1 files changed, 95 insertions, 91 deletions
diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c
index bac7b16b44..e39de08c9a 100644
--- a/src/lib/libcrypto/pem/pem_seal.c
+++ b/src/lib/libcrypto/pem/pem_seal.c
@@ -5,21 +5,21 @@
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
- * 
+ *
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
+ *
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
- * 
+ *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
@@ -34,10 +34,10 @@
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
+ * 4. If you include any Windows specific code (or a derivative thereof) from
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
+ *
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
- * 
+ *
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
@@ -67,125 +67,129 @@
 #include <openssl/pem.h>
 #include <openssl/rsa.h>
-int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
+int
-             unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk,
+PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
-             int npubk)
+    unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
-        {
+{
        unsigned char key[EVP_MAX_KEY_LENGTH];
-        int ret= -1;
+        int ret = -1;
-        int i,j,max=0;
+        int i, j, max = 0;
-        char *s=NULL;
+        char *s = NULL;
-        for (i=0; i<npubk; i++)
+        for (i = 0; i < npubk; i++) {
-                {
+                if (pubk[i]->type != EVP_PKEY_RSA) {
-                if (pubk[i]->type != EVP_PKEY_RSA)
+                        PEMerr(PEM_F_PEM_SEALINIT, PEM_R_PUBLIC_KEY_NO_RSA);
-                        {
-                        PEMerr(PEM_F_PEM_SEALINIT,PEM_R_PUBLIC_KEY_NO_RSA);
                        goto err;
-                        }
-                j=RSA_size(pubk[i]->pkey.rsa);
-                if (j > max) max=j;
                }
-        s=(char *)malloc(max*2);
+                j = RSA_size(pubk[i]->pkey.rsa);
-        if (s == NULL)
+                if (j > max)
-                {
+                        max = j;
-                PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE);
+        }
+        s = (char *)malloc(max*2);
+        if (s == NULL) {
+                PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE);
                goto err;
-                }
+        }
        EVP_EncodeInit(&ctx->encode);
        EVP_MD_CTX_init(&ctx->md);
-        if (!EVP_SignInit(&ctx->md,md_type))
+        if (!EVP_SignInit(&ctx->md, md_type))
                goto err;
        EVP_CIPHER_CTX_init(&ctx->cipher);
-        ret=EVP_SealInit(&ctx->cipher,type,ek,ekl,iv,pubk,npubk);
+        ret = EVP_SealInit(&ctx->cipher, type, ek, ekl, iv, pubk, npubk);
-        if (ret <= 0) goto err;
+        if (ret <= 0)
+                goto err;
        /* base64 encode the keys */
-        for (i=0; i<npubk; i++)
+        for (i = 0; i < npubk; i++) {
-                {
+                j = EVP_EncodeBlock((unsigned char *)s, ek[i],
-                j=EVP_EncodeBlock((unsigned char *)s,ek[i],
+                    RSA_size(pubk[i]->pkey.rsa));
-                        RSA_size(pubk[i]->pkey.rsa));
+                ekl[i] = j;
-                ekl[i]=j;
+                memcpy(ek[i], s, j + 1);
-                memcpy(ek[i],s,j+1);
-                }
-        ret=npubk;
-err:
-        if (s != NULL) free(s);
-        OPENSSL_cleanse(key,EVP_MAX_KEY_LENGTH);
-        return(ret);
        }
-void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+        ret = npubk;
-             unsigned char *in, int inl)
-        {
+err:
+        if (s != NULL)
+                free(s);
+        OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
+        return (ret);
+}
+void
+PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+    unsigned char *in, int inl)
+{
        unsigned char buffer[1600];
-        int i,j;
+        int i, j;
-        *outl=0;
+        *outl = 0;
-        EVP_SignUpdate(&ctx->md,in,inl);
+        EVP_SignUpdate(&ctx->md, in, inl);
-        for (;;)
+        for (;;) {
-                {
+                if (inl <= 0)
-                if (inl <= 0) break;
+                        break;
                if (inl > 1200)
-                        i=1200;
+                        i = 1200;
                else
-                        i=inl;
+                        i = inl;
-                EVP_EncryptUpdate(&ctx->cipher,buffer,&j,in,i);
+                EVP_EncryptUpdate(&ctx->cipher, buffer, &j, in, i);
-                EVP_EncodeUpdate(&ctx->encode,out,&j,buffer,j);
+                EVP_EncodeUpdate(&ctx->encode, out, &j, buffer, j);
-                *outl+=j;
+                *outl += j;
-                out+=j;
+                out += j;
-                in+=i;
+                in += i;
-                inl-=i;
+                inl -= i;
-                }
        }
+}
-int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
-             unsigned char *out, int *outl, EVP_PKEY *priv)
+int
-        {
+PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
-        unsigned char *s=NULL;
+    unsigned char *out, int *outl, EVP_PKEY *priv)
-        int ret=0,j;
+{
+        unsigned char *s = NULL;
+        int ret = 0, j;
        unsigned int i;
-        if (priv->type != EVP_PKEY_RSA)
+        if (priv->type != EVP_PKEY_RSA) {
-                {
+                PEMerr(PEM_F_PEM_SEALFINAL, PEM_R_PUBLIC_KEY_NO_RSA);
-                PEMerr(PEM_F_PEM_SEALFINAL,PEM_R_PUBLIC_KEY_NO_RSA);
                goto err;
-                }
+        }
-        i=RSA_size(priv->pkey.rsa);
+        i = RSA_size(priv->pkey.rsa);
-        if (i < 100) i=100;
+        if (i < 100)
-        s=(unsigned char *)malloc(i*2);
+                i = 100;
-        if (s == NULL)
+        s = (unsigned char *)malloc(i*2);
-                {
+        if (s == NULL) {
-                PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE);
+                PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE);
                goto err;
-                }
+        }
-        if (!EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i))
+        if (!EVP_EncryptFinal_ex(&ctx->cipher, s, (int *)&i))
                goto err;
-        EVP_EncodeUpdate(&ctx->encode,out,&j,s,i);
+        EVP_EncodeUpdate(&ctx->encode, out, &j, s, i);
-        *outl=j;
+        *outl = j;
-        out+=j;
+        out += j;
-        EVP_EncodeFinal(&ctx->encode,out,&j);
+        EVP_EncodeFinal(&ctx->encode, out, &j);
-        *outl+=j;
+        *outl += j;
-        if (!EVP_SignFinal(&ctx->md,s,&i,priv)) goto err;
+        if (!EVP_SignFinal(&ctx->md, s,&i, priv))
-        *sigl=EVP_EncodeBlock(sig,s,i);
+                goto err;
+        *sigl = EVP_EncodeBlock(sig, s, i);
+        ret = 1;
-        ret=1;
 err:
        EVP_MD_CTX_cleanup(&ctx->md);
        EVP_CIPHER_CTX_cleanup(&ctx->cipher);
-        if (s != NULL) free(s);
+        if (s != NULL)
-        return(ret);
+                free(s);
-        }
+        return (ret);
+}
 #else /* !OPENSSL_NO_RSA */
 # if PEDANTIC
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 # endif
 #endif

diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c index bac7b16b44..e39de08c9a 100644 --- a/src/lib/libcrypto/pem/pem_seal.c +++ b/src/lib/libcrypto/pem/pem_seal.c
@@ -5,21 +5,21 @@
5	* This package is an SSL implementation written	5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).	6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.	7	* The implementation was written so as to conform with Netscapes SSL.
8	*	8	*
9	* This library is free for commercial and non-commercial use as long as	9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions	10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,	11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation	12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms	13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).	14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*	15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in	16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.	17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution	18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.	19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or	20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.	21	* in documentation (online or textual) provided with the package.
22	*	22	*
23	* Redistribution and use in source and binary forms, with or without	23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions	24	* modification, are permitted provided that the following conditions
25	* are met:	25	* are met:
@@ -34,10 +34,10 @@
34	* Eric Young (eay@cryptsoft.com)"	34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library	35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).	36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from	37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:	38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"	39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*	40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND	41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE	42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE	43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY	49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF	50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.	51	* SUCH DAMAGE.
52	*	52	*
53	* The licence and distribution terms for any publically available version or	53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be	54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence	55	* copied and put under another distribution licence
@@ -67,125 +67,129 @@
67	#include <openssl/pem.h>	67	#include <openssl/pem.h>
68	#include <openssl/rsa.h>	68	#include <openssl/rsa.h>
69		69
70	int PEM_SealInit(PEM_ENCODE_SEAL_CTX ctx, EVP_CIPHER type, EVP_MD *md_type,	70	int
71	unsigned char *ek, int ekl, unsigned char iv, EVP_PKEY *pubk,	71	PEM_SealInit(PEM_ENCODE_SEAL_CTX ctx, EVP_CIPHER type, EVP_MD *md_type,
72	int npubk)	72	unsigned char *ek, int ekl, unsigned char iv, EVP_PKEY *pubk, int npubk)
73	{	73	{
74	unsigned char key[EVP_MAX_KEY_LENGTH];	74	unsigned char key[EVP_MAX_KEY_LENGTH];
75	int ret= -1;	75	int ret = -1;
76	int i,j,max=0;	76	int i, j, max = 0;
77	char *s=NULL;	77	char *s = NULL;
78		78
79	for (i=0; i<npubk; i++)	79	for (i = 0; i < npubk; i++) {
80	{	80	if (pubk[i]->type != EVP_PKEY_RSA) {
81	if (pubk[i]->type != EVP_PKEY_RSA)	81	PEMerr(PEM_F_PEM_SEALINIT, PEM_R_PUBLIC_KEY_NO_RSA);
82	{
83	PEMerr(PEM_F_PEM_SEALINIT,PEM_R_PUBLIC_KEY_NO_RSA);
84	goto err;	82	goto err;
85	}
86	j=RSA_size(pubk[i]->pkey.rsa);
87	if (j > max) max=j;
88	}	83	}
89	s=(char )malloc(max2);	84	j = RSA_size(pubk[i]->pkey.rsa);
90	if (s == NULL)	85	if (j > max)
91	{	86	max = j;
92	PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE);	87	}
		88	s = (char )malloc(max2);
		89	if (s == NULL) {
		90	PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE);
93	goto err;	91	goto err;
94	}	92	}
95		93
96	EVP_EncodeInit(&ctx->encode);	94	EVP_EncodeInit(&ctx->encode);
97		95
98	EVP_MD_CTX_init(&ctx->md);	96	EVP_MD_CTX_init(&ctx->md);
99	if (!EVP_SignInit(&ctx->md,md_type))	97	if (!EVP_SignInit(&ctx->md, md_type))
100	goto err;	98	goto err;
101		99
102	EVP_CIPHER_CTX_init(&ctx->cipher);	100	EVP_CIPHER_CTX_init(&ctx->cipher);
103	ret=EVP_SealInit(&ctx->cipher,type,ek,ekl,iv,pubk,npubk);	101	ret = EVP_SealInit(&ctx->cipher, type, ek, ekl, iv, pubk, npubk);
104	if (ret <= 0) goto err;	102	if (ret <= 0)
		103	goto err;
105		104
106	/* base64 encode the keys */	105	/* base64 encode the keys */
107	for (i=0; i<npubk; i++)	106	for (i = 0; i < npubk; i++) {
108	{	107	j = EVP_EncodeBlock((unsigned char *)s, ek[i],
109	j=EVP_EncodeBlock((unsigned char *)s,ek[i],	108	RSA_size(pubk[i]->pkey.rsa));
110	RSA_size(pubk[i]->pkey.rsa));	109	ekl[i] = j;
111	ekl[i]=j;	110	memcpy(ek[i], s, j + 1);
112	memcpy(ek[i],s,j+1);
113	}
114
115	ret=npubk;
116	err:
117	if (s != NULL) free(s);
118	OPENSSL_cleanse(key,EVP_MAX_KEY_LENGTH);
119	return(ret);
120	}	111	}
121		112
122	void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX ctx, unsigned char out, int *outl,	113	ret = npubk;
123	unsigned char *in, int inl)	114
124	{	115	err:
		116	if (s != NULL)
		117	free(s);
		118	OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
		119	return (ret);
		120	}
		121
		122	void
		123	PEM_SealUpdate(PEM_ENCODE_SEAL_CTX ctx, unsigned char out, int *outl,
		124	unsigned char *in, int inl)
		125	{
125	unsigned char buffer[1600];	126	unsigned char buffer[1600];
126	int i,j;	127	int i, j;
127		128
128	*outl=0;	129	*outl = 0;
129	EVP_SignUpdate(&ctx->md,in,inl);	130	EVP_SignUpdate(&ctx->md, in, inl);
130	for (;;)	131	for (;;) {
131	{	132	if (inl <= 0)
132	if (inl <= 0) break;	133	break;
133	if (inl > 1200)	134	if (inl > 1200)
134	i=1200;	135	i = 1200;
135	else	136	else
136	i=inl;	137	i = inl;
137	EVP_EncryptUpdate(&ctx->cipher,buffer,&j,in,i);	138	EVP_EncryptUpdate(&ctx->cipher, buffer, &j, in, i);
138	EVP_EncodeUpdate(&ctx->encode,out,&j,buffer,j);	139	EVP_EncodeUpdate(&ctx->encode, out, &j, buffer, j);
139	*outl+=j;	140	*outl += j;
140	out+=j;	141	out += j;
141	in+=i;	142	in += i;
142	inl-=i;	143	inl -= i;
143	}
144	}	144	}
145		145	}
146	int PEM_SealFinal(PEM_ENCODE_SEAL_CTX ctx, unsigned char sig, int *sigl,	146
147	unsigned char out, int outl, EVP_PKEY *priv)	147	int
148	{	148	PEM_SealFinal(PEM_ENCODE_SEAL_CTX ctx, unsigned char sig, int *sigl,
149	unsigned char *s=NULL;	149	unsigned char out, int outl, EVP_PKEY *priv)
150	int ret=0,j;	150	{
		151	unsigned char *s = NULL;
		152	int ret = 0, j;
151	unsigned int i;	153	unsigned int i;
152		154
153	if (priv->type != EVP_PKEY_RSA)	155	if (priv->type != EVP_PKEY_RSA) {
154	{	156	PEMerr(PEM_F_PEM_SEALFINAL, PEM_R_PUBLIC_KEY_NO_RSA);
155	PEMerr(PEM_F_PEM_SEALFINAL,PEM_R_PUBLIC_KEY_NO_RSA);
156	goto err;	157	goto err;
157	}	158	}
158	i=RSA_size(priv->pkey.rsa);	159	i = RSA_size(priv->pkey.rsa);
159	if (i < 100) i=100;	160	if (i < 100)
160	s=(unsigned char )malloc(i2);	161	i = 100;
161	if (s == NULL)	162	s = (unsigned char )malloc(i2);
162	{	163	if (s == NULL) {
163	PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE);	164	PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE);
164	goto err;	165	goto err;
165	}	166	}
166		167
167	if (!EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i))	168	if (!EVP_EncryptFinal_ex(&ctx->cipher, s, (int *)&i))
168	goto err;	169	goto err;
169	EVP_EncodeUpdate(&ctx->encode,out,&j,s,i);	170	EVP_EncodeUpdate(&ctx->encode, out, &j, s, i);
170	*outl=j;	171	*outl = j;
171	out+=j;	172	out += j;
172	EVP_EncodeFinal(&ctx->encode,out,&j);	173	EVP_EncodeFinal(&ctx->encode, out, &j);
173	*outl+=j;	174	*outl += j;
174		175
175	if (!EVP_SignFinal(&ctx->md,s,&i,priv)) goto err;	176	if (!EVP_SignFinal(&ctx->md, s,&i, priv))
176	*sigl=EVP_EncodeBlock(sig,s,i);	177	goto err;
		178	*sigl = EVP_EncodeBlock(sig, s, i);
		179
		180	ret = 1;
177		181
178	ret=1;
179	err:	182	err:
180	EVP_MD_CTX_cleanup(&ctx->md);	183	EVP_MD_CTX_cleanup(&ctx->md);
181	EVP_CIPHER_CTX_cleanup(&ctx->cipher);	184	EVP_CIPHER_CTX_cleanup(&ctx->cipher);
182	if (s != NULL) free(s);	185	if (s != NULL)
183	return(ret);	186	free(s);
184	}	187	return (ret);
		188	}
185	#else /* !OPENSSL_NO_RSA */	189	#else /* !OPENSSL_NO_RSA */
186		190
187	# if PEDANTIC	191	# if PEDANTIC
188	static void *dummy=&dummy;	192	static void *dummy = &dummy;
189	# endif	193	# endif
190		194
191	#endif	195	#endif