summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/evp')
-rw-r--r--src/lib/libcrypto/evp/Makefile.ssl46
-rw-r--r--src/lib/libcrypto/evp/bio_b64.c18
-rw-r--r--src/lib/libcrypto/evp/bio_enc.c30
-rw-r--r--src/lib/libcrypto/evp/bio_md.c17
-rw-r--r--src/lib/libcrypto/evp/bio_ok.c33
-rw-r--r--src/lib/libcrypto/evp/c_all.c136
-rw-r--r--src/lib/libcrypto/evp/c_allc.c149
-rw-r--r--src/lib/libcrypto/evp/c_alld.c100
-rw-r--r--src/lib/libcrypto/evp/e_cbc_3d.c10
-rw-r--r--src/lib/libcrypto/evp/e_cbc_d.c2
-rw-r--r--src/lib/libcrypto/evp/e_cfb_3d.c10
-rw-r--r--src/lib/libcrypto/evp/e_cfb_d.c2
-rw-r--r--src/lib/libcrypto/evp/e_ecb_3d.c10
-rw-r--r--src/lib/libcrypto/evp/e_ecb_d.c2
-rw-r--r--src/lib/libcrypto/evp/e_ofb_3d.c10
-rw-r--r--src/lib/libcrypto/evp/e_ofb_d.c2
-rw-r--r--src/lib/libcrypto/evp/e_xcbc_d.c2
-rw-r--r--src/lib/libcrypto/evp/encode.c4
-rw-r--r--src/lib/libcrypto/evp/evp.h43
-rw-r--r--src/lib/libcrypto/evp/evp_err.c8
-rw-r--r--src/lib/libcrypto/evp/evp_key.c11
-rw-r--r--src/lib/libcrypto/evp/evp_lib.c6
-rw-r--r--src/lib/libcrypto/evp/evp_pkey.c265
-rw-r--r--src/lib/libcrypto/evp/p_lib.c64
-rw-r--r--src/lib/libcrypto/evp/p_open.c6
-rw-r--r--src/lib/libcrypto/evp/p_seal.c5
26 files changed, 712 insertions, 279 deletions
diff --git a/src/lib/libcrypto/evp/Makefile.ssl b/src/lib/libcrypto/evp/Makefile.ssl
index 753479a015..c763b5ccd6 100644
--- a/src/lib/libcrypto/evp/Makefile.ssl
+++ b/src/lib/libcrypto/evp/Makefile.ssl
@@ -35,7 +35,8 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c \
35 m_ripemd.c \ 35 m_ripemd.c \
36 p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ 36 p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
37 bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ 37 bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
38 c_all.c evp_lib.c bio_ok.c evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c 38 c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
39 evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c
39 40
40LIBOBJ= encode.o digest.o evp_enc.o evp_key.o \ 41LIBOBJ= encode.o digest.o evp_enc.o evp_key.o \
41 e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o \ 42 e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o \
@@ -50,7 +51,8 @@ LIBOBJ= encode.o digest.o evp_enc.o evp_key.o \
50 m_ripemd.o \ 51 m_ripemd.o \
51 p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \ 52 p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
52 bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \ 53 bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
53 c_all.o evp_lib.o bio_ok.o evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o 54 c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
55 evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o
54 56
55SRC= $(LIBSRC) 57SRC= $(LIBSRC)
56 58
@@ -176,13 +178,45 @@ c_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
176c_all.o: ../../include/openssl/idea.h ../../include/openssl/md2.h 178c_all.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
177c_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h 179c_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
178c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h 180c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
179c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h 181c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h
180c_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
181c_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h 182c_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
182c_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h 183c_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
183c_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h 184c_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
184c_all.o: ../../include/openssl/stack.h ../../include/openssl/x509.h 185c_all.o: ../../include/openssl/stack.h ../cryptlib.h
185c_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h 186c_allc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
187c_allc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
188c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
189c_allc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
190c_allc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
191c_allc.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
192c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
193c_allc.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
194c_allc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
195c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
196c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
197c_allc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
198c_allc.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
199c_allc.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
200c_allc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
201c_allc.o: ../../include/openssl/stack.h ../../include/openssl/x509.h
202c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
203c_alld.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
204c_alld.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
205c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
206c_alld.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
207c_alld.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
208c_alld.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
209c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
210c_alld.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
211c_alld.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
212c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
213c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
214c_alld.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
215c_alld.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
216c_alld.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
217c_alld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
218c_alld.o: ../../include/openssl/stack.h ../../include/openssl/x509.h
219c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
186digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h 220digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
187digest.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h 221digest.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
188digest.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h 222digest.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c
index 84729119df..bd5e24f993 100644
--- a/src/lib/libcrypto/evp/bio_b64.c
+++ b/src/lib/libcrypto/evp/bio_b64.c
@@ -69,6 +69,7 @@ static int b64_read(BIO *h,char *buf,int size);
69static long b64_ctrl(BIO *h,int cmd,long arg1,char *arg2); 69static long b64_ctrl(BIO *h,int cmd,long arg1,char *arg2);
70static int b64_new(BIO *h); 70static int b64_new(BIO *h);
71static int b64_free(BIO *data); 71static int b64_free(BIO *data);
72static long b64_callback_ctrl(BIO *h,int cmd,void (*fp)());
72#define B64_BLOCK_SIZE 1024 73#define B64_BLOCK_SIZE 1024
73#define B64_BLOCK_SIZE2 768 74#define B64_BLOCK_SIZE2 768
74#define B64_NONE 0 75#define B64_NONE 0
@@ -100,6 +101,7 @@ static BIO_METHOD methods_b64=
100 b64_ctrl, 101 b64_ctrl,
101 b64_new, 102 b64_new,
102 b64_free, 103 b64_free,
104 b64_callback_ctrl,
103 }; 105 };
104 106
105BIO_METHOD *BIO_f_base64(void) 107BIO_METHOD *BIO_f_base64(void)
@@ -237,8 +239,8 @@ static int b64_read(BIO *b, char *out, int outl)
237 &(ctx->tmp[0])); 239 &(ctx->tmp[0]));
238 for (x=0; x < i; x++) 240 for (x=0; x < i; x++)
239 ctx->tmp[x]=p[x]; 241 ctx->tmp[x]=p[x];
240 EVP_DecodeInit(&ctx->base64);
241 } 242 }
243 EVP_DecodeInit(&ctx->base64);
242 ctx->start=0; 244 ctx->start=0;
243 break; 245 break;
244 } 246 }
@@ -522,3 +524,17 @@ again:
522 return(ret); 524 return(ret);
523 } 525 }
524 526
527static long b64_callback_ctrl(BIO *b, int cmd, void (*fp)())
528 {
529 long ret=1;
530
531 if (b->next_bio == NULL) return(0);
532 switch (cmd)
533 {
534 default:
535 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
536 break;
537 }
538 return(ret);
539 }
540
diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c
index 0a7b1ecf07..629bf4b95d 100644
--- a/src/lib/libcrypto/evp/bio_enc.c
+++ b/src/lib/libcrypto/evp/bio_enc.c
@@ -69,6 +69,7 @@ static int enc_read(BIO *h,char *buf,int size);
69static long enc_ctrl(BIO *h,int cmd,long arg1,char *arg2); 69static long enc_ctrl(BIO *h,int cmd,long arg1,char *arg2);
70static int enc_new(BIO *h); 70static int enc_new(BIO *h);
71static int enc_free(BIO *data); 71static int enc_free(BIO *data);
72static long enc_callback_ctrl(BIO *h,int cmd,void (*fp)());
72#define ENC_BLOCK_SIZE (1024*4) 73#define ENC_BLOCK_SIZE (1024*4)
73 74
74typedef struct enc_struct 75typedef struct enc_struct
@@ -92,6 +93,7 @@ static BIO_METHOD methods_enc=
92 enc_ctrl, 93 enc_ctrl,
93 enc_new, 94 enc_new,
94 enc_free, 95 enc_free,
96 enc_callback_ctrl,
95 }; 97 };
96 98
97BIO_METHOD *BIO_f_cipher(void) 99BIO_METHOD *BIO_f_cipher(void)
@@ -184,9 +186,11 @@ static int enc_read(BIO *b, char *out, int outl)
184 ctx->ok=i; 186 ctx->ok=i;
185 ctx->buf_off=0; 187 ctx->buf_off=0;
186 } 188 }
187 else 189 else
190 {
188 ret=(ret == 0)?i:ret; 191 ret=(ret == 0)?i:ret;
189 break; 192 break;
193 }
190 } 194 }
191 else 195 else
192 { 196 {
@@ -194,13 +198,19 @@ static int enc_read(BIO *b, char *out, int outl)
194 (unsigned char *)ctx->buf,&ctx->buf_len, 198 (unsigned char *)ctx->buf,&ctx->buf_len,
195 (unsigned char *)&(ctx->buf[8]),i); 199 (unsigned char *)&(ctx->buf[8]),i);
196 ctx->cont=1; 200 ctx->cont=1;
201 /* Note: it is possible for EVP_CipherUpdate to
202 * decrypt zero bytes because this is or looks like
203 * the final block: if this happens we should retry
204 * and either read more data or decrypt the final
205 * block
206 */
207 if(ctx->buf_len == 0) continue;
197 } 208 }
198 209
199 if (ctx->buf_len <= outl) 210 if (ctx->buf_len <= outl)
200 i=ctx->buf_len; 211 i=ctx->buf_len;
201 else 212 else
202 i=outl; 213 i=outl;
203
204 if (i <= 0) break; 214 if (i <= 0) break;
205 memcpy(out,ctx->buf,i); 215 memcpy(out,ctx->buf,i);
206 ret+=i; 216 ret+=i;
@@ -360,6 +370,20 @@ again:
360 return(ret); 370 return(ret);
361 } 371 }
362 372
373static long enc_callback_ctrl(BIO *b, int cmd, void (*fp)())
374 {
375 long ret=1;
376
377 if (b->next_bio == NULL) return(0);
378 switch (cmd)
379 {
380 default:
381 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
382 break;
383 }
384 return(ret);
385 }
386
363/* 387/*
364void BIO_set_cipher_ctx(b,c) 388void BIO_set_cipher_ctx(b,c)
365BIO *b; 389BIO *b;
diff --git a/src/lib/libcrypto/evp/bio_md.c b/src/lib/libcrypto/evp/bio_md.c
index 317167f9c4..aef928dd8f 100644
--- a/src/lib/libcrypto/evp/bio_md.c
+++ b/src/lib/libcrypto/evp/bio_md.c
@@ -72,6 +72,8 @@ static int md_gets(BIO *h,char *str,int size);
72static long md_ctrl(BIO *h,int cmd,long arg1,char *arg2); 72static long md_ctrl(BIO *h,int cmd,long arg1,char *arg2);
73static int md_new(BIO *h); 73static int md_new(BIO *h);
74static int md_free(BIO *data); 74static int md_free(BIO *data);
75static long md_callback_ctrl(BIO *h,int cmd,void (*fp)());
76
75static BIO_METHOD methods_md= 77static BIO_METHOD methods_md=
76 { 78 {
77 BIO_TYPE_MD,"message digest", 79 BIO_TYPE_MD,"message digest",
@@ -82,6 +84,7 @@ static BIO_METHOD methods_md=
82 md_ctrl, 84 md_ctrl,
83 md_new, 85 md_new,
84 md_free, 86 md_free,
87 md_callback_ctrl,
85 }; 88 };
86 89
87BIO_METHOD *BIO_f_md(void) 90BIO_METHOD *BIO_f_md(void)
@@ -220,6 +223,20 @@ static long md_ctrl(BIO *b, int cmd, long num, char *ptr)
220 return(ret); 223 return(ret);
221 } 224 }
222 225
226static long md_callback_ctrl(BIO *b, int cmd, void (*fp)())
227 {
228 long ret=1;
229
230 if (b->next_bio == NULL) return(0);
231 switch (cmd)
232 {
233 default:
234 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
235 break;
236 }
237 return(ret);
238 }
239
223static int md_gets(BIO *bp, char *buf, int size) 240static int md_gets(BIO *bp, char *buf, int size)
224 { 241 {
225 EVP_MD_CTX *ctx; 242 EVP_MD_CTX *ctx;
diff --git a/src/lib/libcrypto/evp/bio_ok.c b/src/lib/libcrypto/evp/bio_ok.c
index 101275d648..e6ff5f2cdb 100644
--- a/src/lib/libcrypto/evp/bio_ok.c
+++ b/src/lib/libcrypto/evp/bio_ok.c
@@ -67,7 +67,7 @@
67 and everything was OK. BUT if user types wrong password 67 and everything was OK. BUT if user types wrong password
68 BIO_f_cipher outputs only garbage and my function crashes. Yes 68 BIO_f_cipher outputs only garbage and my function crashes. Yes
69 I can and I should fix my function, but BIO_f_cipher is 69 I can and I should fix my function, but BIO_f_cipher is
70 easy way to add encryption support to many exisiting applications 70 easy way to add encryption support to many existing applications
71 and it's hard to debug and fix them all. 71 and it's hard to debug and fix them all.
72 72
73 So I wanted another BIO which would catch the incorrect passwords and 73 So I wanted another BIO which would catch the incorrect passwords and
@@ -80,10 +80,10 @@
80 1) you must somehow separate checksum from actual data. 80 1) you must somehow separate checksum from actual data.
81 2) you need lot's of memory when reading the file, because you 81 2) you need lot's of memory when reading the file, because you
82 must read to the end of the file and verify the checksum before 82 must read to the end of the file and verify the checksum before
83 leting the application to read the data. 83 letting the application to read the data.
84 84
85 BIO_f_reliable tries to solve both problems, so that you can 85 BIO_f_reliable tries to solve both problems, so that you can
86 read and write arbitraly long streams using only fixed amount 86 read and write arbitrary long streams using only fixed amount
87 of memory. 87 of memory.
88 88
89 BIO_f_reliable splits data stream into blocks. Each block is prefixed 89 BIO_f_reliable splits data stream into blocks. Each block is prefixed
@@ -91,7 +91,7 @@
91 several Kbytes of memory to buffer single block before verifying 91 several Kbytes of memory to buffer single block before verifying
92 it's digest. 92 it's digest.
93 93
94 BIO_f_reliable goes futher and adds several important capabilities: 94 BIO_f_reliable goes further and adds several important capabilities:
95 95
96 1) the digest of the block is computed over the whole stream 96 1) the digest of the block is computed over the whole stream
97 -- so nobody can rearrange the blocks or remove or replace them. 97 -- so nobody can rearrange the blocks or remove or replace them.
@@ -110,7 +110,7 @@
110 and then compare the digest output. 110 and then compare the digest output.
111 111
112 Bad things: BIO_f_reliable knows what's going on in EVP_Digest. I 112 Bad things: BIO_f_reliable knows what's going on in EVP_Digest. I
113 initialy wrote and tested this code on x86 machine and wrote the 113 initially wrote and tested this code on x86 machine and wrote the
114 digests out in machine-dependent order :( There are people using 114 digests out in machine-dependent order :( There are people using
115 this code and I cannot change this easily without making existing 115 this code and I cannot change this easily without making existing
116 data files unreadable. 116 data files unreadable.
@@ -130,6 +130,8 @@ static int ok_read(BIO *h,char *buf,int size);
130static long ok_ctrl(BIO *h,int cmd,long arg1,char *arg2); 130static long ok_ctrl(BIO *h,int cmd,long arg1,char *arg2);
131static int ok_new(BIO *h); 131static int ok_new(BIO *h);
132static int ok_free(BIO *data); 132static int ok_free(BIO *data);
133static long ok_callback_ctrl(BIO *h,int cmd,void (*fp)());
134
133static void sig_out(BIO* b); 135static void sig_out(BIO* b);
134static void sig_in(BIO* b); 136static void sig_in(BIO* b);
135static void block_out(BIO* b); 137static void block_out(BIO* b);
@@ -173,6 +175,7 @@ static BIO_METHOD methods_ok=
173 ok_ctrl, 175 ok_ctrl,
174 ok_new, 176 ok_new,
175 ok_free, 177 ok_free,
178 ok_callback_ctrl,
176 }; 179 };
177 180
178BIO_METHOD *BIO_f_reliable(void) 181BIO_METHOD *BIO_f_reliable(void)
@@ -428,6 +431,20 @@ static long ok_ctrl(BIO *b, int cmd, long num, char *ptr)
428 return(ret); 431 return(ret);
429 } 432 }
430 433
434static long ok_callback_ctrl(BIO *b, int cmd, void (*fp)())
435 {
436 long ret=1;
437
438 if (b->next_bio == NULL) return(0);
439 switch (cmd)
440 {
441 default:
442 ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
443 break;
444 }
445 return(ret);
446 }
447
431static void longswap(void *_ptr, int len) 448static void longswap(void *_ptr, int len)
432{ 449{
433#ifndef L_ENDIAN 450#ifndef L_ENDIAN
@@ -451,12 +468,12 @@ static void sig_out(BIO* b)
451 if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return; 468 if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return;
452 469
453 EVP_DigestInit(md, md->digest); 470 EVP_DigestInit(md, md->digest);
454 RAND_bytes(&(md->md.base[0]), md->digest->md_size); 471 RAND_pseudo_bytes(&(md->md.base[0]), md->digest->md_size);
455 memcpy(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]), md->digest->md_size); 472 memcpy(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]), md->digest->md_size);
456 longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size); 473 longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
457 ctx->buf_len+= md->digest->md_size; 474 ctx->buf_len+= md->digest->md_size;
458 475
459 EVP_DigestUpdate(md, (unsigned char*)WELLKNOWN, strlen(WELLKNOWN)); 476 EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
460 md->digest->final(&(ctx->buf[ctx->buf_len]), &(md->md.base[0])); 477 md->digest->final(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]));
461 ctx->buf_len+= md->digest->md_size; 478 ctx->buf_len+= md->digest->md_size;
462 ctx->blockout= 1; 479 ctx->blockout= 1;
@@ -480,7 +497,7 @@ static void sig_in(BIO* b)
480 longswap(&(md->md.base[0]), md->digest->md_size); 497 longswap(&(md->md.base[0]), md->digest->md_size);
481 ctx->buf_off+= md->digest->md_size; 498 ctx->buf_off+= md->digest->md_size;
482 499
483 EVP_DigestUpdate(md, (unsigned char*)WELLKNOWN, strlen(WELLKNOWN)); 500 EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
484 md->digest->final(tmp, &(md->md.base[0])); 501 md->digest->final(tmp, &(md->md.base[0]));
485 ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0; 502 ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
486 ctx->buf_off+= md->digest->md_size; 503 ctx->buf_off+= md->digest->md_size;
diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c
index a4d3b43fb9..1e185830a3 100644
--- a/src/lib/libcrypto/evp/c_all.c
+++ b/src/lib/libcrypto/evp/c_all.c
@@ -59,135 +59,9 @@
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/evp.h> 61#include <openssl/evp.h>
62#include <openssl/pkcs12.h>
63#include <openssl/objects.h>
64 62
65void SSLeay_add_all_algorithms(void) 63void OpenSSL_add_all_algorithms(void)
66 { 64{
67 SSLeay_add_all_ciphers(); 65 OpenSSL_add_all_ciphers();
68 SSLeay_add_all_digests(); 66 OpenSSL_add_all_digests();
69 } 67}
70
71void SSLeay_add_all_ciphers(void)
72 {
73#ifndef NO_DES
74 EVP_add_cipher(EVP_des_cfb());
75 EVP_add_cipher(EVP_des_ede_cfb());
76 EVP_add_cipher(EVP_des_ede3_cfb());
77
78 EVP_add_cipher(EVP_des_ofb());
79 EVP_add_cipher(EVP_des_ede_ofb());
80 EVP_add_cipher(EVP_des_ede3_ofb());
81
82 EVP_add_cipher(EVP_desx_cbc());
83 EVP_add_cipher_alias(SN_desx_cbc,"DESX");
84 EVP_add_cipher_alias(SN_desx_cbc,"desx");
85
86 EVP_add_cipher(EVP_des_cbc());
87 EVP_add_cipher_alias(SN_des_cbc,"DES");
88 EVP_add_cipher_alias(SN_des_cbc,"des");
89 EVP_add_cipher(EVP_des_ede_cbc());
90 EVP_add_cipher(EVP_des_ede3_cbc());
91 EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3");
92 EVP_add_cipher_alias(SN_des_ede3_cbc,"des3");
93
94 EVP_add_cipher(EVP_des_ecb());
95 EVP_add_cipher(EVP_des_ede());
96 EVP_add_cipher(EVP_des_ede3());
97#endif
98
99#ifndef NO_RC4
100 EVP_add_cipher(EVP_rc4());
101 EVP_add_cipher(EVP_rc4_40());
102#endif
103
104#ifndef NO_IDEA
105 EVP_add_cipher(EVP_idea_ecb());
106 EVP_add_cipher(EVP_idea_cfb());
107 EVP_add_cipher(EVP_idea_ofb());
108 EVP_add_cipher(EVP_idea_cbc());
109 EVP_add_cipher_alias(SN_idea_cbc,"IDEA");
110 EVP_add_cipher_alias(SN_idea_cbc,"idea");
111#endif
112
113#ifndef NO_RC2
114 EVP_add_cipher(EVP_rc2_ecb());
115 EVP_add_cipher(EVP_rc2_cfb());
116 EVP_add_cipher(EVP_rc2_ofb());
117 EVP_add_cipher(EVP_rc2_cbc());
118 EVP_add_cipher(EVP_rc2_40_cbc());
119 EVP_add_cipher(EVP_rc2_64_cbc());
120 EVP_add_cipher_alias(SN_rc2_cbc,"RC2");
121 EVP_add_cipher_alias(SN_rc2_cbc,"rc2");
122#endif
123
124#ifndef NO_BF
125 EVP_add_cipher(EVP_bf_ecb());
126 EVP_add_cipher(EVP_bf_cfb());
127 EVP_add_cipher(EVP_bf_ofb());
128 EVP_add_cipher(EVP_bf_cbc());
129 EVP_add_cipher_alias(SN_bf_cbc,"BF");
130 EVP_add_cipher_alias(SN_bf_cbc,"bf");
131 EVP_add_cipher_alias(SN_bf_cbc,"blowfish");
132#endif
133
134#ifndef NO_CAST
135 EVP_add_cipher(EVP_cast5_ecb());
136 EVP_add_cipher(EVP_cast5_cfb());
137 EVP_add_cipher(EVP_cast5_ofb());
138 EVP_add_cipher(EVP_cast5_cbc());
139 EVP_add_cipher_alias(SN_cast5_cbc,"CAST");
140 EVP_add_cipher_alias(SN_cast5_cbc,"cast");
141 EVP_add_cipher_alias(SN_cast5_cbc,"CAST-cbc");
142 EVP_add_cipher_alias(SN_cast5_cbc,"cast-cbc");
143#endif
144
145#ifndef NO_RC5
146 EVP_add_cipher(EVP_rc5_32_12_16_ecb());
147 EVP_add_cipher(EVP_rc5_32_12_16_cfb());
148 EVP_add_cipher(EVP_rc5_32_12_16_ofb());
149 EVP_add_cipher(EVP_rc5_32_12_16_cbc());
150 EVP_add_cipher_alias(SN_rc5_cbc,"rc5");
151 EVP_add_cipher_alias(SN_rc5_cbc,"RC5");
152#endif
153 }
154
155
156void SSLeay_add_all_digests(void)
157 {
158#ifndef NO_MD2
159 EVP_add_digest(EVP_md2());
160#endif
161#ifndef NO_MD5
162 EVP_add_digest(EVP_md5());
163 EVP_add_digest_alias(SN_md5,"ssl2-md5");
164 EVP_add_digest_alias(SN_md5,"ssl3-md5");
165#endif
166#ifndef NO_SHA
167 EVP_add_digest(EVP_sha());
168#ifndef NO_DSA
169 EVP_add_digest(EVP_dss());
170#endif
171#endif
172#ifndef NO_SHA
173 EVP_add_digest(EVP_sha1());
174 EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
175 EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
176#ifndef NO_DSA
177 EVP_add_digest(EVP_dss1());
178 EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
179 EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
180 EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
181#endif
182#endif
183#if !defined(NO_MDC2) && !defined(NO_DES)
184 EVP_add_digest(EVP_mdc2());
185#endif
186#ifndef NO_RIPEMD
187 EVP_add_digest(EVP_ripemd160());
188 EVP_add_digest_alias(SN_ripemd160,"ripemd");
189 EVP_add_digest_alias(SN_ripemd160,"rmd160");
190#endif
191 PKCS12_PBE_add();
192 PKCS5_PBE_add();
193 }
diff --git a/src/lib/libcrypto/evp/c_allc.c b/src/lib/libcrypto/evp/c_allc.c
new file mode 100644
index 0000000000..f24d3756c9
--- /dev/null
+++ b/src/lib/libcrypto/evp/c_allc.c
@@ -0,0 +1,149 @@
1/* crypto/evp/c_allc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/pkcs12.h>
63#include <openssl/objects.h>
64
65void OpenSSL_add_all_ciphers(void)
66 {
67#ifndef NO_DES
68 EVP_add_cipher(EVP_des_cfb());
69 EVP_add_cipher(EVP_des_ede_cfb());
70 EVP_add_cipher(EVP_des_ede3_cfb());
71
72 EVP_add_cipher(EVP_des_ofb());
73 EVP_add_cipher(EVP_des_ede_ofb());
74 EVP_add_cipher(EVP_des_ede3_ofb());
75
76 EVP_add_cipher(EVP_desx_cbc());
77 EVP_add_cipher_alias(SN_desx_cbc,"DESX");
78 EVP_add_cipher_alias(SN_desx_cbc,"desx");
79
80 EVP_add_cipher(EVP_des_cbc());
81 EVP_add_cipher_alias(SN_des_cbc,"DES");
82 EVP_add_cipher_alias(SN_des_cbc,"des");
83 EVP_add_cipher(EVP_des_ede_cbc());
84 EVP_add_cipher(EVP_des_ede3_cbc());
85 EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3");
86 EVP_add_cipher_alias(SN_des_ede3_cbc,"des3");
87
88 EVP_add_cipher(EVP_des_ecb());
89 EVP_add_cipher(EVP_des_ede());
90 EVP_add_cipher(EVP_des_ede3());
91#endif
92
93#ifndef NO_RC4
94 EVP_add_cipher(EVP_rc4());
95 EVP_add_cipher(EVP_rc4_40());
96#endif
97
98#ifndef NO_IDEA
99 EVP_add_cipher(EVP_idea_ecb());
100 EVP_add_cipher(EVP_idea_cfb());
101 EVP_add_cipher(EVP_idea_ofb());
102 EVP_add_cipher(EVP_idea_cbc());
103 EVP_add_cipher_alias(SN_idea_cbc,"IDEA");
104 EVP_add_cipher_alias(SN_idea_cbc,"idea");
105#endif
106
107#ifndef NO_RC2
108 EVP_add_cipher(EVP_rc2_ecb());
109 EVP_add_cipher(EVP_rc2_cfb());
110 EVP_add_cipher(EVP_rc2_ofb());
111 EVP_add_cipher(EVP_rc2_cbc());
112 EVP_add_cipher(EVP_rc2_40_cbc());
113 EVP_add_cipher(EVP_rc2_64_cbc());
114 EVP_add_cipher_alias(SN_rc2_cbc,"RC2");
115 EVP_add_cipher_alias(SN_rc2_cbc,"rc2");
116#endif
117
118#ifndef NO_BF
119 EVP_add_cipher(EVP_bf_ecb());
120 EVP_add_cipher(EVP_bf_cfb());
121 EVP_add_cipher(EVP_bf_ofb());
122 EVP_add_cipher(EVP_bf_cbc());
123 EVP_add_cipher_alias(SN_bf_cbc,"BF");
124 EVP_add_cipher_alias(SN_bf_cbc,"bf");
125 EVP_add_cipher_alias(SN_bf_cbc,"blowfish");
126#endif
127
128#ifndef NO_CAST
129 EVP_add_cipher(EVP_cast5_ecb());
130 EVP_add_cipher(EVP_cast5_cfb());
131 EVP_add_cipher(EVP_cast5_ofb());
132 EVP_add_cipher(EVP_cast5_cbc());
133 EVP_add_cipher_alias(SN_cast5_cbc,"CAST");
134 EVP_add_cipher_alias(SN_cast5_cbc,"cast");
135 EVP_add_cipher_alias(SN_cast5_cbc,"CAST-cbc");
136 EVP_add_cipher_alias(SN_cast5_cbc,"cast-cbc");
137#endif
138
139#ifndef NO_RC5
140 EVP_add_cipher(EVP_rc5_32_12_16_ecb());
141 EVP_add_cipher(EVP_rc5_32_12_16_cfb());
142 EVP_add_cipher(EVP_rc5_32_12_16_ofb());
143 EVP_add_cipher(EVP_rc5_32_12_16_cbc());
144 EVP_add_cipher_alias(SN_rc5_cbc,"rc5");
145 EVP_add_cipher_alias(SN_rc5_cbc,"RC5");
146#endif
147 PKCS12_PBE_add();
148 PKCS5_PBE_add();
149 }
diff --git a/src/lib/libcrypto/evp/c_alld.c b/src/lib/libcrypto/evp/c_alld.c
new file mode 100644
index 0000000000..febe51a3ee
--- /dev/null
+++ b/src/lib/libcrypto/evp/c_alld.c
@@ -0,0 +1,100 @@
1/* crypto/evp/c_alld.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/pkcs12.h>
63#include <openssl/objects.h>
64
65void OpenSSL_add_all_digests(void)
66 {
67#ifndef NO_MD2
68 EVP_add_digest(EVP_md2());
69#endif
70#ifndef NO_MD5
71 EVP_add_digest(EVP_md5());
72 EVP_add_digest_alias(SN_md5,"ssl2-md5");
73 EVP_add_digest_alias(SN_md5,"ssl3-md5");
74#endif
75#ifndef NO_SHA
76 EVP_add_digest(EVP_sha());
77#ifndef NO_DSA
78 EVP_add_digest(EVP_dss());
79#endif
80#endif
81#ifndef NO_SHA
82 EVP_add_digest(EVP_sha1());
83 EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
84 EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
85#ifndef NO_DSA
86 EVP_add_digest(EVP_dss1());
87 EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
88 EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
89 EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
90#endif
91#endif
92#if !defined(NO_MDC2) && !defined(NO_DES)
93 EVP_add_digest(EVP_mdc2());
94#endif
95#ifndef NO_RIPEMD
96 EVP_add_digest(EVP_ripemd160());
97 EVP_add_digest_alias(SN_ripemd160,"ripemd");
98 EVP_add_digest_alias(SN_ripemd160,"rmd160");
99#endif
100 }
diff --git a/src/lib/libcrypto/evp/e_cbc_3d.c b/src/lib/libcrypto/evp/e_cbc_3d.c
index 02ccc6dc90..5d16b865c5 100644
--- a/src/lib/libcrypto/evp/e_cbc_3d.c
+++ b/src/lib/libcrypto/evp/e_cbc_3d.c
@@ -115,8 +115,8 @@ static void des_cbc_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
115 115
116 if (deskey != NULL) 116 if (deskey != NULL)
117 { 117 {
118 des_set_key(&deskey[0],ctx->c.des_ede.ks1); 118 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
119 des_set_key(&deskey[1],ctx->c.des_ede.ks2); 119 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
120 memcpy( (char *)ctx->c.des_ede.ks3, 120 memcpy( (char *)ctx->c.des_ede.ks3,
121 (char *)ctx->c.des_ede.ks1, 121 (char *)ctx->c.des_ede.ks1,
122 sizeof(ctx->c.des_ede.ks1)); 122 sizeof(ctx->c.des_ede.ks1));
@@ -134,9 +134,9 @@ static void des_cbc_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
134 134
135 if (deskey != NULL) 135 if (deskey != NULL)
136 { 136 {
137 des_set_key(&deskey[0],ctx->c.des_ede.ks1); 137 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
138 des_set_key(&deskey[1],ctx->c.des_ede.ks2); 138 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
139 des_set_key(&deskey[2],ctx->c.des_ede.ks3); 139 des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);
140 } 140 }
141 } 141 }
142 142
diff --git a/src/lib/libcrypto/evp/e_cbc_d.c b/src/lib/libcrypto/evp/e_cbc_d.c
index 9203f3f52d..5b4e5b8601 100644
--- a/src/lib/libcrypto/evp/e_cbc_d.c
+++ b/src/lib/libcrypto/evp/e_cbc_d.c
@@ -93,7 +93,7 @@ static void des_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
93 memcpy(&(ctx->oiv[0]),iv,8); 93 memcpy(&(ctx->oiv[0]),iv,8);
94 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8); 94 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
95 if (deskey != NULL) 95 if (deskey != NULL)
96 des_set_key(deskey,ctx->c.des_ks); 96 des_set_key_unchecked(deskey,ctx->c.des_ks);
97 } 97 }
98 98
99static void des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 99static void des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/src/lib/libcrypto/evp/e_cfb_3d.c b/src/lib/libcrypto/evp/e_cfb_3d.c
index bd32b072e2..b364bd4e31 100644
--- a/src/lib/libcrypto/evp/e_cfb_3d.c
+++ b/src/lib/libcrypto/evp/e_cfb_3d.c
@@ -116,8 +116,8 @@ static void des_ede_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
116 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8); 116 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
117 if (deskey != NULL) 117 if (deskey != NULL)
118 { 118 {
119 des_set_key(&deskey[0],ctx->c.des_ede.ks1); 119 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
120 des_set_key(&deskey[1],ctx->c.des_ede.ks2); 120 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
121 memcpy( (char *)ctx->c.des_ede.ks3, 121 memcpy( (char *)ctx->c.des_ede.ks3,
122 (char *)ctx->c.des_ede.ks1, 122 (char *)ctx->c.des_ede.ks1,
123 sizeof(ctx->c.des_ede.ks1)); 123 sizeof(ctx->c.des_ede.ks1));
@@ -136,9 +136,9 @@ static void des_ede3_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
136 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8); 136 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
137 if (deskey != NULL) 137 if (deskey != NULL)
138 { 138 {
139 des_set_key(&deskey[0],ctx->c.des_ede.ks1); 139 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
140 des_set_key(&deskey[1],ctx->c.des_ede.ks2); 140 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
141 des_set_key(&deskey[2],ctx->c.des_ede.ks3); 141 des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);
142 } 142 }
143 } 143 }
144 144
diff --git a/src/lib/libcrypto/evp/e_cfb_d.c b/src/lib/libcrypto/evp/e_cfb_d.c
index 6bdf20b646..9e1714bd15 100644
--- a/src/lib/libcrypto/evp/e_cfb_d.c
+++ b/src/lib/libcrypto/evp/e_cfb_d.c
@@ -95,7 +95,7 @@ static void des_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
95 memcpy(&(ctx->oiv[0]),iv,8); 95 memcpy(&(ctx->oiv[0]),iv,8);
96 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8); 96 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
97 if (deskey != NULL) 97 if (deskey != NULL)
98 des_set_key(deskey,ctx->c.des_ks); 98 des_set_key_unchecked(deskey,ctx->c.des_ks);
99 } 99 }
100 100
101static void des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 101static void des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/src/lib/libcrypto/evp/e_ecb_3d.c b/src/lib/libcrypto/evp/e_ecb_3d.c
index 354a8b79a7..806e971d36 100644
--- a/src/lib/libcrypto/evp/e_ecb_3d.c
+++ b/src/lib/libcrypto/evp/e_ecb_3d.c
@@ -110,8 +110,8 @@ static void des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
110 110
111 if (deskey != NULL) 111 if (deskey != NULL)
112 { 112 {
113 des_set_key(&deskey[0],ctx->c.des_ede.ks1); 113 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
114 des_set_key(&deskey[1],ctx->c.des_ede.ks2); 114 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
115 memcpy( (char *)ctx->c.des_ede.ks3, 115 memcpy( (char *)ctx->c.des_ede.ks3,
116 (char *)ctx->c.des_ede.ks1, 116 (char *)ctx->c.des_ede.ks1,
117 sizeof(ctx->c.des_ede.ks1)); 117 sizeof(ctx->c.des_ede.ks1));
@@ -125,9 +125,9 @@ static void des_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
125 125
126 if (deskey != NULL) 126 if (deskey != NULL)
127 { 127 {
128 des_set_key(&deskey[0],ctx->c.des_ede.ks1); 128 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
129 des_set_key(&deskey[1],ctx->c.des_ede.ks2); 129 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
130 des_set_key(&deskey[2],ctx->c.des_ede.ks3); 130 des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);
131 } 131 }
132 } 132 }
133 133
diff --git a/src/lib/libcrypto/evp/e_ecb_d.c b/src/lib/libcrypto/evp/e_ecb_d.c
index 5fb4e64b1c..c11bef55ef 100644
--- a/src/lib/libcrypto/evp/e_ecb_d.c
+++ b/src/lib/libcrypto/evp/e_ecb_d.c
@@ -90,7 +90,7 @@ static void des_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
90 des_cblock *deskey = (des_cblock *)key; 90 des_cblock *deskey = (des_cblock *)key;
91 91
92 if (deskey != NULL) 92 if (deskey != NULL)
93 des_set_key(deskey,ctx->c.des_ks); 93 des_set_key_unchecked(deskey,ctx->c.des_ks);
94 } 94 }
95 95
96static void des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 96static void des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/src/lib/libcrypto/evp/e_ofb_3d.c b/src/lib/libcrypto/evp/e_ofb_3d.c
index 5233567c0c..d1a33e2ecd 100644
--- a/src/lib/libcrypto/evp/e_ofb_3d.c
+++ b/src/lib/libcrypto/evp/e_ofb_3d.c
@@ -116,8 +116,8 @@ static void des_ede_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
116 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8); 116 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
117 if (deskey != NULL) 117 if (deskey != NULL)
118 { 118 {
119 des_set_key(&deskey[0],ctx->c.des_ede.ks1); 119 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
120 des_set_key(&deskey[1],ctx->c.des_ede.ks2); 120 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
121 memcpy( (char *)ctx->c.des_ede.ks3, 121 memcpy( (char *)ctx->c.des_ede.ks3,
122 (char *)ctx->c.des_ede.ks1, 122 (char *)ctx->c.des_ede.ks1,
123 sizeof(ctx->c.des_ede.ks1)); 123 sizeof(ctx->c.des_ede.ks1));
@@ -136,9 +136,9 @@ static void des_ede3_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
136 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8); 136 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
137 if (deskey != NULL) 137 if (deskey != NULL)
138 { 138 {
139 des_set_key(&deskey[0],ctx->c.des_ede.ks1); 139 des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
140 des_set_key(&deskey[1],ctx->c.des_ede.ks2); 140 des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
141 des_set_key(&deskey[2],ctx->c.des_ede.ks3); 141 des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);
142 } 142 }
143 } 143 }
144 144
diff --git a/src/lib/libcrypto/evp/e_ofb_d.c b/src/lib/libcrypto/evp/e_ofb_d.c
index 398b3a002e..d51ce230f4 100644
--- a/src/lib/libcrypto/evp/e_ofb_d.c
+++ b/src/lib/libcrypto/evp/e_ofb_d.c
@@ -95,7 +95,7 @@ static void des_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
95 memcpy(&(ctx->oiv[0]),iv,8); 95 memcpy(&(ctx->oiv[0]),iv,8);
96 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8); 96 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
97 if (deskey != NULL) 97 if (deskey != NULL)
98 des_set_key(deskey,ctx->c.des_ks); 98 des_set_key_unchecked(deskey,ctx->c.des_ks);
99 } 99 }
100 100
101static void des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 101static void des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/src/lib/libcrypto/evp/e_xcbc_d.c b/src/lib/libcrypto/evp/e_xcbc_d.c
index 3a6628a75c..7568fad4ff 100644
--- a/src/lib/libcrypto/evp/e_xcbc_d.c
+++ b/src/lib/libcrypto/evp/e_xcbc_d.c
@@ -94,7 +94,7 @@ static void desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
94 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8); 94 memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
95 if (deskey != NULL) 95 if (deskey != NULL)
96 { 96 {
97 des_set_key(deskey,ctx->c.desx_cbc.ks); 97 des_set_key_unchecked(deskey,ctx->c.desx_cbc.ks);
98 memcpy(&(ctx->c.desx_cbc.inw[0]),&(key[8]),8); 98 memcpy(&(ctx->c.desx_cbc.inw[0]),&(key[8]),8);
99 memcpy(&(ctx->c.desx_cbc.outw[0]),&(key[16]),8); 99 memcpy(&(ctx->c.desx_cbc.outw[0]),&(key[16]),8);
100 } 100 }
diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c
index 0152624a76..14a4cb11f6 100644
--- a/src/lib/libcrypto/evp/encode.c
+++ b/src/lib/libcrypto/evp/encode.c
@@ -185,7 +185,7 @@ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
185 *outl=ret; 185 *outl=ret;
186 } 186 }
187 187
188int EVP_EncodeBlock(unsigned char *t, unsigned char *f, int dlen) 188int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
189 { 189 {
190 int i,ret=0; 190 int i,ret=0;
191 unsigned long l; 191 unsigned long l;
@@ -337,7 +337,7 @@ end:
337 return(rv); 337 return(rv);
338 } 338 }
339 339
340int EVP_DecodeBlock(unsigned char *t, unsigned char *f, int n) 340int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
341 { 341 {
342 int i,ret=0,a,b,c,d; 342 int i,ret=0,a,b,c,d;
343 unsigned long l; 343 unsigned long l;
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index 570fe27d39..54215b0905 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -149,7 +149,7 @@ extern "C" {
149 149
150/* Type needs to be a bit field 150/* Type needs to be a bit field
151 * Sub-type needs to be for variations on the method, as in, can it do 151 * Sub-type needs to be for variations on the method, as in, can it do
152 * arbitary encryption.... */ 152 * arbitrary encryption.... */
153typedef struct evp_pkey_st 153typedef struct evp_pkey_st
154 { 154 {
155 int type; 155 int type;
@@ -343,7 +343,7 @@ typedef struct evp_cipher_ctx_st
343 unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */ 343 unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */
344 int num; /* used by cfb/ofb mode */ 344 int num; /* used by cfb/ofb mode */
345 345
346 char *app_data; /* aplication stuff */ 346 char *app_data; /* application stuff */
347 union { 347 union {
348#ifndef NO_RC4 348#ifndef NO_RC4
349 struct 349 struct
@@ -421,9 +421,10 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
421#define EVP_MD_size(e) ((e)->md_size) 421#define EVP_MD_size(e) ((e)->md_size)
422#define EVP_MD_block_size(e) ((e)->block_size) 422#define EVP_MD_block_size(e) ((e)->block_size)
423 423
424#define EVP_MD_CTX_md(e) ((e)->digest)
424#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest) 425#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
425#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest) 426#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest)
426#define EVP_MD_CTX_type(e) ((e)->digest) 427#define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
427 428
428#define EVP_CIPHER_nid(e) ((e)->nid) 429#define EVP_CIPHER_nid(e) ((e)->nid)
429#define EVP_CIPHER_block_size(e) ((e)->block_size) 430#define EVP_CIPHER_block_size(e) ((e)->block_size)
@@ -521,15 +522,14 @@ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
521void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out, 522void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,
522 int *outl,unsigned char *in,int inl); 523 int *outl,unsigned char *in,int inl);
523void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl); 524void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
524int EVP_EncodeBlock(unsigned char *t, unsigned char *f, int n); 525int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
525 526
526void EVP_DecodeInit(EVP_ENCODE_CTX *ctx); 527void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
527int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl, 528int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
528 unsigned char *in, int inl); 529 unsigned char *in, int inl);
529int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned 530int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
530 char *out, int *outl); 531 char *out, int *outl);
531int EVP_DecodeBlock(unsigned char *t, unsigned 532int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
532 char *f, int n);
533 533
534void ERR_load_EVP_strings(void ); 534void ERR_load_EVP_strings(void );
535 535
@@ -594,9 +594,12 @@ EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
594EVP_CIPHER *EVP_rc5_32_12_16_cfb(void); 594EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
595EVP_CIPHER *EVP_rc5_32_12_16_ofb(void); 595EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
596 596
597void SSLeay_add_all_algorithms(void); 597void OpenSSL_add_all_algorithms(void);
598void SSLeay_add_all_ciphers(void); 598void OpenSSL_add_all_ciphers(void);
599void SSLeay_add_all_digests(void); 599void OpenSSL_add_all_digests(void);
600#define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
601#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
602#define SSLeay_add_all_digests() OpenSSL_add_all_digests()
600 603
601int EVP_add_cipher(EVP_CIPHER *cipher); 604int EVP_add_cipher(EVP_CIPHER *cipher);
602int EVP_add_digest(EVP_MD *digest); 605int EVP_add_digest(EVP_MD *digest);
@@ -613,6 +616,18 @@ int EVP_PKEY_type(int type);
613int EVP_PKEY_bits(EVP_PKEY *pkey); 616int EVP_PKEY_bits(EVP_PKEY *pkey);
614int EVP_PKEY_size(EVP_PKEY *pkey); 617int EVP_PKEY_size(EVP_PKEY *pkey);
615int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key); 618int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
619#ifndef NO_RSA
620int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,RSA *key);
621RSA * EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
622#endif
623#ifndef NO_DSA
624int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,DSA *key);
625DSA * EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
626#endif
627#ifndef NO_DH
628int EVP_PKEY_set1_DH(EVP_PKEY *pkey,DH *key);
629DH * EVP_PKEY_get1_DH(EVP_PKEY *pkey);
630#endif
616EVP_PKEY * EVP_PKEY_new(void); 631EVP_PKEY * EVP_PKEY_new(void);
617void EVP_PKEY_free(EVP_PKEY *pkey); 632void EVP_PKEY_free(EVP_PKEY *pkey);
618EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp, 633EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp,
@@ -621,6 +636,8 @@ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
621 636
622EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp, 637EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp,
623 long length); 638 long length);
639EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
640 long length);
624int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp); 641int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
625 642
626int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from); 643int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from);
@@ -677,6 +694,9 @@ void EVP_PBE_cleanup(void);
677#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103 694#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
678#define EVP_F_EVP_PKEY_DECRYPT 104 695#define EVP_F_EVP_PKEY_DECRYPT 104
679#define EVP_F_EVP_PKEY_ENCRYPT 105 696#define EVP_F_EVP_PKEY_ENCRYPT 105
697#define EVP_F_EVP_PKEY_GET1_DH 119
698#define EVP_F_EVP_PKEY_GET1_DSA 120
699#define EVP_F_EVP_PKEY_GET1_RSA 121
680#define EVP_F_EVP_PKEY_NEW 106 700#define EVP_F_EVP_PKEY_NEW 106
681#define EVP_F_EVP_SIGNFINAL 107 701#define EVP_F_EVP_SIGNFINAL 107
682#define EVP_F_EVP_VERIFYFINAL 108 702#define EVP_F_EVP_VERIFYFINAL 108
@@ -693,10 +713,13 @@ void EVP_PBE_cleanup(void);
693#define EVP_R_DIFFERENT_KEY_TYPES 101 713#define EVP_R_DIFFERENT_KEY_TYPES 101
694#define EVP_R_ENCODE_ERROR 115 714#define EVP_R_ENCODE_ERROR 115
695#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 715#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
716#define EVP_R_EXPECTING_AN_RSA_KEY 127
717#define EVP_R_EXPECTING_A_DH_KEY 128
718#define EVP_R_EXPECTING_A_DSA_KEY 129
696#define EVP_R_INPUT_NOT_INITIALIZED 111 719#define EVP_R_INPUT_NOT_INITIALIZED 111
697#define EVP_R_IV_TOO_LARGE 102 720#define EVP_R_IV_TOO_LARGE 102
698#define EVP_R_KEYGEN_FAILURE 120 721#define EVP_R_KEYGEN_FAILURE 120
699#define EVP_R_MISSING_PARMATERS 103 722#define EVP_R_MISSING_PARAMETERS 103
700#define EVP_R_NO_DSA_PARAMETERS 116 723#define EVP_R_NO_DSA_PARAMETERS 116
701#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104 724#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
702#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 725#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c
index c61cc922e8..97953a0fc1 100644
--- a/src/lib/libcrypto/evp/evp_err.c
+++ b/src/lib/libcrypto/evp/evp_err.c
@@ -77,6 +77,9 @@ static ERR_STRING_DATA EVP_str_functs[]=
77{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0), "EVP_PKEY_copy_parameters"}, 77{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0), "EVP_PKEY_copy_parameters"},
78{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0), "EVP_PKEY_decrypt"}, 78{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0), "EVP_PKEY_decrypt"},
79{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0), "EVP_PKEY_encrypt"}, 79{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0), "EVP_PKEY_encrypt"},
80{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DH,0), "EVP_PKEY_get1_DH"},
81{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DSA,0), "EVP_PKEY_get1_DSA"},
82{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_RSA,0), "EVP_PKEY_get1_RSA"},
80{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"}, 83{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"},
81{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0), "EVP_SignFinal"}, 84{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0), "EVP_SignFinal"},
82{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0), "EVP_VerifyFinal"}, 85{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0), "EVP_VerifyFinal"},
@@ -96,10 +99,13 @@ static ERR_STRING_DATA EVP_str_reasons[]=
96{EVP_R_DIFFERENT_KEY_TYPES ,"different key types"}, 99{EVP_R_DIFFERENT_KEY_TYPES ,"different key types"},
97{EVP_R_ENCODE_ERROR ,"encode error"}, 100{EVP_R_ENCODE_ERROR ,"encode error"},
98{EVP_R_EVP_PBE_CIPHERINIT_ERROR ,"evp pbe cipherinit error"}, 101{EVP_R_EVP_PBE_CIPHERINIT_ERROR ,"evp pbe cipherinit error"},
102{EVP_R_EXPECTING_AN_RSA_KEY ,"expecting an rsa key"},
103{EVP_R_EXPECTING_A_DH_KEY ,"expecting a dh key"},
104{EVP_R_EXPECTING_A_DSA_KEY ,"expecting a dsa key"},
99{EVP_R_INPUT_NOT_INITIALIZED ,"input not initialized"}, 105{EVP_R_INPUT_NOT_INITIALIZED ,"input not initialized"},
100{EVP_R_IV_TOO_LARGE ,"iv too large"}, 106{EVP_R_IV_TOO_LARGE ,"iv too large"},
101{EVP_R_KEYGEN_FAILURE ,"keygen failure"}, 107{EVP_R_KEYGEN_FAILURE ,"keygen failure"},
102{EVP_R_MISSING_PARMATERS ,"missing parmaters"}, 108{EVP_R_MISSING_PARAMETERS ,"missing parameters"},
103{EVP_R_NO_DSA_PARAMETERS ,"no dsa parameters"}, 109{EVP_R_NO_DSA_PARAMETERS ,"no dsa parameters"},
104{EVP_R_NO_SIGN_FUNCTION_CONFIGURED ,"no sign function configured"}, 110{EVP_R_NO_SIGN_FUNCTION_CONFIGURED ,"no sign function configured"},
105{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED ,"no verify function configured"}, 111{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED ,"no verify function configured"},
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
index 21eda418bc..667c21cca8 100644
--- a/src/lib/libcrypto/evp/evp_key.c
+++ b/src/lib/libcrypto/evp/evp_key.c
@@ -81,15 +81,18 @@ char *EVP_get_pw_prompt(void)
81 return(prompt_string); 81 return(prompt_string);
82 } 82 }
83 83
84#ifdef NO_DES 84/* For historical reasons, the standard function for reading passwords is
85int des_read_pw_string(char *buf,int len,const char *prompt,int verify); 85 * in the DES library -- if someone ever wants to disable DES,
86#endif 86 * this function will fail */
87
88int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) 87int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
89 { 88 {
89#ifndef NO_DES
90 if ((prompt == NULL) && (prompt_string[0] != '\0')) 90 if ((prompt == NULL) && (prompt_string[0] != '\0'))
91 prompt=prompt_string; 91 prompt=prompt_string;
92 return(des_read_pw_string(buf,len,prompt,verify)); 92 return(des_read_pw_string(buf,len,prompt,verify));
93#else
94 return -1;
95#endif
93 } 96 }
94 97
95int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, unsigned char *salt, 98int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, unsigned char *salt,
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c
index 3f9bf55828..a431945ef5 100644
--- a/src/lib/libcrypto/evp/evp_lib.c
+++ b/src/lib/libcrypto/evp/evp_lib.c
@@ -115,6 +115,7 @@ int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
115int EVP_CIPHER_type(const EVP_CIPHER *ctx) 115int EVP_CIPHER_type(const EVP_CIPHER *ctx)
116{ 116{
117 int nid; 117 int nid;
118 ASN1_OBJECT *otmp;
118 nid = EVP_CIPHER_nid(ctx); 119 nid = EVP_CIPHER_nid(ctx);
119 120
120 switch(nid) { 121 switch(nid) {
@@ -131,7 +132,10 @@ int EVP_CIPHER_type(const EVP_CIPHER *ctx)
131 return NID_rc4; 132 return NID_rc4;
132 133
133 default: 134 default:
134 135 /* Check it has an OID and it is valid */
136 otmp = OBJ_nid2obj(nid);
137 if(!otmp || !otmp->data) nid = NID_undef;
138 ASN1_OBJECT_free(otmp);
135 return nid; 139 return nid;
136 } 140 }
137} 141}
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
index 421e452db1..d5e6f5880f 100644
--- a/src/lib/libcrypto/evp/evp_pkey.c
+++ b/src/lib/libcrypto/evp/evp_pkey.c
@@ -62,19 +62,22 @@
62#include <openssl/x509.h> 62#include <openssl/x509.h>
63#include <openssl/rand.h> 63#include <openssl/rand.h>
64 64
65static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
66
65/* Extract a private key from a PKCS8 structure */ 67/* Extract a private key from a PKCS8 structure */
66 68
67EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) 69EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
68{ 70{
69 EVP_PKEY *pkey; 71 EVP_PKEY *pkey = NULL;
70#ifndef NO_RSA 72#ifndef NO_RSA
71 RSA *rsa; 73 RSA *rsa = NULL;
72#endif 74#endif
73#ifndef NO_DSA 75#ifndef NO_DSA
74 DSA *dsa; 76 DSA *dsa = NULL;
75 ASN1_INTEGER *dsapriv; 77 ASN1_INTEGER *privkey;
76 STACK *ndsa; 78 ASN1_TYPE *t1, *t2, *param = NULL;
77 BN_CTX *ctx; 79 STACK *ndsa = NULL;
80 BN_CTX *ctx = NULL;
78 int plen; 81 int plen;
79#endif 82#endif
80 X509_ALGOR *a; 83 X509_ALGOR *a;
@@ -82,21 +85,14 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
82 int pkeylen; 85 int pkeylen;
83 char obj_tmp[80]; 86 char obj_tmp[80];
84 87
85 switch (p8->broken) { 88 if(p8->pkey->type == V_ASN1_OCTET_STRING) {
86 case PKCS8_OK: 89 p8->broken = PKCS8_OK;
87 p = p8->pkey->value.octet_string->data; 90 p = p8->pkey->value.octet_string->data;
88 pkeylen = p8->pkey->value.octet_string->length; 91 pkeylen = p8->pkey->value.octet_string->length;
89 break; 92 } else {
90 93 p8->broken = PKCS8_NO_OCTET;
91 case PKCS8_NO_OCTET:
92 p = p8->pkey->value.sequence->data; 94 p = p8->pkey->value.sequence->data;
93 pkeylen = p8->pkey->value.sequence->length; 95 pkeylen = p8->pkey->value.sequence->length;
94 break;
95
96 default:
97 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
98 return NULL;
99 break;
100 } 96 }
101 if (!(pkey = EVP_PKEY_new())) { 97 if (!(pkey = EVP_PKEY_new())) {
102 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); 98 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
@@ -121,65 +117,83 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
121 * be recalculated. 117 * be recalculated.
122 */ 118 */
123 119
124 /* Check for broken Netscape Database DSA PKCS#8, UGH! */ 120 /* Check for broken DSA PKCS#8, UGH! */
125 if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) { 121 if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) {
126 if(!(ndsa = ASN1_seq_unpack(p, pkeylen, 122 if(!(ndsa = ASN1_seq_unpack(p, pkeylen,
127 (char *(*)())d2i_ASN1_INTEGER, 123 (char *(*)())d2i_ASN1_TYPE,
128 ASN1_STRING_free))) { 124 ASN1_TYPE_free))) {
129 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 125 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
130 return NULL; 126 goto dsaerr;
131 } 127 }
132 if(sk_num(ndsa) != 2 ) { 128 if(sk_num(ndsa) != 2 ) {
133 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 129 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
134 sk_pop_free(ndsa, ASN1_STRING_free); 130 goto dsaerr;
135 return NULL;
136 } 131 }
137 dsapriv = (ASN1_INTEGER *) sk_pop(ndsa); 132 /* Handle Two broken types:
138 sk_pop_free(ndsa, ASN1_STRING_free); 133 * SEQUENCE {parameters, priv_key}
139 } else if (!(dsapriv=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) { 134 * SEQUENCE {pub_key, priv_key}
135 */
136
137 t1 = (ASN1_TYPE *)sk_value(ndsa, 0);
138 t2 = (ASN1_TYPE *)sk_value(ndsa, 1);
139 if(t1->type == V_ASN1_SEQUENCE) {
140 p8->broken = PKCS8_EMBEDDED_PARAM;
141 param = t1;
142 } else if(a->parameter->type == V_ASN1_SEQUENCE) {
143 p8->broken = PKCS8_NS_DB;
144 param = a->parameter;
145 } else {
140 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 146 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
141 return NULL; 147 goto dsaerr;
142 } 148 }
143 /* Retrieve parameters */ 149
144 if (a->parameter->type != V_ASN1_SEQUENCE) { 150 if(t2->type != V_ASN1_INTEGER) {
145 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_NO_DSA_PARAMETERS); 151 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
146 return NULL; 152 goto dsaerr;
153 }
154 privkey = t2->value.integer;
155 } else if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) {
156 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
157 goto dsaerr;
147 } 158 }
148 p = a->parameter->value.sequence->data; 159 p = param->value.sequence->data;
149 plen = a->parameter->value.sequence->length; 160 plen = param->value.sequence->length;
150 if (!(dsa = d2i_DSAparams (NULL, &p, plen))) { 161 if (!(dsa = d2i_DSAparams (NULL, &p, plen))) {
151 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 162 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
152 return NULL; 163 goto dsaerr;
153 } 164 }
154 /* We have parameters now set private key */ 165 /* We have parameters now set private key */
155 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(dsapriv, NULL))) { 166 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
156 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR); 167 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR);
157 DSA_free (dsa); 168 goto dsaerr;
158 return NULL;
159 } 169 }
160 /* Calculate public key (ouch!) */ 170 /* Calculate public key (ouch!) */
161 if (!(dsa->pub_key = BN_new())) { 171 if (!(dsa->pub_key = BN_new())) {
162 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); 172 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
163 DSA_free (dsa); 173 goto dsaerr;
164 return NULL;
165 } 174 }
166 if (!(ctx = BN_CTX_new())) { 175 if (!(ctx = BN_CTX_new())) {
167 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); 176 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
168 DSA_free (dsa); 177 goto dsaerr;
169 return NULL;
170 } 178 }
171 179
172 if (!BN_mod_exp(dsa->pub_key, dsa->g, 180 if (!BN_mod_exp(dsa->pub_key, dsa->g,
173 dsa->priv_key, dsa->p, ctx)) { 181 dsa->priv_key, dsa->p, ctx)) {
174 182
175 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR); 183 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR);
176 BN_CTX_free (ctx); 184 goto dsaerr;
177 DSA_free (dsa);
178 return NULL;
179 } 185 }
180 186
181 EVP_PKEY_assign_DSA (pkey, dsa); 187 EVP_PKEY_assign_DSA(pkey, dsa);
182 BN_CTX_free (ctx); 188 BN_CTX_free (ctx);
189 sk_pop_free(ndsa, ASN1_TYPE_free);
190 break;
191 dsaerr:
192 BN_CTX_free (ctx);
193 sk_pop_free(ndsa, ASN1_TYPE_free);
194 DSA_free(dsa);
195 EVP_PKEY_free(pkey);
196 return NULL;
183 break; 197 break;
184#endif 198#endif
185 default: 199 default:
@@ -193,30 +207,35 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
193 return pkey; 207 return pkey;
194} 208}
195 209
210PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
211{
212 return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
213}
214
196/* Turn a private key into a PKCS8 structure */ 215/* Turn a private key into a PKCS8 structure */
197 216
198PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) 217PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
199{ 218{
200 PKCS8_PRIV_KEY_INFO *p8; 219 PKCS8_PRIV_KEY_INFO *p8;
201#ifndef NO_DSA 220
202 ASN1_INTEGER *dpkey;
203 unsigned char *p, *q;
204 int len;
205#endif
206 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { 221 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
207 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 222 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
208 return NULL; 223 return NULL;
209 } 224 }
225 p8->broken = broken;
210 ASN1_INTEGER_set (p8->version, 0); 226 ASN1_INTEGER_set (p8->version, 0);
211 if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) { 227 if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) {
212 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 228 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
213 PKCS8_PRIV_KEY_INFO_free (p8); 229 PKCS8_PRIV_KEY_INFO_free (p8);
214 return NULL; 230 return NULL;
215 } 231 }
232 p8->pkey->type = V_ASN1_OCTET_STRING;
216 switch (EVP_PKEY_type(pkey->type)) { 233 switch (EVP_PKEY_type(pkey->type)) {
217#ifndef NO_RSA 234#ifndef NO_RSA
218 case EVP_PKEY_RSA: 235 case EVP_PKEY_RSA:
219 236
237 if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE;
238
220 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption); 239 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption);
221 p8->pkeyalg->parameter->type = V_ASN1_NULL; 240 p8->pkeyalg->parameter->type = V_ASN1_NULL;
222 if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey, 241 if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey,
@@ -229,36 +248,11 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
229#endif 248#endif
230#ifndef NO_DSA 249#ifndef NO_DSA
231 case EVP_PKEY_DSA: 250 case EVP_PKEY_DSA:
232 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); 251 if(!dsa_pkey2pkcs8(p8, pkey)) {
233
234 /* get paramaters and place in AlgorithmIdentifier */
235 len = i2d_DSAparams (pkey->pkey.dsa, NULL);
236 if (!(p = Malloc(len))) {
237 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
238 PKCS8_PRIV_KEY_INFO_free (p8); 252 PKCS8_PRIV_KEY_INFO_free (p8);
239 return NULL; 253 return NULL;
240 } 254 }
241 q = p; 255
242 i2d_DSAparams (pkey->pkey.dsa, &q);
243 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
244 p8->pkeyalg->parameter->value.sequence = ASN1_STRING_new();
245 ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, len);
246 Free(p);
247 /* Get private key into an integer and pack */
248 if (!(dpkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
249 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
250 PKCS8_PRIV_KEY_INFO_free (p8);
251 return NULL;
252 }
253
254 if (!ASN1_pack_string((char *)dpkey, i2d_ASN1_INTEGER,
255 &p8->pkey->value.octet_string)) {
256 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
257 ASN1_INTEGER_free (dpkey);
258 PKCS8_PRIV_KEY_INFO_free (p8);
259 return NULL;
260 }
261 ASN1_INTEGER_free (dpkey);
262 break; 256 break;
263#endif 257#endif
264 default: 258 default:
@@ -266,9 +260,8 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
266 PKCS8_PRIV_KEY_INFO_free (p8); 260 PKCS8_PRIV_KEY_INFO_free (p8);
267 return NULL; 261 return NULL;
268 } 262 }
269 p8->pkey->type = V_ASN1_OCTET_STRING; 263 RAND_add(p8->pkey->value.octet_string->data,
270 RAND_seed (p8->pkey->value.octet_string->data, 264 p8->pkey->value.octet_string->length, 0);
271 p8->pkey->value.octet_string->length);
272 return p8; 265 return p8;
273} 266}
274 267
@@ -295,4 +288,112 @@ PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
295 } 288 }
296} 289}
297 290
291#ifndef NO_DSA
292static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
293{
294 ASN1_STRING *params;
295 ASN1_INTEGER *prkey;
296 ASN1_TYPE *ttmp;
297 STACK *ndsa;
298 unsigned char *p, *q;
299 int len;
300 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
301 len = i2d_DSAparams (pkey->pkey.dsa, NULL);
302 if (!(p = Malloc(len))) {
303 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
304 PKCS8_PRIV_KEY_INFO_free (p8);
305 return 0;
306 }
307 q = p;
308 i2d_DSAparams (pkey->pkey.dsa, &q);
309 params = ASN1_STRING_new();
310 ASN1_STRING_set(params, p, len);
311 Free(p);
312 /* Get private key into integer */
313 if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
314 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
315 return 0;
316 }
317
318 switch(p8->broken) {
298 319
320 case PKCS8_OK:
321 case PKCS8_NO_OCTET:
322
323 if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER,
324 &p8->pkey->value.octet_string)) {
325 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
326 M_ASN1_INTEGER_free (prkey);
327 return 0;
328 }
329
330 M_ASN1_INTEGER_free (prkey);
331 p8->pkeyalg->parameter->value.sequence = params;
332 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
333
334 break;
335
336 case PKCS8_NS_DB:
337
338 p8->pkeyalg->parameter->value.sequence = params;
339 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
340 ndsa = sk_new_null();
341 ttmp = ASN1_TYPE_new();
342 if (!(ttmp->value.integer = BN_to_ASN1_INTEGER (pkey->pkey.dsa->pub_key, NULL))) {
343 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
344 PKCS8_PRIV_KEY_INFO_free(p8);
345 return 0;
346 }
347 ttmp->type = V_ASN1_INTEGER;
348 sk_push(ndsa, (char *)ttmp);
349
350 ttmp = ASN1_TYPE_new();
351 ttmp->value.integer = prkey;
352 ttmp->type = V_ASN1_INTEGER;
353 sk_push(ndsa, (char *)ttmp);
354
355 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
356
357 if (!ASN1_seq_pack(ndsa, i2d_ASN1_TYPE,
358 &p8->pkey->value.octet_string->data,
359 &p8->pkey->value.octet_string->length)) {
360
361 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
362 sk_pop_free(ndsa, ASN1_TYPE_free);
363 M_ASN1_INTEGER_free(prkey);
364 return 0;
365 }
366 sk_pop_free(ndsa, ASN1_TYPE_free);
367 break;
368
369 case PKCS8_EMBEDDED_PARAM:
370
371 p8->pkeyalg->parameter->type = V_ASN1_NULL;
372 ndsa = sk_new_null();
373 ttmp = ASN1_TYPE_new();
374 ttmp->value.sequence = params;
375 ttmp->type = V_ASN1_SEQUENCE;
376 sk_push(ndsa, (char *)ttmp);
377
378 ttmp = ASN1_TYPE_new();
379 ttmp->value.integer = prkey;
380 ttmp->type = V_ASN1_INTEGER;
381 sk_push(ndsa, (char *)ttmp);
382
383 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
384
385 if (!ASN1_seq_pack(ndsa, i2d_ASN1_TYPE,
386 &p8->pkey->value.octet_string->data,
387 &p8->pkey->value.octet_string->length)) {
388
389 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
390 sk_pop_free(ndsa, ASN1_TYPE_free);
391 M_ASN1_INTEGER_free (prkey);
392 return 0;
393 }
394 sk_pop_free(ndsa, ASN1_TYPE_free);
395 break;
396 }
397 return 1;
398}
399#endif
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
index 3422b77de6..4cb387f8de 100644
--- a/src/lib/libcrypto/evp/p_lib.c
+++ b/src/lib/libcrypto/evp/p_lib.c
@@ -119,7 +119,7 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
119 119
120 if (EVP_PKEY_missing_parameters(from)) 120 if (EVP_PKEY_missing_parameters(from))
121 { 121 {
122 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARMATERS); 122 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
123 goto err; 123 goto err;
124 } 124 }
125#ifndef NO_DSA 125#ifndef NO_DSA
@@ -202,8 +202,66 @@ int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key)
202 pkey->type=EVP_PKEY_type(type); 202 pkey->type=EVP_PKEY_type(type);
203 pkey->save_type=type; 203 pkey->save_type=type;
204 pkey->pkey.ptr=key; 204 pkey->pkey.ptr=key;
205 return(1); 205 return(key != NULL);
206 }
207
208#ifndef NO_RSA
209int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
210{
211 int ret = EVP_PKEY_assign_RSA(pkey, key);
212 if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_RSA);
213 return ret;
214}
215
216RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
217 {
218 if(pkey->type != EVP_PKEY_RSA) {
219 EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
220 return NULL;
221 }
222 CRYPTO_add(&pkey->pkey.rsa->references, 1, CRYPTO_LOCK_RSA);
223 return pkey->pkey.rsa;
224}
225#endif
226
227#ifndef NO_DSA
228int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
229{
230 int ret = EVP_PKEY_assign_DSA(pkey, key);
231 if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DSA);
232 return ret;
233}
234
235DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
236 {
237 if(pkey->type != EVP_PKEY_DSA) {
238 EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
239 return NULL;
240 }
241 CRYPTO_add(&pkey->pkey.dsa->references, 1, CRYPTO_LOCK_DSA);
242 return pkey->pkey.dsa;
243}
244#endif
245
246#ifndef NO_DH
247
248int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
249{
250 int ret = EVP_PKEY_assign_DH(pkey, key);
251 if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DH);
252 return ret;
253}
254
255DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
256 {
257 if(pkey->type != EVP_PKEY_DH) {
258 EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
259 return NULL;
206 } 260 }
261 CRYPTO_add(&pkey->pkey.dh->references, 1, CRYPTO_LOCK_DH);
262 return pkey->pkey.dh;
263}
264#endif
207 265
208int EVP_PKEY_type(int type) 266int EVP_PKEY_type(int type)
209 { 267 {
@@ -244,7 +302,7 @@ void EVP_PKEY_free(EVP_PKEY *x)
244 } 302 }
245#endif 303#endif
246 EVP_PKEY_free_it(x); 304 EVP_PKEY_free_it(x);
247 Free((char *)x); 305 Free(x);
248 } 306 }
249 307
250static void EVP_PKEY_free_it(EVP_PKEY *x) 308static void EVP_PKEY_free_it(EVP_PKEY *x)
diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c
index ddb9fd6942..b9ca7892c2 100644
--- a/src/lib/libcrypto/evp/p_open.c
+++ b/src/lib/libcrypto/evp/p_open.c
@@ -110,4 +110,10 @@ int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
110 EVP_DecryptInit(ctx,NULL,NULL,NULL); 110 EVP_DecryptInit(ctx,NULL,NULL,NULL);
111 return(i); 111 return(i);
112 } 112 }
113#else /* !NO_RSA */
114
115# ifdef PEDANTIC
116static void *dummy=&dummy;
117# endif
118
113#endif 119#endif
diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c
index 09b46f4b0e..d449e892bf 100644
--- a/src/lib/libcrypto/evp/p_seal.c
+++ b/src/lib/libcrypto/evp/p_seal.c
@@ -73,9 +73,10 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
73 int i; 73 int i;
74 74
75 if (npubk <= 0) return(0); 75 if (npubk <= 0) return(0);
76 RAND_bytes(key,EVP_MAX_KEY_LENGTH); 76 if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) <= 0)
77 return(0);
77 if (type->iv_len > 0) 78 if (type->iv_len > 0)
78 RAND_bytes(iv,type->iv_len); 79 RAND_pseudo_bytes(iv,type->iv_len);
79 80
80 EVP_CIPHER_CTX_init(ctx); 81 EVP_CIPHER_CTX_init(ctx);
81 EVP_EncryptInit(ctx,type,key,iv); 82 EVP_EncryptInit(ctx,type,key,iv);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-05 00:05:51 +0000