E,$T,$A,$B); | ||
| 350 | &BODY_40_59( 1,$K[2],$X,59,$B,$C,$D,$E,$T,$A); | ||
| 351 | |||
| 352 | &BODY_60_79(-1,$K[3],$X,60,$A,$B,$C,$D,$E,$T); | ||
| 353 | &BODY_60_79( 0,$K[3],$X,61,$T,$A,$B,$C,$D,$E); | ||
| 354 | &BODY_60_79( 0,$K[3],$X,62,$E,$T,$A,$B,$C,$D); | ||
| 355 | &BODY_60_79( 0,$K[3],$X,63,$D,$E,$T,$A,$B,$C); | ||
| 356 | &BODY_60_79( 0,$K[3],$X,64,$C,$D,$E,$T,$A,$B); | ||
| 357 | &BODY_60_79( 0,$K[3],$X,65,$B,$C,$D,$E,$T,$A); | ||
| 358 | &BODY_60_79( 0,$K[3],$X,66,$A,$B,$C,$D,$E,$T); | ||
| 359 | &BODY_60_79( 0,$K[3],$X,67,$T,$A,$B,$C,$D,$E); | ||
| 360 | &BODY_60_79( 0,$K[3],$X,68,$E,$T,$A,$B,$C,$D); | ||
| 361 | &BODY_60_79( 0,$K[3],$X,69,$D,$E,$T,$A,$B,$C); | ||
| 362 | &BODY_60_79( 0,$K[3],$X,70,$C,$D,$E,$T,$A,$B); | ||
| 363 | &BODY_60_79( 0,$K[3],$X,71,$B,$C,$D,$E,$T,$A); | ||
| 364 | &BODY_60_79( 0,$K[3],$X,72,$A,$B,$C,$D,$E,$T); | ||
| 365 | &BODY_60_79( 0,$K[3],$X,73,$T,$A,$B,$C,$D,$E); | ||
| 366 | &BODY_60_79( 0,$K[3],$X,74,$E,$T,$A,$B,$C,$D); | ||
| 367 | &BODY_60_79( 0,$K[3],$X,75,$D,$E,$T,$A,$B,$C); | ||
| 368 | &BODY_60_79( 0,$K[3],$X,76,$C,$D,$E,$T,$A,$B); | ||
| 369 | &BODY_60_79( 0,$K[3],$X,77,$B,$C,$D,$E,$T,$A); | ||
| 370 | &BODY_60_79( 0,$K[3],$X,78,$A,$B,$C,$D,$E,$T); | ||
| 371 | &BODY_60_79( 2,$K[3],$X,79,$T,$A,$B,$C,$D,$E); | ||
| 372 | |||
| 373 | &comment("End processing"); | ||
| 374 | &comment(""); | ||
| 375 | # D is the tmp value | ||
| 376 | |||
| 377 | # E -> A | ||
| 378 | # T -> B | ||
| 379 | # A -> C | ||
| 380 | # B -> D | ||
| 381 | # C -> E | ||
| 382 | # D -> T | ||
| 383 | |||
| 384 | &mov($tmp1,&wparam(0)); | ||
| 385 | |||
| 386 | &mov($D, &DWP(12,$tmp1,"",0)); | ||
| 387 | &add($D,$B); | ||
| 388 | &mov($B, &DWP( 4,$tmp1,"",0)); | ||
| 389 | &add($B,$T); | ||
| 390 | &mov($T, $A); | ||
| 391 | &mov($A, &DWP( 0,$tmp1,"",0)); | ||
| 392 | &mov(&DWP(12,$tmp1,"",0),$D); | ||
| 393 | |||
| 394 | &add($A,$E); | ||
| 395 | &mov($E, &DWP(16,$tmp1,"",0)); | ||
| 396 | &add($E,$C); | ||
| 397 | &mov($C, &DWP( 8,$tmp1,"",0)); | ||
| 398 | &add($C,$T); | ||
| 399 | |||
| 400 | &mov(&DWP( 0,$tmp1,"",0),$A); | ||
| 401 | &mov("esi",&wparam(1)); | ||
| 402 | &mov(&DWP( 8,$tmp1,"",0),$C); | ||
| 403 | &add("esi",64); | ||
| 404 | &mov("eax",&swtmp(17)); | ||
| 405 | &mov(&DWP(16,$tmp1,"",0),$E); | ||
| 406 | &cmp("esi","eax"); | ||
| 407 | &mov(&DWP( 4,$tmp1,"",0),$B); | ||
| 408 | &jb(&label("start")); | ||
| 409 | |||
| 410 | &stack_pop(18+9); | ||
| 411 | &pop("edi"); | ||
| 412 | &pop("ebx"); | ||
| 413 | &pop("ebp"); | ||
| 414 | &pop("esi"); | ||
| 415 | &ret(); | ||
| 416 | |||
| 417 | # keep a note of shortcut label so it can be used outside | ||
| 418 | # block. | ||
| 419 | my $sclabel = &label("shortcut"); | ||
| 420 | |||
| 421 | &function_end_B($name); | ||
| 422 | # Putting this here avoids problems with MASM in debugging mode | ||
| 423 | &sha1_block_host("sha1_block_asm_host_order", $sclabel); | ||
| 424 | } | ||
| 425 | 218 | ||
| 219 | &asm_finish(); | ||
diff --git a/src/lib/libcrypto/sha/sha.h b/src/lib/libcrypto/sha/sha.h index 79c07b0fd1..eed44d7f94 100644 --- a/src/lib/libcrypto/sha/sha.h +++ b/src/lib/libcrypto/sha/sha.h | |||
| @@ -60,6 +60,7 @@ | |||
| 60 | #define HEADER_SHA_H | 60 | #define HEADER_SHA_H |
| 61 | 61 | ||
| 62 | #include <openssl/e_os2.h> | 62 | #include <openssl/e_os2.h> |
| 63 | #include <stddef.h> | ||
| 63 | 64 | ||
| 64 | #ifdef __cplusplus | 65 | #ifdef __cplusplus |
| 65 | extern "C" { | 66 | extern "C" { |
| @@ -70,7 +71,7 @@ extern "C" { | |||
| 70 | #endif | 71 | #endif |
| 71 | 72 | ||
| 72 | #if defined(OPENSSL_FIPS) | 73 | #if defined(OPENSSL_FIPS) |
| 73 | #define FIPS_SHA_SIZE_T unsigned long | 74 | #define FIPS_SHA_SIZE_T size_t |
| 74 | #endif | 75 | #endif |
| 75 | 76 | ||
| 76 | /* | 77 | /* |
| @@ -101,26 +102,97 @@ typedef struct SHAstate_st | |||
| 101 | SHA_LONG h0,h1,h2,h3,h4; | 102 | SHA_LONG h0,h1,h2,h3,h4; |
| 102 | SHA_LONG Nl,Nh; | 103 | SHA_LONG Nl,Nh; |
| 103 | SHA_LONG data[SHA_LBLOCK]; | 104 | SHA_LONG data[SHA_LBLOCK]; |
| 104 | int num; | 105 | unsigned int num; |
| 105 | } SHA_CTX; | 106 | } SHA_CTX; |
| 106 | 107 | ||
| 107 | #ifndef OPENSSL_NO_SHA0 | 108 | #ifndef OPENSSL_NO_SHA0 |
| 108 | #ifdef OPENSSL_FIPS | ||
| 109 | int private_SHA_Init(SHA_CTX *c); | ||
| 110 | #endif | ||
| 111 | int SHA_Init(SHA_CTX *c); | 109 | int SHA_Init(SHA_CTX *c); |
| 112 | int SHA_Update(SHA_CTX *c, const void *data, unsigned long len); | 110 | int SHA_Update(SHA_CTX *c, const void *data, size_t len); |
| 113 | int SHA_Final(unsigned char *md, SHA_CTX *c); | 111 | int SHA_Final(unsigned char *md, SHA_CTX *c); |
| 114 | unsigned char *SHA(const unsigned char *d, unsigned long n,unsigned char *md); | 112 | unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md); |
| 115 | void SHA_Transform(SHA_CTX *c, const unsigned char *data); | 113 | void SHA_Transform(SHA_CTX *c, const unsigned char *data); |
| 116 | #endif | 114 | #endif |
| 117 | #ifndef OPENSSL_NO_SHA1 | 115 | #ifndef OPENSSL_NO_SHA1 |
| 118 | int SHA1_Init(SHA_CTX *c); | 116 | int SHA1_Init(SHA_CTX *c); |
| 119 | int SHA1_Update(SHA_CTX *c, const void *data, unsigned long len); | 117 | int SHA1_Update(SHA_CTX *c, const void *data, size_t len); |
| 120 | int SHA1_Final(unsigned char *md, SHA_CTX *c); | 118 | int SHA1_Final(unsigned char *md, SHA_CTX *c); |
| 121 | unsigned char *SHA1(const unsigned char *d, unsigned long n,unsigned char *md); | 119 | unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md); |
| 122 | void SHA1_Transform(SHA_CTX *c, const unsigned char *data); | 120 | void SHA1_Transform(SHA_CTX *c, const unsigned char *data); |
| 123 | #endif | 121 | #endif |
| 122 | |||
| 123 | #define SHA256_CBLOCK (SHA_LBLOCK*4) /* SHA-256 treats input data as a | ||
| 124 | * contiguous array of 32 bit | ||
| 125 | * wide big-endian values. */ | ||
| 126 | #define SHA224_DIGEST_LENGTH 28 | ||
| 127 | #define SHA256_DIGEST_LENGTH 32 | ||
| 128 | |||
| 129 | typedef struct SHA256state_st | ||
| 130 | { | ||
| 131 | SHA_LONG h[8]; | ||
| 132 | SHA_LONG Nl,Nh; | ||
| 133 | SHA_LONG data[SHA_LBLOCK]; | ||
| 134 | unsigned int num,md_len; | ||
| 135 | } SHA256_CTX; | ||
| 136 | |||
| 137 | #ifndef OPENSSL_NO_SHA256 | ||
| 138 | int SHA224_Init(SHA256_CTX *c); | ||
| 139 | int SHA224_Update(SHA256_CTX *c, const void *data, size_t len); | ||
| 140 | int SHA224_Final(unsigned char *md, SHA256_CTX *c); | ||
| 141 | unsigned char *SHA224(const unsigned char *d, size_t n,unsigned char *md); | ||
| 142 | int SHA256_Init(SHA256_CTX *c); | ||
| 143 | int SHA256_Update(SHA256_CTX *c, const void *data, size_t len); | ||
| 144 | int SHA256_Final(unsigned char *md, SHA256_CTX *c); | ||
| 145 | unsigned char *SHA256(const unsigned char *d, size_t n,unsigned char *md); | ||
| 146 | void SHA256_Transform(SHA256_CTX *c, const unsigned char *data); | ||
| 147 | #endif | ||
| 148 | |||
| 149 | #define SHA384_DIGEST_LENGTH 48 | ||
| 150 | #define SHA512_DIGEST_LENGTH 64 | ||
| 151 | |||
| 152 | #ifndef OPENSSL_NO_SHA512 | ||
| 153 | /* | ||
| 154 | * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64 | ||
| 155 | * being exactly 64-bit wide. See Implementation Notes in sha512.c | ||
| 156 | * for further details. | ||
| 157 | */ | ||
| 158 | #define SHA512_CBLOCK (SHA_LBLOCK*8) /* SHA-512 treats input data as a | ||
| 159 | * contiguous array of 64 bit | ||
| 160 | * wide big-endian values. */ | ||
| 161 | #if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) | ||
| 162 | #define SHA_LONG64 unsigned __int64 | ||
| 163 | #define U64(C) C##UI64 | ||
| 164 | #elif defined(__arch64__) | ||
| 165 | #define SHA_LONG64 unsigned long | ||
| 166 | #define U64(C) C##UL | ||
| 167 | #else | ||
| 168 | #define SHA_LONG64 unsigned long long | ||
| 169 | #define U64(C) C##ULL | ||
| 170 | #endif | ||
| 171 | |||
| 172 | typedef struct SHA512state_st | ||
| 173 | { | ||
| 174 | SHA_LONG64 h[8]; | ||
| 175 | SHA_LONG64 Nl,Nh; | ||
| 176 | union { | ||
| 177 | SHA_LONG64 d[SHA_LBLOCK]; | ||
| 178 | unsigned char p[SHA512_CBLOCK]; | ||
| 179 | } u; | ||
| 180 | unsigned int num,md_len; | ||
| 181 | } SHA512_CTX; | ||
| 182 | #endif | ||
| 183 | |||
| 184 | #ifndef OPENSSL_NO_SHA512 | ||
| 185 | int SHA384_Init(SHA512_CTX *c); | ||
| 186 | int SHA384_Update(SHA512_CTX *c, const void *data, size_t len); | ||
| 187 | int SHA384_Final(unsigned char *md, SHA512_CTX *c); | ||
| 188 | unsigned char *SHA384(const unsigned char *d, size_t n,unsigned char *md); | ||
| 189 | int SHA512_Init(SHA512_CTX *c); | ||
| 190 | int SHA512_Update(SHA512_CTX *c, const void *data, size_t len); | ||
| 191 | int SHA512_Final(unsigned char *md, SHA512_CTX *c); | ||
| 192 | unsigned char *SHA512(const unsigned char *d, size_t n,unsigned char *md); | ||
| 193 | void SHA512_Transform(SHA512_CTX *c, const unsigned char *data); | ||
| 194 | #endif | ||
| 195 | |||
| 124 | #ifdef __cplusplus | 196 | #ifdef __cplusplus |
| 125 | } | 197 | } |
| 126 | #endif | 198 | #endif |
diff --git a/src/lib/libcrypto/sha/sha1_one.c b/src/lib/libcrypto/sha/sha1_one.c index f4694b701b..7c65b60276 100644 --- a/src/lib/libcrypto/sha/sha1_one.c +++ b/src/lib/libcrypto/sha/sha1_one.c | |||
| @@ -61,8 +61,8 @@ | |||
| 61 | #include <openssl/sha.h> | 61 | #include <openssl/sha.h> |
| 62 | #include <openssl/crypto.h> | 62 | #include <openssl/crypto.h> |
| 63 | 63 | ||
| 64 | #if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_FIPS) | 64 | #ifndef OPENSSL_NO_SHA1 |
| 65 | unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md) | 65 | unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) |
| 66 | { | 66 | { |
| 67 | SHA_CTX c; | 67 | SHA_CTX c; |
| 68 | static unsigned char m[SHA_DIGEST_LENGTH]; | 68 | static unsigned char m[SHA_DIGEST_LENGTH]; |
diff --git a/src/lib/libcrypto/sha/sha1dgst.c b/src/lib/libcrypto/sha/sha1dgst.c index 1e2009b760..50d1925cde 100644 --- a/src/lib/libcrypto/sha/sha1dgst.c +++ b/src/lib/libcrypto/sha/sha1dgst.c | |||
| @@ -56,26 +56,19 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/opensslconf.h> | ||
| 59 | #if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA) | 60 | #if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA) |
| 60 | 61 | ||
| 61 | #undef SHA_0 | 62 | #undef SHA_0 |
| 62 | #define SHA_1 | 63 | #define SHA_1 |
| 63 | 64 | ||
| 64 | #include <openssl/opensslv.h> | 65 | #include <openssl/opensslv.h> |
| 65 | #include <openssl/opensslconf.h> | ||
| 66 | 66 | ||
| 67 | #ifndef OPENSSL_FIPS | 67 | const char SHA1_version[]="SHA1" OPENSSL_VERSION_PTEXT; |
| 68 | const char *SHA1_version="SHA1" OPENSSL_VERSION_PTEXT; | ||
| 69 | 68 | ||
| 70 | /* The implementation is in ../md32_common.h */ | 69 | /* The implementation is in ../md32_common.h */ |
| 71 | 70 | ||
| 72 | #include "sha_locl.h" | 71 | #include "sha_locl.h" |
| 73 | 72 | ||
| 74 | #else /* ndef OPENSSL_FIPS */ | ||
| 75 | |||
| 76 | static void *dummy=&dummy; | ||
| 77 | |||
| 78 | #endif /* ndef OPENSSL_FIPS */ | ||
| 79 | |||
| 80 | #endif | 73 | #endif |
| 81 | 74 | ||
diff --git a/src/lib/libcrypto/sha/sha1test.c b/src/lib/libcrypto/sha/sha1test.c index 4f2e4ada2d..6feb3964c7 100644 --- a/src/lib/libcrypto/sha/sha1test.c +++ b/src/lib/libcrypto/sha/sha1test.c | |||
| @@ -106,7 +106,7 @@ static char *pt(unsigned char *md); | |||
| 106 | int main(int argc, char *argv[]) | 106 | int main(int argc, char *argv[]) |
| 107 | { | 107 | { |
| 108 | int i,err=0; | 108 | int i,err=0; |
| 109 | unsigned char **P,**R; | 109 | char **P,**R; |
| 110 | static unsigned char buf[1000]; | 110 | static unsigned char buf[1000]; |
| 111 | char *p,*r; | 111 | char *p,*r; |
| 112 | EVP_MD_CTX c; | 112 | EVP_MD_CTX c; |
| @@ -118,12 +118,12 @@ int main(int argc, char *argv[]) | |||
| 118 | #endif | 118 | #endif |
| 119 | 119 | ||
| 120 | EVP_MD_CTX_init(&c); | 120 | EVP_MD_CTX_init(&c); |
| 121 | P=(unsigned char **)test; | 121 | P=test; |
| 122 | R=(unsigned char **)ret; | 122 | R=ret; |
| 123 | i=1; | 123 | i=1; |
| 124 | while (*P != NULL) | 124 | while (*P != NULL) |
| 125 | { | 125 | { |
| 126 | EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha1(), NULL); | 126 | EVP_Digest(*P,strlen((char *)*P),md,NULL,EVP_sha1(), NULL); |
| 127 | p=pt(md); | 127 | p=pt(md); |
| 128 | if (strcmp(p,(char *)*R) != 0) | 128 | if (strcmp(p,(char *)*R) != 0) |
| 129 | { | 129 | { |
| @@ -157,6 +157,10 @@ int main(int argc, char *argv[]) | |||
| 157 | } | 157 | } |
| 158 | else | 158 | else |
| 159 | printf("test 3 ok\n"); | 159 | printf("test 3 ok\n"); |
| 160 | |||
| 161 | #ifdef OPENSSL_SYS_NETWARE | ||
| 162 | if (err) printf("ERROR: %d\n", err); | ||
| 163 | #endif | ||
| 160 | EXIT(err); | 164 | EXIT(err); |
| 161 | EVP_MD_CTX_cleanup(&c); | 165 | EVP_MD_CTX_cleanup(&c); |
| 162 | return(0); | 166 | return(0); |
diff --git a/src/lib/libcrypto/sha/sha_dgst.c b/src/lib/libcrypto/sha/sha_dgst.c index 5a4b3ab204..70eb56032c 100644 --- a/src/lib/libcrypto/sha/sha_dgst.c +++ b/src/lib/libcrypto/sha/sha_dgst.c | |||
| @@ -56,6 +56,7 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/opensslconf.h> | ||
| 59 | #if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA) | 60 | #if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA) |
| 60 | 61 | ||
| 61 | #undef SHA_1 | 62 | #undef SHA_1 |
| @@ -63,7 +64,7 @@ | |||
| 63 | 64 | ||
| 64 | #include <openssl/opensslv.h> | 65 | #include <openssl/opensslv.h> |
| 65 | 66 | ||
| 66 | const char *SHA_version="SHA" OPENSSL_VERSION_PTEXT; | 67 | const char SHA_version[]="SHA" OPENSSL_VERSION_PTEXT; |
| 67 | 68 | ||
| 68 | /* The implementation is in ../md32_common.h */ | 69 | /* The implementation is in ../md32_common.h */ |
| 69 | 70 | ||
diff --git a/src/lib/libcrypto/sha/sha_locl.h b/src/lib/libcrypto/sha/sha_locl.h index a3623f72da..e37e5726e3 100644 --- a/src/lib/libcrypto/sha/sha_locl.h +++ b/src/lib/libcrypto/sha/sha_locl.h | |||
| @@ -62,17 +62,11 @@ | |||
| 62 | #include <openssl/opensslconf.h> | 62 | #include <openssl/opensslconf.h> |
| 63 | #include <openssl/sha.h> | 63 | #include <openssl/sha.h> |
| 64 | 64 | ||
| 65 | #ifndef SHA_LONG_LOG2 | ||
| 66 | #define SHA_LONG_LOG2 2 /* default to 32 bits */ | ||
| 67 | #endif | ||
| 68 | |||
| 69 | #define DATA_ORDER_IS_BIG_ENDIAN | 65 | #define DATA_ORDER_IS_BIG_ENDIAN |
| 70 | 66 | ||
| 71 | #define HASH_LONG SHA_LONG | 67 | #define HASH_LONG SHA_LONG |
| 72 | #define HASH_LONG_LOG2 SHA_LONG_LOG2 | ||
| 73 | #define HASH_CTX SHA_CTX | 68 | #define HASH_CTX SHA_CTX |
| 74 | #define HASH_CBLOCK SHA_CBLOCK | 69 | #define HASH_CBLOCK SHA_CBLOCK |
| 75 | #define HASH_LBLOCK SHA_LBLOCK | ||
| 76 | #define HASH_MAKE_STRING(c,s) do { \ | 70 | #define HASH_MAKE_STRING(c,s) do { \ |
| 77 | unsigned long ll; \ | 71 | unsigned long ll; \ |
| 78 | ll=(c)->h0; HOST_l2c(ll,(s)); \ | 72 | ll=(c)->h0; HOST_l2c(ll,(s)); \ |
| @@ -88,12 +82,10 @@ | |||
| 88 | # define HASH_TRANSFORM SHA_Transform | 82 | # define HASH_TRANSFORM SHA_Transform |
| 89 | # define HASH_FINAL SHA_Final | 83 | # define HASH_FINAL SHA_Final |
| 90 | # define HASH_INIT SHA_Init | 84 | # define HASH_INIT SHA_Init |
| 91 | # define HASH_BLOCK_HOST_ORDER sha_block_host_order | ||
| 92 | # define HASH_BLOCK_DATA_ORDER sha_block_data_order | 85 | # define HASH_BLOCK_DATA_ORDER sha_block_data_order |
| 93 | # define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id)) | 86 | # define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id)) |
| 94 | 87 | ||
| 95 | void sha_block_host_order (SHA_CTX *c, const void *p,int num); | 88 | static void sha_block_data_order (SHA_CTX *c, const void *p,size_t num); |
| 96 | void sha_block_data_order (SHA_CTX *c, const void *p,int num); | ||
| 97 | 89 | ||
| 98 | #elif defined(SHA_1) | 90 | #elif defined(SHA_1) |
| 99 | 91 | ||
| @@ -101,7 +93,6 @@ | |||
| 101 | # define HASH_TRANSFORM SHA1_Transform | 93 | # define HASH_TRANSFORM SHA1_Transform |
| 102 | # define HASH_FINAL SHA1_Final | 94 | # define HASH_FINAL SHA1_Final |
| 103 | # define HASH_INIT SHA1_Init | 95 | # define HASH_INIT SHA1_Init |
| 104 | # define HASH_BLOCK_HOST_ORDER sha1_block_host_order | ||
| 105 | # define HASH_BLOCK_DATA_ORDER sha1_block_data_order | 96 | # define HASH_BLOCK_DATA_ORDER sha1_block_data_order |
| 106 | # if defined(__MWERKS__) && defined(__MC68K__) | 97 | # if defined(__MWERKS__) && defined(__MC68K__) |
| 107 | /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */ | 98 | /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */ |
| @@ -114,22 +105,10 @@ | |||
| 114 | ) | 105 | ) |
| 115 | # endif | 106 | # endif |
| 116 | 107 | ||
| 117 | # ifdef SHA1_ASM | 108 | #ifndef SHA1_ASM |
| 118 | # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) | 109 | static |
| 119 | # define sha1_block_host_order sha1_block_asm_host_order | 110 | #endif |
| 120 | # define DONT_IMPLEMENT_BLOCK_HOST_ORDER | 111 | void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num); |
| 121 | # define sha1_block_data_order sha1_block_asm_data_order | ||
| 122 | # define DONT_IMPLEMENT_BLOCK_DATA_ORDER | ||
| 123 | # define HASH_BLOCK_DATA_ORDER_ALIGNED sha1_block_asm_data_order | ||
| 124 | # elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64) | ||
| 125 | # define sha1_block_host_order sha1_block_asm_host_order | ||
| 126 | # define DONT_IMPLEMENT_BLOCK_HOST_ORDER | ||
| 127 | # define sha1_block_data_order sha1_block_asm_data_order | ||
| 128 | # define DONT_IMPLEMENT_BLOCK_DATA_ORDER | ||
| 129 | # endif | ||
| 130 | # endif | ||
| 131 | void sha1_block_host_order (SHA_CTX *c, const void *p,int num); | ||
| 132 | void sha1_block_data_order (SHA_CTX *c, const void *p,int num); | ||
| 133 | 112 | ||
| 134 | #else | 113 | #else |
| 135 | # error "Either SHA_0 or SHA_1 must be defined." | 114 | # error "Either SHA_0 or SHA_1 must be defined." |
| @@ -143,11 +122,7 @@ | |||
| 143 | #define INIT_DATA_h3 0x10325476UL | 122 | #define INIT_DATA_h3 0x10325476UL |
| 144 | #define INIT_DATA_h4 0xc3d2e1f0UL | 123 | #define INIT_DATA_h4 0xc3d2e1f0UL |
| 145 | 124 | ||
| 146 | #if defined(SHA_0) && defined(OPENSSL_FIPS) | ||
| 147 | FIPS_NON_FIPS_MD_Init(SHA) | ||
| 148 | #else | ||
| 149 | int HASH_INIT (SHA_CTX *c) | 125 | int HASH_INIT (SHA_CTX *c) |
| 150 | #endif | ||
| 151 | { | 126 | { |
| 152 | c->h0=INIT_DATA_h0; | 127 | c->h0=INIT_DATA_h0; |
| 153 | c->h1=INIT_DATA_h1; | 128 | c->h1=INIT_DATA_h1; |
| @@ -177,6 +152,8 @@ int HASH_INIT (SHA_CTX *c) | |||
| 177 | #define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d))) | 152 | #define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d))) |
| 178 | #define F_60_79(b,c,d) F_20_39(b,c,d) | 153 | #define F_60_79(b,c,d) F_20_39(b,c,d) |
| 179 | 154 | ||
| 155 | #ifndef OPENSSL_SMALL_FOOTPRINT | ||
| 156 | |||
| 180 | #define BODY_00_15(i,a,b,c,d,e,f,xi) \ | 157 | #define BODY_00_15(i,a,b,c,d,e,f,xi) \ |
| 181 | (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \ | 158 | (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \ |
| 182 | (b)=ROTATE((b),30); | 159 | (b)=ROTATE((b),30); |
| @@ -229,11 +206,11 @@ int HASH_INIT (SHA_CTX *c) | |||
| 229 | # define X(i) XX[i] | 206 | # define X(i) XX[i] |
| 230 | #endif | 207 | #endif |
| 231 | 208 | ||
| 232 | #ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER | 209 | #if !defined(SHA_1) || !defined(SHA1_ASM) |
| 233 | void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) | 210 | static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num) |
| 234 | { | 211 | { |
| 235 | const SHA_LONG *W=d; | 212 | const unsigned char *data=p; |
| 236 | register unsigned MD32_REG_T A,B,C,D,E,T; | 213 | register unsigned MD32_REG_T A,B,C,D,E,T,l; |
| 237 | #ifndef MD32_XARRAY | 214 | #ifndef MD32_XARRAY |
| 238 | unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, | 215 | unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, |
| 239 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; | 216 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; |
| @@ -248,41 +225,71 @@ void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) | |||
| 248 | E=c->h4; | 225 | E=c->h4; |
| 249 | 226 | ||
| 250 | for (;;) | 227 | for (;;) |
| 228 | { | ||
| 229 | const union { long one; char little; } is_endian = {1}; | ||
| 230 | |||
| 231 | if (!is_endian.little && sizeof(SHA_LONG)==4 && ((size_t)p%4)==0) | ||
| 232 | { | ||
| 233 | const SHA_LONG *W=(const SHA_LONG *)data; | ||
| 234 | |||
| 235 | X( 0) = W[0]; X( 1) = W[ 1]; | ||
| 236 | BODY_00_15( 0,A,B,C,D,E,T,X( 0)); X( 2) = W[ 2]; | ||
| 237 | BODY_00_15( 1,T,A,B,C,D,E,X( 1)); X( 3) = W[ 3]; | ||
| 238 | BODY_00_15( 2,E,T,A,B,C,D,X( 2)); X( 4) = W[ 4]; | ||
| 239 | BODY_00_15( 3,D,E,T,A,B,C,X( 3)); X( 5) = W[ 5]; | ||
| 240 | BODY_00_15( 4,C,D,E,T,A,B,X( 4)); X( 6) = W[ 6]; | ||
| 241 | BODY_00_15( 5,B,C,D,E,T,A,X( 5)); X( 7) = W[ 7]; | ||
| 242 | BODY_00_15( 6,A,B,C,D,E,T,X( 6)); X( 8) = W[ 8]; | ||
| 243 | BODY_00_15( 7,T,A,B,C,D,E,X( 7)); X( 9) = W[ 9]; | ||
| 244 | BODY_00_15( 8,E,T,A,B,C,D,X( 8)); X(10) = W[10]; | ||
| 245 | BODY_00_15( 9,D,E,T,A,B,C,X( 9)); X(11) = W[11]; | ||
| 246 | BODY_00_15(10,C,D,E,T,A,B,X(10)); X(12) = W[12]; | ||
| 247 | BODY_00_15(11,B,C,D,E,T,A,X(11)); X(13) = W[13]; | ||
| 248 | BODY_00_15(12,A,B,C,D,E,T,X(12)); X(14) = W[14]; | ||
| 249 | BODY_00_15(13,T,A,B,C,D,E,X(13)); X(15) = W[15]; | ||
| 250 | BODY_00_15(14,E,T,A,B,C,D,X(14)); | ||
| 251 | BODY_00_15(15,D,E,T,A,B,C,X(15)); | ||
| 252 | |||
| 253 | data += SHA_CBLOCK; | ||
| 254 | } | ||
| 255 | else | ||
| 251 | { | 256 | { |
| 252 | BODY_00_15( 0,A,B,C,D,E,T,W[ 0]); | 257 | HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l; |
| 253 | BODY_00_15( 1,T,A,B,C,D,E,W[ 1]); | 258 | BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l; |
| 254 | BODY_00_15( 2,E,T,A,B,C,D,W[ 2]); | 259 | BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l; |
| 255 | BODY_00_15( 3,D,E,T,A,B,C,W[ 3]); | 260 | BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l; |
| 256 | BODY_00_15( 4,C,D,E,T,A,B,W[ 4]); | 261 | BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l; |
| 257 | BODY_00_15( 5,B,C,D,E,T,A,W[ 5]); | 262 | BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l; |
| 258 | BODY_00_15( 6,A,B,C,D,E,T,W[ 6]); | 263 | BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l; |
| 259 | BODY_00_15( 7,T,A,B,C,D,E,W[ 7]); | 264 | BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l; |
| 260 | BODY_00_15( 8,E,T,A,B,C,D,W[ 8]); | 265 | BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l; |
| 261 | BODY_00_15( 9,D,E,T,A,B,C,W[ 9]); | 266 | BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l; |
| 262 | BODY_00_15(10,C,D,E,T,A,B,W[10]); | 267 | BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l; |
| 263 | BODY_00_15(11,B,C,D,E,T,A,W[11]); | 268 | BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l; |
| 264 | BODY_00_15(12,A,B,C,D,E,T,W[12]); | 269 | BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l; |
| 265 | BODY_00_15(13,T,A,B,C,D,E,W[13]); | 270 | BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l; |
| 266 | BODY_00_15(14,E,T,A,B,C,D,W[14]); | 271 | BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l; |
| 267 | BODY_00_15(15,D,E,T,A,B,C,W[15]); | 272 | BODY_00_15(14,E,T,A,B,C,D,X(14)); |
| 268 | 273 | BODY_00_15(15,D,E,T,A,B,C,X(15)); | |
| 269 | BODY_16_19(16,C,D,E,T,A,B,X( 0),W[ 0],W[ 2],W[ 8],W[13]); | 274 | } |
| 270 | BODY_16_19(17,B,C,D,E,T,A,X( 1),W[ 1],W[ 3],W[ 9],W[14]); | 275 | |
| 271 | BODY_16_19(18,A,B,C,D,E,T,X( 2),W[ 2],W[ 4],W[10],W[15]); | 276 | BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13)); |
| 272 | BODY_16_19(19,T,A,B,C,D,E,X( 3),W[ 3],W[ 5],W[11],X( 0)); | 277 | BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14)); |
| 273 | 278 | BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15)); | |
| 274 | BODY_20_31(20,E,T,A,B,C,D,X( 4),W[ 4],W[ 6],W[12],X( 1)); | 279 | BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0)); |
| 275 | BODY_20_31(21,D,E,T,A,B,C,X( 5),W[ 5],W[ 7],W[13],X( 2)); | 280 | |
| 276 | BODY_20_31(22,C,D,E,T,A,B,X( 6),W[ 6],W[ 8],W[14],X( 3)); | 281 | BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1)); |
| 277 | BODY_20_31(23,B,C,D,E,T,A,X( 7),W[ 7],W[ 9],W[15],X( 4)); | 282 | BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2)); |
| 278 | BODY_20_31(24,A,B,C,D,E,T,X( 8),W[ 8],W[10],X( 0),X( 5)); | 283 | BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3)); |
| 279 | BODY_20_31(25,T,A,B,C,D,E,X( 9),W[ 9],W[11],X( 1),X( 6)); | 284 | BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4)); |
| 280 | BODY_20_31(26,E,T,A,B,C,D,X(10),W[10],W[12],X( 2),X( 7)); | 285 | BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5)); |
| 281 | BODY_20_31(27,D,E,T,A,B,C,X(11),W[11],W[13],X( 3),X( 8)); | 286 | BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6)); |
| 282 | BODY_20_31(28,C,D,E,T,A,B,X(12),W[12],W[14],X( 4),X( 9)); | 287 | BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7)); |
| 283 | BODY_20_31(29,B,C,D,E,T,A,X(13),W[13],W[15],X( 5),X(10)); | 288 | BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8)); |
| 284 | BODY_20_31(30,A,B,C,D,E,T,X(14),W[14],X( 0),X( 6),X(11)); | 289 | BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9)); |
| 285 | BODY_20_31(31,T,A,B,C,D,E,X(15),W[15],X( 1),X( 7),X(12)); | 290 | BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10)); |
| 291 | BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11)); | ||
| 292 | BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12)); | ||
| 286 | 293 | ||
| 287 | BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13)); | 294 | BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13)); |
| 288 | BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14)); | 295 | BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14)); |
| @@ -341,7 +348,7 @@ void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) | |||
| 341 | c->h3=(c->h3+B)&0xffffffffL; | 348 | c->h3=(c->h3+B)&0xffffffffL; |
| 342 | c->h4=(c->h4+C)&0xffffffffL; | 349 | c->h4=(c->h4+C)&0xffffffffL; |
| 343 | 350 | ||
| 344 | if (--num <= 0) break; | 351 | if (--num == 0) break; |
| 345 | 352 | ||
| 346 | A=c->h0; | 353 | A=c->h0; |
| 347 | B=c->h1; | 354 | B=c->h1; |
| @@ -349,22 +356,48 @@ void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) | |||
| 349 | D=c->h3; | 356 | D=c->h3; |
| 350 | E=c->h4; | 357 | E=c->h4; |
| 351 | 358 | ||
| 352 | W+=SHA_LBLOCK; | 359 | } |
| 353 | } | ||
| 354 | } | 360 | } |
| 355 | #endif | 361 | #endif |
| 356 | 362 | ||
| 357 | #ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER | 363 | #else /* OPENSSL_SMALL_FOOTPRINT */ |
| 358 | void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num) | 364 | |
| 365 | #define BODY_00_15(xi) do { \ | ||
| 366 | T=E+K_00_19+F_00_19(B,C,D); \ | ||
| 367 | E=D, D=C, C=ROTATE(B,30), B=A; \ | ||
| 368 | A=ROTATE(A,5)+T+xi; } while(0) | ||
| 369 | |||
| 370 | #define BODY_16_19(xa,xb,xc,xd) do { \ | ||
| 371 | Xupdate(T,xa,xa,xb,xc,xd); \ | ||
| 372 | T+=E+K_00_19+F_00_19(B,C,D); \ | ||
| 373 | E=D, D=C, C=ROTATE(B,30), B=A; \ | ||
| 374 | A=ROTATE(A,5)+T; } while(0) | ||
| 375 | |||
| 376 | #define BODY_20_39(xa,xb,xc,xd) do { \ | ||
| 377 | Xupdate(T,xa,xa,xb,xc,xd); \ | ||
| 378 | T+=E+K_20_39+F_20_39(B,C,D); \ | ||
| 379 | E=D, D=C, C=ROTATE(B,30), B=A; \ | ||
| 380 | A=ROTATE(A,5)+T; } while(0) | ||
| 381 | |||
| 382 | #define BODY_40_59(xa,xb,xc,xd) do { \ | ||
| 383 | Xupdate(T,xa,xa,xb,xc,xd); \ | ||
| 384 | T+=E+K_40_59+F_40_59(B,C,D); \ | ||
| 385 | E=D, D=C, C=ROTATE(B,30), B=A; \ | ||
| 386 | A=ROTATE(A,5)+T; } while(0) | ||
| 387 | |||
| 388 | #define BODY_60_79(xa,xb,xc,xd) do { \ | ||
| 389 | Xupdate(T,xa,xa,xb,xc,xd); \ | ||
| 390 | T=E+K_60_79+F_60_79(B,C,D); \ | ||
| 391 | E=D, D=C, C=ROTATE(B,30), B=A; \ | ||
| 392 | A=ROTATE(A,5)+T+xa; } while(0) | ||
| 393 | |||
| 394 | #if !defined(SHA_1) || !defined(SHA1_ASM) | ||
| 395 | static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num) | ||
| 359 | { | 396 | { |
| 360 | const unsigned char *data=p; | 397 | const unsigned char *data=p; |
| 361 | register unsigned MD32_REG_T A,B,C,D,E,T,l; | 398 | register unsigned MD32_REG_T A,B,C,D,E,T,l; |
| 362 | #ifndef MD32_XARRAY | 399 | int i; |
| 363 | unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, | 400 | SHA_LONG X[16]; |
| 364 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; | ||
| 365 | #else | ||
| 366 | SHA_LONG XX[16]; | ||
| 367 | #endif | ||
| 368 | 401 | ||
| 369 | A=c->h0; | 402 | A=c->h0; |
| 370 | B=c->h1; | 403 | B=c->h1; |
| @@ -374,101 +407,24 @@ void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num) | |||
| 374 | 407 | ||
| 375 | for (;;) | 408 | for (;;) |
| 376 | { | 409 | { |
| 377 | 410 | for (i=0;i<16;i++) | |
| 378 | HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l; | 411 | { HOST_c2l(data,l); X[i]=l; BODY_00_15(X[i]); } |
| 379 | BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l; | 412 | for (i=0;i<4;i++) |
| 380 | BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l; | 413 | { BODY_16_19(X[i], X[i+2], X[i+8], X[(i+13)&15]); } |
| 381 | BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l; | 414 | for (;i<24;i++) |
| 382 | BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l; | 415 | { BODY_20_39(X[i&15], X[(i+2)&15], X[(i+8)&15],X[(i+13)&15]); } |
| 383 | BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l; | 416 | for (i=0;i<20;i++) |
| 384 | BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l; | 417 | { BODY_40_59(X[(i+8)&15],X[(i+10)&15],X[i&15], X[(i+5)&15]); } |
| 385 | BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l; | 418 | for (i=4;i<24;i++) |
| 386 | BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l; | 419 | { BODY_60_79(X[(i+8)&15],X[(i+10)&15],X[i&15], X[(i+5)&15]); } |
| 387 | BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l; | 420 | |
| 388 | BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l; | 421 | c->h0=(c->h0+A)&0xffffffffL; |
| 389 | BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l; | 422 | c->h1=(c->h1+B)&0xffffffffL; |
| 390 | BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l; | 423 | c->h2=(c->h2+C)&0xffffffffL; |
| 391 | BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l; | 424 | c->h3=(c->h3+D)&0xffffffffL; |
| 392 | BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l; | 425 | c->h4=(c->h4+E)&0xffffffffL; |
| 393 | BODY_00_15(14,E,T,A,B,C,D,X(14)); | 426 | |
| 394 | BODY_00_15(15,D,E,T,A,B,C,X(15)); | 427 | if (--num == 0) break; |
| 395 | |||
| 396 | BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13)); | ||
| 397 | BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14)); | ||
| 398 | BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15)); | ||
| 399 | BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0)); | ||
| 400 | |||
| 401 | BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1)); | ||
| 402 | BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2)); | ||
| 403 | BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3)); | ||
| 404 | BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4)); | ||
| 405 | BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5)); | ||
| 406 | BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6)); | ||
| 407 | BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7)); | ||
| 408 | BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8)); | ||
| 409 | BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9)); | ||
| 410 | BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10)); | ||
| 411 | BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11)); | ||
| 412 | BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12)); | ||
| 413 | |||
| 414 | BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13)); | ||
| 415 | BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14)); | ||
| 416 | BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15)); | ||
| 417 | BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0)); | ||
| 418 | BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1)); | ||
| 419 | BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2)); | ||
| 420 | BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3)); | ||
| 421 | BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4)); | ||
| 422 | |||
| 423 | BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5)); | ||
| 424 | BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6)); | ||
| 425 | BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7)); | ||
| 426 | BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8)); | ||
| 427 | BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9)); | ||
| 428 | BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10)); | ||
| 429 | BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11)); | ||
| 430 | BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12)); | ||
| 431 | BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13)); | ||
| 432 | BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14)); | ||
| 433 | BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15)); | ||
| 434 | BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0)); | ||
| 435 | BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1)); | ||
| 436 | BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2)); | ||
| 437 | BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3)); | ||
| 438 | BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4)); | ||
| 439 | BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5)); | ||
| 440 | BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6)); | ||
| 441 | BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7)); | ||
| 442 | BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8)); | ||
| 443 | |||
| 444 | BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9)); | ||
| 445 | BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10)); | ||
| 446 | BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11)); | ||
| 447 | BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12)); | ||
| 448 | BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13)); | ||
| 449 | BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14)); | ||
| 450 | BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15)); | ||
| 451 | BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0)); | ||
| 452 | BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1)); | ||
| 453 | BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2)); | ||
| 454 | BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3)); | ||
| 455 | BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4)); | ||
| 456 | BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5)); | ||
| 457 | BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6)); | ||
| 458 | BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7)); | ||
| 459 | BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8)); | ||
| 460 | BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9)); | ||
| 461 | BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10)); | ||
| 462 | BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11)); | ||
| 463 | BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12)); | ||
| 464 | |||
| 465 | c->h0=(c->h0+E)&0xffffffffL; | ||
| 466 | c->h1=(c->h1+T)&0xffffffffL; | ||
| 467 | c->h2=(c->h2+A)&0xffffffffL; | ||
| 468 | c->h3=(c->h3+B)&0xffffffffL; | ||
| 469 | c->h4=(c->h4+C)&0xffffffffL; | ||
| 470 | |||
| 471 | if (--num <= 0) break; | ||
| 472 | 428 | ||
| 473 | A=c->h0; | 429 | A=c->h0; |
| 474 | B=c->h1; | 430 | B=c->h1; |
| @@ -479,3 +435,5 @@ void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num) | |||
| 479 | } | 435 | } |
| 480 | } | 436 | } |
| 481 | #endif | 437 | #endif |
| 438 | |||
| 439 | #endif | ||
diff --git a/src/lib/libcrypto/sha/sha_one.c b/src/lib/libcrypto/sha/sha_one.c index d4f4d344df..3bae623ce8 100644 --- a/src/lib/libcrypto/sha/sha_one.c +++ b/src/lib/libcrypto/sha/sha_one.c | |||
| @@ -62,7 +62,7 @@ | |||
| 62 | #include <openssl/crypto.h> | 62 | #include <openssl/crypto.h> |
| 63 | 63 | ||
| 64 | #ifndef OPENSSL_NO_SHA0 | 64 | #ifndef OPENSSL_NO_SHA0 |
| 65 | unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md) | 65 | unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md) |
| 66 | { | 66 | { |
| 67 | SHA_CTX c; | 67 | SHA_CTX c; |
| 68 | static unsigned char m[SHA_DIGEST_LENGTH]; | 68 | static unsigned char m[SHA_DIGEST_LENGTH]; |
diff --git a/src/lib/libcrypto/sha/shatest.c b/src/lib/libcrypto/sha/shatest.c index ff702aa53e..ed0fe06a7b 100644 --- a/src/lib/libcrypto/sha/shatest.c +++ b/src/lib/libcrypto/sha/shatest.c | |||
| @@ -106,7 +106,7 @@ static char *pt(unsigned char *md); | |||
| 106 | int main(int argc, char *argv[]) | 106 | int main(int argc, char *argv[]) |
| 107 | { | 107 | { |
| 108 | int i,err=0; | 108 | int i,err=0; |
| 109 | unsigned char **P,**R; | 109 | char **P,**R; |
| 110 | static unsigned char buf[1000]; | 110 | static unsigned char buf[1000]; |
| 111 | char *p,*r; | 111 | char *p,*r; |
| 112 | EVP_MD_CTX c; | 112 | EVP_MD_CTX c; |
| @@ -118,12 +118,12 @@ int main(int argc, char *argv[]) | |||
| 118 | #endif | 118 | #endif |
| 119 | 119 | ||
| 120 | EVP_MD_CTX_init(&c); | 120 | EVP_MD_CTX_init(&c); |
| 121 | P=(unsigned char **)test; | 121 | P=test; |
| 122 | R=(unsigned char **)ret; | 122 | R=ret; |
| 123 | i=1; | 123 | i=1; |
| 124 | while (*P != NULL) | 124 | while (*P != NULL) |
| 125 | { | 125 | { |
| 126 | EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha(), NULL); | 126 | EVP_Digest(*P,strlen((char *)*P),md,NULL,EVP_sha(), NULL); |
| 127 | p=pt(md); | 127 | p=pt(md); |
| 128 | if (strcmp(p,(char *)*R) != 0) | 128 | if (strcmp(p,(char *)*R) != 0) |
| 129 | { | 129 | { |
| @@ -157,6 +157,10 @@ int main(int argc, char *argv[]) | |||
| 157 | } | 157 | } |
| 158 | else | 158 | else |
| 159 | printf("test 3 ok\n"); | 159 | printf("test 3 ok\n"); |
| 160 | |||
| 161 | #ifdef OPENSSL_SYS_NETWARE | ||
| 162 | if (err) printf("ERROR: %d\n", err); | ||
| 163 | #endif | ||
| 160 | EVP_MD_CTX_cleanup(&c); | 164 | EVP_MD_CTX_cleanup(&c); |
| 161 | EXIT(err); | 165 | EXIT(err); |
| 162 | return(0); | 166 | return(0); |
diff --git a/src/lib/libcrypto/stack/safestack.h b/src/lib/libcrypto/stack/safestack.h index 6010b7f122..78cc485e6d 100644 --- a/src/lib/libcrypto/stack/safestack.h +++ b/src/lib/libcrypto/stack/safestack.h | |||
| @@ -55,13 +55,22 @@ | |||
| 55 | #ifndef HEADER_SAFESTACK_H | 55 | #ifndef HEADER_SAFESTACK_H |
| 56 | #define HEADER_SAFESTACK_H | 56 | #define HEADER_SAFESTACK_H |
| 57 | 57 | ||
| 58 | typedef void (*openssl_fptr)(void); | ||
| 59 | #define openssl_fcast(f) ((openssl_fptr)f) | ||
| 60 | |||
| 61 | #include <openssl/stack.h> | 58 | #include <openssl/stack.h> |
| 62 | 59 | ||
| 63 | #ifdef DEBUG_SAFESTACK | 60 | #ifdef DEBUG_SAFESTACK |
| 64 | 61 | ||
| 62 | #ifndef CHECKED_PTR_OF | ||
| 63 | #define CHECKED_PTR_OF(type, p) \ | ||
| 64 | ((void*) (1 ? p : (type*)0)) | ||
| 65 | #endif | ||
| 66 | |||
| 67 | #define CHECKED_SK_FREE_FUNC(type, p) \ | ||
| 68 | ((void (*)(void *)) ((1 ? p : (void (*)(type *))0))) | ||
| 69 | |||
| 70 | #define CHECKED_SK_CMP_FUNC(type, p) \ | ||
| 71 | ((int (*)(const char * const *, const char * const *)) \ | ||
| 72 | ((1 ? p : (int (*)(const type * const *, const type * const *))0))) | ||
| 73 | |||
| 65 | #define STACK_OF(type) struct stack_st_##type | 74 | #define STACK_OF(type) struct stack_st_##type |
| 66 | #define PREDECLARE_STACK_OF(type) STACK_OF(type); | 75 | #define PREDECLARE_STACK_OF(type) STACK_OF(type); |
| 67 | 76 | ||
| @@ -76,75 +85,71 @@ STACK_OF(type) \ | |||
| 76 | /* SKM_sk_... stack macros are internal to safestack.h: | 85 | /* SKM_sk_... stack macros are internal to safestack.h: |
| 77 | * never use them directly, use sk_<type>_... instead */ | 86 | * never use them directly, use sk_<type>_... instead */ |
| 78 | #define SKM_sk_new(type, cmp) \ | 87 | #define SKM_sk_new(type, cmp) \ |
| 79 | ((STACK_OF(type) * (*)(int (*)(const type * const *, const type * const *)))openssl_fcast(sk_new))(cmp) | 88 | ((STACK_OF(type) *)sk_new(CHECKED_SK_CMP_FUNC(type, cmp))) |
| 80 | #define SKM_sk_new_null(type) \ | 89 | #define SKM_sk_new_null(type) \ |
| 81 | ((STACK_OF(type) * (*)(void))openssl_fcast(sk_new_null))() | 90 | ((STACK_OF(type) *)sk_new_null()) |
| 82 | #define SKM_sk_free(type, st) \ | 91 | #define SKM_sk_free(type, st) \ |
| 83 | ((void (*)(STACK_OF(type) *))openssl_fcast(sk_free))(st) | 92 | sk_free(CHECKED_PTR_OF(STACK_OF(type), st)) |
| 84 | #define SKM_sk_num(type, st) \ | 93 | #define SKM_sk_num(type, st) \ |
| 85 | ((int (*)(const STACK_OF(type) *))openssl_fcast(sk_num))(st) | 94 | sk_num(CHECKED_PTR_OF(STACK_OF(type), st)) |
| 86 | #define SKM_sk_value(type, st,i) \ | 95 | #define SKM_sk_value(type, st,i) \ |
| 87 | ((type * (*)(const STACK_OF(type) *, int))openssl_fcast(sk_value))(st, i) | 96 | ((type *)sk_value(CHECKED_PTR_OF(STACK_OF(type), st), i)) |
| 88 | #define SKM_sk_set(type, st,i,val) \ | 97 | #define SKM_sk_set(type, st,i,val) \ |
| 89 | ((type * (*)(STACK_OF(type) *, int, type *))openssl_fcast(sk_set))(st, i, val) | 98 | sk_set(CHECKED_PTR_OF(STACK_OF(type), st), i, CHECKED_PTR_OF(type, val)) |
| 90 | #define SKM_sk_zero(type, st) \ | 99 | #define SKM_sk_zero(type, st) \ |
| 91 | ((void (*)(STACK_OF(type) *))openssl_fcast(sk_zero))(st) | 100 | sk_zero(CHECKED_PTR_OF(STACK_OF(type), st)) |
| 92 | #define SKM_sk_push(type, st,val) \ | 101 | #define SKM_sk_push(type, st,val) \ |
| 93 | ((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_push))(st, val) | 102 | sk_push(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val)) |
| 94 | #define SKM_sk_unshift(type, st,val) \ | 103 | #define SKM_sk_unshift(type, st,val) \ |
| 95 | ((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_unshift))(st, val) | 104 | sk_unshift(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val)) |
| 96 | #define SKM_sk_find(type, st,val) \ | 105 | #define SKM_sk_find(type, st,val) \ |
| 97 | ((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_find))(st, val) | 106 | sk_find(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val)) |
| 98 | #define SKM_sk_delete(type, st,i) \ | 107 | #define SKM_sk_delete(type, st,i) \ |
| 99 | ((type * (*)(STACK_OF(type) *, int))openssl_fcast(sk_delete))(st, i) | 108 | (type *)sk_delete(CHECKED_PTR_OF(STACK_OF(type), st), i) |
| 100 | #define SKM_sk_delete_ptr(type, st,ptr) \ | 109 | #define SKM_sk_delete_ptr(type, st,ptr) \ |
| 101 | ((type * (*)(STACK_OF(type) *, type *))openssl_fcast(sk_delete_ptr))(st, ptr) | 110 | (type *)sk_delete_ptr(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, ptr)) |
| 102 | #define SKM_sk_insert(type, st,val,i) \ | 111 | #define SKM_sk_insert(type, st,val,i) \ |
| 103 | ((int (*)(STACK_OF(type) *, type *, int))openssl_fcast(sk_insert))(st, val, i) | 112 | sk_insert(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val), i) |
| 104 | #define SKM_sk_set_cmp_func(type, st,cmp) \ | 113 | #define SKM_sk_set_cmp_func(type, st,cmp) \ |
| 105 | ((int (*(*)(STACK_OF(type) *, int (*)(const type * const *, const type * const *))) \ | 114 | ((int (*)(const type * const *,const type * const *)) \ |
| 106 | (const type * const *, const type * const *))openssl_fcast(sk_set_cmp_func))\ | 115 | sk_set_cmp_func(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_SK_CMP_FUNC(type, cmp))) |
| 107 | (st, cmp) | ||
| 108 | #define SKM_sk_dup(type, st) \ | 116 | #define SKM_sk_dup(type, st) \ |
| 109 | ((STACK_OF(type) *(*)(STACK_OF(type) *))openssl_fcast(sk_dup))(st) | 117 | (STACK_OF(type) *)sk_dup(CHECKED_PTR_OF(STACK_OF(type), st)) |
| 110 | #define SKM_sk_pop_free(type, st,free_func) \ | 118 | #define SKM_sk_pop_free(type, st,free_func) \ |
| 111 | ((void (*)(STACK_OF(type) *, void (*)(type *)))openssl_fcast(sk_pop_free))\ | 119 | sk_pop_free(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_SK_FREE_FUNC(type, free_func)) |
| 112 | (st, free_func) | ||
| 113 | #define SKM_sk_shift(type, st) \ | 120 | #define SKM_sk_shift(type, st) \ |
| 114 | ((type * (*)(STACK_OF(type) *))openssl_fcast(sk_shift))(st) | 121 | (type *)sk_shift(CHECKED_PTR_OF(STACK_OF(type), st)) |
| 115 | #define SKM_sk_pop(type, st) \ | 122 | #define SKM_sk_pop(type, st) \ |
| 116 | ((type * (*)(STACK_OF(type) *))openssl_fcast(sk_pop))(st) | 123 | (type *)sk_pop(CHECKED_PTR_OF(STACK_OF(type), st)) |
| 117 | #define SKM_sk_sort(type, st) \ | 124 | #define SKM_sk_sort(type, st) \ |
| 118 | ((void (*)(STACK_OF(type) *))openssl_fcast(sk_sort))(st) | 125 | sk_sort(CHECKED_PTR_OF(STACK_OF(type), st)) |
| 119 | #define SKM_sk_is_sorted(type, st) \ | 126 | #define SKM_sk_is_sorted(type, st) \ |
| 120 | ((int (*)(const STACK_OF(type) *))openssl_fcast(sk_is_sorted))(st) | 127 | sk_is_sorted(CHECKED_PTR_OF(STACK_OF(type), st)) |
| 121 | 128 | ||
| 122 | #define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ | 129 | #define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ |
| 123 | ((STACK_OF(type) * (*) (STACK_OF(type) **,unsigned char **, long , \ | 130 | (STACK_OF(type) *)d2i_ASN1_SET(CHECKED_PTR_OF(STACK_OF(type), st), \ |
| 124 | type *(*)(type **, unsigned char **,long), \ | 131 | pp, length, \ |
| 125 | void (*)(type *), int ,int )) openssl_fcast(d2i_ASN1_SET)) \ | 132 | CHECKED_D2I_OF(type, d2i_func), \ |
| 126 | (st,pp,length, d2i_func, free_func, ex_tag,ex_class) | 133 | CHECKED_SK_FREE_FUNC(type, free_func), \ |
| 134 | ex_tag, ex_class) | ||
| 135 | |||
| 127 | #define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \ | 136 | #define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \ |
| 128 | ((int (*)(STACK_OF(type) *,unsigned char **, \ | 137 | i2d_ASN1_SET(CHECKED_PTR_OF(STACK_OF(type), st), pp, \ |
| 129 | int (*)(type *,unsigned char **), int , int , int)) openssl_fcast(i2d_ASN1_SET)) \ | 138 | CHECKED_I2D_OF(type, i2d_func), \ |
| 130 | (st,pp,i2d_func,ex_tag,ex_class,is_set) | 139 | ex_tag, ex_class, is_set) |
| 131 | 140 | ||
| 132 | #define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \ | 141 | #define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \ |
| 133 | ((unsigned char *(*)(STACK_OF(type) *, \ | 142 | ASN1_seq_pack(CHECKED_PTR_OF(STACK_OF(type), st), \ |
| 134 | int (*)(type *,unsigned char **), unsigned char **,int *)) openssl_fcast(ASN1_seq_pack)) \ | 143 | CHECKED_I2D_OF(type, i2d_func), buf, len) |
| 135 | (st, i2d_func, buf, len) | 144 | |
| 136 | #define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \ | 145 | #define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \ |
| 137 | ((STACK_OF(type) * (*)(unsigned char *,int, \ | 146 | (STACK_OF(type) *)ASN1_seq_unpack(buf, len, CHECKED_D2I_OF(type, d2i_func), CHECKED_SK_FREE_FUNC(type, free_func)) |
| 138 | type *(*)(type **,unsigned char **, long), \ | ||
| 139 | void (*)(type *)))openssl_fcast(ASN1_seq_unpack)) \ | ||
| 140 | (buf,len,d2i_func, free_func) | ||
| 141 | 147 | ||
| 142 | #define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \ | 148 | #define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \ |
| 143 | ((STACK_OF(type) * (*)(X509_ALGOR *, \ | 149 | (STACK_OF(type) *)PKCS12_decrypt_d2i(algor, \ |
| 144 | type *(*)(type **, unsigned char **, long), void (*)(type *), \ | 150 | CHECKED_D2I_OF(type, d2i_func), \ |
| 145 | const char *, int, \ | 151 | CHECKED_SK_FREE_FUNC(type, free_func), \ |
| 146 | ASN1_STRING *, int))openssl_fcast(PKCS12_decrypt_d2i)) \ | 152 | pass, passlen, oct, seq) |
| 147 | (algor,d2i_func,free_func,pass,passlen,oct,seq) | ||
| 148 | 153 | ||
| 149 | #else | 154 | #else |
| 150 | 155 | ||
| @@ -170,7 +175,7 @@ STACK_OF(type) \ | |||
| 170 | #define SKM_sk_push(type, st,val) \ | 175 | #define SKM_sk_push(type, st,val) \ |
| 171 | sk_push(st, (char *)val) | 176 | sk_push(st, (char *)val) |
| 172 | #define SKM_sk_unshift(type, st,val) \ | 177 | #define SKM_sk_unshift(type, st,val) \ |
| 173 | sk_unshift(st, val) | 178 | sk_unshift(st, (char *)val) |
| 174 | #define SKM_sk_find(type, st,val) \ | 179 | #define SKM_sk_find(type, st,val) \ |
| 175 | sk_find(st, (char *)val) | 180 | sk_find(st, (char *)val) |
| 176 | #define SKM_sk_delete(type, st,i) \ | 181 | #define SKM_sk_delete(type, st,i) \ |
| @@ -196,14 +201,14 @@ STACK_OF(type) \ | |||
| 196 | sk_is_sorted(st) | 201 | sk_is_sorted(st) |
| 197 | 202 | ||
| 198 | #define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ | 203 | #define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ |
| 199 | d2i_ASN1_SET(st,pp,length, (char *(*)())d2i_func, (void (*)(void *))free_func, ex_tag,ex_class) | 204 | d2i_ASN1_SET(st,pp,length, (void *(*)(void ** ,const unsigned char ** ,long))d2i_func, (void (*)(void *))free_func, ex_tag,ex_class) |
| 200 | #define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \ | 205 | #define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \ |
| 201 | i2d_ASN1_SET(st,pp,i2d_func,ex_tag,ex_class,is_set) | 206 | i2d_ASN1_SET(st,pp,(int (*)(void *, unsigned char **))i2d_func,ex_tag,ex_class,is_set) |
| 202 | 207 | ||
| 203 | #define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \ | 208 | #define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \ |
| 204 | ASN1_seq_pack(st, i2d_func, buf, len) | 209 | ASN1_seq_pack(st, (int (*)(void *, unsigned char **))i2d_func, buf, len) |
| 205 | #define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \ | 210 | #define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \ |
| 206 | ASN1_seq_unpack(buf,len,(char *(*)())d2i_func, (void(*)(void *))free_func) | 211 | ASN1_seq_unpack(buf,len,(void *(*)(void **,const unsigned char **,long))d2i_func, (void(*)(void *))free_func) |
| 207 | 212 | ||
| 208 | #define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \ | 213 | #define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \ |
| 209 | ((STACK *)PKCS12_decrypt_d2i(algor,(char *(*)())d2i_func, (void(*)(void *))free_func,pass,passlen,oct,seq)) | 214 | ((STACK *)PKCS12_decrypt_d2i(algor,(char *(*)())d2i_func, (void(*)(void *))free_func,pass,passlen,oct,seq)) |
| @@ -221,6 +226,7 @@ STACK_OF(type) \ | |||
| 221 | #define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val)) | 226 | #define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val)) |
| 222 | #define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val)) | 227 | #define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val)) |
| 223 | #define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val)) | 228 | #define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val)) |
| 229 | #define sk_ACCESS_DESCRIPTION_find_ex(st, val) SKM_sk_find_ex(ACCESS_DESCRIPTION, (st), (val)) | ||
| 224 | #define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i)) | 230 | #define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i)) |
| 225 | #define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr)) | 231 | #define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr)) |
| 226 | #define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i)) | 232 | #define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i)) |
| @@ -232,6 +238,28 @@ STACK_OF(type) \ | |||
| 232 | #define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st)) | 238 | #define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st)) |
| 233 | #define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st)) | 239 | #define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st)) |
| 234 | 240 | ||
| 241 | #define sk_ASIdOrRange_new(st) SKM_sk_new(ASIdOrRange, (st)) | ||
| 242 | #define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange) | ||
| 243 | #define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st)) | ||
| 244 | #define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st)) | ||
| 245 | #define sk_ASIdOrRange_value(st, i) SKM_sk_value(ASIdOrRange, (st), (i)) | ||
| 246 | #define sk_ASIdOrRange_set(st, i, val) SKM_sk_set(ASIdOrRange, (st), (i), (val)) | ||
| 247 | #define sk_ASIdOrRange_zero(st) SKM_sk_zero(ASIdOrRange, (st)) | ||
| 248 | #define sk_ASIdOrRange_push(st, val) SKM_sk_push(ASIdOrRange, (st), (val)) | ||
| 249 | #define sk_ASIdOrRange_unshift(st, val) SKM_sk_unshift(ASIdOrRange, (st), (val)) | ||
| 250 | #define sk_ASIdOrRange_find(st, val) SKM_sk_find(ASIdOrRange, (st), (val)) | ||
| 251 | #define sk_ASIdOrRange_find_ex(st, val) SKM_sk_find_ex(ASIdOrRange, (st), (val)) | ||
| 252 | #define sk_ASIdOrRange_delete(st, i) SKM_sk_delete(ASIdOrRange, (st), (i)) | ||
| 253 | #define sk_ASIdOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASIdOrRange, (st), (ptr)) | ||
| 254 | #define sk_ASIdOrRange_insert(st, val, i) SKM_sk_insert(ASIdOrRange, (st), (val), (i)) | ||
| 255 | #define sk_ASIdOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASIdOrRange, (st), (cmp)) | ||
| 256 | #define sk_ASIdOrRange_dup(st) SKM_sk_dup(ASIdOrRange, st) | ||
| 257 | #define sk_ASIdOrRange_pop_free(st, free_func) SKM_sk_pop_free(ASIdOrRange, (st), (free_func)) | ||
| 258 | #define sk_ASIdOrRange_shift(st) SKM_sk_shift(ASIdOrRange, (st)) | ||
| 259 | #define sk_ASIdOrRange_pop(st) SKM_sk_pop(ASIdOrRange, (st)) | ||
| 260 | #define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st)) | ||
| 261 | #define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st)) | ||
| 262 | |||
| 235 | #define sk_ASN1_GENERALSTRING_new(st) SKM_sk_new(ASN1_GENERALSTRING, (st)) | 263 | #define sk_ASN1_GENERALSTRING_new(st) SKM_sk_new(ASN1_GENERALSTRING, (st)) |
| 236 | #define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING) | 264 | #define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING) |
| 237 | #define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st)) | 265 | #define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st)) |
| @@ -242,6 +270,7 @@ STACK_OF(type) \ | |||
| 242 | #define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val)) | 270 | #define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val)) |
| 243 | #define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val)) | 271 | #define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val)) |
| 244 | #define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val)) | 272 | #define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val)) |
| 273 | #define sk_ASN1_GENERALSTRING_find_ex(st, val) SKM_sk_find_ex(ASN1_GENERALSTRING, (st), (val)) | ||
| 245 | #define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i)) | 274 | #define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i)) |
| 246 | #define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr)) | 275 | #define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr)) |
| 247 | #define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i)) | 276 | #define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i)) |
| @@ -263,6 +292,7 @@ STACK_OF(type) \ | |||
| 263 | #define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val)) | 292 | #define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val)) |
| 264 | #define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val)) | 293 | #define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val)) |
| 265 | #define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val)) | 294 | #define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val)) |
| 295 | #define sk_ASN1_INTEGER_find_ex(st, val) SKM_sk_find_ex(ASN1_INTEGER, (st), (val)) | ||
| 266 | #define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i)) | 296 | #define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i)) |
| 267 | #define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr)) | 297 | #define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr)) |
| 268 | #define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i)) | 298 | #define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i)) |
| @@ -284,6 +314,7 @@ STACK_OF(type) \ | |||
| 284 | #define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val)) | 314 | #define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val)) |
| 285 | #define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val)) | 315 | #define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val)) |
| 286 | #define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val)) | 316 | #define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val)) |
| 317 | #define sk_ASN1_OBJECT_find_ex(st, val) SKM_sk_find_ex(ASN1_OBJECT, (st), (val)) | ||
| 287 | #define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i)) | 318 | #define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i)) |
| 288 | #define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr)) | 319 | #define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr)) |
| 289 | #define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i)) | 320 | #define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i)) |
| @@ -305,6 +336,7 @@ STACK_OF(type) \ | |||
| 305 | #define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val)) | 336 | #define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val)) |
| 306 | #define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val)) | 337 | #define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val)) |
| 307 | #define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val)) | 338 | #define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val)) |
| 339 | #define sk_ASN1_STRING_TABLE_find_ex(st, val) SKM_sk_find_ex(ASN1_STRING_TABLE, (st), (val)) | ||
| 308 | #define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i)) | 340 | #define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i)) |
| 309 | #define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr)) | 341 | #define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr)) |
| 310 | #define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i)) | 342 | #define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i)) |
| @@ -326,6 +358,7 @@ STACK_OF(type) \ | |||
| 326 | #define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val)) | 358 | #define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val)) |
| 327 | #define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val)) | 359 | #define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val)) |
| 328 | #define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val)) | 360 | #define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val)) |
| 361 | #define sk_ASN1_TYPE_find_ex(st, val) SKM_sk_find_ex(ASN1_TYPE, (st), (val)) | ||
| 329 | #define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i)) | 362 | #define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i)) |
| 330 | #define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr)) | 363 | #define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr)) |
| 331 | #define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i)) | 364 | #define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i)) |
| @@ -347,6 +380,7 @@ STACK_OF(type) \ | |||
| 347 | #define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val)) | 380 | #define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val)) |
| 348 | #define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val)) | 381 | #define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val)) |
| 349 | #define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val)) | 382 | #define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val)) |
| 383 | #define sk_ASN1_VALUE_find_ex(st, val) SKM_sk_find_ex(ASN1_VALUE, (st), (val)) | ||
| 350 | #define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i)) | 384 | #define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i)) |
| 351 | #define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr)) | 385 | #define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr)) |
| 352 | #define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i)) | 386 | #define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i)) |
| @@ -368,6 +402,7 @@ STACK_OF(type) \ | |||
| 368 | #define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val)) | 402 | #define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val)) |
| 369 | #define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val)) | 403 | #define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val)) |
| 370 | #define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val)) | 404 | #define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val)) |
| 405 | #define sk_BIO_find_ex(st, val) SKM_sk_find_ex(BIO, (st), (val)) | ||
| 371 | #define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i)) | 406 | #define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i)) |
| 372 | #define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr)) | 407 | #define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr)) |
| 373 | #define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i)) | 408 | #define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i)) |
| @@ -379,6 +414,94 @@ STACK_OF(type) \ | |||
| 379 | #define sk_BIO_sort(st) SKM_sk_sort(BIO, (st)) | 414 | #define sk_BIO_sort(st) SKM_sk_sort(BIO, (st)) |
| 380 | #define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st)) | 415 | #define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st)) |
| 381 | 416 | ||
| 417 | #define sk_CMS_CertificateChoices_new(st) SKM_sk_new(CMS_CertificateChoices, (st)) | ||
| 418 | #define sk_CMS_CertificateChoices_new_null() SKM_sk_new_null(CMS_CertificateChoices) | ||
| 419 | #define sk_CMS_CertificateChoices_free(st) SKM_sk_free(CMS_CertificateChoices, (st)) | ||
| 420 | #define sk_CMS_CertificateChoices_num(st) SKM_sk_num(CMS_CertificateChoices, (st)) | ||
| 421 | #define sk_CMS_CertificateChoices_value(st, i) SKM_sk_value(CMS_CertificateChoices, (st), (i)) | ||
| 422 | #define sk_CMS_CertificateChoices_set(st, i, val) SKM_sk_set(CMS_CertificateChoices, (st), (i), (val)) | ||
| 423 | #define sk_CMS_CertificateChoices_zero(st) SKM_sk_zero(CMS_CertificateChoices, (st)) | ||
| 424 | #define sk_CMS_CertificateChoices_push(st, val) SKM_sk_push(CMS_CertificateChoices, (st), (val)) | ||
| 425 | #define sk_CMS_CertificateChoices_unshift(st, val) SKM_sk_unshift(CMS_CertificateChoices, (st), (val)) | ||
| 426 | #define sk_CMS_CertificateChoices_find(st, val) SKM_sk_find(CMS_CertificateChoices, (st), (val)) | ||
| 427 | #define sk_CMS_CertificateChoices_find_ex(st, val) SKM_sk_find_ex(CMS_CertificateChoices, (st), (val)) | ||
| 428 | #define sk_CMS_CertificateChoices_delete(st, i) SKM_sk_delete(CMS_CertificateChoices, (st), (i)) | ||
| 429 | #define sk_CMS_CertificateChoices_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_CertificateChoices, (st), (ptr)) | ||
| 430 | #define sk_CMS_CertificateChoices_insert(st, val, i) SKM_sk_insert(CMS_CertificateChoices, (st), (val), (i)) | ||
| 431 | #define sk_CMS_CertificateChoices_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_CertificateChoices, (st), (cmp)) | ||
| 432 | #define sk_CMS_CertificateChoices_dup(st) SKM_sk_dup(CMS_CertificateChoices, st) | ||
| 433 | #define sk_CMS_CertificateChoices_pop_free(st, free_func) SKM_sk_pop_free(CMS_CertificateChoices, (st), (free_func)) | ||
| 434 | #define sk_CMS_CertificateChoices_shift(st) SKM_sk_shift(CMS_CertificateChoices, (st)) | ||
| 435 | #define sk_CMS_CertificateChoices_pop(st) SKM_sk_pop(CMS_CertificateChoices, (st)) | ||
| 436 | #define sk_CMS_CertificateChoices_sort(st) SKM_sk_sort(CMS_CertificateChoices, (st)) | ||
| 437 | #define sk_CMS_CertificateChoices_is_sorted(st) SKM_sk_is_sorted(CMS_CertificateChoices, (st)) | ||
| 438 | |||
| 439 | #define sk_CMS_RecipientInfo_new(st) SKM_sk_new(CMS_RecipientInfo, (st)) | ||
| 440 | #define sk_CMS_RecipientInfo_new_null() SKM_sk_new_null(CMS_RecipientInfo) | ||
| 441 | #define sk_CMS_RecipientInfo_free(st) SKM_sk_free(CMS_RecipientInfo, (st)) | ||
| 442 | #define sk_CMS_RecipientInfo_num(st) SKM_sk_num(CMS_RecipientInfo, (st)) | ||
| 443 | #define sk_CMS_RecipientInfo_value(st, i) SKM_sk_value(CMS_RecipientInfo, (st), (i)) | ||
| 444 | #define sk_CMS_RecipientInfo_set(st, i, val) SKM_sk_set(CMS_RecipientInfo, (st), (i), (val)) | ||
| 445 | #define sk_CMS_RecipientInfo_zero(st) SKM_sk_zero(CMS_RecipientInfo, (st)) | ||
| 446 | #define sk_CMS_RecipientInfo_push(st, val) SKM_sk_push(CMS_RecipientInfo, (st), (val)) | ||
| 447 | #define sk_CMS_RecipientInfo_unshift(st, val) SKM_sk_unshift(CMS_RecipientInfo, (st), (val)) | ||
| 448 | #define sk_CMS_RecipientInfo_find(st, val) SKM_sk_find(CMS_RecipientInfo, (st), (val)) | ||
| 449 | #define sk_CMS_RecipientInfo_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientInfo, (st), (val)) | ||
| 450 | #define sk_CMS_RecipientInfo_delete(st, i) SKM_sk_delete(CMS_RecipientInfo, (st), (i)) | ||
| 451 | #define sk_CMS_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientInfo, (st), (ptr)) | ||
| 452 | #define sk_CMS_RecipientInfo_insert(st, val, i) SKM_sk_insert(CMS_RecipientInfo, (st), (val), (i)) | ||
| 453 | #define sk_CMS_RecipientInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientInfo, (st), (cmp)) | ||
| 454 | #define sk_CMS_RecipientInfo_dup(st) SKM_sk_dup(CMS_RecipientInfo, st) | ||
| 455 | #define sk_CMS_RecipientInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientInfo, (st), (free_func)) | ||
| 456 | #define sk_CMS_RecipientInfo_shift(st) SKM_sk_shift(CMS_RecipientInfo, (st)) | ||
| 457 | #define sk_CMS_RecipientInfo_pop(st) SKM_sk_pop(CMS_RecipientInfo, (st)) | ||
| 458 | #define sk_CMS_RecipientInfo_sort(st) SKM_sk_sort(CMS_RecipientInfo, (st)) | ||
| 459 | #define sk_CMS_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientInfo, (st)) | ||
| 460 | |||
| 461 | #define sk_CMS_RevocationInfoChoice_new(st) SKM_sk_new(CMS_RevocationInfoChoice, (st)) | ||
| 462 | #define sk_CMS_RevocationInfoChoice_new_null() SKM_sk_new_null(CMS_RevocationInfoChoice) | ||
| 463 | #define sk_CMS_RevocationInfoChoice_free(st) SKM_sk_free(CMS_RevocationInfoChoice, (st)) | ||
| 464 | #define sk_CMS_RevocationInfoChoice_num(st) SKM_sk_num(CMS_RevocationInfoChoice, (st)) | ||
| 465 | #define sk_CMS_RevocationInfoChoice_value(st, i) SKM_sk_value(CMS_RevocationInfoChoice, (st), (i)) | ||
| 466 | #define sk_CMS_RevocationInfoChoice_set(st, i, val) SKM_sk_set(CMS_RevocationInfoChoice, (st), (i), (val)) | ||
| 467 | #define sk_CMS_RevocationInfoChoice_zero(st) SKM_sk_zero(CMS_RevocationInfoChoice, (st)) | ||
| 468 | #define sk_CMS_RevocationInfoChoice_push(st, val) SKM_sk_push(CMS_RevocationInfoChoice, (st), (val)) | ||
| 469 | #define sk_CMS_RevocationInfoChoice_unshift(st, val) SKM_sk_unshift(CMS_RevocationInfoChoice, (st), (val)) | ||
| 470 | #define sk_CMS_RevocationInfoChoice_find(st, val) SKM_sk_find(CMS_RevocationInfoChoice, (st), (val)) | ||
| 471 | #define sk_CMS_RevocationInfoChoice_find_ex(st, val) SKM_sk_find_ex(CMS_RevocationInfoChoice, (st), (val)) | ||
| 472 | #define sk_CMS_RevocationInfoChoice_delete(st, i) SKM_sk_delete(CMS_RevocationInfoChoice, (st), (i)) | ||
| 473 | #define sk_CMS_RevocationInfoChoice_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RevocationInfoChoice, (st), (ptr)) | ||
| 474 | #define sk_CMS_RevocationInfoChoice_insert(st, val, i) SKM_sk_insert(CMS_RevocationInfoChoice, (st), (val), (i)) | ||
| 475 | #define sk_CMS_RevocationInfoChoice_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RevocationInfoChoice, (st), (cmp)) | ||
| 476 | #define sk_CMS_RevocationInfoChoice_dup(st) SKM_sk_dup(CMS_RevocationInfoChoice, st) | ||
| 477 | #define sk_CMS_RevocationInfoChoice_pop_free(st, free_func) SKM_sk_pop_free(CMS_RevocationInfoChoice, (st), (free_func)) | ||
| 478 | #define sk_CMS_RevocationInfoChoice_shift(st) SKM_sk_shift(CMS_RevocationInfoChoice, (st)) | ||
| 479 | #define sk_CMS_RevocationInfoChoice_pop(st) SKM_sk_pop(CMS_RevocationInfoChoice, (st)) | ||
| 480 | #define sk_CMS_RevocationInfoChoice_sort(st) SKM_sk_sort(CMS_RevocationInfoChoice, (st)) | ||
| 481 | #define sk_CMS_RevocationInfoChoice_is_sorted(st) SKM_sk_is_sorted(CMS_RevocationInfoChoice, (st)) | ||
| 482 | |||
| 483 | #define sk_CMS_SignerInfo_new(st) SKM_sk_new(CMS_SignerInfo, (st)) | ||
| 484 | #define sk_CMS_SignerInfo_new_null() SKM_sk_new_null(CMS_SignerInfo) | ||
| 485 | #define sk_CMS_SignerInfo_free(st) SKM_sk_free(CMS_SignerInfo, (st)) | ||
| 486 | #define sk_CMS_SignerInfo_num(st) SKM_sk_num(CMS_SignerInfo, (st)) | ||
| 487 | #define sk_CMS_SignerInfo_value(st, i) SKM_sk_value(CMS_SignerInfo, (st), (i)) | ||
| 488 | #define sk_CMS_SignerInfo_set(st, i, val) SKM_sk_set(CMS_SignerInfo, (st), (i), (val)) | ||
| 489 | #define sk_CMS_SignerInfo_zero(st) SKM_sk_zero(CMS_SignerInfo, (st)) | ||
| 490 | #define sk_CMS_SignerInfo_push(st, val) SKM_sk_push(CMS_SignerInfo, (st), (val)) | ||
| 491 | #define sk_CMS_SignerInfo_unshift(st, val) SKM_sk_unshift(CMS_SignerInfo, (st), (val)) | ||
| 492 | #define sk_CMS_SignerInfo_find(st, val) SKM_sk_find(CMS_SignerInfo, (st), (val)) | ||
| 493 | #define sk_CMS_SignerInfo_find_ex(st, val) SKM_sk_find_ex(CMS_SignerInfo, (st), (val)) | ||
| 494 | #define sk_CMS_SignerInfo_delete(st, i) SKM_sk_delete(CMS_SignerInfo, (st), (i)) | ||
| 495 | #define sk_CMS_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_SignerInfo, (st), (ptr)) | ||
| 496 | #define sk_CMS_SignerInfo_insert(st, val, i) SKM_sk_insert(CMS_SignerInfo, (st), (val), (i)) | ||
| 497 | #define sk_CMS_SignerInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_SignerInfo, (st), (cmp)) | ||
| 498 | #define sk_CMS_SignerInfo_dup(st) SKM_sk_dup(CMS_SignerInfo, st) | ||
| 499 | #define sk_CMS_SignerInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_SignerInfo, (st), (free_func)) | ||
| 500 | #define sk_CMS_SignerInfo_shift(st) SKM_sk_shift(CMS_SignerInfo, (st)) | ||
| 501 | #define sk_CMS_SignerInfo_pop(st) SKM_sk_pop(CMS_SignerInfo, (st)) | ||
| 502 | #define sk_CMS_SignerInfo_sort(st) SKM_sk_sort(CMS_SignerInfo, (st)) | ||
| 503 | #define sk_CMS_SignerInfo_is_sorted(st) SKM_sk_is_sorted(CMS_SignerInfo, (st)) | ||
| 504 | |||
| 382 | #define sk_CONF_IMODULE_new(st) SKM_sk_new(CONF_IMODULE, (st)) | 505 | #define sk_CONF_IMODULE_new(st) SKM_sk_new(CONF_IMODULE, (st)) |
| 383 | #define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE) | 506 | #define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE) |
| 384 | #define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st)) | 507 | #define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st)) |
| @@ -389,6 +512,7 @@ STACK_OF(type) \ | |||
| 389 | #define sk_CONF_IMODULE_push(st, val) SKM_sk_push(CONF_IMODULE, (st), (val)) | 512 | #define sk_CONF_IMODULE_push(st, val) SKM_sk_push(CONF_IMODULE, (st), (val)) |
| 390 | #define sk_CONF_IMODULE_unshift(st, val) SKM_sk_unshift(CONF_IMODULE, (st), (val)) | 513 | #define sk_CONF_IMODULE_unshift(st, val) SKM_sk_unshift(CONF_IMODULE, (st), (val)) |
| 391 | #define sk_CONF_IMODULE_find(st, val) SKM_sk_find(CONF_IMODULE, (st), (val)) | 514 | #define sk_CONF_IMODULE_find(st, val) SKM_sk_find(CONF_IMODULE, (st), (val)) |
| 515 | #define sk_CONF_IMODULE_find_ex(st, val) SKM_sk_find_ex(CONF_IMODULE, (st), (val)) | ||
| 392 | #define sk_CONF_IMODULE_delete(st, i) SKM_sk_delete(CONF_IMODULE, (st), (i)) | 516 | #define sk_CONF_IMODULE_delete(st, i) SKM_sk_delete(CONF_IMODULE, (st), (i)) |
| 393 | #define sk_CONF_IMODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_IMODULE, (st), (ptr)) | 517 | #define sk_CONF_IMODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_IMODULE, (st), (ptr)) |
| 394 | #define sk_CONF_IMODULE_insert(st, val, i) SKM_sk_insert(CONF_IMODULE, (st), (val), (i)) | 518 | #define sk_CONF_IMODULE_insert(st, val, i) SKM_sk_insert(CONF_IMODULE, (st), (val), (i)) |
| @@ -410,6 +534,7 @@ STACK_OF(type) \ | |||
| 410 | #define sk_CONF_MODULE_push(st, val) SKM_sk_push(CONF_MODULE, (st), (val)) | 534 | #define sk_CONF_MODULE_push(st, val) SKM_sk_push(CONF_MODULE, (st), (val)) |
| 411 | #define sk_CONF_MODULE_unshift(st, val) SKM_sk_unshift(CONF_MODULE, (st), (val)) | 535 | #define sk_CONF_MODULE_unshift(st, val) SKM_sk_unshift(CONF_MODULE, (st), (val)) |
| 412 | #define sk_CONF_MODULE_find(st, val) SKM_sk_find(CONF_MODULE, (st), (val)) | 536 | #define sk_CONF_MODULE_find(st, val) SKM_sk_find(CONF_MODULE, (st), (val)) |
| 537 | #define sk_CONF_MODULE_find_ex(st, val) SKM_sk_find_ex(CONF_MODULE, (st), (val)) | ||
| 413 | #define sk_CONF_MODULE_delete(st, i) SKM_sk_delete(CONF_MODULE, (st), (i)) | 538 | #define sk_CONF_MODULE_delete(st, i) SKM_sk_delete(CONF_MODULE, (st), (i)) |
| 414 | #define sk_CONF_MODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_MODULE, (st), (ptr)) | 539 | #define sk_CONF_MODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_MODULE, (st), (ptr)) |
| 415 | #define sk_CONF_MODULE_insert(st, val, i) SKM_sk_insert(CONF_MODULE, (st), (val), (i)) | 540 | #define sk_CONF_MODULE_insert(st, val, i) SKM_sk_insert(CONF_MODULE, (st), (val), (i)) |
| @@ -431,6 +556,7 @@ STACK_OF(type) \ | |||
| 431 | #define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val)) | 556 | #define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val)) |
| 432 | #define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val)) | 557 | #define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val)) |
| 433 | #define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val)) | 558 | #define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val)) |
| 559 | #define sk_CONF_VALUE_find_ex(st, val) SKM_sk_find_ex(CONF_VALUE, (st), (val)) | ||
| 434 | #define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i)) | 560 | #define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i)) |
| 435 | #define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr)) | 561 | #define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr)) |
| 436 | #define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i)) | 562 | #define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i)) |
| @@ -452,6 +578,7 @@ STACK_OF(type) \ | |||
| 452 | #define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val)) | 578 | #define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val)) |
| 453 | #define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val)) | 579 | #define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val)) |
| 454 | #define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val)) | 580 | #define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val)) |
| 581 | #define sk_CRYPTO_EX_DATA_FUNCS_find_ex(st, val) SKM_sk_find_ex(CRYPTO_EX_DATA_FUNCS, (st), (val)) | ||
| 455 | #define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i)) | 582 | #define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i)) |
| 456 | #define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr)) | 583 | #define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr)) |
| 457 | #define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i)) | 584 | #define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i)) |
| @@ -473,6 +600,7 @@ STACK_OF(type) \ | |||
| 473 | #define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val)) | 600 | #define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val)) |
| 474 | #define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val)) | 601 | #define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val)) |
| 475 | #define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val)) | 602 | #define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val)) |
| 603 | #define sk_CRYPTO_dynlock_find_ex(st, val) SKM_sk_find_ex(CRYPTO_dynlock, (st), (val)) | ||
| 476 | #define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i)) | 604 | #define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i)) |
| 477 | #define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr)) | 605 | #define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr)) |
| 478 | #define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i)) | 606 | #define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i)) |
| @@ -494,6 +622,7 @@ STACK_OF(type) \ | |||
| 494 | #define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val)) | 622 | #define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val)) |
| 495 | #define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val)) | 623 | #define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val)) |
| 496 | #define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val)) | 624 | #define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val)) |
| 625 | #define sk_DIST_POINT_find_ex(st, val) SKM_sk_find_ex(DIST_POINT, (st), (val)) | ||
| 497 | #define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i)) | 626 | #define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i)) |
| 498 | #define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr)) | 627 | #define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr)) |
| 499 | #define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i)) | 628 | #define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i)) |
| @@ -515,6 +644,7 @@ STACK_OF(type) \ | |||
| 515 | #define sk_ENGINE_push(st, val) SKM_sk_push(ENGINE, (st), (val)) | 644 | #define sk_ENGINE_push(st, val) SKM_sk_push(ENGINE, (st), (val)) |
| 516 | #define sk_ENGINE_unshift(st, val) SKM_sk_unshift(ENGINE, (st), (val)) | 645 | #define sk_ENGINE_unshift(st, val) SKM_sk_unshift(ENGINE, (st), (val)) |
| 517 | #define sk_ENGINE_find(st, val) SKM_sk_find(ENGINE, (st), (val)) | 646 | #define sk_ENGINE_find(st, val) SKM_sk_find(ENGINE, (st), (val)) |
| 647 | #define sk_ENGINE_find_ex(st, val) SKM_sk_find_ex(ENGINE, (st), (val)) | ||
| 518 | #define sk_ENGINE_delete(st, i) SKM_sk_delete(ENGINE, (st), (i)) | 648 | #define sk_ENGINE_delete(st, i) SKM_sk_delete(ENGINE, (st), (i)) |
| 519 | #define sk_ENGINE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE, (st), (ptr)) | 649 | #define sk_ENGINE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE, (st), (ptr)) |
| 520 | #define sk_ENGINE_insert(st, val, i) SKM_sk_insert(ENGINE, (st), (val), (i)) | 650 | #define sk_ENGINE_insert(st, val, i) SKM_sk_insert(ENGINE, (st), (val), (i)) |
| @@ -536,6 +666,7 @@ STACK_OF(type) \ | |||
| 536 | #define sk_ENGINE_CLEANUP_ITEM_push(st, val) SKM_sk_push(ENGINE_CLEANUP_ITEM, (st), (val)) | 666 | #define sk_ENGINE_CLEANUP_ITEM_push(st, val) SKM_sk_push(ENGINE_CLEANUP_ITEM, (st), (val)) |
| 537 | #define sk_ENGINE_CLEANUP_ITEM_unshift(st, val) SKM_sk_unshift(ENGINE_CLEANUP_ITEM, (st), (val)) | 667 | #define sk_ENGINE_CLEANUP_ITEM_unshift(st, val) SKM_sk_unshift(ENGINE_CLEANUP_ITEM, (st), (val)) |
| 538 | #define sk_ENGINE_CLEANUP_ITEM_find(st, val) SKM_sk_find(ENGINE_CLEANUP_ITEM, (st), (val)) | 668 | #define sk_ENGINE_CLEANUP_ITEM_find(st, val) SKM_sk_find(ENGINE_CLEANUP_ITEM, (st), (val)) |
| 669 | #define sk_ENGINE_CLEANUP_ITEM_find_ex(st, val) SKM_sk_find_ex(ENGINE_CLEANUP_ITEM, (st), (val)) | ||
| 539 | #define sk_ENGINE_CLEANUP_ITEM_delete(st, i) SKM_sk_delete(ENGINE_CLEANUP_ITEM, (st), (i)) | 670 | #define sk_ENGINE_CLEANUP_ITEM_delete(st, i) SKM_sk_delete(ENGINE_CLEANUP_ITEM, (st), (i)) |
| 540 | #define sk_ENGINE_CLEANUP_ITEM_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE_CLEANUP_ITEM, (st), (ptr)) | 671 | #define sk_ENGINE_CLEANUP_ITEM_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE_CLEANUP_ITEM, (st), (ptr)) |
| 541 | #define sk_ENGINE_CLEANUP_ITEM_insert(st, val, i) SKM_sk_insert(ENGINE_CLEANUP_ITEM, (st), (val), (i)) | 672 | #define sk_ENGINE_CLEANUP_ITEM_insert(st, val, i) SKM_sk_insert(ENGINE_CLEANUP_ITEM, (st), (val), (i)) |
| @@ -557,6 +688,7 @@ STACK_OF(type) \ | |||
| 557 | #define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val)) | 688 | #define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val)) |
| 558 | #define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val)) | 689 | #define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val)) |
| 559 | #define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val)) | 690 | #define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val)) |
| 691 | #define sk_GENERAL_NAME_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAME, (st), (val)) | ||
| 560 | #define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i)) | 692 | #define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i)) |
| 561 | #define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr)) | 693 | #define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr)) |
| 562 | #define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i)) | 694 | #define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i)) |
| @@ -568,6 +700,94 @@ STACK_OF(type) \ | |||
| 568 | #define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st)) | 700 | #define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st)) |
| 569 | #define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st)) | 701 | #define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st)) |
| 570 | 702 | ||
| 703 | #define sk_GENERAL_NAMES_new(st) SKM_sk_new(GENERAL_NAMES, (st)) | ||
| 704 | #define sk_GENERAL_NAMES_new_null() SKM_sk_new_null(GENERAL_NAMES) | ||
| 705 | #define sk_GENERAL_NAMES_free(st) SKM_sk_free(GENERAL_NAMES, (st)) | ||
| 706 | #define sk_GENERAL_NAMES_num(st) SKM_sk_num(GENERAL_NAMES, (st)) | ||
| 707 | #define sk_GENERAL_NAMES_value(st, i) SKM_sk_value(GENERAL_NAMES, (st), (i)) | ||
| 708 | #define sk_GENERAL_NAMES_set(st, i, val) SKM_sk_set(GENERAL_NAMES, (st), (i), (val)) | ||
| 709 | #define sk_GENERAL_NAMES_zero(st) SKM_sk_zero(GENERAL_NAMES, (st)) | ||
| 710 | #define sk_GENERAL_NAMES_push(st, val) SKM_sk_push(GENERAL_NAMES, (st), (val)) | ||
| 711 | #define sk_GENERAL_NAMES_unshift(st, val) SKM_sk_unshift(GENERAL_NAMES, (st), (val)) | ||
| 712 | #define sk_GENERAL_NAMES_find(st, val) SKM_sk_find(GENERAL_NAMES, (st), (val)) | ||
| 713 | #define sk_GENERAL_NAMES_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAMES, (st), (val)) | ||
| 714 | #define sk_GENERAL_NAMES_delete(st, i) SKM_sk_delete(GENERAL_NAMES, (st), (i)) | ||
| 715 | #define sk_GENERAL_NAMES_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAMES, (st), (ptr)) | ||
| 716 | #define sk_GENERAL_NAMES_insert(st, val, i) SKM_sk_insert(GENERAL_NAMES, (st), (val), (i)) | ||
| 717 | #define sk_GENERAL_NAMES_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAMES, (st), (cmp)) | ||
| 718 | #define sk_GENERAL_NAMES_dup(st) SKM_sk_dup(GENERAL_NAMES, st) | ||
| 719 | #define sk_GENERAL_NAMES_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAMES, (st), (free_func)) | ||
| 720 | #define sk_GENERAL_NAMES_shift(st) SKM_sk_shift(GENERAL_NAMES, (st)) | ||
| 721 | #define sk_GENERAL_NAMES_pop(st) SKM_sk_pop(GENERAL_NAMES, (st)) | ||
| 722 | #define sk_GENERAL_NAMES_sort(st) SKM_sk_sort(GENERAL_NAMES, (st)) | ||
| 723 | #define sk_GENERAL_NAMES_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAMES, (st)) | ||
| 724 | |||
| 725 | #define sk_GENERAL_SUBTREE_new(st) SKM_sk_new(GENERAL_SUBTREE, (st)) | ||
| 726 | #define sk_GENERAL_SUBTREE_new_null() SKM_sk_new_null(GENERAL_SUBTREE) | ||
| 727 | #define sk_GENERAL_SUBTREE_free(st) SKM_sk_free(GENERAL_SUBTREE, (st)) | ||
| 728 | #define sk_GENERAL_SUBTREE_num(st) SKM_sk_num(GENERAL_SUBTREE, (st)) | ||
| 729 | #define sk_GENERAL_SUBTREE_value(st, i) SKM_sk_value(GENERAL_SUBTREE, (st), (i)) | ||
| 730 | #define sk_GENERAL_SUBTREE_set(st, i, val) SKM_sk_set(GENERAL_SUBTREE, (st), (i), (val)) | ||
| 731 | #define sk_GENERAL_SUBTREE_zero(st) SKM_sk_zero(GENERAL_SUBTREE, (st)) | ||
| 732 | #define sk_GENERAL_SUBTREE_push(st, val) SKM_sk_push(GENERAL_SUBTREE, (st), (val)) | ||
| 733 | #define sk_GENERAL_SUBTREE_unshift(st, val) SKM_sk_unshift(GENERAL_SUBTREE, (st), (val)) | ||
| 734 | #define sk_GENERAL_SUBTREE_find(st, val) SKM_sk_find(GENERAL_SUBTREE, (st), (val)) | ||
| 735 | #define sk_GENERAL_SUBTREE_find_ex(st, val) SKM_sk_find_ex(GENERAL_SUBTREE, (st), (val)) | ||
| 736 | #define sk_GENERAL_SUBTREE_delete(st, i) SKM_sk_delete(GENERAL_SUBTREE, (st), (i)) | ||
| 737 | #define sk_GENERAL_SUBTREE_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_SUBTREE, (st), (ptr)) | ||
| 738 | #define sk_GENERAL_SUBTREE_insert(st, val, i) SKM_sk_insert(GENERAL_SUBTREE, (st), (val), (i)) | ||
| 739 | #define sk_GENERAL_SUBTREE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_SUBTREE, (st), (cmp)) | ||
| 740 | #define sk_GENERAL_SUBTREE_dup(st) SKM_sk_dup(GENERAL_SUBTREE, st) | ||
| 741 | #define sk_GENERAL_SUBTREE_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_SUBTREE, (st), (free_func)) | ||
| 742 | #define sk_GENERAL_SUBTREE_shift(st) SKM_sk_shift(GENERAL_SUBTREE, (st)) | ||
| 743 | #define sk_GENERAL_SUBTREE_pop(st) SKM_sk_pop(GENERAL_SUBTREE, (st)) | ||
| 744 | #define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st)) | ||
| 745 | #define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st)) | ||
| 746 | |||
| 747 | #define sk_IPAddressFamily_new(st) SKM_sk_new(IPAddressFamily, (st)) | ||
| 748 | #define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily) | ||
| 749 | #define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st)) | ||
| 750 | #define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st)) | ||
| 751 | #define sk_IPAddressFamily_value(st, i) SKM_sk_value(IPAddressFamily, (st), (i)) | ||
| 752 | #define sk_IPAddressFamily_set(st, i, val) SKM_sk_set(IPAddressFamily, (st), (i), (val)) | ||
| 753 | #define sk_IPAddressFamily_zero(st) SKM_sk_zero(IPAddressFamily, (st)) | ||
| 754 | #define sk_IPAddressFamily_push(st, val) SKM_sk_push(IPAddressFamily, (st), (val)) | ||
| 755 | #define sk_IPAddressFamily_unshift(st, val) SKM_sk_unshift(IPAddressFamily, (st), (val)) | ||
| 756 | #define sk_IPAddressFamily_find(st, val) SKM_sk_find(IPAddressFamily, (st), (val)) | ||
| 757 | #define sk_IPAddressFamily_find_ex(st, val) SKM_sk_find_ex(IPAddressFamily, (st), (val)) | ||
| 758 | #define sk_IPAddressFamily_delete(st, i) SKM_sk_delete(IPAddressFamily, (st), (i)) | ||
| 759 | #define sk_IPAddressFamily_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressFamily, (st), (ptr)) | ||
| 760 | #define sk_IPAddressFamily_insert(st, val, i) SKM_sk_insert(IPAddressFamily, (st), (val), (i)) | ||
| 761 | #define sk_IPAddressFamily_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressFamily, (st), (cmp)) | ||
| 762 | #define sk_IPAddressFamily_dup(st) SKM_sk_dup(IPAddressFamily, st) | ||
| 763 | #define sk_IPAddressFamily_pop_free(st, free_func) SKM_sk_pop_free(IPAddressFamily, (st), (free_func)) | ||
| 764 | #define sk_IPAddressFamily_shift(st) SKM_sk_shift(IPAddressFamily, (st)) | ||
| 765 | #define sk_IPAddressFamily_pop(st) SKM_sk_pop(IPAddressFamily, (st)) | ||
| 766 | #define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st)) | ||
| 767 | #define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st)) | ||
| 768 | |||
| 769 | #define sk_IPAddressOrRange_new(st) SKM_sk_new(IPAddressOrRange, (st)) | ||
| 770 | #define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange) | ||
| 771 | #define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st)) | ||
| 772 | #define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st)) | ||
| 773 | #define sk_IPAddressOrRange_value(st, i) SKM_sk_value(IPAddressOrRange, (st), (i)) | ||
| 774 | #define sk_IPAddressOrRange_set(st, i, val) SKM_sk_set(IPAddressOrRange, (st), (i), (val)) | ||
| 775 | #define sk_IPAddressOrRange_zero(st) SKM_sk_zero(IPAddressOrRange, (st)) | ||
| 776 | #define sk_IPAddressOrRange_push(st, val) SKM_sk_push(IPAddressOrRange, (st), (val)) | ||
| 777 | #define sk_IPAddressOrRange_unshift(st, val) SKM_sk_unshift(IPAddressOrRange, (st), (val)) | ||
| 778 | #define sk_IPAddressOrRange_find(st, val) SKM_sk_find(IPAddressOrRange, (st), (val)) | ||
| 779 | #define sk_IPAddressOrRange_find_ex(st, val) SKM_sk_find_ex(IPAddressOrRange, (st), (val)) | ||
| 780 | #define sk_IPAddressOrRange_delete(st, i) SKM_sk_delete(IPAddressOrRange, (st), (i)) | ||
| 781 | #define sk_IPAddressOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressOrRange, (st), (ptr)) | ||
| 782 | #define sk_IPAddressOrRange_insert(st, val, i) SKM_sk_insert(IPAddressOrRange, (st), (val), (i)) | ||
| 783 | #define sk_IPAddressOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressOrRange, (st), (cmp)) | ||
| 784 | #define sk_IPAddressOrRange_dup(st) SKM_sk_dup(IPAddressOrRange, st) | ||
| 785 | #define sk_IPAddressOrRange_pop_free(st, free_func) SKM_sk_pop_free(IPAddressOrRange, (st), (free_func)) | ||
| 786 | #define sk_IPAddressOrRange_shift(st) SKM_sk_shift(IPAddressOrRange, (st)) | ||
| 787 | #define sk_IPAddressOrRange_pop(st) SKM_sk_pop(IPAddressOrRange, (st)) | ||
| 788 | #define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st)) | ||
| 789 | #define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st)) | ||
| 790 | |||
| 571 | #define sk_KRB5_APREQBODY_new(st) SKM_sk_new(KRB5_APREQBODY, (st)) | 791 | #define sk_KRB5_APREQBODY_new(st) SKM_sk_new(KRB5_APREQBODY, (st)) |
| 572 | #define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY) | 792 | #define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY) |
| 573 | #define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st)) | 793 | #define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st)) |
| @@ -578,6 +798,7 @@ STACK_OF(type) \ | |||
| 578 | #define sk_KRB5_APREQBODY_push(st, val) SKM_sk_push(KRB5_APREQBODY, (st), (val)) | 798 | #define sk_KRB5_APREQBODY_push(st, val) SKM_sk_push(KRB5_APREQBODY, (st), (val)) |
| 579 | #define sk_KRB5_APREQBODY_unshift(st, val) SKM_sk_unshift(KRB5_APREQBODY, (st), (val)) | 799 | #define sk_KRB5_APREQBODY_unshift(st, val) SKM_sk_unshift(KRB5_APREQBODY, (st), (val)) |
| 580 | #define sk_KRB5_APREQBODY_find(st, val) SKM_sk_find(KRB5_APREQBODY, (st), (val)) | 800 | #define sk_KRB5_APREQBODY_find(st, val) SKM_sk_find(KRB5_APREQBODY, (st), (val)) |
| 801 | #define sk_KRB5_APREQBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_APREQBODY, (st), (val)) | ||
| 581 | #define sk_KRB5_APREQBODY_delete(st, i) SKM_sk_delete(KRB5_APREQBODY, (st), (i)) | 802 | #define sk_KRB5_APREQBODY_delete(st, i) SKM_sk_delete(KRB5_APREQBODY, (st), (i)) |
| 582 | #define sk_KRB5_APREQBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_APREQBODY, (st), (ptr)) | 803 | #define sk_KRB5_APREQBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_APREQBODY, (st), (ptr)) |
| 583 | #define sk_KRB5_APREQBODY_insert(st, val, i) SKM_sk_insert(KRB5_APREQBODY, (st), (val), (i)) | 804 | #define sk_KRB5_APREQBODY_insert(st, val, i) SKM_sk_insert(KRB5_APREQBODY, (st), (val), (i)) |
| @@ -599,6 +820,7 @@ STACK_OF(type) \ | |||
| 599 | #define sk_KRB5_AUTHDATA_push(st, val) SKM_sk_push(KRB5_AUTHDATA, (st), (val)) | 820 | #define sk_KRB5_AUTHDATA_push(st, val) SKM_sk_push(KRB5_AUTHDATA, (st), (val)) |
| 600 | #define sk_KRB5_AUTHDATA_unshift(st, val) SKM_sk_unshift(KRB5_AUTHDATA, (st), (val)) | 821 | #define sk_KRB5_AUTHDATA_unshift(st, val) SKM_sk_unshift(KRB5_AUTHDATA, (st), (val)) |
| 601 | #define sk_KRB5_AUTHDATA_find(st, val) SKM_sk_find(KRB5_AUTHDATA, (st), (val)) | 822 | #define sk_KRB5_AUTHDATA_find(st, val) SKM_sk_find(KRB5_AUTHDATA, (st), (val)) |
| 823 | #define sk_KRB5_AUTHDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHDATA, (st), (val)) | ||
| 602 | #define sk_KRB5_AUTHDATA_delete(st, i) SKM_sk_delete(KRB5_AUTHDATA, (st), (i)) | 824 | #define sk_KRB5_AUTHDATA_delete(st, i) SKM_sk_delete(KRB5_AUTHDATA, (st), (i)) |
| 603 | #define sk_KRB5_AUTHDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHDATA, (st), (ptr)) | 825 | #define sk_KRB5_AUTHDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHDATA, (st), (ptr)) |
| 604 | #define sk_KRB5_AUTHDATA_insert(st, val, i) SKM_sk_insert(KRB5_AUTHDATA, (st), (val), (i)) | 826 | #define sk_KRB5_AUTHDATA_insert(st, val, i) SKM_sk_insert(KRB5_AUTHDATA, (st), (val), (i)) |
| @@ -620,6 +842,7 @@ STACK_OF(type) \ | |||
| 620 | #define sk_KRB5_AUTHENTBODY_push(st, val) SKM_sk_push(KRB5_AUTHENTBODY, (st), (val)) | 842 | #define sk_KRB5_AUTHENTBODY_push(st, val) SKM_sk_push(KRB5_AUTHENTBODY, (st), (val)) |
| 621 | #define sk_KRB5_AUTHENTBODY_unshift(st, val) SKM_sk_unshift(KRB5_AUTHENTBODY, (st), (val)) | 843 | #define sk_KRB5_AUTHENTBODY_unshift(st, val) SKM_sk_unshift(KRB5_AUTHENTBODY, (st), (val)) |
| 622 | #define sk_KRB5_AUTHENTBODY_find(st, val) SKM_sk_find(KRB5_AUTHENTBODY, (st), (val)) | 844 | #define sk_KRB5_AUTHENTBODY_find(st, val) SKM_sk_find(KRB5_AUTHENTBODY, (st), (val)) |
| 845 | #define sk_KRB5_AUTHENTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHENTBODY, (st), (val)) | ||
| 623 | #define sk_KRB5_AUTHENTBODY_delete(st, i) SKM_sk_delete(KRB5_AUTHENTBODY, (st), (i)) | 846 | #define sk_KRB5_AUTHENTBODY_delete(st, i) SKM_sk_delete(KRB5_AUTHENTBODY, (st), (i)) |
| 624 | #define sk_KRB5_AUTHENTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHENTBODY, (st), (ptr)) | 847 | #define sk_KRB5_AUTHENTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHENTBODY, (st), (ptr)) |
| 625 | #define sk_KRB5_AUTHENTBODY_insert(st, val, i) SKM_sk_insert(KRB5_AUTHENTBODY, (st), (val), (i)) | 848 | #define sk_KRB5_AUTHENTBODY_insert(st, val, i) SKM_sk_insert(KRB5_AUTHENTBODY, (st), (val), (i)) |
| @@ -641,6 +864,7 @@ STACK_OF(type) \ | |||
| 641 | #define sk_KRB5_CHECKSUM_push(st, val) SKM_sk_push(KRB5_CHECKSUM, (st), (val)) | 864 | #define sk_KRB5_CHECKSUM_push(st, val) SKM_sk_push(KRB5_CHECKSUM, (st), (val)) |
| 642 | #define sk_KRB5_CHECKSUM_unshift(st, val) SKM_sk_unshift(KRB5_CHECKSUM, (st), (val)) | 865 | #define sk_KRB5_CHECKSUM_unshift(st, val) SKM_sk_unshift(KRB5_CHECKSUM, (st), (val)) |
| 643 | #define sk_KRB5_CHECKSUM_find(st, val) SKM_sk_find(KRB5_CHECKSUM, (st), (val)) | 866 | #define sk_KRB5_CHECKSUM_find(st, val) SKM_sk_find(KRB5_CHECKSUM, (st), (val)) |
| 867 | #define sk_KRB5_CHECKSUM_find_ex(st, val) SKM_sk_find_ex(KRB5_CHECKSUM, (st), (val)) | ||
| 644 | #define sk_KRB5_CHECKSUM_delete(st, i) SKM_sk_delete(KRB5_CHECKSUM, (st), (i)) | 868 | #define sk_KRB5_CHECKSUM_delete(st, i) SKM_sk_delete(KRB5_CHECKSUM, (st), (i)) |
| 645 | #define sk_KRB5_CHECKSUM_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_CHECKSUM, (st), (ptr)) | 869 | #define sk_KRB5_CHECKSUM_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_CHECKSUM, (st), (ptr)) |
| 646 | #define sk_KRB5_CHECKSUM_insert(st, val, i) SKM_sk_insert(KRB5_CHECKSUM, (st), (val), (i)) | 870 | #define sk_KRB5_CHECKSUM_insert(st, val, i) SKM_sk_insert(KRB5_CHECKSUM, (st), (val), (i)) |
| @@ -662,6 +886,7 @@ STACK_OF(type) \ | |||
| 662 | #define sk_KRB5_ENCDATA_push(st, val) SKM_sk_push(KRB5_ENCDATA, (st), (val)) | 886 | #define sk_KRB5_ENCDATA_push(st, val) SKM_sk_push(KRB5_ENCDATA, (st), (val)) |
| 663 | #define sk_KRB5_ENCDATA_unshift(st, val) SKM_sk_unshift(KRB5_ENCDATA, (st), (val)) | 887 | #define sk_KRB5_ENCDATA_unshift(st, val) SKM_sk_unshift(KRB5_ENCDATA, (st), (val)) |
| 664 | #define sk_KRB5_ENCDATA_find(st, val) SKM_sk_find(KRB5_ENCDATA, (st), (val)) | 888 | #define sk_KRB5_ENCDATA_find(st, val) SKM_sk_find(KRB5_ENCDATA, (st), (val)) |
| 889 | #define sk_KRB5_ENCDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCDATA, (st), (val)) | ||
| 665 | #define sk_KRB5_ENCDATA_delete(st, i) SKM_sk_delete(KRB5_ENCDATA, (st), (i)) | 890 | #define sk_KRB5_ENCDATA_delete(st, i) SKM_sk_delete(KRB5_ENCDATA, (st), (i)) |
| 666 | #define sk_KRB5_ENCDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCDATA, (st), (ptr)) | 891 | #define sk_KRB5_ENCDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCDATA, (st), (ptr)) |
| 667 | #define sk_KRB5_ENCDATA_insert(st, val, i) SKM_sk_insert(KRB5_ENCDATA, (st), (val), (i)) | 892 | #define sk_KRB5_ENCDATA_insert(st, val, i) SKM_sk_insert(KRB5_ENCDATA, (st), (val), (i)) |
| @@ -683,6 +908,7 @@ STACK_OF(type) \ | |||
| 683 | #define sk_KRB5_ENCKEY_push(st, val) SKM_sk_push(KRB5_ENCKEY, (st), (val)) | 908 | #define sk_KRB5_ENCKEY_push(st, val) SKM_sk_push(KRB5_ENCKEY, (st), (val)) |
| 684 | #define sk_KRB5_ENCKEY_unshift(st, val) SKM_sk_unshift(KRB5_ENCKEY, (st), (val)) | 909 | #define sk_KRB5_ENCKEY_unshift(st, val) SKM_sk_unshift(KRB5_ENCKEY, (st), (val)) |
| 685 | #define sk_KRB5_ENCKEY_find(st, val) SKM_sk_find(KRB5_ENCKEY, (st), (val)) | 910 | #define sk_KRB5_ENCKEY_find(st, val) SKM_sk_find(KRB5_ENCKEY, (st), (val)) |
| 911 | #define sk_KRB5_ENCKEY_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCKEY, (st), (val)) | ||
| 686 | #define sk_KRB5_ENCKEY_delete(st, i) SKM_sk_delete(KRB5_ENCKEY, (st), (i)) | 912 | #define sk_KRB5_ENCKEY_delete(st, i) SKM_sk_delete(KRB5_ENCKEY, (st), (i)) |
| 687 | #define sk_KRB5_ENCKEY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCKEY, (st), (ptr)) | 913 | #define sk_KRB5_ENCKEY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCKEY, (st), (ptr)) |
| 688 | #define sk_KRB5_ENCKEY_insert(st, val, i) SKM_sk_insert(KRB5_ENCKEY, (st), (val), (i)) | 914 | #define sk_KRB5_ENCKEY_insert(st, val, i) SKM_sk_insert(KRB5_ENCKEY, (st), (val), (i)) |
| @@ -704,6 +930,7 @@ STACK_OF(type) \ | |||
| 704 | #define sk_KRB5_PRINCNAME_push(st, val) SKM_sk_push(KRB5_PRINCNAME, (st), (val)) | 930 | #define sk_KRB5_PRINCNAME_push(st, val) SKM_sk_push(KRB5_PRINCNAME, (st), (val)) |
| 705 | #define sk_KRB5_PRINCNAME_unshift(st, val) SKM_sk_unshift(KRB5_PRINCNAME, (st), (val)) | 931 | #define sk_KRB5_PRINCNAME_unshift(st, val) SKM_sk_unshift(KRB5_PRINCNAME, (st), (val)) |
| 706 | #define sk_KRB5_PRINCNAME_find(st, val) SKM_sk_find(KRB5_PRINCNAME, (st), (val)) | 932 | #define sk_KRB5_PRINCNAME_find(st, val) SKM_sk_find(KRB5_PRINCNAME, (st), (val)) |
| 933 | #define sk_KRB5_PRINCNAME_find_ex(st, val) SKM_sk_find_ex(KRB5_PRINCNAME, (st), (val)) | ||
| 707 | #define sk_KRB5_PRINCNAME_delete(st, i) SKM_sk_delete(KRB5_PRINCNAME, (st), (i)) | 934 | #define sk_KRB5_PRINCNAME_delete(st, i) SKM_sk_delete(KRB5_PRINCNAME, (st), (i)) |
| 708 | #define sk_KRB5_PRINCNAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_PRINCNAME, (st), (ptr)) | 935 | #define sk_KRB5_PRINCNAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_PRINCNAME, (st), (ptr)) |
| 709 | #define sk_KRB5_PRINCNAME_insert(st, val, i) SKM_sk_insert(KRB5_PRINCNAME, (st), (val), (i)) | 936 | #define sk_KRB5_PRINCNAME_insert(st, val, i) SKM_sk_insert(KRB5_PRINCNAME, (st), (val), (i)) |
| @@ -725,6 +952,7 @@ STACK_OF(type) \ | |||
| 725 | #define sk_KRB5_TKTBODY_push(st, val) SKM_sk_push(KRB5_TKTBODY, (st), (val)) | 952 | #define sk_KRB5_TKTBODY_push(st, val) SKM_sk_push(KRB5_TKTBODY, (st), (val)) |
| 726 | #define sk_KRB5_TKTBODY_unshift(st, val) SKM_sk_unshift(KRB5_TKTBODY, (st), (val)) | 953 | #define sk_KRB5_TKTBODY_unshift(st, val) SKM_sk_unshift(KRB5_TKTBODY, (st), (val)) |
| 727 | #define sk_KRB5_TKTBODY_find(st, val) SKM_sk_find(KRB5_TKTBODY, (st), (val)) | 954 | #define sk_KRB5_TKTBODY_find(st, val) SKM_sk_find(KRB5_TKTBODY, (st), (val)) |
| 955 | #define sk_KRB5_TKTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_TKTBODY, (st), (val)) | ||
| 728 | #define sk_KRB5_TKTBODY_delete(st, i) SKM_sk_delete(KRB5_TKTBODY, (st), (i)) | 956 | #define sk_KRB5_TKTBODY_delete(st, i) SKM_sk_delete(KRB5_TKTBODY, (st), (i)) |
| 729 | #define sk_KRB5_TKTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_TKTBODY, (st), (ptr)) | 957 | #define sk_KRB5_TKTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_TKTBODY, (st), (ptr)) |
| 730 | #define sk_KRB5_TKTBODY_insert(st, val, i) SKM_sk_insert(KRB5_TKTBODY, (st), (val), (i)) | 958 | #define sk_KRB5_TKTBODY_insert(st, val, i) SKM_sk_insert(KRB5_TKTBODY, (st), (val), (i)) |
| @@ -746,6 +974,7 @@ STACK_OF(type) \ | |||
| 746 | #define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val)) | 974 | #define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val)) |
| 747 | #define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val)) | 975 | #define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val)) |
| 748 | #define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val)) | 976 | #define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val)) |
| 977 | #define sk_MIME_HEADER_find_ex(st, val) SKM_sk_find_ex(MIME_HEADER, (st), (val)) | ||
| 749 | #define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i)) | 978 | #define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i)) |
| 750 | #define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr)) | 979 | #define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr)) |
| 751 | #define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i)) | 980 | #define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i)) |
| @@ -767,6 +996,7 @@ STACK_OF(type) \ | |||
| 767 | #define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val)) | 996 | #define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val)) |
| 768 | #define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val)) | 997 | #define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val)) |
| 769 | #define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val)) | 998 | #define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val)) |
| 999 | #define sk_MIME_PARAM_find_ex(st, val) SKM_sk_find_ex(MIME_PARAM, (st), (val)) | ||
| 770 | #define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i)) | 1000 | #define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i)) |
| 771 | #define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr)) | 1001 | #define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr)) |
| 772 | #define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i)) | 1002 | #define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i)) |
| @@ -788,6 +1018,7 @@ STACK_OF(type) \ | |||
| 788 | #define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val)) | 1018 | #define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val)) |
| 789 | #define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val)) | 1019 | #define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val)) |
| 790 | #define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val)) | 1020 | #define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val)) |
| 1021 | #define sk_NAME_FUNCS_find_ex(st, val) SKM_sk_find_ex(NAME_FUNCS, (st), (val)) | ||
| 791 | #define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i)) | 1022 | #define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i)) |
| 792 | #define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr)) | 1023 | #define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr)) |
| 793 | #define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i)) | 1024 | #define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i)) |
| @@ -809,6 +1040,7 @@ STACK_OF(type) \ | |||
| 809 | #define sk_OCSP_CERTID_push(st, val) SKM_sk_push(OCSP_CERTID, (st), (val)) | 1040 | #define sk_OCSP_CERTID_push(st, val) SKM_sk_push(OCSP_CERTID, (st), (val)) |
| 810 | #define sk_OCSP_CERTID_unshift(st, val) SKM_sk_unshift(OCSP_CERTID, (st), (val)) | 1041 | #define sk_OCSP_CERTID_unshift(st, val) SKM_sk_unshift(OCSP_CERTID, (st), (val)) |
| 811 | #define sk_OCSP_CERTID_find(st, val) SKM_sk_find(OCSP_CERTID, (st), (val)) | 1042 | #define sk_OCSP_CERTID_find(st, val) SKM_sk_find(OCSP_CERTID, (st), (val)) |
| 1043 | #define sk_OCSP_CERTID_find_ex(st, val) SKM_sk_find_ex(OCSP_CERTID, (st), (val)) | ||
| 812 | #define sk_OCSP_CERTID_delete(st, i) SKM_sk_delete(OCSP_CERTID, (st), (i)) | 1044 | #define sk_OCSP_CERTID_delete(st, i) SKM_sk_delete(OCSP_CERTID, (st), (i)) |
| 813 | #define sk_OCSP_CERTID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_CERTID, (st), (ptr)) | 1045 | #define sk_OCSP_CERTID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_CERTID, (st), (ptr)) |
| 814 | #define sk_OCSP_CERTID_insert(st, val, i) SKM_sk_insert(OCSP_CERTID, (st), (val), (i)) | 1046 | #define sk_OCSP_CERTID_insert(st, val, i) SKM_sk_insert(OCSP_CERTID, (st), (val), (i)) |
| @@ -830,6 +1062,7 @@ STACK_OF(type) \ | |||
| 830 | #define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val)) | 1062 | #define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val)) |
| 831 | #define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val)) | 1063 | #define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val)) |
| 832 | #define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val)) | 1064 | #define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val)) |
| 1065 | #define sk_OCSP_ONEREQ_find_ex(st, val) SKM_sk_find_ex(OCSP_ONEREQ, (st), (val)) | ||
| 833 | #define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i)) | 1066 | #define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i)) |
| 834 | #define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr)) | 1067 | #define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr)) |
| 835 | #define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i)) | 1068 | #define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i)) |
| @@ -841,6 +1074,28 @@ STACK_OF(type) \ | |||
| 841 | #define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st)) | 1074 | #define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st)) |
| 842 | #define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st)) | 1075 | #define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st)) |
| 843 | 1076 | ||
| 1077 | #define sk_OCSP_RESPID_new(st) SKM_sk_new(OCSP_RESPID, (st)) | ||
| 1078 | #define sk_OCSP_RESPID_new_null() SKM_sk_new_null(OCSP_RESPID) | ||
| 1079 | #define sk_OCSP_RESPID_free(st) SKM_sk_free(OCSP_RESPID, (st)) | ||
| 1080 | #define sk_OCSP_RESPID_num(st) SKM_sk_num(OCSP_RESPID, (st)) | ||
| 1081 | #define sk_OCSP_RESPID_value(st, i) SKM_sk_value(OCSP_RESPID, (st), (i)) | ||
| 1082 | #define sk_OCSP_RESPID_set(st, i, val) SKM_sk_set(OCSP_RESPID, (st), (i), (val)) | ||
| 1083 | #define sk_OCSP_RESPID_zero(st) SKM_sk_zero(OCSP_RESPID, (st)) | ||
| 1084 | #define sk_OCSP_RESPID_push(st, val) SKM_sk_push(OCSP_RESPID, (st), (val)) | ||
| 1085 | #define sk_OCSP_RESPID_unshift(st, val) SKM_sk_unshift(OCSP_RESPID, (st), (val)) | ||
| 1086 | #define sk_OCSP_RESPID_find(st, val) SKM_sk_find(OCSP_RESPID, (st), (val)) | ||
| 1087 | #define sk_OCSP_RESPID_find_ex(st, val) SKM_sk_find_ex(OCSP_RESPID, (st), (val)) | ||
| 1088 | #define sk_OCSP_RESPID_delete(st, i) SKM_sk_delete(OCSP_RESPID, (st), (i)) | ||
| 1089 | #define sk_OCSP_RESPID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_RESPID, (st), (ptr)) | ||
| 1090 | #define sk_OCSP_RESPID_insert(st, val, i) SKM_sk_insert(OCSP_RESPID, (st), (val), (i)) | ||
| 1091 | #define sk_OCSP_RESPID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_RESPID, (st), (cmp)) | ||
| 1092 | #define sk_OCSP_RESPID_dup(st) SKM_sk_dup(OCSP_RESPID, st) | ||
| 1093 | #define sk_OCSP_RESPID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_RESPID, (st), (free_func)) | ||
| 1094 | #define sk_OCSP_RESPID_shift(st) SKM_sk_shift(OCSP_RESPID, (st)) | ||
| 1095 | #define sk_OCSP_RESPID_pop(st) SKM_sk_pop(OCSP_RESPID, (st)) | ||
| 1096 | #define sk_OCSP_RESPID_sort(st) SKM_sk_sort(OCSP_RESPID, (st)) | ||
| 1097 | #define sk_OCSP_RESPID_is_sorted(st) SKM_sk_is_sorted(OCSP_RESPID, (st)) | ||
| 1098 | |||
| 844 | #define sk_OCSP_SINGLERESP_new(st) SKM_sk_new(OCSP_SINGLERESP, (st)) | 1099 | #define sk_OCSP_SINGLERESP_new(st) SKM_sk_new(OCSP_SINGLERESP, (st)) |
| 845 | #define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP) | 1100 | #define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP) |
| 846 | #define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st)) | 1101 | #define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st)) |
| @@ -851,6 +1106,7 @@ STACK_OF(type) \ | |||
| 851 | #define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val)) | 1106 | #define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val)) |
| 852 | #define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val)) | 1107 | #define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val)) |
| 853 | #define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val)) | 1108 | #define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val)) |
| 1109 | #define sk_OCSP_SINGLERESP_find_ex(st, val) SKM_sk_find_ex(OCSP_SINGLERESP, (st), (val)) | ||
| 854 | #define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i)) | 1110 | #define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i)) |
| 855 | #define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr)) | 1111 | #define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr)) |
| 856 | #define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i)) | 1112 | #define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i)) |
| @@ -872,6 +1128,7 @@ STACK_OF(type) \ | |||
| 872 | #define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val)) | 1128 | #define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val)) |
| 873 | #define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val)) | 1129 | #define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val)) |
| 874 | #define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val)) | 1130 | #define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val)) |
| 1131 | #define sk_PKCS12_SAFEBAG_find_ex(st, val) SKM_sk_find_ex(PKCS12_SAFEBAG, (st), (val)) | ||
| 875 | #define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i)) | 1132 | #define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i)) |
| 876 | #define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr)) | 1133 | #define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr)) |
| 877 | #define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i)) | 1134 | #define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i)) |
| @@ -893,6 +1150,7 @@ STACK_OF(type) \ | |||
| 893 | #define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val)) | 1150 | #define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val)) |
| 894 | #define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val)) | 1151 | #define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val)) |
| 895 | #define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val)) | 1152 | #define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val)) |
| 1153 | #define sk_PKCS7_find_ex(st, val) SKM_sk_find_ex(PKCS7, (st), (val)) | ||
| 896 | #define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i)) | 1154 | #define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i)) |
| 897 | #define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr)) | 1155 | #define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr)) |
| 898 | #define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i)) | 1156 | #define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i)) |
| @@ -914,6 +1172,7 @@ STACK_OF(type) \ | |||
| 914 | #define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val)) | 1172 | #define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val)) |
| 915 | #define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val)) | 1173 | #define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val)) |
| 916 | #define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val)) | 1174 | #define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val)) |
| 1175 | #define sk_PKCS7_RECIP_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_RECIP_INFO, (st), (val)) | ||
| 917 | #define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i)) | 1176 | #define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i)) |
| 918 | #define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr)) | 1177 | #define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr)) |
| 919 | #define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i)) | 1178 | #define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i)) |
| @@ -935,6 +1194,7 @@ STACK_OF(type) \ | |||
| 935 | #define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val)) | 1194 | #define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val)) |
| 936 | #define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val)) | 1195 | #define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val)) |
| 937 | #define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val)) | 1196 | #define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val)) |
| 1197 | #define sk_PKCS7_SIGNER_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_SIGNER_INFO, (st), (val)) | ||
| 938 | #define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i)) | 1198 | #define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i)) |
| 939 | #define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr)) | 1199 | #define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr)) |
| 940 | #define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i)) | 1200 | #define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i)) |
| @@ -956,6 +1216,7 @@ STACK_OF(type) \ | |||
| 956 | #define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val)) | 1216 | #define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val)) |
| 957 | #define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val)) | 1217 | #define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val)) |
| 958 | #define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val)) | 1218 | #define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val)) |
| 1219 | #define sk_POLICYINFO_find_ex(st, val) SKM_sk_find_ex(POLICYINFO, (st), (val)) | ||
| 959 | #define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i)) | 1220 | #define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i)) |
| 960 | #define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr)) | 1221 | #define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr)) |
| 961 | #define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i)) | 1222 | #define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i)) |
| @@ -977,6 +1238,7 @@ STACK_OF(type) \ | |||
| 977 | #define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val)) | 1238 | #define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val)) |
| 978 | #define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val)) | 1239 | #define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val)) |
| 979 | #define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val)) | 1240 | #define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val)) |
| 1241 | #define sk_POLICYQUALINFO_find_ex(st, val) SKM_sk_find_ex(POLICYQUALINFO, (st), (val)) | ||
| 980 | #define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i)) | 1242 | #define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i)) |
| 981 | #define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr)) | 1243 | #define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr)) |
| 982 | #define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i)) | 1244 | #define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i)) |
| @@ -988,6 +1250,28 @@ STACK_OF(type) \ | |||
| 988 | #define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st)) | 1250 | #define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st)) |
| 989 | #define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st)) | 1251 | #define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st)) |
| 990 | 1252 | ||
| 1253 | #define sk_POLICY_MAPPING_new(st) SKM_sk_new(POLICY_MAPPING, (st)) | ||
| 1254 | #define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING) | ||
| 1255 | #define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st)) | ||
| 1256 | #define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st)) | ||
| 1257 | #define sk_POLICY_MAPPING_value(st, i) SKM_sk_value(POLICY_MAPPING, (st), (i)) | ||
| 1258 | #define sk_POLICY_MAPPING_set(st, i, val) SKM_sk_set(POLICY_MAPPING, (st), (i), (val)) | ||
| 1259 | #define sk_POLICY_MAPPING_zero(st) SKM_sk_zero(POLICY_MAPPING, (st)) | ||
| 1260 | #define sk_POLICY_MAPPING_push(st, val) SKM_sk_push(POLICY_MAPPING, (st), (val)) | ||
| 1261 | #define sk_POLICY_MAPPING_unshift(st, val) SKM_sk_unshift(POLICY_MAPPING, (st), (val)) | ||
| 1262 | #define sk_POLICY_MAPPING_find(st, val) SKM_sk_find(POLICY_MAPPING, (st), (val)) | ||
| 1263 | #define sk_POLICY_MAPPING_find_ex(st, val) SKM_sk_find_ex(POLICY_MAPPING, (st), (val)) | ||
| 1264 | #define sk_POLICY_MAPPING_delete(st, i) SKM_sk_delete(POLICY_MAPPING, (st), (i)) | ||
| 1265 | #define sk_POLICY_MAPPING_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICY_MAPPING, (st), (ptr)) | ||
| 1266 | #define sk_POLICY_MAPPING_insert(st, val, i) SKM_sk_insert(POLICY_MAPPING, (st), (val), (i)) | ||
| 1267 | #define sk_POLICY_MAPPING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICY_MAPPING, (st), (cmp)) | ||
| 1268 | #define sk_POLICY_MAPPING_dup(st) SKM_sk_dup(POLICY_MAPPING, st) | ||
| 1269 | #define sk_POLICY_MAPPING_pop_free(st, free_func) SKM_sk_pop_free(POLICY_MAPPING, (st), (free_func)) | ||
| 1270 | #define sk_POLICY_MAPPING_shift(st) SKM_sk_shift(POLICY_MAPPING, (st)) | ||
| 1271 | #define sk_POLICY_MAPPING_pop(st) SKM_sk_pop(POLICY_MAPPING, (st)) | ||
| 1272 | #define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st)) | ||
| 1273 | #define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st)) | ||
| 1274 | |||
| 991 | #define sk_SSL_CIPHER_new(st) SKM_sk_new(SSL_CIPHER, (st)) | 1275 | #define sk_SSL_CIPHER_new(st) SKM_sk_new(SSL_CIPHER, (st)) |
| 992 | #define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER) | 1276 | #define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER) |
| 993 | #define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st)) | 1277 | #define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st)) |
| @@ -998,6 +1282,7 @@ STACK_OF(type) \ | |||
| 998 | #define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val)) | 1282 | #define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val)) |
| 999 | #define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val)) | 1283 | #define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val)) |
| 1000 | #define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val)) | 1284 | #define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val)) |
| 1285 | #define sk_SSL_CIPHER_find_ex(st, val) SKM_sk_find_ex(SSL_CIPHER, (st), (val)) | ||
| 1001 | #define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i)) | 1286 | #define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i)) |
| 1002 | #define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr)) | 1287 | #define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr)) |
| 1003 | #define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i)) | 1288 | #define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i)) |
| @@ -1019,6 +1304,7 @@ STACK_OF(type) \ | |||
| 1019 | #define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val)) | 1304 | #define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val)) |
| 1020 | #define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val)) | 1305 | #define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val)) |
| 1021 | #define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val)) | 1306 | #define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val)) |
| 1307 | #define sk_SSL_COMP_find_ex(st, val) SKM_sk_find_ex(SSL_COMP, (st), (val)) | ||
| 1022 | #define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i)) | 1308 | #define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i)) |
| 1023 | #define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr)) | 1309 | #define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr)) |
| 1024 | #define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i)) | 1310 | #define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i)) |
| @@ -1030,6 +1316,28 @@ STACK_OF(type) \ | |||
| 1030 | #define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st)) | 1316 | #define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st)) |
| 1031 | #define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st)) | 1317 | #define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st)) |
| 1032 | 1318 | ||
| 1319 | #define sk_STORE_OBJECT_new(st) SKM_sk_new(STORE_OBJECT, (st)) | ||
| 1320 | #define sk_STORE_OBJECT_new_null() SKM_sk_new_null(STORE_OBJECT) | ||
| 1321 | #define sk_STORE_OBJECT_free(st) SKM_sk_free(STORE_OBJECT, (st)) | ||
| 1322 | #define sk_STORE_OBJECT_num(st) SKM_sk_num(STORE_OBJECT, (st)) | ||
| 1323 | #define sk_STORE_OBJECT_value(st, i) SKM_sk_value(STORE_OBJECT, (st), (i)) | ||
| 1324 | #define sk_STORE_OBJECT_set(st, i, val) SKM_sk_set(STORE_OBJECT, (st), (i), (val)) | ||
| 1325 | #define sk_STORE_OBJECT_zero(st) SKM_sk_zero(STORE_OBJECT, (st)) | ||
| 1326 | #define sk_STORE_OBJECT_push(st, val) SKM_sk_push(STORE_OBJECT, (st), (val)) | ||
| 1327 | #define sk_STORE_OBJECT_unshift(st, val) SKM_sk_unshift(STORE_OBJECT, (st), (val)) | ||
| 1328 | #define sk_STORE_OBJECT_find(st, val) SKM_sk_find(STORE_OBJECT, (st), (val)) | ||
| 1329 | #define sk_STORE_OBJECT_find_ex(st, val) SKM_sk_find_ex(STORE_OBJECT, (st), (val)) | ||
| 1330 | #define sk_STORE_OBJECT_delete(st, i) SKM_sk_delete(STORE_OBJECT, (st), (i)) | ||
| 1331 | #define sk_STORE_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_OBJECT, (st), (ptr)) | ||
| 1332 | #define sk_STORE_OBJECT_insert(st, val, i) SKM_sk_insert(STORE_OBJECT, (st), (val), (i)) | ||
| 1333 | #define sk_STORE_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_OBJECT, (st), (cmp)) | ||
| 1334 | #define sk_STORE_OBJECT_dup(st) SKM_sk_dup(STORE_OBJECT, st) | ||
| 1335 | #define sk_STORE_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(STORE_OBJECT, (st), (free_func)) | ||
| 1336 | #define sk_STORE_OBJECT_shift(st) SKM_sk_shift(STORE_OBJECT, (st)) | ||
| 1337 | #define sk_STORE_OBJECT_pop(st) SKM_sk_pop(STORE_OBJECT, (st)) | ||
| 1338 | #define sk_STORE_OBJECT_sort(st) SKM_sk_sort(STORE_OBJECT, (st)) | ||
| 1339 | #define sk_STORE_OBJECT_is_sorted(st) SKM_sk_is_sorted(STORE_OBJECT, (st)) | ||
| 1340 | |||
| 1033 | #define sk_SXNETID_new(st) SKM_sk_new(SXNETID, (st)) | 1341 | #define sk_SXNETID_new(st) SKM_sk_new(SXNETID, (st)) |
| 1034 | #define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID) | 1342 | #define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID) |
| 1035 | #define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st)) | 1343 | #define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st)) |
| @@ -1040,6 +1348,7 @@ STACK_OF(type) \ | |||
| 1040 | #define sk_SXNETID_push(st, val) SKM_sk_push(SXNETID, (st), (val)) | 1348 | #define sk_SXNETID_push(st, val) SKM_sk_push(SXNETID, (st), (val)) |
| 1041 | #define sk_SXNETID_unshift(st, val) SKM_sk_unshift(SXNETID, (st), (val)) | 1349 | #define sk_SXNETID_unshift(st, val) SKM_sk_unshift(SXNETID, (st), (val)) |
| 1042 | #define sk_SXNETID_find(st, val) SKM_sk_find(SXNETID, (st), (val)) | 1350 | #define sk_SXNETID_find(st, val) SKM_sk_find(SXNETID, (st), (val)) |
| 1351 | #define sk_SXNETID_find_ex(st, val) SKM_sk_find_ex(SXNETID, (st), (val)) | ||
| 1043 | #define sk_SXNETID_delete(st, i) SKM_sk_delete(SXNETID, (st), (i)) | 1352 | #define sk_SXNETID_delete(st, i) SKM_sk_delete(SXNETID, (st), (i)) |
| 1044 | #define sk_SXNETID_delete_ptr(st, ptr) SKM_sk_delete_ptr(SXNETID, (st), (ptr)) | 1353 | #define sk_SXNETID_delete_ptr(st, ptr) SKM_sk_delete_ptr(SXNETID, (st), (ptr)) |
| 1045 | #define sk_SXNETID_insert(st, val, i) SKM_sk_insert(SXNETID, (st), (val), (i)) | 1354 | #define sk_SXNETID_insert(st, val, i) SKM_sk_insert(SXNETID, (st), (val), (i)) |
| @@ -1061,6 +1370,7 @@ STACK_OF(type) \ | |||
| 1061 | #define sk_UI_STRING_push(st, val) SKM_sk_push(UI_STRING, (st), (val)) | 1370 | #define sk_UI_STRING_push(st, val) SKM_sk_push(UI_STRING, (st), (val)) |
| 1062 | #define sk_UI_STRING_unshift(st, val) SKM_sk_unshift(UI_STRING, (st), (val)) | 1371 | #define sk_UI_STRING_unshift(st, val) SKM_sk_unshift(UI_STRING, (st), (val)) |
| 1063 | #define sk_UI_STRING_find(st, val) SKM_sk_find(UI_STRING, (st), (val)) | 1372 | #define sk_UI_STRING_find(st, val) SKM_sk_find(UI_STRING, (st), (val)) |
| 1373 | #define sk_UI_STRING_find_ex(st, val) SKM_sk_find_ex(UI_STRING, (st), (val)) | ||
| 1064 | #define sk_UI_STRING_delete(st, i) SKM_sk_delete(UI_STRING, (st), (i)) | 1374 | #define sk_UI_STRING_delete(st, i) SKM_sk_delete(UI_STRING, (st), (i)) |
| 1065 | #define sk_UI_STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(UI_STRING, (st), (ptr)) | 1375 | #define sk_UI_STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(UI_STRING, (st), (ptr)) |
| 1066 | #define sk_UI_STRING_insert(st, val, i) SKM_sk_insert(UI_STRING, (st), (val), (i)) | 1376 | #define sk_UI_STRING_insert(st, val, i) SKM_sk_insert(UI_STRING, (st), (val), (i)) |
| @@ -1082,6 +1392,7 @@ STACK_OF(type) \ | |||
| 1082 | #define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val)) | 1392 | #define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val)) |
| 1083 | #define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val)) | 1393 | #define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val)) |
| 1084 | #define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val)) | 1394 | #define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val)) |
| 1395 | #define sk_X509_find_ex(st, val) SKM_sk_find_ex(X509, (st), (val)) | ||
| 1085 | #define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i)) | 1396 | #define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i)) |
| 1086 | #define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr)) | 1397 | #define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr)) |
| 1087 | #define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i)) | 1398 | #define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i)) |
| @@ -1103,6 +1414,7 @@ STACK_OF(type) \ | |||
| 1103 | #define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val)) | 1414 | #define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val)) |
| 1104 | #define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val)) | 1415 | #define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val)) |
| 1105 | #define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val)) | 1416 | #define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val)) |
| 1417 | #define sk_X509V3_EXT_METHOD_find_ex(st, val) SKM_sk_find_ex(X509V3_EXT_METHOD, (st), (val)) | ||
| 1106 | #define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i)) | 1418 | #define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i)) |
| 1107 | #define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr)) | 1419 | #define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr)) |
| 1108 | #define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i)) | 1420 | #define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i)) |
| @@ -1124,6 +1436,7 @@ STACK_OF(type) \ | |||
| 1124 | #define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val)) | 1436 | #define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val)) |
| 1125 | #define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val)) | 1437 | #define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val)) |
| 1126 | #define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val)) | 1438 | #define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val)) |
| 1439 | #define sk_X509_ALGOR_find_ex(st, val) SKM_sk_find_ex(X509_ALGOR, (st), (val)) | ||
| 1127 | #define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i)) | 1440 | #define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i)) |
| 1128 | #define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr)) | 1441 | #define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr)) |
| 1129 | #define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i)) | 1442 | #define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i)) |
| @@ -1145,6 +1458,7 @@ STACK_OF(type) \ | |||
| 1145 | #define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val)) | 1458 | #define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val)) |
| 1146 | #define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val)) | 1459 | #define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val)) |
| 1147 | #define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val)) | 1460 | #define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val)) |
| 1461 | #define sk_X509_ATTRIBUTE_find_ex(st, val) SKM_sk_find_ex(X509_ATTRIBUTE, (st), (val)) | ||
| 1148 | #define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i)) | 1462 | #define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i)) |
| 1149 | #define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr)) | 1463 | #define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr)) |
| 1150 | #define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i)) | 1464 | #define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i)) |
| @@ -1166,6 +1480,7 @@ STACK_OF(type) \ | |||
| 1166 | #define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val)) | 1480 | #define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val)) |
| 1167 | #define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val)) | 1481 | #define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val)) |
| 1168 | #define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val)) | 1482 | #define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val)) |
| 1483 | #define sk_X509_CRL_find_ex(st, val) SKM_sk_find_ex(X509_CRL, (st), (val)) | ||
| 1169 | #define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i)) | 1484 | #define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i)) |
| 1170 | #define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr)) | 1485 | #define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr)) |
| 1171 | #define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i)) | 1486 | #define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i)) |
| @@ -1187,6 +1502,7 @@ STACK_OF(type) \ | |||
| 1187 | #define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val)) | 1502 | #define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val)) |
| 1188 | #define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val)) | 1503 | #define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val)) |
| 1189 | #define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val)) | 1504 | #define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val)) |
| 1505 | #define sk_X509_EXTENSION_find_ex(st, val) SKM_sk_find_ex(X509_EXTENSION, (st), (val)) | ||
| 1190 | #define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i)) | 1506 | #define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i)) |
| 1191 | #define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr)) | 1507 | #define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr)) |
| 1192 | #define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i)) | 1508 | #define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i)) |
| @@ -1208,6 +1524,7 @@ STACK_OF(type) \ | |||
| 1208 | #define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val)) | 1524 | #define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val)) |
| 1209 | #define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val)) | 1525 | #define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val)) |
| 1210 | #define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val)) | 1526 | #define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val)) |
| 1527 | #define sk_X509_INFO_find_ex(st, val) SKM_sk_find_ex(X509_INFO, (st), (val)) | ||
| 1211 | #define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i)) | 1528 | #define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i)) |
| 1212 | #define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr)) | 1529 | #define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr)) |
| 1213 | #define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i)) | 1530 | #define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i)) |
| @@ -1229,6 +1546,7 @@ STACK_OF(type) \ | |||
| 1229 | #define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val)) | 1546 | #define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val)) |
| 1230 | #define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val)) | 1547 | #define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val)) |
| 1231 | #define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val)) | 1548 | #define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val)) |
| 1549 | #define sk_X509_LOOKUP_find_ex(st, val) SKM_sk_find_ex(X509_LOOKUP, (st), (val)) | ||
| 1232 | #define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i)) | 1550 | #define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i)) |
| 1233 | #define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr)) | 1551 | #define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr)) |
| 1234 | #define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i)) | 1552 | #define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i)) |
| @@ -1250,6 +1568,7 @@ STACK_OF(type) \ | |||
| 1250 | #define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val)) | 1568 | #define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val)) |
| 1251 | #define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val)) | 1569 | #define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val)) |
| 1252 | #define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val)) | 1570 | #define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val)) |
| 1571 | #define sk_X509_NAME_find_ex(st, val) SKM_sk_find_ex(X509_NAME, (st), (val)) | ||
| 1253 | #define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i)) | 1572 | #define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i)) |
| 1254 | #define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr)) | 1573 | #define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr)) |
| 1255 | #define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i)) | 1574 | #define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i)) |
| @@ -1271,6 +1590,7 @@ STACK_OF(type) \ | |||
| 1271 | #define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val)) | 1590 | #define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val)) |
| 1272 | #define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val)) | 1591 | #define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val)) |
| 1273 | #define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val)) | 1592 | #define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val)) |
| 1593 | #define sk_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(X509_NAME_ENTRY, (st), (val)) | ||
| 1274 | #define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i)) | 1594 | #define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i)) |
| 1275 | #define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr)) | 1595 | #define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr)) |
| 1276 | #define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i)) | 1596 | #define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i)) |
| @@ -1292,6 +1612,7 @@ STACK_OF(type) \ | |||
| 1292 | #define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val)) | 1612 | #define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val)) |
| 1293 | #define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val)) | 1613 | #define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val)) |
| 1294 | #define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val)) | 1614 | #define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val)) |
| 1615 | #define sk_X509_OBJECT_find_ex(st, val) SKM_sk_find_ex(X509_OBJECT, (st), (val)) | ||
| 1295 | #define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i)) | 1616 | #define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i)) |
| 1296 | #define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr)) | 1617 | #define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr)) |
| 1297 | #define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i)) | 1618 | #define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i)) |
| @@ -1303,6 +1624,72 @@ STACK_OF(type) \ | |||
| 1303 | #define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st)) | 1624 | #define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st)) |
| 1304 | #define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st)) | 1625 | #define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st)) |
| 1305 | 1626 | ||
| 1627 | #define sk_X509_POLICY_DATA_new(st) SKM_sk_new(X509_POLICY_DATA, (st)) | ||
| 1628 | #define sk_X509_POLICY_DATA_new_null() SKM_sk_new_null(X509_POLICY_DATA) | ||
| 1629 | #define sk_X509_POLICY_DATA_free(st) SKM_sk_free(X509_POLICY_DATA, (st)) | ||
| 1630 | #define sk_X509_POLICY_DATA_num(st) SKM_sk_num(X509_POLICY_DATA, (st)) | ||
| 1631 | #define sk_X509_POLICY_DATA_value(st, i) SKM_sk_value(X509_POLICY_DATA, (st), (i)) | ||
| 1632 | #define sk_X509_POLICY_DATA_set(st, i, val) SKM_sk_set(X509_POLICY_DATA, (st), (i), (val)) | ||
| 1633 | #define sk_X509_POLICY_DATA_zero(st) SKM_sk_zero(X509_POLICY_DATA, (st)) | ||
| 1634 | #define sk_X509_POLICY_DATA_push(st, val) SKM_sk_push(X509_POLICY_DATA, (st), (val)) | ||
| 1635 | #define sk_X509_POLICY_DATA_unshift(st, val) SKM_sk_unshift(X509_POLICY_DATA, (st), (val)) | ||
| 1636 | #define sk_X509_POLICY_DATA_find(st, val) SKM_sk_find(X509_POLICY_DATA, (st), (val)) | ||
| 1637 | #define sk_X509_POLICY_DATA_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_DATA, (st), (val)) | ||
| 1638 | #define sk_X509_POLICY_DATA_delete(st, i) SKM_sk_delete(X509_POLICY_DATA, (st), (i)) | ||
| 1639 | #define sk_X509_POLICY_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_DATA, (st), (ptr)) | ||
| 1640 | #define sk_X509_POLICY_DATA_insert(st, val, i) SKM_sk_insert(X509_POLICY_DATA, (st), (val), (i)) | ||
| 1641 | #define sk_X509_POLICY_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_DATA, (st), (cmp)) | ||
| 1642 | #define sk_X509_POLICY_DATA_dup(st) SKM_sk_dup(X509_POLICY_DATA, st) | ||
| 1643 | #define sk_X509_POLICY_DATA_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_DATA, (st), (free_func)) | ||
| 1644 | #define sk_X509_POLICY_DATA_shift(st) SKM_sk_shift(X509_POLICY_DATA, (st)) | ||
| 1645 | #define sk_X509_POLICY_DATA_pop(st) SKM_sk_pop(X509_POLICY_DATA, (st)) | ||
| 1646 | #define sk_X509_POLICY_DATA_sort(st) SKM_sk_sort(X509_POLICY_DATA, (st)) | ||
| 1647 | #define sk_X509_POLICY_DATA_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_DATA, (st)) | ||
| 1648 | |||
| 1649 | #define sk_X509_POLICY_NODE_new(st) SKM_sk_new(X509_POLICY_NODE, (st)) | ||
| 1650 | #define sk_X509_POLICY_NODE_new_null() SKM_sk_new_null(X509_POLICY_NODE) | ||
| 1651 | #define sk_X509_POLICY_NODE_free(st) SKM_sk_free(X509_POLICY_NODE, (st)) | ||
| 1652 | #define sk_X509_POLICY_NODE_num(st) SKM_sk_num(X509_POLICY_NODE, (st)) | ||
| 1653 | #define sk_X509_POLICY_NODE_value(st, i) SKM_sk_value(X509_POLICY_NODE, (st), (i)) | ||
| 1654 | #define sk_X509_POLICY_NODE_set(st, i, val) SKM_sk_set(X509_POLICY_NODE, (st), (i), (val)) | ||
| 1655 | #define sk_X509_POLICY_NODE_zero(st) SKM_sk_zero(X509_POLICY_NODE, (st)) | ||
| 1656 | #define sk_X509_POLICY_NODE_push(st, val) SKM_sk_push(X509_POLICY_NODE, (st), (val)) | ||
| 1657 | #define sk_X509_POLICY_NODE_unshift(st, val) SKM_sk_unshift(X509_POLICY_NODE, (st), (val)) | ||
| 1658 | #define sk_X509_POLICY_NODE_find(st, val) SKM_sk_find(X509_POLICY_NODE, (st), (val)) | ||
| 1659 | #define sk_X509_POLICY_NODE_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_NODE, (st), (val)) | ||
| 1660 | #define sk_X509_POLICY_NODE_delete(st, i) SKM_sk_delete(X509_POLICY_NODE, (st), (i)) | ||
| 1661 | #define sk_X509_POLICY_NODE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_NODE, (st), (ptr)) | ||
| 1662 | #define sk_X509_POLICY_NODE_insert(st, val, i) SKM_sk_insert(X509_POLICY_NODE, (st), (val), (i)) | ||
| 1663 | #define sk_X509_POLICY_NODE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_NODE, (st), (cmp)) | ||
| 1664 | #define sk_X509_POLICY_NODE_dup(st) SKM_sk_dup(X509_POLICY_NODE, st) | ||
| 1665 | #define sk_X509_POLICY_NODE_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_NODE, (st), (free_func)) | ||
| 1666 | #define sk_X509_POLICY_NODE_shift(st) SKM_sk_shift(X509_POLICY_NODE, (st)) | ||
| 1667 | #define sk_X509_POLICY_NODE_pop(st) SKM_sk_pop(X509_POLICY_NODE, (st)) | ||
| 1668 | #define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st)) | ||
| 1669 | #define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st)) | ||
| 1670 | |||
| 1671 | #define sk_X509_POLICY_REF_new(st) SKM_sk_new(X509_POLICY_REF, (st)) | ||
| 1672 | #define sk_X509_POLICY_REF_new_null() SKM_sk_new_null(X509_POLICY_REF) | ||
| 1673 | #define sk_X509_POLICY_REF_free(st) SKM_sk_free(X509_POLICY_REF, (st)) | ||
| 1674 | #define sk_X509_POLICY_REF_num(st) SKM_sk_num(X509_POLICY_REF, (st)) | ||
| 1675 | #define sk_X509_POLICY_REF_value(st, i) SKM_sk_value(X509_POLICY_REF, (st), (i)) | ||
| 1676 | #define sk_X509_POLICY_REF_set(st, i, val) SKM_sk_set(X509_POLICY_REF, (st), (i), (val)) | ||
| 1677 | #define sk_X509_POLICY_REF_zero(st) SKM_sk_zero(X509_POLICY_REF, (st)) | ||
| 1678 | #define sk_X509_POLICY_REF_push(st, val) SKM_sk_push(X509_POLICY_REF, (st), (val)) | ||
| 1679 | #define sk_X509_POLICY_REF_unshift(st, val) SKM_sk_unshift(X509_POLICY_REF, (st), (val)) | ||
| 1680 | #define sk_X509_POLICY_REF_find(st, val) SKM_sk_find(X509_POLICY_REF, (st), (val)) | ||
| 1681 | #define sk_X509_POLICY_REF_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_REF, (st), (val)) | ||
| 1682 | #define sk_X509_POLICY_REF_delete(st, i) SKM_sk_delete(X509_POLICY_REF, (st), (i)) | ||
| 1683 | #define sk_X509_POLICY_REF_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_REF, (st), (ptr)) | ||
| 1684 | #define sk_X509_POLICY_REF_insert(st, val, i) SKM_sk_insert(X509_POLICY_REF, (st), (val), (i)) | ||
| 1685 | #define sk_X509_POLICY_REF_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_REF, (st), (cmp)) | ||
| 1686 | #define sk_X509_POLICY_REF_dup(st) SKM_sk_dup(X509_POLICY_REF, st) | ||
| 1687 | #define sk_X509_POLICY_REF_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_REF, (st), (free_func)) | ||
| 1688 | #define sk_X509_POLICY_REF_shift(st) SKM_sk_shift(X509_POLICY_REF, (st)) | ||
| 1689 | #define sk_X509_POLICY_REF_pop(st) SKM_sk_pop(X509_POLICY_REF, (st)) | ||
| 1690 | #define sk_X509_POLICY_REF_sort(st) SKM_sk_sort(X509_POLICY_REF, (st)) | ||
| 1691 | #define sk_X509_POLICY_REF_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_REF, (st)) | ||
| 1692 | |||
| 1306 | #define sk_X509_PURPOSE_new(st) SKM_sk_new(X509_PURPOSE, (st)) | 1693 | #define sk_X509_PURPOSE_new(st) SKM_sk_new(X509_PURPOSE, (st)) |
| 1307 | #define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE) | 1694 | #define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE) |
| 1308 | #define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st)) | 1695 | #define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st)) |
| @@ -1313,6 +1700,7 @@ STACK_OF(type) \ | |||
| 1313 | #define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val)) | 1700 | #define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val)) |
| 1314 | #define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val)) | 1701 | #define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val)) |
| 1315 | #define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val)) | 1702 | #define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val)) |
| 1703 | #define sk_X509_PURPOSE_find_ex(st, val) SKM_sk_find_ex(X509_PURPOSE, (st), (val)) | ||
| 1316 | #define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i)) | 1704 | #define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i)) |
| 1317 | #define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr)) | 1705 | #define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr)) |
| 1318 | #define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i)) | 1706 | #define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i)) |
| @@ -1334,6 +1722,7 @@ STACK_OF(type) \ | |||
| 1334 | #define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val)) | 1722 | #define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val)) |
| 1335 | #define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val)) | 1723 | #define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val)) |
| 1336 | #define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val)) | 1724 | #define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val)) |
| 1725 | #define sk_X509_REVOKED_find_ex(st, val) SKM_sk_find_ex(X509_REVOKED, (st), (val)) | ||
| 1337 | #define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i)) | 1726 | #define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i)) |
| 1338 | #define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr)) | 1727 | #define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr)) |
| 1339 | #define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i)) | 1728 | #define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i)) |
| @@ -1355,6 +1744,7 @@ STACK_OF(type) \ | |||
| 1355 | #define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val)) | 1744 | #define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val)) |
| 1356 | #define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val)) | 1745 | #define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val)) |
| 1357 | #define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val)) | 1746 | #define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val)) |
| 1747 | #define sk_X509_TRUST_find_ex(st, val) SKM_sk_find_ex(X509_TRUST, (st), (val)) | ||
| 1358 | #define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i)) | 1748 | #define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i)) |
| 1359 | #define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr)) | 1749 | #define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr)) |
| 1360 | #define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i)) | 1750 | #define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i)) |
| @@ -1366,6 +1756,28 @@ STACK_OF(type) \ | |||
| 1366 | #define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st)) | 1756 | #define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st)) |
| 1367 | #define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st)) | 1757 | #define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st)) |
| 1368 | 1758 | ||
| 1759 | #define sk_X509_VERIFY_PARAM_new(st) SKM_sk_new(X509_VERIFY_PARAM, (st)) | ||
| 1760 | #define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM) | ||
| 1761 | #define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st)) | ||
| 1762 | #define sk_X509_VERIFY_PARAM_num(st) SKM_sk_num(X509_VERIFY_PARAM, (st)) | ||
| 1763 | #define sk_X509_VERIFY_PARAM_value(st, i) SKM_sk_value(X509_VERIFY_PARAM, (st), (i)) | ||
| 1764 | #define sk_X509_VERIFY_PARAM_set(st, i, val) SKM_sk_set(X509_VERIFY_PARAM, (st), (i), (val)) | ||
| 1765 | #define sk_X509_VERIFY_PARAM_zero(st) SKM_sk_zero(X509_VERIFY_PARAM, (st)) | ||
| 1766 | #define sk_X509_VERIFY_PARAM_push(st, val) SKM_sk_push(X509_VERIFY_PARAM, (st), (val)) | ||
| 1767 | #define sk_X509_VERIFY_PARAM_unshift(st, val) SKM_sk_unshift(X509_VERIFY_PARAM, (st), (val)) | ||
| 1768 | #define sk_X509_VERIFY_PARAM_find(st, val) SKM_sk_find(X509_VERIFY_PARAM, (st), (val)) | ||
| 1769 | #define sk_X509_VERIFY_PARAM_find_ex(st, val) SKM_sk_find_ex(X509_VERIFY_PARAM, (st), (val)) | ||
| 1770 | #define sk_X509_VERIFY_PARAM_delete(st, i) SKM_sk_delete(X509_VERIFY_PARAM, (st), (i)) | ||
| 1771 | #define sk_X509_VERIFY_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_VERIFY_PARAM, (st), (ptr)) | ||
| 1772 | #define sk_X509_VERIFY_PARAM_insert(st, val, i) SKM_sk_insert(X509_VERIFY_PARAM, (st), (val), (i)) | ||
| 1773 | #define sk_X509_VERIFY_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_VERIFY_PARAM, (st), (cmp)) | ||
| 1774 | #define sk_X509_VERIFY_PARAM_dup(st) SKM_sk_dup(X509_VERIFY_PARAM, st) | ||
| 1775 | #define sk_X509_VERIFY_PARAM_pop_free(st, free_func) SKM_sk_pop_free(X509_VERIFY_PARAM, (st), (free_func)) | ||
| 1776 | #define sk_X509_VERIFY_PARAM_shift(st) SKM_sk_shift(X509_VERIFY_PARAM, (st)) | ||
| 1777 | #define sk_X509_VERIFY_PARAM_pop(st) SKM_sk_pop(X509_VERIFY_PARAM, (st)) | ||
| 1778 | #define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st)) | ||
| 1779 | #define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st)) | ||
| 1780 | |||
| 1369 | #define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ | 1781 | #define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ |
| 1370 | SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) | 1782 | SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) |
| 1371 | #define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \ | 1783 | #define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \ |
diff --git a/src/lib/libcrypto/stack/stack.c b/src/lib/libcrypto/stack/stack.c index c7173eb6ab..378bd7c796 100644 --- a/src/lib/libcrypto/stack/stack.c +++ b/src/lib/libcrypto/stack/stack.c | |||
| @@ -68,11 +68,12 @@ | |||
| 68 | #include <stdio.h> | 68 | #include <stdio.h> |
| 69 | #include "cryptlib.h" | 69 | #include "cryptlib.h" |
| 70 | #include <openssl/stack.h> | 70 | #include <openssl/stack.h> |
| 71 | #include <openssl/objects.h> | ||
| 71 | 72 | ||
| 72 | #undef MIN_NODES | 73 | #undef MIN_NODES |
| 73 | #define MIN_NODES 4 | 74 | #define MIN_NODES 4 |
| 74 | 75 | ||
| 75 | const char *STACK_version="Stack" OPENSSL_VERSION_PTEXT; | 76 | const char STACK_version[]="Stack" OPENSSL_VERSION_PTEXT; |
| 76 | 77 | ||
| 77 | #include <errno.h> | 78 | #include <errno.h> |
| 78 | 79 | ||
| @@ -209,7 +210,7 @@ char *sk_delete(STACK *st, int loc) | |||
| 209 | return(ret); | 210 | return(ret); |
| 210 | } | 211 | } |
| 211 | 212 | ||
| 212 | int sk_find(STACK *st, char *data) | 213 | static int internal_find(STACK *st, char *data, int ret_val_options) |
| 213 | { | 214 | { |
| 214 | char **r; | 215 | char **r; |
| 215 | int i; | 216 | int i; |
| @@ -232,19 +233,19 @@ int sk_find(STACK *st, char *data) | |||
| 232 | * not (type *) pointers, but the *pointers* to (type *) pointers, | 233 | * not (type *) pointers, but the *pointers* to (type *) pointers, |
| 233 | * so we get our extra level of pointer dereferencing that way. */ | 234 | * so we get our extra level of pointer dereferencing that way. */ |
| 234 | comp_func=(int (*)(const void *,const void *))(st->comp); | 235 | comp_func=(int (*)(const void *,const void *))(st->comp); |
| 235 | r=(char **)bsearch(&data,(char *)st->data, | 236 | r=(char **)OBJ_bsearch_ex((char *)&data,(char *)st->data, |
| 236 | st->num,sizeof(char *), comp_func); | 237 | st->num,sizeof(char *),comp_func,ret_val_options); |
| 237 | if (r == NULL) return(-1); | 238 | if (r == NULL) return(-1); |
| 238 | i=(int)(r-st->data); | 239 | return((int)(r-st->data)); |
| 239 | for ( ; i>0; i--) | 240 | } |
| 240 | /* This needs a cast because the type being pointed to from | 241 | |
| 241 | * the "&" expressions are (char *) rather than (const char *). | 242 | int sk_find(STACK *st, char *data) |
| 242 | * For an explanation, read: | 243 | { |
| 243 | * http://www.eskimo.com/~scs/C-faq/q11.10.html :-) */ | 244 | return internal_find(st, data, OBJ_BSEARCH_FIRST_VALUE_ON_MATCH); |
| 244 | if ((*st->comp)((const char * const *)&(st->data[i-1]), | 245 | } |
| 245 | (const char * const *)&data) < 0) | 246 | int sk_find_ex(STACK *st, char *data) |
| 246 | break; | 247 | { |
| 247 | return(i); | 248 | return internal_find(st, data, OBJ_BSEARCH_VALUE_ON_NOMATCH); |
| 248 | } | 249 | } |
| 249 | 250 | ||
| 250 | int sk_push(STACK *st, char *data) | 251 | int sk_push(STACK *st, char *data) |
diff --git a/src/lib/libcrypto/stack/stack.h b/src/lib/libcrypto/stack/stack.h index 7570b85fe8..5cbb116a8b 100644 --- a/src/lib/libcrypto/stack/stack.h +++ b/src/lib/libcrypto/stack/stack.h | |||
| @@ -89,6 +89,7 @@ int sk_insert(STACK *sk,char *data,int where); | |||
| 89 | char *sk_delete(STACK *st,int loc); | 89 | char *sk_delete(STACK *st,int loc); |
| 90 | char *sk_delete_ptr(STACK *st, char *p); | 90 | char *sk_delete_ptr(STACK *st, char *p); |
| 91 | int sk_find(STACK *st,char *data); | 91 | int sk_find(STACK *st,char *data); |
| 92 | int sk_find_ex(STACK *st,char *data); | ||
| 92 | int sk_push(STACK *st,char *data); | 93 | int sk_push(STACK *st,char *data); |
| 93 | int sk_unshift(STACK *st,char *data); | 94 | int sk_unshift(STACK *st,char *data); |
| 94 | char *sk_shift(STACK *st); | 95 | char *sk_shift(STACK *st); |
diff --git a/src/lib/libcrypto/symhacks.h b/src/lib/libcrypto/symhacks.h index 774162fec9..64528ad5c2 100644 --- a/src/lib/libcrypto/symhacks.h +++ b/src/lib/libcrypto/symhacks.h | |||
| @@ -127,6 +127,12 @@ | |||
| 127 | /* Hack some long X509 names */ | 127 | /* Hack some long X509 names */ |
| 128 | #undef X509_REVOKED_get_ext_by_critical | 128 | #undef X509_REVOKED_get_ext_by_critical |
| 129 | #define X509_REVOKED_get_ext_by_critical X509_REVOKED_get_ext_by_critic | 129 | #define X509_REVOKED_get_ext_by_critical X509_REVOKED_get_ext_by_critic |
| 130 | #undef X509_policy_tree_get0_user_policies | ||
| 131 | #define X509_policy_tree_get0_user_policies X509_pcy_tree_get0_usr_policies | ||
| 132 | #undef X509_policy_node_get0_qualifiers | ||
| 133 | #define X509_policy_node_get0_qualifiers X509_pcy_node_get0_qualifiers | ||
| 134 | #undef X509_STORE_CTX_get_explicit_policy | ||
| 135 | #define X509_STORE_CTX_get_explicit_policy X509_STORE_CTX_get_expl_policy | ||
| 130 | 136 | ||
| 131 | /* Hack some long CRYPTO names */ | 137 | /* Hack some long CRYPTO names */ |
| 132 | #undef CRYPTO_set_dynlock_destroy_callback | 138 | #undef CRYPTO_set_dynlock_destroy_callback |
| @@ -153,16 +159,16 @@ | |||
| 153 | #define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_d_X509_STORE_CTX_idx | 159 | #define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_d_X509_STORE_CTX_idx |
| 154 | #undef SSL_add_file_cert_subjects_to_stack | 160 | #undef SSL_add_file_cert_subjects_to_stack |
| 155 | #define SSL_add_file_cert_subjects_to_stack SSL_add_file_cert_subjs_to_stk | 161 | #define SSL_add_file_cert_subjects_to_stack SSL_add_file_cert_subjs_to_stk |
| 156 | #if 0 /* This function is not defined i VMS. */ | ||
| 157 | #undef SSL_add_dir_cert_subjects_to_stack | 162 | #undef SSL_add_dir_cert_subjects_to_stack |
| 158 | #define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_subjs_to_stk | 163 | #define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_subjs_to_stk |
| 159 | #endif | ||
| 160 | #undef SSL_CTX_use_certificate_chain_file | 164 | #undef SSL_CTX_use_certificate_chain_file |
| 161 | #define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file | 165 | #define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file |
| 162 | #undef SSL_CTX_set_cert_verify_callback | 166 | #undef SSL_CTX_set_cert_verify_callback |
| 163 | #define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb | 167 | #define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb |
| 164 | #undef SSL_CTX_set_default_passwd_cb_userdata | 168 | #undef SSL_CTX_set_default_passwd_cb_userdata |
| 165 | #define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud | 169 | #define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud |
| 170 | #undef SSL_COMP_get_compression_methods | ||
| 171 | #define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods | ||
| 166 | 172 | ||
| 167 | /* Hack some long ENGINE names */ | 173 | /* Hack some long ENGINE names */ |
| 168 | #undef ENGINE_get_default_BN_mod_exp_crt | 174 | #undef ENGINE_get_default_BN_mod_exp_crt |
| @@ -195,6 +201,12 @@ | |||
| 195 | #define OPENSSL_add_all_algorithms_conf OPENSSL_add_all_algo_conf | 201 | #define OPENSSL_add_all_algorithms_conf OPENSSL_add_all_algo_conf |
| 196 | 202 | ||
| 197 | /* Hack some long EC names */ | 203 | /* Hack some long EC names */ |
| 204 | #undef EC_GROUP_set_point_conversion_form | ||
| 205 | #define EC_GROUP_set_point_conversion_form EC_GROUP_set_point_conv_form | ||
| 206 | #undef EC_GROUP_get_point_conversion_form | ||
| 207 | #define EC_GROUP_get_point_conversion_form EC_GROUP_get_point_conv_form | ||
| 208 | #undef EC_GROUP_clear_free_all_extra_data | ||
| 209 | #define EC_GROUP_clear_free_all_extra_data EC_GROUP_clr_free_all_xtra_data | ||
| 198 | #undef EC_POINT_set_Jprojective_coordinates_GFp | 210 | #undef EC_POINT_set_Jprojective_coordinates_GFp |
| 199 | #define EC_POINT_set_Jprojective_coordinates_GFp \ | 211 | #define EC_POINT_set_Jprojective_coordinates_GFp \ |
| 200 | EC_POINT_set_Jproj_coords_GFp | 212 | EC_POINT_set_Jproj_coords_GFp |
| @@ -207,6 +219,32 @@ | |||
| 207 | #define EC_POINT_get_affine_coordinates_GFp EC_POINT_get_affine_coords_GFp | 219 | #define EC_POINT_get_affine_coordinates_GFp EC_POINT_get_affine_coords_GFp |
| 208 | #undef EC_POINT_set_compressed_coordinates_GFp | 220 | #undef EC_POINT_set_compressed_coordinates_GFp |
| 209 | #define EC_POINT_set_compressed_coordinates_GFp EC_POINT_set_compr_coords_GFp | 221 | #define EC_POINT_set_compressed_coordinates_GFp EC_POINT_set_compr_coords_GFp |
| 222 | #undef EC_POINT_set_affine_coordinates_GF2m | ||
| 223 | #define EC_POINT_set_affine_coordinates_GF2m EC_POINT_set_affine_coords_GF2m | ||
| 224 | #undef EC_POINT_get_affine_coordinates_GF2m | ||
| 225 | #define EC_POINT_get_affine_coordinates_GF2m EC_POINT_get_affine_coords_GF2m | ||
| 226 | #undef EC_POINT_set_compressed_coordinates_GF2m | ||
| 227 | #define EC_POINT_set_compressed_coordinates_GF2m \ | ||
| 228 | EC_POINT_set_compr_coords_GF2m | ||
| 229 | #undef ec_GF2m_simple_group_clear_finish | ||
| 230 | #define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish | ||
| 231 | #undef ec_GF2m_simple_group_check_discriminant | ||
| 232 | #define ec_GF2m_simple_group_check_discriminant ec_GF2m_simple_grp_chk_discrim | ||
| 233 | #undef ec_GF2m_simple_point_clear_finish | ||
| 234 | #define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish | ||
| 235 | #undef ec_GF2m_simple_point_set_to_infinity | ||
| 236 | #define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf | ||
| 237 | #undef ec_GF2m_simple_points_make_affine | ||
| 238 | #define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine | ||
| 239 | #undef ec_GF2m_simple_point_set_affine_coordinates | ||
| 240 | #define ec_GF2m_simple_point_set_affine_coordinates \ | ||
| 241 | ec_GF2m_smp_pt_set_af_coords | ||
| 242 | #undef ec_GF2m_simple_point_get_affine_coordinates | ||
| 243 | #define ec_GF2m_simple_point_get_affine_coordinates \ | ||
| 244 | ec_GF2m_smp_pt_get_af_coords | ||
| 245 | #undef ec_GF2m_simple_set_compressed_coordinates | ||
| 246 | #define ec_GF2m_simple_set_compressed_coordinates \ | ||
| 247 | ec_GF2m_smp_set_compr_coords | ||
| 210 | #undef ec_GFp_simple_group_set_curve_GFp | 248 | #undef ec_GFp_simple_group_set_curve_GFp |
| 211 | #define ec_GFp_simple_group_set_curve_GFp ec_GFp_simple_grp_set_curve_GFp | 249 | #define ec_GFp_simple_group_set_curve_GFp ec_GFp_simple_grp_set_curve_GFp |
| 212 | #undef ec_GFp_simple_group_get_curve_GFp | 250 | #undef ec_GFp_simple_group_get_curve_GFp |
| @@ -242,6 +280,81 @@ | |||
| 242 | #undef ec_GFp_simple_set_compressed_coordinates_GFp | 280 | #undef ec_GFp_simple_set_compressed_coordinates_GFp |
| 243 | #define ec_GFp_simple_set_compressed_coordinates_GFp \ | 281 | #define ec_GFp_simple_set_compressed_coordinates_GFp \ |
| 244 | ec_GFp_smp_set_compr_coords_GFp | 282 | ec_GFp_smp_set_compr_coords_GFp |
| 283 | #undef ec_GFp_simple_point_set_affine_coordinates | ||
| 284 | #define ec_GFp_simple_point_set_affine_coordinates \ | ||
| 285 | ec_GFp_smp_pt_set_af_coords | ||
| 286 | #undef ec_GFp_simple_point_get_affine_coordinates | ||
| 287 | #define ec_GFp_simple_point_get_affine_coordinates \ | ||
| 288 | ec_GFp_smp_pt_get_af_coords | ||
| 289 | #undef ec_GFp_simple_set_compressed_coordinates | ||
| 290 | #define ec_GFp_simple_set_compressed_coordinates \ | ||
| 291 | ec_GFp_smp_set_compr_coords | ||
| 292 | #undef ec_GFp_simple_group_check_discriminant | ||
| 293 | #define ec_GFp_simple_group_check_discriminant ec_GFp_simple_grp_chk_discrim | ||
| 294 | |||
| 295 | /* Hack som long STORE names */ | ||
| 296 | #undef STORE_method_set_initialise_function | ||
| 297 | #define STORE_method_set_initialise_function STORE_meth_set_initialise_fn | ||
| 298 | #undef STORE_method_set_cleanup_function | ||
| 299 | #define STORE_method_set_cleanup_function STORE_meth_set_cleanup_fn | ||
| 300 | #undef STORE_method_set_generate_function | ||
| 301 | #define STORE_method_set_generate_function STORE_meth_set_generate_fn | ||
| 302 | #undef STORE_method_set_modify_function | ||
| 303 | #define STORE_method_set_modify_function STORE_meth_set_modify_fn | ||
| 304 | #undef STORE_method_set_revoke_function | ||
| 305 | #define STORE_method_set_revoke_function STORE_meth_set_revoke_fn | ||
| 306 | #undef STORE_method_set_delete_function | ||
| 307 | #define STORE_method_set_delete_function STORE_meth_set_delete_fn | ||
| 308 | #undef STORE_method_set_list_start_function | ||
| 309 | #define STORE_method_set_list_start_function STORE_meth_set_list_start_fn | ||
| 310 | #undef STORE_method_set_list_next_function | ||
| 311 | #define STORE_method_set_list_next_function STORE_meth_set_list_next_fn | ||
| 312 | #undef STORE_method_set_list_end_function | ||
| 313 | #define STORE_method_set_list_end_function STORE_meth_set_list_end_fn | ||
| 314 | #undef STORE_method_set_update_store_function | ||
| 315 | #define STORE_method_set_update_store_function STORE_meth_set_update_store_fn | ||
| 316 | #undef STORE_method_set_lock_store_function | ||
| 317 | #define STORE_method_set_lock_store_function STORE_meth_set_lock_store_fn | ||
| 318 | #undef STORE_method_set_unlock_store_function | ||
| 319 | #define STORE_method_set_unlock_store_function STORE_meth_set_unlock_store_fn | ||
| 320 | #undef STORE_method_get_initialise_function | ||
| 321 | #define STORE_method_get_initialise_function STORE_meth_get_initialise_fn | ||
| 322 | #undef STORE_method_get_cleanup_function | ||
| 323 | #define STORE_method_get_cleanup_function STORE_meth_get_cleanup_fn | ||
| 324 | #undef STORE_method_get_generate_function | ||
| 325 | #define STORE_method_get_generate_function STORE_meth_get_generate_fn | ||
| 326 | #undef STORE_method_get_modify_function | ||
| 327 | #define STORE_method_get_modify_function STORE_meth_get_modify_fn | ||
| 328 | #undef STORE_method_get_revoke_function | ||
| 329 | #define STORE_method_get_revoke_function STORE_meth_get_revoke_fn | ||
| 330 | #undef STORE_method_get_delete_function | ||
| 331 | #define STORE_method_get_delete_function STORE_meth_get_delete_fn | ||
| 332 | #undef STORE_method_get_list_start_function | ||
| 333 | #define STORE_method_get_list_start_function STORE_meth_get_list_start_fn | ||
| 334 | #undef STORE_method_get_list_next_function | ||
| 335 | #define STORE_method_get_list_next_function STORE_meth_get_list_next_fn | ||
| 336 | #undef STORE_method_get_list_end_function | ||
| 337 | #define STORE_method_get_list_end_function STORE_meth_get_list_end_fn | ||
| 338 | #undef STORE_method_get_update_store_function | ||
| 339 | #define STORE_method_get_update_store_function STORE_meth_get_update_store_fn | ||
| 340 | #undef STORE_method_get_lock_store_function | ||
| 341 | #define STORE_method_get_lock_store_function STORE_meth_get_lock_store_fn | ||
| 342 | #undef STORE_method_get_unlock_store_function | ||
| 343 | #define STORE_method_get_unlock_store_function STORE_meth_get_unlock_store_fn | ||
| 344 | |||
| 345 | /* Hack some long CMS names */ | ||
| 346 | #undef CMS_RecipientInfo_ktri_get0_algs | ||
| 347 | #define CMS_RecipientInfo_ktri_get0_algs CMS_RecipInfo_ktri_get0_algs | ||
| 348 | #undef CMS_RecipientInfo_ktri_get0_signer_id | ||
| 349 | #define CMS_RecipientInfo_ktri_get0_signer_id CMS_RecipInfo_ktri_get0_sigr_id | ||
| 350 | #undef CMS_OtherRevocationInfoFormat_it | ||
| 351 | #define CMS_OtherRevocationInfoFormat_it CMS_OtherRevocInfoFormat_it | ||
| 352 | #undef CMS_KeyAgreeRecipientIdentifier_it | ||
| 353 | #define CMS_KeyAgreeRecipientIdentifier_it CMS_KeyAgreeRecipIdentifier_it | ||
| 354 | #undef CMS_OriginatorIdentifierOrKey_it | ||
| 355 | #define CMS_OriginatorIdentifierOrKey_it CMS_OriginatorIdOrKey_it | ||
| 356 | #undef cms_SignerIdentifier_get0_signer_id | ||
| 357 | #define cms_SignerIdentifier_get0_signer_id cms_SignerId_get0_signer_id | ||
| 245 | 358 | ||
| 246 | #endif /* defined OPENSSL_SYS_VMS */ | 359 | #endif /* defined OPENSSL_SYS_VMS */ |
| 247 | 360 | ||
| @@ -253,6 +366,15 @@ | |||
| 253 | #undef OCSP_crlID_new | 366 | #undef OCSP_crlID_new |
| 254 | #define OCSP_crlID_new OCSP_crlID2_new | 367 | #define OCSP_crlID_new OCSP_crlID2_new |
| 255 | 368 | ||
| 369 | #undef d2i_ECPARAMETERS | ||
| 370 | #define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS | ||
| 371 | #undef i2d_ECPARAMETERS | ||
| 372 | #define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS | ||
| 373 | #undef d2i_ECPKPARAMETERS | ||
| 374 | #define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS | ||
| 375 | #undef i2d_ECPKPARAMETERS | ||
| 376 | #define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS | ||
| 377 | |||
| 256 | /* These functions do not seem to exist! However, I'm paranoid... | 378 | /* These functions do not seem to exist! However, I'm paranoid... |
| 257 | Original command in x509v3.h: | 379 | Original command in x509v3.h: |
| 258 | These functions are being redefined in another directory, | 380 | These functions are being redefined in another directory, |
| @@ -273,3 +395,6 @@ | |||
| 273 | 395 | ||
| 274 | 396 | ||
| 275 | #endif /* ! defined HEADER_VMS_IDHACKS_H */ | 397 | #endif /* ! defined HEADER_VMS_IDHACKS_H */ |
| 398 | /* This one clashes with CMS_data_create */ | ||
| 399 | #undef cms_Data_create | ||
| 400 | #define cms_Data_create priv_cms_Data_create | ||
diff --git a/src/lib/libcrypto/threads/mttest.c b/src/lib/libcrypto/threads/mttest.c index 7588966cb2..f6f3df4b6a 100644 --- a/src/lib/libcrypto/threads/mttest.c +++ b/src/lib/libcrypto/threads/mttest.c | |||
| @@ -77,6 +77,12 @@ | |||
| 77 | #ifdef PTHREADS | 77 | #ifdef PTHREADS |
| 78 | #include <pthread.h> | 78 | #include <pthread.h> |
| 79 | #endif | 79 | #endif |
| 80 | #ifdef OPENSSL_SYS_NETWARE | ||
| 81 | #if !defined __int64 | ||
| 82 | # define __int64 long long | ||
| 83 | #endif | ||
| 84 | #include <nwmpk.h> | ||
| 85 | #endif | ||
| 80 | #include <openssl/lhash.h> | 86 | #include <openssl/lhash.h> |
| 81 | #include <openssl/crypto.h> | 87 | #include <openssl/crypto.h> |
| 82 | #include <openssl/buffer.h> | 88 | #include <openssl/buffer.h> |
| @@ -86,8 +92,18 @@ | |||
| 86 | #include <openssl/err.h> | 92 | #include <openssl/err.h> |
| 87 | #include <openssl/rand.h> | 93 | #include <openssl/rand.h> |
| 88 | 94 | ||
| 95 | #ifdef OPENSSL_NO_FP_API | ||
| 96 | #define APPS_WIN16 | ||
| 97 | #include "../buffer/bss_file.c" | ||
| 98 | #endif | ||
| 99 | |||
| 100 | #ifdef OPENSSL_SYS_NETWARE | ||
| 101 | #define TEST_SERVER_CERT "/openssl/apps/server.pem" | ||
| 102 | #define TEST_CLIENT_CERT "/openssl/apps/client.pem" | ||
| 103 | #else | ||
| 89 | #define TEST_SERVER_CERT "../../apps/server.pem" | 104 | #define TEST_SERVER_CERT "../../apps/server.pem" |
| 90 | #define TEST_CLIENT_CERT "../../apps/client.pem" | 105 | #define TEST_CLIENT_CERT "../../apps/client.pem" |
| 106 | #endif | ||
| 91 | 107 | ||
| 92 | #define MAX_THREAD_NUMBER 100 | 108 | #define MAX_THREAD_NUMBER 100 |
| 93 | 109 | ||
| @@ -100,10 +116,18 @@ void irix_locking_callback(int mode,int type,char *file,int line); | |||
| 100 | void solaris_locking_callback(int mode,int type,char *file,int line); | 116 | void solaris_locking_callback(int mode,int type,char *file,int line); |
| 101 | void win32_locking_callback(int mode,int type,char *file,int line); | 117 | void win32_locking_callback(int mode,int type,char *file,int line); |
| 102 | void pthreads_locking_callback(int mode,int type,char *file,int line); | 118 | void pthreads_locking_callback(int mode,int type,char *file,int line); |
| 119 | void netware_locking_callback(int mode,int type,char *file,int line); | ||
| 103 | 120 | ||
| 104 | unsigned long irix_thread_id(void ); | 121 | unsigned long irix_thread_id(void ); |
| 105 | unsigned long solaris_thread_id(void ); | 122 | unsigned long solaris_thread_id(void ); |
| 106 | unsigned long pthreads_thread_id(void ); | 123 | unsigned long pthreads_thread_id(void ); |
| 124 | unsigned long netware_thread_id(void ); | ||
| 125 | |||
| 126 | #if defined(OPENSSL_SYS_NETWARE) | ||
| 127 | static MPKMutex *lock_cs; | ||
| 128 | static MPKSema ThreadSem; | ||
| 129 | static long *lock_count; | ||
| 130 | #endif | ||
| 107 | 131 | ||
| 108 | BIO *bio_err=NULL; | 132 | BIO *bio_err=NULL; |
| 109 | BIO *bio_stdout=NULL; | 133 | BIO *bio_stdout=NULL; |
| @@ -384,6 +408,9 @@ int ndoit(SSL_CTX *ssl_ctx[2]) | |||
| 384 | SSL_free((SSL *)ctx[2]); | 408 | SSL_free((SSL *)ctx[2]); |
| 385 | SSL_free((SSL *)ctx[3]); | 409 | SSL_free((SSL *)ctx[3]); |
| 386 | } | 410 | } |
| 411 | # ifdef OPENSSL_SYS_NETWARE | ||
| 412 | MPKSemaphoreSignal(ThreadSem); | ||
| 413 | # endif | ||
| 387 | return(0); | 414 | return(0); |
| 388 | } | 415 | } |
| 389 | 416 | ||
| @@ -627,6 +654,9 @@ int doit(char *ctx[4]) | |||
| 627 | } | 654 | } |
| 628 | 655 | ||
| 629 | if ((done & S_DONE) && (done & C_DONE)) break; | 656 | if ((done & S_DONE) && (done & C_DONE)) break; |
| 657 | # if defined(OPENSSL_SYS_NETWARE) | ||
| 658 | ThreadSwitchWithDelay(); | ||
| 659 | # endif | ||
| 630 | } | 660 | } |
| 631 | 661 | ||
| 632 | SSL_set_shutdown(c_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); | 662 | SSL_set_shutdown(c_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); |
| @@ -1094,3 +1124,88 @@ unsigned long pthreads_thread_id(void) | |||
| 1094 | 1124 | ||
| 1095 | 1125 | ||
| 1096 | 1126 | ||
| 1127 | #ifdef OPENSSL_SYS_NETWARE | ||
| 1128 | |||
| 1129 | void thread_setup(void) | ||
| 1130 | { | ||
| 1131 | int i; | ||
| 1132 | |||
| 1133 | lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(MPKMutex)); | ||
| 1134 | lock_count=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long)); | ||
| 1135 | for (i=0; i<CRYPTO_num_locks(); i++) | ||
| 1136 | { | ||
| 1137 | lock_count[i]=0; | ||
| 1138 | lock_cs[i]=MPKMutexAlloc("OpenSSL mutex"); | ||
| 1139 | } | ||
| 1140 | |||
| 1141 | ThreadSem = MPKSemaphoreAlloc("OpenSSL mttest semaphore", 0 ); | ||
| 1142 | |||
| 1143 | CRYPTO_set_id_callback((unsigned long (*)())netware_thread_id); | ||
| 1144 | CRYPTO_set_locking_callback((void (*)())netware_locking_callback); | ||
| 1145 | } | ||
| 1146 | |||
| 1147 | void thread_cleanup(void) | ||
| 1148 | { | ||
| 1149 | int i; | ||
| 1150 | |||
| 1151 | CRYPTO_set_locking_callback(NULL); | ||
| 1152 | |||
| 1153 | fprintf(stdout,"thread_cleanup\n"); | ||
| 1154 | |||
| 1155 | for (i=0; i<CRYPTO_num_locks(); i++) | ||
| 1156 | { | ||
| 1157 | MPKMutexFree(lock_cs[i]); | ||
| 1158 | fprintf(stdout,"%8ld:%s\n",lock_count[i],CRYPTO_get_lock_name(i)); | ||
| 1159 | } | ||
| 1160 | OPENSSL_free(lock_cs); | ||
| 1161 | OPENSSL_free(lock_count); | ||
| 1162 | |||
| 1163 | MPKSemaphoreFree(ThreadSem); | ||
| 1164 | |||
| 1165 | fprintf(stdout,"done cleanup\n"); | ||
| 1166 | } | ||
| 1167 | |||
| 1168 | void netware_locking_callback(int mode, int type, char *file, int line) | ||
| 1169 | { | ||
| 1170 | if (mode & CRYPTO_LOCK) | ||
| 1171 | { | ||
| 1172 | MPKMutexLock(lock_cs[type]); | ||
| 1173 | lock_count[type]++; | ||
| 1174 | } | ||
| 1175 | else | ||
| 1176 | MPKMutexUnlock(lock_cs[type]); | ||
| 1177 | } | ||
| 1178 | |||
| 1179 | void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx) | ||
| 1180 | { | ||
| 1181 | SSL_CTX *ssl_ctx[2]; | ||
| 1182 | int i; | ||
| 1183 | ssl_ctx[0]=s_ctx; | ||
| 1184 | ssl_ctx[1]=c_ctx; | ||
| 1185 | |||
| 1186 | for (i=0; i<thread_number; i++) | ||
| 1187 | { | ||
| 1188 | BeginThread( (void(*)(void*))ndoit, NULL, THREAD_STACK_SIZE, | ||
| 1189 | (void*)ssl_ctx); | ||
| 1190 | ThreadSwitchWithDelay(); | ||
| 1191 | } | ||
| 1192 | |||
| 1193 | printf("reaping\n"); | ||
| 1194 | |||
| 1195 | /* loop until all threads have signaled the semaphore */ | ||
| 1196 | for (i=0; i<thread_number; i++) | ||
| 1197 | { | ||
| 1198 | MPKSemaphoreWait(ThreadSem); | ||
| 1199 | } | ||
| 1200 | printf("netware threads done (%d,%d)\n", | ||
| 1201 | s_ctx->references,c_ctx->references); | ||
| 1202 | } | ||
| 1203 | |||
| 1204 | unsigned long netware_thread_id(void) | ||
| 1205 | { | ||
| 1206 | unsigned long ret; | ||
| 1207 | |||
| 1208 | ret=(unsigned long)GetThreadID(); | ||
| 1209 | return(ret); | ||
| 1210 | } | ||
| 1211 | #endif /* NETWARE */ | ||
diff --git a/src/lib/libcrypto/threads/th-lock.c b/src/lib/libcrypto/threads/th-lock.c index a6a79b9f45..14aae5f912 100644 --- a/src/lib/libcrypto/threads/th-lock.c +++ b/src/lib/libcrypto/threads/th-lock.c | |||
| @@ -80,7 +80,7 @@ | |||
| 80 | #include <openssl/lhash.h> | 80 | #include <openssl/lhash.h> |
| 81 | #include <openssl/crypto.h> | 81 | #include <openssl/crypto.h> |
| 82 | #include <openssl/buffer.h> | 82 | #include <openssl/buffer.h> |
| 83 | #include <openssl/e_os.h> | 83 | #include "../../e_os.h" |
| 84 | #include <openssl/x509.h> | 84 | #include <openssl/x509.h> |
| 85 | #include <openssl/ssl.h> | 85 | #include <openssl/ssl.h> |
| 86 | #include <openssl/err.h> | 86 | #include <openssl/err.h> |
diff --git a/src/lib/libcrypto/tmdiff.c b/src/lib/libcrypto/tmdiff.c index 307523ebba..1c6e052ac9 100644 --- a/src/lib/libcrypto/tmdiff.c +++ b/src/lib/libcrypto/tmdiff.c | |||
| @@ -72,7 +72,11 @@ | |||
| 72 | # define TIMES | 72 | # define TIMES |
| 73 | #endif | 73 | #endif |
| 74 | 74 | ||
| 75 | #ifndef _IRIX | 75 | #ifdef OPENSSL_SYS_NETWARE |
| 76 | #undef TIMES | ||
| 77 | #endif | ||
| 78 | |||
| 79 | #if !defined(_IRIX) || defined (OPENSSL_SYS_NETWARE) | ||
| 76 | # include <time.h> | 80 | # include <time.h> |
| 77 | #endif | 81 | #endif |
| 78 | #ifdef TIMES | 82 | #ifdef TIMES |
| @@ -94,7 +98,7 @@ | |||
| 94 | #include <sys/param.h> | 98 | #include <sys/param.h> |
| 95 | #endif | 99 | #endif |
| 96 | 100 | ||
| 97 | #if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS) | 101 | #if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_NETWARE) |
| 98 | #include <sys/timeb.h> | 102 | #include <sys/timeb.h> |
| 99 | #endif | 103 | #endif |
| 100 | 104 | ||
| @@ -106,7 +110,8 @@ | |||
| 106 | #ifndef HZ | 110 | #ifndef HZ |
| 107 | # if defined(_SC_CLK_TCK) \ | 111 | # if defined(_SC_CLK_TCK) \ |
| 108 | && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000) | 112 | && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000) |
| 109 | # define HZ ((double)sysconf(_SC_CLK_TCK)) | 113 | /* # define HZ ((double)sysconf(_SC_CLK_TCK)) */ |
| 114 | # define HZ sysconf(_SC_CLK_TCK) | ||
| 110 | # else | 115 | # else |
| 111 | # ifndef CLK_TCK | 116 | # ifndef CLK_TCK |
| 112 | # ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ | 117 | # ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ |
| @@ -120,7 +125,7 @@ | |||
| 120 | # endif | 125 | # endif |
| 121 | #endif | 126 | #endif |
| 122 | 127 | ||
| 123 | typedef struct ms_tm | 128 | struct ms_tm |
| 124 | { | 129 | { |
| 125 | #ifdef TIMES | 130 | #ifdef TIMES |
| 126 | struct tms ms_tms; | 131 | struct tms ms_tms; |
| @@ -128,6 +133,8 @@ typedef struct ms_tm | |||
| 128 | # ifdef OPENSSL_SYS_WIN32 | 133 | # ifdef OPENSSL_SYS_WIN32 |
| 129 | HANDLE thread_id; | 134 | HANDLE thread_id; |
| 130 | FILETIME ms_win32; | 135 | FILETIME ms_win32; |
| 136 | # elif defined (OPENSSL_SYS_NETWARE) | ||
| 137 | clock_t ms_clock; | ||
| 131 | # else | 138 | # else |
| 132 | # ifdef OPENSSL_SYS_VXWORKS | 139 | # ifdef OPENSSL_SYS_VXWORKS |
| 133 | unsigned long ticks; | 140 | unsigned long ticks; |
| @@ -136,9 +143,9 @@ typedef struct ms_tm | |||
| 136 | # endif | 143 | # endif |
| 137 | # endif | 144 | # endif |
| 138 | #endif | 145 | #endif |
| 139 | } MS_TM; | 146 | }; |
| 140 | 147 | ||
| 141 | char *ms_time_new(void) | 148 | MS_TM *ms_time_new(void) |
| 142 | { | 149 | { |
| 143 | MS_TM *ret; | 150 | MS_TM *ret; |
| 144 | 151 | ||
| @@ -149,18 +156,17 @@ char *ms_time_new(void) | |||
| 149 | #ifdef OPENSSL_SYS_WIN32 | 156 | #ifdef OPENSSL_SYS_WIN32 |
| 150 | ret->thread_id=GetCurrentThread(); | 157 | ret->thread_id=GetCurrentThread(); |
| 151 | #endif | 158 | #endif |
| 152 | return((char *)ret); | 159 | return ret; |
| 153 | } | 160 | } |
| 154 | 161 | ||
| 155 | void ms_time_free(char *a) | 162 | void ms_time_free(MS_TM *a) |
| 156 | { | 163 | { |
| 157 | if (a != NULL) | 164 | if (a != NULL) |
| 158 | OPENSSL_free(a); | 165 | OPENSSL_free(a); |
| 159 | } | 166 | } |
| 160 | 167 | ||
| 161 | void ms_time_get(char *a) | 168 | void ms_time_get(MS_TM *tm) |
| 162 | { | 169 | { |
| 163 | MS_TM *tm=(MS_TM *)a; | ||
| 164 | #ifdef OPENSSL_SYS_WIN32 | 170 | #ifdef OPENSSL_SYS_WIN32 |
| 165 | FILETIME tmpa,tmpb,tmpc; | 171 | FILETIME tmpa,tmpb,tmpc; |
| 166 | #endif | 172 | #endif |
| @@ -170,6 +176,8 @@ void ms_time_get(char *a) | |||
| 170 | #else | 176 | #else |
| 171 | # ifdef OPENSSL_SYS_WIN32 | 177 | # ifdef OPENSSL_SYS_WIN32 |
| 172 | GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32)); | 178 | GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32)); |
| 179 | # elif defined (OPENSSL_SYS_NETWARE) | ||
| 180 | tm->ms_clock = clock(); | ||
| 173 | # else | 181 | # else |
| 174 | # ifdef OPENSSL_SYS_VXWORKS | 182 | # ifdef OPENSSL_SYS_VXWORKS |
| 175 | tm->ticks = tickGet(); | 183 | tm->ticks = tickGet(); |
| @@ -180,14 +188,13 @@ void ms_time_get(char *a) | |||
| 180 | #endif | 188 | #endif |
| 181 | } | 189 | } |
| 182 | 190 | ||
| 183 | double ms_time_diff(char *ap, char *bp) | 191 | double ms_time_diff(MS_TM *a, MS_TM *b) |
| 184 | { | 192 | { |
| 185 | MS_TM *a=(MS_TM *)ap; | ||
| 186 | MS_TM *b=(MS_TM *)bp; | ||
| 187 | double ret; | 193 | double ret; |
| 188 | 194 | ||
| 189 | #ifdef TIMES | 195 | #ifdef TIMES |
| 190 | ret=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ; | 196 | ret = HZ; |
| 197 | ret = (b->ms_tms.tms_utime-a->ms_tms.tms_utime) / ret; | ||
| 191 | #else | 198 | #else |
| 192 | # ifdef OPENSSL_SYS_WIN32 | 199 | # ifdef OPENSSL_SYS_WIN32 |
| 193 | { | 200 | { |
| @@ -204,6 +211,8 @@ double ms_time_diff(char *ap, char *bp) | |||
| 204 | lb+=b->ms_win32.dwLowDateTime; | 211 | lb+=b->ms_win32.dwLowDateTime; |
| 205 | ret=((double)(lb-la))/1e7; | 212 | ret=((double)(lb-la))/1e7; |
| 206 | } | 213 | } |
| 214 | # elif defined (OPENSSL_SYS_NETWARE) | ||
| 215 | ret= (double)(b->ms_clock - a->ms_clock); | ||
| 207 | # else | 216 | # else |
| 208 | # ifdef OPENSSL_SYS_VXWORKS | 217 | # ifdef OPENSSL_SYS_VXWORKS |
| 209 | ret = (double)(b->ticks - a->ticks) / (double)sysClkRateGet(); | 218 | ret = (double)(b->ticks - a->ticks) / (double)sysClkRateGet(); |
| @@ -217,18 +226,20 @@ double ms_time_diff(char *ap, char *bp) | |||
| 217 | return((ret < 0.0000001)?0.0000001:ret); | 226 | return((ret < 0.0000001)?0.0000001:ret); |
| 218 | } | 227 | } |
| 219 | 228 | ||
| 220 | int ms_time_cmp(char *ap, char *bp) | 229 | int ms_time_cmp(const MS_TM *a, const MS_TM *b) |
| 221 | { | 230 | { |
| 222 | MS_TM *a=(MS_TM *)ap,*b=(MS_TM *)bp; | ||
| 223 | double d; | 231 | double d; |
| 224 | int ret; | 232 | int ret; |
| 225 | 233 | ||
| 226 | #ifdef TIMES | 234 | #ifdef TIMES |
| 227 | d=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ; | 235 | d = HZ; |
| 236 | d = (b->ms_tms.tms_utime-a->ms_tms.tms_utime) / d; | ||
| 228 | #else | 237 | #else |
| 229 | # ifdef OPENSSL_SYS_WIN32 | 238 | # ifdef OPENSSL_SYS_WIN32 |
| 230 | d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7; | 239 | d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7; |
| 231 | d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7; | 240 | d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7; |
| 241 | # elif defined (OPENSSL_SYS_NETWARE) | ||
| 242 | d= (double)(b->ms_clock - a->ms_clock); | ||
| 232 | # else | 243 | # else |
| 233 | # ifdef OPENSSL_SYS_VXWORKS | 244 | # ifdef OPENSSL_SYS_VXWORKS |
| 234 | d = (b->ticks - a->ticks); | 245 | d = (b->ticks - a->ticks); |
diff --git a/src/lib/libcrypto/tmdiff.h b/src/lib/libcrypto/tmdiff.h index 41a8a1e0e0..af5c41c649 100644 --- a/src/lib/libcrypto/tmdiff.h +++ b/src/lib/libcrypto/tmdiff.h | |||
| @@ -59,6 +59,16 @@ | |||
| 59 | /* Header for dynamic hash table routines | 59 | /* Header for dynamic hash table routines |
| 60 | * Author - Eric Young | 60 | * Author - Eric Young |
| 61 | */ | 61 | */ |
| 62 | /* ... erm yeah, "dynamic hash tables" you say? | ||
| 63 | * | ||
| 64 | * And what would dynamic hash tables have to do with any of this code *now*? | ||
| 65 | * AFAICS, this code is only referenced by crypto/bn/exp.c which is an unused | ||
| 66 | * file that I doubt compiles any more. speed.c is the only thing that could | ||
| 67 | * use this (and it has nothing to do with hash tables), yet it instead has its | ||
| 68 | * own duplication of all this stuff and looks, if anything, more complete. See | ||
| 69 | * the corresponding note in apps/speed.c. | ||
| 70 | * The Bemused - Geoff | ||
| 71 | */ | ||
| 62 | 72 | ||
| 63 | #ifndef HEADER_TMDIFF_H | 73 | #ifndef HEADER_TMDIFF_H |
| 64 | #define HEADER_TMDIFF_H | 74 | #define HEADER_TMDIFF_H |
| @@ -67,11 +77,13 @@ | |||
| 67 | extern "C" { | 77 | extern "C" { |
| 68 | #endif | 78 | #endif |
| 69 | 79 | ||
| 70 | char *ms_time_new(void ); | 80 | typedef struct ms_tm MS_TM; |
| 71 | void ms_time_free(char *a); | 81 | |
| 72 | void ms_time_get(char *a); | 82 | MS_TM *ms_time_new(void ); |
| 73 | double ms_time_diff(char *start,char *end); | 83 | void ms_time_free(MS_TM *a); |
| 74 | int ms_time_cmp(char *ap,char *bp); | 84 | void ms_time_get(MS_TM *a); |
| 85 | double ms_time_diff(MS_TM *start, MS_TM *end); | ||
| 86 | int ms_time_cmp(const MS_TM *ap, const MS_TM *bp); | ||
| 75 | 87 | ||
| 76 | #ifdef __cplusplus | 88 | #ifdef __cplusplus |
| 77 | } | 89 | } |
diff --git a/src/lib/libcrypto/txt_db/txt_db.c b/src/lib/libcrypto/txt_db/txt_db.c index 58b300b00b..3ed5f72ee9 100644 --- a/src/lib/libcrypto/txt_db/txt_db.c +++ b/src/lib/libcrypto/txt_db/txt_db.c | |||
| @@ -66,7 +66,7 @@ | |||
| 66 | #undef BUFSIZE | 66 | #undef BUFSIZE |
| 67 | #define BUFSIZE 512 | 67 | #define BUFSIZE 512 |
| 68 | 68 | ||
| 69 | const char *TXT_DB_version="TXT_DB" OPENSSL_VERSION_PTEXT; | 69 | const char TXT_DB_version[]="TXT_DB" OPENSSL_VERSION_PTEXT; |
| 70 | 70 | ||
| 71 | TXT_DB *TXT_DB_read(BIO *in, int num) | 71 | TXT_DB *TXT_DB_read(BIO *in, int num) |
| 72 | { | 72 | { |
| @@ -92,7 +92,7 @@ TXT_DB *TXT_DB_read(BIO *in, int num) | |||
| 92 | goto err; | 92 | goto err; |
| 93 | if ((ret->index=(LHASH **)OPENSSL_malloc(sizeof(LHASH *)*num)) == NULL) | 93 | if ((ret->index=(LHASH **)OPENSSL_malloc(sizeof(LHASH *)*num)) == NULL) |
| 94 | goto err; | 94 | goto err; |
| 95 | if ((ret->qual=(int (**)())OPENSSL_malloc(sizeof(int (**)())*num)) == NULL) | 95 | if ((ret->qual=(int (**)(char **))OPENSSL_malloc(sizeof(int (**)(char **))*num)) == NULL) |
| 96 | goto err; | 96 | goto err; |
| 97 | for (i=0; i<num; i++) | 97 | for (i=0; i<num; i++) |
| 98 | { | 98 | { |
| @@ -179,10 +179,13 @@ err: | |||
| 179 | #if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) | 179 | #if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) |
| 180 | if (er == 1) fprintf(stderr,"OPENSSL_malloc failure\n"); | 180 | if (er == 1) fprintf(stderr,"OPENSSL_malloc failure\n"); |
| 181 | #endif | 181 | #endif |
| 182 | if (ret->data != NULL) sk_free(ret->data); | 182 | if (ret != NULL) |
| 183 | if (ret->index != NULL) OPENSSL_free(ret->index); | 183 | { |
| 184 | if (ret->qual != NULL) OPENSSL_free(ret->qual); | 184 | if (ret->data != NULL) sk_free(ret->data); |
| 185 | if (ret != NULL) OPENSSL_free(ret); | 185 | if (ret->index != NULL) OPENSSL_free(ret->index); |
| 186 | if (ret->qual != NULL) OPENSSL_free(ret->qual); | ||
| 187 | if (ret != NULL) OPENSSL_free(ret); | ||
| 188 | } | ||
| 186 | return(NULL); | 189 | return(NULL); |
| 187 | } | 190 | } |
| 188 | else | 191 | else |
| @@ -210,11 +213,11 @@ char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value) | |||
| 210 | return(ret); | 213 | return(ret); |
| 211 | } | 214 | } |
| 212 | 215 | ||
| 213 | int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(), | 216 | int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(char **), |
| 214 | LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp) | 217 | LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp) |
| 215 | { | 218 | { |
| 216 | LHASH *idx; | 219 | LHASH *idx; |
| 217 | char *r; | 220 | char **r; |
| 218 | int i,n; | 221 | int i,n; |
| 219 | 222 | ||
| 220 | if (field >= db->num_fields) | 223 | if (field >= db->num_fields) |
| @@ -230,12 +233,12 @@ int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(), | |||
| 230 | n=sk_num(db->data); | 233 | n=sk_num(db->data); |
| 231 | for (i=0; i<n; i++) | 234 | for (i=0; i<n; i++) |
| 232 | { | 235 | { |
| 233 | r=(char *)sk_value(db->data,i); | 236 | r=(char **)sk_value(db->data,i); |
| 234 | if ((qual != NULL) && (qual(r) == 0)) continue; | 237 | if ((qual != NULL) && (qual(r) == 0)) continue; |
| 235 | if ((r=lh_insert(idx,r)) != NULL) | 238 | if ((r=lh_insert(idx,r)) != NULL) |
| 236 | { | 239 | { |
| 237 | db->error=DB_ERROR_INDEX_CLASH; | 240 | db->error=DB_ERROR_INDEX_CLASH; |
| 238 | db->arg1=sk_find(db->data,r); | 241 | db->arg1=sk_find(db->data,(char *)r); |
| 239 | db->arg2=i; | 242 | db->arg2=i; |
| 240 | lh_free(idx); | 243 | lh_free(idx); |
| 241 | return(0); | 244 | return(0); |
diff --git a/src/lib/libcrypto/txt_db/txt_db.h b/src/lib/libcrypto/txt_db/txt_db.h index 563392aeff..307e1ba23f 100644 --- a/src/lib/libcrypto/txt_db/txt_db.h +++ b/src/lib/libcrypto/txt_db/txt_db.h | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #ifndef HEADER_TXT_DB_H | 59 | #ifndef HEADER_TXT_DB_H |
| 60 | #define HEADER_TXT_DB_H | 60 | #define HEADER_TXT_DB_H |
| 61 | 61 | ||
| 62 | #include <openssl/opensslconf.h> | ||
| 62 | #ifndef OPENSSL_NO_BIO | 63 | #ifndef OPENSSL_NO_BIO |
| 63 | #include <openssl/bio.h> | 64 | #include <openssl/bio.h> |
| 64 | #endif | 65 | #endif |
| @@ -81,7 +82,7 @@ typedef struct txt_db_st | |||
| 81 | int num_fields; | 82 | int num_fields; |
| 82 | STACK /* char ** */ *data; | 83 | STACK /* char ** */ *data; |
| 83 | LHASH **index; | 84 | LHASH **index; |
| 84 | int (**qual)(); | 85 | int (**qual)(char **); |
| 85 | long error; | 86 | long error; |
| 86 | long arg1; | 87 | long arg1; |
| 87 | long arg2; | 88 | long arg2; |
| @@ -95,7 +96,7 @@ long TXT_DB_write(BIO *out, TXT_DB *db); | |||
| 95 | TXT_DB *TXT_DB_read(char *in, int num); | 96 | TXT_DB *TXT_DB_read(char *in, int num); |
| 96 | long TXT_DB_write(char *out, TXT_DB *db); | 97 | long TXT_DB_write(char *out, TXT_DB *db); |
| 97 | #endif | 98 | #endif |
| 98 | int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(), | 99 | int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(char **), |
| 99 | LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp); | 100 | LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp); |
| 100 | void TXT_DB_free(TXT_DB *db); | 101 | void TXT_DB_free(TXT_DB *db); |
| 101 | char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value); | 102 | char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value); |
diff --git a/src/lib/libcrypto/ui/ui.h b/src/lib/libcrypto/ui/ui.h index 735a2d988e..018296412b 100644 --- a/src/lib/libcrypto/ui/ui.h +++ b/src/lib/libcrypto/ui/ui.h | |||
| @@ -59,25 +59,19 @@ | |||
| 59 | #ifndef HEADER_UI_H | 59 | #ifndef HEADER_UI_H |
| 60 | #define HEADER_UI_H | 60 | #define HEADER_UI_H |
| 61 | 61 | ||
| 62 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 62 | #include <openssl/crypto.h> | 63 | #include <openssl/crypto.h> |
| 64 | #endif | ||
| 63 | #include <openssl/safestack.h> | 65 | #include <openssl/safestack.h> |
| 66 | #include <openssl/ossl_typ.h> | ||
| 64 | 67 | ||
| 65 | #ifdef __cplusplus | 68 | #ifdef __cplusplus |
| 66 | extern "C" { | 69 | extern "C" { |
| 67 | #endif | 70 | #endif |
| 68 | 71 | ||
| 69 | /* The UI type is a holder for a specific user interface session. It can | 72 | /* Declared already in ossl_typ.h */ |
| 70 | contain an illimited number of informational or error strings as well | 73 | /* typedef struct ui_st UI; */ |
| 71 | as things to prompt for, both passwords (noecho mode) and others (echo | 74 | /* typedef struct ui_method_st UI_METHOD; */ |
| 72 | mode), and verification of the same. All of these are called strings, | ||
| 73 | and are further described below. */ | ||
| 74 | typedef struct ui_st UI; | ||
| 75 | |||
| 76 | /* All instances of UI have a reference to a method structure, which is a | ||
| 77 | ordered vector of functions that implement the lower level things to do. | ||
| 78 | There is an instruction on the implementation further down, in the section | ||
| 79 | for method implementors. */ | ||
| 80 | typedef struct ui_method_st UI_METHOD; | ||
| 81 | 75 | ||
| 82 | 76 | ||
| 83 | /* All the following functions return -1 or NULL on error and in some cases | 77 | /* All the following functions return -1 or NULL on error and in some cases |
| @@ -217,7 +211,7 @@ int UI_process(UI *ui); | |||
| 217 | /* Give a user interface parametrised control commands. This can be used to | 211 | /* Give a user interface parametrised control commands. This can be used to |
| 218 | send down an integer, a data pointer or a function pointer, as well as | 212 | send down an integer, a data pointer or a function pointer, as well as |
| 219 | be used to get information from a UI. */ | 213 | be used to get information from a UI. */ |
| 220 | int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)()); | 214 | int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)(void)); |
| 221 | 215 | ||
| 222 | /* The commands */ | 216 | /* The commands */ |
| 223 | /* Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the | 217 | /* Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the |
diff --git a/src/lib/libcrypto/ui/ui_err.c b/src/lib/libcrypto/ui/ui_err.c index d983cdd66f..786bd0dbc3 100644 --- a/src/lib/libcrypto/ui/ui_err.c +++ b/src/lib/libcrypto/ui/ui_err.c | |||
| @@ -101,15 +101,12 @@ static ERR_STRING_DATA UI_str_reasons[]= | |||
| 101 | 101 | ||
| 102 | void ERR_load_UI_strings(void) | 102 | void ERR_load_UI_strings(void) |
| 103 | { | 103 | { |
| 104 | static int init=1; | 104 | #ifndef OPENSSL_NO_ERR |
| 105 | 105 | ||
| 106 | if (init) | 106 | if (ERR_func_error_string(UI_str_functs[0].error) == NULL) |
| 107 | { | 107 | { |
| 108 | init=0; | ||
| 109 | #ifndef OPENSSL_NO_ERR | ||
| 110 | ERR_load_strings(0,UI_str_functs); | 108 | ERR_load_strings(0,UI_str_functs); |
| 111 | ERR_load_strings(0,UI_str_reasons); | 109 | ERR_load_strings(0,UI_str_reasons); |
| 112 | #endif | ||
| 113 | |||
| 114 | } | 110 | } |
| 111 | #endif | ||
| 115 | } | 112 | } |
diff --git a/src/lib/libcrypto/ui/ui_lib.c b/src/lib/libcrypto/ui/ui_lib.c index dbc9711a2d..7ab249c3be 100644 --- a/src/lib/libcrypto/ui/ui_lib.c +++ b/src/lib/libcrypto/ui/ui_lib.c | |||
| @@ -57,12 +57,12 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <string.h> | 59 | #include <string.h> |
| 60 | #include "cryptlib.h" | ||
| 60 | #include <openssl/e_os2.h> | 61 | #include <openssl/e_os2.h> |
| 61 | #include <openssl/buffer.h> | 62 | #include <openssl/buffer.h> |
| 62 | #include <openssl/ui.h> | 63 | #include <openssl/ui.h> |
| 63 | #include <openssl/err.h> | 64 | #include <openssl/err.h> |
| 64 | #include "ui_locl.h" | 65 | #include "ui_locl.h" |
| 65 | #include "cryptlib.h" | ||
| 66 | 66 | ||
| 67 | IMPLEMENT_STACK_OF(UI_STRING_ST) | 67 | IMPLEMENT_STACK_OF(UI_STRING_ST) |
| 68 | 68 | ||
| @@ -545,7 +545,7 @@ int UI_process(UI *ui) | |||
| 545 | return ok; | 545 | return ok; |
| 546 | } | 546 | } |
| 547 | 547 | ||
| 548 | int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)()) | 548 | int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)(void)) |
| 549 | { | 549 | { |
| 550 | if (ui == NULL) | 550 | if (ui == NULL) |
| 551 | { | 551 | { |
| @@ -620,8 +620,10 @@ UI_METHOD *UI_create_method(char *name) | |||
| 620 | UI_METHOD *ui_method = (UI_METHOD *)OPENSSL_malloc(sizeof(UI_METHOD)); | 620 | UI_METHOD *ui_method = (UI_METHOD *)OPENSSL_malloc(sizeof(UI_METHOD)); |
| 621 | 621 | ||
| 622 | if (ui_method) | 622 | if (ui_method) |
| 623 | { | ||
| 623 | memset(ui_method, 0, sizeof(*ui_method)); | 624 | memset(ui_method, 0, sizeof(*ui_method)); |
| 624 | ui_method->name = BUF_strdup(name); | 625 | ui_method->name = BUF_strdup(name); |
| 626 | } | ||
| 625 | return ui_method; | 627 | return ui_method; |
| 626 | } | 628 | } |
| 627 | 629 | ||
diff --git a/src/lib/libcrypto/ui/ui_locl.h b/src/lib/libcrypto/ui/ui_locl.h index 7d3a75a619..aa4a55637d 100644 --- a/src/lib/libcrypto/ui/ui_locl.h +++ b/src/lib/libcrypto/ui/ui_locl.h | |||
| @@ -60,6 +60,11 @@ | |||
| 60 | #define HEADER_UI_LOCL_H | 60 | #define HEADER_UI_LOCL_H |
| 61 | 61 | ||
| 62 | #include <openssl/ui.h> | 62 | #include <openssl/ui.h> |
| 63 | #include <openssl/crypto.h> | ||
| 64 | |||
| 65 | #ifdef _ | ||
| 66 | #undef _ | ||
| 67 | #endif | ||
| 63 | 68 | ||
| 64 | struct ui_method_st | 69 | struct ui_method_st |
| 65 | { | 70 | { |
diff --git a/src/lib/libcrypto/ui/ui_openssl.c b/src/lib/libcrypto/ui/ui_openssl.c index d03aeba91a..8446673ed4 100644 --- a/src/lib/libcrypto/ui/ui_openssl.c +++ b/src/lib/libcrypto/ui/ui_openssl.c | |||
| @@ -117,6 +117,17 @@ | |||
| 117 | 117 | ||
| 118 | #include <openssl/e_os2.h> | 118 | #include <openssl/e_os2.h> |
| 119 | 119 | ||
| 120 | /* need for #define _POSIX_C_SOURCE arises whenever you pass -ansi to gcc | ||
| 121 | * [maybe others?], because it masks interfaces not discussed in standard, | ||
| 122 | * sigaction and fileno included. -pedantic would be more appropriate for | ||
| 123 | * the intended purposes, but we can't prevent users from adding -ansi. | ||
| 124 | */ | ||
| 125 | #define _POSIX_C_SOURCE 1 | ||
| 126 | #include <signal.h> | ||
| 127 | #include <stdio.h> | ||
| 128 | #include <string.h> | ||
| 129 | #include <errno.h> | ||
| 130 | |||
| 120 | #if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) | 131 | #if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) |
| 121 | # ifdef OPENSSL_UNISTD | 132 | # ifdef OPENSSL_UNISTD |
| 122 | # include OPENSSL_UNISTD | 133 | # include OPENSSL_UNISTD |
| @@ -145,10 +156,6 @@ | |||
| 145 | /* 06-Apr-92 Luke Brennan Support for VMS */ | 156 | /* 06-Apr-92 Luke Brennan Support for VMS */ |
| 146 | #include "ui_locl.h" | 157 | #include "ui_locl.h" |
| 147 | #include "cryptlib.h" | 158 | #include "cryptlib.h" |
| 148 | #include <signal.h> | ||
| 149 | #include <stdio.h> | ||
| 150 | #include <string.h> | ||
| 151 | #include <errno.h> | ||
| 152 | 159 | ||
| 153 | #ifdef OPENSSL_SYS_VMS /* prototypes for sys$whatever */ | 160 | #ifdef OPENSSL_SYS_VMS /* prototypes for sys$whatever */ |
| 154 | # include <starlet.h> | 161 | # include <starlet.h> |
| @@ -199,6 +206,12 @@ | |||
| 199 | #undef SGTTY | 206 | #undef SGTTY |
| 200 | #endif | 207 | #endif |
| 201 | 208 | ||
| 209 | #if defined(OPENSSL_SYS_NETWARE) | ||
| 210 | #undef TERMIOS | ||
| 211 | #undef TERMIO | ||
| 212 | #undef SGTTY | ||
| 213 | #endif | ||
| 214 | |||
| 202 | #ifdef TERMIOS | 215 | #ifdef TERMIOS |
| 203 | # include <termios.h> | 216 | # include <termios.h> |
| 204 | # define TTY_STRUCT struct termios | 217 | # define TTY_STRUCT struct termios |
| @@ -247,7 +260,7 @@ struct IOSB { | |||
| 247 | typedef int sig_atomic_t; | 260 | typedef int sig_atomic_t; |
| 248 | #endif | 261 | #endif |
| 249 | 262 | ||
| 250 | #if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(MAC_OS_GUSI_SOURCE) | 263 | #if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(MAC_OS_GUSI_SOURCE) || defined(OPENSSL_SYS_NETWARE) |
| 251 | /* | 264 | /* |
| 252 | * This one needs work. As a matter of fact the code is unoperational | 265 | * This one needs work. As a matter of fact the code is unoperational |
| 253 | * and this is only a trick to get it compiled. | 266 | * and this is only a trick to get it compiled. |
| @@ -461,7 +474,7 @@ static int open_console(UI *ui) | |||
| 461 | CRYPTO_w_lock(CRYPTO_LOCK_UI); | 474 | CRYPTO_w_lock(CRYPTO_LOCK_UI); |
| 462 | is_a_tty = 1; | 475 | is_a_tty = 1; |
| 463 | 476 | ||
| 464 | #if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) | 477 | #if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) |
| 465 | tty_in=stdin; | 478 | tty_in=stdin; |
| 466 | tty_out=stderr; | 479 | tty_out=stderr; |
| 467 | #else | 480 | #else |
| @@ -477,7 +490,7 @@ static int open_console(UI *ui) | |||
| 477 | #endif | 490 | #endif |
| 478 | 491 | ||
| 479 | #if defined(TTY_get) && !defined(OPENSSL_SYS_VMS) | 492 | #if defined(TTY_get) && !defined(OPENSSL_SYS_VMS) |
| 480 | if (TTY_get(fileno(tty_in),&tty_orig) == -1) | 493 | if (TTY_get(fileno(tty_in),&tty_orig) == -1) |
| 481 | { | 494 | { |
| 482 | #ifdef ENOTTY | 495 | #ifdef ENOTTY |
| 483 | if (errno == ENOTTY) | 496 | if (errno == ENOTTY) |
| @@ -566,7 +579,9 @@ static int close_console(UI *ui) | |||
| 566 | /* Internal functions to handle signals and act on them */ | 579 | /* Internal functions to handle signals and act on them */ |
| 567 | static void pushsig(void) | 580 | static void pushsig(void) |
| 568 | { | 581 | { |
| 582 | #ifndef OPENSSL_SYS_WIN32 | ||
| 569 | int i; | 583 | int i; |
| 584 | #endif | ||
| 570 | #ifdef SIGACTION | 585 | #ifdef SIGACTION |
| 571 | struct sigaction sa; | 586 | struct sigaction sa; |
| 572 | 587 | ||
| @@ -574,6 +589,14 @@ static void pushsig(void) | |||
| 574 | sa.sa_handler=recsig; | 589 | sa.sa_handler=recsig; |
| 575 | #endif | 590 | #endif |
| 576 | 591 | ||
| 592 | #ifdef OPENSSL_SYS_WIN32 | ||
| 593 | savsig[SIGABRT]=signal(SIGABRT,recsig); | ||
| 594 | savsig[SIGFPE]=signal(SIGFPE,recsig); | ||
| 595 | savsig[SIGILL]=signal(SIGILL,recsig); | ||
| 596 | savsig[SIGINT]=signal(SIGINT,recsig); | ||
| 597 | savsig[SIGSEGV]=signal(SIGSEGV,recsig); | ||
| 598 | savsig[SIGTERM]=signal(SIGTERM,recsig); | ||
| 599 | #else | ||
| 577 | for (i=1; i<NX509_SIG; i++) | 600 | for (i=1; i<NX509_SIG; i++) |
| 578 | { | 601 | { |
| 579 | #ifdef SIGUSR1 | 602 | #ifdef SIGUSR1 |
| @@ -594,6 +617,7 @@ static void pushsig(void) | |||
| 594 | savsig[i]=signal(i,recsig); | 617 | savsig[i]=signal(i,recsig); |
| 595 | #endif | 618 | #endif |
| 596 | } | 619 | } |
| 620 | #endif | ||
| 597 | 621 | ||
| 598 | #ifdef SIGWINCH | 622 | #ifdef SIGWINCH |
| 599 | signal(SIGWINCH,SIG_DFL); | 623 | signal(SIGWINCH,SIG_DFL); |
| @@ -602,8 +626,15 @@ static void pushsig(void) | |||
| 602 | 626 | ||
| 603 | static void popsig(void) | 627 | static void popsig(void) |
| 604 | { | 628 | { |
| 629 | #ifdef OPENSSL_SYS_WIN32 | ||
| 630 | signal(SIGABRT,savsig[SIGABRT]); | ||
| 631 | signal(SIGFPE,savsig[SIGFPE]); | ||
| 632 | signal(SIGILL,savsig[SIGILL]); | ||
| 633 | signal(SIGINT,savsig[SIGINT]); | ||
| 634 | signal(SIGSEGV,savsig[SIGSEGV]); | ||
| 635 | signal(SIGTERM,savsig[SIGTERM]); | ||
| 636 | #else | ||
| 605 | int i; | 637 | int i; |
| 606 | |||
| 607 | for (i=1; i<NX509_SIG; i++) | 638 | for (i=1; i<NX509_SIG; i++) |
| 608 | { | 639 | { |
| 609 | #ifdef SIGUSR1 | 640 | #ifdef SIGUSR1 |
| @@ -620,6 +651,7 @@ static void popsig(void) | |||
| 620 | signal(i,savsig[i]); | 651 | signal(i,savsig[i]); |
| 621 | #endif | 652 | #endif |
| 622 | } | 653 | } |
| 654 | #endif | ||
| 623 | } | 655 | } |
| 624 | 656 | ||
| 625 | static void recsig(int i) | 657 | static void recsig(int i) |
diff --git a/src/lib/libcrypto/ui/ui_util.c b/src/lib/libcrypto/ui/ui_util.c index 46bc8c1a9a..5d9760bb7b 100644 --- a/src/lib/libcrypto/ui/ui_util.c +++ b/src/lib/libcrypto/ui/ui_util.c | |||
| @@ -54,7 +54,7 @@ | |||
| 54 | */ | 54 | */ |
| 55 | 55 | ||
| 56 | #include <string.h> | 56 | #include <string.h> |
| 57 | #include <openssl/ui.h> | 57 | #include "ui_locl.h" |
| 58 | 58 | ||
| 59 | int UI_UTIL_read_pw_string(char *buf,int length,const char *prompt,int verify) | 59 | int UI_UTIL_read_pw_string(char *buf,int length,const char *prompt,int verify) |
| 60 | { | 60 | { |
diff --git a/src/lib/libcrypto/uid.c b/src/lib/libcrypto/uid.c index 73205a4baa..b1fd52bada 100644 --- a/src/lib/libcrypto/uid.c +++ b/src/lib/libcrypto/uid.c | |||
| @@ -65,7 +65,7 @@ int OPENSSL_issetugid(void) | |||
| 65 | return issetugid(); | 65 | return issetugid(); |
| 66 | } | 66 | } |
| 67 | 67 | ||
| 68 | #elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) | 68 | #elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) |
| 69 | 69 | ||
| 70 | int OPENSSL_issetugid(void) | 70 | int OPENSSL_issetugid(void) |
| 71 | { | 71 | { |
diff --git a/src/lib/libcrypto/util/ck_errf.pl b/src/lib/libcrypto/util/ck_errf.pl index 7a24d6c5a2..344b422c34 100644 --- a/src/lib/libcrypto/util/ck_errf.pl +++ b/src/lib/libcrypto/util/ck_errf.pl | |||
| @@ -13,16 +13,21 @@ foreach $file (@ARGV) | |||
| 13 | $func=""; | 13 | $func=""; |
| 14 | while (<IN>) | 14 | while (<IN>) |
| 15 | { | 15 | { |
| 16 | if (/^[a-zA-Z].+[\s*]([A-Za-z_0-9]+)\(.*\)/) | 16 | if (!/;$/ && /^([a-zA-Z].*[\s*])?([A-Za-z_0-9]+)\(.*[),]/) |
| 17 | { | 17 | { |
| 18 | $func=$1; | 18 | /^([^()]*(\([^()]*\)[^()]*)*)\(/; |
| 19 | $1 =~ /([A-Za-z_0-9]*)$/; | ||
| 20 | $func = $1; | ||
| 19 | $func =~ tr/A-Z/a-z/; | 21 | $func =~ tr/A-Z/a-z/; |
| 20 | } | 22 | } |
| 21 | if (/([A-Z0-9]+)err\(([^,]+)/) | 23 | if (/([A-Z0-9]+)err\(([^,]+)/) |
| 22 | { | 24 | { |
| 23 | next if ($func eq ""); | ||
| 24 | $errlib=$1; | 25 | $errlib=$1; |
| 25 | $n=$2; | 26 | $n=$2; |
| 27 | |||
| 28 | if ($func eq "") | ||
| 29 | { print "$file:$.:???:$n\n"; next; } | ||
| 30 | |||
| 26 | if ($n !~ /([^_]+)_F_(.+)$/) | 31 | if ($n !~ /([^_]+)_F_(.+)$/) |
| 27 | { | 32 | { |
| 28 | # print "check -$file:$.:$func:$n\n"; | 33 | # print "check -$file:$.:$func:$n\n"; |
| @@ -32,7 +37,7 @@ foreach $file (@ARGV) | |||
| 32 | $n=$2; | 37 | $n=$2; |
| 33 | 38 | ||
| 34 | if ($lib ne $errlib) | 39 | if ($lib ne $errlib) |
| 35 | { print "$file:$.:$func:$n\n"; next; } | 40 | { print "$file:$.:$func:$n [${errlib}err]\n"; next; } |
| 36 | 41 | ||
| 37 | $n =~ tr/A-Z/a-z/; | 42 | $n =~ tr/A-Z/a-z/; |
| 38 | if (($n ne $func) && ($errlib ne "SYS")) | 43 | if (($n ne $func) && ($errlib ne "SYS")) |
diff --git a/src/lib/libcrypto/util/clean-depend.pl b/src/lib/libcrypto/util/clean-depend.pl index 6c485d1e2f..2b2bdb4048 100644 --- a/src/lib/libcrypto/util/clean-depend.pl +++ b/src/lib/libcrypto/util/clean-depend.pl | |||
| @@ -37,8 +37,11 @@ foreach $file (sort keys %files) { | |||
| 37 | $file=~s/^\.\///; | 37 | $file=~s/^\.\///; |
| 38 | push @{$files{$file}},$origfile; | 38 | push @{$files{$file}},$origfile; |
| 39 | my $prevdep=""; | 39 | my $prevdep=""; |
| 40 | foreach $dep (sort @{$files{$file}}) { | 40 | |
| 41 | $dep=~s/^\.\///; | 41 | # Remove leading ./ before sorting |
| 42 | my @deps = map { $_ =~ s/^\.\///; $_ } @{$files{$file}}; | ||
| 43 | |||
| 44 | foreach $dep (sort @deps) { | ||
| 42 | next if $prevdep eq $dep; # to exterminate duplicates... | 45 | next if $prevdep eq $dep; # to exterminate duplicates... |
| 43 | $prevdep = $dep; | 46 | $prevdep = $dep; |
| 44 | $len=0 if $len+length($dep)+1 >= 80; | 47 | $len=0 if $len+length($dep)+1 >= 80; |
diff --git a/src/lib/libcrypto/util/cygwin.sh b/src/lib/libcrypto/util/cygwin.sh index 7f791d47f4..89d1dda95b 100644 --- a/src/lib/libcrypto/util/cygwin.sh +++ b/src/lib/libcrypto/util/cygwin.sh | |||
| @@ -47,6 +47,14 @@ function doc_install() | |||
| 47 | create_cygwin_readme | 47 | create_cygwin_readme |
| 48 | } | 48 | } |
| 49 | 49 | ||
| 50 | function certs_install() | ||
| 51 | { | ||
| 52 | CERTS_DIR=${INSTALL_PREFIX}/usr/ssl/certs | ||
| 53 | |||
| 54 | mkdir -p ${CERTS_DIR} | ||
| 55 | cp -rp certs/* ${CERTS_DIR} | ||
| 56 | } | ||
| 57 | |||
| 50 | function create_cygwin_readme() | 58 | function create_cygwin_readme() |
| 51 | { | 59 | { |
| 52 | README_DIR=${INSTALL_PREFIX}/usr/share/doc/Cygwin | 60 | README_DIR=${INSTALL_PREFIX}/usr/share/doc/Cygwin |
| @@ -104,19 +112,25 @@ base_install | |||
| 104 | 112 | ||
| 105 | doc_install | 113 | doc_install |
| 106 | 114 | ||
| 115 | certs_install | ||
| 116 | |||
| 107 | create_cygwin_readme | 117 | create_cygwin_readme |
| 108 | 118 | ||
| 109 | create_profile_files | 119 | create_profile_files |
| 110 | 120 | ||
| 111 | cd ${INSTALL_PREFIX} | 121 | cd ${INSTALL_PREFIX} |
| 112 | strip usr/bin/*.exe usr/bin/*.dll | 122 | chmod u+w usr/lib/engines/*.so |
| 123 | strip usr/bin/*.exe usr/bin/*.dll usr/lib/engines/*.so | ||
| 124 | chmod u-w usr/lib/engines/*.so | ||
| 113 | 125 | ||
| 114 | # Runtime package | 126 | # Runtime package |
| 115 | find etc usr/bin usr/share/doc usr/ssl/certs usr/ssl/man/man[157] \ | 127 | find etc usr/bin usr/lib/engines usr/share/doc usr/ssl/certs \ |
| 116 | usr/ssl/misc usr/ssl/openssl.cnf usr/ssl/private -empty -o \! -type d | | 128 | usr/ssl/man/man[157] usr/ssl/misc usr/ssl/openssl.cnf usr/ssl/private \ |
| 129 | -empty -o \! -type d | | ||
| 117 | tar cjfT openssl-${VERSION}-${SUBVERSION}.tar.bz2 - | 130 | tar cjfT openssl-${VERSION}-${SUBVERSION}.tar.bz2 - |
| 118 | # Development package | 131 | # Development package |
| 119 | find usr/include usr/lib usr/ssl/man/man3 -empty -o \! -type d | | 132 | find usr/include usr/lib/*.a usr/lib/pkgconfig usr/ssl/man/man3 \ |
| 133 | -empty -o \! -type d | | ||
| 120 | tar cjfT openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2 - | 134 | tar cjfT openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2 - |
| 121 | 135 | ||
| 122 | ls -l openssl-${VERSION}-${SUBVERSION}.tar.bz2 | 136 | ls -l openssl-${VERSION}-${SUBVERSION}.tar.bz2 |
diff --git a/src/lib/libcrypto/util/domd b/src/lib/libcrypto/util/domd index 5610521f0b..691be7a440 100644 --- a/src/lib/libcrypto/util/domd +++ b/src/lib/libcrypto/util/domd | |||
| @@ -26,7 +26,7 @@ if [ "$MAKEDEPEND" = "gcc" ]; then | |||
| 26 | ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new | 26 | ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new |
| 27 | rm -f Makefile.tmp | 27 | rm -f Makefile.tmp |
| 28 | else | 28 | else |
| 29 | ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND -f Makefile $@ | 29 | ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND $@ |
| 30 | ${PERL} $TOP/util/clean-depend.pl < Makefile > Makefile.new | 30 | ${PERL} $TOP/util/clean-depend.pl < Makefile > Makefile.new |
| 31 | fi | 31 | fi |
| 32 | mv Makefile.new Makefile | 32 | mv Makefile.new Makefile |
diff --git a/src/lib/libcrypto/util/libeay.num b/src/lib/libcrypto/util/libeay.num index 4222bef6d6..2989500c4b 100644 --- a/src/lib/libcrypto/util/libeay.num +++ b/src/lib/libcrypto/util/libeay.num | |||
| @@ -123,10 +123,10 @@ BN_dup 128 EXIST::FUNCTION: | |||
| 123 | BN_free 129 EXIST::FUNCTION: | 123 | BN_free 129 EXIST::FUNCTION: |
| 124 | BN_from_montgomery 130 EXIST::FUNCTION: | 124 | BN_from_montgomery 130 EXIST::FUNCTION: |
| 125 | BN_gcd 131 EXIST::FUNCTION: | 125 | BN_gcd 131 EXIST::FUNCTION: |
| 126 | BN_generate_prime 132 EXIST::FUNCTION: | 126 | BN_generate_prime 132 EXIST::FUNCTION:DEPRECATED |
| 127 | BN_get_word 133 EXIST::FUNCTION: | 127 | BN_get_word 133 EXIST::FUNCTION: |
| 128 | BN_is_bit_set 134 EXIST::FUNCTION: | 128 | BN_is_bit_set 134 EXIST::FUNCTION: |
| 129 | BN_is_prime 135 EXIST::FUNCTION: | 129 | BN_is_prime 135 EXIST::FUNCTION:DEPRECATED |
| 130 | BN_lshift 136 EXIST::FUNCTION: | 130 | BN_lshift 136 EXIST::FUNCTION: |
| 131 | BN_lshift1 137 EXIST::FUNCTION: | 131 | BN_lshift1 137 EXIST::FUNCTION: |
| 132 | BN_mask_bits 138 EXIST::FUNCTION: | 132 | BN_mask_bits 138 EXIST::FUNCTION: |
| @@ -193,14 +193,14 @@ DH_check 200 EXIST::FUNCTION:DH | |||
| 193 | DH_compute_key 201 EXIST::FUNCTION:DH | 193 | DH_compute_key 201 EXIST::FUNCTION:DH |
| 194 | DH_free 202 EXIST::FUNCTION:DH | 194 | DH_free 202 EXIST::FUNCTION:DH |
| 195 | DH_generate_key 203 EXIST::FUNCTION:DH | 195 | DH_generate_key 203 EXIST::FUNCTION:DH |
| 196 | DH_generate_parameters 204 EXIST::FUNCTION:DH | 196 | DH_generate_parameters 204 EXIST::FUNCTION:DEPRECATED,DH |
| 197 | DH_new 205 EXIST::FUNCTION:DH | 197 | DH_new 205 EXIST::FUNCTION:DH |
| 198 | DH_size 206 EXIST::FUNCTION:DH | 198 | DH_size 206 EXIST::FUNCTION:DH |
| 199 | DHparams_print 207 EXIST::FUNCTION:BIO,DH | 199 | DHparams_print 207 EXIST::FUNCTION:BIO,DH |
| 200 | DHparams_print_fp 208 EXIST::FUNCTION:DH,FP_API | 200 | DHparams_print_fp 208 EXIST::FUNCTION:DH,FP_API |
| 201 | DSA_free 209 EXIST::FUNCTION:DSA | 201 | DSA_free 209 EXIST::FUNCTION:DSA |
| 202 | DSA_generate_key 210 EXIST::FUNCTION:DSA | 202 | DSA_generate_key 210 EXIST::FUNCTION:DSA |
| 203 | DSA_generate_parameters 211 EXIST::FUNCTION:DSA | 203 | DSA_generate_parameters 211 EXIST::FUNCTION:DEPRECATED,DSA |
| 204 | DSA_is_prime 212 NOEXIST::FUNCTION: | 204 | DSA_is_prime 212 NOEXIST::FUNCTION: |
| 205 | DSA_new 213 EXIST::FUNCTION:DSA | 205 | DSA_new 213 EXIST::FUNCTION:DSA |
| 206 | DSA_print 214 EXIST::FUNCTION:BIO,DSA | 206 | DSA_print 214 EXIST::FUNCTION:BIO,DSA |
| @@ -474,7 +474,7 @@ RSAPrivateKey_dup 481 EXIST::FUNCTION:RSA | |||
| 474 | RSAPublicKey_dup 482 EXIST::FUNCTION:RSA | 474 | RSAPublicKey_dup 482 EXIST::FUNCTION:RSA |
| 475 | RSA_PKCS1_SSLeay 483 EXIST::FUNCTION:RSA | 475 | RSA_PKCS1_SSLeay 483 EXIST::FUNCTION:RSA |
| 476 | RSA_free 484 EXIST::FUNCTION:RSA | 476 | RSA_free 484 EXIST::FUNCTION:RSA |
| 477 | RSA_generate_key 485 EXIST::FUNCTION:RSA | 477 | RSA_generate_key 485 EXIST::FUNCTION:DEPRECATED,RSA |
| 478 | RSA_new 486 EXIST::FUNCTION:RSA | 478 | RSA_new 486 EXIST::FUNCTION:RSA |
| 479 | RSA_new_method 487 EXIST::FUNCTION:RSA | 479 | RSA_new_method 487 EXIST::FUNCTION:RSA |
| 480 | RSA_print 488 EXIST::FUNCTION:BIO,RSA | 480 | RSA_print 488 EXIST::FUNCTION:BIO,RSA |
| @@ -802,7 +802,7 @@ DES_set_odd_parity 809 EXIST::FUNCTION:DES | |||
| 802 | DES_string_to_2keys 810 EXIST::FUNCTION:DES | 802 | DES_string_to_2keys 810 EXIST::FUNCTION:DES |
| 803 | DES_string_to_key 811 EXIST::FUNCTION:DES | 803 | DES_string_to_key 811 EXIST::FUNCTION:DES |
| 804 | DES_xcbc_encrypt 812 EXIST::FUNCTION:DES | 804 | DES_xcbc_encrypt 812 EXIST::FUNCTION:DES |
| 805 | DES_xwhite_in2out 813 EXIST::FUNCTION:DES | 805 | DES_xwhite_in2out 813 NOEXIST::FUNCTION: |
| 806 | fcrypt_body 814 NOEXIST::FUNCTION: | 806 | fcrypt_body 814 NOEXIST::FUNCTION: |
| 807 | i2a_ASN1_INTEGER 815 EXIST::FUNCTION:BIO | 807 | i2a_ASN1_INTEGER 815 EXIST::FUNCTION:BIO |
| 808 | i2a_ASN1_OBJECT 816 EXIST::FUNCTION:BIO | 808 | i2a_ASN1_OBJECT 816 EXIST::FUNCTION:BIO |
| @@ -1104,7 +1104,7 @@ BN_RECP_CTX_set 1131 EXIST::FUNCTION: | |||
| 1104 | BN_mod_mul_reciprocal 1132 EXIST::FUNCTION: | 1104 | BN_mod_mul_reciprocal 1132 EXIST::FUNCTION: |
| 1105 | BN_mod_exp_recp 1133 EXIST::FUNCTION: | 1105 | BN_mod_exp_recp 1133 EXIST::FUNCTION: |
| 1106 | BN_div_recp 1134 EXIST::FUNCTION: | 1106 | BN_div_recp 1134 EXIST::FUNCTION: |
| 1107 | BN_CTX_init 1135 EXIST::FUNCTION: | 1107 | BN_CTX_init 1135 EXIST::FUNCTION:DEPRECATED |
| 1108 | BN_MONT_CTX_init 1136 EXIST::FUNCTION: | 1108 | BN_MONT_CTX_init 1136 EXIST::FUNCTION: |
| 1109 | RAND_get_rand_method 1137 EXIST::FUNCTION: | 1109 | RAND_get_rand_method 1137 EXIST::FUNCTION: |
| 1110 | PKCS7_add_attribute 1138 EXIST::FUNCTION: | 1110 | PKCS7_add_attribute 1138 EXIST::FUNCTION: |
| @@ -1221,8 +1221,8 @@ BIO_f_reliable 1244 EXIST::FUNCTION:BIO | |||
| 1221 | PKCS7_dataFinal 1245 EXIST::FUNCTION: | 1221 | PKCS7_dataFinal 1245 EXIST::FUNCTION: |
| 1222 | PKCS7_dataDecode 1246 EXIST::FUNCTION: | 1222 | PKCS7_dataDecode 1246 EXIST::FUNCTION: |
| 1223 | X509V3_EXT_CRL_add_conf 1247 EXIST::FUNCTION: | 1223 | X509V3_EXT_CRL_add_conf 1247 EXIST::FUNCTION: |
| 1224 | BN_set_params 1248 EXIST::FUNCTION: | 1224 | BN_set_params 1248 EXIST::FUNCTION:DEPRECATED |
| 1225 | BN_get_params 1249 EXIST::FUNCTION: | 1225 | BN_get_params 1249 EXIST::FUNCTION:DEPRECATED |
| 1226 | BIO_get_ex_num 1250 NOEXIST::FUNCTION: | 1226 | BIO_get_ex_num 1250 NOEXIST::FUNCTION: |
| 1227 | BIO_set_ex_free_func 1251 NOEXIST::FUNCTION: | 1227 | BIO_set_ex_free_func 1251 NOEXIST::FUNCTION: |
| 1228 | EVP_ripemd160 1252 EXIST::FUNCTION:RIPEMD | 1228 | EVP_ripemd160 1252 EXIST::FUNCTION:RIPEMD |
| @@ -1744,7 +1744,7 @@ X509_REQ_add1_attr_by_txt 2217 EXIST::FUNCTION: | |||
| 1744 | X509_ATTRIBUTE_create_by_txt 2218 EXIST::FUNCTION: | 1744 | X509_ATTRIBUTE_create_by_txt 2218 EXIST::FUNCTION: |
| 1745 | X509at_add1_attr_by_txt 2219 EXIST::FUNCTION: | 1745 | X509at_add1_attr_by_txt 2219 EXIST::FUNCTION: |
| 1746 | BN_pseudo_rand 2239 EXIST::FUNCTION: | 1746 | BN_pseudo_rand 2239 EXIST::FUNCTION: |
| 1747 | BN_is_prime_fasttest 2240 EXIST::FUNCTION: | 1747 | BN_is_prime_fasttest 2240 EXIST::FUNCTION:DEPRECATED |
| 1748 | BN_CTX_end 2241 EXIST::FUNCTION: | 1748 | BN_CTX_end 2241 EXIST::FUNCTION: |
| 1749 | BN_CTX_start 2242 EXIST::FUNCTION: | 1749 | BN_CTX_start 2242 EXIST::FUNCTION: |
| 1750 | BN_CTX_get 2243 EXIST::FUNCTION: | 1750 | BN_CTX_get 2243 EXIST::FUNCTION: |
| @@ -2071,7 +2071,7 @@ PKCS7_ATTR_SIGN_it 2632 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2071 | UI_add_error_string 2633 EXIST::FUNCTION: | 2071 | UI_add_error_string 2633 EXIST::FUNCTION: |
| 2072 | KRB5_CHECKSUM_free 2634 EXIST::FUNCTION: | 2072 | KRB5_CHECKSUM_free 2634 EXIST::FUNCTION: |
| 2073 | OCSP_REQUEST_get_ext 2635 EXIST::FUNCTION: | 2073 | OCSP_REQUEST_get_ext 2635 EXIST::FUNCTION: |
| 2074 | ENGINE_load_ubsec 2636 EXIST::FUNCTION:ENGINE | 2074 | ENGINE_load_ubsec 2636 EXIST::FUNCTION:ENGINE,STATIC_ENGINE |
| 2075 | ENGINE_register_all_digests 2637 EXIST::FUNCTION:ENGINE | 2075 | ENGINE_register_all_digests 2637 EXIST::FUNCTION:ENGINE |
| 2076 | PKEY_USAGE_PERIOD_it 2638 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2076 | PKEY_USAGE_PERIOD_it 2638 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2077 | PKEY_USAGE_PERIOD_it 2638 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2077 | PKEY_USAGE_PERIOD_it 2638 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2089,7 +2089,7 @@ OCSP_BASICRESP_get_ext_by_crit 2646 EXIST:VMS:FUNCTION: | |||
| 2089 | OCSP_cert_status_str 2647 EXIST::FUNCTION: | 2089 | OCSP_cert_status_str 2647 EXIST::FUNCTION: |
| 2090 | d2i_OCSP_REQUEST 2648 EXIST::FUNCTION: | 2090 | d2i_OCSP_REQUEST 2648 EXIST::FUNCTION: |
| 2091 | UI_dup_info_string 2649 EXIST::FUNCTION: | 2091 | UI_dup_info_string 2649 EXIST::FUNCTION: |
| 2092 | _ossl_old_des_xwhite_in2out 2650 EXIST::FUNCTION:DES | 2092 | _ossl_old_des_xwhite_in2out 2650 NOEXIST::FUNCTION: |
| 2093 | PKCS12_it 2651 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2093 | PKCS12_it 2651 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2094 | PKCS12_it 2651 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2094 | PKCS12_it 2651 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2095 | OCSP_SINGLERESP_get_ext_by_critical 2652 EXIST:!VMS:FUNCTION: | 2095 | OCSP_SINGLERESP_get_ext_by_critical 2652 EXIST:!VMS:FUNCTION: |
| @@ -2419,7 +2419,7 @@ UI_get_string_type 2916 EXIST::FUNCTION: | |||
| 2419 | ENGINE_unregister_DH 2917 EXIST::FUNCTION:ENGINE | 2419 | ENGINE_unregister_DH 2917 EXIST::FUNCTION:ENGINE |
| 2420 | ENGINE_register_all_DSA 2918 EXIST::FUNCTION:ENGINE | 2420 | ENGINE_register_all_DSA 2918 EXIST::FUNCTION:ENGINE |
| 2421 | OCSP_ONEREQ_get_ext_by_critical 2919 EXIST::FUNCTION: | 2421 | OCSP_ONEREQ_get_ext_by_critical 2919 EXIST::FUNCTION: |
| 2422 | bn_dup_expand 2920 EXIST::FUNCTION: | 2422 | bn_dup_expand 2920 EXIST::FUNCTION:DEPRECATED |
| 2423 | OCSP_cert_id_new 2921 EXIST::FUNCTION: | 2423 | OCSP_cert_id_new 2921 EXIST::FUNCTION: |
| 2424 | BASIC_CONSTRAINTS_it 2922 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2424 | BASIC_CONSTRAINTS_it 2922 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2425 | BASIC_CONSTRAINTS_it 2922 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2425 | BASIC_CONSTRAINTS_it 2922 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2545,7 +2545,7 @@ OCSP_RESPONSE_new 3023 EXIST::FUNCTION: | |||
| 2545 | AES_set_encrypt_key 3024 EXIST::FUNCTION:AES | 2545 | AES_set_encrypt_key 3024 EXIST::FUNCTION:AES |
| 2546 | OCSP_resp_count 3025 EXIST::FUNCTION: | 2546 | OCSP_resp_count 3025 EXIST::FUNCTION: |
| 2547 | KRB5_CHECKSUM_new 3026 EXIST::FUNCTION: | 2547 | KRB5_CHECKSUM_new 3026 EXIST::FUNCTION: |
| 2548 | ENGINE_load_cswift 3027 EXIST::FUNCTION:ENGINE | 2548 | ENGINE_load_cswift 3027 EXIST::FUNCTION:ENGINE,STATIC_ENGINE |
| 2549 | OCSP_onereq_get0_id 3028 EXIST::FUNCTION: | 2549 | OCSP_onereq_get0_id 3028 EXIST::FUNCTION: |
| 2550 | ENGINE_set_default_ciphers 3029 EXIST::FUNCTION:ENGINE | 2550 | ENGINE_set_default_ciphers 3029 EXIST::FUNCTION:ENGINE |
| 2551 | NOTICEREF_it 3030 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2551 | NOTICEREF_it 3030 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2576,7 +2576,7 @@ ASN1_primitive_free 3051 EXIST::FUNCTION: | |||
| 2576 | i2d_EXTENDED_KEY_USAGE 3052 EXIST::FUNCTION: | 2576 | i2d_EXTENDED_KEY_USAGE 3052 EXIST::FUNCTION: |
| 2577 | i2d_OCSP_SIGNATURE 3053 EXIST::FUNCTION: | 2577 | i2d_OCSP_SIGNATURE 3053 EXIST::FUNCTION: |
| 2578 | asn1_enc_save 3054 EXIST::FUNCTION: | 2578 | asn1_enc_save 3054 EXIST::FUNCTION: |
| 2579 | ENGINE_load_nuron 3055 EXIST::FUNCTION:ENGINE | 2579 | ENGINE_load_nuron 3055 EXIST::FUNCTION:ENGINE,STATIC_ENGINE |
| 2580 | _ossl_old_des_pcbc_encrypt 3056 EXIST::FUNCTION:DES | 2580 | _ossl_old_des_pcbc_encrypt 3056 EXIST::FUNCTION:DES |
| 2581 | PKCS12_MAC_DATA_it 3057 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2581 | PKCS12_MAC_DATA_it 3057 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2582 | PKCS12_MAC_DATA_it 3057 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2582 | PKCS12_MAC_DATA_it 3057 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2600,7 +2600,7 @@ asn1_get_choice_selector 3071 EXIST::FUNCTION: | |||
| 2600 | i2d_KRB5_CHECKSUM 3072 EXIST::FUNCTION: | 2600 | i2d_KRB5_CHECKSUM 3072 EXIST::FUNCTION: |
| 2601 | ENGINE_set_table_flags 3073 EXIST::FUNCTION:ENGINE | 2601 | ENGINE_set_table_flags 3073 EXIST::FUNCTION:ENGINE |
| 2602 | AES_options 3074 EXIST::FUNCTION:AES | 2602 | AES_options 3074 EXIST::FUNCTION:AES |
| 2603 | ENGINE_load_chil 3075 EXIST::FUNCTION:ENGINE | 2603 | ENGINE_load_chil 3075 EXIST::FUNCTION:ENGINE,STATIC_ENGINE |
| 2604 | OCSP_id_cmp 3076 EXIST::FUNCTION: | 2604 | OCSP_id_cmp 3076 EXIST::FUNCTION: |
| 2605 | OCSP_BASICRESP_new 3077 EXIST::FUNCTION: | 2605 | OCSP_BASICRESP_new 3077 EXIST::FUNCTION: |
| 2606 | OCSP_REQUEST_get_ext_by_NID 3078 EXIST::FUNCTION: | 2606 | OCSP_REQUEST_get_ext_by_NID 3078 EXIST::FUNCTION: |
| @@ -2667,7 +2667,7 @@ OCSP_CRLID_it 3127 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2667 | OCSP_CRLID_it 3127 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2667 | OCSP_CRLID_it 3127 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2668 | i2d_KRB5_AUTHENTBODY 3128 EXIST::FUNCTION: | 2668 | i2d_KRB5_AUTHENTBODY 3128 EXIST::FUNCTION: |
| 2669 | OCSP_REQUEST_get_ext_count 3129 EXIST::FUNCTION: | 2669 | OCSP_REQUEST_get_ext_count 3129 EXIST::FUNCTION: |
| 2670 | ENGINE_load_atalla 3130 EXIST::FUNCTION:ENGINE | 2670 | ENGINE_load_atalla 3130 EXIST::FUNCTION:ENGINE,STATIC_ENGINE |
| 2671 | X509_NAME_it 3131 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2671 | X509_NAME_it 3131 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2672 | X509_NAME_it 3131 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2672 | X509_NAME_it 3131 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2673 | USERNOTICE_it 3132 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2673 | USERNOTICE_it 3132 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2762,8 +2762,8 @@ DES_read_2passwords 3206 EXIST::FUNCTION:DES | |||
| 2762 | DES_read_password 3207 EXIST::FUNCTION:DES | 2762 | DES_read_password 3207 EXIST::FUNCTION:DES |
| 2763 | UI_UTIL_read_pw 3208 EXIST::FUNCTION: | 2763 | UI_UTIL_read_pw 3208 EXIST::FUNCTION: |
| 2764 | UI_UTIL_read_pw_string 3209 EXIST::FUNCTION: | 2764 | UI_UTIL_read_pw_string 3209 EXIST::FUNCTION: |
| 2765 | ENGINE_load_aep 3210 EXIST::FUNCTION:ENGINE | 2765 | ENGINE_load_aep 3210 EXIST::FUNCTION:ENGINE,STATIC_ENGINE |
| 2766 | ENGINE_load_sureware 3211 EXIST::FUNCTION:ENGINE | 2766 | ENGINE_load_sureware 3211 EXIST::FUNCTION:ENGINE,STATIC_ENGINE |
| 2767 | OPENSSL_add_all_algorithms_noconf 3212 EXIST:!VMS:FUNCTION: | 2767 | OPENSSL_add_all_algorithms_noconf 3212 EXIST:!VMS:FUNCTION: |
| 2768 | OPENSSL_add_all_algo_noconf 3212 EXIST:VMS:FUNCTION: | 2768 | OPENSSL_add_all_algo_noconf 3212 EXIST:VMS:FUNCTION: |
| 2769 | OPENSSL_add_all_algorithms_conf 3213 EXIST:!VMS:FUNCTION: | 2769 | OPENSSL_add_all_algorithms_conf 3213 EXIST:!VMS:FUNCTION: |
| @@ -2772,7 +2772,7 @@ OPENSSL_load_builtin_modules 3214 EXIST::FUNCTION: | |||
| 2772 | AES_ofb128_encrypt 3215 EXIST::FUNCTION:AES | 2772 | AES_ofb128_encrypt 3215 EXIST::FUNCTION:AES |
| 2773 | AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES | 2773 | AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES |
| 2774 | AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES | 2774 | AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES |
| 2775 | ENGINE_load_4758cca 3218 EXIST::FUNCTION:ENGINE | 2775 | ENGINE_load_4758cca 3218 EXIST::FUNCTION:ENGINE,STATIC_ENGINE |
| 2776 | _ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES | 2776 | _ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES |
| 2777 | EVP_aes_256_ofb 3220 EXIST::FUNCTION:AES | 2777 | EVP_aes_256_ofb 3220 EXIST::FUNCTION:AES |
| 2778 | EVP_aes_192_ofb 3221 EXIST::FUNCTION:AES | 2778 | EVP_aes_192_ofb 3221 EXIST::FUNCTION:AES |
| @@ -2804,57 +2804,57 @@ OPENSSL_cleanse 3245 EXIST::FUNCTION: | |||
| 2804 | ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE | 2804 | ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE |
| 2805 | ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH | 2805 | ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH |
| 2806 | EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES | 2806 | EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES |
| 2807 | FIPS_corrupt_rsa 3249 EXIST:OPENSSL_FIPS:FUNCTION: | 2807 | FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION: |
| 2808 | FIPS_selftest_des 3250 EXIST:OPENSSL_FIPS:FUNCTION: | 2808 | FIPS_selftest_des 3250 NOEXIST::FUNCTION: |
| 2809 | EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES | 2809 | EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES |
| 2810 | EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES | 2810 | EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES |
| 2811 | FIPS_mode_set 3253 EXIST:OPENSSL_FIPS:FUNCTION: | 2811 | FIPS_mode_set 3253 NOEXIST::FUNCTION: |
| 2812 | FIPS_selftest_dsa 3254 EXIST:OPENSSL_FIPS:FUNCTION: | 2812 | FIPS_selftest_dsa 3254 NOEXIST::FUNCTION: |
| 2813 | EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES | 2813 | EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES |
| 2814 | FIPS_allow_md5 3256 NOEXIST::FUNCTION: | 2814 | FIPS_allow_md5 3256 NOEXIST::FUNCTION: |
| 2815 | DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES | 2815 | DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES |
| 2816 | EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES | 2816 | EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES |
| 2817 | FIPS_rand_seeded 3259 EXIST:OPENSSL_FIPS:FUNCTION: | 2817 | FIPS_rand_seeded 3259 NOEXIST::FUNCTION: |
| 2818 | AES_cfbr_encrypt_block 3260 EXIST::FUNCTION:AES | 2818 | AES_cfbr_encrypt_block 3260 EXIST::FUNCTION:AES |
| 2819 | AES_cfb8_encrypt 3261 EXIST::FUNCTION:AES | 2819 | AES_cfb8_encrypt 3261 EXIST::FUNCTION:AES |
| 2820 | FIPS_rand_seed 3262 EXIST:OPENSSL_FIPS:FUNCTION: | 2820 | FIPS_rand_seed 3262 NOEXIST::FUNCTION: |
| 2821 | FIPS_corrupt_des 3263 EXIST:OPENSSL_FIPS:FUNCTION: | 2821 | FIPS_corrupt_des 3263 NOEXIST::FUNCTION: |
| 2822 | EVP_aes_192_cfb1 3264 EXIST::FUNCTION:AES | 2822 | EVP_aes_192_cfb1 3264 EXIST::FUNCTION:AES |
| 2823 | FIPS_selftest_aes 3265 EXIST:OPENSSL_FIPS:FUNCTION: | 2823 | FIPS_selftest_aes 3265 NOEXIST::FUNCTION: |
| 2824 | FIPS_set_prng_key 3266 EXIST:OPENSSL_FIPS:FUNCTION: | 2824 | FIPS_set_prng_key 3266 NOEXIST::FUNCTION: |
| 2825 | EVP_des_cfb8 3267 EXIST::FUNCTION:DES | 2825 | EVP_des_cfb8 3267 EXIST::FUNCTION:DES |
| 2826 | FIPS_corrupt_dsa 3268 EXIST:OPENSSL_FIPS:FUNCTION: | 2826 | FIPS_corrupt_dsa 3268 NOEXIST::FUNCTION: |
| 2827 | FIPS_test_mode 3269 EXIST:OPENSSL_FIPS:FUNCTION: | 2827 | FIPS_test_mode 3269 NOEXIST::FUNCTION: |
| 2828 | FIPS_rand_method 3270 EXIST:OPENSSL_FIPS:FUNCTION: | 2828 | FIPS_rand_method 3270 NOEXIST::FUNCTION: |
| 2829 | EVP_aes_256_cfb1 3271 EXIST::FUNCTION:AES | 2829 | EVP_aes_256_cfb1 3271 EXIST::FUNCTION:AES |
| 2830 | ERR_load_FIPS_strings 3272 EXIST:OPENSSL_FIPS:FUNCTION: | 2830 | ERR_load_FIPS_strings 3272 NOEXIST::FUNCTION: |
| 2831 | FIPS_corrupt_aes 3273 EXIST:OPENSSL_FIPS:FUNCTION: | 2831 | FIPS_corrupt_aes 3273 NOEXIST::FUNCTION: |
| 2832 | FIPS_selftest_sha1 3274 EXIST:OPENSSL_FIPS:FUNCTION: | 2832 | FIPS_selftest_sha1 3274 NOEXIST::FUNCTION: |
| 2833 | FIPS_selftest_rsa 3275 EXIST:OPENSSL_FIPS:FUNCTION: | 2833 | FIPS_selftest_rsa 3275 NOEXIST::FUNCTION: |
| 2834 | FIPS_corrupt_sha1 3276 EXIST:OPENSSL_FIPS:FUNCTION: | 2834 | FIPS_corrupt_sha1 3276 NOEXIST::FUNCTION: |
| 2835 | EVP_des_cfb1 3277 EXIST::FUNCTION:DES | 2835 | EVP_des_cfb1 3277 EXIST::FUNCTION:DES |
| 2836 | FIPS_dsa_check 3278 EXIST:OPENSSL_FIPS:FUNCTION: | 2836 | FIPS_dsa_check 3278 NOEXIST::FUNCTION: |
| 2837 | AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES | 2837 | AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES |
| 2838 | EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES | 2838 | EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES |
| 2839 | FIPS_rand_check 3281 EXIST:OPENSSL_FIPS:FUNCTION: | 2839 | FIPS_rand_check 3281 NOEXIST::FUNCTION: |
| 2840 | FIPS_md5_allowed 3282 NOEXIST::FUNCTION: | 2840 | FIPS_md5_allowed 3282 NOEXIST::FUNCTION: |
| 2841 | FIPS_mode 3283 EXIST:OPENSSL_FIPS:FUNCTION: | 2841 | FIPS_mode 3283 NOEXIST::FUNCTION: |
| 2842 | FIPS_selftest_failed 3284 EXIST:OPENSSL_FIPS:FUNCTION: | 2842 | FIPS_selftest_failed 3284 NOEXIST::FUNCTION: |
| 2843 | sk_is_sorted 3285 EXIST::FUNCTION: | 2843 | sk_is_sorted 3285 EXIST::FUNCTION: |
| 2844 | X509_check_ca 3286 EXIST::FUNCTION: | 2844 | X509_check_ca 3286 EXIST::FUNCTION: |
| 2845 | private_idea_set_encrypt_key 3287 EXIST:OPENSSL_FIPS:FUNCTION:IDEA | 2845 | private_idea_set_encrypt_key 3287 NOEXIST::FUNCTION: |
| 2846 | HMAC_CTX_set_flags 3288 EXIST::FUNCTION:HMAC | 2846 | HMAC_CTX_set_flags 3288 NOEXIST::FUNCTION: |
| 2847 | private_SHA_Init 3289 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA0 | 2847 | private_SHA_Init 3289 NOEXIST::FUNCTION: |
| 2848 | private_CAST_set_key 3290 EXIST:OPENSSL_FIPS:FUNCTION:CAST | 2848 | private_CAST_set_key 3290 NOEXIST::FUNCTION: |
| 2849 | private_RIPEMD160_Init 3291 EXIST:OPENSSL_FIPS:FUNCTION:RIPEMD | 2849 | private_RIPEMD160_Init 3291 NOEXIST::FUNCTION: |
| 2850 | private_RC5_32_set_key 3292 EXIST:OPENSSL_FIPS:FUNCTION:RC5 | 2850 | private_RC5_32_set_key 3292 NOEXIST::FUNCTION: |
| 2851 | private_MD5_Init 3293 EXIST:OPENSSL_FIPS:FUNCTION:MD5 | 2851 | private_MD5_Init 3293 NOEXIST::FUNCTION: |
| 2852 | private_RC4_set_key 3294 EXIST:OPENSSL_FIPS:FUNCTION:RC4 | 2852 | private_RC4_set_key 3294 NOEXIST::FUNCTION: |
| 2853 | private_MDC2_Init 3295 EXIST:OPENSSL_FIPS:FUNCTION:MDC2 | 2853 | private_MDC2_Init 3295 NOEXIST::FUNCTION: |
| 2854 | private_RC2_set_key 3296 EXIST:OPENSSL_FIPS:FUNCTION:RC2 | 2854 | private_RC2_set_key 3296 NOEXIST::FUNCTION: |
| 2855 | private_MD4_Init 3297 EXIST:OPENSSL_FIPS:FUNCTION:MD4 | 2855 | private_MD4_Init 3297 NOEXIST::FUNCTION: |
| 2856 | private_BF_set_key 3298 EXIST:OPENSSL_FIPS:FUNCTION:BF | 2856 | private_BF_set_key 3298 NOEXIST::FUNCTION: |
| 2857 | private_MD2_Init 3299 EXIST:OPENSSL_FIPS:FUNCTION:MD2 | 2857 | private_MD2_Init 3299 NOEXIST::FUNCTION: |
| 2858 | d2i_PROXY_CERT_INFO_EXTENSION 3300 EXIST::FUNCTION: | 2858 | d2i_PROXY_CERT_INFO_EXTENSION 3300 EXIST::FUNCTION: |
| 2859 | PROXY_POLICY_it 3301 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2859 | PROXY_POLICY_it 3301 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2860 | PROXY_POLICY_it 3301 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2860 | PROXY_POLICY_it 3301 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2868,13 +2868,13 @@ PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2868 | PROXY_POLICY_free 3308 EXIST::FUNCTION: | 2868 | PROXY_POLICY_free 3308 EXIST::FUNCTION: |
| 2869 | PROXY_POLICY_new 3309 EXIST::FUNCTION: | 2869 | PROXY_POLICY_new 3309 EXIST::FUNCTION: |
| 2870 | BN_MONT_CTX_set_locked 3310 EXIST::FUNCTION: | 2870 | BN_MONT_CTX_set_locked 3310 EXIST::FUNCTION: |
| 2871 | FIPS_selftest_rng 3311 EXIST:OPENSSL_FIPS:FUNCTION: | 2871 | FIPS_selftest_rng 3311 NOEXIST::FUNCTION: |
| 2872 | EVP_sha384 3312 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 | 2872 | EVP_sha384 3312 EXIST::FUNCTION:SHA,SHA512 |
| 2873 | EVP_sha512 3313 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 | 2873 | EVP_sha512 3313 EXIST::FUNCTION:SHA,SHA512 |
| 2874 | EVP_sha224 3314 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 | 2874 | EVP_sha224 3314 EXIST::FUNCTION:SHA,SHA256 |
| 2875 | EVP_sha256 3315 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 | 2875 | EVP_sha256 3315 EXIST::FUNCTION:SHA,SHA256 |
| 2876 | FIPS_selftest_hmac 3316 EXIST:OPENSSL_FIPS:FUNCTION: | 2876 | FIPS_selftest_hmac 3316 NOEXIST::FUNCTION: |
| 2877 | FIPS_corrupt_rng 3317 EXIST:OPENSSL_FIPS:FUNCTION: | 2877 | FIPS_corrupt_rng 3317 NOEXIST::FUNCTION: |
| 2878 | BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION: | 2878 | BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION: |
| 2879 | RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA | 2879 | RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA |
| 2880 | RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA | 2880 | RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA |
| @@ -2882,26 +2882,773 @@ RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA | |||
| 2882 | RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA | 2882 | RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA |
| 2883 | RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA | 2883 | RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA |
| 2884 | PKCS1_MGF1 3324 EXIST::FUNCTION:RSA | 2884 | PKCS1_MGF1 3324 EXIST::FUNCTION:RSA |
| 2885 | BN_X931_generate_Xpq 3325 EXIST:OPENSSL_FIPS:FUNCTION: | 2885 | BN_X931_generate_Xpq 3325 NOEXIST::FUNCTION: |
| 2886 | RSA_X931_generate_key 3326 EXIST:OPENSSL_FIPS:FUNCTION:RSA | 2886 | RSA_X931_generate_key 3326 NOEXIST::FUNCTION: |
| 2887 | BN_X931_derive_prime 3327 EXIST:OPENSSL_FIPS:FUNCTION: | 2887 | BN_X931_derive_prime 3327 NOEXIST::FUNCTION: |
| 2888 | BN_X931_generate_prime 3328 EXIST:OPENSSL_FIPS:FUNCTION: | 2888 | BN_X931_generate_prime 3328 NOEXIST::FUNCTION: |
| 2889 | RSA_X931_derive 3329 EXIST:OPENSSL_FIPS:FUNCTION:RSA | 2889 | RSA_X931_derive 3329 NOEXIST::FUNCTION: |
| 2890 | SHA512_Update 3356 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 | 2890 | BIO_new_dgram 3330 EXIST::FUNCTION: |
| 2891 | SHA256_Init 3479 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 | 2891 | BN_get0_nist_prime_384 3331 EXIST::FUNCTION: |
| 2892 | SHA224 3510 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 | 2892 | ERR_set_mark 3332 EXIST::FUNCTION: |
| 2893 | SHA384_Update 3551 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 | 2893 | X509_STORE_CTX_set0_crls 3333 EXIST::FUNCTION: |
| 2894 | SHA224_Final 3560 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 | 2894 | ENGINE_set_STORE 3334 EXIST::FUNCTION:ENGINE |
| 2895 | SHA224_Update 3562 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 | 2895 | ENGINE_register_ECDSA 3335 EXIST::FUNCTION:ENGINE |
| 2896 | SHA512_Final 3581 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 | 2896 | STORE_method_set_list_start_function 3336 EXIST:!VMS:FUNCTION: |
| 2897 | SHA224_Init 3631 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 | 2897 | STORE_meth_set_list_start_fn 3336 EXIST:VMS:FUNCTION: |
| 2898 | SHA512_Init 3633 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 | 2898 | BN_BLINDING_invert_ex 3337 EXIST::FUNCTION: |
| 2899 | SHA256 3654 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 | 2899 | NAME_CONSTRAINTS_free 3338 EXIST::FUNCTION: |
| 2900 | SHA256_Transform 3664 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 | 2900 | STORE_ATTR_INFO_set_number 3339 EXIST::FUNCTION: |
| 2901 | SHA512 3669 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 | 2901 | BN_BLINDING_get_thread_id 3340 EXIST::FUNCTION: |
| 2902 | SHA512_Transform 3675 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 | 2902 | X509_STORE_CTX_set0_param 3341 EXIST::FUNCTION: |
| 2903 | SHA256_Final 3712 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 | 2903 | POLICY_MAPPING_it 3342 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2904 | SHA384_Init 3737 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 | 2904 | POLICY_MAPPING_it 3342 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2905 | SHA384_Final 3740 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 | 2905 | STORE_parse_attrs_start 3343 EXIST::FUNCTION: |
| 2906 | SHA384 3745 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 | 2906 | POLICY_CONSTRAINTS_free 3344 EXIST::FUNCTION: |
| 2907 | SHA256_Update 3765 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 | 2907 | EVP_PKEY_add1_attr_by_NID 3345 EXIST::FUNCTION: |
| 2908 | BN_nist_mod_192 3346 EXIST::FUNCTION: | ||
| 2909 | EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC | ||
| 2910 | STORE_set_method 3348 EXIST::FUNCTION: | ||
| 2911 | GENERAL_SUBTREE_free 3349 EXIST::FUNCTION: | ||
| 2912 | NAME_CONSTRAINTS_it 3350 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | ||
| 2913 | NAME_CONSTRAINTS_it 3350 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | ||
| 2914 | ECDH_get_default_method 3351 EXIST::FUNCTION:ECDH | ||
| 2915 | PKCS12_add_safe 3352 EXIST::FUNCTION: | ||
| 2916 | EC_KEY_new_by_curve_name 3353 EXIST::FUNCTION:EC | ||
| 2917 | STORE_method_get_update_store_function 3354 EXIST:!VMS:FUNCTION: | ||
| 2918 | STORE_meth_get_update_store_fn 3354 EXIST:VMS:FUNCTION: | ||
| 2919 | ENGINE_register_ECDH 3355 EXIST::FUNCTION:ENGINE | ||
| 2920 | SHA512_Update 3356 EXIST::FUNCTION:SHA,SHA512 | ||
| 2921 | i2d_ECPrivateKey 3357 EXIST::FUNCTION:EC | ||
| 2922 | BN_get0_nist_prime_192 3358 EXIST::FUNCTION: | ||
| 2923 | STORE_modify_certificate 3359 EXIST::FUNCTION: | ||
| 2924 | EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC | ||
| 2925 | EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC | ||
| 2926 | BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION: | ||
| 2927 | STORE_ATTR_INFO_modify_number 3362 EXIST::FUNCTION: | ||
| 2928 | X509_keyid_get0 3363 EXIST::FUNCTION: | ||
| 2929 | ENGINE_load_gmp 3364 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE | ||
| 2930 | pitem_new 3365 EXIST::FUNCTION: | ||
| 2931 | BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION: | ||
| 2932 | STORE_list_public_key_endp 3367 EXIST::FUNCTION: | ||
| 2933 | o2i_ECPublicKey 3368 EXIST::FUNCTION:EC | ||
| 2934 | EC_KEY_copy 3369 EXIST::FUNCTION:EC | ||
| 2935 | BIO_dump_fp 3370 EXIST::FUNCTION:FP_API | ||
| 2936 | X509_policy_node_get0_parent 3371 EXIST::FUNCTION: | ||
| 2937 | EC_GROUP_check_discriminant 3372 EXIST::FUNCTION:EC | ||
| 2938 | i2o_ECPublicKey 3373 EXIST::FUNCTION:EC | ||
| 2939 | EC_KEY_precompute_mult 3374 EXIST::FUNCTION:EC | ||
| 2940 | a2i_IPADDRESS 3375 EXIST::FUNCTION: | ||
| 2941 | STORE_method_set_initialise_function 3376 EXIST:!VMS:FUNCTION: | ||
| 2942 | STORE_meth_set_initialise_fn 3376 EXIST:VMS:FUNCTION: | ||
| 2943 | X509_STORE_CTX_set_depth 3377 EXIST::FUNCTION: | ||
| 2944 | X509_VERIFY_PARAM_inherit 3378 EXIST::FUNCTION: | ||
| 2945 | EC_POINT_point2bn 3379 EXIST::FUNCTION:EC | ||
| 2946 | STORE_ATTR_INFO_set_dn 3380 EXIST::FUNCTION: | ||
| 2947 | X509_policy_tree_get0_policies 3381 EXIST::FUNCTION: | ||
| 2948 | EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC | ||
| 2949 | STORE_destroy_method 3383 EXIST::FUNCTION: | ||
| 2950 | ENGINE_unregister_STORE 3384 EXIST::FUNCTION:ENGINE | ||
| 2951 | EVP_PKEY_get1_EC_KEY 3385 EXIST::FUNCTION:EC | ||
| 2952 | STORE_ATTR_INFO_get0_number 3386 EXIST::FUNCTION: | ||
| 2953 | ENGINE_get_default_ECDH 3387 EXIST::FUNCTION:ENGINE | ||
| 2954 | EC_KEY_get_conv_form 3388 EXIST::FUNCTION:EC | ||
| 2955 | ASN1_OCTET_STRING_NDEF_it 3389 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | ||
| 2956 | ASN1_OCTET_STRING_NDEF_it 3389 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | ||
| 2957 | STORE_delete_public_key 3390 EXIST::FUNCTION: | ||
| 2958 | STORE_get_public_key 3391 EXIST::FUNCTION: | ||
| 2959 | STORE_modify_arbitrary 3392 EXIST::FUNCTION: | ||
| 2960 | ENGINE_get_static_state 3393 EXIST::FUNCTION:ENGINE | ||
| 2961 | pqueue_iterator 3394 EXIST::FUNCTION: | ||
| 2962 | ECDSA_SIG_new 3395 EXIST::FUNCTION:ECDSA | ||
| 2963 | OPENSSL_DIR_end 3396 EXIST::FUNCTION: | ||
| 2964 | BN_GF2m_mod_sqr 3397 EXIST::FUNCTION: | ||
| 2965 | EC_POINT_bn2point 3398 EXIST::FUNCTION:EC | ||
| 2966 | X509_VERIFY_PARAM_set_depth 3399 EXIST::FUNCTION: | ||
| 2967 | EC_KEY_set_asn1_flag 3400 EXIST::FUNCTION:EC | ||
| 2968 | STORE_get_method 3401 EXIST::FUNCTION: | ||
| 2969 | EC_KEY_get_key_method_data 3402 EXIST::FUNCTION:EC | ||
| 2970 | ECDSA_sign_ex 3403 EXIST::FUNCTION:ECDSA | ||
| 2971 | STORE_parse_attrs_end 3404 EXIST::FUNCTION: | ||
| 2972 | EC_GROUP_get_point_conversion_form 3405 EXIST:!VMS:FUNCTION:EC | ||
| 2973 | EC_GROUP_get_point_conv_form 3405 EXIST:VMS:FUNCTION:EC | ||
| 2974 | STORE_method_set_store_function 3406 EXIST::FUNCTION: | ||
| 2975 | STORE_ATTR_INFO_in 3407 EXIST::FUNCTION: | ||
| 2976 | PEM_read_bio_ECPKParameters 3408 EXIST::FUNCTION:EC | ||
| 2977 | EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC | ||
| 2978 | EVP_PKEY_add1_attr_by_txt 3410 EXIST::FUNCTION: | ||
| 2979 | BN_BLINDING_set_flags 3411 EXIST::FUNCTION: | ||
| 2980 | X509_VERIFY_PARAM_set1_policies 3412 EXIST::FUNCTION: | ||
| 2981 | X509_VERIFY_PARAM_set1_name 3413 EXIST::FUNCTION: | ||
| 2982 | X509_VERIFY_PARAM_set_purpose 3414 EXIST::FUNCTION: | ||
| 2983 | STORE_get_number 3415 EXIST::FUNCTION: | ||
| 2984 | ECDSA_sign_setup 3416 EXIST::FUNCTION:ECDSA | ||
| 2985 | BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION: | ||
| 2986 | EC_KEY_up_ref 3418 EXIST::FUNCTION:EC | ||
| 2987 | POLICY_MAPPING_free 3419 EXIST::FUNCTION: | ||
| 2988 | BN_GF2m_mod_div 3420 EXIST::FUNCTION: | ||
| 2989 | X509_VERIFY_PARAM_set_flags 3421 EXIST::FUNCTION: | ||
| 2990 | EC_KEY_free 3422 EXIST::FUNCTION:EC | ||
| 2991 | STORE_method_set_list_next_function 3423 EXIST:!VMS:FUNCTION: | ||
| 2992 | STORE_meth_set_list_next_fn 3423 EXIST:VMS:FUNCTION: | ||
| 2993 | PEM_write_bio_ECPrivateKey 3424 EXIST::FUNCTION:EC | ||
| 2994 | d2i_EC_PUBKEY 3425 EXIST::FUNCTION:EC | ||
| 2995 | STORE_method_get_generate_function 3426 EXIST:!VMS:FUNCTION: | ||
| 2996 | STORE_meth_get_generate_fn 3426 EXIST:VMS:FUNCTION: | ||
| 2997 | STORE_method_set_list_end_function 3427 EXIST:!VMS:FUNCTION: | ||
| 2998 | STORE_meth_set_list_end_fn 3427 EXIST:VMS:FUNCTION: | ||
| 2999 | pqueue_print 3428 EXIST::FUNCTION: | ||
| 3000 | EC_GROUP_have_precompute_mult 3429 EXIST::FUNCTION:EC | ||
| 3001 | EC_KEY_print_fp 3430 EXIST::FUNCTION:EC,FP_API | ||
| 3002 | BN_GF2m_mod_arr 3431 EXIST::FUNCTION: | ||
| 3003 | PEM_write_bio_X509_CERT_PAIR 3432 EXIST::FUNCTION: | ||
| 3004 | EVP_PKEY_cmp 3433 EXIST::FUNCTION: | ||
| 3005 | X509_policy_level_node_count 3434 EXIST::FUNCTION: | ||
| 3006 | STORE_new_engine 3435 EXIST::FUNCTION: | ||
| 3007 | STORE_list_public_key_start 3436 EXIST::FUNCTION: | ||
| 3008 | X509_VERIFY_PARAM_new 3437 EXIST::FUNCTION: | ||
| 3009 | ECDH_get_ex_data 3438 EXIST::FUNCTION:ECDH | ||
| 3010 | EVP_PKEY_get_attr 3439 EXIST::FUNCTION: | ||
| 3011 | ECDSA_do_sign 3440 EXIST::FUNCTION:ECDSA | ||
| 3012 | ENGINE_unregister_ECDH 3441 EXIST::FUNCTION:ENGINE | ||
| 3013 | ECDH_OpenSSL 3442 EXIST::FUNCTION:ECDH | ||
| 3014 | EC_KEY_set_conv_form 3443 EXIST::FUNCTION:EC | ||
| 3015 | EC_POINT_dup 3444 EXIST::FUNCTION:EC | ||
| 3016 | GENERAL_SUBTREE_new 3445 EXIST::FUNCTION: | ||
| 3017 | STORE_list_crl_endp 3446 EXIST::FUNCTION: | ||
| 3018 | EC_get_builtin_curves 3447 EXIST::FUNCTION:EC | ||
| 3019 | X509_policy_node_get0_qualifiers 3448 EXIST:!VMS:FUNCTION: | ||
| 3020 | X509_pcy_node_get0_qualifiers 3448 EXIST:VMS:FUNCTION: | ||
| 3021 | STORE_list_crl_end 3449 EXIST::FUNCTION: | ||
| 3022 | EVP_PKEY_set1_EC_KEY 3450 EXIST::FUNCTION:EC | ||
| 3023 | BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION: | ||
| 3024 | i2d_ECPrivateKey_bio 3452 EXIST::FUNCTION:BIO,EC | ||
| 3025 | ECPKParameters_print_fp 3453 EXIST::FUNCTION:EC,FP_API | ||
| 3026 | pqueue_find 3454 EXIST::FUNCTION: | ||
| 3027 | ECDSA_SIG_free 3455 EXIST::FUNCTION:ECDSA | ||
| 3028 | PEM_write_bio_ECPKParameters 3456 EXIST::FUNCTION:EC | ||
| 3029 | STORE_method_set_ctrl_function 3457 EXIST::FUNCTION: | ||
| 3030 | STORE_list_public_key_end 3458 EXIST::FUNCTION: | ||
| 3031 | EC_KEY_set_private_key 3459 EXIST::FUNCTION:EC | ||
| 3032 | pqueue_peek 3460 EXIST::FUNCTION: | ||
| 3033 | STORE_get_arbitrary 3461 EXIST::FUNCTION: | ||
| 3034 | STORE_store_crl 3462 EXIST::FUNCTION: | ||
| 3035 | X509_policy_node_get0_policy 3463 EXIST::FUNCTION: | ||
| 3036 | PKCS12_add_safes 3464 EXIST::FUNCTION: | ||
| 3037 | BN_BLINDING_convert_ex 3465 EXIST::FUNCTION: | ||
| 3038 | X509_policy_tree_free 3466 EXIST::FUNCTION: | ||
| 3039 | OPENSSL_ia32cap_loc 3467 EXIST::FUNCTION: | ||
| 3040 | BN_GF2m_poly2arr 3468 EXIST::FUNCTION: | ||
| 3041 | STORE_ctrl 3469 EXIST::FUNCTION: | ||
| 3042 | STORE_ATTR_INFO_compare 3470 EXIST::FUNCTION: | ||
| 3043 | BN_get0_nist_prime_224 3471 EXIST::FUNCTION: | ||
| 3044 | i2d_ECParameters 3472 EXIST::FUNCTION:EC | ||
| 3045 | i2d_ECPKParameters 3473 EXIST::FUNCTION:EC | ||
| 3046 | BN_GENCB_call 3474 EXIST::FUNCTION: | ||
| 3047 | d2i_ECPKParameters 3475 EXIST::FUNCTION:EC | ||
| 3048 | STORE_method_set_generate_function 3476 EXIST:!VMS:FUNCTION: | ||
| 3049 | STORE_meth_set_generate_fn 3476 EXIST:VMS:FUNCTION: | ||
| 3050 | ENGINE_set_ECDH 3477 EXIST::FUNCTION:ENGINE | ||
| 3051 | NAME_CONSTRAINTS_new 3478 EXIST::FUNCTION: | ||
| 3052 | SHA256_Init 3479 EXIST::FUNCTION:SHA,SHA256 | ||
| 3053 | EC_KEY_get0_public_key 3480 EXIST::FUNCTION:EC | ||
| 3054 | PEM_write_bio_EC_PUBKEY 3481 EXIST::FUNCTION:EC | ||
| 3055 | STORE_ATTR_INFO_set_cstr 3482 EXIST::FUNCTION: | ||
| 3056 | STORE_list_crl_next 3483 EXIST::FUNCTION: | ||
| 3057 | STORE_ATTR_INFO_in_range 3484 EXIST::FUNCTION: | ||
| 3058 | ECParameters_print 3485 EXIST::FUNCTION:BIO,EC | ||
| 3059 | STORE_method_set_delete_function 3486 EXIST:!VMS:FUNCTION: | ||
| 3060 | STORE_meth_set_delete_fn 3486 EXIST:VMS:FUNCTION: | ||
| 3061 | STORE_list_certificate_next 3487 EXIST::FUNCTION: | ||
| 3062 | ASN1_generate_nconf 3488 EXIST::FUNCTION: | ||
| 3063 | BUF_memdup 3489 EXIST::FUNCTION: | ||
| 3064 | BN_GF2m_mod_mul 3490 EXIST::FUNCTION: | ||
| 3065 | STORE_method_get_list_next_function 3491 EXIST:!VMS:FUNCTION: | ||
| 3066 | STORE_meth_get_list_next_fn 3491 EXIST:VMS:FUNCTION: | ||
| 3067 | STORE_ATTR_INFO_get0_dn 3492 EXIST::FUNCTION: | ||
| 3068 | STORE_list_private_key_next 3493 EXIST::FUNCTION: | ||
| 3069 | EC_GROUP_set_seed 3494 EXIST::FUNCTION:EC | ||
| 3070 | X509_VERIFY_PARAM_set_trust 3495 EXIST::FUNCTION: | ||
| 3071 | STORE_ATTR_INFO_free 3496 EXIST::FUNCTION: | ||
| 3072 | STORE_get_private_key 3497 EXIST::FUNCTION: | ||
| 3073 | EVP_PKEY_get_attr_count 3498 EXIST::FUNCTION: | ||
| 3074 | STORE_ATTR_INFO_new 3499 EXIST::FUNCTION: | ||
| 3075 | EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC | ||
| 3076 | STORE_method_set_revoke_function 3501 EXIST:!VMS:FUNCTION: | ||
| 3077 | STORE_meth_set_revoke_fn 3501 EXIST:VMS:FUNCTION: | ||
| 3078 | STORE_store_number 3502 EXIST::FUNCTION: | ||
| 3079 | BN_is_prime_ex 3503 EXIST::FUNCTION: | ||
| 3080 | STORE_revoke_public_key 3504 EXIST::FUNCTION: | ||
| 3081 | X509_STORE_CTX_get0_param 3505 EXIST::FUNCTION: | ||
| 3082 | STORE_delete_arbitrary 3506 EXIST::FUNCTION: | ||
| 3083 | PEM_read_X509_CERT_PAIR 3507 EXIST:!WIN16:FUNCTION: | ||
| 3084 | X509_STORE_set_depth 3508 EXIST::FUNCTION: | ||
| 3085 | ECDSA_get_ex_data 3509 EXIST::FUNCTION:ECDSA | ||
| 3086 | SHA224 3510 EXIST::FUNCTION:SHA,SHA256 | ||
| 3087 | BIO_dump_indent_fp 3511 EXIST::FUNCTION:FP_API | ||
| 3088 | EC_KEY_set_group 3512 EXIST::FUNCTION:EC | ||
| 3089 | BUF_strndup 3513 EXIST::FUNCTION: | ||
| 3090 | STORE_list_certificate_start 3514 EXIST::FUNCTION: | ||
| 3091 | BN_GF2m_mod 3515 EXIST::FUNCTION: | ||
| 3092 | X509_REQ_check_private_key 3516 EXIST::FUNCTION: | ||
| 3093 | EC_GROUP_get_seed_len 3517 EXIST::FUNCTION:EC | ||
| 3094 | ERR_load_STORE_strings 3518 EXIST::FUNCTION: | ||
| 3095 | PEM_read_bio_EC_PUBKEY 3519 EXIST::FUNCTION:EC | ||
| 3096 | STORE_list_private_key_end 3520 EXIST::FUNCTION: | ||
| 3097 | i2d_EC_PUBKEY 3521 EXIST::FUNCTION:EC | ||
| 3098 | ECDSA_get_default_method 3522 EXIST::FUNCTION:ECDSA | ||
| 3099 | ASN1_put_eoc 3523 EXIST::FUNCTION: | ||
| 3100 | X509_STORE_CTX_get_explicit_policy 3524 EXIST:!VMS:FUNCTION: | ||
| 3101 | X509_STORE_CTX_get_expl_policy 3524 EXIST:VMS:FUNCTION: | ||
| 3102 | X509_VERIFY_PARAM_table_cleanup 3525 EXIST::FUNCTION: | ||
| 3103 | STORE_modify_private_key 3526 EXIST::FUNCTION: | ||
| 3104 | X509_VERIFY_PARAM_free 3527 EXIST::FUNCTION: | ||
| 3105 | EC_METHOD_get_field_type 3528 EXIST::FUNCTION:EC | ||
| 3106 | EC_GFp_nist_method 3529 EXIST::FUNCTION:EC | ||
| 3107 | STORE_method_set_modify_function 3530 EXIST:!VMS:FUNCTION: | ||
| 3108 | STORE_meth_set_modify_fn 3530 EXIST:VMS:FUNCTION: | ||
| 3109 | STORE_parse_attrs_next 3531 EXIST::FUNCTION: | ||
| 3110 | ENGINE_load_padlock 3532 EXIST::FUNCTION:ENGINE | ||
| 3111 | EC_GROUP_set_curve_name 3533 EXIST::FUNCTION:EC | ||
| 3112 | X509_CERT_PAIR_it 3534 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | ||
| 3113 | X509_CERT_PAIR_it 3534 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | ||
| 3114 | STORE_method_get_revoke_function 3535 EXIST:!VMS:FUNCTION: | ||
| 3115 | STORE_meth_get_revoke_fn 3535 EXIST:VMS:FUNCTION: | ||
| 3116 | STORE_method_set_get_function 3536 EXIST::FUNCTION: | ||
| 3117 | STORE_modify_number 3537 EXIST::FUNCTION: | ||
| 3118 | STORE_method_get_store_function 3538 EXIST::FUNCTION: | ||
| 3119 | STORE_store_private_key 3539 EXIST::FUNCTION: | ||
| 3120 | BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION: | ||
| 3121 | RSA_setup_blinding 3541 EXIST::FUNCTION:RSA | ||
| 3122 | BIO_s_datagram 3542 EXIST::FUNCTION:DGRAM | ||
| 3123 | STORE_Memory 3543 EXIST::FUNCTION: | ||
| 3124 | sk_find_ex 3544 EXIST::FUNCTION: | ||
| 3125 | EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC | ||
| 3126 | ENGINE_set_default_ECDSA 3546 EXIST::FUNCTION:ENGINE | ||
| 3127 | POLICY_CONSTRAINTS_new 3547 EXIST::FUNCTION: | ||
| 3128 | BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION: | ||
| 3129 | ECDH_set_default_method 3549 EXIST::FUNCTION:ECDH | ||
| 3130 | EC_KEY_generate_key 3550 EXIST::FUNCTION:EC | ||
| 3131 | SHA384_Update 3551 EXIST::FUNCTION:SHA,SHA512 | ||
| 3132 | BN_GF2m_arr2poly 3552 EXIST::FUNCTION: | ||
| 3133 | STORE_method_get_get_function 3553 EXIST::FUNCTION: | ||
| 3134 | STORE_method_set_cleanup_function 3554 EXIST:!VMS:FUNCTION: | ||
| 3135 | STORE_meth_set_cleanup_fn 3554 EXIST:VMS:FUNCTION: | ||
| 3136 | EC_GROUP_check 3555 EXIST::FUNCTION:EC | ||
| 3137 | d2i_ECPrivateKey_bio 3556 EXIST::FUNCTION:BIO,EC | ||
| 3138 | EC_KEY_insert_key_method_data 3557 EXIST::FUNCTION:EC | ||
| 3139 | STORE_method_get_lock_store_function 3558 EXIST:!VMS:FUNCTION: | ||
| 3140 | STORE_meth_get_lock_store_fn 3558 EXIST:VMS:FUNCTION: | ||
| 3141 | X509_VERIFY_PARAM_get_depth 3559 EXIST::FUNCTION: | ||
| 3142 | SHA224_Final 3560 EXIST::FUNCTION:SHA,SHA256 | ||
| 3143 | STORE_method_set_update_store_function 3561 EXIST:!VMS:FUNCTION: | ||
| 3144 | STORE_meth_set_update_store_fn 3561 EXIST:VMS:FUNCTION: | ||
| 3145 | SHA224_Update 3562 EXIST::FUNCTION:SHA,SHA256 | ||
| 3146 | d2i_ECPrivateKey 3563 EXIST::FUNCTION:EC | ||
| 3147 | ASN1_item_ndef_i2d 3564 EXIST::FUNCTION: | ||
| 3148 | STORE_delete_private_key 3565 EXIST::FUNCTION: | ||
| 3149 | ERR_pop_to_mark 3566 EXIST::FUNCTION: | ||
| 3150 | ENGINE_register_all_STORE 3567 EXIST::FUNCTION:ENGINE | ||
| 3151 | X509_policy_level_get0_node 3568 EXIST::FUNCTION: | ||
| 3152 | i2d_PKCS7_NDEF 3569 EXIST::FUNCTION: | ||
| 3153 | EC_GROUP_get_degree 3570 EXIST::FUNCTION:EC | ||
| 3154 | ASN1_generate_v3 3571 EXIST::FUNCTION: | ||
| 3155 | STORE_ATTR_INFO_modify_cstr 3572 EXIST::FUNCTION: | ||
| 3156 | X509_policy_tree_level_count 3573 EXIST::FUNCTION: | ||
| 3157 | BN_GF2m_add 3574 EXIST::FUNCTION: | ||
| 3158 | EC_KEY_get0_group 3575 EXIST::FUNCTION:EC | ||
| 3159 | STORE_generate_crl 3576 EXIST::FUNCTION: | ||
| 3160 | STORE_store_public_key 3577 EXIST::FUNCTION: | ||
| 3161 | X509_CERT_PAIR_free 3578 EXIST::FUNCTION: | ||
| 3162 | STORE_revoke_private_key 3579 EXIST::FUNCTION: | ||
| 3163 | BN_nist_mod_224 3580 EXIST::FUNCTION: | ||
| 3164 | SHA512_Final 3581 EXIST::FUNCTION:SHA,SHA512 | ||
| 3165 | STORE_ATTR_INFO_modify_dn 3582 EXIST::FUNCTION: | ||
| 3166 | STORE_method_get_initialise_function 3583 EXIST:!VMS:FUNCTION: | ||
| 3167 | STORE_meth_get_initialise_fn 3583 EXIST:VMS:FUNCTION: | ||
| 3168 | STORE_delete_number 3584 EXIST::FUNCTION: | ||
| 3169 | i2d_EC_PUBKEY_bio 3585 EXIST::FUNCTION:BIO,EC | ||
| 3170 | BIO_dgram_non_fatal_error 3586 EXIST::FUNCTION: | ||
| 3171 | EC_GROUP_get_asn1_flag 3587 EXIST::FUNCTION:EC | ||
| 3172 | STORE_ATTR_INFO_in_ex 3588 EXIST::FUNCTION: | ||
| 3173 | STORE_list_crl_start 3589 EXIST::FUNCTION: | ||
| 3174 | ECDH_get_ex_new_index 3590 EXIST::FUNCTION:ECDH | ||
| 3175 | STORE_method_get_modify_function 3591 EXIST:!VMS:FUNCTION: | ||
| 3176 | STORE_meth_get_modify_fn 3591 EXIST:VMS:FUNCTION: | ||
| 3177 | v2i_ASN1_BIT_STRING 3592 EXIST::FUNCTION: | ||
| 3178 | STORE_store_certificate 3593 EXIST::FUNCTION: | ||
| 3179 | OBJ_bsearch_ex 3594 EXIST::FUNCTION: | ||
| 3180 | X509_STORE_CTX_set_default 3595 EXIST::FUNCTION: | ||
| 3181 | STORE_ATTR_INFO_set_sha1str 3596 EXIST::FUNCTION: | ||
| 3182 | BN_GF2m_mod_inv 3597 EXIST::FUNCTION: | ||
| 3183 | BN_GF2m_mod_exp 3598 EXIST::FUNCTION: | ||
| 3184 | STORE_modify_public_key 3599 EXIST::FUNCTION: | ||
| 3185 | STORE_method_get_list_start_function 3600 EXIST:!VMS:FUNCTION: | ||
| 3186 | STORE_meth_get_list_start_fn 3600 EXIST:VMS:FUNCTION: | ||
| 3187 | EC_GROUP_get0_seed 3601 EXIST::FUNCTION:EC | ||
| 3188 | STORE_store_arbitrary 3602 EXIST::FUNCTION: | ||
| 3189 | STORE_method_set_unlock_store_function 3603 EXIST:!VMS:FUNCTION: | ||
| 3190 | STORE_meth_set_unlock_store_fn 3603 EXIST:VMS:FUNCTION: | ||
| 3191 | BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION: | ||
| 3192 | ENGINE_set_ECDSA 3605 EXIST::FUNCTION:ENGINE | ||
| 3193 | STORE_create_method 3606 EXIST::FUNCTION: | ||
| 3194 | ECPKParameters_print 3607 EXIST::FUNCTION:BIO,EC | ||
| 3195 | EC_KEY_get0_private_key 3608 EXIST::FUNCTION:EC | ||
| 3196 | PEM_write_EC_PUBKEY 3609 EXIST:!WIN16:FUNCTION:EC | ||
| 3197 | X509_VERIFY_PARAM_set1 3610 EXIST::FUNCTION: | ||
| 3198 | ECDH_set_method 3611 EXIST::FUNCTION:ECDH | ||
| 3199 | v2i_GENERAL_NAME_ex 3612 EXIST::FUNCTION: | ||
| 3200 | ECDH_set_ex_data 3613 EXIST::FUNCTION:ECDH | ||
| 3201 | STORE_generate_key 3614 EXIST::FUNCTION: | ||
| 3202 | BN_nist_mod_521 3615 EXIST::FUNCTION: | ||
| 3203 | X509_policy_tree_get0_level 3616 EXIST::FUNCTION: | ||
| 3204 | EC_GROUP_set_point_conversion_form 3617 EXIST:!VMS:FUNCTION:EC | ||
| 3205 | EC_GROUP_set_point_conv_form 3617 EXIST:VMS:FUNCTION:EC | ||
| 3206 | PEM_read_EC_PUBKEY 3618 EXIST:!WIN16:FUNCTION:EC | ||
| 3207 | i2d_ECDSA_SIG 3619 EXIST::FUNCTION:ECDSA | ||
| 3208 | ECDSA_OpenSSL 3620 EXIST::FUNCTION:ECDSA | ||
| 3209 | STORE_delete_crl 3621 EXIST::FUNCTION: | ||
| 3210 | EC_KEY_get_enc_flags 3622 EXIST::FUNCTION:EC | ||
| 3211 | ASN1_const_check_infinite_end 3623 EXIST::FUNCTION: | ||
| 3212 | EVP_PKEY_delete_attr 3624 EXIST::FUNCTION: | ||
| 3213 | ECDSA_set_default_method 3625 EXIST::FUNCTION:ECDSA | ||
| 3214 | EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC | ||
| 3215 | EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC | ||
| 3216 | EC_GROUP_cmp 3627 EXIST::FUNCTION:EC | ||
| 3217 | STORE_revoke_certificate 3628 EXIST::FUNCTION: | ||
| 3218 | BN_get0_nist_prime_256 3629 EXIST::FUNCTION: | ||
| 3219 | STORE_method_get_delete_function 3630 EXIST:!VMS:FUNCTION: | ||
| 3220 | STORE_meth_get_delete_fn 3630 EXIST:VMS:FUNCTION: | ||
| 3221 | SHA224_Init 3631 EXIST::FUNCTION:SHA,SHA256 | ||
| 3222 | PEM_read_ECPrivateKey 3632 EXIST:!WIN16:FUNCTION:EC | ||
| 3223 | SHA512_Init 3633 EXIST::FUNCTION:SHA,SHA512 | ||
| 3224 | STORE_parse_attrs_endp 3634 EXIST::FUNCTION: | ||
| 3225 | BN_set_negative 3635 EXIST::FUNCTION: | ||
| 3226 | ERR_load_ECDSA_strings 3636 EXIST::FUNCTION:ECDSA | ||
| 3227 | EC_GROUP_get_basis_type 3637 EXIST::FUNCTION:EC | ||
| 3228 | STORE_list_public_key_next 3638 EXIST::FUNCTION: | ||
| 3229 | i2v_ASN1_BIT_STRING 3639 EXIST::FUNCTION: | ||
| 3230 | STORE_OBJECT_free 3640 EXIST::FUNCTION: | ||
| 3231 | BN_nist_mod_384 3641 EXIST::FUNCTION: | ||
| 3232 | i2d_X509_CERT_PAIR 3642 EXIST::FUNCTION: | ||
| 3233 | PEM_write_ECPKParameters 3643 EXIST:!WIN16:FUNCTION:EC | ||
| 3234 | ECDH_compute_key 3644 EXIST::FUNCTION:ECDH | ||
| 3235 | STORE_ATTR_INFO_get0_sha1str 3645 EXIST::FUNCTION: | ||
| 3236 | ENGINE_register_all_ECDH 3646 EXIST::FUNCTION:ENGINE | ||
| 3237 | pqueue_pop 3647 EXIST::FUNCTION: | ||
| 3238 | STORE_ATTR_INFO_get0_cstr 3648 EXIST::FUNCTION: | ||
| 3239 | POLICY_CONSTRAINTS_it 3649 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | ||
| 3240 | POLICY_CONSTRAINTS_it 3649 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | ||
| 3241 | STORE_get_ex_new_index 3650 EXIST::FUNCTION: | ||
| 3242 | EVP_PKEY_get_attr_by_OBJ 3651 EXIST::FUNCTION: | ||
| 3243 | X509_VERIFY_PARAM_add0_policy 3652 EXIST::FUNCTION: | ||
| 3244 | BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION: | ||
| 3245 | SHA256 3654 EXIST::FUNCTION:SHA,SHA256 | ||
| 3246 | i2d_ECPrivateKey_fp 3655 EXIST::FUNCTION:EC,FP_API | ||
| 3247 | X509_policy_tree_get0_user_policies 3656 EXIST:!VMS:FUNCTION: | ||
| 3248 | X509_pcy_tree_get0_usr_policies 3656 EXIST:VMS:FUNCTION: | ||
| 3249 | OPENSSL_DIR_read 3657 EXIST::FUNCTION: | ||
| 3250 | ENGINE_register_all_ECDSA 3658 EXIST::FUNCTION:ENGINE | ||
| 3251 | X509_VERIFY_PARAM_lookup 3659 EXIST::FUNCTION: | ||
| 3252 | EC_POINT_get_affine_coordinates_GF2m 3660 EXIST:!VMS:FUNCTION:EC | ||
| 3253 | EC_POINT_get_affine_coords_GF2m 3660 EXIST:VMS:FUNCTION:EC | ||
| 3254 | EC_GROUP_dup 3661 EXIST::FUNCTION:EC | ||
| 3255 | ENGINE_get_default_ECDSA 3662 EXIST::FUNCTION:ENGINE | ||
| 3256 | EC_KEY_new 3663 EXIST::FUNCTION:EC | ||
| 3257 | SHA256_Transform 3664 EXIST::FUNCTION:SHA,SHA256 | ||
| 3258 | EC_KEY_set_enc_flags 3665 EXIST::FUNCTION:EC | ||
| 3259 | ECDSA_verify 3666 EXIST::FUNCTION:ECDSA | ||
| 3260 | EC_POINT_point2hex 3667 EXIST::FUNCTION:EC | ||
| 3261 | ENGINE_get_STORE 3668 EXIST::FUNCTION:ENGINE | ||
| 3262 | SHA512 3669 EXIST::FUNCTION:SHA,SHA512 | ||
| 3263 | STORE_get_certificate 3670 EXIST::FUNCTION: | ||
| 3264 | ECDSA_do_sign_ex 3671 EXIST::FUNCTION:ECDSA | ||
| 3265 | ECDSA_do_verify 3672 EXIST::FUNCTION:ECDSA | ||
| 3266 | d2i_ECPrivateKey_fp 3673 EXIST::FUNCTION:EC,FP_API | ||
| 3267 | STORE_delete_certificate 3674 EXIST::FUNCTION: | ||
| 3268 | SHA512_Transform 3675 EXIST::FUNCTION:SHA,SHA512 | ||
| 3269 | X509_STORE_set1_param 3676 EXIST::FUNCTION: | ||
| 3270 | STORE_method_get_ctrl_function 3677 EXIST::FUNCTION: | ||
| 3271 | STORE_free 3678 EXIST::FUNCTION: | ||
| 3272 | PEM_write_ECPrivateKey 3679 EXIST:!WIN16:FUNCTION:EC | ||
| 3273 | STORE_method_get_unlock_store_function 3680 EXIST:!VMS:FUNCTION: | ||
| 3274 | STORE_meth_get_unlock_store_fn 3680 EXIST:VMS:FUNCTION: | ||
| 3275 | STORE_get_ex_data 3681 EXIST::FUNCTION: | ||
| 3276 | EC_KEY_set_public_key 3682 EXIST::FUNCTION:EC | ||
| 3277 | PEM_read_ECPKParameters 3683 EXIST:!WIN16:FUNCTION:EC | ||
| 3278 | X509_CERT_PAIR_new 3684 EXIST::FUNCTION: | ||
| 3279 | ENGINE_register_STORE 3685 EXIST::FUNCTION:ENGINE | ||
| 3280 | RSA_generate_key_ex 3686 EXIST::FUNCTION:RSA | ||
| 3281 | DSA_generate_parameters_ex 3687 EXIST::FUNCTION:DSA | ||
| 3282 | ECParameters_print_fp 3688 EXIST::FUNCTION:EC,FP_API | ||
| 3283 | X509V3_NAME_from_section 3689 EXIST::FUNCTION: | ||
| 3284 | EVP_PKEY_add1_attr 3690 EXIST::FUNCTION: | ||
| 3285 | STORE_modify_crl 3691 EXIST::FUNCTION: | ||
| 3286 | STORE_list_private_key_start 3692 EXIST::FUNCTION: | ||
| 3287 | POLICY_MAPPINGS_it 3693 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | ||
| 3288 | POLICY_MAPPINGS_it 3693 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | ||
| 3289 | GENERAL_SUBTREE_it 3694 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | ||
| 3290 | GENERAL_SUBTREE_it 3694 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | ||
| 3291 | EC_GROUP_get_curve_name 3695 EXIST::FUNCTION:EC | ||
| 3292 | PEM_write_X509_CERT_PAIR 3696 EXIST:!WIN16:FUNCTION: | ||
| 3293 | BIO_dump_indent_cb 3697 EXIST::FUNCTION: | ||
| 3294 | d2i_X509_CERT_PAIR 3698 EXIST::FUNCTION: | ||
| 3295 | STORE_list_private_key_endp 3699 EXIST::FUNCTION: | ||
| 3296 | asn1_const_Finish 3700 EXIST::FUNCTION: | ||
| 3297 | i2d_EC_PUBKEY_fp 3701 EXIST::FUNCTION:EC,FP_API | ||
| 3298 | BN_nist_mod_256 3702 EXIST::FUNCTION: | ||
| 3299 | X509_VERIFY_PARAM_add0_table 3703 EXIST::FUNCTION: | ||
| 3300 | pqueue_free 3704 EXIST::FUNCTION: | ||
| 3301 | BN_BLINDING_create_param 3705 EXIST::FUNCTION: | ||
| 3302 | ECDSA_size 3706 EXIST::FUNCTION:ECDSA | ||
| 3303 | d2i_EC_PUBKEY_bio 3707 EXIST::FUNCTION:BIO,EC | ||
| 3304 | BN_get0_nist_prime_521 3708 EXIST::FUNCTION: | ||
| 3305 | STORE_ATTR_INFO_modify_sha1str 3709 EXIST::FUNCTION: | ||
| 3306 | BN_generate_prime_ex 3710 EXIST::FUNCTION: | ||
| 3307 | EC_GROUP_new_by_curve_name 3711 EXIST::FUNCTION:EC | ||
| 3308 | SHA256_Final 3712 EXIST::FUNCTION:SHA,SHA256 | ||
| 3309 | DH_generate_parameters_ex 3713 EXIST::FUNCTION:DH | ||
| 3310 | PEM_read_bio_ECPrivateKey 3714 EXIST::FUNCTION:EC | ||
| 3311 | STORE_method_get_cleanup_function 3715 EXIST:!VMS:FUNCTION: | ||
| 3312 | STORE_meth_get_cleanup_fn 3715 EXIST:VMS:FUNCTION: | ||
| 3313 | ENGINE_get_ECDH 3716 EXIST::FUNCTION:ENGINE | ||
| 3314 | d2i_ECDSA_SIG 3717 EXIST::FUNCTION:ECDSA | ||
| 3315 | BN_is_prime_fasttest_ex 3718 EXIST::FUNCTION: | ||
| 3316 | ECDSA_sign 3719 EXIST::FUNCTION:ECDSA | ||
| 3317 | X509_policy_check 3720 EXIST::FUNCTION: | ||
| 3318 | EVP_PKEY_get_attr_by_NID 3721 EXIST::FUNCTION: | ||
| 3319 | STORE_set_ex_data 3722 EXIST::FUNCTION: | ||
| 3320 | ENGINE_get_ECDSA 3723 EXIST::FUNCTION:ENGINE | ||
| 3321 | EVP_ecdsa 3724 EXIST::FUNCTION:SHA | ||
| 3322 | BN_BLINDING_get_flags 3725 EXIST::FUNCTION: | ||
| 3323 | PKCS12_add_cert 3726 EXIST::FUNCTION: | ||
| 3324 | STORE_OBJECT_new 3727 EXIST::FUNCTION: | ||
| 3325 | ERR_load_ECDH_strings 3728 EXIST::FUNCTION:ECDH | ||
| 3326 | EC_KEY_dup 3729 EXIST::FUNCTION:EC | ||
| 3327 | EVP_CIPHER_CTX_rand_key 3730 EXIST::FUNCTION: | ||
| 3328 | ECDSA_set_method 3731 EXIST::FUNCTION:ECDSA | ||
| 3329 | a2i_IPADDRESS_NC 3732 EXIST::FUNCTION: | ||
| 3330 | d2i_ECParameters 3733 EXIST::FUNCTION:EC | ||
| 3331 | STORE_list_certificate_end 3734 EXIST::FUNCTION: | ||
| 3332 | STORE_get_crl 3735 EXIST::FUNCTION: | ||
| 3333 | X509_POLICY_NODE_print 3736 EXIST::FUNCTION: | ||
| 3334 | SHA384_Init 3737 EXIST::FUNCTION:SHA,SHA512 | ||
| 3335 | EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC | ||
| 3336 | ECDSA_set_ex_data 3739 EXIST::FUNCTION:ECDSA | ||
| 3337 | SHA384_Final 3740 EXIST::FUNCTION:SHA,SHA512 | ||
| 3338 | PKCS7_set_digest 3741 EXIST::FUNCTION: | ||
| 3339 | EC_KEY_print 3742 EXIST::FUNCTION:BIO,EC | ||
| 3340 | STORE_method_set_lock_store_function 3743 EXIST:!VMS:FUNCTION: | ||
| 3341 | STORE_meth_set_lock_store_fn 3743 EXIST:VMS:FUNCTION: | ||
| 3342 | ECDSA_get_ex_new_index 3744 EXIST::FUNCTION:ECDSA | ||
| 3343 | SHA384 3745 EXIST::FUNCTION:SHA,SHA512 | ||
| 3344 | POLICY_MAPPING_new 3746 EXIST::FUNCTION: | ||
| 3345 | STORE_list_certificate_endp 3747 EXIST::FUNCTION: | ||
| 3346 | X509_STORE_CTX_get0_policy_tree 3748 EXIST::FUNCTION: | ||
| 3347 | EC_GROUP_set_asn1_flag 3749 EXIST::FUNCTION:EC | ||
| 3348 | EC_KEY_check_key 3750 EXIST::FUNCTION:EC | ||
| 3349 | d2i_EC_PUBKEY_fp 3751 EXIST::FUNCTION:EC,FP_API | ||
| 3350 | PKCS7_set0_type_other 3752 EXIST::FUNCTION: | ||
| 3351 | PEM_read_bio_X509_CERT_PAIR 3753 EXIST::FUNCTION: | ||
| 3352 | pqueue_next 3754 EXIST::FUNCTION: | ||
| 3353 | STORE_method_get_list_end_function 3755 EXIST:!VMS:FUNCTION: | ||
| 3354 | STORE_meth_get_list_end_fn 3755 EXIST:VMS:FUNCTION: | ||
| 3355 | EVP_PKEY_add1_attr_by_OBJ 3756 EXIST::FUNCTION: | ||
| 3356 | X509_VERIFY_PARAM_set_time 3757 EXIST::FUNCTION: | ||
| 3357 | pqueue_new 3758 EXIST::FUNCTION: | ||
| 3358 | ENGINE_set_default_ECDH 3759 EXIST::FUNCTION:ENGINE | ||
| 3359 | STORE_new_method 3760 EXIST::FUNCTION: | ||
| 3360 | PKCS12_add_key 3761 EXIST::FUNCTION: | ||
| 3361 | DSO_merge 3762 EXIST::FUNCTION: | ||
| 3362 | EC_POINT_hex2point 3763 EXIST::FUNCTION:EC | ||
| 3363 | BIO_dump_cb 3764 EXIST::FUNCTION: | ||
| 3364 | SHA256_Update 3765 EXIST::FUNCTION:SHA,SHA256 | ||
| 3365 | pqueue_insert 3766 EXIST::FUNCTION: | ||
| 3366 | pitem_free 3767 EXIST::FUNCTION: | ||
| 3367 | BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION: | ||
| 3368 | ENGINE_unregister_ECDSA 3769 EXIST::FUNCTION:ENGINE | ||
| 3369 | BN_BLINDING_set_thread_id 3770 EXIST::FUNCTION: | ||
| 3370 | get_rfc3526_prime_8192 3771 EXIST::FUNCTION: | ||
| 3371 | X509_VERIFY_PARAM_clear_flags 3772 EXIST::FUNCTION: | ||
| 3372 | get_rfc2409_prime_1024 3773 EXIST::FUNCTION: | ||
| 3373 | DH_check_pub_key 3774 EXIST::FUNCTION:DH | ||
| 3374 | get_rfc3526_prime_2048 3775 EXIST::FUNCTION: | ||
| 3375 | get_rfc3526_prime_6144 3776 EXIST::FUNCTION: | ||
| 3376 | get_rfc3526_prime_1536 3777 EXIST::FUNCTION: | ||
| 3377 | get_rfc3526_prime_3072 3778 EXIST::FUNCTION: | ||
| 3378 | get_rfc3526_prime_4096 3779 EXIST::FUNCTION: | ||
| 3379 | get_rfc2409_prime_768 3780 EXIST::FUNCTION: | ||
| 3380 | X509_VERIFY_PARAM_get_flags 3781 EXIST::FUNCTION: | ||
| 3381 | EVP_CIPHER_CTX_new 3782 EXIST::FUNCTION: | ||
| 3382 | EVP_CIPHER_CTX_free 3783 EXIST::FUNCTION: | ||
| 3383 | Camellia_cbc_encrypt 3784 EXIST::FUNCTION:CAMELLIA | ||
| 3384 | Camellia_cfb128_encrypt 3785 EXIST::FUNCTION:CAMELLIA | ||
| 3385 | Camellia_cfb1_encrypt 3786 EXIST::FUNCTION:CAMELLIA | ||
| 3386 | Camellia_cfb8_encrypt 3787 EXIST::FUNCTION:CAMELLIA | ||
| 3387 | Camellia_ctr128_encrypt 3788 EXIST::FUNCTION:CAMELLIA | ||
| 3388 | Camellia_cfbr_encrypt_block 3789 EXIST::FUNCTION:CAMELLIA | ||
| 3389 | Camellia_decrypt 3790 EXIST::FUNCTION:CAMELLIA | ||
| 3390 | Camellia_ecb_encrypt 3791 EXIST::FUNCTION:CAMELLIA | ||
| 3391 | Camellia_encrypt 3792 EXIST::FUNCTION:CAMELLIA | ||
| 3392 | Camellia_ofb128_encrypt 3793 EXIST::FUNCTION:CAMELLIA | ||
| 3393 | Camellia_set_key 3794 EXIST::FUNCTION:CAMELLIA | ||
| 3394 | EVP_camellia_128_cbc 3795 EXIST::FUNCTION:CAMELLIA | ||
| 3395 | EVP_camellia_128_cfb128 3796 EXIST::FUNCTION:CAMELLIA | ||
| 3396 | EVP_camellia_128_cfb1 3797 EXIST::FUNCTION:CAMELLIA | ||
| 3397 | EVP_camellia_128_cfb8 3798 EXIST::FUNCTION:CAMELLIA | ||
| 3398 | EVP_camellia_128_ecb 3799 EXIST::FUNCTION:CAMELLIA | ||
| 3399 | EVP_camellia_128_ofb 3800 EXIST::FUNCTION:CAMELLIA | ||
| 3400 | EVP_camellia_192_cbc 3801 EXIST::FUNCTION:CAMELLIA | ||
| 3401 | EVP_camellia_192_cfb128 3802 EXIST::FUNCTION:CAMELLIA | ||
| 3402 | EVP_camellia_192_cfb1 3803 EXIST::FUNCTION:CAMELLIA | ||
| 3403 | EVP_camellia_192_cfb8 3804 EXIST::FUNCTION:CAMELLIA | ||
| 3404 | EVP_camellia_192_ecb 3805 EXIST::FUNCTION:CAMELLIA | ||
| 3405 | EVP_camellia_192_ofb 3806 EXIST::FUNCTION:CAMELLIA | ||
| 3406 | EVP_camellia_256_cbc 3807 EXIST::FUNCTION:CAMELLIA | ||
| 3407 | EVP_camellia_256_cfb128 3808 EXIST::FUNCTION:CAMELLIA | ||
| 3408 | EVP_camellia_256_cfb1 3809 EXIST::FUNCTION:CAMELLIA | ||
| 3409 | EVP_camellia_256_cfb8 3810 EXIST::FUNCTION:CAMELLIA | ||
| 3410 | EVP_camellia_256_ecb 3811 EXIST::FUNCTION:CAMELLIA | ||
| 3411 | EVP_camellia_256_ofb 3812 EXIST::FUNCTION:CAMELLIA | ||
| 3412 | a2i_ipadd 3813 EXIST::FUNCTION: | ||
| 3413 | ASIdentifiers_free 3814 EXIST::FUNCTION:RFC3779 | ||
| 3414 | i2d_ASIdOrRange 3815 EXIST::FUNCTION:RFC3779 | ||
| 3415 | EVP_CIPHER_block_size 3816 EXIST::FUNCTION: | ||
| 3416 | v3_asid_is_canonical 3817 EXIST::FUNCTION:RFC3779 | ||
| 3417 | IPAddressChoice_free 3818 EXIST::FUNCTION:RFC3779 | ||
| 3418 | EVP_CIPHER_CTX_set_app_data 3819 EXIST::FUNCTION: | ||
| 3419 | BIO_set_callback_arg 3820 EXIST::FUNCTION: | ||
| 3420 | v3_addr_add_prefix 3821 EXIST::FUNCTION:RFC3779 | ||
| 3421 | IPAddressOrRange_it 3822 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 | ||
| 3422 | IPAddressOrRange_it 3822 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 | ||
| 3423 | BIO_set_flags 3823 EXIST::FUNCTION: | ||
| 3424 | ASIdentifiers_it 3824 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 | ||
| 3425 | ASIdentifiers_it 3824 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 | ||
| 3426 | v3_addr_get_range 3825 EXIST::FUNCTION:RFC3779 | ||
| 3427 | BIO_method_type 3826 EXIST::FUNCTION: | ||
| 3428 | v3_addr_inherits 3827 EXIST::FUNCTION:RFC3779 | ||
| 3429 | IPAddressChoice_it 3828 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 | ||
| 3430 | IPAddressChoice_it 3828 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 | ||
| 3431 | AES_ige_encrypt 3829 EXIST::FUNCTION:AES | ||
| 3432 | v3_addr_add_range 3830 EXIST::FUNCTION:RFC3779 | ||
| 3433 | EVP_CIPHER_CTX_nid 3831 EXIST::FUNCTION: | ||
| 3434 | d2i_ASRange 3832 EXIST::FUNCTION:RFC3779 | ||
| 3435 | v3_addr_add_inherit 3833 EXIST::FUNCTION:RFC3779 | ||
| 3436 | v3_asid_add_id_or_range 3834 EXIST::FUNCTION:RFC3779 | ||
| 3437 | v3_addr_validate_resource_set 3835 EXIST::FUNCTION:RFC3779 | ||
| 3438 | EVP_CIPHER_iv_length 3836 EXIST::FUNCTION: | ||
| 3439 | EVP_MD_type 3837 EXIST::FUNCTION: | ||
| 3440 | v3_asid_canonize 3838 EXIST::FUNCTION:RFC3779 | ||
| 3441 | IPAddressRange_free 3839 EXIST::FUNCTION:RFC3779 | ||
| 3442 | v3_asid_add_inherit 3840 EXIST::FUNCTION:RFC3779 | ||
| 3443 | EVP_CIPHER_CTX_key_length 3841 EXIST::FUNCTION: | ||
| 3444 | IPAddressRange_new 3842 EXIST::FUNCTION:RFC3779 | ||
| 3445 | ASIdOrRange_new 3843 EXIST::FUNCTION:RFC3779 | ||
| 3446 | EVP_MD_size 3844 EXIST::FUNCTION: | ||
| 3447 | EVP_MD_CTX_test_flags 3845 EXIST::FUNCTION: | ||
| 3448 | BIO_clear_flags 3846 EXIST::FUNCTION: | ||
| 3449 | i2d_ASRange 3847 EXIST::FUNCTION:RFC3779 | ||
| 3450 | IPAddressRange_it 3848 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 | ||
| 3451 | IPAddressRange_it 3848 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 | ||
| 3452 | IPAddressChoice_new 3849 EXIST::FUNCTION:RFC3779 | ||
| 3453 | ASIdentifierChoice_new 3850 EXIST::FUNCTION:RFC3779 | ||
| 3454 | ASRange_free 3851 EXIST::FUNCTION:RFC3779 | ||
| 3455 | EVP_MD_pkey_type 3852 EXIST::FUNCTION: | ||
| 3456 | EVP_MD_CTX_clear_flags 3853 EXIST::FUNCTION: | ||
| 3457 | IPAddressFamily_free 3854 EXIST::FUNCTION:RFC3779 | ||
| 3458 | i2d_IPAddressFamily 3855 EXIST::FUNCTION:RFC3779 | ||
| 3459 | IPAddressOrRange_new 3856 EXIST::FUNCTION:RFC3779 | ||
| 3460 | EVP_CIPHER_flags 3857 EXIST::FUNCTION: | ||
| 3461 | v3_asid_validate_resource_set 3858 EXIST::FUNCTION:RFC3779 | ||
| 3462 | d2i_IPAddressRange 3859 EXIST::FUNCTION:RFC3779 | ||
| 3463 | AES_bi_ige_encrypt 3860 EXIST::FUNCTION:AES | ||
| 3464 | BIO_get_callback 3861 EXIST::FUNCTION: | ||
| 3465 | IPAddressOrRange_free 3862 EXIST::FUNCTION:RFC3779 | ||
| 3466 | v3_addr_subset 3863 EXIST::FUNCTION:RFC3779 | ||
| 3467 | d2i_IPAddressFamily 3864 EXIST::FUNCTION:RFC3779 | ||
| 3468 | v3_asid_subset 3865 EXIST::FUNCTION:RFC3779 | ||
| 3469 | BIO_test_flags 3866 EXIST::FUNCTION: | ||
| 3470 | i2d_ASIdentifierChoice 3867 EXIST::FUNCTION:RFC3779 | ||
| 3471 | ASRange_it 3868 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 | ||
| 3472 | ASRange_it 3868 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 | ||
| 3473 | d2i_ASIdentifiers 3869 EXIST::FUNCTION:RFC3779 | ||
| 3474 | ASRange_new 3870 EXIST::FUNCTION:RFC3779 | ||
| 3475 | d2i_IPAddressChoice 3871 EXIST::FUNCTION:RFC3779 | ||
| 3476 | v3_addr_get_afi 3872 EXIST::FUNCTION:RFC3779 | ||
| 3477 | EVP_CIPHER_key_length 3873 EXIST::FUNCTION: | ||
| 3478 | EVP_Cipher 3874 EXIST::FUNCTION: | ||
| 3479 | i2d_IPAddressOrRange 3875 EXIST::FUNCTION:RFC3779 | ||
| 3480 | ASIdOrRange_it 3876 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 | ||
| 3481 | ASIdOrRange_it 3876 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 | ||
| 3482 | EVP_CIPHER_nid 3877 EXIST::FUNCTION: | ||
| 3483 | i2d_IPAddressChoice 3878 EXIST::FUNCTION:RFC3779 | ||
| 3484 | EVP_CIPHER_CTX_block_size 3879 EXIST::FUNCTION: | ||
| 3485 | ASIdentifiers_new 3880 EXIST::FUNCTION:RFC3779 | ||
| 3486 | v3_addr_validate_path 3881 EXIST::FUNCTION:RFC3779 | ||
| 3487 | IPAddressFamily_new 3882 EXIST::FUNCTION:RFC3779 | ||
| 3488 | EVP_MD_CTX_set_flags 3883 EXIST::FUNCTION: | ||
| 3489 | v3_addr_is_canonical 3884 EXIST::FUNCTION:RFC3779 | ||
| 3490 | i2d_IPAddressRange 3885 EXIST::FUNCTION:RFC3779 | ||
| 3491 | IPAddressFamily_it 3886 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 | ||
| 3492 | IPAddressFamily_it 3886 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 | ||
| 3493 | v3_asid_inherits 3887 EXIST::FUNCTION:RFC3779 | ||
| 3494 | EVP_CIPHER_CTX_cipher 3888 EXIST::FUNCTION: | ||
| 3495 | EVP_CIPHER_CTX_get_app_data 3889 EXIST::FUNCTION: | ||
| 3496 | EVP_MD_block_size 3890 EXIST::FUNCTION: | ||
| 3497 | EVP_CIPHER_CTX_flags 3891 EXIST::FUNCTION: | ||
| 3498 | v3_asid_validate_path 3892 EXIST::FUNCTION:RFC3779 | ||
| 3499 | d2i_IPAddressOrRange 3893 EXIST::FUNCTION:RFC3779 | ||
| 3500 | v3_addr_canonize 3894 EXIST::FUNCTION:RFC3779 | ||
| 3501 | ASIdentifierChoice_it 3895 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 | ||
| 3502 | ASIdentifierChoice_it 3895 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 | ||
| 3503 | EVP_MD_CTX_md 3896 EXIST::FUNCTION: | ||
| 3504 | d2i_ASIdentifierChoice 3897 EXIST::FUNCTION:RFC3779 | ||
| 3505 | BIO_method_name 3898 EXIST::FUNCTION: | ||
| 3506 | EVP_CIPHER_CTX_iv_length 3899 EXIST::FUNCTION: | ||
| 3507 | ASIdOrRange_free 3900 EXIST::FUNCTION:RFC3779 | ||
| 3508 | ASIdentifierChoice_free 3901 EXIST::FUNCTION:RFC3779 | ||
| 3509 | BIO_get_callback_arg 3902 EXIST::FUNCTION: | ||
| 3510 | BIO_set_callback 3903 EXIST::FUNCTION: | ||
| 3511 | d2i_ASIdOrRange 3904 EXIST::FUNCTION:RFC3779 | ||
| 3512 | i2d_ASIdentifiers 3905 EXIST::FUNCTION:RFC3779 | ||
| 3513 | SEED_decrypt 3908 EXIST::FUNCTION:SEED | ||
| 3514 | SEED_encrypt 3909 EXIST::FUNCTION:SEED | ||
| 3515 | SEED_cbc_encrypt 3910 EXIST::FUNCTION:SEED | ||
| 3516 | EVP_seed_ofb 3911 EXIST::FUNCTION:SEED | ||
| 3517 | SEED_cfb128_encrypt 3912 EXIST::FUNCTION:SEED | ||
| 3518 | SEED_ofb128_encrypt 3913 EXIST::FUNCTION:SEED | ||
| 3519 | EVP_seed_cbc 3914 EXIST::FUNCTION:SEED | ||
| 3520 | SEED_ecb_encrypt 3915 EXIST::FUNCTION:SEED | ||
| 3521 | EVP_seed_ecb 3916 EXIST::FUNCTION:SEED | ||
| 3522 | SEED_set_key 3917 EXIST::FUNCTION:SEED | ||
| 3523 | EVP_seed_cfb128 3918 EXIST::FUNCTION:SEED | ||
| 3524 | X509_EXTENSIONS_it 3919 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | ||
| 3525 | X509_EXTENSIONS_it 3919 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | ||
| 3526 | X509_get1_ocsp 3920 EXIST::FUNCTION: | ||
| 3527 | OCSP_REQ_CTX_free 3921 EXIST::FUNCTION: | ||
| 3528 | i2d_X509_EXTENSIONS 3922 EXIST::FUNCTION: | ||
| 3529 | OCSP_sendreq_nbio 3923 EXIST::FUNCTION: | ||
| 3530 | OCSP_sendreq_new 3924 EXIST::FUNCTION: | ||
| 3531 | d2i_X509_EXTENSIONS 3925 EXIST::FUNCTION: | ||
| 3532 | X509_ALGORS_it 3926 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | ||
| 3533 | X509_ALGORS_it 3926 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | ||
| 3534 | X509_ALGOR_get0 3927 EXIST::FUNCTION: | ||
| 3535 | X509_ALGOR_set0 3928 EXIST::FUNCTION: | ||
| 3536 | AES_unwrap_key 3929 EXIST::FUNCTION:AES | ||
| 3537 | AES_wrap_key 3930 EXIST::FUNCTION:AES | ||
| 3538 | X509at_get0_data_by_OBJ 3931 EXIST::FUNCTION: | ||
| 3539 | ASN1_TYPE_set1 3932 EXIST::FUNCTION: | ||
| 3540 | ASN1_STRING_set0 3933 EXIST::FUNCTION: | ||
| 3541 | i2d_X509_ALGORS 3934 EXIST::FUNCTION: | ||
| 3542 | BIO_f_zlib 3935 EXIST:ZLIB:FUNCTION: | ||
| 3543 | COMP_zlib_cleanup 3936 EXIST::FUNCTION: | ||
| 3544 | d2i_X509_ALGORS 3937 EXIST::FUNCTION: | ||
| 3545 | CMS_ReceiptRequest_free 3938 EXIST::FUNCTION:CMS | ||
| 3546 | PEM_write_CMS 3939 EXIST:!WIN16:FUNCTION:CMS | ||
| 3547 | CMS_add0_CertificateChoices 3940 EXIST::FUNCTION:CMS | ||
| 3548 | CMS_unsigned_add1_attr_by_OBJ 3941 EXIST::FUNCTION:CMS | ||
| 3549 | ERR_load_CMS_strings 3942 EXIST::FUNCTION:CMS | ||
| 3550 | CMS_sign_receipt 3943 EXIST::FUNCTION:CMS | ||
| 3551 | i2d_CMS_ContentInfo 3944 EXIST::FUNCTION:CMS | ||
| 3552 | CMS_signed_delete_attr 3945 EXIST::FUNCTION:CMS | ||
| 3553 | d2i_CMS_bio 3946 EXIST::FUNCTION:CMS | ||
| 3554 | CMS_unsigned_get_attr_by_NID 3947 EXIST::FUNCTION:CMS | ||
| 3555 | CMS_verify 3948 EXIST::FUNCTION:CMS | ||
| 3556 | SMIME_read_CMS 3949 EXIST::FUNCTION:CMS | ||
| 3557 | CMS_decrypt_set1_key 3950 EXIST::FUNCTION:CMS | ||
| 3558 | CMS_SignerInfo_get0_algs 3951 EXIST::FUNCTION:CMS | ||
| 3559 | CMS_add1_cert 3952 EXIST::FUNCTION:CMS | ||
| 3560 | CMS_set_detached 3953 EXIST::FUNCTION:CMS | ||
| 3561 | CMS_encrypt 3954 EXIST::FUNCTION:CMS | ||
| 3562 | CMS_EnvelopedData_create 3955 EXIST::FUNCTION:CMS | ||
| 3563 | CMS_uncompress 3956 EXIST::FUNCTION:CMS | ||
| 3564 | CMS_add0_crl 3957 EXIST::FUNCTION:CMS | ||
| 3565 | CMS_SignerInfo_verify_content 3958 EXIST::FUNCTION:CMS | ||
| 3566 | CMS_unsigned_get0_data_by_OBJ 3959 EXIST::FUNCTION:CMS | ||
| 3567 | PEM_write_bio_CMS 3960 EXIST::FUNCTION:CMS | ||
| 3568 | CMS_unsigned_get_attr 3961 EXIST::FUNCTION:CMS | ||
| 3569 | CMS_RecipientInfo_ktri_cert_cmp 3962 EXIST::FUNCTION:CMS | ||
| 3570 | CMS_RecipientInfo_ktri_get0_algs 3963 EXIST:!VMS:FUNCTION:CMS | ||
| 3571 | CMS_RecipInfo_ktri_get0_algs 3963 EXIST:VMS:FUNCTION:CMS | ||
| 3572 | CMS_ContentInfo_free 3964 EXIST::FUNCTION:CMS | ||
| 3573 | CMS_final 3965 EXIST::FUNCTION:CMS | ||
| 3574 | CMS_add_simple_smimecap 3966 EXIST::FUNCTION:CMS | ||
| 3575 | CMS_SignerInfo_verify 3967 EXIST::FUNCTION:CMS | ||
| 3576 | CMS_data 3968 EXIST::FUNCTION:CMS | ||
| 3577 | CMS_ContentInfo_it 3969 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS | ||
| 3578 | CMS_ContentInfo_it 3969 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS | ||
| 3579 | d2i_CMS_ReceiptRequest 3970 EXIST::FUNCTION:CMS | ||
| 3580 | CMS_compress 3971 EXIST::FUNCTION:CMS | ||
| 3581 | CMS_digest_create 3972 EXIST::FUNCTION:CMS | ||
| 3582 | CMS_SignerInfo_cert_cmp 3973 EXIST::FUNCTION:CMS | ||
| 3583 | CMS_SignerInfo_sign 3974 EXIST::FUNCTION:CMS | ||
| 3584 | CMS_data_create 3975 EXIST::FUNCTION:CMS | ||
| 3585 | i2d_CMS_bio 3976 EXIST::FUNCTION:CMS | ||
| 3586 | CMS_EncryptedData_set1_key 3977 EXIST::FUNCTION:CMS | ||
| 3587 | CMS_decrypt 3978 EXIST::FUNCTION:CMS | ||
| 3588 | int_smime_write_ASN1 3979 EXIST::FUNCTION: | ||
| 3589 | CMS_unsigned_delete_attr 3980 EXIST::FUNCTION:CMS | ||
| 3590 | CMS_unsigned_get_attr_count 3981 EXIST::FUNCTION:CMS | ||
| 3591 | CMS_add_smimecap 3982 EXIST::FUNCTION:CMS | ||
| 3592 | PEM_read_CMS 3983 EXIST:!WIN16:FUNCTION:CMS | ||
| 3593 | CMS_signed_get_attr_by_OBJ 3984 EXIST::FUNCTION:CMS | ||
| 3594 | d2i_CMS_ContentInfo 3985 EXIST::FUNCTION:CMS | ||
| 3595 | CMS_add_standard_smimecap 3986 EXIST::FUNCTION:CMS | ||
| 3596 | CMS_ContentInfo_new 3987 EXIST::FUNCTION:CMS | ||
| 3597 | CMS_RecipientInfo_type 3988 EXIST::FUNCTION:CMS | ||
| 3598 | CMS_get0_type 3989 EXIST::FUNCTION:CMS | ||
| 3599 | CMS_is_detached 3990 EXIST::FUNCTION:CMS | ||
| 3600 | CMS_sign 3991 EXIST::FUNCTION:CMS | ||
| 3601 | CMS_signed_add1_attr 3992 EXIST::FUNCTION:CMS | ||
| 3602 | CMS_unsigned_get_attr_by_OBJ 3993 EXIST::FUNCTION:CMS | ||
| 3603 | SMIME_write_CMS 3994 EXIST::FUNCTION:CMS | ||
| 3604 | CMS_EncryptedData_decrypt 3995 EXIST::FUNCTION:CMS | ||
| 3605 | CMS_get0_RecipientInfos 3996 EXIST::FUNCTION:CMS | ||
| 3606 | CMS_add0_RevocationInfoChoice 3997 EXIST::FUNCTION:CMS | ||
| 3607 | CMS_decrypt_set1_pkey 3998 EXIST::FUNCTION:CMS | ||
| 3608 | CMS_SignerInfo_set1_signer_cert 3999 EXIST::FUNCTION:CMS | ||
| 3609 | CMS_get0_signers 4000 EXIST::FUNCTION:CMS | ||
| 3610 | CMS_ReceiptRequest_get0_values 4001 EXIST::FUNCTION:CMS | ||
| 3611 | CMS_signed_get0_data_by_OBJ 4002 EXIST::FUNCTION:CMS | ||
| 3612 | CMS_get0_SignerInfos 4003 EXIST::FUNCTION:CMS | ||
| 3613 | CMS_add0_cert 4004 EXIST::FUNCTION:CMS | ||
| 3614 | CMS_EncryptedData_encrypt 4005 EXIST::FUNCTION:CMS | ||
| 3615 | CMS_digest_verify 4006 EXIST::FUNCTION:CMS | ||
| 3616 | CMS_set1_signers_certs 4007 EXIST::FUNCTION:CMS | ||
| 3617 | CMS_signed_get_attr 4008 EXIST::FUNCTION:CMS | ||
| 3618 | CMS_RecipientInfo_set0_key 4009 EXIST::FUNCTION:CMS | ||
| 3619 | CMS_SignedData_init 4010 EXIST::FUNCTION:CMS | ||
| 3620 | CMS_RecipientInfo_kekri_get0_id 4011 EXIST::FUNCTION:CMS | ||
| 3621 | CMS_verify_receipt 4012 EXIST::FUNCTION:CMS | ||
| 3622 | CMS_ReceiptRequest_it 4013 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS | ||
| 3623 | CMS_ReceiptRequest_it 4013 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS | ||
| 3624 | PEM_read_bio_CMS 4014 EXIST::FUNCTION:CMS | ||
| 3625 | CMS_get1_crls 4015 EXIST::FUNCTION:CMS | ||
| 3626 | CMS_add0_recipient_key 4016 EXIST::FUNCTION:CMS | ||
| 3627 | SMIME_read_ASN1 4017 EXIST::FUNCTION: | ||
| 3628 | CMS_ReceiptRequest_new 4018 EXIST::FUNCTION:CMS | ||
| 3629 | CMS_get0_content 4019 EXIST::FUNCTION:CMS | ||
| 3630 | CMS_get1_ReceiptRequest 4020 EXIST::FUNCTION:CMS | ||
| 3631 | CMS_signed_add1_attr_by_OBJ 4021 EXIST::FUNCTION:CMS | ||
| 3632 | CMS_RecipientInfo_kekri_id_cmp 4022 EXIST::FUNCTION:CMS | ||
| 3633 | CMS_add1_ReceiptRequest 4023 EXIST::FUNCTION:CMS | ||
| 3634 | CMS_SignerInfo_get0_signer_id 4024 EXIST::FUNCTION:CMS | ||
| 3635 | CMS_unsigned_add1_attr_by_NID 4025 EXIST::FUNCTION:CMS | ||
| 3636 | CMS_unsigned_add1_attr 4026 EXIST::FUNCTION:CMS | ||
| 3637 | CMS_signed_get_attr_by_NID 4027 EXIST::FUNCTION:CMS | ||
| 3638 | CMS_get1_certs 4028 EXIST::FUNCTION:CMS | ||
| 3639 | CMS_signed_add1_attr_by_NID 4029 EXIST::FUNCTION:CMS | ||
| 3640 | CMS_unsigned_add1_attr_by_txt 4030 EXIST::FUNCTION:CMS | ||
| 3641 | CMS_dataFinal 4031 EXIST::FUNCTION:CMS | ||
| 3642 | CMS_RecipientInfo_ktri_get0_signer_id 4032 EXIST:!VMS:FUNCTION:CMS | ||
| 3643 | CMS_RecipInfo_ktri_get0_sigr_id 4032 EXIST:VMS:FUNCTION:CMS | ||
| 3644 | i2d_CMS_ReceiptRequest 4033 EXIST::FUNCTION:CMS | ||
| 3645 | CMS_add1_recipient_cert 4034 EXIST::FUNCTION:CMS | ||
| 3646 | CMS_dataInit 4035 EXIST::FUNCTION:CMS | ||
| 3647 | CMS_signed_add1_attr_by_txt 4036 EXIST::FUNCTION:CMS | ||
| 3648 | CMS_RecipientInfo_decrypt 4037 EXIST::FUNCTION:CMS | ||
| 3649 | CMS_signed_get_attr_count 4038 EXIST::FUNCTION:CMS | ||
| 3650 | CMS_get0_eContentType 4039 EXIST::FUNCTION:CMS | ||
| 3651 | CMS_set1_eContentType 4040 EXIST::FUNCTION:CMS | ||
| 3652 | CMS_ReceiptRequest_create0 4041 EXIST::FUNCTION:CMS | ||
| 3653 | CMS_add1_signer 4042 EXIST::FUNCTION:CMS | ||
| 3654 | CMS_RecipientInfo_set0_pkey 4043 EXIST::FUNCTION:CMS | ||
diff --git a/src/lib/libcrypto/util/mk1mf.pl b/src/lib/libcrypto/util/mk1mf.pl index 05a6086164..1ac5fd3a50 100644 --- a/src/lib/libcrypto/util/mk1mf.pl +++ b/src/lib/libcrypto/util/mk1mf.pl | |||
| @@ -10,19 +10,11 @@ $OPTIONS=""; | |||
| 10 | $ssl_version=""; | 10 | $ssl_version=""; |
| 11 | $banner="\t\@echo Building OpenSSL"; | 11 | $banner="\t\@echo Building OpenSSL"; |
| 12 | 12 | ||
| 13 | my $no_static_engine = 0; | ||
| 14 | my $engines = ""; | ||
| 13 | local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic | 15 | local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic |
| 14 | local $zlib_lib = ""; | 16 | local $zlib_lib = ""; |
| 15 | 17 | ||
| 16 | my $fips_canister_path = ""; | ||
| 17 | my $fips_premain_dso_exe_path = ""; | ||
| 18 | my $fips_premain_c_path = ""; | ||
| 19 | my $fips_sha1_exe_path = ""; | ||
| 20 | |||
| 21 | my $fipslibdir = ""; | ||
| 22 | my $baseaddr = ""; | ||
| 23 | |||
| 24 | my $ex_l_libs = ""; | ||
| 25 | |||
| 26 | 18 | ||
| 27 | open(IN,"<Makefile") || die "unable to open Makefile!\n"; | 19 | open(IN,"<Makefile") || die "unable to open Makefile!\n"; |
| 28 | while(<IN>) { | 20 | while(<IN>) { |
| @@ -38,22 +30,21 @@ $infile="MINFO"; | |||
| 38 | 30 | ||
| 39 | %ops=( | 31 | %ops=( |
| 40 | "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X", | 32 | "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X", |
| 41 | "VC-WIN32-GMAKE", "Microsoft Visual C++ [4-6] - Windows NT or 9X, GNU make", | 33 | "VC-WIN64I", "Microsoft C/C++ - Win64/IA-64", |
| 34 | "VC-WIN64A", "Microsoft C/C++ - Win64/x64", | ||
| 42 | "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY", | 35 | "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY", |
| 43 | "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", | 36 | "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", |
| 44 | "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286", | ||
| 45 | "VC-WIN16", "Alias for VC-W31-32", | ||
| 46 | "VC-W31-32", "Microsoft Visual C++ 1.52 - Windows 3.1 - 386+", | ||
| 47 | "VC-MSDOS","Microsoft Visual C++ 1.52 - MSDOS", | ||
| 48 | "Mingw32", "GNU C++ - Windows NT or 9x", | 37 | "Mingw32", "GNU C++ - Windows NT or 9x", |
| 49 | "Mingw32-files", "Create files with DOS copy ...", | 38 | "Mingw32-files", "Create files with DOS copy ...", |
| 50 | "BC-NT", "Borland C++ 4.5 - Windows NT", | 39 | "BC-NT", "Borland C++ 4.5 - Windows NT", |
| 51 | "BC-W31", "Borland C++ 4.5 - Windows 3.1 - PROBABLY NOT WORKING", | ||
| 52 | "BC-MSDOS","Borland C++ 4.5 - MSDOS", | ||
| 53 | "linux-elf","Linux elf", | 40 | "linux-elf","Linux elf", |
| 54 | "ultrix-mips","DEC mips ultrix", | 41 | "ultrix-mips","DEC mips ultrix", |
| 55 | "FreeBSD","FreeBSD distribution", | 42 | "FreeBSD","FreeBSD distribution", |
| 56 | "OS2-EMX", "EMX GCC OS/2", | 43 | "OS2-EMX", "EMX GCC OS/2", |
| 44 | "netware-clib", "CodeWarrior for NetWare - CLib - with WinSock Sockets", | ||
| 45 | "netware-clib-bsdsock", "CodeWarrior for NetWare - CLib - with BSD Sockets", | ||
| 46 | "netware-libc", "CodeWarrior for NetWare - LibC - with WinSock Sockets", | ||
| 47 | "netware-libc-bsdsock", "CodeWarrior for NetWare - LibC - with BSD Sockets", | ||
| 57 | "default","cc under unix", | 48 | "default","cc under unix", |
| 58 | ); | 49 | ); |
| 59 | 50 | ||
| @@ -73,16 +64,20 @@ and [options] can be one of | |||
| 73 | no-md2 no-md4 no-md5 no-sha no-mdc2 - Skip this digest | 64 | no-md2 no-md4 no-md5 no-sha no-mdc2 - Skip this digest |
| 74 | no-ripemd | 65 | no-ripemd |
| 75 | no-rc2 no-rc4 no-rc5 no-idea no-des - Skip this symetric cipher | 66 | no-rc2 no-rc4 no-rc5 no-idea no-des - Skip this symetric cipher |
| 76 | no-bf no-cast no-aes | 67 | no-bf no-cast no-aes no-camellia no-seed |
| 77 | no-rsa no-dsa no-dh - Skip this public key cipher | 68 | no-rsa no-dsa no-dh - Skip this public key cipher |
| 78 | no-ssl2 no-ssl3 - Skip this version of SSL | 69 | no-ssl2 no-ssl3 - Skip this version of SSL |
| 79 | just-ssl - remove all non-ssl keys/digest | 70 | just-ssl - remove all non-ssl keys/digest |
| 80 | no-asm - No x86 asm | 71 | no-asm - No x86 asm |
| 81 | no-krb5 - No KRB5 | 72 | no-krb5 - No KRB5 |
| 82 | no-ec - No EC | 73 | no-ec - No EC |
| 74 | no-ecdsa - No ECDSA | ||
| 75 | no-ecdh - No ECDH | ||
| 83 | no-engine - No engine | 76 | no-engine - No engine |
| 84 | no-hw - No hw | 77 | no-hw - No hw |
| 85 | nasm - Use NASM for x86 asm | 78 | nasm - Use NASM for x86 asm |
| 79 | nw-nasm - Use NASM x86 asm for NetWare | ||
| 80 | nw-mwasm - Use Metrowerks x86 asm for NetWare | ||
| 86 | gaswin - Use GNU as with Mingw32 | 81 | gaswin - Use GNU as with Mingw32 |
| 87 | no-socks - No socket code | 82 | no-socks - No socket code |
| 88 | no-err - No error strings | 83 | no-err - No error strings |
| @@ -107,6 +102,8 @@ foreach (grep(!/^$/, split(/ /, $OPTIONS))) | |||
| 107 | print STDERR "unknown option - $_\n" if !&read_options; | 102 | print STDERR "unknown option - $_\n" if !&read_options; |
| 108 | } | 103 | } |
| 109 | 104 | ||
| 105 | $no_static_engine = 0 if (!$shlib); | ||
| 106 | |||
| 110 | $no_mdc2=1 if ($no_des); | 107 | $no_mdc2=1 if ($no_des); |
| 111 | 108 | ||
| 112 | $no_ssl3=1 if ($no_md5 || $no_sha); | 109 | $no_ssl3=1 if ($no_md5 || $no_sha); |
| @@ -119,13 +116,10 @@ $out_def="out"; | |||
| 119 | $inc_def="outinc"; | 116 | $inc_def="outinc"; |
| 120 | $tmp_def="tmp"; | 117 | $tmp_def="tmp"; |
| 121 | 118 | ||
| 122 | $mkdir="-mkdir"; | 119 | $perl="perl" unless defined $perl; |
| 123 | $mkcanister="ld -r -o"; | 120 | $mkdir="-mkdir" unless defined $mkdir; |
| 124 | |||
| 125 | $ex_build_targets = ""; | ||
| 126 | 121 | ||
| 127 | ($ssl,$crypto)=("ssl","crypto"); | 122 | ($ssl,$crypto)=("ssl","crypto"); |
| 128 | $cryptocompat = ""; | ||
| 129 | $ranlib="echo ranlib"; | 123 | $ranlib="echo ranlib"; |
| 130 | 124 | ||
| 131 | $cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc'; | 125 | $cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc'; |
| @@ -134,40 +128,16 @@ $bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:''; | |||
| 134 | 128 | ||
| 135 | # $bin_dir.=$o causes a core dump on my sparc :-( | 129 | # $bin_dir.=$o causes a core dump on my sparc :-( |
| 136 | 130 | ||
| 131 | |||
| 137 | $NT=0; | 132 | $NT=0; |
| 138 | 133 | ||
| 139 | push(@INC,"util/pl","pl"); | 134 | push(@INC,"util/pl","pl"); |
| 140 | if ($platform eq "VC-MSDOS") | 135 | if (($platform =~ /VC-(.+)/)) |
| 141 | { | ||
| 142 | $asmbits=16; | ||
| 143 | $msdos=1; | ||
| 144 | require 'VC-16.pl'; | ||
| 145 | } | ||
| 146 | elsif ($platform eq "VC-W31-16") | ||
| 147 | { | 136 | { |
| 148 | $asmbits=16; | 137 | $FLAVOR=$1; |
| 149 | $msdos=1; $win16=1; | 138 | $NT = 1 if $1 eq "NT"; |
| 150 | require 'VC-16.pl'; | ||
| 151 | } | ||
| 152 | elsif (($platform eq "VC-W31-32") || ($platform eq "VC-WIN16")) | ||
| 153 | { | ||
| 154 | $asmbits=32; | ||
| 155 | $msdos=1; $win16=1; | ||
| 156 | require 'VC-16.pl'; | ||
| 157 | } | ||
| 158 | elsif (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) | ||
| 159 | { | ||
| 160 | $NT = 1 if $platform eq "VC-NT"; | ||
| 161 | require 'VC-32.pl'; | 139 | require 'VC-32.pl'; |
| 162 | } | 140 | } |
| 163 | elsif ($platform eq "VC-WIN32-GMAKE") | ||
| 164 | { | ||
| 165 | require 'VC-32-GMAKE.pl'; | ||
| 166 | } | ||
| 167 | elsif ($platform eq "VC-CE") | ||
| 168 | { | ||
| 169 | require 'VC-CE.pl'; | ||
| 170 | } | ||
| 171 | elsif ($platform eq "Mingw32") | 141 | elsif ($platform eq "Mingw32") |
| 172 | { | 142 | { |
| 173 | require 'Mingw32.pl'; | 143 | require 'Mingw32.pl'; |
| @@ -181,23 +151,6 @@ elsif ($platform eq "BC-NT") | |||
| 181 | $bc=1; | 151 | $bc=1; |
| 182 | require 'BC-32.pl'; | 152 | require 'BC-32.pl'; |
| 183 | } | 153 | } |
| 184 | elsif ($platform eq "BC-W31") | ||
| 185 | { | ||
| 186 | $bc=1; | ||
| 187 | $msdos=1; $w16=1; | ||
| 188 | require 'BC-16.pl'; | ||
| 189 | } | ||
| 190 | elsif ($platform eq "BC-Q16") | ||
| 191 | { | ||
| 192 | $msdos=1; $w16=1; $shlib=0; $qw=1; | ||
| 193 | require 'BC-16.pl'; | ||
| 194 | } | ||
| 195 | elsif ($platform eq "BC-MSDOS") | ||
| 196 | { | ||
| 197 | $asmbits=16; | ||
| 198 | $msdos=1; | ||
| 199 | require 'BC-16.pl'; | ||
| 200 | } | ||
| 201 | elsif ($platform eq "FreeBSD") | 154 | elsif ($platform eq "FreeBSD") |
| 202 | { | 155 | { |
| 203 | require 'unix.pl'; | 156 | require 'unix.pl'; |
| @@ -220,6 +173,13 @@ elsif ($platform eq "OS2-EMX") | |||
| 220 | $wc=1; | 173 | $wc=1; |
| 221 | require 'OS2-EMX.pl'; | 174 | require 'OS2-EMX.pl'; |
| 222 | } | 175 | } |
| 176 | elsif (($platform eq "netware-clib") || ($platform eq "netware-libc") || | ||
| 177 | ($platform eq "netware-clib-bsdsock") || ($platform eq "netware-libc-bsdsock")) | ||
| 178 | { | ||
| 179 | $LIBC=1 if $platform eq "netware-libc" || $platform eq "netware-libc-bsdsock"; | ||
| 180 | $BSDSOCK=1 if ($platform eq "netware-libc-bsdsock") || ($platform eq "netware-clib-bsdsock"); | ||
| 181 | require 'netware.pl'; | ||
| 182 | } | ||
| 223 | else | 183 | else |
| 224 | { | 184 | { |
| 225 | require "unix.pl"; | 185 | require "unix.pl"; |
| @@ -238,6 +198,8 @@ $cflags= "$xcflags$cflags" if $xcflags ne ""; | |||
| 238 | 198 | ||
| 239 | $cflags.=" -DOPENSSL_NO_IDEA" if $no_idea; | 199 | $cflags.=" -DOPENSSL_NO_IDEA" if $no_idea; |
| 240 | $cflags.=" -DOPENSSL_NO_AES" if $no_aes; | 200 | $cflags.=" -DOPENSSL_NO_AES" if $no_aes; |
| 201 | $cflags.=" -DOPENSSL_NO_CAMELLIA" if $no_camellia; | ||
| 202 | $cflags.=" -DOPENSSL_NO_SEED" if $no_seed; | ||
| 241 | $cflags.=" -DOPENSSL_NO_RC2" if $no_rc2; | 203 | $cflags.=" -DOPENSSL_NO_RC2" if $no_rc2; |
| 242 | $cflags.=" -DOPENSSL_NO_RC4" if $no_rc4; | 204 | $cflags.=" -DOPENSSL_NO_RC4" if $no_rc4; |
| 243 | $cflags.=" -DOPENSSL_NO_RC5" if $no_rc5; | 205 | $cflags.=" -DOPENSSL_NO_RC5" if $no_rc5; |
| @@ -248,7 +210,7 @@ $cflags.=" -DOPENSSL_NO_SHA" if $no_sha; | |||
| 248 | $cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1; | 210 | $cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1; |
| 249 | $cflags.=" -DOPENSSL_NO_RIPEMD" if $no_ripemd; | 211 | $cflags.=" -DOPENSSL_NO_RIPEMD" if $no_ripemd; |
| 250 | $cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2; | 212 | $cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2; |
| 251 | $cflags.=" -DOPENSSL_NO_BF" if $no_bf; | 213 | $cflags.=" -DOPENSSL_NO_BF" if $no_bf; |
| 252 | $cflags.=" -DOPENSSL_NO_CAST" if $no_cast; | 214 | $cflags.=" -DOPENSSL_NO_CAST" if $no_cast; |
| 253 | $cflags.=" -DOPENSSL_NO_DES" if $no_des; | 215 | $cflags.=" -DOPENSSL_NO_DES" if $no_des; |
| 254 | $cflags.=" -DOPENSSL_NO_RSA" if $no_rsa; | 216 | $cflags.=" -DOPENSSL_NO_RSA" if $no_rsa; |
| @@ -257,17 +219,30 @@ $cflags.=" -DOPENSSL_NO_DH" if $no_dh; | |||
| 257 | $cflags.=" -DOPENSSL_NO_SOCK" if $no_sock; | 219 | $cflags.=" -DOPENSSL_NO_SOCK" if $no_sock; |
| 258 | $cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2; | 220 | $cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2; |
| 259 | $cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3; | 221 | $cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3; |
| 222 | $cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext; | ||
| 223 | $cflags.=" -DOPENSSL_NO_CMS" if $no_cms; | ||
| 260 | $cflags.=" -DOPENSSL_NO_ERR" if $no_err; | 224 | $cflags.=" -DOPENSSL_NO_ERR" if $no_err; |
| 261 | $cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; | 225 | $cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; |
| 262 | $cflags.=" -DOPENSSL_NO_EC" if $no_ec; | 226 | $cflags.=" -DOPENSSL_NO_EC" if $no_ec; |
| 227 | $cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa; | ||
| 228 | $cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh; | ||
| 263 | $cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine; | 229 | $cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine; |
| 264 | $cflags.=" -DOPENSSL_NO_HW" if $no_hw; | 230 | $cflags.=" -DOPENSSL_NO_HW" if $no_hw; |
| 265 | $cflags.=" -DOPENSSL_FIPS" if $fips; | ||
| 266 | #$cflags.=" -DRSAref" if $rsaref ne ""; | ||
| 267 | 231 | ||
| 268 | $cflags.= " -DZLIB" if $zlib_opt; | 232 | $cflags.= " -DZLIB" if $zlib_opt; |
| 269 | $cflags.= " -DZLIB_SHARED" if $zlib_opt == 2; | 233 | $cflags.= " -DZLIB_SHARED" if $zlib_opt == 2; |
| 270 | 234 | ||
| 235 | if ($no_static_engine) | ||
| 236 | { | ||
| 237 | $cflags .= " -DOPENSSL_NO_STATIC_ENGINE"; | ||
| 238 | } | ||
| 239 | else | ||
| 240 | { | ||
| 241 | $cflags .= " -DOPENSSL_NO_DYNAMIC_ENGINE"; | ||
| 242 | } | ||
| 243 | |||
| 244 | #$cflags.=" -DRSAref" if $rsaref ne ""; | ||
| 245 | |||
| 271 | ## if ($unix) | 246 | ## if ($unix) |
| 272 | ## { $cflags="$c_flags" if ($c_flags ne ""); } | 247 | ## { $cflags="$c_flags" if ($c_flags ne ""); } |
| 273 | ##else | 248 | ##else |
| @@ -305,21 +280,11 @@ for (;;) | |||
| 305 | { | 280 | { |
| 306 | if ($lib ne "") | 281 | if ($lib ne "") |
| 307 | { | 282 | { |
| 308 | if ($fips && $dir =~ /^fips/) | 283 | $uc=$lib; |
| 309 | { | 284 | $uc =~ s/^lib(.*)\.a/$1/; |
| 310 | $uc = "FIPS"; | 285 | $uc =~ tr/a-z/A-Z/; |
| 311 | } | 286 | $lib_nam{$uc}=$uc; |
| 312 | else | 287 | $lib_obj{$uc}.=$libobj." "; |
| 313 | { | ||
| 314 | $uc=$lib; | ||
| 315 | $uc =~ s/^lib(.*)\.a/$1/; | ||
| 316 | $uc =~ tr/a-z/A-Z/; | ||
| 317 | } | ||
| 318 | if (($uc ne "FIPS") || $fips_canister_build) | ||
| 319 | { | ||
| 320 | $lib_nam{$uc}=$uc; | ||
| 321 | $lib_obj{$uc}.=$libobj." "; | ||
| 322 | } | ||
| 323 | } | 288 | } |
| 324 | last if ($val eq "FINISHED"); | 289 | last if ($val eq "FINISHED"); |
| 325 | $lib=""; | 290 | $lib=""; |
| @@ -340,10 +305,10 @@ for (;;) | |||
| 340 | { $ex_libs .= " $val" if $val ne "";} | 305 | { $ex_libs .= " $val" if $val ne "";} |
| 341 | 306 | ||
| 342 | if ($key eq "TEST") | 307 | if ($key eq "TEST") |
| 343 | { $test.=&var_add($dir,$val); } | 308 | { $test.=&var_add($dir,$val, 0); } |
| 344 | 309 | ||
| 345 | if (($key eq "PROGS") || ($key eq "E_OBJ")) | 310 | if (($key eq "PROGS") || ($key eq "E_OBJ")) |
| 346 | { $e_exe.=&var_add($dir,$val); } | 311 | { $e_exe.=&var_add($dir,$val, 0); } |
| 347 | 312 | ||
| 348 | if ($key eq "LIB") | 313 | if ($key eq "LIB") |
| 349 | { | 314 | { |
| @@ -352,74 +317,45 @@ for (;;) | |||
| 352 | } | 317 | } |
| 353 | 318 | ||
| 354 | if ($key eq "EXHEADER") | 319 | if ($key eq "EXHEADER") |
| 355 | { $exheader.=&var_add($dir,$val); } | 320 | { $exheader.=&var_add($dir,$val, 1); } |
| 356 | 321 | ||
| 357 | if ($key eq "HEADER") | 322 | if ($key eq "HEADER") |
| 358 | { $header.=&var_add($dir,$val); } | 323 | { $header.=&var_add($dir,$val, 1); } |
| 359 | |||
| 360 | if ($key eq "LIBOBJ") | ||
| 361 | { $libobj=&var_add($dir,$val); } | ||
| 362 | 324 | ||
| 363 | if ($key eq "FIPSLIBDIR") | 325 | if ($key eq "LIBOBJ" && ($dir ne "engines" || !$no_static_engine)) |
| 364 | { $fipslibdir=$val;} | 326 | { $libobj=&var_add($dir,$val, 0); } |
| 365 | 327 | if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine) | |
| 366 | if ($key eq "BASEADDR") | 328 | { $engines.=$val } |
| 367 | { $baseaddr=$val;} | ||
| 368 | 329 | ||
| 369 | if (!($_=<IN>)) | 330 | if (!($_=<IN>)) |
| 370 | { $_="RELATIVE_DIRECTORY=FINISHED\n"; } | 331 | { $_="RELATIVE_DIRECTORY=FINISHED\n"; } |
| 371 | } | 332 | } |
| 372 | close(IN); | 333 | close(IN); |
| 373 | 334 | ||
| 374 | if ($fips_canister_path eq "") | 335 | if ($shlib) |
| 375 | { | ||
| 376 | $fips_canister_path = "\$(FIPSLIB_D)${o}fipscanister.o"; | ||
| 377 | } | ||
| 378 | |||
| 379 | if ($fips_premain_c_path eq "") | ||
| 380 | { | 336 | { |
| 381 | $fips_premain_c_path = "\$(FIPSLIB_D)${o}fips_premain.c"; | 337 | $extra_install= <<"EOF"; |
| 382 | } | 338 | \$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}bin\" |
| 383 | 339 | \$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}bin\" | |
| 384 | if ($fips) | 340 | \$(CP) \"\$(L_SSL)\" \"\$(INSTALLTOP)${o}lib\" |
| 385 | { | 341 | \$(CP) \"\$(L_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\" |
| 386 | if ($fips_sha1_exe_path eq "") | 342 | EOF |
| 343 | if ($no_static_engine) | ||
| 387 | { | 344 | { |
| 388 | $fips_sha1_exe_path = | 345 | $extra_install .= <<"EOF" |
| 389 | "\$(BIN_D)${o}fips_standalone_sha1$exep"; | 346 | \$(MKDIR) \"\$(INSTALLTOP)${o}lib${o}engines\" |
| 347 | \$(CP) \"\$(E_SHLIB)\" \"\$(INSTALLTOP)${o}lib${o}engines\" | ||
| 348 | EOF | ||
| 390 | } | 349 | } |
| 391 | } | 350 | } |
| 392 | else | 351 | else |
| 393 | { | ||
| 394 | $fips_sha1_exe_path = ""; | ||
| 395 | } | ||
| 396 | |||
| 397 | if ($fips_premain_dso_exe_path eq "") | ||
| 398 | { | ||
| 399 | $fips_premain_dso_exe_path = "\$(BIN_D)${o}fips_premain_dso$exep"; | ||
| 400 | } | ||
| 401 | |||
| 402 | # $ex_build_targets .= "\$(BIN_D)${o}\$(E_PREMAIN_DSO)$exep" if ($fips); | ||
| 403 | |||
| 404 | if ($fips) | ||
| 405 | { | 352 | { |
| 406 | if (!$shlib) | 353 | $extra_install= <<"EOF"; |
| 407 | { | 354 | \$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}lib\" |
| 408 | $ex_build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)"; | 355 | \$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\" |
| 409 | $ex_l_libs .= " \$(O_FIPSCANISTER)"; | 356 | EOF |
| 410 | } | 357 | $ex_libs .= " $zlib_lib" if $zlib_opt == 1; |
| 411 | if ($fipslibdir eq "") | ||
| 412 | { | ||
| 413 | open (IN, "util/fipslib_path.txt") || fipslib_error(); | ||
| 414 | $fipslibdir = <IN>; | ||
| 415 | chomp $fipslibdir; | ||
| 416 | close IN; | ||
| 417 | } | ||
| 418 | fips_check_files($fipslibdir, | ||
| 419 | "fipscanister.o", "fipscanister.o.sha1", | ||
| 420 | "fips_premain.c", "fips_premain.c.sha1"); | ||
| 421 | } | 358 | } |
| 422 | |||
| 423 | 359 | ||
| 424 | $defs= <<"EOF"; | 360 | $defs= <<"EOF"; |
| 425 | # This makefile has been automatically generated from the OpenSSL distribution. | 361 | # This makefile has been automatically generated from the OpenSSL distribution. |
| @@ -439,15 +375,6 @@ EOF | |||
| 439 | 375 | ||
| 440 | $defs .= $preamble if defined $preamble; | 376 | $defs .= $preamble if defined $preamble; |
| 441 | 377 | ||
| 442 | if ($platform eq "VC-CE") | ||
| 443 | { | ||
| 444 | $defs.= <<"EOF"; | ||
| 445 | !INCLUDE <\$(WCECOMPAT)/wcedefs.mak> | ||
| 446 | |||
| 447 | EOF | ||
| 448 | $ex_libs .= " $zlib_lib" if $zlib_opt == 1; | ||
| 449 | } | ||
| 450 | |||
| 451 | $defs.= <<"EOF"; | 378 | $defs.= <<"EOF"; |
| 452 | INSTALLTOP=$INSTALLTOP | 379 | INSTALLTOP=$INSTALLTOP |
| 453 | 380 | ||
| @@ -468,10 +395,11 @@ EX_LIBS=$ex_libs | |||
| 468 | SRC_D=$src_dir | 395 | SRC_D=$src_dir |
| 469 | 396 | ||
| 470 | LINK=$link | 397 | LINK=$link |
| 471 | PERL=perl | ||
| 472 | FIPSLINK=\$(PERL) util${o}fipslink.pl | ||
| 473 | LFLAGS=$lflags | 398 | LFLAGS=$lflags |
| 399 | RSC=$rsc | ||
| 474 | 400 | ||
| 401 | AES_ASM_OBJ=$aes_asm_obj | ||
| 402 | AES_ASM_SRC=$aes_asm_src | ||
| 475 | BN_ASM_OBJ=$bn_asm_obj | 403 | BN_ASM_OBJ=$bn_asm_obj |
| 476 | BN_ASM_SRC=$bn_asm_src | 404 | BN_ASM_SRC=$bn_asm_src |
| 477 | BNCO_ASM_OBJ=$bnco_asm_obj | 405 | BNCO_ASM_OBJ=$bnco_asm_obj |
| @@ -492,6 +420,8 @@ SHA1_ASM_OBJ=$sha1_asm_obj | |||
| 492 | SHA1_ASM_SRC=$sha1_asm_src | 420 | SHA1_ASM_SRC=$sha1_asm_src |
| 493 | RMD160_ASM_OBJ=$rmd160_asm_obj | 421 | RMD160_ASM_OBJ=$rmd160_asm_obj |
| 494 | RMD160_ASM_SRC=$rmd160_asm_src | 422 | RMD160_ASM_SRC=$rmd160_asm_src |
| 423 | CPUID_ASM_OBJ=$cpuid_asm_obj | ||
| 424 | CPUID_ASM_SRC=$cpuid_asm_src | ||
| 495 | 425 | ||
| 496 | # The output directory for everything intersting | 426 | # The output directory for everything intersting |
| 497 | OUT_D=$out_dir | 427 | OUT_D=$out_dir |
| @@ -501,9 +431,7 @@ TMP_D=$tmp_dir | |||
| 501 | INC_D=$inc_dir | 431 | INC_D=$inc_dir |
| 502 | INCO_D=$inc_dir${o}openssl | 432 | INCO_D=$inc_dir${o}openssl |
| 503 | 433 | ||
| 504 | # Directory containing FIPS module | 434 | PERL=$perl |
| 505 | |||
| 506 | |||
| 507 | CP=$cp | 435 | CP=$cp |
| 508 | RM=$rm | 436 | RM=$rm |
| 509 | RANLIB=$ranlib | 437 | RANLIB=$ranlib |
| @@ -511,18 +439,6 @@ MKDIR=$mkdir | |||
| 511 | MKLIB=$bin_dir$mklib | 439 | MKLIB=$bin_dir$mklib |
| 512 | MLFLAGS=$mlflags | 440 | MLFLAGS=$mlflags |
| 513 | ASM=$bin_dir$asm | 441 | ASM=$bin_dir$asm |
| 514 | MKCANISTER=$mkcanister | ||
| 515 | |||
| 516 | # FIPS validated module and support file locations | ||
| 517 | |||
| 518 | E_PREMAIN_DSO=fips_premain_dso | ||
| 519 | |||
| 520 | FIPSLIB_D=$fipslibdir | ||
| 521 | BASEADDR=$baseaddr | ||
| 522 | FIPS_PREMAIN_SRC=$fips_premain_c_path | ||
| 523 | O_FIPSCANISTER=$fips_canister_path | ||
| 524 | FIPS_SHA1_EXE=$fips_sha1_exe_path | ||
| 525 | PREMAIN_DSO_EXE=$fips_premain_dso_exe_path | ||
| 526 | 442 | ||
| 527 | ###################################################### | 443 | ###################################################### |
| 528 | # You should not need to touch anything below this point | 444 | # You should not need to touch anything below this point |
| @@ -535,12 +451,14 @@ CRYPTO=$crypto | |||
| 535 | # BIN_D - Binary output directory | 451 | # BIN_D - Binary output directory |
| 536 | # TEST_D - Binary test file output directory | 452 | # TEST_D - Binary test file output directory |
| 537 | # LIB_D - library output directory | 453 | # LIB_D - library output directory |
| 454 | # ENG_D - dynamic engine output directory | ||
| 538 | # Note: if you change these point to different directories then uncomment out | 455 | # Note: if you change these point to different directories then uncomment out |
| 539 | # the lines around the 'NB' comment below. | 456 | # the lines around the 'NB' comment below. |
| 540 | # | 457 | # |
| 541 | BIN_D=\$(OUT_D) | 458 | BIN_D=\$(OUT_D) |
| 542 | TEST_D=\$(OUT_D) | 459 | TEST_D=\$(OUT_D) |
| 543 | LIB_D=\$(OUT_D) | 460 | LIB_D=\$(OUT_D) |
| 461 | ENG_D=\$(OUT_D) | ||
| 544 | 462 | ||
| 545 | # INCL_D - local library directory | 463 | # INCL_D - local library directory |
| 546 | # OBJ_D - temp object file directory | 464 | # OBJ_D - temp object file directory |
| @@ -554,7 +472,7 @@ SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp | |||
| 554 | L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp | 472 | L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp |
| 555 | L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp | 473 | L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp |
| 556 | 474 | ||
| 557 | L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs | 475 | L_LIBS= \$(L_SSL) \$(L_CRYPTO) |
| 558 | 476 | ||
| 559 | ###################################################### | 477 | ###################################################### |
| 560 | # Don't touch anything below this point | 478 | # Don't touch anything below this point |
| @@ -564,19 +482,19 @@ INC=-I\$(INC_D) -I\$(INCL_D) | |||
| 564 | APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG) | 482 | APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG) |
| 565 | LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) | 483 | LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) |
| 566 | SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG) | 484 | SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG) |
| 567 | LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) $ex_libs_dep | 485 | LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) |
| 568 | 486 | ||
| 569 | ############################################# | 487 | ############################################# |
| 570 | EOF | 488 | EOF |
| 571 | 489 | ||
| 572 | $rules=<<"EOF"; | 490 | $rules=<<"EOF"; |
| 573 | all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers \$(FIPS_SHA1_EXE) lib exe $ex_build_targets | 491 | all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe |
| 574 | 492 | ||
| 575 | banner: | 493 | banner: |
| 576 | $banner | 494 | $banner |
| 577 | 495 | ||
| 578 | \$(TMP_D): | 496 | \$(TMP_D): |
| 579 | \$(MKDIR) \$(TMP_D) | 497 | \$(MKDIR) \"\$(TMP_D)\" |
| 580 | # NB: uncomment out these lines if BIN_D, TEST_D and LIB_D are different | 498 | # NB: uncomment out these lines if BIN_D, TEST_D and LIB_D are different |
| 581 | #\$(BIN_D): | 499 | #\$(BIN_D): |
| 582 | # \$(MKDIR) \$(BIN_D) | 500 | # \$(MKDIR) \$(BIN_D) |
| @@ -585,31 +503,36 @@ $banner | |||
| 585 | # \$(MKDIR) \$(TEST_D) | 503 | # \$(MKDIR) \$(TEST_D) |
| 586 | 504 | ||
| 587 | \$(LIB_D): | 505 | \$(LIB_D): |
| 588 | \$(MKDIR) \$(LIB_D) | 506 | \$(MKDIR) \"\$(LIB_D)\" |
| 589 | 507 | ||
| 590 | \$(INCO_D): \$(INC_D) | 508 | \$(INCO_D): \$(INC_D) |
| 591 | \$(MKDIR) \$(INCO_D) | 509 | \$(MKDIR) \"\$(INCO_D)\" |
| 592 | 510 | ||
| 593 | \$(INC_D): | 511 | \$(INC_D): |
| 594 | \$(MKDIR) \$(INC_D) | 512 | \$(MKDIR) \"\$(INC_D)\" |
| 595 | 513 | ||
| 596 | headers: \$(HEADER) \$(EXHEADER) | 514 | headers: \$(HEADER) \$(EXHEADER) |
| 597 | @ | 515 | @ |
| 598 | 516 | ||
| 599 | lib: \$(LIBS_DEP) | 517 | lib: \$(LIBS_DEP) \$(E_SHLIB) |
| 600 | 518 | ||
| 601 | exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep | 519 | exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep |
| 602 | 520 | ||
| 603 | install: | 521 | install: all |
| 604 | \$(MKDIR) \$(INSTALLTOP) | 522 | \$(MKDIR) \"\$(INSTALLTOP)\" |
| 605 | \$(MKDIR) \$(INSTALLTOP)${o}bin | 523 | \$(MKDIR) \"\$(INSTALLTOP)${o}bin\" |
| 606 | \$(MKDIR) \$(INSTALLTOP)${o}include | 524 | \$(MKDIR) \"\$(INSTALLTOP)${o}include\" |
| 607 | \$(MKDIR) \$(INSTALLTOP)${o}include${o}openssl | 525 | \$(MKDIR) \"\$(INSTALLTOP)${o}include${o}openssl\" |
| 608 | \$(MKDIR) \$(INSTALLTOP)${o}lib | 526 | \$(MKDIR) \"\$(INSTALLTOP)${o}lib\" |
| 609 | \$(CP) \$(INCO_D)${o}*.\[ch\] \$(INSTALLTOP)${o}include${o}openssl | 527 | \$(CP) \"\$(INCO_D)${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\" |
| 610 | \$(CP) \$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin | 528 | \$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep\" \"\$(INSTALLTOP)${o}bin\" |
| 611 | \$(CP) \$(O_SSL) \$(INSTALLTOP)${o}lib | 529 | \$(CP) \"apps${o}openssl.cnf\" \"\$(INSTALLTOP)\" |
| 612 | \$(CP) \$(O_CRYPTO) \$(INSTALLTOP)${o}lib | 530 | $extra_install |
| 531 | |||
| 532 | |||
| 533 | test: \$(T_EXE) | ||
| 534 | cd \$(BIN_D) | ||
| 535 | ..${o}ms${o}test | ||
| 613 | 536 | ||
| 614 | clean: | 537 | clean: |
| 615 | \$(RM) \$(TMP_D)$o*.* | 538 | \$(RM) \$(TMP_D)$o*.* |
| @@ -668,11 +591,11 @@ foreach (split(/\s+/,$exheader)){ $h{$_}=1; } | |||
| 668 | foreach (split(/\s+/,$header)) { $h.=$_." " unless $h{$_}; } | 591 | foreach (split(/\s+/,$header)) { $h.=$_." " unless $h{$_}; } |
| 669 | chop($h); $header=$h; | 592 | chop($h); $header=$h; |
| 670 | 593 | ||
| 671 | $defs.=&do_defs("HEADER",$header,"\$(INCL_D)",".h"); | 594 | $defs.=&do_defs("HEADER",$header,"\$(INCL_D)",""); |
| 672 | $rules.=&do_copy_rule("\$(INCL_D)",$header,".h"); | 595 | $rules.=&do_copy_rule("\$(INCL_D)",$header,""); |
| 673 | 596 | ||
| 674 | $defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)",".h"); | 597 | $defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)",""); |
| 675 | $rules.=&do_copy_rule("\$(INCO_D)",$exheader,".h"); | 598 | $rules.=&do_copy_rule("\$(INCO_D)",$exheader,""); |
| 676 | 599 | ||
| 677 | $defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj); | 600 | $defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj); |
| 678 | $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)"); | 601 | $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)"); |
| @@ -680,29 +603,6 @@ $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)"); | |||
| 680 | $defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj); | 603 | $defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj); |
| 681 | $rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)'); | 604 | $rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)'); |
| 682 | 605 | ||
| 683 | # Special case rules for fips_start and fips_end fips_premain_dso | ||
| 684 | |||
| 685 | if ($fips) | ||
| 686 | { | ||
| 687 | if ($fips_canister_build) | ||
| 688 | { | ||
| 689 | $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_start$obj", | ||
| 690 | "fips-1.0${o}fips_canister.c", | ||
| 691 | "-DFIPS_START \$(SHLIB_CFLAGS)"); | ||
| 692 | $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_end$obj", | ||
| 693 | "fips-1.0${o}fips_canister.c", "\$(SHLIB_CFLAGS)"); | ||
| 694 | } | ||
| 695 | $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_standalone_sha1$obj", | ||
| 696 | "fips-1.0${o}sha${o}fips_standalone_sha1.c", | ||
| 697 | "\$(SHLIB_CFLAGS)"); | ||
| 698 | $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_sha1dgst$obj", | ||
| 699 | "fips-1.0${o}sha${o}fips_sha1dgst.c", | ||
| 700 | "\$(SHLIB_CFLAGS)") unless $fips_canister_build; | ||
| 701 | $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj", | ||
| 702 | "fips-1.0${o}fips_premain.c", | ||
| 703 | "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)"); | ||
| 704 | } | ||
| 705 | |||
| 706 | foreach (values %lib_nam) | 606 | foreach (values %lib_nam) |
| 707 | { | 607 | { |
| 708 | $lib_obj=$lib_obj{$_}; | 608 | $lib_obj=$lib_obj{$_}; |
| @@ -713,7 +613,12 @@ foreach (values %lib_nam) | |||
| 713 | $rules.="\$(O_SSL):\n\n"; | 613 | $rules.="\$(O_SSL):\n\n"; |
| 714 | next; | 614 | next; |
| 715 | } | 615 | } |
| 716 | 616 | if (($aes_asm_obj ne "") && ($_ eq "CRYPTO")) | |
| 617 | { | ||
| 618 | $lib_obj =~ s/\s(\S*\/aes_core\S*)/ \$(AES_ASM_OBJ)/; | ||
| 619 | $lib_obj =~ s/\s\S*\/aes_cbc\S*//; | ||
| 620 | $rules.=&do_asm_rule($aes_asm_obj,$aes_asm_src); | ||
| 621 | } | ||
| 717 | if (($bn_asm_obj ne "") && ($_ eq "CRYPTO")) | 622 | if (($bn_asm_obj ne "") && ($_ eq "CRYPTO")) |
| 718 | { | 623 | { |
| 719 | $lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/; | 624 | $lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/; |
| @@ -765,11 +670,28 @@ foreach (values %lib_nam) | |||
| 765 | $lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/; | 670 | $lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/; |
| 766 | $rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src); | 671 | $rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src); |
| 767 | } | 672 | } |
| 673 | if (($cpuid_asm_obj ne "") && ($_ eq "CRYPTO")) | ||
| 674 | { | ||
| 675 | $lib_obj =~ s/\s(\S*\/cversion\S*)/ $1 \$(CPUID_ASM_OBJ)/; | ||
| 676 | $rules.=&do_asm_rule($cpuid_asm_obj,$cpuid_asm_src); | ||
| 677 | } | ||
| 768 | $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj); | 678 | $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj); |
| 769 | $lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)"; | 679 | $lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)"; |
| 770 | $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib); | 680 | $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib); |
| 771 | } | 681 | } |
| 772 | 682 | ||
| 683 | # hack to add version info on MSVC | ||
| 684 | if (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) { | ||
| 685 | $rules.= <<"EOF"; | ||
| 686 | \$(OBJ_D)\\\$(CRYPTO).res: ms\\version32.rc | ||
| 687 | \$(RSC) /fo"\$(OBJ_D)\\\$(CRYPTO).res" /d CRYPTO ms\\version32.rc | ||
| 688 | |||
| 689 | \$(OBJ_D)\\\$(SSL).res: ms\\version32.rc | ||
| 690 | \$(RSC) /fo"\$(OBJ_D)\\\$(SSL).res" /d SSL ms\\version32.rc | ||
| 691 | |||
| 692 | EOF | ||
| 693 | } | ||
| 694 | |||
| 773 | $defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep); | 695 | $defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep); |
| 774 | foreach (split(/\s+/,$test)) | 696 | foreach (split(/\s+/,$test)) |
| 775 | { | 697 | { |
| @@ -778,42 +700,20 @@ foreach (split(/\s+/,$test)) | |||
| 778 | $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); | 700 | $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); |
| 779 | } | 701 | } |
| 780 | 702 | ||
| 781 | $rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)"); | 703 | $defs.=&do_defs("E_SHLIB",$engines,"\$(ENG_D)",$shlibp); |
| 782 | |||
| 783 | 704 | ||
| 784 | if ($fips) | 705 | foreach (split(/\s+/,$engines)) |
| 785 | { | ||
| 786 | if ($shlib) | ||
| 787 | { | ||
| 788 | $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)", | ||
| 789 | "\$(O_CRYPTO)", | ||
| 790 | "$crypto", | ||
| 791 | $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)"); | ||
| 792 | } | ||
| 793 | else | ||
| 794 | { | ||
| 795 | $rules.= &do_lib_rule("\$(CRYPTOOBJ)", | ||
| 796 | "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", ""); | ||
| 797 | $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)", | ||
| 798 | "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", ""); | ||
| 799 | } | ||
| 800 | } | ||
| 801 | else | ||
| 802 | { | 706 | { |
| 803 | $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib, | 707 | $rules.=&do_compile_rule("\$(OBJ_D)","engines${o}e_$_",$lib); |
| 804 | "\$(SO_CRYPTO)"); | 708 | $rules.= &do_lib_rule("\$(OBJ_D)${o}e_${_}.obj","\$(ENG_D)$o$_$shlibp","",$shlib,""); |
| 805 | } | 709 | } |
| 806 | 710 | ||
| 807 | 711 | ||
| 808 | if ($fips) | ||
| 809 | { | ||
| 810 | $rules.= &do_rlink_rule("\$(O_FIPSCANISTER)", "\$(OBJ_D)${o}fips_start$obj \$(FIPSOBJ) \$(OBJ_D)${o}fips_end$obj", "\$(FIPSLIB_D)${o}fips_standalone_sha1$exep", "") if $fips_canister_build; | ||
| 811 | $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1); | ||
| 812 | |||
| 813 | $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)","\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}fips_sha1dgst$obj","","", 1); | ||
| 814 | } | ||
| 815 | 712 | ||
| 816 | $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)",0); | 713 | $rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)"); |
| 714 | $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)"); | ||
| 715 | |||
| 716 | $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); | ||
| 817 | 717 | ||
| 818 | print $defs; | 718 | print $defs; |
| 819 | 719 | ||
| @@ -833,13 +733,15 @@ print $rules; | |||
| 833 | # directories | 733 | # directories |
| 834 | sub var_add | 734 | sub var_add |
| 835 | { | 735 | { |
| 836 | local($dir,$val)=@_; | 736 | local($dir,$val,$keepext)=@_; |
| 837 | local(@a,$_,$ret); | 737 | local(@a,$_,$ret); |
| 838 | 738 | ||
| 839 | return("") if $no_engine && $dir =~ /\/engine/; | 739 | return("") if $no_engine && $dir =~ /\/engine/; |
| 840 | return("") if $no_hw && $dir =~ /\/hw/; | 740 | return("") if $no_hw && $dir =~ /\/hw/; |
| 841 | return("") if $no_idea && $dir =~ /\/idea/; | 741 | return("") if $no_idea && $dir =~ /\/idea/; |
| 842 | return("") if $no_aes && $dir =~ /\/aes/; | 742 | return("") if $no_aes && $dir =~ /\/aes/; |
| 743 | return("") if $no_camellia && $dir =~ /\/camellia/; | ||
| 744 | return("") if $no_seed && $dir =~ /\/seed/; | ||
| 843 | return("") if $no_rc2 && $dir =~ /\/rc2/; | 745 | return("") if $no_rc2 && $dir =~ /\/rc2/; |
| 844 | return("") if $no_rc4 && $dir =~ /\/rc4/; | 746 | return("") if $no_rc4 && $dir =~ /\/rc4/; |
| 845 | return("") if $no_rc5 && $dir =~ /\/rc5/; | 747 | return("") if $no_rc5 && $dir =~ /\/rc5/; |
| @@ -848,6 +750,7 @@ sub var_add | |||
| 848 | return("") if $no_dsa && $dir =~ /\/dsa/; | 750 | return("") if $no_dsa && $dir =~ /\/dsa/; |
| 849 | return("") if $no_dh && $dir =~ /\/dh/; | 751 | return("") if $no_dh && $dir =~ /\/dh/; |
| 850 | return("") if $no_ec && $dir =~ /\/ec/; | 752 | return("") if $no_ec && $dir =~ /\/ec/; |
| 753 | return("") if $no_cms && $dir =~ /\/cms/; | ||
| 851 | if ($no_des && $dir =~ /\/des/) | 754 | if ($no_des && $dir =~ /\/des/) |
| 852 | { | 755 | { |
| 853 | if ($val =~ /read_pwd/) | 756 | if ($val =~ /read_pwd/) |
| @@ -862,7 +765,7 @@ sub var_add | |||
| 862 | 765 | ||
| 863 | $val =~ s/^\s*(.*)\s*$/$1/; | 766 | $val =~ s/^\s*(.*)\s*$/$1/; |
| 864 | @a=split(/\s+/,$val); | 767 | @a=split(/\s+/,$val); |
| 865 | grep(s/\.[och]$//,@a); | 768 | grep(s/\.[och]$//,@a) unless $keepext; |
| 866 | 769 | ||
| 867 | @a=grep(!/^e_.*_3d$/,@a) if $no_des; | 770 | @a=grep(!/^e_.*_3d$/,@a) if $no_des; |
| 868 | @a=grep(!/^e_.*_d$/,@a) if $no_des; | 771 | @a=grep(!/^e_.*_d$/,@a) if $no_des; |
| @@ -873,6 +776,8 @@ sub var_add | |||
| 873 | @a=grep(!/^e_.*_bf$/,@a) if $no_bf; | 776 | @a=grep(!/^e_.*_bf$/,@a) if $no_bf; |
| 874 | @a=grep(!/^e_.*_c$/,@a) if $no_cast; | 777 | @a=grep(!/^e_.*_c$/,@a) if $no_cast; |
| 875 | @a=grep(!/^e_rc4$/,@a) if $no_rc4; | 778 | @a=grep(!/^e_rc4$/,@a) if $no_rc4; |
| 779 | @a=grep(!/^e_camellia$/,@a) if $no_camellia; | ||
| 780 | @a=grep(!/^e_seed$/,@a) if $no_seed; | ||
| 876 | 781 | ||
| 877 | @a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2; | 782 | @a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2; |
| 878 | @a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3; | 783 | @a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3; |
| @@ -956,13 +861,23 @@ sub do_defs | |||
| 956 | elsif ($_ =~ /RC5_ENC/) { $t="$_ "; } | 861 | elsif ($_ =~ /RC5_ENC/) { $t="$_ "; } |
| 957 | elsif ($_ =~ /MD5_ASM/) { $t="$_ "; } | 862 | elsif ($_ =~ /MD5_ASM/) { $t="$_ "; } |
| 958 | elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; } | 863 | elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; } |
| 864 | elsif ($_ =~ /AES_ASM/){ $t="$_ "; } | ||
| 959 | elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; } | 865 | elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; } |
| 866 | elsif ($_ =~ /CPUID_ASM/){ $t="$_ "; } | ||
| 960 | else { $t="$location${o}$_$pf "; } | 867 | else { $t="$location${o}$_$pf "; } |
| 961 | 868 | ||
| 962 | $Vars{$var}.="$t "; | 869 | $Vars{$var}.="$t "; |
| 963 | $ret.=$t; | 870 | $ret.=$t; |
| 964 | } | 871 | } |
| 965 | chop($ret); | 872 | # hack to add version info on MSVC |
| 873 | if ($shlib && (($platform eq "VC-WIN32") || ($platform eq "VC-NT"))) | ||
| 874 | { | ||
| 875 | if ($var eq "CRYPTOOBJ") | ||
| 876 | { $ret.="\$(OBJ_D)\\\$(CRYPTO).res "; } | ||
| 877 | elsif ($var eq "SSLOBJ") | ||
| 878 | { $ret.="\$(OBJ_D)\\\$(SSL).res "; } | ||
| 879 | } | ||
| 880 | chomp($ret); | ||
| 966 | $ret.="\n\n"; | 881 | $ret.="\n\n"; |
| 967 | return($ret); | 882 | return($ret); |
| 968 | } | 883 | } |
| @@ -1057,61 +972,118 @@ sub do_copy_rule | |||
| 1057 | if ($n =~ /bss_file/) | 972 | if ($n =~ /bss_file/) |
| 1058 | { $pp=".c"; } | 973 | { $pp=".c"; } |
| 1059 | else { $pp=$p; } | 974 | else { $pp=$p; } |
| 1060 | $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \$(SRC_D)$o$_$pp $to${o}$n$pp\n\n"; | 975 | $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \"\$(SRC_D)$o$_$pp\" \"$to${o}$n$pp\"\n\n"; |
| 1061 | } | 976 | } |
| 1062 | return($ret); | 977 | return($ret); |
| 1063 | } | 978 | } |
| 1064 | 979 | ||
| 1065 | sub read_options | 980 | sub read_options |
| 1066 | { | 981 | { |
| 1067 | if (/^no-rc2$/) { $no_rc2=1; } | 982 | # Many options are handled in a similar way. In particular |
| 1068 | elsif (/^no-rc4$/) { $no_rc4=1; } | 983 | # no-xxx sets zero or more scalars to 1. |
| 1069 | elsif (/^no-rc5$/) { $no_rc5=1; } | 984 | # Process these using a hash containing the option name and |
| 1070 | elsif (/^no-idea$/) { $no_idea=1; } | 985 | # reference to the scalars to set. |
| 1071 | elsif (/^no-aes$/) { $no_aes=1; } | 986 | |
| 1072 | elsif (/^no-des$/) { $no_des=1; } | 987 | my %valid_options = ( |
| 1073 | elsif (/^no-bf$/) { $no_bf=1; } | 988 | "no-rc2" => \$no_rc2, |
| 1074 | elsif (/^no-cast$/) { $no_cast=1; } | 989 | "no-rc4" => \$no_rc4, |
| 1075 | elsif (/^no-md2$/) { $no_md2=1; } | 990 | "no-rc5" => \$no_rc5, |
| 1076 | elsif (/^no-md4$/) { $no_md4=1; } | 991 | "no-idea" => \$no_idea, |
| 1077 | elsif (/^no-md5$/) { $no_md5=1; } | 992 | "no-aes" => \$no_aes, |
| 1078 | elsif (/^no-sha$/) { $no_sha=1; } | 993 | "no-camellia" => \$no_camellia, |
| 1079 | elsif (/^no-sha1$/) { $no_sha1=1; } | 994 | "no-seed" => \$no_seed, |
| 1080 | elsif (/^no-ripemd$/) { $no_ripemd=1; } | 995 | "no-des" => \$no_des, |
| 1081 | elsif (/^no-mdc2$/) { $no_mdc2=1; } | 996 | "no-bf" => \$no_bf, |
| 1082 | elsif (/^no-patents$/) { $no_rc2=$no_rc4=$no_rc5=$no_idea=$no_rsa=1; } | 997 | "no-cast" => \$no_cast, |
| 1083 | elsif (/^no-rsa$/) { $no_rsa=1; } | 998 | "no-md2" => \$no_md2, |
| 1084 | elsif (/^no-dsa$/) { $no_dsa=1; } | 999 | "no-md4" => \$no_md4, |
| 1085 | elsif (/^no-dh$/) { $no_dh=1; } | 1000 | "no-md5" => \$no_md5, |
| 1086 | elsif (/^no-hmac$/) { $no_hmac=1; } | 1001 | "no-sha" => \$no_sha, |
| 1087 | elsif (/^no-aes$/) { $no_aes=1; } | 1002 | "no-sha1" => \$no_sha1, |
| 1088 | elsif (/^no-asm$/) { $no_asm=1; } | 1003 | "no-ripemd" => \$no_ripemd, |
| 1089 | elsif (/^nasm$/) { $nasm=1; } | 1004 | "no-mdc2" => \$no_mdc2, |
| 1090 | elsif (/^gaswin$/) { $gaswin=1; } | 1005 | "no-patents" => |
| 1091 | elsif (/^no-ssl2$/) { $no_ssl2=1; } | 1006 | [\$no_rc2, \$no_rc4, \$no_rc5, \$no_idea, \$no_rsa], |
| 1092 | elsif (/^no-ssl3$/) { $no_ssl3=1; } | 1007 | "no-rsa" => \$no_rsa, |
| 1093 | elsif (/^no-err$/) { $no_err=1; } | 1008 | "no-dsa" => \$no_dsa, |
| 1094 | elsif (/^no-sock$/) { $no_sock=1; } | 1009 | "no-dh" => \$no_dh, |
| 1095 | elsif (/^no-krb5$/) { $no_krb5=1; } | 1010 | "no-hmac" => \$no_hmac, |
| 1096 | elsif (/^no-ec$/) { $no_ec=1; } | 1011 | "no-asm" => \$no_asm, |
| 1097 | elsif (/^no-engine$/) { $no_engine=1; } | 1012 | "nasm" => \$nasm, |
| 1098 | elsif (/^no-hw$/) { $no_hw=1; } | 1013 | "nw-nasm" => \$nw_nasm, |
| 1099 | 1014 | "nw-mwasm" => \$nw_mwasm, | |
| 1100 | elsif (/^just-ssl$/) { $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1; | 1015 | "gaswin" => \$gaswin, |
| 1101 | $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1; | 1016 | "no-ssl2" => \$no_ssl2, |
| 1102 | $no_ssl2=$no_err=$no_ripemd=$no_rc5=1; | 1017 | "no-ssl3" => \$no_ssl3, |
| 1103 | $no_aes=1; } | 1018 | "no-tlsext" => \$no_tlsext, |
| 1104 | 1019 | "no-cms" => \$no_cms, | |
| 1105 | elsif (/^rsaref$/) { } | 1020 | "no-err" => \$no_err, |
| 1106 | elsif (/^fips$/) { $fips=1; } | 1021 | "no-sock" => \$no_sock, |
| 1107 | elsif (/^gcc$/) { $gcc=1; } | 1022 | "no-krb5" => \$no_krb5, |
| 1108 | elsif (/^debug$/) { $debug=1; } | 1023 | "no-ec" => \$no_ec, |
| 1109 | elsif (/^profile$/) { $profile=1; } | 1024 | "no-ecdsa" => \$no_ecdsa, |
| 1110 | elsif (/^shlib$/) { $shlib=1; } | 1025 | "no-ecdh" => \$no_ecdh, |
| 1111 | elsif (/^dll$/) { $shlib=1; } | 1026 | "no-engine" => \$no_engine, |
| 1112 | elsif (/^shared$/) { } # We just need to ignore it for now... | 1027 | "no-hw" => \$no_hw, |
| 1113 | elsif (/^zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 } | 1028 | "just-ssl" => |
| 1114 | elsif (/^zlib-dynamic$/){ $zlib_opt = 2; } | 1029 | [\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast, |
| 1030 | \$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh, | ||
| 1031 | \$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5, | ||
| 1032 | \$no_aes, \$no_camellia, \$no_seed], | ||
| 1033 | "rsaref" => 0, | ||
| 1034 | "gcc" => \$gcc, | ||
| 1035 | "debug" => \$debug, | ||
| 1036 | "profile" => \$profile, | ||
| 1037 | "shlib" => \$shlib, | ||
| 1038 | "dll" => \$shlib, | ||
| 1039 | "shared" => 0, | ||
| 1040 | "no-gmp" => 0, | ||
| 1041 | "no-rfc3779" => 0, | ||
| 1042 | "no-montasm" => 0, | ||
| 1043 | "no-shared" => 0, | ||
| 1044 | "no-zlib" => 0, | ||
| 1045 | "no-zlib-dynamic" => 0, | ||
| 1046 | ); | ||
| 1047 | |||
| 1048 | if (exists $valid_options{$_}) | ||
| 1049 | { | ||
| 1050 | my $r = $valid_options{$_}; | ||
| 1051 | if ( ref $r eq "SCALAR") | ||
| 1052 | { $$r = 1;} | ||
| 1053 | elsif ( ref $r eq "ARRAY") | ||
| 1054 | { | ||
| 1055 | my $r2; | ||
| 1056 | foreach $r2 (@$r) | ||
| 1057 | { | ||
| 1058 | $$r2 = 1; | ||
| 1059 | } | ||
| 1060 | } | ||
| 1061 | } | ||
| 1062 | elsif (/^no-comp$/) { $xcflags = "-DOPENSSL_NO_COMP $xcflags"; } | ||
| 1063 | elsif (/^enable-zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 } | ||
| 1064 | elsif (/^enable-zlib-dynamic$/) | ||
| 1065 | { | ||
| 1066 | $zlib_opt = 2; | ||
| 1067 | } | ||
| 1068 | elsif (/^no-static-engine/) | ||
| 1069 | { | ||
| 1070 | $no_static_engine = 1; | ||
| 1071 | } | ||
| 1072 | elsif (/^enable-static-engine/) | ||
| 1073 | { | ||
| 1074 | $no_static_engine = 0; | ||
| 1075 | } | ||
| 1076 | # There are also enable-xxx options which correspond to | ||
| 1077 | # the no-xxx. Since the scalars are enabled by default | ||
| 1078 | # these can be ignored. | ||
| 1079 | elsif (/^enable-/) | ||
| 1080 | { | ||
| 1081 | my $t = $_; | ||
| 1082 | $t =~ s/^enable/no/; | ||
| 1083 | if (exists $valid_options{$t}) | ||
| 1084 | {return 1;} | ||
| 1085 | return 0; | ||
| 1086 | } | ||
| 1115 | elsif (/^--with-krb5-flavor=(.*)$/) | 1087 | elsif (/^--with-krb5-flavor=(.*)$/) |
| 1116 | { | 1088 | { |
| 1117 | my $krb5_flavor = $1; | 1089 | my $krb5_flavor = $1; |
| @@ -1135,31 +1107,3 @@ sub read_options | |||
| 1135 | else { return(0); } | 1107 | else { return(0); } |
| 1136 | return(1); | 1108 | return(1); |
| 1137 | } | 1109 | } |
| 1138 | |||
| 1139 | sub fipslib_error | ||
| 1140 | { | ||
| 1141 | print STDERR "***FIPS module directory sanity check failed***\n"; | ||
| 1142 | print STDERR "FIPS module build failed, or was deleted\n"; | ||
| 1143 | print STDERR "Please rebuild FIPS module.\n"; | ||
| 1144 | exit 1; | ||
| 1145 | } | ||
| 1146 | |||
| 1147 | sub fips_check_files | ||
| 1148 | { | ||
| 1149 | my $dir = shift @_; | ||
| 1150 | my $ret = 1; | ||
| 1151 | if (!-d $dir) | ||
| 1152 | { | ||
| 1153 | print STDERR "FIPS module directory $dir does not exist\n"; | ||
| 1154 | fipslib_error(); | ||
| 1155 | } | ||
| 1156 | foreach (@_) | ||
| 1157 | { | ||
| 1158 | if (!-f "$dir${o}$_") | ||
| 1159 | { | ||
| 1160 | print STDERR "FIPS module file $_ does not exist!\n"; | ||
| 1161 | $ret = 0; | ||
| 1162 | } | ||
| 1163 | } | ||
| 1164 | fipslib_error() if ($ret == 0); | ||
| 1165 | } | ||
diff --git a/src/lib/libcrypto/util/mkdef.pl b/src/lib/libcrypto/util/mkdef.pl index 6c1e53bb14..ef1cc6e513 100644 --- a/src/lib/libcrypto/util/mkdef.pl +++ b/src/lib/libcrypto/util/mkdef.pl | |||
| @@ -79,19 +79,29 @@ my $OS2=0; | |||
| 79 | my $safe_stack_def = 0; | 79 | my $safe_stack_def = 0; |
| 80 | 80 | ||
| 81 | my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT", | 81 | my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT", |
| 82 | "EXPORT_VAR_AS_FUNCTION", "OPENSSL_FIPS" ); | 82 | "EXPORT_VAR_AS_FUNCTION", "ZLIB" ); |
| 83 | my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" ); | 83 | my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" ); |
| 84 | my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", | 84 | my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", |
| 85 | "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", | 85 | "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", |
| 86 | "SHA256", "SHA512", "RIPEMD", | 86 | "SHA256", "SHA512", "RIPEMD", |
| 87 | "MDC2", "RSA", "DSA", "DH", "EC", "HMAC", "AES", | 87 | "MDC2", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "HMAC", "AES", "CAMELLIA", "SEED", |
| 88 | # Envelope "algorithms" | 88 | # Envelope "algorithms" |
| 89 | "EVP", "X509", "ASN1_TYPEDEFS", | 89 | "EVP", "X509", "ASN1_TYPEDEFS", |
| 90 | # Helper "algorithms" | 90 | # Helper "algorithms" |
| 91 | "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR", | 91 | "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR", |
| 92 | "LOCKING", | 92 | "LOCKING", |
| 93 | # External "algorithms" | 93 | # External "algorithms" |
| 94 | "FP_API", "STDIO", "SOCK", "KRB5", "ENGINE", "HW" ); | 94 | "FP_API", "STDIO", "SOCK", "KRB5", "DGRAM", |
| 95 | # Engines | ||
| 96 | "STATIC_ENGINE", "ENGINE", "HW", "GMP", | ||
| 97 | # RFC3779 support | ||
| 98 | "RFC3779", | ||
| 99 | # TLS extension support | ||
| 100 | "TLSEXT", | ||
| 101 | # CMS | ||
| 102 | "CMS", | ||
| 103 | # Deprecated functions | ||
| 104 | "DEPRECATED" ); | ||
| 95 | 105 | ||
| 96 | my $options=""; | 106 | my $options=""; |
| 97 | open(IN,"<Makefile") || die "unable to open Makefile!\n"; | 107 | open(IN,"<Makefile") || die "unable to open Makefile!\n"; |
| @@ -107,9 +117,11 @@ my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf; | |||
| 107 | my $no_cast; | 117 | my $no_cast; |
| 108 | my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; | 118 | my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; |
| 109 | my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5; | 119 | my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5; |
| 110 | my $no_ec; my $no_engine; my $no_hw; | 120 | my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; my $no_camellia; |
| 111 | my $no_fp_api; | 121 | my $no_seed; |
| 112 | my $fips; | 122 | my $no_fp_api; my $no_static_engine; my $no_gmp; my $no_deprecated; |
| 123 | my $no_rfc3779; my $no_tlsext; my $no_cms; | ||
| 124 | |||
| 113 | 125 | ||
| 114 | foreach (@ARGV, split(/ /, $options)) | 126 | foreach (@ARGV, split(/ /, $options)) |
| 115 | { | 127 | { |
| @@ -130,7 +142,11 @@ foreach (@ARGV, split(/ /, $options)) | |||
| 130 | } | 142 | } |
| 131 | $VMS=1 if $_ eq "VMS"; | 143 | $VMS=1 if $_ eq "VMS"; |
| 132 | $OS2=1 if $_ eq "OS2"; | 144 | $OS2=1 if $_ eq "OS2"; |
| 133 | $fips=1 if $_ eq "fips"; | 145 | if ($_ eq "zlib" || $_ eq "zlib-dynamic" |
| 146 | || $_ eq "enable-zlib-dynamic") { | ||
| 147 | $zlib = 1; | ||
| 148 | } | ||
| 149 | |||
| 134 | 150 | ||
| 135 | $do_ssl=1 if $_ eq "ssleay"; | 151 | $do_ssl=1 if $_ eq "ssleay"; |
| 136 | if ($_ eq "ssl") { | 152 | if ($_ eq "ssl") { |
| @@ -142,6 +158,8 @@ foreach (@ARGV, split(/ /, $options)) | |||
| 142 | $do_crypto=1; | 158 | $do_crypto=1; |
| 143 | $libname=$_; | 159 | $libname=$_; |
| 144 | } | 160 | } |
| 161 | $no_static_engine=1 if $_ eq "no-static-engine"; | ||
| 162 | $no_static_engine=0 if $_ eq "enable-static-engine"; | ||
| 145 | $do_update=1 if $_ eq "update"; | 163 | $do_update=1 if $_ eq "update"; |
| 146 | $do_rewrite=1 if $_ eq "rewrite"; | 164 | $do_rewrite=1 if $_ eq "rewrite"; |
| 147 | $do_ctest=1 if $_ eq "ctest"; | 165 | $do_ctest=1 if $_ eq "ctest"; |
| @@ -166,8 +184,12 @@ foreach (@ARGV, split(/ /, $options)) | |||
| 166 | elsif (/^no-dsa$/) { $no_dsa=1; } | 184 | elsif (/^no-dsa$/) { $no_dsa=1; } |
| 167 | elsif (/^no-dh$/) { $no_dh=1; } | 185 | elsif (/^no-dh$/) { $no_dh=1; } |
| 168 | elsif (/^no-ec$/) { $no_ec=1; } | 186 | elsif (/^no-ec$/) { $no_ec=1; } |
| 187 | elsif (/^no-ecdsa$/) { $no_ecdsa=1; } | ||
| 188 | elsif (/^no-ecdh$/) { $no_ecdh=1; } | ||
| 169 | elsif (/^no-hmac$/) { $no_hmac=1; } | 189 | elsif (/^no-hmac$/) { $no_hmac=1; } |
| 170 | elsif (/^no-aes$/) { $no_aes=1; } | 190 | elsif (/^no-aes$/) { $no_aes=1; } |
| 191 | elsif (/^no-camellia$/) { $no_camellia=1; } | ||
| 192 | elsif (/^no-seed$/) { $no_seed=1; } | ||
| 171 | elsif (/^no-evp$/) { $no_evp=1; } | 193 | elsif (/^no-evp$/) { $no_evp=1; } |
| 172 | elsif (/^no-lhash$/) { $no_lhash=1; } | 194 | elsif (/^no-lhash$/) { $no_lhash=1; } |
| 173 | elsif (/^no-stack$/) { $no_stack=1; } | 195 | elsif (/^no-stack$/) { $no_stack=1; } |
| @@ -180,6 +202,10 @@ foreach (@ARGV, split(/ /, $options)) | |||
| 180 | elsif (/^no-krb5$/) { $no_krb5=1; } | 202 | elsif (/^no-krb5$/) { $no_krb5=1; } |
| 181 | elsif (/^no-engine$/) { $no_engine=1; } | 203 | elsif (/^no-engine$/) { $no_engine=1; } |
| 182 | elsif (/^no-hw$/) { $no_hw=1; } | 204 | elsif (/^no-hw$/) { $no_hw=1; } |
| 205 | elsif (/^no-gmp$/) { $no_gmp=1; } | ||
| 206 | elsif (/^no-rfc3779$/) { $no_rfc3779=1; } | ||
| 207 | elsif (/^no-tlsext$/) { $no_tlsext=1; } | ||
| 208 | elsif (/^no-cms$/) { $no_cms=1; } | ||
| 183 | } | 209 | } |
| 184 | 210 | ||
| 185 | 211 | ||
| @@ -215,8 +241,10 @@ $max_crypto = $max_num; | |||
| 215 | 241 | ||
| 216 | my $ssl="ssl/ssl.h"; | 242 | my $ssl="ssl/ssl.h"; |
| 217 | $ssl.=" ssl/kssl.h"; | 243 | $ssl.=" ssl/kssl.h"; |
| 244 | $ssl.=" ssl/tls1.h"; | ||
| 218 | 245 | ||
| 219 | my $crypto ="crypto/crypto.h"; | 246 | my $crypto ="crypto/crypto.h"; |
| 247 | $crypto.=" crypto/o_dir.h"; | ||
| 220 | $crypto.=" crypto/des/des.h crypto/des/des_old.h" ; # unless $no_des; | 248 | $crypto.=" crypto/des/des.h crypto/des/des_old.h" ; # unless $no_des; |
| 221 | $crypto.=" crypto/idea/idea.h" ; # unless $no_idea; | 249 | $crypto.=" crypto/idea/idea.h" ; # unless $no_idea; |
| 222 | $crypto.=" crypto/rc4/rc4.h" ; # unless $no_rc4; | 250 | $crypto.=" crypto/rc4/rc4.h" ; # unless $no_rc4; |
| @@ -231,12 +259,16 @@ $crypto.=" crypto/mdc2/mdc2.h" ; # unless $no_mdc2; | |||
| 231 | $crypto.=" crypto/sha/sha.h" ; # unless $no_sha; | 259 | $crypto.=" crypto/sha/sha.h" ; # unless $no_sha; |
| 232 | $crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd; | 260 | $crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd; |
| 233 | $crypto.=" crypto/aes/aes.h" ; # unless $no_aes; | 261 | $crypto.=" crypto/aes/aes.h" ; # unless $no_aes; |
| 262 | $crypto.=" crypto/camellia/camellia.h" ; # unless $no_camellia; | ||
| 263 | $crypto.=" crypto/seed/seed.h"; # unless $no_seed; | ||
| 234 | 264 | ||
| 235 | $crypto.=" crypto/bn/bn.h"; | 265 | $crypto.=" crypto/bn/bn.h"; |
| 236 | $crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa; | 266 | $crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa; |
| 237 | $crypto.=" crypto/dsa/dsa.h" ; # unless $no_dsa; | 267 | $crypto.=" crypto/dsa/dsa.h" ; # unless $no_dsa; |
| 238 | $crypto.=" crypto/dh/dh.h" ; # unless $no_dh; | 268 | $crypto.=" crypto/dh/dh.h" ; # unless $no_dh; |
| 239 | $crypto.=" crypto/ec/ec.h" ; # unless $no_ec; | 269 | $crypto.=" crypto/ec/ec.h" ; # unless $no_ec; |
| 270 | $crypto.=" crypto/ecdsa/ecdsa.h" ; # unless $no_ecdsa; | ||
| 271 | $crypto.=" crypto/ecdh/ecdh.h" ; # unless $no_ecdh; | ||
| 240 | $crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac; | 272 | $crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac; |
| 241 | 273 | ||
| 242 | $crypto.=" crypto/engine/engine.h"; # unless $no_engine; | 274 | $crypto.=" crypto/engine/engine.h"; # unless $no_engine; |
| @@ -267,7 +299,9 @@ $crypto.=" crypto/ocsp/ocsp.h"; | |||
| 267 | $crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h"; | 299 | $crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h"; |
| 268 | $crypto.=" crypto/krb5/krb5_asn.h"; | 300 | $crypto.=" crypto/krb5/krb5_asn.h"; |
| 269 | $crypto.=" crypto/tmdiff.h"; | 301 | $crypto.=" crypto/tmdiff.h"; |
| 270 | $crypto.=" fips-1.0/fips.h fips-1.0/rand/fips_rand.h fips-1.0/sha/fips_sha.h"; | 302 | $crypto.=" crypto/store/store.h"; |
| 303 | $crypto.=" crypto/pqueue/pqueue.h"; | ||
| 304 | $crypto.=" crypto/cms/cms.h"; | ||
| 271 | 305 | ||
| 272 | my $symhacks="crypto/symhacks.h"; | 306 | my $symhacks="crypto/symhacks.h"; |
| 273 | 307 | ||
| @@ -423,7 +457,11 @@ sub do_defs | |||
| 423 | 457 | ||
| 424 | print STDERR "DEBUG: parsing ----------\n" if $debug; | 458 | print STDERR "DEBUG: parsing ----------\n" if $debug; |
| 425 | while(<IN>) { | 459 | while(<IN>) { |
| 426 | last if (/\/\* Error codes for the \w+ functions\. \*\//); | 460 | if (/\/\* Error codes for the \w+ functions\. \*\//) |
| 461 | { | ||
| 462 | undef @tag; | ||
| 463 | last; | ||
| 464 | } | ||
| 427 | if ($line ne '') { | 465 | if ($line ne '') { |
| 428 | $_ = $line . $_; | 466 | $_ = $line . $_; |
| 429 | $line = ''; | 467 | $line = ''; |
| @@ -436,17 +474,22 @@ sub do_defs | |||
| 436 | next; | 474 | next; |
| 437 | } | 475 | } |
| 438 | 476 | ||
| 439 | $cpp = 1 if /^\#.*ifdef.*cplusplus/; | 477 | if(/\/\*/) { |
| 478 | if (not /\*\//) { # multiline comment... | ||
| 479 | $line = $_; # ... just accumulate | ||
| 480 | next; | ||
| 481 | } else { | ||
| 482 | s/\/\*.*?\*\///gs;# wipe it | ||
| 483 | } | ||
| 484 | } | ||
| 485 | |||
| 440 | if ($cpp) { | 486 | if ($cpp) { |
| 441 | $cpp = 0 if /^\#.*endif/; | 487 | $cpp++ if /^#\s*if/; |
| 488 | $cpp-- if /^#\s*endif/; | ||
| 442 | next; | 489 | next; |
| 443 | } | 490 | } |
| 491 | $cpp = 1 if /^#.*ifdef.*cplusplus/; | ||
| 444 | 492 | ||
| 445 | s/\/\*.*?\*\///gs; # ignore comments | ||
| 446 | if (/\/\*/) { # if we have part | ||
| 447 | $line = $_; # of a comment, | ||
| 448 | next; # continue reading | ||
| 449 | } | ||
| 450 | s/{[^{}]*}//gs; # ignore {} blocks | 493 | s/{[^{}]*}//gs; # ignore {} blocks |
| 451 | print STDERR "DEBUG: \$def=\"$def\"\n" if $debug && $def ne ""; | 494 | print STDERR "DEBUG: \$def=\"$def\"\n" if $debug && $def ne ""; |
| 452 | print STDERR "DEBUG: \$_=\"$_\"\n" if $debug; | 495 | print STDERR "DEBUG: \$_=\"$_\"\n" if $debug; |
| @@ -505,7 +548,7 @@ sub do_defs | |||
| 505 | } | 548 | } |
| 506 | } elsif (/^\#\s*endif/) { | 549 | } elsif (/^\#\s*endif/) { |
| 507 | my $tag_i = $#tag; | 550 | my $tag_i = $#tag; |
| 508 | while($tag[$tag_i] ne "-") { | 551 | while($tag_i > 0 && $tag[$tag_i] ne "-") { |
| 509 | my $t=$tag[$tag_i]; | 552 | my $t=$tag[$tag_i]; |
| 510 | print STDERR "DEBUG: \$t=\"$t\"\n" if $debug; | 553 | print STDERR "DEBUG: \$t=\"$t\"\n" if $debug; |
| 511 | if ($tag{$t}==2) { | 554 | if ($tag{$t}==2) { |
| @@ -672,6 +715,10 @@ sub do_defs | |||
| 672 | "EXPORT_VAR_AS_FUNCTION", | 715 | "EXPORT_VAR_AS_FUNCTION", |
| 673 | "FUNCTION"); | 716 | "FUNCTION"); |
| 674 | next; | 717 | next; |
| 718 | } elsif (/^\s*DECLARE_ASN1_ALLOC_FUNCTIONS\s*\(\s*(\w*)\s*\)/) { | ||
| 719 | $def .= "int $1_free(void);"; | ||
| 720 | $def .= "int $1_new(void);"; | ||
| 721 | next; | ||
| 675 | } elsif (/^\s*DECLARE_ASN1_FUNCTIONS_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) { | 722 | } elsif (/^\s*DECLARE_ASN1_FUNCTIONS_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) { |
| 676 | $def .= "int d2i_$2(void);"; | 723 | $def .= "int d2i_$2(void);"; |
| 677 | $def .= "int i2d_$2(void);"; | 724 | $def .= "int i2d_$2(void);"; |
| @@ -716,12 +763,21 @@ sub do_defs | |||
| 716 | "EXPORT_VAR_AS_FUNCTION", | 763 | "EXPORT_VAR_AS_FUNCTION", |
| 717 | "FUNCTION"); | 764 | "FUNCTION"); |
| 718 | next; | 765 | next; |
| 766 | } elsif (/^\s*DECLARE_ASN1_NDEF_FUNCTION\s*\(\s*(\w*)\s*\)/) { | ||
| 767 | $def .= "int i2d_$1_NDEF(void);"; | ||
| 719 | } elsif (/^\s*DECLARE_ASN1_SET_OF\s*\(\s*(\w*)\s*\)/) { | 768 | } elsif (/^\s*DECLARE_ASN1_SET_OF\s*\(\s*(\w*)\s*\)/) { |
| 720 | next; | 769 | next; |
| 770 | } elsif (/^\s*DECLARE_ASN1_PRINT_FUNCTION\s*\(\s*(\w*)\s*\)/) { | ||
| 771 | $def .= "int $1_print_ctx(void);"; | ||
| 772 | next; | ||
| 773 | } elsif (/^\s*DECLARE_ASN1_PRINT_FUNCTION_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) { | ||
| 774 | $def .= "int $2_print_ctx(void);"; | ||
| 775 | next; | ||
| 721 | } elsif (/^\s*DECLARE_PKCS12_STACK_OF\s*\(\s*(\w*)\s*\)/) { | 776 | } elsif (/^\s*DECLARE_PKCS12_STACK_OF\s*\(\s*(\w*)\s*\)/) { |
| 722 | next; | 777 | next; |
| 723 | } elsif (/^DECLARE_PEM_rw\s*\(\s*(\w*)\s*,/ || | 778 | } elsif (/^DECLARE_PEM_rw\s*\(\s*(\w*)\s*,/ || |
| 724 | /^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ ) { | 779 | /^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ || |
| 780 | /^DECLARE_PEM_rw_const\s*\(\s*(\w*)\s*,/ ) { | ||
| 725 | # Things not in Win16 | 781 | # Things not in Win16 |
| 726 | $def .= | 782 | $def .= |
| 727 | "#INFO:" | 783 | "#INFO:" |
| @@ -797,7 +853,7 @@ sub do_defs | |||
| 797 | } | 853 | } |
| 798 | close(IN); | 854 | close(IN); |
| 799 | 855 | ||
| 800 | my $algs = ''; | 856 | my $algs; |
| 801 | my $plays; | 857 | my $plays; |
| 802 | 858 | ||
| 803 | print STDERR "DEBUG: postprocessing ----------\n" if $debug; | 859 | print STDERR "DEBUG: postprocessing ----------\n" if $debug; |
| @@ -809,6 +865,17 @@ sub do_defs | |||
| 809 | next if(/typedef\W/); | 865 | next if(/typedef\W/); |
| 810 | next if(/\#define/); | 866 | next if(/\#define/); |
| 811 | 867 | ||
| 868 | # Reduce argument lists to empty () | ||
| 869 | # fold round brackets recursively: (t(*v)(t),t) -> (t{}{},t) -> {} | ||
| 870 | while(/\(.*\)/s) { | ||
| 871 | s/\([^\(\)]+\)/\{\}/gs; | ||
| 872 | s/\(\s*\*\s*(\w+)\s*\{\}\s*\)/$1/gs; #(*f{}) -> f | ||
| 873 | } | ||
| 874 | # pretend as we didn't use curly braces: {} -> () | ||
| 875 | s/\{\}/\(\)/gs; | ||
| 876 | |||
| 877 | s/STACK_OF\(\)/void/gs; | ||
| 878 | |||
| 812 | print STDERR "DEBUG: \$_ = \"$_\"\n" if $debug; | 879 | print STDERR "DEBUG: \$_ = \"$_\"\n" if $debug; |
| 813 | if (/^\#INFO:([^:]*):(.*)$/) { | 880 | if (/^\#INFO:([^:]*):(.*)$/) { |
| 814 | $plats = $1; | 881 | $plats = $1; |
| @@ -819,21 +886,10 @@ sub do_defs | |||
| 819 | $s = $1; | 886 | $s = $1; |
| 820 | $k = "VARIABLE"; | 887 | $k = "VARIABLE"; |
| 821 | print STDERR "DEBUG: found external variable $s\n" if $debug; | 888 | print STDERR "DEBUG: found external variable $s\n" if $debug; |
| 822 | } elsif (/\(\*(\w*(\{[0-9]+\})?)\([^\)]+/) { | 889 | } elsif (/TYPEDEF_\w+_OF/s) { |
| 823 | $s = $1; | ||
| 824 | print STDERR "DEBUG: found ANSI C function $s\n" if $debug; | ||
| 825 | } elsif (/\w+\W+(\w+)\W*\(\s*\)(\s*__attribute__\(.*\)\s*)?$/s) { | ||
| 826 | # K&R C | ||
| 827 | print STDERR "DEBUG: found K&R C function $s\n" if $debug; | ||
| 828 | next; | 890 | next; |
| 829 | } elsif (/\w+\W+\w+(\{[0-9]+\})?\W*\(.*\)(\s*__attribute__\(.*\)\s*)?$/s) { | 891 | } elsif (/(\w+)\s*\(\).*/s) { # first token prior [first] () is |
| 830 | while (not /\(\)(\s*__attribute__\(.*\)\s*)?$/s) { | 892 | $s = $1; # a function name! |
| 831 | s/[^\(\)]*\)(\s*__attribute__\(.*\)\s*)?$/\)/s; | ||
| 832 | s/\([^\(\)]*\)\)(\s*__attribute__\(.*\)\s*)?$/\)/s; | ||
| 833 | } | ||
| 834 | s/\(void\)//; | ||
| 835 | /(\w+(\{[0-9]+\})?)\W*\(\)/s; | ||
| 836 | $s = $1; | ||
| 837 | print STDERR "DEBUG: found function $s\n" if $debug; | 893 | print STDERR "DEBUG: found function $s\n" if $debug; |
| 838 | } elsif (/\(/ and not (/=/)) { | 894 | } elsif (/\(/ and not (/=/)) { |
| 839 | print STDERR "File $file: cannot parse: $_;\n"; | 895 | print STDERR "File $file: cannot parse: $_;\n"; |
| @@ -864,13 +920,9 @@ sub do_defs | |||
| 864 | $a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/); | 920 | $a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/); |
| 865 | $a .= ",RSA" if($s =~ /RSAPrivateKey/); | 921 | $a .= ",RSA" if($s =~ /RSAPrivateKey/); |
| 866 | $a .= ",RSA" if($s =~ /SSLv23?_((client|server)_)?method/); | 922 | $a .= ",RSA" if($s =~ /SSLv23?_((client|server)_)?method/); |
| 867 | # SHA2 algorithms only defined in FIPS mode for | ||
| 868 | # OpenSSL 0.9.7 | ||
| 869 | $p .= "OPENSSL_FIPS" if($s =~ /SHA[235]/); | ||
| 870 | 923 | ||
| 871 | $platform{$s} = | 924 | $platform{$s} = |
| 872 | &reduce_platforms((defined($platform{$s})?$platform{$s}.',':"").$p); | 925 | &reduce_platforms((defined($platform{$s})?$platform{$s}.',':"").$p); |
| 873 | $algorithm{$s} = '' if !defined $algorithm{$s}; | ||
| 874 | $algorithm{$s} .= ','.$a; | 926 | $algorithm{$s} .= ','.$a; |
| 875 | 927 | ||
| 876 | if (defined($variant{$s})) { | 928 | if (defined($variant{$s})) { |
| @@ -1035,9 +1087,7 @@ sub is_valid | |||
| 1035 | if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) { | 1087 | if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) { |
| 1036 | return 1; | 1088 | return 1; |
| 1037 | } | 1089 | } |
| 1038 | if ($keyword eq "OPENSSL_FIPS" && $fips) { | 1090 | if ($keyword eq "ZLIB" && $zlib) { return 1; } |
| 1039 | return 1; | ||
| 1040 | } | ||
| 1041 | return 0; | 1091 | return 0; |
| 1042 | } else { | 1092 | } else { |
| 1043 | # algorithms | 1093 | # algorithms |
| @@ -1058,8 +1108,12 @@ sub is_valid | |||
| 1058 | if ($keyword eq "DSA" && $no_dsa) { return 0; } | 1108 | if ($keyword eq "DSA" && $no_dsa) { return 0; } |
| 1059 | if ($keyword eq "DH" && $no_dh) { return 0; } | 1109 | if ($keyword eq "DH" && $no_dh) { return 0; } |
| 1060 | if ($keyword eq "EC" && $no_ec) { return 0; } | 1110 | if ($keyword eq "EC" && $no_ec) { return 0; } |
| 1111 | if ($keyword eq "ECDSA" && $no_ecdsa) { return 0; } | ||
| 1112 | if ($keyword eq "ECDH" && $no_ecdh) { return 0; } | ||
| 1061 | if ($keyword eq "HMAC" && $no_hmac) { return 0; } | 1113 | if ($keyword eq "HMAC" && $no_hmac) { return 0; } |
| 1062 | if ($keyword eq "AES" && $no_aes) { return 0; } | 1114 | if ($keyword eq "AES" && $no_aes) { return 0; } |
| 1115 | if ($keyword eq "CAMELLIA" && $no_camellia) { return 0; } | ||
| 1116 | if ($keyword eq "SEED" && $no_seed) { return 0; } | ||
| 1063 | if ($keyword eq "EVP" && $no_evp) { return 0; } | 1117 | if ($keyword eq "EVP" && $no_evp) { return 0; } |
| 1064 | if ($keyword eq "LHASH" && $no_lhash) { return 0; } | 1118 | if ($keyword eq "LHASH" && $no_lhash) { return 0; } |
| 1065 | if ($keyword eq "STACK" && $no_stack) { return 0; } | 1119 | if ($keyword eq "STACK" && $no_stack) { return 0; } |
| @@ -1072,6 +1126,12 @@ sub is_valid | |||
| 1072 | if ($keyword eq "ENGINE" && $no_engine) { return 0; } | 1126 | if ($keyword eq "ENGINE" && $no_engine) { return 0; } |
| 1073 | if ($keyword eq "HW" && $no_hw) { return 0; } | 1127 | if ($keyword eq "HW" && $no_hw) { return 0; } |
| 1074 | if ($keyword eq "FP_API" && $no_fp_api) { return 0; } | 1128 | if ($keyword eq "FP_API" && $no_fp_api) { return 0; } |
| 1129 | if ($keyword eq "STATIC_ENGINE" && $no_static_engine) { return 0; } | ||
| 1130 | if ($keyword eq "GMP" && $no_gmp) { return 0; } | ||
| 1131 | if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; } | ||
| 1132 | if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; } | ||
| 1133 | if ($keyword eq "CMS" && $no_cms) { return 0; } | ||
| 1134 | if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; } | ||
| 1075 | 1135 | ||
| 1076 | # Nothing recognise as true | 1136 | # Nothing recognise as true |
| 1077 | return 1; | 1137 | return 1; |
| @@ -1174,8 +1234,6 @@ EOO | |||
| 1174 | 1234 | ||
| 1175 | LIBRARY $libname $liboptions | 1235 | LIBRARY $libname $liboptions |
| 1176 | 1236 | ||
| 1177 | DESCRIPTION '$description' | ||
| 1178 | |||
| 1179 | EOF | 1237 | EOF |
| 1180 | 1238 | ||
| 1181 | if ($W16) { | 1239 | if ($W16) { |
diff --git a/src/lib/libcrypto/util/mkdir-p.pl b/src/lib/libcrypto/util/mkdir-p.pl index 6c69c2daa4..e73d02b073 100644 --- a/src/lib/libcrypto/util/mkdir-p.pl +++ b/src/lib/libcrypto/util/mkdir-p.pl | |||
| @@ -8,6 +8,7 @@ | |||
| 8 | my $arg; | 8 | my $arg; |
| 9 | 9 | ||
| 10 | foreach $arg (@ARGV) { | 10 | foreach $arg (@ARGV) { |
| 11 | $arg =~ tr|\\|/|; | ||
| 11 | &do_mkdir_p($arg); | 12 | &do_mkdir_p($arg); |
| 12 | } | 13 | } |
| 13 | 14 | ||
diff --git a/src/lib/libcrypto/util/mkerr.pl b/src/lib/libcrypto/util/mkerr.pl index 9678514604..53e14ab4df 100644 --- a/src/lib/libcrypto/util/mkerr.pl +++ b/src/lib/libcrypto/util/mkerr.pl | |||
| @@ -44,8 +44,7 @@ while (@ARGV) { | |||
| 44 | } | 44 | } |
| 45 | 45 | ||
| 46 | if($recurse) { | 46 | if($recurse) { |
| 47 | @source = (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>, <fips-1.0/*.c>, | 47 | @source = (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>); |
| 48 | <fips-1.0/*/*.c>); | ||
| 49 | } else { | 48 | } else { |
| 50 | @source = @ARGV; | 49 | @source = @ARGV; |
| 51 | } | 50 | } |
| @@ -66,6 +65,8 @@ while(<IN>) | |||
| 66 | $csrc{$1} = $3; | 65 | $csrc{$1} = $3; |
| 67 | $fmax{$1} = 99; | 66 | $fmax{$1} = 99; |
| 68 | $rmax{$1} = 99; | 67 | $rmax{$1} = 99; |
| 68 | $fassigned{$1} = ":"; | ||
| 69 | $rassigned{$1} = ":"; | ||
| 69 | $fnew{$1} = 0; | 70 | $fnew{$1} = 0; |
| 70 | $rnew{$1} = 0; | 71 | $rnew{$1} = 0; |
| 71 | } | 72 | } |
| @@ -104,15 +105,24 @@ while (($hdr, $lib) = each %libinc) | |||
| 104 | next; | 105 | next; |
| 105 | } | 106 | } |
| 106 | 107 | ||
| 107 | $cpp = 1 if /^#.*ifdef.*cplusplus/; # skip "C" declaration | 108 | if(/\/\*/) { |
| 109 | if (not /\*\//) { # multiline comment... | ||
| 110 | $line = $_; # ... just accumulate | ||
| 111 | next; | ||
| 112 | } else { | ||
| 113 | s/\/\*.*?\*\///gs; # wipe it | ||
| 114 | } | ||
| 115 | } | ||
| 116 | |||
| 108 | if ($cpp) { | 117 | if ($cpp) { |
| 109 | $cpp = 0 if /^#.*endif/; | 118 | $cpp++ if /^#\s*if/; |
| 119 | $cpp-- if /^#\s*endif/; | ||
| 110 | next; | 120 | next; |
| 111 | } | 121 | } |
| 122 | $cpp = 1 if /^#.*ifdef.*cplusplus/; # skip "C" declaration | ||
| 112 | 123 | ||
| 113 | next if (/^\#/); # skip preprocessor directives | 124 | next if (/^\#/); # skip preprocessor directives |
| 114 | 125 | ||
| 115 | s/\/\*.*?\*\///gs; # ignore comments | ||
| 116 | s/{[^{}]*}//gs; # ignore {} blocks | 126 | s/{[^{}]*}//gs; # ignore {} blocks |
| 117 | 127 | ||
| 118 | if (/\{|\/\*/) { # Add a } so editor works... | 128 | if (/\{|\/\*/) { # Add a } so editor works... |
| @@ -125,31 +135,37 @@ while (($hdr, $lib) = each %libinc) | |||
| 125 | 135 | ||
| 126 | print STDERR " \r" if $debug; | 136 | print STDERR " \r" if $debug; |
| 127 | $defnr = 0; | 137 | $defnr = 0; |
| 138 | # Delete any DECLARE_ macros | ||
| 139 | $def =~ s/DECLARE_\w+\([\w,\s]+\)//gs; | ||
| 128 | foreach (split /;/, $def) { | 140 | foreach (split /;/, $def) { |
| 129 | $defnr++; | 141 | $defnr++; |
| 130 | print STDERR "def: $defnr\r" if $debug; | 142 | print STDERR "def: $defnr\r" if $debug; |
| 131 | 143 | ||
| 144 | # The goal is to collect function names from function declarations. | ||
| 145 | |||
| 132 | s/^[\n\s]*//g; | 146 | s/^[\n\s]*//g; |
| 133 | s/[\n\s]*$//g; | 147 | s/[\n\s]*$//g; |
| 134 | next if(/typedef\W/); | 148 | |
| 135 | if (/\(\*(\w*)\([^\)]+/) { | 149 | # Skip over recognized non-function declarations |
| 136 | my $name = $1; | 150 | next if(/typedef\W/ or /DECLARE_STACK_OF/ or /TYPEDEF_.*_OF/); |
| 137 | $name =~ tr/[a-z]/[A-Z]/; | 151 | |
| 138 | $ftrans{$name} = $1; | 152 | # Remove STACK_OF(foo) |
| 139 | } elsif (/\w+\W+(\w+)\W*\(\s*\)(\s*__attribute__\(.*\)\s*)?$/s){ | 153 | s/STACK_OF\(\w+\)/void/; |
| 140 | # K&R C | 154 | |
| 141 | next ; | 155 | # Reduce argument lists to empty () |
| 142 | } elsif (/\w+\W+\w+\W*\(.*\)(\s*__attribute__\(.*\)\s*)?$/s) { | 156 | # fold round brackets recursively: (t(*v)(t),t) -> (t{}{},t) -> {} |
| 143 | while (not /\(\)(\s*__attribute__\(.*\)\s*)?$/s) { | 157 | while(/\(.*\)/s) { |
| 144 | s/[^\(\)]*\)(\s*__attribute__\(.*\)\s*)?$/\)/s; | 158 | s/\([^\(\)]+\)/\{\}/gs; |
| 145 | s/\([^\(\)]*\)\)(\s*__attribute__\(.*\)\s*)?$/\)/s; | 159 | s/\(\s*\*\s*(\w+)\s*\{\}\s*\)/$1/gs; #(*f{}) -> f |
| 146 | } | 160 | } |
| 147 | s/\(void\)//; | 161 | # pretend as we didn't use curly braces: {} -> () |
| 148 | /(\w+(\{[0-9]+\})?)\W*\(\)/s; | 162 | s/\{\}/\(\)/gs; |
| 149 | my $name = $1; | 163 | |
| 164 | if (/(\w+)\s*\(\).*/s) { # first token prior [first] () is | ||
| 165 | my $name = $1; # a function name! | ||
| 150 | $name =~ tr/[a-z]/[A-Z]/; | 166 | $name =~ tr/[a-z]/[A-Z]/; |
| 151 | $ftrans{$name} = $1; | 167 | $ftrans{$name} = $1; |
| 152 | } elsif (/\(/ and not (/=/ or /DECLARE_STACK/)) { | 168 | } elsif (/[\(\)]/ and not (/=/)) { |
| 153 | print STDERR "Header $hdr: cannot parse: $_;\n"; | 169 | print STDERR "Header $hdr: cannot parse: $_;\n"; |
| 154 | } | 170 | } |
| 155 | } | 171 | } |
| @@ -162,7 +178,7 @@ while (($hdr, $lib) = each %libinc) | |||
| 162 | # maximum code used. | 178 | # maximum code used. |
| 163 | 179 | ||
| 164 | if ($gotfile) { | 180 | if ($gotfile) { |
| 165 | while(<IN>) { | 181 | while(<IN>) { |
| 166 | if(/^\#define\s+(\S+)\s+(\S+)/) { | 182 | if(/^\#define\s+(\S+)\s+(\S+)/) { |
| 167 | $name = $1; | 183 | $name = $1; |
| 168 | $code = $2; | 184 | $code = $2; |
| @@ -173,18 +189,49 @@ while (($hdr, $lib) = each %libinc) | |||
| 173 | } | 189 | } |
| 174 | if($1 eq "R") { | 190 | if($1 eq "R") { |
| 175 | $rcodes{$name} = $code; | 191 | $rcodes{$name} = $code; |
| 192 | if ($rassigned{$lib} =~ /:$code:/) { | ||
| 193 | print STDERR "!! ERROR: $lib reason code $code assigned twice\n"; | ||
| 194 | } | ||
| 195 | $rassigned{$lib} .= "$code:"; | ||
| 176 | if(!(exists $rextra{$name}) && | 196 | if(!(exists $rextra{$name}) && |
| 177 | ($code > $rmax{$lib}) ) { | 197 | ($code > $rmax{$lib}) ) { |
| 178 | $rmax{$lib} = $code; | 198 | $rmax{$lib} = $code; |
| 179 | } | 199 | } |
| 180 | } else { | 200 | } else { |
| 201 | if ($fassigned{$lib} =~ /:$code:/) { | ||
| 202 | print STDERR "!! ERROR: $lib function code $code assigned twice\n"; | ||
| 203 | } | ||
| 204 | $fassigned{$lib} .= "$code:"; | ||
| 181 | if($code > $fmax{$lib}) { | 205 | if($code > $fmax{$lib}) { |
| 182 | $fmax{$lib} = $code; | 206 | $fmax{$lib} = $code; |
| 183 | } | 207 | } |
| 184 | $fcodes{$name} = $code; | 208 | $fcodes{$name} = $code; |
| 185 | } | 209 | } |
| 186 | } | 210 | } |
| 187 | } | 211 | } |
| 212 | } | ||
| 213 | |||
| 214 | if ($debug) { | ||
| 215 | if (defined($fmax{$lib})) { | ||
| 216 | print STDERR "Max function code fmax" . "{" . "$lib" . "} = $fmax{$lib}\n"; | ||
| 217 | $fassigned{$lib} =~ m/^:(.*):$/; | ||
| 218 | @fassigned = sort {$a <=> $b} split(":", $1); | ||
| 219 | print STDERR " @fassigned\n"; | ||
| 220 | } | ||
| 221 | if (defined($rmax{$lib})) { | ||
| 222 | print STDERR "Max reason code rmax" . "{" . "$lib" . "} = $rmax{$lib}\n"; | ||
| 223 | $rassigned{$lib} =~ m/^:(.*):$/; | ||
| 224 | @rassigned = sort {$a <=> $b} split(":", $1); | ||
| 225 | print STDERR " @rassigned\n"; | ||
| 226 | } | ||
| 227 | } | ||
| 228 | |||
| 229 | if ($lib eq "SSL") { | ||
| 230 | if ($rmax{$lib} >= 1000) { | ||
| 231 | print STDERR "!! ERROR: SSL error codes 1000+ are reserved for alerts.\n"; | ||
| 232 | print STDERR "!! Any new alerts must be added to $config.\n"; | ||
| 233 | print STDERR "\n"; | ||
| 234 | } | ||
| 188 | } | 235 | } |
| 189 | close IN; | 236 | close IN; |
| 190 | } | 237 | } |
| @@ -201,11 +248,10 @@ while (($hdr, $lib) = each %libinc) | |||
| 201 | # so all those unreferenced can be printed out. | 248 | # so all those unreferenced can be printed out. |
| 202 | 249 | ||
| 203 | 250 | ||
| 204 | print STDERR "Files loaded: " if $debug; | ||
| 205 | foreach $file (@source) { | 251 | foreach $file (@source) { |
| 206 | # Don't parse the error source file. | 252 | # Don't parse the error source file. |
| 207 | next if exists $cskip{$file}; | 253 | next if exists $cskip{$file}; |
| 208 | print STDERR $file if $debug; | 254 | print STDERR "File loaded: ".$file."\r" if $debug; |
| 209 | open(IN, "<$file") || die "Can't open source file $file\n"; | 255 | open(IN, "<$file") || die "Can't open source file $file\n"; |
| 210 | while(<IN>) { | 256 | while(<IN>) { |
| 211 | if(/(([A-Z0-9]+)_F_([A-Z0-9_]+))/) { | 257 | if(/(([A-Z0-9]+)_F_([A-Z0-9_]+))/) { |
| @@ -229,7 +275,7 @@ foreach $file (@source) { | |||
| 229 | } | 275 | } |
| 230 | close IN; | 276 | close IN; |
| 231 | } | 277 | } |
| 232 | print STDERR "\n" if $debug; | 278 | print STDERR " \n" if $debug; |
| 233 | 279 | ||
| 234 | # Now process each library in turn. | 280 | # Now process each library in turn. |
| 235 | 281 | ||
| @@ -266,7 +312,7 @@ foreach $lib (keys %csrc) | |||
| 266 | } else { | 312 | } else { |
| 267 | push @out, | 313 | push @out, |
| 268 | "/* ====================================================================\n", | 314 | "/* ====================================================================\n", |
| 269 | " * Copyright (c) 2001-2005 The OpenSSL Project. All rights reserved.\n", | 315 | " * Copyright (c) 2001-2008 The OpenSSL Project. All rights reserved.\n", |
| 270 | " *\n", | 316 | " *\n", |
| 271 | " * Redistribution and use in source and binary forms, with or without\n", | 317 | " * Redistribution and use in source and binary forms, with or without\n", |
| 272 | " * modification, are permitted provided that the following conditions\n", | 318 | " * modification, are permitted provided that the following conditions\n", |
| @@ -356,7 +402,16 @@ EOF | |||
| 356 | foreach $i (@function) { | 402 | foreach $i (@function) { |
| 357 | $z=6-int(length($i)/8); | 403 | $z=6-int(length($i)/8); |
| 358 | if($fcodes{$i} eq "X") { | 404 | if($fcodes{$i} eq "X") { |
| 359 | $fcodes{$i} = ++$fmax{$lib}; | 405 | $fassigned{$lib} =~ m/^:([^:]*):/; |
| 406 | $findcode = $1; | ||
| 407 | if (!defined($findcode)) { | ||
| 408 | $findcode = $fmax{$lib}; | ||
| 409 | } | ||
| 410 | while ($fassigned{$lib} =~ m/:$findcode:/) { | ||
| 411 | $findcode++; | ||
| 412 | } | ||
| 413 | $fcodes{$i} = $findcode; | ||
| 414 | $fassigned{$lib} .= "$findcode:"; | ||
| 360 | print STDERR "New Function code $i\n" if $debug; | 415 | print STDERR "New Function code $i\n" if $debug; |
| 361 | } | 416 | } |
| 362 | printf OUT "#define $i%s $fcodes{$i}\n","\t" x $z; | 417 | printf OUT "#define $i%s $fcodes{$i}\n","\t" x $z; |
| @@ -367,7 +422,16 @@ EOF | |||
| 367 | foreach $i (@reasons) { | 422 | foreach $i (@reasons) { |
| 368 | $z=6-int(length($i)/8); | 423 | $z=6-int(length($i)/8); |
| 369 | if($rcodes{$i} eq "X") { | 424 | if($rcodes{$i} eq "X") { |
| 370 | $rcodes{$i} = ++$rmax{$lib}; | 425 | $rassigned{$lib} =~ m/^:([^:]*):/; |
| 426 | $findcode = $1; | ||
| 427 | if (!defined($findcode)) { | ||
| 428 | $findcode = $rmax{$lib}; | ||
| 429 | } | ||
| 430 | while ($rassigned{$lib} =~ m/:$findcode:/) { | ||
| 431 | $findcode++; | ||
| 432 | } | ||
| 433 | $rcodes{$i} = $findcode; | ||
| 434 | $rassigned{$lib} .= "$findcode:"; | ||
| 371 | print STDERR "New Reason code $i\n" if $debug; | 435 | print STDERR "New Reason code $i\n" if $debug; |
| 372 | } | 436 | } |
| 373 | printf OUT "#define $i%s $rcodes{$i}\n","\t" x $z; | 437 | printf OUT "#define $i%s $rcodes{$i}\n","\t" x $z; |
| @@ -422,7 +486,7 @@ EOF | |||
| 422 | print OUT <<"EOF"; | 486 | print OUT <<"EOF"; |
| 423 | /* $cfile */ | 487 | /* $cfile */ |
| 424 | /* ==================================================================== | 488 | /* ==================================================================== |
| 425 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | 489 | * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. |
| 426 | * | 490 | * |
| 427 | * Redistribution and use in source and binary forms, with or without | 491 | * Redistribution and use in source and binary forms, with or without |
| 428 | * modification, are permitted provided that the following conditions | 492 | * modification, are permitted provided that the following conditions |
| @@ -536,17 +600,14 @@ if($static) { | |||
| 536 | 600 | ||
| 537 | ${staticloader}void ERR_load_${lib}_strings(void) | 601 | ${staticloader}void ERR_load_${lib}_strings(void) |
| 538 | { | 602 | { |
| 539 | static int init=1; | 603 | #ifndef OPENSSL_NO_ERR |
| 540 | 604 | ||
| 541 | if (init) | 605 | if (ERR_func_error_string(${lib}_str_functs[0].error) == NULL) |
| 542 | { | 606 | { |
| 543 | init=0; | ||
| 544 | #ifndef OPENSSL_NO_ERR | ||
| 545 | ERR_load_strings($load_errcode,${lib}_str_functs); | 607 | ERR_load_strings($load_errcode,${lib}_str_functs); |
| 546 | ERR_load_strings($load_errcode,${lib}_str_reasons); | 608 | ERR_load_strings($load_errcode,${lib}_str_reasons); |
| 547 | #endif | ||
| 548 | |||
| 549 | } | 609 | } |
| 610 | #endif | ||
| 550 | } | 611 | } |
| 551 | EOF | 612 | EOF |
| 552 | } else { | 613 | } else { |
diff --git a/src/lib/libcrypto/util/mkfiles.pl b/src/lib/libcrypto/util/mkfiles.pl index bc78510f56..1282392fea 100644 --- a/src/lib/libcrypto/util/mkfiles.pl +++ b/src/lib/libcrypto/util/mkfiles.pl | |||
| @@ -24,12 +24,16 @@ my @dirs = ( | |||
| 24 | "crypto/bf", | 24 | "crypto/bf", |
| 25 | "crypto/cast", | 25 | "crypto/cast", |
| 26 | "crypto/aes", | 26 | "crypto/aes", |
| 27 | "crypto/camellia", | ||
| 28 | "crypto/seed", | ||
| 27 | "crypto/bn", | 29 | "crypto/bn", |
| 28 | "crypto/rsa", | 30 | "crypto/rsa", |
| 29 | "crypto/dsa", | 31 | "crypto/dsa", |
| 30 | "crypto/dso", | 32 | "crypto/dso", |
| 31 | "crypto/dh", | 33 | "crypto/dh", |
| 32 | "crypto/ec", | 34 | "crypto/ec", |
| 35 | "crypto/ecdh", | ||
| 36 | "crypto/ecdsa", | ||
| 33 | "crypto/buffer", | 37 | "crypto/buffer", |
| 34 | "crypto/bio", | 38 | "crypto/bio", |
| 35 | "crypto/stack", | 39 | "crypto/stack", |
| @@ -51,17 +55,12 @@ my @dirs = ( | |||
| 51 | "crypto/ocsp", | 55 | "crypto/ocsp", |
| 52 | "crypto/ui", | 56 | "crypto/ui", |
| 53 | "crypto/krb5", | 57 | "crypto/krb5", |
| 54 | "fips-1.0", | 58 | "crypto/store", |
| 55 | "fips-1.0/aes", | 59 | "crypto/pqueue", |
| 56 | "fips-1.0/des", | 60 | "crypto/cms", |
| 57 | "fips-1.0/dsa", | ||
| 58 | "fips-1.0/dh", | ||
| 59 | "fips-1.0/hmac", | ||
| 60 | "fips-1.0/rand", | ||
| 61 | "fips-1.0/rsa", | ||
| 62 | "fips-1.0/sha", | ||
| 63 | "ssl", | 61 | "ssl", |
| 64 | "apps", | 62 | "apps", |
| 63 | "engines", | ||
| 65 | "test", | 64 | "test", |
| 66 | "tools" | 65 | "tools" |
| 67 | ); | 66 | ); |
diff --git a/src/lib/libcrypto/util/mklink.pl b/src/lib/libcrypto/util/mklink.pl index 182732d959..d9bc98aab8 100644 --- a/src/lib/libcrypto/util/mklink.pl +++ b/src/lib/libcrypto/util/mklink.pl | |||
| @@ -14,7 +14,6 @@ | |||
| 14 | # not contain symbolic links and that the parent of / is never referenced. | 14 | # not contain symbolic links and that the parent of / is never referenced. |
| 15 | # Apart from this, this script should be able to handle even the most | 15 | # Apart from this, this script should be able to handle even the most |
| 16 | # pathological cases. | 16 | # pathological cases. |
| 17 | # | ||
| 18 | 17 | ||
| 19 | use Cwd; | 18 | use Cwd; |
| 20 | 19 | ||
diff --git a/src/lib/libcrypto/util/mkstack.pl b/src/lib/libcrypto/util/mkstack.pl index 0ca9eb6a76..2a968f395f 100644 --- a/src/lib/libcrypto/util/mkstack.pl +++ b/src/lib/libcrypto/util/mkstack.pl | |||
| @@ -75,6 +75,7 @@ while(<IN>) { | |||
| 75 | #define sk_${type_thing}_push(st, val) SKM_sk_push($type_thing, (st), (val)) | 75 | #define sk_${type_thing}_push(st, val) SKM_sk_push($type_thing, (st), (val)) |
| 76 | #define sk_${type_thing}_unshift(st, val) SKM_sk_unshift($type_thing, (st), (val)) | 76 | #define sk_${type_thing}_unshift(st, val) SKM_sk_unshift($type_thing, (st), (val)) |
| 77 | #define sk_${type_thing}_find(st, val) SKM_sk_find($type_thing, (st), (val)) | 77 | #define sk_${type_thing}_find(st, val) SKM_sk_find($type_thing, (st), (val)) |
| 78 | #define sk_${type_thing}_find_ex(st, val) SKM_sk_find_ex($type_thing, (st), (val)) | ||
| 78 | #define sk_${type_thing}_delete(st, i) SKM_sk_delete($type_thing, (st), (i)) | 79 | #define sk_${type_thing}_delete(st, i) SKM_sk_delete($type_thing, (st), (i)) |
| 79 | #define sk_${type_thing}_delete_ptr(st, ptr) SKM_sk_delete_ptr($type_thing, (st), (ptr)) | 80 | #define sk_${type_thing}_delete_ptr(st, ptr) SKM_sk_delete_ptr($type_thing, (st), (ptr)) |
| 80 | #define sk_${type_thing}_insert(st, val, i) SKM_sk_insert($type_thing, (st), (val), (i)) | 81 | #define sk_${type_thing}_insert(st, val, i) SKM_sk_insert($type_thing, (st), (val), (i)) |
diff --git a/src/lib/libcrypto/util/pl/BC-32.pl b/src/lib/libcrypto/util/pl/BC-32.pl index 28869c868d..99b8c058d2 100644 --- a/src/lib/libcrypto/util/pl/BC-32.pl +++ b/src/lib/libcrypto/util/pl/BC-32.pl | |||
| @@ -62,7 +62,7 @@ $des_enc_src=''; | |||
| 62 | $bf_enc_obj=''; | 62 | $bf_enc_obj=''; |
| 63 | $bf_enc_src=''; | 63 | $bf_enc_src=''; |
| 64 | 64 | ||
| 65 | if (!$no_asm && !$fips) | 65 | if (!$no_asm) |
| 66 | { | 66 | { |
| 67 | $bn_mulw_obj='crypto\bn\asm\bn_win32.obj'; | 67 | $bn_mulw_obj='crypto\bn\asm\bn_win32.obj'; |
| 68 | $bn_mulw_src='crypto\bn\asm\bn_win32.asm'; | 68 | $bn_mulw_src='crypto\bn\asm\bn_win32.asm'; |
| @@ -126,18 +126,13 @@ ___ | |||
| 126 | 126 | ||
| 127 | sub do_link_rule | 127 | sub do_link_rule |
| 128 | { | 128 | { |
| 129 | local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; | 129 | local($target,$files,$dep_libs,$libs)=@_; |
| 130 | local($ret,$_); | 130 | local($ret,$_); |
| 131 | 131 | ||
| 132 | $file =~ s/\//$o/g if $o ne '/'; | 132 | $file =~ s/\//$o/g if $o ne '/'; |
| 133 | $n=&bname($targer); | 133 | $n=&bname($targer); |
| 134 | $ret.="$target: $files $dep_libs\n"; | 134 | $ret.="$target: $files $dep_libs\n"; |
| 135 | $ret.="\t\$(LINK) \$(LFLAGS) $files \$(APP_EX_OBJ), $target,, $libs\n"; | 135 | $ret.="\t\$(LINK) \$(LFLAGS) $files \$(APP_EX_OBJ), $target,, $libs\n\n"; |
| 136 | if (defined $sha1file) | ||
| 137 | { | ||
| 138 | $ret.="\t$openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; | ||
| 139 | } | ||
| 140 | $ret.="\n"; | ||
| 141 | return($ret); | 136 | return($ret); |
| 142 | } | 137 | } |
| 143 | 138 | ||
diff --git a/src/lib/libcrypto/util/pl/Mingw32.pl b/src/lib/libcrypto/util/pl/Mingw32.pl index b9bb24d21d..8f0483fb93 100644 --- a/src/lib/libcrypto/util/pl/Mingw32.pl +++ b/src/lib/libcrypto/util/pl/Mingw32.pl | |||
| @@ -19,9 +19,9 @@ $cc='gcc'; | |||
| 19 | if ($debug) | 19 | if ($debug) |
| 20 | { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; } | 20 | { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; } |
| 21 | else | 21 | else |
| 22 | { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -mcpu=i486 -Wall"; } | 22 | { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -march=i486 -Wall"; } |
| 23 | 23 | ||
| 24 | if ($gaswin and !$no_asm and !$fips) | 24 | if ($gaswin and !$no_asm) |
| 25 | { | 25 | { |
| 26 | $bn_asm_obj='$(OBJ_D)\bn-win32.o'; | 26 | $bn_asm_obj='$(OBJ_D)\bn-win32.o'; |
| 27 | $bn_asm_src='crypto/bn/asm/bn-win32.s'; | 27 | $bn_asm_src='crypto/bn/asm/bn-win32.s'; |
| @@ -43,7 +43,9 @@ if ($gaswin and !$no_asm and !$fips) | |||
| 43 | $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s'; | 43 | $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s'; |
| 44 | $sha1_asm_obj='$(OBJ_D)\s1-win32.o'; | 44 | $sha1_asm_obj='$(OBJ_D)\s1-win32.o'; |
| 45 | $sha1_asm_src='crypto/sha/asm/s1-win32.s'; | 45 | $sha1_asm_src='crypto/sha/asm/s1-win32.s'; |
| 46 | $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM"; | 46 | $cpuid_asm_obj='$(OBJ_D)\cpu-win32.o'; |
| 47 | $cpuid_asm_src='crypto/cpu-win32.s'; | ||
| 48 | $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS"; | ||
| 47 | } | 49 | } |
| 48 | 50 | ||
| 49 | 51 | ||
| @@ -92,18 +94,13 @@ sub do_lib_rule | |||
| 92 | 94 | ||
| 93 | sub do_link_rule | 95 | sub do_link_rule |
| 94 | { | 96 | { |
| 95 | local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; | 97 | local($target,$files,$dep_libs,$libs)=@_; |
| 96 | local($ret,$_); | 98 | local($ret,$_); |
| 97 | 99 | ||
| 98 | $file =~ s/\//$o/g if $o ne '/'; | 100 | $file =~ s/\//$o/g if $o ne '/'; |
| 99 | $n=&bname($target); | 101 | $n=&bname($target); |
| 100 | $ret.="$target: $files $dep_libs\n"; | 102 | $ret.="$target: $files $dep_libs\n"; |
| 101 | $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n"; | 103 | $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n"; |
| 102 | if (defined $sha1file) | ||
| 103 | { | ||
| 104 | $ret.="\t$openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; | ||
| 105 | } | ||
| 106 | $ret.="\n"; | ||
| 107 | return($ret); | 104 | return($ret); |
| 108 | } | 105 | } |
| 109 | 1; | 106 | 1; |
diff --git a/src/lib/libcrypto/util/pl/OS2-EMX.pl b/src/lib/libcrypto/util/pl/OS2-EMX.pl index 8dbeaa7a08..28cd116907 100644 --- a/src/lib/libcrypto/util/pl/OS2-EMX.pl +++ b/src/lib/libcrypto/util/pl/OS2-EMX.pl | |||
| @@ -48,7 +48,7 @@ $des_enc_src=""; | |||
| 48 | $bf_enc_obj=""; | 48 | $bf_enc_obj=""; |
| 49 | $bf_enc_src=""; | 49 | $bf_enc_src=""; |
| 50 | 50 | ||
| 51 | if (!$no_asm && !$fips) | 51 | if (!$no_asm) |
| 52 | { | 52 | { |
| 53 | $bn_asm_obj="crypto/bn/asm/bn-os2$obj crypto/bn/asm/co-os2$obj"; | 53 | $bn_asm_obj="crypto/bn/asm/bn-os2$obj crypto/bn/asm/co-os2$obj"; |
| 54 | $bn_asm_src="crypto/bn/asm/bn-os2.asm crypto/bn/asm/co-os2.asm"; | 54 | $bn_asm_src="crypto/bn/asm/bn-os2.asm crypto/bn/asm/co-os2.asm"; |
| @@ -107,18 +107,13 @@ sub do_lib_rule | |||
| 107 | 107 | ||
| 108 | sub do_link_rule | 108 | sub do_link_rule |
| 109 | { | 109 | { |
| 110 | local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; | 110 | local($target,$files,$dep_libs,$libs)=@_; |
| 111 | local($ret,$_); | 111 | local($ret,$_); |
| 112 | 112 | ||
| 113 | $file =~ s/\//$o/g if $o ne '/'; | 113 | $file =~ s/\//$o/g if $o ne '/'; |
| 114 | $n=&bname($target); | 114 | $n=&bname($target); |
| 115 | $ret.="$target: $files $dep_libs\n"; | 115 | $ret.="$target: $files $dep_libs\n"; |
| 116 | $ret.="\t\$(LINK) ${efile}$target \$(CFLAG) \$(LFLAGS) $files $libs\n"; | 116 | $ret.="\t\$(LINK) ${efile}$target \$(CFLAG) \$(LFLAGS) $files $libs\n\n"; |
| 117 | if (defined $sha1file) | ||
| 118 | { | ||
| 119 | $ret.="\t$openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; | ||
| 120 | } | ||
| 121 | $ret.="\n"; | ||
| 122 | return($ret); | 117 | return($ret); |
| 123 | } | 118 | } |
| 124 | 119 | ||
diff --git a/src/lib/libcrypto/util/pl/VC-32.pl b/src/lib/libcrypto/util/pl/VC-32.pl index 4e97dfa9af..9cb2ab7e99 100644 --- a/src/lib/libcrypto/util/pl/VC-32.pl +++ b/src/lib/libcrypto/util/pl/VC-32.pl | |||
| @@ -1,56 +1,154 @@ | |||
| 1 | #!/usr/local/bin/perl | 1 | #!/usr/local/bin/perl |
| 2 | # VCw32lib.pl - the file for Visual C++ 4.[01] for windows NT, static libraries | 2 | # VC-32.pl - unified script for Microsoft Visual C++, covering Win32, |
| 3 | # Win64 and WinCE [follow $FLAVOR variable to trace the differences]. | ||
| 3 | # | 4 | # |
| 4 | 5 | ||
| 5 | $ssl= "ssleay32"; | 6 | $ssl= "ssleay32"; |
| 6 | 7 | $crypto="libeay32"; | |
| 7 | if ($fips && !$shlib) | ||
| 8 | { | ||
| 9 | $crypto="libeayfips32"; | ||
| 10 | $crypto_compat = "libeaycompat32.lib"; | ||
| 11 | } | ||
| 12 | else | ||
| 13 | { | ||
| 14 | $crypto="libeay32"; | ||
| 15 | } | ||
| 16 | 8 | ||
| 17 | $o='\\'; | 9 | $o='\\'; |
| 18 | $cp='copy nul+'; # Timestamps get stuffed otherwise | 10 | $cp='$(PERL) util/copy.pl'; |
| 11 | $mkdir='$(PERL) util/mkdir-p.pl'; | ||
| 19 | $rm='del'; | 12 | $rm='del'; |
| 20 | 13 | ||
| 21 | $zlib_lib="zlib1.lib"; | 14 | $zlib_lib="zlib1.lib"; |
| 22 | 15 | ||
| 23 | # C compiler stuff | 16 | # C compiler stuff |
| 24 | $cc='cl'; | 17 | $cc='cl'; |
| 25 | $cflags=' /MD /W3 /WX /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; | 18 | if ($FLAVOR =~ /WIN64/) |
| 26 | $cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8 | 19 | { |
| 27 | $cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8 | 20 | # Note that we currently don't have /WX on Win64! There is a lot of |
| 28 | $lflags="/nologo /subsystem:console /machine:I386 /opt:ref"; | 21 | # warnings, but only of two types: |
| 22 | # | ||
| 23 | # C4344: conversion from '__int64' to 'int/long', possible loss of data | ||
| 24 | # C4267: conversion from 'size_t' to 'int/long', possible loss of data | ||
| 25 | # | ||
| 26 | # Amount of latter type is minimized by aliasing strlen to function of | ||
| 27 | # own desing and limiting its return value to 2GB-1 (see e_os.h). As | ||
| 28 | # per 0.9.8 release remaining warnings were explicitly examined and | ||
| 29 | # considered safe to ignore. | ||
| 30 | # | ||
| 31 | $base_cflags=' /W3 /Gs0 /GF /Gy /nologo -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DOPENSSL_SYSNAME_WIN32 -DOPENSSL_SYSNAME_WINNT -DUNICODE -D_UNICODE'; | ||
| 32 | $base_cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8 | ||
| 33 | $base_cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8 | ||
| 34 | my $f = $shlib?' /MD':' /MT'; | ||
| 35 | $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib | ||
| 36 | $opt_cflags=$f.' /Ox'; | ||
| 37 | $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG'; | ||
| 38 | $lflags="/nologo /subsystem:console /opt:ref"; | ||
| 39 | } | ||
| 40 | elsif ($FLAVOR =~ /CE/) | ||
| 41 | { | ||
| 42 | # sanity check | ||
| 43 | die '%OSVERSION% is not defined' if (!defined($ENV{'OSVERSION'})); | ||
| 44 | die '%PLATFORM% is not defined' if (!defined($ENV{'PLATFORM'})); | ||
| 45 | die '%TARGETCPU% is not defined' if (!defined($ENV{'TARGETCPU'})); | ||
| 46 | |||
| 47 | # | ||
| 48 | # Idea behind this is to mimic flags set by eVC++ IDE... | ||
| 49 | # | ||
| 50 | $wcevers = $ENV{'OSVERSION'}; # WCENNN | ||
| 51 | die '%OSVERSION% value is insane' if ($wcevers !~ /^WCE([1-9])([0-9]{2})$/); | ||
| 52 | $wcecdefs = "-D_WIN32_WCE=$1$2 -DUNDER_CE=$1$2"; # -D_WIN32_WCE=NNN | ||
| 53 | $wcelflag = "/subsystem:windowsce,$1.$2"; # ...,N.NN | ||
| 54 | |||
| 55 | $wceplatf = $ENV{'PLATFORM'}; | ||
| 56 | $wceplatf =~ tr/a-z0-9 /A-Z0-9_/d; | ||
| 57 | $wcecdefs .= " -DWCE_PLATFORM_$wceplatf"; | ||
| 58 | |||
| 59 | $wcetgt = $ENV{'TARGETCPU'}; # just shorter name... | ||
| 60 | SWITCH: for($wcetgt) { | ||
| 61 | /^X86/ && do { $wcecdefs.=" -Dx86 -D_X86_ -D_i386_ -Di_386_"; | ||
| 62 | $wcelflag.=" /machine:IX86"; last; }; | ||
| 63 | /^ARMV4[IT]/ && do { $wcecdefs.=" -DARM -D_ARM_ -D$wcetgt"; | ||
| 64 | $wcecdefs.=" -DTHUMB -D_THUMB_" if($wcetgt=~/T$/); | ||
| 65 | $wcecdefs.=" -QRarch4T -QRinterwork-return"; | ||
| 66 | $wcelflag.=" /machine:THUMB"; last; }; | ||
| 67 | /^ARM/ && do { $wcecdefs.=" -DARM -D_ARM_ -D$wcetgt"; | ||
| 68 | $wcelflag.=" /machine:ARM"; last; }; | ||
| 69 | /^MIPSIV/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt"; | ||
| 70 | $wcecdefs.=" -D_MIPS64 -QMmips4 -QMn32"; | ||
| 71 | $wcelflag.=" /machine:MIPSFPU"; last; }; | ||
| 72 | /^MIPS16/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt"; | ||
| 73 | $wcecdefs.=" -DMIPSII -QMmips16"; | ||
| 74 | $wcelflag.=" /machine:MIPS16"; last; }; | ||
| 75 | /^MIPSII/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt"; | ||
| 76 | $wcecdefs.=" -QMmips2"; | ||
| 77 | $wcelflag.=" /machine:MIPS"; last; }; | ||
| 78 | /^R4[0-9]{3}/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000"; | ||
| 79 | $wcelflag.=" /machine:MIPS"; last; }; | ||
| 80 | /^SH[0-9]/ && do { $wcecdefs.=" -D$wcetgt -D_$wcetgt_ -DSHx"; | ||
| 81 | $wcecdefs.=" -Qsh4" if ($wcetgt =~ /^SH4/); | ||
| 82 | $wcelflag.=" /machine:$wcetgt"; last; }; | ||
| 83 | { $wcecdefs.=" -D$wcetgt -D_$wcetgt_"; | ||
| 84 | $wcelflag.=" /machine:$wcetgt"; last; }; | ||
| 85 | } | ||
| 86 | |||
| 87 | $cc='$(CC)'; | ||
| 88 | $base_cflags=' /W3 /WX /GF /Gy /nologo -DUNICODE -D_UNICODE -DOPENSSL_SYSNAME_WINCE -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -I$(WCECOMPAT)/include -DOPENSSL_SMALL_FOOTPRINT'; | ||
| 89 | $base_cflags.=" $wcecdefs"; | ||
| 90 | $opt_cflags=' /MC /O1i'; # optimize for space, but with intrinsics... | ||
| 91 | $dbg_clfags=' /MC /Od -DDEBUG -D_DEBUG'; | ||
| 92 | $lflags="/nologo /opt:ref $wcelflag"; | ||
| 93 | } | ||
| 94 | else # Win32 | ||
| 95 | { | ||
| 96 | $base_cflags=' /W3 /WX /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; | ||
| 97 | $base_cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8 | ||
| 98 | $base_cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8 | ||
| 99 | my $f = $shlib?' /MD':' /MT'; | ||
| 100 | $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib | ||
| 101 | $opt_cflags=$f.' /Ox /O2 /Ob2'; | ||
| 102 | $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG'; | ||
| 103 | $lflags="/nologo /subsystem:console /opt:ref"; | ||
| 104 | } | ||
| 29 | $mlflags=''; | 105 | $mlflags=''; |
| 30 | 106 | ||
| 31 | $out_def="out32"; | 107 | $out_def="out32"; $out_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/); |
| 32 | $tmp_def="tmp32"; | 108 | $tmp_def="tmp32"; $tmp_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/); |
| 33 | $inc_def="inc32"; | 109 | $inc_def="inc32"; |
| 34 | 110 | ||
| 35 | if ($debug) | 111 | if ($debug) |
| 36 | { | 112 | { |
| 37 | $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DOPENSSL_SYSNAME_WIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32"; | 113 | $cflags=$dbg_cflags.$base_cflags; |
| 38 | $lflags.=" /debug"; | 114 | $lflags.=" /debug"; |
| 39 | $mlflags.=' /debug'; | 115 | $mlflags.=' /debug'; |
| 40 | } | 116 | } |
| 41 | $cflags .= " -DOPENSSL_SYSNAME_WINNT" if $NT == 1; | 117 | else |
| 118 | { | ||
| 119 | $cflags=$opt_cflags.$base_cflags; | ||
| 120 | } | ||
| 42 | 121 | ||
| 43 | $obj='.obj'; | 122 | $obj='.obj'; |
| 44 | $ofile="/Fo"; | 123 | $ofile="/Fo"; |
| 45 | 124 | ||
| 46 | # EXE linking stuff | 125 | # EXE linking stuff |
| 47 | $link="link"; | 126 | $link="link"; |
| 127 | $rsc="rc"; | ||
| 48 | $efile="/out:"; | 128 | $efile="/out:"; |
| 49 | $exep='.exe'; | 129 | $exep='.exe'; |
| 50 | if ($no_sock) | 130 | if ($no_sock) { $ex_libs=''; } |
| 51 | { $ex_libs=""; } | 131 | elsif ($FLAVOR =~ /CE/) { $ex_libs='winsock.lib'; } |
| 52 | else { $ex_libs="wsock32.lib user32.lib gdi32.lib"; } | 132 | else { $ex_libs='wsock32.lib'; } |
| 53 | 133 | ||
| 134 | if ($FLAVOR =~ /CE/) | ||
| 135 | { | ||
| 136 | $ex_libs.=' $(WCECOMPAT)/lib/wcecompatex.lib'; | ||
| 137 | $ex_libs.=' /nodefaultlib:oldnames.lib coredll.lib corelibc.lib' if ($ENV{'TARGETCPU'} eq "X86"); | ||
| 138 | } | ||
| 139 | else | ||
| 140 | { | ||
| 141 | $ex_libs.=' gdi32.lib advapi32.lib user32.lib'; | ||
| 142 | $ex_libs.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); | ||
| 143 | } | ||
| 144 | |||
| 145 | # As native NT API is pure UNICODE, our WIN-NT build defaults to UNICODE, | ||
| 146 | # but gets linked with unicows.lib to ensure backward compatibility. | ||
| 147 | if ($FLAVOR =~ /NT/) | ||
| 148 | { | ||
| 149 | $cflags.=" -DOPENSSL_SYSNAME_WINNT -DUNICODE -D_UNICODE"; | ||
| 150 | $ex_libs="unicows.lib $ex_libs"; | ||
| 151 | } | ||
| 54 | # static library stuff | 152 | # static library stuff |
| 55 | $mklib='lib'; | 153 | $mklib='lib'; |
| 56 | $ranlib=''; | 154 | $ranlib=''; |
| @@ -60,9 +158,12 @@ $shlibp=($shlib)?".dll":".lib"; | |||
| 60 | $lfile='/out:'; | 158 | $lfile='/out:'; |
| 61 | 159 | ||
| 62 | $shlib_ex_obj=""; | 160 | $shlib_ex_obj=""; |
| 63 | $app_ex_obj="setargv.obj"; | 161 | $app_ex_obj="setargv.obj" if ($FLAVOR !~ /CE/); |
| 64 | if ($nasm) { | 162 | if ($nasm) { |
| 65 | $asm='nasmw -f win32'; | 163 | my $ver=`nasm -v 2>NUL`; |
| 164 | my $vew=`nasmw -v 2>NUL`; | ||
| 165 | # pick newest version | ||
| 166 | $asm=($ver gt $vew?"nasm":"nasmw")." -f win32"; | ||
| 66 | $afile='-o '; | 167 | $afile='-o '; |
| 67 | } else { | 168 | } else { |
| 68 | $asm='ml /Cp /coff /c /Cx'; | 169 | $asm='ml /Cp /coff /c /Cx'; |
| @@ -77,10 +178,14 @@ $des_enc_src=''; | |||
| 77 | $bf_enc_obj=''; | 178 | $bf_enc_obj=''; |
| 78 | $bf_enc_src=''; | 179 | $bf_enc_src=''; |
| 79 | 180 | ||
| 80 | if (!$no_asm && !$fips) | 181 | if (!$no_asm) |
| 81 | { | 182 | { |
| 183 | $aes_asm_obj='crypto\aes\asm\a_win32.obj'; | ||
| 184 | $aes_asm_src='crypto\aes\asm\a_win32.asm'; | ||
| 82 | $bn_asm_obj='crypto\bn\asm\bn_win32.obj'; | 185 | $bn_asm_obj='crypto\bn\asm\bn_win32.obj'; |
| 83 | $bn_asm_src='crypto\bn\asm\bn_win32.asm'; | 186 | $bn_asm_src='crypto\bn\asm\bn_win32.asm'; |
| 187 | $bnco_asm_obj='crypto\bn\asm\co_win32.obj'; | ||
| 188 | $bnco_asm_src='crypto\bn\asm\co_win32.asm'; | ||
| 84 | $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj'; | 189 | $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj'; |
| 85 | $des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm'; | 190 | $des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm'; |
| 86 | $bf_enc_obj='crypto\bf\asm\b_win32.obj'; | 191 | $bf_enc_obj='crypto\bf\asm\b_win32.obj'; |
| @@ -93,76 +198,96 @@ if (!$no_asm && !$fips) | |||
| 93 | $rc5_enc_src='crypto\rc5\asm\r5_win32.asm'; | 198 | $rc5_enc_src='crypto\rc5\asm\r5_win32.asm'; |
| 94 | $md5_asm_obj='crypto\md5\asm\m5_win32.obj'; | 199 | $md5_asm_obj='crypto\md5\asm\m5_win32.obj'; |
| 95 | $md5_asm_src='crypto\md5\asm\m5_win32.asm'; | 200 | $md5_asm_src='crypto\md5\asm\m5_win32.asm'; |
| 96 | $sha1_asm_obj='crypto\sha\asm\s1_win32.obj'; | 201 | $sha1_asm_obj='crypto\sha\asm\s1_win32.obj crypto\sha\asm\sha512-sse2.obj'; |
| 97 | $sha1_asm_src='crypto\sha\asm\s1_win32.asm'; | 202 | $sha1_asm_src='crypto\sha\asm\s1_win32.asm crypto\sha\asm\sha512-sse2.asm'; |
| 98 | $rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj'; | 203 | $rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj'; |
| 99 | $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm'; | 204 | $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm'; |
| 100 | $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM"; | 205 | $cpuid_asm_obj='crypto\cpu_win32.obj'; |
| 206 | $cpuid_asm_src='crypto\cpu_win32.asm'; | ||
| 207 | $cflags.=" -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DAES_ASM -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DMD5_ASM -DSHA1_ASM -DRMD160_ASM"; | ||
| 101 | } | 208 | } |
| 102 | 209 | ||
| 103 | if ($shlib) | 210 | if ($shlib && $FLAVOR !~ /CE/) |
| 104 | { | 211 | { |
| 105 | $mlflags.=" $lflags /dll"; | 212 | $mlflags.=" $lflags /dll"; |
| 106 | # $cflags =~ s| /MD| /MT|; | ||
| 107 | $lib_cflag=" -D_WINDLL"; | 213 | $lib_cflag=" -D_WINDLL"; |
| 108 | $out_def="out32dll"; | 214 | $out_def="out32dll"; |
| 109 | $tmp_def="tmp32dll"; | 215 | $tmp_def="tmp32dll"; |
| 216 | # | ||
| 217 | # Engage Applink... | ||
| 218 | # | ||
| 219 | $app_ex_obj.=" \$(OBJ_D)\\applink.obj /implib:\$(TMP_D)\\junk.lib"; | ||
| 220 | $cflags.=" -DOPENSSL_USE_APPLINK -I."; | ||
| 221 | # I'm open for better suggestions than overriding $banner... | ||
| 222 | $banner=<<'___'; | ||
| 223 | @echo Building OpenSSL | ||
| 224 | |||
| 225 | $(OBJ_D)\applink.obj: ms\applink.c | ||
| 226 | $(CC) /Fo$(OBJ_D)\applink.obj $(APP_CFLAGS) -c ms\applink.c | ||
| 227 | $(OBJ_D)\uplink.obj: ms\uplink.c ms\applink.c | ||
| 228 | $(CC) /Fo$(OBJ_D)\uplink.obj $(SHLIB_CFLAGS) -c ms\uplink.c | ||
| 229 | $(INCO_D)\applink.c: ms\applink.c | ||
| 230 | $(CP) ms\applink.c $(INCO_D)\applink.c | ||
| 231 | |||
| 232 | EXHEADER= $(EXHEADER) $(INCO_D)\applink.c | ||
| 233 | |||
| 234 | LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj | ||
| 235 | CRYPTOOBJ=$(OBJ_D)\uplink.obj $(CRYPTOOBJ) | ||
| 236 | ___ | ||
| 237 | $banner.=<<'___' if ($FLAVOR =~ /WIN64/); | ||
| 238 | CRYPTOOBJ=ms\uptable.obj $(CRYPTOOBJ) | ||
| 239 | ___ | ||
| 240 | } | ||
| 241 | elsif ($shlib && $FLAVOR =~ /CE/) | ||
| 242 | { | ||
| 243 | $mlflags.=" $lflags /dll"; | ||
| 244 | $lib_cflag=" -D_WINDLL -D_DLL"; | ||
| 245 | $out_def='out32dll_$(TARGETCPU)'; | ||
| 246 | $tmp_def='tmp32dll_$(TARGETCPU)'; | ||
| 110 | } | 247 | } |
| 111 | 248 | ||
| 112 | $cflags.=" /Fd$out_def"; | 249 | $cflags.=" /Fd$out_def"; |
| 113 | 250 | ||
| 114 | sub do_lib_rule | 251 | sub do_lib_rule |
| 115 | { | 252 | { |
| 116 | local($objs,$target,$name,$shlib,$ign,$base_addr) = @_; | 253 | local($objs,$target,$name,$shlib)=@_; |
| 117 | local($ret,$Name); | 254 | local($ret); |
| 118 | 255 | ||
| 119 | $taget =~ s/\//$o/g if $o ne '/'; | 256 | $taget =~ s/\//$o/g if $o ne '/'; |
| 120 | ($Name=$name) =~ tr/a-z/A-Z/; | 257 | if ($name ne "") |
| 121 | my $base_arg; | ||
| 122 | if ($base_addr ne "") | ||
| 123 | { | ||
| 124 | $base_arg= " /base:$base_addr"; | ||
| 125 | } | ||
| 126 | else | ||
| 127 | { | 258 | { |
| 128 | $base_arg = ""; | 259 | $name =~ tr/a-z/A-Z/; |
| 260 | $name = "/def:ms/${name}.def"; | ||
| 129 | } | 261 | } |
| 130 | 262 | ||
| 131 | |||
| 132 | # $target="\$(LIB_D)$o$target"; | 263 | # $target="\$(LIB_D)$o$target"; |
| 264 | $ret.="$target: $objs\n"; | ||
| 133 | if (!$shlib) | 265 | if (!$shlib) |
| 134 | { | 266 | { |
| 135 | # $ret.="\t\$(RM) \$(O_$Name)\n"; | 267 | # $ret.="\t\$(RM) \$(O_$Name)\n"; |
| 136 | $ret.="$target: $objs\n"; | 268 | $ex =' '; |
| 137 | $ex =' advapi32.lib'; | ||
| 138 | $ex.=" \$(FIPSLIB_D)${o}_chkstk.o" if $fips && $target =~ /O_CRYPTO/; | ||
| 139 | $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n"; | 269 | $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n"; |
| 140 | } | 270 | } |
| 141 | else | 271 | else |
| 142 | { | 272 | { |
| 143 | local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':''; | 273 | local($ex)=($target =~ /O_CRYPTO/)?'':' $(L_CRYPTO)'; |
| 144 | $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib'; | 274 | if ($name eq "") |
| 145 | $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/; | 275 | { |
| 146 | if ($fips && $target =~ /O_CRYPTO/) | 276 | $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); |
| 277 | } | ||
| 278 | elsif ($FLAVOR =~ /CE/) | ||
| 147 | { | 279 | { |
| 148 | $ex.=" \$(FIPSLIB_D)${o}_chkstk.o"; | 280 | $ex.=' winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib'; |
| 149 | $ret.="$target: $objs \$(PREMAIN_DSO_EXE)\n"; | ||
| 150 | $ret.="\tSET FIPS_LINK=\$(LINK)\n"; | ||
| 151 | $ret.="\tSET FIPS_CC=\$(CC)\n"; | ||
| 152 | $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n"; | ||
| 153 | $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n"; | ||
| 154 | $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n"; | ||
| 155 | $ret.="\tSET FIPS_TARGET=$target\n"; | ||
| 156 | $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n"; | ||
| 157 | $ret.="\t\$(FIPSLINK) \$(MLFLAGS) $base_arg $efile$target "; | ||
| 158 | $ret.="/def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs "; | ||
| 159 | $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n"; | ||
| 160 | } | 281 | } |
| 161 | else | 282 | else |
| 162 | { | 283 | { |
| 163 | $ret.="$target: $objs\n"; | 284 | $ex.=' unicows.lib' if ($FLAVOR =~ /NT/); |
| 164 | $ret.="\t\$(LINK) \$(MLFLAGS) $base_arg $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; | 285 | $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib'; |
| 286 | $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); | ||
| 165 | } | 287 | } |
| 288 | $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/; | ||
| 289 | $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; | ||
| 290 | $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n"; | ||
| 166 | } | 291 | } |
| 167 | $ret.="\n"; | 292 | $ret.="\n"; |
| 168 | return($ret); | 293 | return($ret); |
| @@ -170,51 +295,16 @@ sub do_lib_rule | |||
| 170 | 295 | ||
| 171 | sub do_link_rule | 296 | sub do_link_rule |
| 172 | { | 297 | { |
| 173 | local($target,$files,$dep_libs,$libs,$standalone)=@_; | ||
| 174 | local($ret,$_); | ||
| 175 | $file =~ s/\//$o/g if $o ne '/'; | ||
| 176 | $n=&bname($targer); | ||
| 177 | $ret.="$target: $files $dep_libs\n"; | ||
| 178 | if ($standalone) | ||
| 179 | { | ||
| 180 | $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n\t"; | ||
| 181 | $ret.="\$(FIPSLIB_D)${o}_chkstk.o " if ($files =~ /O_FIPSCANISTER/); | ||
| 182 | $ret.="$files $libs\n<<\n"; | ||
| 183 | } | ||
| 184 | elsif ($fips && !$shlib) | ||
| 185 | { | ||
| 186 | $ret.="\tSET FIPS_LINK=\$(LINK)\n"; | ||
| 187 | $ret.="\tSET FIPS_CC=\$(CC)\n"; | ||
| 188 | $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n"; | ||
| 189 | $ret.="\tSET PREMAIN_DSO_EXE=\n"; | ||
| 190 | $ret.="\tSET FIPS_TARGET=$target\n"; | ||
| 191 | $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n"; | ||
| 192 | $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n"; | ||
| 193 | $ret.=" \$(FIPSLINK) \$(LFLAGS) $efile$target @<<\n"; | ||
| 194 | $ret.=" \$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n"; | ||
| 195 | } | ||
| 196 | else | ||
| 197 | { | ||
| 198 | $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n"; | ||
| 199 | $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n"; | ||
| 200 | } | ||
| 201 | $ret.="\n"; | ||
| 202 | return($ret); | ||
| 203 | } | ||
| 204 | |||
| 205 | sub do_rlink_rule | ||
| 206 | { | ||
| 207 | local($target,$files,$dep_libs,$libs)=@_; | 298 | local($target,$files,$dep_libs,$libs)=@_; |
| 208 | local($ret,$_); | 299 | local($ret,$_); |
| 209 | 300 | ||
| 210 | $file =~ s/\//$o/g if $o ne '/'; | 301 | $file =~ s/\//$o/g if $o ne '/'; |
| 211 | $n=&bname($targer); | 302 | $n=&bname($targer); |
| 212 | $ret.="$target: $files $dep_libs\n"; | 303 | $ret.="$target: $files $dep_libs\n"; |
| 213 | $ret.=" \$(MKCANISTER) $target <<\n"; | 304 | $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n"; |
| 214 | $ret.="INPUT($files)\n<<\n"; | 305 | $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n"; |
| 215 | $ret.="\n"; | 306 | $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n"; |
| 216 | return($ret); | 307 | return($ret); |
| 217 | } | 308 | } |
| 218 | 309 | ||
| 219 | |||
| 220 | 1; | 310 | 1; |
diff --git a/src/lib/libcrypto/util/pl/linux.pl b/src/lib/libcrypto/util/pl/linux.pl index df05c40526..d24f7b7291 100644 --- a/src/lib/libcrypto/util/pl/linux.pl +++ b/src/lib/libcrypto/util/pl/linux.pl | |||
| @@ -39,7 +39,7 @@ if (!$no_asm) | |||
| 39 | $rmd160_asm_src='crypto/ripemd/asm/rm86unix.cpp'; | 39 | $rmd160_asm_src='crypto/ripemd/asm/rm86unix.cpp'; |
| 40 | $sha1_asm_obj='$(OBJ_D)/sx86-elf.o'; | 40 | $sha1_asm_obj='$(OBJ_D)/sx86-elf.o'; |
| 41 | $sha1_asm_src='crypto/sha/asm/sx86unix.cpp'; | 41 | $sha1_asm_src='crypto/sha/asm/sx86unix.cpp'; |
| 42 | $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM"; | 42 | $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS"; |
| 43 | } | 43 | } |
| 44 | 44 | ||
| 45 | $cflags.=" -DTERMIO -DL_ENDIAN -m486 -Wall"; | 45 | $cflags.=" -DTERMIO -DL_ENDIAN -m486 -Wall"; |
| @@ -72,18 +72,13 @@ sub do_shlib_rule | |||
| 72 | 72 | ||
| 73 | sub do_link_rule | 73 | sub do_link_rule |
| 74 | { | 74 | { |
| 75 | local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; | 75 | local($target,$files,$dep_libs,$libs)=@_; |
| 76 | local($ret,$_); | 76 | local($ret,$_); |
| 77 | 77 | ||
| 78 | $file =~ s/\//$o/g if $o ne '/'; | 78 | $file =~ s/\//$o/g if $o ne '/'; |
| 79 | $n=&bname($target); | 79 | $n=&bname($target); |
| 80 | $ret.="$target: $files $dep_libs\n"; | 80 | $ret.="$target: $files $dep_libs\n"; |
| 81 | $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n"; | 81 | $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n"; |
| 82 | if (defined $sha1file) | ||
| 83 | { | ||
| 84 | $ret.="\t$openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; | ||
| 85 | } | ||
| 86 | $ret.="\n"; | ||
| 87 | return($ret); | 82 | return($ret); |
| 88 | } | 83 | } |
| 89 | 84 | ||
diff --git a/src/lib/libcrypto/util/pl/ultrix.pl b/src/lib/libcrypto/util/pl/ultrix.pl index 447b854708..ea370c71f9 100644 --- a/src/lib/libcrypto/util/pl/ultrix.pl +++ b/src/lib/libcrypto/util/pl/ultrix.pl | |||
| @@ -17,7 +17,7 @@ else | |||
| 17 | 17 | ||
| 18 | $cflags.=" -std1 -DL_ENDIAN"; | 18 | $cflags.=" -std1 -DL_ENDIAN"; |
| 19 | 19 | ||
| 20 | if (!$no_asm && !$fips) | 20 | if (!$no_asm) |
| 21 | { | 21 | { |
| 22 | $bn_asm_obj='$(OBJ_D)/mips1.o'; | 22 | $bn_asm_obj='$(OBJ_D)/mips1.o'; |
| 23 | $bn_asm_src='crypto/bn/asm/mips1.s'; | 23 | $bn_asm_src='crypto/bn/asm/mips1.s'; |
| @@ -25,18 +25,13 @@ if (!$no_asm && !$fips) | |||
| 25 | 25 | ||
| 26 | sub do_link_rule | 26 | sub do_link_rule |
| 27 | { | 27 | { |
| 28 | local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; | 28 | local($target,$files,$dep_libs,$libs)=@_; |
| 29 | local($ret,$_); | 29 | local($ret,$_); |
| 30 | 30 | ||
| 31 | $file =~ s/\//$o/g if $o ne '/'; | 31 | $file =~ s/\//$o/g if $o ne '/'; |
| 32 | $n=&bname($target); | 32 | $n=&bname($target); |
| 33 | $ret.="$target: $files $dep_libs\n"; | 33 | $ret.="$target: $files $dep_libs\n"; |
| 34 | $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n"; | 34 | $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n"; |
| 35 | if (defined $sha1file) | ||
| 36 | { | ||
| 37 | $ret.="\t$openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; | ||
| 38 | } | ||
| 39 | $ret.="\n"; | ||
| 40 | return($ret); | 35 | return($ret); |
| 41 | } | 36 | } |
| 42 | 37 | ||
diff --git a/src/lib/libcrypto/util/pl/unix.pl b/src/lib/libcrypto/util/pl/unix.pl index bbd1798a2e..146611ad99 100644 --- a/src/lib/libcrypto/util/pl/unix.pl +++ b/src/lib/libcrypto/util/pl/unix.pl | |||
| @@ -70,18 +70,13 @@ sub do_lib_rule | |||
| 70 | 70 | ||
| 71 | sub do_link_rule | 71 | sub do_link_rule |
| 72 | { | 72 | { |
| 73 | local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; | 73 | local($target,$files,$dep_libs,$libs)=@_; |
| 74 | local($ret,$_); | 74 | local($ret,$_); |
| 75 | 75 | ||
| 76 | $file =~ s/\//$o/g if $o ne '/'; | 76 | $file =~ s/\//$o/g if $o ne '/'; |
| 77 | $n=&bname($target); | 77 | $n=&bname($target); |
| 78 | $ret.="$target: $files $dep_libs\n"; | 78 | $ret.="$target: $files $dep_libs\n"; |
| 79 | $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n"; | 79 | $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n"; |
| 80 | if (defined $sha1file) | ||
| 81 | { | ||
| 82 | $ret.="\t$openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; | ||
| 83 | } | ||
| 84 | $ret.="\n"; | ||
| 85 | return($ret); | 80 | return($ret); |
| 86 | } | 81 | } |
| 87 | 82 | ||
diff --git a/src/lib/libcrypto/util/ssleay.num b/src/lib/libcrypto/util/ssleay.num index 46e38a131f..b3ac136a56 100644 --- a/src/lib/libcrypto/util/ssleay.num +++ b/src/lib/libcrypto/util/ssleay.num | |||
| @@ -170,7 +170,7 @@ SSL_add_file_cert_subjs_to_stk 185 EXIST:VMS:FUNCTION:STDIO | |||
| 170 | SSL_set_tmp_rsa_callback 186 EXIST::FUNCTION:RSA | 170 | SSL_set_tmp_rsa_callback 186 EXIST::FUNCTION:RSA |
| 171 | SSL_set_tmp_dh_callback 187 EXIST::FUNCTION:DH | 171 | SSL_set_tmp_dh_callback 187 EXIST::FUNCTION:DH |
| 172 | SSL_add_dir_cert_subjects_to_stack 188 EXIST:!VMS:FUNCTION:STDIO | 172 | SSL_add_dir_cert_subjects_to_stack 188 EXIST:!VMS:FUNCTION:STDIO |
| 173 | SSL_add_dir_cert_subjs_to_stk 188 NOEXIST::FUNCTION: | 173 | SSL_add_dir_cert_subjs_to_stk 188 EXIST:VMS:FUNCTION:STDIO |
| 174 | SSL_set_session_id_context 189 EXIST::FUNCTION: | 174 | SSL_set_session_id_context 189 EXIST::FUNCTION: |
| 175 | SSL_CTX_use_certificate_chain_file 222 EXIST:!VMS:FUNCTION:STDIO | 175 | SSL_CTX_use_certificate_chain_file 222 EXIST:!VMS:FUNCTION:STDIO |
| 176 | SSL_CTX_use_cert_chain_file 222 EXIST:VMS:FUNCTION:STDIO | 176 | SSL_CTX_use_cert_chain_file 222 EXIST:VMS:FUNCTION:STDIO |
| @@ -215,3 +215,29 @@ SSL_CTX_set_generate_session_id 264 EXIST::FUNCTION: | |||
| 215 | SSL_renegotiate_pending 265 EXIST::FUNCTION: | 215 | SSL_renegotiate_pending 265 EXIST::FUNCTION: |
| 216 | SSL_CTX_set_msg_callback 266 EXIST::FUNCTION: | 216 | SSL_CTX_set_msg_callback 266 EXIST::FUNCTION: |
| 217 | SSL_set_msg_callback 267 EXIST::FUNCTION: | 217 | SSL_set_msg_callback 267 EXIST::FUNCTION: |
| 218 | DTLSv1_client_method 268 EXIST::FUNCTION: | ||
| 219 | SSL_CTX_set_tmp_ecdh_callback 269 EXIST::FUNCTION:ECDH | ||
| 220 | SSL_set_tmp_ecdh_callback 270 EXIST::FUNCTION:ECDH | ||
| 221 | SSL_COMP_get_name 271 EXIST::FUNCTION:COMP | ||
| 222 | SSL_get_current_compression 272 EXIST::FUNCTION:COMP | ||
| 223 | DTLSv1_method 273 EXIST::FUNCTION: | ||
| 224 | SSL_get_current_expansion 274 EXIST::FUNCTION:COMP | ||
| 225 | DTLSv1_server_method 275 EXIST::FUNCTION: | ||
| 226 | SSL_COMP_get_compression_methods 276 EXIST:!VMS:FUNCTION:COMP | ||
| 227 | SSL_COMP_get_compress_methods 276 EXIST:VMS:FUNCTION:COMP | ||
| 228 | SSL_SESSION_get_id 277 EXIST::FUNCTION: | ||
| 229 | SSL_CTX_sess_set_new_cb 278 EXIST::FUNCTION: | ||
| 230 | SSL_CTX_sess_get_get_cb 279 EXIST::FUNCTION: | ||
| 231 | SSL_CTX_sess_set_get_cb 280 EXIST::FUNCTION: | ||
| 232 | SSL_CTX_set_cookie_verify_cb 281 EXIST::FUNCTION: | ||
| 233 | SSL_CTX_get_info_callback 282 EXIST::FUNCTION: | ||
| 234 | SSL_CTX_set_cookie_generate_cb 283 EXIST::FUNCTION: | ||
| 235 | SSL_CTX_set_client_cert_cb 284 EXIST::FUNCTION: | ||
| 236 | SSL_CTX_sess_set_remove_cb 285 EXIST::FUNCTION: | ||
| 237 | SSL_CTX_set_info_callback 286 EXIST::FUNCTION: | ||
| 238 | SSL_CTX_sess_get_new_cb 287 EXIST::FUNCTION: | ||
| 239 | SSL_CTX_get_client_cert_cb 288 EXIST::FUNCTION: | ||
| 240 | SSL_CTX_sess_get_remove_cb 289 EXIST::FUNCTION: | ||
| 241 | SSL_set_SSL_CTX 290 EXIST::FUNCTION: | ||
| 242 | SSL_get_servername 291 EXIST::FUNCTION:TLSEXT | ||
| 243 | SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT | ||
diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c index ea689aed1a..37f9a48206 100644 --- a/src/lib/libcrypto/x509/by_dir.c +++ b/src/lib/libcrypto/x509/by_dir.c | |||
| @@ -189,7 +189,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) | |||
| 189 | 189 | ||
| 190 | s=dir; | 190 | s=dir; |
| 191 | p=s; | 191 | p=s; |
| 192 | for (;;) | 192 | for (;;p++) |
| 193 | { | 193 | { |
| 194 | if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0')) | 194 | if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0')) |
| 195 | { | 195 | { |
| @@ -198,8 +198,11 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) | |||
| 198 | len=(int)(p-ss); | 198 | len=(int)(p-ss); |
| 199 | if (len == 0) continue; | 199 | if (len == 0) continue; |
| 200 | for (j=0; j<ctx->num_dirs; j++) | 200 | for (j=0; j<ctx->num_dirs; j++) |
| 201 | if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0) | 201 | if (strlen(ctx->dirs[j]) == (size_t)len && |
| 202 | continue; | 202 | strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0) |
| 203 | break; | ||
| 204 | if (j<ctx->num_dirs) | ||
| 205 | continue; | ||
| 203 | if (ctx->num_dirs_alloced < (ctx->num_dirs+1)) | 206 | if (ctx->num_dirs_alloced < (ctx->num_dirs+1)) |
| 204 | { | 207 | { |
| 205 | ctx->num_dirs_alloced+=10; | 208 | ctx->num_dirs_alloced+=10; |
| @@ -231,7 +234,6 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) | |||
| 231 | ctx->num_dirs++; | 234 | ctx->num_dirs++; |
| 232 | } | 235 | } |
| 233 | if (*p == '\0') break; | 236 | if (*p == '\0') break; |
| 234 | p++; | ||
| 235 | } | 237 | } |
| 236 | return(1); | 238 | return(1); |
| 237 | } | 239 | } |
diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h index e8c1a59cf2..e71b5257e5 100644 --- a/src/lib/libcrypto/x509/x509.h +++ b/src/lib/libcrypto/x509/x509.h | |||
| @@ -55,10 +55,16 @@ | |||
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 60 | * ECDH support in OpenSSL originally developed by | ||
| 61 | * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | ||
| 62 | */ | ||
| 58 | 63 | ||
| 59 | #ifndef HEADER_X509_H | 64 | #ifndef HEADER_X509_H |
| 60 | #define HEADER_X509_H | 65 | #define HEADER_X509_H |
| 61 | 66 | ||
| 67 | #include <openssl/e_os2.h> | ||
| 62 | #include <openssl/symhacks.h> | 68 | #include <openssl/symhacks.h> |
| 63 | #ifndef OPENSSL_NO_BUFFER | 69 | #ifndef OPENSSL_NO_BUFFER |
| 64 | #include <openssl/buffer.h> | 70 | #include <openssl/buffer.h> |
| @@ -73,21 +79,33 @@ | |||
| 73 | #include <openssl/asn1.h> | 79 | #include <openssl/asn1.h> |
| 74 | #include <openssl/safestack.h> | 80 | #include <openssl/safestack.h> |
| 75 | 81 | ||
| 82 | #ifndef OPENSSL_NO_EC | ||
| 83 | #include <openssl/ec.h> | ||
| 84 | #endif | ||
| 85 | |||
| 86 | #ifndef OPENSSL_NO_ECDSA | ||
| 87 | #include <openssl/ecdsa.h> | ||
| 88 | #endif | ||
| 89 | |||
| 90 | #ifndef OPENSSL_NO_ECDH | ||
| 91 | #include <openssl/ecdh.h> | ||
| 92 | #endif | ||
| 93 | |||
| 94 | #ifndef OPENSSL_NO_DEPRECATED | ||
| 76 | #ifndef OPENSSL_NO_RSA | 95 | #ifndef OPENSSL_NO_RSA |
| 77 | #include <openssl/rsa.h> | 96 | #include <openssl/rsa.h> |
| 78 | #endif | 97 | #endif |
| 79 | |||
| 80 | #ifndef OPENSSL_NO_DSA | 98 | #ifndef OPENSSL_NO_DSA |
| 81 | #include <openssl/dsa.h> | 99 | #include <openssl/dsa.h> |
| 82 | #endif | 100 | #endif |
| 83 | |||
| 84 | #ifndef OPENSSL_NO_DH | 101 | #ifndef OPENSSL_NO_DH |
| 85 | #include <openssl/dh.h> | 102 | #include <openssl/dh.h> |
| 86 | #endif | 103 | #endif |
| 104 | #endif | ||
| 105 | |||
| 87 | #ifndef OPENSSL_NO_SHA | 106 | #ifndef OPENSSL_NO_SHA |
| 88 | #include <openssl/sha.h> | 107 | #include <openssl/sha.h> |
| 89 | #endif | 108 | #endif |
| 90 | #include <openssl/e_os2.h> | ||
| 91 | #include <openssl/ossl_typ.h> | 109 | #include <openssl/ossl_typ.h> |
| 92 | 110 | ||
| 93 | #ifdef __cplusplus | 111 | #ifdef __cplusplus |
| @@ -95,8 +113,9 @@ extern "C" { | |||
| 95 | #endif | 113 | #endif |
| 96 | 114 | ||
| 97 | #ifdef OPENSSL_SYS_WIN32 | 115 | #ifdef OPENSSL_SYS_WIN32 |
| 98 | /* Under Win32 this is defined in wincrypt.h */ | 116 | /* Under Win32 these are defined in wincrypt.h */ |
| 99 | #undef X509_NAME | 117 | #undef X509_NAME |
| 118 | #undef X509_CERT_PAIR | ||
| 100 | #endif | 119 | #endif |
| 101 | 120 | ||
| 102 | #define X509_FILETYPE_PEM 1 | 121 | #define X509_FILETYPE_PEM 1 |
| @@ -117,8 +136,8 @@ extern "C" { | |||
| 117 | typedef struct X509_objects_st | 136 | typedef struct X509_objects_st |
| 118 | { | 137 | { |
| 119 | int nid; | 138 | int nid; |
| 120 | int (*a2i)(); | 139 | int (*a2i)(void); |
| 121 | int (*i2a)(); | 140 | int (*i2a)(void); |
| 122 | } X509_OBJECTS; | 141 | } X509_OBJECTS; |
| 123 | 142 | ||
| 124 | struct X509_algor_st | 143 | struct X509_algor_st |
| @@ -127,9 +146,10 @@ struct X509_algor_st | |||
| 127 | ASN1_TYPE *parameter; | 146 | ASN1_TYPE *parameter; |
| 128 | } /* X509_ALGOR */; | 147 | } /* X509_ALGOR */; |
| 129 | 148 | ||
| 130 | DECLARE_STACK_OF(X509_ALGOR) | ||
| 131 | DECLARE_ASN1_SET_OF(X509_ALGOR) | 149 | DECLARE_ASN1_SET_OF(X509_ALGOR) |
| 132 | 150 | ||
| 151 | typedef STACK_OF(X509_ALGOR) X509_ALGORS; | ||
| 152 | |||
| 133 | typedef struct X509_val_st | 153 | typedef struct X509_val_st |
| 134 | { | 154 | { |
| 135 | ASN1_TIME *notBefore; | 155 | ASN1_TIME *notBefore; |
| @@ -184,6 +204,8 @@ typedef struct X509_extension_st | |||
| 184 | ASN1_OCTET_STRING *value; | 204 | ASN1_OCTET_STRING *value; |
| 185 | } X509_EXTENSION; | 205 | } X509_EXTENSION; |
| 186 | 206 | ||
| 207 | typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS; | ||
| 208 | |||
| 187 | DECLARE_STACK_OF(X509_EXTENSION) | 209 | DECLARE_STACK_OF(X509_EXTENSION) |
| 188 | DECLARE_ASN1_SET_OF(X509_EXTENSION) | 210 | DECLARE_ASN1_SET_OF(X509_EXTENSION) |
| 189 | 211 | ||
| @@ -261,12 +283,18 @@ struct x509_st | |||
| 261 | CRYPTO_EX_DATA ex_data; | 283 | CRYPTO_EX_DATA ex_data; |
| 262 | /* These contain copies of various extension values */ | 284 | /* These contain copies of various extension values */ |
| 263 | long ex_pathlen; | 285 | long ex_pathlen; |
| 286 | long ex_pcpathlen; | ||
| 264 | unsigned long ex_flags; | 287 | unsigned long ex_flags; |
| 265 | unsigned long ex_kusage; | 288 | unsigned long ex_kusage; |
| 266 | unsigned long ex_xkusage; | 289 | unsigned long ex_xkusage; |
| 267 | unsigned long ex_nscert; | 290 | unsigned long ex_nscert; |
| 268 | ASN1_OCTET_STRING *skid; | 291 | ASN1_OCTET_STRING *skid; |
| 269 | struct AUTHORITY_KEYID_st *akid; | 292 | struct AUTHORITY_KEYID_st *akid; |
| 293 | X509_POLICY_CACHE *policy_cache; | ||
| 294 | #ifndef OPENSSL_NO_RFC3779 | ||
| 295 | STACK_OF(IPAddressFamily) *rfc3779_addr; | ||
| 296 | struct ASIdentifiers_st *rfc3779_asid; | ||
| 297 | #endif | ||
| 270 | #ifndef OPENSSL_NO_SHA | 298 | #ifndef OPENSSL_NO_SHA |
| 271 | unsigned char sha1_hash[SHA_DIGEST_LENGTH]; | 299 | unsigned char sha1_hash[SHA_DIGEST_LENGTH]; |
| 272 | #endif | 300 | #endif |
| @@ -289,6 +317,11 @@ typedef struct x509_trust_st { | |||
| 289 | 317 | ||
| 290 | DECLARE_STACK_OF(X509_TRUST) | 318 | DECLARE_STACK_OF(X509_TRUST) |
| 291 | 319 | ||
| 320 | typedef struct x509_cert_pair_st { | ||
| 321 | X509 *forward; | ||
| 322 | X509 *reverse; | ||
| 323 | } X509_CERT_PAIR; | ||
| 324 | |||
| 292 | /* standard trust ids */ | 325 | /* standard trust ids */ |
| 293 | 326 | ||
| 294 | #define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */ | 327 | #define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */ |
| @@ -655,6 +688,17 @@ extern "C" { | |||
| 655 | #define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ | 688 | #define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ |
| 656 | (unsigned char *)dsa) | 689 | (unsigned char *)dsa) |
| 657 | 690 | ||
| 691 | #define d2i_ECPrivateKey_fp(fp,ecdsa) (EC_KEY *)ASN1_d2i_fp((char *(*)())\ | ||
| 692 | EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp), \ | ||
| 693 | (unsigned char **)(ecdsa)) | ||
| 694 | #define i2d_ECPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECPrivateKey,fp, \ | ||
| 695 | (unsigned char *)ecdsa) | ||
| 696 | #define d2i_ECPrivateKey_bio(bp,ecdsa) (EC_KEY *)ASN1_d2i_bio((char *(*)())\ | ||
| 697 | EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp), \ | ||
| 698 | (unsigned char **)(ecdsa)) | ||
| 699 | #define i2d_ECPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECPrivateKey,bp, \ | ||
| 700 | (unsigned char *)ecdsa) | ||
| 701 | |||
| 658 | #define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\ | 702 | #define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\ |
| 659 | (char *(*)())d2i_X509_ALGOR,(char *)xn) | 703 | (char *(*)())d2i_X509_ALGOR,(char *)xn) |
| 660 | 704 | ||
| @@ -758,6 +802,12 @@ int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); | |||
| 758 | DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); | 802 | DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); |
| 759 | int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); | 803 | int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); |
| 760 | #endif | 804 | #endif |
| 805 | #ifndef OPENSSL_NO_EC | ||
| 806 | EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); | ||
| 807 | int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey); | ||
| 808 | EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); | ||
| 809 | int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); | ||
| 810 | #endif | ||
| 761 | X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); | 811 | X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); |
| 762 | int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); | 812 | int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); |
| 763 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, | 813 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, |
| @@ -791,6 +841,12 @@ int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); | |||
| 791 | DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); | 841 | DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); |
| 792 | int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); | 842 | int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); |
| 793 | #endif | 843 | #endif |
| 844 | #ifndef OPENSSL_NO_EC | ||
| 845 | EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); | ||
| 846 | int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey); | ||
| 847 | EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); | ||
| 848 | int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); | ||
| 849 | #endif | ||
| 794 | X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); | 850 | X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); |
| 795 | int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); | 851 | int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); |
| 796 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, | 852 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, |
| @@ -809,6 +865,10 @@ X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); | |||
| 809 | X509_CRL *X509_CRL_dup(X509_CRL *crl); | 865 | X509_CRL *X509_CRL_dup(X509_CRL *crl); |
| 810 | X509_REQ *X509_REQ_dup(X509_REQ *req); | 866 | X509_REQ *X509_REQ_dup(X509_REQ *req); |
| 811 | X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); | 867 | X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); |
| 868 | int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval); | ||
| 869 | void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval, | ||
| 870 | X509_ALGOR *algor); | ||
| 871 | |||
| 812 | X509_NAME *X509_NAME_dup(X509_NAME *xn); | 872 | X509_NAME *X509_NAME_dup(X509_NAME *xn); |
| 813 | X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); | 873 | X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); |
| 814 | 874 | ||
| @@ -830,6 +890,7 @@ X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); | |||
| 830 | X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); | 890 | X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); |
| 831 | 891 | ||
| 832 | DECLARE_ASN1_FUNCTIONS(X509_ALGOR) | 892 | DECLARE_ASN1_FUNCTIONS(X509_ALGOR) |
| 893 | DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS) | ||
| 833 | DECLARE_ASN1_FUNCTIONS(X509_VAL) | 894 | DECLARE_ASN1_FUNCTIONS(X509_VAL) |
| 834 | 895 | ||
| 835 | DECLARE_ASN1_FUNCTIONS(X509_PUBKEY) | 896 | DECLARE_ASN1_FUNCTIONS(X509_PUBKEY) |
| @@ -839,16 +900,21 @@ EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); | |||
| 839 | int X509_get_pubkey_parameters(EVP_PKEY *pkey, | 900 | int X509_get_pubkey_parameters(EVP_PKEY *pkey, |
| 840 | STACK_OF(X509) *chain); | 901 | STACK_OF(X509) *chain); |
| 841 | int i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp); | 902 | int i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp); |
| 842 | EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,unsigned char **pp, | 903 | EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,const unsigned char **pp, |
| 843 | long length); | 904 | long length); |
| 844 | #ifndef OPENSSL_NO_RSA | 905 | #ifndef OPENSSL_NO_RSA |
| 845 | int i2d_RSA_PUBKEY(RSA *a,unsigned char **pp); | 906 | int i2d_RSA_PUBKEY(RSA *a,unsigned char **pp); |
| 846 | RSA * d2i_RSA_PUBKEY(RSA **a,unsigned char **pp, | 907 | RSA * d2i_RSA_PUBKEY(RSA **a,const unsigned char **pp, |
| 847 | long length); | 908 | long length); |
| 848 | #endif | 909 | #endif |
| 849 | #ifndef OPENSSL_NO_DSA | 910 | #ifndef OPENSSL_NO_DSA |
| 850 | int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp); | 911 | int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp); |
| 851 | DSA * d2i_DSA_PUBKEY(DSA **a,unsigned char **pp, | 912 | DSA * d2i_DSA_PUBKEY(DSA **a,const unsigned char **pp, |
| 913 | long length); | ||
| 914 | #endif | ||
| 915 | #ifndef OPENSSL_NO_EC | ||
| 916 | int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp); | ||
| 917 | EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, | ||
| 852 | long length); | 918 | long length); |
| 853 | #endif | 919 | #endif |
| 854 | 920 | ||
| @@ -860,6 +926,7 @@ DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE) | |||
| 860 | X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); | 926 | X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); |
| 861 | 927 | ||
| 862 | DECLARE_ASN1_FUNCTIONS(X509_EXTENSION) | 928 | DECLARE_ASN1_FUNCTIONS(X509_EXTENSION) |
| 929 | DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS) | ||
| 863 | 930 | ||
| 864 | DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY) | 931 | DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY) |
| 865 | 932 | ||
| @@ -872,16 +939,19 @@ DECLARE_ASN1_FUNCTIONS(X509_CINF) | |||
| 872 | DECLARE_ASN1_FUNCTIONS(X509) | 939 | DECLARE_ASN1_FUNCTIONS(X509) |
| 873 | DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) | 940 | DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) |
| 874 | 941 | ||
| 942 | DECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR) | ||
| 943 | |||
| 875 | int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, | 944 | int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, |
| 876 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); | 945 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); |
| 877 | int X509_set_ex_data(X509 *r, int idx, void *arg); | 946 | int X509_set_ex_data(X509 *r, int idx, void *arg); |
| 878 | void *X509_get_ex_data(X509 *r, int idx); | 947 | void *X509_get_ex_data(X509 *r, int idx); |
| 879 | int i2d_X509_AUX(X509 *a,unsigned char **pp); | 948 | int i2d_X509_AUX(X509 *a,unsigned char **pp); |
| 880 | X509 * d2i_X509_AUX(X509 **a,unsigned char **pp,long length); | 949 | X509 * d2i_X509_AUX(X509 **a,const unsigned char **pp,long length); |
| 881 | 950 | ||
| 882 | int X509_alias_set1(X509 *x, unsigned char *name, int len); | 951 | int X509_alias_set1(X509 *x, unsigned char *name, int len); |
| 883 | int X509_keyid_set1(X509 *x, unsigned char *id, int len); | 952 | int X509_keyid_set1(X509 *x, unsigned char *id, int len); |
| 884 | unsigned char * X509_alias_get0(X509 *x, int *len); | 953 | unsigned char * X509_alias_get0(X509 *x, int *len); |
| 954 | unsigned char * X509_keyid_get0(X509 *x, int *len); | ||
| 885 | int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); | 955 | int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); |
| 886 | int X509_TRUST_set(int *t, int trust); | 956 | int X509_TRUST_set(int *t, int trust); |
| 887 | int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); | 957 | int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); |
| @@ -898,7 +968,7 @@ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); | |||
| 898 | X509_PKEY * X509_PKEY_new(void ); | 968 | X509_PKEY * X509_PKEY_new(void ); |
| 899 | void X509_PKEY_free(X509_PKEY *a); | 969 | void X509_PKEY_free(X509_PKEY *a); |
| 900 | int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp); | 970 | int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp); |
| 901 | X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length); | 971 | X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,const unsigned char **pp,long length); |
| 902 | 972 | ||
| 903 | DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI) | 973 | DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI) |
| 904 | DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC) | 974 | DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC) |
| @@ -909,15 +979,15 @@ X509_INFO * X509_INFO_new(void); | |||
| 909 | void X509_INFO_free(X509_INFO *a); | 979 | void X509_INFO_free(X509_INFO *a); |
| 910 | char * X509_NAME_oneline(X509_NAME *a,char *buf,int size); | 980 | char * X509_NAME_oneline(X509_NAME *a,char *buf,int size); |
| 911 | 981 | ||
| 912 | int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1, | 982 | int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1, |
| 913 | ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey); | 983 | ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey); |
| 914 | 984 | ||
| 915 | int ASN1_digest(int (*i2d)(),const EVP_MD *type,char *data, | 985 | int ASN1_digest(i2d_of_void *i2d,const EVP_MD *type,char *data, |
| 916 | unsigned char *md,unsigned int *len); | 986 | unsigned char *md,unsigned int *len); |
| 917 | 987 | ||
| 918 | int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, | 988 | int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, |
| 919 | ASN1_BIT_STRING *signature, | 989 | X509_ALGOR *algor2, ASN1_BIT_STRING *signature, |
| 920 | char *data,EVP_PKEY *pkey, const EVP_MD *type); | 990 | char *data,EVP_PKEY *pkey, const EVP_MD *type); |
| 921 | 991 | ||
| 922 | int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data, | 992 | int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data, |
| 923 | unsigned char *md,unsigned int *len); | 993 | unsigned char *md,unsigned int *len); |
| @@ -982,6 +1052,8 @@ int X509_CRL_sort(X509_CRL *crl); | |||
| 982 | int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); | 1052 | int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); |
| 983 | int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); | 1053 | int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); |
| 984 | 1054 | ||
| 1055 | int X509_REQ_check_private_key(X509_REQ *x509,EVP_PKEY *pkey); | ||
| 1056 | |||
| 985 | int X509_check_private_key(X509 *x509,EVP_PKEY *pkey); | 1057 | int X509_check_private_key(X509 *x509,EVP_PKEY *pkey); |
| 986 | 1058 | ||
| 987 | int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); | 1059 | int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); |
| @@ -1128,6 +1200,8 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, | |||
| 1128 | STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, | 1200 | STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, |
| 1129 | const char *attrname, int type, | 1201 | const char *attrname, int type, |
| 1130 | const unsigned char *bytes, int len); | 1202 | const unsigned char *bytes, int len); |
| 1203 | void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, | ||
| 1204 | ASN1_OBJECT *obj, int lastpos, int type); | ||
| 1131 | X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, | 1205 | X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, |
| 1132 | int atrtype, const void *data, int len); | 1206 | int atrtype, const void *data, int len); |
| 1133 | X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, | 1207 | X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, |
| @@ -1142,6 +1216,24 @@ int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr); | |||
| 1142 | ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); | 1216 | ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); |
| 1143 | ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); | 1217 | ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); |
| 1144 | 1218 | ||
| 1219 | int EVP_PKEY_get_attr_count(const EVP_PKEY *key); | ||
| 1220 | int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, | ||
| 1221 | int lastpos); | ||
| 1222 | int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, | ||
| 1223 | int lastpos); | ||
| 1224 | X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc); | ||
| 1225 | X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc); | ||
| 1226 | int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr); | ||
| 1227 | int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, | ||
| 1228 | const ASN1_OBJECT *obj, int type, | ||
| 1229 | const unsigned char *bytes, int len); | ||
| 1230 | int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, | ||
| 1231 | int nid, int type, | ||
| 1232 | const unsigned char *bytes, int len); | ||
| 1233 | int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, | ||
| 1234 | const char *attrname, int type, | ||
| 1235 | const unsigned char *bytes, int len); | ||
| 1236 | |||
| 1145 | int X509_verify_cert(X509_STORE_CTX *ctx); | 1237 | int X509_verify_cert(X509_STORE_CTX *ctx); |
| 1146 | 1238 | ||
| 1147 | /* lookup a cert from a X509 STACK */ | 1239 | /* lookup a cert from a X509 STACK */ |
| @@ -1188,18 +1280,20 @@ void ERR_load_X509_strings(void); | |||
| 1188 | /* Function codes. */ | 1280 | /* Function codes. */ |
| 1189 | #define X509_F_ADD_CERT_DIR 100 | 1281 | #define X509_F_ADD_CERT_DIR 100 |
| 1190 | #define X509_F_BY_FILE_CTRL 101 | 1282 | #define X509_F_BY_FILE_CTRL 101 |
| 1283 | #define X509_F_CHECK_POLICY 145 | ||
| 1191 | #define X509_F_DIR_CTRL 102 | 1284 | #define X509_F_DIR_CTRL 102 |
| 1192 | #define X509_F_GET_CERT_BY_SUBJECT 103 | 1285 | #define X509_F_GET_CERT_BY_SUBJECT 103 |
| 1193 | #define X509_F_NETSCAPE_SPKI_B64_DECODE 129 | 1286 | #define X509_F_NETSCAPE_SPKI_B64_DECODE 129 |
| 1194 | #define X509_F_NETSCAPE_SPKI_B64_ENCODE 130 | 1287 | #define X509_F_NETSCAPE_SPKI_B64_ENCODE 130 |
| 1288 | #define X509_F_X509AT_ADD1_ATTR 135 | ||
| 1195 | #define X509_F_X509V3_ADD_EXT 104 | 1289 | #define X509_F_X509V3_ADD_EXT 104 |
| 1196 | #define X509_F_X509_ADD_ATTR 135 | ||
| 1197 | #define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136 | 1290 | #define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136 |
| 1198 | #define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137 | 1291 | #define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137 |
| 1199 | #define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140 | 1292 | #define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140 |
| 1200 | #define X509_F_X509_ATTRIBUTE_GET0_DATA 139 | 1293 | #define X509_F_X509_ATTRIBUTE_GET0_DATA 139 |
| 1201 | #define X509_F_X509_ATTRIBUTE_SET1_DATA 138 | 1294 | #define X509_F_X509_ATTRIBUTE_SET1_DATA 138 |
| 1202 | #define X509_F_X509_CHECK_PRIVATE_KEY 128 | 1295 | #define X509_F_X509_CHECK_PRIVATE_KEY 128 |
| 1296 | #define X509_F_X509_CRL_PRINT_FP 147 | ||
| 1203 | #define X509_F_X509_EXTENSION_CREATE_BY_NID 108 | 1297 | #define X509_F_X509_EXTENSION_CREATE_BY_NID 108 |
| 1204 | #define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 | 1298 | #define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 |
| 1205 | #define X509_F_X509_GET_PUBKEY_PARAMETERS 110 | 1299 | #define X509_F_X509_GET_PUBKEY_PARAMETERS 110 |
| @@ -1212,14 +1306,16 @@ void ERR_load_X509_strings(void); | |||
| 1212 | #define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 | 1306 | #define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 |
| 1213 | #define X509_F_X509_NAME_ONELINE 116 | 1307 | #define X509_F_X509_NAME_ONELINE 116 |
| 1214 | #define X509_F_X509_NAME_PRINT 117 | 1308 | #define X509_F_X509_NAME_PRINT 117 |
| 1215 | #define X509_F_X509_PRINT_FP 118 | 1309 | #define X509_F_X509_PRINT_EX_FP 118 |
| 1216 | #define X509_F_X509_PUBKEY_GET 119 | 1310 | #define X509_F_X509_PUBKEY_GET 119 |
| 1217 | #define X509_F_X509_PUBKEY_SET 120 | 1311 | #define X509_F_X509_PUBKEY_SET 120 |
| 1218 | #define X509_F_X509_REQ_PRINT 121 | 1312 | #define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144 |
| 1313 | #define X509_F_X509_REQ_PRINT_EX 121 | ||
| 1219 | #define X509_F_X509_REQ_PRINT_FP 122 | 1314 | #define X509_F_X509_REQ_PRINT_FP 122 |
| 1220 | #define X509_F_X509_REQ_TO_X509 123 | 1315 | #define X509_F_X509_REQ_TO_X509 123 |
| 1221 | #define X509_F_X509_STORE_ADD_CERT 124 | 1316 | #define X509_F_X509_STORE_ADD_CERT 124 |
| 1222 | #define X509_F_X509_STORE_ADD_CRL 125 | 1317 | #define X509_F_X509_STORE_ADD_CRL 125 |
| 1318 | #define X509_F_X509_STORE_CTX_GET1_ISSUER 146 | ||
| 1223 | #define X509_F_X509_STORE_CTX_INIT 143 | 1319 | #define X509_F_X509_STORE_CTX_INIT 143 |
| 1224 | #define X509_F_X509_STORE_CTX_NEW 142 | 1320 | #define X509_F_X509_STORE_CTX_NEW 142 |
| 1225 | #define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134 | 1321 | #define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134 |
diff --git a/src/lib/libcrypto/x509/x509_att.c b/src/lib/libcrypto/x509/x509_att.c index 0bae3d32a1..511b49d589 100644 --- a/src/lib/libcrypto/x509/x509_att.c +++ b/src/lib/libcrypto/x509/x509_att.c | |||
| @@ -67,8 +67,7 @@ | |||
| 67 | 67 | ||
| 68 | int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x) | 68 | int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x) |
| 69 | { | 69 | { |
| 70 | if (!x) return 0; | 70 | return sk_X509_ATTRIBUTE_num(x); |
| 71 | return(sk_X509_ATTRIBUTE_num(x)); | ||
| 72 | } | 71 | } |
| 73 | 72 | ||
| 74 | int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, | 73 | int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, |
| @@ -125,7 +124,13 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, | |||
| 125 | X509_ATTRIBUTE *new_attr=NULL; | 124 | X509_ATTRIBUTE *new_attr=NULL; |
| 126 | STACK_OF(X509_ATTRIBUTE) *sk=NULL; | 125 | STACK_OF(X509_ATTRIBUTE) *sk=NULL; |
| 127 | 126 | ||
| 128 | if ((x != NULL) && (*x == NULL)) | 127 | if (x == NULL) |
| 128 | { | ||
| 129 | X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER); | ||
| 130 | goto err2; | ||
| 131 | } | ||
| 132 | |||
| 133 | if (*x == NULL) | ||
| 129 | { | 134 | { |
| 130 | if ((sk=sk_X509_ATTRIBUTE_new_null()) == NULL) | 135 | if ((sk=sk_X509_ATTRIBUTE_new_null()) == NULL) |
| 131 | goto err; | 136 | goto err; |
| @@ -137,11 +142,11 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, | |||
| 137 | goto err2; | 142 | goto err2; |
| 138 | if (!sk_X509_ATTRIBUTE_push(sk,new_attr)) | 143 | if (!sk_X509_ATTRIBUTE_push(sk,new_attr)) |
| 139 | goto err; | 144 | goto err; |
| 140 | if ((x != NULL) && (*x == NULL)) | 145 | if (*x == NULL) |
| 141 | *x=sk; | 146 | *x=sk; |
| 142 | return(sk); | 147 | return(sk); |
| 143 | err: | 148 | err: |
| 144 | X509err(X509_F_X509_ADD_ATTR,ERR_R_MALLOC_FAILURE); | 149 | X509err(X509_F_X509AT_ADD1_ATTR,ERR_R_MALLOC_FAILURE); |
| 145 | err2: | 150 | err2: |
| 146 | if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr); | 151 | if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr); |
| 147 | if (sk != NULL) sk_X509_ATTRIBUTE_free(sk); | 152 | if (sk != NULL) sk_X509_ATTRIBUTE_free(sk); |
| @@ -187,6 +192,22 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, | |||
| 187 | return ret; | 192 | return ret; |
| 188 | } | 193 | } |
| 189 | 194 | ||
| 195 | void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, | ||
| 196 | ASN1_OBJECT *obj, int lastpos, int type) | ||
| 197 | { | ||
| 198 | int i; | ||
| 199 | X509_ATTRIBUTE *at; | ||
| 200 | i = X509at_get_attr_by_OBJ(x, obj, lastpos); | ||
| 201 | if (i == -1) | ||
| 202 | return NULL; | ||
| 203 | if ((lastpos <= -2) && (X509at_get_attr_by_OBJ(x, obj, i) != -1)) | ||
| 204 | return NULL; | ||
| 205 | at = X509at_get_attr(x, i); | ||
| 206 | if (lastpos <= -3 && (X509_ATTRIBUTE_count(at) != 1)) | ||
| 207 | return NULL; | ||
| 208 | return X509_ATTRIBUTE_get0_data(at, 0, type, NULL); | ||
| 209 | } | ||
| 210 | |||
| 190 | X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, | 211 | X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, |
| 191 | int atrtype, const void *data, int len) | 212 | int atrtype, const void *data, int len) |
| 192 | { | 213 | { |
| @@ -264,8 +285,8 @@ int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj) | |||
| 264 | int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len) | 285 | int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len) |
| 265 | { | 286 | { |
| 266 | ASN1_TYPE *ttmp; | 287 | ASN1_TYPE *ttmp; |
| 267 | ASN1_STRING *stmp; | 288 | ASN1_STRING *stmp = NULL; |
| 268 | int atype; | 289 | int atype = 0; |
| 269 | if (!attr) return 0; | 290 | if (!attr) return 0; |
| 270 | if(attrtype & MBSTRING_FLAG) { | 291 | if(attrtype & MBSTRING_FLAG) { |
| 271 | stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, | 292 | stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, |
| @@ -275,16 +296,22 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat | |||
| 275 | return 0; | 296 | return 0; |
| 276 | } | 297 | } |
| 277 | atype = stmp->type; | 298 | atype = stmp->type; |
| 278 | } else { | 299 | } else if (len != -1){ |
| 279 | if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err; | 300 | if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err; |
| 280 | if(!ASN1_STRING_set(stmp, data, len)) goto err; | 301 | if(!ASN1_STRING_set(stmp, data, len)) goto err; |
| 281 | atype = attrtype; | 302 | atype = attrtype; |
| 282 | } | 303 | } |
| 283 | if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err; | 304 | if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err; |
| 284 | if(!(ttmp = ASN1_TYPE_new())) goto err; | 305 | if(!(ttmp = ASN1_TYPE_new())) goto err; |
| 306 | if (len == -1) | ||
| 307 | { | ||
| 308 | if (!ASN1_TYPE_set1(ttmp, attrtype, data)) | ||
| 309 | goto err; | ||
| 310 | } | ||
| 311 | else | ||
| 312 | ASN1_TYPE_set(ttmp, atype, stmp); | ||
| 285 | if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err; | 313 | if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err; |
| 286 | attr->single = 0; | 314 | attr->single = 0; |
| 287 | ASN1_TYPE_set(ttmp, atype, stmp); | ||
| 288 | return 1; | 315 | return 1; |
| 289 | err: | 316 | err: |
| 290 | X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE); | 317 | X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE); |
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c index 030d0966fc..0d6bc653b2 100644 --- a/src/lib/libcrypto/x509/x509_cmp.c +++ b/src/lib/libcrypto/x509/x509_cmp.c | |||
| @@ -322,16 +322,10 @@ unsigned long X509_NAME_hash(X509_NAME *x) | |||
| 322 | { | 322 | { |
| 323 | unsigned long ret=0; | 323 | unsigned long ret=0; |
| 324 | unsigned char md[16]; | 324 | unsigned char md[16]; |
| 325 | EVP_MD_CTX md_ctx; | ||
| 326 | 325 | ||
| 327 | /* Make sure X509_NAME structure contains valid cached encoding */ | 326 | /* Make sure X509_NAME structure contains valid cached encoding */ |
| 328 | i2d_X509_NAME(x,NULL); | 327 | i2d_X509_NAME(x,NULL); |
| 329 | EVP_MD_CTX_init(&md_ctx); | 328 | EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL); |
| 330 | EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | ||
| 331 | EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL); | ||
| 332 | EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length); | ||
| 333 | EVP_DigestFinal_ex(&md_ctx,md,NULL); | ||
| 334 | EVP_MD_CTX_cleanup(&md_ctx); | ||
| 335 | 329 | ||
| 336 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| | 330 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| |
| 337 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) | 331 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) |
| @@ -396,45 +390,36 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k) | |||
| 396 | int ok=0; | 390 | int ok=0; |
| 397 | 391 | ||
| 398 | xk=X509_get_pubkey(x); | 392 | xk=X509_get_pubkey(x); |
| 399 | if (xk->type != k->type) | 393 | switch (EVP_PKEY_cmp(xk, k)) |
| 400 | { | ||
| 401 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH); | ||
| 402 | goto err; | ||
| 403 | } | ||
| 404 | switch (k->type) | ||
| 405 | { | 394 | { |
| 406 | #ifndef OPENSSL_NO_RSA | 395 | case 1: |
| 407 | case EVP_PKEY_RSA: | 396 | ok=1; |
| 408 | if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0 | ||
| 409 | || BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) | ||
| 410 | { | ||
| 411 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); | ||
| 412 | goto err; | ||
| 413 | } | ||
| 414 | break; | 397 | break; |
| 415 | #endif | 398 | case 0: |
| 416 | #ifndef OPENSSL_NO_DSA | 399 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); |
| 417 | case EVP_PKEY_DSA: | 400 | break; |
| 418 | if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0) | 401 | case -1: |
| 419 | { | 402 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH); |
| 420 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); | ||
| 421 | goto err; | ||
| 422 | } | ||
| 423 | break; | 403 | break; |
| 404 | case -2: | ||
| 405 | #ifndef OPENSSL_NO_EC | ||
| 406 | if (k->type == EVP_PKEY_EC) | ||
| 407 | { | ||
| 408 | X509err(X509_F_X509_CHECK_PRIVATE_KEY, ERR_R_EC_LIB); | ||
| 409 | break; | ||
| 410 | } | ||
| 424 | #endif | 411 | #endif |
| 425 | #ifndef OPENSSL_NO_DH | 412 | #ifndef OPENSSL_NO_DH |
| 426 | case EVP_PKEY_DH: | 413 | if (k->type == EVP_PKEY_DH) |
| 427 | /* No idea */ | 414 | { |
| 428 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); | 415 | /* No idea */ |
| 429 | goto err; | 416 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); |
| 417 | break; | ||
| 418 | } | ||
| 430 | #endif | 419 | #endif |
| 431 | default: | ||
| 432 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); | 420 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); |
| 433 | goto err; | ||
| 434 | } | 421 | } |
| 435 | 422 | ||
| 436 | ok=1; | ||
| 437 | err: | ||
| 438 | EVP_PKEY_free(xk); | 423 | EVP_PKEY_free(xk); |
| 439 | return(ok); | 424 | return(ok); |
| 440 | } | 425 | } |
diff --git a/src/lib/libcrypto/x509/x509_err.c b/src/lib/libcrypto/x509/x509_err.c index d44d046027..fb377292da 100644 --- a/src/lib/libcrypto/x509/x509_err.c +++ b/src/lib/libcrypto/x509/x509_err.c | |||
| @@ -72,18 +72,20 @@ static ERR_STRING_DATA X509_str_functs[]= | |||
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(X509_F_ADD_CERT_DIR), "ADD_CERT_DIR"}, | 73 | {ERR_FUNC(X509_F_ADD_CERT_DIR), "ADD_CERT_DIR"}, |
| 74 | {ERR_FUNC(X509_F_BY_FILE_CTRL), "BY_FILE_CTRL"}, | 74 | {ERR_FUNC(X509_F_BY_FILE_CTRL), "BY_FILE_CTRL"}, |
| 75 | {ERR_FUNC(X509_F_CHECK_POLICY), "CHECK_POLICY"}, | ||
| 75 | {ERR_FUNC(X509_F_DIR_CTRL), "DIR_CTRL"}, | 76 | {ERR_FUNC(X509_F_DIR_CTRL), "DIR_CTRL"}, |
| 76 | {ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT), "GET_CERT_BY_SUBJECT"}, | 77 | {ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT), "GET_CERT_BY_SUBJECT"}, |
| 77 | {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE), "NETSCAPE_SPKI_b64_decode"}, | 78 | {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE), "NETSCAPE_SPKI_b64_decode"}, |
| 78 | {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE), "NETSCAPE_SPKI_b64_encode"}, | 79 | {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE), "NETSCAPE_SPKI_b64_encode"}, |
| 80 | {ERR_FUNC(X509_F_X509AT_ADD1_ATTR), "X509at_add1_attr"}, | ||
| 79 | {ERR_FUNC(X509_F_X509V3_ADD_EXT), "X509v3_add_ext"}, | 81 | {ERR_FUNC(X509_F_X509V3_ADD_EXT), "X509v3_add_ext"}, |
| 80 | {ERR_FUNC(X509_F_X509_ADD_ATTR), "X509_ADD_ATTR"}, | ||
| 81 | {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID), "X509_ATTRIBUTE_create_by_NID"}, | 82 | {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID), "X509_ATTRIBUTE_create_by_NID"}, |
| 82 | {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ), "X509_ATTRIBUTE_create_by_OBJ"}, | 83 | {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ), "X509_ATTRIBUTE_create_by_OBJ"}, |
| 83 | {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT), "X509_ATTRIBUTE_create_by_txt"}, | 84 | {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT), "X509_ATTRIBUTE_create_by_txt"}, |
| 84 | {ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA), "X509_ATTRIBUTE_get0_data"}, | 85 | {ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA), "X509_ATTRIBUTE_get0_data"}, |
| 85 | {ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA), "X509_ATTRIBUTE_set1_data"}, | 86 | {ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA), "X509_ATTRIBUTE_set1_data"}, |
| 86 | {ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY), "X509_check_private_key"}, | 87 | {ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY), "X509_check_private_key"}, |
| 88 | {ERR_FUNC(X509_F_X509_CRL_PRINT_FP), "X509_CRL_print_fp"}, | ||
| 87 | {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID), "X509_EXTENSION_create_by_NID"}, | 89 | {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID), "X509_EXTENSION_create_by_NID"}, |
| 88 | {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ), "X509_EXTENSION_create_by_OBJ"}, | 90 | {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ), "X509_EXTENSION_create_by_OBJ"}, |
| 89 | {ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS), "X509_get_pubkey_parameters"}, | 91 | {ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS), "X509_get_pubkey_parameters"}, |
| @@ -96,14 +98,16 @@ static ERR_STRING_DATA X509_str_functs[]= | |||
| 96 | {ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT), "X509_NAME_ENTRY_set_object"}, | 98 | {ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT), "X509_NAME_ENTRY_set_object"}, |
| 97 | {ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"}, | 99 | {ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"}, |
| 98 | {ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"}, | 100 | {ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"}, |
| 99 | {ERR_FUNC(X509_F_X509_PRINT_FP), "X509_print_fp"}, | 101 | {ERR_FUNC(X509_F_X509_PRINT_EX_FP), "X509_print_ex_fp"}, |
| 100 | {ERR_FUNC(X509_F_X509_PUBKEY_GET), "X509_PUBKEY_get"}, | 102 | {ERR_FUNC(X509_F_X509_PUBKEY_GET), "X509_PUBKEY_get"}, |
| 101 | {ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"}, | 103 | {ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"}, |
| 102 | {ERR_FUNC(X509_F_X509_REQ_PRINT), "X509_REQ_print"}, | 104 | {ERR_FUNC(X509_F_X509_REQ_CHECK_PRIVATE_KEY), "X509_REQ_check_private_key"}, |
| 105 | {ERR_FUNC(X509_F_X509_REQ_PRINT_EX), "X509_REQ_print_ex"}, | ||
| 103 | {ERR_FUNC(X509_F_X509_REQ_PRINT_FP), "X509_REQ_print_fp"}, | 106 | {ERR_FUNC(X509_F_X509_REQ_PRINT_FP), "X509_REQ_print_fp"}, |
| 104 | {ERR_FUNC(X509_F_X509_REQ_TO_X509), "X509_REQ_to_X509"}, | 107 | {ERR_FUNC(X509_F_X509_REQ_TO_X509), "X509_REQ_to_X509"}, |
| 105 | {ERR_FUNC(X509_F_X509_STORE_ADD_CERT), "X509_STORE_add_cert"}, | 108 | {ERR_FUNC(X509_F_X509_STORE_ADD_CERT), "X509_STORE_add_cert"}, |
| 106 | {ERR_FUNC(X509_F_X509_STORE_ADD_CRL), "X509_STORE_add_crl"}, | 109 | {ERR_FUNC(X509_F_X509_STORE_ADD_CRL), "X509_STORE_add_crl"}, |
| 110 | {ERR_FUNC(X509_F_X509_STORE_CTX_GET1_ISSUER), "X509_STORE_CTX_get1_issuer"}, | ||
| 107 | {ERR_FUNC(X509_F_X509_STORE_CTX_INIT), "X509_STORE_CTX_init"}, | 111 | {ERR_FUNC(X509_F_X509_STORE_CTX_INIT), "X509_STORE_CTX_init"}, |
| 108 | {ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"}, | 112 | {ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"}, |
| 109 | {ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT), "X509_STORE_CTX_purpose_inherit"}, | 113 | {ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT), "X509_STORE_CTX_purpose_inherit"}, |
| @@ -146,15 +150,12 @@ static ERR_STRING_DATA X509_str_reasons[]= | |||
| 146 | 150 | ||
| 147 | void ERR_load_X509_strings(void) | 151 | void ERR_load_X509_strings(void) |
| 148 | { | 152 | { |
| 149 | static int init=1; | 153 | #ifndef OPENSSL_NO_ERR |
| 150 | 154 | ||
| 151 | if (init) | 155 | if (ERR_func_error_string(X509_str_functs[0].error) == NULL) |
| 152 | { | 156 | { |
| 153 | init=0; | ||
| 154 | #ifndef OPENSSL_NO_ERR | ||
| 155 | ERR_load_strings(0,X509_str_functs); | 157 | ERR_load_strings(0,X509_str_functs); |
| 156 | ERR_load_strings(0,X509_str_reasons); | 158 | ERR_load_strings(0,X509_str_reasons); |
| 157 | #endif | ||
| 158 | |||
| 159 | } | 159 | } |
| 160 | #endif | ||
| 160 | } | 161 | } |
diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c index b780dae5e2..cd2cfb6d85 100644 --- a/src/lib/libcrypto/x509/x509_lu.c +++ b/src/lib/libcrypto/x509/x509_lu.c | |||
| @@ -187,10 +187,8 @@ X509_STORE *X509_STORE_new(void) | |||
| 187 | ret->verify=0; | 187 | ret->verify=0; |
| 188 | ret->verify_cb=0; | 188 | ret->verify_cb=0; |
| 189 | 189 | ||
| 190 | ret->purpose = 0; | 190 | if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) |
| 191 | ret->trust = 0; | 191 | return NULL; |
| 192 | |||
| 193 | ret->flags = 0; | ||
| 194 | 192 | ||
| 195 | ret->get_issuer = 0; | 193 | ret->get_issuer = 0; |
| 196 | ret->check_issued = 0; | 194 | ret->check_issued = 0; |
| @@ -202,7 +200,6 @@ X509_STORE *X509_STORE_new(void) | |||
| 202 | 200 | ||
| 203 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data); | 201 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data); |
| 204 | ret->references=1; | 202 | ret->references=1; |
| 205 | ret->depth=0; | ||
| 206 | return ret; | 203 | return ret; |
| 207 | } | 204 | } |
| 208 | 205 | ||
| @@ -244,6 +241,8 @@ void X509_STORE_free(X509_STORE *vfy) | |||
| 244 | sk_X509_OBJECT_pop_free(vfy->objs, cleanup); | 241 | sk_X509_OBJECT_pop_free(vfy->objs, cleanup); |
| 245 | 242 | ||
| 246 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data); | 243 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data); |
| 244 | if (vfy->param) | ||
| 245 | X509_VERIFY_PARAM_free(vfy->param); | ||
| 247 | OPENSSL_free(vfy); | 246 | OPENSSL_free(vfy); |
| 248 | } | 247 | } |
| 249 | 248 | ||
| @@ -498,7 +497,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) | |||
| 498 | if (ok == X509_LU_RETRY) | 497 | if (ok == X509_LU_RETRY) |
| 499 | { | 498 | { |
| 500 | X509_OBJECT_free_contents(&obj); | 499 | X509_OBJECT_free_contents(&obj); |
| 501 | X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY); | 500 | X509err(X509_F_X509_STORE_CTX_GET1_ISSUER,X509_R_SHOULD_RETRY); |
| 502 | return -1; | 501 | return -1; |
| 503 | } | 502 | } |
| 504 | else if (ok != X509_LU_FAIL) | 503 | else if (ok != X509_LU_FAIL) |
| @@ -538,19 +537,30 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) | |||
| 538 | return 0; | 537 | return 0; |
| 539 | } | 538 | } |
| 540 | 539 | ||
| 541 | void X509_STORE_set_flags(X509_STORE *ctx, long flags) | 540 | int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags) |
| 542 | { | 541 | { |
| 543 | ctx->flags |= flags; | 542 | return X509_VERIFY_PARAM_set_flags(ctx->param, flags); |
| 543 | } | ||
| 544 | |||
| 545 | int X509_STORE_set_depth(X509_STORE *ctx, int depth) | ||
| 546 | { | ||
| 547 | X509_VERIFY_PARAM_set_depth(ctx->param, depth); | ||
| 548 | return 1; | ||
| 544 | } | 549 | } |
| 545 | 550 | ||
| 546 | int X509_STORE_set_purpose(X509_STORE *ctx, int purpose) | 551 | int X509_STORE_set_purpose(X509_STORE *ctx, int purpose) |
| 547 | { | 552 | { |
| 548 | return X509_PURPOSE_set(&ctx->purpose, purpose); | 553 | return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose); |
| 549 | } | 554 | } |
| 550 | 555 | ||
| 551 | int X509_STORE_set_trust(X509_STORE *ctx, int trust) | 556 | int X509_STORE_set_trust(X509_STORE *ctx, int trust) |
| 552 | { | 557 | { |
| 553 | return X509_TRUST_set(&ctx->trust, trust); | 558 | return X509_VERIFY_PARAM_set_trust(ctx->param, trust); |
| 559 | } | ||
| 560 | |||
| 561 | int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param) | ||
| 562 | { | ||
| 563 | return X509_VERIFY_PARAM_set1(ctx->param, param); | ||
| 554 | } | 564 | } |
| 555 | 565 | ||
| 556 | IMPLEMENT_STACK_OF(X509_LOOKUP) | 566 | IMPLEMENT_STACK_OF(X509_LOOKUP) |
diff --git a/src/lib/libcrypto/x509/x509_r2x.c b/src/lib/libcrypto/x509/x509_r2x.c index fb8a78dabe..254a14693d 100644 --- a/src/lib/libcrypto/x509/x509_r2x.c +++ b/src/lib/libcrypto/x509/x509_r2x.c | |||
| @@ -89,8 +89,10 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) | |||
| 89 | } | 89 | } |
| 90 | 90 | ||
| 91 | xn=X509_REQ_get_subject_name(r); | 91 | xn=X509_REQ_get_subject_name(r); |
| 92 | X509_set_subject_name(ret,X509_NAME_dup(xn)); | 92 | if (X509_set_subject_name(ret,X509_NAME_dup(xn)) == 0) |
| 93 | X509_set_issuer_name(ret,X509_NAME_dup(xn)); | 93 | goto err; |
| 94 | if (X509_set_issuer_name(ret,X509_NAME_dup(xn)) == 0) | ||
| 95 | goto err; | ||
| 94 | 96 | ||
| 95 | if (X509_gmtime_adj(xi->validity->notBefore,0) == NULL) | 97 | if (X509_gmtime_adj(xi->validity->notBefore,0) == NULL) |
| 96 | goto err; | 98 | goto err; |
diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c index 59fc6ca548..3872e1fb64 100644 --- a/src/lib/libcrypto/x509/x509_req.c +++ b/src/lib/libcrypto/x509/x509_req.c | |||
| @@ -113,6 +113,46 @@ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req) | |||
| 113 | return(X509_PUBKEY_get(req->req_info->pubkey)); | 113 | return(X509_PUBKEY_get(req->req_info->pubkey)); |
| 114 | } | 114 | } |
| 115 | 115 | ||
| 116 | int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k) | ||
| 117 | { | ||
| 118 | EVP_PKEY *xk=NULL; | ||
| 119 | int ok=0; | ||
| 120 | |||
| 121 | xk=X509_REQ_get_pubkey(x); | ||
| 122 | switch (EVP_PKEY_cmp(xk, k)) | ||
| 123 | { | ||
| 124 | case 1: | ||
| 125 | ok=1; | ||
| 126 | break; | ||
| 127 | case 0: | ||
| 128 | X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); | ||
| 129 | break; | ||
| 130 | case -1: | ||
| 131 | X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH); | ||
| 132 | break; | ||
| 133 | case -2: | ||
| 134 | #ifndef OPENSSL_NO_EC | ||
| 135 | if (k->type == EVP_PKEY_EC) | ||
| 136 | { | ||
| 137 | X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, ERR_R_EC_LIB); | ||
| 138 | break; | ||
| 139 | } | ||
| 140 | #endif | ||
| 141 | #ifndef OPENSSL_NO_DH | ||
| 142 | if (k->type == EVP_PKEY_DH) | ||
| 143 | { | ||
| 144 | /* No idea */ | ||
| 145 | X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); | ||
| 146 | break; | ||
| 147 | } | ||
| 148 | #endif | ||
| 149 | X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); | ||
| 150 | } | ||
| 151 | |||
| 152 | EVP_PKEY_free(xk); | ||
| 153 | return(ok); | ||
| 154 | } | ||
| 155 | |||
| 116 | /* It seems several organisations had the same idea of including a list of | 156 | /* It seems several organisations had the same idea of including a list of |
| 117 | * extensions in a certificate request. There are at least two OIDs that are | 157 | * extensions in a certificate request. There are at least two OIDs that are |
| 118 | * used and there may be more: so the list is configurable. | 158 | * used and there may be more: so the list is configurable. |
| @@ -147,7 +187,7 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) | |||
| 147 | X509_ATTRIBUTE *attr; | 187 | X509_ATTRIBUTE *attr; |
| 148 | ASN1_TYPE *ext = NULL; | 188 | ASN1_TYPE *ext = NULL; |
| 149 | int idx, *pnid; | 189 | int idx, *pnid; |
| 150 | unsigned char *p; | 190 | const unsigned char *p; |
| 151 | 191 | ||
| 152 | if ((req == NULL) || (req->req_info == NULL) || !ext_nids) | 192 | if ((req == NULL) || (req->req_info == NULL) || !ext_nids) |
| 153 | return(NULL); | 193 | return(NULL); |
| @@ -169,7 +209,7 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) | |||
| 169 | ext->value.sequence->length, | 209 | ext->value.sequence->length, |
| 170 | d2i_X509_EXTENSION, X509_EXTENSION_free, | 210 | d2i_X509_EXTENSION, X509_EXTENSION_free, |
| 171 | V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); | 211 | V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); |
| 172 | } | 212 | } |
| 173 | 213 | ||
| 174 | /* Add a STACK_OF extensions to a certificate request: allow alternative OIDs | 214 | /* Add a STACK_OF extensions to a certificate request: allow alternative OIDs |
| 175 | * in case we want to create a non standard one. | 215 | * in case we want to create a non standard one. |
| @@ -202,6 +242,11 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, | |||
| 202 | at = NULL; | 242 | at = NULL; |
| 203 | attr->single = 0; | 243 | attr->single = 0; |
| 204 | attr->object = OBJ_nid2obj(nid); | 244 | attr->object = OBJ_nid2obj(nid); |
| 245 | if (!req->req_info->attributes) | ||
| 246 | { | ||
| 247 | if (!(req->req_info->attributes = sk_X509_ATTRIBUTE_new_null())) | ||
| 248 | goto err; | ||
| 249 | } | ||
| 205 | if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err; | 250 | if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err; |
| 206 | return 1; | 251 | return 1; |
| 207 | err: | 252 | err: |
diff --git a/src/lib/libcrypto/x509/x509_trs.c b/src/lib/libcrypto/x509/x509_trs.c index 881252608d..9c84a59d52 100644 --- a/src/lib/libcrypto/x509/x509_trs.c +++ b/src/lib/libcrypto/x509/x509_trs.c | |||
| @@ -128,7 +128,7 @@ int X509_TRUST_get_count(void) | |||
| 128 | X509_TRUST * X509_TRUST_get0(int idx) | 128 | X509_TRUST * X509_TRUST_get0(int idx) |
| 129 | { | 129 | { |
| 130 | if(idx < 0) return NULL; | 130 | if(idx < 0) return NULL; |
| 131 | if(idx < X509_TRUST_COUNT) return trstandard + idx; | 131 | if(idx < (int)X509_TRUST_COUNT) return trstandard + idx; |
| 132 | return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT); | 132 | return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT); |
| 133 | } | 133 | } |
| 134 | 134 | ||
| @@ -219,7 +219,7 @@ static void trtable_free(X509_TRUST *p) | |||
| 219 | 219 | ||
| 220 | void X509_TRUST_cleanup(void) | 220 | void X509_TRUST_cleanup(void) |
| 221 | { | 221 | { |
| 222 | int i; | 222 | unsigned int i; |
| 223 | for(i = 0; i < X509_TRUST_COUNT; i++) trtable_free(trstandard + i); | 223 | for(i = 0; i < X509_TRUST_COUNT; i++) trtable_free(trstandard + i); |
| 224 | sk_X509_TRUST_pop_free(trtable, trtable_free); | 224 | sk_X509_TRUST_pop_free(trtable, trtable_free); |
| 225 | trtable = NULL; | 225 | trtable = NULL; |
diff --git a/src/lib/libcrypto/x509/x509_txt.c b/src/lib/libcrypto/x509/x509_txt.c index f19e66a238..73a8ec726f 100644 --- a/src/lib/libcrypto/x509/x509_txt.c +++ b/src/lib/libcrypto/x509/x509_txt.c | |||
| @@ -129,7 +129,7 @@ const char *X509_verify_cert_error_string(long n) | |||
| 129 | case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: | 129 | case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: |
| 130 | return("proxy path length constraint exceeded"); | 130 | return("proxy path length constraint exceeded"); |
| 131 | case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: | 131 | case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: |
| 132 | return("proxy cerificates not allowed, please set the appropriate flag"); | 132 | return("proxy certificates not allowed, please set the appropriate flag"); |
| 133 | case X509_V_ERR_INVALID_PURPOSE: | 133 | case X509_V_ERR_INVALID_PURPOSE: |
| 134 | return ("unsupported certificate purpose"); | 134 | return ("unsupported certificate purpose"); |
| 135 | case X509_V_ERR_CERT_UNTRUSTED: | 135 | case X509_V_ERR_CERT_UNTRUSTED: |
| @@ -156,6 +156,14 @@ const char *X509_verify_cert_error_string(long n) | |||
| 156 | return("key usage does not include digital signature"); | 156 | return("key usage does not include digital signature"); |
| 157 | case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: | 157 | case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: |
| 158 | return("unhandled critical CRL extension"); | 158 | return("unhandled critical CRL extension"); |
| 159 | case X509_V_ERR_INVALID_EXTENSION: | ||
| 160 | return("invalid or inconsistent certificate extension"); | ||
| 161 | case X509_V_ERR_INVALID_POLICY_EXTENSION: | ||
| 162 | return("invalid or inconsistent certificate policy extension"); | ||
| 163 | case X509_V_ERR_NO_EXPLICIT_POLICY: | ||
| 164 | return("no explicit policy"); | ||
| 165 | case X509_V_ERR_UNNESTED_RESOURCE: | ||
| 166 | return("RFC 3779 resource not subset of parent's resources"); | ||
| 159 | default: | 167 | default: |
| 160 | BIO_snprintf(buf,sizeof buf,"error number %ld",n); | 168 | BIO_snprintf(buf,sizeof buf,"error number %ld",n); |
| 161 | return(buf); | 169 | return(buf); |
diff --git a/src/lib/libcrypto/x509/x509_v3.c b/src/lib/libcrypto/x509/x509_v3.c index 67b1796a92..42e6f0ab05 100644 --- a/src/lib/libcrypto/x509/x509_v3.c +++ b/src/lib/libcrypto/x509/x509_v3.c | |||
| @@ -147,7 +147,13 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, | |||
| 147 | int n; | 147 | int n; |
| 148 | STACK_OF(X509_EXTENSION) *sk=NULL; | 148 | STACK_OF(X509_EXTENSION) *sk=NULL; |
| 149 | 149 | ||
| 150 | if ((x != NULL) && (*x == NULL)) | 150 | if (x == NULL) |
| 151 | { | ||
| 152 | X509err(X509_F_X509V3_ADD_EXT,ERR_R_PASSED_NULL_PARAMETER); | ||
| 153 | goto err2; | ||
| 154 | } | ||
| 155 | |||
| 156 | if (*x == NULL) | ||
| 151 | { | 157 | { |
| 152 | if ((sk=sk_X509_EXTENSION_new_null()) == NULL) | 158 | if ((sk=sk_X509_EXTENSION_new_null()) == NULL) |
| 153 | goto err; | 159 | goto err; |
| @@ -163,7 +169,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, | |||
| 163 | goto err2; | 169 | goto err2; |
| 164 | if (!sk_X509_EXTENSION_insert(sk,new_ex,loc)) | 170 | if (!sk_X509_EXTENSION_insert(sk,new_ex,loc)) |
| 165 | goto err; | 171 | goto err; |
| 166 | if ((x != NULL) && (*x == NULL)) | 172 | if (*x == NULL) |
| 167 | *x=sk; | 173 | *x=sk; |
| 168 | return(sk); | 174 | return(sk); |
| 169 | err: | 175 | err: |
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c index 383e082aba..9a62ebcf67 100644 --- a/src/lib/libcrypto/x509/x509_vfy.c +++ b/src/lib/libcrypto/x509/x509_vfy.c | |||
| @@ -77,8 +77,9 @@ static int check_chain_extensions(X509_STORE_CTX *ctx); | |||
| 77 | static int check_trust(X509_STORE_CTX *ctx); | 77 | static int check_trust(X509_STORE_CTX *ctx); |
| 78 | static int check_revocation(X509_STORE_CTX *ctx); | 78 | static int check_revocation(X509_STORE_CTX *ctx); |
| 79 | static int check_cert(X509_STORE_CTX *ctx); | 79 | static int check_cert(X509_STORE_CTX *ctx); |
| 80 | static int check_policy(X509_STORE_CTX *ctx); | ||
| 80 | static int internal_verify(X509_STORE_CTX *ctx); | 81 | static int internal_verify(X509_STORE_CTX *ctx); |
| 81 | const char *X509_version="X.509" OPENSSL_VERSION_PTEXT; | 82 | const char X509_version[]="X.509" OPENSSL_VERSION_PTEXT; |
| 82 | 83 | ||
| 83 | 84 | ||
| 84 | static int null_callback(int ok, X509_STORE_CTX *e) | 85 | static int null_callback(int ok, X509_STORE_CTX *e) |
| @@ -97,11 +98,12 @@ int X509_verify_cert(X509_STORE_CTX *ctx) | |||
| 97 | { | 98 | { |
| 98 | X509 *x,*xtmp,*chain_ss=NULL; | 99 | X509 *x,*xtmp,*chain_ss=NULL; |
| 99 | X509_NAME *xn; | 100 | X509_NAME *xn; |
| 101 | int bad_chain = 0; | ||
| 102 | X509_VERIFY_PARAM *param = ctx->param; | ||
| 100 | int depth,i,ok=0; | 103 | int depth,i,ok=0; |
| 101 | int num; | 104 | int num; |
| 102 | int (*cb)(); | 105 | int (*cb)(int xok,X509_STORE_CTX *xctx); |
| 103 | STACK_OF(X509) *sktmp=NULL; | 106 | STACK_OF(X509) *sktmp=NULL; |
| 104 | |||
| 105 | if (ctx->cert == NULL) | 107 | if (ctx->cert == NULL) |
| 106 | { | 108 | { |
| 107 | X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); | 109 | X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); |
| @@ -134,7 +136,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) | |||
| 134 | 136 | ||
| 135 | num=sk_X509_num(ctx->chain); | 137 | num=sk_X509_num(ctx->chain); |
| 136 | x=sk_X509_value(ctx->chain,num-1); | 138 | x=sk_X509_value(ctx->chain,num-1); |
| 137 | depth=ctx->depth; | 139 | depth=param->depth; |
| 138 | 140 | ||
| 139 | 141 | ||
| 140 | for (;;) | 142 | for (;;) |
| @@ -162,7 +164,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) | |||
| 162 | goto end; | 164 | goto end; |
| 163 | } | 165 | } |
| 164 | CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); | 166 | CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); |
| 165 | sk_X509_delete_ptr(sktmp,xtmp); | 167 | (void)sk_X509_delete_ptr(sktmp,xtmp); |
| 166 | ctx->last_untrusted++; | 168 | ctx->last_untrusted++; |
| 167 | x=xtmp; | 169 | x=xtmp; |
| 168 | num++; | 170 | num++; |
| @@ -201,6 +203,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) | |||
| 201 | ctx->current_cert=x; | 203 | ctx->current_cert=x; |
| 202 | ctx->error_depth=i-1; | 204 | ctx->error_depth=i-1; |
| 203 | if (ok == 1) X509_free(xtmp); | 205 | if (ok == 1) X509_free(xtmp); |
| 206 | bad_chain = 1; | ||
| 204 | ok=cb(0,ctx); | 207 | ok=cb(0,ctx); |
| 205 | if (!ok) goto end; | 208 | if (!ok) goto end; |
| 206 | } | 209 | } |
| @@ -211,7 +214,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) | |||
| 211 | */ | 214 | */ |
| 212 | X509_free(x); | 215 | X509_free(x); |
| 213 | x = xtmp; | 216 | x = xtmp; |
| 214 | sk_X509_set(ctx->chain, i - 1, x); | 217 | (void)sk_X509_set(ctx->chain, i - 1, x); |
| 215 | ctx->last_untrusted=0; | 218 | ctx->last_untrusted=0; |
| 216 | } | 219 | } |
| 217 | } | 220 | } |
| @@ -276,6 +279,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) | |||
| 276 | } | 279 | } |
| 277 | 280 | ||
| 278 | ctx->error_depth=num-1; | 281 | ctx->error_depth=num-1; |
| 282 | bad_chain = 1; | ||
| 279 | ok=cb(0,ctx); | 283 | ok=cb(0,ctx); |
| 280 | if (!ok) goto end; | 284 | if (!ok) goto end; |
| 281 | } | 285 | } |
| @@ -287,7 +291,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) | |||
| 287 | 291 | ||
| 288 | /* The chain extensions are OK: check trust */ | 292 | /* The chain extensions are OK: check trust */ |
| 289 | 293 | ||
| 290 | if (ctx->trust > 0) ok = check_trust(ctx); | 294 | if (param->trust > 0) ok = check_trust(ctx); |
| 291 | 295 | ||
| 292 | if (!ok) goto end; | 296 | if (!ok) goto end; |
| 293 | 297 | ||
| @@ -301,11 +305,25 @@ int X509_verify_cert(X509_STORE_CTX *ctx) | |||
| 301 | ok = ctx->check_revocation(ctx); | 305 | ok = ctx->check_revocation(ctx); |
| 302 | if(!ok) goto end; | 306 | if(!ok) goto end; |
| 303 | 307 | ||
| 304 | /* At this point, we have a chain and just need to verify it */ | 308 | /* At this point, we have a chain and need to verify it */ |
| 305 | if (ctx->verify != NULL) | 309 | if (ctx->verify != NULL) |
| 306 | ok=ctx->verify(ctx); | 310 | ok=ctx->verify(ctx); |
| 307 | else | 311 | else |
| 308 | ok=internal_verify(ctx); | 312 | ok=internal_verify(ctx); |
| 313 | if(!ok) goto end; | ||
| 314 | |||
| 315 | #ifndef OPENSSL_NO_RFC3779 | ||
| 316 | /* RFC 3779 path validation, now that CRL check has been done */ | ||
| 317 | ok = v3_asid_validate_path(ctx); | ||
| 318 | if (!ok) goto end; | ||
| 319 | ok = v3_addr_validate_path(ctx); | ||
| 320 | if (!ok) goto end; | ||
| 321 | #endif | ||
| 322 | |||
| 323 | /* If we get this far evaluate policies */ | ||
| 324 | if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK)) | ||
| 325 | ok = ctx->check_policy(ctx); | ||
| 326 | if(!ok) goto end; | ||
| 309 | if (0) | 327 | if (0) |
| 310 | { | 328 | { |
| 311 | end: | 329 | end: |
| @@ -342,7 +360,7 @@ static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer) | |||
| 342 | if (ret == X509_V_OK) | 360 | if (ret == X509_V_OK) |
| 343 | return 1; | 361 | return 1; |
| 344 | /* If we haven't asked for issuer errors don't set ctx */ | 362 | /* If we haven't asked for issuer errors don't set ctx */ |
| 345 | if (!(ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK)) | 363 | if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK)) |
| 346 | return 0; | 364 | return 0; |
| 347 | 365 | ||
| 348 | ctx->error = ret; | 366 | ctx->error = ret; |
| @@ -365,7 +383,7 @@ static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) | |||
| 365 | else | 383 | else |
| 366 | return 0; | 384 | return 0; |
| 367 | } | 385 | } |
| 368 | 386 | ||
| 369 | 387 | ||
| 370 | /* Check a certificate chains extensions for consistency | 388 | /* Check a certificate chains extensions for consistency |
| 371 | * with the supplied purpose | 389 | * with the supplied purpose |
| @@ -378,9 +396,10 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) | |||
| 378 | #else | 396 | #else |
| 379 | int i, ok=0, must_be_ca; | 397 | int i, ok=0, must_be_ca; |
| 380 | X509 *x; | 398 | X509 *x; |
| 381 | int (*cb)(); | 399 | int (*cb)(int xok,X509_STORE_CTX *xctx); |
| 382 | int proxy_path_length = 0; | 400 | int proxy_path_length = 0; |
| 383 | int allow_proxy_certs = !!(ctx->flags & X509_V_FLAG_ALLOW_PROXY_CERTS); | 401 | int allow_proxy_certs = |
| 402 | !!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS); | ||
| 384 | cb=ctx->verify_cb; | 403 | cb=ctx->verify_cb; |
| 385 | 404 | ||
| 386 | /* must_be_ca can have 1 of 3 values: | 405 | /* must_be_ca can have 1 of 3 values: |
| @@ -403,7 +422,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) | |||
| 403 | { | 422 | { |
| 404 | int ret; | 423 | int ret; |
| 405 | x = sk_X509_value(ctx->chain, i); | 424 | x = sk_X509_value(ctx->chain, i); |
| 406 | if (!(ctx->flags & X509_V_FLAG_IGNORE_CRITICAL) | 425 | if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) |
| 407 | && (x->ex_flags & EXFLAG_CRITICAL)) | 426 | && (x->ex_flags & EXFLAG_CRITICAL)) |
| 408 | { | 427 | { |
| 409 | ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION; | 428 | ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION; |
| @@ -424,7 +443,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) | |||
| 424 | switch(must_be_ca) | 443 | switch(must_be_ca) |
| 425 | { | 444 | { |
| 426 | case -1: | 445 | case -1: |
| 427 | if ((ctx->flags & X509_V_FLAG_X509_STRICT) | 446 | if ((ctx->param->flags & X509_V_FLAG_X509_STRICT) |
| 428 | && (ret != 1) && (ret != 0)) | 447 | && (ret != 1) && (ret != 0)) |
| 429 | { | 448 | { |
| 430 | ret = 0; | 449 | ret = 0; |
| @@ -444,7 +463,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) | |||
| 444 | break; | 463 | break; |
| 445 | default: | 464 | default: |
| 446 | if ((ret == 0) | 465 | if ((ret == 0) |
| 447 | || ((ctx->flags & X509_V_FLAG_X509_STRICT) | 466 | || ((ctx->param->flags & X509_V_FLAG_X509_STRICT) |
| 448 | && (ret != 1))) | 467 | && (ret != 1))) |
| 449 | { | 468 | { |
| 450 | ret = 0; | 469 | ret = 0; |
| @@ -461,12 +480,12 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) | |||
| 461 | ok=cb(0,ctx); | 480 | ok=cb(0,ctx); |
| 462 | if (!ok) goto end; | 481 | if (!ok) goto end; |
| 463 | } | 482 | } |
| 464 | if (ctx->purpose > 0) | 483 | if (ctx->param->purpose > 0) |
| 465 | { | 484 | { |
| 466 | ret = X509_check_purpose(x, ctx->purpose, | 485 | ret = X509_check_purpose(x, ctx->param->purpose, |
| 467 | must_be_ca > 0); | 486 | must_be_ca > 0); |
| 468 | if ((ret == 0) | 487 | if ((ret == 0) |
| 469 | || ((ctx->flags & X509_V_FLAG_X509_STRICT) | 488 | || ((ctx->param->flags & X509_V_FLAG_X509_STRICT) |
| 470 | && (ret != 1))) | 489 | && (ret != 1))) |
| 471 | { | 490 | { |
| 472 | ctx->error = X509_V_ERR_INVALID_PURPOSE; | 491 | ctx->error = X509_V_ERR_INVALID_PURPOSE; |
| @@ -492,21 +511,15 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) | |||
| 492 | CA certificate. */ | 511 | CA certificate. */ |
| 493 | if (x->ex_flags & EXFLAG_PROXY) | 512 | if (x->ex_flags & EXFLAG_PROXY) |
| 494 | { | 513 | { |
| 495 | PROXY_CERT_INFO_EXTENSION *pci = | 514 | if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen) |
| 496 | X509_get_ext_d2i(x, NID_proxyCertInfo, | ||
| 497 | NULL, NULL); | ||
| 498 | if (pci->pcPathLengthConstraint && | ||
| 499 | ASN1_INTEGER_get(pci->pcPathLengthConstraint) | ||
| 500 | < i) | ||
| 501 | { | 515 | { |
| 502 | PROXY_CERT_INFO_EXTENSION_free(pci); | 516 | ctx->error = |
| 503 | ctx->error = X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED; | 517 | X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED; |
| 504 | ctx->error_depth = i; | 518 | ctx->error_depth = i; |
| 505 | ctx->current_cert = x; | 519 | ctx->current_cert = x; |
| 506 | ok=cb(0,ctx); | 520 | ok=cb(0,ctx); |
| 507 | if (!ok) goto end; | 521 | if (!ok) goto end; |
| 508 | } | 522 | } |
| 509 | PROXY_CERT_INFO_EXTENSION_free(pci); | ||
| 510 | proxy_path_length++; | 523 | proxy_path_length++; |
| 511 | must_be_ca = 0; | 524 | must_be_ca = 0; |
| 512 | } | 525 | } |
| @@ -526,12 +539,12 @@ static int check_trust(X509_STORE_CTX *ctx) | |||
| 526 | #else | 539 | #else |
| 527 | int i, ok; | 540 | int i, ok; |
| 528 | X509 *x; | 541 | X509 *x; |
| 529 | int (*cb)(); | 542 | int (*cb)(int xok,X509_STORE_CTX *xctx); |
| 530 | cb=ctx->verify_cb; | 543 | cb=ctx->verify_cb; |
| 531 | /* For now just check the last certificate in the chain */ | 544 | /* For now just check the last certificate in the chain */ |
| 532 | i = sk_X509_num(ctx->chain) - 1; | 545 | i = sk_X509_num(ctx->chain) - 1; |
| 533 | x = sk_X509_value(ctx->chain, i); | 546 | x = sk_X509_value(ctx->chain, i); |
| 534 | ok = X509_check_trust(x, ctx->trust, 0); | 547 | ok = X509_check_trust(x, ctx->param->trust, 0); |
| 535 | if (ok == X509_TRUST_TRUSTED) | 548 | if (ok == X509_TRUST_TRUSTED) |
| 536 | return 1; | 549 | return 1; |
| 537 | ctx->error_depth = i; | 550 | ctx->error_depth = i; |
| @@ -548,9 +561,9 @@ static int check_trust(X509_STORE_CTX *ctx) | |||
| 548 | static int check_revocation(X509_STORE_CTX *ctx) | 561 | static int check_revocation(X509_STORE_CTX *ctx) |
| 549 | { | 562 | { |
| 550 | int i, last, ok; | 563 | int i, last, ok; |
| 551 | if (!(ctx->flags & X509_V_FLAG_CRL_CHECK)) | 564 | if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK)) |
| 552 | return 1; | 565 | return 1; |
| 553 | if (ctx->flags & X509_V_FLAG_CRL_CHECK_ALL) | 566 | if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL) |
| 554 | last = sk_X509_num(ctx->chain) - 1; | 567 | last = sk_X509_num(ctx->chain) - 1; |
| 555 | else | 568 | else |
| 556 | last = 0; | 569 | last = 0; |
| @@ -593,17 +606,124 @@ static int check_cert(X509_STORE_CTX *ctx) | |||
| 593 | 606 | ||
| 594 | } | 607 | } |
| 595 | 608 | ||
| 609 | /* Check CRL times against values in X509_STORE_CTX */ | ||
| 610 | |||
| 611 | static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify) | ||
| 612 | { | ||
| 613 | time_t *ptime; | ||
| 614 | int i; | ||
| 615 | ctx->current_crl = crl; | ||
| 616 | if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) | ||
| 617 | ptime = &ctx->param->check_time; | ||
| 618 | else | ||
| 619 | ptime = NULL; | ||
| 620 | |||
| 621 | i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime); | ||
| 622 | if (i == 0) | ||
| 623 | { | ||
| 624 | ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD; | ||
| 625 | if (!notify || !ctx->verify_cb(0, ctx)) | ||
| 626 | return 0; | ||
| 627 | } | ||
| 628 | |||
| 629 | if (i > 0) | ||
| 630 | { | ||
| 631 | ctx->error=X509_V_ERR_CRL_NOT_YET_VALID; | ||
| 632 | if (!notify || !ctx->verify_cb(0, ctx)) | ||
| 633 | return 0; | ||
| 634 | } | ||
| 635 | |||
| 636 | if(X509_CRL_get_nextUpdate(crl)) | ||
| 637 | { | ||
| 638 | i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime); | ||
| 639 | |||
| 640 | if (i == 0) | ||
| 641 | { | ||
| 642 | ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD; | ||
| 643 | if (!notify || !ctx->verify_cb(0, ctx)) | ||
| 644 | return 0; | ||
| 645 | } | ||
| 646 | |||
| 647 | if (i < 0) | ||
| 648 | { | ||
| 649 | ctx->error=X509_V_ERR_CRL_HAS_EXPIRED; | ||
| 650 | if (!notify || !ctx->verify_cb(0, ctx)) | ||
| 651 | return 0; | ||
| 652 | } | ||
| 653 | } | ||
| 654 | |||
| 655 | ctx->current_crl = NULL; | ||
| 656 | |||
| 657 | return 1; | ||
| 658 | } | ||
| 659 | |||
| 660 | /* Lookup CRLs from the supplied list. Look for matching isser name | ||
| 661 | * and validity. If we can't find a valid CRL return the last one | ||
| 662 | * with matching name. This gives more meaningful error codes. Otherwise | ||
| 663 | * we'd get a CRL not found error if a CRL existed with matching name but | ||
| 664 | * was invalid. | ||
| 665 | */ | ||
| 666 | |||
| 667 | static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, | ||
| 668 | X509_NAME *nm, STACK_OF(X509_CRL) *crls) | ||
| 669 | { | ||
| 670 | int i; | ||
| 671 | X509_CRL *crl, *best_crl = NULL; | ||
| 672 | for (i = 0; i < sk_X509_CRL_num(crls); i++) | ||
| 673 | { | ||
| 674 | crl = sk_X509_CRL_value(crls, i); | ||
| 675 | if (X509_NAME_cmp(nm, X509_CRL_get_issuer(crl))) | ||
| 676 | continue; | ||
| 677 | if (check_crl_time(ctx, crl, 0)) | ||
| 678 | { | ||
| 679 | *pcrl = crl; | ||
| 680 | CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509); | ||
| 681 | return 1; | ||
| 682 | } | ||
| 683 | best_crl = crl; | ||
| 684 | } | ||
| 685 | if (best_crl) | ||
| 686 | { | ||
| 687 | *pcrl = best_crl; | ||
| 688 | CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509); | ||
| 689 | } | ||
| 690 | |||
| 691 | return 0; | ||
| 692 | } | ||
| 693 | |||
| 596 | /* Retrieve CRL corresponding to certificate: currently just a | 694 | /* Retrieve CRL corresponding to certificate: currently just a |
| 597 | * subject lookup: maybe use AKID later... | 695 | * subject lookup: maybe use AKID later... |
| 598 | * Also might look up any included CRLs too (e.g PKCS#7 signedData). | ||
| 599 | */ | 696 | */ |
| 600 | static int get_crl(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x) | 697 | static int get_crl(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 *x) |
| 601 | { | 698 | { |
| 602 | int ok; | 699 | int ok; |
| 700 | X509_CRL *crl = NULL; | ||
| 603 | X509_OBJECT xobj; | 701 | X509_OBJECT xobj; |
| 604 | ok = X509_STORE_get_by_subject(ctx, X509_LU_CRL, X509_get_issuer_name(x), &xobj); | 702 | X509_NAME *nm; |
| 605 | if (!ok) return 0; | 703 | nm = X509_get_issuer_name(x); |
| 606 | *crl = xobj.data.crl; | 704 | ok = get_crl_sk(ctx, &crl, nm, ctx->crls); |
| 705 | if (ok) | ||
| 706 | { | ||
| 707 | *pcrl = crl; | ||
| 708 | return 1; | ||
| 709 | } | ||
| 710 | |||
| 711 | ok = X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj); | ||
| 712 | |||
| 713 | if (!ok) | ||
| 714 | { | ||
| 715 | /* If we got a near match from get_crl_sk use that */ | ||
| 716 | if (crl) | ||
| 717 | { | ||
| 718 | *pcrl = crl; | ||
| 719 | return 1; | ||
| 720 | } | ||
| 721 | return 0; | ||
| 722 | } | ||
| 723 | |||
| 724 | *pcrl = xobj.data.crl; | ||
| 725 | if (crl) | ||
| 726 | X509_CRL_free(crl); | ||
| 607 | return 1; | 727 | return 1; |
| 608 | } | 728 | } |
| 609 | 729 | ||
| @@ -612,8 +732,7 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) | |||
| 612 | { | 732 | { |
| 613 | X509 *issuer = NULL; | 733 | X509 *issuer = NULL; |
| 614 | EVP_PKEY *ikey = NULL; | 734 | EVP_PKEY *ikey = NULL; |
| 615 | int ok = 0, chnum, cnum, i; | 735 | int ok = 0, chnum, cnum; |
| 616 | time_t *ptime; | ||
| 617 | cnum = ctx->error_depth; | 736 | cnum = ctx->error_depth; |
| 618 | chnum = sk_X509_num(ctx->chain) - 1; | 737 | chnum = sk_X509_num(ctx->chain) - 1; |
| 619 | /* Find CRL issuer: if not last certificate then issuer | 738 | /* Find CRL issuer: if not last certificate then issuer |
| @@ -665,45 +784,9 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) | |||
| 665 | } | 784 | } |
| 666 | } | 785 | } |
| 667 | 786 | ||
| 668 | /* OK, CRL signature valid check times */ | 787 | ok = check_crl_time(ctx, crl, 1); |
| 669 | if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME) | 788 | if (!ok) |
| 670 | ptime = &ctx->check_time; | 789 | goto err; |
| 671 | else | ||
| 672 | ptime = NULL; | ||
| 673 | |||
| 674 | i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime); | ||
| 675 | if (i == 0) | ||
| 676 | { | ||
| 677 | ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD; | ||
| 678 | ok = ctx->verify_cb(0, ctx); | ||
| 679 | if (!ok) goto err; | ||
| 680 | } | ||
| 681 | |||
| 682 | if (i > 0) | ||
| 683 | { | ||
| 684 | ctx->error=X509_V_ERR_CRL_NOT_YET_VALID; | ||
| 685 | ok = ctx->verify_cb(0, ctx); | ||
| 686 | if (!ok) goto err; | ||
| 687 | } | ||
| 688 | |||
| 689 | if(X509_CRL_get_nextUpdate(crl)) | ||
| 690 | { | ||
| 691 | i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime); | ||
| 692 | |||
| 693 | if (i == 0) | ||
| 694 | { | ||
| 695 | ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD; | ||
| 696 | ok = ctx->verify_cb(0, ctx); | ||
| 697 | if (!ok) goto err; | ||
| 698 | } | ||
| 699 | |||
| 700 | if (i < 0) | ||
| 701 | { | ||
| 702 | ctx->error=X509_V_ERR_CRL_HAS_EXPIRED; | ||
| 703 | ok = ctx->verify_cb(0, ctx); | ||
| 704 | if (!ok) goto err; | ||
| 705 | } | ||
| 706 | } | ||
| 707 | 790 | ||
| 708 | ok = 1; | 791 | ok = 1; |
| 709 | 792 | ||
| @@ -741,7 +824,7 @@ static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x) | |||
| 741 | if (!ok) return 0; | 824 | if (!ok) return 0; |
| 742 | } | 825 | } |
| 743 | 826 | ||
| 744 | if (ctx->flags & X509_V_FLAG_IGNORE_CRITICAL) | 827 | if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) |
| 745 | return 1; | 828 | return 1; |
| 746 | 829 | ||
| 747 | /* See if we have any critical CRL extensions: since we | 830 | /* See if we have any critical CRL extensions: since we |
| @@ -768,13 +851,106 @@ static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x) | |||
| 768 | return 1; | 851 | return 1; |
| 769 | } | 852 | } |
| 770 | 853 | ||
| 854 | static int check_policy(X509_STORE_CTX *ctx) | ||
| 855 | { | ||
| 856 | int ret; | ||
| 857 | ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain, | ||
| 858 | ctx->param->policies, ctx->param->flags); | ||
| 859 | if (ret == 0) | ||
| 860 | { | ||
| 861 | X509err(X509_F_CHECK_POLICY,ERR_R_MALLOC_FAILURE); | ||
| 862 | return 0; | ||
| 863 | } | ||
| 864 | /* Invalid or inconsistent extensions */ | ||
| 865 | if (ret == -1) | ||
| 866 | { | ||
| 867 | /* Locate certificates with bad extensions and notify | ||
| 868 | * callback. | ||
| 869 | */ | ||
| 870 | X509 *x; | ||
| 871 | int i; | ||
| 872 | for (i = 1; i < sk_X509_num(ctx->chain); i++) | ||
| 873 | { | ||
| 874 | x = sk_X509_value(ctx->chain, i); | ||
| 875 | if (!(x->ex_flags & EXFLAG_INVALID_POLICY)) | ||
| 876 | continue; | ||
| 877 | ctx->current_cert = x; | ||
| 878 | ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION; | ||
| 879 | ret = ctx->verify_cb(0, ctx); | ||
| 880 | } | ||
| 881 | return 1; | ||
| 882 | } | ||
| 883 | if (ret == -2) | ||
| 884 | { | ||
| 885 | ctx->current_cert = NULL; | ||
| 886 | ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY; | ||
| 887 | return ctx->verify_cb(0, ctx); | ||
| 888 | } | ||
| 889 | |||
| 890 | if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY) | ||
| 891 | { | ||
| 892 | ctx->current_cert = NULL; | ||
| 893 | ctx->error = X509_V_OK; | ||
| 894 | if (!ctx->verify_cb(2, ctx)) | ||
| 895 | return 0; | ||
| 896 | } | ||
| 897 | |||
| 898 | return 1; | ||
| 899 | } | ||
| 900 | |||
| 901 | static int check_cert_time(X509_STORE_CTX *ctx, X509 *x) | ||
| 902 | { | ||
| 903 | time_t *ptime; | ||
| 904 | int i; | ||
| 905 | |||
| 906 | if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) | ||
| 907 | ptime = &ctx->param->check_time; | ||
| 908 | else | ||
| 909 | ptime = NULL; | ||
| 910 | |||
| 911 | i=X509_cmp_time(X509_get_notBefore(x), ptime); | ||
| 912 | if (i == 0) | ||
| 913 | { | ||
| 914 | ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD; | ||
| 915 | ctx->current_cert=x; | ||
| 916 | if (!ctx->verify_cb(0, ctx)) | ||
| 917 | return 0; | ||
| 918 | } | ||
| 919 | |||
| 920 | if (i > 0) | ||
| 921 | { | ||
| 922 | ctx->error=X509_V_ERR_CERT_NOT_YET_VALID; | ||
| 923 | ctx->current_cert=x; | ||
| 924 | if (!ctx->verify_cb(0, ctx)) | ||
| 925 | return 0; | ||
| 926 | } | ||
| 927 | |||
| 928 | i=X509_cmp_time(X509_get_notAfter(x), ptime); | ||
| 929 | if (i == 0) | ||
| 930 | { | ||
| 931 | ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD; | ||
| 932 | ctx->current_cert=x; | ||
| 933 | if (!ctx->verify_cb(0, ctx)) | ||
| 934 | return 0; | ||
| 935 | } | ||
| 936 | |||
| 937 | if (i < 0) | ||
| 938 | { | ||
| 939 | ctx->error=X509_V_ERR_CERT_HAS_EXPIRED; | ||
| 940 | ctx->current_cert=x; | ||
| 941 | if (!ctx->verify_cb(0, ctx)) | ||
| 942 | return 0; | ||
| 943 | } | ||
| 944 | |||
| 945 | return 1; | ||
| 946 | } | ||
| 947 | |||
| 771 | static int internal_verify(X509_STORE_CTX *ctx) | 948 | static int internal_verify(X509_STORE_CTX *ctx) |
| 772 | { | 949 | { |
| 773 | int i,ok=0,n; | 950 | int ok=0,n; |
| 774 | X509 *xs,*xi; | 951 | X509 *xs,*xi; |
| 775 | EVP_PKEY *pkey=NULL; | 952 | EVP_PKEY *pkey=NULL; |
| 776 | time_t *ptime; | 953 | int (*cb)(int xok,X509_STORE_CTX *xctx); |
| 777 | int (*cb)(); | ||
| 778 | 954 | ||
| 779 | cb=ctx->verify_cb; | 955 | cb=ctx->verify_cb; |
| 780 | 956 | ||
| @@ -782,10 +958,7 @@ static int internal_verify(X509_STORE_CTX *ctx) | |||
| 782 | ctx->error_depth=n-1; | 958 | ctx->error_depth=n-1; |
| 783 | n--; | 959 | n--; |
| 784 | xi=sk_X509_value(ctx->chain,n); | 960 | xi=sk_X509_value(ctx->chain,n); |
| 785 | if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME) | 961 | |
| 786 | ptime = &ctx->check_time; | ||
| 787 | else | ||
| 788 | ptime = NULL; | ||
| 789 | if (ctx->check_issued(ctx, xi, xi)) | 962 | if (ctx->check_issued(ctx, xi, xi)) |
| 790 | xs=xi; | 963 | xs=xi; |
| 791 | else | 964 | else |
| @@ -838,41 +1011,13 @@ static int internal_verify(X509_STORE_CTX *ctx) | |||
| 838 | } | 1011 | } |
| 839 | EVP_PKEY_free(pkey); | 1012 | EVP_PKEY_free(pkey); |
| 840 | pkey=NULL; | 1013 | pkey=NULL; |
| 841 | |||
| 842 | i=X509_cmp_time(X509_get_notBefore(xs), ptime); | ||
| 843 | if (i == 0) | ||
| 844 | { | ||
| 845 | ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD; | ||
| 846 | ctx->current_cert=xs; | ||
| 847 | ok=(*cb)(0,ctx); | ||
| 848 | if (!ok) goto end; | ||
| 849 | } | ||
| 850 | if (i > 0) | ||
| 851 | { | ||
| 852 | ctx->error=X509_V_ERR_CERT_NOT_YET_VALID; | ||
| 853 | ctx->current_cert=xs; | ||
| 854 | ok=(*cb)(0,ctx); | ||
| 855 | if (!ok) goto end; | ||
| 856 | } | ||
| 857 | xs->valid=1; | ||
| 858 | } | 1014 | } |
| 859 | 1015 | ||
| 860 | i=X509_cmp_time(X509_get_notAfter(xs), ptime); | 1016 | xs->valid = 1; |
| 861 | if (i == 0) | ||
| 862 | { | ||
| 863 | ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD; | ||
| 864 | ctx->current_cert=xs; | ||
| 865 | ok=(*cb)(0,ctx); | ||
| 866 | if (!ok) goto end; | ||
| 867 | } | ||
| 868 | 1017 | ||
| 869 | if (i < 0) | 1018 | ok = check_cert_time(ctx, xs); |
| 870 | { | 1019 | if (!ok) |
| 871 | ctx->error=X509_V_ERR_CERT_HAS_EXPIRED; | 1020 | goto end; |
| 872 | ctx->current_cert=xs; | ||
| 873 | ok=(*cb)(0,ctx); | ||
| 874 | if (!ok) goto end; | ||
| 875 | } | ||
| 876 | 1021 | ||
| 877 | /* The last error (if any) is still in the error value */ | 1022 | /* The last error (if any) is still in the error value */ |
| 878 | ctx->current_issuer=xi; | 1023 | ctx->current_issuer=xi; |
| @@ -1105,6 +1250,11 @@ void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) | |||
| 1105 | ctx->untrusted=sk; | 1250 | ctx->untrusted=sk; |
| 1106 | } | 1251 | } |
| 1107 | 1252 | ||
| 1253 | void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk) | ||
| 1254 | { | ||
| 1255 | ctx->crls=sk; | ||
| 1256 | } | ||
| 1257 | |||
| 1108 | int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose) | 1258 | int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose) |
| 1109 | { | 1259 | { |
| 1110 | return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0); | 1260 | return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0); |
| @@ -1168,8 +1318,8 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, | |||
| 1168 | } | 1318 | } |
| 1169 | } | 1319 | } |
| 1170 | 1320 | ||
| 1171 | if (purpose && !ctx->purpose) ctx->purpose = purpose; | 1321 | if (purpose && !ctx->param->purpose) ctx->param->purpose = purpose; |
| 1172 | if (trust && !ctx->trust) ctx->trust = trust; | 1322 | if (trust && !ctx->param->trust) ctx->param->trust = trust; |
| 1173 | return 1; | 1323 | return 1; |
| 1174 | } | 1324 | } |
| 1175 | 1325 | ||
| @@ -1195,20 +1345,30 @@ void X509_STORE_CTX_free(X509_STORE_CTX *ctx) | |||
| 1195 | int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, | 1345 | int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, |
| 1196 | STACK_OF(X509) *chain) | 1346 | STACK_OF(X509) *chain) |
| 1197 | { | 1347 | { |
| 1348 | int ret = 1; | ||
| 1198 | ctx->ctx=store; | 1349 | ctx->ctx=store; |
| 1199 | ctx->current_method=0; | 1350 | ctx->current_method=0; |
| 1200 | ctx->cert=x509; | 1351 | ctx->cert=x509; |
| 1201 | ctx->untrusted=chain; | 1352 | ctx->untrusted=chain; |
| 1353 | ctx->crls = NULL; | ||
| 1202 | ctx->last_untrusted=0; | 1354 | ctx->last_untrusted=0; |
| 1203 | ctx->check_time=0; | ||
| 1204 | ctx->other_ctx=NULL; | 1355 | ctx->other_ctx=NULL; |
| 1205 | ctx->valid=0; | 1356 | ctx->valid=0; |
| 1206 | ctx->chain=NULL; | 1357 | ctx->chain=NULL; |
| 1207 | ctx->depth=9; | ||
| 1208 | ctx->error=0; | 1358 | ctx->error=0; |
| 1359 | ctx->explicit_policy=0; | ||
| 1209 | ctx->error_depth=0; | 1360 | ctx->error_depth=0; |
| 1210 | ctx->current_cert=NULL; | 1361 | ctx->current_cert=NULL; |
| 1211 | ctx->current_issuer=NULL; | 1362 | ctx->current_issuer=NULL; |
| 1363 | ctx->tree = NULL; | ||
| 1364 | |||
| 1365 | ctx->param = X509_VERIFY_PARAM_new(); | ||
| 1366 | |||
| 1367 | if (!ctx->param) | ||
| 1368 | { | ||
| 1369 | X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE); | ||
| 1370 | return 0; | ||
| 1371 | } | ||
| 1212 | 1372 | ||
| 1213 | /* Inherit callbacks and flags from X509_STORE if not set | 1373 | /* Inherit callbacks and flags from X509_STORE if not set |
| 1214 | * use defaults. | 1374 | * use defaults. |
| @@ -1216,18 +1376,26 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, | |||
| 1216 | 1376 | ||
| 1217 | 1377 | ||
| 1218 | if (store) | 1378 | if (store) |
| 1379 | ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param); | ||
| 1380 | else | ||
| 1381 | ctx->param->flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE; | ||
| 1382 | |||
| 1383 | if (store) | ||
| 1219 | { | 1384 | { |
| 1220 | ctx->purpose=store->purpose; | 1385 | ctx->verify_cb = store->verify_cb; |
| 1221 | ctx->trust=store->trust; | ||
| 1222 | ctx->flags = store->flags; | ||
| 1223 | ctx->cleanup = store->cleanup; | 1386 | ctx->cleanup = store->cleanup; |
| 1224 | } | 1387 | } |
| 1225 | else | 1388 | else |
| 1226 | { | ||
| 1227 | ctx->purpose = 0; | ||
| 1228 | ctx->trust = 0; | ||
| 1229 | ctx->flags = 0; | ||
| 1230 | ctx->cleanup = 0; | 1389 | ctx->cleanup = 0; |
| 1390 | |||
| 1391 | if (ret) | ||
| 1392 | ret = X509_VERIFY_PARAM_inherit(ctx->param, | ||
| 1393 | X509_VERIFY_PARAM_lookup("default")); | ||
| 1394 | |||
| 1395 | if (ret == 0) | ||
| 1396 | { | ||
| 1397 | X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE); | ||
| 1398 | return 0; | ||
| 1231 | } | 1399 | } |
| 1232 | 1400 | ||
| 1233 | if (store && store->check_issued) | 1401 | if (store && store->check_issued) |
| @@ -1270,6 +1438,8 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, | |||
| 1270 | else | 1438 | else |
| 1271 | ctx->cert_crl = cert_crl; | 1439 | ctx->cert_crl = cert_crl; |
| 1272 | 1440 | ||
| 1441 | ctx->check_policy = check_policy; | ||
| 1442 | |||
| 1273 | 1443 | ||
| 1274 | /* This memset() can't make any sense anyway, so it's removed. As | 1444 | /* This memset() can't make any sense anyway, so it's removed. As |
| 1275 | * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a | 1445 | * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a |
| @@ -1298,6 +1468,16 @@ void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) | |||
| 1298 | void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) | 1468 | void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) |
| 1299 | { | 1469 | { |
| 1300 | if (ctx->cleanup) ctx->cleanup(ctx); | 1470 | if (ctx->cleanup) ctx->cleanup(ctx); |
| 1471 | if (ctx->param != NULL) | ||
| 1472 | { | ||
| 1473 | X509_VERIFY_PARAM_free(ctx->param); | ||
| 1474 | ctx->param=NULL; | ||
| 1475 | } | ||
| 1476 | if (ctx->tree != NULL) | ||
| 1477 | { | ||
| 1478 | X509_policy_tree_free(ctx->tree); | ||
| 1479 | ctx->tree=NULL; | ||
| 1480 | } | ||
| 1301 | if (ctx->chain != NULL) | 1481 | if (ctx->chain != NULL) |
| 1302 | { | 1482 | { |
| 1303 | sk_X509_pop_free(ctx->chain,X509_free); | 1483 | sk_X509_pop_free(ctx->chain,X509_free); |
| @@ -1307,15 +1487,19 @@ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) | |||
| 1307 | memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); | 1487 | memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); |
| 1308 | } | 1488 | } |
| 1309 | 1489 | ||
| 1310 | void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags) | 1490 | void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth) |
| 1311 | { | 1491 | { |
| 1312 | ctx->flags |= flags; | 1492 | X509_VERIFY_PARAM_set_depth(ctx->param, depth); |
| 1313 | } | 1493 | } |
| 1314 | 1494 | ||
| 1315 | void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t) | 1495 | void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags) |
| 1316 | { | 1496 | { |
| 1317 | ctx->check_time = t; | 1497 | X509_VERIFY_PARAM_set_flags(ctx->param, flags); |
| 1318 | ctx->flags |= X509_V_FLAG_USE_CHECK_TIME; | 1498 | } |
| 1499 | |||
| 1500 | void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t) | ||
| 1501 | { | ||
| 1502 | X509_VERIFY_PARAM_set_time(ctx->param, t); | ||
| 1319 | } | 1503 | } |
| 1320 | 1504 | ||
| 1321 | void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, | 1505 | void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, |
| @@ -1324,6 +1508,37 @@ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, | |||
| 1324 | ctx->verify_cb=verify_cb; | 1508 | ctx->verify_cb=verify_cb; |
| 1325 | } | 1509 | } |
| 1326 | 1510 | ||
| 1511 | X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx) | ||
| 1512 | { | ||
| 1513 | return ctx->tree; | ||
| 1514 | } | ||
| 1515 | |||
| 1516 | int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx) | ||
| 1517 | { | ||
| 1518 | return ctx->explicit_policy; | ||
| 1519 | } | ||
| 1520 | |||
| 1521 | int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name) | ||
| 1522 | { | ||
| 1523 | const X509_VERIFY_PARAM *param; | ||
| 1524 | param = X509_VERIFY_PARAM_lookup(name); | ||
| 1525 | if (!param) | ||
| 1526 | return 0; | ||
| 1527 | return X509_VERIFY_PARAM_inherit(ctx->param, param); | ||
| 1528 | } | ||
| 1529 | |||
| 1530 | X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx) | ||
| 1531 | { | ||
| 1532 | return ctx->param; | ||
| 1533 | } | ||
| 1534 | |||
| 1535 | void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param) | ||
| 1536 | { | ||
| 1537 | if (ctx->param) | ||
| 1538 | X509_VERIFY_PARAM_free(ctx->param); | ||
| 1539 | ctx->param = param; | ||
| 1540 | } | ||
| 1541 | |||
| 1327 | IMPLEMENT_STACK_OF(X509) | 1542 | IMPLEMENT_STACK_OF(X509) |
| 1328 | IMPLEMENT_ASN1_SET_OF(X509) | 1543 | IMPLEMENT_ASN1_SET_OF(X509) |
| 1329 | 1544 | ||
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h index 7fd1f0bc4d..76c76e1719 100644 --- a/src/lib/libcrypto/x509/x509_vfy.h +++ b/src/lib/libcrypto/x509/x509_vfy.h | |||
| @@ -65,6 +65,7 @@ | |||
| 65 | #ifndef HEADER_X509_VFY_H | 65 | #ifndef HEADER_X509_VFY_H |
| 66 | #define HEADER_X509_VFY_H | 66 | #define HEADER_X509_VFY_H |
| 67 | 67 | ||
| 68 | #include <openssl/opensslconf.h> | ||
| 68 | #ifndef OPENSSL_NO_LHASH | 69 | #ifndef OPENSSL_NO_LHASH |
| 69 | #include <openssl/lhash.h> | 70 | #include <openssl/lhash.h> |
| 70 | #endif | 71 | #endif |
| @@ -155,6 +156,25 @@ typedef struct x509_lookup_method_st | |||
| 155 | X509_OBJECT *ret); | 156 | X509_OBJECT *ret); |
| 156 | } X509_LOOKUP_METHOD; | 157 | } X509_LOOKUP_METHOD; |
| 157 | 158 | ||
| 159 | /* This structure hold all parameters associated with a verify operation | ||
| 160 | * by including an X509_VERIFY_PARAM structure in related structures the | ||
| 161 | * parameters used can be customized | ||
| 162 | */ | ||
| 163 | |||
| 164 | typedef struct X509_VERIFY_PARAM_st | ||
| 165 | { | ||
| 166 | char *name; | ||
| 167 | time_t check_time; /* Time to use */ | ||
| 168 | unsigned long inh_flags; /* Inheritance flags */ | ||
| 169 | unsigned long flags; /* Various verify flags */ | ||
| 170 | int purpose; /* purpose to check untrusted certificates */ | ||
| 171 | int trust; /* trust setting to check */ | ||
| 172 | int depth; /* Verify depth */ | ||
| 173 | STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */ | ||
| 174 | } X509_VERIFY_PARAM; | ||
| 175 | |||
| 176 | DECLARE_STACK_OF(X509_VERIFY_PARAM) | ||
| 177 | |||
| 158 | /* This is used to hold everything. It is used for all certificate | 178 | /* This is used to hold everything. It is used for all certificate |
| 159 | * validation. Once we have a certificate chain, the 'verify' | 179 | * validation. Once we have a certificate chain, the 'verify' |
| 160 | * function is then called to actually check the cert chain. */ | 180 | * function is then called to actually check the cert chain. */ |
| @@ -167,13 +187,8 @@ struct x509_store_st | |||
| 167 | /* These are external lookup methods */ | 187 | /* These are external lookup methods */ |
| 168 | STACK_OF(X509_LOOKUP) *get_cert_methods; | 188 | STACK_OF(X509_LOOKUP) *get_cert_methods; |
| 169 | 189 | ||
| 170 | /* The following fields are not used by X509_STORE but are | 190 | X509_VERIFY_PARAM *param; |
| 171 | * inherited by X509_STORE_CTX when it is initialised. | ||
| 172 | */ | ||
| 173 | 191 | ||
| 174 | unsigned long flags; /* Various verify flags */ | ||
| 175 | int purpose; | ||
| 176 | int trust; | ||
| 177 | /* Callbacks for various operations */ | 192 | /* Callbacks for various operations */ |
| 178 | int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ | 193 | int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ |
| 179 | int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ | 194 | int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ |
| @@ -187,10 +202,9 @@ struct x509_store_st | |||
| 187 | 202 | ||
| 188 | CRYPTO_EX_DATA ex_data; | 203 | CRYPTO_EX_DATA ex_data; |
| 189 | int references; | 204 | int references; |
| 190 | int depth; /* how deep to look (still unused -- X509_STORE_CTX's depth is used) */ | ||
| 191 | } /* X509_STORE */; | 205 | } /* X509_STORE */; |
| 192 | 206 | ||
| 193 | #define X509_STORE_set_depth(ctx,d) ((ctx)->depth=(d)) | 207 | int X509_STORE_set_depth(X509_STORE *store, int depth); |
| 194 | 208 | ||
| 195 | #define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func)) | 209 | #define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func)) |
| 196 | #define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func)) | 210 | #define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func)) |
| @@ -217,10 +231,9 @@ struct x509_store_ctx_st /* X509_STORE_CTX */ | |||
| 217 | /* The following are set by the caller */ | 231 | /* The following are set by the caller */ |
| 218 | X509 *cert; /* The cert to check */ | 232 | X509 *cert; /* The cert to check */ |
| 219 | STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */ | 233 | STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */ |
| 220 | int purpose; /* purpose to check untrusted certificates */ | 234 | STACK_OF(X509_CRL) *crls; /* set of CRLs passed in */ |
| 221 | int trust; /* trust setting to check */ | 235 | |
| 222 | time_t check_time; /* time to make verify at */ | 236 | X509_VERIFY_PARAM *param; |
| 223 | unsigned long flags; /* Various verify flags */ | ||
| 224 | void *other_ctx; /* Other info for use with get_issuer() */ | 237 | void *other_ctx; /* Other info for use with get_issuer() */ |
| 225 | 238 | ||
| 226 | /* Callbacks for various operations */ | 239 | /* Callbacks for various operations */ |
| @@ -232,13 +245,16 @@ struct x509_store_ctx_st /* X509_STORE_CTX */ | |||
| 232 | int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */ | 245 | int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */ |
| 233 | int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */ | 246 | int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */ |
| 234 | int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */ | 247 | int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */ |
| 248 | int (*check_policy)(X509_STORE_CTX *ctx); | ||
| 235 | int (*cleanup)(X509_STORE_CTX *ctx); | 249 | int (*cleanup)(X509_STORE_CTX *ctx); |
| 236 | 250 | ||
| 237 | /* The following is built up */ | 251 | /* The following is built up */ |
| 238 | int depth; /* how far to go looking up certs */ | ||
| 239 | int valid; /* if 0, rebuild chain */ | 252 | int valid; /* if 0, rebuild chain */ |
| 240 | int last_untrusted; /* index of last untrusted cert */ | 253 | int last_untrusted; /* index of last untrusted cert */ |
| 241 | STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */ | 254 | STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */ |
| 255 | X509_POLICY_TREE *tree; /* Valid policy tree */ | ||
| 256 | |||
| 257 | int explicit_policy; /* Require explicit policy value */ | ||
| 242 | 258 | ||
| 243 | /* When something goes wrong, this is why */ | 259 | /* When something goes wrong, this is why */ |
| 244 | int error_depth; | 260 | int error_depth; |
| @@ -250,7 +266,7 @@ struct x509_store_ctx_st /* X509_STORE_CTX */ | |||
| 250 | CRYPTO_EX_DATA ex_data; | 266 | CRYPTO_EX_DATA ex_data; |
| 251 | } /* X509_STORE_CTX */; | 267 | } /* X509_STORE_CTX */; |
| 252 | 268 | ||
| 253 | #define X509_STORE_CTX_set_depth(ctx,d) ((ctx)->depth=(d)) | 269 | void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); |
| 254 | 270 | ||
| 255 | #define X509_STORE_CTX_set_app_data(ctx,data) \ | 271 | #define X509_STORE_CTX_set_app_data(ctx,data) \ |
| 256 | X509_STORE_CTX_set_ex_data(ctx,0,data) | 272 | X509_STORE_CTX_set_ex_data(ctx,0,data) |
| @@ -311,6 +327,12 @@ struct x509_store_ctx_st /* X509_STORE_CTX */ | |||
| 311 | #define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39 | 327 | #define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39 |
| 312 | #define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40 | 328 | #define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40 |
| 313 | 329 | ||
| 330 | #define X509_V_ERR_INVALID_EXTENSION 41 | ||
| 331 | #define X509_V_ERR_INVALID_POLICY_EXTENSION 42 | ||
| 332 | #define X509_V_ERR_NO_EXPLICIT_POLICY 43 | ||
| 333 | |||
| 334 | #define X509_V_ERR_UNNESTED_RESOURCE 44 | ||
| 335 | |||
| 314 | /* The application is not happy */ | 336 | /* The application is not happy */ |
| 315 | #define X509_V_ERR_APPLICATION_VERIFICATION 50 | 337 | #define X509_V_ERR_APPLICATION_VERIFICATION 50 |
| 316 | 338 | ||
| @@ -330,6 +352,28 @@ struct x509_store_ctx_st /* X509_STORE_CTX */ | |||
| 330 | #define X509_V_FLAG_X509_STRICT 0x20 | 352 | #define X509_V_FLAG_X509_STRICT 0x20 |
| 331 | /* Enable proxy certificate validation */ | 353 | /* Enable proxy certificate validation */ |
| 332 | #define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40 | 354 | #define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40 |
| 355 | /* Enable policy checking */ | ||
| 356 | #define X509_V_FLAG_POLICY_CHECK 0x80 | ||
| 357 | /* Policy variable require-explicit-policy */ | ||
| 358 | #define X509_V_FLAG_EXPLICIT_POLICY 0x100 | ||
| 359 | /* Policy variable inhibit-any-policy */ | ||
| 360 | #define X509_V_FLAG_INHIBIT_ANY 0x200 | ||
| 361 | /* Policy variable inhibit-policy-mapping */ | ||
| 362 | #define X509_V_FLAG_INHIBIT_MAP 0x400 | ||
| 363 | /* Notify callback that policy is OK */ | ||
| 364 | #define X509_V_FLAG_NOTIFY_POLICY 0x800 | ||
| 365 | |||
| 366 | #define X509_VP_FLAG_DEFAULT 0x1 | ||
| 367 | #define X509_VP_FLAG_OVERWRITE 0x2 | ||
| 368 | #define X509_VP_FLAG_RESET_FLAGS 0x4 | ||
| 369 | #define X509_VP_FLAG_LOCKED 0x8 | ||
| 370 | #define X509_VP_FLAG_ONCE 0x10 | ||
| 371 | |||
| 372 | /* Internal use: mask of policy related options */ | ||
| 373 | #define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \ | ||
| 374 | | X509_V_FLAG_EXPLICIT_POLICY \ | ||
| 375 | | X509_V_FLAG_INHIBIT_ANY \ | ||
| 376 | | X509_V_FLAG_INHIBIT_MAP) | ||
| 333 | 377 | ||
| 334 | int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, | 378 | int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, |
| 335 | X509_NAME *name); | 379 | X509_NAME *name); |
| @@ -340,9 +384,10 @@ void X509_OBJECT_free_contents(X509_OBJECT *a); | |||
| 340 | X509_STORE *X509_STORE_new(void ); | 384 | X509_STORE *X509_STORE_new(void ); |
| 341 | void X509_STORE_free(X509_STORE *v); | 385 | void X509_STORE_free(X509_STORE *v); |
| 342 | 386 | ||
| 343 | void X509_STORE_set_flags(X509_STORE *ctx, long flags); | 387 | int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags); |
| 344 | int X509_STORE_set_purpose(X509_STORE *ctx, int purpose); | 388 | int X509_STORE_set_purpose(X509_STORE *ctx, int purpose); |
| 345 | int X509_STORE_set_trust(X509_STORE *ctx, int trust); | 389 | int X509_STORE_set_trust(X509_STORE *ctx, int trust); |
| 390 | int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm); | ||
| 346 | 391 | ||
| 347 | X509_STORE_CTX *X509_STORE_CTX_new(void); | 392 | X509_STORE_CTX *X509_STORE_CTX_new(void); |
| 348 | 393 | ||
| @@ -406,14 +451,78 @@ STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); | |||
| 406 | STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx); | 451 | STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx); |
| 407 | void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x); | 452 | void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x); |
| 408 | void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk); | 453 | void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk); |
| 454 | void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c,STACK_OF(X509_CRL) *sk); | ||
| 409 | int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); | 455 | int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); |
| 410 | int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); | 456 | int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); |
| 411 | int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, | 457 | int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, |
| 412 | int purpose, int trust); | 458 | int purpose, int trust); |
| 413 | void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags); | 459 | void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags); |
| 414 | void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t); | 460 | void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, |
| 461 | time_t t); | ||
| 415 | void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, | 462 | void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, |
| 416 | int (*verify_cb)(int, X509_STORE_CTX *)); | 463 | int (*verify_cb)(int, X509_STORE_CTX *)); |
| 464 | |||
| 465 | X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx); | ||
| 466 | int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx); | ||
| 467 | |||
| 468 | X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx); | ||
| 469 | void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param); | ||
| 470 | int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name); | ||
| 471 | |||
| 472 | /* X509_VERIFY_PARAM functions */ | ||
| 473 | |||
| 474 | X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void); | ||
| 475 | void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param); | ||
| 476 | int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to, | ||
| 477 | const X509_VERIFY_PARAM *from); | ||
| 478 | int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, | ||
| 479 | const X509_VERIFY_PARAM *from); | ||
| 480 | int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name); | ||
| 481 | int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags); | ||
| 482 | int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, | ||
| 483 | unsigned long flags); | ||
| 484 | unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param); | ||
| 485 | int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose); | ||
| 486 | int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust); | ||
| 487 | void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth); | ||
| 488 | void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t); | ||
| 489 | int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, | ||
| 490 | ASN1_OBJECT *policy); | ||
| 491 | int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, | ||
| 492 | STACK_OF(ASN1_OBJECT) *policies); | ||
| 493 | int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param); | ||
| 494 | |||
| 495 | int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param); | ||
| 496 | const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name); | ||
| 497 | void X509_VERIFY_PARAM_table_cleanup(void); | ||
| 498 | |||
| 499 | int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, | ||
| 500 | STACK_OF(X509) *certs, | ||
| 501 | STACK_OF(ASN1_OBJECT) *policy_oids, | ||
| 502 | unsigned int flags); | ||
| 503 | |||
| 504 | void X509_policy_tree_free(X509_POLICY_TREE *tree); | ||
| 505 | |||
| 506 | int X509_policy_tree_level_count(const X509_POLICY_TREE *tree); | ||
| 507 | X509_POLICY_LEVEL * | ||
| 508 | X509_policy_tree_get0_level(const X509_POLICY_TREE *tree, int i); | ||
| 509 | |||
| 510 | STACK_OF(X509_POLICY_NODE) * | ||
| 511 | X509_policy_tree_get0_policies(const X509_POLICY_TREE *tree); | ||
| 512 | |||
| 513 | STACK_OF(X509_POLICY_NODE) * | ||
| 514 | X509_policy_tree_get0_user_policies(const X509_POLICY_TREE *tree); | ||
| 515 | |||
| 516 | int X509_policy_level_node_count(X509_POLICY_LEVEL *level); | ||
| 517 | |||
| 518 | X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level, int i); | ||
| 519 | |||
| 520 | const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node); | ||
| 521 | |||
| 522 | STACK_OF(POLICYQUALINFO) * | ||
| 523 | X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node); | ||
| 524 | const X509_POLICY_NODE * | ||
| 525 | X509_policy_node_get0_parent(const X509_POLICY_NODE *node); | ||
| 417 | 526 | ||
| 418 | #ifdef __cplusplus | 527 | #ifdef __cplusplus |
| 419 | } | 528 | } |
diff --git a/src/lib/libcrypto/x509/x509spki.c b/src/lib/libcrypto/x509/x509spki.c index 4c3af946ec..ed868b838e 100644 --- a/src/lib/libcrypto/x509/x509spki.c +++ b/src/lib/libcrypto/x509/x509spki.c | |||
| @@ -77,7 +77,8 @@ EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x) | |||
| 77 | 77 | ||
| 78 | NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) | 78 | NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) |
| 79 | { | 79 | { |
| 80 | unsigned char *spki_der, *p; | 80 | unsigned char *spki_der; |
| 81 | const unsigned char *p; | ||
| 81 | int spki_len; | 82 | int spki_len; |
| 82 | NETSCAPE_SPKI *spki; | 83 | NETSCAPE_SPKI *spki; |
| 83 | if(len <= 0) len = strlen(str); | 84 | if(len <= 0) len = strlen(str); |
diff --git a/src/lib/libcrypto/x509/x509type.c b/src/lib/libcrypto/x509/x509type.c index c25959a742..2cd994c5b0 100644 --- a/src/lib/libcrypto/x509/x509type.c +++ b/src/lib/libcrypto/x509/x509type.c | |||
| @@ -86,6 +86,9 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey) | |||
| 86 | case EVP_PKEY_DSA: | 86 | case EVP_PKEY_DSA: |
| 87 | ret=EVP_PK_DSA|EVP_PKT_SIGN; | 87 | ret=EVP_PK_DSA|EVP_PKT_SIGN; |
| 88 | break; | 88 | break; |
| 89 | case EVP_PKEY_EC: | ||
| 90 | ret=EVP_PK_EC|EVP_PKT_SIGN|EVP_PKT_EXCH; | ||
| 91 | break; | ||
| 89 | case EVP_PKEY_DH: | 92 | case EVP_PKEY_DH: |
| 90 | ret=EVP_PK_DH|EVP_PKT_EXCH; | 93 | ret=EVP_PK_DH|EVP_PKT_EXCH; |
| 91 | break; | 94 | break; |
| @@ -102,6 +105,9 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey) | |||
| 102 | case EVP_PKEY_DSA: | 105 | case EVP_PKEY_DSA: |
| 103 | ret|=EVP_PKS_DSA; | 106 | ret|=EVP_PKS_DSA; |
| 104 | break; | 107 | break; |
| 108 | case EVP_PKEY_EC: | ||
| 109 | ret|=EVP_PKS_EC; | ||
| 110 | break; | ||
| 105 | default: | 111 | default: |
| 106 | break; | 112 | break; |
| 107 | } | 113 | } |
diff --git a/src/lib/libcrypto/x509/x_all.c b/src/lib/libcrypto/x509/x_all.c index ac6dea493a..9039caad60 100644 --- a/src/lib/libcrypto/x509/x_all.c +++ b/src/lib/libcrypto/x509/x_all.c | |||
| @@ -64,6 +64,12 @@ | |||
| 64 | #include <openssl/asn1.h> | 64 | #include <openssl/asn1.h> |
| 65 | #include <openssl/evp.h> | 65 | #include <openssl/evp.h> |
| 66 | #include <openssl/x509.h> | 66 | #include <openssl/x509.h> |
| 67 | #ifndef OPENSSL_NO_RSA | ||
| 68 | #include <openssl/rsa.h> | ||
| 69 | #endif | ||
| 70 | #ifndef OPENSSL_NO_DSA | ||
| 71 | #include <openssl/dsa.h> | ||
| 72 | #endif | ||
| 67 | 73 | ||
| 68 | int X509_verify(X509 *a, EVP_PKEY *r) | 74 | int X509_verify(X509 *a, EVP_PKEY *r) |
| 69 | { | 75 | { |
| @@ -223,9 +229,9 @@ RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa) | |||
| 223 | 229 | ||
| 224 | RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) | 230 | RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) |
| 225 | { | 231 | { |
| 226 | return((RSA *)ASN1_d2i_fp((char *(*)()) | 232 | return ASN1_d2i_fp((void *(*)(void)) |
| 227 | RSA_new,(char *(*)())d2i_RSA_PUBKEY, (fp), | 233 | RSA_new,(D2I_OF(void))d2i_RSA_PUBKEY, fp, |
| 228 | (unsigned char **)(rsa))); | 234 | (void **)rsa); |
| 229 | } | 235 | } |
| 230 | 236 | ||
| 231 | int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) | 237 | int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) |
| @@ -235,7 +241,7 @@ int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) | |||
| 235 | 241 | ||
| 236 | int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) | 242 | int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) |
| 237 | { | 243 | { |
| 238 | return(ASN1_i2d_fp(i2d_RSA_PUBKEY,fp,(unsigned char *)rsa)); | 244 | return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY,fp,rsa); |
| 239 | } | 245 | } |
| 240 | #endif | 246 | #endif |
| 241 | 247 | ||
| @@ -257,9 +263,7 @@ RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa) | |||
| 257 | 263 | ||
| 258 | RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa) | 264 | RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa) |
| 259 | { | 265 | { |
| 260 | return((RSA *)ASN1_d2i_bio((char *(*)()) | 266 | return ASN1_d2i_bio_of(RSA,RSA_new,d2i_RSA_PUBKEY,bp,rsa); |
| 261 | RSA_new,(char *(*)())d2i_RSA_PUBKEY, (bp), | ||
| 262 | (unsigned char **)(rsa))); | ||
| 263 | } | 267 | } |
| 264 | 268 | ||
| 265 | int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) | 269 | int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) |
| @@ -269,7 +273,7 @@ int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) | |||
| 269 | 273 | ||
| 270 | int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) | 274 | int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) |
| 271 | { | 275 | { |
| 272 | return(ASN1_i2d_bio(i2d_RSA_PUBKEY,bp,(unsigned char *)rsa)); | 276 | return ASN1_i2d_bio_of(RSA,i2d_RSA_PUBKEY,bp,rsa); |
| 273 | } | 277 | } |
| 274 | #endif | 278 | #endif |
| 275 | 279 | ||
| @@ -277,55 +281,92 @@ int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) | |||
| 277 | #ifndef OPENSSL_NO_FP_API | 281 | #ifndef OPENSSL_NO_FP_API |
| 278 | DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa) | 282 | DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa) |
| 279 | { | 283 | { |
| 280 | return((DSA *)ASN1_d2i_fp((char *(*)()) | 284 | return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSAPrivateKey,fp,dsa); |
| 281 | DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), | ||
| 282 | (unsigned char **)(dsa))); | ||
| 283 | } | 285 | } |
| 284 | 286 | ||
| 285 | int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa) | 287 | int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa) |
| 286 | { | 288 | { |
| 287 | return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa)); | 289 | return ASN1_i2d_fp_of_const(DSA,i2d_DSAPrivateKey,fp,dsa); |
| 288 | } | 290 | } |
| 289 | 291 | ||
| 290 | DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa) | 292 | DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa) |
| 291 | { | 293 | { |
| 292 | return((DSA *)ASN1_d2i_fp((char *(*)()) | 294 | return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSA_PUBKEY,fp,dsa); |
| 293 | DSA_new,(char *(*)())d2i_DSA_PUBKEY, (fp), | ||
| 294 | (unsigned char **)(dsa))); | ||
| 295 | } | 295 | } |
| 296 | 296 | ||
| 297 | int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa) | 297 | int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa) |
| 298 | { | 298 | { |
| 299 | return(ASN1_i2d_fp(i2d_DSA_PUBKEY,fp,(unsigned char *)dsa)); | 299 | return ASN1_i2d_fp_of(DSA,i2d_DSA_PUBKEY,fp,dsa); |
| 300 | } | 300 | } |
| 301 | #endif | 301 | #endif |
| 302 | 302 | ||
| 303 | DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa) | 303 | DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa) |
| 304 | { | 304 | { |
| 305 | return((DSA *)ASN1_d2i_bio((char *(*)()) | 305 | return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAPrivateKey,bp,dsa |
| 306 | DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), | 306 | ); |
| 307 | (unsigned char **)(dsa))); | ||
| 308 | } | 307 | } |
| 309 | 308 | ||
| 310 | int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa) | 309 | int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa) |
| 311 | { | 310 | { |
| 312 | return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa)); | 311 | return ASN1_i2d_bio_of_const(DSA,i2d_DSAPrivateKey,bp,dsa); |
| 313 | } | 312 | } |
| 314 | 313 | ||
| 315 | DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa) | 314 | DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa) |
| 316 | { | 315 | { |
| 317 | return((DSA *)ASN1_d2i_bio((char *(*)()) | 316 | return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSA_PUBKEY,bp,dsa); |
| 318 | DSA_new,(char *(*)())d2i_DSA_PUBKEY, (bp), | ||
| 319 | (unsigned char **)(dsa))); | ||
| 320 | } | 317 | } |
| 321 | 318 | ||
| 322 | int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa) | 319 | int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa) |
| 323 | { | 320 | { |
| 324 | return(ASN1_i2d_bio(i2d_DSA_PUBKEY,bp,(unsigned char *)dsa)); | 321 | return ASN1_i2d_bio_of(DSA,i2d_DSA_PUBKEY,bp,dsa); |
| 325 | } | 322 | } |
| 326 | 323 | ||
| 327 | #endif | 324 | #endif |
| 328 | 325 | ||
| 326 | #ifndef OPENSSL_NO_EC | ||
| 327 | #ifndef OPENSSL_NO_FP_API | ||
| 328 | EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey) | ||
| 329 | { | ||
| 330 | return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,fp,eckey); | ||
| 331 | } | ||
| 332 | |||
| 333 | int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey) | ||
| 334 | { | ||
| 335 | return ASN1_i2d_fp_of(EC_KEY,i2d_EC_PUBKEY,fp,eckey); | ||
| 336 | } | ||
| 337 | |||
| 338 | EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey) | ||
| 339 | { | ||
| 340 | return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,fp,eckey); | ||
| 341 | } | ||
| 342 | |||
| 343 | int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey) | ||
| 344 | { | ||
| 345 | return ASN1_i2d_fp_of(EC_KEY,i2d_ECPrivateKey,fp,eckey); | ||
| 346 | } | ||
| 347 | #endif | ||
| 348 | EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey) | ||
| 349 | { | ||
| 350 | return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,bp,eckey); | ||
| 351 | } | ||
| 352 | |||
| 353 | int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa) | ||
| 354 | { | ||
| 355 | return ASN1_i2d_bio_of(EC_KEY,i2d_EC_PUBKEY,bp,ecdsa); | ||
| 356 | } | ||
| 357 | |||
| 358 | EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey) | ||
| 359 | { | ||
| 360 | return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,bp,eckey); | ||
| 361 | } | ||
| 362 | |||
| 363 | int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey) | ||
| 364 | { | ||
| 365 | return ASN1_i2d_bio_of(EC_KEY,i2d_ECPrivateKey,bp,eckey); | ||
| 366 | } | ||
| 367 | #endif | ||
| 368 | |||
| 369 | |||
| 329 | int X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md, | 370 | int X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md, |
| 330 | unsigned int *len) | 371 | unsigned int *len) |
| 331 | { | 372 | { |
| @@ -370,40 +411,37 @@ int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD * | |||
| 370 | #ifndef OPENSSL_NO_FP_API | 411 | #ifndef OPENSSL_NO_FP_API |
| 371 | X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8) | 412 | X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8) |
| 372 | { | 413 | { |
| 373 | return((X509_SIG *)ASN1_d2i_fp((char *(*)())X509_SIG_new, | 414 | return ASN1_d2i_fp_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,fp,p8); |
| 374 | (char *(*)())d2i_X509_SIG, (fp),(unsigned char **)(p8))); | ||
| 375 | } | 415 | } |
| 376 | 416 | ||
| 377 | int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8) | 417 | int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8) |
| 378 | { | 418 | { |
| 379 | return(ASN1_i2d_fp(i2d_X509_SIG,fp,(unsigned char *)p8)); | 419 | return ASN1_i2d_fp_of(X509_SIG,i2d_X509_SIG,fp,p8); |
| 380 | } | 420 | } |
| 381 | #endif | 421 | #endif |
| 382 | 422 | ||
| 383 | X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8) | 423 | X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8) |
| 384 | { | 424 | { |
| 385 | return((X509_SIG *)ASN1_d2i_bio((char *(*)())X509_SIG_new, | 425 | return ASN1_d2i_bio_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,bp,p8); |
| 386 | (char *(*)())d2i_X509_SIG, (bp),(unsigned char **)(p8))); | ||
| 387 | } | 426 | } |
| 388 | 427 | ||
| 389 | int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8) | 428 | int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8) |
| 390 | { | 429 | { |
| 391 | return(ASN1_i2d_bio(i2d_X509_SIG,bp,(unsigned char *)p8)); | 430 | return ASN1_i2d_bio_of(X509_SIG,i2d_X509_SIG,bp,p8); |
| 392 | } | 431 | } |
| 393 | 432 | ||
| 394 | #ifndef OPENSSL_NO_FP_API | 433 | #ifndef OPENSSL_NO_FP_API |
| 395 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, | 434 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, |
| 396 | PKCS8_PRIV_KEY_INFO **p8inf) | 435 | PKCS8_PRIV_KEY_INFO **p8inf) |
| 397 | { | 436 | { |
| 398 | return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_fp( | 437 | return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new, |
| 399 | (char *(*)())PKCS8_PRIV_KEY_INFO_new, | 438 | d2i_PKCS8_PRIV_KEY_INFO,fp,p8inf); |
| 400 | (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (fp), | ||
| 401 | (unsigned char **)(p8inf))); | ||
| 402 | } | 439 | } |
| 403 | 440 | ||
| 404 | int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf) | 441 | int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf) |
| 405 | { | 442 | { |
| 406 | return(ASN1_i2d_fp(i2d_PKCS8_PRIV_KEY_INFO,fp,(unsigned char *)p8inf)); | 443 | return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,fp, |
| 444 | p8inf); | ||
| 407 | } | 445 | } |
| 408 | 446 | ||
| 409 | int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key) | 447 | int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key) |
| @@ -419,24 +457,22 @@ int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key) | |||
| 419 | 457 | ||
| 420 | int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey) | 458 | int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey) |
| 421 | { | 459 | { |
| 422 | return(ASN1_i2d_fp(i2d_PrivateKey,fp,(unsigned char *)pkey)); | 460 | return ASN1_i2d_fp_of(EVP_PKEY,i2d_PrivateKey,fp,pkey); |
| 423 | } | 461 | } |
| 424 | 462 | ||
| 425 | EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a) | 463 | EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a) |
| 426 | { | 464 | { |
| 427 | return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new, | 465 | return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,fp,a); |
| 428 | (char *(*)())d2i_AutoPrivateKey, (fp),(unsigned char **)(a))); | ||
| 429 | } | 466 | } |
| 430 | 467 | ||
| 431 | int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey) | 468 | int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey) |
| 432 | { | 469 | { |
| 433 | return(ASN1_i2d_fp(i2d_PUBKEY,fp,(unsigned char *)pkey)); | 470 | return ASN1_i2d_fp_of(EVP_PKEY,i2d_PUBKEY,fp,pkey); |
| 434 | } | 471 | } |
| 435 | 472 | ||
| 436 | EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a) | 473 | EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a) |
| 437 | { | 474 | { |
| 438 | return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new, | 475 | return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,fp,a); |
| 439 | (char *(*)())d2i_PUBKEY, (fp),(unsigned char **)(a))); | ||
| 440 | } | 476 | } |
| 441 | 477 | ||
| 442 | #endif | 478 | #endif |
| @@ -444,15 +480,14 @@ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a) | |||
| 444 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, | 480 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, |
| 445 | PKCS8_PRIV_KEY_INFO **p8inf) | 481 | PKCS8_PRIV_KEY_INFO **p8inf) |
| 446 | { | 482 | { |
| 447 | return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_bio( | 483 | return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new, |
| 448 | (char *(*)())PKCS8_PRIV_KEY_INFO_new, | 484 | d2i_PKCS8_PRIV_KEY_INFO,bp,p8inf); |
| 449 | (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (bp), | ||
| 450 | (unsigned char **)(p8inf))); | ||
| 451 | } | 485 | } |
| 452 | 486 | ||
| 453 | int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf) | 487 | int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf) |
| 454 | { | 488 | { |
| 455 | return(ASN1_i2d_bio(i2d_PKCS8_PRIV_KEY_INFO,bp,(unsigned char *)p8inf)); | 489 | return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,bp, |
| 490 | p8inf); | ||
| 456 | } | 491 | } |
| 457 | 492 | ||
| 458 | int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key) | 493 | int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key) |
| @@ -468,22 +503,20 @@ int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key) | |||
| 468 | 503 | ||
| 469 | int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey) | 504 | int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey) |
| 470 | { | 505 | { |
| 471 | return(ASN1_i2d_bio(i2d_PrivateKey,bp,(unsigned char *)pkey)); | 506 | return ASN1_i2d_bio_of(EVP_PKEY,i2d_PrivateKey,bp,pkey); |
| 472 | } | 507 | } |
| 473 | 508 | ||
| 474 | EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a) | 509 | EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a) |
| 475 | { | 510 | { |
| 476 | return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new, | 511 | return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,bp,a); |
| 477 | (char *(*)())d2i_AutoPrivateKey, (bp),(unsigned char **)(a))); | ||
| 478 | } | 512 | } |
| 479 | 513 | ||
| 480 | int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey) | 514 | int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey) |
| 481 | { | 515 | { |
| 482 | return(ASN1_i2d_bio(i2d_PUBKEY,bp,(unsigned char *)pkey)); | 516 | return ASN1_i2d_bio_of(EVP_PKEY,i2d_PUBKEY,bp,pkey); |
| 483 | } | 517 | } |
| 484 | 518 | ||
| 485 | EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a) | 519 | EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a) |
| 486 | { | 520 | { |
| 487 | return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new, | 521 | return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,bp,a); |
| 488 | (char *(*)())d2i_PUBKEY, (bp),(unsigned char **)(a))); | ||
| 489 | } | 522 | } |
diff --git a/src/lib/libcrypto/x509v3/ext_dat.h b/src/lib/libcrypto/x509v3/ext_dat.h index d8328ac468..5c063ac65d 100644 --- a/src/lib/libcrypto/x509v3/ext_dat.h +++ b/src/lib/libcrypto/x509v3/ext_dat.h | |||
| @@ -65,6 +65,11 @@ extern X509V3_EXT_METHOD v3_delta_crl, v3_cpols, v3_crld; | |||
| 65 | extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff; | 65 | extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff; |
| 66 | extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc; | 66 | extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc; |
| 67 | extern X509V3_EXT_METHOD v3_crl_hold, v3_pci; | 67 | extern X509V3_EXT_METHOD v3_crl_hold, v3_pci; |
| 68 | extern X509V3_EXT_METHOD v3_policy_mappings, v3_policy_constraints; | ||
| 69 | extern X509V3_EXT_METHOD v3_name_constraints, v3_inhibit_anyp; | ||
| 70 | #ifndef OPENSSL_NO_RFC3779 | ||
| 71 | extern X509V3_EXT_METHOD v3_addr, v3_asid; | ||
| 72 | #endif | ||
| 68 | 73 | ||
| 69 | /* This table will be searched using OBJ_bsearch so it *must* kept in | 74 | /* This table will be searched using OBJ_bsearch so it *must* kept in |
| 70 | * order of the ext_nid values. | 75 | * order of the ext_nid values. |
| @@ -97,6 +102,10 @@ static X509V3_EXT_METHOD *standard_exts[] = { | |||
| 97 | #endif | 102 | #endif |
| 98 | &v3_sxnet, | 103 | &v3_sxnet, |
| 99 | &v3_info, | 104 | &v3_info, |
| 105 | #ifndef OPENSSL_NO_RFC3779 | ||
| 106 | &v3_addr, | ||
| 107 | &v3_asid, | ||
| 108 | #endif | ||
| 100 | #ifndef OPENSSL_NO_OCSP | 109 | #ifndef OPENSSL_NO_OCSP |
| 101 | &v3_ocsp_nonce, | 110 | &v3_ocsp_nonce, |
| 102 | &v3_ocsp_crlid, | 111 | &v3_ocsp_crlid, |
| @@ -106,10 +115,14 @@ static X509V3_EXT_METHOD *standard_exts[] = { | |||
| 106 | &v3_ocsp_serviceloc, | 115 | &v3_ocsp_serviceloc, |
| 107 | #endif | 116 | #endif |
| 108 | &v3_sinfo, | 117 | &v3_sinfo, |
| 118 | &v3_policy_constraints, | ||
| 109 | #ifndef OPENSSL_NO_OCSP | 119 | #ifndef OPENSSL_NO_OCSP |
| 110 | &v3_crl_hold, | 120 | &v3_crl_hold, |
| 111 | #endif | 121 | #endif |
| 112 | &v3_pci, | 122 | &v3_pci, |
| 123 | &v3_name_constraints, | ||
| 124 | &v3_policy_mappings, | ||
| 125 | &v3_inhibit_anyp | ||
| 113 | }; | 126 | }; |
| 114 | 127 | ||
| 115 | /* Number of standard extensions */ | 128 | /* Number of standard extensions */ |
diff --git a/src/lib/libcrypto/x509v3/v3_akey.c b/src/lib/libcrypto/x509v3/v3_akey.c index 97e686f97a..ac0548b775 100644 --- a/src/lib/libcrypto/x509v3/v3_akey.c +++ b/src/lib/libcrypto/x509v3/v3_akey.c | |||
| @@ -68,15 +68,17 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | |||
| 68 | static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | 68 | static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, |
| 69 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); | 69 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); |
| 70 | 70 | ||
| 71 | X509V3_EXT_METHOD v3_akey_id = { | 71 | const X509V3_EXT_METHOD v3_akey_id = |
| 72 | NID_authority_key_identifier, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID), | 72 | { |
| 73 | 0,0,0,0, | 73 | NID_authority_key_identifier, |
| 74 | 0,0, | 74 | X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID), |
| 75 | (X509V3_EXT_I2V)i2v_AUTHORITY_KEYID, | 75 | 0,0,0,0, |
| 76 | (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID, | 76 | 0,0, |
| 77 | 0,0, | 77 | (X509V3_EXT_I2V)i2v_AUTHORITY_KEYID, |
| 78 | NULL | 78 | (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID, |
| 79 | }; | 79 | 0,0, |
| 80 | NULL | ||
| 81 | }; | ||
| 80 | 82 | ||
| 81 | static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | 83 | static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, |
| 82 | AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist) | 84 | AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist) |
| @@ -108,83 +110,99 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | |||
| 108 | 110 | ||
| 109 | static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | 111 | static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, |
| 110 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values) | 112 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values) |
| 111 | { | 113 | { |
| 112 | char keyid=0, issuer=0; | 114 | char keyid=0, issuer=0; |
| 113 | int i; | 115 | int i; |
| 114 | CONF_VALUE *cnf; | 116 | CONF_VALUE *cnf; |
| 115 | ASN1_OCTET_STRING *ikeyid = NULL; | 117 | ASN1_OCTET_STRING *ikeyid = NULL; |
| 116 | X509_NAME *isname = NULL; | 118 | X509_NAME *isname = NULL; |
| 117 | GENERAL_NAMES * gens = NULL; | 119 | GENERAL_NAMES * gens = NULL; |
| 118 | GENERAL_NAME *gen = NULL; | 120 | GENERAL_NAME *gen = NULL; |
| 119 | ASN1_INTEGER *serial = NULL; | 121 | ASN1_INTEGER *serial = NULL; |
| 120 | X509_EXTENSION *ext; | 122 | X509_EXTENSION *ext; |
| 121 | X509 *cert; | 123 | X509 *cert; |
| 122 | AUTHORITY_KEYID *akeyid; | 124 | AUTHORITY_KEYID *akeyid; |
| 123 | for(i = 0; i < sk_CONF_VALUE_num(values); i++) { | 125 | |
| 124 | cnf = sk_CONF_VALUE_value(values, i); | 126 | for(i = 0; i < sk_CONF_VALUE_num(values); i++) |
| 125 | if(!strcmp(cnf->name, "keyid")) { | 127 | { |
| 126 | keyid = 1; | 128 | cnf = sk_CONF_VALUE_value(values, i); |
| 127 | if(cnf->value && !strcmp(cnf->value, "always")) keyid = 2; | 129 | if(!strcmp(cnf->name, "keyid")) |
| 128 | } else if(!strcmp(cnf->name, "issuer")) { | 130 | { |
| 129 | issuer = 1; | 131 | keyid = 1; |
| 130 | if(cnf->value && !strcmp(cnf->value, "always")) issuer = 2; | 132 | if(cnf->value && !strcmp(cnf->value, "always")) |
| 131 | } else { | 133 | keyid = 2; |
| 132 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNKNOWN_OPTION); | 134 | } |
| 133 | ERR_add_error_data(2, "name=", cnf->name); | 135 | else if(!strcmp(cnf->name, "issuer")) |
| 136 | { | ||
| 137 | issuer = 1; | ||
| 138 | if(cnf->value && !strcmp(cnf->value, "always")) | ||
| 139 | issuer = 2; | ||
| 140 | } | ||
| 141 | else | ||
| 142 | { | ||
| 143 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNKNOWN_OPTION); | ||
| 144 | ERR_add_error_data(2, "name=", cnf->name); | ||
| 145 | return NULL; | ||
| 146 | } | ||
| 147 | } | ||
| 148 | |||
| 149 | if(!ctx || !ctx->issuer_cert) | ||
| 150 | { | ||
| 151 | if(ctx && (ctx->flags==CTX_TEST)) | ||
| 152 | return AUTHORITY_KEYID_new(); | ||
| 153 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE); | ||
| 134 | return NULL; | 154 | return NULL; |
| 135 | } | 155 | } |
| 136 | } | 156 | |
| 137 | 157 | cert = ctx->issuer_cert; | |
| 138 | if(!ctx || !ctx->issuer_cert) { | 158 | |
| 139 | if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new(); | 159 | if(keyid) |
| 140 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE); | 160 | { |
| 161 | i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1); | ||
| 162 | if((i >= 0) && (ext = X509_get_ext(cert, i))) | ||
| 163 | ikeyid = X509V3_EXT_d2i(ext); | ||
| 164 | if(keyid==2 && !ikeyid) | ||
| 165 | { | ||
| 166 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); | ||
| 167 | return NULL; | ||
| 168 | } | ||
| 169 | } | ||
| 170 | |||
| 171 | if((issuer && !ikeyid) || (issuer == 2)) | ||
| 172 | { | ||
| 173 | isname = X509_NAME_dup(X509_get_issuer_name(cert)); | ||
| 174 | serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert)); | ||
| 175 | if(!isname || !serial) | ||
| 176 | { | ||
| 177 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); | ||
| 178 | goto err; | ||
| 179 | } | ||
| 180 | } | ||
| 181 | |||
| 182 | if(!(akeyid = AUTHORITY_KEYID_new())) goto err; | ||
| 183 | |||
| 184 | if(isname) | ||
| 185 | { | ||
| 186 | if(!(gens = sk_GENERAL_NAME_new_null()) | ||
| 187 | || !(gen = GENERAL_NAME_new()) | ||
| 188 | || !sk_GENERAL_NAME_push(gens, gen)) | ||
| 189 | { | ||
| 190 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE); | ||
| 191 | goto err; | ||
| 192 | } | ||
| 193 | gen->type = GEN_DIRNAME; | ||
| 194 | gen->d.dirn = isname; | ||
| 195 | } | ||
| 196 | |||
| 197 | akeyid->issuer = gens; | ||
| 198 | akeyid->serial = serial; | ||
| 199 | akeyid->keyid = ikeyid; | ||
| 200 | |||
| 201 | return akeyid; | ||
| 202 | |||
| 203 | err: | ||
| 204 | X509_NAME_free(isname); | ||
| 205 | M_ASN1_INTEGER_free(serial); | ||
| 206 | M_ASN1_OCTET_STRING_free(ikeyid); | ||
| 141 | return NULL; | 207 | return NULL; |
| 142 | } | ||
| 143 | |||
| 144 | cert = ctx->issuer_cert; | ||
| 145 | |||
| 146 | if(keyid) { | ||
| 147 | i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1); | ||
| 148 | if((i >= 0) && (ext = X509_get_ext(cert, i))) | ||
| 149 | ikeyid = X509V3_EXT_d2i(ext); | ||
| 150 | if(keyid==2 && !ikeyid) { | ||
| 151 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); | ||
| 152 | return NULL; | ||
| 153 | } | ||
| 154 | } | ||
| 155 | |||
| 156 | if((issuer && !ikeyid) || (issuer == 2)) { | ||
| 157 | isname = X509_NAME_dup(X509_get_issuer_name(cert)); | ||
| 158 | serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert)); | ||
| 159 | if(!isname || !serial) { | ||
| 160 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); | ||
| 161 | goto err; | ||
| 162 | } | 208 | } |
| 163 | } | ||
| 164 | |||
| 165 | if(!(akeyid = AUTHORITY_KEYID_new())) goto err; | ||
| 166 | |||
| 167 | if(isname) { | ||
| 168 | if(!(gens = sk_GENERAL_NAME_new_null()) || !(gen = GENERAL_NAME_new()) | ||
| 169 | || !sk_GENERAL_NAME_push(gens, gen)) { | ||
| 170 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE); | ||
| 171 | goto err; | ||
| 172 | } | ||
| 173 | gen->type = GEN_DIRNAME; | ||
| 174 | gen->d.dirn = isname; | ||
| 175 | } | ||
| 176 | |||
| 177 | akeyid->issuer = gens; | ||
| 178 | akeyid->serial = serial; | ||
| 179 | akeyid->keyid = ikeyid; | ||
| 180 | |||
| 181 | return akeyid; | ||
| 182 | |||
| 183 | err: | ||
| 184 | X509_NAME_free(isname); | ||
| 185 | M_ASN1_INTEGER_free(serial); | ||
| 186 | M_ASN1_OCTET_STRING_free(ikeyid); | ||
| 187 | return NULL; | ||
| 188 | |||
| 189 | } | ||
| 190 | |||
diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c index 58b935a3b6..bb2f5bc54e 100644 --- a/src/lib/libcrypto/x509v3/v3_alt.c +++ b/src/lib/libcrypto/x509v3/v3_alt.c | |||
| @@ -1,9 +1,9 @@ | |||
| 1 | /* v3_alt.c */ | 1 | /* v3_alt.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL |
| 3 | * project 1999. | 3 | * project. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -65,7 +65,10 @@ static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx | |||
| 65 | static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); | 65 | static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); |
| 66 | static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p); | 66 | static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p); |
| 67 | static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens); | 67 | static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens); |
| 68 | X509V3_EXT_METHOD v3_alt[] = { | 68 | static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); |
| 69 | static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); | ||
| 70 | |||
| 71 | const X509V3_EXT_METHOD v3_alt[] = { | ||
| 69 | { NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES), | 72 | { NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES), |
| 70 | 0,0,0,0, | 73 | 0,0,0,0, |
| 71 | 0,0, | 74 | 0,0, |
| @@ -98,7 +101,8 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, | |||
| 98 | GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret) | 101 | GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret) |
| 99 | { | 102 | { |
| 100 | unsigned char *p; | 103 | unsigned char *p; |
| 101 | char oline[256]; | 104 | char oline[256], htmp[5]; |
| 105 | int i; | ||
| 102 | switch (gen->type) | 106 | switch (gen->type) |
| 103 | { | 107 | { |
| 104 | case GEN_OTHERNAME: | 108 | case GEN_OTHERNAME: |
| @@ -132,13 +136,27 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, | |||
| 132 | 136 | ||
| 133 | case GEN_IPADD: | 137 | case GEN_IPADD: |
| 134 | p = gen->d.ip->data; | 138 | p = gen->d.ip->data; |
| 135 | /* BUG: doesn't support IPV6 */ | 139 | if(gen->d.ip->length == 4) |
| 136 | if(gen->d.ip->length != 4) { | 140 | BIO_snprintf(oline, sizeof oline, |
| 141 | "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); | ||
| 142 | else if(gen->d.ip->length == 16) | ||
| 143 | { | ||
| 144 | oline[0] = 0; | ||
| 145 | for (i = 0; i < 8; i++) | ||
| 146 | { | ||
| 147 | BIO_snprintf(htmp, sizeof htmp, | ||
| 148 | "%X", p[0] << 8 | p[1]); | ||
| 149 | p += 2; | ||
| 150 | strcat(oline, htmp); | ||
| 151 | if (i != 7) | ||
| 152 | strcat(oline, ":"); | ||
| 153 | } | ||
| 154 | } | ||
| 155 | else | ||
| 156 | { | ||
| 137 | X509V3_add_value("IP Address","<invalid>", &ret); | 157 | X509V3_add_value("IP Address","<invalid>", &ret); |
| 138 | break; | 158 | break; |
| 139 | } | 159 | } |
| 140 | BIO_snprintf(oline, sizeof oline, | ||
| 141 | "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); | ||
| 142 | X509V3_add_value("IP Address",oline, &ret); | 160 | X509V3_add_value("IP Address",oline, &ret); |
| 143 | break; | 161 | break; |
| 144 | 162 | ||
| @@ -153,6 +171,7 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, | |||
| 153 | int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen) | 171 | int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen) |
| 154 | { | 172 | { |
| 155 | unsigned char *p; | 173 | unsigned char *p; |
| 174 | int i; | ||
| 156 | switch (gen->type) | 175 | switch (gen->type) |
| 157 | { | 176 | { |
| 158 | case GEN_OTHERNAME: | 177 | case GEN_OTHERNAME: |
| @@ -187,12 +206,24 @@ int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen) | |||
| 187 | 206 | ||
| 188 | case GEN_IPADD: | 207 | case GEN_IPADD: |
| 189 | p = gen->d.ip->data; | 208 | p = gen->d.ip->data; |
| 190 | /* BUG: doesn't support IPV6 */ | 209 | if(gen->d.ip->length == 4) |
| 191 | if(gen->d.ip->length != 4) { | 210 | BIO_printf(out, "IP Address:%d.%d.%d.%d", |
| 211 | p[0], p[1], p[2], p[3]); | ||
| 212 | else if(gen->d.ip->length == 16) | ||
| 213 | { | ||
| 214 | BIO_printf(out, "IP Address"); | ||
| 215 | for (i = 0; i < 8; i++) | ||
| 216 | { | ||
| 217 | BIO_printf(out, ":%X", p[0] << 8 | p[1]); | ||
| 218 | p += 2; | ||
| 219 | } | ||
| 220 | BIO_puts(out, "\n"); | ||
| 221 | } | ||
| 222 | else | ||
| 223 | { | ||
| 192 | BIO_printf(out,"IP Address:<invalid>"); | 224 | BIO_printf(out,"IP Address:<invalid>"); |
| 193 | break; | 225 | break; |
| 194 | } | 226 | } |
| 195 | BIO_printf(out, "IP Address:%d.%d.%d.%d", p[0], p[1], p[2], p[3]); | ||
| 196 | break; | 227 | break; |
| 197 | 228 | ||
| 198 | case GEN_RID: | 229 | case GEN_RID: |
| @@ -210,7 +241,7 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, | |||
| 210 | CONF_VALUE *cnf; | 241 | CONF_VALUE *cnf; |
| 211 | int i; | 242 | int i; |
| 212 | if(!(gens = sk_GENERAL_NAME_new_null())) { | 243 | if(!(gens = sk_GENERAL_NAME_new_null())) { |
| 213 | X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE); | 244 | X509V3err(X509V3_F_V2I_ISSUER_ALT,ERR_R_MALLOC_FAILURE); |
| 214 | return NULL; | 245 | return NULL; |
| 215 | } | 246 | } |
| 216 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | 247 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { |
| @@ -275,7 +306,7 @@ static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, | |||
| 275 | CONF_VALUE *cnf; | 306 | CONF_VALUE *cnf; |
| 276 | int i; | 307 | int i; |
| 277 | if(!(gens = sk_GENERAL_NAME_new_null())) { | 308 | if(!(gens = sk_GENERAL_NAME_new_null())) { |
| 278 | X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE); | 309 | X509V3err(X509V3_F_V2I_SUBJECT_ALT,ERR_R_MALLOC_FAILURE); |
| 279 | return NULL; | 310 | return NULL; |
| 280 | } | 311 | } |
| 281 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | 312 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { |
| @@ -310,7 +341,8 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p) | |||
| 310 | X509_NAME_ENTRY *ne; | 341 | X509_NAME_ENTRY *ne; |
| 311 | GENERAL_NAME *gen = NULL; | 342 | GENERAL_NAME *gen = NULL; |
| 312 | int i; | 343 | int i; |
| 313 | if(ctx->flags == CTX_TEST) return 1; | 344 | if(ctx != NULL && ctx->flags == CTX_TEST) |
| 345 | return 1; | ||
| 314 | if(!ctx || (!ctx->subject_cert && !ctx->subject_req)) { | 346 | if(!ctx || (!ctx->subject_cert && !ctx->subject_req)) { |
| 315 | X509V3err(X509V3_F_COPY_EMAIL,X509V3_R_NO_SUBJECT_DETAILS); | 347 | X509V3err(X509V3_F_COPY_EMAIL,X509V3_R_NO_SUBJECT_DETAILS); |
| 316 | goto err; | 348 | goto err; |
| @@ -378,81 +410,172 @@ GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, | |||
| 378 | 410 | ||
| 379 | GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | 411 | GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, |
| 380 | CONF_VALUE *cnf) | 412 | CONF_VALUE *cnf) |
| 381 | { | 413 | { |
| 382 | char is_string = 0; | 414 | return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0); |
| 383 | int type; | 415 | } |
| 384 | GENERAL_NAME *gen = NULL; | ||
| 385 | 416 | ||
| 386 | char *name, *value; | 417 | GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, |
| 418 | X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | ||
| 419 | CONF_VALUE *cnf, int is_nc) | ||
| 420 | { | ||
| 421 | char is_string = 0; | ||
| 422 | int type; | ||
| 423 | GENERAL_NAME *gen = NULL; | ||
| 387 | 424 | ||
| 388 | name = cnf->name; | 425 | char *name, *value; |
| 389 | value = cnf->value; | ||
| 390 | 426 | ||
| 391 | if(!value) { | 427 | name = cnf->name; |
| 392 | X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_MISSING_VALUE); | 428 | value = cnf->value; |
| 393 | return NULL; | ||
| 394 | } | ||
| 395 | 429 | ||
| 396 | if(!(gen = GENERAL_NAME_new())) { | 430 | if(!value) |
| 397 | X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); | 431 | { |
| 398 | return NULL; | 432 | X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE); |
| 399 | } | 433 | return NULL; |
| 434 | } | ||
| 400 | 435 | ||
| 401 | if(!name_cmp(name, "email")) { | 436 | if (out) |
| 402 | is_string = 1; | 437 | gen = out; |
| 403 | type = GEN_EMAIL; | 438 | else |
| 404 | } else if(!name_cmp(name, "URI")) { | 439 | { |
| 405 | is_string = 1; | 440 | gen = GENERAL_NAME_new(); |
| 406 | type = GEN_URI; | 441 | if(gen == NULL) |
| 407 | } else if(!name_cmp(name, "DNS")) { | 442 | { |
| 408 | is_string = 1; | 443 | X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE); |
| 409 | type = GEN_DNS; | 444 | return NULL; |
| 410 | } else if(!name_cmp(name, "RID")) { | 445 | } |
| 411 | ASN1_OBJECT *obj; | 446 | } |
| 412 | if(!(obj = OBJ_txt2obj(value,0))) { | 447 | |
| 413 | X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_OBJECT); | 448 | if(!name_cmp(name, "email")) |
| 414 | ERR_add_error_data(2, "value=", value); | 449 | { |
| 415 | goto err; | 450 | is_string = 1; |
| 416 | } | 451 | type = GEN_EMAIL; |
| 417 | gen->d.rid = obj; | 452 | } |
| 418 | type = GEN_RID; | 453 | else if(!name_cmp(name, "URI")) |
| 419 | } else if(!name_cmp(name, "IP")) { | 454 | { |
| 420 | int i1,i2,i3,i4; | 455 | is_string = 1; |
| 421 | unsigned char ip[4]; | 456 | type = GEN_URI; |
| 422 | if((sscanf(value, "%d.%d.%d.%d",&i1,&i2,&i3,&i4) != 4) || | 457 | } |
| 423 | (i1 < 0) || (i1 > 255) || (i2 < 0) || (i2 > 255) || | 458 | else if(!name_cmp(name, "DNS")) |
| 424 | (i3 < 0) || (i3 > 255) || (i4 < 0) || (i4 > 255) ) { | 459 | { |
| 425 | X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS); | 460 | is_string = 1; |
| 426 | ERR_add_error_data(2, "value=", value); | 461 | type = GEN_DNS; |
| 462 | } | ||
| 463 | else if(!name_cmp(name, "RID")) | ||
| 464 | { | ||
| 465 | ASN1_OBJECT *obj; | ||
| 466 | if(!(obj = OBJ_txt2obj(value,0))) | ||
| 467 | { | ||
| 468 | X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_OBJECT); | ||
| 469 | ERR_add_error_data(2, "value=", value); | ||
| 470 | goto err; | ||
| 471 | } | ||
| 472 | gen->d.rid = obj; | ||
| 473 | type = GEN_RID; | ||
| 474 | } | ||
| 475 | else if(!name_cmp(name, "IP")) | ||
| 476 | { | ||
| 477 | if (is_nc) | ||
| 478 | gen->d.ip = a2i_IPADDRESS_NC(value); | ||
| 479 | else | ||
| 480 | gen->d.ip = a2i_IPADDRESS(value); | ||
| 481 | if(gen->d.ip == NULL) | ||
| 482 | { | ||
| 483 | X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_IP_ADDRESS); | ||
| 484 | ERR_add_error_data(2, "value=", value); | ||
| 485 | goto err; | ||
| 486 | } | ||
| 487 | type = GEN_IPADD; | ||
| 488 | } | ||
| 489 | else if(!name_cmp(name, "dirName")) | ||
| 490 | { | ||
| 491 | type = GEN_DIRNAME; | ||
| 492 | if (!do_dirname(gen, value, ctx)) | ||
| 493 | { | ||
| 494 | X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_DIRNAME_ERROR); | ||
| 495 | goto err; | ||
| 496 | } | ||
| 497 | } | ||
| 498 | else if(!name_cmp(name, "otherName")) | ||
| 499 | { | ||
| 500 | if (!do_othername(gen, value, ctx)) | ||
| 501 | { | ||
| 502 | X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_OTHERNAME_ERROR); | ||
| 503 | goto err; | ||
| 504 | } | ||
| 505 | type = GEN_OTHERNAME; | ||
| 506 | } | ||
| 507 | else | ||
| 508 | { | ||
| 509 | X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION); | ||
| 510 | ERR_add_error_data(2, "name=", name); | ||
| 427 | goto err; | 511 | goto err; |
| 428 | } | 512 | } |
| 429 | ip[0] = i1; ip[1] = i2 ; ip[2] = i3 ; ip[3] = i4; | 513 | |
| 430 | if(!(gen->d.ip = M_ASN1_OCTET_STRING_new()) || | 514 | if(is_string) |
| 431 | !ASN1_STRING_set(gen->d.ip, ip, 4)) { | 515 | { |
| 432 | X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); | 516 | if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) || |
| 517 | !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value, | ||
| 518 | strlen(value))) | ||
| 519 | { | ||
| 520 | X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE); | ||
| 433 | goto err; | 521 | goto err; |
| 434 | } | 522 | } |
| 435 | type = GEN_IPADD; | 523 | } |
| 436 | } else { | ||
| 437 | X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_OPTION); | ||
| 438 | ERR_add_error_data(2, "name=", name); | ||
| 439 | goto err; | ||
| 440 | } | ||
| 441 | 524 | ||
| 442 | if(is_string) { | 525 | gen->type = type; |
| 443 | if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) || | 526 | |
| 444 | !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value, | 527 | return gen; |
| 445 | strlen(value))) { | ||
| 446 | X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); | ||
| 447 | goto err; | ||
| 448 | } | ||
| 449 | } | ||
| 450 | 528 | ||
| 451 | gen->type = type; | 529 | err: |
| 530 | GENERAL_NAME_free(gen); | ||
| 531 | return NULL; | ||
| 532 | } | ||
| 452 | 533 | ||
| 453 | return gen; | 534 | static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) |
| 535 | { | ||
| 536 | char *objtmp = NULL, *p; | ||
| 537 | int objlen; | ||
| 538 | if (!(p = strchr(value, ';'))) | ||
| 539 | return 0; | ||
| 540 | if (!(gen->d.otherName = OTHERNAME_new())) | ||
| 541 | return 0; | ||
| 542 | /* Free this up because we will overwrite it. | ||
| 543 | * no need to free type_id because it is static | ||
| 544 | */ | ||
| 545 | ASN1_TYPE_free(gen->d.otherName->value); | ||
| 546 | if (!(gen->d.otherName->value = ASN1_generate_v3(p + 1, ctx))) | ||
| 547 | return 0; | ||
| 548 | objlen = p - value; | ||
| 549 | objtmp = OPENSSL_malloc(objlen + 1); | ||
| 550 | strncpy(objtmp, value, objlen); | ||
| 551 | objtmp[objlen] = 0; | ||
| 552 | gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0); | ||
| 553 | OPENSSL_free(objtmp); | ||
| 554 | if (!gen->d.otherName->type_id) | ||
| 555 | return 0; | ||
| 556 | return 1; | ||
| 557 | } | ||
| 454 | 558 | ||
| 455 | err: | 559 | static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) |
| 456 | GENERAL_NAME_free(gen); | 560 | { |
| 457 | return NULL; | 561 | int ret; |
| 458 | } | 562 | STACK_OF(CONF_VALUE) *sk; |
| 563 | X509_NAME *nm; | ||
| 564 | if (!(nm = X509_NAME_new())) | ||
| 565 | return 0; | ||
| 566 | sk = X509V3_get_section(ctx, value); | ||
| 567 | if (!sk) | ||
| 568 | { | ||
| 569 | X509V3err(X509V3_F_DO_DIRNAME,X509V3_R_SECTION_NOT_FOUND); | ||
| 570 | ERR_add_error_data(2, "section=", value); | ||
| 571 | X509_NAME_free(nm); | ||
| 572 | return 0; | ||
| 573 | } | ||
| 574 | /* FIXME: should allow other character types... */ | ||
| 575 | ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC); | ||
| 576 | if (!ret) | ||
| 577 | X509_NAME_free(nm); | ||
| 578 | gen->d.dirn = nm; | ||
| 579 | |||
| 580 | return ret; | ||
| 581 | } | ||
diff --git a/src/lib/libcrypto/x509v3/v3_bcons.c b/src/lib/libcrypto/x509v3/v3_bcons.c index cbb012715e..74b1233071 100644 --- a/src/lib/libcrypto/x509v3/v3_bcons.c +++ b/src/lib/libcrypto/x509v3/v3_bcons.c | |||
| @@ -67,7 +67,7 @@ | |||
| 67 | static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist); | 67 | static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist); |
| 68 | static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); | 68 | static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); |
| 69 | 69 | ||
| 70 | X509V3_EXT_METHOD v3_bcons = { | 70 | const X509V3_EXT_METHOD v3_bcons = { |
| 71 | NID_basic_constraints, 0, | 71 | NID_basic_constraints, 0, |
| 72 | ASN1_ITEM_ref(BASIC_CONSTRAINTS), | 72 | ASN1_ITEM_ref(BASIC_CONSTRAINTS), |
| 73 | 0,0,0,0, | 73 | 0,0,0,0, |
diff --git a/src/lib/libcrypto/x509v3/v3_bitst.c b/src/lib/libcrypto/x509v3/v3_bitst.c index 274965306d..cf31f0816e 100644 --- a/src/lib/libcrypto/x509v3/v3_bitst.c +++ b/src/lib/libcrypto/x509v3/v3_bitst.c | |||
| @@ -61,12 +61,6 @@ | |||
| 61 | #include <openssl/conf.h> | 61 | #include <openssl/conf.h> |
| 62 | #include <openssl/x509v3.h> | 62 | #include <openssl/x509v3.h> |
| 63 | 63 | ||
| 64 | static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, | ||
| 65 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); | ||
| 66 | static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, | ||
| 67 | ASN1_BIT_STRING *bits, | ||
| 68 | STACK_OF(CONF_VALUE) *extlist); | ||
| 69 | |||
| 70 | static BIT_STRING_BITNAME ns_cert_type_table[] = { | 64 | static BIT_STRING_BITNAME ns_cert_type_table[] = { |
| 71 | {0, "SSL Client", "client"}, | 65 | {0, "SSL Client", "client"}, |
| 72 | {1, "SSL Server", "server"}, | 66 | {1, "SSL Server", "server"}, |
| @@ -94,10 +88,10 @@ static BIT_STRING_BITNAME key_usage_type_table[] = { | |||
| 94 | 88 | ||
| 95 | 89 | ||
| 96 | 90 | ||
| 97 | X509V3_EXT_METHOD v3_nscert = EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table); | 91 | const X509V3_EXT_METHOD v3_nscert = EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table); |
| 98 | X509V3_EXT_METHOD v3_key_usage = EXT_BITSTRING(NID_key_usage, key_usage_type_table); | 92 | const X509V3_EXT_METHOD v3_key_usage = EXT_BITSTRING(NID_key_usage, key_usage_type_table); |
| 99 | 93 | ||
| 100 | static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, | 94 | STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, |
| 101 | ASN1_BIT_STRING *bits, STACK_OF(CONF_VALUE) *ret) | 95 | ASN1_BIT_STRING *bits, STACK_OF(CONF_VALUE) *ret) |
| 102 | { | 96 | { |
| 103 | BIT_STRING_BITNAME *bnam; | 97 | BIT_STRING_BITNAME *bnam; |
| @@ -108,7 +102,7 @@ static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, | |||
| 108 | return ret; | 102 | return ret; |
| 109 | } | 103 | } |
| 110 | 104 | ||
| 111 | static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, | 105 | ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, |
| 112 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) | 106 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) |
| 113 | { | 107 | { |
| 114 | CONF_VALUE *val; | 108 | CONF_VALUE *val; |
diff --git a/src/lib/libcrypto/x509v3/v3_conf.c b/src/lib/libcrypto/x509v3/v3_conf.c index 1284d5aaa5..2b867305fb 100644 --- a/src/lib/libcrypto/x509v3/v3_conf.c +++ b/src/lib/libcrypto/x509v3/v3_conf.c | |||
| @@ -3,7 +3,7 @@ | |||
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -69,11 +69,12 @@ | |||
| 69 | static int v3_check_critical(char **value); | 69 | static int v3_check_critical(char **value); |
| 70 | static int v3_check_generic(char **value); | 70 | static int v3_check_generic(char **value); |
| 71 | static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value); | 71 | static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value); |
| 72 | static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type); | 72 | static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type, X509V3_CTX *ctx); |
| 73 | static char *conf_lhash_get_string(void *db, char *section, char *value); | 73 | static char *conf_lhash_get_string(void *db, char *section, char *value); |
| 74 | static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section); | 74 | static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section); |
| 75 | static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid, | 75 | static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid, |
| 76 | int crit, void *ext_struc); | 76 | int crit, void *ext_struc); |
| 77 | static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx, long *ext_len); | ||
| 77 | /* CONF *conf: Config file */ | 78 | /* CONF *conf: Config file */ |
| 78 | /* char *name: Name */ | 79 | /* char *name: Name */ |
| 79 | /* char *value: Value */ | 80 | /* char *value: Value */ |
| @@ -85,11 +86,11 @@ X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, | |||
| 85 | X509_EXTENSION *ret; | 86 | X509_EXTENSION *ret; |
| 86 | crit = v3_check_critical(&value); | 87 | crit = v3_check_critical(&value); |
| 87 | if ((ext_type = v3_check_generic(&value))) | 88 | if ((ext_type = v3_check_generic(&value))) |
| 88 | return v3_generic_extension(name, value, crit, ext_type); | 89 | return v3_generic_extension(name, value, crit, ext_type, ctx); |
| 89 | ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value); | 90 | ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value); |
| 90 | if (!ret) | 91 | if (!ret) |
| 91 | { | 92 | { |
| 92 | X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_ERROR_IN_EXTENSION); | 93 | X509V3err(X509V3_F_X509V3_EXT_NCONF,X509V3_R_ERROR_IN_EXTENSION); |
| 93 | ERR_add_error_data(4,"name=", name, ", value=", value); | 94 | ERR_add_error_data(4,"name=", name, ", value=", value); |
| 94 | } | 95 | } |
| 95 | return ret; | 96 | return ret; |
| @@ -105,7 +106,7 @@ X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, | |||
| 105 | crit = v3_check_critical(&value); | 106 | crit = v3_check_critical(&value); |
| 106 | if ((ext_type = v3_check_generic(&value))) | 107 | if ((ext_type = v3_check_generic(&value))) |
| 107 | return v3_generic_extension(OBJ_nid2sn(ext_nid), | 108 | return v3_generic_extension(OBJ_nid2sn(ext_nid), |
| 108 | value, crit, ext_type); | 109 | value, crit, ext_type, ctx); |
| 109 | return do_ext_nconf(conf, ctx, ext_nid, crit, value); | 110 | return do_ext_nconf(conf, ctx, ext_nid, crit, value); |
| 110 | } | 111 | } |
| 111 | 112 | ||
| @@ -120,12 +121,12 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, | |||
| 120 | void *ext_struc; | 121 | void *ext_struc; |
| 121 | if (ext_nid == NID_undef) | 122 | if (ext_nid == NID_undef) |
| 122 | { | 123 | { |
| 123 | X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION_NAME); | 124 | X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_UNKNOWN_EXTENSION_NAME); |
| 124 | return NULL; | 125 | return NULL; |
| 125 | } | 126 | } |
| 126 | if (!(method = X509V3_EXT_get_nid(ext_nid))) | 127 | if (!(method = X509V3_EXT_get_nid(ext_nid))) |
| 127 | { | 128 | { |
| 128 | X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION); | 129 | X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_UNKNOWN_EXTENSION); |
| 129 | return NULL; | 130 | return NULL; |
| 130 | } | 131 | } |
| 131 | /* Now get internal extension representation based on type */ | 132 | /* Now get internal extension representation based on type */ |
| @@ -133,9 +134,9 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, | |||
| 133 | { | 134 | { |
| 134 | if(*value == '@') nval = NCONF_get_section(conf, value + 1); | 135 | if(*value == '@') nval = NCONF_get_section(conf, value + 1); |
| 135 | else nval = X509V3_parse_list(value); | 136 | else nval = X509V3_parse_list(value); |
| 136 | if(!nval) | 137 | if(sk_CONF_VALUE_num(nval) <= 0) |
| 137 | { | 138 | { |
| 138 | X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_INVALID_EXTENSION_STRING); | 139 | X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_INVALID_EXTENSION_STRING); |
| 139 | ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value); | 140 | ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value); |
| 140 | return NULL; | 141 | return NULL; |
| 141 | } | 142 | } |
| @@ -150,16 +151,16 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, | |||
| 150 | } | 151 | } |
| 151 | else if(method->r2i) | 152 | else if(method->r2i) |
| 152 | { | 153 | { |
| 153 | if(!ctx->db) | 154 | if(!ctx->db || !ctx->db_meth) |
| 154 | { | 155 | { |
| 155 | X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_NO_CONFIG_DATABASE); | 156 | X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_NO_CONFIG_DATABASE); |
| 156 | return NULL; | 157 | return NULL; |
| 157 | } | 158 | } |
| 158 | if(!(ext_struc = method->r2i(method, ctx, value))) return NULL; | 159 | if(!(ext_struc = method->r2i(method, ctx, value))) return NULL; |
| 159 | } | 160 | } |
| 160 | else | 161 | else |
| 161 | { | 162 | { |
| 162 | X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); | 163 | X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); |
| 163 | ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid)); | 164 | ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid)); |
| 164 | return NULL; | 165 | return NULL; |
| 165 | } | 166 | } |
| @@ -235,17 +236,29 @@ static int v3_check_critical(char **value) | |||
| 235 | /* Check extension string for generic extension and return the type */ | 236 | /* Check extension string for generic extension and return the type */ |
| 236 | static int v3_check_generic(char **value) | 237 | static int v3_check_generic(char **value) |
| 237 | { | 238 | { |
| 239 | int gen_type = 0; | ||
| 238 | char *p = *value; | 240 | char *p = *value; |
| 239 | if ((strlen(p) < 4) || strncmp(p, "DER:", 4)) return 0; | 241 | if ((strlen(p) >= 4) && !strncmp(p, "DER:", 4)) |
| 240 | p+=4; | 242 | { |
| 243 | p+=4; | ||
| 244 | gen_type = 1; | ||
| 245 | } | ||
| 246 | else if ((strlen(p) >= 5) && !strncmp(p, "ASN1:", 5)) | ||
| 247 | { | ||
| 248 | p+=5; | ||
| 249 | gen_type = 2; | ||
| 250 | } | ||
| 251 | else | ||
| 252 | return 0; | ||
| 253 | |||
| 241 | while (isspace((unsigned char)*p)) p++; | 254 | while (isspace((unsigned char)*p)) p++; |
| 242 | *value = p; | 255 | *value = p; |
| 243 | return 1; | 256 | return gen_type; |
| 244 | } | 257 | } |
| 245 | 258 | ||
| 246 | /* Create a generic extension: for now just handle DER type */ | 259 | /* Create a generic extension: for now just handle DER type */ |
| 247 | static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, | 260 | static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, |
| 248 | int crit, int type) | 261 | int crit, int gen_type, X509V3_CTX *ctx) |
| 249 | { | 262 | { |
| 250 | unsigned char *ext_der=NULL; | 263 | unsigned char *ext_der=NULL; |
| 251 | long ext_len; | 264 | long ext_len; |
| @@ -259,7 +272,12 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, | |||
| 259 | goto err; | 272 | goto err; |
| 260 | } | 273 | } |
| 261 | 274 | ||
| 262 | if (!(ext_der = string_to_hex(value, &ext_len))) | 275 | if (gen_type == 1) |
| 276 | ext_der = string_to_hex(value, &ext_len); | ||
| 277 | else if (gen_type == 2) | ||
| 278 | ext_der = generic_asn1(value, ctx, &ext_len); | ||
| 279 | |||
| 280 | if (ext_der == NULL) | ||
| 263 | { | 281 | { |
| 264 | X509V3err(X509V3_F_V3_GENERIC_EXTENSION,X509V3_R_EXTENSION_VALUE_ERROR); | 282 | X509V3err(X509V3_F_V3_GENERIC_EXTENSION,X509V3_R_EXTENSION_VALUE_ERROR); |
| 265 | ERR_add_error_data(2, "value=", value); | 283 | ERR_add_error_data(2, "value=", value); |
| @@ -286,6 +304,17 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, | |||
| 286 | 304 | ||
| 287 | } | 305 | } |
| 288 | 306 | ||
| 307 | static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx, long *ext_len) | ||
| 308 | { | ||
| 309 | ASN1_TYPE *typ; | ||
| 310 | unsigned char *ext_der = NULL; | ||
| 311 | typ = ASN1_generate_v3(value, ctx); | ||
| 312 | if (typ == NULL) | ||
| 313 | return NULL; | ||
| 314 | *ext_len = i2d_ASN1_TYPE(typ, &ext_der); | ||
| 315 | ASN1_TYPE_free(typ); | ||
| 316 | return ext_der; | ||
| 317 | } | ||
| 289 | 318 | ||
| 290 | /* This is the main function: add a bunch of extensions based on a config file | 319 | /* This is the main function: add a bunch of extensions based on a config file |
| 291 | * section to an extension STACK. | 320 | * section to an extension STACK. |
| @@ -354,6 +383,11 @@ int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, | |||
| 354 | 383 | ||
| 355 | char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) | 384 | char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) |
| 356 | { | 385 | { |
| 386 | if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) | ||
| 387 | { | ||
| 388 | X509V3err(X509V3_F_X509V3_GET_STRING,X509V3_R_OPERATION_NOT_DEFINED); | ||
| 389 | return NULL; | ||
| 390 | } | ||
| 357 | if (ctx->db_meth->get_string) | 391 | if (ctx->db_meth->get_string) |
| 358 | return ctx->db_meth->get_string(ctx->db, name, section); | 392 | return ctx->db_meth->get_string(ctx->db, name, section); |
| 359 | return NULL; | 393 | return NULL; |
| @@ -361,6 +395,11 @@ char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) | |||
| 361 | 395 | ||
| 362 | STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section) | 396 | STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section) |
| 363 | { | 397 | { |
| 398 | if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) | ||
| 399 | { | ||
| 400 | X509V3err(X509V3_F_X509V3_GET_SECTION,X509V3_R_OPERATION_NOT_DEFINED); | ||
| 401 | return NULL; | ||
| 402 | } | ||
| 364 | if (ctx->db_meth->get_section) | 403 | if (ctx->db_meth->get_section) |
| 365 | return ctx->db_meth->get_section(ctx->db, section); | 404 | return ctx->db_meth->get_section(ctx->db, section); |
| 366 | return NULL; | 405 | return NULL; |
diff --git a/src/lib/libcrypto/x509v3/v3_cpols.c b/src/lib/libcrypto/x509v3/v3_cpols.c index 867525f336..a40f490aa9 100644 --- a/src/lib/libcrypto/x509v3/v3_cpols.c +++ b/src/lib/libcrypto/x509v3/v3_cpols.c | |||
| @@ -3,7 +3,7 @@ | |||
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -63,6 +63,8 @@ | |||
| 63 | #include <openssl/asn1t.h> | 63 | #include <openssl/asn1t.h> |
| 64 | #include <openssl/x509v3.h> | 64 | #include <openssl/x509v3.h> |
| 65 | 65 | ||
| 66 | #include "pcy_int.h" | ||
| 67 | |||
| 66 | /* Certificate policies extension support: this one is a bit complex... */ | 68 | /* Certificate policies extension support: this one is a bit complex... */ |
| 67 | 69 | ||
| 68 | static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent); | 70 | static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent); |
| @@ -75,7 +77,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, | |||
| 75 | STACK_OF(CONF_VALUE) *unot, int ia5org); | 77 | STACK_OF(CONF_VALUE) *unot, int ia5org); |
| 76 | static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos); | 78 | static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos); |
| 77 | 79 | ||
| 78 | X509V3_EXT_METHOD v3_cpols = { | 80 | const X509V3_EXT_METHOD v3_cpols = { |
| 79 | NID_certificate_policies, 0,ASN1_ITEM_ref(CERTIFICATEPOLICIES), | 81 | NID_certificate_policies, 0,ASN1_ITEM_ref(CERTIFICATEPOLICIES), |
| 80 | 0,0,0,0, | 82 | 0,0,0,0, |
| 81 | 0,0, | 83 | 0,0, |
| @@ -348,7 +350,7 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) | |||
| 348 | return 1; | 350 | return 1; |
| 349 | 351 | ||
| 350 | merr: | 352 | merr: |
| 351 | X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE); | 353 | X509V3err(X509V3_F_NREF_NOS,ERR_R_MALLOC_FAILURE); |
| 352 | 354 | ||
| 353 | err: | 355 | err: |
| 354 | sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); | 356 | sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); |
| @@ -429,3 +431,19 @@ static void print_notice(BIO *out, USERNOTICE *notice, int indent) | |||
| 429 | notice->exptext->data); | 431 | notice->exptext->data); |
| 430 | } | 432 | } |
| 431 | 433 | ||
| 434 | void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent) | ||
| 435 | { | ||
| 436 | const X509_POLICY_DATA *dat = node->data; | ||
| 437 | |||
| 438 | BIO_printf(out, "%*sPolicy: ", indent, ""); | ||
| 439 | |||
| 440 | i2a_ASN1_OBJECT(out, dat->valid_policy); | ||
| 441 | BIO_puts(out, "\n"); | ||
| 442 | BIO_printf(out, "%*s%s\n", indent + 2, "", | ||
| 443 | node_data_critical(dat) ? "Critical" : "Non Critical"); | ||
| 444 | if (dat->qualifier_set) | ||
| 445 | print_qualifiers(out, dat->qualifier_set, indent + 2); | ||
| 446 | else | ||
| 447 | BIO_printf(out, "%*sNo Qualifiers\n", indent + 2, ""); | ||
| 448 | } | ||
| 449 | |||
diff --git a/src/lib/libcrypto/x509v3/v3_crld.c b/src/lib/libcrypto/x509v3/v3_crld.c index f90829c574..c6e3ebae7b 100644 --- a/src/lib/libcrypto/x509v3/v3_crld.c +++ b/src/lib/libcrypto/x509v3/v3_crld.c | |||
| @@ -68,7 +68,7 @@ static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method, | |||
| 68 | static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, | 68 | static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, |
| 69 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); | 69 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); |
| 70 | 70 | ||
| 71 | X509V3_EXT_METHOD v3_crld = { | 71 | const X509V3_EXT_METHOD v3_crld = { |
| 72 | NID_crl_distribution_points, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(CRL_DIST_POINTS), | 72 | NID_crl_distribution_points, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(CRL_DIST_POINTS), |
| 73 | 0,0,0,0, | 73 | 0,0,0,0, |
| 74 | 0,0, | 74 | 0,0, |
diff --git a/src/lib/libcrypto/x509v3/v3_enum.c b/src/lib/libcrypto/x509v3/v3_enum.c index 010c9d6260..a236cb22e1 100644 --- a/src/lib/libcrypto/x509v3/v3_enum.c +++ b/src/lib/libcrypto/x509v3/v3_enum.c | |||
| @@ -72,7 +72,7 @@ static ENUMERATED_NAMES crl_reasons[] = { | |||
| 72 | {-1, NULL, NULL} | 72 | {-1, NULL, NULL} |
| 73 | }; | 73 | }; |
| 74 | 74 | ||
| 75 | X509V3_EXT_METHOD v3_crl_reason = { | 75 | const X509V3_EXT_METHOD v3_crl_reason = { |
| 76 | NID_crl_reason, 0, ASN1_ITEM_ref(ASN1_ENUMERATED), | 76 | NID_crl_reason, 0, ASN1_ITEM_ref(ASN1_ENUMERATED), |
| 77 | 0,0,0,0, | 77 | 0,0,0,0, |
| 78 | (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE, | 78 | (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE, |
diff --git a/src/lib/libcrypto/x509v3/v3_extku.c b/src/lib/libcrypto/x509v3/v3_extku.c index b1cfaba1aa..a4efe0031e 100644 --- a/src/lib/libcrypto/x509v3/v3_extku.c +++ b/src/lib/libcrypto/x509v3/v3_extku.c | |||
| @@ -68,7 +68,7 @@ static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, | |||
| 68 | static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, | 68 | static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, |
| 69 | void *eku, STACK_OF(CONF_VALUE) *extlist); | 69 | void *eku, STACK_OF(CONF_VALUE) *extlist); |
| 70 | 70 | ||
| 71 | X509V3_EXT_METHOD v3_ext_ku = { | 71 | const X509V3_EXT_METHOD v3_ext_ku = { |
| 72 | NID_ext_key_usage, 0, | 72 | NID_ext_key_usage, 0, |
| 73 | ASN1_ITEM_ref(EXTENDED_KEY_USAGE), | 73 | ASN1_ITEM_ref(EXTENDED_KEY_USAGE), |
| 74 | 0,0,0,0, | 74 | 0,0,0,0, |
| @@ -80,7 +80,7 @@ X509V3_EXT_METHOD v3_ext_ku = { | |||
| 80 | }; | 80 | }; |
| 81 | 81 | ||
| 82 | /* NB OCSP acceptable responses also is a SEQUENCE OF OBJECT */ | 82 | /* NB OCSP acceptable responses also is a SEQUENCE OF OBJECT */ |
| 83 | X509V3_EXT_METHOD v3_ocsp_accresp = { | 83 | const X509V3_EXT_METHOD v3_ocsp_accresp = { |
| 84 | NID_id_pkix_OCSP_acceptableResponses, 0, | 84 | NID_id_pkix_OCSP_acceptableResponses, 0, |
| 85 | ASN1_ITEM_ref(EXTENDED_KEY_USAGE), | 85 | ASN1_ITEM_ref(EXTENDED_KEY_USAGE), |
| 86 | 0,0,0,0, | 86 | 0,0,0,0, |
| @@ -122,7 +122,7 @@ static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, | |||
| 122 | int i; | 122 | int i; |
| 123 | 123 | ||
| 124 | if(!(extku = sk_ASN1_OBJECT_new_null())) { | 124 | if(!(extku = sk_ASN1_OBJECT_new_null())) { |
| 125 | X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE); | 125 | X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,ERR_R_MALLOC_FAILURE); |
| 126 | return NULL; | 126 | return NULL; |
| 127 | } | 127 | } |
| 128 | 128 | ||
| @@ -132,7 +132,7 @@ static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, | |||
| 132 | else extval = val->name; | 132 | else extval = val->name; |
| 133 | if(!(objtmp = OBJ_txt2obj(extval, 0))) { | 133 | if(!(objtmp = OBJ_txt2obj(extval, 0))) { |
| 134 | sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); | 134 | sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); |
| 135 | X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER); | 135 | X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,X509V3_R_INVALID_OBJECT_IDENTIFIER); |
| 136 | X509V3_conf_err(val); | 136 | X509V3_conf_err(val); |
| 137 | return NULL; | 137 | return NULL; |
| 138 | } | 138 | } |
diff --git a/src/lib/libcrypto/x509v3/v3_ia5.c b/src/lib/libcrypto/x509v3/v3_ia5.c index 9683afa47c..b739ccd036 100644 --- a/src/lib/libcrypto/x509v3/v3_ia5.c +++ b/src/lib/libcrypto/x509v3/v3_ia5.c | |||
| @@ -65,7 +65,7 @@ | |||
| 65 | 65 | ||
| 66 | static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5); | 66 | static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5); |
| 67 | static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); | 67 | static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); |
| 68 | X509V3_EXT_METHOD v3_ns_ia5_list[] = { | 68 | const X509V3_EXT_METHOD v3_ns_ia5_list[] = { |
| 69 | EXT_IA5STRING(NID_netscape_base_url), | 69 | EXT_IA5STRING(NID_netscape_base_url), |
| 70 | EXT_IA5STRING(NID_netscape_revocation_url), | 70 | EXT_IA5STRING(NID_netscape_revocation_url), |
| 71 | EXT_IA5STRING(NID_netscape_ca_revocation_url), | 71 | EXT_IA5STRING(NID_netscape_ca_revocation_url), |
diff --git a/src/lib/libcrypto/x509v3/v3_info.c b/src/lib/libcrypto/x509v3/v3_info.c index 53e3f48859..e0ef69de42 100644 --- a/src/lib/libcrypto/x509v3/v3_info.c +++ b/src/lib/libcrypto/x509v3/v3_info.c | |||
| @@ -69,7 +69,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method | |||
| 69 | static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, | 69 | static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, |
| 70 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); | 70 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); |
| 71 | 71 | ||
| 72 | X509V3_EXT_METHOD v3_info = | 72 | const X509V3_EXT_METHOD v3_info = |
| 73 | { NID_info_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), | 73 | { NID_info_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), |
| 74 | 0,0,0,0, | 74 | 0,0,0,0, |
| 75 | 0,0, | 75 | 0,0, |
| @@ -78,7 +78,7 @@ X509V3_EXT_METHOD v3_info = | |||
| 78 | 0,0, | 78 | 0,0, |
| 79 | NULL}; | 79 | NULL}; |
| 80 | 80 | ||
| 81 | X509V3_EXT_METHOD v3_sinfo = | 81 | const X509V3_EXT_METHOD v3_sinfo = |
| 82 | { NID_sinfo_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), | 82 | { NID_sinfo_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), |
| 83 | 0,0,0,0, | 83 | 0,0,0,0, |
| 84 | 0,0, | 84 | 0,0, |
| @@ -141,36 +141,35 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho | |||
| 141 | int i, objlen; | 141 | int i, objlen; |
| 142 | char *objtmp, *ptmp; | 142 | char *objtmp, *ptmp; |
| 143 | if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) { | 143 | if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) { |
| 144 | X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE); | 144 | X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE); |
| 145 | return NULL; | 145 | return NULL; |
| 146 | } | 146 | } |
| 147 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | 147 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { |
| 148 | cnf = sk_CONF_VALUE_value(nval, i); | 148 | cnf = sk_CONF_VALUE_value(nval, i); |
| 149 | if(!(acc = ACCESS_DESCRIPTION_new()) | 149 | if(!(acc = ACCESS_DESCRIPTION_new()) |
| 150 | || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) { | 150 | || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) { |
| 151 | X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE); | 151 | X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE); |
| 152 | goto err; | 152 | goto err; |
| 153 | } | 153 | } |
| 154 | ptmp = strchr(cnf->name, ';'); | 154 | ptmp = strchr(cnf->name, ';'); |
| 155 | if(!ptmp) { | 155 | if(!ptmp) { |
| 156 | X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_INVALID_SYNTAX); | 156 | X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_INVALID_SYNTAX); |
| 157 | goto err; | 157 | goto err; |
| 158 | } | 158 | } |
| 159 | objlen = ptmp - cnf->name; | 159 | objlen = ptmp - cnf->name; |
| 160 | ctmp.name = ptmp + 1; | 160 | ctmp.name = ptmp + 1; |
| 161 | ctmp.value = cnf->value; | 161 | ctmp.value = cnf->value; |
| 162 | GENERAL_NAME_free(acc->location); | 162 | if(!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0)) |
| 163 | if(!(acc->location = v2i_GENERAL_NAME(method, ctx, &ctmp))) | ||
| 164 | goto err; | 163 | goto err; |
| 165 | if(!(objtmp = OPENSSL_malloc(objlen + 1))) { | 164 | if(!(objtmp = OPENSSL_malloc(objlen + 1))) { |
| 166 | X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE); | 165 | X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE); |
| 167 | goto err; | 166 | goto err; |
| 168 | } | 167 | } |
| 169 | strncpy(objtmp, cnf->name, objlen); | 168 | strncpy(objtmp, cnf->name, objlen); |
| 170 | objtmp[objlen] = 0; | 169 | objtmp[objlen] = 0; |
| 171 | acc->method = OBJ_txt2obj(objtmp, 0); | 170 | acc->method = OBJ_txt2obj(objtmp, 0); |
| 172 | if(!acc->method) { | 171 | if(!acc->method) { |
| 173 | X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_BAD_OBJECT); | 172 | X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_BAD_OBJECT); |
| 174 | ERR_add_error_data(2, "value=", objtmp); | 173 | ERR_add_error_data(2, "value=", objtmp); |
| 175 | OPENSSL_free(objtmp); | 174 | OPENSSL_free(objtmp); |
| 176 | goto err; | 175 | goto err; |
diff --git a/src/lib/libcrypto/x509v3/v3_int.c b/src/lib/libcrypto/x509v3/v3_int.c index 7a43b4717b..9a48dc1508 100644 --- a/src/lib/libcrypto/x509v3/v3_int.c +++ b/src/lib/libcrypto/x509v3/v3_int.c | |||
| @@ -60,17 +60,30 @@ | |||
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/x509v3.h> | 61 | #include <openssl/x509v3.h> |
| 62 | 62 | ||
| 63 | X509V3_EXT_METHOD v3_crl_num = { | 63 | const X509V3_EXT_METHOD v3_crl_num = { |
| 64 | NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER), | 64 | NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER), |
| 65 | 0,0,0,0, | 65 | 0,0,0,0, |
| 66 | (X509V3_EXT_I2S)i2s_ASN1_INTEGER, | 66 | (X509V3_EXT_I2S)i2s_ASN1_INTEGER, |
| 67 | 0, | 67 | 0, |
| 68 | 0,0,0,0, NULL}; | 68 | 0,0,0,0, NULL}; |
| 69 | 69 | ||
| 70 | X509V3_EXT_METHOD v3_delta_crl = { | 70 | const X509V3_EXT_METHOD v3_delta_crl = { |
| 71 | NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER), | 71 | NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER), |
| 72 | 0,0,0,0, | 72 | 0,0,0,0, |
| 73 | (X509V3_EXT_I2S)i2s_ASN1_INTEGER, | 73 | (X509V3_EXT_I2S)i2s_ASN1_INTEGER, |
| 74 | 0, | 74 | 0, |
| 75 | 0,0,0,0, NULL}; | 75 | 0,0,0,0, NULL}; |
| 76 | 76 | ||
| 77 | static void * s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value) | ||
| 78 | { | ||
| 79 | return s2i_ASN1_INTEGER(meth, value); | ||
| 80 | } | ||
| 81 | |||
| 82 | const X509V3_EXT_METHOD v3_inhibit_anyp = { | ||
| 83 | NID_inhibit_any_policy, 0, ASN1_ITEM_ref(ASN1_INTEGER), | ||
| 84 | 0,0,0,0, | ||
| 85 | (X509V3_EXT_I2S)i2s_ASN1_INTEGER, | ||
| 86 | (X509V3_EXT_S2I)s2i_asn1_int, | ||
| 87 | 0,0,0,0, NULL}; | ||
| 88 | |||
| 89 | |||
diff --git a/src/lib/libcrypto/x509v3/v3_lib.c b/src/lib/libcrypto/x509v3/v3_lib.c index ca5a4a4a57..f3015ea610 100644 --- a/src/lib/libcrypto/x509v3/v3_lib.c +++ b/src/lib/libcrypto/x509v3/v3_lib.c | |||
| @@ -162,7 +162,8 @@ int X509V3_add_standard_extensions(void) | |||
| 162 | void *X509V3_EXT_d2i(X509_EXTENSION *ext) | 162 | void *X509V3_EXT_d2i(X509_EXTENSION *ext) |
| 163 | { | 163 | { |
| 164 | X509V3_EXT_METHOD *method; | 164 | X509V3_EXT_METHOD *method; |
| 165 | unsigned char *p; | 165 | const unsigned char *p; |
| 166 | |||
| 166 | if(!(method = X509V3_EXT_get(ext))) return NULL; | 167 | if(!(method = X509V3_EXT_get(ext))) return NULL; |
| 167 | p = ext->value->data; | 168 | p = ext->value->data; |
| 168 | if(method->it) return ASN1_item_d2i(NULL, &p, ext->value->length, ASN1_ITEM_ptr(method->it)); | 169 | if(method->it) return ASN1_item_d2i(NULL, &p, ext->value->length, ASN1_ITEM_ptr(method->it)); |
| @@ -276,7 +277,7 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, | |||
| 276 | ext = X509V3_EXT_i2d(nid, crit, value); | 277 | ext = X509V3_EXT_i2d(nid, crit, value); |
| 277 | 278 | ||
| 278 | if(!ext) { | 279 | if(!ext) { |
| 279 | X509V3err(X509V3_F_X509V3_ADD_I2D, X509V3_R_ERROR_CREATING_EXTENSION); | 280 | X509V3err(X509V3_F_X509V3_ADD1_I2D, X509V3_R_ERROR_CREATING_EXTENSION); |
| 280 | return 0; | 281 | return 0; |
| 281 | } | 282 | } |
| 282 | 283 | ||
| @@ -295,7 +296,7 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, | |||
| 295 | 296 | ||
| 296 | err: | 297 | err: |
| 297 | if(!(flags & X509V3_ADD_SILENT)) | 298 | if(!(flags & X509V3_ADD_SILENT)) |
| 298 | X509V3err(X509V3_F_X509V3_ADD_I2D, errcode); | 299 | X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode); |
| 299 | return 0; | 300 | return 0; |
| 300 | } | 301 | } |
| 301 | 302 | ||
diff --git a/src/lib/libcrypto/x509v3/v3_ocsp.c b/src/lib/libcrypto/x509v3/v3_ocsp.c index 21badc13f9..62aac06335 100644 --- a/src/lib/libcrypto/x509v3/v3_ocsp.c +++ b/src/lib/libcrypto/x509v3/v3_ocsp.c | |||
| @@ -74,15 +74,15 @@ static int i2r_object(X509V3_EXT_METHOD *method, void *obj, BIO *out, int indent | |||
| 74 | 74 | ||
| 75 | static void *ocsp_nonce_new(void); | 75 | static void *ocsp_nonce_new(void); |
| 76 | static int i2d_ocsp_nonce(void *a, unsigned char **pp); | 76 | static int i2d_ocsp_nonce(void *a, unsigned char **pp); |
| 77 | static void *d2i_ocsp_nonce(void *a, unsigned char **pp, long length); | 77 | static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length); |
| 78 | static void ocsp_nonce_free(void *a); | 78 | static void ocsp_nonce_free(void *a); |
| 79 | static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent); | 79 | static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent); |
| 80 | 80 | ||
| 81 | static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent); | 81 | static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent); |
| 82 | static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); | 82 | static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str); |
| 83 | static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind); | 83 | static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind); |
| 84 | 84 | ||
| 85 | X509V3_EXT_METHOD v3_ocsp_crlid = { | 85 | const X509V3_EXT_METHOD v3_ocsp_crlid = { |
| 86 | NID_id_pkix_OCSP_CrlID, 0, ASN1_ITEM_ref(OCSP_CRLID), | 86 | NID_id_pkix_OCSP_CrlID, 0, ASN1_ITEM_ref(OCSP_CRLID), |
| 87 | 0,0,0,0, | 87 | 0,0,0,0, |
| 88 | 0,0, | 88 | 0,0, |
| @@ -91,7 +91,7 @@ X509V3_EXT_METHOD v3_ocsp_crlid = { | |||
| 91 | NULL | 91 | NULL |
| 92 | }; | 92 | }; |
| 93 | 93 | ||
| 94 | X509V3_EXT_METHOD v3_ocsp_acutoff = { | 94 | const X509V3_EXT_METHOD v3_ocsp_acutoff = { |
| 95 | NID_id_pkix_OCSP_archiveCutoff, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME), | 95 | NID_id_pkix_OCSP_archiveCutoff, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME), |
| 96 | 0,0,0,0, | 96 | 0,0,0,0, |
| 97 | 0,0, | 97 | 0,0, |
| @@ -100,7 +100,7 @@ X509V3_EXT_METHOD v3_ocsp_acutoff = { | |||
| 100 | NULL | 100 | NULL |
| 101 | }; | 101 | }; |
| 102 | 102 | ||
| 103 | X509V3_EXT_METHOD v3_crl_invdate = { | 103 | const X509V3_EXT_METHOD v3_crl_invdate = { |
| 104 | NID_invalidity_date, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME), | 104 | NID_invalidity_date, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME), |
| 105 | 0,0,0,0, | 105 | 0,0,0,0, |
| 106 | 0,0, | 106 | 0,0, |
| @@ -109,7 +109,7 @@ X509V3_EXT_METHOD v3_crl_invdate = { | |||
| 109 | NULL | 109 | NULL |
| 110 | }; | 110 | }; |
| 111 | 111 | ||
| 112 | X509V3_EXT_METHOD v3_crl_hold = { | 112 | const X509V3_EXT_METHOD v3_crl_hold = { |
| 113 | NID_hold_instruction_code, 0, ASN1_ITEM_ref(ASN1_OBJECT), | 113 | NID_hold_instruction_code, 0, ASN1_ITEM_ref(ASN1_OBJECT), |
| 114 | 0,0,0,0, | 114 | 0,0,0,0, |
| 115 | 0,0, | 115 | 0,0, |
| @@ -118,7 +118,7 @@ X509V3_EXT_METHOD v3_crl_hold = { | |||
| 118 | NULL | 118 | NULL |
| 119 | }; | 119 | }; |
| 120 | 120 | ||
| 121 | X509V3_EXT_METHOD v3_ocsp_nonce = { | 121 | const X509V3_EXT_METHOD v3_ocsp_nonce = { |
| 122 | NID_id_pkix_OCSP_Nonce, 0, NULL, | 122 | NID_id_pkix_OCSP_Nonce, 0, NULL, |
| 123 | ocsp_nonce_new, | 123 | ocsp_nonce_new, |
| 124 | ocsp_nonce_free, | 124 | ocsp_nonce_free, |
| @@ -130,7 +130,7 @@ X509V3_EXT_METHOD v3_ocsp_nonce = { | |||
| 130 | NULL | 130 | NULL |
| 131 | }; | 131 | }; |
| 132 | 132 | ||
| 133 | X509V3_EXT_METHOD v3_ocsp_nocheck = { | 133 | const X509V3_EXT_METHOD v3_ocsp_nocheck = { |
| 134 | NID_id_pkix_OCSP_noCheck, 0, ASN1_ITEM_ref(ASN1_NULL), | 134 | NID_id_pkix_OCSP_noCheck, 0, ASN1_ITEM_ref(ASN1_NULL), |
| 135 | 0,0,0,0, | 135 | 0,0,0,0, |
| 136 | 0,s2i_ocsp_nocheck, | 136 | 0,s2i_ocsp_nocheck, |
| @@ -139,7 +139,7 @@ X509V3_EXT_METHOD v3_ocsp_nocheck = { | |||
| 139 | NULL | 139 | NULL |
| 140 | }; | 140 | }; |
| 141 | 141 | ||
| 142 | X509V3_EXT_METHOD v3_ocsp_serviceloc = { | 142 | const X509V3_EXT_METHOD v3_ocsp_serviceloc = { |
| 143 | NID_id_pkix_OCSP_serviceLocator, 0, ASN1_ITEM_ref(OCSP_SERVICELOC), | 143 | NID_id_pkix_OCSP_serviceLocator, 0, ASN1_ITEM_ref(OCSP_SERVICELOC), |
| 144 | 0,0,0,0, | 144 | 0,0,0,0, |
| 145 | 0,0, | 145 | 0,0, |
| @@ -208,7 +208,7 @@ static int i2d_ocsp_nonce(void *a, unsigned char **pp) | |||
| 208 | return os->length; | 208 | return os->length; |
| 209 | } | 209 | } |
| 210 | 210 | ||
| 211 | static void *d2i_ocsp_nonce(void *a, unsigned char **pp, long length) | 211 | static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length) |
| 212 | { | 212 | { |
| 213 | ASN1_OCTET_STRING *os, **pos; | 213 | ASN1_OCTET_STRING *os, **pos; |
| 214 | pos = a; | 214 | pos = a; |
| @@ -246,7 +246,7 @@ static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, | |||
| 246 | return 1; | 246 | return 1; |
| 247 | } | 247 | } |
| 248 | 248 | ||
| 249 | static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str) | 249 | static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str) |
| 250 | { | 250 | { |
| 251 | return ASN1_NULL_new(); | 251 | return ASN1_NULL_new(); |
| 252 | } | 252 | } |
diff --git a/src/lib/libcrypto/x509v3/v3_pku.c b/src/lib/libcrypto/x509v3/v3_pku.c index 49a2e4697a..5c4626e89b 100644 --- a/src/lib/libcrypto/x509v3/v3_pku.c +++ b/src/lib/libcrypto/x509v3/v3_pku.c | |||
| @@ -66,7 +66,7 @@ static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *u | |||
| 66 | /* | 66 | /* |
| 67 | static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); | 67 | static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); |
| 68 | */ | 68 | */ |
| 69 | X509V3_EXT_METHOD v3_pkey_usage_period = { | 69 | const X509V3_EXT_METHOD v3_pkey_usage_period = { |
| 70 | NID_private_key_usage_period, 0, ASN1_ITEM_ref(PKEY_USAGE_PERIOD), | 70 | NID_private_key_usage_period, 0, ASN1_ITEM_ref(PKEY_USAGE_PERIOD), |
| 71 | 0,0,0,0, | 71 | 0,0,0,0, |
| 72 | 0,0,0,0, | 72 | 0,0,0,0, |
diff --git a/src/lib/libcrypto/x509v3/v3_prn.c b/src/lib/libcrypto/x509v3/v3_prn.c index 5d268eb768..20bd9bda19 100644 --- a/src/lib/libcrypto/x509v3/v3_prn.c +++ b/src/lib/libcrypto/x509v3/v3_prn.c | |||
| @@ -109,10 +109,11 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde | |||
| 109 | { | 109 | { |
| 110 | void *ext_str = NULL; | 110 | void *ext_str = NULL; |
| 111 | char *value = NULL; | 111 | char *value = NULL; |
| 112 | unsigned char *p; | 112 | const unsigned char *p; |
| 113 | X509V3_EXT_METHOD *method; | 113 | X509V3_EXT_METHOD *method; |
| 114 | STACK_OF(CONF_VALUE) *nval = NULL; | 114 | STACK_OF(CONF_VALUE) *nval = NULL; |
| 115 | int ok = 1; | 115 | int ok = 1; |
| 116 | |||
| 116 | if(!(method = X509V3_EXT_get(ext))) | 117 | if(!(method = X509V3_EXT_get(ext))) |
| 117 | return unknown_ext_print(out, ext, flag, indent, 0); | 118 | return unknown_ext_print(out, ext, flag, indent, 0); |
| 118 | p = ext->value->data; | 119 | p = ext->value->data; |
| @@ -182,7 +183,7 @@ int X509V3_extensions_print(BIO *bp, char *title, STACK_OF(X509_EXTENSION) *exts | |||
| 182 | obj=X509_EXTENSION_get_object(ex); | 183 | obj=X509_EXTENSION_get_object(ex); |
| 183 | i2a_ASN1_OBJECT(bp,obj); | 184 | i2a_ASN1_OBJECT(bp,obj); |
| 184 | j=X509_EXTENSION_get_critical(ex); | 185 | j=X509_EXTENSION_get_critical(ex); |
| 185 | if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0) | 186 | if (BIO_printf(bp,": %s\n",j?"critical":"") <= 0) |
| 186 | return 0; | 187 | return 0; |
| 187 | if(!X509V3_EXT_print(bp, ex, flag, indent + 4)) | 188 | if(!X509V3_EXT_print(bp, ex, flag, indent + 4)) |
| 188 | { | 189 | { |
diff --git a/src/lib/libcrypto/x509v3/v3_purp.c b/src/lib/libcrypto/x509v3/v3_purp.c index bbdf6da493..b2f5cdfa05 100644 --- a/src/lib/libcrypto/x509v3/v3_purp.c +++ b/src/lib/libcrypto/x509v3/v3_purp.c | |||
| @@ -139,7 +139,7 @@ int X509_PURPOSE_get_count(void) | |||
| 139 | X509_PURPOSE * X509_PURPOSE_get0(int idx) | 139 | X509_PURPOSE * X509_PURPOSE_get0(int idx) |
| 140 | { | 140 | { |
| 141 | if(idx < 0) return NULL; | 141 | if(idx < 0) return NULL; |
| 142 | if(idx < X509_PURPOSE_COUNT) return xstandard + idx; | 142 | if(idx < (int)X509_PURPOSE_COUNT) return xstandard + idx; |
| 143 | return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT); | 143 | return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT); |
| 144 | } | 144 | } |
| 145 | 145 | ||
| @@ -239,7 +239,7 @@ static void xptable_free(X509_PURPOSE *p) | |||
| 239 | 239 | ||
| 240 | void X509_PURPOSE_cleanup(void) | 240 | void X509_PURPOSE_cleanup(void) |
| 241 | { | 241 | { |
| 242 | int i; | 242 | unsigned int i; |
| 243 | sk_X509_PURPOSE_pop_free(xptable, xptable_free); | 243 | sk_X509_PURPOSE_pop_free(xptable, xptable_free); |
| 244 | for(i = 0; i < X509_PURPOSE_COUNT; i++) xptable_free(xstandard + i); | 244 | for(i = 0; i < X509_PURPOSE_COUNT; i++) xptable_free(xstandard + i); |
| 245 | xptable = NULL; | 245 | xptable = NULL; |
| @@ -285,7 +285,12 @@ int X509_supported_extension(X509_EXTENSION *ex) | |||
| 285 | NID_key_usage, /* 83 */ | 285 | NID_key_usage, /* 83 */ |
| 286 | NID_subject_alt_name, /* 85 */ | 286 | NID_subject_alt_name, /* 85 */ |
| 287 | NID_basic_constraints, /* 87 */ | 287 | NID_basic_constraints, /* 87 */ |
| 288 | NID_certificate_policies, /* 89 */ | ||
| 288 | NID_ext_key_usage, /* 126 */ | 289 | NID_ext_key_usage, /* 126 */ |
| 290 | #ifndef OPENSSL_NO_RFC3779 | ||
| 291 | NID_sbgp_ipAddrBlock, /* 290 */ | ||
| 292 | NID_sbgp_autonomousSysNum, /* 291 */ | ||
| 293 | #endif | ||
| 289 | NID_proxyCertInfo /* 661 */ | 294 | NID_proxyCertInfo /* 661 */ |
| 290 | }; | 295 | }; |
| 291 | 296 | ||
| @@ -343,6 +348,10 @@ static void x509v3_cache_extensions(X509 *x) | |||
| 343 | || X509_get_ext_by_NID(x, NID_issuer_alt_name, 0) >= 0) { | 348 | || X509_get_ext_by_NID(x, NID_issuer_alt_name, 0) >= 0) { |
| 344 | x->ex_flags |= EXFLAG_INVALID; | 349 | x->ex_flags |= EXFLAG_INVALID; |
| 345 | } | 350 | } |
| 351 | if (pci->pcPathLengthConstraint) { | ||
| 352 | x->ex_pcpathlen = | ||
| 353 | ASN1_INTEGER_get(pci->pcPathLengthConstraint); | ||
| 354 | } else x->ex_pcpathlen = -1; | ||
| 346 | PROXY_CERT_INFO_EXTENSION_free(pci); | 355 | PROXY_CERT_INFO_EXTENSION_free(pci); |
| 347 | x->ex_flags |= EXFLAG_PROXY; | 356 | x->ex_flags |= EXFLAG_PROXY; |
| 348 | } | 357 | } |
| @@ -406,6 +415,11 @@ static void x509v3_cache_extensions(X509 *x) | |||
| 406 | } | 415 | } |
| 407 | x->skid =X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL); | 416 | x->skid =X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL); |
| 408 | x->akid =X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL); | 417 | x->akid =X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL); |
| 418 | #ifndef OPENSSL_NO_RFC3779 | ||
| 419 | x->rfc3779_addr =X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, NULL, NULL); | ||
| 420 | x->rfc3779_asid =X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum, | ||
| 421 | NULL, NULL); | ||
| 422 | #endif | ||
| 409 | for (i = 0; i < X509_get_ext_count(x); i++) | 423 | for (i = 0; i < X509_get_ext_count(x); i++) |
| 410 | { | 424 | { |
| 411 | ex = X509_get_ext(x, i); | 425 | ex = X509_get_ext(x, i); |
diff --git a/src/lib/libcrypto/x509v3/v3_skey.c b/src/lib/libcrypto/x509v3/v3_skey.c index c0f044ac1b..da0a3558f6 100644 --- a/src/lib/libcrypto/x509v3/v3_skey.c +++ b/src/lib/libcrypto/x509v3/v3_skey.c | |||
| @@ -62,7 +62,7 @@ | |||
| 62 | #include <openssl/x509v3.h> | 62 | #include <openssl/x509v3.h> |
| 63 | 63 | ||
| 64 | static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); | 64 | static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); |
| 65 | X509V3_EXT_METHOD v3_skey_id = { | 65 | const X509V3_EXT_METHOD v3_skey_id = { |
| 66 | NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING), | 66 | NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING), |
| 67 | 0,0,0,0, | 67 | 0,0,0,0, |
| 68 | (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING, | 68 | (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING, |
| @@ -109,14 +109,14 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, | |||
| 109 | if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str); | 109 | if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str); |
| 110 | 110 | ||
| 111 | if(!(oct = M_ASN1_OCTET_STRING_new())) { | 111 | if(!(oct = M_ASN1_OCTET_STRING_new())) { |
| 112 | X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); | 112 | X509V3err(X509V3_F_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); |
| 113 | return NULL; | 113 | return NULL; |
| 114 | } | 114 | } |
| 115 | 115 | ||
| 116 | if(ctx && (ctx->flags == CTX_TEST)) return oct; | 116 | if(ctx && (ctx->flags == CTX_TEST)) return oct; |
| 117 | 117 | ||
| 118 | if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) { | 118 | if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) { |
| 119 | X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); | 119 | X509V3err(X509V3_F_S2I_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); |
| 120 | goto err; | 120 | goto err; |
| 121 | } | 121 | } |
| 122 | 122 | ||
| @@ -125,14 +125,14 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, | |||
| 125 | else pk = ctx->subject_cert->cert_info->key->public_key; | 125 | else pk = ctx->subject_cert->cert_info->key->public_key; |
| 126 | 126 | ||
| 127 | if(!pk) { | 127 | if(!pk) { |
| 128 | X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); | 128 | X509V3err(X509V3_F_S2I_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); |
| 129 | goto err; | 129 | goto err; |
| 130 | } | 130 | } |
| 131 | 131 | ||
| 132 | EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL); | 132 | EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL); |
| 133 | 133 | ||
| 134 | if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { | 134 | if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { |
| 135 | X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); | 135 | X509V3err(X509V3_F_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); |
| 136 | goto err; | 136 | goto err; |
| 137 | } | 137 | } |
| 138 | 138 | ||
diff --git a/src/lib/libcrypto/x509v3/v3_sxnet.c b/src/lib/libcrypto/x509v3/v3_sxnet.c index d3f4ba3a72..eaea9ea01b 100644 --- a/src/lib/libcrypto/x509v3/v3_sxnet.c +++ b/src/lib/libcrypto/x509v3/v3_sxnet.c | |||
| @@ -72,7 +72,7 @@ static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent) | |||
| 72 | static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | 72 | static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, |
| 73 | STACK_OF(CONF_VALUE) *nval); | 73 | STACK_OF(CONF_VALUE) *nval); |
| 74 | #endif | 74 | #endif |
| 75 | X509V3_EXT_METHOD v3_sxnet = { | 75 | const X509V3_EXT_METHOD v3_sxnet = { |
| 76 | NID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET), | 76 | NID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET), |
| 77 | 0,0,0,0, | 77 | 0,0,0,0, |
| 78 | 0,0, | 78 | 0,0, |
| @@ -109,7 +109,7 @@ static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, | |||
| 109 | SXNETID *id; | 109 | SXNETID *id; |
| 110 | int i; | 110 | int i; |
| 111 | v = ASN1_INTEGER_get(sx->version); | 111 | v = ASN1_INTEGER_get(sx->version); |
| 112 | BIO_printf(out, "%*sVersion: %d (0x%X)", indent, "", v + 1, v); | 112 | BIO_printf(out, "%*sVersion: %ld (0x%lX)", indent, "", v + 1, v); |
| 113 | for(i = 0; i < sk_SXNETID_num(sx->ids); i++) { | 113 | for(i = 0; i < sk_SXNETID_num(sx->ids); i++) { |
| 114 | id = sk_SXNETID_value(sx->ids, i); | 114 | id = sk_SXNETID_value(sx->ids, i); |
| 115 | tmp = i2s_ASN1_INTEGER(NULL, id->zone); | 115 | tmp = i2s_ASN1_INTEGER(NULL, id->zone); |
| @@ -154,7 +154,7 @@ int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, | |||
| 154 | { | 154 | { |
| 155 | ASN1_INTEGER *izone = NULL; | 155 | ASN1_INTEGER *izone = NULL; |
| 156 | if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) { | 156 | if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) { |
| 157 | X509V3err(X509V3_F_SXNET_ADD_ASC,X509V3_R_ERROR_CONVERTING_ZONE); | 157 | X509V3err(X509V3_F_SXNET_ADD_ID_ASC,X509V3_R_ERROR_CONVERTING_ZONE); |
| 158 | return 0; | 158 | return 0; |
| 159 | } | 159 | } |
| 160 | return SXNET_add_id_INTEGER(psx, izone, user, userlen); | 160 | return SXNET_add_id_INTEGER(psx, izone, user, userlen); |
diff --git a/src/lib/libcrypto/x509v3/v3_utl.c b/src/lib/libcrypto/x509v3/v3_utl.c index f23a8d29a0..57be441399 100644 --- a/src/lib/libcrypto/x509v3/v3_utl.c +++ b/src/lib/libcrypto/x509v3/v3_utl.c | |||
| @@ -1,9 +1,9 @@ | |||
| 1 | /* v3_utl.c */ | 1 | /* v3_utl.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL |
| 3 | * project 1999. | 3 | * project. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -63,6 +63,7 @@ | |||
| 63 | #include "cryptlib.h" | 63 | #include "cryptlib.h" |
| 64 | #include <openssl/conf.h> | 64 | #include <openssl/conf.h> |
| 65 | #include <openssl/x509v3.h> | 65 | #include <openssl/x509v3.h> |
| 66 | #include <openssl/bn.h> | ||
| 66 | 67 | ||
| 67 | static char *strip_spaces(char *name); | 68 | static char *strip_spaces(char *name); |
| 68 | static int sk_strcmp(const char * const *a, const char * const *b); | 69 | static int sk_strcmp(const char * const *a, const char * const *b); |
| @@ -70,6 +71,11 @@ static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens); | |||
| 70 | static void str_free(void *str); | 71 | static void str_free(void *str); |
| 71 | static int append_ia5(STACK **sk, ASN1_IA5STRING *email); | 72 | static int append_ia5(STACK **sk, ASN1_IA5STRING *email); |
| 72 | 73 | ||
| 74 | static int ipv4_from_asc(unsigned char *v4, const char *in); | ||
| 75 | static int ipv6_from_asc(unsigned char *v6, const char *in); | ||
| 76 | static int ipv6_cb(const char *elem, int len, void *usr); | ||
| 77 | static int ipv6_hex(unsigned char *out, const char *in, int inlen); | ||
| 78 | |||
| 73 | /* Add a CONF_VALUE name value pair to stack */ | 79 | /* Add a CONF_VALUE name value pair to stack */ |
| 74 | 80 | ||
| 75 | int X509V3_add_value(const char *name, const char *value, | 81 | int X509V3_add_value(const char *name, const char *value, |
| @@ -156,11 +162,11 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) | |||
| 156 | ASN1_INTEGER *aint; | 162 | ASN1_INTEGER *aint; |
| 157 | int isneg, ishex; | 163 | int isneg, ishex; |
| 158 | int ret; | 164 | int ret; |
| 159 | bn = BN_new(); | ||
| 160 | if (!value) { | 165 | if (!value) { |
| 161 | X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_INVALID_NULL_VALUE); | 166 | X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_INVALID_NULL_VALUE); |
| 162 | return 0; | 167 | return 0; |
| 163 | } | 168 | } |
| 169 | bn = BN_new(); | ||
| 164 | if (value[0] == '-') { | 170 | if (value[0] == '-') { |
| 165 | value++; | 171 | value++; |
| 166 | isneg = 1; | 172 | isneg = 1; |
| @@ -174,7 +180,8 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) | |||
| 174 | if (ishex) ret = BN_hex2bn(&bn, value); | 180 | if (ishex) ret = BN_hex2bn(&bn, value); |
| 175 | else ret = BN_dec2bn(&bn, value); | 181 | else ret = BN_dec2bn(&bn, value); |
| 176 | 182 | ||
| 177 | if (!ret) { | 183 | if (!ret || value[ret]) { |
| 184 | BN_free(bn); | ||
| 178 | X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_DEC2BN_ERROR); | 185 | X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_DEC2BN_ERROR); |
| 179 | return 0; | 186 | return 0; |
| 180 | } | 187 | } |
| @@ -358,7 +365,7 @@ char *hex_to_string(unsigned char *buffer, long len) | |||
| 358 | char *tmp, *q; | 365 | char *tmp, *q; |
| 359 | unsigned char *p; | 366 | unsigned char *p; |
| 360 | int i; | 367 | int i; |
| 361 | static char hexdig[] = "0123456789ABCDEF"; | 368 | const static char hexdig[] = "0123456789ABCDEF"; |
| 362 | if(!buffer || !len) return NULL; | 369 | if(!buffer || !len) return NULL; |
| 363 | if(!(tmp = OPENSSL_malloc(len * 3 + 1))) { | 370 | if(!(tmp = OPENSSL_malloc(len * 3 + 1))) { |
| 364 | X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE); | 371 | X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE); |
| @@ -466,6 +473,30 @@ STACK *X509_get1_email(X509 *x) | |||
| 466 | return ret; | 473 | return ret; |
| 467 | } | 474 | } |
| 468 | 475 | ||
| 476 | STACK *X509_get1_ocsp(X509 *x) | ||
| 477 | { | ||
| 478 | AUTHORITY_INFO_ACCESS *info; | ||
| 479 | STACK *ret = NULL; | ||
| 480 | int i; | ||
| 481 | info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL); | ||
| 482 | if (!info) | ||
| 483 | return NULL; | ||
| 484 | for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) | ||
| 485 | { | ||
| 486 | ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i); | ||
| 487 | if (OBJ_obj2nid(ad->method) == NID_ad_OCSP) | ||
| 488 | { | ||
| 489 | if (ad->location->type == GEN_URI) | ||
| 490 | { | ||
| 491 | if (!append_ia5(&ret, ad->location->d.uniformResourceIdentifier)) | ||
| 492 | break; | ||
| 493 | } | ||
| 494 | } | ||
| 495 | } | ||
| 496 | AUTHORITY_INFO_ACCESS_free(info); | ||
| 497 | return ret; | ||
| 498 | } | ||
| 499 | |||
| 469 | STACK *X509_REQ_get1_email(X509_REQ *x) | 500 | STACK *X509_REQ_get1_email(X509_REQ *x) |
| 470 | { | 501 | { |
| 471 | GENERAL_NAMES *gens; | 502 | GENERAL_NAMES *gens; |
| @@ -533,3 +564,305 @@ void X509_email_free(STACK *sk) | |||
| 533 | { | 564 | { |
| 534 | sk_pop_free(sk, str_free); | 565 | sk_pop_free(sk, str_free); |
| 535 | } | 566 | } |
| 567 | |||
| 568 | /* Convert IP addresses both IPv4 and IPv6 into an | ||
| 569 | * OCTET STRING compatible with RFC3280. | ||
| 570 | */ | ||
| 571 | |||
| 572 | ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc) | ||
| 573 | { | ||
| 574 | unsigned char ipout[16]; | ||
| 575 | ASN1_OCTET_STRING *ret; | ||
| 576 | int iplen; | ||
| 577 | |||
| 578 | /* If string contains a ':' assume IPv6 */ | ||
| 579 | |||
| 580 | iplen = a2i_ipadd(ipout, ipasc); | ||
| 581 | |||
| 582 | if (!iplen) | ||
| 583 | return NULL; | ||
| 584 | |||
| 585 | ret = ASN1_OCTET_STRING_new(); | ||
| 586 | if (!ret) | ||
| 587 | return NULL; | ||
| 588 | if (!ASN1_OCTET_STRING_set(ret, ipout, iplen)) | ||
| 589 | { | ||
| 590 | ASN1_OCTET_STRING_free(ret); | ||
| 591 | return NULL; | ||
| 592 | } | ||
| 593 | return ret; | ||
| 594 | } | ||
| 595 | |||
| 596 | ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc) | ||
| 597 | { | ||
| 598 | ASN1_OCTET_STRING *ret = NULL; | ||
| 599 | unsigned char ipout[32]; | ||
| 600 | char *iptmp = NULL, *p; | ||
| 601 | int iplen1, iplen2; | ||
| 602 | p = strchr(ipasc,'/'); | ||
| 603 | if (!p) | ||
| 604 | return NULL; | ||
| 605 | iptmp = BUF_strdup(ipasc); | ||
| 606 | if (!iptmp) | ||
| 607 | return NULL; | ||
| 608 | p = iptmp + (p - ipasc); | ||
| 609 | *p++ = 0; | ||
| 610 | |||
| 611 | iplen1 = a2i_ipadd(ipout, iptmp); | ||
| 612 | |||
| 613 | if (!iplen1) | ||
| 614 | goto err; | ||
| 615 | |||
| 616 | iplen2 = a2i_ipadd(ipout + iplen1, p); | ||
| 617 | |||
| 618 | OPENSSL_free(iptmp); | ||
| 619 | iptmp = NULL; | ||
| 620 | |||
| 621 | if (!iplen2 || (iplen1 != iplen2)) | ||
| 622 | goto err; | ||
| 623 | |||
| 624 | ret = ASN1_OCTET_STRING_new(); | ||
| 625 | if (!ret) | ||
| 626 | goto err; | ||
| 627 | if (!ASN1_OCTET_STRING_set(ret, ipout, iplen1 + iplen2)) | ||
| 628 | goto err; | ||
| 629 | |||
| 630 | return ret; | ||
| 631 | |||
| 632 | err: | ||
| 633 | if (iptmp) | ||
| 634 | OPENSSL_free(iptmp); | ||
| 635 | if (ret) | ||
| 636 | ASN1_OCTET_STRING_free(ret); | ||
| 637 | return NULL; | ||
| 638 | } | ||
| 639 | |||
| 640 | |||
| 641 | int a2i_ipadd(unsigned char *ipout, const char *ipasc) | ||
| 642 | { | ||
| 643 | /* If string contains a ':' assume IPv6 */ | ||
| 644 | |||
| 645 | if (strchr(ipasc, ':')) | ||
| 646 | { | ||
| 647 | if (!ipv6_from_asc(ipout, ipasc)) | ||
| 648 | return 0; | ||
| 649 | return 16; | ||
| 650 | } | ||
| 651 | else | ||
| 652 | { | ||
| 653 | if (!ipv4_from_asc(ipout, ipasc)) | ||
| 654 | return 0; | ||
| 655 | return 4; | ||
| 656 | } | ||
| 657 | } | ||
| 658 | |||
| 659 | static int ipv4_from_asc(unsigned char *v4, const char *in) | ||
| 660 | { | ||
| 661 | int a0, a1, a2, a3; | ||
| 662 | if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4) | ||
| 663 | return 0; | ||
| 664 | if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255) | ||
| 665 | || (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255)) | ||
| 666 | return 0; | ||
| 667 | v4[0] = a0; | ||
| 668 | v4[1] = a1; | ||
| 669 | v4[2] = a2; | ||
| 670 | v4[3] = a3; | ||
| 671 | return 1; | ||
| 672 | } | ||
| 673 | |||
| 674 | typedef struct { | ||
| 675 | /* Temporary store for IPV6 output */ | ||
| 676 | unsigned char tmp[16]; | ||
| 677 | /* Total number of bytes in tmp */ | ||
| 678 | int total; | ||
| 679 | /* The position of a zero (corresponding to '::') */ | ||
| 680 | int zero_pos; | ||
| 681 | /* Number of zeroes */ | ||
| 682 | int zero_cnt; | ||
| 683 | } IPV6_STAT; | ||
| 684 | |||
| 685 | |||
| 686 | static int ipv6_from_asc(unsigned char *v6, const char *in) | ||
| 687 | { | ||
| 688 | IPV6_STAT v6stat; | ||
| 689 | v6stat.total = 0; | ||
| 690 | v6stat.zero_pos = -1; | ||
| 691 | v6stat.zero_cnt = 0; | ||
| 692 | /* Treat the IPv6 representation as a list of values | ||
| 693 | * separated by ':'. The presence of a '::' will parse | ||
| 694 | * as one, two or three zero length elements. | ||
| 695 | */ | ||
| 696 | if (!CONF_parse_list(in, ':', 0, ipv6_cb, &v6stat)) | ||
| 697 | return 0; | ||
| 698 | |||
| 699 | /* Now for some sanity checks */ | ||
| 700 | |||
| 701 | if (v6stat.zero_pos == -1) | ||
| 702 | { | ||
| 703 | /* If no '::' must have exactly 16 bytes */ | ||
| 704 | if (v6stat.total != 16) | ||
| 705 | return 0; | ||
| 706 | } | ||
| 707 | else | ||
| 708 | { | ||
| 709 | /* If '::' must have less than 16 bytes */ | ||
| 710 | if (v6stat.total == 16) | ||
| 711 | return 0; | ||
| 712 | /* More than three zeroes is an error */ | ||
| 713 | if (v6stat.zero_cnt > 3) | ||
| 714 | return 0; | ||
| 715 | /* Can only have three zeroes if nothing else present */ | ||
| 716 | else if (v6stat.zero_cnt == 3) | ||
| 717 | { | ||
| 718 | if (v6stat.total > 0) | ||
| 719 | return 0; | ||
| 720 | } | ||
| 721 | /* Can only have two zeroes if at start or end */ | ||
| 722 | else if (v6stat.zero_cnt == 2) | ||
| 723 | { | ||
| 724 | if ((v6stat.zero_pos != 0) | ||
| 725 | && (v6stat.zero_pos != v6stat.total)) | ||
| 726 | return 0; | ||
| 727 | } | ||
| 728 | else | ||
| 729 | /* Can only have one zero if *not* start or end */ | ||
| 730 | { | ||
| 731 | if ((v6stat.zero_pos == 0) | ||
| 732 | || (v6stat.zero_pos == v6stat.total)) | ||
| 733 | return 0; | ||
| 734 | } | ||
| 735 | } | ||
| 736 | |||
| 737 | /* Format result */ | ||
| 738 | |||
| 739 | /* Copy initial part */ | ||
| 740 | if (v6stat.zero_pos > 0) | ||
| 741 | memcpy(v6, v6stat.tmp, v6stat.zero_pos); | ||
| 742 | /* Zero middle */ | ||
| 743 | if (v6stat.total != 16) | ||
| 744 | memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total); | ||
| 745 | /* Copy final part */ | ||
| 746 | if (v6stat.total != v6stat.zero_pos) | ||
| 747 | memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total, | ||
| 748 | v6stat.tmp + v6stat.zero_pos, | ||
| 749 | v6stat.total - v6stat.zero_pos); | ||
| 750 | |||
| 751 | return 1; | ||
| 752 | } | ||
| 753 | |||
| 754 | static int ipv6_cb(const char *elem, int len, void *usr) | ||
| 755 | { | ||
| 756 | IPV6_STAT *s = usr; | ||
| 757 | /* Error if 16 bytes written */ | ||
| 758 | if (s->total == 16) | ||
| 759 | return 0; | ||
| 760 | if (len == 0) | ||
| 761 | { | ||
| 762 | /* Zero length element, corresponds to '::' */ | ||
| 763 | if (s->zero_pos == -1) | ||
| 764 | s->zero_pos = s->total; | ||
| 765 | /* If we've already got a :: its an error */ | ||
| 766 | else if (s->zero_pos != s->total) | ||
| 767 | return 0; | ||
| 768 | s->zero_cnt++; | ||
| 769 | } | ||
| 770 | else | ||
| 771 | { | ||
| 772 | /* If more than 4 characters could be final a.b.c.d form */ | ||
| 773 | if (len > 4) | ||
| 774 | { | ||
| 775 | /* Need at least 4 bytes left */ | ||
| 776 | if (s->total > 12) | ||
| 777 | return 0; | ||
| 778 | /* Must be end of string */ | ||
| 779 | if (elem[len]) | ||
| 780 | return 0; | ||
| 781 | if (!ipv4_from_asc(s->tmp + s->total, elem)) | ||
| 782 | return 0; | ||
| 783 | s->total += 4; | ||
| 784 | } | ||
| 785 | else | ||
| 786 | { | ||
| 787 | if (!ipv6_hex(s->tmp + s->total, elem, len)) | ||
| 788 | return 0; | ||
| 789 | s->total += 2; | ||
| 790 | } | ||
| 791 | } | ||
| 792 | return 1; | ||
| 793 | } | ||
| 794 | |||
| 795 | /* Convert a string of up to 4 hex digits into the corresponding | ||
| 796 | * IPv6 form. | ||
| 797 | */ | ||
| 798 | |||
| 799 | static int ipv6_hex(unsigned char *out, const char *in, int inlen) | ||
| 800 | { | ||
| 801 | unsigned char c; | ||
| 802 | unsigned int num = 0; | ||
| 803 | if (inlen > 4) | ||
| 804 | return 0; | ||
| 805 | while(inlen--) | ||
| 806 | { | ||
| 807 | c = *in++; | ||
| 808 | num <<= 4; | ||
| 809 | if ((c >= '0') && (c <= '9')) | ||
| 810 | num |= c - '0'; | ||
| 811 | else if ((c >= 'A') && (c <= 'F')) | ||
| 812 | num |= c - 'A' + 10; | ||
| 813 | else if ((c >= 'a') && (c <= 'f')) | ||
| 814 | num |= c - 'a' + 10; | ||
| 815 | else | ||
| 816 | return 0; | ||
| 817 | } | ||
| 818 | out[0] = num >> 8; | ||
| 819 | out[1] = num & 0xff; | ||
| 820 | return 1; | ||
| 821 | } | ||
| 822 | |||
| 823 | |||
| 824 | int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, | ||
| 825 | unsigned long chtype) | ||
| 826 | { | ||
| 827 | CONF_VALUE *v; | ||
| 828 | int i, mval; | ||
| 829 | char *p, *type; | ||
| 830 | if (!nm) | ||
| 831 | return 0; | ||
| 832 | |||
| 833 | for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) | ||
| 834 | { | ||
| 835 | v=sk_CONF_VALUE_value(dn_sk,i); | ||
| 836 | type=v->name; | ||
| 837 | /* Skip past any leading X. X: X, etc to allow for | ||
| 838 | * multiple instances | ||
| 839 | */ | ||
| 840 | for(p = type; *p ; p++) | ||
| 841 | #ifndef CHARSET_EBCDIC | ||
| 842 | if ((*p == ':') || (*p == ',') || (*p == '.')) | ||
| 843 | #else | ||
| 844 | if ((*p == os_toascii[':']) || (*p == os_toascii[',']) || (*p == os_toascii['.'])) | ||
| 845 | #endif | ||
| 846 | { | ||
| 847 | p++; | ||
| 848 | if(*p) type = p; | ||
| 849 | break; | ||
| 850 | } | ||
| 851 | #ifndef CHARSET_EBCDIC | ||
| 852 | if (*type == '+') | ||
| 853 | #else | ||
| 854 | if (*type == os_toascii['+']) | ||
| 855 | #endif | ||
| 856 | { | ||
| 857 | mval = -1; | ||
| 858 | type++; | ||
| 859 | } | ||
| 860 | else | ||
| 861 | mval = 0; | ||
| 862 | if (!X509_NAME_add_entry_by_txt(nm,type, chtype, | ||
| 863 | (unsigned char *) v->value,-1,-1,mval)) | ||
| 864 | return 0; | ||
| 865 | |||
| 866 | } | ||
| 867 | return 1; | ||
| 868 | } | ||
diff --git a/src/lib/libcrypto/x509v3/v3err.c b/src/lib/libcrypto/x509v3/v3err.c index e1edaf5248..d538ad8b80 100644 --- a/src/lib/libcrypto/x509v3/v3err.c +++ b/src/lib/libcrypto/x509v3/v3err.c | |||
| @@ -70,10 +70,15 @@ | |||
| 70 | 70 | ||
| 71 | static ERR_STRING_DATA X509V3_str_functs[]= | 71 | static ERR_STRING_DATA X509V3_str_functs[]= |
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE), "ASIDENTIFIERCHOICE_CANONIZE"}, | ||
| 74 | {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL), "ASIDENTIFIERCHOICE_IS_CANONICAL"}, | ||
| 73 | {ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"}, | 75 | {ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"}, |
| 74 | {ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"}, | 76 | {ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"}, |
| 77 | {ERR_FUNC(X509V3_F_DO_DIRNAME), "DO_DIRNAME"}, | ||
| 75 | {ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"}, | 78 | {ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"}, |
| 76 | {ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"}, | 79 | {ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"}, |
| 80 | {ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"}, | ||
| 81 | {ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"}, | ||
| 77 | {ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"}, | 82 | {ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"}, |
| 78 | {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"}, | 83 | {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"}, |
| 79 | {ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"}, | 84 | {ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"}, |
| @@ -82,34 +87,46 @@ static ERR_STRING_DATA X509V3_str_functs[]= | |||
| 82 | {ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"}, | 87 | {ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"}, |
| 83 | {ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"}, | 88 | {ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"}, |
| 84 | {ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"}, | 89 | {ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"}, |
| 90 | {ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE), "PROCESS_PCI_VALUE"}, | ||
| 85 | {ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"}, | 91 | {ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"}, |
| 86 | {ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"}, | 92 | {ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"}, |
| 87 | {ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"}, | 93 | {ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"}, |
| 88 | {ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"}, | 94 | {ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"}, |
| 89 | {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"}, | 95 | {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"}, |
| 90 | {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"}, | 96 | {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"}, |
| 91 | {ERR_FUNC(X509V3_F_S2I_S2I_SKEY_ID), "S2I_S2I_SKEY_ID"}, | 97 | {ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"}, |
| 92 | {ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"}, | 98 | {ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"}, |
| 93 | {ERR_FUNC(X509V3_F_SXNET_ADD_ASC), "SXNET_ADD_ASC"}, | 99 | {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"}, |
| 94 | {ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"}, | 100 | {ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"}, |
| 95 | {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"}, | 101 | {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"}, |
| 96 | {ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"}, | 102 | {ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"}, |
| 97 | {ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"}, | 103 | {ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"}, |
| 98 | {ERR_FUNC(X509V3_F_V2I_ACCESS_DESCRIPTION), "V2I_ACCESS_DESCRIPTION"}, | 104 | {ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS), "V2I_ASIDENTIFIERS"}, |
| 99 | {ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "V2I_ASN1_BIT_STRING"}, | 105 | {ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "v2i_ASN1_BIT_STRING"}, |
| 106 | {ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS), "V2I_AUTHORITY_INFO_ACCESS"}, | ||
| 100 | {ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"}, | 107 | {ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"}, |
| 101 | {ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"}, | 108 | {ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"}, |
| 102 | {ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"}, | 109 | {ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"}, |
| 103 | {ERR_FUNC(X509V3_F_V2I_EXT_KU), "V2I_EXT_KU"}, | 110 | {ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"}, |
| 104 | {ERR_FUNC(X509V3_F_V2I_GENERAL_NAME), "v2i_GENERAL_NAME"}, | ||
| 105 | {ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"}, | 111 | {ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"}, |
| 112 | {ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"}, | ||
| 113 | {ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"}, | ||
| 114 | {ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"}, | ||
| 115 | {ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"}, | ||
| 116 | {ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"}, | ||
| 117 | {ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "V2I_POLICY_MAPPINGS"}, | ||
| 118 | {ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "V2I_SUBJECT_ALT"}, | ||
| 119 | {ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL), "V3_ADDR_VALIDATE_PATH_INTERNAL"}, | ||
| 106 | {ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"}, | 120 | {ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"}, |
| 107 | {ERR_FUNC(X509V3_F_X509V3_ADD_I2D), "X509V3_ADD_I2D"}, | 121 | {ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"}, |
| 108 | {ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"}, | 122 | {ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"}, |
| 109 | {ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"}, | 123 | {ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"}, |
| 110 | {ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"}, | 124 | {ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"}, |
| 111 | {ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"}, | 125 | {ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"}, |
| 112 | {ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"}, | 126 | {ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"}, |
| 127 | {ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"}, | ||
| 128 | {ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"}, | ||
| 129 | {ERR_FUNC(X509V3_F_X509V3_GET_STRING), "X509V3_get_string"}, | ||
| 113 | {ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"}, | 130 | {ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"}, |
| 114 | {ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"}, | 131 | {ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"}, |
| 115 | {ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"}, | 132 | {ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"}, |
| @@ -123,6 +140,7 @@ static ERR_STRING_DATA X509V3_str_reasons[]= | |||
| 123 | {ERR_REASON(X509V3_R_BAD_OBJECT) ,"bad object"}, | 140 | {ERR_REASON(X509V3_R_BAD_OBJECT) ,"bad object"}, |
| 124 | {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) ,"bn dec2bn error"}, | 141 | {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) ,"bn dec2bn error"}, |
| 125 | {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),"bn to asn1 integer error"}, | 142 | {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),"bn to asn1 integer error"}, |
| 143 | {ERR_REASON(X509V3_R_DIRNAME_ERROR) ,"dirname error"}, | ||
| 126 | {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) ,"duplicate zone id"}, | 144 | {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) ,"duplicate zone id"}, |
| 127 | {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE),"error converting zone"}, | 145 | {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE),"error converting zone"}, |
| 128 | {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),"error creating extension"}, | 146 | {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),"error creating extension"}, |
| @@ -133,10 +151,15 @@ static ERR_STRING_DATA X509V3_str_reasons[]= | |||
| 133 | {ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND),"extension not found"}, | 151 | {ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND),"extension not found"}, |
| 134 | {ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),"extension setting not supported"}, | 152 | {ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),"extension setting not supported"}, |
| 135 | {ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR),"extension value error"}, | 153 | {ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR),"extension value error"}, |
| 154 | {ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION),"illegal empty extension"}, | ||
| 136 | {ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) ,"illegal hex digit"}, | 155 | {ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) ,"illegal hex digit"}, |
| 137 | {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),"incorrect policy syntax tag"}, | 156 | {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),"incorrect policy syntax tag"}, |
| 157 | {ERR_REASON(X509V3_R_INVALID_ASNUMBER) ,"invalid asnumber"}, | ||
| 158 | {ERR_REASON(X509V3_R_INVALID_ASRANGE) ,"invalid asrange"}, | ||
| 138 | {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING),"invalid boolean string"}, | 159 | {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING),"invalid boolean string"}, |
| 139 | {ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING),"invalid extension string"}, | 160 | {ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING),"invalid extension string"}, |
| 161 | {ERR_REASON(X509V3_R_INVALID_INHERITANCE),"invalid inheritance"}, | ||
| 162 | {ERR_REASON(X509V3_R_INVALID_IPADDRESS) ,"invalid ipaddress"}, | ||
| 140 | {ERR_REASON(X509V3_R_INVALID_NAME) ,"invalid name"}, | 163 | {ERR_REASON(X509V3_R_INVALID_NAME) ,"invalid name"}, |
| 141 | {ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT),"invalid null argument"}, | 164 | {ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT),"invalid null argument"}, |
| 142 | {ERR_REASON(X509V3_R_INVALID_NULL_NAME) ,"invalid null name"}, | 165 | {ERR_REASON(X509V3_R_INVALID_NULL_NAME) ,"invalid null name"}, |
| @@ -146,9 +169,9 @@ static ERR_STRING_DATA X509V3_str_reasons[]= | |||
| 146 | {ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER),"invalid object identifier"}, | 169 | {ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER),"invalid object identifier"}, |
| 147 | {ERR_REASON(X509V3_R_INVALID_OPTION) ,"invalid option"}, | 170 | {ERR_REASON(X509V3_R_INVALID_OPTION) ,"invalid option"}, |
| 148 | {ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER),"invalid policy identifier"}, | 171 | {ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER),"invalid policy identifier"}, |
| 149 | {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_IDENTIFIER),"invalid proxy policy identifier"}, | ||
| 150 | {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING),"invalid proxy policy setting"}, | 172 | {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING),"invalid proxy policy setting"}, |
| 151 | {ERR_REASON(X509V3_R_INVALID_PURPOSE) ,"invalid purpose"}, | 173 | {ERR_REASON(X509V3_R_INVALID_PURPOSE) ,"invalid purpose"}, |
| 174 | {ERR_REASON(X509V3_R_INVALID_SAFI) ,"invalid safi"}, | ||
| 152 | {ERR_REASON(X509V3_R_INVALID_SECTION) ,"invalid section"}, | 175 | {ERR_REASON(X509V3_R_INVALID_SECTION) ,"invalid section"}, |
| 153 | {ERR_REASON(X509V3_R_INVALID_SYNTAX) ,"invalid syntax"}, | 176 | {ERR_REASON(X509V3_R_INVALID_SYNTAX) ,"invalid syntax"}, |
| 154 | {ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR),"issuer decode error"}, | 177 | {ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR),"issuer decode error"}, |
| @@ -162,12 +185,14 @@ static ERR_STRING_DATA X509V3_str_reasons[]= | |||
| 162 | {ERR_REASON(X509V3_R_NO_PUBLIC_KEY) ,"no public key"}, | 185 | {ERR_REASON(X509V3_R_NO_PUBLIC_KEY) ,"no public key"}, |
| 163 | {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) ,"no subject details"}, | 186 | {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) ,"no subject details"}, |
| 164 | {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS),"odd number of digits"}, | 187 | {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS),"odd number of digits"}, |
| 188 | {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED),"operation not defined"}, | ||
| 189 | {ERR_REASON(X509V3_R_OTHERNAME_ERROR) ,"othername error"}, | ||
| 165 | {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED),"policy language alreadty defined"}, | 190 | {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED),"policy language alreadty defined"}, |
| 166 | {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) ,"policy path length"}, | 191 | {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) ,"policy path length"}, |
| 167 | {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED),"policy path length alreadty defined"}, | 192 | {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED),"policy path length alreadty defined"}, |
| 168 | {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT) ,"policy syntax not"}, | ||
| 169 | {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),"policy syntax not currently supported"}, | 193 | {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),"policy syntax not currently supported"}, |
| 170 | {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),"policy when proxy language requires no policy"}, | 194 | {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),"policy when proxy language requires no policy"}, |
| 195 | {ERR_REASON(X509V3_R_SECTION_NOT_FOUND) ,"section not found"}, | ||
| 171 | {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),"unable to get issuer details"}, | 196 | {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),"unable to get issuer details"}, |
| 172 | {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),"unable to get issuer keyid"}, | 197 | {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),"unable to get issuer keyid"}, |
| 173 | {ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),"unknown bit string argument"}, | 198 | {ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),"unknown bit string argument"}, |
| @@ -183,15 +208,12 @@ static ERR_STRING_DATA X509V3_str_reasons[]= | |||
| 183 | 208 | ||
| 184 | void ERR_load_X509V3_strings(void) | 209 | void ERR_load_X509V3_strings(void) |
| 185 | { | 210 | { |
| 186 | static int init=1; | 211 | #ifndef OPENSSL_NO_ERR |
| 187 | 212 | ||
| 188 | if (init) | 213 | if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) |
| 189 | { | 214 | { |
| 190 | init=0; | ||
| 191 | #ifndef OPENSSL_NO_ERR | ||
| 192 | ERR_load_strings(0,X509V3_str_functs); | 215 | ERR_load_strings(0,X509V3_str_functs); |
| 193 | ERR_load_strings(0,X509V3_str_reasons); | 216 | ERR_load_strings(0,X509V3_str_reasons); |
| 194 | #endif | ||
| 195 | |||
| 196 | } | 217 | } |
| 218 | #endif | ||
| 197 | } | 219 | } |
diff --git a/src/lib/libcrypto/x509v3/x509v3.h b/src/lib/libcrypto/x509v3/x509v3.h index e6d91251c2..db2b0482c1 100644 --- a/src/lib/libcrypto/x509v3/x509v3.h +++ b/src/lib/libcrypto/x509v3/x509v3.h | |||
| @@ -3,7 +3,7 @@ | |||
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -74,14 +74,14 @@ struct v3_ext_ctx; | |||
| 74 | 74 | ||
| 75 | typedef void * (*X509V3_EXT_NEW)(void); | 75 | typedef void * (*X509V3_EXT_NEW)(void); |
| 76 | typedef void (*X509V3_EXT_FREE)(void *); | 76 | typedef void (*X509V3_EXT_FREE)(void *); |
| 77 | typedef void * (*X509V3_EXT_D2I)(void *, unsigned char ** , long); | 77 | typedef void * (*X509V3_EXT_D2I)(void *, const unsigned char ** , long); |
| 78 | typedef int (*X509V3_EXT_I2D)(void *, unsigned char **); | 78 | typedef int (*X509V3_EXT_I2D)(void *, unsigned char **); |
| 79 | typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist); | 79 | typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist); |
| 80 | typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values); | 80 | typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values); |
| 81 | typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext); | 81 | typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext); |
| 82 | typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); | 82 | typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str); |
| 83 | typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent); | 83 | typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent); |
| 84 | typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); | 84 | typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str); |
| 85 | 85 | ||
| 86 | /* V3 extension structure */ | 86 | /* V3 extension structure */ |
| 87 | 87 | ||
| @@ -132,7 +132,6 @@ void *db; | |||
| 132 | }; | 132 | }; |
| 133 | 133 | ||
| 134 | typedef struct v3_ext_method X509V3_EXT_METHOD; | 134 | typedef struct v3_ext_method X509V3_EXT_METHOD; |
| 135 | typedef struct v3_ext_ctx X509V3_CTX; | ||
| 136 | 135 | ||
| 137 | DECLARE_STACK_OF(X509V3_EXT_METHOD) | 136 | DECLARE_STACK_OF(X509V3_EXT_METHOD) |
| 138 | 137 | ||
| @@ -287,6 +286,33 @@ typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES; | |||
| 287 | DECLARE_STACK_OF(POLICYINFO) | 286 | DECLARE_STACK_OF(POLICYINFO) |
| 288 | DECLARE_ASN1_SET_OF(POLICYINFO) | 287 | DECLARE_ASN1_SET_OF(POLICYINFO) |
| 289 | 288 | ||
| 289 | typedef struct POLICY_MAPPING_st { | ||
| 290 | ASN1_OBJECT *issuerDomainPolicy; | ||
| 291 | ASN1_OBJECT *subjectDomainPolicy; | ||
| 292 | } POLICY_MAPPING; | ||
| 293 | |||
| 294 | DECLARE_STACK_OF(POLICY_MAPPING) | ||
| 295 | |||
| 296 | typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS; | ||
| 297 | |||
| 298 | typedef struct GENERAL_SUBTREE_st { | ||
| 299 | GENERAL_NAME *base; | ||
| 300 | ASN1_INTEGER *minimum; | ||
| 301 | ASN1_INTEGER *maximum; | ||
| 302 | } GENERAL_SUBTREE; | ||
| 303 | |||
| 304 | DECLARE_STACK_OF(GENERAL_SUBTREE) | ||
| 305 | |||
| 306 | typedef struct NAME_CONSTRAINTS_st { | ||
| 307 | STACK_OF(GENERAL_SUBTREE) *permittedSubtrees; | ||
| 308 | STACK_OF(GENERAL_SUBTREE) *excludedSubtrees; | ||
| 309 | } NAME_CONSTRAINTS; | ||
| 310 | |||
| 311 | typedef struct POLICY_CONSTRAINTS_st { | ||
| 312 | ASN1_INTEGER *requireExplicitPolicy; | ||
| 313 | ASN1_INTEGER *inhibitPolicyMapping; | ||
| 314 | } POLICY_CONSTRAINTS; | ||
| 315 | |||
| 290 | /* Proxy certificate structures, see RFC 3820 */ | 316 | /* Proxy certificate structures, see RFC 3820 */ |
| 291 | typedef struct PROXY_POLICY_st | 317 | typedef struct PROXY_POLICY_st |
| 292 | { | 318 | { |
| @@ -344,6 +370,8 @@ DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION) | |||
| 344 | #define EXFLAG_CRITICAL 0x200 | 370 | #define EXFLAG_CRITICAL 0x200 |
| 345 | #define EXFLAG_PROXY 0x400 | 371 | #define EXFLAG_PROXY 0x400 |
| 346 | 372 | ||
| 373 | #define EXFLAG_INVALID_POLICY 0x400 | ||
| 374 | |||
| 347 | #define KU_DIGITAL_SIGNATURE 0x0080 | 375 | #define KU_DIGITAL_SIGNATURE 0x0080 |
| 348 | #define KU_NON_REPUDIATION 0x0040 | 376 | #define KU_NON_REPUDIATION 0x0040 |
| 349 | #define KU_KEY_ENCIPHERMENT 0x0020 | 377 | #define KU_KEY_ENCIPHERMENT 0x0020 |
| @@ -442,6 +470,13 @@ DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD) | |||
| 442 | 470 | ||
| 443 | DECLARE_ASN1_FUNCTIONS(GENERAL_NAME) | 471 | DECLARE_ASN1_FUNCTIONS(GENERAL_NAME) |
| 444 | 472 | ||
| 473 | |||
| 474 | ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, | ||
| 475 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); | ||
| 476 | STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, | ||
| 477 | ASN1_BIT_STRING *bits, | ||
| 478 | STACK_OF(CONF_VALUE) *extlist); | ||
| 479 | |||
| 445 | STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret); | 480 | STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret); |
| 446 | int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen); | 481 | int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen); |
| 447 | 482 | ||
| @@ -474,8 +509,24 @@ DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME) | |||
| 474 | DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION) | 509 | DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION) |
| 475 | DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS) | 510 | DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS) |
| 476 | 511 | ||
| 512 | DECLARE_ASN1_ITEM(POLICY_MAPPING) | ||
| 513 | DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING) | ||
| 514 | DECLARE_ASN1_ITEM(POLICY_MAPPINGS) | ||
| 515 | |||
| 516 | DECLARE_ASN1_ITEM(GENERAL_SUBTREE) | ||
| 517 | DECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE) | ||
| 518 | |||
| 519 | DECLARE_ASN1_ITEM(NAME_CONSTRAINTS) | ||
| 520 | DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS) | ||
| 521 | |||
| 522 | DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS) | ||
| 523 | DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS) | ||
| 524 | |||
| 477 | #ifdef HEADER_CONF_H | 525 | #ifdef HEADER_CONF_H |
| 478 | GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf); | 526 | GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, |
| 527 | CONF_VALUE *cnf); | ||
| 528 | GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, X509V3_EXT_METHOD *method, | ||
| 529 | X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc); | ||
| 479 | void X509V3_conf_free(CONF_VALUE *val); | 530 | void X509V3_conf_free(CONF_VALUE *val); |
| 480 | 531 | ||
| 481 | X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value); | 532 | X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value); |
| @@ -566,7 +617,164 @@ int X509_PURPOSE_get_id(X509_PURPOSE *); | |||
| 566 | STACK *X509_get1_email(X509 *x); | 617 | STACK *X509_get1_email(X509 *x); |
| 567 | STACK *X509_REQ_get1_email(X509_REQ *x); | 618 | STACK *X509_REQ_get1_email(X509_REQ *x); |
| 568 | void X509_email_free(STACK *sk); | 619 | void X509_email_free(STACK *sk); |
| 620 | STACK *X509_get1_ocsp(X509 *x); | ||
| 621 | |||
| 622 | ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc); | ||
| 623 | ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc); | ||
| 624 | int a2i_ipadd(unsigned char *ipout, const char *ipasc); | ||
| 625 | int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, | ||
| 626 | unsigned long chtype); | ||
| 627 | |||
| 628 | void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent); | ||
| 629 | |||
| 630 | #ifndef OPENSSL_NO_RFC3779 | ||
| 631 | |||
| 632 | typedef struct ASRange_st { | ||
| 633 | ASN1_INTEGER *min, *max; | ||
| 634 | } ASRange; | ||
| 635 | |||
| 636 | #define ASIdOrRange_id 0 | ||
| 637 | #define ASIdOrRange_range 1 | ||
| 638 | |||
| 639 | typedef struct ASIdOrRange_st { | ||
| 640 | int type; | ||
| 641 | union { | ||
| 642 | ASN1_INTEGER *id; | ||
| 643 | ASRange *range; | ||
| 644 | } u; | ||
| 645 | } ASIdOrRange; | ||
| 646 | |||
| 647 | typedef STACK_OF(ASIdOrRange) ASIdOrRanges; | ||
| 648 | DECLARE_STACK_OF(ASIdOrRange) | ||
| 649 | |||
| 650 | #define ASIdentifierChoice_inherit 0 | ||
| 651 | #define ASIdentifierChoice_asIdsOrRanges 1 | ||
| 652 | |||
| 653 | typedef struct ASIdentifierChoice_st { | ||
| 654 | int type; | ||
| 655 | union { | ||
| 656 | ASN1_NULL *inherit; | ||
| 657 | ASIdOrRanges *asIdsOrRanges; | ||
| 658 | } u; | ||
| 659 | } ASIdentifierChoice; | ||
| 660 | |||
| 661 | typedef struct ASIdentifiers_st { | ||
| 662 | ASIdentifierChoice *asnum, *rdi; | ||
| 663 | } ASIdentifiers; | ||
| 664 | |||
| 665 | DECLARE_ASN1_FUNCTIONS(ASRange) | ||
| 666 | DECLARE_ASN1_FUNCTIONS(ASIdOrRange) | ||
| 667 | DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice) | ||
| 668 | DECLARE_ASN1_FUNCTIONS(ASIdentifiers) | ||
| 669 | |||
| 670 | |||
| 671 | typedef struct IPAddressRange_st { | ||
| 672 | ASN1_BIT_STRING *min, *max; | ||
| 673 | } IPAddressRange; | ||
| 674 | |||
| 675 | #define IPAddressOrRange_addressPrefix 0 | ||
| 676 | #define IPAddressOrRange_addressRange 1 | ||
| 677 | |||
| 678 | typedef struct IPAddressOrRange_st { | ||
| 679 | int type; | ||
| 680 | union { | ||
| 681 | ASN1_BIT_STRING *addressPrefix; | ||
| 682 | IPAddressRange *addressRange; | ||
| 683 | } u; | ||
| 684 | } IPAddressOrRange; | ||
| 685 | |||
| 686 | typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges; | ||
| 687 | DECLARE_STACK_OF(IPAddressOrRange) | ||
| 688 | |||
| 689 | #define IPAddressChoice_inherit 0 | ||
| 690 | #define IPAddressChoice_addressesOrRanges 1 | ||
| 691 | |||
| 692 | typedef struct IPAddressChoice_st { | ||
| 693 | int type; | ||
| 694 | union { | ||
| 695 | ASN1_NULL *inherit; | ||
| 696 | IPAddressOrRanges *addressesOrRanges; | ||
| 697 | } u; | ||
| 698 | } IPAddressChoice; | ||
| 699 | |||
| 700 | typedef struct IPAddressFamily_st { | ||
| 701 | ASN1_OCTET_STRING *addressFamily; | ||
| 702 | IPAddressChoice *ipAddressChoice; | ||
| 703 | } IPAddressFamily; | ||
| 704 | |||
| 705 | typedef STACK_OF(IPAddressFamily) IPAddrBlocks; | ||
| 706 | DECLARE_STACK_OF(IPAddressFamily) | ||
| 707 | |||
| 708 | DECLARE_ASN1_FUNCTIONS(IPAddressRange) | ||
| 709 | DECLARE_ASN1_FUNCTIONS(IPAddressOrRange) | ||
| 710 | DECLARE_ASN1_FUNCTIONS(IPAddressChoice) | ||
| 711 | DECLARE_ASN1_FUNCTIONS(IPAddressFamily) | ||
| 712 | |||
| 713 | /* | ||
| 714 | * API tag for elements of the ASIdentifer SEQUENCE. | ||
| 715 | */ | ||
| 716 | #define V3_ASID_ASNUM 0 | ||
| 717 | #define V3_ASID_RDI 1 | ||
| 718 | |||
| 719 | /* | ||
| 720 | * AFI values, assigned by IANA. It'd be nice to make the AFI | ||
| 721 | * handling code totally generic, but there are too many little things | ||
| 722 | * that would need to be defined for other address families for it to | ||
| 723 | * be worth the trouble. | ||
| 724 | */ | ||
| 725 | #define IANA_AFI_IPV4 1 | ||
| 726 | #define IANA_AFI_IPV6 2 | ||
| 727 | |||
| 728 | /* | ||
| 729 | * Utilities to construct and extract values from RFC3779 extensions, | ||
| 730 | * since some of the encodings (particularly for IP address prefixes | ||
| 731 | * and ranges) are a bit tedious to work with directly. | ||
| 732 | */ | ||
| 733 | int v3_asid_add_inherit(ASIdentifiers *asid, int which); | ||
| 734 | int v3_asid_add_id_or_range(ASIdentifiers *asid, int which, | ||
| 735 | ASN1_INTEGER *min, ASN1_INTEGER *max); | ||
| 736 | int v3_addr_add_inherit(IPAddrBlocks *addr, | ||
| 737 | const unsigned afi, const unsigned *safi); | ||
| 738 | int v3_addr_add_prefix(IPAddrBlocks *addr, | ||
| 739 | const unsigned afi, const unsigned *safi, | ||
| 740 | unsigned char *a, const int prefixlen); | ||
| 741 | int v3_addr_add_range(IPAddrBlocks *addr, | ||
| 742 | const unsigned afi, const unsigned *safi, | ||
| 743 | unsigned char *min, unsigned char *max); | ||
| 744 | unsigned v3_addr_get_afi(const IPAddressFamily *f); | ||
| 745 | int v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi, | ||
| 746 | unsigned char *min, unsigned char *max, | ||
| 747 | const int length); | ||
| 748 | |||
| 749 | /* | ||
| 750 | * Canonical forms. | ||
| 751 | */ | ||
| 752 | int v3_asid_is_canonical(ASIdentifiers *asid); | ||
| 753 | int v3_addr_is_canonical(IPAddrBlocks *addr); | ||
| 754 | int v3_asid_canonize(ASIdentifiers *asid); | ||
| 755 | int v3_addr_canonize(IPAddrBlocks *addr); | ||
| 756 | |||
| 757 | /* | ||
| 758 | * Tests for inheritance and containment. | ||
| 759 | */ | ||
| 760 | int v3_asid_inherits(ASIdentifiers *asid); | ||
| 761 | int v3_addr_inherits(IPAddrBlocks *addr); | ||
| 762 | int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b); | ||
| 763 | int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b); | ||
| 764 | |||
| 765 | /* | ||
| 766 | * Check whether RFC 3779 extensions nest properly in chains. | ||
| 767 | */ | ||
| 768 | int v3_asid_validate_path(X509_STORE_CTX *); | ||
| 769 | int v3_addr_validate_path(X509_STORE_CTX *); | ||
| 770 | int v3_asid_validate_resource_set(STACK_OF(X509) *chain, | ||
| 771 | ASIdentifiers *ext, | ||
| 772 | int allow_inheritance); | ||
| 773 | int v3_addr_validate_resource_set(STACK_OF(X509) *chain, | ||
| 774 | IPAddrBlocks *ext, | ||
| 775 | int allow_inheritance); | ||
| 569 | 776 | ||
| 777 | #endif /* OPENSSL_NO_RFC3779 */ | ||
| 570 | 778 | ||
| 571 | /* BEGIN ERROR CODES */ | 779 | /* BEGIN ERROR CODES */ |
| 572 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 780 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
| @@ -577,46 +785,63 @@ void ERR_load_X509V3_strings(void); | |||
| 577 | /* Error codes for the X509V3 functions. */ | 785 | /* Error codes for the X509V3 functions. */ |
| 578 | 786 | ||
| 579 | /* Function codes. */ | 787 | /* Function codes. */ |
| 788 | #define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 156 | ||
| 789 | #define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 157 | ||
| 580 | #define X509V3_F_COPY_EMAIL 122 | 790 | #define X509V3_F_COPY_EMAIL 122 |
| 581 | #define X509V3_F_COPY_ISSUER 123 | 791 | #define X509V3_F_COPY_ISSUER 123 |
| 792 | #define X509V3_F_DO_DIRNAME 144 | ||
| 582 | #define X509V3_F_DO_EXT_CONF 124 | 793 | #define X509V3_F_DO_EXT_CONF 124 |
| 583 | #define X509V3_F_DO_EXT_I2D 135 | 794 | #define X509V3_F_DO_EXT_I2D 135 |
| 795 | #define X509V3_F_DO_EXT_NCONF 151 | ||
| 796 | #define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148 | ||
| 584 | #define X509V3_F_HEX_TO_STRING 111 | 797 | #define X509V3_F_HEX_TO_STRING 111 |
| 585 | #define X509V3_F_I2S_ASN1_ENUMERATED 121 | 798 | #define X509V3_F_I2S_ASN1_ENUMERATED 121 |
| 586 | #define X509V3_F_I2S_ASN1_IA5STRING 142 | 799 | #define X509V3_F_I2S_ASN1_IA5STRING 149 |
| 587 | #define X509V3_F_I2S_ASN1_INTEGER 120 | 800 | #define X509V3_F_I2S_ASN1_INTEGER 120 |
| 588 | #define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138 | 801 | #define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138 |
| 589 | #define X509V3_F_NOTICE_SECTION 132 | 802 | #define X509V3_F_NOTICE_SECTION 132 |
| 590 | #define X509V3_F_NREF_NOS 133 | 803 | #define X509V3_F_NREF_NOS 133 |
| 591 | #define X509V3_F_POLICY_SECTION 131 | 804 | #define X509V3_F_POLICY_SECTION 131 |
| 805 | #define X509V3_F_PROCESS_PCI_VALUE 150 | ||
| 592 | #define X509V3_F_R2I_CERTPOL 130 | 806 | #define X509V3_F_R2I_CERTPOL 130 |
| 593 | #define X509V3_F_R2I_PCI 142 | 807 | #define X509V3_F_R2I_PCI 155 |
| 594 | #define X509V3_F_S2I_ASN1_IA5STRING 100 | 808 | #define X509V3_F_S2I_ASN1_IA5STRING 100 |
| 595 | #define X509V3_F_S2I_ASN1_INTEGER 108 | 809 | #define X509V3_F_S2I_ASN1_INTEGER 108 |
| 596 | #define X509V3_F_S2I_ASN1_OCTET_STRING 112 | 810 | #define X509V3_F_S2I_ASN1_OCTET_STRING 112 |
| 597 | #define X509V3_F_S2I_ASN1_SKEY_ID 114 | 811 | #define X509V3_F_S2I_ASN1_SKEY_ID 114 |
| 598 | #define X509V3_F_S2I_S2I_SKEY_ID 115 | 812 | #define X509V3_F_S2I_SKEY_ID 115 |
| 599 | #define X509V3_F_STRING_TO_HEX 113 | 813 | #define X509V3_F_STRING_TO_HEX 113 |
| 600 | #define X509V3_F_SXNET_ADD_ASC 125 | 814 | #define X509V3_F_SXNET_ADD_ID_ASC 125 |
| 601 | #define X509V3_F_SXNET_ADD_ID_INTEGER 126 | 815 | #define X509V3_F_SXNET_ADD_ID_INTEGER 126 |
| 602 | #define X509V3_F_SXNET_ADD_ID_ULONG 127 | 816 | #define X509V3_F_SXNET_ADD_ID_ULONG 127 |
| 603 | #define X509V3_F_SXNET_GET_ID_ASC 128 | 817 | #define X509V3_F_SXNET_GET_ID_ASC 128 |
| 604 | #define X509V3_F_SXNET_GET_ID_ULONG 129 | 818 | #define X509V3_F_SXNET_GET_ID_ULONG 129 |
| 605 | #define X509V3_F_V2I_ACCESS_DESCRIPTION 139 | 819 | #define X509V3_F_V2I_ASIDENTIFIERS 158 |
| 606 | #define X509V3_F_V2I_ASN1_BIT_STRING 101 | 820 | #define X509V3_F_V2I_ASN1_BIT_STRING 101 |
| 821 | #define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139 | ||
| 607 | #define X509V3_F_V2I_AUTHORITY_KEYID 119 | 822 | #define X509V3_F_V2I_AUTHORITY_KEYID 119 |
| 608 | #define X509V3_F_V2I_BASIC_CONSTRAINTS 102 | 823 | #define X509V3_F_V2I_BASIC_CONSTRAINTS 102 |
| 609 | #define X509V3_F_V2I_CRLD 134 | 824 | #define X509V3_F_V2I_CRLD 134 |
| 610 | #define X509V3_F_V2I_EXT_KU 103 | 825 | #define X509V3_F_V2I_EXTENDED_KEY_USAGE 103 |
| 611 | #define X509V3_F_V2I_GENERAL_NAME 117 | ||
| 612 | #define X509V3_F_V2I_GENERAL_NAMES 118 | 826 | #define X509V3_F_V2I_GENERAL_NAMES 118 |
| 827 | #define X509V3_F_V2I_GENERAL_NAME_EX 117 | ||
| 828 | #define X509V3_F_V2I_IPADDRBLOCKS 159 | ||
| 829 | #define X509V3_F_V2I_ISSUER_ALT 153 | ||
| 830 | #define X509V3_F_V2I_NAME_CONSTRAINTS 147 | ||
| 831 | #define X509V3_F_V2I_POLICY_CONSTRAINTS 146 | ||
| 832 | #define X509V3_F_V2I_POLICY_MAPPINGS 145 | ||
| 833 | #define X509V3_F_V2I_SUBJECT_ALT 154 | ||
| 834 | #define X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL 160 | ||
| 613 | #define X509V3_F_V3_GENERIC_EXTENSION 116 | 835 | #define X509V3_F_V3_GENERIC_EXTENSION 116 |
| 614 | #define X509V3_F_X509V3_ADD_I2D 140 | 836 | #define X509V3_F_X509V3_ADD1_I2D 140 |
| 615 | #define X509V3_F_X509V3_ADD_VALUE 105 | 837 | #define X509V3_F_X509V3_ADD_VALUE 105 |
| 616 | #define X509V3_F_X509V3_EXT_ADD 104 | 838 | #define X509V3_F_X509V3_EXT_ADD 104 |
| 617 | #define X509V3_F_X509V3_EXT_ADD_ALIAS 106 | 839 | #define X509V3_F_X509V3_EXT_ADD_ALIAS 106 |
| 618 | #define X509V3_F_X509V3_EXT_CONF 107 | 840 | #define X509V3_F_X509V3_EXT_CONF 107 |
| 619 | #define X509V3_F_X509V3_EXT_I2D 136 | 841 | #define X509V3_F_X509V3_EXT_I2D 136 |
| 842 | #define X509V3_F_X509V3_EXT_NCONF 152 | ||
| 843 | #define X509V3_F_X509V3_GET_SECTION 142 | ||
| 844 | #define X509V3_F_X509V3_GET_STRING 143 | ||
| 620 | #define X509V3_F_X509V3_GET_VALUE_BOOL 110 | 845 | #define X509V3_F_X509V3_GET_VALUE_BOOL 110 |
| 621 | #define X509V3_F_X509V3_PARSE_LIST 109 | 846 | #define X509V3_F_X509V3_PARSE_LIST 109 |
| 622 | #define X509V3_F_X509_PURPOSE_ADD 137 | 847 | #define X509V3_F_X509_PURPOSE_ADD 137 |
| @@ -627,6 +852,7 @@ void ERR_load_X509V3_strings(void); | |||
| 627 | #define X509V3_R_BAD_OBJECT 119 | 852 | #define X509V3_R_BAD_OBJECT 119 |
| 628 | #define X509V3_R_BN_DEC2BN_ERROR 100 | 853 | #define X509V3_R_BN_DEC2BN_ERROR 100 |
| 629 | #define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101 | 854 | #define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101 |
| 855 | #define X509V3_R_DIRNAME_ERROR 149 | ||
| 630 | #define X509V3_R_DUPLICATE_ZONE_ID 133 | 856 | #define X509V3_R_DUPLICATE_ZONE_ID 133 |
| 631 | #define X509V3_R_ERROR_CONVERTING_ZONE 131 | 857 | #define X509V3_R_ERROR_CONVERTING_ZONE 131 |
| 632 | #define X509V3_R_ERROR_CREATING_EXTENSION 144 | 858 | #define X509V3_R_ERROR_CREATING_EXTENSION 144 |
| @@ -637,10 +863,15 @@ void ERR_load_X509V3_strings(void); | |||
| 637 | #define X509V3_R_EXTENSION_NOT_FOUND 102 | 863 | #define X509V3_R_EXTENSION_NOT_FOUND 102 |
| 638 | #define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103 | 864 | #define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103 |
| 639 | #define X509V3_R_EXTENSION_VALUE_ERROR 116 | 865 | #define X509V3_R_EXTENSION_VALUE_ERROR 116 |
| 866 | #define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151 | ||
| 640 | #define X509V3_R_ILLEGAL_HEX_DIGIT 113 | 867 | #define X509V3_R_ILLEGAL_HEX_DIGIT 113 |
| 641 | #define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 153 | 868 | #define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152 |
| 869 | #define X509V3_R_INVALID_ASNUMBER 160 | ||
| 870 | #define X509V3_R_INVALID_ASRANGE 161 | ||
| 642 | #define X509V3_R_INVALID_BOOLEAN_STRING 104 | 871 | #define X509V3_R_INVALID_BOOLEAN_STRING 104 |
| 643 | #define X509V3_R_INVALID_EXTENSION_STRING 105 | 872 | #define X509V3_R_INVALID_EXTENSION_STRING 105 |
| 873 | #define X509V3_R_INVALID_INHERITANCE 162 | ||
| 874 | #define X509V3_R_INVALID_IPADDRESS 163 | ||
| 644 | #define X509V3_R_INVALID_NAME 106 | 875 | #define X509V3_R_INVALID_NAME 106 |
| 645 | #define X509V3_R_INVALID_NULL_ARGUMENT 107 | 876 | #define X509V3_R_INVALID_NULL_ARGUMENT 107 |
| 646 | #define X509V3_R_INVALID_NULL_NAME 108 | 877 | #define X509V3_R_INVALID_NULL_NAME 108 |
| @@ -650,9 +881,9 @@ void ERR_load_X509V3_strings(void); | |||
| 650 | #define X509V3_R_INVALID_OBJECT_IDENTIFIER 110 | 881 | #define X509V3_R_INVALID_OBJECT_IDENTIFIER 110 |
| 651 | #define X509V3_R_INVALID_OPTION 138 | 882 | #define X509V3_R_INVALID_OPTION 138 |
| 652 | #define X509V3_R_INVALID_POLICY_IDENTIFIER 134 | 883 | #define X509V3_R_INVALID_POLICY_IDENTIFIER 134 |
| 653 | #define X509V3_R_INVALID_PROXY_POLICY_IDENTIFIER 147 | 884 | #define X509V3_R_INVALID_PROXY_POLICY_SETTING 153 |
| 654 | #define X509V3_R_INVALID_PROXY_POLICY_SETTING 151 | ||
| 655 | #define X509V3_R_INVALID_PURPOSE 146 | 885 | #define X509V3_R_INVALID_PURPOSE 146 |
| 886 | #define X509V3_R_INVALID_SAFI 164 | ||
| 656 | #define X509V3_R_INVALID_SECTION 135 | 887 | #define X509V3_R_INVALID_SECTION 135 |
| 657 | #define X509V3_R_INVALID_SYNTAX 143 | 888 | #define X509V3_R_INVALID_SYNTAX 143 |
| 658 | #define X509V3_R_ISSUER_DECODE_ERROR 126 | 889 | #define X509V3_R_ISSUER_DECODE_ERROR 126 |
| @@ -662,16 +893,18 @@ void ERR_load_X509V3_strings(void); | |||
| 662 | #define X509V3_R_NO_ISSUER_CERTIFICATE 121 | 893 | #define X509V3_R_NO_ISSUER_CERTIFICATE 121 |
| 663 | #define X509V3_R_NO_ISSUER_DETAILS 127 | 894 | #define X509V3_R_NO_ISSUER_DETAILS 127 |
| 664 | #define X509V3_R_NO_POLICY_IDENTIFIER 139 | 895 | #define X509V3_R_NO_POLICY_IDENTIFIER 139 |
| 665 | #define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 148 | 896 | #define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154 |
| 666 | #define X509V3_R_NO_PUBLIC_KEY 114 | 897 | #define X509V3_R_NO_PUBLIC_KEY 114 |
| 667 | #define X509V3_R_NO_SUBJECT_DETAILS 125 | 898 | #define X509V3_R_NO_SUBJECT_DETAILS 125 |
| 668 | #define X509V3_R_ODD_NUMBER_OF_DIGITS 112 | 899 | #define X509V3_R_ODD_NUMBER_OF_DIGITS 112 |
| 669 | #define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED 149 | 900 | #define X509V3_R_OPERATION_NOT_DEFINED 148 |
| 670 | #define X509V3_R_POLICY_PATH_LENGTH 152 | 901 | #define X509V3_R_OTHERNAME_ERROR 147 |
| 671 | #define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED 150 | 902 | #define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED 155 |
| 672 | #define X509V3_R_POLICY_SYNTAX_NOT 154 | 903 | #define X509V3_R_POLICY_PATH_LENGTH 156 |
| 673 | #define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 155 | 904 | #define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED 157 |
| 674 | #define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 156 | 905 | #define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158 |
| 906 | #define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159 | ||
| 907 | #define X509V3_R_SECTION_NOT_FOUND 150 | ||
| 675 | #define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122 | 908 | #define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122 |
| 676 | #define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123 | 909 | #define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123 |
| 677 | #define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111 | 910 | #define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111 |