summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2014-05-07 17:42:51 +0000
committerjsing <>2014-05-07 17:42:51 +0000
commit809e924b0ceda14722deaae701cea2d9ca6d9ff4 (patch)
treeb341b2cdc0818410f55d0a4662a40677e4899326 /src
parent4dbedfb705d406cb1f725088db285d6642ca988a (diff)
downloadopenbsd-809e924b0ceda14722deaae701cea2d9ca6d9ff4.tar.gz
openbsd-809e924b0ceda14722deaae701cea2d9ca6d9ff4.tar.bz2
openbsd-809e924b0ceda14722deaae701cea2d9ca6d9ff4.zip
KNF.
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/evp/c_allc.c85
-rw-r--r--src/lib/libcrypto/evp/c_alld.c37
-rw-r--r--src/lib/libcrypto/evp/p5_crpt.c33
-rw-r--r--src/lib/libcrypto/evp/p5_crpt2.c169
-rw-r--r--src/lib/libcrypto/evp/p_dec.c38
-rw-r--r--src/lib/libcrypto/evp/p_enc.c36
-rw-r--r--src/lib/libcrypto/evp/p_lib.c351
-rw-r--r--src/lib/libcrypto/evp/p_open.c83
-rw-r--r--src/lib/libcrypto/evp/p_seal.c59
-rw-r--r--src/lib/libcrypto/evp/p_sign.c94
-rw-r--r--src/lib/libcrypto/evp/p_verify.c73
-rw-r--r--src/lib/libcrypto/evp/pmeth_fn.c279
-rw-r--r--src/lib/libcrypto/evp/pmeth_gn.c133
-rw-r--r--src/lib/libcrypto/evp/pmeth_lib.c458
-rw-r--r--src/lib/libssl/src/crypto/evp/c_allc.c85
-rw-r--r--src/lib/libssl/src/crypto/evp/c_alld.c37
-rw-r--r--src/lib/libssl/src/crypto/evp/p5_crpt.c33
-rw-r--r--src/lib/libssl/src/crypto/evp/p5_crpt2.c169
-rw-r--r--src/lib/libssl/src/crypto/evp/p_dec.c38
-rw-r--r--src/lib/libssl/src/crypto/evp/p_enc.c36
-rw-r--r--src/lib/libssl/src/crypto/evp/p_lib.c351
-rw-r--r--src/lib/libssl/src/crypto/evp/p_open.c83
-rw-r--r--src/lib/libssl/src/crypto/evp/p_seal.c59
-rw-r--r--src/lib/libssl/src/crypto/evp/p_sign.c94
-rw-r--r--src/lib/libssl/src/crypto/evp/p_verify.c73
-rw-r--r--src/lib/libssl/src/crypto/evp/pmeth_fn.c279
-rw-r--r--src/lib/libssl/src/crypto/evp/pmeth_gn.c133
-rw-r--r--src/lib/libssl/src/crypto/evp/pmeth_lib.c458
28 files changed, 1968 insertions, 1888 deletions
diff --git a/src/lib/libcrypto/evp/c_allc.c b/src/lib/libcrypto/evp/c_allc.c
index 2047b6cd61..91ad980182 100644
--- a/src/lib/libcrypto/evp/c_allc.c
+++ b/src/lib/libcrypto/evp/c_allc.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -62,8 +62,9 @@
62#include <openssl/pkcs12.h> 62#include <openssl/pkcs12.h>
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64 64
65void OpenSSL_add_all_ciphers(void) 65void
66 { 66OpenSSL_add_all_ciphers(void)
67{
67 68
68#ifndef OPENSSL_NO_DES 69#ifndef OPENSSL_NO_DES
69 EVP_add_cipher(EVP_des_cfb()); 70 EVP_add_cipher(EVP_des_cfb());
@@ -79,16 +80,16 @@ void OpenSSL_add_all_ciphers(void)
79 EVP_add_cipher(EVP_des_ede3_ofb()); 80 EVP_add_cipher(EVP_des_ede3_ofb());
80 81
81 EVP_add_cipher(EVP_desx_cbc()); 82 EVP_add_cipher(EVP_desx_cbc());
82 EVP_add_cipher_alias(SN_desx_cbc,"DESX"); 83 EVP_add_cipher_alias(SN_desx_cbc, "DESX");
83 EVP_add_cipher_alias(SN_desx_cbc,"desx"); 84 EVP_add_cipher_alias(SN_desx_cbc, "desx");
84 85
85 EVP_add_cipher(EVP_des_cbc()); 86 EVP_add_cipher(EVP_des_cbc());
86 EVP_add_cipher_alias(SN_des_cbc,"DES"); 87 EVP_add_cipher_alias(SN_des_cbc, "DES");
87 EVP_add_cipher_alias(SN_des_cbc,"des"); 88 EVP_add_cipher_alias(SN_des_cbc, "des");
88 EVP_add_cipher(EVP_des_ede_cbc()); 89 EVP_add_cipher(EVP_des_ede_cbc());
89 EVP_add_cipher(EVP_des_ede3_cbc()); 90 EVP_add_cipher(EVP_des_ede3_cbc());
90 EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3"); 91 EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");
91 EVP_add_cipher_alias(SN_des_ede3_cbc,"des3"); 92 EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");
92 93
93 EVP_add_cipher(EVP_des_ecb()); 94 EVP_add_cipher(EVP_des_ecb());
94 EVP_add_cipher(EVP_des_ede()); 95 EVP_add_cipher(EVP_des_ede());
@@ -108,8 +109,8 @@ void OpenSSL_add_all_ciphers(void)
108 EVP_add_cipher(EVP_idea_cfb()); 109 EVP_add_cipher(EVP_idea_cfb());
109 EVP_add_cipher(EVP_idea_ofb()); 110 EVP_add_cipher(EVP_idea_ofb());
110 EVP_add_cipher(EVP_idea_cbc()); 111 EVP_add_cipher(EVP_idea_cbc());
111 EVP_add_cipher_alias(SN_idea_cbc,"IDEA"); 112 EVP_add_cipher_alias(SN_idea_cbc, "IDEA");
112 EVP_add_cipher_alias(SN_idea_cbc,"idea"); 113 EVP_add_cipher_alias(SN_idea_cbc, "idea");
113#endif 114#endif
114 115
115#ifndef OPENSSL_NO_SEED 116#ifndef OPENSSL_NO_SEED
@@ -117,8 +118,8 @@ void OpenSSL_add_all_ciphers(void)
117 EVP_add_cipher(EVP_seed_cfb()); 118 EVP_add_cipher(EVP_seed_cfb());
118 EVP_add_cipher(EVP_seed_ofb()); 119 EVP_add_cipher(EVP_seed_ofb());
119 EVP_add_cipher(EVP_seed_cbc()); 120 EVP_add_cipher(EVP_seed_cbc());
120 EVP_add_cipher_alias(SN_seed_cbc,"SEED"); 121 EVP_add_cipher_alias(SN_seed_cbc, "SEED");
121 EVP_add_cipher_alias(SN_seed_cbc,"seed"); 122 EVP_add_cipher_alias(SN_seed_cbc, "seed");
122#endif 123#endif
123 124
124#ifndef OPENSSL_NO_RC2 125#ifndef OPENSSL_NO_RC2
@@ -128,8 +129,8 @@ void OpenSSL_add_all_ciphers(void)
128 EVP_add_cipher(EVP_rc2_cbc()); 129 EVP_add_cipher(EVP_rc2_cbc());
129 EVP_add_cipher(EVP_rc2_40_cbc()); 130 EVP_add_cipher(EVP_rc2_40_cbc());
130 EVP_add_cipher(EVP_rc2_64_cbc()); 131 EVP_add_cipher(EVP_rc2_64_cbc());
131 EVP_add_cipher_alias(SN_rc2_cbc,"RC2"); 132 EVP_add_cipher_alias(SN_rc2_cbc, "RC2");
132 EVP_add_cipher_alias(SN_rc2_cbc,"rc2"); 133 EVP_add_cipher_alias(SN_rc2_cbc, "rc2");
133#endif 134#endif
134 135
135#ifndef OPENSSL_NO_BF 136#ifndef OPENSSL_NO_BF
@@ -137,9 +138,9 @@ void OpenSSL_add_all_ciphers(void)
137 EVP_add_cipher(EVP_bf_cfb()); 138 EVP_add_cipher(EVP_bf_cfb());
138 EVP_add_cipher(EVP_bf_ofb()); 139 EVP_add_cipher(EVP_bf_ofb());
139 EVP_add_cipher(EVP_bf_cbc()); 140 EVP_add_cipher(EVP_bf_cbc());
140 EVP_add_cipher_alias(SN_bf_cbc,"BF"); 141 EVP_add_cipher_alias(SN_bf_cbc, "BF");
141 EVP_add_cipher_alias(SN_bf_cbc,"bf"); 142 EVP_add_cipher_alias(SN_bf_cbc, "bf");
142 EVP_add_cipher_alias(SN_bf_cbc,"blowfish"); 143 EVP_add_cipher_alias(SN_bf_cbc, "blowfish");
143#endif 144#endif
144 145
145#ifndef OPENSSL_NO_CAST 146#ifndef OPENSSL_NO_CAST
@@ -147,10 +148,10 @@ void OpenSSL_add_all_ciphers(void)
147 EVP_add_cipher(EVP_cast5_cfb()); 148 EVP_add_cipher(EVP_cast5_cfb());
148 EVP_add_cipher(EVP_cast5_ofb()); 149 EVP_add_cipher(EVP_cast5_ofb());
149 EVP_add_cipher(EVP_cast5_cbc()); 150 EVP_add_cipher(EVP_cast5_cbc());
150 EVP_add_cipher_alias(SN_cast5_cbc,"CAST"); 151 EVP_add_cipher_alias(SN_cast5_cbc, "CAST");
151 EVP_add_cipher_alias(SN_cast5_cbc,"cast"); 152 EVP_add_cipher_alias(SN_cast5_cbc, "cast");
152 EVP_add_cipher_alias(SN_cast5_cbc,"CAST-cbc"); 153 EVP_add_cipher_alias(SN_cast5_cbc, "CAST-cbc");
153 EVP_add_cipher_alias(SN_cast5_cbc,"cast-cbc"); 154 EVP_add_cipher_alias(SN_cast5_cbc, "cast-cbc");
154#endif 155#endif
155 156
156#ifndef OPENSSL_NO_RC5 157#ifndef OPENSSL_NO_RC5
@@ -158,8 +159,8 @@ void OpenSSL_add_all_ciphers(void)
158 EVP_add_cipher(EVP_rc5_32_12_16_cfb()); 159 EVP_add_cipher(EVP_rc5_32_12_16_cfb());
159 EVP_add_cipher(EVP_rc5_32_12_16_ofb()); 160 EVP_add_cipher(EVP_rc5_32_12_16_ofb());
160 EVP_add_cipher(EVP_rc5_32_12_16_cbc()); 161 EVP_add_cipher(EVP_rc5_32_12_16_cbc());
161 EVP_add_cipher_alias(SN_rc5_cbc,"rc5"); 162 EVP_add_cipher_alias(SN_rc5_cbc, "rc5");
162 EVP_add_cipher_alias(SN_rc5_cbc,"RC5"); 163 EVP_add_cipher_alias(SN_rc5_cbc, "RC5");
163#endif 164#endif
164 165
165#ifndef OPENSSL_NO_AES 166#ifndef OPENSSL_NO_AES
@@ -172,8 +173,8 @@ void OpenSSL_add_all_ciphers(void)
172 EVP_add_cipher(EVP_aes_128_ctr()); 173 EVP_add_cipher(EVP_aes_128_ctr());
173 EVP_add_cipher(EVP_aes_128_gcm()); 174 EVP_add_cipher(EVP_aes_128_gcm());
174 EVP_add_cipher(EVP_aes_128_xts()); 175 EVP_add_cipher(EVP_aes_128_xts());
175 EVP_add_cipher_alias(SN_aes_128_cbc,"AES128"); 176 EVP_add_cipher_alias(SN_aes_128_cbc, "AES128");
176 EVP_add_cipher_alias(SN_aes_128_cbc,"aes128"); 177 EVP_add_cipher_alias(SN_aes_128_cbc, "aes128");
177 EVP_add_cipher(EVP_aes_192_ecb()); 178 EVP_add_cipher(EVP_aes_192_ecb());
178 EVP_add_cipher(EVP_aes_192_cbc()); 179 EVP_add_cipher(EVP_aes_192_cbc());
179 EVP_add_cipher(EVP_aes_192_cfb()); 180 EVP_add_cipher(EVP_aes_192_cfb());
@@ -182,8 +183,8 @@ void OpenSSL_add_all_ciphers(void)
182 EVP_add_cipher(EVP_aes_192_ofb()); 183 EVP_add_cipher(EVP_aes_192_ofb());
183 EVP_add_cipher(EVP_aes_192_ctr()); 184 EVP_add_cipher(EVP_aes_192_ctr());
184 EVP_add_cipher(EVP_aes_192_gcm()); 185 EVP_add_cipher(EVP_aes_192_gcm());
185 EVP_add_cipher_alias(SN_aes_192_cbc,"AES192"); 186 EVP_add_cipher_alias(SN_aes_192_cbc, "AES192");
186 EVP_add_cipher_alias(SN_aes_192_cbc,"aes192"); 187 EVP_add_cipher_alias(SN_aes_192_cbc, "aes192");
187 EVP_add_cipher(EVP_aes_256_ecb()); 188 EVP_add_cipher(EVP_aes_256_ecb());
188 EVP_add_cipher(EVP_aes_256_cbc()); 189 EVP_add_cipher(EVP_aes_256_cbc());
189 EVP_add_cipher(EVP_aes_256_cfb()); 190 EVP_add_cipher(EVP_aes_256_cfb());
@@ -193,8 +194,8 @@ void OpenSSL_add_all_ciphers(void)
193 EVP_add_cipher(EVP_aes_256_ctr()); 194 EVP_add_cipher(EVP_aes_256_ctr());
194 EVP_add_cipher(EVP_aes_256_gcm()); 195 EVP_add_cipher(EVP_aes_256_gcm());
195 EVP_add_cipher(EVP_aes_256_xts()); 196 EVP_add_cipher(EVP_aes_256_xts());
196 EVP_add_cipher_alias(SN_aes_256_cbc,"AES256"); 197 EVP_add_cipher_alias(SN_aes_256_cbc, "AES256");
197 EVP_add_cipher_alias(SN_aes_256_cbc,"aes256"); 198 EVP_add_cipher_alias(SN_aes_256_cbc, "aes256");
198#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) 199#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
199 EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1()); 200 EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
200 EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); 201 EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
@@ -208,27 +209,27 @@ void OpenSSL_add_all_ciphers(void)
208 EVP_add_cipher(EVP_camellia_128_cfb1()); 209 EVP_add_cipher(EVP_camellia_128_cfb1());
209 EVP_add_cipher(EVP_camellia_128_cfb8()); 210 EVP_add_cipher(EVP_camellia_128_cfb8());
210 EVP_add_cipher(EVP_camellia_128_ofb()); 211 EVP_add_cipher(EVP_camellia_128_ofb());
211 EVP_add_cipher_alias(SN_camellia_128_cbc,"CAMELLIA128"); 212 EVP_add_cipher_alias(SN_camellia_128_cbc, "CAMELLIA128");
212 EVP_add_cipher_alias(SN_camellia_128_cbc,"camellia128"); 213 EVP_add_cipher_alias(SN_camellia_128_cbc, "camellia128");
213 EVP_add_cipher(EVP_camellia_192_ecb()); 214 EVP_add_cipher(EVP_camellia_192_ecb());
214 EVP_add_cipher(EVP_camellia_192_cbc()); 215 EVP_add_cipher(EVP_camellia_192_cbc());
215 EVP_add_cipher(EVP_camellia_192_cfb()); 216 EVP_add_cipher(EVP_camellia_192_cfb());
216 EVP_add_cipher(EVP_camellia_192_cfb1()); 217 EVP_add_cipher(EVP_camellia_192_cfb1());
217 EVP_add_cipher(EVP_camellia_192_cfb8()); 218 EVP_add_cipher(EVP_camellia_192_cfb8());
218 EVP_add_cipher(EVP_camellia_192_ofb()); 219 EVP_add_cipher(EVP_camellia_192_ofb());
219 EVP_add_cipher_alias(SN_camellia_192_cbc,"CAMELLIA192"); 220 EVP_add_cipher_alias(SN_camellia_192_cbc, "CAMELLIA192");
220 EVP_add_cipher_alias(SN_camellia_192_cbc,"camellia192"); 221 EVP_add_cipher_alias(SN_camellia_192_cbc, "camellia192");
221 EVP_add_cipher(EVP_camellia_256_ecb()); 222 EVP_add_cipher(EVP_camellia_256_ecb());
222 EVP_add_cipher(EVP_camellia_256_cbc()); 223 EVP_add_cipher(EVP_camellia_256_cbc());
223 EVP_add_cipher(EVP_camellia_256_cfb()); 224 EVP_add_cipher(EVP_camellia_256_cfb());
224 EVP_add_cipher(EVP_camellia_256_cfb1()); 225 EVP_add_cipher(EVP_camellia_256_cfb1());
225 EVP_add_cipher(EVP_camellia_256_cfb8()); 226 EVP_add_cipher(EVP_camellia_256_cfb8());
226 EVP_add_cipher(EVP_camellia_256_ofb()); 227 EVP_add_cipher(EVP_camellia_256_ofb());
227 EVP_add_cipher_alias(SN_camellia_256_cbc,"CAMELLIA256"); 228 EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256");
228 EVP_add_cipher_alias(SN_camellia_256_cbc,"camellia256"); 229 EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256");
229#endif 230#endif
230 231
231#ifndef OPENSSL_NO_CHACHA 232#ifndef OPENSSL_NO_CHACHA
232 EVP_add_cipher(EVP_chacha20()); 233 EVP_add_cipher(EVP_chacha20());
233#endif 234#endif
234 } 235}
diff --git a/src/lib/libcrypto/evp/c_alld.c b/src/lib/libcrypto/evp/c_alld.c
index 311e1fe2f8..4bd1b0bd92 100644
--- a/src/lib/libcrypto/evp/c_alld.c
+++ b/src/lib/libcrypto/evp/c_alld.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -62,15 +62,16 @@
62#include <openssl/pkcs12.h> 62#include <openssl/pkcs12.h>
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64 64
65void OpenSSL_add_all_digests(void) 65void
66 { 66OpenSSL_add_all_digests(void)
67{
67#ifndef OPENSSL_NO_MD4 68#ifndef OPENSSL_NO_MD4
68 EVP_add_digest(EVP_md4()); 69 EVP_add_digest(EVP_md4());
69#endif 70#endif
70#ifndef OPENSSL_NO_MD5 71#ifndef OPENSSL_NO_MD5
71 EVP_add_digest(EVP_md5()); 72 EVP_add_digest(EVP_md5());
72 EVP_add_digest_alias(SN_md5,"ssl2-md5"); 73 EVP_add_digest_alias(SN_md5, "ssl2-md5");
73 EVP_add_digest_alias(SN_md5,"ssl3-md5"); 74 EVP_add_digest_alias(SN_md5, "ssl3-md5");
74#endif 75#endif
75#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) 76#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
76 EVP_add_digest(EVP_sha()); 77 EVP_add_digest(EVP_sha());
@@ -80,13 +81,13 @@ void OpenSSL_add_all_digests(void)
80#endif 81#endif
81#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) 82#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
82 EVP_add_digest(EVP_sha1()); 83 EVP_add_digest(EVP_sha1());
83 EVP_add_digest_alias(SN_sha1,"ssl3-sha1"); 84 EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
84 EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA); 85 EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
85#ifndef OPENSSL_NO_DSA 86#ifndef OPENSSL_NO_DSA
86 EVP_add_digest(EVP_dss1()); 87 EVP_add_digest(EVP_dss1());
87 EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2); 88 EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
88 EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1"); 89 EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
89 EVP_add_digest_alias(SN_dsaWithSHA1,"dss1"); 90 EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
90#endif 91#endif
91#ifndef OPENSSL_NO_ECDSA 92#ifndef OPENSSL_NO_ECDSA
92 EVP_add_digest(EVP_ecdsa()); 93 EVP_add_digest(EVP_ecdsa());
@@ -97,8 +98,8 @@ void OpenSSL_add_all_digests(void)
97#endif 98#endif
98#ifndef OPENSSL_NO_RIPEMD 99#ifndef OPENSSL_NO_RIPEMD
99 EVP_add_digest(EVP_ripemd160()); 100 EVP_add_digest(EVP_ripemd160());
100 EVP_add_digest_alias(SN_ripemd160,"ripemd"); 101 EVP_add_digest_alias(SN_ripemd160, "ripemd");
101 EVP_add_digest_alias(SN_ripemd160,"rmd160"); 102 EVP_add_digest_alias(SN_ripemd160, "rmd160");
102#endif 103#endif
103#ifndef OPENSSL_NO_SHA256 104#ifndef OPENSSL_NO_SHA256
104 EVP_add_digest(EVP_sha224()); 105 EVP_add_digest(EVP_sha224());
@@ -111,4 +112,4 @@ void OpenSSL_add_all_digests(void)
111#ifndef OPENSSL_NO_WHIRLPOOL 112#ifndef OPENSSL_NO_WHIRLPOOL
112 EVP_add_digest(EVP_whirlpool()); 113 EVP_add_digest(EVP_whirlpool());
113#endif 114#endif
114 } 115}
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
index 294cc90d87..eff82e8c0b 100644
--- a/src/lib/libcrypto/evp/p5_crpt.c
+++ b/src/lib/libcrypto/evp/p5_crpt.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -65,13 +65,14 @@
65/* Doesn't do anything now: Builtin PBE algorithms in static table. 65/* Doesn't do anything now: Builtin PBE algorithms in static table.
66 */ 66 */
67 67
68void PKCS5_PBE_add(void) 68void
69PKCS5_PBE_add(void)
69{ 70{
70} 71}
71 72
72int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, 73int
73 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, 74PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
74 int en_de) 75 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de)
75{ 76{
76 EVP_MD_CTX ctx; 77 EVP_MD_CTX ctx;
77 unsigned char md_tmp[EVP_MAX_MD_SIZE]; 78 unsigned char md_tmp[EVP_MAX_MD_SIZE];
@@ -88,23 +89,27 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
88 /* Extract useful info from parameter */ 89 /* Extract useful info from parameter */
89 if (param == NULL || param->type != V_ASN1_SEQUENCE || 90 if (param == NULL || param->type != V_ASN1_SEQUENCE ||
90 param->value.sequence == NULL) { 91 param->value.sequence == NULL) {
91 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); 92 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
92 return 0; 93 return 0;
93 } 94 }
94 95
95 pbuf = param->value.sequence->data; 96 pbuf = param->value.sequence->data;
96 if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { 97 if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
97 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); 98 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
98 return 0; 99 return 0;
99 } 100 }
100 101
101 if (!pbe->iter) iter = 1; 102 if (!pbe->iter)
102 else iter = ASN1_INTEGER_get (pbe->iter); 103 iter = 1;
104 else
105 iter = ASN1_INTEGER_get (pbe->iter);
103 salt = pbe->salt->data; 106 salt = pbe->salt->data;
104 saltlen = pbe->salt->length; 107 saltlen = pbe->salt->length;
105 108
106 if(!pass) passlen = 0; 109 if (!pass)
107 else if(passlen == -1) passlen = strlen(pass); 110 passlen = 0;
111 else if (passlen == -1)
112 passlen = strlen(pass);
108 113
109 if (!EVP_DigestInit_ex(&ctx, md, NULL)) 114 if (!EVP_DigestInit_ex(&ctx, md, NULL))
110 goto err; 115 goto err;
@@ -117,7 +122,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
117 goto err; 122 goto err;
118 mdsize = EVP_MD_size(md); 123 mdsize = EVP_MD_size(md);
119 if (mdsize < 0) 124 if (mdsize < 0)
120 return 0; 125 return 0;
121 for (i = 1; i < iter; i++) { 126 for (i = 1; i < iter; i++) {
122 if (!EVP_DigestInit_ex(&ctx, md, NULL)) 127 if (!EVP_DigestInit_ex(&ctx, md, NULL))
123 goto err; 128 goto err;
@@ -130,14 +135,14 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
130 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); 135 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
131 OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16); 136 OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
132 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), 137 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
133 EVP_CIPHER_iv_length(cipher)); 138 EVP_CIPHER_iv_length(cipher));
134 if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de)) 139 if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
135 goto err; 140 goto err;
136 OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE); 141 OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
137 OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); 142 OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
138 OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); 143 OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
139 rv = 1; 144 rv = 1;
140 err: 145err:
141 EVP_MD_CTX_cleanup(&ctx); 146 EVP_MD_CTX_cleanup(&ctx);
142 return rv; 147 return rv;
143} 148}
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
index fe3c6c8813..c276cd28b8 100644
--- a/src/lib/libcrypto/evp/p5_crpt2.c
+++ b/src/lib/libcrypto/evp/p5_crpt2.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -68,7 +68,7 @@
68/* #define DEBUG_PKCS5V2 */ 68/* #define DEBUG_PKCS5V2 */
69 69
70#ifdef DEBUG_PKCS5V2 70#ifdef DEBUG_PKCS5V2
71 static void h__dump (const unsigned char *p, int len); 71static void h__dump (const unsigned char *p, int len);
72#endif 72#endif
73 73
74/* This is an implementation of PKCS#5 v2.0 password based encryption key 74/* This is an implementation of PKCS#5 v2.0 password based encryption key
@@ -77,11 +77,10 @@
77 * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list. 77 * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list.
78 */ 78 */
79 79
80int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, 80int
81 const unsigned char *salt, int saltlen, int iter, 81PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt,
82 const EVP_MD *digest, 82 int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out)
83 int keylen, unsigned char *out) 83{
84 {
85 unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; 84 unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
86 int cplen, j, k, tkeylen, mdlen; 85 int cplen, j, k, tkeylen, mdlen;
87 unsigned long i = 1; 86 unsigned long i = 1;
@@ -94,18 +93,16 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
94 HMAC_CTX_init(&hctx_tpl); 93 HMAC_CTX_init(&hctx_tpl);
95 p = out; 94 p = out;
96 tkeylen = keylen; 95 tkeylen = keylen;
97 if(!pass) 96 if (!pass)
98 passlen = 0; 97 passlen = 0;
99 else if(passlen == -1) 98 else if (passlen == -1)
100 passlen = strlen(pass); 99 passlen = strlen(pass);
101 if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) 100 if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) {
102 {
103 HMAC_CTX_cleanup(&hctx_tpl); 101 HMAC_CTX_cleanup(&hctx_tpl);
104 return 0; 102 return 0;
105 } 103 }
106 while(tkeylen) 104 while (tkeylen) {
107 { 105 if (tkeylen > mdlen)
108 if(tkeylen > mdlen)
109 cplen = mdlen; 106 cplen = mdlen;
110 else 107 else
111 cplen = tkeylen; 108 cplen = tkeylen;
@@ -116,43 +113,38 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
116 itmp[1] = (unsigned char)((i >> 16) & 0xff); 113 itmp[1] = (unsigned char)((i >> 16) & 0xff);
117 itmp[2] = (unsigned char)((i >> 8) & 0xff); 114 itmp[2] = (unsigned char)((i >> 8) & 0xff);
118 itmp[3] = (unsigned char)(i & 0xff); 115 itmp[3] = (unsigned char)(i & 0xff);
119 if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) 116 if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
120 {
121 HMAC_CTX_cleanup(&hctx_tpl); 117 HMAC_CTX_cleanup(&hctx_tpl);
122 return 0; 118 return 0;
123 } 119 }
124 if (!HMAC_Update(&hctx, salt, saltlen) 120 if (!HMAC_Update(&hctx, salt, saltlen) ||
125 || !HMAC_Update(&hctx, itmp, 4) 121 !HMAC_Update(&hctx, itmp, 4) ||
126 || !HMAC_Final(&hctx, digtmp, NULL)) 122 !HMAC_Final(&hctx, digtmp, NULL)) {
127 {
128 HMAC_CTX_cleanup(&hctx_tpl); 123 HMAC_CTX_cleanup(&hctx_tpl);
129 HMAC_CTX_cleanup(&hctx); 124 HMAC_CTX_cleanup(&hctx);
130 return 0; 125 return 0;
131 } 126 }
132 HMAC_CTX_cleanup(&hctx); 127 HMAC_CTX_cleanup(&hctx);
133 memcpy(p, digtmp, cplen); 128 memcpy(p, digtmp, cplen);
134 for(j = 1; j < iter; j++) 129 for (j = 1; j < iter; j++) {
135 { 130 if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
136 if (!HMAC_CTX_copy(&hctx, &hctx_tpl))
137 {
138 HMAC_CTX_cleanup(&hctx_tpl); 131 HMAC_CTX_cleanup(&hctx_tpl);
139 return 0; 132 return 0;
140 } 133 }
141 if (!HMAC_Update(&hctx, digtmp, mdlen) 134 if (!HMAC_Update(&hctx, digtmp, mdlen) ||
142 || !HMAC_Final(&hctx, digtmp, NULL)) 135 !HMAC_Final(&hctx, digtmp, NULL)) {
143 {
144 HMAC_CTX_cleanup(&hctx_tpl); 136 HMAC_CTX_cleanup(&hctx_tpl);
145 HMAC_CTX_cleanup(&hctx); 137 HMAC_CTX_cleanup(&hctx);
146 return 0; 138 return 0;
147 } 139 }
148 HMAC_CTX_cleanup(&hctx); 140 HMAC_CTX_cleanup(&hctx);
149 for(k = 0; k < cplen; k++) 141 for (k = 0; k < cplen; k++)
150 p[k] ^= digtmp[k]; 142 p[k] ^= digtmp[k];
151 }
152 tkeylen-= cplen;
153 i++;
154 p+= cplen;
155 } 143 }
144 tkeylen -= cplen;
145 i++;
146 p += cplen;
147 }
156 HMAC_CTX_cleanup(&hctx_tpl); 148 HMAC_CTX_cleanup(&hctx_tpl);
157#ifdef DEBUG_PKCS5V2 149#ifdef DEBUG_PKCS5V2
158 fprintf(stderr, "Password:\n"); 150 fprintf(stderr, "Password:\n");
@@ -164,15 +156,15 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
164 h__dump (out, keylen); 156 h__dump (out, keylen);
165#endif 157#endif
166 return 1; 158 return 1;
167 } 159}
168 160
169int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, 161int
170 const unsigned char *salt, int saltlen, int iter, 162PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, const unsigned char *salt,
171 int keylen, unsigned char *out) 163 int saltlen, int iter, int keylen, unsigned char *out)
172 { 164{
173 return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, EVP_sha1(), 165 return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter,
174 keylen, out); 166 EVP_sha1(), keylen, out);
175 } 167}
176 168
177#ifdef DO_TEST 169#ifdef DO_TEST
178main() 170main()
@@ -181,9 +173,8 @@ main()
181 unsigned char salt[] = {0x12, 0x34, 0x56, 0x78}; 173 unsigned char salt[] = {0x12, 0x34, 0x56, 0x78};
182 PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out); 174 PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out);
183 fprintf(stderr, "Out %02X %02X %02X %02X\n", 175 fprintf(stderr, "Out %02X %02X %02X %02X\n",
184 out[0], out[1], out[2], out[3]); 176 out[0], out[1], out[2], out[3]);
185} 177}
186
187#endif 178#endif
188 179
189/* Now the key derivation function itself. This is a bit evil because 180/* Now the key derivation function itself. This is a bit evil because
@@ -191,9 +182,9 @@ main()
191 * few of them... 182 * few of them...
192 */ 183 */
193 184
194int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, 185int
195 ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, 186PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
196 int en_de) 187 ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de)
197{ 188{
198 const unsigned char *pbuf; 189 const unsigned char *pbuf;
199 int plen; 190 int plen;
@@ -204,22 +195,22 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
204 195
205 if (param == NULL || param->type != V_ASN1_SEQUENCE || 196 if (param == NULL || param->type != V_ASN1_SEQUENCE ||
206 param->value.sequence == NULL) { 197 param->value.sequence == NULL) {
207 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); 198 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
208 goto err; 199 goto err;
209 } 200 }
210 201
211 pbuf = param->value.sequence->data; 202 pbuf = param->value.sequence->data;
212 plen = param->value.sequence->length; 203 plen = param->value.sequence->length;
213 if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { 204 if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
214 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); 205 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
215 goto err; 206 goto err;
216 } 207 }
217 208
218 /* See if we recognise the key derivation function */ 209 /* See if we recognise the key derivation function */
219 210
220 if(OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) { 211 if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
221 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, 212 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
222 EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION); 213 EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
223 goto err; 214 goto err;
224 } 215 }
225 216
@@ -228,30 +219,31 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
228 219
229 cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm); 220 cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm);
230 221
231 if(!cipher) { 222 if (!cipher) {
232 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, 223 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
233 EVP_R_UNSUPPORTED_CIPHER); 224 EVP_R_UNSUPPORTED_CIPHER);
234 goto err; 225 goto err;
235 } 226 }
236 227
237 /* Fixup cipher based on AlgorithmIdentifier */ 228 /* Fixup cipher based on AlgorithmIdentifier */
238 if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de)) 229 if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
239 goto err; 230 goto err;
240 if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) { 231 if (EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
241 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, 232 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
242 EVP_R_CIPHER_PARAMETER_ERROR); 233 EVP_R_CIPHER_PARAMETER_ERROR);
243 goto err; 234 goto err;
244 } 235 }
245 rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen, 236 rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
246 pbe2->keyfunc->parameter, c, md, en_de); 237 pbe2->keyfunc->parameter, c, md, en_de);
247 err: 238
239err:
248 PBE2PARAM_free(pbe2); 240 PBE2PARAM_free(pbe2);
249 return rv; 241 return rv;
250} 242}
251 243
252int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, 244int
253 ASN1_TYPE *param, 245PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
254 const EVP_CIPHER *c, const EVP_MD *md, int en_de) 246 ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de)
255{ 247{
256 unsigned char *salt, key[EVP_MAX_KEY_LENGTH]; 248 unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
257 const unsigned char *pbuf; 249 const unsigned char *pbuf;
@@ -262,27 +254,25 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
262 PBKDF2PARAM *kdf = NULL; 254 PBKDF2PARAM *kdf = NULL;
263 const EVP_MD *prfmd; 255 const EVP_MD *prfmd;
264 256
265 if (EVP_CIPHER_CTX_cipher(ctx) == NULL) 257 if (EVP_CIPHER_CTX_cipher(ctx) == NULL) {
266 { 258 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_NO_CIPHER_SET);
267 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_NO_CIPHER_SET);
268 goto err; 259 goto err;
269 } 260 }
270 keylen = EVP_CIPHER_CTX_key_length(ctx); 261 keylen = EVP_CIPHER_CTX_key_length(ctx);
271 OPENSSL_assert(keylen <= sizeof key); 262 OPENSSL_assert(keylen <= sizeof key);
272 263
273 /* Decode parameter */ 264 /* Decode parameter */
274 265
275 if(!param || (param->type != V_ASN1_SEQUENCE)) 266 if (!param || (param->type != V_ASN1_SEQUENCE)) {
276 { 267 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
277 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR);
278 goto err; 268 goto err;
279 } 269 }
280 270
281 pbuf = param->value.sequence->data; 271 pbuf = param->value.sequence->data;
282 plen = param->value.sequence->length; 272 plen = param->value.sequence->length;
283 273
284 if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) { 274 if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
285 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR); 275 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
286 goto err; 276 goto err;
287 } 277 }
288 278
@@ -290,9 +280,10 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
290 280
291 /* Now check the parameters of the kdf */ 281 /* Now check the parameters of the kdf */
292 282
293 if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){ 283 if (kdf->keylength &&
284 (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){
294 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, 285 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
295 EVP_R_UNSUPPORTED_KEYLENGTH); 286 EVP_R_UNSUPPORTED_KEYLENGTH);
296 goto err; 287 goto err;
297 } 288 }
298 289
@@ -301,22 +292,20 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
301 else 292 else
302 prf_nid = NID_hmacWithSHA1; 293 prf_nid = NID_hmacWithSHA1;
303 294
304 if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) 295 if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) {
305 {
306 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF); 296 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
307 goto err; 297 goto err;
308 } 298 }
309 299
310 prfmd = EVP_get_digestbynid(hmac_md_nid); 300 prfmd = EVP_get_digestbynid(hmac_md_nid);
311 if (prfmd == NULL) 301 if (prfmd == NULL) {
312 {
313 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF); 302 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
314 goto err; 303 goto err;
315 } 304 }
316 305
317 if(kdf->salt->type != V_ASN1_OCTET_STRING) { 306 if (kdf->salt->type != V_ASN1_OCTET_STRING) {
318 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, 307 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
319 EVP_R_UNSUPPORTED_SALT_TYPE); 308 EVP_R_UNSUPPORTED_SALT_TYPE);
320 goto err; 309 goto err;
321 } 310 }
322 311
@@ -324,11 +313,12 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
324 salt = kdf->salt->value.octet_string->data; 313 salt = kdf->salt->value.octet_string->data;
325 saltlen = kdf->salt->value.octet_string->length; 314 saltlen = kdf->salt->value.octet_string->length;
326 iter = ASN1_INTEGER_get(kdf->iter); 315 iter = ASN1_INTEGER_get(kdf->iter);
327 if(!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd, 316 if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
328 keylen, key)) 317 keylen, key))
329 goto err; 318 goto err;
330 rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); 319 rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
331 err: 320
321err:
332 OPENSSL_cleanse(key, keylen); 322 OPENSSL_cleanse(key, keylen);
333 PBKDF2PARAM_free(kdf); 323 PBKDF2PARAM_free(kdf);
334 return rv; 324 return rv;
@@ -337,8 +327,9 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
337#ifdef DEBUG_PKCS5V2 327#ifdef DEBUG_PKCS5V2
338static void h__dump (const unsigned char *p, int len) 328static void h__dump (const unsigned char *p, int len)
339{ 329{
340 for (; len --; p++) fprintf(stderr, "%02X ", *p); 330 for (; len --; p++)
341 fprintf(stderr, "\n"); 331 fprintf(stderr, "%02X ", *p);
332 fprintf(stderr, "\n");
342} 333}
343#endif 334#endif
344#endif 335#endif
diff --git a/src/lib/libcrypto/evp/p_dec.c b/src/lib/libcrypto/evp/p_dec.c
index 4201dcbad9..e6eb56e298 100644
--- a/src/lib/libcrypto/evp/p_dec.c
+++ b/src/lib/libcrypto/evp/p_dec.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -66,22 +66,24 @@
66#include <openssl/objects.h> 66#include <openssl/objects.h>
67#include <openssl/x509.h> 67#include <openssl/x509.h>
68 68
69int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl, 69int
70 EVP_PKEY *priv) 70EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
71 { 71 EVP_PKEY *priv)
72 int ret= -1; 72{
73 73 int ret = -1;
74
74#ifndef OPENSSL_NO_RSA 75#ifndef OPENSSL_NO_RSA
75 if (priv->type != EVP_PKEY_RSA) 76 if (priv->type != EVP_PKEY_RSA) {
76 {
77#endif 77#endif
78 EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA); 78 EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
79#ifndef OPENSSL_NO_RSA 79#ifndef OPENSSL_NO_RSA
80 goto err; 80 goto err;
81 } 81 }
82
83 ret = RSA_private_decrypt(ekl, ek, key, priv->pkey.rsa,
84 RSA_PKCS1_PADDING);
82 85
83 ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);
84err: 86err:
85#endif 87#endif
86 return(ret); 88 return (ret);
87 } 89}
diff --git a/src/lib/libcrypto/evp/p_enc.c b/src/lib/libcrypto/evp/p_enc.c
index b5a3a84c41..a921d72997 100644
--- a/src/lib/libcrypto/evp/p_enc.c
+++ b/src/lib/libcrypto/evp/p_enc.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -66,21 +66,21 @@
66#include <openssl/objects.h> 66#include <openssl/objects.h>
67#include <openssl/x509.h> 67#include <openssl/x509.h>
68 68
69int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_len, 69int
70 EVP_PKEY *pubk) 70EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_len,
71 { 71 EVP_PKEY *pubk)
72 int ret=0; 72{
73 73 int ret = 0;
74
74#ifndef OPENSSL_NO_RSA 75#ifndef OPENSSL_NO_RSA
75 if (pubk->type != EVP_PKEY_RSA) 76 if (pubk->type != EVP_PKEY_RSA) {
76 {
77#endif 77#endif
78 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA); 78 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
79#ifndef OPENSSL_NO_RSA 79#ifndef OPENSSL_NO_RSA
80 goto err; 80 goto err;
81 } 81 }
82 ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING); 82 ret = RSA_public_encrypt(key_len, key, ek, pubk->pkey.rsa, RSA_PKCS1_PADDING);
83err: 83err:
84#endif 84#endif
85 return(ret); 85 return (ret);
86 } 86}
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
index 5f5f5e328d..97d922d1ba 100644
--- a/src/lib/libcrypto/evp/p_lib.c
+++ b/src/lib/libcrypto/evp/p_lib.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -82,134 +82,138 @@
82 82
83static void EVP_PKEY_free_it(EVP_PKEY *x); 83static void EVP_PKEY_free_it(EVP_PKEY *x);
84 84
85int EVP_PKEY_bits(EVP_PKEY *pkey) 85int
86 { 86EVP_PKEY_bits(EVP_PKEY *pkey)
87{
87 if (pkey && pkey->ameth && pkey->ameth->pkey_bits) 88 if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
88 return pkey->ameth->pkey_bits(pkey); 89 return pkey->ameth->pkey_bits(pkey);
89 return 0; 90 return 0;
90 } 91}
91 92
92int EVP_PKEY_size(EVP_PKEY *pkey) 93int
93 { 94EVP_PKEY_size(EVP_PKEY *pkey)
95{
94 if (pkey && pkey->ameth && pkey->ameth->pkey_size) 96 if (pkey && pkey->ameth && pkey->ameth->pkey_size)
95 return pkey->ameth->pkey_size(pkey); 97 return pkey->ameth->pkey_size(pkey);
96 return 0; 98 return 0;
97 } 99}
98 100
99int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) 101int
100 { 102EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
103{
101#ifndef OPENSSL_NO_DSA 104#ifndef OPENSSL_NO_DSA
102 if (pkey->type == EVP_PKEY_DSA) 105 if (pkey->type == EVP_PKEY_DSA) {
103 { 106 int ret = pkey->save_parameters;
104 int ret=pkey->save_parameters;
105 107
106 if (mode >= 0) 108 if (mode >= 0)
107 pkey->save_parameters=mode; 109 pkey->save_parameters = mode;
108 return(ret); 110 return (ret);
109 } 111 }
110#endif 112#endif
111#ifndef OPENSSL_NO_EC 113#ifndef OPENSSL_NO_EC
112 if (pkey->type == EVP_PKEY_EC) 114 if (pkey->type == EVP_PKEY_EC) {
113 {
114 int ret = pkey->save_parameters; 115 int ret = pkey->save_parameters;
115 116
116 if (mode >= 0) 117 if (mode >= 0)
117 pkey->save_parameters = mode; 118 pkey->save_parameters = mode;
118 return(ret); 119 return (ret);
119 }
120#endif
121 return(0);
122 } 120 }
121#endif
122 return (0);
123}
123 124
124int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 125int
125 { 126EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
126 if (to->type != from->type) 127{
127 { 128 if (to->type != from->type) {
128 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES); 129 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,
130 EVP_R_DIFFERENT_KEY_TYPES);
129 goto err; 131 goto err;
130 } 132 }
131 133
132 if (EVP_PKEY_missing_parameters(from)) 134 if (EVP_PKEY_missing_parameters(from)) {
133 { 135 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,
134 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS); 136 EVP_R_MISSING_PARAMETERS);
135 goto err; 137 goto err;
136 } 138 }
137 if (from->ameth && from->ameth->param_copy) 139 if (from->ameth && from->ameth->param_copy)
138 return from->ameth->param_copy(to, from); 140 return from->ameth->param_copy(to, from);
141
139err: 142err:
140 return 0; 143 return 0;
141 } 144}
142 145
143int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) 146int
144 { 147EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
148{
145 if (pkey->ameth && pkey->ameth->param_missing) 149 if (pkey->ameth && pkey->ameth->param_missing)
146 return pkey->ameth->param_missing(pkey); 150 return pkey->ameth->param_missing(pkey);
147 return 0; 151 return 0;
148 } 152}
149 153
150int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 154int
151 { 155EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
156{
152 if (a->type != b->type) 157 if (a->type != b->type)
153 return -1; 158 return -1;
154 if (a->ameth && a->ameth->param_cmp) 159 if (a->ameth && a->ameth->param_cmp)
155 return a->ameth->param_cmp(a, b); 160 return a->ameth->param_cmp(a, b);
156 return -2; 161 return -2;
157 } 162}
158 163
159int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 164int
160 { 165EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
166{
161 if (a->type != b->type) 167 if (a->type != b->type)
162 return -1; 168 return -1;
163 169
164 if (a->ameth) 170 if (a->ameth) {
165 {
166 int ret; 171 int ret;
167 /* Compare parameters if the algorithm has them */ 172 /* Compare parameters if the algorithm has them */
168 if (a->ameth->param_cmp) 173 if (a->ameth->param_cmp) {
169 {
170 ret = a->ameth->param_cmp(a, b); 174 ret = a->ameth->param_cmp(a, b);
171 if (ret <= 0) 175 if (ret <= 0)
172 return ret; 176 return ret;
173 } 177 }
174 178
175 if (a->ameth->pub_cmp) 179 if (a->ameth->pub_cmp)
176 return a->ameth->pub_cmp(a, b); 180 return a->ameth->pub_cmp(a, b);
177 } 181 }
178 182
179 return -2; 183 return -2;
180 } 184}
181 185
182EVP_PKEY *EVP_PKEY_new(void) 186EVP_PKEY *
183 { 187EVP_PKEY_new(void)
188{
184 EVP_PKEY *ret; 189 EVP_PKEY *ret;
185 190
186 ret=(EVP_PKEY *)malloc(sizeof(EVP_PKEY)); 191 ret = (EVP_PKEY *)malloc(sizeof(EVP_PKEY));
187 if (ret == NULL) 192 if (ret == NULL) {
188 { 193 EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE);
189 EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE); 194 return (NULL);
190 return(NULL);
191 }
192 ret->type=EVP_PKEY_NONE;
193 ret->save_type=EVP_PKEY_NONE;
194 ret->references=1;
195 ret->ameth=NULL;
196 ret->engine=NULL;
197 ret->pkey.ptr=NULL;
198 ret->attributes=NULL;
199 ret->save_parameters=1;
200 return(ret);
201 } 195 }
196 ret->type = EVP_PKEY_NONE;
197 ret->save_type = EVP_PKEY_NONE;
198 ret->references = 1;
199 ret->ameth = NULL;
200 ret->engine = NULL;
201 ret->pkey.ptr = NULL;
202 ret->attributes = NULL;
203 ret->save_parameters = 1;
204 return (ret);
205}
202 206
203/* Setup a public key ASN1 method and ENGINE from a NID or a string. 207/* Setup a public key ASN1 method and ENGINE from a NID or a string.
204 * If pkey is NULL just return 1 or 0 if the algorithm exists. 208 * If pkey is NULL just return 1 or 0 if the algorithm exists.
205 */ 209 */
206 210
207static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len) 211static int
208 { 212pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
213{
209 const EVP_PKEY_ASN1_METHOD *ameth; 214 const EVP_PKEY_ASN1_METHOD *ameth;
210 ENGINE *e = NULL; 215 ENGINE *e = NULL;
211 if (pkey) 216 if (pkey) {
212 {
213 if (pkey->pkey.ptr) 217 if (pkey->pkey.ptr)
214 EVP_PKEY_free_it(pkey); 218 EVP_PKEY_free_it(pkey);
215 /* If key type matches and a method exists then this 219 /* If key type matches and a method exists then this
@@ -219,13 +223,12 @@ static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
219 return 1; 223 return 1;
220#ifndef OPENSSL_NO_ENGINE 224#ifndef OPENSSL_NO_ENGINE
221 /* If we have an ENGINE release it */ 225 /* If we have an ENGINE release it */
222 if (pkey->engine) 226 if (pkey->engine) {
223 {
224 ENGINE_finish(pkey->engine); 227 ENGINE_finish(pkey->engine);
225 pkey->engine = NULL; 228 pkey->engine = NULL;
226 }
227#endif
228 } 229 }
230#endif
231 }
229 if (str) 232 if (str)
230 ameth = EVP_PKEY_asn1_find_str(&e, str, len); 233 ameth = EVP_PKEY_asn1_find_str(&e, str, len);
231 else 234 else
@@ -234,57 +237,61 @@ static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
234 if (!pkey && e) 237 if (!pkey && e)
235 ENGINE_finish(e); 238 ENGINE_finish(e);
236#endif 239#endif
237 if (!ameth) 240 if (!ameth) {
238 {
239 EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM); 241 EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
240 return 0; 242 return 0;
241 } 243 }
242 if (pkey) 244 if (pkey) {
243 {
244 pkey->ameth = ameth; 245 pkey->ameth = ameth;
245 pkey->engine = e; 246 pkey->engine = e;
246 247
247 pkey->type = pkey->ameth->pkey_id; 248 pkey->type = pkey->ameth->pkey_id;
248 pkey->save_type=type; 249 pkey->save_type = type;
249 }
250 return 1;
251 } 250 }
251 return 1;
252}
252 253
253int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) 254int
254 { 255EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
256{
255 return pkey_set_type(pkey, type, NULL, -1); 257 return pkey_set_type(pkey, type, NULL, -1);
256 } 258}
257 259
258int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) 260int
259 { 261EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
262{
260 return pkey_set_type(pkey, EVP_PKEY_NONE, str, len); 263 return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
261 } 264}
262 265
263int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) 266int
264 { 267EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
268{
265 if (!EVP_PKEY_set_type(pkey, type)) 269 if (!EVP_PKEY_set_type(pkey, type))
266 return 0; 270 return 0;
267 pkey->pkey.ptr=key; 271 pkey->pkey.ptr = key;
268 return (key != NULL); 272 return (key != NULL);
269 } 273}
270 274
271void *EVP_PKEY_get0(EVP_PKEY *pkey) 275void *
272 { 276EVP_PKEY_get0(EVP_PKEY *pkey)
277{
273 return pkey->pkey.ptr; 278 return pkey->pkey.ptr;
274 } 279}
275 280
276#ifndef OPENSSL_NO_RSA 281#ifndef OPENSSL_NO_RSA
277int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) 282int
283EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
278{ 284{
279 int ret = EVP_PKEY_assign_RSA(pkey, key); 285 int ret = EVP_PKEY_assign_RSA(pkey, key);
280 if(ret) 286 if (ret)
281 RSA_up_ref(key); 287 RSA_up_ref(key);
282 return ret; 288 return ret;
283} 289}
284 290
285RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) 291RSA *
286 { 292EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
287 if(pkey->type != EVP_PKEY_RSA) { 293{
294 if (pkey->type != EVP_PKEY_RSA) {
288 EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY); 295 EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
289 return NULL; 296 return NULL;
290 } 297 }
@@ -294,17 +301,19 @@ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
294#endif 301#endif
295 302
296#ifndef OPENSSL_NO_DSA 303#ifndef OPENSSL_NO_DSA
297int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) 304int
305EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
298{ 306{
299 int ret = EVP_PKEY_assign_DSA(pkey, key); 307 int ret = EVP_PKEY_assign_DSA(pkey, key);
300 if(ret) 308 if (ret)
301 DSA_up_ref(key); 309 DSA_up_ref(key);
302 return ret; 310 return ret;
303} 311}
304 312
305DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) 313DSA *
306 { 314EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
307 if(pkey->type != EVP_PKEY_DSA) { 315{
316 if (pkey->type != EVP_PKEY_DSA) {
308 EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY); 317 EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
309 return NULL; 318 return NULL;
310 } 319 }
@@ -315,18 +324,19 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
315 324
316#ifndef OPENSSL_NO_EC 325#ifndef OPENSSL_NO_EC
317 326
318int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) 327int
328EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
319{ 329{
320 int ret = EVP_PKEY_assign_EC_KEY(pkey,key); 330 int ret = EVP_PKEY_assign_EC_KEY(pkey, key);
321 if (ret) 331 if (ret)
322 EC_KEY_up_ref(key); 332 EC_KEY_up_ref(key);
323 return ret; 333 return ret;
324} 334}
325 335
326EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) 336EC_KEY *
337EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
327{ 338{
328 if (pkey->type != EVP_PKEY_EC) 339 if (pkey->type != EVP_PKEY_EC) {
329 {
330 EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); 340 EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
331 return NULL; 341 return NULL;
332 } 342 }
@@ -338,17 +348,19 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
338 348
339#ifndef OPENSSL_NO_DH 349#ifndef OPENSSL_NO_DH
340 350
341int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) 351int
352EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
342{ 353{
343 int ret = EVP_PKEY_assign_DH(pkey, key); 354 int ret = EVP_PKEY_assign_DH(pkey, key);
344 if(ret) 355 if (ret)
345 DH_up_ref(key); 356 DH_up_ref(key);
346 return ret; 357 return ret;
347} 358}
348 359
349DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) 360DH *
350 { 361EVP_PKEY_get1_DH(EVP_PKEY *pkey)
351 if(pkey->type != EVP_PKEY_DH) { 362{
363 if (pkey->type != EVP_PKEY_DH) {
352 EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY); 364 EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
353 return NULL; 365 return NULL;
354 } 366 }
@@ -357,8 +369,9 @@ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
357} 369}
358#endif 370#endif
359 371
360int EVP_PKEY_type(int type) 372int
361 { 373EVP_PKEY_type(int type)
374{
362 int ret; 375 int ret;
363 const EVP_PKEY_ASN1_METHOD *ameth; 376 const EVP_PKEY_ASN1_METHOD *ameth;
364 ENGINE *e; 377 ENGINE *e;
@@ -372,89 +385,97 @@ int EVP_PKEY_type(int type)
372 ENGINE_finish(e); 385 ENGINE_finish(e);
373#endif 386#endif
374 return ret; 387 return ret;
375 } 388}
376 389
377int EVP_PKEY_id(const EVP_PKEY *pkey) 390int
378 { 391EVP_PKEY_id(const EVP_PKEY *pkey)
392{
379 return pkey->type; 393 return pkey->type;
380 } 394}
381 395
382int EVP_PKEY_base_id(const EVP_PKEY *pkey) 396int
383 { 397EVP_PKEY_base_id(const EVP_PKEY *pkey)
398{
384 return EVP_PKEY_type(pkey->type); 399 return EVP_PKEY_type(pkey->type);
385 } 400}
386 401
387void EVP_PKEY_free(EVP_PKEY *x) 402void
388 { 403EVP_PKEY_free(EVP_PKEY *x)
404{
389 int i; 405 int i;
390 406
391 if (x == NULL) return; 407 if (x == NULL)
408 return;
392 409
393 i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY); 410 i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_EVP_PKEY);
394 if (i > 0) return; 411 if (i > 0)
412 return;
395 413
396 EVP_PKEY_free_it(x); 414 EVP_PKEY_free_it(x);
397 if (x->attributes) 415 if (x->attributes)
398 sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); 416 sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
399 free(x); 417 free(x);
400 } 418}
401 419
402static void EVP_PKEY_free_it(EVP_PKEY *x) 420static void
403 { 421EVP_PKEY_free_it(EVP_PKEY *x)
404 if (x->ameth && x->ameth->pkey_free) 422{
405 { 423 if (x->ameth && x->ameth->pkey_free) {
406 x->ameth->pkey_free(x); 424 x->ameth->pkey_free(x);
407 x->pkey.ptr = NULL; 425 x->pkey.ptr = NULL;
408 } 426 }
409#ifndef OPENSSL_NO_ENGINE 427#ifndef OPENSSL_NO_ENGINE
410 if (x->engine) 428 if (x->engine) {
411 {
412 ENGINE_finish(x->engine); 429 ENGINE_finish(x->engine);
413 x->engine = NULL; 430 x->engine = NULL;
414 }
415#endif
416 } 431 }
432#endif
433}
417 434
418static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, 435static int
419 const char *kstr) 436unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, const char *kstr)
420 { 437{
421 BIO_indent(out, indent, 128); 438 BIO_indent(out, indent, 128);
422 BIO_printf(out, "%s algorithm \"%s\" unsupported\n", 439 BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
423 kstr, OBJ_nid2ln(pkey->type)); 440 kstr, OBJ_nid2ln(pkey->type));
424 return 1; 441 return 1;
425 } 442}
426 443
427int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, 444int
428 int indent, ASN1_PCTX *pctx) 445EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent,
429 { 446 ASN1_PCTX *pctx)
447{
430 if (pkey->ameth && pkey->ameth->pub_print) 448 if (pkey->ameth && pkey->ameth->pub_print)
431 return pkey->ameth->pub_print(out, pkey, indent, pctx); 449 return pkey->ameth->pub_print(out, pkey, indent, pctx);
432 450
433 return unsup_alg(out, pkey, indent, "Public Key"); 451 return unsup_alg(out, pkey, indent, "Public Key");
434 } 452}
435 453
436int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, 454int
437 int indent, ASN1_PCTX *pctx) 455EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent,
438 { 456 ASN1_PCTX *pctx)
457{
439 if (pkey->ameth && pkey->ameth->priv_print) 458 if (pkey->ameth && pkey->ameth->priv_print)
440 return pkey->ameth->priv_print(out, pkey, indent, pctx); 459 return pkey->ameth->priv_print(out, pkey, indent, pctx);
441 460
442 return unsup_alg(out, pkey, indent, "Private Key"); 461 return unsup_alg(out, pkey, indent, "Private Key");
443 } 462}
444 463
445int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, 464int
446 int indent, ASN1_PCTX *pctx) 465EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent,
447 { 466 ASN1_PCTX *pctx)
467{
448 if (pkey->ameth && pkey->ameth->param_print) 468 if (pkey->ameth && pkey->ameth->param_print)
449 return pkey->ameth->param_print(out, pkey, indent, pctx); 469 return pkey->ameth->param_print(out, pkey, indent, pctx);
450 return unsup_alg(out, pkey, indent, "Parameters"); 470 return unsup_alg(out, pkey, indent, "Parameters");
451 } 471}
452 472
453int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) 473int
454 { 474EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
475{
455 if (!pkey->ameth || !pkey->ameth->pkey_ctrl) 476 if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
456 return -2; 477 return -2;
457 return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 478 return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
458 0, pnid); 479 0, pnid);
459 } 480}
460 481
diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c
index b832ec6a6b..88c0a45544 100644
--- a/src/lib/libcrypto/evp/p_open.c
+++ b/src/lib/libcrypto/evp/p_open.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -66,57 +66,60 @@
66#include <openssl/x509.h> 66#include <openssl/x509.h>
67#include <openssl/rsa.h> 67#include <openssl/rsa.h>
68 68
69int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, 69int
70 const unsigned char *ek, int ekl, const unsigned char *iv, 70EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
71 EVP_PKEY *priv) 71 const unsigned char *ek, int ekl, const unsigned char *iv, EVP_PKEY *priv)
72 { 72{
73 unsigned char *key=NULL; 73 unsigned char *key = NULL;
74 int i,size=0,ret=0; 74 int i, size = 0, ret = 0;
75 75
76 if(type) { 76 if (type) {
77 EVP_CIPHER_CTX_init(ctx); 77 EVP_CIPHER_CTX_init(ctx);
78 if(!EVP_DecryptInit_ex(ctx,type,NULL, NULL,NULL)) return 0; 78 if (!EVP_DecryptInit_ex(ctx, type, NULL, NULL, NULL))
79 return 0;
79 } 80 }
80 81
81 if(!priv) return 1; 82 if (!priv)
83 return 1;
82 84
83 if (priv->type != EVP_PKEY_RSA) 85 if (priv->type != EVP_PKEY_RSA) {
84 { 86 EVPerr(EVP_F_EVP_OPENINIT, EVP_R_PUBLIC_KEY_NOT_RSA);
85 EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
86 goto err; 87 goto err;
87 } 88 }
88 89
89 size=RSA_size(priv->pkey.rsa); 90 size = RSA_size(priv->pkey.rsa);
90 key=(unsigned char *)malloc(size+2); 91 key = (unsigned char *)malloc(size + 2);
91 if (key == NULL) 92 if (key == NULL) {
92 {
93 /* ERROR */ 93 /* ERROR */
94 EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE); 94 EVPerr(EVP_F_EVP_OPENINIT, ERR_R_MALLOC_FAILURE);
95 goto err; 95 goto err;
96 } 96 }
97 97
98 i=EVP_PKEY_decrypt_old(key,ek,ekl,priv); 98 i = EVP_PKEY_decrypt_old(key, ek, ekl, priv);
99 if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) 99 if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) {
100 {
101 /* ERROR */ 100 /* ERROR */
102 goto err; 101 goto err;
103 } 102 }
104 if(!EVP_DecryptInit_ex(ctx,NULL,NULL,key,iv)) goto err; 103 if (!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv))
104 goto err;
105
106 ret = 1;
105 107
106 ret=1;
107err: 108err:
108 if (key != NULL) OPENSSL_cleanse(key,size); 109 if (key != NULL)
110 OPENSSL_cleanse(key, size);
109 free(key); 111 free(key);
110 return(ret); 112 return (ret);
111 } 113}
112 114
113int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 115int
114 { 116EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
117{
115 int i; 118 int i;
116 119
117 i=EVP_DecryptFinal_ex(ctx,out,outl); 120 i = EVP_DecryptFinal_ex(ctx, out, outl);
118 if (i) 121 if (i)
119 i = EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL); 122 i = EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
120 return(i); 123 return (i);
121 } 124}
122#endif 125#endif
diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c
index e5919b0fbf..6147447290 100644
--- a/src/lib/libcrypto/evp/p_seal.c
+++ b/src/lib/libcrypto/evp/p_seal.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -66,33 +66,36 @@
66#include <openssl/objects.h> 66#include <openssl/objects.h>
67#include <openssl/x509.h> 67#include <openssl/x509.h>
68 68
69int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek, 69int
70 int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk) 70EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
71 { 71 int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
72{
72 unsigned char key[EVP_MAX_KEY_LENGTH]; 73 unsigned char key[EVP_MAX_KEY_LENGTH];
73 int i; 74 int i;
74 75
75 if(type) { 76 if (type) {
76 EVP_CIPHER_CTX_init(ctx); 77 EVP_CIPHER_CTX_init(ctx);
77 if(!EVP_EncryptInit_ex(ctx,type,NULL,NULL,NULL)) return 0; 78 if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL))
79 return 0;
78 } 80 }
79 if ((npubk <= 0) || !pubk) 81 if ((npubk <= 0) || !pubk)
80 return 1; 82 return 1;
81 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) 83 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
82 return 0; 84 return 0;
83 if (EVP_CIPHER_CTX_iv_length(ctx)) 85 if (EVP_CIPHER_CTX_iv_length(ctx))
84 RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx)); 86 RAND_pseudo_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx));
85 87
86 if(!EVP_EncryptInit_ex(ctx,NULL,NULL,key,iv)) return 0; 88 if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
89 return 0;
87 90
88 for (i=0; i<npubk; i++) 91 for (i = 0; i < npubk; i++) {
89 { 92 ekl[i] = EVP_PKEY_encrypt_old(ek[i], key,
90 ekl[i]=EVP_PKEY_encrypt_old(ek[i],key,EVP_CIPHER_CTX_key_length(ctx), 93 EVP_CIPHER_CTX_key_length(ctx), pubk[i]);
91 pubk[i]); 94 if (ekl[i] <= 0)
92 if (ekl[i] <= 0) return(-1); 95 return (-1);
93 }
94 return(npubk);
95 } 96 }
97 return (npubk);
98}
96 99
97/* MACRO 100/* MACRO
98void EVP_SealUpdate(ctx,out,outl,in,inl) 101void EVP_SealUpdate(ctx,out,outl,in,inl)
@@ -106,11 +109,13 @@ int inl;
106 } 109 }
107*/ 110*/
108 111
109int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 112int
110 { 113EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
114{
111 int i; 115 int i;
112 i = EVP_EncryptFinal_ex(ctx,out,outl); 116
113 if (i) 117 i = EVP_EncryptFinal_ex(ctx, out, outl);
114 i = EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL); 118 if (i)
119 i = EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, NULL);
115 return i; 120 return i;
116 } 121}
diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c
index 8afb664306..b064ec5fb5 100644
--- a/src/lib/libcrypto/evp/p_sign.c
+++ b/src/lib/libcrypto/evp/p_sign.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -63,37 +63,39 @@
63#include <openssl/x509.h> 63#include <openssl/x509.h>
64 64
65#ifdef undef 65#ifdef undef
66void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type) 66void
67 { 67EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
68 EVP_DigestInit_ex(ctx,type); 68{
69 } 69 EVP_DigestInit_ex(ctx, type);
70}
70 71
71void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, 72void
72 unsigned int count) 73EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
73 { 74 unsigned int count)
74 EVP_DigestUpdate(ctx,data,count); 75{
75 } 76 EVP_DigestUpdate(ctx, data, count);
77}
76#endif 78#endif
77 79
78int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, 80int
79 EVP_PKEY *pkey) 81EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
80 { 82 EVP_PKEY *pkey)
83{
81 unsigned char m[EVP_MAX_MD_SIZE]; 84 unsigned char m[EVP_MAX_MD_SIZE];
82 unsigned int m_len; 85 unsigned int m_len;
83 int i = 0,ok = 0,v; 86 int i = 0, ok = 0, v;
84 EVP_MD_CTX tmp_ctx; 87 EVP_MD_CTX tmp_ctx;
85 EVP_PKEY_CTX *pkctx = NULL; 88 EVP_PKEY_CTX *pkctx = NULL;
86 89
87 *siglen=0; 90 *siglen = 0;
88 EVP_MD_CTX_init(&tmp_ctx); 91 EVP_MD_CTX_init(&tmp_ctx);
89 if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx)) 92 if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
90 goto err; 93 goto err;
91 if (!EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len)) 94 if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
92 goto err; 95 goto err;
93 EVP_MD_CTX_cleanup(&tmp_ctx); 96 EVP_MD_CTX_cleanup(&tmp_ctx);
94 97
95 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) 98 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
96 {
97 size_t sltmp = (size_t)EVP_PKEY_size(pkey); 99 size_t sltmp = (size_t)EVP_PKEY_size(pkey);
98 i = 0; 100 i = 0;
99 pkctx = EVP_PKEY_CTX_new(pkey, NULL); 101 pkctx = EVP_PKEY_CTX_new(pkey, NULL);
@@ -107,33 +109,29 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
107 goto err; 109 goto err;
108 *siglen = sltmp; 110 *siglen = sltmp;
109 i = 1; 111 i = 1;
110 err: 112err:
111 EVP_PKEY_CTX_free(pkctx); 113 EVP_PKEY_CTX_free(pkctx);
112 return i; 114 return i;
113 } 115 }
114 116
115 for (i=0; i<4; i++) 117 for (i = 0; i < 4; i++) {
116 { 118 v = ctx->digest->required_pkey_type[i];
117 v=ctx->digest->required_pkey_type[i]; 119 if (v == 0)
118 if (v == 0) break; 120 break;
119 if (pkey->type == v) 121 if (pkey->type == v) {
120 { 122 ok = 1;
121 ok=1;
122 break; 123 break;
123 }
124 }
125 if (!ok)
126 {
127 EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
128 return(0);
129 }
130
131 if (ctx->digest->sign == NULL)
132 {
133 EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
134 return(0);
135 } 124 }
136 return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen, 125 }
137 pkey->pkey.ptr)); 126 if (!ok) {
127 EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
128 return (0);
138 } 129 }
139 130
131 if (ctx->digest->sign == NULL) {
132 EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
133 return (0);
134 }
135 return(ctx->digest->sign(ctx->digest->type, m,m_len, sigret, siglen,
136 pkey->pkey.ptr));
137}
diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c
index c66d63ccf8..3b9b8ab7d6 100644
--- a/src/lib/libcrypto/evp/p_verify.c
+++ b/src/lib/libcrypto/evp/p_verify.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -62,24 +62,24 @@
62#include <openssl/objects.h> 62#include <openssl/objects.h>
63#include <openssl/x509.h> 63#include <openssl/x509.h>
64 64
65int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, 65int
66 unsigned int siglen, EVP_PKEY *pkey) 66EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
67 { 67 unsigned int siglen, EVP_PKEY *pkey)
68{
68 unsigned char m[EVP_MAX_MD_SIZE]; 69 unsigned char m[EVP_MAX_MD_SIZE];
69 unsigned int m_len; 70 unsigned int m_len;
70 int i = 0,ok = 0,v; 71 int i = 0, ok = 0, v;
71 EVP_MD_CTX tmp_ctx; 72 EVP_MD_CTX tmp_ctx;
72 EVP_PKEY_CTX *pkctx = NULL; 73 EVP_PKEY_CTX *pkctx = NULL;
73 74
74 EVP_MD_CTX_init(&tmp_ctx); 75 EVP_MD_CTX_init(&tmp_ctx);
75 if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx)) 76 if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
76 goto err; 77 goto err;
77 if (!EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len)) 78 if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
78 goto err; 79 goto err;
79 EVP_MD_CTX_cleanup(&tmp_ctx); 80 EVP_MD_CTX_cleanup(&tmp_ctx);
80 81
81 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) 82 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
82 {
83 i = -1; 83 i = -1;
84 pkctx = EVP_PKEY_CTX_new(pkey, NULL); 84 pkctx = EVP_PKEY_CTX_new(pkey, NULL);
85 if (!pkctx) 85 if (!pkctx)
@@ -89,33 +89,30 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
89 if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) 89 if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
90 goto err; 90 goto err;
91 i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len); 91 i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
92 err: 92err:
93 EVP_PKEY_CTX_free(pkctx); 93 EVP_PKEY_CTX_free(pkctx);
94 return i; 94 return i;
95 } 95 }
96 96
97 for (i=0; i<4; i++) 97 for (i = 0; i < 4; i++) {
98 { 98 v = ctx->digest->required_pkey_type[i];
99 v=ctx->digest->required_pkey_type[i]; 99 if (v == 0)
100 if (v == 0) break; 100 break;
101 if (pkey->type == v) 101 if (pkey->type == v) {
102 { 102 ok = 1;
103 ok=1;
104 break; 103 break;
105 }
106 }
107 if (!ok)
108 {
109 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
110 return(-1);
111 }
112 if (ctx->digest->verify == NULL)
113 {
114 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
115 return(0);
116 } 104 }
117 105 }
118 return(ctx->digest->verify(ctx->digest->type,m,m_len, 106 if (!ok) {
119 sigbuf,siglen,pkey->pkey.ptr)); 107 EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
108 return (-1);
109 }
110 if (ctx->digest->verify == NULL) {
111 EVPerr(EVP_F_EVP_VERIFYFINAL,
112 EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
113 return (0);
120 } 114 }
121 115
116 return(ctx->digest->verify(ctx->digest->type, m, m_len,
117 sigbuf, siglen, pkey->pkey.ptr));
118}
diff --git a/src/lib/libcrypto/evp/pmeth_fn.c b/src/lib/libcrypto/evp/pmeth_fn.c
index c4676f2f8d..12dd9e26a1 100644
--- a/src/lib/libcrypto/evp/pmeth_fn.c
+++ b/src/lib/libcrypto/evp/pmeth_fn.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -79,15 +79,16 @@
79 } \ 79 } \
80 } 80 }
81 81
82int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) 82int
83 { 83EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
84{
84 int ret; 85 int ret;
85 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) 86
86 { 87 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
87 EVPerr(EVP_F_EVP_PKEY_SIGN_INIT, 88 EVPerr(EVP_F_EVP_PKEY_SIGN_INIT,
88 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 89 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
89 return -2; 90 return -2;
90 } 91 }
91 ctx->operation = EVP_PKEY_OP_SIGN; 92 ctx->operation = EVP_PKEY_OP_SIGN;
92 if (!ctx->pmeth->sign_init) 93 if (!ctx->pmeth->sign_init)
93 return 1; 94 return 1;
@@ -95,36 +96,35 @@ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
95 if (ret <= 0) 96 if (ret <= 0)
96 ctx->operation = EVP_PKEY_OP_UNDEFINED; 97 ctx->operation = EVP_PKEY_OP_UNDEFINED;
97 return ret; 98 return ret;
98 } 99}
99 100
100int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, 101int
101 unsigned char *sig, size_t *siglen, 102EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
102 const unsigned char *tbs, size_t tbslen) 103 const unsigned char *tbs, size_t tbslen)
103 { 104{
104 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) 105 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
105 {
106 EVPerr(EVP_F_EVP_PKEY_SIGN, 106 EVPerr(EVP_F_EVP_PKEY_SIGN,
107 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 107 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
108 return -2; 108 return -2;
109 } 109 }
110 if (ctx->operation != EVP_PKEY_OP_SIGN) 110 if (ctx->operation != EVP_PKEY_OP_SIGN) {
111 {
112 EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED); 111 EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED);
113 return -1; 112 return -1;
114 } 113 }
115 M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN) 114 M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
116 return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen); 115 return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
117 } 116}
118 117
119int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) 118int
120 { 119EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
120{
121 int ret; 121 int ret;
122 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) 122
123 { 123 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
124 EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT, 124 EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT,
125 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 125 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
126 return -2; 126 return -2;
127 } 127 }
128 ctx->operation = EVP_PKEY_OP_VERIFY; 128 ctx->operation = EVP_PKEY_OP_VERIFY;
129 if (!ctx->pmeth->verify_init) 129 if (!ctx->pmeth->verify_init)
130 return 1; 130 return 1;
@@ -132,35 +132,34 @@ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
132 if (ret <= 0) 132 if (ret <= 0)
133 ctx->operation = EVP_PKEY_OP_UNDEFINED; 133 ctx->operation = EVP_PKEY_OP_UNDEFINED;
134 return ret; 134 return ret;
135 } 135}
136 136
137int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, 137int
138 const unsigned char *sig, size_t siglen, 138EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
139 const unsigned char *tbs, size_t tbslen) 139 const unsigned char *tbs, size_t tbslen)
140 { 140{
141 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) 141 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
142 {
143 EVPerr(EVP_F_EVP_PKEY_VERIFY, 142 EVPerr(EVP_F_EVP_PKEY_VERIFY,
144 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 143 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
145 return -2; 144 return -2;
146 } 145 }
147 if (ctx->operation != EVP_PKEY_OP_VERIFY) 146 if (ctx->operation != EVP_PKEY_OP_VERIFY) {
148 {
149 EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED); 147 EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED);
150 return -1; 148 return -1;
151 }
152 return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
153 } 149 }
150 return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
151}
154 152
155int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx) 153int
156 { 154EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
155{
157 int ret; 156 int ret;
158 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) 157
159 { 158 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
160 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT, 159 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT,
161 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 160 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
162 return -2; 161 return -2;
163 } 162 }
164 ctx->operation = EVP_PKEY_OP_VERIFYRECOVER; 163 ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
165 if (!ctx->pmeth->verify_recover_init) 164 if (!ctx->pmeth->verify_recover_init)
166 return 1; 165 return 1;
@@ -168,36 +167,36 @@ int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
168 if (ret <= 0) 167 if (ret <= 0)
169 ctx->operation = EVP_PKEY_OP_UNDEFINED; 168 ctx->operation = EVP_PKEY_OP_UNDEFINED;
170 return ret; 169 return ret;
171 } 170}
172 171
173int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, 172int
174 unsigned char *rout, size_t *routlen, 173EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen,
175 const unsigned char *sig, size_t siglen) 174 const unsigned char *sig, size_t siglen)
176 { 175{
177 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) 176 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
178 {
179 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, 177 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
180 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 178 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
181 return -2; 179 return -2;
182 } 180 }
183 if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) 181 if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
184 { 182 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
185 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, EVP_R_OPERATON_NOT_INITIALIZED); 183 EVP_R_OPERATON_NOT_INITIALIZED);
186 return -1; 184 return -1;
187 } 185 }
188 M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER) 186 M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
189 return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen); 187 return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
190 } 188}
191 189
192int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) 190int
193 { 191EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
192{
194 int ret; 193 int ret;
195 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) 194
196 { 195 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
197 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT, 196 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT,
198 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 197 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
199 return -2; 198 return -2;
200 } 199 }
201 ctx->operation = EVP_PKEY_OP_ENCRYPT; 200 ctx->operation = EVP_PKEY_OP_ENCRYPT;
202 if (!ctx->pmeth->encrypt_init) 201 if (!ctx->pmeth->encrypt_init)
203 return 1; 202 return 1;
@@ -205,36 +204,35 @@ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
205 if (ret <= 0) 204 if (ret <= 0)
206 ctx->operation = EVP_PKEY_OP_UNDEFINED; 205 ctx->operation = EVP_PKEY_OP_UNDEFINED;
207 return ret; 206 return ret;
208 } 207}
209 208
210int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, 209int
211 unsigned char *out, size_t *outlen, 210EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
212 const unsigned char *in, size_t inlen) 211 const unsigned char *in, size_t inlen)
213 { 212{
214 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) 213 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
215 {
216 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, 214 EVPerr(EVP_F_EVP_PKEY_ENCRYPT,
217 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 215 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
218 return -2; 216 return -2;
219 } 217 }
220 if (ctx->operation != EVP_PKEY_OP_ENCRYPT) 218 if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {
221 {
222 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED); 219 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
223 return -1; 220 return -1;
224 } 221 }
225 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT) 222 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
226 return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen); 223 return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
227 } 224}
228 225
229int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) 226int
230 { 227EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
228{
231 int ret; 229 int ret;
232 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) 230
233 { 231 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
234 EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT, 232 EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT,
235 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 233 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
236 return -2; 234 return -2;
237 } 235 }
238 ctx->operation = EVP_PKEY_OP_DECRYPT; 236 ctx->operation = EVP_PKEY_OP_DECRYPT;
239 if (!ctx->pmeth->decrypt_init) 237 if (!ctx->pmeth->decrypt_init)
240 return 1; 238 return 1;
@@ -242,37 +240,35 @@ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
242 if (ret <= 0) 240 if (ret <= 0)
243 ctx->operation = EVP_PKEY_OP_UNDEFINED; 241 ctx->operation = EVP_PKEY_OP_UNDEFINED;
244 return ret; 242 return ret;
245 } 243}
246 244
247int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, 245int
248 unsigned char *out, size_t *outlen, 246EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
249 const unsigned char *in, size_t inlen) 247 const unsigned char *in, size_t inlen)
250 { 248{
251 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) 249 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
252 {
253 EVPerr(EVP_F_EVP_PKEY_DECRYPT, 250 EVPerr(EVP_F_EVP_PKEY_DECRYPT,
254 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 251 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
255 return -2; 252 return -2;
256 } 253 }
257 if (ctx->operation != EVP_PKEY_OP_DECRYPT) 254 if (ctx->operation != EVP_PKEY_OP_DECRYPT) {
258 {
259 EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED); 255 EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
260 return -1; 256 return -1;
261 } 257 }
262 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT) 258 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
263 return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen); 259 return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
264 } 260}
265 261
266 262int
267int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) 263EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
268 { 264{
269 int ret; 265 int ret;
270 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) 266
271 { 267 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
272 EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT, 268 EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT,
273 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 269 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
274 return -2; 270 return -2;
275 } 271 }
276 ctx->operation = EVP_PKEY_OP_DERIVE; 272 ctx->operation = EVP_PKEY_OP_DERIVE;
277 if (!ctx->pmeth->derive_init) 273 if (!ctx->pmeth->derive_init)
278 return 1; 274 return 1;
@@ -280,23 +276,27 @@ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
280 if (ret <= 0) 276 if (ret <= 0)
281 ctx->operation = EVP_PKEY_OP_UNDEFINED; 277 ctx->operation = EVP_PKEY_OP_UNDEFINED;
282 return ret; 278 return ret;
283 } 279}
284 280
285int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) 281int
286 { 282EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
283{
287 int ret; 284 int ret;
288 if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive||ctx->pmeth->encrypt||ctx->pmeth->decrypt) || !ctx->pmeth->ctrl) 285
289 { 286 if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive ||
287 ctx->pmeth->encrypt || ctx->pmeth->decrypt) ||
288 !ctx->pmeth->ctrl) {
290 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 289 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
291 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 290 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
292 return -2; 291 return -2;
293 } 292 }
294 if (ctx->operation != EVP_PKEY_OP_DERIVE && ctx->operation != EVP_PKEY_OP_ENCRYPT && ctx->operation != EVP_PKEY_OP_DECRYPT) 293 if (ctx->operation != EVP_PKEY_OP_DERIVE &&
295 { 294 ctx->operation != EVP_PKEY_OP_ENCRYPT &&
295 ctx->operation != EVP_PKEY_OP_DECRYPT) {
296 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 296 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
297 EVP_R_OPERATON_NOT_INITIALIZED); 297 EVP_R_OPERATON_NOT_INITIALIZED);
298 return -1; 298 return -1;
299 } 299 }
300 300
301 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer); 301 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
302 302
@@ -306,18 +306,16 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
306 if (ret == 2) 306 if (ret == 2)
307 return 1; 307 return 1;
308 308
309 if (!ctx->pkey) 309 if (!ctx->pkey) {
310 {
311 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET); 310 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
312 return -1; 311 return -1;
313 } 312 }
314 313
315 if (ctx->pkey->type != peer->type) 314 if (ctx->pkey->type != peer->type) {
316 {
317 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 315 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
318 EVP_R_DIFFERENT_KEY_TYPES); 316 EVP_R_DIFFERENT_KEY_TYPES);
319 return -1; 317 return -1;
320 } 318 }
321 319
322 /* ran@cryptocom.ru: For clarity. The error is if parameters in peer are 320 /* ran@cryptocom.ru: For clarity. The error is if parameters in peer are
323 * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return 321 * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return
@@ -325,12 +323,11 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
325 * (different key types) is impossible here because it is checked earlier. 323 * (different key types) is impossible here because it is checked earlier.
326 * -2 is OK for us here, as well as 1, so we can check for 0 only. */ 324 * -2 is OK for us here, as well as 1, so we can check for 0 only. */
327 if (!EVP_PKEY_missing_parameters(peer) && 325 if (!EVP_PKEY_missing_parameters(peer) &&
328 !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) 326 !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
329 {
330 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 327 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
331 EVP_R_DIFFERENT_PARAMETERS); 328 EVP_R_DIFFERENT_PARAMETERS);
332 return -1; 329 return -1;
333 } 330 }
334 331
335 if (ctx->peerkey) 332 if (ctx->peerkey)
336 EVP_PKEY_free(ctx->peerkey); 333 EVP_PKEY_free(ctx->peerkey);
@@ -338,31 +335,27 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
338 335
339 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer); 336 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
340 337
341 if (ret <= 0) 338 if (ret <= 0) {
342 {
343 ctx->peerkey = NULL; 339 ctx->peerkey = NULL;
344 return ret; 340 return ret;
345 }
346
347 CRYPTO_add(&peer->references,1,CRYPTO_LOCK_EVP_PKEY);
348 return 1;
349 } 341 }
350 342
343 CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY);
344 return 1;
345}
351 346
352int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen) 347int
353 { 348EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
354 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) 349{
355 { 350 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
356 EVPerr(EVP_F_EVP_PKEY_DERIVE, 351 EVPerr(EVP_F_EVP_PKEY_DERIVE,
357 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 352 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
358 return -2; 353 return -2;
359 } 354 }
360 if (ctx->operation != EVP_PKEY_OP_DERIVE) 355 if (ctx->operation != EVP_PKEY_OP_DERIVE) {
361 {
362 EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED); 356 EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
363 return -1; 357 return -1;
364 } 358 }
365 M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE) 359 M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
366 return ctx->pmeth->derive(ctx, key, pkeylen); 360 return ctx->pmeth->derive(ctx, key, pkeylen);
367 } 361}
368
diff --git a/src/lib/libcrypto/evp/pmeth_gn.c b/src/lib/libcrypto/evp/pmeth_gn.c
index 4651c81370..c6683ab89b 100644
--- a/src/lib/libcrypto/evp/pmeth_gn.c
+++ b/src/lib/libcrypto/evp/pmeth_gn.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -64,15 +64,16 @@
64#include <openssl/bn.h> 64#include <openssl/bn.h>
65#include "evp_locl.h" 65#include "evp_locl.h"
66 66
67int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx) 67int
68 { 68EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
69{
69 int ret; 70 int ret;
70 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) 71
71 { 72 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
72 EVPerr(EVP_F_EVP_PKEY_PARAMGEN_INIT, 73 EVPerr(EVP_F_EVP_PKEY_PARAMGEN_INIT,
73 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 74 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
74 return -2; 75 return -2;
75 } 76 }
76 ctx->operation = EVP_PKEY_OP_PARAMGEN; 77 ctx->operation = EVP_PKEY_OP_PARAMGEN;
77 if (!ctx->pmeth->paramgen_init) 78 if (!ctx->pmeth->paramgen_init)
78 return 1; 79 return 1;
@@ -80,23 +81,23 @@ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
80 if (ret <= 0) 81 if (ret <= 0)
81 ctx->operation = EVP_PKEY_OP_UNDEFINED; 82 ctx->operation = EVP_PKEY_OP_UNDEFINED;
82 return ret; 83 return ret;
83 } 84}
84 85
85int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) 86int
86 { 87EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
88{
87 int ret; 89 int ret;
88 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) 90
89 { 91 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
90 EVPerr(EVP_F_EVP_PKEY_PARAMGEN, 92 EVPerr(EVP_F_EVP_PKEY_PARAMGEN,
91 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 93 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
92 return -2; 94 return -2;
93 } 95 }
94 96
95 if (ctx->operation != EVP_PKEY_OP_PARAMGEN) 97 if (ctx->operation != EVP_PKEY_OP_PARAMGEN) {
96 {
97 EVPerr(EVP_F_EVP_PKEY_PARAMGEN, EVP_R_OPERATON_NOT_INITIALIZED); 98 EVPerr(EVP_F_EVP_PKEY_PARAMGEN, EVP_R_OPERATON_NOT_INITIALIZED);
98 return -1; 99 return -1;
99 } 100 }
100 101
101 if (!ppkey) 102 if (!ppkey)
102 return -1; 103 return -1;
@@ -105,23 +106,23 @@ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
105 *ppkey = EVP_PKEY_new(); 106 *ppkey = EVP_PKEY_new();
106 107
107 ret = ctx->pmeth->paramgen(ctx, *ppkey); 108 ret = ctx->pmeth->paramgen(ctx, *ppkey);
108 if (ret <= 0) 109 if (ret <= 0) {
109 {
110 EVP_PKEY_free(*ppkey); 110 EVP_PKEY_free(*ppkey);
111 *ppkey = NULL; 111 *ppkey = NULL;
112 }
113 return ret;
114 } 112 }
113 return ret;
114}
115 115
116int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) 116int
117 { 117EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
118{
118 int ret; 119 int ret;
119 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) 120
120 { 121 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
121 EVPerr(EVP_F_EVP_PKEY_KEYGEN_INIT, 122 EVPerr(EVP_F_EVP_PKEY_KEYGEN_INIT,
122 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 123 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
123 return -2; 124 return -2;
124 } 125 }
125 ctx->operation = EVP_PKEY_OP_KEYGEN; 126 ctx->operation = EVP_PKEY_OP_KEYGEN;
126 if (!ctx->pmeth->keygen_init) 127 if (!ctx->pmeth->keygen_init)
127 return 1; 128 return 1;
@@ -129,23 +130,22 @@ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
129 if (ret <= 0) 130 if (ret <= 0)
130 ctx->operation = EVP_PKEY_OP_UNDEFINED; 131 ctx->operation = EVP_PKEY_OP_UNDEFINED;
131 return ret; 132 return ret;
132 } 133}
133 134
134int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) 135int
135 { 136EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
137{
136 int ret; 138 int ret;
137 139
138 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) 140 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
139 {
140 EVPerr(EVP_F_EVP_PKEY_KEYGEN, 141 EVPerr(EVP_F_EVP_PKEY_KEYGEN,
141 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 142 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
142 return -2; 143 return -2;
143 } 144 }
144 if (ctx->operation != EVP_PKEY_OP_KEYGEN) 145 if (ctx->operation != EVP_PKEY_OP_KEYGEN) {
145 {
146 EVPerr(EVP_F_EVP_PKEY_KEYGEN, EVP_R_OPERATON_NOT_INITIALIZED); 146 EVPerr(EVP_F_EVP_PKEY_KEYGEN, EVP_R_OPERATON_NOT_INITIALIZED);
147 return -1; 147 return -1;
148 } 148 }
149 149
150 if (!ppkey) 150 if (!ppkey)
151 return -1; 151 return -1;
@@ -154,68 +154,73 @@ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
154 *ppkey = EVP_PKEY_new(); 154 *ppkey = EVP_PKEY_new();
155 155
156 ret = ctx->pmeth->keygen(ctx, *ppkey); 156 ret = ctx->pmeth->keygen(ctx, *ppkey);
157 if (ret <= 0) 157 if (ret <= 0) {
158 {
159 EVP_PKEY_free(*ppkey); 158 EVP_PKEY_free(*ppkey);
160 *ppkey = NULL; 159 *ppkey = NULL;
161 }
162 return ret;
163 } 160 }
161 return ret;
162}
164 163
165void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb) 164void
166 { 165EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb)
166{
167 ctx->pkey_gencb = cb; 167 ctx->pkey_gencb = cb;
168 } 168}
169 169
170EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx) 170EVP_PKEY_gen_cb *
171 { 171EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx)
172{
172 return ctx->pkey_gencb; 173 return ctx->pkey_gencb;
173 } 174}
174 175
175/* "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB 176/* "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB
176 * style callbacks. 177 * style callbacks.
177 */ 178 */
178 179
179static int trans_cb(int a, int b, BN_GENCB *gcb) 180static int
180 { 181trans_cb(int a, int b, BN_GENCB *gcb)
182{
181 EVP_PKEY_CTX *ctx = gcb->arg; 183 EVP_PKEY_CTX *ctx = gcb->arg;
182 ctx->keygen_info[0] = a; 184 ctx->keygen_info[0] = a;
183 ctx->keygen_info[1] = b; 185 ctx->keygen_info[1] = b;
184 return ctx->pkey_gencb(ctx); 186 return ctx->pkey_gencb(ctx);
185 } 187}
186 188
187void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx) 189void
188 { 190evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx)
191{
189 BN_GENCB_set(cb, trans_cb, ctx) 192 BN_GENCB_set(cb, trans_cb, ctx)
190 } 193}
191 194
192int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx) 195int
193 { 196EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
197{
194 if (idx == -1) 198 if (idx == -1)
195 return ctx->keygen_info_count; 199 return ctx->keygen_info_count;
196 if (idx < 0 || idx > ctx->keygen_info_count) 200 if (idx < 0 || idx > ctx->keygen_info_count)
197 return 0; 201 return 0;
198 return ctx->keygen_info[idx]; 202 return ctx->keygen_info[idx];
199 } 203}
200 204
201EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, 205EVP_PKEY *
202 const unsigned char *key, int keylen) 206EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, int keylen)
203 { 207{
204 EVP_PKEY_CTX *mac_ctx = NULL; 208 EVP_PKEY_CTX *mac_ctx = NULL;
205 EVP_PKEY *mac_key = NULL; 209 EVP_PKEY *mac_key = NULL;
210
206 mac_ctx = EVP_PKEY_CTX_new_id(type, e); 211 mac_ctx = EVP_PKEY_CTX_new_id(type, e);
207 if (!mac_ctx) 212 if (!mac_ctx)
208 return NULL; 213 return NULL;
209 if (EVP_PKEY_keygen_init(mac_ctx) <= 0) 214 if (EVP_PKEY_keygen_init(mac_ctx) <= 0)
210 goto merr; 215 goto merr;
211 if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN, 216 if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,
212 EVP_PKEY_CTRL_SET_MAC_KEY, 217 EVP_PKEY_CTRL_SET_MAC_KEY, keylen, (void *)key) <= 0)
213 keylen, (void *)key) <= 0)
214 goto merr; 218 goto merr;
215 if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0) 219 if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
216 goto merr; 220 goto merr;
217 merr: 221
222merr:
218 if (mac_ctx) 223 if (mac_ctx)
219 EVP_PKEY_CTX_free(mac_ctx); 224 EVP_PKEY_CTX_free(mac_ctx);
220 return mac_key; 225 return mac_key;
221 } 226}
diff --git a/src/lib/libcrypto/evp/pmeth_lib.c b/src/lib/libcrypto/evp/pmeth_lib.c
index a9fb15fdfe..e51ae51098 100644
--- a/src/lib/libcrypto/evp/pmeth_lib.c
+++ b/src/lib/libcrypto/evp/pmeth_lib.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -75,8 +75,7 @@ STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
75extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth; 75extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
76extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth; 76extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
77 77
78static const EVP_PKEY_METHOD *standard_methods[] = 78static const EVP_PKEY_METHOD *standard_methods[] = {
79 {
80#ifndef OPENSSL_NO_RSA 79#ifndef OPENSSL_NO_RSA
81 &rsa_pkey_meth, 80 &rsa_pkey_meth,
82#endif 81#endif
@@ -91,62 +90,61 @@ static const EVP_PKEY_METHOD *standard_methods[] =
91#endif 90#endif
92 &hmac_pkey_meth, 91 &hmac_pkey_meth,
93 &cmac_pkey_meth 92 &cmac_pkey_meth
94 }; 93};
95 94
96DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *, 95DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
97 pmeth); 96 pmeth);
98 97
99static int pmeth_cmp(const EVP_PKEY_METHOD * const *a, 98static int
100 const EVP_PKEY_METHOD * const *b) 99pmeth_cmp(const EVP_PKEY_METHOD * const *a, const EVP_PKEY_METHOD * const *b)
101 { 100{
102 return ((*a)->pkey_id - (*b)->pkey_id); 101 return ((*a)->pkey_id - (*b)->pkey_id);
103 } 102}
104 103
105IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *, 104IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
106 pmeth); 105 pmeth);
107 106
108const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type) 107const EVP_PKEY_METHOD *
109 { 108EVP_PKEY_meth_find(int type)
109{
110 EVP_PKEY_METHOD tmp; 110 EVP_PKEY_METHOD tmp;
111 const EVP_PKEY_METHOD *t = &tmp, **ret; 111 const EVP_PKEY_METHOD *t = &tmp, **ret;
112
112 tmp.pkey_id = type; 113 tmp.pkey_id = type;
113 if (app_pkey_methods) 114 if (app_pkey_methods) {
114 {
115 int idx; 115 int idx;
116 idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp); 116 idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
117 if (idx >= 0) 117 if (idx >= 0)
118 return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx); 118 return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
119 } 119 }
120 ret = OBJ_bsearch_pmeth(&t, standard_methods, 120 ret = OBJ_bsearch_pmeth(&t, standard_methods,
121 sizeof(standard_methods)/sizeof(EVP_PKEY_METHOD *)); 121 sizeof(standard_methods)/sizeof(EVP_PKEY_METHOD *));
122 if (!ret || !*ret) 122 if (!ret || !*ret)
123 return NULL; 123 return NULL;
124 return *ret; 124 return *ret;
125 } 125}
126 126
127static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) 127static EVP_PKEY_CTX *
128 { 128int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
129{
129 EVP_PKEY_CTX *ret; 130 EVP_PKEY_CTX *ret;
130 const EVP_PKEY_METHOD *pmeth; 131 const EVP_PKEY_METHOD *pmeth;
131 if (id == -1) 132
132 { 133 if (id == -1) {
133 if (!pkey || !pkey->ameth) 134 if (!pkey || !pkey->ameth)
134 return NULL; 135 return NULL;
135 id = pkey->ameth->pkey_id; 136 id = pkey->ameth->pkey_id;
136 } 137 }
137#ifndef OPENSSL_NO_ENGINE 138#ifndef OPENSSL_NO_ENGINE
138 if (pkey && pkey->engine) 139 if (pkey && pkey->engine)
139 e = pkey->engine; 140 e = pkey->engine;
140 /* Try to find an ENGINE which implements this method */ 141 /* Try to find an ENGINE which implements this method */
141 if (e) 142 if (e) {
142 { 143 if (!ENGINE_init(e)) {
143 if (!ENGINE_init(e)) 144 EVPerr(EVP_F_INT_CTX_NEW, ERR_R_ENGINE_LIB);
144 {
145 EVPerr(EVP_F_INT_CTX_NEW,ERR_R_ENGINE_LIB);
146 return NULL; 145 return NULL;
147 }
148 } 146 }
149 else 147 } else
150 e = ENGINE_get_pkey_meth_engine(id); 148 e = ENGINE_get_pkey_meth_engine(id);
151 149
152 /* If an ENGINE handled this method look it up. Othewise 150 /* If an ENGINE handled this method look it up. Othewise
@@ -159,22 +157,20 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
159#endif 157#endif
160 pmeth = EVP_PKEY_meth_find(id); 158 pmeth = EVP_PKEY_meth_find(id);
161 159
162 if (pmeth == NULL) 160 if (pmeth == NULL) {
163 { 161 EVPerr(EVP_F_INT_CTX_NEW, EVP_R_UNSUPPORTED_ALGORITHM);
164 EVPerr(EVP_F_INT_CTX_NEW,EVP_R_UNSUPPORTED_ALGORITHM);
165 return NULL; 162 return NULL;
166 } 163 }
167 164
168 ret = malloc(sizeof(EVP_PKEY_CTX)); 165 ret = malloc(sizeof(EVP_PKEY_CTX));
169 if (!ret) 166 if (!ret) {
170 {
171#ifndef OPENSSL_NO_ENGINE 167#ifndef OPENSSL_NO_ENGINE
172 if (e) 168 if (e)
173 ENGINE_finish(e); 169 ENGINE_finish(e);
174#endif 170#endif
175 EVPerr(EVP_F_INT_CTX_NEW,ERR_R_MALLOC_FAILURE); 171 EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE);
176 return NULL; 172 return NULL;
177 } 173 }
178 ret->engine = e; 174 ret->engine = e;
179 ret->pmeth = pmeth; 175 ret->pmeth = pmeth;
180 ret->operation = EVP_PKEY_OP_UNDEFINED; 176 ret->operation = EVP_PKEY_OP_UNDEFINED;
@@ -182,24 +178,24 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
182 ret->peerkey = NULL; 178 ret->peerkey = NULL;
183 ret->pkey_gencb = 0; 179 ret->pkey_gencb = 0;
184 if (pkey) 180 if (pkey)
185 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); 181 CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
186 ret->data = NULL; 182 ret->data = NULL;
187 183
188 if (pmeth->init) 184 if (pmeth->init) {
189 { 185 if (pmeth->init(ret) <= 0) {
190 if (pmeth->init(ret) <= 0)
191 {
192 EVP_PKEY_CTX_free(ret); 186 EVP_PKEY_CTX_free(ret);
193 return NULL; 187 return NULL;
194 }
195 } 188 }
189 }
196 190
197 return ret; 191 return ret;
198 } 192}
199 193
200EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags) 194EVP_PKEY_METHOD*
201 { 195EVP_PKEY_meth_new(int id, int flags)
196{
202 EVP_PKEY_METHOD *pmeth; 197 EVP_PKEY_METHOD *pmeth;
198
203 pmeth = malloc(sizeof(EVP_PKEY_METHOD)); 199 pmeth = malloc(sizeof(EVP_PKEY_METHOD));
204 if (!pmeth) 200 if (!pmeth)
205 return NULL; 201 return NULL;
@@ -236,20 +232,20 @@ EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags)
236 pmeth->ctrl_str = 0; 232 pmeth->ctrl_str = 0;
237 233
238 return pmeth; 234 return pmeth;
239 } 235}
240 236
241void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, 237void
242 const EVP_PKEY_METHOD *meth) 238EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth)
243 { 239{
244 if (ppkey_id) 240 if (ppkey_id)
245 *ppkey_id = meth->pkey_id; 241 *ppkey_id = meth->pkey_id;
246 if (pflags) 242 if (pflags)
247 *pflags = meth->flags; 243 *pflags = meth->flags;
248 } 244}
249
250void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
251 {
252 245
246void
247EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
248{
253 dst->init = src->init; 249 dst->init = src->init;
254 dst->copy = src->copy; 250 dst->copy = src->copy;
255 dst->cleanup = src->cleanup; 251 dst->cleanup = src->cleanup;
@@ -286,36 +282,40 @@ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
286 282
287 dst->ctrl = src->ctrl; 283 dst->ctrl = src->ctrl;
288 dst->ctrl_str = src->ctrl_str; 284 dst->ctrl_str = src->ctrl_str;
289 } 285}
290 286
291void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth) 287void
292 { 288EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
289{
293 if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC)) 290 if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
294 free(pmeth); 291 free(pmeth);
295 } 292}
296 293
297EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e) 294EVP_PKEY_CTX *
298 { 295EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
296{
299 return int_ctx_new(pkey, e, -1); 297 return int_ctx_new(pkey, e, -1);
300 } 298}
301 299
302EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e) 300EVP_PKEY_CTX *
303 { 301EVP_PKEY_CTX_new_id(int id, ENGINE *e)
302{
304 return int_ctx_new(NULL, e, id); 303 return int_ctx_new(NULL, e, id);
305 } 304}
306 305
307EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) 306EVP_PKEY_CTX *
308 { 307EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
308{
309 EVP_PKEY_CTX *rctx; 309 EVP_PKEY_CTX *rctx;
310
310 if (!pctx->pmeth || !pctx->pmeth->copy) 311 if (!pctx->pmeth || !pctx->pmeth->copy)
311 return NULL; 312 return NULL;
312#ifndef OPENSSL_NO_ENGINE 313#ifndef OPENSSL_NO_ENGINE
313 /* Make sure it's safe to copy a pkey context using an ENGINE */ 314 /* Make sure it's safe to copy a pkey context using an ENGINE */
314 if (pctx->engine && !ENGINE_init(pctx->engine)) 315 if (pctx->engine && !ENGINE_init(pctx->engine)) {
315 { 316 EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_ENGINE_LIB);
316 EVPerr(EVP_F_EVP_PKEY_CTX_DUP,ERR_R_ENGINE_LIB);
317 return 0; 317 return 0;
318 } 318 }
319#endif 319#endif
320 rctx = malloc(sizeof(EVP_PKEY_CTX)); 320 rctx = malloc(sizeof(EVP_PKEY_CTX));
321 if (!rctx) 321 if (!rctx)
@@ -327,12 +327,12 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
327#endif 327#endif
328 328
329 if (pctx->pkey) 329 if (pctx->pkey)
330 CRYPTO_add(&pctx->pkey->references,1,CRYPTO_LOCK_EVP_PKEY); 330 CRYPTO_add(&pctx->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
331 331
332 rctx->pkey = pctx->pkey; 332 rctx->pkey = pctx->pkey;
333 333
334 if (pctx->peerkey) 334 if (pctx->peerkey)
335 CRYPTO_add(&pctx->peerkey->references,1,CRYPTO_LOCK_EVP_PKEY); 335 CRYPTO_add(&pctx->peerkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
336 336
337 rctx->peerkey = pctx->peerkey; 337 rctx->peerkey = pctx->peerkey;
338 338
@@ -345,25 +345,25 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
345 345
346 EVP_PKEY_CTX_free(rctx); 346 EVP_PKEY_CTX_free(rctx);
347 return NULL; 347 return NULL;
348}
348 349
349 } 350int
350 351EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
351int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth) 352{
352 { 353 if (app_pkey_methods == NULL) {
353 if (app_pkey_methods == NULL)
354 {
355 app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp); 354 app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
356 if (!app_pkey_methods) 355 if (!app_pkey_methods)
357 return 0; 356 return 0;
358 } 357 }
359 if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth)) 358 if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
360 return 0; 359 return 0;
361 sk_EVP_PKEY_METHOD_sort(app_pkey_methods); 360 sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
362 return 1; 361 return 1;
363 } 362}
364 363
365void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) 364void
366 { 365EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
366{
367 if (ctx == NULL) 367 if (ctx == NULL)
368 return; 368 return;
369 if (ctx->pmeth && ctx->pmeth->cleanup) 369 if (ctx->pmeth && ctx->pmeth->cleanup)
@@ -373,37 +373,36 @@ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
373 if (ctx->peerkey) 373 if (ctx->peerkey)
374 EVP_PKEY_free(ctx->peerkey); 374 EVP_PKEY_free(ctx->peerkey);
375#ifndef OPENSSL_NO_ENGINE 375#ifndef OPENSSL_NO_ENGINE
376 if(ctx->engine) 376 if (ctx->engine)
377 /* The EVP_PKEY_CTX we used belongs to an ENGINE, release the 377 /* The EVP_PKEY_CTX we used belongs to an ENGINE, release the
378 * functional reference we held for this reason. */ 378 * functional reference we held for this reason. */
379 ENGINE_finish(ctx->engine); 379 ENGINE_finish(ctx->engine);
380#endif 380#endif
381 free(ctx); 381 free(ctx);
382 } 382}
383 383
384int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, 384int
385 int cmd, int p1, void *p2) 385EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd,
386 { 386 int p1, void *p2)
387{
387 int ret; 388 int ret;
388 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) 389
389 { 390 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {
390 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED); 391 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
391 return -2; 392 return -2;
392 } 393 }
393 if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype)) 394 if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
394 return -1; 395 return -1;
395 396
396 if (ctx->operation == EVP_PKEY_OP_UNDEFINED) 397 if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {
397 {
398 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET); 398 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET);
399 return -1; 399 return -1;
400 } 400 }
401 401
402 if ((optype != -1) && !(ctx->operation & optype)) 402 if ((optype != -1) && !(ctx->operation & optype)) {
403 {
404 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION); 403 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION);
405 return -1; 404 return -1;
406 } 405 }
407 406
408 ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2); 407 ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
409 408
@@ -412,182 +411,201 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
412 411
413 return ret; 412 return ret;
414 413
415 } 414}
416 415
417int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, 416int
418 const char *name, const char *value) 417EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *name, const char *value)
419 { 418{
420 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) 419 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) {
421 {
422 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, 420 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
423 EVP_R_COMMAND_NOT_SUPPORTED); 421 EVP_R_COMMAND_NOT_SUPPORTED);
424 return -2; 422 return -2;
425 } 423 }
426 if (!strcmp(name, "digest")) 424 if (!strcmp(name, "digest")) {
427 {
428 const EVP_MD *md; 425 const EVP_MD *md;
429 if (!value || !(md = EVP_get_digestbyname(value))) 426 if (!value || !(md = EVP_get_digestbyname(value))) {
430 {
431 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, 427 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
432 EVP_R_INVALID_DIGEST); 428 EVP_R_INVALID_DIGEST);
433 return 0; 429 return 0;
434 }
435 return EVP_PKEY_CTX_set_signature_md(ctx, md);
436 } 430 }
437 return ctx->pmeth->ctrl_str(ctx, name, value); 431 return EVP_PKEY_CTX_set_signature_md(ctx, md);
438 } 432 }
433 return ctx->pmeth->ctrl_str(ctx, name, value);
434}
439 435
440int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx) 436int
441 { 437EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
438{
442 return ctx->operation; 439 return ctx->operation;
443 } 440}
444 441
445void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen) 442void
446 { 443EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen)
444{
447 ctx->keygen_info = dat; 445 ctx->keygen_info = dat;
448 ctx->keygen_info_count = datlen; 446 ctx->keygen_info_count = datlen;
449 } 447}
450 448
451void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data) 449void
452 { 450EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data)
451{
453 ctx->data = data; 452 ctx->data = data;
454 } 453}
455 454
456void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx) 455void *
457 { 456EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx)
457{
458 return ctx->data; 458 return ctx->data;
459 } 459}
460 460
461EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx) 461EVP_PKEY *
462 { 462EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
463{
463 return ctx->pkey; 464 return ctx->pkey;
464 } 465}
465 466
466EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx) 467EVP_PKEY *
467 { 468EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
469{
468 return ctx->peerkey; 470 return ctx->peerkey;
469 } 471}
470 472
471void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data) 473void
472 { 474EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
475{
473 ctx->app_data = data; 476 ctx->app_data = data;
474 } 477}
475 478
476void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx) 479void *
477 { 480EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
481{
478 return ctx->app_data; 482 return ctx->app_data;
479 } 483}
480 484
481void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, 485void
482 int (*init)(EVP_PKEY_CTX *ctx)) 486EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
483 { 487 int (*init)(EVP_PKEY_CTX *ctx))
488{
484 pmeth->init = init; 489 pmeth->init = init;
485 } 490}
486 491
487void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, 492void
488 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)) 493EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
489 { 494 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src))
495{
490 pmeth->copy = copy; 496 pmeth->copy = copy;
491 } 497}
492 498
493void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, 499void
494 void (*cleanup)(EVP_PKEY_CTX *ctx)) 500EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
495 { 501 void (*cleanup)(EVP_PKEY_CTX *ctx))
502{
496 pmeth->cleanup = cleanup; 503 pmeth->cleanup = cleanup;
497 } 504}
498 505
499void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, 506void
500 int (*paramgen_init)(EVP_PKEY_CTX *ctx), 507EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
501 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)) 508 int (*paramgen_init)(EVP_PKEY_CTX *ctx),
502 { 509 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
510{
503 pmeth->paramgen_init = paramgen_init; 511 pmeth->paramgen_init = paramgen_init;
504 pmeth->paramgen = paramgen; 512 pmeth->paramgen = paramgen;
505 } 513}
506 514
507void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, 515void
508 int (*keygen_init)(EVP_PKEY_CTX *ctx), 516EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
509 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)) 517 int (*keygen_init)(EVP_PKEY_CTX *ctx),
510 { 518 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
519{
511 pmeth->keygen_init = keygen_init; 520 pmeth->keygen_init = keygen_init;
512 pmeth->keygen = keygen; 521 pmeth->keygen = keygen;
513 } 522}
514 523
515void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, 524void
516 int (*sign_init)(EVP_PKEY_CTX *ctx), 525EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
517 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, 526 int (*sign_init)(EVP_PKEY_CTX *ctx),
518 const unsigned char *tbs, size_t tbslen)) 527 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
519 { 528 const unsigned char *tbs, size_t tbslen))
529{
520 pmeth->sign_init = sign_init; 530 pmeth->sign_init = sign_init;
521 pmeth->sign = sign; 531 pmeth->sign = sign;
522 } 532}
523 533
524void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, 534void
525 int (*verify_init)(EVP_PKEY_CTX *ctx), 535EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
526 int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, 536 int (*verify_init)(EVP_PKEY_CTX *ctx),
527 const unsigned char *tbs, size_t tbslen)) 537 int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
528 { 538 const unsigned char *tbs, size_t tbslen))
539{
529 pmeth->verify_init = verify_init; 540 pmeth->verify_init = verify_init;
530 pmeth->verify = verify; 541 pmeth->verify = verify;
531 } 542}
532 543
533void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, 544void
534 int (*verify_recover_init)(EVP_PKEY_CTX *ctx), 545EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
535 int (*verify_recover)(EVP_PKEY_CTX *ctx, 546 int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
536 unsigned char *sig, size_t *siglen, 547 int (*verify_recover)(EVP_PKEY_CTX *ctx,
537 const unsigned char *tbs, size_t tbslen)) 548 unsigned char *sig, size_t *siglen,
538 { 549 const unsigned char *tbs, size_t tbslen))
550{
539 pmeth->verify_recover_init = verify_recover_init; 551 pmeth->verify_recover_init = verify_recover_init;
540 pmeth->verify_recover = verify_recover; 552 pmeth->verify_recover = verify_recover;
541 } 553}
542 554
543void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, 555void
544 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), 556EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
545 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, 557 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
546 EVP_MD_CTX *mctx)) 558 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
547 { 559 EVP_MD_CTX *mctx))
560{
548 pmeth->signctx_init = signctx_init; 561 pmeth->signctx_init = signctx_init;
549 pmeth->signctx = signctx; 562 pmeth->signctx = signctx;
550 } 563}
551 564
552void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, 565void
553 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), 566EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
554 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen, 567 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
555 EVP_MD_CTX *mctx)) 568 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
556 { 569 EVP_MD_CTX *mctx))
570{
557 pmeth->verifyctx_init = verifyctx_init; 571 pmeth->verifyctx_init = verifyctx_init;
558 pmeth->verifyctx = verifyctx; 572 pmeth->verifyctx = verifyctx;
559 } 573}
560 574
561void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, 575void
562 int (*encrypt_init)(EVP_PKEY_CTX *ctx), 576EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
563 int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, 577 int (*encrypt_init)(EVP_PKEY_CTX *ctx),
564 const unsigned char *in, size_t inlen)) 578 int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
565 { 579 const unsigned char *in, size_t inlen))
580{
566 pmeth->encrypt_init = encrypt_init; 581 pmeth->encrypt_init = encrypt_init;
567 pmeth->encrypt = encryptfn; 582 pmeth->encrypt = encryptfn;
568 } 583}
569 584
570void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, 585void
571 int (*decrypt_init)(EVP_PKEY_CTX *ctx), 586EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
572 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, 587 int (*decrypt_init)(EVP_PKEY_CTX *ctx),
573 const unsigned char *in, size_t inlen)) 588 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
574 { 589 const unsigned char *in, size_t inlen))
590{
575 pmeth->decrypt_init = decrypt_init; 591 pmeth->decrypt_init = decrypt_init;
576 pmeth->decrypt = decrypt; 592 pmeth->decrypt = decrypt;
577 } 593}
578 594
579void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, 595void
580 int (*derive_init)(EVP_PKEY_CTX *ctx), 596EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
581 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)) 597 int (*derive_init)(EVP_PKEY_CTX *ctx),
582 { 598 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen))
599{
583 pmeth->derive_init = derive_init; 600 pmeth->derive_init = derive_init;
584 pmeth->derive = derive; 601 pmeth->derive = derive;
585 } 602}
586 603
587void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, 604void
588 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2), 605EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
589 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value)) 606 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
590 { 607 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value))
608{
591 pmeth->ctrl = ctrl; 609 pmeth->ctrl = ctrl;
592 pmeth->ctrl_str = ctrl_str; 610 pmeth->ctrl_str = ctrl_str;
593 } 611}
diff --git a/src/lib/libssl/src/crypto/evp/c_allc.c b/src/lib/libssl/src/crypto/evp/c_allc.c
index 2047b6cd61..91ad980182 100644
--- a/src/lib/libssl/src/crypto/evp/c_allc.c
+++ b/src/lib/libssl/src/crypto/evp/c_allc.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -62,8 +62,9 @@
62#include <openssl/pkcs12.h> 62#include <openssl/pkcs12.h>
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64 64
65void OpenSSL_add_all_ciphers(void) 65void
66 { 66OpenSSL_add_all_ciphers(void)
67{
67 68
68#ifndef OPENSSL_NO_DES 69#ifndef OPENSSL_NO_DES
69 EVP_add_cipher(EVP_des_cfb()); 70 EVP_add_cipher(EVP_des_cfb());
@@ -79,16 +80,16 @@ void OpenSSL_add_all_ciphers(void)
79 EVP_add_cipher(EVP_des_ede3_ofb()); 80 EVP_add_cipher(EVP_des_ede3_ofb());
80 81
81 EVP_add_cipher(EVP_desx_cbc()); 82 EVP_add_cipher(EVP_desx_cbc());
82 EVP_add_cipher_alias(SN_desx_cbc,"DESX"); 83 EVP_add_cipher_alias(SN_desx_cbc, "DESX");
83 EVP_add_cipher_alias(SN_desx_cbc,"desx"); 84 EVP_add_cipher_alias(SN_desx_cbc, "desx");
84 85
85 EVP_add_cipher(EVP_des_cbc()); 86 EVP_add_cipher(EVP_des_cbc());
86 EVP_add_cipher_alias(SN_des_cbc,"DES"); 87 EVP_add_cipher_alias(SN_des_cbc, "DES");
87 EVP_add_cipher_alias(SN_des_cbc,"des"); 88 EVP_add_cipher_alias(SN_des_cbc, "des");
88 EVP_add_cipher(EVP_des_ede_cbc()); 89 EVP_add_cipher(EVP_des_ede_cbc());
89 EVP_add_cipher(EVP_des_ede3_cbc()); 90 EVP_add_cipher(EVP_des_ede3_cbc());
90 EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3"); 91 EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");
91 EVP_add_cipher_alias(SN_des_ede3_cbc,"des3"); 92 EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");
92 93
93 EVP_add_cipher(EVP_des_ecb()); 94 EVP_add_cipher(EVP_des_ecb());
94 EVP_add_cipher(EVP_des_ede()); 95 EVP_add_cipher(EVP_des_ede());
@@ -108,8 +109,8 @@ void OpenSSL_add_all_ciphers(void)
108 EVP_add_cipher(EVP_idea_cfb()); 109 EVP_add_cipher(EVP_idea_cfb());
109 EVP_add_cipher(EVP_idea_ofb()); 110 EVP_add_cipher(EVP_idea_ofb());
110 EVP_add_cipher(EVP_idea_cbc()); 111 EVP_add_cipher(EVP_idea_cbc());
111 EVP_add_cipher_alias(SN_idea_cbc,"IDEA"); 112 EVP_add_cipher_alias(SN_idea_cbc, "IDEA");
112 EVP_add_cipher_alias(SN_idea_cbc,"idea"); 113 EVP_add_cipher_alias(SN_idea_cbc, "idea");
113#endif 114#endif
114 115
115#ifndef OPENSSL_NO_SEED 116#ifndef OPENSSL_NO_SEED
@@ -117,8 +118,8 @@ void OpenSSL_add_all_ciphers(void)
117 EVP_add_cipher(EVP_seed_cfb()); 118 EVP_add_cipher(EVP_seed_cfb());
118 EVP_add_cipher(EVP_seed_ofb()); 119 EVP_add_cipher(EVP_seed_ofb());
119 EVP_add_cipher(EVP_seed_cbc()); 120 EVP_add_cipher(EVP_seed_cbc());
120 EVP_add_cipher_alias(SN_seed_cbc,"SEED"); 121 EVP_add_cipher_alias(SN_seed_cbc, "SEED");
121 EVP_add_cipher_alias(SN_seed_cbc,"seed"); 122 EVP_add_cipher_alias(SN_seed_cbc, "seed");
122#endif 123#endif
123 124
124#ifndef OPENSSL_NO_RC2 125#ifndef OPENSSL_NO_RC2
@@ -128,8 +129,8 @@ void OpenSSL_add_all_ciphers(void)
128 EVP_add_cipher(EVP_rc2_cbc()); 129 EVP_add_cipher(EVP_rc2_cbc());
129 EVP_add_cipher(EVP_rc2_40_cbc()); 130 EVP_add_cipher(EVP_rc2_40_cbc());
130 EVP_add_cipher(EVP_rc2_64_cbc()); 131 EVP_add_cipher(EVP_rc2_64_cbc());
131 EVP_add_cipher_alias(SN_rc2_cbc,"RC2"); 132 EVP_add_cipher_alias(SN_rc2_cbc, "RC2");
132 EVP_add_cipher_alias(SN_rc2_cbc,"rc2"); 133 EVP_add_cipher_alias(SN_rc2_cbc, "rc2");
133#endif 134#endif
134 135
135#ifndef OPENSSL_NO_BF 136#ifndef OPENSSL_NO_BF
@@ -137,9 +138,9 @@ void OpenSSL_add_all_ciphers(void)
137 EVP_add_cipher(EVP_bf_cfb()); 138 EVP_add_cipher(EVP_bf_cfb());
138 EVP_add_cipher(EVP_bf_ofb()); 139 EVP_add_cipher(EVP_bf_ofb());
139 EVP_add_cipher(EVP_bf_cbc()); 140 EVP_add_cipher(EVP_bf_cbc());
140 EVP_add_cipher_alias(SN_bf_cbc,"BF"); 141 EVP_add_cipher_alias(SN_bf_cbc, "BF");
141 EVP_add_cipher_alias(SN_bf_cbc,"bf"); 142 EVP_add_cipher_alias(SN_bf_cbc, "bf");
142 EVP_add_cipher_alias(SN_bf_cbc,"blowfish"); 143 EVP_add_cipher_alias(SN_bf_cbc, "blowfish");
143#endif 144#endif
144 145
145#ifndef OPENSSL_NO_CAST 146#ifndef OPENSSL_NO_CAST
@@ -147,10 +148,10 @@ void OpenSSL_add_all_ciphers(void)
147 EVP_add_cipher(EVP_cast5_cfb()); 148 EVP_add_cipher(EVP_cast5_cfb());
148 EVP_add_cipher(EVP_cast5_ofb()); 149 EVP_add_cipher(EVP_cast5_ofb());
149 EVP_add_cipher(EVP_cast5_cbc()); 150 EVP_add_cipher(EVP_cast5_cbc());
150 EVP_add_cipher_alias(SN_cast5_cbc,"CAST"); 151 EVP_add_cipher_alias(SN_cast5_cbc, "CAST");
151 EVP_add_cipher_alias(SN_cast5_cbc,"cast"); 152 EVP_add_cipher_alias(SN_cast5_cbc, "cast");
152 EVP_add_cipher_alias(SN_cast5_cbc,"CAST-cbc"); 153 EVP_add_cipher_alias(SN_cast5_cbc, "CAST-cbc");
153 EVP_add_cipher_alias(SN_cast5_cbc,"cast-cbc"); 154 EVP_add_cipher_alias(SN_cast5_cbc, "cast-cbc");
154#endif 155#endif
155 156
156#ifndef OPENSSL_NO_RC5 157#ifndef OPENSSL_NO_RC5
@@ -158,8 +159,8 @@ void OpenSSL_add_all_ciphers(void)
158 EVP_add_cipher(EVP_rc5_32_12_16_cfb()); 159 EVP_add_cipher(EVP_rc5_32_12_16_cfb());
159 EVP_add_cipher(EVP_rc5_32_12_16_ofb()); 160 EVP_add_cipher(EVP_rc5_32_12_16_ofb());
160 EVP_add_cipher(EVP_rc5_32_12_16_cbc()); 161 EVP_add_cipher(EVP_rc5_32_12_16_cbc());
161 EVP_add_cipher_alias(SN_rc5_cbc,"rc5"); 162 EVP_add_cipher_alias(SN_rc5_cbc, "rc5");
162 EVP_add_cipher_alias(SN_rc5_cbc,"RC5"); 163 EVP_add_cipher_alias(SN_rc5_cbc, "RC5");
163#endif 164#endif
164 165
165#ifndef OPENSSL_NO_AES 166#ifndef OPENSSL_NO_AES
@@ -172,8 +173,8 @@ void OpenSSL_add_all_ciphers(void)
172 EVP_add_cipher(EVP_aes_128_ctr()); 173 EVP_add_cipher(EVP_aes_128_ctr());
173 EVP_add_cipher(EVP_aes_128_gcm()); 174 EVP_add_cipher(EVP_aes_128_gcm());
174 EVP_add_cipher(EVP_aes_128_xts()); 175 EVP_add_cipher(EVP_aes_128_xts());
175 EVP_add_cipher_alias(SN_aes_128_cbc,"AES128"); 176 EVP_add_cipher_alias(SN_aes_128_cbc, "AES128");
176 EVP_add_cipher_alias(SN_aes_128_cbc,"aes128"); 177 EVP_add_cipher_alias(SN_aes_128_cbc, "aes128");
177 EVP_add_cipher(EVP_aes_192_ecb()); 178 EVP_add_cipher(EVP_aes_192_ecb());
178 EVP_add_cipher(EVP_aes_192_cbc()); 179 EVP_add_cipher(EVP_aes_192_cbc());
179 EVP_add_cipher(EVP_aes_192_cfb()); 180 EVP_add_cipher(EVP_aes_192_cfb());
@@ -182,8 +183,8 @@ void OpenSSL_add_all_ciphers(void)
182 EVP_add_cipher(EVP_aes_192_ofb()); 183 EVP_add_cipher(EVP_aes_192_ofb());
183 EVP_add_cipher(EVP_aes_192_ctr()); 184 EVP_add_cipher(EVP_aes_192_ctr());
184 EVP_add_cipher(EVP_aes_192_gcm()); 185 EVP_add_cipher(EVP_aes_192_gcm());
185 EVP_add_cipher_alias(SN_aes_192_cbc,"AES192"); 186 EVP_add_cipher_alias(SN_aes_192_cbc, "AES192");
186 EVP_add_cipher_alias(SN_aes_192_cbc,"aes192"); 187 EVP_add_cipher_alias(SN_aes_192_cbc, "aes192");
187 EVP_add_cipher(EVP_aes_256_ecb()); 188 EVP_add_cipher(EVP_aes_256_ecb());
188 EVP_add_cipher(EVP_aes_256_cbc()); 189 EVP_add_cipher(EVP_aes_256_cbc());
189 EVP_add_cipher(EVP_aes_256_cfb()); 190 EVP_add_cipher(EVP_aes_256_cfb());
@@ -193,8 +194,8 @@ void OpenSSL_add_all_ciphers(void)
193 EVP_add_cipher(EVP_aes_256_ctr()); 194 EVP_add_cipher(EVP_aes_256_ctr());
194 EVP_add_cipher(EVP_aes_256_gcm()); 195 EVP_add_cipher(EVP_aes_256_gcm());
195 EVP_add_cipher(EVP_aes_256_xts()); 196 EVP_add_cipher(EVP_aes_256_xts());
196 EVP_add_cipher_alias(SN_aes_256_cbc,"AES256"); 197 EVP_add_cipher_alias(SN_aes_256_cbc, "AES256");
197 EVP_add_cipher_alias(SN_aes_256_cbc,"aes256"); 198 EVP_add_cipher_alias(SN_aes_256_cbc, "aes256");
198#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) 199#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
199 EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1()); 200 EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
200 EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); 201 EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
@@ -208,27 +209,27 @@ void OpenSSL_add_all_ciphers(void)
208 EVP_add_cipher(EVP_camellia_128_cfb1()); 209 EVP_add_cipher(EVP_camellia_128_cfb1());
209 EVP_add_cipher(EVP_camellia_128_cfb8()); 210 EVP_add_cipher(EVP_camellia_128_cfb8());
210 EVP_add_cipher(EVP_camellia_128_ofb()); 211 EVP_add_cipher(EVP_camellia_128_ofb());
211 EVP_add_cipher_alias(SN_camellia_128_cbc,"CAMELLIA128"); 212 EVP_add_cipher_alias(SN_camellia_128_cbc, "CAMELLIA128");
212 EVP_add_cipher_alias(SN_camellia_128_cbc,"camellia128"); 213 EVP_add_cipher_alias(SN_camellia_128_cbc, "camellia128");
213 EVP_add_cipher(EVP_camellia_192_ecb()); 214 EVP_add_cipher(EVP_camellia_192_ecb());
214 EVP_add_cipher(EVP_camellia_192_cbc()); 215 EVP_add_cipher(EVP_camellia_192_cbc());
215 EVP_add_cipher(EVP_camellia_192_cfb()); 216 EVP_add_cipher(EVP_camellia_192_cfb());
216 EVP_add_cipher(EVP_camellia_192_cfb1()); 217 EVP_add_cipher(EVP_camellia_192_cfb1());
217 EVP_add_cipher(EVP_camellia_192_cfb8()); 218 EVP_add_cipher(EVP_camellia_192_cfb8());
218 EVP_add_cipher(EVP_camellia_192_ofb()); 219 EVP_add_cipher(EVP_camellia_192_ofb());
219 EVP_add_cipher_alias(SN_camellia_192_cbc,"CAMELLIA192"); 220 EVP_add_cipher_alias(SN_camellia_192_cbc, "CAMELLIA192");
220 EVP_add_cipher_alias(SN_camellia_192_cbc,"camellia192"); 221 EVP_add_cipher_alias(SN_camellia_192_cbc, "camellia192");
221 EVP_add_cipher(EVP_camellia_256_ecb()); 222 EVP_add_cipher(EVP_camellia_256_ecb());
222 EVP_add_cipher(EVP_camellia_256_cbc()); 223 EVP_add_cipher(EVP_camellia_256_cbc());
223 EVP_add_cipher(EVP_camellia_256_cfb()); 224 EVP_add_cipher(EVP_camellia_256_cfb());
224 EVP_add_cipher(EVP_camellia_256_cfb1()); 225 EVP_add_cipher(EVP_camellia_256_cfb1());
225 EVP_add_cipher(EVP_camellia_256_cfb8()); 226 EVP_add_cipher(EVP_camellia_256_cfb8());
226 EVP_add_cipher(EVP_camellia_256_ofb()); 227 EVP_add_cipher(EVP_camellia_256_ofb());
227 EVP_add_cipher_alias(SN_camellia_256_cbc,"CAMELLIA256"); 228 EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256");
228 EVP_add_cipher_alias(SN_camellia_256_cbc,"camellia256"); 229 EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256");
229#endif 230#endif
230 231
231#ifndef OPENSSL_NO_CHACHA 232#ifndef OPENSSL_NO_CHACHA
232 EVP_add_cipher(EVP_chacha20()); 233 EVP_add_cipher(EVP_chacha20());
233#endif 234#endif
234 } 235}
diff --git a/src/lib/libssl/src/crypto/evp/c_alld.c b/src/lib/libssl/src/crypto/evp/c_alld.c
index 311e1fe2f8..4bd1b0bd92 100644
--- a/src/lib/libssl/src/crypto/evp/c_alld.c
+++ b/src/lib/libssl/src/crypto/evp/c_alld.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -62,15 +62,16 @@
62#include <openssl/pkcs12.h> 62#include <openssl/pkcs12.h>
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64 64
65void OpenSSL_add_all_digests(void) 65void
66 { 66OpenSSL_add_all_digests(void)
67{
67#ifndef OPENSSL_NO_MD4 68#ifndef OPENSSL_NO_MD4
68 EVP_add_digest(EVP_md4()); 69 EVP_add_digest(EVP_md4());
69#endif 70#endif
70#ifndef OPENSSL_NO_MD5 71#ifndef OPENSSL_NO_MD5
71 EVP_add_digest(EVP_md5()); 72 EVP_add_digest(EVP_md5());
72 EVP_add_digest_alias(SN_md5,"ssl2-md5"); 73 EVP_add_digest_alias(SN_md5, "ssl2-md5");
73 EVP_add_digest_alias(SN_md5,"ssl3-md5"); 74 EVP_add_digest_alias(SN_md5, "ssl3-md5");
74#endif 75#endif
75#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) 76#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
76 EVP_add_digest(EVP_sha()); 77 EVP_add_digest(EVP_sha());
@@ -80,13 +81,13 @@ void OpenSSL_add_all_digests(void)
80#endif 81#endif
81#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) 82#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
82 EVP_add_digest(EVP_sha1()); 83 EVP_add_digest(EVP_sha1());
83 EVP_add_digest_alias(SN_sha1,"ssl3-sha1"); 84 EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
84 EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA); 85 EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
85#ifndef OPENSSL_NO_DSA 86#ifndef OPENSSL_NO_DSA
86 EVP_add_digest(EVP_dss1()); 87 EVP_add_digest(EVP_dss1());
87 EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2); 88 EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
88 EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1"); 89 EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
89 EVP_add_digest_alias(SN_dsaWithSHA1,"dss1"); 90 EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
90#endif 91#endif
91#ifndef OPENSSL_NO_ECDSA 92#ifndef OPENSSL_NO_ECDSA
92 EVP_add_digest(EVP_ecdsa()); 93 EVP_add_digest(EVP_ecdsa());
@@ -97,8 +98,8 @@ void OpenSSL_add_all_digests(void)
97#endif 98#endif
98#ifndef OPENSSL_NO_RIPEMD 99#ifndef OPENSSL_NO_RIPEMD
99 EVP_add_digest(EVP_ripemd160()); 100 EVP_add_digest(EVP_ripemd160());
100 EVP_add_digest_alias(SN_ripemd160,"ripemd"); 101 EVP_add_digest_alias(SN_ripemd160, "ripemd");
101 EVP_add_digest_alias(SN_ripemd160,"rmd160"); 102 EVP_add_digest_alias(SN_ripemd160, "rmd160");
102#endif 103#endif
103#ifndef OPENSSL_NO_SHA256 104#ifndef OPENSSL_NO_SHA256
104 EVP_add_digest(EVP_sha224()); 105 EVP_add_digest(EVP_sha224());
@@ -111,4 +112,4 @@ void OpenSSL_add_all_digests(void)
111#ifndef OPENSSL_NO_WHIRLPOOL 112#ifndef OPENSSL_NO_WHIRLPOOL
112 EVP_add_digest(EVP_whirlpool()); 113 EVP_add_digest(EVP_whirlpool());
113#endif 114#endif
114 } 115}
diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt.c b/src/lib/libssl/src/crypto/evp/p5_crpt.c
index 294cc90d87..eff82e8c0b 100644
--- a/src/lib/libssl/src/crypto/evp/p5_crpt.c
+++ b/src/lib/libssl/src/crypto/evp/p5_crpt.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -65,13 +65,14 @@
65/* Doesn't do anything now: Builtin PBE algorithms in static table. 65/* Doesn't do anything now: Builtin PBE algorithms in static table.
66 */ 66 */
67 67
68void PKCS5_PBE_add(void) 68void
69PKCS5_PBE_add(void)
69{ 70{
70} 71}
71 72
72int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, 73int
73 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, 74PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
74 int en_de) 75 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de)
75{ 76{
76 EVP_MD_CTX ctx; 77 EVP_MD_CTX ctx;
77 unsigned char md_tmp[EVP_MAX_MD_SIZE]; 78 unsigned char md_tmp[EVP_MAX_MD_SIZE];
@@ -88,23 +89,27 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
88 /* Extract useful info from parameter */ 89 /* Extract useful info from parameter */
89 if (param == NULL || param->type != V_ASN1_SEQUENCE || 90 if (param == NULL || param->type != V_ASN1_SEQUENCE ||
90 param->value.sequence == NULL) { 91 param->value.sequence == NULL) {
91 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); 92 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
92 return 0; 93 return 0;
93 } 94 }
94 95
95 pbuf = param->value.sequence->data; 96 pbuf = param->value.sequence->data;
96 if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { 97 if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
97 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); 98 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
98 return 0; 99 return 0;
99 } 100 }
100 101
101 if (!pbe->iter) iter = 1; 102 if (!pbe->iter)
102 else iter = ASN1_INTEGER_get (pbe->iter); 103 iter = 1;
104 else
105 iter = ASN1_INTEGER_get (pbe->iter);
103 salt = pbe->salt->data; 106 salt = pbe->salt->data;
104 saltlen = pbe->salt->length; 107 saltlen = pbe->salt->length;
105 108
106 if(!pass) passlen = 0; 109 if (!pass)
107 else if(passlen == -1) passlen = strlen(pass); 110 passlen = 0;
111 else if (passlen == -1)
112 passlen = strlen(pass);
108 113
109 if (!EVP_DigestInit_ex(&ctx, md, NULL)) 114 if (!EVP_DigestInit_ex(&ctx, md, NULL))
110 goto err; 115 goto err;
@@ -117,7 +122,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
117 goto err; 122 goto err;
118 mdsize = EVP_MD_size(md); 123 mdsize = EVP_MD_size(md);
119 if (mdsize < 0) 124 if (mdsize < 0)
120 return 0; 125 return 0;
121 for (i = 1; i < iter; i++) { 126 for (i = 1; i < iter; i++) {
122 if (!EVP_DigestInit_ex(&ctx, md, NULL)) 127 if (!EVP_DigestInit_ex(&ctx, md, NULL))
123 goto err; 128 goto err;
@@ -130,14 +135,14 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
130 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); 135 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
131 OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16); 136 OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
132 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), 137 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
133 EVP_CIPHER_iv_length(cipher)); 138 EVP_CIPHER_iv_length(cipher));
134 if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de)) 139 if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
135 goto err; 140 goto err;
136 OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE); 141 OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
137 OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); 142 OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
138 OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); 143 OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
139 rv = 1; 144 rv = 1;
140 err: 145err:
141 EVP_MD_CTX_cleanup(&ctx); 146 EVP_MD_CTX_cleanup(&ctx);
142 return rv; 147 return rv;
143} 148}
diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt2.c b/src/lib/libssl/src/crypto/evp/p5_crpt2.c
index fe3c6c8813..c276cd28b8 100644
--- a/src/lib/libssl/src/crypto/evp/p5_crpt2.c
+++ b/src/lib/libssl/src/crypto/evp/p5_crpt2.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -68,7 +68,7 @@
68/* #define DEBUG_PKCS5V2 */ 68/* #define DEBUG_PKCS5V2 */
69 69
70#ifdef DEBUG_PKCS5V2 70#ifdef DEBUG_PKCS5V2
71 static void h__dump (const unsigned char *p, int len); 71static void h__dump (const unsigned char *p, int len);
72#endif 72#endif
73 73
74/* This is an implementation of PKCS#5 v2.0 password based encryption key 74/* This is an implementation of PKCS#5 v2.0 password based encryption key
@@ -77,11 +77,10 @@
77 * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list. 77 * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list.
78 */ 78 */
79 79
80int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, 80int
81 const unsigned char *salt, int saltlen, int iter, 81PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt,
82 const EVP_MD *digest, 82 int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out)
83 int keylen, unsigned char *out) 83{
84 {
85 unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; 84 unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
86 int cplen, j, k, tkeylen, mdlen; 85 int cplen, j, k, tkeylen, mdlen;
87 unsigned long i = 1; 86 unsigned long i = 1;
@@ -94,18 +93,16 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
94 HMAC_CTX_init(&hctx_tpl); 93 HMAC_CTX_init(&hctx_tpl);
95 p = out; 94 p = out;
96 tkeylen = keylen; 95 tkeylen = keylen;
97 if(!pass) 96 if (!pass)
98 passlen = 0; 97 passlen = 0;
99 else if(passlen == -1) 98 else if (passlen == -1)
100 passlen = strlen(pass); 99 passlen = strlen(pass);
101 if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) 100 if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) {
102 {
103 HMAC_CTX_cleanup(&hctx_tpl); 101 HMAC_CTX_cleanup(&hctx_tpl);
104 return 0; 102 return 0;
105 } 103 }
106 while(tkeylen) 104 while (tkeylen) {
107 { 105 if (tkeylen > mdlen)
108 if(tkeylen > mdlen)
109 cplen = mdlen; 106 cplen = mdlen;
110 else 107 else
111 cplen = tkeylen; 108 cplen = tkeylen;
@@ -116,43 +113,38 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
116 itmp[1] = (unsigned char)((i >> 16) & 0xff); 113 itmp[1] = (unsigned char)((i >> 16) & 0xff);
117 itmp[2] = (unsigned char)((i >> 8) & 0xff); 114 itmp[2] = (unsigned char)((i >> 8) & 0xff);
118 itmp[3] = (unsigned char)(i & 0xff); 115 itmp[3] = (unsigned char)(i & 0xff);
119 if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) 116 if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
120 {
121 HMAC_CTX_cleanup(&hctx_tpl); 117 HMAC_CTX_cleanup(&hctx_tpl);
122 return 0; 118 return 0;
123 } 119 }
124 if (!HMAC_Update(&hctx, salt, saltlen) 120 if (!HMAC_Update(&hctx, salt, saltlen) ||
125 || !HMAC_Update(&hctx, itmp, 4) 121 !HMAC_Update(&hctx, itmp, 4) ||
126 || !HMAC_Final(&hctx, digtmp, NULL)) 122 !HMAC_Final(&hctx, digtmp, NULL)) {
127 {
128 HMAC_CTX_cleanup(&hctx_tpl); 123 HMAC_CTX_cleanup(&hctx_tpl);
129 HMAC_CTX_cleanup(&hctx); 124 HMAC_CTX_cleanup(&hctx);
130 return 0; 125 return 0;
131 } 126 }
132 HMAC_CTX_cleanup(&hctx); 127 HMAC_CTX_cleanup(&hctx);
133 memcpy(p, digtmp, cplen); 128 memcpy(p, digtmp, cplen);
134 for(j = 1; j < iter; j++) 129 for (j = 1; j < iter; j++) {
135 { 130 if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
136 if (!HMAC_CTX_copy(&hctx, &hctx_tpl))
137 {
138 HMAC_CTX_cleanup(&hctx_tpl); 131 HMAC_CTX_cleanup(&hctx_tpl);
139 return 0; 132 return 0;
140 } 133 }
141 if (!HMAC_Update(&hctx, digtmp, mdlen) 134 if (!HMAC_Update(&hctx, digtmp, mdlen) ||
142 || !HMAC_Final(&hctx, digtmp, NULL)) 135 !HMAC_Final(&hctx, digtmp, NULL)) {
143 {
144 HMAC_CTX_cleanup(&hctx_tpl); 136 HMAC_CTX_cleanup(&hctx_tpl);
145 HMAC_CTX_cleanup(&hctx); 137 HMAC_CTX_cleanup(&hctx);
146 return 0; 138 return 0;
147 } 139 }
148 HMAC_CTX_cleanup(&hctx); 140 HMAC_CTX_cleanup(&hctx);
149 for(k = 0; k < cplen; k++) 141 for (k = 0; k < cplen; k++)
150 p[k] ^= digtmp[k]; 142 p[k] ^= digtmp[k];
151 }
152 tkeylen-= cplen;
153 i++;
154 p+= cplen;
155 } 143 }
144 tkeylen -= cplen;
145 i++;
146 p += cplen;
147 }
156 HMAC_CTX_cleanup(&hctx_tpl); 148 HMAC_CTX_cleanup(&hctx_tpl);
157#ifdef DEBUG_PKCS5V2 149#ifdef DEBUG_PKCS5V2
158 fprintf(stderr, "Password:\n"); 150 fprintf(stderr, "Password:\n");
@@ -164,15 +156,15 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
164 h__dump (out, keylen); 156 h__dump (out, keylen);
165#endif 157#endif
166 return 1; 158 return 1;
167 } 159}
168 160
169int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, 161int
170 const unsigned char *salt, int saltlen, int iter, 162PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, const unsigned char *salt,
171 int keylen, unsigned char *out) 163 int saltlen, int iter, int keylen, unsigned char *out)
172 { 164{
173 return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, EVP_sha1(), 165 return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter,
174 keylen, out); 166 EVP_sha1(), keylen, out);
175 } 167}
176 168
177#ifdef DO_TEST 169#ifdef DO_TEST
178main() 170main()
@@ -181,9 +173,8 @@ main()
181 unsigned char salt[] = {0x12, 0x34, 0x56, 0x78}; 173 unsigned char salt[] = {0x12, 0x34, 0x56, 0x78};
182 PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out); 174 PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out);
183 fprintf(stderr, "Out %02X %02X %02X %02X\n", 175 fprintf(stderr, "Out %02X %02X %02X %02X\n",
184 out[0], out[1], out[2], out[3]); 176 out[0], out[1], out[2], out[3]);
185} 177}
186
187#endif 178#endif
188 179
189/* Now the key derivation function itself. This is a bit evil because 180/* Now the key derivation function itself. This is a bit evil because
@@ -191,9 +182,9 @@ main()
191 * few of them... 182 * few of them...
192 */ 183 */
193 184
194int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, 185int
195 ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, 186PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
196 int en_de) 187 ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de)
197{ 188{
198 const unsigned char *pbuf; 189 const unsigned char *pbuf;
199 int plen; 190 int plen;
@@ -204,22 +195,22 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
204 195
205 if (param == NULL || param->type != V_ASN1_SEQUENCE || 196 if (param == NULL || param->type != V_ASN1_SEQUENCE ||
206 param->value.sequence == NULL) { 197 param->value.sequence == NULL) {
207 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); 198 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
208 goto err; 199 goto err;
209 } 200 }
210 201
211 pbuf = param->value.sequence->data; 202 pbuf = param->value.sequence->data;
212 plen = param->value.sequence->length; 203 plen = param->value.sequence->length;
213 if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { 204 if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
214 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); 205 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
215 goto err; 206 goto err;
216 } 207 }
217 208
218 /* See if we recognise the key derivation function */ 209 /* See if we recognise the key derivation function */
219 210
220 if(OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) { 211 if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
221 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, 212 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
222 EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION); 213 EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
223 goto err; 214 goto err;
224 } 215 }
225 216
@@ -228,30 +219,31 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
228 219
229 cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm); 220 cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm);
230 221
231 if(!cipher) { 222 if (!cipher) {
232 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, 223 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
233 EVP_R_UNSUPPORTED_CIPHER); 224 EVP_R_UNSUPPORTED_CIPHER);
234 goto err; 225 goto err;
235 } 226 }
236 227
237 /* Fixup cipher based on AlgorithmIdentifier */ 228 /* Fixup cipher based on AlgorithmIdentifier */
238 if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de)) 229 if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
239 goto err; 230 goto err;
240 if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) { 231 if (EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
241 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, 232 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
242 EVP_R_CIPHER_PARAMETER_ERROR); 233 EVP_R_CIPHER_PARAMETER_ERROR);
243 goto err; 234 goto err;
244 } 235 }
245 rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen, 236 rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
246 pbe2->keyfunc->parameter, c, md, en_de); 237 pbe2->keyfunc->parameter, c, md, en_de);
247 err: 238
239err:
248 PBE2PARAM_free(pbe2); 240 PBE2PARAM_free(pbe2);
249 return rv; 241 return rv;
250} 242}
251 243
252int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, 244int
253 ASN1_TYPE *param, 245PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
254 const EVP_CIPHER *c, const EVP_MD *md, int en_de) 246 ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de)
255{ 247{
256 unsigned char *salt, key[EVP_MAX_KEY_LENGTH]; 248 unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
257 const unsigned char *pbuf; 249 const unsigned char *pbuf;
@@ -262,27 +254,25 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
262 PBKDF2PARAM *kdf = NULL; 254 PBKDF2PARAM *kdf = NULL;
263 const EVP_MD *prfmd; 255 const EVP_MD *prfmd;
264 256
265 if (EVP_CIPHER_CTX_cipher(ctx) == NULL) 257 if (EVP_CIPHER_CTX_cipher(ctx) == NULL) {
266 { 258 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_NO_CIPHER_SET);
267 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_NO_CIPHER_SET);
268 goto err; 259 goto err;
269 } 260 }
270 keylen = EVP_CIPHER_CTX_key_length(ctx); 261 keylen = EVP_CIPHER_CTX_key_length(ctx);
271 OPENSSL_assert(keylen <= sizeof key); 262 OPENSSL_assert(keylen <= sizeof key);
272 263
273 /* Decode parameter */ 264 /* Decode parameter */
274 265
275 if(!param || (param->type != V_ASN1_SEQUENCE)) 266 if (!param || (param->type != V_ASN1_SEQUENCE)) {
276 { 267 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
277 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR);
278 goto err; 268 goto err;
279 } 269 }
280 270
281 pbuf = param->value.sequence->data; 271 pbuf = param->value.sequence->data;
282 plen = param->value.sequence->length; 272 plen = param->value.sequence->length;
283 273
284 if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) { 274 if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
285 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR); 275 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
286 goto err; 276 goto err;
287 } 277 }
288 278
@@ -290,9 +280,10 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
290 280
291 /* Now check the parameters of the kdf */ 281 /* Now check the parameters of the kdf */
292 282
293 if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){ 283 if (kdf->keylength &&
284 (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){
294 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, 285 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
295 EVP_R_UNSUPPORTED_KEYLENGTH); 286 EVP_R_UNSUPPORTED_KEYLENGTH);
296 goto err; 287 goto err;
297 } 288 }
298 289
@@ -301,22 +292,20 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
301 else 292 else
302 prf_nid = NID_hmacWithSHA1; 293 prf_nid = NID_hmacWithSHA1;
303 294
304 if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) 295 if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) {
305 {
306 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF); 296 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
307 goto err; 297 goto err;
308 } 298 }
309 299
310 prfmd = EVP_get_digestbynid(hmac_md_nid); 300 prfmd = EVP_get_digestbynid(hmac_md_nid);
311 if (prfmd == NULL) 301 if (prfmd == NULL) {
312 {
313 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF); 302 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
314 goto err; 303 goto err;
315 } 304 }
316 305
317 if(kdf->salt->type != V_ASN1_OCTET_STRING) { 306 if (kdf->salt->type != V_ASN1_OCTET_STRING) {
318 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, 307 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
319 EVP_R_UNSUPPORTED_SALT_TYPE); 308 EVP_R_UNSUPPORTED_SALT_TYPE);
320 goto err; 309 goto err;
321 } 310 }
322 311
@@ -324,11 +313,12 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
324 salt = kdf->salt->value.octet_string->data; 313 salt = kdf->salt->value.octet_string->data;
325 saltlen = kdf->salt->value.octet_string->length; 314 saltlen = kdf->salt->value.octet_string->length;
326 iter = ASN1_INTEGER_get(kdf->iter); 315 iter = ASN1_INTEGER_get(kdf->iter);
327 if(!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd, 316 if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
328 keylen, key)) 317 keylen, key))
329 goto err; 318 goto err;
330 rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); 319 rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
331 err: 320
321err:
332 OPENSSL_cleanse(key, keylen); 322 OPENSSL_cleanse(key, keylen);
333 PBKDF2PARAM_free(kdf); 323 PBKDF2PARAM_free(kdf);
334 return rv; 324 return rv;
@@ -337,8 +327,9 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
337#ifdef DEBUG_PKCS5V2 327#ifdef DEBUG_PKCS5V2
338static void h__dump (const unsigned char *p, int len) 328static void h__dump (const unsigned char *p, int len)
339{ 329{
340 for (; len --; p++) fprintf(stderr, "%02X ", *p); 330 for (; len --; p++)
341 fprintf(stderr, "\n"); 331 fprintf(stderr, "%02X ", *p);
332 fprintf(stderr, "\n");
342} 333}
343#endif 334#endif
344#endif 335#endif
diff --git a/src/lib/libssl/src/crypto/evp/p_dec.c b/src/lib/libssl/src/crypto/evp/p_dec.c
index 4201dcbad9..e6eb56e298 100644
--- a/src/lib/libssl/src/crypto/evp/p_dec.c
+++ b/src/lib/libssl/src/crypto/evp/p_dec.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -66,22 +66,24 @@
66#include <openssl/objects.h> 66#include <openssl/objects.h>
67#include <openssl/x509.h> 67#include <openssl/x509.h>
68 68
69int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl, 69int
70 EVP_PKEY *priv) 70EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
71 { 71 EVP_PKEY *priv)
72 int ret= -1; 72{
73 73 int ret = -1;
74
74#ifndef OPENSSL_NO_RSA 75#ifndef OPENSSL_NO_RSA
75 if (priv->type != EVP_PKEY_RSA) 76 if (priv->type != EVP_PKEY_RSA) {
76 {
77#endif 77#endif
78 EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA); 78 EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
79#ifndef OPENSSL_NO_RSA 79#ifndef OPENSSL_NO_RSA
80 goto err; 80 goto err;
81 } 81 }
82
83 ret = RSA_private_decrypt(ekl, ek, key, priv->pkey.rsa,
84 RSA_PKCS1_PADDING);
82 85
83 ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);
84err: 86err:
85#endif 87#endif
86 return(ret); 88 return (ret);
87 } 89}
diff --git a/src/lib/libssl/src/crypto/evp/p_enc.c b/src/lib/libssl/src/crypto/evp/p_enc.c
index b5a3a84c41..a921d72997 100644
--- a/src/lib/libssl/src/crypto/evp/p_enc.c
+++ b/src/lib/libssl/src/crypto/evp/p_enc.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -66,21 +66,21 @@
66#include <openssl/objects.h> 66#include <openssl/objects.h>
67#include <openssl/x509.h> 67#include <openssl/x509.h>
68 68
69int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_len, 69int
70 EVP_PKEY *pubk) 70EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_len,
71 { 71 EVP_PKEY *pubk)
72 int ret=0; 72{
73 73 int ret = 0;
74
74#ifndef OPENSSL_NO_RSA 75#ifndef OPENSSL_NO_RSA
75 if (pubk->type != EVP_PKEY_RSA) 76 if (pubk->type != EVP_PKEY_RSA) {
76 {
77#endif 77#endif
78 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA); 78 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
79#ifndef OPENSSL_NO_RSA 79#ifndef OPENSSL_NO_RSA
80 goto err; 80 goto err;
81 } 81 }
82 ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING); 82 ret = RSA_public_encrypt(key_len, key, ek, pubk->pkey.rsa, RSA_PKCS1_PADDING);
83err: 83err:
84#endif 84#endif
85 return(ret); 85 return (ret);
86 } 86}
diff --git a/src/lib/libssl/src/crypto/evp/p_lib.c b/src/lib/libssl/src/crypto/evp/p_lib.c
index 5f5f5e328d..97d922d1ba 100644
--- a/src/lib/libssl/src/crypto/evp/p_lib.c
+++ b/src/lib/libssl/src/crypto/evp/p_lib.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -82,134 +82,138 @@
82 82
83static void EVP_PKEY_free_it(EVP_PKEY *x); 83static void EVP_PKEY_free_it(EVP_PKEY *x);
84 84
85int EVP_PKEY_bits(EVP_PKEY *pkey) 85int
86 { 86EVP_PKEY_bits(EVP_PKEY *pkey)
87{
87 if (pkey && pkey->ameth && pkey->ameth->pkey_bits) 88 if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
88 return pkey->ameth->pkey_bits(pkey); 89 return pkey->ameth->pkey_bits(pkey);
89 return 0; 90 return 0;
90 } 91}
91 92
92int EVP_PKEY_size(EVP_PKEY *pkey) 93int
93 { 94EVP_PKEY_size(EVP_PKEY *pkey)
95{
94 if (pkey && pkey->ameth && pkey->ameth->pkey_size) 96 if (pkey && pkey->ameth && pkey->ameth->pkey_size)
95 return pkey->ameth->pkey_size(pkey); 97 return pkey->ameth->pkey_size(pkey);
96 return 0; 98 return 0;
97 } 99}
98 100
99int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) 101int
100 { 102EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
103{
101#ifndef OPENSSL_NO_DSA 104#ifndef OPENSSL_NO_DSA
102 if (pkey->type == EVP_PKEY_DSA) 105 if (pkey->type == EVP_PKEY_DSA) {
103 { 106 int ret = pkey->save_parameters;
104 int ret=pkey->save_parameters;
105 107
106 if (mode >= 0) 108 if (mode >= 0)
107 pkey->save_parameters=mode; 109 pkey->save_parameters = mode;
108 return(ret); 110 return (ret);
109 } 111 }
110#endif 112#endif
111#ifndef OPENSSL_NO_EC 113#ifndef OPENSSL_NO_EC
112 if (pkey->type == EVP_PKEY_EC) 114 if (pkey->type == EVP_PKEY_EC) {
113 {
114 int ret = pkey->save_parameters; 115 int ret = pkey->save_parameters;
115 116
116 if (mode >= 0) 117 if (mode >= 0)
117 pkey->save_parameters = mode; 118 pkey->save_parameters = mode;
118 return(ret); 119 return (ret);
119 }
120#endif
121 return(0);
122 } 120 }
121#endif
122 return (0);
123}
123 124
124int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 125int
125 { 126EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
126 if (to->type != from->type) 127{
127 { 128 if (to->type != from->type) {
128 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES); 129 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,
130 EVP_R_DIFFERENT_KEY_TYPES);
129 goto err; 131 goto err;
130 } 132 }
131 133
132 if (EVP_PKEY_missing_parameters(from)) 134 if (EVP_PKEY_missing_parameters(from)) {
133 { 135 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,
134 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS); 136 EVP_R_MISSING_PARAMETERS);
135 goto err; 137 goto err;
136 } 138 }
137 if (from->ameth && from->ameth->param_copy) 139 if (from->ameth && from->ameth->param_copy)
138 return from->ameth->param_copy(to, from); 140 return from->ameth->param_copy(to, from);
141
139err: 142err:
140 return 0; 143 return 0;
141 } 144}
142 145
143int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) 146int
144 { 147EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
148{
145 if (pkey->ameth && pkey->ameth->param_missing) 149 if (pkey->ameth && pkey->ameth->param_missing)
146 return pkey->ameth->param_missing(pkey); 150 return pkey->ameth->param_missing(pkey);
147 return 0; 151 return 0;
148 } 152}
149 153
150int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 154int
151 { 155EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
156{
152 if (a->type != b->type) 157 if (a->type != b->type)
153 return -1; 158 return -1;
154 if (a->ameth && a->ameth->param_cmp) 159 if (a->ameth && a->ameth->param_cmp)
155 return a->ameth->param_cmp(a, b); 160 return a->ameth->param_cmp(a, b);
156 return -2; 161 return -2;
157 } 162}
158 163
159int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 164int
160 { 165EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
166{
161 if (a->type != b->type) 167 if (a->type != b->type)
162 return -1; 168 return -1;
163 169
164 if (a->ameth) 170 if (a->ameth) {
165 {
166 int ret; 171 int ret;
167 /* Compare parameters if the algorithm has them */ 172 /* Compare parameters if the algorithm has them */
168 if (a->ameth->param_cmp) 173 if (a->ameth->param_cmp) {
169 {
170 ret = a->ameth->param_cmp(a, b); 174 ret = a->ameth->param_cmp(a, b);
171 if (ret <= 0) 175 if (ret <= 0)
172 return ret; 176 return ret;
173 } 177 }
174 178
175 if (a->ameth->pub_cmp) 179 if (a->ameth->pub_cmp)
176 return a->ameth->pub_cmp(a, b); 180 return a->ameth->pub_cmp(a, b);
177 } 181 }
178 182
179 return -2; 183 return -2;
180 } 184}
181 185
182EVP_PKEY *EVP_PKEY_new(void) 186EVP_PKEY *
183 { 187EVP_PKEY_new(void)
188{
184 EVP_PKEY *ret; 189 EVP_PKEY *ret;
185 190
186 ret=(EVP_PKEY *)malloc(sizeof(EVP_PKEY)); 191 ret = (EVP_PKEY *)malloc(sizeof(EVP_PKEY));
187 if (ret == NULL) 192 if (ret == NULL) {
188 { 193 EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE);
189 EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE); 194 return (NULL);
190 return(NULL);
191 }
192 ret->type=EVP_PKEY_NONE;
193 ret->save_type=EVP_PKEY_NONE;
194 ret->references=1;
195 ret->ameth=NULL;
196 ret->engine=NULL;
197 ret->pkey.ptr=NULL;
198 ret->attributes=NULL;
199 ret->save_parameters=1;
200 return(ret);
201 } 195 }
196 ret->type = EVP_PKEY_NONE;
197 ret->save_type = EVP_PKEY_NONE;
198 ret->references = 1;
199 ret->ameth = NULL;
200 ret->engine = NULL;
201 ret->pkey.ptr = NULL;
202 ret->attributes = NULL;
203 ret->save_parameters = 1;
204 return (ret);
205}
202 206
203/* Setup a public key ASN1 method and ENGINE from a NID or a string. 207/* Setup a public key ASN1 method and ENGINE from a NID or a string.
204 * If pkey is NULL just return 1 or 0 if the algorithm exists. 208 * If pkey is NULL just return 1 or 0 if the algorithm exists.
205 */ 209 */
206 210
207static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len) 211static int
208 { 212pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
213{
209 const EVP_PKEY_ASN1_METHOD *ameth; 214 const EVP_PKEY_ASN1_METHOD *ameth;
210 ENGINE *e = NULL; 215 ENGINE *e = NULL;
211 if (pkey) 216 if (pkey) {
212 {
213 if (pkey->pkey.ptr) 217 if (pkey->pkey.ptr)
214 EVP_PKEY_free_it(pkey); 218 EVP_PKEY_free_it(pkey);
215 /* If key type matches and a method exists then this 219 /* If key type matches and a method exists then this
@@ -219,13 +223,12 @@ static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
219 return 1; 223 return 1;
220#ifndef OPENSSL_NO_ENGINE 224#ifndef OPENSSL_NO_ENGINE
221 /* If we have an ENGINE release it */ 225 /* If we have an ENGINE release it */
222 if (pkey->engine) 226 if (pkey->engine) {
223 {
224 ENGINE_finish(pkey->engine); 227 ENGINE_finish(pkey->engine);
225 pkey->engine = NULL; 228 pkey->engine = NULL;
226 }
227#endif
228 } 229 }
230#endif
231 }
229 if (str) 232 if (str)
230 ameth = EVP_PKEY_asn1_find_str(&e, str, len); 233 ameth = EVP_PKEY_asn1_find_str(&e, str, len);
231 else 234 else
@@ -234,57 +237,61 @@ static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
234 if (!pkey && e) 237 if (!pkey && e)
235 ENGINE_finish(e); 238 ENGINE_finish(e);
236#endif 239#endif
237 if (!ameth) 240 if (!ameth) {
238 {
239 EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM); 241 EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
240 return 0; 242 return 0;
241 } 243 }
242 if (pkey) 244 if (pkey) {
243 {
244 pkey->ameth = ameth; 245 pkey->ameth = ameth;
245 pkey->engine = e; 246 pkey->engine = e;
246 247
247 pkey->type = pkey->ameth->pkey_id; 248 pkey->type = pkey->ameth->pkey_id;
248 pkey->save_type=type; 249 pkey->save_type = type;
249 }
250 return 1;
251 } 250 }
251 return 1;
252}
252 253
253int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) 254int
254 { 255EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
256{
255 return pkey_set_type(pkey, type, NULL, -1); 257 return pkey_set_type(pkey, type, NULL, -1);
256 } 258}
257 259
258int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) 260int
259 { 261EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
262{
260 return pkey_set_type(pkey, EVP_PKEY_NONE, str, len); 263 return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
261 } 264}
262 265
263int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) 266int
264 { 267EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
268{
265 if (!EVP_PKEY_set_type(pkey, type)) 269 if (!EVP_PKEY_set_type(pkey, type))
266 return 0; 270 return 0;
267 pkey->pkey.ptr=key; 271 pkey->pkey.ptr = key;
268 return (key != NULL); 272 return (key != NULL);
269 } 273}
270 274
271void *EVP_PKEY_get0(EVP_PKEY *pkey) 275void *
272 { 276EVP_PKEY_get0(EVP_PKEY *pkey)
277{
273 return pkey->pkey.ptr; 278 return pkey->pkey.ptr;
274 } 279}
275 280
276#ifndef OPENSSL_NO_RSA 281#ifndef OPENSSL_NO_RSA
277int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) 282int
283EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
278{ 284{
279 int ret = EVP_PKEY_assign_RSA(pkey, key); 285 int ret = EVP_PKEY_assign_RSA(pkey, key);
280 if(ret) 286 if (ret)
281 RSA_up_ref(key); 287 RSA_up_ref(key);
282 return ret; 288 return ret;
283} 289}
284 290
285RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) 291RSA *
286 { 292EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
287 if(pkey->type != EVP_PKEY_RSA) { 293{
294 if (pkey->type != EVP_PKEY_RSA) {
288 EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY); 295 EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
289 return NULL; 296 return NULL;
290 } 297 }
@@ -294,17 +301,19 @@ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
294#endif 301#endif
295 302
296#ifndef OPENSSL_NO_DSA 303#ifndef OPENSSL_NO_DSA
297int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) 304int
305EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
298{ 306{
299 int ret = EVP_PKEY_assign_DSA(pkey, key); 307 int ret = EVP_PKEY_assign_DSA(pkey, key);
300 if(ret) 308 if (ret)
301 DSA_up_ref(key); 309 DSA_up_ref(key);
302 return ret; 310 return ret;
303} 311}
304 312
305DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) 313DSA *
306 { 314EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
307 if(pkey->type != EVP_PKEY_DSA) { 315{
316 if (pkey->type != EVP_PKEY_DSA) {
308 EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY); 317 EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
309 return NULL; 318 return NULL;
310 } 319 }
@@ -315,18 +324,19 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
315 324
316#ifndef OPENSSL_NO_EC 325#ifndef OPENSSL_NO_EC
317 326
318int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) 327int
328EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
319{ 329{
320 int ret = EVP_PKEY_assign_EC_KEY(pkey,key); 330 int ret = EVP_PKEY_assign_EC_KEY(pkey, key);
321 if (ret) 331 if (ret)
322 EC_KEY_up_ref(key); 332 EC_KEY_up_ref(key);
323 return ret; 333 return ret;
324} 334}
325 335
326EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) 336EC_KEY *
337EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
327{ 338{
328 if (pkey->type != EVP_PKEY_EC) 339 if (pkey->type != EVP_PKEY_EC) {
329 {
330 EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); 340 EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
331 return NULL; 341 return NULL;
332 } 342 }
@@ -338,17 +348,19 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
338 348
339#ifndef OPENSSL_NO_DH 349#ifndef OPENSSL_NO_DH
340 350
341int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) 351int
352EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
342{ 353{
343 int ret = EVP_PKEY_assign_DH(pkey, key); 354 int ret = EVP_PKEY_assign_DH(pkey, key);
344 if(ret) 355 if (ret)
345 DH_up_ref(key); 356 DH_up_ref(key);
346 return ret; 357 return ret;
347} 358}
348 359
349DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) 360DH *
350 { 361EVP_PKEY_get1_DH(EVP_PKEY *pkey)
351 if(pkey->type != EVP_PKEY_DH) { 362{
363 if (pkey->type != EVP_PKEY_DH) {
352 EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY); 364 EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
353 return NULL; 365 return NULL;
354 } 366 }
@@ -357,8 +369,9 @@ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
357} 369}
358#endif 370#endif
359 371
360int EVP_PKEY_type(int type) 372int
361 { 373EVP_PKEY_type(int type)
374{
362 int ret; 375 int ret;
363 const EVP_PKEY_ASN1_METHOD *ameth; 376 const EVP_PKEY_ASN1_METHOD *ameth;
364 ENGINE *e; 377 ENGINE *e;
@@ -372,89 +385,97 @@ int EVP_PKEY_type(int type)
372 ENGINE_finish(e); 385 ENGINE_finish(e);
373#endif 386#endif
374 return ret; 387 return ret;
375 } 388}
376 389
377int EVP_PKEY_id(const EVP_PKEY *pkey) 390int
378 { 391EVP_PKEY_id(const EVP_PKEY *pkey)
392{
379 return pkey->type; 393 return pkey->type;
380 } 394}
381 395
382int EVP_PKEY_base_id(const EVP_PKEY *pkey) 396int
383 { 397EVP_PKEY_base_id(const EVP_PKEY *pkey)
398{
384 return EVP_PKEY_type(pkey->type); 399 return EVP_PKEY_type(pkey->type);
385 } 400}
386 401
387void EVP_PKEY_free(EVP_PKEY *x) 402void
388 { 403EVP_PKEY_free(EVP_PKEY *x)
404{
389 int i; 405 int i;
390 406
391 if (x == NULL) return; 407 if (x == NULL)
408 return;
392 409
393 i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY); 410 i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_EVP_PKEY);
394 if (i > 0) return; 411 if (i > 0)
412 return;
395 413
396 EVP_PKEY_free_it(x); 414 EVP_PKEY_free_it(x);
397 if (x->attributes) 415 if (x->attributes)
398 sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); 416 sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
399 free(x); 417 free(x);
400 } 418}
401 419
402static void EVP_PKEY_free_it(EVP_PKEY *x) 420static void
403 { 421EVP_PKEY_free_it(EVP_PKEY *x)
404 if (x->ameth && x->ameth->pkey_free) 422{
405 { 423 if (x->ameth && x->ameth->pkey_free) {
406 x->ameth->pkey_free(x); 424 x->ameth->pkey_free(x);
407 x->pkey.ptr = NULL; 425 x->pkey.ptr = NULL;
408 } 426 }
409#ifndef OPENSSL_NO_ENGINE 427#ifndef OPENSSL_NO_ENGINE
410 if (x->engine) 428 if (x->engine) {
411 {
412 ENGINE_finish(x->engine); 429 ENGINE_finish(x->engine);
413 x->engine = NULL; 430 x->engine = NULL;
414 }
415#endif
416 } 431 }
432#endif
433}
417 434
418static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, 435static int
419 const char *kstr) 436unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, const char *kstr)
420 { 437{
421 BIO_indent(out, indent, 128); 438 BIO_indent(out, indent, 128);
422 BIO_printf(out, "%s algorithm \"%s\" unsupported\n", 439 BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
423 kstr, OBJ_nid2ln(pkey->type)); 440 kstr, OBJ_nid2ln(pkey->type));
424 return 1; 441 return 1;
425 } 442}
426 443
427int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, 444int
428 int indent, ASN1_PCTX *pctx) 445EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent,
429 { 446 ASN1_PCTX *pctx)
447{
430 if (pkey->ameth && pkey->ameth->pub_print) 448 if (pkey->ameth && pkey->ameth->pub_print)
431 return pkey->ameth->pub_print(out, pkey, indent, pctx); 449 return pkey->ameth->pub_print(out, pkey, indent, pctx);
432 450
433 return unsup_alg(out, pkey, indent, "Public Key"); 451 return unsup_alg(out, pkey, indent, "Public Key");
434 } 452}
435 453
436int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, 454int
437 int indent, ASN1_PCTX *pctx) 455EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent,
438 { 456 ASN1_PCTX *pctx)
457{
439 if (pkey->ameth && pkey->ameth->priv_print) 458 if (pkey->ameth && pkey->ameth->priv_print)
440 return pkey->ameth->priv_print(out, pkey, indent, pctx); 459 return pkey->ameth->priv_print(out, pkey, indent, pctx);
441 460
442 return unsup_alg(out, pkey, indent, "Private Key"); 461 return unsup_alg(out, pkey, indent, "Private Key");
443 } 462}
444 463
445int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, 464int
446 int indent, ASN1_PCTX *pctx) 465EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent,
447 { 466 ASN1_PCTX *pctx)
467{
448 if (pkey->ameth && pkey->ameth->param_print) 468 if (pkey->ameth && pkey->ameth->param_print)
449 return pkey->ameth->param_print(out, pkey, indent, pctx); 469 return pkey->ameth->param_print(out, pkey, indent, pctx);
450 return unsup_alg(out, pkey, indent, "Parameters"); 470 return unsup_alg(out, pkey, indent, "Parameters");
451 } 471}
452 472
453int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) 473int
454 { 474EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
475{
455 if (!pkey->ameth || !pkey->ameth->pkey_ctrl) 476 if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
456 return -2; 477 return -2;
457 return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 478 return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
458 0, pnid); 479 0, pnid);
459 } 480}
460 481
diff --git a/src/lib/libssl/src/crypto/evp/p_open.c b/src/lib/libssl/src/crypto/evp/p_open.c
index b832ec6a6b..88c0a45544 100644
--- a/src/lib/libssl/src/crypto/evp/p_open.c
+++ b/src/lib/libssl/src/crypto/evp/p_open.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -66,57 +66,60 @@
66#include <openssl/x509.h> 66#include <openssl/x509.h>
67#include <openssl/rsa.h> 67#include <openssl/rsa.h>
68 68
69int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, 69int
70 const unsigned char *ek, int ekl, const unsigned char *iv, 70EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
71 EVP_PKEY *priv) 71 const unsigned char *ek, int ekl, const unsigned char *iv, EVP_PKEY *priv)
72 { 72{
73 unsigned char *key=NULL; 73 unsigned char *key = NULL;
74 int i,size=0,ret=0; 74 int i, size = 0, ret = 0;
75 75
76 if(type) { 76 if (type) {
77 EVP_CIPHER_CTX_init(ctx); 77 EVP_CIPHER_CTX_init(ctx);
78 if(!EVP_DecryptInit_ex(ctx,type,NULL, NULL,NULL)) return 0; 78 if (!EVP_DecryptInit_ex(ctx, type, NULL, NULL, NULL))
79 return 0;
79 } 80 }
80 81
81 if(!priv) return 1; 82 if (!priv)
83 return 1;
82 84
83 if (priv->type != EVP_PKEY_RSA) 85 if (priv->type != EVP_PKEY_RSA) {
84 { 86 EVPerr(EVP_F_EVP_OPENINIT, EVP_R_PUBLIC_KEY_NOT_RSA);
85 EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
86 goto err; 87 goto err;
87 } 88 }
88 89
89 size=RSA_size(priv->pkey.rsa); 90 size = RSA_size(priv->pkey.rsa);
90 key=(unsigned char *)malloc(size+2); 91 key = (unsigned char *)malloc(size + 2);
91 if (key == NULL) 92 if (key == NULL) {
92 {
93 /* ERROR */ 93 /* ERROR */
94 EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE); 94 EVPerr(EVP_F_EVP_OPENINIT, ERR_R_MALLOC_FAILURE);
95 goto err; 95 goto err;
96 } 96 }
97 97
98 i=EVP_PKEY_decrypt_old(key,ek,ekl,priv); 98 i = EVP_PKEY_decrypt_old(key, ek, ekl, priv);
99 if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) 99 if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) {
100 {
101 /* ERROR */ 100 /* ERROR */
102 goto err; 101 goto err;
103 } 102 }
104 if(!EVP_DecryptInit_ex(ctx,NULL,NULL,key,iv)) goto err; 103 if (!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv))
104 goto err;
105
106 ret = 1;
105 107
106 ret=1;
107err: 108err:
108 if (key != NULL) OPENSSL_cleanse(key,size); 109 if (key != NULL)
110 OPENSSL_cleanse(key, size);
109 free(key); 111 free(key);
110 return(ret); 112 return (ret);
111 } 113}
112 114
113int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 115int
114 { 116EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
117{
115 int i; 118 int i;
116 119
117 i=EVP_DecryptFinal_ex(ctx,out,outl); 120 i = EVP_DecryptFinal_ex(ctx, out, outl);
118 if (i) 121 if (i)
119 i = EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL); 122 i = EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
120 return(i); 123 return (i);
121 } 124}
122#endif 125#endif
diff --git a/src/lib/libssl/src/crypto/evp/p_seal.c b/src/lib/libssl/src/crypto/evp/p_seal.c
index e5919b0fbf..6147447290 100644
--- a/src/lib/libssl/src/crypto/evp/p_seal.c
+++ b/src/lib/libssl/src/crypto/evp/p_seal.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -66,33 +66,36 @@
66#include <openssl/objects.h> 66#include <openssl/objects.h>
67#include <openssl/x509.h> 67#include <openssl/x509.h>
68 68
69int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek, 69int
70 int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk) 70EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
71 { 71 int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
72{
72 unsigned char key[EVP_MAX_KEY_LENGTH]; 73 unsigned char key[EVP_MAX_KEY_LENGTH];
73 int i; 74 int i;
74 75
75 if(type) { 76 if (type) {
76 EVP_CIPHER_CTX_init(ctx); 77 EVP_CIPHER_CTX_init(ctx);
77 if(!EVP_EncryptInit_ex(ctx,type,NULL,NULL,NULL)) return 0; 78 if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL))
79 return 0;
78 } 80 }
79 if ((npubk <= 0) || !pubk) 81 if ((npubk <= 0) || !pubk)
80 return 1; 82 return 1;
81 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) 83 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
82 return 0; 84 return 0;
83 if (EVP_CIPHER_CTX_iv_length(ctx)) 85 if (EVP_CIPHER_CTX_iv_length(ctx))
84 RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx)); 86 RAND_pseudo_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx));
85 87
86 if(!EVP_EncryptInit_ex(ctx,NULL,NULL,key,iv)) return 0; 88 if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
89 return 0;
87 90
88 for (i=0; i<npubk; i++) 91 for (i = 0; i < npubk; i++) {
89 { 92 ekl[i] = EVP_PKEY_encrypt_old(ek[i], key,
90 ekl[i]=EVP_PKEY_encrypt_old(ek[i],key,EVP_CIPHER_CTX_key_length(ctx), 93 EVP_CIPHER_CTX_key_length(ctx), pubk[i]);
91 pubk[i]); 94 if (ekl[i] <= 0)
92 if (ekl[i] <= 0) return(-1); 95 return (-1);
93 }
94 return(npubk);
95 } 96 }
97 return (npubk);
98}
96 99
97/* MACRO 100/* MACRO
98void EVP_SealUpdate(ctx,out,outl,in,inl) 101void EVP_SealUpdate(ctx,out,outl,in,inl)
@@ -106,11 +109,13 @@ int inl;
106 } 109 }
107*/ 110*/
108 111
109int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 112int
110 { 113EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
114{
111 int i; 115 int i;
112 i = EVP_EncryptFinal_ex(ctx,out,outl); 116
113 if (i) 117 i = EVP_EncryptFinal_ex(ctx, out, outl);
114 i = EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL); 118 if (i)
119 i = EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, NULL);
115 return i; 120 return i;
116 } 121}
diff --git a/src/lib/libssl/src/crypto/evp/p_sign.c b/src/lib/libssl/src/crypto/evp/p_sign.c
index 8afb664306..b064ec5fb5 100644
--- a/src/lib/libssl/src/crypto/evp/p_sign.c
+++ b/src/lib/libssl/src/crypto/evp/p_sign.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -63,37 +63,39 @@
63#include <openssl/x509.h> 63#include <openssl/x509.h>
64 64
65#ifdef undef 65#ifdef undef
66void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type) 66void
67 { 67EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
68 EVP_DigestInit_ex(ctx,type); 68{
69 } 69 EVP_DigestInit_ex(ctx, type);
70}
70 71
71void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, 72void
72 unsigned int count) 73EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
73 { 74 unsigned int count)
74 EVP_DigestUpdate(ctx,data,count); 75{
75 } 76 EVP_DigestUpdate(ctx, data, count);
77}
76#endif 78#endif
77 79
78int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, 80int
79 EVP_PKEY *pkey) 81EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
80 { 82 EVP_PKEY *pkey)
83{
81 unsigned char m[EVP_MAX_MD_SIZE]; 84 unsigned char m[EVP_MAX_MD_SIZE];
82 unsigned int m_len; 85 unsigned int m_len;
83 int i = 0,ok = 0,v; 86 int i = 0, ok = 0, v;
84 EVP_MD_CTX tmp_ctx; 87 EVP_MD_CTX tmp_ctx;
85 EVP_PKEY_CTX *pkctx = NULL; 88 EVP_PKEY_CTX *pkctx = NULL;
86 89
87 *siglen=0; 90 *siglen = 0;
88 EVP_MD_CTX_init(&tmp_ctx); 91 EVP_MD_CTX_init(&tmp_ctx);
89 if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx)) 92 if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
90 goto err; 93 goto err;
91 if (!EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len)) 94 if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
92 goto err; 95 goto err;
93 EVP_MD_CTX_cleanup(&tmp_ctx); 96 EVP_MD_CTX_cleanup(&tmp_ctx);
94 97
95 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) 98 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
96 {
97 size_t sltmp = (size_t)EVP_PKEY_size(pkey); 99 size_t sltmp = (size_t)EVP_PKEY_size(pkey);
98 i = 0; 100 i = 0;
99 pkctx = EVP_PKEY_CTX_new(pkey, NULL); 101 pkctx = EVP_PKEY_CTX_new(pkey, NULL);
@@ -107,33 +109,29 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
107 goto err; 109 goto err;
108 *siglen = sltmp; 110 *siglen = sltmp;
109 i = 1; 111 i = 1;
110 err: 112err:
111 EVP_PKEY_CTX_free(pkctx); 113 EVP_PKEY_CTX_free(pkctx);
112 return i; 114 return i;
113 } 115 }
114 116
115 for (i=0; i<4; i++) 117 for (i = 0; i < 4; i++) {
116 { 118 v = ctx->digest->required_pkey_type[i];
117 v=ctx->digest->required_pkey_type[i]; 119 if (v == 0)
118 if (v == 0) break; 120 break;
119 if (pkey->type == v) 121 if (pkey->type == v) {
120 { 122 ok = 1;
121 ok=1;
122 break; 123 break;
123 }
124 }
125 if (!ok)
126 {
127 EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
128 return(0);
129 }
130
131 if (ctx->digest->sign == NULL)
132 {
133 EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
134 return(0);
135 } 124 }
136 return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen, 125 }
137 pkey->pkey.ptr)); 126 if (!ok) {
127 EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
128 return (0);
138 } 129 }
139 130
131 if (ctx->digest->sign == NULL) {
132 EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
133 return (0);
134 }
135 return(ctx->digest->sign(ctx->digest->type, m,m_len, sigret, siglen,
136 pkey->pkey.ptr));
137}
diff --git a/src/lib/libssl/src/crypto/evp/p_verify.c b/src/lib/libssl/src/crypto/evp/p_verify.c
index c66d63ccf8..3b9b8ab7d6 100644
--- a/src/lib/libssl/src/crypto/evp/p_verify.c
+++ b/src/lib/libssl/src/crypto/evp/p_verify.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -62,24 +62,24 @@
62#include <openssl/objects.h> 62#include <openssl/objects.h>
63#include <openssl/x509.h> 63#include <openssl/x509.h>
64 64
65int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, 65int
66 unsigned int siglen, EVP_PKEY *pkey) 66EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
67 { 67 unsigned int siglen, EVP_PKEY *pkey)
68{
68 unsigned char m[EVP_MAX_MD_SIZE]; 69 unsigned char m[EVP_MAX_MD_SIZE];
69 unsigned int m_len; 70 unsigned int m_len;
70 int i = 0,ok = 0,v; 71 int i = 0, ok = 0, v;
71 EVP_MD_CTX tmp_ctx; 72 EVP_MD_CTX tmp_ctx;
72 EVP_PKEY_CTX *pkctx = NULL; 73 EVP_PKEY_CTX *pkctx = NULL;
73 74
74 EVP_MD_CTX_init(&tmp_ctx); 75 EVP_MD_CTX_init(&tmp_ctx);
75 if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx)) 76 if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
76 goto err; 77 goto err;
77 if (!EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len)) 78 if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
78 goto err; 79 goto err;
79 EVP_MD_CTX_cleanup(&tmp_ctx); 80 EVP_MD_CTX_cleanup(&tmp_ctx);
80 81
81 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) 82 if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
82 {
83 i = -1; 83 i = -1;
84 pkctx = EVP_PKEY_CTX_new(pkey, NULL); 84 pkctx = EVP_PKEY_CTX_new(pkey, NULL);
85 if (!pkctx) 85 if (!pkctx)
@@ -89,33 +89,30 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
89 if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) 89 if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
90 goto err; 90 goto err;
91 i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len); 91 i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
92 err: 92err:
93 EVP_PKEY_CTX_free(pkctx); 93 EVP_PKEY_CTX_free(pkctx);
94 return i; 94 return i;
95 } 95 }
96 96
97 for (i=0; i<4; i++) 97 for (i = 0; i < 4; i++) {
98 { 98 v = ctx->digest->required_pkey_type[i];
99 v=ctx->digest->required_pkey_type[i]; 99 if (v == 0)
100 if (v == 0) break; 100 break;
101 if (pkey->type == v) 101 if (pkey->type == v) {
102 { 102 ok = 1;
103 ok=1;
104 break; 103 break;
105 }
106 }
107 if (!ok)
108 {
109 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
110 return(-1);
111 }
112 if (ctx->digest->verify == NULL)
113 {
114 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
115 return(0);
116 } 104 }
117 105 }
118 return(ctx->digest->verify(ctx->digest->type,m,m_len, 106 if (!ok) {
119 sigbuf,siglen,pkey->pkey.ptr)); 107 EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
108 return (-1);
109 }
110 if (ctx->digest->verify == NULL) {
111 EVPerr(EVP_F_EVP_VERIFYFINAL,
112 EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
113 return (0);
120 } 114 }
121 115
116 return(ctx->digest->verify(ctx->digest->type, m, m_len,
117 sigbuf, siglen, pkey->pkey.ptr));
118}
diff --git a/src/lib/libssl/src/crypto/evp/pmeth_fn.c b/src/lib/libssl/src/crypto/evp/pmeth_fn.c
index c4676f2f8d..12dd9e26a1 100644
--- a/src/lib/libssl/src/crypto/evp/pmeth_fn.c
+++ b/src/lib/libssl/src/crypto/evp/pmeth_fn.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -79,15 +79,16 @@
79 } \ 79 } \
80 } 80 }
81 81
82int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) 82int
83 { 83EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
84{
84 int ret; 85 int ret;
85 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) 86
86 { 87 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
87 EVPerr(EVP_F_EVP_PKEY_SIGN_INIT, 88 EVPerr(EVP_F_EVP_PKEY_SIGN_INIT,
88 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 89 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
89 return -2; 90 return -2;
90 } 91 }
91 ctx->operation = EVP_PKEY_OP_SIGN; 92 ctx->operation = EVP_PKEY_OP_SIGN;
92 if (!ctx->pmeth->sign_init) 93 if (!ctx->pmeth->sign_init)
93 return 1; 94 return 1;
@@ -95,36 +96,35 @@ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
95 if (ret <= 0) 96 if (ret <= 0)
96 ctx->operation = EVP_PKEY_OP_UNDEFINED; 97 ctx->operation = EVP_PKEY_OP_UNDEFINED;
97 return ret; 98 return ret;
98 } 99}
99 100
100int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, 101int
101 unsigned char *sig, size_t *siglen, 102EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
102 const unsigned char *tbs, size_t tbslen) 103 const unsigned char *tbs, size_t tbslen)
103 { 104{
104 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) 105 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
105 {
106 EVPerr(EVP_F_EVP_PKEY_SIGN, 106 EVPerr(EVP_F_EVP_PKEY_SIGN,
107 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 107 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
108 return -2; 108 return -2;
109 } 109 }
110 if (ctx->operation != EVP_PKEY_OP_SIGN) 110 if (ctx->operation != EVP_PKEY_OP_SIGN) {
111 {
112 EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED); 111 EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED);
113 return -1; 112 return -1;
114 } 113 }
115 M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN) 114 M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
116 return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen); 115 return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
117 } 116}
118 117
119int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) 118int
120 { 119EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
120{
121 int ret; 121 int ret;
122 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) 122
123 { 123 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
124 EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT, 124 EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT,
125 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 125 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
126 return -2; 126 return -2;
127 } 127 }
128 ctx->operation = EVP_PKEY_OP_VERIFY; 128 ctx->operation = EVP_PKEY_OP_VERIFY;
129 if (!ctx->pmeth->verify_init) 129 if (!ctx->pmeth->verify_init)
130 return 1; 130 return 1;
@@ -132,35 +132,34 @@ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
132 if (ret <= 0) 132 if (ret <= 0)
133 ctx->operation = EVP_PKEY_OP_UNDEFINED; 133 ctx->operation = EVP_PKEY_OP_UNDEFINED;
134 return ret; 134 return ret;
135 } 135}
136 136
137int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, 137int
138 const unsigned char *sig, size_t siglen, 138EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
139 const unsigned char *tbs, size_t tbslen) 139 const unsigned char *tbs, size_t tbslen)
140 { 140{
141 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) 141 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
142 {
143 EVPerr(EVP_F_EVP_PKEY_VERIFY, 142 EVPerr(EVP_F_EVP_PKEY_VERIFY,
144 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 143 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
145 return -2; 144 return -2;
146 } 145 }
147 if (ctx->operation != EVP_PKEY_OP_VERIFY) 146 if (ctx->operation != EVP_PKEY_OP_VERIFY) {
148 {
149 EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED); 147 EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED);
150 return -1; 148 return -1;
151 }
152 return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
153 } 149 }
150 return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
151}
154 152
155int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx) 153int
156 { 154EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
155{
157 int ret; 156 int ret;
158 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) 157
159 { 158 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
160 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT, 159 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT,
161 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 160 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
162 return -2; 161 return -2;
163 } 162 }
164 ctx->operation = EVP_PKEY_OP_VERIFYRECOVER; 163 ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
165 if (!ctx->pmeth->verify_recover_init) 164 if (!ctx->pmeth->verify_recover_init)
166 return 1; 165 return 1;
@@ -168,36 +167,36 @@ int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
168 if (ret <= 0) 167 if (ret <= 0)
169 ctx->operation = EVP_PKEY_OP_UNDEFINED; 168 ctx->operation = EVP_PKEY_OP_UNDEFINED;
170 return ret; 169 return ret;
171 } 170}
172 171
173int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, 172int
174 unsigned char *rout, size_t *routlen, 173EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen,
175 const unsigned char *sig, size_t siglen) 174 const unsigned char *sig, size_t siglen)
176 { 175{
177 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) 176 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
178 {
179 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, 177 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
180 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 178 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
181 return -2; 179 return -2;
182 } 180 }
183 if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) 181 if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
184 { 182 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
185 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, EVP_R_OPERATON_NOT_INITIALIZED); 183 EVP_R_OPERATON_NOT_INITIALIZED);
186 return -1; 184 return -1;
187 } 185 }
188 M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER) 186 M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
189 return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen); 187 return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
190 } 188}
191 189
192int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) 190int
193 { 191EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
192{
194 int ret; 193 int ret;
195 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) 194
196 { 195 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
197 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT, 196 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT,
198 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 197 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
199 return -2; 198 return -2;
200 } 199 }
201 ctx->operation = EVP_PKEY_OP_ENCRYPT; 200 ctx->operation = EVP_PKEY_OP_ENCRYPT;
202 if (!ctx->pmeth->encrypt_init) 201 if (!ctx->pmeth->encrypt_init)
203 return 1; 202 return 1;
@@ -205,36 +204,35 @@ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
205 if (ret <= 0) 204 if (ret <= 0)
206 ctx->operation = EVP_PKEY_OP_UNDEFINED; 205 ctx->operation = EVP_PKEY_OP_UNDEFINED;
207 return ret; 206 return ret;
208 } 207}
209 208
210int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, 209int
211 unsigned char *out, size_t *outlen, 210EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
212 const unsigned char *in, size_t inlen) 211 const unsigned char *in, size_t inlen)
213 { 212{
214 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) 213 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
215 {
216 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, 214 EVPerr(EVP_F_EVP_PKEY_ENCRYPT,
217 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 215 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
218 return -2; 216 return -2;
219 } 217 }
220 if (ctx->operation != EVP_PKEY_OP_ENCRYPT) 218 if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {
221 {
222 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED); 219 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
223 return -1; 220 return -1;
224 } 221 }
225 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT) 222 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
226 return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen); 223 return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
227 } 224}
228 225
229int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) 226int
230 { 227EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
228{
231 int ret; 229 int ret;
232 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) 230
233 { 231 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
234 EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT, 232 EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT,
235 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 233 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
236 return -2; 234 return -2;
237 } 235 }
238 ctx->operation = EVP_PKEY_OP_DECRYPT; 236 ctx->operation = EVP_PKEY_OP_DECRYPT;
239 if (!ctx->pmeth->decrypt_init) 237 if (!ctx->pmeth->decrypt_init)
240 return 1; 238 return 1;
@@ -242,37 +240,35 @@ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
242 if (ret <= 0) 240 if (ret <= 0)
243 ctx->operation = EVP_PKEY_OP_UNDEFINED; 241 ctx->operation = EVP_PKEY_OP_UNDEFINED;
244 return ret; 242 return ret;
245 } 243}
246 244
247int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, 245int
248 unsigned char *out, size_t *outlen, 246EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
249 const unsigned char *in, size_t inlen) 247 const unsigned char *in, size_t inlen)
250 { 248{
251 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) 249 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
252 {
253 EVPerr(EVP_F_EVP_PKEY_DECRYPT, 250 EVPerr(EVP_F_EVP_PKEY_DECRYPT,
254 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 251 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
255 return -2; 252 return -2;
256 } 253 }
257 if (ctx->operation != EVP_PKEY_OP_DECRYPT) 254 if (ctx->operation != EVP_PKEY_OP_DECRYPT) {
258 {
259 EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED); 255 EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
260 return -1; 256 return -1;
261 } 257 }
262 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT) 258 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
263 return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen); 259 return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
264 } 260}
265 261
266 262int
267int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) 263EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
268 { 264{
269 int ret; 265 int ret;
270 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) 266
271 { 267 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
272 EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT, 268 EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT,
273 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 269 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
274 return -2; 270 return -2;
275 } 271 }
276 ctx->operation = EVP_PKEY_OP_DERIVE; 272 ctx->operation = EVP_PKEY_OP_DERIVE;
277 if (!ctx->pmeth->derive_init) 273 if (!ctx->pmeth->derive_init)
278 return 1; 274 return 1;
@@ -280,23 +276,27 @@ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
280 if (ret <= 0) 276 if (ret <= 0)
281 ctx->operation = EVP_PKEY_OP_UNDEFINED; 277 ctx->operation = EVP_PKEY_OP_UNDEFINED;
282 return ret; 278 return ret;
283 } 279}
284 280
285int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) 281int
286 { 282EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
283{
287 int ret; 284 int ret;
288 if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive||ctx->pmeth->encrypt||ctx->pmeth->decrypt) || !ctx->pmeth->ctrl) 285
289 { 286 if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive ||
287 ctx->pmeth->encrypt || ctx->pmeth->decrypt) ||
288 !ctx->pmeth->ctrl) {
290 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 289 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
291 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 290 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
292 return -2; 291 return -2;
293 } 292 }
294 if (ctx->operation != EVP_PKEY_OP_DERIVE && ctx->operation != EVP_PKEY_OP_ENCRYPT && ctx->operation != EVP_PKEY_OP_DECRYPT) 293 if (ctx->operation != EVP_PKEY_OP_DERIVE &&
295 { 294 ctx->operation != EVP_PKEY_OP_ENCRYPT &&
295 ctx->operation != EVP_PKEY_OP_DECRYPT) {
296 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 296 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
297 EVP_R_OPERATON_NOT_INITIALIZED); 297 EVP_R_OPERATON_NOT_INITIALIZED);
298 return -1; 298 return -1;
299 } 299 }
300 300
301 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer); 301 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
302 302
@@ -306,18 +306,16 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
306 if (ret == 2) 306 if (ret == 2)
307 return 1; 307 return 1;
308 308
309 if (!ctx->pkey) 309 if (!ctx->pkey) {
310 {
311 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET); 310 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
312 return -1; 311 return -1;
313 } 312 }
314 313
315 if (ctx->pkey->type != peer->type) 314 if (ctx->pkey->type != peer->type) {
316 {
317 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 315 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
318 EVP_R_DIFFERENT_KEY_TYPES); 316 EVP_R_DIFFERENT_KEY_TYPES);
319 return -1; 317 return -1;
320 } 318 }
321 319
322 /* ran@cryptocom.ru: For clarity. The error is if parameters in peer are 320 /* ran@cryptocom.ru: For clarity. The error is if parameters in peer are
323 * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return 321 * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return
@@ -325,12 +323,11 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
325 * (different key types) is impossible here because it is checked earlier. 323 * (different key types) is impossible here because it is checked earlier.
326 * -2 is OK for us here, as well as 1, so we can check for 0 only. */ 324 * -2 is OK for us here, as well as 1, so we can check for 0 only. */
327 if (!EVP_PKEY_missing_parameters(peer) && 325 if (!EVP_PKEY_missing_parameters(peer) &&
328 !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) 326 !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
329 {
330 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 327 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
331 EVP_R_DIFFERENT_PARAMETERS); 328 EVP_R_DIFFERENT_PARAMETERS);
332 return -1; 329 return -1;
333 } 330 }
334 331
335 if (ctx->peerkey) 332 if (ctx->peerkey)
336 EVP_PKEY_free(ctx->peerkey); 333 EVP_PKEY_free(ctx->peerkey);
@@ -338,31 +335,27 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
338 335
339 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer); 336 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
340 337
341 if (ret <= 0) 338 if (ret <= 0) {
342 {
343 ctx->peerkey = NULL; 339 ctx->peerkey = NULL;
344 return ret; 340 return ret;
345 }
346
347 CRYPTO_add(&peer->references,1,CRYPTO_LOCK_EVP_PKEY);
348 return 1;
349 } 341 }
350 342
343 CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY);
344 return 1;
345}
351 346
352int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen) 347int
353 { 348EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
354 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) 349{
355 { 350 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
356 EVPerr(EVP_F_EVP_PKEY_DERIVE, 351 EVPerr(EVP_F_EVP_PKEY_DERIVE,
357 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 352 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
358 return -2; 353 return -2;
359 } 354 }
360 if (ctx->operation != EVP_PKEY_OP_DERIVE) 355 if (ctx->operation != EVP_PKEY_OP_DERIVE) {
361 {
362 EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED); 356 EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
363 return -1; 357 return -1;
364 } 358 }
365 M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE) 359 M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
366 return ctx->pmeth->derive(ctx, key, pkeylen); 360 return ctx->pmeth->derive(ctx, key, pkeylen);
367 } 361}
368
diff --git a/src/lib/libssl/src/crypto/evp/pmeth_gn.c b/src/lib/libssl/src/crypto/evp/pmeth_gn.c
index 4651c81370..c6683ab89b 100644
--- a/src/lib/libssl/src/crypto/evp/pmeth_gn.c
+++ b/src/lib/libssl/src/crypto/evp/pmeth_gn.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -64,15 +64,16 @@
64#include <openssl/bn.h> 64#include <openssl/bn.h>
65#include "evp_locl.h" 65#include "evp_locl.h"
66 66
67int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx) 67int
68 { 68EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
69{
69 int ret; 70 int ret;
70 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) 71
71 { 72 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
72 EVPerr(EVP_F_EVP_PKEY_PARAMGEN_INIT, 73 EVPerr(EVP_F_EVP_PKEY_PARAMGEN_INIT,
73 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 74 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
74 return -2; 75 return -2;
75 } 76 }
76 ctx->operation = EVP_PKEY_OP_PARAMGEN; 77 ctx->operation = EVP_PKEY_OP_PARAMGEN;
77 if (!ctx->pmeth->paramgen_init) 78 if (!ctx->pmeth->paramgen_init)
78 return 1; 79 return 1;
@@ -80,23 +81,23 @@ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
80 if (ret <= 0) 81 if (ret <= 0)
81 ctx->operation = EVP_PKEY_OP_UNDEFINED; 82 ctx->operation = EVP_PKEY_OP_UNDEFINED;
82 return ret; 83 return ret;
83 } 84}
84 85
85int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) 86int
86 { 87EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
88{
87 int ret; 89 int ret;
88 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) 90
89 { 91 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
90 EVPerr(EVP_F_EVP_PKEY_PARAMGEN, 92 EVPerr(EVP_F_EVP_PKEY_PARAMGEN,
91 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 93 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
92 return -2; 94 return -2;
93 } 95 }
94 96
95 if (ctx->operation != EVP_PKEY_OP_PARAMGEN) 97 if (ctx->operation != EVP_PKEY_OP_PARAMGEN) {
96 {
97 EVPerr(EVP_F_EVP_PKEY_PARAMGEN, EVP_R_OPERATON_NOT_INITIALIZED); 98 EVPerr(EVP_F_EVP_PKEY_PARAMGEN, EVP_R_OPERATON_NOT_INITIALIZED);
98 return -1; 99 return -1;
99 } 100 }
100 101
101 if (!ppkey) 102 if (!ppkey)
102 return -1; 103 return -1;
@@ -105,23 +106,23 @@ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
105 *ppkey = EVP_PKEY_new(); 106 *ppkey = EVP_PKEY_new();
106 107
107 ret = ctx->pmeth->paramgen(ctx, *ppkey); 108 ret = ctx->pmeth->paramgen(ctx, *ppkey);
108 if (ret <= 0) 109 if (ret <= 0) {
109 {
110 EVP_PKEY_free(*ppkey); 110 EVP_PKEY_free(*ppkey);
111 *ppkey = NULL; 111 *ppkey = NULL;
112 }
113 return ret;
114 } 112 }
113 return ret;
114}
115 115
116int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) 116int
117 { 117EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
118{
118 int ret; 119 int ret;
119 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) 120
120 { 121 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
121 EVPerr(EVP_F_EVP_PKEY_KEYGEN_INIT, 122 EVPerr(EVP_F_EVP_PKEY_KEYGEN_INIT,
122 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 123 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
123 return -2; 124 return -2;
124 } 125 }
125 ctx->operation = EVP_PKEY_OP_KEYGEN; 126 ctx->operation = EVP_PKEY_OP_KEYGEN;
126 if (!ctx->pmeth->keygen_init) 127 if (!ctx->pmeth->keygen_init)
127 return 1; 128 return 1;
@@ -129,23 +130,22 @@ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
129 if (ret <= 0) 130 if (ret <= 0)
130 ctx->operation = EVP_PKEY_OP_UNDEFINED; 131 ctx->operation = EVP_PKEY_OP_UNDEFINED;
131 return ret; 132 return ret;
132 } 133}
133 134
134int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) 135int
135 { 136EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
137{
136 int ret; 138 int ret;
137 139
138 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) 140 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
139 {
140 EVPerr(EVP_F_EVP_PKEY_KEYGEN, 141 EVPerr(EVP_F_EVP_PKEY_KEYGEN,
141 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 142 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
142 return -2; 143 return -2;
143 } 144 }
144 if (ctx->operation != EVP_PKEY_OP_KEYGEN) 145 if (ctx->operation != EVP_PKEY_OP_KEYGEN) {
145 {
146 EVPerr(EVP_F_EVP_PKEY_KEYGEN, EVP_R_OPERATON_NOT_INITIALIZED); 146 EVPerr(EVP_F_EVP_PKEY_KEYGEN, EVP_R_OPERATON_NOT_INITIALIZED);
147 return -1; 147 return -1;
148 } 148 }
149 149
150 if (!ppkey) 150 if (!ppkey)
151 return -1; 151 return -1;
@@ -154,68 +154,73 @@ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
154 *ppkey = EVP_PKEY_new(); 154 *ppkey = EVP_PKEY_new();
155 155
156 ret = ctx->pmeth->keygen(ctx, *ppkey); 156 ret = ctx->pmeth->keygen(ctx, *ppkey);
157 if (ret <= 0) 157 if (ret <= 0) {
158 {
159 EVP_PKEY_free(*ppkey); 158 EVP_PKEY_free(*ppkey);
160 *ppkey = NULL; 159 *ppkey = NULL;
161 }
162 return ret;
163 } 160 }
161 return ret;
162}
164 163
165void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb) 164void
166 { 165EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb)
166{
167 ctx->pkey_gencb = cb; 167 ctx->pkey_gencb = cb;
168 } 168}
169 169
170EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx) 170EVP_PKEY_gen_cb *
171 { 171EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx)
172{
172 return ctx->pkey_gencb; 173 return ctx->pkey_gencb;
173 } 174}
174 175
175/* "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB 176/* "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB
176 * style callbacks. 177 * style callbacks.
177 */ 178 */
178 179
179static int trans_cb(int a, int b, BN_GENCB *gcb) 180static int
180 { 181trans_cb(int a, int b, BN_GENCB *gcb)
182{
181 EVP_PKEY_CTX *ctx = gcb->arg; 183 EVP_PKEY_CTX *ctx = gcb->arg;
182 ctx->keygen_info[0] = a; 184 ctx->keygen_info[0] = a;
183 ctx->keygen_info[1] = b; 185 ctx->keygen_info[1] = b;
184 return ctx->pkey_gencb(ctx); 186 return ctx->pkey_gencb(ctx);
185 } 187}
186 188
187void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx) 189void
188 { 190evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx)
191{
189 BN_GENCB_set(cb, trans_cb, ctx) 192 BN_GENCB_set(cb, trans_cb, ctx)
190 } 193}
191 194
192int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx) 195int
193 { 196EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
197{
194 if (idx == -1) 198 if (idx == -1)
195 return ctx->keygen_info_count; 199 return ctx->keygen_info_count;
196 if (idx < 0 || idx > ctx->keygen_info_count) 200 if (idx < 0 || idx > ctx->keygen_info_count)
197 return 0; 201 return 0;
198 return ctx->keygen_info[idx]; 202 return ctx->keygen_info[idx];
199 } 203}
200 204
201EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, 205EVP_PKEY *
202 const unsigned char *key, int keylen) 206EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, int keylen)
203 { 207{
204 EVP_PKEY_CTX *mac_ctx = NULL; 208 EVP_PKEY_CTX *mac_ctx = NULL;
205 EVP_PKEY *mac_key = NULL; 209 EVP_PKEY *mac_key = NULL;
210
206 mac_ctx = EVP_PKEY_CTX_new_id(type, e); 211 mac_ctx = EVP_PKEY_CTX_new_id(type, e);
207 if (!mac_ctx) 212 if (!mac_ctx)
208 return NULL; 213 return NULL;
209 if (EVP_PKEY_keygen_init(mac_ctx) <= 0) 214 if (EVP_PKEY_keygen_init(mac_ctx) <= 0)
210 goto merr; 215 goto merr;
211 if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN, 216 if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,
212 EVP_PKEY_CTRL_SET_MAC_KEY, 217 EVP_PKEY_CTRL_SET_MAC_KEY, keylen, (void *)key) <= 0)
213 keylen, (void *)key) <= 0)
214 goto merr; 218 goto merr;
215 if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0) 219 if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
216 goto merr; 220 goto merr;
217 merr: 221
222merr:
218 if (mac_ctx) 223 if (mac_ctx)
219 EVP_PKEY_CTX_free(mac_ctx); 224 EVP_PKEY_CTX_free(mac_ctx);
220 return mac_key; 225 return mac_key;
221 } 226}
diff --git a/src/lib/libssl/src/crypto/evp/pmeth_lib.c b/src/lib/libssl/src/crypto/evp/pmeth_lib.c
index a9fb15fdfe..e51ae51098 100644
--- a/src/lib/libssl/src/crypto/evp/pmeth_lib.c
+++ b/src/lib/libssl/src/crypto/evp/pmeth_lib.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -75,8 +75,7 @@ STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
75extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth; 75extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
76extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth; 76extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
77 77
78static const EVP_PKEY_METHOD *standard_methods[] = 78static const EVP_PKEY_METHOD *standard_methods[] = {
79 {
80#ifndef OPENSSL_NO_RSA 79#ifndef OPENSSL_NO_RSA
81 &rsa_pkey_meth, 80 &rsa_pkey_meth,
82#endif 81#endif
@@ -91,62 +90,61 @@ static const EVP_PKEY_METHOD *standard_methods[] =
91#endif 90#endif
92 &hmac_pkey_meth, 91 &hmac_pkey_meth,
93 &cmac_pkey_meth 92 &cmac_pkey_meth
94 }; 93};
95 94
96DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *, 95DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
97 pmeth); 96 pmeth);
98 97
99static int pmeth_cmp(const EVP_PKEY_METHOD * const *a, 98static int
100 const EVP_PKEY_METHOD * const *b) 99pmeth_cmp(const EVP_PKEY_METHOD * const *a, const EVP_PKEY_METHOD * const *b)
101 { 100{
102 return ((*a)->pkey_id - (*b)->pkey_id); 101 return ((*a)->pkey_id - (*b)->pkey_id);
103 } 102}
104 103
105IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *, 104IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
106 pmeth); 105 pmeth);
107 106
108const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type) 107const EVP_PKEY_METHOD *
109 { 108EVP_PKEY_meth_find(int type)
109{
110 EVP_PKEY_METHOD tmp; 110 EVP_PKEY_METHOD tmp;
111 const EVP_PKEY_METHOD *t = &tmp, **ret; 111 const EVP_PKEY_METHOD *t = &tmp, **ret;
112
112 tmp.pkey_id = type; 113 tmp.pkey_id = type;
113 if (app_pkey_methods) 114 if (app_pkey_methods) {
114 {
115 int idx; 115 int idx;
116 idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp); 116 idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
117 if (idx >= 0) 117 if (idx >= 0)
118 return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx); 118 return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
119 } 119 }
120 ret = OBJ_bsearch_pmeth(&t, standard_methods, 120 ret = OBJ_bsearch_pmeth(&t, standard_methods,
121 sizeof(standard_methods)/sizeof(EVP_PKEY_METHOD *)); 121 sizeof(standard_methods)/sizeof(EVP_PKEY_METHOD *));
122 if (!ret || !*ret) 122 if (!ret || !*ret)
123 return NULL; 123 return NULL;
124 return *ret; 124 return *ret;
125 } 125}
126 126
127static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) 127static EVP_PKEY_CTX *
128 { 128int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
129{
129 EVP_PKEY_CTX *ret; 130 EVP_PKEY_CTX *ret;
130 const EVP_PKEY_METHOD *pmeth; 131 const EVP_PKEY_METHOD *pmeth;
131 if (id == -1) 132
132 { 133 if (id == -1) {
133 if (!pkey || !pkey->ameth) 134 if (!pkey || !pkey->ameth)
134 return NULL; 135 return NULL;
135 id = pkey->ameth->pkey_id; 136 id = pkey->ameth->pkey_id;
136 } 137 }
137#ifndef OPENSSL_NO_ENGINE 138#ifndef OPENSSL_NO_ENGINE
138 if (pkey && pkey->engine) 139 if (pkey && pkey->engine)
139 e = pkey->engine; 140 e = pkey->engine;
140 /* Try to find an ENGINE which implements this method */ 141 /* Try to find an ENGINE which implements this method */
141 if (e) 142 if (e) {
142 { 143 if (!ENGINE_init(e)) {
143 if (!ENGINE_init(e)) 144 EVPerr(EVP_F_INT_CTX_NEW, ERR_R_ENGINE_LIB);
144 {
145 EVPerr(EVP_F_INT_CTX_NEW,ERR_R_ENGINE_LIB);
146 return NULL; 145 return NULL;
147 }
148 } 146 }
149 else 147 } else
150 e = ENGINE_get_pkey_meth_engine(id); 148 e = ENGINE_get_pkey_meth_engine(id);
151 149
152 /* If an ENGINE handled this method look it up. Othewise 150 /* If an ENGINE handled this method look it up. Othewise
@@ -159,22 +157,20 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
159#endif 157#endif
160 pmeth = EVP_PKEY_meth_find(id); 158 pmeth = EVP_PKEY_meth_find(id);
161 159
162 if (pmeth == NULL) 160 if (pmeth == NULL) {
163 { 161 EVPerr(EVP_F_INT_CTX_NEW, EVP_R_UNSUPPORTED_ALGORITHM);
164 EVPerr(EVP_F_INT_CTX_NEW,EVP_R_UNSUPPORTED_ALGORITHM);
165 return NULL; 162 return NULL;
166 } 163 }
167 164
168 ret = malloc(sizeof(EVP_PKEY_CTX)); 165 ret = malloc(sizeof(EVP_PKEY_CTX));
169 if (!ret) 166 if (!ret) {
170 {
171#ifndef OPENSSL_NO_ENGINE 167#ifndef OPENSSL_NO_ENGINE
172 if (e) 168 if (e)
173 ENGINE_finish(e); 169 ENGINE_finish(e);
174#endif 170#endif
175 EVPerr(EVP_F_INT_CTX_NEW,ERR_R_MALLOC_FAILURE); 171 EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE);
176 return NULL; 172 return NULL;
177 } 173 }
178 ret->engine = e; 174 ret->engine = e;
179 ret->pmeth = pmeth; 175 ret->pmeth = pmeth;
180 ret->operation = EVP_PKEY_OP_UNDEFINED; 176 ret->operation = EVP_PKEY_OP_UNDEFINED;
@@ -182,24 +178,24 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
182 ret->peerkey = NULL; 178 ret->peerkey = NULL;
183 ret->pkey_gencb = 0; 179 ret->pkey_gencb = 0;
184 if (pkey) 180 if (pkey)
185 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); 181 CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
186 ret->data = NULL; 182 ret->data = NULL;
187 183
188 if (pmeth->init) 184 if (pmeth->init) {
189 { 185 if (pmeth->init(ret) <= 0) {
190 if (pmeth->init(ret) <= 0)
191 {
192 EVP_PKEY_CTX_free(ret); 186 EVP_PKEY_CTX_free(ret);
193 return NULL; 187 return NULL;
194 }
195 } 188 }
189 }
196 190
197 return ret; 191 return ret;
198 } 192}
199 193
200EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags) 194EVP_PKEY_METHOD*
201 { 195EVP_PKEY_meth_new(int id, int flags)
196{
202 EVP_PKEY_METHOD *pmeth; 197 EVP_PKEY_METHOD *pmeth;
198
203 pmeth = malloc(sizeof(EVP_PKEY_METHOD)); 199 pmeth = malloc(sizeof(EVP_PKEY_METHOD));
204 if (!pmeth) 200 if (!pmeth)
205 return NULL; 201 return NULL;
@@ -236,20 +232,20 @@ EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags)
236 pmeth->ctrl_str = 0; 232 pmeth->ctrl_str = 0;
237 233
238 return pmeth; 234 return pmeth;
239 } 235}
240 236
241void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, 237void
242 const EVP_PKEY_METHOD *meth) 238EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth)
243 { 239{
244 if (ppkey_id) 240 if (ppkey_id)
245 *ppkey_id = meth->pkey_id; 241 *ppkey_id = meth->pkey_id;
246 if (pflags) 242 if (pflags)
247 *pflags = meth->flags; 243 *pflags = meth->flags;
248 } 244}
249
250void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
251 {
252 245
246void
247EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
248{
253 dst->init = src->init; 249 dst->init = src->init;
254 dst->copy = src->copy; 250 dst->copy = src->copy;
255 dst->cleanup = src->cleanup; 251 dst->cleanup = src->cleanup;
@@ -286,36 +282,40 @@ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
286 282
287 dst->ctrl = src->ctrl; 283 dst->ctrl = src->ctrl;
288 dst->ctrl_str = src->ctrl_str; 284 dst->ctrl_str = src->ctrl_str;
289 } 285}
290 286
291void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth) 287void
292 { 288EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
289{
293 if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC)) 290 if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
294 free(pmeth); 291 free(pmeth);
295 } 292}
296 293
297EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e) 294EVP_PKEY_CTX *
298 { 295EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
296{
299 return int_ctx_new(pkey, e, -1); 297 return int_ctx_new(pkey, e, -1);
300 } 298}
301 299
302EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e) 300EVP_PKEY_CTX *
303 { 301EVP_PKEY_CTX_new_id(int id, ENGINE *e)
302{
304 return int_ctx_new(NULL, e, id); 303 return int_ctx_new(NULL, e, id);
305 } 304}
306 305
307EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) 306EVP_PKEY_CTX *
308 { 307EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
308{
309 EVP_PKEY_CTX *rctx; 309 EVP_PKEY_CTX *rctx;
310
310 if (!pctx->pmeth || !pctx->pmeth->copy) 311 if (!pctx->pmeth || !pctx->pmeth->copy)
311 return NULL; 312 return NULL;
312#ifndef OPENSSL_NO_ENGINE 313#ifndef OPENSSL_NO_ENGINE
313 /* Make sure it's safe to copy a pkey context using an ENGINE */ 314 /* Make sure it's safe to copy a pkey context using an ENGINE */
314 if (pctx->engine && !ENGINE_init(pctx->engine)) 315 if (pctx->engine && !ENGINE_init(pctx->engine)) {
315 { 316 EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_ENGINE_LIB);
316 EVPerr(EVP_F_EVP_PKEY_CTX_DUP,ERR_R_ENGINE_LIB);
317 return 0; 317 return 0;
318 } 318 }
319#endif 319#endif
320 rctx = malloc(sizeof(EVP_PKEY_CTX)); 320 rctx = malloc(sizeof(EVP_PKEY_CTX));
321 if (!rctx) 321 if (!rctx)
@@ -327,12 +327,12 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
327#endif 327#endif
328 328
329 if (pctx->pkey) 329 if (pctx->pkey)
330 CRYPTO_add(&pctx->pkey->references,1,CRYPTO_LOCK_EVP_PKEY); 330 CRYPTO_add(&pctx->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
331 331
332 rctx->pkey = pctx->pkey; 332 rctx->pkey = pctx->pkey;
333 333
334 if (pctx->peerkey) 334 if (pctx->peerkey)
335 CRYPTO_add(&pctx->peerkey->references,1,CRYPTO_LOCK_EVP_PKEY); 335 CRYPTO_add(&pctx->peerkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
336 336
337 rctx->peerkey = pctx->peerkey; 337 rctx->peerkey = pctx->peerkey;
338 338
@@ -345,25 +345,25 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
345 345
346 EVP_PKEY_CTX_free(rctx); 346 EVP_PKEY_CTX_free(rctx);
347 return NULL; 347 return NULL;
348}
348 349
349 } 350int
350 351EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
351int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth) 352{
352 { 353 if (app_pkey_methods == NULL) {
353 if (app_pkey_methods == NULL)
354 {
355 app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp); 354 app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
356 if (!app_pkey_methods) 355 if (!app_pkey_methods)
357 return 0; 356 return 0;
358 } 357 }
359 if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth)) 358 if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
360 return 0; 359 return 0;
361 sk_EVP_PKEY_METHOD_sort(app_pkey_methods); 360 sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
362 return 1; 361 return 1;
363 } 362}
364 363
365void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) 364void
366 { 365EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
366{
367 if (ctx == NULL) 367 if (ctx == NULL)
368 return; 368 return;
369 if (ctx->pmeth && ctx->pmeth->cleanup) 369 if (ctx->pmeth && ctx->pmeth->cleanup)
@@ -373,37 +373,36 @@ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
373 if (ctx->peerkey) 373 if (ctx->peerkey)
374 EVP_PKEY_free(ctx->peerkey); 374 EVP_PKEY_free(ctx->peerkey);
375#ifndef OPENSSL_NO_ENGINE 375#ifndef OPENSSL_NO_ENGINE
376 if(ctx->engine) 376 if (ctx->engine)
377 /* The EVP_PKEY_CTX we used belongs to an ENGINE, release the 377 /* The EVP_PKEY_CTX we used belongs to an ENGINE, release the
378 * functional reference we held for this reason. */ 378 * functional reference we held for this reason. */
379 ENGINE_finish(ctx->engine); 379 ENGINE_finish(ctx->engine);
380#endif 380#endif
381 free(ctx); 381 free(ctx);
382 } 382}
383 383
384int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, 384int
385 int cmd, int p1, void *p2) 385EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd,
386 { 386 int p1, void *p2)
387{
387 int ret; 388 int ret;
388 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) 389
389 { 390 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {
390 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED); 391 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
391 return -2; 392 return -2;
392 } 393 }
393 if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype)) 394 if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
394 return -1; 395 return -1;
395 396
396 if (ctx->operation == EVP_PKEY_OP_UNDEFINED) 397 if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {
397 {
398 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET); 398 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET);
399 return -1; 399 return -1;
400 } 400 }
401 401
402 if ((optype != -1) && !(ctx->operation & optype)) 402 if ((optype != -1) && !(ctx->operation & optype)) {
403 {
404 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION); 403 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION);
405 return -1; 404 return -1;
406 } 405 }
407 406
408 ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2); 407 ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
409 408
@@ -412,182 +411,201 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
412 411
413 return ret; 412 return ret;
414 413
415 } 414}
416 415
417int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, 416int
418 const char *name, const char *value) 417EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *name, const char *value)
419 { 418{
420 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) 419 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) {
421 {
422 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, 420 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
423 EVP_R_COMMAND_NOT_SUPPORTED); 421 EVP_R_COMMAND_NOT_SUPPORTED);
424 return -2; 422 return -2;
425 } 423 }
426 if (!strcmp(name, "digest")) 424 if (!strcmp(name, "digest")) {
427 {
428 const EVP_MD *md; 425 const EVP_MD *md;
429 if (!value || !(md = EVP_get_digestbyname(value))) 426 if (!value || !(md = EVP_get_digestbyname(value))) {
430 {
431 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, 427 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
432 EVP_R_INVALID_DIGEST); 428 EVP_R_INVALID_DIGEST);
433 return 0; 429 return 0;
434 }
435 return EVP_PKEY_CTX_set_signature_md(ctx, md);
436 } 430 }
437 return ctx->pmeth->ctrl_str(ctx, name, value); 431 return EVP_PKEY_CTX_set_signature_md(ctx, md);
438 } 432 }
433 return ctx->pmeth->ctrl_str(ctx, name, value);
434}
439 435
440int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx) 436int
441 { 437EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
438{
442 return ctx->operation; 439 return ctx->operation;
443 } 440}
444 441
445void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen) 442void
446 { 443EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen)
444{
447 ctx->keygen_info = dat; 445 ctx->keygen_info = dat;
448 ctx->keygen_info_count = datlen; 446 ctx->keygen_info_count = datlen;
449 } 447}
450 448
451void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data) 449void
452 { 450EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data)
451{
453 ctx->data = data; 452 ctx->data = data;
454 } 453}
455 454
456void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx) 455void *
457 { 456EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx)
457{
458 return ctx->data; 458 return ctx->data;
459 } 459}
460 460
461EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx) 461EVP_PKEY *
462 { 462EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
463{
463 return ctx->pkey; 464 return ctx->pkey;
464 } 465}
465 466
466EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx) 467EVP_PKEY *
467 { 468EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
469{
468 return ctx->peerkey; 470 return ctx->peerkey;
469 } 471}
470 472
471void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data) 473void
472 { 474EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
475{
473 ctx->app_data = data; 476 ctx->app_data = data;
474 } 477}
475 478
476void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx) 479void *
477 { 480EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
481{
478 return ctx->app_data; 482 return ctx->app_data;
479 } 483}
480 484
481void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, 485void
482 int (*init)(EVP_PKEY_CTX *ctx)) 486EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
483 { 487 int (*init)(EVP_PKEY_CTX *ctx))
488{
484 pmeth->init = init; 489 pmeth->init = init;
485 } 490}
486 491
487void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, 492void
488 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)) 493EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
489 { 494 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src))
495{
490 pmeth->copy = copy; 496 pmeth->copy = copy;
491 } 497}
492 498
493void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, 499void
494 void (*cleanup)(EVP_PKEY_CTX *ctx)) 500EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
495 { 501 void (*cleanup)(EVP_PKEY_CTX *ctx))
502{
496 pmeth->cleanup = cleanup; 503 pmeth->cleanup = cleanup;
497 } 504}
498 505
499void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, 506void
500 int (*paramgen_init)(EVP_PKEY_CTX *ctx), 507EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
501 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)) 508 int (*paramgen_init)(EVP_PKEY_CTX *ctx),
502 { 509 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
510{
503 pmeth->paramgen_init = paramgen_init; 511 pmeth->paramgen_init = paramgen_init;
504 pmeth->paramgen = paramgen; 512 pmeth->paramgen = paramgen;
505 } 513}
506 514
507void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, 515void
508 int (*keygen_init)(EVP_PKEY_CTX *ctx), 516EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
509 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)) 517 int (*keygen_init)(EVP_PKEY_CTX *ctx),
510 { 518 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
519{
511 pmeth->keygen_init = keygen_init; 520 pmeth->keygen_init = keygen_init;
512 pmeth->keygen = keygen; 521 pmeth->keygen = keygen;
513 } 522}
514 523
515void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, 524void
516 int (*sign_init)(EVP_PKEY_CTX *ctx), 525EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
517 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, 526 int (*sign_init)(EVP_PKEY_CTX *ctx),
518 const unsigned char *tbs, size_t tbslen)) 527 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
519 { 528 const unsigned char *tbs, size_t tbslen))
529{
520 pmeth->sign_init = sign_init; 530 pmeth->sign_init = sign_init;
521 pmeth->sign = sign; 531 pmeth->sign = sign;
522 } 532}
523 533
524void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, 534void
525 int (*verify_init)(EVP_PKEY_CTX *ctx), 535EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
526 int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, 536 int (*verify_init)(EVP_PKEY_CTX *ctx),
527 const unsigned char *tbs, size_t tbslen)) 537 int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
528 { 538 const unsigned char *tbs, size_t tbslen))
539{
529 pmeth->verify_init = verify_init; 540 pmeth->verify_init = verify_init;
530 pmeth->verify = verify; 541 pmeth->verify = verify;
531 } 542}
532 543
533void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, 544void
534 int (*verify_recover_init)(EVP_PKEY_CTX *ctx), 545EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
535 int (*verify_recover)(EVP_PKEY_CTX *ctx, 546 int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
536 unsigned char *sig, size_t *siglen, 547 int (*verify_recover)(EVP_PKEY_CTX *ctx,
537 const unsigned char *tbs, size_t tbslen)) 548 unsigned char *sig, size_t *siglen,
538 { 549 const unsigned char *tbs, size_t tbslen))
550{
539 pmeth->verify_recover_init = verify_recover_init; 551 pmeth->verify_recover_init = verify_recover_init;
540 pmeth->verify_recover = verify_recover; 552 pmeth->verify_recover = verify_recover;
541 } 553}
542 554
543void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, 555void
544 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), 556EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
545 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, 557 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
546 EVP_MD_CTX *mctx)) 558 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
547 { 559 EVP_MD_CTX *mctx))
560{
548 pmeth->signctx_init = signctx_init; 561 pmeth->signctx_init = signctx_init;
549 pmeth->signctx = signctx; 562 pmeth->signctx = signctx;
550 } 563}
551 564
552void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, 565void
553 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), 566EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
554 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen, 567 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
555 EVP_MD_CTX *mctx)) 568 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
556 { 569 EVP_MD_CTX *mctx))
570{
557 pmeth->verifyctx_init = verifyctx_init; 571 pmeth->verifyctx_init = verifyctx_init;
558 pmeth->verifyctx = verifyctx; 572 pmeth->verifyctx = verifyctx;
559 } 573}
560 574
561void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, 575void
562 int (*encrypt_init)(EVP_PKEY_CTX *ctx), 576EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
563 int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, 577 int (*encrypt_init)(EVP_PKEY_CTX *ctx),
564 const unsigned char *in, size_t inlen)) 578 int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
565 { 579 const unsigned char *in, size_t inlen))
580{
566 pmeth->encrypt_init = encrypt_init; 581 pmeth->encrypt_init = encrypt_init;
567 pmeth->encrypt = encryptfn; 582 pmeth->encrypt = encryptfn;
568 } 583}
569 584
570void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, 585void
571 int (*decrypt_init)(EVP_PKEY_CTX *ctx), 586EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
572 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, 587 int (*decrypt_init)(EVP_PKEY_CTX *ctx),
573 const unsigned char *in, size_t inlen)) 588 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
574 { 589 const unsigned char *in, size_t inlen))
590{
575 pmeth->decrypt_init = decrypt_init; 591 pmeth->decrypt_init = decrypt_init;
576 pmeth->decrypt = decrypt; 592 pmeth->decrypt = decrypt;
577 } 593}
578 594
579void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, 595void
580 int (*derive_init)(EVP_PKEY_CTX *ctx), 596EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
581 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)) 597 int (*derive_init)(EVP_PKEY_CTX *ctx),
582 { 598 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen))
599{
583 pmeth->derive_init = derive_init; 600 pmeth->derive_init = derive_init;
584 pmeth->derive = derive; 601 pmeth->derive = derive;
585 } 602}
586 603
587void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, 604void
588 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2), 605EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
589 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value)) 606 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
590 { 607 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value))
608{
591 pmeth->ctrl = ctrl; 609 pmeth->ctrl = ctrl;
592 pmeth->ctrl_str = ctrl_str; 610 pmeth->ctrl_str = ctrl_str;
593 } 611}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-23 04:03:33 +0000