summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libcrypto/engine/eng_lib.c290
-rw-r--r--src/lib/libcrypto/engine/eng_openssl.c228
-rw-r--r--src/lib/libcrypto/engine/eng_padlock.c496
-rw-r--r--src/lib/libcrypto/engine/eng_pkey.c157
-rw-r--r--src/lib/libcrypto/engine/eng_rsax.c613
-rw-r--r--src/lib/libcrypto/engine/eng_table.c258
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_lib.c290
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_openssl.c228
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_padlock.c496
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_pkey.c157
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_rsax.c613
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_table.c258
12 files changed, 2162 insertions, 1922 deletions
diff --git a/src/lib/libcrypto/engine/eng_lib.c b/src/lib/libcrypto/engine/eng_lib.c
index 4288535d72..569b7199ce 100644
--- a/src/lib/libcrypto/engine/eng_lib.c
+++ b/src/lib/libcrypto/engine/eng_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_lib.c,v 1.7 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: eng_lib.c,v 1.8 2014/06/22 12:05:09 jsing Exp $ */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL 2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -61,28 +61,29 @@
61 61
62/* The "new"/"free" stuff first */ 62/* The "new"/"free" stuff first */
63 63
64ENGINE *ENGINE_new(void) 64ENGINE *
65 { 65ENGINE_new(void)
66{
66 ENGINE *ret; 67 ENGINE *ret;
67 68
68 ret = malloc(sizeof(ENGINE)); 69 ret = malloc(sizeof(ENGINE));
69 if(ret == NULL) 70 if (ret == NULL) {
70 {
71 ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE); 71 ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE);
72 return NULL; 72 return NULL;
73 } 73 }
74 memset(ret, 0, sizeof(ENGINE)); 74 memset(ret, 0, sizeof(ENGINE));
75 ret->struct_ref = 1; 75 ret->struct_ref = 1;
76 engine_ref_debug(ret, 0, 1) 76 engine_ref_debug(ret, 0, 1)
77 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data); 77 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data);
78 return ret; 78 return ret;
79 } 79}
80 80
81/* Placed here (close proximity to ENGINE_new) so that modifications to the 81/* Placed here (close proximity to ENGINE_new) so that modifications to the
82 * elements of the ENGINE structure are more likely to be caught and changed 82 * elements of the ENGINE structure are more likely to be caught and changed
83 * here. */ 83 * here. */
84void engine_set_all_null(ENGINE *e) 84void
85 { 85engine_set_all_null(ENGINE *e)
86{
86 e->id = NULL; 87 e->id = NULL;
87 e->name = NULL; 88 e->name = NULL;
88 e->rsa_meth = NULL; 89 e->rsa_meth = NULL;
@@ -100,41 +101,43 @@ void engine_set_all_null(ENGINE *e)
100 e->load_pubkey = NULL; 101 e->load_pubkey = NULL;
101 e->cmd_defns = NULL; 102 e->cmd_defns = NULL;
102 e->flags = 0; 103 e->flags = 0;
103 } 104}
104 105
105int engine_free_util(ENGINE *e, int locked) 106int
106 { 107engine_free_util(ENGINE *e, int locked)
108{
107 int i; 109 int i;
108 110
109 if(e == NULL) 111 if (e == NULL) {
110 {
111 ENGINEerr(ENGINE_F_ENGINE_FREE_UTIL, 112 ENGINEerr(ENGINE_F_ENGINE_FREE_UTIL,
112 ERR_R_PASSED_NULL_PARAMETER); 113 ERR_R_PASSED_NULL_PARAMETER);
113 return 0; 114 return 0;
114 } 115 }
115 if(locked) 116 if (locked)
116 i = CRYPTO_add(&e->struct_ref,-1,CRYPTO_LOCK_ENGINE); 117 i = CRYPTO_add(&e->struct_ref, -1, CRYPTO_LOCK_ENGINE);
117 else 118 else
118 i = --e->struct_ref; 119 i = --e->struct_ref;
119 engine_ref_debug(e, 0, -1) 120 engine_ref_debug(e, 0, -1)
120 if (i > 0) return 1; 121 if (i > 0)
122 return 1;
121 123
122 /* Free up any dynamically allocated public key methods */ 124 /* Free up any dynamically allocated public key methods */
123 engine_pkey_meths_free(e); 125 engine_pkey_meths_free(e);
124 engine_pkey_asn1_meths_free(e); 126 engine_pkey_asn1_meths_free(e);
125 /* Give the ENGINE a chance to do any structural cleanup corresponding 127 /* Give the ENGINE a chance to do any structural cleanup corresponding
126 * to allocation it did in its constructor (eg. unload error strings) */ 128 * to allocation it did in its constructor (eg. unload error strings) */
127 if(e->destroy) 129 if (e->destroy)
128 e->destroy(e); 130 e->destroy(e);
129 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data); 131 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);
130 free(e); 132 free(e);
131 return 1; 133 return 1;
132 } 134}
133 135
134int ENGINE_free(ENGINE *e) 136int
135 { 137ENGINE_free(ENGINE *e)
138{
136 return engine_free_util(e, 1); 139 return engine_free_util(e, 1);
137 } 140}
138 141
139/* Cleanup stuff */ 142/* Cleanup stuff */
140 143
@@ -143,183 +146,218 @@ int ENGINE_free(ENGINE *e)
143 * bloat by referring to all *possible* cleanups, but any linker bloat into code 146 * bloat by referring to all *possible* cleanups, but any linker bloat into code
144 * "X" will cause X's cleanup function to end up here. */ 147 * "X" will cause X's cleanup function to end up here. */
145static STACK_OF(ENGINE_CLEANUP_ITEM) *cleanup_stack = NULL; 148static STACK_OF(ENGINE_CLEANUP_ITEM) *cleanup_stack = NULL;
146static int int_cleanup_check(int create) 149static int
147 { 150int_cleanup_check(int create)
148 if(cleanup_stack) return 1; 151{
149 if(!create) return 0; 152 if (cleanup_stack)
153 return 1;
154 if (!create)
155 return 0;
150 cleanup_stack = sk_ENGINE_CLEANUP_ITEM_new_null(); 156 cleanup_stack = sk_ENGINE_CLEANUP_ITEM_new_null();
151 return (cleanup_stack ? 1 : 0); 157 return (cleanup_stack ? 1 : 0);
152 } 158}
153static ENGINE_CLEANUP_ITEM *int_cleanup_item(ENGINE_CLEANUP_CB *cb) 159
154 { 160static ENGINE_CLEANUP_ITEM *
161int_cleanup_item(ENGINE_CLEANUP_CB *cb)
162{
155 ENGINE_CLEANUP_ITEM *item = malloc(sizeof(ENGINE_CLEANUP_ITEM)); 163 ENGINE_CLEANUP_ITEM *item = malloc(sizeof(ENGINE_CLEANUP_ITEM));
156 if(!item) return NULL; 164
165 if (!item)
166 return NULL;
157 item->cb = cb; 167 item->cb = cb;
158 return item; 168 return item;
159 } 169}
160void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb) 170
161 { 171void
172engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb)
173{
162 ENGINE_CLEANUP_ITEM *item; 174 ENGINE_CLEANUP_ITEM *item;
163 if(!int_cleanup_check(1)) return; 175
176 if (!int_cleanup_check(1))
177 return;
164 item = int_cleanup_item(cb); 178 item = int_cleanup_item(cb);
165 if(item) 179 if (item)
166 sk_ENGINE_CLEANUP_ITEM_insert(cleanup_stack, item, 0); 180 sk_ENGINE_CLEANUP_ITEM_insert(cleanup_stack, item, 0);
167 } 181}
168void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb) 182
169 { 183void
184engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb)
185{
170 ENGINE_CLEANUP_ITEM *item; 186 ENGINE_CLEANUP_ITEM *item;
171 if(!int_cleanup_check(1)) return; 187
188 if (!int_cleanup_check(1))
189 return;
172 item = int_cleanup_item(cb); 190 item = int_cleanup_item(cb);
173 if(item) 191 if (item)
174 sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item); 192 sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item);
175 } 193}
176/* The API function that performs all cleanup */ 194/* The API function that performs all cleanup */
177static void engine_cleanup_cb_free(ENGINE_CLEANUP_ITEM *item) 195static void
178 { 196engine_cleanup_cb_free(ENGINE_CLEANUP_ITEM *item)
197{
179 (*(item->cb))(); 198 (*(item->cb))();
180 free(item); 199 free(item);
181 } 200}
182void ENGINE_cleanup(void) 201
183 { 202void
184 if(int_cleanup_check(0)) 203ENGINE_cleanup(void)
185 { 204{
205 if (int_cleanup_check(0)) {
186 sk_ENGINE_CLEANUP_ITEM_pop_free(cleanup_stack, 206 sk_ENGINE_CLEANUP_ITEM_pop_free(cleanup_stack,
187 engine_cleanup_cb_free); 207 engine_cleanup_cb_free);
188 cleanup_stack = NULL; 208 cleanup_stack = NULL;
189 } 209 }
190 /* FIXME: This should be handled (somehow) through RAND, eg. by it 210 /* FIXME: This should be handled (somehow) through RAND, eg. by it
191 * registering a cleanup callback. */ 211 * registering a cleanup callback. */
192 RAND_set_rand_method(NULL); 212 RAND_set_rand_method(NULL);
193 } 213}
194 214
195/* Now the "ex_data" support */ 215/* Now the "ex_data" support */
196 216
197int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 217int
198 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) 218ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
199 { 219 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
220{
200 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp, 221 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp,
201 new_func, dup_func, free_func); 222 new_func, dup_func, free_func);
202 } 223}
203 224
204int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg) 225int
205 { 226ENGINE_set_ex_data(ENGINE *e, int idx, void *arg)
206 return(CRYPTO_set_ex_data(&e->ex_data, idx, arg)); 227{
207 } 228 return (CRYPTO_set_ex_data(&e->ex_data, idx, arg));
229}
208 230
209void *ENGINE_get_ex_data(const ENGINE *e, int idx) 231void *
210 { 232ENGINE_get_ex_data(const ENGINE *e, int idx)
211 return(CRYPTO_get_ex_data(&e->ex_data, idx)); 233{
212 } 234 return (CRYPTO_get_ex_data(&e->ex_data, idx));
235}
213 236
214/* Functions to get/set an ENGINE's elements - mainly to avoid exposing the 237/* Functions to get/set an ENGINE's elements - mainly to avoid exposing the
215 * ENGINE structure itself. */ 238 * ENGINE structure itself. */
216 239
217int ENGINE_set_id(ENGINE *e, const char *id) 240int
218 { 241ENGINE_set_id(ENGINE *e, const char *id)
219 if(id == NULL) 242{
220 { 243 if (id == NULL) {
221 ENGINEerr(ENGINE_F_ENGINE_SET_ID, 244 ENGINEerr(ENGINE_F_ENGINE_SET_ID,
222 ERR_R_PASSED_NULL_PARAMETER); 245 ERR_R_PASSED_NULL_PARAMETER);
223 return 0; 246 return 0;
224 } 247 }
225 e->id = id; 248 e->id = id;
226 return 1; 249 return 1;
227 } 250}
228 251
229int ENGINE_set_name(ENGINE *e, const char *name) 252int
230 { 253ENGINE_set_name(ENGINE *e, const char *name)
231 if(name == NULL) 254{
232 { 255 if (name == NULL) {
233 ENGINEerr(ENGINE_F_ENGINE_SET_NAME, 256 ENGINEerr(ENGINE_F_ENGINE_SET_NAME,
234 ERR_R_PASSED_NULL_PARAMETER); 257 ERR_R_PASSED_NULL_PARAMETER);
235 return 0; 258 return 0;
236 } 259 }
237 e->name = name; 260 e->name = name;
238 return 1; 261 return 1;
239 } 262}
240 263
241int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f) 264int
242 { 265ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f)
266{
243 e->destroy = destroy_f; 267 e->destroy = destroy_f;
244 return 1; 268 return 1;
245 } 269}
246 270
247int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f) 271int
248 { 272ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f)
273{
249 e->init = init_f; 274 e->init = init_f;
250 return 1; 275 return 1;
251 } 276}
252 277
253int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f) 278int
254 { 279ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f)
280{
255 e->finish = finish_f; 281 e->finish = finish_f;
256 return 1; 282 return 1;
257 } 283}
258 284
259int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f) 285int
260 { 286ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f)
287{
261 e->ctrl = ctrl_f; 288 e->ctrl = ctrl_f;
262 return 1; 289 return 1;
263 } 290}
264 291
265int ENGINE_set_flags(ENGINE *e, int flags) 292int
266 { 293ENGINE_set_flags(ENGINE *e, int flags)
294{
267 e->flags = flags; 295 e->flags = flags;
268 return 1; 296 return 1;
269 } 297}
270 298
271int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns) 299int
272 { 300ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns)
301{
273 e->cmd_defns = defns; 302 e->cmd_defns = defns;
274 return 1; 303 return 1;
275 } 304}
276 305
277const char *ENGINE_get_id(const ENGINE *e) 306const char *
278 { 307ENGINE_get_id(const ENGINE *e)
308{
279 return e->id; 309 return e->id;
280 } 310}
281 311
282const char *ENGINE_get_name(const ENGINE *e) 312const char *
283 { 313ENGINE_get_name(const ENGINE *e)
314{
284 return e->name; 315 return e->name;
285 } 316}
286 317
287ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e) 318ENGINE_GEN_INT_FUNC_PTR
288 { 319ENGINE_get_destroy_function(const ENGINE *e)
320{
289 return e->destroy; 321 return e->destroy;
290 } 322}
291 323
292ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e) 324ENGINE_GEN_INT_FUNC_PTR
293 { 325ENGINE_get_init_function(const ENGINE *e)
326{
294 return e->init; 327 return e->init;
295 } 328}
296 329
297ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e) 330ENGINE_GEN_INT_FUNC_PTR
298 { 331ENGINE_get_finish_function(const ENGINE *e)
332{
299 return e->finish; 333 return e->finish;
300 } 334}
301 335
302ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e) 336ENGINE_CTRL_FUNC_PTR
303 { 337ENGINE_get_ctrl_function(const ENGINE *e)
338{
304 return e->ctrl; 339 return e->ctrl;
305 } 340}
306 341
307int ENGINE_get_flags(const ENGINE *e) 342int
308 { 343ENGINE_get_flags(const ENGINE *e)
344{
309 return e->flags; 345 return e->flags;
310 } 346}
311 347
312const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e) 348const ENGINE_CMD_DEFN *
313 { 349ENGINE_get_cmd_defns(const ENGINE *e)
350{
314 return e->cmd_defns; 351 return e->cmd_defns;
315 } 352}
316 353
317/* eng_lib.o is pretty much linked into anything that touches ENGINE already, so 354/* eng_lib.o is pretty much linked into anything that touches ENGINE already, so
318 * put the "static_state" hack here. */ 355 * put the "static_state" hack here. */
319 356
320static int internal_static_hack = 0; 357static int internal_static_hack = 0;
321 358
322void *ENGINE_get_static_state(void) 359void *
323 { 360ENGINE_get_static_state(void)
361{
324 return &internal_static_hack; 362 return &internal_static_hack;
325 } 363}
diff --git a/src/lib/libcrypto/engine/eng_openssl.c b/src/lib/libcrypto/engine/eng_openssl.c
index f7cd8df622..9ba61dd842 100644
--- a/src/lib/libcrypto/engine/eng_openssl.c
+++ b/src/lib/libcrypto/engine/eng_openssl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_openssl.c,v 1.5 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: eng_openssl.c,v 1.6 2014/06/22 12:05:09 jsing Exp $ */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL 2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -57,7 +57,7 @@
57 */ 57 */
58/* ==================================================================== 58/* ====================================================================
59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
60 * ECDH support in OpenSSL originally developed by 60 * ECDH support in OpenSSL originally developed by
61 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 61 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
62 */ 62 */
63 63
@@ -106,21 +106,21 @@
106#undef TEST_ENG_OPENSSL_SHA_OTHERS 106#undef TEST_ENG_OPENSSL_SHA_OTHERS
107#undef TEST_ENG_OPENSSL_SHA_P_INIT 107#undef TEST_ENG_OPENSSL_SHA_P_INIT
108#undef TEST_ENG_OPENSSL_SHA_P_UPDATE 108#undef TEST_ENG_OPENSSL_SHA_P_UPDATE
109#undef TEST_ENG_OPENSSL_SHA_P_FINAL 109#undef TEST_ENG_OPENSSL_SHA_P_FINAL
110#endif 110#endif
111 111
112#ifdef TEST_ENG_OPENSSL_RC4 112#ifdef TEST_ENG_OPENSSL_RC4
113static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, 113static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
114 const int **nids, int nid); 114 const int **nids, int nid);
115#endif 115#endif
116#ifdef TEST_ENG_OPENSSL_SHA 116#ifdef TEST_ENG_OPENSSL_SHA
117static int openssl_digests(ENGINE *e, const EVP_MD **digest, 117static int openssl_digests(ENGINE *e, const EVP_MD **digest,
118 const int **nids, int nid); 118 const int **nids, int nid);
119#endif 119#endif
120 120
121#ifdef TEST_ENG_OPENSSL_PKEY 121#ifdef TEST_ENG_OPENSSL_PKEY
122static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id, 122static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
123 UI_METHOD *ui_method, void *callback_data); 123 UI_METHOD *ui_method, void *callback_data);
124#endif 124#endif
125 125
126/* The constants used when creating the ENGINE */ 126/* The constants used when creating the ENGINE */
@@ -129,79 +129,85 @@ static const char *engine_openssl_name = "Software engine support";
129 129
130/* This internal function is used by ENGINE_openssl() and possibly by the 130/* This internal function is used by ENGINE_openssl() and possibly by the
131 * "dynamic" ENGINE support too */ 131 * "dynamic" ENGINE support too */
132static int bind_helper(ENGINE *e) 132static int
133 { 133bind_helper(ENGINE *e)
134 if(!ENGINE_set_id(e, engine_openssl_id) 134{
135 || !ENGINE_set_name(e, engine_openssl_name) 135 if (!ENGINE_set_id(e, engine_openssl_id) ||
136 !ENGINE_set_name(e, engine_openssl_name)
136#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS 137#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
137#ifndef OPENSSL_NO_RSA 138#ifndef OPENSSL_NO_RSA
138 || !ENGINE_set_RSA(e, RSA_get_default_method()) 139 || !ENGINE_set_RSA(e, RSA_get_default_method())
139#endif 140#endif
140#ifndef OPENSSL_NO_DSA 141#ifndef OPENSSL_NO_DSA
141 || !ENGINE_set_DSA(e, DSA_get_default_method()) 142 || !ENGINE_set_DSA(e, DSA_get_default_method())
142#endif 143#endif
143#ifndef OPENSSL_NO_ECDH 144#ifndef OPENSSL_NO_ECDH
144 || !ENGINE_set_ECDH(e, ECDH_OpenSSL()) 145 || !ENGINE_set_ECDH(e, ECDH_OpenSSL())
145#endif 146#endif
146#ifndef OPENSSL_NO_ECDSA 147#ifndef OPENSSL_NO_ECDSA
147 || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL()) 148 || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
148#endif 149#endif
149#ifndef OPENSSL_NO_DH 150#ifndef OPENSSL_NO_DH
150 || !ENGINE_set_DH(e, DH_get_default_method()) 151 || !ENGINE_set_DH(e, DH_get_default_method())
151#endif 152#endif
152 || !ENGINE_set_RAND(e, RAND_SSLeay()) 153 || !ENGINE_set_RAND(e, RAND_SSLeay())
153#ifdef TEST_ENG_OPENSSL_RC4 154#ifdef TEST_ENG_OPENSSL_RC4
154 || !ENGINE_set_ciphers(e, openssl_ciphers) 155 || !ENGINE_set_ciphers(e, openssl_ciphers)
155#endif 156#endif
156#ifdef TEST_ENG_OPENSSL_SHA 157#ifdef TEST_ENG_OPENSSL_SHA
157 || !ENGINE_set_digests(e, openssl_digests) 158 || !ENGINE_set_digests(e, openssl_digests)
158#endif 159#endif
159#endif 160#endif
160#ifdef TEST_ENG_OPENSSL_PKEY 161#ifdef TEST_ENG_OPENSSL_PKEY
161 || !ENGINE_set_load_privkey_function(e, openssl_load_privkey) 162 || !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
162#endif 163#endif
163 ) 164 )
164 return 0; 165 return 0;
165 /* If we add errors to this ENGINE, ensure the error handling is setup here */ 166 /* If we add errors to this ENGINE, ensure the error handling is setup here */
166 /* openssl_load_error_strings(); */ 167 /* openssl_load_error_strings(); */
167 return 1; 168 return 1;
168 } 169}
169 170
170static ENGINE *engine_openssl(void) 171static ENGINE *
171 { 172engine_openssl(void)
173{
172 ENGINE *ret = ENGINE_new(); 174 ENGINE *ret = ENGINE_new();
173 if(!ret) 175
176 if (!ret)
174 return NULL; 177 return NULL;
175 if(!bind_helper(ret)) 178 if (!bind_helper(ret)) {
176 {
177 ENGINE_free(ret); 179 ENGINE_free(ret);
178 return NULL; 180 return NULL;
179 }
180 return ret;
181 } 181 }
182 return ret;
183}
182 184
183void ENGINE_load_openssl(void) 185void
184 { 186ENGINE_load_openssl(void)
187{
185 ENGINE *toadd = engine_openssl(); 188 ENGINE *toadd = engine_openssl();
186 if(!toadd) return; 189
190 if (!toadd)
191 return;
187 ENGINE_add(toadd); 192 ENGINE_add(toadd);
188 /* If the "add" worked, it gets a structural reference. So either way, 193 /* If the "add" worked, it gets a structural reference. So either way,
189 * we release our just-created reference. */ 194 * we release our just-created reference. */
190 ENGINE_free(toadd); 195 ENGINE_free(toadd);
191 ERR_clear_error(); 196 ERR_clear_error();
192 } 197}
193 198
194/* This stuff is needed if this ENGINE is being compiled into a self-contained 199/* This stuff is needed if this ENGINE is being compiled into a self-contained
195 * shared-library. */ 200 * shared-library. */
196#ifdef ENGINE_DYNAMIC_SUPPORT 201#ifdef ENGINE_DYNAMIC_SUPPORT
197static int bind_fn(ENGINE *e, const char *id) 202static int
198 { 203bind_fn(ENGINE *e, const char *id)
199 if(id && (strcmp(id, engine_openssl_id) != 0)) 204{
205 if (id && (strcmp(id, engine_openssl_id) != 0))
200 return 0; 206 return 0;
201 if(!bind_helper(e)) 207 if (!bind_helper(e))
202 return 0; 208 return 0;
203 return 1; 209 return 1;
204 } 210}
205IMPLEMENT_DYNAMIC_CHECK_FN() 211IMPLEMENT_DYNAMIC_CHECK_FN()
206IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) 212IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
207#endif /* ENGINE_DYNAMIC_SUPPORT */ 213#endif /* ENGINE_DYNAMIC_SUPPORT */
@@ -219,37 +225,42 @@ IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
219 */ 225 */
220#include <openssl/rc4.h> 226#include <openssl/rc4.h>
221#define TEST_RC4_KEY_SIZE 16 227#define TEST_RC4_KEY_SIZE 16
222static int test_cipher_nids[] = {NID_rc4,NID_rc4_40}; 228static int test_cipher_nids[] = {NID_rc4, NID_rc4_40};
223static int test_cipher_nids_number = 2; 229static int test_cipher_nids_number = 2;
230
224typedef struct { 231typedef struct {
225 unsigned char key[TEST_RC4_KEY_SIZE]; 232 unsigned char key[TEST_RC4_KEY_SIZE];
226 RC4_KEY ks; 233 RC4_KEY ks;
227 } TEST_RC4_KEY; 234} TEST_RC4_KEY;
235
228#define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data) 236#define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data)
229static int test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 237static int
230 const unsigned char *iv, int enc) 238test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
231 { 239 const unsigned char *iv, int enc)
240{
232#ifdef TEST_ENG_OPENSSL_RC4_P_INIT 241#ifdef TEST_ENG_OPENSSL_RC4_P_INIT
233 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n"); 242 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n");
234#endif 243#endif
235 memcpy(&test(ctx)->key[0],key,EVP_CIPHER_CTX_key_length(ctx)); 244 memcpy(&test(ctx)->key[0], key, EVP_CIPHER_CTX_key_length(ctx));
236 RC4_set_key(&test(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx), 245 RC4_set_key(&test(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
237 test(ctx)->key); 246 test(ctx)->key);
238 return 1; 247 return 1;
239 } 248}
240static int test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 249
241 const unsigned char *in, size_t inl) 250static int
242 { 251test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
252 const unsigned char *in, size_t inl)
253{
243#ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER 254#ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER
244 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n"); 255 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n");
245#endif 256#endif
246 RC4(&test(ctx)->ks,inl,in,out); 257 RC4(&test(ctx)->ks, inl, in, out);
247 return 1; 258 return 1;
248 } 259}
249static const EVP_CIPHER test_r4_cipher= 260
250 { 261static const EVP_CIPHER test_r4_cipher = {
251 NID_rc4, 262 NID_rc4,
252 1,TEST_RC4_KEY_SIZE,0, 263 1, TEST_RC4_KEY_SIZE, 0,
253 EVP_CIPH_VARIABLE_LENGTH, 264 EVP_CIPH_VARIABLE_LENGTH,
254 test_rc4_init_key, 265 test_rc4_init_key,
255 test_rc4_cipher, 266 test_rc4_cipher,
@@ -259,9 +270,9 @@ static const EVP_CIPHER test_r4_cipher=
259 NULL, 270 NULL,
260 NULL, 271 NULL,
261 NULL 272 NULL
262 }; 273};
263static const EVP_CIPHER test_r4_40_cipher= 274
264 { 275static const EVP_CIPHER test_r4_40_cipher = {
265 NID_rc4_40, 276 NID_rc4_40,
266 1,5 /* 40 bit */,0, 277 1,5 /* 40 bit */,0,
267 EVP_CIPH_VARIABLE_LENGTH, 278 EVP_CIPH_VARIABLE_LENGTH,
@@ -269,36 +280,35 @@ static const EVP_CIPHER test_r4_40_cipher=
269 test_rc4_cipher, 280 test_rc4_cipher,
270 NULL, 281 NULL,
271 sizeof(TEST_RC4_KEY), 282 sizeof(TEST_RC4_KEY),
272 NULL, 283 NULL,
273 NULL, 284 NULL,
274 NULL, 285 NULL,
275 NULL 286 NULL
276 }; 287};
277static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, 288
278 const int **nids, int nid) 289static int
279 { 290openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid)
280 if(!cipher) 291{
281 { 292 if (!cipher) {
282 /* We are returning a list of supported nids */ 293 /* We are returning a list of supported nids */
283 *nids = test_cipher_nids; 294 *nids = test_cipher_nids;
284 return test_cipher_nids_number; 295 return test_cipher_nids_number;
285 } 296 }
286 /* We are being asked for a specific cipher */ 297 /* We are being asked for a specific cipher */
287 if(nid == NID_rc4) 298 if (nid == NID_rc4)
288 *cipher = &test_r4_cipher; 299 *cipher = &test_r4_cipher;
289 else if(nid == NID_rc4_40) 300 else if (nid == NID_rc4_40)
290 *cipher = &test_r4_40_cipher; 301 *cipher = &test_r4_40_cipher;
291 else 302 else {
292 {
293#ifdef TEST_ENG_OPENSSL_RC4_OTHERS 303#ifdef TEST_ENG_OPENSSL_RC4_OTHERS
294 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for " 304 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for "
295 "nid %d\n", nid); 305 "nid %d\n", nid);
296#endif 306#endif
297 *cipher = NULL; 307 *cipher = NULL;
298 return 0; 308 return 0;
299 }
300 return 1;
301 } 309 }
310 return 1;
311}
302#endif 312#endif
303 313
304#ifdef TEST_ENG_OPENSSL_SHA 314#ifdef TEST_ENG_OPENSSL_SHA
@@ -306,29 +316,35 @@ static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
306#include <openssl/sha.h> 316#include <openssl/sha.h>
307static int test_digest_nids[] = {NID_sha1}; 317static int test_digest_nids[] = {NID_sha1};
308static int test_digest_nids_number = 1; 318static int test_digest_nids_number = 1;
309static int test_sha1_init(EVP_MD_CTX *ctx) 319
310 { 320static int
321test_sha1_init(EVP_MD_CTX *ctx)
322{
311#ifdef TEST_ENG_OPENSSL_SHA_P_INIT 323#ifdef TEST_ENG_OPENSSL_SHA_P_INIT
312 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n"); 324 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n");
313#endif 325#endif
314 return SHA1_Init(ctx->md_data); 326 return SHA1_Init(ctx->md_data);
315 } 327}
316static int test_sha1_update(EVP_MD_CTX *ctx,const void *data,size_t count) 328
317 { 329static int
330test_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count)
331{
318#ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE 332#ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE
319 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n"); 333 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n");
320#endif 334#endif
321 return SHA1_Update(ctx->md_data,data,count); 335 return SHA1_Update(ctx->md_data, data, count);
322 } 336}
323static int test_sha1_final(EVP_MD_CTX *ctx,unsigned char *md) 337
324 { 338static int
339test_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
340{
325#ifdef TEST_ENG_OPENSSL_SHA_P_FINAL 341#ifdef TEST_ENG_OPENSSL_SHA_P_FINAL
326 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n"); 342 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n");
327#endif 343#endif
328 return SHA1_Final(md,ctx->md_data); 344 return SHA1_Final(md, ctx->md_data);
329 } 345}
330static const EVP_MD test_sha_md= 346
331 { 347static const EVP_MD test_sha_md = {
332 NID_sha1, 348 NID_sha1,
333 NID_sha1WithRSAEncryption, 349 NID_sha1WithRSAEncryption,
334 SHA_DIGEST_LENGTH, 350 SHA_DIGEST_LENGTH,
@@ -340,45 +356,47 @@ static const EVP_MD test_sha_md=
340 NULL, 356 NULL,
341 EVP_PKEY_RSA_method, 357 EVP_PKEY_RSA_method,
342 SHA_CBLOCK, 358 SHA_CBLOCK,
343 sizeof(EVP_MD *)+sizeof(SHA_CTX), 359 sizeof(EVP_MD *) + sizeof(SHA_CTX),
344 }; 360};
345static int openssl_digests(ENGINE *e, const EVP_MD **digest, 361
346 const int **nids, int nid) 362static int
347 { 363openssl_digests(ENGINE *e, const EVP_MD **digest, const int **nids, int nid)
348 if(!digest) 364{
349 { 365 if (!digest) {
350 /* We are returning a list of supported nids */ 366 /* We are returning a list of supported nids */
351 *nids = test_digest_nids; 367 *nids = test_digest_nids;
352 return test_digest_nids_number; 368 return test_digest_nids_number;
353 } 369 }
354 /* We are being asked for a specific digest */ 370 /* We are being asked for a specific digest */
355 if(nid == NID_sha1) 371 if (nid == NID_sha1)
356 *digest = &test_sha_md; 372 *digest = &test_sha_md;
357 else 373 else {
358 {
359#ifdef TEST_ENG_OPENSSL_SHA_OTHERS 374#ifdef TEST_ENG_OPENSSL_SHA_OTHERS
360 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for " 375 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for "
361 "nid %d\n", nid); 376 "nid %d\n", nid);
362#endif 377#endif
363 *digest = NULL; 378 *digest = NULL;
364 return 0; 379 return 0;
365 }
366 return 1;
367 } 380 }
381 return 1;
382}
368#endif 383#endif
369 384
370#ifdef TEST_ENG_OPENSSL_PKEY 385#ifdef TEST_ENG_OPENSSL_PKEY
371static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id, 386static EVP_PKEY *
372 UI_METHOD *ui_method, void *callback_data) 387openssl_load_privkey(ENGINE *eng, const char *key_id, UI_METHOD *ui_method,
373 { 388 void *callback_data)
389{
374 BIO *in; 390 BIO *in;
375 EVP_PKEY *key; 391 EVP_PKEY *key;
376 fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n", key_id); 392
393 fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n",
394 key_id);
377 in = BIO_new_file(key_id, "r"); 395 in = BIO_new_file(key_id, "r");
378 if (!in) 396 if (!in)
379 return NULL; 397 return NULL;
380 key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL); 398 key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL);
381 BIO_free(in); 399 BIO_free(in);
382 return key; 400 return key;
383 } 401}
384#endif 402#endif
diff --git a/src/lib/libcrypto/engine/eng_padlock.c b/src/lib/libcrypto/engine/eng_padlock.c
index 0245f44de6..936a440b1a 100644
--- a/src/lib/libcrypto/engine/eng_padlock.c
+++ b/src/lib/libcrypto/engine/eng_padlock.c
@@ -1,11 +1,11 @@
1/* $OpenBSD: eng_padlock.c,v 1.10 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: eng_padlock.c,v 1.11 2014/06/22 12:05:09 jsing Exp $ */
2/* 2/*
3 * Support for VIA PadLock Advanced Cryptography Engine (ACE) 3 * Support for VIA PadLock Advanced Cryptography Engine (ACE)
4 * Written by Michal Ludvig <michal@logix.cz> 4 * Written by Michal Ludvig <michal@logix.cz>
5 * http://www.logix.cz/michal 5 * http://www.logix.cz/michal
6 * 6 *
7 * Big thanks to Andy Polyakov for a help with optimization, 7 * Big thanks to Andy Polyakov for a help with optimization,
8 * assembler fixes, port to MS Windows and a lot of other 8 * assembler fixes, port to MS Windows and a lot of other
9 * valuable work on this engine! 9 * valuable work on this engine!
10 */ 10 */
11 11
@@ -97,7 +97,7 @@
97/* VIA PadLock AES is available *ONLY* on some x86 CPUs. 97/* VIA PadLock AES is available *ONLY* on some x86 CPUs.
98 Not only that it doesn't exist elsewhere, but it 98 Not only that it doesn't exist elsewhere, but it
99 even can't be compiled on other platforms! 99 even can't be compiled on other platforms!
100 100
101 In addition, because of the heavy use of inline assembler, 101 In addition, because of the heavy use of inline assembler,
102 compiler choice is limited to GCC and Microsoft C. */ 102 compiler choice is limited to GCC and Microsoft C. */
103#undef COMPILE_HW_PADLOCK 103#undef COMPILE_HW_PADLOCK
@@ -117,7 +117,8 @@ void ENGINE_load_padlock (void)
117/* On non-x86 CPUs it just returns. */ 117/* On non-x86 CPUs it just returns. */
118#ifdef COMPILE_HW_PADLOCK 118#ifdef COMPILE_HW_PADLOCK
119 ENGINE *toadd = ENGINE_padlock (); 119 ENGINE *toadd = ENGINE_padlock ();
120 if (!toadd) return; 120 if (!toadd)
121 return;
121 ENGINE_add (toadd); 122 ENGINE_add (toadd);
122 ENGINE_free (toadd); 123 ENGINE_free (toadd);
123 ERR_clear_error (); 124 ERR_clear_error ();
@@ -169,19 +170,18 @@ padlock_bind_helper(ENGINE *e)
169 padlock_available(); 170 padlock_available();
170 171
171#if 1 /* disable RNG for now, see commentary in vicinity of RNG code */ 172#if 1 /* disable RNG for now, see commentary in vicinity of RNG code */
172 padlock_use_rng=0; 173 padlock_use_rng = 0;
173#endif 174#endif
174 175
175 /* Generate a nice engine name with available features */ 176 /* Generate a nice engine name with available features */
176 (void) snprintf(padlock_name, sizeof(padlock_name), 177 (void) snprintf(padlock_name, sizeof(padlock_name),
177 "VIA PadLock (%s, %s)", 178 "VIA PadLock (%s, %s)",
178 padlock_use_rng ? "RNG" : "no-RNG", 179 padlock_use_rng ? "RNG" : "no-RNG",
179 padlock_use_ace ? "ACE" : "no-ACE"); 180 padlock_use_ace ? "ACE" : "no-ACE");
180 181
181 /* Register everything or return with an error */ 182 /* Register everything or return with an error */
182 if (!ENGINE_set_id(e, padlock_id) || 183 if (!ENGINE_set_id(e, padlock_id) ||
183 !ENGINE_set_name(e, padlock_name) || 184 !ENGINE_set_name(e, padlock_name) ||
184
185 !ENGINE_set_init_function(e, padlock_init) || 185 !ENGINE_set_init_function(e, padlock_init) ||
186#ifndef OPENSSL_NO_AES 186#ifndef OPENSSL_NO_AES
187 (padlock_use_ace && !ENGINE_set_ciphers (e, padlock_ciphers)) || 187 (padlock_use_ace && !ENGINE_set_ciphers (e, padlock_ciphers)) ||
@@ -254,26 +254,26 @@ IMPLEMENT_DYNAMIC_BIND_FN (padlock_bind_fn)
254#define AES_KEY_SIZE_192 24 254#define AES_KEY_SIZE_192 24
255#define AES_KEY_SIZE_256 32 255#define AES_KEY_SIZE_256 32
256 256
257/* Here we store the status information relevant to the 257/* Here we store the status information relevant to the
258 current context. */ 258 current context. */
259/* BIG FAT WARNING: 259/* BIG FAT WARNING:
260 * Inline assembler in PADLOCK_XCRYPT_ASM() 260 * Inline assembler in PADLOCK_XCRYPT_ASM()
261 * depends on the order of items in this structure. 261 * depends on the order of items in this structure.
262 * Don't blindly modify, reorder, etc! 262 * Don't blindly modify, reorder, etc!
263 */ 263 */
264struct padlock_cipher_data 264struct padlock_cipher_data {
265{
266 unsigned char iv[AES_BLOCK_SIZE]; /* Initialization vector */ 265 unsigned char iv[AES_BLOCK_SIZE]; /* Initialization vector */
267 union { unsigned int pad[4]; 266 union {
267 unsigned int pad[4];
268 struct { 268 struct {
269 int rounds:4; 269 int rounds : 4;
270 int dgst:1; /* n/a in C3 */ 270 int dgst : 1; /* n/a in C3 */
271 int align:1; /* n/a in C3 */ 271 int align : 1; /* n/a in C3 */
272 int ciphr:1; /* n/a in C3 */ 272 int ciphr : 1; /* n/a in C3 */
273 unsigned int keygen:1; 273 unsigned int keygen : 1;
274 int interm:1; 274 int interm : 1;
275 unsigned int encdec:1; 275 unsigned int encdec : 1;
276 int ksize:2; 276 int ksize : 2;
277 } b; 277 } b;
278 } cword; /* Control word */ 278 } cword; /* Control word */
279 AES_KEY ks; /* Encryption key */ 279 AES_KEY ks; /* Encryption key */
@@ -313,23 +313,23 @@ padlock_insn_cpuid_available(void)
313{ 313{
314 int result = -1; 314 int result = -1;
315 315
316 /* We're checking if the bit #21 of EFLAGS 316 /* We're checking if the bit #21 of EFLAGS
317 can be toggled. If yes = CPUID is available. */ 317 can be toggled. If yes = CPUID is available. */
318 asm volatile ( 318 asm volatile (
319 "pushf\n" 319 "pushf\n"
320 "popl %%eax\n" 320 "popl %%eax\n"
321 "xorl $0x200000, %%eax\n" 321 "xorl $0x200000, %%eax\n"
322 "movl %%eax, %%ecx\n" 322 "movl %%eax, %%ecx\n"
323 "andl $0x200000, %%ecx\n" 323 "andl $0x200000, %%ecx\n"
324 "pushl %%eax\n" 324 "pushl %%eax\n"
325 "popf\n" 325 "popf\n"
326 "pushf\n" 326 "pushf\n"
327 "popl %%eax\n" 327 "popl %%eax\n"
328 "andl $0x200000, %%eax\n" 328 "andl $0x200000, %%eax\n"
329 "xorl %%eax, %%ecx\n" 329 "xorl %%eax, %%ecx\n"
330 "movl %%ecx, %0\n" 330 "movl %%ecx, %0\n"
331 : "=r" (result) : : "eax", "ecx"); 331 : "=r" (result) : : "eax", "ecx");
332 332
333 return (result == 0); 333 return (result == 0);
334} 334}
335 335
@@ -349,31 +349,31 @@ padlock_available(void)
349 eax = 0x00000000; 349 eax = 0x00000000;
350 vendor_string[12] = 0; 350 vendor_string[12] = 0;
351 asm volatile ( 351 asm volatile (
352 "pushl %%ebx\n" 352 "pushl %%ebx\n"
353 "cpuid\n" 353 "cpuid\n"
354 "movl %%ebx,(%%edi)\n" 354 "movl %%ebx,(%%edi)\n"
355 "movl %%edx,4(%%edi)\n" 355 "movl %%edx,4(%%edi)\n"
356 "movl %%ecx,8(%%edi)\n" 356 "movl %%ecx,8(%%edi)\n"
357 "popl %%ebx" 357 "popl %%ebx"
358 : "+a"(eax) : "D"(vendor_string) : "ecx", "edx"); 358 : "+a"(eax) : "D"(vendor_string) : "ecx", "edx");
359 if (strcmp(vendor_string, "CentaurHauls") != 0) 359 if (strcmp(vendor_string, "CentaurHauls") != 0)
360 return 0; 360 return 0;
361 361
362 /* Check for Centaur Extended Feature Flags presence */ 362 /* Check for Centaur Extended Feature Flags presence */
363 eax = 0xC0000000; 363 eax = 0xC0000000;
364 asm volatile ("pushl %%ebx; cpuid; popl %%ebx" 364 asm volatile ("pushl %%ebx; cpuid; popl %%ebx"
365 : "+a"(eax) : : "ecx", "edx"); 365 : "+a"(eax) : : "ecx", "edx");
366 if (eax < 0xC0000001) 366 if (eax < 0xC0000001)
367 return 0; 367 return 0;
368 368
369 /* Read the Centaur Extended Feature Flags */ 369 /* Read the Centaur Extended Feature Flags */
370 eax = 0xC0000001; 370 eax = 0xC0000001;
371 asm volatile ("pushl %%ebx; cpuid; popl %%ebx" 371 asm volatile ("pushl %%ebx; cpuid; popl %%ebx"
372 : "+a"(eax), "=d"(edx) : : "ecx"); 372 : "+a"(eax), "=d"(edx) : : "ecx");
373 373
374 /* Fill up some flags */ 374 /* Fill up some flags */
375 padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6)); 375 padlock_use_ace = ((edx & (0x3 << 6)) == (0x3 << 6));
376 padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2)); 376 padlock_use_rng = ((edx & (0x3 << 2)) == (0x3 << 2));
377 377
378 return padlock_use_ace + padlock_use_rng; 378 return padlock_use_ace + padlock_use_rng;
379} 379}
@@ -394,7 +394,7 @@ padlock_bswapl(AES_KEY *ks)
394#endif 394#endif
395 395
396/* Force key reload from memory to the CPU microcode. 396/* Force key reload from memory to the CPU microcode.
397 Loading EFLAGS from the stack clears EFLAGS[30] 397 Loading EFLAGS from the stack clears EFLAGS[30]
398 which does the trick. */ 398 which does the trick. */
399static inline void 399static inline void
400padlock_reload_key(void) 400padlock_reload_key(void)
@@ -416,21 +416,21 @@ static inline void
416padlock_verify_context(struct padlock_cipher_data *cdata) 416padlock_verify_context(struct padlock_cipher_data *cdata)
417{ 417{
418 asm volatile ( 418 asm volatile (
419 "pushfl\n" 419 "pushfl\n"
420" btl $30,(%%esp)\n" 420 " btl $30,(%%esp)\n"
421" jnc 1f\n" 421 " jnc 1f\n"
422" cmpl %2,%1\n" 422 " cmpl %2,%1\n"
423" je 1f\n" 423 " je 1f\n"
424" popfl\n" 424 " popfl\n"
425" subl $4,%%esp\n" 425 " subl $4,%%esp\n"
426"1: addl $4,%%esp\n" 426 "1: addl $4,%%esp\n"
427" movl %2,%0" 427 " movl %2,%0"
428 :"+m"(padlock_saved_context) 428 :"+m"(padlock_saved_context)
429 : "r"(padlock_saved_context), "r"(cdata) : "cc"); 429 : "r"(padlock_saved_context), "r"(cdata) : "cc");
430} 430}
431 431
432/* Template for padlock_xcrypt_* modes */ 432/* Template for padlock_xcrypt_* modes */
433/* BIG FAT WARNING: 433/* BIG FAT WARNING:
434 * The offsets used with 'leal' instructions 434 * The offsets used with 'leal' instructions
435 * describe items of the 'padlock_cipher_data' 435 * describe items of the 'padlock_cipher_data'
436 * structure. 436 * structure.
@@ -465,9 +465,9 @@ padlock_xstore(void *addr, unsigned int edx_in)
465 unsigned int eax_out; 465 unsigned int eax_out;
466 466
467 asm volatile (".byte 0x0f,0xa7,0xc0" /* xstore */ 467 asm volatile (".byte 0x0f,0xa7,0xc0" /* xstore */
468 : "=a"(eax_out),"=m"(*(unsigned *)addr) 468 : "=a"(eax_out),"=m"(*(unsigned *)addr)
469 : "D"(addr), "d" (edx_in) 469 : "D"(addr), "d" (edx_in)
470 ); 470 );
471 471
472 return eax_out; 472 return eax_out;
473} 473}
@@ -482,15 +482,16 @@ padlock_xstore(void *addr, unsigned int edx_in)
482 * In case you wonder 'rep xcrypt*' instructions above are *not* 482 * In case you wonder 'rep xcrypt*' instructions above are *not*
483 * affected by the Direction Flag and pointers advance toward 483 * affected by the Direction Flag and pointers advance toward
484 * larger addresses unconditionally. 484 * larger addresses unconditionally.
485 */ 485 */
486static inline unsigned char * 486static inline unsigned char *
487padlock_memcpy(void *dst,const void *src,size_t n) 487padlock_memcpy(void *dst, const void *src, size_t n)
488{ 488{
489 long *d=dst; 489 long *d = dst;
490 const long *s=src; 490 const long *s = src;
491 491
492 n /= sizeof(*d); 492 n /= sizeof(*d);
493 do { *d++ = *s++; } while (--n); 493 do { *d++ = *s++;
494 } while (--n);
494 495
495 return dst; 496 return dst;
496} 497}
@@ -541,13 +542,13 @@ static int padlock_cipher_nids[] = {
541 NID_aes_256_ofb, 542 NID_aes_256_ofb,
542}; 543};
543static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids)/ 544static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids)/
544 sizeof(padlock_cipher_nids[0])); 545sizeof(padlock_cipher_nids[0]));
545 546
546/* Function prototypes ... */ 547/* Function prototypes ... */
547static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 548static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
548 const unsigned char *iv, int enc); 549 const unsigned char *iv, int enc);
549static int padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 550static int padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
550 const unsigned char *in, size_t nbytes); 551 const unsigned char *in, size_t nbytes);
551 552
552#define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \ 553#define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \
553 ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F ) ) 554 ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F ) )
@@ -578,23 +579,23 @@ static const EVP_CIPHER padlock_aes_##ksize##_##lmode = { \
578 NULL \ 579 NULL \
579} 580}
580 581
581DECLARE_AES_EVP(128,ecb,ECB); 582DECLARE_AES_EVP(128, ecb, ECB);
582DECLARE_AES_EVP(128,cbc,CBC); 583DECLARE_AES_EVP(128, cbc, CBC);
583DECLARE_AES_EVP(128,cfb,CFB); 584DECLARE_AES_EVP(128, cfb, CFB);
584DECLARE_AES_EVP(128,ofb,OFB); 585DECLARE_AES_EVP(128, ofb, OFB);
585 586
586DECLARE_AES_EVP(192,ecb,ECB); 587DECLARE_AES_EVP(192, ecb, ECB);
587DECLARE_AES_EVP(192,cbc,CBC); 588DECLARE_AES_EVP(192, cbc, CBC);
588DECLARE_AES_EVP(192,cfb,CFB); 589DECLARE_AES_EVP(192, cfb, CFB);
589DECLARE_AES_EVP(192,ofb,OFB); 590DECLARE_AES_EVP(192, ofb, OFB);
590 591
591DECLARE_AES_EVP(256,ecb,ECB); 592DECLARE_AES_EVP(256, ecb, ECB);
592DECLARE_AES_EVP(256,cbc,CBC); 593DECLARE_AES_EVP(256, cbc, CBC);
593DECLARE_AES_EVP(256,cfb,CFB); 594DECLARE_AES_EVP(256, cfb, CFB);
594DECLARE_AES_EVP(256,ofb,OFB); 595DECLARE_AES_EVP(256, ofb, OFB);
595 596
596static int 597static int
597padlock_ciphers (ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid) 598padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid)
598{ 599{
599 /* No specific cipher => return a list of supported nids ... */ 600 /* No specific cipher => return a list of supported nids ... */
600 if (!cipher) { 601 if (!cipher) {
@@ -604,49 +605,46 @@ padlock_ciphers (ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid
604 605
605 /* ... or the requested "cipher" otherwise */ 606 /* ... or the requested "cipher" otherwise */
606 switch (nid) { 607 switch (nid) {
607 case NID_aes_128_ecb: 608 case NID_aes_128_ecb:
608 *cipher = &padlock_aes_128_ecb; 609 *cipher = &padlock_aes_128_ecb;
609 break; 610 break;
610 case NID_aes_128_cbc: 611 case NID_aes_128_cbc:
611 *cipher = &padlock_aes_128_cbc; 612 *cipher = &padlock_aes_128_cbc;
612 break; 613 break;
613 case NID_aes_128_cfb: 614 case NID_aes_128_cfb:
614 *cipher = &padlock_aes_128_cfb; 615 *cipher = &padlock_aes_128_cfb;
615 break; 616 break;
616 case NID_aes_128_ofb: 617 case NID_aes_128_ofb:
617 *cipher = &padlock_aes_128_ofb; 618 *cipher = &padlock_aes_128_ofb;
618 break; 619 break;
619 620 case NID_aes_192_ecb:
620 case NID_aes_192_ecb: 621 *cipher = &padlock_aes_192_ecb;
621 *cipher = &padlock_aes_192_ecb; 622 break;
622 break; 623 case NID_aes_192_cbc:
623 case NID_aes_192_cbc: 624 *cipher = &padlock_aes_192_cbc;
624 *cipher = &padlock_aes_192_cbc; 625 break;
625 break; 626 case NID_aes_192_cfb:
626 case NID_aes_192_cfb: 627 *cipher = &padlock_aes_192_cfb;
627 *cipher = &padlock_aes_192_cfb; 628 break;
628 break; 629 case NID_aes_192_ofb:
629 case NID_aes_192_ofb: 630 *cipher = &padlock_aes_192_ofb;
630 *cipher = &padlock_aes_192_ofb; 631 break;
631 break; 632 case NID_aes_256_ecb:
632 633 *cipher = &padlock_aes_256_ecb;
633 case NID_aes_256_ecb: 634 break;
634 *cipher = &padlock_aes_256_ecb; 635 case NID_aes_256_cbc:
635 break; 636 *cipher = &padlock_aes_256_cbc;
636 case NID_aes_256_cbc: 637 break;
637 *cipher = &padlock_aes_256_cbc; 638 case NID_aes_256_cfb:
638 break; 639 *cipher = &padlock_aes_256_cfb;
639 case NID_aes_256_cfb: 640 break;
640 *cipher = &padlock_aes_256_cfb; 641 case NID_aes_256_ofb:
641 break; 642 *cipher = &padlock_aes_256_ofb;
642 case NID_aes_256_ofb: 643 break;
643 *cipher = &padlock_aes_256_ofb; 644 default:
644 break; 645 /* Sorry, we don't support this NID */
645 646 *cipher = NULL;
646 default: 647 return 0;
647 /* Sorry, we don't support this NID */
648 *cipher = NULL;
649 return 0;
650 } 648 }
651 649
652 return 1; 650 return 1;
@@ -655,12 +653,13 @@ padlock_ciphers (ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid
655/* Prepare the encryption key for PadLock usage */ 653/* Prepare the encryption key for PadLock usage */
656static int 654static int
657padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key, 655padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key,
658 const unsigned char *iv, int enc) 656 const unsigned char *iv, int enc)
659{ 657{
660 struct padlock_cipher_data *cdata; 658 struct padlock_cipher_data *cdata;
661 int key_len = EVP_CIPHER_CTX_key_length(ctx) * 8; 659 int key_len = EVP_CIPHER_CTX_key_length(ctx) * 8;
662 660
663 if (key==NULL) return 0; /* ERROR */ 661 if (key == NULL)
662 return 0; /* ERROR */
664 663
665 cdata = ALIGNED_CIPHER_DATA(ctx); 664 cdata = ALIGNED_CIPHER_DATA(ctx);
666 memset(cdata, 0, sizeof(struct padlock_cipher_data)); 665 memset(cdata, 0, sizeof(struct padlock_cipher_data));
@@ -673,38 +672,38 @@ padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key,
673 cdata->cword.b.rounds = 10 + (key_len - 128) / 32; 672 cdata->cword.b.rounds = 10 + (key_len - 128) / 32;
674 cdata->cword.b.ksize = (key_len - 128) / 64; 673 cdata->cword.b.ksize = (key_len - 128) / 64;
675 674
676 switch(key_len) { 675 switch (key_len) {
677 case 128: 676 case 128:
678 /* PadLock can generate an extended key for 677 /* PadLock can generate an extended key for
679 AES128 in hardware */ 678 AES128 in hardware */
680 memcpy(cdata->ks.rd_key, key, AES_KEY_SIZE_128); 679 memcpy(cdata->ks.rd_key, key, AES_KEY_SIZE_128);
681 cdata->cword.b.keygen = 0; 680 cdata->cword.b.keygen = 0;
682 break; 681 break;
683 682
684 case 192: 683 case 192:
685 case 256: 684 case 256:
686 /* Generate an extended AES key in software. 685 /* Generate an extended AES key in software.
687 Needed for AES192/AES256 */ 686 Needed for AES192/AES256 */
688 /* Well, the above applies to Stepping 8 CPUs 687 /* Well, the above applies to Stepping 8 CPUs
689 and is listed as hardware errata. They most 688 and is listed as hardware errata. They most
690 likely will fix it at some point and then 689 likely will fix it at some point and then
691 a check for stepping would be due here. */ 690 a check for stepping would be due here. */
692 if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE || 691 if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE ||
693 EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE || 692 EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE ||
694 enc) 693 enc)
695 AES_set_encrypt_key(key, key_len, &cdata->ks); 694 AES_set_encrypt_key(key, key_len, &cdata->ks);
696 else 695 else
697 AES_set_decrypt_key(key, key_len, &cdata->ks); 696 AES_set_decrypt_key(key, key_len, &cdata->ks);
698#ifndef AES_ASM 697#ifndef AES_ASM
699 /* OpenSSL C functions use byte-swapped extended key. */ 698 /* OpenSSL C functions use byte-swapped extended key. */
700 padlock_bswapl(&cdata->ks); 699 padlock_bswapl(&cdata->ks);
701#endif 700#endif
702 cdata->cword.b.keygen = 1; 701 cdata->cword.b.keygen = 1;
703 break; 702 break;
704 703
705 default: 704 default:
706 /* ERROR */ 705 /* ERROR */
707 return 0; 706 return 0;
708 } 707 }
709 708
710 /* 709 /*
@@ -717,7 +716,7 @@ padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key,
717 return 1; 716 return 1;
718} 717}
719 718
720/* 719/*
721 * Simplified version of padlock_aes_cipher() used when 720 * Simplified version of padlock_aes_cipher() used when
722 * 1) both input and output buffers are at aligned addresses. 721 * 1) both input and output buffers are at aligned addresses.
723 * or when 722 * or when
@@ -725,7 +724,7 @@ padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key,
725 */ 724 */
726static int 725static int
727padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, 726padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
728 const unsigned char *in_arg, size_t nbytes) 727 const unsigned char *in_arg, size_t nbytes)
729{ 728{
730 struct padlock_cipher_data *cdata; 729 struct padlock_cipher_data *cdata;
731 void *iv; 730 void *iv;
@@ -735,24 +734,28 @@ padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
735 734
736 switch (EVP_CIPHER_CTX_mode(ctx)) { 735 switch (EVP_CIPHER_CTX_mode(ctx)) {
737 case EVP_CIPH_ECB_MODE: 736 case EVP_CIPH_ECB_MODE:
738 padlock_xcrypt_ecb(nbytes/AES_BLOCK_SIZE, cdata, out_arg, in_arg); 737 padlock_xcrypt_ecb(nbytes / AES_BLOCK_SIZE, cdata,
738 out_arg, in_arg);
739 break; 739 break;
740 740
741 case EVP_CIPH_CBC_MODE: 741 case EVP_CIPH_CBC_MODE:
742 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); 742 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
743 iv = padlock_xcrypt_cbc(nbytes/AES_BLOCK_SIZE, cdata, out_arg, in_arg); 743 iv = padlock_xcrypt_cbc(nbytes / AES_BLOCK_SIZE, cdata,
744 out_arg, in_arg);
744 memcpy(ctx->iv, iv, AES_BLOCK_SIZE); 745 memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
745 break; 746 break;
746 747
747 case EVP_CIPH_CFB_MODE: 748 case EVP_CIPH_CFB_MODE:
748 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); 749 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
749 iv = padlock_xcrypt_cfb(nbytes/AES_BLOCK_SIZE, cdata, out_arg, in_arg); 750 iv = padlock_xcrypt_cfb(nbytes / AES_BLOCK_SIZE, cdata,
751 out_arg, in_arg);
750 memcpy(ctx->iv, iv, AES_BLOCK_SIZE); 752 memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
751 break; 753 break;
752 754
753 case EVP_CIPH_OFB_MODE: 755 case EVP_CIPH_OFB_MODE:
754 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); 756 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
755 padlock_xcrypt_ofb(nbytes/AES_BLOCK_SIZE, cdata, out_arg, in_arg); 757 padlock_xcrypt_ofb(nbytes / AES_BLOCK_SIZE, cdata,
758 out_arg, in_arg);
756 memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE); 759 memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE);
757 break; 760 break;
758 761
@@ -772,23 +775,24 @@ padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
772# error "insane PADLOCK_CHUNK..." 775# error "insane PADLOCK_CHUNK..."
773#endif 776#endif
774 777
775/* Re-align the arguments to 16-Bytes boundaries and run the 778/* Re-align the arguments to 16-Bytes boundaries and run the
776 encryption function itself. This function is not AES-specific. */ 779 encryption function itself. This function is not AES-specific. */
777static int 780static int
778padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, 781padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
779 const unsigned char *in_arg, size_t nbytes) 782 const unsigned char *in_arg, size_t nbytes)
780{ 783{
781 struct padlock_cipher_data *cdata; 784 struct padlock_cipher_data *cdata;
782 const void *inp; 785 const void *inp;
783 unsigned char *out; 786 unsigned char *out;
784 void *iv; 787 void *iv;
785 int inp_misaligned, out_misaligned, realign_in_loop; 788 int inp_misaligned, out_misaligned, realign_in_loop;
786 size_t chunk, allocated=0; 789 size_t chunk, allocated = 0;
787 790
788 /* ctx->num is maintained in byte-oriented modes, 791 /* ctx->num is maintained in byte-oriented modes,
789 such as CFB and OFB... */ 792 such as CFB and OFB... */
790 if ((chunk = ctx->num)) { /* borrow chunk variable */ 793 if ((chunk = ctx->num)) {
791 unsigned char *ivp=ctx->iv; 794 /* borrow chunk variable */
795 unsigned char *ivp = ctx->iv;
792 796
793 switch (EVP_CIPHER_CTX_mode(ctx)) { 797 switch (EVP_CIPHER_CTX_mode(ctx)) {
794 case EVP_CIPH_CFB_MODE: 798 case EVP_CIPH_CFB_MODE:
@@ -796,28 +800,29 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
796 return 0; /* bogus value */ 800 return 0; /* bogus value */
797 801
798 if (ctx->encrypt) 802 if (ctx->encrypt)
799 while (chunk<AES_BLOCK_SIZE && nbytes!=0) { 803 while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
800 ivp[chunk] = *(out_arg++) = *(in_arg++) ^ ivp[chunk]; 804 ivp[chunk] = *(out_arg++) = *(in_arg++) ^ ivp[chunk];
801 chunk++, nbytes--; 805 chunk++, nbytes--;
802 } 806 }
803 else while (chunk<AES_BLOCK_SIZE && nbytes!=0) { 807 else
808 while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
804 unsigned char c = *(in_arg++); 809 unsigned char c = *(in_arg++);
805 *(out_arg++) = c ^ ivp[chunk]; 810 *(out_arg++) = c ^ ivp[chunk];
806 ivp[chunk++] = c, nbytes--; 811 ivp[chunk++] = c, nbytes--;
807 } 812 }
808 813
809 ctx->num = chunk%AES_BLOCK_SIZE; 814 ctx->num = chunk % AES_BLOCK_SIZE;
810 break; 815 break;
811 case EVP_CIPH_OFB_MODE: 816 case EVP_CIPH_OFB_MODE:
812 if (chunk >= AES_BLOCK_SIZE) 817 if (chunk >= AES_BLOCK_SIZE)
813 return 0; /* bogus value */ 818 return 0; /* bogus value */
814 819
815 while (chunk<AES_BLOCK_SIZE && nbytes!=0) { 820 while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
816 *(out_arg++) = *(in_arg++) ^ ivp[chunk]; 821 *(out_arg++) = *(in_arg++) ^ ivp[chunk];
817 chunk++, nbytes--; 822 chunk++, nbytes--;
818 } 823 }
819 824
820 ctx->num = chunk%AES_BLOCK_SIZE; 825 ctx->num = chunk % AES_BLOCK_SIZE;
821 break; 826 break;
822 } 827 }
823 } 828 }
@@ -841,8 +846,9 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
841 same as for software alignment below or ~3x. They promise to 846 same as for software alignment below or ~3x. They promise to
842 improve it in the future, but for now we can just as well 847 improve it in the future, but for now we can just as well
843 pretend that it can only handle aligned input... */ 848 pretend that it can only handle aligned input... */
844 if (!padlock_aes_align_required && (nbytes%AES_BLOCK_SIZE)==0) 849 if (!padlock_aes_align_required && (nbytes % AES_BLOCK_SIZE) == 0)
845 return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes); 850 return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg,
851 nbytes);
846 852
847 inp_misaligned = (((size_t)in_arg) & 0x0F); 853 inp_misaligned = (((size_t)in_arg) & 0x0F);
848 out_misaligned = (((size_t)out_arg) & 0x0F); 854 out_misaligned = (((size_t)out_arg) & 0x0F);
@@ -853,21 +859,22 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
853 * in order to improve L1 cache utilization... */ 859 * in order to improve L1 cache utilization... */
854 realign_in_loop = out_misaligned|inp_misaligned; 860 realign_in_loop = out_misaligned|inp_misaligned;
855 861
856 if (!realign_in_loop && (nbytes%AES_BLOCK_SIZE)==0) 862 if (!realign_in_loop && (nbytes % AES_BLOCK_SIZE) == 0)
857 return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes); 863 return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg,
864 nbytes);
858 865
859 /* this takes one "if" out of the loops */ 866 /* this takes one "if" out of the loops */
860 chunk = nbytes; 867 chunk = nbytes;
861 chunk %= PADLOCK_CHUNK; 868 chunk %= PADLOCK_CHUNK;
862 if (chunk==0) chunk = PADLOCK_CHUNK; 869 if (chunk == 0)
870 chunk = PADLOCK_CHUNK;
863 871
864 if (out_misaligned) { 872 if (out_misaligned) {
865 /* optmize for small input */ 873 /* optmize for small input */
866 allocated = (chunk<nbytes?PADLOCK_CHUNK:nbytes); 874 allocated = (chunk < nbytes ? PADLOCK_CHUNK : nbytes);
867 out = alloca(0x10 + allocated); 875 out = alloca(0x10 + allocated);
868 out = NEAREST_ALIGNED(out); 876 out = NEAREST_ALIGNED(out);
869 } 877 } else
870 else
871 out = out_arg; 878 out = out_arg;
872 879
873 cdata = ALIGNED_CIPHER_DATA(ctx); 880 cdata = ALIGNED_CIPHER_DATA(ctx);
@@ -875,77 +882,84 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
875 882
876 switch (EVP_CIPHER_CTX_mode(ctx)) { 883 switch (EVP_CIPHER_CTX_mode(ctx)) {
877 case EVP_CIPH_ECB_MODE: 884 case EVP_CIPH_ECB_MODE:
878 do { 885 do {
879 if (inp_misaligned) 886 if (inp_misaligned)
880 inp = padlock_memcpy(out, in_arg, chunk); 887 inp = padlock_memcpy(out, in_arg, chunk);
881 else 888 else
882 inp = in_arg; 889 inp = in_arg;
883 in_arg += chunk; 890 in_arg += chunk;
884 891
885 padlock_xcrypt_ecb(chunk/AES_BLOCK_SIZE, cdata, out, inp); 892 padlock_xcrypt_ecb(chunk / AES_BLOCK_SIZE, cdata,
893 out, inp);
886 894
887 if (out_misaligned) 895 if (out_misaligned)
888 out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; 896 out_arg = padlock_memcpy(out_arg, out, chunk) +
897 chunk;
889 else 898 else
890 out = out_arg+=chunk; 899 out = out_arg += chunk;
891 900
892 nbytes -= chunk; 901 nbytes -= chunk;
893 chunk = PADLOCK_CHUNK; 902 chunk = PADLOCK_CHUNK;
894 } while (nbytes); 903 } while (nbytes);
895 break; 904 break;
896 905
897 case EVP_CIPH_CBC_MODE: 906 case EVP_CIPH_CBC_MODE:
898 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); 907 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
899 goto cbc_shortcut; 908 goto cbc_shortcut;
900 do { 909 do {
901 if (iv != cdata->iv) 910 if (iv != cdata->iv)
902 memcpy(cdata->iv, iv, AES_BLOCK_SIZE); 911 memcpy(cdata->iv, iv, AES_BLOCK_SIZE);
903 chunk = PADLOCK_CHUNK; 912 chunk = PADLOCK_CHUNK;
904 cbc_shortcut: /* optimize for small input */ 913 cbc_shortcut: /* optimize for small input */
905 if (inp_misaligned) 914 if (inp_misaligned)
906 inp = padlock_memcpy(out, in_arg, chunk); 915 inp = padlock_memcpy(out, in_arg, chunk);
907 else 916 else
908 inp = in_arg; 917 inp = in_arg;
909 in_arg += chunk; 918 in_arg += chunk;
910 919
911 iv = padlock_xcrypt_cbc(chunk/AES_BLOCK_SIZE, cdata, out, inp); 920 iv = padlock_xcrypt_cbc(chunk / AES_BLOCK_SIZE, cdata,
921 out, inp);
912 922
913 if (out_misaligned) 923 if (out_misaligned)
914 out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; 924 out_arg = padlock_memcpy(out_arg, out, chunk) +
925 chunk;
915 else 926 else
916 out = out_arg+=chunk; 927 out = out_arg += chunk;
917
918 } while (nbytes -= chunk); 928 } while (nbytes -= chunk);
919 memcpy(ctx->iv, iv, AES_BLOCK_SIZE); 929 memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
920 break; 930 break;
921 931
922 case EVP_CIPH_CFB_MODE: 932 case EVP_CIPH_CFB_MODE:
923 memcpy (iv = cdata->iv, ctx->iv, AES_BLOCK_SIZE); 933 memcpy (iv = cdata->iv, ctx->iv, AES_BLOCK_SIZE);
924 chunk &= ~(AES_BLOCK_SIZE-1); 934 chunk &= ~(AES_BLOCK_SIZE - 1);
925 if (chunk) goto cfb_shortcut; 935 if (chunk)
926 else goto cfb_skiploop; 936 goto cfb_shortcut;
927 do { 937 else
938 goto cfb_skiploop;
939 do {
928 if (iv != cdata->iv) 940 if (iv != cdata->iv)
929 memcpy(cdata->iv, iv, AES_BLOCK_SIZE); 941 memcpy(cdata->iv, iv, AES_BLOCK_SIZE);
930 chunk = PADLOCK_CHUNK; 942 chunk = PADLOCK_CHUNK;
931 cfb_shortcut: /* optimize for small input */ 943 cfb_shortcut: /* optimize for small input */
932 if (inp_misaligned) 944 if (inp_misaligned)
933 inp = padlock_memcpy(out, in_arg, chunk); 945 inp = padlock_memcpy(out, in_arg, chunk);
934 else 946 else
935 inp = in_arg; 947 inp = in_arg;
936 in_arg += chunk; 948 in_arg += chunk;
937 949
938 iv = padlock_xcrypt_cfb(chunk/AES_BLOCK_SIZE, cdata, out, inp); 950 iv = padlock_xcrypt_cfb(chunk / AES_BLOCK_SIZE, cdata,
951 out, inp);
939 952
940 if (out_misaligned) 953 if (out_misaligned)
941 out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; 954 out_arg = padlock_memcpy(out_arg, out, chunk) +
955 chunk;
942 else 956 else
943 out = out_arg+=chunk; 957 out = out_arg += chunk;
944 958
945 nbytes -= chunk; 959 nbytes -= chunk;
946 } while (nbytes >= AES_BLOCK_SIZE); 960 } while (nbytes >= AES_BLOCK_SIZE);
947 961
948 cfb_skiploop: 962cfb_skiploop:
949 if (nbytes) { 963 if (nbytes) {
950 unsigned char *ivp = cdata->iv; 964 unsigned char *ivp = cdata->iv;
951 965
@@ -955,19 +969,19 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
955 } 969 }
956 ctx->num = nbytes; 970 ctx->num = nbytes;
957 if (cdata->cword.b.encdec) { 971 if (cdata->cword.b.encdec) {
958 cdata->cword.b.encdec=0; 972 cdata->cword.b.encdec = 0;
959 padlock_reload_key(); 973 padlock_reload_key();
960 padlock_xcrypt_ecb(1,cdata,ivp,ivp); 974 padlock_xcrypt_ecb(1, cdata, ivp, ivp);
961 cdata->cword.b.encdec=1; 975 cdata->cword.b.encdec = 1;
962 padlock_reload_key(); 976 padlock_reload_key();
963 while(nbytes) { 977 while (nbytes) {
964 unsigned char c = *(in_arg++); 978 unsigned char c = *(in_arg++);
965 *(out_arg++) = c ^ *ivp; 979 *(out_arg++) = c ^ *ivp;
966 *(ivp++) = c, nbytes--; 980 *(ivp++) = c, nbytes--;
967 } 981 }
968 } 982 } else {
969 else { padlock_reload_key(); 983 padlock_reload_key();
970 padlock_xcrypt_ecb(1,cdata,ivp,ivp); 984 padlock_xcrypt_ecb(1, cdata, ivp, ivp);
971 padlock_reload_key(); 985 padlock_reload_key();
972 while (nbytes) { 986 while (nbytes) {
973 *ivp = *(out_arg++) = *(in_arg++) ^ *ivp; 987 *ivp = *(out_arg++) = *(in_arg++) ^ *ivp;
@@ -981,7 +995,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
981 995
982 case EVP_CIPH_OFB_MODE: 996 case EVP_CIPH_OFB_MODE:
983 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); 997 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
984 chunk &= ~(AES_BLOCK_SIZE-1); 998 chunk &= ~(AES_BLOCK_SIZE - 1);
985 if (chunk) do { 999 if (chunk) do {
986 if (inp_misaligned) 1000 if (inp_misaligned)
987 inp = padlock_memcpy(out, in_arg, chunk); 1001 inp = padlock_memcpy(out, in_arg, chunk);
@@ -989,15 +1003,17 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
989 inp = in_arg; 1003 inp = in_arg;
990 in_arg += chunk; 1004 in_arg += chunk;
991 1005
992 padlock_xcrypt_ofb(chunk/AES_BLOCK_SIZE, cdata, out, inp); 1006 padlock_xcrypt_ofb(chunk / AES_BLOCK_SIZE, cdata,
1007 out, inp);
993 1008
994 if (out_misaligned) 1009 if (out_misaligned)
995 out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; 1010 out_arg = padlock_memcpy(out_arg, out, chunk) +
1011 chunk;
996 else 1012 else
997 out = out_arg+=chunk; 1013 out = out_arg += chunk;
998 1014
999 nbytes -= chunk; 1015 nbytes -= chunk;
1000 chunk = PADLOCK_CHUNK; 1016 chunk = PADLOCK_CHUNK;
1001 } while (nbytes >= AES_BLOCK_SIZE); 1017 } while (nbytes >= AES_BLOCK_SIZE);
1002 1018
1003 if (nbytes) { 1019 if (nbytes) {
@@ -1005,7 +1021,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
1005 1021
1006 ctx->num = nbytes; 1022 ctx->num = nbytes;
1007 padlock_reload_key(); /* empirically found */ 1023 padlock_reload_key(); /* empirically found */
1008 padlock_xcrypt_ecb(1,cdata,ivp,ivp); 1024 padlock_xcrypt_ecb(1, cdata, ivp, ivp);
1009 padlock_reload_key(); /* empirically found */ 1025 padlock_reload_key(); /* empirically found */
1010 while (nbytes) { 1026 while (nbytes) {
1011 *(out_arg++) = *(in_arg++) ^ *ivp; 1027 *(out_arg++) = *(in_arg++) ^ *ivp;
@@ -1022,9 +1038,10 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
1022 1038
1023 /* Clean the realign buffer if it was used */ 1039 /* Clean the realign buffer if it was used */
1024 if (out_misaligned) { 1040 if (out_misaligned) {
1025 volatile unsigned long *p=(void *)out; 1041 volatile unsigned long *p = (void *)out;
1026 size_t n = allocated/sizeof(*p); 1042 size_t n = allocated/sizeof(*p);
1027 while (n--) *p++=0; 1043 while (n--)
1044 *p++ = 0;
1028 } 1045 }
1029 1046
1030 memset(cdata->iv, 0, AES_BLOCK_SIZE); 1047 memset(cdata->iv, 0, AES_BLOCK_SIZE);
@@ -1041,7 +1058,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
1041 * (posted at http://www.via.com.tw/en/viac3/c3.jsp) nor does it 1058 * (posted at http://www.via.com.tw/en/viac3/c3.jsp) nor does it
1042 * provide meaningful error control... 1059 * provide meaningful error control...
1043 */ 1060 */
1044/* Wrapper that provides an interface between the API and 1061/* Wrapper that provides an interface between the API and
1045 the raw PadLock RNG */ 1062 the raw PadLock RNG */
1046static int 1063static int
1047padlock_rand_bytes(unsigned char *output, int count) 1064padlock_rand_bytes(unsigned char *output, int count)
@@ -1050,25 +1067,33 @@ padlock_rand_bytes(unsigned char *output, int count)
1050 1067
1051 while (count >= 8) { 1068 while (count >= 8) {
1052 eax = padlock_xstore(output, 0); 1069 eax = padlock_xstore(output, 0);
1053 if (!(eax&(1<<6))) return 0; /* RNG disabled */ 1070 if (!(eax & (1 << 6)))
1071 return 0; /* RNG disabled */
1054 /* this ---vv--- covers DC bias, Raw Bits and String Filter */ 1072 /* this ---vv--- covers DC bias, Raw Bits and String Filter */
1055 if (eax&(0x1F<<10)) return 0; 1073 if (eax & (0x1F << 10))
1056 if ((eax&0x1F)==0) continue; /* no data, retry... */ 1074 return 0;
1057 if ((eax&0x1F)!=8) return 0; /* fatal failure... */ 1075 if ((eax & 0x1F) == 0)
1076 continue; /* no data, retry... */
1077 if ((eax & 0x1F) != 8)
1078 return 0; /* fatal failure... */
1058 output += 8; 1079 output += 8;
1059 count -= 8; 1080 count -= 8;
1060 } 1081 }
1061 while (count > 0) { 1082 while (count > 0) {
1062 eax = padlock_xstore(&buf, 3); 1083 eax = padlock_xstore(&buf, 3);
1063 if (!(eax&(1<<6))) return 0; /* RNG disabled */ 1084 if (!(eax & (1 << 6)))
1085 return 0; /* RNG disabled */
1064 /* this ---vv--- covers DC bias, Raw Bits and String Filter */ 1086 /* this ---vv--- covers DC bias, Raw Bits and String Filter */
1065 if (eax&(0x1F<<10)) return 0; 1087 if (eax & (0x1F << 10))
1066 if ((eax&0x1F)==0) continue; /* no data, retry... */ 1088 return 0;
1067 if ((eax&0x1F)!=1) return 0; /* fatal failure... */ 1089 if ((eax & 0x1F) == 0)
1090 continue; /* no data, retry... */
1091 if ((eax & 0x1F) != 1)
1092 return 0; /* fatal failure... */
1068 *output++ = (unsigned char)buf; 1093 *output++ = (unsigned char)buf;
1069 count--; 1094 count--;
1070 } 1095 }
1071 *(volatile unsigned int *)&buf=0; 1096 *(volatile unsigned int *)&buf = 0;
1072 1097
1073 return 1; 1098 return 1;
1074} 1099}
@@ -1089,10 +1114,11 @@ static RAND_METHOD padlock_rand = {
1089 1114
1090#else /* !COMPILE_HW_PADLOCK */ 1115#else /* !COMPILE_HW_PADLOCK */
1091#ifndef OPENSSL_NO_DYNAMIC_ENGINE 1116#ifndef OPENSSL_NO_DYNAMIC_ENGINE
1092extern 1117extern int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns);
1093int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); 1118extern int
1094extern 1119bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) {
1095int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { return 0; } 1120 return 0;
1121}
1096IMPLEMENT_DYNAMIC_CHECK_FN() 1122IMPLEMENT_DYNAMIC_CHECK_FN()
1097#endif 1123#endif
1098#endif /* COMPILE_HW_PADLOCK */ 1124#endif /* COMPILE_HW_PADLOCK */
diff --git a/src/lib/libcrypto/engine/eng_pkey.c b/src/lib/libcrypto/engine/eng_pkey.c
index 410a9c3373..dc832450a6 100644
--- a/src/lib/libcrypto/engine/eng_pkey.c
+++ b/src/lib/libcrypto/engine/eng_pkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_pkey.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: eng_pkey.c,v 1.5 2014/06/22 12:05:09 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -7,7 +7,7 @@
7 * are met: 7 * are met:
8 * 8 *
9 * 1. Redistributions of source code must retain the above copyright 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer. 10 * notice, this list of conditions and the following disclaimer.
11 * 11 *
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in 13 * notice, this list of conditions and the following disclaimer in
@@ -57,140 +57,137 @@
57 57
58/* Basic get/set stuff */ 58/* Basic get/set stuff */
59 59
60int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f) 60int
61 { 61ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f)
62{
62 e->load_privkey = loadpriv_f; 63 e->load_privkey = loadpriv_f;
63 return 1; 64 return 1;
64 } 65}
65 66
66int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f) 67int
67 { 68ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f)
69{
68 e->load_pubkey = loadpub_f; 70 e->load_pubkey = loadpub_f;
69 return 1; 71 return 1;
70 } 72}
71 73
72int ENGINE_set_load_ssl_client_cert_function(ENGINE *e, 74int
73 ENGINE_SSL_CLIENT_CERT_PTR loadssl_f) 75ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
74 { 76 ENGINE_SSL_CLIENT_CERT_PTR loadssl_f)
77{
75 e->load_ssl_client_cert = loadssl_f; 78 e->load_ssl_client_cert = loadssl_f;
76 return 1; 79 return 1;
77 } 80}
78 81
79ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e) 82ENGINE_LOAD_KEY_PTR
80 { 83ENGINE_get_load_privkey_function(const ENGINE *e)
84{
81 return e->load_privkey; 85 return e->load_privkey;
82 } 86}
83 87
84ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e) 88ENGINE_LOAD_KEY_PTR
85 { 89ENGINE_get_load_pubkey_function(const ENGINE *e)
90{
86 return e->load_pubkey; 91 return e->load_pubkey;
87 } 92}
88 93
89ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e) 94ENGINE_SSL_CLIENT_CERT_PTR
90 { 95ENGINE_get_ssl_client_cert_function(const ENGINE *e)
96{
91 return e->load_ssl_client_cert; 97 return e->load_ssl_client_cert;
92 } 98}
93 99
94/* API functions to load public/private keys */ 100/* API functions to load public/private keys */
95 101
96EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id, 102EVP_PKEY *
97 UI_METHOD *ui_method, void *callback_data) 103ENGINE_load_private_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method,
98 { 104 void *callback_data)
105{
99 EVP_PKEY *pkey; 106 EVP_PKEY *pkey;
100 107
101 if(e == NULL) 108 if (e == NULL) {
102 {
103 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY, 109 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
104 ERR_R_PASSED_NULL_PARAMETER); 110 ERR_R_PASSED_NULL_PARAMETER);
105 return 0; 111 return 0;
106 } 112 }
107 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 113 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
108 if(e->funct_ref == 0) 114 if (e->funct_ref == 0) {
109 {
110 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 115 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
111 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY, 116 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
112 ENGINE_R_NOT_INITIALISED); 117 ENGINE_R_NOT_INITIALISED);
113 return 0; 118 return 0;
114 } 119 }
115 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 120 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
116 if (!e->load_privkey) 121 if (!e->load_privkey) {
117 {
118 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY, 122 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
119 ENGINE_R_NO_LOAD_FUNCTION); 123 ENGINE_R_NO_LOAD_FUNCTION);
120 return 0; 124 return 0;
121 } 125 }
122 pkey = e->load_privkey(e, key_id, ui_method, callback_data); 126 pkey = e->load_privkey(e, key_id, ui_method, callback_data);
123 if (!pkey) 127 if (!pkey) {
124 {
125 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY, 128 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
126 ENGINE_R_FAILED_LOADING_PRIVATE_KEY); 129 ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
127 return 0; 130 return 0;
128 }
129 return pkey;
130 } 131 }
132 return pkey;
133}
131 134
132EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, 135EVP_PKEY *
133 UI_METHOD *ui_method, void *callback_data) 136ENGINE_load_public_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method,
134 { 137 void *callback_data)
138{
135 EVP_PKEY *pkey; 139 EVP_PKEY *pkey;
136 140
137 if(e == NULL) 141 if (e == NULL) {
138 {
139 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY, 142 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
140 ERR_R_PASSED_NULL_PARAMETER); 143 ERR_R_PASSED_NULL_PARAMETER);
141 return 0; 144 return 0;
142 } 145 }
143 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 146 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
144 if(e->funct_ref == 0) 147 if (e->funct_ref == 0) {
145 {
146 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 148 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
147 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY, 149 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
148 ENGINE_R_NOT_INITIALISED); 150 ENGINE_R_NOT_INITIALISED);
149 return 0; 151 return 0;
150 } 152 }
151 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 153 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
152 if (!e->load_pubkey) 154 if (!e->load_pubkey) {
153 {
154 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY, 155 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
155 ENGINE_R_NO_LOAD_FUNCTION); 156 ENGINE_R_NO_LOAD_FUNCTION);
156 return 0; 157 return 0;
157 } 158 }
158 pkey = e->load_pubkey(e, key_id, ui_method, callback_data); 159 pkey = e->load_pubkey(e, key_id, ui_method, callback_data);
159 if (!pkey) 160 if (!pkey) {
160 {
161 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY, 161 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
162 ENGINE_R_FAILED_LOADING_PUBLIC_KEY); 162 ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
163 return 0; 163 return 0;
164 }
165 return pkey;
166 } 164 }
165 return pkey;
166}
167 167
168int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, 168int
169 STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **ppkey, 169ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, STACK_OF(X509_NAME) *ca_dn,
170 STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data) 170 X509 **pcert, EVP_PKEY **ppkey, STACK_OF(X509) **pother,
171 { 171 UI_METHOD *ui_method, void *callback_data)
172 172{
173 if(e == NULL) 173 if (e == NULL) {
174 {
175 ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT, 174 ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
176 ERR_R_PASSED_NULL_PARAMETER); 175 ERR_R_PASSED_NULL_PARAMETER);
177 return 0; 176 return 0;
178 } 177 }
179 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 178 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
180 if(e->funct_ref == 0) 179 if (e->funct_ref == 0) {
181 {
182 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 180 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
183 ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT, 181 ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
184 ENGINE_R_NOT_INITIALISED); 182 ENGINE_R_NOT_INITIALISED);
185 return 0; 183 return 0;
186 } 184 }
187 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 185 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
188 if (!e->load_ssl_client_cert) 186 if (!e->load_ssl_client_cert) {
189 {
190 ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT, 187 ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
191 ENGINE_R_NO_LOAD_FUNCTION); 188 ENGINE_R_NO_LOAD_FUNCTION);
192 return 0; 189 return 0;
193 }
194 return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, pother,
195 ui_method, callback_data);
196 } 190 }
191 return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, pother,
192 ui_method, callback_data);
193}
diff --git a/src/lib/libcrypto/engine/eng_rsax.c b/src/lib/libcrypto/engine/eng_rsax.c
index f7b38b1156..ee18439070 100644
--- a/src/lib/libcrypto/engine/eng_rsax.c
+++ b/src/lib/libcrypto/engine/eng_rsax.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_rsax.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: eng_rsax.c,v 1.7 2014/06/22 12:05:09 jsing Exp $ */
2/* Copyright (c) 2010-2010 Intel Corp. 2/* Copyright (c) 2010-2010 Intel Corp.
3 * Author: Vinodh.Gopal@intel.com 3 * Author: Vinodh.Gopal@intel.com
4 * Jim Guilford 4 * Jim Guilford
@@ -85,16 +85,17 @@ static ENGINE *ENGINE_rsax (void);
85#endif 85#endif
86 86
87void ENGINE_load_rsax (void) 87void ENGINE_load_rsax (void)
88 { 88{
89/* On non-x86 CPUs it just returns. */ 89/* On non-x86 CPUs it just returns. */
90#ifdef COMPILE_RSAX 90#ifdef COMPILE_RSAX
91 ENGINE *toadd = ENGINE_rsax(); 91 ENGINE *toadd = ENGINE_rsax();
92 if(!toadd) return; 92 if (!toadd)
93 return;
93 ENGINE_add(toadd); 94 ENGINE_add(toadd);
94 ENGINE_free(toadd); 95 ENGINE_free(toadd);
95 ERR_clear_error(); 96 ERR_clear_error();
96#endif 97#endif
97 } 98}
98 99
99#ifdef COMPILE_RSAX 100#ifdef COMPILE_RSAX
100#define E_RSAX_LIB_NAME "rsax engine" 101#define E_RSAX_LIB_NAME "rsax engine"
@@ -106,13 +107,14 @@ static int e_rsax_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
106 107
107#ifndef OPENSSL_NO_RSA 108#ifndef OPENSSL_NO_RSA
108/* RSA stuff */ 109/* RSA stuff */
109static int e_rsax_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); 110static int e_rsax_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
111 BN_CTX *ctx);
110static int e_rsax_rsa_finish(RSA *r); 112static int e_rsax_rsa_finish(RSA *r);
111#endif 113#endif
112 114
113static const ENGINE_CMD_DEFN e_rsax_cmd_defns[] = { 115static const ENGINE_CMD_DEFN e_rsax_cmd_defns[] = {
114 {0, NULL, NULL, 0} 116 {0, NULL, NULL, 0}
115 }; 117};
116 118
117#ifndef OPENSSL_NO_RSA 119#ifndef OPENSSL_NO_RSA
118/* Our internal RSA_METHOD that we provide pointers to */ 120/* Our internal RSA_METHOD that we provide pointers to */
@@ -129,21 +131,22 @@ static const char *engine_e_rsax_id = "rsax";
129static const char *engine_e_rsax_name = "RSAX engine support"; 131static const char *engine_e_rsax_name = "RSAX engine support";
130 132
131/* This internal function is used by ENGINE_rsax() */ 133/* This internal function is used by ENGINE_rsax() */
132static int bind_helper(ENGINE *e) 134static int
133 { 135bind_helper(ENGINE *e)
136{
134#ifndef OPENSSL_NO_RSA 137#ifndef OPENSSL_NO_RSA
135 const RSA_METHOD *meth1; 138 const RSA_METHOD *meth1;
136#endif 139#endif
137 if(!ENGINE_set_id(e, engine_e_rsax_id) || 140 if (!ENGINE_set_id(e, engine_e_rsax_id) ||
138 !ENGINE_set_name(e, engine_e_rsax_name) || 141 !ENGINE_set_name(e, engine_e_rsax_name) ||
139#ifndef OPENSSL_NO_RSA 142#ifndef OPENSSL_NO_RSA
140 !ENGINE_set_RSA(e, &e_rsax_rsa) || 143 !ENGINE_set_RSA(e, &e_rsax_rsa) ||
141#endif 144#endif
142 !ENGINE_set_destroy_function(e, e_rsax_destroy) || 145 !ENGINE_set_destroy_function(e, e_rsax_destroy) ||
143 !ENGINE_set_init_function(e, e_rsax_init) || 146 !ENGINE_set_init_function(e, e_rsax_init) ||
144 !ENGINE_set_finish_function(e, e_rsax_finish) || 147 !ENGINE_set_finish_function(e, e_rsax_finish) ||
145 !ENGINE_set_ctrl_function(e, e_rsax_ctrl) || 148 !ENGINE_set_ctrl_function(e, e_rsax_ctrl) ||
146 !ENGINE_set_cmd_defns(e, e_rsax_cmd_defns)) 149 !ENGINE_set_cmd_defns(e, e_rsax_cmd_defns))
147 return 0; 150 return 0;
148 151
149#ifndef OPENSSL_NO_RSA 152#ifndef OPENSSL_NO_RSA
@@ -155,64 +158,67 @@ static int bind_helper(ENGINE *e)
155 e_rsax_rsa.bn_mod_exp = meth1->bn_mod_exp; 158 e_rsax_rsa.bn_mod_exp = meth1->bn_mod_exp;
156#endif 159#endif
157 return 1; 160 return 1;
158 } 161}
159 162
160static ENGINE *ENGINE_rsax(void) 163static ENGINE *
161 { 164ENGINE_rsax(void)
165{
162 ENGINE *ret = ENGINE_new(); 166 ENGINE *ret = ENGINE_new();
163 if(!ret) 167
168 if (!ret)
164 return NULL; 169 return NULL;
165 if(!bind_helper(ret)) 170 if (!bind_helper(ret)) {
166 {
167 ENGINE_free(ret); 171 ENGINE_free(ret);
168 return NULL; 172 return NULL;
169 }
170 return ret;
171 } 173 }
174 return ret;
175}
172 176
173#ifndef OPENSSL_NO_RSA 177#ifndef OPENSSL_NO_RSA
174/* Used to attach our own key-data to an RSA structure */ 178/* Used to attach our own key-data to an RSA structure */
175static int rsax_ex_data_idx = -1; 179static int rsax_ex_data_idx = -1;
176#endif 180#endif
177 181
178static int e_rsax_destroy(ENGINE *e) 182static int
179 { 183e_rsax_destroy(ENGINE *e)
184{
180 return 1; 185 return 1;
181 } 186}
182 187
183/* (de)initialisation functions. */ 188/* (de)initialisation functions. */
184static int e_rsax_init(ENGINE *e) 189static int
185 { 190e_rsax_init(ENGINE *e)
191{
186#ifndef OPENSSL_NO_RSA 192#ifndef OPENSSL_NO_RSA
187 if (rsax_ex_data_idx == -1) 193 if (rsax_ex_data_idx == -1)
188 rsax_ex_data_idx = RSA_get_ex_new_index(0, 194 rsax_ex_data_idx = RSA_get_ex_new_index(0, NULL, NULL,
189 NULL, 195 NULL, NULL);
190 NULL, NULL, NULL);
191#endif 196#endif
192 if (rsax_ex_data_idx == -1) 197 if (rsax_ex_data_idx == -1)
193 return 0; 198 return 0;
194 return 1; 199 return 1;
195 } 200}
196 201
197static int e_rsax_finish(ENGINE *e) 202static int
198 { 203e_rsax_finish(ENGINE *e)
204{
199 return 1; 205 return 1;
200 } 206}
201 207
202static int e_rsax_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) 208static int
203 { 209e_rsax_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
210{
204 int to_return = 1; 211 int to_return = 1;
205 212
206 switch(cmd) 213 switch (cmd) {
207 { 214 /* The command isn't understood by this engine */
208 /* The command isn't understood by this engine */
209 default: 215 default:
210 to_return = 0; 216 to_return = 0;
211 break; 217 break;
212 } 218 }
213 219
214 return to_return; 220 return to_return;
215 } 221}
216 222
217 223
218#ifndef OPENSSL_NO_RSA 224#ifndef OPENSSL_NO_RSA
@@ -233,69 +239,71 @@ static int interleaved_array_to_bn_512(BIGNUM* b, UINT64 *array);
233/* Extract array elements from BIGNUM b 239/* Extract array elements from BIGNUM b
234 * To set the whole array from b, call with n=8 240 * To set the whole array from b, call with n=8
235 */ 241 */
236static int bn_extract_to_array_512(const BIGNUM* b, unsigned int n, UINT64 *array); 242static int bn_extract_to_array_512(const BIGNUM* b, unsigned int n,
243 UINT64 *array);
237 244
238struct mod_ctx_512 { 245struct mod_ctx_512 {
239 UINT64 t[8][8]; 246 UINT64 t[8][8];
240 UINT64 m[8]; 247 UINT64 m[8];
241 UINT64 m1[8]; /* 2^278 % m */ 248 UINT64 m1[8]; /* 2^278 % m */
242 UINT64 m2[8]; /* 2^640 % m */ 249 UINT64 m2[8]; /* 2^640 % m */
243 UINT64 k1[2]; /* (- 1/m) % 2^128 */ 250 UINT64 k1[2]; /* (- 1/m) % 2^128 */
244}; 251};
245 252
246static int mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data); 253static int mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data);
247 254
248void mod_exp_512(UINT64 *result, /* 512 bits, 8 qwords */ 255void mod_exp_512(UINT64 *result, /* 512 bits, 8 qwords */
249 UINT64 *g, /* 512 bits, 8 qwords */ 256UINT64 *g, /* 512 bits, 8 qwords */
250 UINT64 *exp, /* 512 bits, 8 qwords */ 257UINT64 *exp, /* 512 bits, 8 qwords */
251 struct mod_ctx_512 *data); 258struct mod_ctx_512 *data);
252 259
253typedef struct st_e_rsax_mod_ctx 260typedef struct st_e_rsax_mod_ctx {
254{ 261 UINT64 type;
255 UINT64 type; 262 union {
256 union { 263 struct mod_ctx_512 b512;
257 struct mod_ctx_512 b512; 264 } ctx;
258 } ctx;
259
260} E_RSAX_MOD_CTX; 265} E_RSAX_MOD_CTX;
261 266
262static E_RSAX_MOD_CTX *e_rsax_get_ctx(RSA *rsa, int idx, BIGNUM* m) 267static E_RSAX_MOD_CTX *
268e_rsax_get_ctx(RSA *rsa, int idx, BIGNUM* m)
263{ 269{
264 E_RSAX_MOD_CTX *hptr; 270 E_RSAX_MOD_CTX *hptr;
265 271
266 if (idx < 0 || idx > 2) 272 if (idx < 0 || idx > 2)
267 return NULL; 273 return NULL;
268 274
269 hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx); 275 hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx);
270 if (!hptr) { 276 if (!hptr) {
271 hptr = reallocarray(NULL, 3, sizeof(E_RSAX_MOD_CTX)); 277 hptr = reallocarray(NULL, 3, sizeof(E_RSAX_MOD_CTX));
272 if (!hptr) return NULL; 278 if (!hptr)
273 hptr[2].type = hptr[1].type= hptr[0].type = 0; 279 return NULL;
274 RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr); 280 hptr[2].type = hptr[1].type = hptr[0].type = 0;
275 } 281 RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr);
276 282 }
277 if (hptr[idx].type == (UINT64)BN_num_bits(m)) 283
278 return hptr+idx; 284 if (hptr[idx].type == (UINT64)BN_num_bits(m))
279 285 return hptr + idx;
280 if (BN_num_bits(m) == 512) { 286
281 UINT64 _m[8]; 287 if (BN_num_bits(m) == 512) {
282 bn_extract_to_array_512(m, 8, _m); 288 UINT64 _m[8];
283 memset( &hptr[idx].ctx.b512, 0, sizeof(struct mod_ctx_512)); 289 bn_extract_to_array_512(m, 8, _m);
284 mod_exp_pre_compute_data_512(_m, &hptr[idx].ctx.b512); 290 memset( &hptr[idx].ctx.b512, 0, sizeof(struct mod_ctx_512));
291 mod_exp_pre_compute_data_512(_m, &hptr[idx].ctx.b512);
285 } 292 }
286 293
287 hptr[idx].type = BN_num_bits(m); 294 hptr[idx].type = BN_num_bits(m);
288 return hptr+idx; 295 return hptr + idx;
289} 296}
290 297
291static int e_rsax_rsa_finish(RSA *rsa) 298static int
292 { 299e_rsax_rsa_finish(RSA *rsa)
300{
293 E_RSAX_MOD_CTX *hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx); 301 E_RSAX_MOD_CTX *hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx);
294 if(hptr) 302
295 { 303 if (hptr) {
296 free(hptr); 304 free(hptr);
297 RSA_set_ex_data(rsa, rsax_ex_data_idx, NULL); 305 RSA_set_ex_data(rsa, rsax_ex_data_idx, NULL);
298 } 306 }
299 if (rsa->_method_mod_n) 307 if (rsa->_method_mod_n)
300 BN_MONT_CTX_free(rsa->_method_mod_n); 308 BN_MONT_CTX_free(rsa->_method_mod_n);
301 if (rsa->_method_mod_p) 309 if (rsa->_method_mod_p)
@@ -303,28 +311,28 @@ static int e_rsax_rsa_finish(RSA *rsa)
303 if (rsa->_method_mod_q) 311 if (rsa->_method_mod_q)
304 BN_MONT_CTX_free(rsa->_method_mod_q); 312 BN_MONT_CTX_free(rsa->_method_mod_q);
305 return 1; 313 return 1;
306 } 314}
307
308 315
309static int e_rsax_bn_mod_exp(BIGNUM *r, const BIGNUM *g, const BIGNUM *e, 316static int
310 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont, E_RSAX_MOD_CTX* rsax_mod_ctx ) 317e_rsax_bn_mod_exp(BIGNUM *r, const BIGNUM *g, const BIGNUM *e, const BIGNUM *m,
318 BN_CTX *ctx, BN_MONT_CTX *in_mont, E_RSAX_MOD_CTX* rsax_mod_ctx)
311{ 319{
312 if (rsax_mod_ctx && BN_get_flags(e, BN_FLG_CONSTTIME) != 0) { 320 if (rsax_mod_ctx && BN_get_flags(e, BN_FLG_CONSTTIME) != 0) {
313 if (BN_num_bits(m) == 512) { 321 if (BN_num_bits(m) == 512) {
314 UINT64 _r[8]; 322 UINT64 _r[8];
315 UINT64 _g[8]; 323 UINT64 _g[8];
316 UINT64 _e[8]; 324 UINT64 _e[8];
317 325
318 /* Init the arrays from the BIGNUMs */ 326 /* Init the arrays from the BIGNUMs */
319 bn_extract_to_array_512(g, 8, _g); 327 bn_extract_to_array_512(g, 8, _g);
320 bn_extract_to_array_512(e, 8, _e); 328 bn_extract_to_array_512(e, 8, _e);
321 329
322 mod_exp_512(_r, _g, _e, &rsax_mod_ctx->ctx.b512); 330 mod_exp_512(_r, _g, _e, &rsax_mod_ctx->ctx.b512);
323 /* Return the result in the BIGNUM */ 331 /* Return the result in the BIGNUM */
324 interleaved_array_to_bn_512(r, _r); 332 interleaved_array_to_bn_512(r, _r);
325 return 1; 333 return 1;
326 } 334 }
327 } 335 }
328 336
329 return BN_mod_exp_mont(r, g, e, m, ctx, in_mont); 337 return BN_mod_exp_mont(r, g, e, m, ctx, in_mont);
330} 338}
@@ -339,146 +347,177 @@ static int e_rsax_bn_mod_exp(BIGNUM *r, const BIGNUM *g, const BIGNUM *e,
339 * Local method: extracts a piece from a BIGNUM, to fit it into 347 * Local method: extracts a piece from a BIGNUM, to fit it into
340 * an array. Call with n=8 to extract an entire 512-bit BIGNUM 348 * an array. Call with n=8 to extract an entire 512-bit BIGNUM
341 */ 349 */
342static int bn_extract_to_array_512(const BIGNUM* b, unsigned int n, UINT64 *array) 350static int
351bn_extract_to_array_512(const BIGNUM* b, unsigned int n, UINT64 *array)
343{ 352{
344 int i; 353 int i;
345 UINT64 tmp; 354 UINT64 tmp;
346 unsigned char bn_buff[64]; 355 unsigned char bn_buff[64];
356
347 memset(bn_buff, 0, 64); 357 memset(bn_buff, 0, 64);
348 if (BN_num_bytes(b) > 64) { 358 if (BN_num_bytes(b) > 64) {
349 printf ("Can't support this byte size\n"); 359 printf ("Can't support this byte size\n");
350 return 0; } 360 return 0;
351 if (BN_num_bytes(b)!=0) { 361 }
352 if (!BN_bn2bin(b, bn_buff+(64-BN_num_bytes(b)))) { 362 if (BN_num_bytes(b) != 0) {
363 if (!BN_bn2bin(b, bn_buff + (64 - BN_num_bytes(b)))) {
353 printf ("Error's in bn2bin\n"); 364 printf ("Error's in bn2bin\n");
354 /* We have to error, here */ 365 /* We have to error, here */
355 return 0; } } 366 return 0;
367 }
368 }
356 while (n-- > 0) { 369 while (n-- > 0) {
357 array[n] = 0; 370 array[n] = 0;
358 for (i=7; i>=0; i--) { 371 for (i = 7; i >= 0; i--) {
359 tmp = bn_buff[63-(n*8+i)]; 372 tmp = bn_buff[63 - (n*8 + i)];
360 array[n] |= tmp << (8*i); } } 373 array[n] |= tmp << (8*i);
374 }
375 }
361 return 1; 376 return 1;
362} 377}
363 378
364/* Init a 512-bit BIGNUM from the UINT64*_ (8 * 64) interleaved array */ 379/* Init a 512-bit BIGNUM from the UINT64*_ (8 * 64) interleaved array */
365static int interleaved_array_to_bn_512(BIGNUM* b, UINT64 *array) 380static int
381interleaved_array_to_bn_512(BIGNUM* b, UINT64 *array)
366{ 382{
367 unsigned char tmp[64]; 383 unsigned char tmp[64];
368 int n=8; 384 int n = 8;
369 int i; 385 int i;
386
370 while (n-- > 0) { 387 while (n-- > 0) {
371 for (i = 7; i>=0; i--) { 388 for (i = 7; i >= 0; i--) {
372 tmp[63-(n*8+i)] = (unsigned char)(array[n]>>(8*i)); } } 389 tmp[63 - (n * 8 + i)] =
390 (unsigned char)(array[n] >> (8 * i));
391 }
392 }
373 BN_bin2bn(tmp, 64, b); 393 BN_bin2bn(tmp, 64, b);
374 return 0; 394 return 0;
375} 395}
376 396
377
378/* The main 512bit precompute call */ 397/* The main 512bit precompute call */
379static int mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data) 398static int
380 { 399mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data)
381 BIGNUM two_768, two_640, two_128, two_512, tmp, _m, tmp2; 400{
382 401 BIGNUM two_768, two_640, two_128, two_512, tmp, _m, tmp2;
383 /* We need a BN_CTX for the modulo functions */ 402
384 BN_CTX* ctx; 403 /* We need a BN_CTX for the modulo functions */
385 /* Some tmps */ 404 BN_CTX* ctx;
386 UINT64 _t[8]; 405 /* Some tmps */
387 int i, j, ret = 0; 406 UINT64 _t[8];
388 407 int i, j, ret = 0;
389 /* Init _m with m */ 408
390 BN_init(&_m); 409 /* Init _m with m */
391 interleaved_array_to_bn_512(&_m, m); 410 BN_init(&_m);
392 memset(_t, 0, 64); 411 interleaved_array_to_bn_512(&_m, m);
393 412 memset(_t, 0, 64);
394 /* Inits */ 413
395 BN_init(&two_768); 414 /* Inits */
396 BN_init(&two_640); 415 BN_init(&two_768);
397 BN_init(&two_128); 416 BN_init(&two_640);
398 BN_init(&two_512); 417 BN_init(&two_128);
399 BN_init(&tmp); 418 BN_init(&two_512);
400 BN_init(&tmp2); 419 BN_init(&tmp);
401 420 BN_init(&tmp2);
402 /* Create our context */ 421
403 if ((ctx=BN_CTX_new()) == NULL) { goto err; } 422 /* Create our context */
423 if ((ctx = BN_CTX_new()) == NULL) {
424 goto err;
425 }
404 BN_CTX_start(ctx); 426 BN_CTX_start(ctx);
405 427
406 /* 428 /*
407 * For production, if you care, these only need to be set once, 429 * For production, if you care, these only need to be set once,
408 * and may be made constants. 430 * and may be made constants.
409 */ 431 */
410 BN_lshift(&two_768, BN_value_one(), 768); 432 BN_lshift(&two_768, BN_value_one(), 768);
411 BN_lshift(&two_640, BN_value_one(), 640); 433 BN_lshift(&two_640, BN_value_one(), 640);
412 BN_lshift(&two_128, BN_value_one(), 128); 434 BN_lshift(&two_128, BN_value_one(), 128);
413 BN_lshift(&two_512, BN_value_one(), 512); 435 BN_lshift(&two_512, BN_value_one(), 512);
414 436
415 if (0 == (m[7] & 0x8000000000000000)) { 437 if (0 == (m[7] & 0x8000000000000000)) {
416 exit(1); 438 exit(1);
417 } 439 }
418 if (0 == (m[0] & 0x1)) { /* Odd modulus required for Mont */ 440 if (0 == (m[0] & 0x1)) {
419 exit(1); 441 /* Odd modulus required for Mont */
420 } 442 exit(1);
421 443 }
422 /* Precompute m1 */ 444
423 BN_mod(&tmp, &two_768, &_m, ctx); 445 /* Precompute m1 */
424 if (!bn_extract_to_array_512(&tmp, 8, &data->m1[0])) { 446 BN_mod(&tmp, &two_768, &_m, ctx);
425 goto err; } 447 if (!bn_extract_to_array_512(&tmp, 8, &data->m1[0])) {
426 448 goto err;
427 /* Precompute m2 */ 449 }
428 BN_mod(&tmp, &two_640, &_m, ctx); 450
429 if (!bn_extract_to_array_512(&tmp, 8, &data->m2[0])) { 451 /* Precompute m2 */
430 goto err; 452 BN_mod(&tmp, &two_640, &_m, ctx);
431 } 453 if (!bn_extract_to_array_512(&tmp, 8, &data->m2[0])) {
432 454 goto err;
433 /* 455 }
434 * Precompute k1, a 128b number = ((-1)* m-1 ) mod 2128; k1 should 456
435 * be non-negative. 457 /*
436 */ 458 * Precompute k1, a 128b number = ((-1)* m-1 ) mod 2128; k1 should
437 BN_mod_inverse(&tmp, &_m, &two_128, ctx); 459 * be non-negative.
438 if (!BN_is_zero(&tmp)) { BN_sub(&tmp, &two_128, &tmp); } 460 */
439 if (!bn_extract_to_array_512(&tmp, 2, &data->k1[0])) { 461 BN_mod_inverse(&tmp, &_m, &two_128, ctx);
440 goto err; } 462 if (!BN_is_zero(&tmp)) {
441 463 BN_sub(&tmp, &two_128, &tmp);
442 /* Precompute t */ 464 }
443 for (i=0; i<8; i++) { 465 if (!bn_extract_to_array_512(&tmp, 2, &data->k1[0])) {
444 BN_zero(&tmp); 466 goto err;
445 if (i & 1) { BN_add(&tmp, &two_512, &tmp); } 467 }
446 if (i & 2) { BN_add(&tmp, &two_512, &tmp); } 468
447 if (i & 4) { BN_add(&tmp, &two_640, &tmp); } 469 /* Precompute t */
448 470 for (i = 0; i < 8; i++) {
449 BN_nnmod(&tmp2, &tmp, &_m, ctx); 471 BN_zero(&tmp);
450 if (!bn_extract_to_array_512(&tmp2, 8, _t)) { 472 if (i & 1) {
451 goto err; } 473 BN_add(&tmp, &two_512, &tmp);
452 for (j=0; j<8; j++) data->t[j][i] = _t[j]; } 474 }
453 475 if (i & 2) {
454 /* Precompute m */ 476 BN_add(&tmp, &two_512, &tmp);
455 for (i=0; i<8; i++) { 477 }
456 data->m[i] = m[i]; } 478 if (i & 4) {
457 479 BN_add(&tmp, &two_640, &tmp);
458 ret = 1; 480 }
481
482 BN_nnmod(&tmp2, &tmp, &_m, ctx);
483 if (!bn_extract_to_array_512(&tmp2, 8, _t)) {
484 goto err;
485 }
486 for (j = 0; j < 8; j++)
487 data->t[j][i] = _t[j];
488 }
489
490 /* Precompute m */
491 for (i = 0; i < 8; i++) {
492 data->m[i] = m[i];
493 }
494
495 ret = 1;
459 496
460err: 497err:
461 /* Cleanup */ 498 /* Cleanup */
462 if (ctx != NULL) { 499 if (ctx != NULL) {
463 BN_CTX_end(ctx); BN_CTX_free(ctx); } 500 BN_CTX_end(ctx);
464 BN_free(&two_768); 501 BN_CTX_free(ctx);
465 BN_free(&two_640); 502 }
466 BN_free(&two_128); 503 BN_free(&two_768);
467 BN_free(&two_512); 504 BN_free(&two_640);
468 BN_free(&tmp); 505 BN_free(&two_128);
469 BN_free(&tmp2); 506 BN_free(&two_512);
470 BN_free(&_m); 507 BN_free(&tmp);
471 508 BN_free(&tmp2);
472 return ret; 509 BN_free(&_m);
473}
474 510
511 return ret;
512}
475 513
476static int e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) 514static int
477 { 515e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
478 BIGNUM *r1,*m1,*vrfy; 516{
479 BIGNUM local_dmp1,local_dmq1,local_c,local_r1; 517 BIGNUM *r1, *m1, *vrfy;
480 BIGNUM *dmp1,*dmq1,*c,*pr1; 518 BIGNUM local_dmp1, local_dmq1, local_c, local_r1;
481 int ret=0; 519 BIGNUM *dmp1, *dmq1, *c, *pr1;
520 int ret = 0;
482 521
483 BN_CTX_start(ctx); 522 BN_CTX_start(ctx);
484 r1 = BN_CTX_get(ctx); 523 r1 = BN_CTX_get(ctx);
@@ -494,8 +533,7 @@ static int e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx
494 * intialization uses the BN_FLG_CONSTTIME flag 533 * intialization uses the BN_FLG_CONSTTIME flag
495 * (unless RSA_FLAG_NO_CONSTTIME is set) 534 * (unless RSA_FLAG_NO_CONSTTIME is set)
496 */ 535 */
497 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 536 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
498 {
499 BN_init(&local_p); 537 BN_init(&local_p);
500 p = &local_p; 538 p = &local_p;
501 BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME); 539 BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
@@ -503,100 +541,97 @@ static int e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx
503 BN_init(&local_q); 541 BN_init(&local_q);
504 q = &local_q; 542 q = &local_q;
505 BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME); 543 BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);
506 } 544 } else {
507 else
508 {
509 p = rsa->p; 545 p = rsa->p;
510 q = rsa->q; 546 q = rsa->q;
511 } 547 }
512 548
513 if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) 549 if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) {
514 { 550 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p,
515 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx)) 551 CRYPTO_LOCK_RSA, p, ctx))
516 error = 1; 552 error = 1;
517 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx)) 553 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q,
554 CRYPTO_LOCK_RSA, q, ctx))
518 error = 1; 555 error = 1;
519 } 556 }
520 557
521 /* clean up */ 558 /* clean up */
522 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 559 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
523 {
524 BN_free(&local_p); 560 BN_free(&local_p);
525 BN_free(&local_q); 561 BN_free(&local_q);
526 } 562 }
527 if ( error ) 563 if (error )
528 goto err; 564 goto err;
529 } 565 }
530 566
531 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) 567 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
532 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) 568 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n,
569 CRYPTO_LOCK_RSA, rsa->n, ctx))
533 goto err; 570 goto err;
534 571
535 /* compute I mod q */ 572 /* compute I mod q */
536 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 573 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
537 {
538 c = &local_c; 574 c = &local_c;
539 BN_with_flags(c, I, BN_FLG_CONSTTIME); 575 BN_with_flags(c, I, BN_FLG_CONSTTIME);
540 if (!BN_mod(r1,c,rsa->q,ctx)) goto err; 576 if (!BN_mod(r1, c,rsa->q, ctx))
541 } 577 goto err;
542 else 578 } else {
543 { 579 if (!BN_mod(r1, I,rsa->q, ctx))
544 if (!BN_mod(r1,I,rsa->q,ctx)) goto err; 580 goto err;
545 } 581 }
546 582
547 /* compute r1^dmq1 mod q */ 583 /* compute r1^dmq1 mod q */
548 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 584 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
549 {
550 dmq1 = &local_dmq1; 585 dmq1 = &local_dmq1;
551 BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME); 586 BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
552 } 587 } else
553 else
554 dmq1 = rsa->dmq1; 588 dmq1 = rsa->dmq1;
555 589
556 if (!e_rsax_bn_mod_exp(m1,r1,dmq1,rsa->q,ctx, 590 if (!e_rsax_bn_mod_exp(m1, r1, dmq1, rsa->q, ctx, rsa->_method_mod_q,
557 rsa->_method_mod_q, e_rsax_get_ctx(rsa, 0, rsa->q) )) goto err; 591 e_rsax_get_ctx(rsa, 0, rsa->q)))
592 goto err;
558 593
559 /* compute I mod p */ 594 /* compute I mod p */
560 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 595 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
561 {
562 c = &local_c; 596 c = &local_c;
563 BN_with_flags(c, I, BN_FLG_CONSTTIME); 597 BN_with_flags(c, I, BN_FLG_CONSTTIME);
564 if (!BN_mod(r1,c,rsa->p,ctx)) goto err; 598 if (!BN_mod(r1, c,rsa->p, ctx))
565 } 599 goto err;
566 else 600 } else {
567 { 601 if (!BN_mod(r1, I,rsa->p, ctx))
568 if (!BN_mod(r1,I,rsa->p,ctx)) goto err; 602 goto err;
569 } 603 }
570 604
571 /* compute r1^dmp1 mod p */ 605 /* compute r1^dmp1 mod p */
572 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 606 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
573 {
574 dmp1 = &local_dmp1; 607 dmp1 = &local_dmp1;
575 BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME); 608 BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
576 } 609 } else
577 else
578 dmp1 = rsa->dmp1; 610 dmp1 = rsa->dmp1;
579 611
580 if (!e_rsax_bn_mod_exp(r0,r1,dmp1,rsa->p,ctx, 612 if (!e_rsax_bn_mod_exp(r0, r1, dmp1, rsa->p, ctx, rsa->_method_mod_p,
581 rsa->_method_mod_p, e_rsax_get_ctx(rsa, 1, rsa->p) )) goto err; 613 e_rsax_get_ctx(rsa, 1, rsa->p)))
614 goto err;
582 615
583 if (!BN_sub(r0,r0,m1)) goto err; 616 if (!BN_sub(r0, r0, m1))
617 goto err;
584 /* This will help stop the size of r0 increasing, which does 618 /* This will help stop the size of r0 increasing, which does
585 * affect the multiply if it optimised for a power of 2 size */ 619 * affect the multiply if it optimised for a power of 2 size */
586 if (BN_is_negative(r0)) 620 if (BN_is_negative(r0))
587 if (!BN_add(r0,r0,rsa->p)) goto err; 621 if (!BN_add(r0, r0, rsa->p))
622 goto err;
588 623
589 if (!BN_mul(r1,r0,rsa->iqmp,ctx)) goto err; 624 if (!BN_mul(r1, r0, rsa->iqmp, ctx))
625 goto err;
590 626
591 /* Turn BN_FLG_CONSTTIME flag on before division operation */ 627 /* Turn BN_FLG_CONSTTIME flag on before division operation */
592 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 628 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
593 {
594 pr1 = &local_r1; 629 pr1 = &local_r1;
595 BN_with_flags(pr1, r1, BN_FLG_CONSTTIME); 630 BN_with_flags(pr1, r1, BN_FLG_CONSTTIME);
596 } 631 } else
597 else
598 pr1 = r1; 632 pr1 = r1;
599 if (!BN_mod(r0,pr1,rsa->p,ctx)) goto err; 633 if (!BN_mod(r0, pr1, rsa->p, ctx))
634 goto err;
600 635
601 /* If p < q it is occasionally possible for the correction of 636 /* If p < q it is occasionally possible for the correction of
602 * adding 'p' if r0 is negative above to leave the result still 637 * adding 'p' if r0 is negative above to leave the result still
@@ -606,25 +641,30 @@ static int e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx
606 * they ensure p > q [steve] 641 * they ensure p > q [steve]
607 */ 642 */
608 if (BN_is_negative(r0)) 643 if (BN_is_negative(r0))
609 if (!BN_add(r0,r0,rsa->p)) goto err; 644 if (!BN_add(r0, r0, rsa->p))
610 if (!BN_mul(r1,r0,rsa->q,ctx)) goto err; 645 goto err;
611 if (!BN_add(r0,r1,m1)) goto err; 646 if (!BN_mul(r1, r0, rsa->q, ctx))
612 647 goto err;
613 if (rsa->e && rsa->n) 648 if (!BN_add(r0, r1, m1))
614 { 649 goto err;
615 if (!e_rsax_bn_mod_exp(vrfy,r0,rsa->e,rsa->n,ctx,rsa->_method_mod_n, e_rsax_get_ctx(rsa, 2, rsa->n) )) 650
616 goto err; 651 if (rsa->e && rsa->n) {
652 if (!e_rsax_bn_mod_exp(vrfy, r0, rsa->e, rsa->n, ctx,
653 rsa->_method_mod_n, e_rsax_get_ctx(rsa, 2, rsa->n)))
654 goto err;
617 655
618 /* If 'I' was greater than (or equal to) rsa->n, the operation 656 /* If 'I' was greater than (or equal to) rsa->n, the operation
619 * will be equivalent to using 'I mod n'. However, the result of 657 * will be equivalent to using 'I mod n'. However, the result of
620 * the verify will *always* be less than 'n' so we don't check 658 * the verify will *always* be less than 'n' so we don't check
621 * for absolute equality, just congruency. */ 659 * for absolute equality, just congruency. */
622 if (!BN_sub(vrfy, vrfy, I)) goto err; 660 if (!BN_sub(vrfy, vrfy, I))
623 if (!BN_mod(vrfy, vrfy, rsa->n, ctx)) goto err; 661 goto err;
662 if (!BN_mod(vrfy, vrfy, rsa->n, ctx))
663 goto err;
624 if (BN_is_negative(vrfy)) 664 if (BN_is_negative(vrfy))
625 if (!BN_add(vrfy, vrfy, rsa->n)) goto err; 665 if (!BN_add(vrfy, vrfy, rsa->n))
626 if (!BN_is_zero(vrfy)) 666 goto err;
627 { 667 if (!BN_is_zero(vrfy)) {
628 /* 'I' and 'vrfy' aren't congruent mod n. Don't leak 668 /* 'I' and 'vrfy' aren't congruent mod n. Don't leak
629 * miscalculated CRT output, just do a raw (slower) 669 * miscalculated CRT output, just do a raw (slower)
630 * mod_exp and return that instead. */ 670 * mod_exp and return that instead. */
@@ -632,23 +672,22 @@ static int e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx
632 BIGNUM local_d; 672 BIGNUM local_d;
633 BIGNUM *d = NULL; 673 BIGNUM *d = NULL;
634 674
635 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 675 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
636 {
637 d = &local_d; 676 d = &local_d;
638 BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); 677 BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
639 } 678 } else
640 else
641 d = rsa->d; 679 d = rsa->d;
642 if (!e_rsax_bn_mod_exp(r0,I,d,rsa->n,ctx, 680 if (!e_rsax_bn_mod_exp(r0, I,d, rsa->n, ctx,
643 rsa->_method_mod_n, e_rsax_get_ctx(rsa, 2, rsa->n) )) goto err; 681 rsa->_method_mod_n, e_rsax_get_ctx(rsa, 2, rsa->n)))
644 } 682 goto err;
645 } 683 }
646 ret=1; 684 }
685 ret = 1;
647 686
648err: 687err:
649 BN_CTX_end(ctx); 688 BN_CTX_end(ctx);
650 689
651 return ret; 690 return ret;
652 } 691}
653#endif /* !OPENSSL_NO_RSA */ 692#endif /* !OPENSSL_NO_RSA */
654#endif /* !COMPILE_RSAX */ 693#endif /* !COMPILE_RSAX */
diff --git a/src/lib/libcrypto/engine/eng_table.c b/src/lib/libcrypto/engine/eng_table.c
index 5781af1eb9..44f3e892b8 100644
--- a/src/lib/libcrypto/engine/eng_table.c
+++ b/src/lib/libcrypto/engine/eng_table.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_table.c,v 1.5 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: eng_table.c,v 1.6 2014/06/22 12:05:09 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2001 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -7,7 +7,7 @@
7 * are met: 7 * are met:
8 * 8 *
9 * 1. Redistributions of source code must retain the above copyright 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer. 10 * notice, this list of conditions and the following disclaimer.
11 * 11 *
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in 13 * notice, this list of conditions and the following disclaimer in
@@ -59,8 +59,7 @@
59#include "eng_int.h" 59#include "eng_int.h"
60 60
61/* The type of the items in the table */ 61/* The type of the items in the table */
62typedef struct st_engine_pile 62typedef struct st_engine_pile {
63 {
64 /* The 'nid' of this algorithm/mode */ 63 /* The 'nid' of this algorithm/mode */
65 int nid; 64 int nid;
66 /* ENGINEs that implement this algorithm/mode. */ 65 /* ENGINEs that implement this algorithm/mode. */
@@ -69,284 +68,287 @@ typedef struct st_engine_pile
69 ENGINE *funct; 68 ENGINE *funct;
70 /* Zero if 'sk' is newer than the cached 'funct', non-zero otherwise */ 69 /* Zero if 'sk' is newer than the cached 'funct', non-zero otherwise */
71 int uptodate; 70 int uptodate;
72 } ENGINE_PILE; 71} ENGINE_PILE;
73 72
74DECLARE_LHASH_OF(ENGINE_PILE); 73DECLARE_LHASH_OF(ENGINE_PILE);
75 74
76/* The type exposed in eng_int.h */ 75/* The type exposed in eng_int.h */
77struct st_engine_table 76struct st_engine_table {
78 {
79 LHASH_OF(ENGINE_PILE) piles; 77 LHASH_OF(ENGINE_PILE) piles;
80 }; /* ENGINE_TABLE */ 78}; /* ENGINE_TABLE */
81 79
82 80typedef struct st_engine_pile_doall {
83typedef struct st_engine_pile_doall
84 {
85 engine_table_doall_cb *cb; 81 engine_table_doall_cb *cb;
86 void *arg; 82 void *arg;
87 } ENGINE_PILE_DOALL; 83} ENGINE_PILE_DOALL;
88
89 84
90/* Global flags (ENGINE_TABLE_FLAG_***). */ 85/* Global flags (ENGINE_TABLE_FLAG_***). */
91static unsigned int table_flags = 0; 86static unsigned int table_flags = 0;
92 87
93/* API function manipulating 'table_flags' */ 88/* API function manipulating 'table_flags' */
94unsigned int ENGINE_get_table_flags(void) 89unsigned int
95 { 90ENGINE_get_table_flags(void)
91{
96 return table_flags; 92 return table_flags;
97 } 93}
98 94
99void ENGINE_set_table_flags(unsigned int flags) 95void
100 { 96ENGINE_set_table_flags(unsigned int flags)
97{
101 table_flags = flags; 98 table_flags = flags;
102 } 99}
103 100
104/* Internal functions for the "piles" hash table */ 101/* Internal functions for the "piles" hash table */
105static unsigned long engine_pile_hash(const ENGINE_PILE *c) 102static unsigned long
106 { 103engine_pile_hash(const ENGINE_PILE *c)
104{
107 return c->nid; 105 return c->nid;
108 } 106}
109 107
110static int engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b) 108static int
111 { 109engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b)
110{
112 return a->nid - b->nid; 111 return a->nid - b->nid;
113 } 112}
114static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE) 113static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE)
115static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE) 114static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE)
116 115
117static int int_table_check(ENGINE_TABLE **t, int create) 116static int
118 { 117int_table_check(ENGINE_TABLE **t, int create)
118{
119 LHASH_OF(ENGINE_PILE) *lh; 119 LHASH_OF(ENGINE_PILE) *lh;
120 120
121 if(*t) return 1; 121 if (*t)
122 if(!create) return 0; 122 return 1;
123 if((lh = lh_ENGINE_PILE_new()) == NULL) 123 if (!create)
124 return 0;
125 if ((lh = lh_ENGINE_PILE_new()) == NULL)
124 return 0; 126 return 0;
125 *t = (ENGINE_TABLE *)lh; 127 *t = (ENGINE_TABLE *)lh;
126 return 1; 128 return 1;
127 } 129}
128 130
129/* Privately exposed (via eng_int.h) functions for adding and/or removing 131/* Privately exposed (via eng_int.h) functions for adding and/or removing
130 * ENGINEs from the implementation table */ 132 * ENGINEs from the implementation table */
131int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, 133int
132 ENGINE *e, const int *nids, int num_nids, int setdefault) 134engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
133 { 135 ENGINE *e, const int *nids, int num_nids, int setdefault)
136{
134 int ret = 0, added = 0; 137 int ret = 0, added = 0;
135 ENGINE_PILE tmplate, *fnd; 138 ENGINE_PILE tmplate, *fnd;
139
136 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 140 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
137 if(!(*table)) 141 if (!(*table))
138 added = 1; 142 added = 1;
139 if(!int_table_check(table, 1)) 143 if (!int_table_check(table, 1))
140 goto end; 144 goto end;
141 if(added) 145 if (added)
142 /* The cleanup callback needs to be added */ 146 /* The cleanup callback needs to be added */
143 engine_cleanup_add_first(cleanup); 147 engine_cleanup_add_first(cleanup);
144 while(num_nids--) 148 while (num_nids--) {
145 {
146 tmplate.nid = *nids; 149 tmplate.nid = *nids;
147 fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate); 150 fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
148 if(!fnd) 151 if (!fnd) {
149 {
150 fnd = malloc(sizeof(ENGINE_PILE)); 152 fnd = malloc(sizeof(ENGINE_PILE));
151 if(!fnd) goto end; 153 if (!fnd)
154 goto end;
152 fnd->uptodate = 1; 155 fnd->uptodate = 1;
153 fnd->nid = *nids; 156 fnd->nid = *nids;
154 fnd->sk = sk_ENGINE_new_null(); 157 fnd->sk = sk_ENGINE_new_null();
155 if(!fnd->sk) 158 if (!fnd->sk) {
156 {
157 free(fnd); 159 free(fnd);
158 goto end; 160 goto end;
159 } 161 }
160 fnd->funct = NULL; 162 fnd->funct = NULL;
161 (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd); 163 (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
162 } 164 }
163 /* A registration shouldn't add duplciate entries */ 165 /* A registration shouldn't add duplciate entries */
164 (void)sk_ENGINE_delete_ptr(fnd->sk, e); 166 (void)sk_ENGINE_delete_ptr(fnd->sk, e);
165 /* if 'setdefault', this ENGINE goes to the head of the list */ 167 /* if 'setdefault', this ENGINE goes to the head of the list */
166 if(!sk_ENGINE_push(fnd->sk, e)) 168 if (!sk_ENGINE_push(fnd->sk, e))
167 goto end; 169 goto end;
168 /* "touch" this ENGINE_PILE */ 170 /* "touch" this ENGINE_PILE */
169 fnd->uptodate = 0; 171 fnd->uptodate = 0;
170 if(setdefault) 172 if (setdefault) {
171 { 173 if (!engine_unlocked_init(e)) {
172 if(!engine_unlocked_init(e))
173 {
174 ENGINEerr(ENGINE_F_ENGINE_TABLE_REGISTER, 174 ENGINEerr(ENGINE_F_ENGINE_TABLE_REGISTER,
175 ENGINE_R_INIT_FAILED); 175 ENGINE_R_INIT_FAILED);
176 goto end; 176 goto end;
177 } 177 }
178 if(fnd->funct) 178 if (fnd->funct)
179 engine_unlocked_finish(fnd->funct, 0); 179 engine_unlocked_finish(fnd->funct, 0);
180 fnd->funct = e; 180 fnd->funct = e;
181 fnd->uptodate = 1; 181 fnd->uptodate = 1;
182 }
183 nids++;
184 } 182 }
183 nids++;
184 }
185 ret = 1; 185 ret = 1;
186end: 186end:
187 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 187 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
188 return ret; 188 return ret;
189 } 189}
190static void int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e) 190
191 { 191static void
192int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e)
193{
192 int n; 194 int n;
195
193 /* Iterate the 'c->sk' stack removing any occurance of 'e' */ 196 /* Iterate the 'c->sk' stack removing any occurance of 'e' */
194 while((n = sk_ENGINE_find(pile->sk, e)) >= 0) 197 while ((n = sk_ENGINE_find(pile->sk, e)) >= 0) {
195 {
196 (void)sk_ENGINE_delete(pile->sk, n); 198 (void)sk_ENGINE_delete(pile->sk, n);
197 pile->uptodate = 0; 199 pile->uptodate = 0;
198 } 200 }
199 if(pile->funct == e) 201 if (pile->funct == e) {
200 {
201 engine_unlocked_finish(e, 0); 202 engine_unlocked_finish(e, 0);
202 pile->funct = NULL; 203 pile->funct = NULL;
203 }
204 } 204 }
205}
205static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE) 206static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE)
206 207
207void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e) 208void
208 { 209engine_table_unregister(ENGINE_TABLE **table, ENGINE *e)
210{
209 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 211 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
210 if(int_table_check(table, 0)) 212 if (int_table_check(table, 0))
211 lh_ENGINE_PILE_doall_arg(&(*table)->piles, 213 lh_ENGINE_PILE_doall_arg(&(*table)->piles,
212 LHASH_DOALL_ARG_FN(int_unregister_cb), 214 LHASH_DOALL_ARG_FN(int_unregister_cb), ENGINE, e);
213 ENGINE, e);
214 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 215 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
215 } 216}
216 217
217static void int_cleanup_cb_doall(ENGINE_PILE *p) 218static void
218 { 219int_cleanup_cb_doall(ENGINE_PILE *p)
220{
219 sk_ENGINE_free(p->sk); 221 sk_ENGINE_free(p->sk);
220 if(p->funct) 222 if (p->funct)
221 engine_unlocked_finish(p->funct, 0); 223 engine_unlocked_finish(p->funct, 0);
222 free(p); 224 free(p);
223 } 225}
224static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE) 226static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE)
225 227
226void engine_table_cleanup(ENGINE_TABLE **table) 228void
227 { 229engine_table_cleanup(ENGINE_TABLE **table)
230{
228 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 231 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
229 if(*table) 232 if (*table) {
230 {
231 lh_ENGINE_PILE_doall(&(*table)->piles, 233 lh_ENGINE_PILE_doall(&(*table)->piles,
232 LHASH_DOALL_FN(int_cleanup_cb)); 234 LHASH_DOALL_FN(int_cleanup_cb));
233 lh_ENGINE_PILE_free(&(*table)->piles); 235 lh_ENGINE_PILE_free(&(*table)->piles);
234 *table = NULL; 236 *table = NULL;
235 }
236 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
237 } 237 }
238 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
239}
238 240
239/* return a functional reference for a given 'nid' */ 241/* return a functional reference for a given 'nid' */
240#ifndef ENGINE_TABLE_DEBUG 242#ifndef ENGINE_TABLE_DEBUG
241ENGINE *engine_table_select(ENGINE_TABLE **table, int nid) 243ENGINE *
244engine_table_select(ENGINE_TABLE **table, int nid)
242#else 245#else
243ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l) 246ENGINE *
247engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l)
244#endif 248#endif
245 { 249{
246 ENGINE *ret = NULL; 250 ENGINE *ret = NULL;
247 ENGINE_PILE tmplate, *fnd=NULL; 251 ENGINE_PILE tmplate, *fnd = NULL;
248 int initres, loop = 0; 252 int initres, loop = 0;
249 253
250 if(!(*table)) 254 if (!(*table)) {
251 {
252#ifdef ENGINE_TABLE_DEBUG 255#ifdef ENGINE_TABLE_DEBUG
253 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, nothing " 256 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, nothing "
254 "registered!\n", f, l, nid); 257 "registered!\n", f, l, nid);
255#endif 258#endif
256 return NULL; 259 return NULL;
257 } 260 }
258 ERR_set_mark(); 261 ERR_set_mark();
259 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 262 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
260 /* Check again inside the lock otherwise we could race against cleanup 263 /* Check again inside the lock otherwise we could race against cleanup
261 * operations. But don't worry about a fprintf(stderr). */ 264 * operations. But don't worry about a fprintf(stderr). */
262 if(!int_table_check(table, 0)) goto end; 265 if (!int_table_check(table, 0))
266 goto end;
263 tmplate.nid = nid; 267 tmplate.nid = nid;
264 fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate); 268 fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
265 if(!fnd) goto end; 269 if (!fnd)
266 if(fnd->funct && engine_unlocked_init(fnd->funct)) 270 goto end;
267 { 271 if (fnd->funct && engine_unlocked_init(fnd->funct)) {
268#ifdef ENGINE_TABLE_DEBUG 272#ifdef ENGINE_TABLE_DEBUG
269 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using " 273 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
270 "ENGINE '%s' cached\n", f, l, nid, fnd->funct->id); 274 "ENGINE '%s' cached\n", f, l, nid, fnd->funct->id);
271#endif 275#endif
272 ret = fnd->funct; 276 ret = fnd->funct;
273 goto end; 277 goto end;
274 } 278 }
275 if(fnd->uptodate) 279 if (fnd->uptodate) {
276 {
277 ret = fnd->funct; 280 ret = fnd->funct;
278 goto end; 281 goto end;
279 } 282 }
280trynext: 283trynext:
281 ret = sk_ENGINE_value(fnd->sk, loop++); 284 ret = sk_ENGINE_value(fnd->sk, loop++);
282 if(!ret) 285 if (!ret) {
283 {
284#ifdef ENGINE_TABLE_DEBUG 286#ifdef ENGINE_TABLE_DEBUG
285 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no " 287 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no "
286 "registered implementations would initialise\n", 288 "registered implementations would initialise\n", f, l, nid);
287 f, l, nid);
288#endif 289#endif
289 goto end; 290 goto end;
290 } 291 }
291 /* Try to initialise the ENGINE? */ 292 /* Try to initialise the ENGINE? */
292 if((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT)) 293 if ((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT))
293 initres = engine_unlocked_init(ret); 294 initres = engine_unlocked_init(ret);
294 else 295 else
295 initres = 0; 296 initres = 0;
296 if(initres) 297 if (initres) {
297 {
298 /* Update 'funct' */ 298 /* Update 'funct' */
299 if((fnd->funct != ret) && engine_unlocked_init(ret)) 299 if ((fnd->funct != ret) && engine_unlocked_init(ret)) {
300 {
301 /* If there was a previous default we release it. */ 300 /* If there was a previous default we release it. */
302 if(fnd->funct) 301 if (fnd->funct)
303 engine_unlocked_finish(fnd->funct, 0); 302 engine_unlocked_finish(fnd->funct, 0);
304 fnd->funct = ret; 303 fnd->funct = ret;
305#ifdef ENGINE_TABLE_DEBUG 304#ifdef ENGINE_TABLE_DEBUG
306 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, " 305 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, "
307 "setting default to '%s'\n", f, l, nid, ret->id); 306 "setting default to '%s'\n", f, l, nid, ret->id);
308#endif 307#endif
309 } 308 }
310#ifdef ENGINE_TABLE_DEBUG 309#ifdef ENGINE_TABLE_DEBUG
311 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using " 310 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
312 "newly initialised '%s'\n", f, l, nid, ret->id); 311 "newly initialised '%s'\n", f, l, nid, ret->id);
313#endif 312#endif
314 goto end; 313 goto end;
315 } 314 }
316 goto trynext; 315 goto trynext;
317end: 316end:
318 /* If it failed, it is unlikely to succeed again until some future 317 /* If it failed, it is unlikely to succeed again until some future
319 * registrations have taken place. In all cases, we cache. */ 318 * registrations have taken place. In all cases, we cache. */
320 if(fnd) fnd->uptodate = 1; 319 if (fnd)
320 fnd->uptodate = 1;
321#ifdef ENGINE_TABLE_DEBUG 321#ifdef ENGINE_TABLE_DEBUG
322 if(ret) 322 if (ret)
323 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching " 323 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
324 "ENGINE '%s'\n", f, l, nid, ret->id); 324 "ENGINE '%s'\n", f, l, nid, ret->id);
325 else 325 else
326 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching " 326 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
327 "'no matching ENGINE'\n", f, l, nid); 327 "'no matching ENGINE'\n", f, l, nid);
328#endif 328#endif
329 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 329 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
330 /* Whatever happened, any failed init()s are not failures in this 330 /* Whatever happened, any failed init()s are not failures in this
331 * context, so clear our error state. */ 331 * context, so clear our error state. */
332 ERR_pop_to_mark(); 332 ERR_pop_to_mark();
333 return ret; 333 return ret;
334 } 334}
335 335
336/* Table enumeration */ 336/* Table enumeration */
337 337
338static void int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall) 338static void
339 { 339int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall)
340{
340 dall->cb(pile->nid, pile->sk, pile->funct, dall->arg); 341 dall->cb(pile->nid, pile->sk, pile->funct, dall->arg);
341 } 342}
342static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE,ENGINE_PILE_DOALL) 343static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE, ENGINE_PILE_DOALL)
343 344
344void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, 345void
345 void *arg) 346engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, void *arg)
346 { 347{
347 ENGINE_PILE_DOALL dall; 348 ENGINE_PILE_DOALL dall;
349
348 dall.cb = cb; 350 dall.cb = cb;
349 dall.arg = arg; 351 dall.arg = arg;
350 lh_ENGINE_PILE_doall_arg(&table->piles, LHASH_DOALL_ARG_FN(int_cb), 352 lh_ENGINE_PILE_doall_arg(&table->piles, LHASH_DOALL_ARG_FN(int_cb),
351 ENGINE_PILE_DOALL, &dall); 353 ENGINE_PILE_DOALL, &dall);
352 } 354}
diff --git a/src/lib/libssl/src/crypto/engine/eng_lib.c b/src/lib/libssl/src/crypto/engine/eng_lib.c
index 4288535d72..569b7199ce 100644
--- a/src/lib/libssl/src/crypto/engine/eng_lib.c
+++ b/src/lib/libssl/src/crypto/engine/eng_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_lib.c,v 1.7 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: eng_lib.c,v 1.8 2014/06/22 12:05:09 jsing Exp $ */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL 2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -61,28 +61,29 @@
61 61
62/* The "new"/"free" stuff first */ 62/* The "new"/"free" stuff first */
63 63
64ENGINE *ENGINE_new(void) 64ENGINE *
65 { 65ENGINE_new(void)
66{
66 ENGINE *ret; 67 ENGINE *ret;
67 68
68 ret = malloc(sizeof(ENGINE)); 69 ret = malloc(sizeof(ENGINE));
69 if(ret == NULL) 70 if (ret == NULL) {
70 {
71 ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE); 71 ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE);
72 return NULL; 72 return NULL;
73 } 73 }
74 memset(ret, 0, sizeof(ENGINE)); 74 memset(ret, 0, sizeof(ENGINE));
75 ret->struct_ref = 1; 75 ret->struct_ref = 1;
76 engine_ref_debug(ret, 0, 1) 76 engine_ref_debug(ret, 0, 1)
77 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data); 77 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data);
78 return ret; 78 return ret;
79 } 79}
80 80
81/* Placed here (close proximity to ENGINE_new) so that modifications to the 81/* Placed here (close proximity to ENGINE_new) so that modifications to the
82 * elements of the ENGINE structure are more likely to be caught and changed 82 * elements of the ENGINE structure are more likely to be caught and changed
83 * here. */ 83 * here. */
84void engine_set_all_null(ENGINE *e) 84void
85 { 85engine_set_all_null(ENGINE *e)
86{
86 e->id = NULL; 87 e->id = NULL;
87 e->name = NULL; 88 e->name = NULL;
88 e->rsa_meth = NULL; 89 e->rsa_meth = NULL;
@@ -100,41 +101,43 @@ void engine_set_all_null(ENGINE *e)
100 e->load_pubkey = NULL; 101 e->load_pubkey = NULL;
101 e->cmd_defns = NULL; 102 e->cmd_defns = NULL;
102 e->flags = 0; 103 e->flags = 0;
103 } 104}
104 105
105int engine_free_util(ENGINE *e, int locked) 106int
106 { 107engine_free_util(ENGINE *e, int locked)
108{
107 int i; 109 int i;
108 110
109 if(e == NULL) 111 if (e == NULL) {
110 {
111 ENGINEerr(ENGINE_F_ENGINE_FREE_UTIL, 112 ENGINEerr(ENGINE_F_ENGINE_FREE_UTIL,
112 ERR_R_PASSED_NULL_PARAMETER); 113 ERR_R_PASSED_NULL_PARAMETER);
113 return 0; 114 return 0;
114 } 115 }
115 if(locked) 116 if (locked)
116 i = CRYPTO_add(&e->struct_ref,-1,CRYPTO_LOCK_ENGINE); 117 i = CRYPTO_add(&e->struct_ref, -1, CRYPTO_LOCK_ENGINE);
117 else 118 else
118 i = --e->struct_ref; 119 i = --e->struct_ref;
119 engine_ref_debug(e, 0, -1) 120 engine_ref_debug(e, 0, -1)
120 if (i > 0) return 1; 121 if (i > 0)
122 return 1;
121 123
122 /* Free up any dynamically allocated public key methods */ 124 /* Free up any dynamically allocated public key methods */
123 engine_pkey_meths_free(e); 125 engine_pkey_meths_free(e);
124 engine_pkey_asn1_meths_free(e); 126 engine_pkey_asn1_meths_free(e);
125 /* Give the ENGINE a chance to do any structural cleanup corresponding 127 /* Give the ENGINE a chance to do any structural cleanup corresponding
126 * to allocation it did in its constructor (eg. unload error strings) */ 128 * to allocation it did in its constructor (eg. unload error strings) */
127 if(e->destroy) 129 if (e->destroy)
128 e->destroy(e); 130 e->destroy(e);
129 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data); 131 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);
130 free(e); 132 free(e);
131 return 1; 133 return 1;
132 } 134}
133 135
134int ENGINE_free(ENGINE *e) 136int
135 { 137ENGINE_free(ENGINE *e)
138{
136 return engine_free_util(e, 1); 139 return engine_free_util(e, 1);
137 } 140}
138 141
139/* Cleanup stuff */ 142/* Cleanup stuff */
140 143
@@ -143,183 +146,218 @@ int ENGINE_free(ENGINE *e)
143 * bloat by referring to all *possible* cleanups, but any linker bloat into code 146 * bloat by referring to all *possible* cleanups, but any linker bloat into code
144 * "X" will cause X's cleanup function to end up here. */ 147 * "X" will cause X's cleanup function to end up here. */
145static STACK_OF(ENGINE_CLEANUP_ITEM) *cleanup_stack = NULL; 148static STACK_OF(ENGINE_CLEANUP_ITEM) *cleanup_stack = NULL;
146static int int_cleanup_check(int create) 149static int
147 { 150int_cleanup_check(int create)
148 if(cleanup_stack) return 1; 151{
149 if(!create) return 0; 152 if (cleanup_stack)
153 return 1;
154 if (!create)
155 return 0;
150 cleanup_stack = sk_ENGINE_CLEANUP_ITEM_new_null(); 156 cleanup_stack = sk_ENGINE_CLEANUP_ITEM_new_null();
151 return (cleanup_stack ? 1 : 0); 157 return (cleanup_stack ? 1 : 0);
152 } 158}
153static ENGINE_CLEANUP_ITEM *int_cleanup_item(ENGINE_CLEANUP_CB *cb) 159
154 { 160static ENGINE_CLEANUP_ITEM *
161int_cleanup_item(ENGINE_CLEANUP_CB *cb)
162{
155 ENGINE_CLEANUP_ITEM *item = malloc(sizeof(ENGINE_CLEANUP_ITEM)); 163 ENGINE_CLEANUP_ITEM *item = malloc(sizeof(ENGINE_CLEANUP_ITEM));
156 if(!item) return NULL; 164
165 if (!item)
166 return NULL;
157 item->cb = cb; 167 item->cb = cb;
158 return item; 168 return item;
159 } 169}
160void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb) 170
161 { 171void
172engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb)
173{
162 ENGINE_CLEANUP_ITEM *item; 174 ENGINE_CLEANUP_ITEM *item;
163 if(!int_cleanup_check(1)) return; 175
176 if (!int_cleanup_check(1))
177 return;
164 item = int_cleanup_item(cb); 178 item = int_cleanup_item(cb);
165 if(item) 179 if (item)
166 sk_ENGINE_CLEANUP_ITEM_insert(cleanup_stack, item, 0); 180 sk_ENGINE_CLEANUP_ITEM_insert(cleanup_stack, item, 0);
167 } 181}
168void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb) 182
169 { 183void
184engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb)
185{
170 ENGINE_CLEANUP_ITEM *item; 186 ENGINE_CLEANUP_ITEM *item;
171 if(!int_cleanup_check(1)) return; 187
188 if (!int_cleanup_check(1))
189 return;
172 item = int_cleanup_item(cb); 190 item = int_cleanup_item(cb);
173 if(item) 191 if (item)
174 sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item); 192 sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item);
175 } 193}
176/* The API function that performs all cleanup */ 194/* The API function that performs all cleanup */
177static void engine_cleanup_cb_free(ENGINE_CLEANUP_ITEM *item) 195static void
178 { 196engine_cleanup_cb_free(ENGINE_CLEANUP_ITEM *item)
197{
179 (*(item->cb))(); 198 (*(item->cb))();
180 free(item); 199 free(item);
181 } 200}
182void ENGINE_cleanup(void) 201
183 { 202void
184 if(int_cleanup_check(0)) 203ENGINE_cleanup(void)
185 { 204{
205 if (int_cleanup_check(0)) {
186 sk_ENGINE_CLEANUP_ITEM_pop_free(cleanup_stack, 206 sk_ENGINE_CLEANUP_ITEM_pop_free(cleanup_stack,
187 engine_cleanup_cb_free); 207 engine_cleanup_cb_free);
188 cleanup_stack = NULL; 208 cleanup_stack = NULL;
189 } 209 }
190 /* FIXME: This should be handled (somehow) through RAND, eg. by it 210 /* FIXME: This should be handled (somehow) through RAND, eg. by it
191 * registering a cleanup callback. */ 211 * registering a cleanup callback. */
192 RAND_set_rand_method(NULL); 212 RAND_set_rand_method(NULL);
193 } 213}
194 214
195/* Now the "ex_data" support */ 215/* Now the "ex_data" support */
196 216
197int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 217int
198 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) 218ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
199 { 219 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
220{
200 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp, 221 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp,
201 new_func, dup_func, free_func); 222 new_func, dup_func, free_func);
202 } 223}
203 224
204int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg) 225int
205 { 226ENGINE_set_ex_data(ENGINE *e, int idx, void *arg)
206 return(CRYPTO_set_ex_data(&e->ex_data, idx, arg)); 227{
207 } 228 return (CRYPTO_set_ex_data(&e->ex_data, idx, arg));
229}
208 230
209void *ENGINE_get_ex_data(const ENGINE *e, int idx) 231void *
210 { 232ENGINE_get_ex_data(const ENGINE *e, int idx)
211 return(CRYPTO_get_ex_data(&e->ex_data, idx)); 233{
212 } 234 return (CRYPTO_get_ex_data(&e->ex_data, idx));
235}
213 236
214/* Functions to get/set an ENGINE's elements - mainly to avoid exposing the 237/* Functions to get/set an ENGINE's elements - mainly to avoid exposing the
215 * ENGINE structure itself. */ 238 * ENGINE structure itself. */
216 239
217int ENGINE_set_id(ENGINE *e, const char *id) 240int
218 { 241ENGINE_set_id(ENGINE *e, const char *id)
219 if(id == NULL) 242{
220 { 243 if (id == NULL) {
221 ENGINEerr(ENGINE_F_ENGINE_SET_ID, 244 ENGINEerr(ENGINE_F_ENGINE_SET_ID,
222 ERR_R_PASSED_NULL_PARAMETER); 245 ERR_R_PASSED_NULL_PARAMETER);
223 return 0; 246 return 0;
224 } 247 }
225 e->id = id; 248 e->id = id;
226 return 1; 249 return 1;
227 } 250}
228 251
229int ENGINE_set_name(ENGINE *e, const char *name) 252int
230 { 253ENGINE_set_name(ENGINE *e, const char *name)
231 if(name == NULL) 254{
232 { 255 if (name == NULL) {
233 ENGINEerr(ENGINE_F_ENGINE_SET_NAME, 256 ENGINEerr(ENGINE_F_ENGINE_SET_NAME,
234 ERR_R_PASSED_NULL_PARAMETER); 257 ERR_R_PASSED_NULL_PARAMETER);
235 return 0; 258 return 0;
236 } 259 }
237 e->name = name; 260 e->name = name;
238 return 1; 261 return 1;
239 } 262}
240 263
241int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f) 264int
242 { 265ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f)
266{
243 e->destroy = destroy_f; 267 e->destroy = destroy_f;
244 return 1; 268 return 1;
245 } 269}
246 270
247int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f) 271int
248 { 272ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f)
273{
249 e->init = init_f; 274 e->init = init_f;
250 return 1; 275 return 1;
251 } 276}
252 277
253int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f) 278int
254 { 279ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f)
280{
255 e->finish = finish_f; 281 e->finish = finish_f;
256 return 1; 282 return 1;
257 } 283}
258 284
259int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f) 285int
260 { 286ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f)
287{
261 e->ctrl = ctrl_f; 288 e->ctrl = ctrl_f;
262 return 1; 289 return 1;
263 } 290}
264 291
265int ENGINE_set_flags(ENGINE *e, int flags) 292int
266 { 293ENGINE_set_flags(ENGINE *e, int flags)
294{
267 e->flags = flags; 295 e->flags = flags;
268 return 1; 296 return 1;
269 } 297}
270 298
271int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns) 299int
272 { 300ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns)
301{
273 e->cmd_defns = defns; 302 e->cmd_defns = defns;
274 return 1; 303 return 1;
275 } 304}
276 305
277const char *ENGINE_get_id(const ENGINE *e) 306const char *
278 { 307ENGINE_get_id(const ENGINE *e)
308{
279 return e->id; 309 return e->id;
280 } 310}
281 311
282const char *ENGINE_get_name(const ENGINE *e) 312const char *
283 { 313ENGINE_get_name(const ENGINE *e)
314{
284 return e->name; 315 return e->name;
285 } 316}
286 317
287ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e) 318ENGINE_GEN_INT_FUNC_PTR
288 { 319ENGINE_get_destroy_function(const ENGINE *e)
320{
289 return e->destroy; 321 return e->destroy;
290 } 322}
291 323
292ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e) 324ENGINE_GEN_INT_FUNC_PTR
293 { 325ENGINE_get_init_function(const ENGINE *e)
326{
294 return e->init; 327 return e->init;
295 } 328}
296 329
297ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e) 330ENGINE_GEN_INT_FUNC_PTR
298 { 331ENGINE_get_finish_function(const ENGINE *e)
332{
299 return e->finish; 333 return e->finish;
300 } 334}
301 335
302ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e) 336ENGINE_CTRL_FUNC_PTR
303 { 337ENGINE_get_ctrl_function(const ENGINE *e)
338{
304 return e->ctrl; 339 return e->ctrl;
305 } 340}
306 341
307int ENGINE_get_flags(const ENGINE *e) 342int
308 { 343ENGINE_get_flags(const ENGINE *e)
344{
309 return e->flags; 345 return e->flags;
310 } 346}
311 347
312const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e) 348const ENGINE_CMD_DEFN *
313 { 349ENGINE_get_cmd_defns(const ENGINE *e)
350{
314 return e->cmd_defns; 351 return e->cmd_defns;
315 } 352}
316 353
317/* eng_lib.o is pretty much linked into anything that touches ENGINE already, so 354/* eng_lib.o is pretty much linked into anything that touches ENGINE already, so
318 * put the "static_state" hack here. */ 355 * put the "static_state" hack here. */
319 356
320static int internal_static_hack = 0; 357static int internal_static_hack = 0;
321 358
322void *ENGINE_get_static_state(void) 359void *
323 { 360ENGINE_get_static_state(void)
361{
324 return &internal_static_hack; 362 return &internal_static_hack;
325 } 363}
diff --git a/src/lib/libssl/src/crypto/engine/eng_openssl.c b/src/lib/libssl/src/crypto/engine/eng_openssl.c
index f7cd8df622..9ba61dd842 100644
--- a/src/lib/libssl/src/crypto/engine/eng_openssl.c
+++ b/src/lib/libssl/src/crypto/engine/eng_openssl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_openssl.c,v 1.5 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: eng_openssl.c,v 1.6 2014/06/22 12:05:09 jsing Exp $ */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL 2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -57,7 +57,7 @@
57 */ 57 */
58/* ==================================================================== 58/* ====================================================================
59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
60 * ECDH support in OpenSSL originally developed by 60 * ECDH support in OpenSSL originally developed by
61 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 61 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
62 */ 62 */
63 63
@@ -106,21 +106,21 @@
106#undef TEST_ENG_OPENSSL_SHA_OTHERS 106#undef TEST_ENG_OPENSSL_SHA_OTHERS
107#undef TEST_ENG_OPENSSL_SHA_P_INIT 107#undef TEST_ENG_OPENSSL_SHA_P_INIT
108#undef TEST_ENG_OPENSSL_SHA_P_UPDATE 108#undef TEST_ENG_OPENSSL_SHA_P_UPDATE
109#undef TEST_ENG_OPENSSL_SHA_P_FINAL 109#undef TEST_ENG_OPENSSL_SHA_P_FINAL
110#endif 110#endif
111 111
112#ifdef TEST_ENG_OPENSSL_RC4 112#ifdef TEST_ENG_OPENSSL_RC4
113static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, 113static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
114 const int **nids, int nid); 114 const int **nids, int nid);
115#endif 115#endif
116#ifdef TEST_ENG_OPENSSL_SHA 116#ifdef TEST_ENG_OPENSSL_SHA
117static int openssl_digests(ENGINE *e, const EVP_MD **digest, 117static int openssl_digests(ENGINE *e, const EVP_MD **digest,
118 const int **nids, int nid); 118 const int **nids, int nid);
119#endif 119#endif
120 120
121#ifdef TEST_ENG_OPENSSL_PKEY 121#ifdef TEST_ENG_OPENSSL_PKEY
122static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id, 122static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
123 UI_METHOD *ui_method, void *callback_data); 123 UI_METHOD *ui_method, void *callback_data);
124#endif 124#endif
125 125
126/* The constants used when creating the ENGINE */ 126/* The constants used when creating the ENGINE */
@@ -129,79 +129,85 @@ static const char *engine_openssl_name = "Software engine support";
129 129
130/* This internal function is used by ENGINE_openssl() and possibly by the 130/* This internal function is used by ENGINE_openssl() and possibly by the
131 * "dynamic" ENGINE support too */ 131 * "dynamic" ENGINE support too */
132static int bind_helper(ENGINE *e) 132static int
133 { 133bind_helper(ENGINE *e)
134 if(!ENGINE_set_id(e, engine_openssl_id) 134{
135 || !ENGINE_set_name(e, engine_openssl_name) 135 if (!ENGINE_set_id(e, engine_openssl_id) ||
136 !ENGINE_set_name(e, engine_openssl_name)
136#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS 137#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
137#ifndef OPENSSL_NO_RSA 138#ifndef OPENSSL_NO_RSA
138 || !ENGINE_set_RSA(e, RSA_get_default_method()) 139 || !ENGINE_set_RSA(e, RSA_get_default_method())
139#endif 140#endif
140#ifndef OPENSSL_NO_DSA 141#ifndef OPENSSL_NO_DSA
141 || !ENGINE_set_DSA(e, DSA_get_default_method()) 142 || !ENGINE_set_DSA(e, DSA_get_default_method())
142#endif 143#endif
143#ifndef OPENSSL_NO_ECDH 144#ifndef OPENSSL_NO_ECDH
144 || !ENGINE_set_ECDH(e, ECDH_OpenSSL()) 145 || !ENGINE_set_ECDH(e, ECDH_OpenSSL())
145#endif 146#endif
146#ifndef OPENSSL_NO_ECDSA 147#ifndef OPENSSL_NO_ECDSA
147 || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL()) 148 || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
148#endif 149#endif
149#ifndef OPENSSL_NO_DH 150#ifndef OPENSSL_NO_DH
150 || !ENGINE_set_DH(e, DH_get_default_method()) 151 || !ENGINE_set_DH(e, DH_get_default_method())
151#endif 152#endif
152 || !ENGINE_set_RAND(e, RAND_SSLeay()) 153 || !ENGINE_set_RAND(e, RAND_SSLeay())
153#ifdef TEST_ENG_OPENSSL_RC4 154#ifdef TEST_ENG_OPENSSL_RC4
154 || !ENGINE_set_ciphers(e, openssl_ciphers) 155 || !ENGINE_set_ciphers(e, openssl_ciphers)
155#endif 156#endif
156#ifdef TEST_ENG_OPENSSL_SHA 157#ifdef TEST_ENG_OPENSSL_SHA
157 || !ENGINE_set_digests(e, openssl_digests) 158 || !ENGINE_set_digests(e, openssl_digests)
158#endif 159#endif
159#endif 160#endif
160#ifdef TEST_ENG_OPENSSL_PKEY 161#ifdef TEST_ENG_OPENSSL_PKEY
161 || !ENGINE_set_load_privkey_function(e, openssl_load_privkey) 162 || !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
162#endif 163#endif
163 ) 164 )
164 return 0; 165 return 0;
165 /* If we add errors to this ENGINE, ensure the error handling is setup here */ 166 /* If we add errors to this ENGINE, ensure the error handling is setup here */
166 /* openssl_load_error_strings(); */ 167 /* openssl_load_error_strings(); */
167 return 1; 168 return 1;
168 } 169}
169 170
170static ENGINE *engine_openssl(void) 171static ENGINE *
171 { 172engine_openssl(void)
173{
172 ENGINE *ret = ENGINE_new(); 174 ENGINE *ret = ENGINE_new();
173 if(!ret) 175
176 if (!ret)
174 return NULL; 177 return NULL;
175 if(!bind_helper(ret)) 178 if (!bind_helper(ret)) {
176 {
177 ENGINE_free(ret); 179 ENGINE_free(ret);
178 return NULL; 180 return NULL;
179 }
180 return ret;
181 } 181 }
182 return ret;
183}
182 184
183void ENGINE_load_openssl(void) 185void
184 { 186ENGINE_load_openssl(void)
187{
185 ENGINE *toadd = engine_openssl(); 188 ENGINE *toadd = engine_openssl();
186 if(!toadd) return; 189
190 if (!toadd)
191 return;
187 ENGINE_add(toadd); 192 ENGINE_add(toadd);
188 /* If the "add" worked, it gets a structural reference. So either way, 193 /* If the "add" worked, it gets a structural reference. So either way,
189 * we release our just-created reference. */ 194 * we release our just-created reference. */
190 ENGINE_free(toadd); 195 ENGINE_free(toadd);
191 ERR_clear_error(); 196 ERR_clear_error();
192 } 197}
193 198
194/* This stuff is needed if this ENGINE is being compiled into a self-contained 199/* This stuff is needed if this ENGINE is being compiled into a self-contained
195 * shared-library. */ 200 * shared-library. */
196#ifdef ENGINE_DYNAMIC_SUPPORT 201#ifdef ENGINE_DYNAMIC_SUPPORT
197static int bind_fn(ENGINE *e, const char *id) 202static int
198 { 203bind_fn(ENGINE *e, const char *id)
199 if(id && (strcmp(id, engine_openssl_id) != 0)) 204{
205 if (id && (strcmp(id, engine_openssl_id) != 0))
200 return 0; 206 return 0;
201 if(!bind_helper(e)) 207 if (!bind_helper(e))
202 return 0; 208 return 0;
203 return 1; 209 return 1;
204 } 210}
205IMPLEMENT_DYNAMIC_CHECK_FN() 211IMPLEMENT_DYNAMIC_CHECK_FN()
206IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) 212IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
207#endif /* ENGINE_DYNAMIC_SUPPORT */ 213#endif /* ENGINE_DYNAMIC_SUPPORT */
@@ -219,37 +225,42 @@ IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
219 */ 225 */
220#include <openssl/rc4.h> 226#include <openssl/rc4.h>
221#define TEST_RC4_KEY_SIZE 16 227#define TEST_RC4_KEY_SIZE 16
222static int test_cipher_nids[] = {NID_rc4,NID_rc4_40}; 228static int test_cipher_nids[] = {NID_rc4, NID_rc4_40};
223static int test_cipher_nids_number = 2; 229static int test_cipher_nids_number = 2;
230
224typedef struct { 231typedef struct {
225 unsigned char key[TEST_RC4_KEY_SIZE]; 232 unsigned char key[TEST_RC4_KEY_SIZE];
226 RC4_KEY ks; 233 RC4_KEY ks;
227 } TEST_RC4_KEY; 234} TEST_RC4_KEY;
235
228#define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data) 236#define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data)
229static int test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 237static int
230 const unsigned char *iv, int enc) 238test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
231 { 239 const unsigned char *iv, int enc)
240{
232#ifdef TEST_ENG_OPENSSL_RC4_P_INIT 241#ifdef TEST_ENG_OPENSSL_RC4_P_INIT
233 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n"); 242 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n");
234#endif 243#endif
235 memcpy(&test(ctx)->key[0],key,EVP_CIPHER_CTX_key_length(ctx)); 244 memcpy(&test(ctx)->key[0], key, EVP_CIPHER_CTX_key_length(ctx));
236 RC4_set_key(&test(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx), 245 RC4_set_key(&test(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
237 test(ctx)->key); 246 test(ctx)->key);
238 return 1; 247 return 1;
239 } 248}
240static int test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 249
241 const unsigned char *in, size_t inl) 250static int
242 { 251test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
252 const unsigned char *in, size_t inl)
253{
243#ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER 254#ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER
244 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n"); 255 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n");
245#endif 256#endif
246 RC4(&test(ctx)->ks,inl,in,out); 257 RC4(&test(ctx)->ks, inl, in, out);
247 return 1; 258 return 1;
248 } 259}
249static const EVP_CIPHER test_r4_cipher= 260
250 { 261static const EVP_CIPHER test_r4_cipher = {
251 NID_rc4, 262 NID_rc4,
252 1,TEST_RC4_KEY_SIZE,0, 263 1, TEST_RC4_KEY_SIZE, 0,
253 EVP_CIPH_VARIABLE_LENGTH, 264 EVP_CIPH_VARIABLE_LENGTH,
254 test_rc4_init_key, 265 test_rc4_init_key,
255 test_rc4_cipher, 266 test_rc4_cipher,
@@ -259,9 +270,9 @@ static const EVP_CIPHER test_r4_cipher=
259 NULL, 270 NULL,
260 NULL, 271 NULL,
261 NULL 272 NULL
262 }; 273};
263static const EVP_CIPHER test_r4_40_cipher= 274
264 { 275static const EVP_CIPHER test_r4_40_cipher = {
265 NID_rc4_40, 276 NID_rc4_40,
266 1,5 /* 40 bit */,0, 277 1,5 /* 40 bit */,0,
267 EVP_CIPH_VARIABLE_LENGTH, 278 EVP_CIPH_VARIABLE_LENGTH,
@@ -269,36 +280,35 @@ static const EVP_CIPHER test_r4_40_cipher=
269 test_rc4_cipher, 280 test_rc4_cipher,
270 NULL, 281 NULL,
271 sizeof(TEST_RC4_KEY), 282 sizeof(TEST_RC4_KEY),
272 NULL, 283 NULL,
273 NULL, 284 NULL,
274 NULL, 285 NULL,
275 NULL 286 NULL
276 }; 287};
277static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, 288
278 const int **nids, int nid) 289static int
279 { 290openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid)
280 if(!cipher) 291{
281 { 292 if (!cipher) {
282 /* We are returning a list of supported nids */ 293 /* We are returning a list of supported nids */
283 *nids = test_cipher_nids; 294 *nids = test_cipher_nids;
284 return test_cipher_nids_number; 295 return test_cipher_nids_number;
285 } 296 }
286 /* We are being asked for a specific cipher */ 297 /* We are being asked for a specific cipher */
287 if(nid == NID_rc4) 298 if (nid == NID_rc4)
288 *cipher = &test_r4_cipher; 299 *cipher = &test_r4_cipher;
289 else if(nid == NID_rc4_40) 300 else if (nid == NID_rc4_40)
290 *cipher = &test_r4_40_cipher; 301 *cipher = &test_r4_40_cipher;
291 else 302 else {
292 {
293#ifdef TEST_ENG_OPENSSL_RC4_OTHERS 303#ifdef TEST_ENG_OPENSSL_RC4_OTHERS
294 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for " 304 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for "
295 "nid %d\n", nid); 305 "nid %d\n", nid);
296#endif 306#endif
297 *cipher = NULL; 307 *cipher = NULL;
298 return 0; 308 return 0;
299 }
300 return 1;
301 } 309 }
310 return 1;
311}
302#endif 312#endif
303 313
304#ifdef TEST_ENG_OPENSSL_SHA 314#ifdef TEST_ENG_OPENSSL_SHA
@@ -306,29 +316,35 @@ static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
306#include <openssl/sha.h> 316#include <openssl/sha.h>
307static int test_digest_nids[] = {NID_sha1}; 317static int test_digest_nids[] = {NID_sha1};
308static int test_digest_nids_number = 1; 318static int test_digest_nids_number = 1;
309static int test_sha1_init(EVP_MD_CTX *ctx) 319
310 { 320static int
321test_sha1_init(EVP_MD_CTX *ctx)
322{
311#ifdef TEST_ENG_OPENSSL_SHA_P_INIT 323#ifdef TEST_ENG_OPENSSL_SHA_P_INIT
312 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n"); 324 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n");
313#endif 325#endif
314 return SHA1_Init(ctx->md_data); 326 return SHA1_Init(ctx->md_data);
315 } 327}
316static int test_sha1_update(EVP_MD_CTX *ctx,const void *data,size_t count) 328
317 { 329static int
330test_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count)
331{
318#ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE 332#ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE
319 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n"); 333 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n");
320#endif 334#endif
321 return SHA1_Update(ctx->md_data,data,count); 335 return SHA1_Update(ctx->md_data, data, count);
322 } 336}
323static int test_sha1_final(EVP_MD_CTX *ctx,unsigned char *md) 337
324 { 338static int
339test_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
340{
325#ifdef TEST_ENG_OPENSSL_SHA_P_FINAL 341#ifdef TEST_ENG_OPENSSL_SHA_P_FINAL
326 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n"); 342 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n");
327#endif 343#endif
328 return SHA1_Final(md,ctx->md_data); 344 return SHA1_Final(md, ctx->md_data);
329 } 345}
330static const EVP_MD test_sha_md= 346
331 { 347static const EVP_MD test_sha_md = {
332 NID_sha1, 348 NID_sha1,
333 NID_sha1WithRSAEncryption, 349 NID_sha1WithRSAEncryption,
334 SHA_DIGEST_LENGTH, 350 SHA_DIGEST_LENGTH,
@@ -340,45 +356,47 @@ static const EVP_MD test_sha_md=
340 NULL, 356 NULL,
341 EVP_PKEY_RSA_method, 357 EVP_PKEY_RSA_method,
342 SHA_CBLOCK, 358 SHA_CBLOCK,
343 sizeof(EVP_MD *)+sizeof(SHA_CTX), 359 sizeof(EVP_MD *) + sizeof(SHA_CTX),
344 }; 360};
345static int openssl_digests(ENGINE *e, const EVP_MD **digest, 361
346 const int **nids, int nid) 362static int
347 { 363openssl_digests(ENGINE *e, const EVP_MD **digest, const int **nids, int nid)
348 if(!digest) 364{
349 { 365 if (!digest) {
350 /* We are returning a list of supported nids */ 366 /* We are returning a list of supported nids */
351 *nids = test_digest_nids; 367 *nids = test_digest_nids;
352 return test_digest_nids_number; 368 return test_digest_nids_number;
353 } 369 }
354 /* We are being asked for a specific digest */ 370 /* We are being asked for a specific digest */
355 if(nid == NID_sha1) 371 if (nid == NID_sha1)
356 *digest = &test_sha_md; 372 *digest = &test_sha_md;
357 else 373 else {
358 {
359#ifdef TEST_ENG_OPENSSL_SHA_OTHERS 374#ifdef TEST_ENG_OPENSSL_SHA_OTHERS
360 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for " 375 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for "
361 "nid %d\n", nid); 376 "nid %d\n", nid);
362#endif 377#endif
363 *digest = NULL; 378 *digest = NULL;
364 return 0; 379 return 0;
365 }
366 return 1;
367 } 380 }
381 return 1;
382}
368#endif 383#endif
369 384
370#ifdef TEST_ENG_OPENSSL_PKEY 385#ifdef TEST_ENG_OPENSSL_PKEY
371static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id, 386static EVP_PKEY *
372 UI_METHOD *ui_method, void *callback_data) 387openssl_load_privkey(ENGINE *eng, const char *key_id, UI_METHOD *ui_method,
373 { 388 void *callback_data)
389{
374 BIO *in; 390 BIO *in;
375 EVP_PKEY *key; 391 EVP_PKEY *key;
376 fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n", key_id); 392
393 fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n",
394 key_id);
377 in = BIO_new_file(key_id, "r"); 395 in = BIO_new_file(key_id, "r");
378 if (!in) 396 if (!in)
379 return NULL; 397 return NULL;
380 key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL); 398 key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL);
381 BIO_free(in); 399 BIO_free(in);
382 return key; 400 return key;
383 } 401}
384#endif 402#endif
diff --git a/src/lib/libssl/src/crypto/engine/eng_padlock.c b/src/lib/libssl/src/crypto/engine/eng_padlock.c
index 0245f44de6..936a440b1a 100644
--- a/src/lib/libssl/src/crypto/engine/eng_padlock.c
+++ b/src/lib/libssl/src/crypto/engine/eng_padlock.c
@@ -1,11 +1,11 @@
1/* $OpenBSD: eng_padlock.c,v 1.10 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: eng_padlock.c,v 1.11 2014/06/22 12:05:09 jsing Exp $ */
2/* 2/*
3 * Support for VIA PadLock Advanced Cryptography Engine (ACE) 3 * Support for VIA PadLock Advanced Cryptography Engine (ACE)
4 * Written by Michal Ludvig <michal@logix.cz> 4 * Written by Michal Ludvig <michal@logix.cz>
5 * http://www.logix.cz/michal 5 * http://www.logix.cz/michal
6 * 6 *
7 * Big thanks to Andy Polyakov for a help with optimization, 7 * Big thanks to Andy Polyakov for a help with optimization,
8 * assembler fixes, port to MS Windows and a lot of other 8 * assembler fixes, port to MS Windows and a lot of other
9 * valuable work on this engine! 9 * valuable work on this engine!
10 */ 10 */
11 11
@@ -97,7 +97,7 @@
97/* VIA PadLock AES is available *ONLY* on some x86 CPUs. 97/* VIA PadLock AES is available *ONLY* on some x86 CPUs.
98 Not only that it doesn't exist elsewhere, but it 98 Not only that it doesn't exist elsewhere, but it
99 even can't be compiled on other platforms! 99 even can't be compiled on other platforms!
100 100
101 In addition, because of the heavy use of inline assembler, 101 In addition, because of the heavy use of inline assembler,
102 compiler choice is limited to GCC and Microsoft C. */ 102 compiler choice is limited to GCC and Microsoft C. */
103#undef COMPILE_HW_PADLOCK 103#undef COMPILE_HW_PADLOCK
@@ -117,7 +117,8 @@ void ENGINE_load_padlock (void)
117/* On non-x86 CPUs it just returns. */ 117/* On non-x86 CPUs it just returns. */
118#ifdef COMPILE_HW_PADLOCK 118#ifdef COMPILE_HW_PADLOCK
119 ENGINE *toadd = ENGINE_padlock (); 119 ENGINE *toadd = ENGINE_padlock ();
120 if (!toadd) return; 120 if (!toadd)
121 return;
121 ENGINE_add (toadd); 122 ENGINE_add (toadd);
122 ENGINE_free (toadd); 123 ENGINE_free (toadd);
123 ERR_clear_error (); 124 ERR_clear_error ();
@@ -169,19 +170,18 @@ padlock_bind_helper(ENGINE *e)
169 padlock_available(); 170 padlock_available();
170 171
171#if 1 /* disable RNG for now, see commentary in vicinity of RNG code */ 172#if 1 /* disable RNG for now, see commentary in vicinity of RNG code */
172 padlock_use_rng=0; 173 padlock_use_rng = 0;
173#endif 174#endif
174 175
175 /* Generate a nice engine name with available features */ 176 /* Generate a nice engine name with available features */
176 (void) snprintf(padlock_name, sizeof(padlock_name), 177 (void) snprintf(padlock_name, sizeof(padlock_name),
177 "VIA PadLock (%s, %s)", 178 "VIA PadLock (%s, %s)",
178 padlock_use_rng ? "RNG" : "no-RNG", 179 padlock_use_rng ? "RNG" : "no-RNG",
179 padlock_use_ace ? "ACE" : "no-ACE"); 180 padlock_use_ace ? "ACE" : "no-ACE");
180 181
181 /* Register everything or return with an error */ 182 /* Register everything or return with an error */
182 if (!ENGINE_set_id(e, padlock_id) || 183 if (!ENGINE_set_id(e, padlock_id) ||
183 !ENGINE_set_name(e, padlock_name) || 184 !ENGINE_set_name(e, padlock_name) ||
184
185 !ENGINE_set_init_function(e, padlock_init) || 185 !ENGINE_set_init_function(e, padlock_init) ||
186#ifndef OPENSSL_NO_AES 186#ifndef OPENSSL_NO_AES
187 (padlock_use_ace && !ENGINE_set_ciphers (e, padlock_ciphers)) || 187 (padlock_use_ace && !ENGINE_set_ciphers (e, padlock_ciphers)) ||
@@ -254,26 +254,26 @@ IMPLEMENT_DYNAMIC_BIND_FN (padlock_bind_fn)
254#define AES_KEY_SIZE_192 24 254#define AES_KEY_SIZE_192 24
255#define AES_KEY_SIZE_256 32 255#define AES_KEY_SIZE_256 32
256 256
257/* Here we store the status information relevant to the 257/* Here we store the status information relevant to the
258 current context. */ 258 current context. */
259/* BIG FAT WARNING: 259/* BIG FAT WARNING:
260 * Inline assembler in PADLOCK_XCRYPT_ASM() 260 * Inline assembler in PADLOCK_XCRYPT_ASM()
261 * depends on the order of items in this structure. 261 * depends on the order of items in this structure.
262 * Don't blindly modify, reorder, etc! 262 * Don't blindly modify, reorder, etc!
263 */ 263 */
264struct padlock_cipher_data 264struct padlock_cipher_data {
265{
266 unsigned char iv[AES_BLOCK_SIZE]; /* Initialization vector */ 265 unsigned char iv[AES_BLOCK_SIZE]; /* Initialization vector */
267 union { unsigned int pad[4]; 266 union {
267 unsigned int pad[4];
268 struct { 268 struct {
269 int rounds:4; 269 int rounds : 4;
270 int dgst:1; /* n/a in C3 */ 270 int dgst : 1; /* n/a in C3 */
271 int align:1; /* n/a in C3 */ 271 int align : 1; /* n/a in C3 */
272 int ciphr:1; /* n/a in C3 */ 272 int ciphr : 1; /* n/a in C3 */
273 unsigned int keygen:1; 273 unsigned int keygen : 1;
274 int interm:1; 274 int interm : 1;
275 unsigned int encdec:1; 275 unsigned int encdec : 1;
276 int ksize:2; 276 int ksize : 2;
277 } b; 277 } b;
278 } cword; /* Control word */ 278 } cword; /* Control word */
279 AES_KEY ks; /* Encryption key */ 279 AES_KEY ks; /* Encryption key */
@@ -313,23 +313,23 @@ padlock_insn_cpuid_available(void)
313{ 313{
314 int result = -1; 314 int result = -1;
315 315
316 /* We're checking if the bit #21 of EFLAGS 316 /* We're checking if the bit #21 of EFLAGS
317 can be toggled. If yes = CPUID is available. */ 317 can be toggled. If yes = CPUID is available. */
318 asm volatile ( 318 asm volatile (
319 "pushf\n" 319 "pushf\n"
320 "popl %%eax\n" 320 "popl %%eax\n"
321 "xorl $0x200000, %%eax\n" 321 "xorl $0x200000, %%eax\n"
322 "movl %%eax, %%ecx\n" 322 "movl %%eax, %%ecx\n"
323 "andl $0x200000, %%ecx\n" 323 "andl $0x200000, %%ecx\n"
324 "pushl %%eax\n" 324 "pushl %%eax\n"
325 "popf\n" 325 "popf\n"
326 "pushf\n" 326 "pushf\n"
327 "popl %%eax\n" 327 "popl %%eax\n"
328 "andl $0x200000, %%eax\n" 328 "andl $0x200000, %%eax\n"
329 "xorl %%eax, %%ecx\n" 329 "xorl %%eax, %%ecx\n"
330 "movl %%ecx, %0\n" 330 "movl %%ecx, %0\n"
331 : "=r" (result) : : "eax", "ecx"); 331 : "=r" (result) : : "eax", "ecx");
332 332
333 return (result == 0); 333 return (result == 0);
334} 334}
335 335
@@ -349,31 +349,31 @@ padlock_available(void)
349 eax = 0x00000000; 349 eax = 0x00000000;
350 vendor_string[12] = 0; 350 vendor_string[12] = 0;
351 asm volatile ( 351 asm volatile (
352 "pushl %%ebx\n" 352 "pushl %%ebx\n"
353 "cpuid\n" 353 "cpuid\n"
354 "movl %%ebx,(%%edi)\n" 354 "movl %%ebx,(%%edi)\n"
355 "movl %%edx,4(%%edi)\n" 355 "movl %%edx,4(%%edi)\n"
356 "movl %%ecx,8(%%edi)\n" 356 "movl %%ecx,8(%%edi)\n"
357 "popl %%ebx" 357 "popl %%ebx"
358 : "+a"(eax) : "D"(vendor_string) : "ecx", "edx"); 358 : "+a"(eax) : "D"(vendor_string) : "ecx", "edx");
359 if (strcmp(vendor_string, "CentaurHauls") != 0) 359 if (strcmp(vendor_string, "CentaurHauls") != 0)
360 return 0; 360 return 0;
361 361
362 /* Check for Centaur Extended Feature Flags presence */ 362 /* Check for Centaur Extended Feature Flags presence */
363 eax = 0xC0000000; 363 eax = 0xC0000000;
364 asm volatile ("pushl %%ebx; cpuid; popl %%ebx" 364 asm volatile ("pushl %%ebx; cpuid; popl %%ebx"
365 : "+a"(eax) : : "ecx", "edx"); 365 : "+a"(eax) : : "ecx", "edx");
366 if (eax < 0xC0000001) 366 if (eax < 0xC0000001)
367 return 0; 367 return 0;
368 368
369 /* Read the Centaur Extended Feature Flags */ 369 /* Read the Centaur Extended Feature Flags */
370 eax = 0xC0000001; 370 eax = 0xC0000001;
371 asm volatile ("pushl %%ebx; cpuid; popl %%ebx" 371 asm volatile ("pushl %%ebx; cpuid; popl %%ebx"
372 : "+a"(eax), "=d"(edx) : : "ecx"); 372 : "+a"(eax), "=d"(edx) : : "ecx");
373 373
374 /* Fill up some flags */ 374 /* Fill up some flags */
375 padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6)); 375 padlock_use_ace = ((edx & (0x3 << 6)) == (0x3 << 6));
376 padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2)); 376 padlock_use_rng = ((edx & (0x3 << 2)) == (0x3 << 2));
377 377
378 return padlock_use_ace + padlock_use_rng; 378 return padlock_use_ace + padlock_use_rng;
379} 379}
@@ -394,7 +394,7 @@ padlock_bswapl(AES_KEY *ks)
394#endif 394#endif
395 395
396/* Force key reload from memory to the CPU microcode. 396/* Force key reload from memory to the CPU microcode.
397 Loading EFLAGS from the stack clears EFLAGS[30] 397 Loading EFLAGS from the stack clears EFLAGS[30]
398 which does the trick. */ 398 which does the trick. */
399static inline void 399static inline void
400padlock_reload_key(void) 400padlock_reload_key(void)
@@ -416,21 +416,21 @@ static inline void
416padlock_verify_context(struct padlock_cipher_data *cdata) 416padlock_verify_context(struct padlock_cipher_data *cdata)
417{ 417{
418 asm volatile ( 418 asm volatile (
419 "pushfl\n" 419 "pushfl\n"
420" btl $30,(%%esp)\n" 420 " btl $30,(%%esp)\n"
421" jnc 1f\n" 421 " jnc 1f\n"
422" cmpl %2,%1\n" 422 " cmpl %2,%1\n"
423" je 1f\n" 423 " je 1f\n"
424" popfl\n" 424 " popfl\n"
425" subl $4,%%esp\n" 425 " subl $4,%%esp\n"
426"1: addl $4,%%esp\n" 426 "1: addl $4,%%esp\n"
427" movl %2,%0" 427 " movl %2,%0"
428 :"+m"(padlock_saved_context) 428 :"+m"(padlock_saved_context)
429 : "r"(padlock_saved_context), "r"(cdata) : "cc"); 429 : "r"(padlock_saved_context), "r"(cdata) : "cc");
430} 430}
431 431
432/* Template for padlock_xcrypt_* modes */ 432/* Template for padlock_xcrypt_* modes */
433/* BIG FAT WARNING: 433/* BIG FAT WARNING:
434 * The offsets used with 'leal' instructions 434 * The offsets used with 'leal' instructions
435 * describe items of the 'padlock_cipher_data' 435 * describe items of the 'padlock_cipher_data'
436 * structure. 436 * structure.
@@ -465,9 +465,9 @@ padlock_xstore(void *addr, unsigned int edx_in)
465 unsigned int eax_out; 465 unsigned int eax_out;
466 466
467 asm volatile (".byte 0x0f,0xa7,0xc0" /* xstore */ 467 asm volatile (".byte 0x0f,0xa7,0xc0" /* xstore */
468 : "=a"(eax_out),"=m"(*(unsigned *)addr) 468 : "=a"(eax_out),"=m"(*(unsigned *)addr)
469 : "D"(addr), "d" (edx_in) 469 : "D"(addr), "d" (edx_in)
470 ); 470 );
471 471
472 return eax_out; 472 return eax_out;
473} 473}
@@ -482,15 +482,16 @@ padlock_xstore(void *addr, unsigned int edx_in)
482 * In case you wonder 'rep xcrypt*' instructions above are *not* 482 * In case you wonder 'rep xcrypt*' instructions above are *not*
483 * affected by the Direction Flag and pointers advance toward 483 * affected by the Direction Flag and pointers advance toward
484 * larger addresses unconditionally. 484 * larger addresses unconditionally.
485 */ 485 */
486static inline unsigned char * 486static inline unsigned char *
487padlock_memcpy(void *dst,const void *src,size_t n) 487padlock_memcpy(void *dst, const void *src, size_t n)
488{ 488{
489 long *d=dst; 489 long *d = dst;
490 const long *s=src; 490 const long *s = src;
491 491
492 n /= sizeof(*d); 492 n /= sizeof(*d);
493 do { *d++ = *s++; } while (--n); 493 do { *d++ = *s++;
494 } while (--n);
494 495
495 return dst; 496 return dst;
496} 497}
@@ -541,13 +542,13 @@ static int padlock_cipher_nids[] = {
541 NID_aes_256_ofb, 542 NID_aes_256_ofb,
542}; 543};
543static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids)/ 544static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids)/
544 sizeof(padlock_cipher_nids[0])); 545sizeof(padlock_cipher_nids[0]));
545 546
546/* Function prototypes ... */ 547/* Function prototypes ... */
547static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 548static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
548 const unsigned char *iv, int enc); 549 const unsigned char *iv, int enc);
549static int padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 550static int padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
550 const unsigned char *in, size_t nbytes); 551 const unsigned char *in, size_t nbytes);
551 552
552#define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \ 553#define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \
553 ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F ) ) 554 ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F ) )
@@ -578,23 +579,23 @@ static const EVP_CIPHER padlock_aes_##ksize##_##lmode = { \
578 NULL \ 579 NULL \
579} 580}
580 581
581DECLARE_AES_EVP(128,ecb,ECB); 582DECLARE_AES_EVP(128, ecb, ECB);
582DECLARE_AES_EVP(128,cbc,CBC); 583DECLARE_AES_EVP(128, cbc, CBC);
583DECLARE_AES_EVP(128,cfb,CFB); 584DECLARE_AES_EVP(128, cfb, CFB);
584DECLARE_AES_EVP(128,ofb,OFB); 585DECLARE_AES_EVP(128, ofb, OFB);
585 586
586DECLARE_AES_EVP(192,ecb,ECB); 587DECLARE_AES_EVP(192, ecb, ECB);
587DECLARE_AES_EVP(192,cbc,CBC); 588DECLARE_AES_EVP(192, cbc, CBC);
588DECLARE_AES_EVP(192,cfb,CFB); 589DECLARE_AES_EVP(192, cfb, CFB);
589DECLARE_AES_EVP(192,ofb,OFB); 590DECLARE_AES_EVP(192, ofb, OFB);
590 591
591DECLARE_AES_EVP(256,ecb,ECB); 592DECLARE_AES_EVP(256, ecb, ECB);
592DECLARE_AES_EVP(256,cbc,CBC); 593DECLARE_AES_EVP(256, cbc, CBC);
593DECLARE_AES_EVP(256,cfb,CFB); 594DECLARE_AES_EVP(256, cfb, CFB);
594DECLARE_AES_EVP(256,ofb,OFB); 595DECLARE_AES_EVP(256, ofb, OFB);
595 596
596static int 597static int
597padlock_ciphers (ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid) 598padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid)
598{ 599{
599 /* No specific cipher => return a list of supported nids ... */ 600 /* No specific cipher => return a list of supported nids ... */
600 if (!cipher) { 601 if (!cipher) {
@@ -604,49 +605,46 @@ padlock_ciphers (ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid
604 605
605 /* ... or the requested "cipher" otherwise */ 606 /* ... or the requested "cipher" otherwise */
606 switch (nid) { 607 switch (nid) {
607 case NID_aes_128_ecb: 608 case NID_aes_128_ecb:
608 *cipher = &padlock_aes_128_ecb; 609 *cipher = &padlock_aes_128_ecb;
609 break; 610 break;
610 case NID_aes_128_cbc: 611 case NID_aes_128_cbc:
611 *cipher = &padlock_aes_128_cbc; 612 *cipher = &padlock_aes_128_cbc;
612 break; 613 break;
613 case NID_aes_128_cfb: 614 case NID_aes_128_cfb:
614 *cipher = &padlock_aes_128_cfb; 615 *cipher = &padlock_aes_128_cfb;
615 break; 616 break;
616 case NID_aes_128_ofb: 617 case NID_aes_128_ofb:
617 *cipher = &padlock_aes_128_ofb; 618 *cipher = &padlock_aes_128_ofb;
618 break; 619 break;
619 620 case NID_aes_192_ecb:
620 case NID_aes_192_ecb: 621 *cipher = &padlock_aes_192_ecb;
621 *cipher = &padlock_aes_192_ecb; 622 break;
622 break; 623 case NID_aes_192_cbc:
623 case NID_aes_192_cbc: 624 *cipher = &padlock_aes_192_cbc;
624 *cipher = &padlock_aes_192_cbc; 625 break;
625 break; 626 case NID_aes_192_cfb:
626 case NID_aes_192_cfb: 627 *cipher = &padlock_aes_192_cfb;
627 *cipher = &padlock_aes_192_cfb; 628 break;
628 break; 629 case NID_aes_192_ofb:
629 case NID_aes_192_ofb: 630 *cipher = &padlock_aes_192_ofb;
630 *cipher = &padlock_aes_192_ofb; 631 break;
631 break; 632 case NID_aes_256_ecb:
632 633 *cipher = &padlock_aes_256_ecb;
633 case NID_aes_256_ecb: 634 break;
634 *cipher = &padlock_aes_256_ecb; 635 case NID_aes_256_cbc:
635 break; 636 *cipher = &padlock_aes_256_cbc;
636 case NID_aes_256_cbc: 637 break;
637 *cipher = &padlock_aes_256_cbc; 638 case NID_aes_256_cfb:
638 break; 639 *cipher = &padlock_aes_256_cfb;
639 case NID_aes_256_cfb: 640 break;
640 *cipher = &padlock_aes_256_cfb; 641 case NID_aes_256_ofb:
641 break; 642 *cipher = &padlock_aes_256_ofb;
642 case NID_aes_256_ofb: 643 break;
643 *cipher = &padlock_aes_256_ofb; 644 default:
644 break; 645 /* Sorry, we don't support this NID */
645 646 *cipher = NULL;
646 default: 647 return 0;
647 /* Sorry, we don't support this NID */
648 *cipher = NULL;
649 return 0;
650 } 648 }
651 649
652 return 1; 650 return 1;
@@ -655,12 +653,13 @@ padlock_ciphers (ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid
655/* Prepare the encryption key for PadLock usage */ 653/* Prepare the encryption key for PadLock usage */
656static int 654static int
657padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key, 655padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key,
658 const unsigned char *iv, int enc) 656 const unsigned char *iv, int enc)
659{ 657{
660 struct padlock_cipher_data *cdata; 658 struct padlock_cipher_data *cdata;
661 int key_len = EVP_CIPHER_CTX_key_length(ctx) * 8; 659 int key_len = EVP_CIPHER_CTX_key_length(ctx) * 8;
662 660
663 if (key==NULL) return 0; /* ERROR */ 661 if (key == NULL)
662 return 0; /* ERROR */
664 663
665 cdata = ALIGNED_CIPHER_DATA(ctx); 664 cdata = ALIGNED_CIPHER_DATA(ctx);
666 memset(cdata, 0, sizeof(struct padlock_cipher_data)); 665 memset(cdata, 0, sizeof(struct padlock_cipher_data));
@@ -673,38 +672,38 @@ padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key,
673 cdata->cword.b.rounds = 10 + (key_len - 128) / 32; 672 cdata->cword.b.rounds = 10 + (key_len - 128) / 32;
674 cdata->cword.b.ksize = (key_len - 128) / 64; 673 cdata->cword.b.ksize = (key_len - 128) / 64;
675 674
676 switch(key_len) { 675 switch (key_len) {
677 case 128: 676 case 128:
678 /* PadLock can generate an extended key for 677 /* PadLock can generate an extended key for
679 AES128 in hardware */ 678 AES128 in hardware */
680 memcpy(cdata->ks.rd_key, key, AES_KEY_SIZE_128); 679 memcpy(cdata->ks.rd_key, key, AES_KEY_SIZE_128);
681 cdata->cword.b.keygen = 0; 680 cdata->cword.b.keygen = 0;
682 break; 681 break;
683 682
684 case 192: 683 case 192:
685 case 256: 684 case 256:
686 /* Generate an extended AES key in software. 685 /* Generate an extended AES key in software.
687 Needed for AES192/AES256 */ 686 Needed for AES192/AES256 */
688 /* Well, the above applies to Stepping 8 CPUs 687 /* Well, the above applies to Stepping 8 CPUs
689 and is listed as hardware errata. They most 688 and is listed as hardware errata. They most
690 likely will fix it at some point and then 689 likely will fix it at some point and then
691 a check for stepping would be due here. */ 690 a check for stepping would be due here. */
692 if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE || 691 if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE ||
693 EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE || 692 EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE ||
694 enc) 693 enc)
695 AES_set_encrypt_key(key, key_len, &cdata->ks); 694 AES_set_encrypt_key(key, key_len, &cdata->ks);
696 else 695 else
697 AES_set_decrypt_key(key, key_len, &cdata->ks); 696 AES_set_decrypt_key(key, key_len, &cdata->ks);
698#ifndef AES_ASM 697#ifndef AES_ASM
699 /* OpenSSL C functions use byte-swapped extended key. */ 698 /* OpenSSL C functions use byte-swapped extended key. */
700 padlock_bswapl(&cdata->ks); 699 padlock_bswapl(&cdata->ks);
701#endif 700#endif
702 cdata->cword.b.keygen = 1; 701 cdata->cword.b.keygen = 1;
703 break; 702 break;
704 703
705 default: 704 default:
706 /* ERROR */ 705 /* ERROR */
707 return 0; 706 return 0;
708 } 707 }
709 708
710 /* 709 /*
@@ -717,7 +716,7 @@ padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key,
717 return 1; 716 return 1;
718} 717}
719 718
720/* 719/*
721 * Simplified version of padlock_aes_cipher() used when 720 * Simplified version of padlock_aes_cipher() used when
722 * 1) both input and output buffers are at aligned addresses. 721 * 1) both input and output buffers are at aligned addresses.
723 * or when 722 * or when
@@ -725,7 +724,7 @@ padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key,
725 */ 724 */
726static int 725static int
727padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, 726padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
728 const unsigned char *in_arg, size_t nbytes) 727 const unsigned char *in_arg, size_t nbytes)
729{ 728{
730 struct padlock_cipher_data *cdata; 729 struct padlock_cipher_data *cdata;
731 void *iv; 730 void *iv;
@@ -735,24 +734,28 @@ padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
735 734
736 switch (EVP_CIPHER_CTX_mode(ctx)) { 735 switch (EVP_CIPHER_CTX_mode(ctx)) {
737 case EVP_CIPH_ECB_MODE: 736 case EVP_CIPH_ECB_MODE:
738 padlock_xcrypt_ecb(nbytes/AES_BLOCK_SIZE, cdata, out_arg, in_arg); 737 padlock_xcrypt_ecb(nbytes / AES_BLOCK_SIZE, cdata,
738 out_arg, in_arg);
739 break; 739 break;
740 740
741 case EVP_CIPH_CBC_MODE: 741 case EVP_CIPH_CBC_MODE:
742 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); 742 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
743 iv = padlock_xcrypt_cbc(nbytes/AES_BLOCK_SIZE, cdata, out_arg, in_arg); 743 iv = padlock_xcrypt_cbc(nbytes / AES_BLOCK_SIZE, cdata,
744 out_arg, in_arg);
744 memcpy(ctx->iv, iv, AES_BLOCK_SIZE); 745 memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
745 break; 746 break;
746 747
747 case EVP_CIPH_CFB_MODE: 748 case EVP_CIPH_CFB_MODE:
748 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); 749 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
749 iv = padlock_xcrypt_cfb(nbytes/AES_BLOCK_SIZE, cdata, out_arg, in_arg); 750 iv = padlock_xcrypt_cfb(nbytes / AES_BLOCK_SIZE, cdata,
751 out_arg, in_arg);
750 memcpy(ctx->iv, iv, AES_BLOCK_SIZE); 752 memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
751 break; 753 break;
752 754
753 case EVP_CIPH_OFB_MODE: 755 case EVP_CIPH_OFB_MODE:
754 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); 756 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
755 padlock_xcrypt_ofb(nbytes/AES_BLOCK_SIZE, cdata, out_arg, in_arg); 757 padlock_xcrypt_ofb(nbytes / AES_BLOCK_SIZE, cdata,
758 out_arg, in_arg);
756 memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE); 759 memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE);
757 break; 760 break;
758 761
@@ -772,23 +775,24 @@ padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
772# error "insane PADLOCK_CHUNK..." 775# error "insane PADLOCK_CHUNK..."
773#endif 776#endif
774 777
775/* Re-align the arguments to 16-Bytes boundaries and run the 778/* Re-align the arguments to 16-Bytes boundaries and run the
776 encryption function itself. This function is not AES-specific. */ 779 encryption function itself. This function is not AES-specific. */
777static int 780static int
778padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, 781padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
779 const unsigned char *in_arg, size_t nbytes) 782 const unsigned char *in_arg, size_t nbytes)
780{ 783{
781 struct padlock_cipher_data *cdata; 784 struct padlock_cipher_data *cdata;
782 const void *inp; 785 const void *inp;
783 unsigned char *out; 786 unsigned char *out;
784 void *iv; 787 void *iv;
785 int inp_misaligned, out_misaligned, realign_in_loop; 788 int inp_misaligned, out_misaligned, realign_in_loop;
786 size_t chunk, allocated=0; 789 size_t chunk, allocated = 0;
787 790
788 /* ctx->num is maintained in byte-oriented modes, 791 /* ctx->num is maintained in byte-oriented modes,
789 such as CFB and OFB... */ 792 such as CFB and OFB... */
790 if ((chunk = ctx->num)) { /* borrow chunk variable */ 793 if ((chunk = ctx->num)) {
791 unsigned char *ivp=ctx->iv; 794 /* borrow chunk variable */
795 unsigned char *ivp = ctx->iv;
792 796
793 switch (EVP_CIPHER_CTX_mode(ctx)) { 797 switch (EVP_CIPHER_CTX_mode(ctx)) {
794 case EVP_CIPH_CFB_MODE: 798 case EVP_CIPH_CFB_MODE:
@@ -796,28 +800,29 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
796 return 0; /* bogus value */ 800 return 0; /* bogus value */
797 801
798 if (ctx->encrypt) 802 if (ctx->encrypt)
799 while (chunk<AES_BLOCK_SIZE && nbytes!=0) { 803 while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
800 ivp[chunk] = *(out_arg++) = *(in_arg++) ^ ivp[chunk]; 804 ivp[chunk] = *(out_arg++) = *(in_arg++) ^ ivp[chunk];
801 chunk++, nbytes--; 805 chunk++, nbytes--;
802 } 806 }
803 else while (chunk<AES_BLOCK_SIZE && nbytes!=0) { 807 else
808 while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
804 unsigned char c = *(in_arg++); 809 unsigned char c = *(in_arg++);
805 *(out_arg++) = c ^ ivp[chunk]; 810 *(out_arg++) = c ^ ivp[chunk];
806 ivp[chunk++] = c, nbytes--; 811 ivp[chunk++] = c, nbytes--;
807 } 812 }
808 813
809 ctx->num = chunk%AES_BLOCK_SIZE; 814 ctx->num = chunk % AES_BLOCK_SIZE;
810 break; 815 break;
811 case EVP_CIPH_OFB_MODE: 816 case EVP_CIPH_OFB_MODE:
812 if (chunk >= AES_BLOCK_SIZE) 817 if (chunk >= AES_BLOCK_SIZE)
813 return 0; /* bogus value */ 818 return 0; /* bogus value */
814 819
815 while (chunk<AES_BLOCK_SIZE && nbytes!=0) { 820 while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
816 *(out_arg++) = *(in_arg++) ^ ivp[chunk]; 821 *(out_arg++) = *(in_arg++) ^ ivp[chunk];
817 chunk++, nbytes--; 822 chunk++, nbytes--;
818 } 823 }
819 824
820 ctx->num = chunk%AES_BLOCK_SIZE; 825 ctx->num = chunk % AES_BLOCK_SIZE;
821 break; 826 break;
822 } 827 }
823 } 828 }
@@ -841,8 +846,9 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
841 same as for software alignment below or ~3x. They promise to 846 same as for software alignment below or ~3x. They promise to
842 improve it in the future, but for now we can just as well 847 improve it in the future, but for now we can just as well
843 pretend that it can only handle aligned input... */ 848 pretend that it can only handle aligned input... */
844 if (!padlock_aes_align_required && (nbytes%AES_BLOCK_SIZE)==0) 849 if (!padlock_aes_align_required && (nbytes % AES_BLOCK_SIZE) == 0)
845 return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes); 850 return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg,
851 nbytes);
846 852
847 inp_misaligned = (((size_t)in_arg) & 0x0F); 853 inp_misaligned = (((size_t)in_arg) & 0x0F);
848 out_misaligned = (((size_t)out_arg) & 0x0F); 854 out_misaligned = (((size_t)out_arg) & 0x0F);
@@ -853,21 +859,22 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
853 * in order to improve L1 cache utilization... */ 859 * in order to improve L1 cache utilization... */
854 realign_in_loop = out_misaligned|inp_misaligned; 860 realign_in_loop = out_misaligned|inp_misaligned;
855 861
856 if (!realign_in_loop && (nbytes%AES_BLOCK_SIZE)==0) 862 if (!realign_in_loop && (nbytes % AES_BLOCK_SIZE) == 0)
857 return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes); 863 return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg,
864 nbytes);
858 865
859 /* this takes one "if" out of the loops */ 866 /* this takes one "if" out of the loops */
860 chunk = nbytes; 867 chunk = nbytes;
861 chunk %= PADLOCK_CHUNK; 868 chunk %= PADLOCK_CHUNK;
862 if (chunk==0) chunk = PADLOCK_CHUNK; 869 if (chunk == 0)
870 chunk = PADLOCK_CHUNK;
863 871
864 if (out_misaligned) { 872 if (out_misaligned) {
865 /* optmize for small input */ 873 /* optmize for small input */
866 allocated = (chunk<nbytes?PADLOCK_CHUNK:nbytes); 874 allocated = (chunk < nbytes ? PADLOCK_CHUNK : nbytes);
867 out = alloca(0x10 + allocated); 875 out = alloca(0x10 + allocated);
868 out = NEAREST_ALIGNED(out); 876 out = NEAREST_ALIGNED(out);
869 } 877 } else
870 else
871 out = out_arg; 878 out = out_arg;
872 879
873 cdata = ALIGNED_CIPHER_DATA(ctx); 880 cdata = ALIGNED_CIPHER_DATA(ctx);
@@ -875,77 +882,84 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
875 882
876 switch (EVP_CIPHER_CTX_mode(ctx)) { 883 switch (EVP_CIPHER_CTX_mode(ctx)) {
877 case EVP_CIPH_ECB_MODE: 884 case EVP_CIPH_ECB_MODE:
878 do { 885 do {
879 if (inp_misaligned) 886 if (inp_misaligned)
880 inp = padlock_memcpy(out, in_arg, chunk); 887 inp = padlock_memcpy(out, in_arg, chunk);
881 else 888 else
882 inp = in_arg; 889 inp = in_arg;
883 in_arg += chunk; 890 in_arg += chunk;
884 891
885 padlock_xcrypt_ecb(chunk/AES_BLOCK_SIZE, cdata, out, inp); 892 padlock_xcrypt_ecb(chunk / AES_BLOCK_SIZE, cdata,
893 out, inp);
886 894
887 if (out_misaligned) 895 if (out_misaligned)
888 out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; 896 out_arg = padlock_memcpy(out_arg, out, chunk) +
897 chunk;
889 else 898 else
890 out = out_arg+=chunk; 899 out = out_arg += chunk;
891 900
892 nbytes -= chunk; 901 nbytes -= chunk;
893 chunk = PADLOCK_CHUNK; 902 chunk = PADLOCK_CHUNK;
894 } while (nbytes); 903 } while (nbytes);
895 break; 904 break;
896 905
897 case EVP_CIPH_CBC_MODE: 906 case EVP_CIPH_CBC_MODE:
898 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); 907 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
899 goto cbc_shortcut; 908 goto cbc_shortcut;
900 do { 909 do {
901 if (iv != cdata->iv) 910 if (iv != cdata->iv)
902 memcpy(cdata->iv, iv, AES_BLOCK_SIZE); 911 memcpy(cdata->iv, iv, AES_BLOCK_SIZE);
903 chunk = PADLOCK_CHUNK; 912 chunk = PADLOCK_CHUNK;
904 cbc_shortcut: /* optimize for small input */ 913 cbc_shortcut: /* optimize for small input */
905 if (inp_misaligned) 914 if (inp_misaligned)
906 inp = padlock_memcpy(out, in_arg, chunk); 915 inp = padlock_memcpy(out, in_arg, chunk);
907 else 916 else
908 inp = in_arg; 917 inp = in_arg;
909 in_arg += chunk; 918 in_arg += chunk;
910 919
911 iv = padlock_xcrypt_cbc(chunk/AES_BLOCK_SIZE, cdata, out, inp); 920 iv = padlock_xcrypt_cbc(chunk / AES_BLOCK_SIZE, cdata,
921 out, inp);
912 922
913 if (out_misaligned) 923 if (out_misaligned)
914 out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; 924 out_arg = padlock_memcpy(out_arg, out, chunk) +
925 chunk;
915 else 926 else
916 out = out_arg+=chunk; 927 out = out_arg += chunk;
917
918 } while (nbytes -= chunk); 928 } while (nbytes -= chunk);
919 memcpy(ctx->iv, iv, AES_BLOCK_SIZE); 929 memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
920 break; 930 break;
921 931
922 case EVP_CIPH_CFB_MODE: 932 case EVP_CIPH_CFB_MODE:
923 memcpy (iv = cdata->iv, ctx->iv, AES_BLOCK_SIZE); 933 memcpy (iv = cdata->iv, ctx->iv, AES_BLOCK_SIZE);
924 chunk &= ~(AES_BLOCK_SIZE-1); 934 chunk &= ~(AES_BLOCK_SIZE - 1);
925 if (chunk) goto cfb_shortcut; 935 if (chunk)
926 else goto cfb_skiploop; 936 goto cfb_shortcut;
927 do { 937 else
938 goto cfb_skiploop;
939 do {
928 if (iv != cdata->iv) 940 if (iv != cdata->iv)
929 memcpy(cdata->iv, iv, AES_BLOCK_SIZE); 941 memcpy(cdata->iv, iv, AES_BLOCK_SIZE);
930 chunk = PADLOCK_CHUNK; 942 chunk = PADLOCK_CHUNK;
931 cfb_shortcut: /* optimize for small input */ 943 cfb_shortcut: /* optimize for small input */
932 if (inp_misaligned) 944 if (inp_misaligned)
933 inp = padlock_memcpy(out, in_arg, chunk); 945 inp = padlock_memcpy(out, in_arg, chunk);
934 else 946 else
935 inp = in_arg; 947 inp = in_arg;
936 in_arg += chunk; 948 in_arg += chunk;
937 949
938 iv = padlock_xcrypt_cfb(chunk/AES_BLOCK_SIZE, cdata, out, inp); 950 iv = padlock_xcrypt_cfb(chunk / AES_BLOCK_SIZE, cdata,
951 out, inp);
939 952
940 if (out_misaligned) 953 if (out_misaligned)
941 out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; 954 out_arg = padlock_memcpy(out_arg, out, chunk) +
955 chunk;
942 else 956 else
943 out = out_arg+=chunk; 957 out = out_arg += chunk;
944 958
945 nbytes -= chunk; 959 nbytes -= chunk;
946 } while (nbytes >= AES_BLOCK_SIZE); 960 } while (nbytes >= AES_BLOCK_SIZE);
947 961
948 cfb_skiploop: 962cfb_skiploop:
949 if (nbytes) { 963 if (nbytes) {
950 unsigned char *ivp = cdata->iv; 964 unsigned char *ivp = cdata->iv;
951 965
@@ -955,19 +969,19 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
955 } 969 }
956 ctx->num = nbytes; 970 ctx->num = nbytes;
957 if (cdata->cword.b.encdec) { 971 if (cdata->cword.b.encdec) {
958 cdata->cword.b.encdec=0; 972 cdata->cword.b.encdec = 0;
959 padlock_reload_key(); 973 padlock_reload_key();
960 padlock_xcrypt_ecb(1,cdata,ivp,ivp); 974 padlock_xcrypt_ecb(1, cdata, ivp, ivp);
961 cdata->cword.b.encdec=1; 975 cdata->cword.b.encdec = 1;
962 padlock_reload_key(); 976 padlock_reload_key();
963 while(nbytes) { 977 while (nbytes) {
964 unsigned char c = *(in_arg++); 978 unsigned char c = *(in_arg++);
965 *(out_arg++) = c ^ *ivp; 979 *(out_arg++) = c ^ *ivp;
966 *(ivp++) = c, nbytes--; 980 *(ivp++) = c, nbytes--;
967 } 981 }
968 } 982 } else {
969 else { padlock_reload_key(); 983 padlock_reload_key();
970 padlock_xcrypt_ecb(1,cdata,ivp,ivp); 984 padlock_xcrypt_ecb(1, cdata, ivp, ivp);
971 padlock_reload_key(); 985 padlock_reload_key();
972 while (nbytes) { 986 while (nbytes) {
973 *ivp = *(out_arg++) = *(in_arg++) ^ *ivp; 987 *ivp = *(out_arg++) = *(in_arg++) ^ *ivp;
@@ -981,7 +995,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
981 995
982 case EVP_CIPH_OFB_MODE: 996 case EVP_CIPH_OFB_MODE:
983 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); 997 memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
984 chunk &= ~(AES_BLOCK_SIZE-1); 998 chunk &= ~(AES_BLOCK_SIZE - 1);
985 if (chunk) do { 999 if (chunk) do {
986 if (inp_misaligned) 1000 if (inp_misaligned)
987 inp = padlock_memcpy(out, in_arg, chunk); 1001 inp = padlock_memcpy(out, in_arg, chunk);
@@ -989,15 +1003,17 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
989 inp = in_arg; 1003 inp = in_arg;
990 in_arg += chunk; 1004 in_arg += chunk;
991 1005
992 padlock_xcrypt_ofb(chunk/AES_BLOCK_SIZE, cdata, out, inp); 1006 padlock_xcrypt_ofb(chunk / AES_BLOCK_SIZE, cdata,
1007 out, inp);
993 1008
994 if (out_misaligned) 1009 if (out_misaligned)
995 out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; 1010 out_arg = padlock_memcpy(out_arg, out, chunk) +
1011 chunk;
996 else 1012 else
997 out = out_arg+=chunk; 1013 out = out_arg += chunk;
998 1014
999 nbytes -= chunk; 1015 nbytes -= chunk;
1000 chunk = PADLOCK_CHUNK; 1016 chunk = PADLOCK_CHUNK;
1001 } while (nbytes >= AES_BLOCK_SIZE); 1017 } while (nbytes >= AES_BLOCK_SIZE);
1002 1018
1003 if (nbytes) { 1019 if (nbytes) {
@@ -1005,7 +1021,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
1005 1021
1006 ctx->num = nbytes; 1022 ctx->num = nbytes;
1007 padlock_reload_key(); /* empirically found */ 1023 padlock_reload_key(); /* empirically found */
1008 padlock_xcrypt_ecb(1,cdata,ivp,ivp); 1024 padlock_xcrypt_ecb(1, cdata, ivp, ivp);
1009 padlock_reload_key(); /* empirically found */ 1025 padlock_reload_key(); /* empirically found */
1010 while (nbytes) { 1026 while (nbytes) {
1011 *(out_arg++) = *(in_arg++) ^ *ivp; 1027 *(out_arg++) = *(in_arg++) ^ *ivp;
@@ -1022,9 +1038,10 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
1022 1038
1023 /* Clean the realign buffer if it was used */ 1039 /* Clean the realign buffer if it was used */
1024 if (out_misaligned) { 1040 if (out_misaligned) {
1025 volatile unsigned long *p=(void *)out; 1041 volatile unsigned long *p = (void *)out;
1026 size_t n = allocated/sizeof(*p); 1042 size_t n = allocated/sizeof(*p);
1027 while (n--) *p++=0; 1043 while (n--)
1044 *p++ = 0;
1028 } 1045 }
1029 1046
1030 memset(cdata->iv, 0, AES_BLOCK_SIZE); 1047 memset(cdata->iv, 0, AES_BLOCK_SIZE);
@@ -1041,7 +1058,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
1041 * (posted at http://www.via.com.tw/en/viac3/c3.jsp) nor does it 1058 * (posted at http://www.via.com.tw/en/viac3/c3.jsp) nor does it
1042 * provide meaningful error control... 1059 * provide meaningful error control...
1043 */ 1060 */
1044/* Wrapper that provides an interface between the API and 1061/* Wrapper that provides an interface between the API and
1045 the raw PadLock RNG */ 1062 the raw PadLock RNG */
1046static int 1063static int
1047padlock_rand_bytes(unsigned char *output, int count) 1064padlock_rand_bytes(unsigned char *output, int count)
@@ -1050,25 +1067,33 @@ padlock_rand_bytes(unsigned char *output, int count)
1050 1067
1051 while (count >= 8) { 1068 while (count >= 8) {
1052 eax = padlock_xstore(output, 0); 1069 eax = padlock_xstore(output, 0);
1053 if (!(eax&(1<<6))) return 0; /* RNG disabled */ 1070 if (!(eax & (1 << 6)))
1071 return 0; /* RNG disabled */
1054 /* this ---vv--- covers DC bias, Raw Bits and String Filter */ 1072 /* this ---vv--- covers DC bias, Raw Bits and String Filter */
1055 if (eax&(0x1F<<10)) return 0; 1073 if (eax & (0x1F << 10))
1056 if ((eax&0x1F)==0) continue; /* no data, retry... */ 1074 return 0;
1057 if ((eax&0x1F)!=8) return 0; /* fatal failure... */ 1075 if ((eax & 0x1F) == 0)
1076 continue; /* no data, retry... */
1077 if ((eax & 0x1F) != 8)
1078 return 0; /* fatal failure... */
1058 output += 8; 1079 output += 8;
1059 count -= 8; 1080 count -= 8;
1060 } 1081 }
1061 while (count > 0) { 1082 while (count > 0) {
1062 eax = padlock_xstore(&buf, 3); 1083 eax = padlock_xstore(&buf, 3);
1063 if (!(eax&(1<<6))) return 0; /* RNG disabled */ 1084 if (!(eax & (1 << 6)))
1085 return 0; /* RNG disabled */
1064 /* this ---vv--- covers DC bias, Raw Bits and String Filter */ 1086 /* this ---vv--- covers DC bias, Raw Bits and String Filter */
1065 if (eax&(0x1F<<10)) return 0; 1087 if (eax & (0x1F << 10))
1066 if ((eax&0x1F)==0) continue; /* no data, retry... */ 1088 return 0;
1067 if ((eax&0x1F)!=1) return 0; /* fatal failure... */ 1089 if ((eax & 0x1F) == 0)
1090 continue; /* no data, retry... */
1091 if ((eax & 0x1F) != 1)
1092 return 0; /* fatal failure... */
1068 *output++ = (unsigned char)buf; 1093 *output++ = (unsigned char)buf;
1069 count--; 1094 count--;
1070 } 1095 }
1071 *(volatile unsigned int *)&buf=0; 1096 *(volatile unsigned int *)&buf = 0;
1072 1097
1073 return 1; 1098 return 1;
1074} 1099}
@@ -1089,10 +1114,11 @@ static RAND_METHOD padlock_rand = {
1089 1114
1090#else /* !COMPILE_HW_PADLOCK */ 1115#else /* !COMPILE_HW_PADLOCK */
1091#ifndef OPENSSL_NO_DYNAMIC_ENGINE 1116#ifndef OPENSSL_NO_DYNAMIC_ENGINE
1092extern 1117extern int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns);
1093int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); 1118extern int
1094extern 1119bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) {
1095int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { return 0; } 1120 return 0;
1121}
1096IMPLEMENT_DYNAMIC_CHECK_FN() 1122IMPLEMENT_DYNAMIC_CHECK_FN()
1097#endif 1123#endif
1098#endif /* COMPILE_HW_PADLOCK */ 1124#endif /* COMPILE_HW_PADLOCK */
diff --git a/src/lib/libssl/src/crypto/engine/eng_pkey.c b/src/lib/libssl/src/crypto/engine/eng_pkey.c
index 410a9c3373..dc832450a6 100644
--- a/src/lib/libssl/src/crypto/engine/eng_pkey.c
+++ b/src/lib/libssl/src/crypto/engine/eng_pkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_pkey.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: eng_pkey.c,v 1.5 2014/06/22 12:05:09 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -7,7 +7,7 @@
7 * are met: 7 * are met:
8 * 8 *
9 * 1. Redistributions of source code must retain the above copyright 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer. 10 * notice, this list of conditions and the following disclaimer.
11 * 11 *
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in 13 * notice, this list of conditions and the following disclaimer in
@@ -57,140 +57,137 @@
57 57
58/* Basic get/set stuff */ 58/* Basic get/set stuff */
59 59
60int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f) 60int
61 { 61ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f)
62{
62 e->load_privkey = loadpriv_f; 63 e->load_privkey = loadpriv_f;
63 return 1; 64 return 1;
64 } 65}
65 66
66int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f) 67int
67 { 68ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f)
69{
68 e->load_pubkey = loadpub_f; 70 e->load_pubkey = loadpub_f;
69 return 1; 71 return 1;
70 } 72}
71 73
72int ENGINE_set_load_ssl_client_cert_function(ENGINE *e, 74int
73 ENGINE_SSL_CLIENT_CERT_PTR loadssl_f) 75ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
74 { 76 ENGINE_SSL_CLIENT_CERT_PTR loadssl_f)
77{
75 e->load_ssl_client_cert = loadssl_f; 78 e->load_ssl_client_cert = loadssl_f;
76 return 1; 79 return 1;
77 } 80}
78 81
79ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e) 82ENGINE_LOAD_KEY_PTR
80 { 83ENGINE_get_load_privkey_function(const ENGINE *e)
84{
81 return e->load_privkey; 85 return e->load_privkey;
82 } 86}
83 87
84ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e) 88ENGINE_LOAD_KEY_PTR
85 { 89ENGINE_get_load_pubkey_function(const ENGINE *e)
90{
86 return e->load_pubkey; 91 return e->load_pubkey;
87 } 92}
88 93
89ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e) 94ENGINE_SSL_CLIENT_CERT_PTR
90 { 95ENGINE_get_ssl_client_cert_function(const ENGINE *e)
96{
91 return e->load_ssl_client_cert; 97 return e->load_ssl_client_cert;
92 } 98}
93 99
94/* API functions to load public/private keys */ 100/* API functions to load public/private keys */
95 101
96EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id, 102EVP_PKEY *
97 UI_METHOD *ui_method, void *callback_data) 103ENGINE_load_private_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method,
98 { 104 void *callback_data)
105{
99 EVP_PKEY *pkey; 106 EVP_PKEY *pkey;
100 107
101 if(e == NULL) 108 if (e == NULL) {
102 {
103 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY, 109 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
104 ERR_R_PASSED_NULL_PARAMETER); 110 ERR_R_PASSED_NULL_PARAMETER);
105 return 0; 111 return 0;
106 } 112 }
107 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 113 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
108 if(e->funct_ref == 0) 114 if (e->funct_ref == 0) {
109 {
110 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 115 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
111 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY, 116 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
112 ENGINE_R_NOT_INITIALISED); 117 ENGINE_R_NOT_INITIALISED);
113 return 0; 118 return 0;
114 } 119 }
115 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 120 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
116 if (!e->load_privkey) 121 if (!e->load_privkey) {
117 {
118 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY, 122 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
119 ENGINE_R_NO_LOAD_FUNCTION); 123 ENGINE_R_NO_LOAD_FUNCTION);
120 return 0; 124 return 0;
121 } 125 }
122 pkey = e->load_privkey(e, key_id, ui_method, callback_data); 126 pkey = e->load_privkey(e, key_id, ui_method, callback_data);
123 if (!pkey) 127 if (!pkey) {
124 {
125 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY, 128 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
126 ENGINE_R_FAILED_LOADING_PRIVATE_KEY); 129 ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
127 return 0; 130 return 0;
128 }
129 return pkey;
130 } 131 }
132 return pkey;
133}
131 134
132EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, 135EVP_PKEY *
133 UI_METHOD *ui_method, void *callback_data) 136ENGINE_load_public_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method,
134 { 137 void *callback_data)
138{
135 EVP_PKEY *pkey; 139 EVP_PKEY *pkey;
136 140
137 if(e == NULL) 141 if (e == NULL) {
138 {
139 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY, 142 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
140 ERR_R_PASSED_NULL_PARAMETER); 143 ERR_R_PASSED_NULL_PARAMETER);
141 return 0; 144 return 0;
142 } 145 }
143 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 146 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
144 if(e->funct_ref == 0) 147 if (e->funct_ref == 0) {
145 {
146 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 148 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
147 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY, 149 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
148 ENGINE_R_NOT_INITIALISED); 150 ENGINE_R_NOT_INITIALISED);
149 return 0; 151 return 0;
150 } 152 }
151 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 153 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
152 if (!e->load_pubkey) 154 if (!e->load_pubkey) {
153 {
154 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY, 155 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
155 ENGINE_R_NO_LOAD_FUNCTION); 156 ENGINE_R_NO_LOAD_FUNCTION);
156 return 0; 157 return 0;
157 } 158 }
158 pkey = e->load_pubkey(e, key_id, ui_method, callback_data); 159 pkey = e->load_pubkey(e, key_id, ui_method, callback_data);
159 if (!pkey) 160 if (!pkey) {
160 {
161 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY, 161 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
162 ENGINE_R_FAILED_LOADING_PUBLIC_KEY); 162 ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
163 return 0; 163 return 0;
164 }
165 return pkey;
166 } 164 }
165 return pkey;
166}
167 167
168int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, 168int
169 STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **ppkey, 169ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, STACK_OF(X509_NAME) *ca_dn,
170 STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data) 170 X509 **pcert, EVP_PKEY **ppkey, STACK_OF(X509) **pother,
171 { 171 UI_METHOD *ui_method, void *callback_data)
172 172{
173 if(e == NULL) 173 if (e == NULL) {
174 {
175 ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT, 174 ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
176 ERR_R_PASSED_NULL_PARAMETER); 175 ERR_R_PASSED_NULL_PARAMETER);
177 return 0; 176 return 0;
178 } 177 }
179 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 178 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
180 if(e->funct_ref == 0) 179 if (e->funct_ref == 0) {
181 {
182 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 180 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
183 ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT, 181 ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
184 ENGINE_R_NOT_INITIALISED); 182 ENGINE_R_NOT_INITIALISED);
185 return 0; 183 return 0;
186 } 184 }
187 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 185 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
188 if (!e->load_ssl_client_cert) 186 if (!e->load_ssl_client_cert) {
189 {
190 ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT, 187 ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
191 ENGINE_R_NO_LOAD_FUNCTION); 188 ENGINE_R_NO_LOAD_FUNCTION);
192 return 0; 189 return 0;
193 }
194 return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, pother,
195 ui_method, callback_data);
196 } 190 }
191 return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, pother,
192 ui_method, callback_data);
193}
diff --git a/src/lib/libssl/src/crypto/engine/eng_rsax.c b/src/lib/libssl/src/crypto/engine/eng_rsax.c
index f7b38b1156..ee18439070 100644
--- a/src/lib/libssl/src/crypto/engine/eng_rsax.c
+++ b/src/lib/libssl/src/crypto/engine/eng_rsax.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_rsax.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: eng_rsax.c,v 1.7 2014/06/22 12:05:09 jsing Exp $ */
2/* Copyright (c) 2010-2010 Intel Corp. 2/* Copyright (c) 2010-2010 Intel Corp.
3 * Author: Vinodh.Gopal@intel.com 3 * Author: Vinodh.Gopal@intel.com
4 * Jim Guilford 4 * Jim Guilford
@@ -85,16 +85,17 @@ static ENGINE *ENGINE_rsax (void);
85#endif 85#endif
86 86
87void ENGINE_load_rsax (void) 87void ENGINE_load_rsax (void)
88 { 88{
89/* On non-x86 CPUs it just returns. */ 89/* On non-x86 CPUs it just returns. */
90#ifdef COMPILE_RSAX 90#ifdef COMPILE_RSAX
91 ENGINE *toadd = ENGINE_rsax(); 91 ENGINE *toadd = ENGINE_rsax();
92 if(!toadd) return; 92 if (!toadd)
93 return;
93 ENGINE_add(toadd); 94 ENGINE_add(toadd);
94 ENGINE_free(toadd); 95 ENGINE_free(toadd);
95 ERR_clear_error(); 96 ERR_clear_error();
96#endif 97#endif
97 } 98}
98 99
99#ifdef COMPILE_RSAX 100#ifdef COMPILE_RSAX
100#define E_RSAX_LIB_NAME "rsax engine" 101#define E_RSAX_LIB_NAME "rsax engine"
@@ -106,13 +107,14 @@ static int e_rsax_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
106 107
107#ifndef OPENSSL_NO_RSA 108#ifndef OPENSSL_NO_RSA
108/* RSA stuff */ 109/* RSA stuff */
109static int e_rsax_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); 110static int e_rsax_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
111 BN_CTX *ctx);
110static int e_rsax_rsa_finish(RSA *r); 112static int e_rsax_rsa_finish(RSA *r);
111#endif 113#endif
112 114
113static const ENGINE_CMD_DEFN e_rsax_cmd_defns[] = { 115static const ENGINE_CMD_DEFN e_rsax_cmd_defns[] = {
114 {0, NULL, NULL, 0} 116 {0, NULL, NULL, 0}
115 }; 117};
116 118
117#ifndef OPENSSL_NO_RSA 119#ifndef OPENSSL_NO_RSA
118/* Our internal RSA_METHOD that we provide pointers to */ 120/* Our internal RSA_METHOD that we provide pointers to */
@@ -129,21 +131,22 @@ static const char *engine_e_rsax_id = "rsax";
129static const char *engine_e_rsax_name = "RSAX engine support"; 131static const char *engine_e_rsax_name = "RSAX engine support";
130 132
131/* This internal function is used by ENGINE_rsax() */ 133/* This internal function is used by ENGINE_rsax() */
132static int bind_helper(ENGINE *e) 134static int
133 { 135bind_helper(ENGINE *e)
136{
134#ifndef OPENSSL_NO_RSA 137#ifndef OPENSSL_NO_RSA
135 const RSA_METHOD *meth1; 138 const RSA_METHOD *meth1;
136#endif 139#endif
137 if(!ENGINE_set_id(e, engine_e_rsax_id) || 140 if (!ENGINE_set_id(e, engine_e_rsax_id) ||
138 !ENGINE_set_name(e, engine_e_rsax_name) || 141 !ENGINE_set_name(e, engine_e_rsax_name) ||
139#ifndef OPENSSL_NO_RSA 142#ifndef OPENSSL_NO_RSA
140 !ENGINE_set_RSA(e, &e_rsax_rsa) || 143 !ENGINE_set_RSA(e, &e_rsax_rsa) ||
141#endif 144#endif
142 !ENGINE_set_destroy_function(e, e_rsax_destroy) || 145 !ENGINE_set_destroy_function(e, e_rsax_destroy) ||
143 !ENGINE_set_init_function(e, e_rsax_init) || 146 !ENGINE_set_init_function(e, e_rsax_init) ||
144 !ENGINE_set_finish_function(e, e_rsax_finish) || 147 !ENGINE_set_finish_function(e, e_rsax_finish) ||
145 !ENGINE_set_ctrl_function(e, e_rsax_ctrl) || 148 !ENGINE_set_ctrl_function(e, e_rsax_ctrl) ||
146 !ENGINE_set_cmd_defns(e, e_rsax_cmd_defns)) 149 !ENGINE_set_cmd_defns(e, e_rsax_cmd_defns))
147 return 0; 150 return 0;
148 151
149#ifndef OPENSSL_NO_RSA 152#ifndef OPENSSL_NO_RSA
@@ -155,64 +158,67 @@ static int bind_helper(ENGINE *e)
155 e_rsax_rsa.bn_mod_exp = meth1->bn_mod_exp; 158 e_rsax_rsa.bn_mod_exp = meth1->bn_mod_exp;
156#endif 159#endif
157 return 1; 160 return 1;
158 } 161}
159 162
160static ENGINE *ENGINE_rsax(void) 163static ENGINE *
161 { 164ENGINE_rsax(void)
165{
162 ENGINE *ret = ENGINE_new(); 166 ENGINE *ret = ENGINE_new();
163 if(!ret) 167
168 if (!ret)
164 return NULL; 169 return NULL;
165 if(!bind_helper(ret)) 170 if (!bind_helper(ret)) {
166 {
167 ENGINE_free(ret); 171 ENGINE_free(ret);
168 return NULL; 172 return NULL;
169 }
170 return ret;
171 } 173 }
174 return ret;
175}
172 176
173#ifndef OPENSSL_NO_RSA 177#ifndef OPENSSL_NO_RSA
174/* Used to attach our own key-data to an RSA structure */ 178/* Used to attach our own key-data to an RSA structure */
175static int rsax_ex_data_idx = -1; 179static int rsax_ex_data_idx = -1;
176#endif 180#endif
177 181
178static int e_rsax_destroy(ENGINE *e) 182static int
179 { 183e_rsax_destroy(ENGINE *e)
184{
180 return 1; 185 return 1;
181 } 186}
182 187
183/* (de)initialisation functions. */ 188/* (de)initialisation functions. */
184static int e_rsax_init(ENGINE *e) 189static int
185 { 190e_rsax_init(ENGINE *e)
191{
186#ifndef OPENSSL_NO_RSA 192#ifndef OPENSSL_NO_RSA
187 if (rsax_ex_data_idx == -1) 193 if (rsax_ex_data_idx == -1)
188 rsax_ex_data_idx = RSA_get_ex_new_index(0, 194 rsax_ex_data_idx = RSA_get_ex_new_index(0, NULL, NULL,
189 NULL, 195 NULL, NULL);
190 NULL, NULL, NULL);
191#endif 196#endif
192 if (rsax_ex_data_idx == -1) 197 if (rsax_ex_data_idx == -1)
193 return 0; 198 return 0;
194 return 1; 199 return 1;
195 } 200}
196 201
197static int e_rsax_finish(ENGINE *e) 202static int
198 { 203e_rsax_finish(ENGINE *e)
204{
199 return 1; 205 return 1;
200 } 206}
201 207
202static int e_rsax_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) 208static int
203 { 209e_rsax_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
210{
204 int to_return = 1; 211 int to_return = 1;
205 212
206 switch(cmd) 213 switch (cmd) {
207 { 214 /* The command isn't understood by this engine */
208 /* The command isn't understood by this engine */
209 default: 215 default:
210 to_return = 0; 216 to_return = 0;
211 break; 217 break;
212 } 218 }
213 219
214 return to_return; 220 return to_return;
215 } 221}
216 222
217 223
218#ifndef OPENSSL_NO_RSA 224#ifndef OPENSSL_NO_RSA
@@ -233,69 +239,71 @@ static int interleaved_array_to_bn_512(BIGNUM* b, UINT64 *array);
233/* Extract array elements from BIGNUM b 239/* Extract array elements from BIGNUM b
234 * To set the whole array from b, call with n=8 240 * To set the whole array from b, call with n=8
235 */ 241 */
236static int bn_extract_to_array_512(const BIGNUM* b, unsigned int n, UINT64 *array); 242static int bn_extract_to_array_512(const BIGNUM* b, unsigned int n,
243 UINT64 *array);
237 244
238struct mod_ctx_512 { 245struct mod_ctx_512 {
239 UINT64 t[8][8]; 246 UINT64 t[8][8];
240 UINT64 m[8]; 247 UINT64 m[8];
241 UINT64 m1[8]; /* 2^278 % m */ 248 UINT64 m1[8]; /* 2^278 % m */
242 UINT64 m2[8]; /* 2^640 % m */ 249 UINT64 m2[8]; /* 2^640 % m */
243 UINT64 k1[2]; /* (- 1/m) % 2^128 */ 250 UINT64 k1[2]; /* (- 1/m) % 2^128 */
244}; 251};
245 252
246static int mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data); 253static int mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data);
247 254
248void mod_exp_512(UINT64 *result, /* 512 bits, 8 qwords */ 255void mod_exp_512(UINT64 *result, /* 512 bits, 8 qwords */
249 UINT64 *g, /* 512 bits, 8 qwords */ 256UINT64 *g, /* 512 bits, 8 qwords */
250 UINT64 *exp, /* 512 bits, 8 qwords */ 257UINT64 *exp, /* 512 bits, 8 qwords */
251 struct mod_ctx_512 *data); 258struct mod_ctx_512 *data);
252 259
253typedef struct st_e_rsax_mod_ctx 260typedef struct st_e_rsax_mod_ctx {
254{ 261 UINT64 type;
255 UINT64 type; 262 union {
256 union { 263 struct mod_ctx_512 b512;
257 struct mod_ctx_512 b512; 264 } ctx;
258 } ctx;
259
260} E_RSAX_MOD_CTX; 265} E_RSAX_MOD_CTX;
261 266
262static E_RSAX_MOD_CTX *e_rsax_get_ctx(RSA *rsa, int idx, BIGNUM* m) 267static E_RSAX_MOD_CTX *
268e_rsax_get_ctx(RSA *rsa, int idx, BIGNUM* m)
263{ 269{
264 E_RSAX_MOD_CTX *hptr; 270 E_RSAX_MOD_CTX *hptr;
265 271
266 if (idx < 0 || idx > 2) 272 if (idx < 0 || idx > 2)
267 return NULL; 273 return NULL;
268 274
269 hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx); 275 hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx);
270 if (!hptr) { 276 if (!hptr) {
271 hptr = reallocarray(NULL, 3, sizeof(E_RSAX_MOD_CTX)); 277 hptr = reallocarray(NULL, 3, sizeof(E_RSAX_MOD_CTX));
272 if (!hptr) return NULL; 278 if (!hptr)
273 hptr[2].type = hptr[1].type= hptr[0].type = 0; 279 return NULL;
274 RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr); 280 hptr[2].type = hptr[1].type = hptr[0].type = 0;
275 } 281 RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr);
276 282 }
277 if (hptr[idx].type == (UINT64)BN_num_bits(m)) 283
278 return hptr+idx; 284 if (hptr[idx].type == (UINT64)BN_num_bits(m))
279 285 return hptr + idx;
280 if (BN_num_bits(m) == 512) { 286
281 UINT64 _m[8]; 287 if (BN_num_bits(m) == 512) {
282 bn_extract_to_array_512(m, 8, _m); 288 UINT64 _m[8];
283 memset( &hptr[idx].ctx.b512, 0, sizeof(struct mod_ctx_512)); 289 bn_extract_to_array_512(m, 8, _m);
284 mod_exp_pre_compute_data_512(_m, &hptr[idx].ctx.b512); 290 memset( &hptr[idx].ctx.b512, 0, sizeof(struct mod_ctx_512));
291 mod_exp_pre_compute_data_512(_m, &hptr[idx].ctx.b512);
285 } 292 }
286 293
287 hptr[idx].type = BN_num_bits(m); 294 hptr[idx].type = BN_num_bits(m);
288 return hptr+idx; 295 return hptr + idx;
289} 296}
290 297
291static int e_rsax_rsa_finish(RSA *rsa) 298static int
292 { 299e_rsax_rsa_finish(RSA *rsa)
300{
293 E_RSAX_MOD_CTX *hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx); 301 E_RSAX_MOD_CTX *hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx);
294 if(hptr) 302
295 { 303 if (hptr) {
296 free(hptr); 304 free(hptr);
297 RSA_set_ex_data(rsa, rsax_ex_data_idx, NULL); 305 RSA_set_ex_data(rsa, rsax_ex_data_idx, NULL);
298 } 306 }
299 if (rsa->_method_mod_n) 307 if (rsa->_method_mod_n)
300 BN_MONT_CTX_free(rsa->_method_mod_n); 308 BN_MONT_CTX_free(rsa->_method_mod_n);
301 if (rsa->_method_mod_p) 309 if (rsa->_method_mod_p)
@@ -303,28 +311,28 @@ static int e_rsax_rsa_finish(RSA *rsa)
303 if (rsa->_method_mod_q) 311 if (rsa->_method_mod_q)
304 BN_MONT_CTX_free(rsa->_method_mod_q); 312 BN_MONT_CTX_free(rsa->_method_mod_q);
305 return 1; 313 return 1;
306 } 314}
307
308 315
309static int e_rsax_bn_mod_exp(BIGNUM *r, const BIGNUM *g, const BIGNUM *e, 316static int
310 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont, E_RSAX_MOD_CTX* rsax_mod_ctx ) 317e_rsax_bn_mod_exp(BIGNUM *r, const BIGNUM *g, const BIGNUM *e, const BIGNUM *m,
318 BN_CTX *ctx, BN_MONT_CTX *in_mont, E_RSAX_MOD_CTX* rsax_mod_ctx)
311{ 319{
312 if (rsax_mod_ctx && BN_get_flags(e, BN_FLG_CONSTTIME) != 0) { 320 if (rsax_mod_ctx && BN_get_flags(e, BN_FLG_CONSTTIME) != 0) {
313 if (BN_num_bits(m) == 512) { 321 if (BN_num_bits(m) == 512) {
314 UINT64 _r[8]; 322 UINT64 _r[8];
315 UINT64 _g[8]; 323 UINT64 _g[8];
316 UINT64 _e[8]; 324 UINT64 _e[8];
317 325
318 /* Init the arrays from the BIGNUMs */ 326 /* Init the arrays from the BIGNUMs */
319 bn_extract_to_array_512(g, 8, _g); 327 bn_extract_to_array_512(g, 8, _g);
320 bn_extract_to_array_512(e, 8, _e); 328 bn_extract_to_array_512(e, 8, _e);
321 329
322 mod_exp_512(_r, _g, _e, &rsax_mod_ctx->ctx.b512); 330 mod_exp_512(_r, _g, _e, &rsax_mod_ctx->ctx.b512);
323 /* Return the result in the BIGNUM */ 331 /* Return the result in the BIGNUM */
324 interleaved_array_to_bn_512(r, _r); 332 interleaved_array_to_bn_512(r, _r);
325 return 1; 333 return 1;
326 } 334 }
327 } 335 }
328 336
329 return BN_mod_exp_mont(r, g, e, m, ctx, in_mont); 337 return BN_mod_exp_mont(r, g, e, m, ctx, in_mont);
330} 338}
@@ -339,146 +347,177 @@ static int e_rsax_bn_mod_exp(BIGNUM *r, const BIGNUM *g, const BIGNUM *e,
339 * Local method: extracts a piece from a BIGNUM, to fit it into 347 * Local method: extracts a piece from a BIGNUM, to fit it into
340 * an array. Call with n=8 to extract an entire 512-bit BIGNUM 348 * an array. Call with n=8 to extract an entire 512-bit BIGNUM
341 */ 349 */
342static int bn_extract_to_array_512(const BIGNUM* b, unsigned int n, UINT64 *array) 350static int
351bn_extract_to_array_512(const BIGNUM* b, unsigned int n, UINT64 *array)
343{ 352{
344 int i; 353 int i;
345 UINT64 tmp; 354 UINT64 tmp;
346 unsigned char bn_buff[64]; 355 unsigned char bn_buff[64];
356
347 memset(bn_buff, 0, 64); 357 memset(bn_buff, 0, 64);
348 if (BN_num_bytes(b) > 64) { 358 if (BN_num_bytes(b) > 64) {
349 printf ("Can't support this byte size\n"); 359 printf ("Can't support this byte size\n");
350 return 0; } 360 return 0;
351 if (BN_num_bytes(b)!=0) { 361 }
352 if (!BN_bn2bin(b, bn_buff+(64-BN_num_bytes(b)))) { 362 if (BN_num_bytes(b) != 0) {
363 if (!BN_bn2bin(b, bn_buff + (64 - BN_num_bytes(b)))) {
353 printf ("Error's in bn2bin\n"); 364 printf ("Error's in bn2bin\n");
354 /* We have to error, here */ 365 /* We have to error, here */
355 return 0; } } 366 return 0;
367 }
368 }
356 while (n-- > 0) { 369 while (n-- > 0) {
357 array[n] = 0; 370 array[n] = 0;
358 for (i=7; i>=0; i--) { 371 for (i = 7; i >= 0; i--) {
359 tmp = bn_buff[63-(n*8+i)]; 372 tmp = bn_buff[63 - (n*8 + i)];
360 array[n] |= tmp << (8*i); } } 373 array[n] |= tmp << (8*i);
374 }
375 }
361 return 1; 376 return 1;
362} 377}
363 378
364/* Init a 512-bit BIGNUM from the UINT64*_ (8 * 64) interleaved array */ 379/* Init a 512-bit BIGNUM from the UINT64*_ (8 * 64) interleaved array */
365static int interleaved_array_to_bn_512(BIGNUM* b, UINT64 *array) 380static int
381interleaved_array_to_bn_512(BIGNUM* b, UINT64 *array)
366{ 382{
367 unsigned char tmp[64]; 383 unsigned char tmp[64];
368 int n=8; 384 int n = 8;
369 int i; 385 int i;
386
370 while (n-- > 0) { 387 while (n-- > 0) {
371 for (i = 7; i>=0; i--) { 388 for (i = 7; i >= 0; i--) {
372 tmp[63-(n*8+i)] = (unsigned char)(array[n]>>(8*i)); } } 389 tmp[63 - (n * 8 + i)] =
390 (unsigned char)(array[n] >> (8 * i));
391 }
392 }
373 BN_bin2bn(tmp, 64, b); 393 BN_bin2bn(tmp, 64, b);
374 return 0; 394 return 0;
375} 395}
376 396
377
378/* The main 512bit precompute call */ 397/* The main 512bit precompute call */
379static int mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data) 398static int
380 { 399mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data)
381 BIGNUM two_768, two_640, two_128, two_512, tmp, _m, tmp2; 400{
382 401 BIGNUM two_768, two_640, two_128, two_512, tmp, _m, tmp2;
383 /* We need a BN_CTX for the modulo functions */ 402
384 BN_CTX* ctx; 403 /* We need a BN_CTX for the modulo functions */
385 /* Some tmps */ 404 BN_CTX* ctx;
386 UINT64 _t[8]; 405 /* Some tmps */
387 int i, j, ret = 0; 406 UINT64 _t[8];
388 407 int i, j, ret = 0;
389 /* Init _m with m */ 408
390 BN_init(&_m); 409 /* Init _m with m */
391 interleaved_array_to_bn_512(&_m, m); 410 BN_init(&_m);
392 memset(_t, 0, 64); 411 interleaved_array_to_bn_512(&_m, m);
393 412 memset(_t, 0, 64);
394 /* Inits */ 413
395 BN_init(&two_768); 414 /* Inits */
396 BN_init(&two_640); 415 BN_init(&two_768);
397 BN_init(&two_128); 416 BN_init(&two_640);
398 BN_init(&two_512); 417 BN_init(&two_128);
399 BN_init(&tmp); 418 BN_init(&two_512);
400 BN_init(&tmp2); 419 BN_init(&tmp);
401 420 BN_init(&tmp2);
402 /* Create our context */ 421
403 if ((ctx=BN_CTX_new()) == NULL) { goto err; } 422 /* Create our context */
423 if ((ctx = BN_CTX_new()) == NULL) {
424 goto err;
425 }
404 BN_CTX_start(ctx); 426 BN_CTX_start(ctx);
405 427
406 /* 428 /*
407 * For production, if you care, these only need to be set once, 429 * For production, if you care, these only need to be set once,
408 * and may be made constants. 430 * and may be made constants.
409 */ 431 */
410 BN_lshift(&two_768, BN_value_one(), 768); 432 BN_lshift(&two_768, BN_value_one(), 768);
411 BN_lshift(&two_640, BN_value_one(), 640); 433 BN_lshift(&two_640, BN_value_one(), 640);
412 BN_lshift(&two_128, BN_value_one(), 128); 434 BN_lshift(&two_128, BN_value_one(), 128);
413 BN_lshift(&two_512, BN_value_one(), 512); 435 BN_lshift(&two_512, BN_value_one(), 512);
414 436
415 if (0 == (m[7] & 0x8000000000000000)) { 437 if (0 == (m[7] & 0x8000000000000000)) {
416 exit(1); 438 exit(1);
417 } 439 }
418 if (0 == (m[0] & 0x1)) { /* Odd modulus required for Mont */ 440 if (0 == (m[0] & 0x1)) {
419 exit(1); 441 /* Odd modulus required for Mont */
420 } 442 exit(1);
421 443 }
422 /* Precompute m1 */ 444
423 BN_mod(&tmp, &two_768, &_m, ctx); 445 /* Precompute m1 */
424 if (!bn_extract_to_array_512(&tmp, 8, &data->m1[0])) { 446 BN_mod(&tmp, &two_768, &_m, ctx);
425 goto err; } 447 if (!bn_extract_to_array_512(&tmp, 8, &data->m1[0])) {
426 448 goto err;
427 /* Precompute m2 */ 449 }
428 BN_mod(&tmp, &two_640, &_m, ctx); 450
429 if (!bn_extract_to_array_512(&tmp, 8, &data->m2[0])) { 451 /* Precompute m2 */
430 goto err; 452 BN_mod(&tmp, &two_640, &_m, ctx);
431 } 453 if (!bn_extract_to_array_512(&tmp, 8, &data->m2[0])) {
432 454 goto err;
433 /* 455 }
434 * Precompute k1, a 128b number = ((-1)* m-1 ) mod 2128; k1 should 456
435 * be non-negative. 457 /*
436 */ 458 * Precompute k1, a 128b number = ((-1)* m-1 ) mod 2128; k1 should
437 BN_mod_inverse(&tmp, &_m, &two_128, ctx); 459 * be non-negative.
438 if (!BN_is_zero(&tmp)) { BN_sub(&tmp, &two_128, &tmp); } 460 */
439 if (!bn_extract_to_array_512(&tmp, 2, &data->k1[0])) { 461 BN_mod_inverse(&tmp, &_m, &two_128, ctx);
440 goto err; } 462 if (!BN_is_zero(&tmp)) {
441 463 BN_sub(&tmp, &two_128, &tmp);
442 /* Precompute t */ 464 }
443 for (i=0; i<8; i++) { 465 if (!bn_extract_to_array_512(&tmp, 2, &data->k1[0])) {
444 BN_zero(&tmp); 466 goto err;
445 if (i & 1) { BN_add(&tmp, &two_512, &tmp); } 467 }
446 if (i & 2) { BN_add(&tmp, &two_512, &tmp); } 468
447 if (i & 4) { BN_add(&tmp, &two_640, &tmp); } 469 /* Precompute t */
448 470 for (i = 0; i < 8; i++) {
449 BN_nnmod(&tmp2, &tmp, &_m, ctx); 471 BN_zero(&tmp);
450 if (!bn_extract_to_array_512(&tmp2, 8, _t)) { 472 if (i & 1) {
451 goto err; } 473 BN_add(&tmp, &two_512, &tmp);
452 for (j=0; j<8; j++) data->t[j][i] = _t[j]; } 474 }
453 475 if (i & 2) {
454 /* Precompute m */ 476 BN_add(&tmp, &two_512, &tmp);
455 for (i=0; i<8; i++) { 477 }
456 data->m[i] = m[i]; } 478 if (i & 4) {
457 479 BN_add(&tmp, &two_640, &tmp);
458 ret = 1; 480 }
481
482 BN_nnmod(&tmp2, &tmp, &_m, ctx);
483 if (!bn_extract_to_array_512(&tmp2, 8, _t)) {
484 goto err;
485 }
486 for (j = 0; j < 8; j++)
487 data->t[j][i] = _t[j];
488 }
489
490 /* Precompute m */
491 for (i = 0; i < 8; i++) {
492 data->m[i] = m[i];
493 }
494
495 ret = 1;
459 496
460err: 497err:
461 /* Cleanup */ 498 /* Cleanup */
462 if (ctx != NULL) { 499 if (ctx != NULL) {
463 BN_CTX_end(ctx); BN_CTX_free(ctx); } 500 BN_CTX_end(ctx);
464 BN_free(&two_768); 501 BN_CTX_free(ctx);
465 BN_free(&two_640); 502 }
466 BN_free(&two_128); 503 BN_free(&two_768);
467 BN_free(&two_512); 504 BN_free(&two_640);
468 BN_free(&tmp); 505 BN_free(&two_128);
469 BN_free(&tmp2); 506 BN_free(&two_512);
470 BN_free(&_m); 507 BN_free(&tmp);
471 508 BN_free(&tmp2);
472 return ret; 509 BN_free(&_m);
473}
474 510
511 return ret;
512}
475 513
476static int e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) 514static int
477 { 515e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
478 BIGNUM *r1,*m1,*vrfy; 516{
479 BIGNUM local_dmp1,local_dmq1,local_c,local_r1; 517 BIGNUM *r1, *m1, *vrfy;
480 BIGNUM *dmp1,*dmq1,*c,*pr1; 518 BIGNUM local_dmp1, local_dmq1, local_c, local_r1;
481 int ret=0; 519 BIGNUM *dmp1, *dmq1, *c, *pr1;
520 int ret = 0;
482 521
483 BN_CTX_start(ctx); 522 BN_CTX_start(ctx);
484 r1 = BN_CTX_get(ctx); 523 r1 = BN_CTX_get(ctx);
@@ -494,8 +533,7 @@ static int e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx
494 * intialization uses the BN_FLG_CONSTTIME flag 533 * intialization uses the BN_FLG_CONSTTIME flag
495 * (unless RSA_FLAG_NO_CONSTTIME is set) 534 * (unless RSA_FLAG_NO_CONSTTIME is set)
496 */ 535 */
497 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 536 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
498 {
499 BN_init(&local_p); 537 BN_init(&local_p);
500 p = &local_p; 538 p = &local_p;
501 BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME); 539 BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
@@ -503,100 +541,97 @@ static int e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx
503 BN_init(&local_q); 541 BN_init(&local_q);
504 q = &local_q; 542 q = &local_q;
505 BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME); 543 BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);
506 } 544 } else {
507 else
508 {
509 p = rsa->p; 545 p = rsa->p;
510 q = rsa->q; 546 q = rsa->q;
511 } 547 }
512 548
513 if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) 549 if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) {
514 { 550 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p,
515 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx)) 551 CRYPTO_LOCK_RSA, p, ctx))
516 error = 1; 552 error = 1;
517 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx)) 553 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q,
554 CRYPTO_LOCK_RSA, q, ctx))
518 error = 1; 555 error = 1;
519 } 556 }
520 557
521 /* clean up */ 558 /* clean up */
522 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 559 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
523 {
524 BN_free(&local_p); 560 BN_free(&local_p);
525 BN_free(&local_q); 561 BN_free(&local_q);
526 } 562 }
527 if ( error ) 563 if (error )
528 goto err; 564 goto err;
529 } 565 }
530 566
531 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) 567 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
532 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) 568 if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n,
569 CRYPTO_LOCK_RSA, rsa->n, ctx))
533 goto err; 570 goto err;
534 571
535 /* compute I mod q */ 572 /* compute I mod q */
536 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 573 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
537 {
538 c = &local_c; 574 c = &local_c;
539 BN_with_flags(c, I, BN_FLG_CONSTTIME); 575 BN_with_flags(c, I, BN_FLG_CONSTTIME);
540 if (!BN_mod(r1,c,rsa->q,ctx)) goto err; 576 if (!BN_mod(r1, c,rsa->q, ctx))
541 } 577 goto err;
542 else 578 } else {
543 { 579 if (!BN_mod(r1, I,rsa->q, ctx))
544 if (!BN_mod(r1,I,rsa->q,ctx)) goto err; 580 goto err;
545 } 581 }
546 582
547 /* compute r1^dmq1 mod q */ 583 /* compute r1^dmq1 mod q */
548 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 584 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
549 {
550 dmq1 = &local_dmq1; 585 dmq1 = &local_dmq1;
551 BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME); 586 BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
552 } 587 } else
553 else
554 dmq1 = rsa->dmq1; 588 dmq1 = rsa->dmq1;
555 589
556 if (!e_rsax_bn_mod_exp(m1,r1,dmq1,rsa->q,ctx, 590 if (!e_rsax_bn_mod_exp(m1, r1, dmq1, rsa->q, ctx, rsa->_method_mod_q,
557 rsa->_method_mod_q, e_rsax_get_ctx(rsa, 0, rsa->q) )) goto err; 591 e_rsax_get_ctx(rsa, 0, rsa->q)))
592 goto err;
558 593
559 /* compute I mod p */ 594 /* compute I mod p */
560 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 595 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
561 {
562 c = &local_c; 596 c = &local_c;
563 BN_with_flags(c, I, BN_FLG_CONSTTIME); 597 BN_with_flags(c, I, BN_FLG_CONSTTIME);
564 if (!BN_mod(r1,c,rsa->p,ctx)) goto err; 598 if (!BN_mod(r1, c,rsa->p, ctx))
565 } 599 goto err;
566 else 600 } else {
567 { 601 if (!BN_mod(r1, I,rsa->p, ctx))
568 if (!BN_mod(r1,I,rsa->p,ctx)) goto err; 602 goto err;
569 } 603 }
570 604
571 /* compute r1^dmp1 mod p */ 605 /* compute r1^dmp1 mod p */
572 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 606 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
573 {
574 dmp1 = &local_dmp1; 607 dmp1 = &local_dmp1;
575 BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME); 608 BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
576 } 609 } else
577 else
578 dmp1 = rsa->dmp1; 610 dmp1 = rsa->dmp1;
579 611
580 if (!e_rsax_bn_mod_exp(r0,r1,dmp1,rsa->p,ctx, 612 if (!e_rsax_bn_mod_exp(r0, r1, dmp1, rsa->p, ctx, rsa->_method_mod_p,
581 rsa->_method_mod_p, e_rsax_get_ctx(rsa, 1, rsa->p) )) goto err; 613 e_rsax_get_ctx(rsa, 1, rsa->p)))
614 goto err;
582 615
583 if (!BN_sub(r0,r0,m1)) goto err; 616 if (!BN_sub(r0, r0, m1))
617 goto err;
584 /* This will help stop the size of r0 increasing, which does 618 /* This will help stop the size of r0 increasing, which does
585 * affect the multiply if it optimised for a power of 2 size */ 619 * affect the multiply if it optimised for a power of 2 size */
586 if (BN_is_negative(r0)) 620 if (BN_is_negative(r0))
587 if (!BN_add(r0,r0,rsa->p)) goto err; 621 if (!BN_add(r0, r0, rsa->p))
622 goto err;
588 623
589 if (!BN_mul(r1,r0,rsa->iqmp,ctx)) goto err; 624 if (!BN_mul(r1, r0, rsa->iqmp, ctx))
625 goto err;
590 626
591 /* Turn BN_FLG_CONSTTIME flag on before division operation */ 627 /* Turn BN_FLG_CONSTTIME flag on before division operation */
592 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 628 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
593 {
594 pr1 = &local_r1; 629 pr1 = &local_r1;
595 BN_with_flags(pr1, r1, BN_FLG_CONSTTIME); 630 BN_with_flags(pr1, r1, BN_FLG_CONSTTIME);
596 } 631 } else
597 else
598 pr1 = r1; 632 pr1 = r1;
599 if (!BN_mod(r0,pr1,rsa->p,ctx)) goto err; 633 if (!BN_mod(r0, pr1, rsa->p, ctx))
634 goto err;
600 635
601 /* If p < q it is occasionally possible for the correction of 636 /* If p < q it is occasionally possible for the correction of
602 * adding 'p' if r0 is negative above to leave the result still 637 * adding 'p' if r0 is negative above to leave the result still
@@ -606,25 +641,30 @@ static int e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx
606 * they ensure p > q [steve] 641 * they ensure p > q [steve]
607 */ 642 */
608 if (BN_is_negative(r0)) 643 if (BN_is_negative(r0))
609 if (!BN_add(r0,r0,rsa->p)) goto err; 644 if (!BN_add(r0, r0, rsa->p))
610 if (!BN_mul(r1,r0,rsa->q,ctx)) goto err; 645 goto err;
611 if (!BN_add(r0,r1,m1)) goto err; 646 if (!BN_mul(r1, r0, rsa->q, ctx))
612 647 goto err;
613 if (rsa->e && rsa->n) 648 if (!BN_add(r0, r1, m1))
614 { 649 goto err;
615 if (!e_rsax_bn_mod_exp(vrfy,r0,rsa->e,rsa->n,ctx,rsa->_method_mod_n, e_rsax_get_ctx(rsa, 2, rsa->n) )) 650
616 goto err; 651 if (rsa->e && rsa->n) {
652 if (!e_rsax_bn_mod_exp(vrfy, r0, rsa->e, rsa->n, ctx,
653 rsa->_method_mod_n, e_rsax_get_ctx(rsa, 2, rsa->n)))
654 goto err;
617 655
618 /* If 'I' was greater than (or equal to) rsa->n, the operation 656 /* If 'I' was greater than (or equal to) rsa->n, the operation
619 * will be equivalent to using 'I mod n'. However, the result of 657 * will be equivalent to using 'I mod n'. However, the result of
620 * the verify will *always* be less than 'n' so we don't check 658 * the verify will *always* be less than 'n' so we don't check
621 * for absolute equality, just congruency. */ 659 * for absolute equality, just congruency. */
622 if (!BN_sub(vrfy, vrfy, I)) goto err; 660 if (!BN_sub(vrfy, vrfy, I))
623 if (!BN_mod(vrfy, vrfy, rsa->n, ctx)) goto err; 661 goto err;
662 if (!BN_mod(vrfy, vrfy, rsa->n, ctx))
663 goto err;
624 if (BN_is_negative(vrfy)) 664 if (BN_is_negative(vrfy))
625 if (!BN_add(vrfy, vrfy, rsa->n)) goto err; 665 if (!BN_add(vrfy, vrfy, rsa->n))
626 if (!BN_is_zero(vrfy)) 666 goto err;
627 { 667 if (!BN_is_zero(vrfy)) {
628 /* 'I' and 'vrfy' aren't congruent mod n. Don't leak 668 /* 'I' and 'vrfy' aren't congruent mod n. Don't leak
629 * miscalculated CRT output, just do a raw (slower) 669 * miscalculated CRT output, just do a raw (slower)
630 * mod_exp and return that instead. */ 670 * mod_exp and return that instead. */
@@ -632,23 +672,22 @@ static int e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx
632 BIGNUM local_d; 672 BIGNUM local_d;
633 BIGNUM *d = NULL; 673 BIGNUM *d = NULL;
634 674
635 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) 675 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
636 {
637 d = &local_d; 676 d = &local_d;
638 BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); 677 BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
639 } 678 } else
640 else
641 d = rsa->d; 679 d = rsa->d;
642 if (!e_rsax_bn_mod_exp(r0,I,d,rsa->n,ctx, 680 if (!e_rsax_bn_mod_exp(r0, I,d, rsa->n, ctx,
643 rsa->_method_mod_n, e_rsax_get_ctx(rsa, 2, rsa->n) )) goto err; 681 rsa->_method_mod_n, e_rsax_get_ctx(rsa, 2, rsa->n)))
644 } 682 goto err;
645 } 683 }
646 ret=1; 684 }
685 ret = 1;
647 686
648err: 687err:
649 BN_CTX_end(ctx); 688 BN_CTX_end(ctx);
650 689
651 return ret; 690 return ret;
652 } 691}
653#endif /* !OPENSSL_NO_RSA */ 692#endif /* !OPENSSL_NO_RSA */
654#endif /* !COMPILE_RSAX */ 693#endif /* !COMPILE_RSAX */
diff --git a/src/lib/libssl/src/crypto/engine/eng_table.c b/src/lib/libssl/src/crypto/engine/eng_table.c
index 5781af1eb9..44f3e892b8 100644
--- a/src/lib/libssl/src/crypto/engine/eng_table.c
+++ b/src/lib/libssl/src/crypto/engine/eng_table.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_table.c,v 1.5 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: eng_table.c,v 1.6 2014/06/22 12:05:09 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2001 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -7,7 +7,7 @@
7 * are met: 7 * are met:
8 * 8 *
9 * 1. Redistributions of source code must retain the above copyright 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer. 10 * notice, this list of conditions and the following disclaimer.
11 * 11 *
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in 13 * notice, this list of conditions and the following disclaimer in
@@ -59,8 +59,7 @@
59#include "eng_int.h" 59#include "eng_int.h"
60 60
61/* The type of the items in the table */ 61/* The type of the items in the table */
62typedef struct st_engine_pile 62typedef struct st_engine_pile {
63 {
64 /* The 'nid' of this algorithm/mode */ 63 /* The 'nid' of this algorithm/mode */
65 int nid; 64 int nid;
66 /* ENGINEs that implement this algorithm/mode. */ 65 /* ENGINEs that implement this algorithm/mode. */
@@ -69,284 +68,287 @@ typedef struct st_engine_pile
69 ENGINE *funct; 68 ENGINE *funct;
70 /* Zero if 'sk' is newer than the cached 'funct', non-zero otherwise */ 69 /* Zero if 'sk' is newer than the cached 'funct', non-zero otherwise */
71 int uptodate; 70 int uptodate;
72 } ENGINE_PILE; 71} ENGINE_PILE;
73 72
74DECLARE_LHASH_OF(ENGINE_PILE); 73DECLARE_LHASH_OF(ENGINE_PILE);
75 74
76/* The type exposed in eng_int.h */ 75/* The type exposed in eng_int.h */
77struct st_engine_table 76struct st_engine_table {
78 {
79 LHASH_OF(ENGINE_PILE) piles; 77 LHASH_OF(ENGINE_PILE) piles;
80 }; /* ENGINE_TABLE */ 78}; /* ENGINE_TABLE */
81 79
82 80typedef struct st_engine_pile_doall {
83typedef struct st_engine_pile_doall
84 {
85 engine_table_doall_cb *cb; 81 engine_table_doall_cb *cb;
86 void *arg; 82 void *arg;
87 } ENGINE_PILE_DOALL; 83} ENGINE_PILE_DOALL;
88
89 84
90/* Global flags (ENGINE_TABLE_FLAG_***). */ 85/* Global flags (ENGINE_TABLE_FLAG_***). */
91static unsigned int table_flags = 0; 86static unsigned int table_flags = 0;
92 87
93/* API function manipulating 'table_flags' */ 88/* API function manipulating 'table_flags' */
94unsigned int ENGINE_get_table_flags(void) 89unsigned int
95 { 90ENGINE_get_table_flags(void)
91{
96 return table_flags; 92 return table_flags;
97 } 93}
98 94
99void ENGINE_set_table_flags(unsigned int flags) 95void
100 { 96ENGINE_set_table_flags(unsigned int flags)
97{
101 table_flags = flags; 98 table_flags = flags;
102 } 99}
103 100
104/* Internal functions for the "piles" hash table */ 101/* Internal functions for the "piles" hash table */
105static unsigned long engine_pile_hash(const ENGINE_PILE *c) 102static unsigned long
106 { 103engine_pile_hash(const ENGINE_PILE *c)
104{
107 return c->nid; 105 return c->nid;
108 } 106}
109 107
110static int engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b) 108static int
111 { 109engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b)
110{
112 return a->nid - b->nid; 111 return a->nid - b->nid;
113 } 112}
114static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE) 113static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE)
115static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE) 114static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE)
116 115
117static int int_table_check(ENGINE_TABLE **t, int create) 116static int
118 { 117int_table_check(ENGINE_TABLE **t, int create)
118{
119 LHASH_OF(ENGINE_PILE) *lh; 119 LHASH_OF(ENGINE_PILE) *lh;
120 120
121 if(*t) return 1; 121 if (*t)
122 if(!create) return 0; 122 return 1;
123 if((lh = lh_ENGINE_PILE_new()) == NULL) 123 if (!create)
124 return 0;
125 if ((lh = lh_ENGINE_PILE_new()) == NULL)
124 return 0; 126 return 0;
125 *t = (ENGINE_TABLE *)lh; 127 *t = (ENGINE_TABLE *)lh;
126 return 1; 128 return 1;
127 } 129}
128 130
129/* Privately exposed (via eng_int.h) functions for adding and/or removing 131/* Privately exposed (via eng_int.h) functions for adding and/or removing
130 * ENGINEs from the implementation table */ 132 * ENGINEs from the implementation table */
131int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, 133int
132 ENGINE *e, const int *nids, int num_nids, int setdefault) 134engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
133 { 135 ENGINE *e, const int *nids, int num_nids, int setdefault)
136{
134 int ret = 0, added = 0; 137 int ret = 0, added = 0;
135 ENGINE_PILE tmplate, *fnd; 138 ENGINE_PILE tmplate, *fnd;
139
136 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 140 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
137 if(!(*table)) 141 if (!(*table))
138 added = 1; 142 added = 1;
139 if(!int_table_check(table, 1)) 143 if (!int_table_check(table, 1))
140 goto end; 144 goto end;
141 if(added) 145 if (added)
142 /* The cleanup callback needs to be added */ 146 /* The cleanup callback needs to be added */
143 engine_cleanup_add_first(cleanup); 147 engine_cleanup_add_first(cleanup);
144 while(num_nids--) 148 while (num_nids--) {
145 {
146 tmplate.nid = *nids; 149 tmplate.nid = *nids;
147 fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate); 150 fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
148 if(!fnd) 151 if (!fnd) {
149 {
150 fnd = malloc(sizeof(ENGINE_PILE)); 152 fnd = malloc(sizeof(ENGINE_PILE));
151 if(!fnd) goto end; 153 if (!fnd)
154 goto end;
152 fnd->uptodate = 1; 155 fnd->uptodate = 1;
153 fnd->nid = *nids; 156 fnd->nid = *nids;
154 fnd->sk = sk_ENGINE_new_null(); 157 fnd->sk = sk_ENGINE_new_null();
155 if(!fnd->sk) 158 if (!fnd->sk) {
156 {
157 free(fnd); 159 free(fnd);
158 goto end; 160 goto end;
159 } 161 }
160 fnd->funct = NULL; 162 fnd->funct = NULL;
161 (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd); 163 (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
162 } 164 }
163 /* A registration shouldn't add duplciate entries */ 165 /* A registration shouldn't add duplciate entries */
164 (void)sk_ENGINE_delete_ptr(fnd->sk, e); 166 (void)sk_ENGINE_delete_ptr(fnd->sk, e);
165 /* if 'setdefault', this ENGINE goes to the head of the list */ 167 /* if 'setdefault', this ENGINE goes to the head of the list */
166 if(!sk_ENGINE_push(fnd->sk, e)) 168 if (!sk_ENGINE_push(fnd->sk, e))
167 goto end; 169 goto end;
168 /* "touch" this ENGINE_PILE */ 170 /* "touch" this ENGINE_PILE */
169 fnd->uptodate = 0; 171 fnd->uptodate = 0;
170 if(setdefault) 172 if (setdefault) {
171 { 173 if (!engine_unlocked_init(e)) {
172 if(!engine_unlocked_init(e))
173 {
174 ENGINEerr(ENGINE_F_ENGINE_TABLE_REGISTER, 174 ENGINEerr(ENGINE_F_ENGINE_TABLE_REGISTER,
175 ENGINE_R_INIT_FAILED); 175 ENGINE_R_INIT_FAILED);
176 goto end; 176 goto end;
177 } 177 }
178 if(fnd->funct) 178 if (fnd->funct)
179 engine_unlocked_finish(fnd->funct, 0); 179 engine_unlocked_finish(fnd->funct, 0);
180 fnd->funct = e; 180 fnd->funct = e;
181 fnd->uptodate = 1; 181 fnd->uptodate = 1;
182 }
183 nids++;
184 } 182 }
183 nids++;
184 }
185 ret = 1; 185 ret = 1;
186end: 186end:
187 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 187 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
188 return ret; 188 return ret;
189 } 189}
190static void int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e) 190
191 { 191static void
192int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e)
193{
192 int n; 194 int n;
195
193 /* Iterate the 'c->sk' stack removing any occurance of 'e' */ 196 /* Iterate the 'c->sk' stack removing any occurance of 'e' */
194 while((n = sk_ENGINE_find(pile->sk, e)) >= 0) 197 while ((n = sk_ENGINE_find(pile->sk, e)) >= 0) {
195 {
196 (void)sk_ENGINE_delete(pile->sk, n); 198 (void)sk_ENGINE_delete(pile->sk, n);
197 pile->uptodate = 0; 199 pile->uptodate = 0;
198 } 200 }
199 if(pile->funct == e) 201 if (pile->funct == e) {
200 {
201 engine_unlocked_finish(e, 0); 202 engine_unlocked_finish(e, 0);
202 pile->funct = NULL; 203 pile->funct = NULL;
203 }
204 } 204 }
205}
205static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE) 206static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE)
206 207
207void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e) 208void
208 { 209engine_table_unregister(ENGINE_TABLE **table, ENGINE *e)
210{
209 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 211 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
210 if(int_table_check(table, 0)) 212 if (int_table_check(table, 0))
211 lh_ENGINE_PILE_doall_arg(&(*table)->piles, 213 lh_ENGINE_PILE_doall_arg(&(*table)->piles,
212 LHASH_DOALL_ARG_FN(int_unregister_cb), 214 LHASH_DOALL_ARG_FN(int_unregister_cb), ENGINE, e);
213 ENGINE, e);
214 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 215 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
215 } 216}
216 217
217static void int_cleanup_cb_doall(ENGINE_PILE *p) 218static void
218 { 219int_cleanup_cb_doall(ENGINE_PILE *p)
220{
219 sk_ENGINE_free(p->sk); 221 sk_ENGINE_free(p->sk);
220 if(p->funct) 222 if (p->funct)
221 engine_unlocked_finish(p->funct, 0); 223 engine_unlocked_finish(p->funct, 0);
222 free(p); 224 free(p);
223 } 225}
224static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE) 226static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE)
225 227
226void engine_table_cleanup(ENGINE_TABLE **table) 228void
227 { 229engine_table_cleanup(ENGINE_TABLE **table)
230{
228 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 231 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
229 if(*table) 232 if (*table) {
230 {
231 lh_ENGINE_PILE_doall(&(*table)->piles, 233 lh_ENGINE_PILE_doall(&(*table)->piles,
232 LHASH_DOALL_FN(int_cleanup_cb)); 234 LHASH_DOALL_FN(int_cleanup_cb));
233 lh_ENGINE_PILE_free(&(*table)->piles); 235 lh_ENGINE_PILE_free(&(*table)->piles);
234 *table = NULL; 236 *table = NULL;
235 }
236 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
237 } 237 }
238 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
239}
238 240
239/* return a functional reference for a given 'nid' */ 241/* return a functional reference for a given 'nid' */
240#ifndef ENGINE_TABLE_DEBUG 242#ifndef ENGINE_TABLE_DEBUG
241ENGINE *engine_table_select(ENGINE_TABLE **table, int nid) 243ENGINE *
244engine_table_select(ENGINE_TABLE **table, int nid)
242#else 245#else
243ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l) 246ENGINE *
247engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l)
244#endif 248#endif
245 { 249{
246 ENGINE *ret = NULL; 250 ENGINE *ret = NULL;
247 ENGINE_PILE tmplate, *fnd=NULL; 251 ENGINE_PILE tmplate, *fnd = NULL;
248 int initres, loop = 0; 252 int initres, loop = 0;
249 253
250 if(!(*table)) 254 if (!(*table)) {
251 {
252#ifdef ENGINE_TABLE_DEBUG 255#ifdef ENGINE_TABLE_DEBUG
253 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, nothing " 256 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, nothing "
254 "registered!\n", f, l, nid); 257 "registered!\n", f, l, nid);
255#endif 258#endif
256 return NULL; 259 return NULL;
257 } 260 }
258 ERR_set_mark(); 261 ERR_set_mark();
259 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 262 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
260 /* Check again inside the lock otherwise we could race against cleanup 263 /* Check again inside the lock otherwise we could race against cleanup
261 * operations. But don't worry about a fprintf(stderr). */ 264 * operations. But don't worry about a fprintf(stderr). */
262 if(!int_table_check(table, 0)) goto end; 265 if (!int_table_check(table, 0))
266 goto end;
263 tmplate.nid = nid; 267 tmplate.nid = nid;
264 fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate); 268 fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
265 if(!fnd) goto end; 269 if (!fnd)
266 if(fnd->funct && engine_unlocked_init(fnd->funct)) 270 goto end;
267 { 271 if (fnd->funct && engine_unlocked_init(fnd->funct)) {
268#ifdef ENGINE_TABLE_DEBUG 272#ifdef ENGINE_TABLE_DEBUG
269 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using " 273 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
270 "ENGINE '%s' cached\n", f, l, nid, fnd->funct->id); 274 "ENGINE '%s' cached\n", f, l, nid, fnd->funct->id);
271#endif 275#endif
272 ret = fnd->funct; 276 ret = fnd->funct;
273 goto end; 277 goto end;
274 } 278 }
275 if(fnd->uptodate) 279 if (fnd->uptodate) {
276 {
277 ret = fnd->funct; 280 ret = fnd->funct;
278 goto end; 281 goto end;
279 } 282 }
280trynext: 283trynext:
281 ret = sk_ENGINE_value(fnd->sk, loop++); 284 ret = sk_ENGINE_value(fnd->sk, loop++);
282 if(!ret) 285 if (!ret) {
283 {
284#ifdef ENGINE_TABLE_DEBUG 286#ifdef ENGINE_TABLE_DEBUG
285 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no " 287 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no "
286 "registered implementations would initialise\n", 288 "registered implementations would initialise\n", f, l, nid);
287 f, l, nid);
288#endif 289#endif
289 goto end; 290 goto end;
290 } 291 }
291 /* Try to initialise the ENGINE? */ 292 /* Try to initialise the ENGINE? */
292 if((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT)) 293 if ((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT))
293 initres = engine_unlocked_init(ret); 294 initres = engine_unlocked_init(ret);
294 else 295 else
295 initres = 0; 296 initres = 0;
296 if(initres) 297 if (initres) {
297 {
298 /* Update 'funct' */ 298 /* Update 'funct' */
299 if((fnd->funct != ret) && engine_unlocked_init(ret)) 299 if ((fnd->funct != ret) && engine_unlocked_init(ret)) {
300 {
301 /* If there was a previous default we release it. */ 300 /* If there was a previous default we release it. */
302 if(fnd->funct) 301 if (fnd->funct)
303 engine_unlocked_finish(fnd->funct, 0); 302 engine_unlocked_finish(fnd->funct, 0);
304 fnd->funct = ret; 303 fnd->funct = ret;
305#ifdef ENGINE_TABLE_DEBUG 304#ifdef ENGINE_TABLE_DEBUG
306 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, " 305 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, "
307 "setting default to '%s'\n", f, l, nid, ret->id); 306 "setting default to '%s'\n", f, l, nid, ret->id);
308#endif 307#endif
309 } 308 }
310#ifdef ENGINE_TABLE_DEBUG 309#ifdef ENGINE_TABLE_DEBUG
311 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using " 310 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
312 "newly initialised '%s'\n", f, l, nid, ret->id); 311 "newly initialised '%s'\n", f, l, nid, ret->id);
313#endif 312#endif
314 goto end; 313 goto end;
315 } 314 }
316 goto trynext; 315 goto trynext;
317end: 316end:
318 /* If it failed, it is unlikely to succeed again until some future 317 /* If it failed, it is unlikely to succeed again until some future
319 * registrations have taken place. In all cases, we cache. */ 318 * registrations have taken place. In all cases, we cache. */
320 if(fnd) fnd->uptodate = 1; 319 if (fnd)
320 fnd->uptodate = 1;
321#ifdef ENGINE_TABLE_DEBUG 321#ifdef ENGINE_TABLE_DEBUG
322 if(ret) 322 if (ret)
323 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching " 323 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
324 "ENGINE '%s'\n", f, l, nid, ret->id); 324 "ENGINE '%s'\n", f, l, nid, ret->id);
325 else 325 else
326 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching " 326 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
327 "'no matching ENGINE'\n", f, l, nid); 327 "'no matching ENGINE'\n", f, l, nid);
328#endif 328#endif
329 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 329 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
330 /* Whatever happened, any failed init()s are not failures in this 330 /* Whatever happened, any failed init()s are not failures in this
331 * context, so clear our error state. */ 331 * context, so clear our error state. */
332 ERR_pop_to_mark(); 332 ERR_pop_to_mark();
333 return ret; 333 return ret;
334 } 334}
335 335
336/* Table enumeration */ 336/* Table enumeration */
337 337
338static void int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall) 338static void
339 { 339int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall)
340{
340 dall->cb(pile->nid, pile->sk, pile->funct, dall->arg); 341 dall->cb(pile->nid, pile->sk, pile->funct, dall->arg);
341 } 342}
342static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE,ENGINE_PILE_DOALL) 343static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE, ENGINE_PILE_DOALL)
343 344
344void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, 345void
345 void *arg) 346engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, void *arg)
346 { 347{
347 ENGINE_PILE_DOALL dall; 348 ENGINE_PILE_DOALL dall;
349
348 dall.cb = cb; 350 dall.cb = cb;
349 dall.arg = arg; 351 dall.arg = arg;
350 lh_ENGINE_PILE_doall_arg(&table->piles, LHASH_DOALL_ARG_FN(int_cb), 352 lh_ENGINE_PILE_doall_arg(&table->piles, LHASH_DOALL_ARG_FN(int_cb),
351 ENGINE_PILE_DOALL, &dall); 353 ENGINE_PILE_DOALL, &dall);
352 } 354}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 06:33:12 +0000