1 files changed, 123 insertions, 102 deletions
diff --git a/src/lib/libssl/src/crypto/bn/bn_lib.c b/src/lib/libssl/src/crypto/bn/bn_lib.c
index e1660450bc..2649b8c538 100644
--- a/src/lib/libssl/src/crypto/bn/bn_lib.c
+++ b/src/lib/libssl/src/crypto/bn/bn_lib.c
@@ -67,8 +67,10 @@
 #include "cryptlib.h"
 #include "bn_lcl.h"
-const char *BN_version="Big Number" OPENSSL_VERSION_PTEXT;
+const char BN_version[]="Big Number" OPENSSL_VERSION_PTEXT;
+/* This stuff appears to be completely unused, so is deprecated */
+#ifndef OPENSSL_NO_DEPRECATED
 /* For a 32 bit machine
 * 2 -   4 ==  128
 * 3 -   8 ==  256
@@ -91,28 +93,28 @@ void BN_set_params(int mult, int high, int low, int mont)
        {
        if (mult >= 0)
                {
-                if (mult > (sizeof(int)*8)-1)
+                if (mult > (int)(sizeof(int)*8)-1)
                        mult=sizeof(int)*8-1;
                bn_limit_bits=mult;
                bn_limit_num=1<<mult;
                }
        if (high >= 0)
                {
-                if (high > (sizeof(int)*8)-1)
+                if (high > (int)(sizeof(int)*8)-1)
                        high=sizeof(int)*8-1;
                bn_limit_bits_high=high;
                bn_limit_num_high=1<<high;
                }
        if (low >= 0)
                {
-                if (low > (sizeof(int)*8)-1)
+                if (low > (int)(sizeof(int)*8)-1)
                        low=sizeof(int)*8-1;
                bn_limit_bits_low=low;
                bn_limit_num_low=1<<low;
                }
        if (mont >= 0)
                {
-                if (mont > (sizeof(int)*8)-1)
+                if (mont > (int)(sizeof(int)*8)-1)
                        mont=sizeof(int)*8-1;
                bn_limit_bits_mont=mont;
                bn_limit_num_mont=1<<mont;
@@ -127,11 +129,12 @@ int BN_get_params(int which)
        else if (which == 3) return(bn_limit_bits_mont);
        else return(0);
        }
+#endif
 const BIGNUM *BN_value_one(void)
        {
        static BN_ULONG data_one=1L;
-        static BIGNUM const_one={&data_one,1,1,0};
+        static BIGNUM const_one={&data_one,1,1,0,BN_FLG_STATIC_DATA};
        return(&const_one);
        }
@@ -244,16 +247,11 @@ int BN_num_bits_word(BN_ULONG l)
 int BN_num_bits(const BIGNUM *a)
        {
-        BN_ULONG l;
+        int i = a->top - 1;
-        int i;
        bn_check_top(a);
-        if (a->top == 0) return(0);
+        if (BN_is_zero(a)) return 0;
-        l=a->d[a->top-1];
+        return ((i*BN_BITS2) + BN_num_bits_word(a->d[i]));
-        assert(l != 0);
-        i=(a->top-1)*BN_BITS2;
-        return(i+BN_num_bits_word(l));
        }
 void BN_clear_free(BIGNUM *a)
@@ -261,6 +259,7 @@ void BN_clear_free(BIGNUM *a)
        int i;
        if (a == NULL) return;
+        bn_check_top(a);
        if (a->d != NULL)
                {
                OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0]));
@@ -276,16 +275,24 @@ void BN_clear_free(BIGNUM *a)
 void BN_free(BIGNUM *a)
        {
        if (a == NULL) return;
+        bn_check_top(a);
        if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA)))
                OPENSSL_free(a->d);
-        a->flags|=BN_FLG_FREE; /* REMOVE? */
        if (a->flags & BN_FLG_MALLOCED)
                OPENSSL_free(a);
+        else
+                {
+#ifndef OPENSSL_NO_DEPRECATED
+                a->flags|=BN_FLG_FREE;
+#endif
+                a->d = NULL;
+                }
        }
 void BN_init(BIGNUM *a)
        {
        memset(a,0,sizeof(BIGNUM));
+        bn_check_top(a);
        }
 BIGNUM *BN_new(void)
@@ -302,6 +309,7 @@ BIGNUM *BN_new(void)
        ret->neg=0;
        ret->dmax=0;
        ret->d=NULL;
+        bn_check_top(ret);
        return(ret);
        }
@@ -313,19 +321,19 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
        const BN_ULONG *B;
        int i;
+        bn_check_top(b);
        if (words > (INT_MAX/(4*BN_BITS2)))
                {
                BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_BIGNUM_TOO_LONG);
                return NULL;
                }
-        bn_check_top(b);        
        if (BN_get_flags(b,BN_FLG_STATIC_DATA))
                {
                BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
                return(NULL);
                }
-        a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*(words+1));
+        a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*words);
        if (A == NULL)
                {
                BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE);
@@ -363,19 +371,8 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
                        }
                }
-        /* Now need to zero any data between b->top and b->max */
-        /* XXX Why? */
-        A= &(a[b->top]);
-        for (i=(words - b->top)>>3; i>0; i--,A+=8)
-                {
-                A[0]=0; A[1]=0; A[2]=0; A[3]=0;
-                A[4]=0; A[5]=0; A[6]=0; A[7]=0;
-                }
-        for (i=(words - b->top)&7; i>0; i--,A++)
-                A[0]=0;
 #else
-        memset(A,0,sizeof(BN_ULONG)*(words+1));
+        memset(A,0,sizeof(BN_ULONG)*words);
        memcpy(A,b->d,sizeof(b->d[0])*b->top);
 #endif
                
@@ -393,16 +390,19 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
 * while bn_dup_expand() makes sure allocation is made only once.
 */
+#ifndef OPENSSL_NO_DEPRECATED
 BIGNUM *bn_dup_expand(const BIGNUM *b, int words)
        {
        BIGNUM *r = NULL;
+        bn_check_top(b);
        /* This function does not work if
         *      words <= b->dmax && top < words
         * because BN_dup() does not preserve 'dmax'!
         * (But bn_dup_expand() is not used anywhere yet.)
         */
-        
        if (words > b->dmax)
                {
                BN_ULONG *a = bn_expand_internal(b, words);
@@ -431,48 +431,67 @@ BIGNUM *bn_dup_expand(const BIGNUM *b, int words)
                r = BN_dup(b);
                }
+        bn_check_top(r);
        return r;
        }
+#endif
 /* This is an internal function that should not be used in applications.
- * It ensures that 'b' has enough room for a 'words' word number number.
+ * It ensures that 'b' has enough room for a 'words' word number
+ * and initialises any unused part of b->d with leading zeros.
 * It is mostly used by the various BIGNUM routines. If there is an error,
 * NULL is returned. If not, 'b' is returned. */
 BIGNUM *bn_expand2(BIGNUM *b, int words)
        {
+        bn_check_top(b);
        if (words > b->dmax)
                {
                BN_ULONG *a = bn_expand_internal(b, words);
+                if(!a) return NULL;
+                if(b->d) OPENSSL_free(b->d);
+                b->d=a;
+                b->dmax=words;
+                }
-                if (a)
+/* None of this should be necessary because of what b->top means! */
+#if 0
+        /* NB: bn_wexpand() calls this only if the BIGNUM really has to grow */
+        if (b->top < b->dmax)
+                {
+                int i;
+                BN_ULONG *A = &(b->d[b->top]);
+                for (i=(b->dmax - b->top)>>3; i>0; i--,A+=8)
                        {
-                        if (b->d)
+                        A[0]=0; A[1]=0; A[2]=0; A[3]=0;
-                                OPENSSL_free(b->d);
+                        A[4]=0; A[5]=0; A[6]=0; A[7]=0;
-                        b->d=a;
-                        b->dmax=words;
                        }
-                else
+                for (i=(b->dmax - b->top)&7; i>0; i--,A++)
-                        b = NULL;
+                        A[0]=0;
+                assert(A == &(b->d[b->dmax]));
                }
+#endif
+        bn_check_top(b);
        return b;
        }
 BIGNUM *BN_dup(const BIGNUM *a)
        {
-        BIGNUM *r, *t;
+        BIGNUM *t;
        if (a == NULL) return NULL;
        bn_check_top(a);
        t = BN_new();
-        if (t == NULL) return(NULL);
+        if (t == NULL) return NULL;
-        r = BN_copy(t, a);
+        if(!BN_copy(t, a))
-        /* now  r == t || r == NULL */
+                {
-        if (r == NULL)
                BN_free(t);
-        return r;
+                return NULL;
+                }
+        bn_check_top(t);
+        return t;
        }
 BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
@@ -506,11 +525,9 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
        memcpy(a->d,b->d,sizeof(b->d[0])*b->top);
 #endif
-/*      memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/
        a->top=b->top;
-        if ((a->top == 0) && (a->d != NULL))
-                a->d[0]=0;
        a->neg=b->neg;
+        bn_check_top(a);
        return(a);
        }
@@ -520,6 +537,9 @@ void BN_swap(BIGNUM *a, BIGNUM *b)
        BN_ULONG *tmp_d;
        int tmp_top, tmp_dmax, tmp_neg;
        
+        bn_check_top(a);
+        bn_check_top(b);
        flags_old_a = a->flags;
        flags_old_b = b->flags;
@@ -540,11 +560,13 @@ void BN_swap(BIGNUM *a, BIGNUM *b)
        
        a->flags = (flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA);
        b->flags = (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA);
+        bn_check_top(a);
+        bn_check_top(b);
        }
 void BN_clear(BIGNUM *a)
        {
+        bn_check_top(a);
        if (a->d != NULL)
                memset(a->d,0,a->dmax*sizeof(a->d[0]));
        a->top=0;
@@ -553,49 +575,22 @@ void BN_clear(BIGNUM *a)
 BN_ULONG BN_get_word(const BIGNUM *a)
        {
-        int i,n;
+        if (a->top > 1)
-        BN_ULONG ret=0;
+                return BN_MASK2;
+        else if (a->top == 1)
-        n=BN_num_bytes(a);
+                return a->d[0];
-        if (n > sizeof(BN_ULONG))
+        /* a->top == 0 */
-                return(BN_MASK2);
+        return 0;
-        for (i=a->top-1; i>=0; i--)
-                {
-#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
-                ret<<=BN_BITS4; /* stops the compiler complaining */
-                ret<<=BN_BITS4;
-#else
-                ret=0;
-#endif
-                ret|=a->d[i];
-                }
-        return(ret);
        }
 int BN_set_word(BIGNUM *a, BN_ULONG w)
        {
-        int i,n;
+        bn_check_top(a);
-        if (bn_expand(a,sizeof(BN_ULONG)*8) == NULL) return(0);
+        if (bn_expand(a,(int)sizeof(BN_ULONG)*8) == NULL) return(0);
+        a->neg = 0;
-        n=sizeof(BN_ULONG)/BN_BYTES;
+        a->d[0] = w;
-        a->neg=0;
+        a->top = (w ? 1 : 0);
-        a->top=0;
+        bn_check_top(a);
-        a->d[0]=(BN_ULONG)w&BN_MASK2;
-        if (a->d[0] != 0) a->top=1;
-        for (i=1; i<n; i++)
-                {
-                /* the following is done instead of
-                 * w>>=BN_BITS2 so compilers don't complain
-                 * on builds where sizeof(long) == BN_TYPES */
-#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
-                w>>=BN_BITS4;
-                w>>=BN_BITS4;
-#else
-                w=0;
-#endif
-                a->d[i]=(BN_ULONG)w&BN_MASK2;
-                if (a->d[i] != 0) a->top=i+1;
-                }
        return(1);
        }
@@ -604,9 +599,12 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
        unsigned int i,m;
        unsigned int n;
        BN_ULONG l;
+        BIGNUM  *bn = NULL;
-        if (ret == NULL) ret=BN_new();
+        if (ret == NULL)
+                ret = bn = BN_new();
        if (ret == NULL) return(NULL);
+        bn_check_top(ret);
        l=0;
        n=len;
        if (n == 0)
@@ -614,13 +612,16 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
                ret->top=0;
                return(ret);
                }
-        if (bn_expand(ret,(int)(n+2)*8) == NULL)
-                return(NULL);
        i=((n-1)/BN_BYTES)+1;
        m=((n-1)%(BN_BYTES));
+        if (bn_wexpand(ret, (int)i) == NULL)
+                {
+                if (bn) BN_free(bn);
+                return NULL;
+                }
        ret->top=i;
        ret->neg=0;
-        while (n-- > 0)
+        while (n--)
                {
                l=(l<<8L)| *(s++);
                if (m-- == 0)
@@ -632,7 +633,7 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
                }
        /* need to call this due to clear byte at top if avoiding
         * having the top bit set (-ve number) */
-        bn_fix_top(ret);
+        bn_correct_top(ret);
        return(ret);
        }
@@ -642,8 +643,9 @@ int BN_bn2bin(const BIGNUM *a, unsigned char *to)
        int n,i;
        BN_ULONG l;
+        bn_check_top(a);
        n=i=BN_num_bytes(a);
-        while (i-- > 0)
+        while (i--)
                {
                l=a->d[i/BN_BYTES];
                *(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff;
@@ -668,7 +670,7 @@ int BN_ucmp(const BIGNUM *a, const BIGNUM *b)
                t1= ap[i];
                t2= bp[i];
                if (t1 != t2)
-                        return(t1 > t2?1:-1);
+                        return((t1 > t2) ? 1 : -1);
                }
        return(0);
        }
@@ -718,6 +720,9 @@ int BN_set_bit(BIGNUM *a, int n)
        {
        int i,j,k;
+        if (n < 0)
+                return 0;
        i=n/BN_BITS2;
        j=n%BN_BITS2;
        if (a->top <= i)
@@ -729,6 +734,7 @@ int BN_set_bit(BIGNUM *a, int n)
                }
        a->d[i]|=(((BN_ULONG)1)<<j);
+        bn_check_top(a);
        return(1);
        }
@@ -736,12 +742,15 @@ int BN_clear_bit(BIGNUM *a, int n)
        {
        int i,j;
+        bn_check_top(a);
+        if (n < 0) return 0;
        i=n/BN_BITS2;
        j=n%BN_BITS2;
        if (a->top <= i) return(0);
        a->d[i]&=(~(((BN_ULONG)1)<<j));
-        bn_fix_top(a);
+        bn_correct_top(a);
        return(1);
        }
@@ -749,20 +758,24 @@ int BN_is_bit_set(const BIGNUM *a, int n)
        {
        int i,j;
-        if (n < 0) return(0);
+        bn_check_top(a);
+        if (n < 0) return 0;
        i=n/BN_BITS2;
        j=n%BN_BITS2;
-        if (a->top <= i) return(0);
+        if (a->top <= i) return 0;
-        return((a->d[i]&(((BN_ULONG)1)<<j))?1:0);
+        return(((a->d[i])>>j)&((BN_ULONG)1));
        }
 int BN_mask_bits(BIGNUM *a, int n)
        {
        int b,w;
+        bn_check_top(a);
+        if (n < 0) return 0;
        w=n/BN_BITS2;
        b=n%BN_BITS2;
-        if (w >= a->top) return(0);
+        if (w >= a->top) return 0;
        if (b == 0)
                a->top=w;
        else
@@ -770,10 +783,18 @@ int BN_mask_bits(BIGNUM *a, int n)
                a->top=w+1;
                a->d[w]&= ~(BN_MASK2<<b);
                }
-        bn_fix_top(a);
+        bn_correct_top(a);
        return(1);
        }
+void BN_set_negative(BIGNUM *a, int b)
+        {
+        if (b && !BN_is_zero(a))
+                a->neg = 1;
+        else
+                a->neg = 0;
+        }
 int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n)
        {
        int i;

diff --git a/src/lib/libssl/src/crypto/bn/bn_lib.c b/src/lib/libssl/src/crypto/bn/bn_lib.c index e1660450bc..2649b8c538 100644 --- a/src/lib/libssl/src/crypto/bn/bn_lib.c +++ b/src/lib/libssl/src/crypto/bn/bn_lib.c
@@ -67,8 +67,10 @@
67	#include "cryptlib.h"	67	#include "cryptlib.h"
68	#include "bn_lcl.h"	68	#include "bn_lcl.h"
69		69
70	const char *BN_version="Big Number" OPENSSL_VERSION_PTEXT;	70	const char BN_version[]="Big Number" OPENSSL_VERSION_PTEXT;
71		71
		72	/* This stuff appears to be completely unused, so is deprecated */
		73	#ifndef OPENSSL_NO_DEPRECATED
72	/* For a 32 bit machine	74	/* For a 32 bit machine
73	* 2 - 4 == 128	75	* 2 - 4 == 128
74	* 3 - 8 == 256	76	* 3 - 8 == 256
@@ -91,28 +93,28 @@ void BN_set_params(int mult, int high, int low, int mont)
91	{	93	{
92	if (mult >= 0)	94	if (mult >= 0)
93	{	95	{
94	if (mult > (sizeof(int)*8)-1)	96	if (mult > (int)(sizeof(int)*8)-1)
95	mult=sizeof(int)*8-1;	97	mult=sizeof(int)*8-1;
96	bn_limit_bits=mult;	98	bn_limit_bits=mult;
97	bn_limit_num=1<<mult;	99	bn_limit_num=1<<mult;
98	}	100	}
99	if (high >= 0)	101	if (high >= 0)
100	{	102	{
101	if (high > (sizeof(int)*8)-1)	103	if (high > (int)(sizeof(int)*8)-1)
102	high=sizeof(int)*8-1;	104	high=sizeof(int)*8-1;
103	bn_limit_bits_high=high;	105	bn_limit_bits_high=high;
104	bn_limit_num_high=1<<high;	106	bn_limit_num_high=1<<high;
105	}	107	}
106	if (low >= 0)	108	if (low >= 0)
107	{	109	{
108	if (low > (sizeof(int)*8)-1)	110	if (low > (int)(sizeof(int)*8)-1)
109	low=sizeof(int)*8-1;	111	low=sizeof(int)*8-1;
110	bn_limit_bits_low=low;	112	bn_limit_bits_low=low;
111	bn_limit_num_low=1<<low;	113	bn_limit_num_low=1<<low;
112	}	114	}
113	if (mont >= 0)	115	if (mont >= 0)
114	{	116	{
115	if (mont > (sizeof(int)*8)-1)	117	if (mont > (int)(sizeof(int)*8)-1)
116	mont=sizeof(int)*8-1;	118	mont=sizeof(int)*8-1;
117	bn_limit_bits_mont=mont;	119	bn_limit_bits_mont=mont;
118	bn_limit_num_mont=1<<mont;	120	bn_limit_num_mont=1<<mont;
@@ -127,11 +129,12 @@ int BN_get_params(int which)
127	else if (which == 3) return(bn_limit_bits_mont);	129	else if (which == 3) return(bn_limit_bits_mont);
128	else return(0);	130	else return(0);
129	}	131	}
		132	#endif
130		133
131	const BIGNUM *BN_value_one(void)	134	const BIGNUM *BN_value_one(void)
132	{	135	{
133	static BN_ULONG data_one=1L;	136	static BN_ULONG data_one=1L;
134	static BIGNUM const_one={&data_one,1,1,0};	137	static BIGNUM const_one={&data_one,1,1,0,BN_FLG_STATIC_DATA};
135		138
136	return(&const_one);	139	return(&const_one);
137	}	140	}
@@ -244,16 +247,11 @@ int BN_num_bits_word(BN_ULONG l)
244		247
245	int BN_num_bits(const BIGNUM *a)	248	int BN_num_bits(const BIGNUM *a)
246	{	249	{
247	BN_ULONG l;	250	int i = a->top - 1;
248	int i;
249
250	bn_check_top(a);	251	bn_check_top(a);
251		252
252	if (a->top == 0) return(0);	253	if (BN_is_zero(a)) return 0;
253	l=a->d[a->top-1];	254	return ((i*BN_BITS2) + BN_num_bits_word(a->d[i]));
254	assert(l != 0);
255	i=(a->top-1)*BN_BITS2;
256	return(i+BN_num_bits_word(l));
257	}	255	}
258		256
259	void BN_clear_free(BIGNUM *a)	257	void BN_clear_free(BIGNUM *a)
@@ -261,6 +259,7 @@ void BN_clear_free(BIGNUM *a)
261	int i;	259	int i;
262		260
263	if (a == NULL) return;	261	if (a == NULL) return;
		262	bn_check_top(a);
264	if (a->d != NULL)	263	if (a->d != NULL)
265	{	264	{
266	OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0]));	265	OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0]));
@@ -276,16 +275,24 @@ void BN_clear_free(BIGNUM *a)
276	void BN_free(BIGNUM *a)	275	void BN_free(BIGNUM *a)
277	{	276	{
278	if (a == NULL) return;	277	if (a == NULL) return;
		278	bn_check_top(a);
279	if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA)))	279	if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA)))
280	OPENSSL_free(a->d);	280	OPENSSL_free(a->d);
281	a->flags\|=BN_FLG_FREE; /* REMOVE? */
282	if (a->flags & BN_FLG_MALLOCED)	281	if (a->flags & BN_FLG_MALLOCED)
283	OPENSSL_free(a);	282	OPENSSL_free(a);
		283	else
		284	{
		285	#ifndef OPENSSL_NO_DEPRECATED
		286	a->flags\|=BN_FLG_FREE;
		287	#endif
		288	a->d = NULL;
		289	}
284	}	290	}
285		291
286	void BN_init(BIGNUM *a)	292	void BN_init(BIGNUM *a)
287	{	293	{
288	memset(a,0,sizeof(BIGNUM));	294	memset(a,0,sizeof(BIGNUM));
		295	bn_check_top(a);
289	}	296	}
290		297
291	BIGNUM *BN_new(void)	298	BIGNUM *BN_new(void)
@@ -302,6 +309,7 @@ BIGNUM *BN_new(void)
302	ret->neg=0;	309	ret->neg=0;
303	ret->dmax=0;	310	ret->dmax=0;
304	ret->d=NULL;	311	ret->d=NULL;
		312	bn_check_top(ret);
305	return(ret);	313	return(ret);
306	}	314	}
307		315
@@ -313,19 +321,19 @@ static BN_ULONG bn_expand_internal(const BIGNUM b, int words)
313	const BN_ULONG *B;	321	const BN_ULONG *B;
314	int i;	322	int i;
315		323
		324	bn_check_top(b);
		325
316	if (words > (INT_MAX/(4*BN_BITS2)))	326	if (words > (INT_MAX/(4*BN_BITS2)))
317	{	327	{
318	BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_BIGNUM_TOO_LONG);	328	BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_BIGNUM_TOO_LONG);
319	return NULL;	329	return NULL;
320	}	330	}
321
322	bn_check_top(b);
323	if (BN_get_flags(b,BN_FLG_STATIC_DATA))	331	if (BN_get_flags(b,BN_FLG_STATIC_DATA))
324	{	332	{
325	BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);	333	BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
326	return(NULL);	334	return(NULL);
327	}	335	}
328	a=A=(BN_ULONG )OPENSSL_malloc(sizeof(BN_ULONG)(words+1));	336	a=A=(BN_ULONG )OPENSSL_malloc(sizeof(BN_ULONG)words);
329	if (A == NULL)	337	if (A == NULL)
330	{	338	{
331	BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE);	339	BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE);
@@ -363,19 +371,8 @@ static BN_ULONG bn_expand_internal(const BIGNUM b, int words)
363	}	371	}
364	}	372	}
365		373
366	/* Now need to zero any data between b->top and b->max */
367	/* XXX Why? */
368
369	A= &(a[b->top]);
370	for (i=(words - b->top)>>3; i>0; i--,A+=8)
371	{
372	A[0]=0; A[1]=0; A[2]=0; A[3]=0;
373	A[4]=0; A[5]=0; A[6]=0; A[7]=0;
374	}
375	for (i=(words - b->top)&7; i>0; i--,A++)
376	A[0]=0;
377	#else	374	#else
378	memset(A,0,sizeof(BN_ULONG)*(words+1));	375	memset(A,0,sizeof(BN_ULONG)*words);
379	memcpy(A,b->d,sizeof(b->d[0])*b->top);	376	memcpy(A,b->d,sizeof(b->d[0])*b->top);
380	#endif	377	#endif
381		378
@@ -393,16 +390,19 @@ static BN_ULONG bn_expand_internal(const BIGNUM b, int words)
393	* while bn_dup_expand() makes sure allocation is made only once.	390	* while bn_dup_expand() makes sure allocation is made only once.
394	*/	391	*/
395		392
		393	#ifndef OPENSSL_NO_DEPRECATED
396	BIGNUM bn_dup_expand(const BIGNUM b, int words)	394	BIGNUM bn_dup_expand(const BIGNUM b, int words)
397	{	395	{
398	BIGNUM *r = NULL;	396	BIGNUM *r = NULL;
399		397
		398	bn_check_top(b);
		399
400	/* This function does not work if	400	/* This function does not work if
401	* words <= b->dmax && top < words	401	* words <= b->dmax && top < words
402	* because BN_dup() does not preserve 'dmax'!	402	* because BN_dup() does not preserve 'dmax'!
403	* (But bn_dup_expand() is not used anywhere yet.)	403	* (But bn_dup_expand() is not used anywhere yet.)
404	*/	404	*/
405		405
406	if (words > b->dmax)	406	if (words > b->dmax)
407	{	407	{
408	BN_ULONG *a = bn_expand_internal(b, words);	408	BN_ULONG *a = bn_expand_internal(b, words);
@@ -431,48 +431,67 @@ BIGNUM bn_dup_expand(const BIGNUM b, int words)
431	r = BN_dup(b);	431	r = BN_dup(b);
432	}	432	}
433		433
		434	bn_check_top(r);
434	return r;	435	return r;
435	}	436	}
		437	#endif
436		438
437	/* This is an internal function that should not be used in applications.	439	/* This is an internal function that should not be used in applications.
438	* It ensures that 'b' has enough room for a 'words' word number number.	440	* It ensures that 'b' has enough room for a 'words' word number
		441	* and initialises any unused part of b->d with leading zeros.
439	* It is mostly used by the various BIGNUM routines. If there is an error,	442	* It is mostly used by the various BIGNUM routines. If there is an error,
440	* NULL is returned. If not, 'b' is returned. */	443	* NULL is returned. If not, 'b' is returned. */
441		444
442	BIGNUM bn_expand2(BIGNUM b, int words)	445	BIGNUM bn_expand2(BIGNUM b, int words)
443	{	446	{
		447	bn_check_top(b);
		448
444	if (words > b->dmax)	449	if (words > b->dmax)
445	{	450	{
446	BN_ULONG *a = bn_expand_internal(b, words);	451	BN_ULONG *a = bn_expand_internal(b, words);
		452	if(!a) return NULL;
		453	if(b->d) OPENSSL_free(b->d);
		454	b->d=a;
		455	b->dmax=words;
		456	}
447		457
448	if (a)	458	/* None of this should be necessary because of what b->top means! */
		459	#if 0
		460	/* NB: bn_wexpand() calls this only if the BIGNUM really has to grow */
		461	if (b->top < b->dmax)
		462	{
		463	int i;
		464	BN_ULONG *A = &(b->d[b->top]);
		465	for (i=(b->dmax - b->top)>>3; i>0; i--,A+=8)
449	{	466	{
450	if (b->d)	467	A[0]=0; A[1]=0; A[2]=0; A[3]=0;
451	OPENSSL_free(b->d);	468	A[4]=0; A[5]=0; A[6]=0; A[7]=0;
452	b->d=a;
453	b->dmax=words;
454	}	469	}
455	else	470	for (i=(b->dmax - b->top)&7; i>0; i--,A++)
456	b = NULL;	471	A[0]=0;
		472	assert(A == &(b->d[b->dmax]));
457	}	473	}
		474	#endif
		475	bn_check_top(b);
458	return b;	476	return b;
459	}	477	}
460		478
461	BIGNUM BN_dup(const BIGNUM a)	479	BIGNUM BN_dup(const BIGNUM a)
462	{	480	{
463	BIGNUM r, t;	481	BIGNUM *t;
464		482
465	if (a == NULL) return NULL;	483	if (a == NULL) return NULL;
466
467	bn_check_top(a);	484	bn_check_top(a);
468		485
469	t = BN_new();	486	t = BN_new();
470	if (t == NULL) return(NULL);	487	if (t == NULL) return NULL;
471	r = BN_copy(t, a);	488	if(!BN_copy(t, a))
472	/* now r == t \|\| r == NULL */	489	{
473	if (r == NULL)
474	BN_free(t);	490	BN_free(t);
475	return r;	491	return NULL;
		492	}
		493	bn_check_top(t);
		494	return t;
476	}	495	}
477		496
478	BIGNUM BN_copy(BIGNUM a, const BIGNUM *b)	497	BIGNUM BN_copy(BIGNUM a, const BIGNUM *b)
@@ -506,11 +525,9 @@ BIGNUM BN_copy(BIGNUM a, const BIGNUM *b)
506	memcpy(a->d,b->d,sizeof(b->d[0])*b->top);	525	memcpy(a->d,b->d,sizeof(b->d[0])*b->top);
507	#endif	526	#endif
508		527
509	/* memset(&(a->d[b->top]),0,sizeof(a->d[0])(a->max-b->top));/
510	a->top=b->top;	528	a->top=b->top;
511	if ((a->top == 0) && (a->d != NULL))
512	a->d[0]=0;
513	a->neg=b->neg;	529	a->neg=b->neg;
		530	bn_check_top(a);
514	return(a);	531	return(a);
515	}	532	}
516		533
@@ -520,6 +537,9 @@ void BN_swap(BIGNUM a, BIGNUM b)
520	BN_ULONG *tmp_d;	537	BN_ULONG *tmp_d;
521	int tmp_top, tmp_dmax, tmp_neg;	538	int tmp_top, tmp_dmax, tmp_neg;
522		539
		540	bn_check_top(a);
		541	bn_check_top(b);
		542
523	flags_old_a = a->flags;	543	flags_old_a = a->flags;
524	flags_old_b = b->flags;	544	flags_old_b = b->flags;
525		545
@@ -540,11 +560,13 @@ void BN_swap(BIGNUM a, BIGNUM b)
540		560
541	a->flags = (flags_old_a & BN_FLG_MALLOCED) \| (flags_old_b & BN_FLG_STATIC_DATA);	561	a->flags = (flags_old_a & BN_FLG_MALLOCED) \| (flags_old_b & BN_FLG_STATIC_DATA);
542	b->flags = (flags_old_b & BN_FLG_MALLOCED) \| (flags_old_a & BN_FLG_STATIC_DATA);	562	b->flags = (flags_old_b & BN_FLG_MALLOCED) \| (flags_old_a & BN_FLG_STATIC_DATA);
		563	bn_check_top(a);
		564	bn_check_top(b);
543	}	565	}
544		566
545
546	void BN_clear(BIGNUM *a)	567	void BN_clear(BIGNUM *a)
547	{	568	{
		569	bn_check_top(a);
548	if (a->d != NULL)	570	if (a->d != NULL)
549	memset(a->d,0,a->dmax*sizeof(a->d[0]));	571	memset(a->d,0,a->dmax*sizeof(a->d[0]));
550	a->top=0;	572	a->top=0;
@@ -553,49 +575,22 @@ void BN_clear(BIGNUM *a)
553		575
554	BN_ULONG BN_get_word(const BIGNUM *a)	576	BN_ULONG BN_get_word(const BIGNUM *a)
555	{	577	{
556	int i,n;	578	if (a->top > 1)
557	BN_ULONG ret=0;	579	return BN_MASK2;
558		580	else if (a->top == 1)
559	n=BN_num_bytes(a);	581	return a->d[0];
560	if (n > sizeof(BN_ULONG))	582	/* a->top == 0 */
561	return(BN_MASK2);	583	return 0;
562	for (i=a->top-1; i>=0; i--)
563	{
564	#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
565	ret<<=BN_BITS4; /* stops the compiler complaining */
566	ret<<=BN_BITS4;
567	#else
568	ret=0;
569	#endif
570	ret\|=a->d[i];
571	}
572	return(ret);
573	}	584	}
574		585
575	int BN_set_word(BIGNUM *a, BN_ULONG w)	586	int BN_set_word(BIGNUM *a, BN_ULONG w)
576	{	587	{
577	int i,n;	588	bn_check_top(a);
578	if (bn_expand(a,sizeof(BN_ULONG)*8) == NULL) return(0);	589	if (bn_expand(a,(int)sizeof(BN_ULONG)*8) == NULL) return(0);
579		590	a->neg = 0;
580	n=sizeof(BN_ULONG)/BN_BYTES;	591	a->d[0] = w;
581	a->neg=0;	592	a->top = (w ? 1 : 0);
582	a->top=0;	593	bn_check_top(a);
583	a->d[0]=(BN_ULONG)w&BN_MASK2;
584	if (a->d[0] != 0) a->top=1;
585	for (i=1; i<n; i++)
586	{
587	/* the following is done instead of
588	* w>>=BN_BITS2 so compilers don't complain
589	* on builds where sizeof(long) == BN_TYPES */
590	#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
591	w>>=BN_BITS4;
592	w>>=BN_BITS4;
593	#else
594	w=0;
595	#endif
596	a->d[i]=(BN_ULONG)w&BN_MASK2;
597	if (a->d[i] != 0) a->top=i+1;
598	}
599	return(1);	594	return(1);
600	}	595	}
601		596
@@ -604,9 +599,12 @@ BIGNUM BN_bin2bn(const unsigned char s, int len, BIGNUM *ret)
604	unsigned int i,m;	599	unsigned int i,m;
605	unsigned int n;	600	unsigned int n;
606	BN_ULONG l;	601	BN_ULONG l;
		602	BIGNUM *bn = NULL;
607		603
608	if (ret == NULL) ret=BN_new();	604	if (ret == NULL)
		605	ret = bn = BN_new();
609	if (ret == NULL) return(NULL);	606	if (ret == NULL) return(NULL);
		607	bn_check_top(ret);
610	l=0;	608	l=0;
611	n=len;	609	n=len;
612	if (n == 0)	610	if (n == 0)
@@ -614,13 +612,16 @@ BIGNUM BN_bin2bn(const unsigned char s, int len, BIGNUM *ret)
614	ret->top=0;	612	ret->top=0;
615	return(ret);	613	return(ret);
616	}	614	}
617	if (bn_expand(ret,(int)(n+2)*8) == NULL)
618	return(NULL);
619	i=((n-1)/BN_BYTES)+1;	615	i=((n-1)/BN_BYTES)+1;
620	m=((n-1)%(BN_BYTES));	616	m=((n-1)%(BN_BYTES));
		617	if (bn_wexpand(ret, (int)i) == NULL)
		618	{
		619	if (bn) BN_free(bn);
		620	return NULL;
		621	}
621	ret->top=i;	622	ret->top=i;
622	ret->neg=0;	623	ret->neg=0;
623	while (n-- > 0)	624	while (n--)
624	{	625	{
625	l=(l<<8L)\| *(s++);	626	l=(l<<8L)\| *(s++);
626	if (m-- == 0)	627	if (m-- == 0)
@@ -632,7 +633,7 @@ BIGNUM BN_bin2bn(const unsigned char s, int len, BIGNUM *ret)
632	}	633	}
633	/* need to call this due to clear byte at top if avoiding	634	/* need to call this due to clear byte at top if avoiding
634	* having the top bit set (-ve number) */	635	* having the top bit set (-ve number) */
635	bn_fix_top(ret);	636	bn_correct_top(ret);
636	return(ret);	637	return(ret);
637	}	638	}
638		639
@@ -642,8 +643,9 @@ int BN_bn2bin(const BIGNUM a, unsigned char to)
642	int n,i;	643	int n,i;
643	BN_ULONG l;	644	BN_ULONG l;
644		645
		646	bn_check_top(a);
645	n=i=BN_num_bytes(a);	647	n=i=BN_num_bytes(a);
646	while (i-- > 0)	648	while (i--)
647	{	649	{
648	l=a->d[i/BN_BYTES];	650	l=a->d[i/BN_BYTES];
649	(to++)=(unsigned char)(l>>(8(i%BN_BYTES)))&0xff;	651	(to++)=(unsigned char)(l>>(8(i%BN_BYTES)))&0xff;
@@ -668,7 +670,7 @@ int BN_ucmp(const BIGNUM a, const BIGNUM b)
668	t1= ap[i];	670	t1= ap[i];
669	t2= bp[i];	671	t2= bp[i];
670	if (t1 != t2)	672	if (t1 != t2)
671	return(t1 > t2?1:-1);	673	return((t1 > t2) ? 1 : -1);
672	}	674	}
673	return(0);	675	return(0);
674	}	676	}
@@ -718,6 +720,9 @@ int BN_set_bit(BIGNUM *a, int n)
718	{	720	{
719	int i,j,k;	721	int i,j,k;
720		722
		723	if (n < 0)
		724	return 0;
		725
721	i=n/BN_BITS2;	726	i=n/BN_BITS2;
722	j=n%BN_BITS2;	727	j=n%BN_BITS2;
723	if (a->top <= i)	728	if (a->top <= i)
@@ -729,6 +734,7 @@ int BN_set_bit(BIGNUM *a, int n)
729	}	734	}
730		735
731	a->d[i]\|=(((BN_ULONG)1)<<j);	736	a->d[i]\|=(((BN_ULONG)1)<<j);
		737	bn_check_top(a);
732	return(1);	738	return(1);
733	}	739	}
734		740
@@ -736,12 +742,15 @@ int BN_clear_bit(BIGNUM *a, int n)
736	{	742	{
737	int i,j;	743	int i,j;
738		744
		745	bn_check_top(a);
		746	if (n < 0) return 0;
		747
739	i=n/BN_BITS2;	748	i=n/BN_BITS2;
740	j=n%BN_BITS2;	749	j=n%BN_BITS2;
741	if (a->top <= i) return(0);	750	if (a->top <= i) return(0);
742		751
743	a->d[i]&=(~(((BN_ULONG)1)<<j));	752	a->d[i]&=(~(((BN_ULONG)1)<<j));
744	bn_fix_top(a);	753	bn_correct_top(a);
745	return(1);	754	return(1);
746	}	755	}
747		756
@@ -749,20 +758,24 @@ int BN_is_bit_set(const BIGNUM *a, int n)
749	{	758	{
750	int i,j;	759	int i,j;
751		760
752	if (n < 0) return(0);	761	bn_check_top(a);
		762	if (n < 0) return 0;
753	i=n/BN_BITS2;	763	i=n/BN_BITS2;
754	j=n%BN_BITS2;	764	j=n%BN_BITS2;
755	if (a->top <= i) return(0);	765	if (a->top <= i) return 0;
756	return((a->d[i]&(((BN_ULONG)1)<<j))?1:0);	766	return(((a->d[i])>>j)&((BN_ULONG)1));
757	}	767	}
758		768
759	int BN_mask_bits(BIGNUM *a, int n)	769	int BN_mask_bits(BIGNUM *a, int n)
760	{	770	{
761	int b,w;	771	int b,w;
762		772
		773	bn_check_top(a);
		774	if (n < 0) return 0;
		775
763	w=n/BN_BITS2;	776	w=n/BN_BITS2;
764	b=n%BN_BITS2;	777	b=n%BN_BITS2;
765	if (w >= a->top) return(0);	778	if (w >= a->top) return 0;
766	if (b == 0)	779	if (b == 0)
767	a->top=w;	780	a->top=w;
768	else	781	else
@@ -770,10 +783,18 @@ int BN_mask_bits(BIGNUM *a, int n)
770	a->top=w+1;	783	a->top=w+1;
771	a->d[w]&= ~(BN_MASK2<<b);	784	a->d[w]&= ~(BN_MASK2<<b);
772	}	785	}
773	bn_fix_top(a);	786	bn_correct_top(a);
774	return(1);	787	return(1);
775	}	788	}
776		789
		790	void BN_set_negative(BIGNUM *a, int b)
		791	{
		792	if (b && !BN_is_zero(a))
		793	a->neg = 1;
		794	else
		795	a->neg = 0;
		796	}
		797
777	int bn_cmp_words(const BN_ULONG a, const BN_ULONG b, int n)	798	int bn_cmp_words(const BN_ULONG a, const BN_ULONG b, int n)
778	{	799	{
779	int i;	800	int i;