1 files changed, 1 insertions, 115 deletions
diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h
index 4ae6a8195d..5f8278faa8 100644
--- a/src/lib/libcrypto/bn/bn.h
+++ b/src/lib/libcrypto/bn/bn.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn.h,v 1.31 2016/03/04 16:23:30 deraadt Exp $ */
+/* $OpenBSD: bn.h,v 1.32 2016/12/21 15:49:29 jsing Exp $ */
 /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -617,118 +617,6 @@ const BIGNUM *BN_get0_nist_prime_256(void);
 const BIGNUM *BN_get0_nist_prime_384(void);
 const BIGNUM *BN_get0_nist_prime_521(void);
-/* library internal functions */
-#define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
-BIGNUM *bn_expand2(BIGNUM *a, int words);
-BIGNUM *bn_expand(BIGNUM *a, int bits);
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
-#endif
-/* Bignum consistency macros
- * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
- * bignum data after direct manipulations on the data. There is also an
- * "internal" macro, bn_check_top(), for verifying that there are no leading
- * zeroes. Unfortunately, some auditing is required due to the fact that
- * bn_fix_top() has become an overabused duct-tape because bignum data is
- * occasionally passed around in an inconsistent state. So the following
- * changes have been made to sort this out;
- * - bn_fix_top()s implementation has been moved to bn_correct_top()
- * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
- *   bn_check_top() is as before.
- * - if BN_DEBUG *is* defined;
- *   - bn_check_top() tries to pollute unused words even if the bignum 'top' is
- *     consistent. (ed: only if BN_DEBUG_RAND is defined)
- *   - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
- * The idea is to have debug builds flag up inconsistent bignums when they
- * occur. If that occurs in a bn_fix_top(), we examine the code in question; if
- * the use of bn_fix_top() was appropriate (ie. it follows directly after code
- * that manipulates the bignum) it is converted to bn_correct_top(), and if it
- * was not appropriate, we convert it permanently to bn_check_top() and track
- * down the cause of the bug. Eventually, no internal code should be using the
- * bn_fix_top() macro. External applications and libraries should try this with
- * their own code too, both in terms of building against the openssl headers
- * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it
- * defined. This not only improves external code, it provides more test
- * coverage for openssl's own code.
- */
-#ifdef BN_DEBUG
-/* We only need assert() when debugging */
-#include <assert.h>
-#ifdef BN_DEBUG_RAND
-#define bn_pollute(a) \
-        do { \
-                const BIGNUM *_bnum1 = (a); \
-                if(_bnum1->top < _bnum1->dmax) { \
-                        unsigned char _tmp_char; \
-                        /* We cast away const without the compiler knowing, any \
-                         * *genuinely* constant variables that aren't mutable \
-                         * wouldn't be constructed with top!=dmax. */ \
-                        BN_ULONG *_not_const; \
-                        memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
-                        arc4random_buf(&_tmp_char, 1); \
-                        memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
-                                (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
-                } \
-        } while(0)
-#else
-#define bn_pollute(a)
-#endif
-#define bn_check_top(a) \
-        do { \
-                const BIGNUM *_bnum2 = (a); \
-                if (_bnum2 != NULL) { \
-                        assert((_bnum2->top == 0) || \
-                                (_bnum2->d[_bnum2->top - 1] != 0)); \
-                        bn_pollute(_bnum2); \
-                } \
-        } while(0)
-#define bn_fix_top(a)           bn_check_top(a)
-#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
-#define bn_wcheck_size(bn, words) \
-        do { \
-                const BIGNUM *_bnum2 = (bn); \
-                assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \
-        } while(0)
-#else /* !BN_DEBUG */
-#define bn_pollute(a)
-#define bn_check_top(a)
-#define bn_fix_top(a)           bn_correct_top(a)
-#define bn_check_size(bn, bits)
-#define bn_wcheck_size(bn, words)
-#endif
-#define bn_correct_top(a) \
-        { \
-        BN_ULONG *ftl; \
-        int tmp_top = (a)->top; \
-        if (tmp_top > 0) \
-                { \
-                for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
-                        if (*(ftl--)) break; \
-                (a)->top = tmp_top; \
-                } \
-        bn_pollute(a); \
-        }
-                        BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-void     bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
-BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, int num);
-BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, int num);
 /* Primes from RFC 2409 */
 BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
 BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
@@ -741,8 +629,6 @@ BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
 BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
 BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
-int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
 * made after this point may be overwritten when the script is next run.

diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h index 4ae6a8195d..5f8278faa8 100644 --- a/src/lib/libcrypto/bn/bn.h +++ b/src/lib/libcrypto/bn/bn.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn.h,v 1.31 2016/03/04 16:23:30 deraadt Exp $ */	1	/* $OpenBSD: bn.h,v 1.32 2016/12/21 15:49:29 jsing Exp $ */
2	/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -617,118 +617,6 @@ const BIGNUM *BN_get0_nist_prime_256(void);
617	const BIGNUM *BN_get0_nist_prime_384(void);	617	const BIGNUM *BN_get0_nist_prime_384(void);
618	const BIGNUM *BN_get0_nist_prime_521(void);	618	const BIGNUM *BN_get0_nist_prime_521(void);
619		619
620	/* library internal functions */
621
622	#define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
623	BIGNUM bn_expand2(BIGNUM a, int words);
624	BIGNUM bn_expand(BIGNUM a, int bits);
625
626	#ifndef OPENSSL_NO_DEPRECATED
627	BIGNUM bn_dup_expand(const BIGNUM a, int words); /* unused */
628	#endif
629
630	/* Bignum consistency macros
631	* There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
632	* bignum data after direct manipulations on the data. There is also an
633	* "internal" macro, bn_check_top(), for verifying that there are no leading
634	* zeroes. Unfortunately, some auditing is required due to the fact that
635	* bn_fix_top() has become an overabused duct-tape because bignum data is
636	* occasionally passed around in an inconsistent state. So the following
637	* changes have been made to sort this out;
638	* - bn_fix_top()s implementation has been moved to bn_correct_top()
639	* - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
640	* bn_check_top() is as before.
641	* - if BN_DEBUG is defined;
642	* - bn_check_top() tries to pollute unused words even if the bignum 'top' is
643	* consistent. (ed: only if BN_DEBUG_RAND is defined)
644	* - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
645	* The idea is to have debug builds flag up inconsistent bignums when they
646	* occur. If that occurs in a bn_fix_top(), we examine the code in question; if
647	* the use of bn_fix_top() was appropriate (ie. it follows directly after code
648	* that manipulates the bignum) it is converted to bn_correct_top(), and if it
649	* was not appropriate, we convert it permanently to bn_check_top() and track
650	* down the cause of the bug. Eventually, no internal code should be using the
651	* bn_fix_top() macro. External applications and libraries should try this with
652	* their own code too, both in terms of building against the openssl headers
653	* with BN_DEBUG defined and linking with a version of OpenSSL built with it
654	* defined. This not only improves external code, it provides more test
655	* coverage for openssl's own code.
656	*/
657
658	#ifdef BN_DEBUG
659
660	/* We only need assert() when debugging */
661	#include <assert.h>
662
663	#ifdef BN_DEBUG_RAND
664	#define bn_pollute(a) \
665	do { \
666	const BIGNUM *_bnum1 = (a); \
667	if(_bnum1->top < _bnum1->dmax) { \
668	unsigned char _tmp_char; \
669	/* We cast away const without the compiler knowing, any \
670	* genuinely constant variables that aren't mutable \
671	* wouldn't be constructed with top!=dmax. */ \
672	BN_ULONG *_not_const; \
673	memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
674	arc4random_buf(&_tmp_char, 1); \
675	memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
676	(_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
677	} \
678	} while(0)
679	#else
680	#define bn_pollute(a)
681	#endif
682
683	#define bn_check_top(a) \
684	do { \
685	const BIGNUM *_bnum2 = (a); \
686	if (_bnum2 != NULL) { \
687	assert((_bnum2->top == 0) \|\| \
688	(_bnum2->d[_bnum2->top - 1] != 0)); \
689	bn_pollute(_bnum2); \
690	} \
691	} while(0)
692
693	#define bn_fix_top(a) bn_check_top(a)
694
695	#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
696	#define bn_wcheck_size(bn, words) \
697	do { \
698	const BIGNUM *_bnum2 = (bn); \
699	assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \
700	} while(0)
701
702	#else /* !BN_DEBUG */
703
704	#define bn_pollute(a)
705	#define bn_check_top(a)
706	#define bn_fix_top(a) bn_correct_top(a)
707	#define bn_check_size(bn, bits)
708	#define bn_wcheck_size(bn, words)
709
710	#endif
711
712	#define bn_correct_top(a) \
713	{ \
714	BN_ULONG *ftl; \
715	int tmp_top = (a)->top; \
716	if (tmp_top > 0) \
717	{ \
718	for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
719	if (*(ftl--)) break; \
720	(a)->top = tmp_top; \
721	} \
722	bn_pollute(a); \
723	}
724
725	BN_ULONG bn_mul_add_words(BN_ULONG rp, const BN_ULONG ap, int num, BN_ULONG w);
726	BN_ULONG bn_mul_words(BN_ULONG rp, const BN_ULONG ap, int num, BN_ULONG w);
727	void bn_sqr_words(BN_ULONG rp, const BN_ULONG ap, int num);
728	BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
729	BN_ULONG bn_add_words(BN_ULONG rp, const BN_ULONG ap, const BN_ULONG *bp, int num);
730	BN_ULONG bn_sub_words(BN_ULONG rp, const BN_ULONG ap, const BN_ULONG *bp, int num);
731
732	/* Primes from RFC 2409 */	620	/* Primes from RFC 2409 */
733	BIGNUM get_rfc2409_prime_768(BIGNUM bn);	621	BIGNUM get_rfc2409_prime_768(BIGNUM bn);
734	BIGNUM get_rfc2409_prime_1024(BIGNUM bn);	622	BIGNUM get_rfc2409_prime_1024(BIGNUM bn);
@@ -741,8 +629,6 @@ BIGNUM get_rfc3526_prime_4096(BIGNUM bn);
741	BIGNUM get_rfc3526_prime_6144(BIGNUM bn);	629	BIGNUM get_rfc3526_prime_6144(BIGNUM bn);
742	BIGNUM get_rfc3526_prime_8192(BIGNUM bn);	630	BIGNUM get_rfc3526_prime_8192(BIGNUM bn);
743		631
744	int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
745
746	/* BEGIN ERROR CODES */	632	/* BEGIN ERROR CODES */
747	/* The following lines are auto generated by the script mkerr.pl. Any changes	633	/* The following lines are auto generated by the script mkerr.pl. Any changes
748	* made after this point may be overwritten when the script is next run.	634	* made after this point may be overwritten when the script is next run.