From 05552533f486a700413f5b1fd925ae0f2c26d8a8 Mon Sep 17 00:00:00 2001 From: djm <> Date: Fri, 9 Jan 2009 12:14:08 +0000 Subject: import openssl-0.9.8j --- src/lib/libcrypto/camellia/Makefile | 2 +- src/lib/libcrypto/cms/Makefile | 2 +- src/lib/libcrypto/ecdh/Makefile | 35 ++- src/lib/libcrypto/ecdsa/Makefile | 49 ++-- src/lib/libcrypto/fips_err.h | 137 ++++++++++ src/lib/libcrypto/jpake/Makefile | 64 +++++ src/lib/libcrypto/jpake/jpake.c | 483 ++++++++++++++++++++++++++++++++++++ src/lib/libcrypto/jpake/jpake.h | 129 ++++++++++ src/lib/libcrypto/jpake/jpake_err.c | 105 ++++++++ src/lib/libcrypto/jpake/jpaketest.c | 192 ++++++++++++++ src/lib/libcrypto/pqueue/Makefile | 2 +- src/lib/libcrypto/seed/Makefile | 2 +- src/lib/libcrypto/store/Makefile | 18 +- src/lib/libcrypto/util/copy.pl | 11 + src/lib/libcrypto/x509v3/v3_addr.c | 13 +- src/lib/libcrypto/x509v3/v3_asid.c | 2 +- 16 files changed, 1198 insertions(+), 48 deletions(-) create mode 100644 src/lib/libcrypto/fips_err.h create mode 100644 src/lib/libcrypto/jpake/Makefile create mode 100644 src/lib/libcrypto/jpake/jpake.c create mode 100644 src/lib/libcrypto/jpake/jpake.h create mode 100644 src/lib/libcrypto/jpake/jpake_err.c create mode 100644 src/lib/libcrypto/jpake/jpaketest.c (limited to 'src/lib/libcrypto') diff --git a/src/lib/libcrypto/camellia/Makefile b/src/lib/libcrypto/camellia/Makefile index 1579de5ce5..dfb12951fd 100644 --- a/src/lib/libcrypto/camellia/Makefile +++ b/src/lib/libcrypto/camellia/Makefile @@ -41,7 +41,7 @@ top: all: lib lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) + $(ARX) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib diff --git a/src/lib/libcrypto/cms/Makefile b/src/lib/libcrypto/cms/Makefile index e39c310b6c..1c137e0cff 100644 --- a/src/lib/libcrypto/cms/Makefile +++ b/src/lib/libcrypto/cms/Makefile @@ -37,7 +37,7 @@ test: all: lib lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) + $(ARX) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib diff --git a/src/lib/libcrypto/ecdh/Makefile b/src/lib/libcrypto/ecdh/Makefile index 95aa69fea5..7a7b618eeb 100644 --- a/src/lib/libcrypto/ecdh/Makefile +++ b/src/lib/libcrypto/ecdh/Makefile @@ -34,7 +34,7 @@ top: all: lib lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) + $(ARX) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib @@ -84,20 +84,31 @@ ech_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h ech_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h ech_err.o: ech_err.c ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ech_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ech_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -ech_key.o: ../../include/openssl/engine.h ../../include/openssl/opensslconf.h -ech_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ech_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -ech_key.o: ../../include/openssl/symhacks.h ech_key.c ech_locl.h +ech_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +ech_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ech_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ech_key.o: ../../include/openssl/engine.h ../../include/openssl/evp.h +ech_key.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h +ech_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +ech_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +ech_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +ech_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +ech_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ech_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +ech_key.o: ech_key.c ech_locl.h ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ech_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ech_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +ech_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +ech_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ech_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h ech_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h -ech_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +ech_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h +ech_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +ech_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h ech_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ech_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -ech_lib.o: ../../include/openssl/symhacks.h ech_lib.c ech_locl.h +ech_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ech_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ech_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ech_lib.o: ../../include/openssl/x509_vfy.h ech_lib.c ech_locl.h ech_ossl.o: ../../e_os.h ../../include/openssl/asn1.h ech_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h ech_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h diff --git a/src/lib/libcrypto/ecdsa/Makefile b/src/lib/libcrypto/ecdsa/Makefile index 16a93cd3ae..4865f3c8d6 100644 --- a/src/lib/libcrypto/ecdsa/Makefile +++ b/src/lib/libcrypto/ecdsa/Makefile @@ -34,7 +34,7 @@ top: all: lib lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) + $(ARX) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib @@ -92,13 +92,18 @@ ecs_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h ecs_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h ecs_err.o: ecs_err.c ecs_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ecs_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -ecs_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ecs_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +ecs_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +ecs_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h ecs_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -ecs_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ecs_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h +ecs_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h +ecs_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h ecs_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -ecs_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +ecs_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +ecs_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h ecs_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ecs_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h ecs_lib.o: ecs_lib.c ecs_locl.h ecs_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h ecs_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h @@ -110,16 +115,28 @@ ecs_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ecs_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h ecs_ossl.o: ../../include/openssl/symhacks.h ecs_locl.h ecs_ossl.c ecs_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ecs_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ecs_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h -ecs_sign.o: ../../include/openssl/engine.h ../../include/openssl/opensslconf.h +ecs_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +ecs_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ecs_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ecs_sign.o: ../../include/openssl/engine.h ../../include/openssl/evp.h +ecs_sign.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h +ecs_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +ecs_sign.o: ../../include/openssl/opensslconf.h ecs_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ecs_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -ecs_sign.o: ../../include/openssl/symhacks.h ecs_locl.h ecs_sign.c +ecs_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ecs_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ecs_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ecs_sign.o: ../../include/openssl/x509_vfy.h ecs_locl.h ecs_sign.c ecs_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ecs_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ecs_vrf.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h -ecs_vrf.o: ../../include/openssl/engine.h ../../include/openssl/opensslconf.h -ecs_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ecs_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -ecs_vrf.o: ../../include/openssl/symhacks.h ecs_locl.h ecs_vrf.c +ecs_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +ecs_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ecs_vrf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ecs_vrf.o: ../../include/openssl/engine.h ../../include/openssl/evp.h +ecs_vrf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h +ecs_vrf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +ecs_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +ecs_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +ecs_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +ecs_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ecs_vrf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +ecs_vrf.o: ecs_locl.h ecs_vrf.c diff --git a/src/lib/libcrypto/fips_err.h b/src/lib/libcrypto/fips_err.h new file mode 100644 index 0000000000..b328616858 --- /dev/null +++ b/src/lib/libcrypto/fips_err.h @@ -0,0 +1,137 @@ +/* crypto/fips_err.h */ +/* ==================================================================== + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/* NOTE: this file was auto generated by the mkerr.pl script: any changes + * made to it will be overwritten when the script next updates this file, + * only reason strings will be preserved. + */ + +#include +#include +#include + +/* BEGIN ERROR CODES */ +#ifndef OPENSSL_NO_ERR + +#define ERR_FUNC(func) ERR_PACK(ERR_LIB_FIPS,func,0) +#define ERR_REASON(reason) ERR_PACK(ERR_LIB_FIPS,0,reason) + +static ERR_STRING_DATA FIPS_str_functs[]= + { +{ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, +{ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"}, +{ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"}, +{ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"}, +{ERR_FUNC(FIPS_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, +{ERR_FUNC(FIPS_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, +{ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"}, +{ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT), "FIPS_CHECK_INCORE_FINGERPRINT"}, +{ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "FIPS_CHECK_RSA"}, +{ERR_FUNC(FIPS_F_FIPS_DSA_CHECK), "FIPS_DSA_CHECK"}, +{ERR_FUNC(FIPS_F_FIPS_MODE_SET), "FIPS_mode_set"}, +{ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"}, +{ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES), "FIPS_selftest_aes"}, +{ERR_FUNC(FIPS_F_FIPS_SELFTEST_DES), "FIPS_selftest_des"}, +{ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"}, +{ERR_FUNC(FIPS_F_FIPS_SELFTEST_HMAC), "FIPS_selftest_hmac"}, +{ERR_FUNC(FIPS_F_FIPS_SELFTEST_RNG), "FIPS_selftest_rng"}, +{ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA1), "FIPS_selftest_sha1"}, +{ERR_FUNC(FIPS_F_HASH_FINAL), "HASH_FINAL"}, +{ERR_FUNC(FIPS_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, +{ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"}, +{ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"}, +{ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, +{ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, +{ERR_FUNC(FIPS_F_RSA_X931_GENERATE_KEY_EX), "RSA_X931_generate_key_ex"}, +{ERR_FUNC(FIPS_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, +{0,NULL} + }; + +static ERR_STRING_DATA FIPS_str_reasons[]= + { +{ERR_REASON(FIPS_R_CANNOT_READ_EXE) ,"cannot read exe"}, +{ERR_REASON(FIPS_R_CANNOT_READ_EXE_DIGEST),"cannot read exe digest"}, +{ERR_REASON(FIPS_R_CONTRADICTING_EVIDENCE),"contradicting evidence"}, +{ERR_REASON(FIPS_R_EXE_DIGEST_DOES_NOT_MATCH),"exe digest does not match"}, +{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH),"fingerprint does not match"}, +{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED),"fingerprint does not match nonpic relocated"}, +{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING),"fingerprint does not match segment aliasing"}, +{ERR_REASON(FIPS_R_FIPS_MODE_ALREADY_SET),"fips mode already set"}, +{ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED) ,"fips selftest failed"}, +{ERR_REASON(FIPS_R_INVALID_KEY_LENGTH) ,"invalid key length"}, +{ERR_REASON(FIPS_R_KEY_TOO_SHORT) ,"key too short"}, +{ERR_REASON(FIPS_R_NON_FIPS_METHOD) ,"non fips method"}, +{ERR_REASON(FIPS_R_PAIRWISE_TEST_FAILED) ,"pairwise test failed"}, +{ERR_REASON(FIPS_R_RSA_DECRYPT_ERROR) ,"rsa decrypt error"}, +{ERR_REASON(FIPS_R_RSA_ENCRYPT_ERROR) ,"rsa encrypt error"}, +{ERR_REASON(FIPS_R_SELFTEST_FAILED) ,"selftest failed"}, +{ERR_REASON(FIPS_R_TEST_FAILURE) ,"test failure"}, +{ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM) ,"unsupported platform"}, +{0,NULL} + }; + +#endif + +void ERR_load_FIPS_strings(void) + { +#ifndef OPENSSL_NO_ERR + + if (ERR_func_error_string(FIPS_str_functs[0].error) == NULL) + { + ERR_load_strings(0,FIPS_str_functs); + ERR_load_strings(0,FIPS_str_reasons); + } +#endif + } diff --git a/src/lib/libcrypto/jpake/Makefile b/src/lib/libcrypto/jpake/Makefile new file mode 100644 index 0000000000..a4a1402f2e --- /dev/null +++ b/src/lib/libcrypto/jpake/Makefile @@ -0,0 +1,64 @@ +DIR=jpake +TOP=../.. + +CFLAGS= $(INCLUDES) $(CFLAG) + +LIB=$(TOP)/libcrypto.a +LIBOBJ=jpake.o jpake_err.o +LIBSRC=jpake.c jpake_err.c + +EXHEADER=jpake.h +TEST=jpaketest.c + +top: + (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) + +all: lib + +lib: $(LIBOBJ) + $(ARX) $(LIB) $(LIBOBJ) + $(RANLIB) $(LIB) || echo Never mind. + @touch lib + +links: + @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) + @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) + +install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... + @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ + do \ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; + +depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... + $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) + +dclean: + $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new + mv -f Makefile.new $(MAKEFILE) + +clean: + rm -f *.s *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff + +jpaketest: top jpaketest.c $(LIB) + $(CC) $(CFLAGS) -Wall -Werror -g -o jpaketest jpaketest.c $(LIB) +# DO NOT DELETE THIS LINE -- make depend depends on it. + +jpake.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +jpake.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +jpake.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +jpake.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +jpake.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +jpake.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +jpake.o: ../../include/openssl/symhacks.h jpake.c jpake.h +jpake_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +jpake_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +jpake_err.o: ../../include/openssl/err.h ../../include/openssl/jpake.h +jpake_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +jpake_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +jpake_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +jpake_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +jpake_err.o: jpake_err.c diff --git a/src/lib/libcrypto/jpake/jpake.c b/src/lib/libcrypto/jpake/jpake.c new file mode 100644 index 0000000000..577b7ef375 --- /dev/null +++ b/src/lib/libcrypto/jpake/jpake.c @@ -0,0 +1,483 @@ +#include "jpake.h" + +#include +#include +#include +#include +#include + +/* + * In the definition, (xa, xb, xc, xd) are Alice's (x1, x2, x3, x4) or + * Bob's (x3, x4, x1, x2). If you see what I mean. + */ + +typedef struct + { + char *name; /* Must be unique */ + char *peer_name; + BIGNUM *p; + BIGNUM *g; + BIGNUM *q; + BIGNUM *gxc; /* Alice's g^{x3} or Bob's g^{x1} */ + BIGNUM *gxd; /* Alice's g^{x4} or Bob's g^{x2} */ + } JPAKE_CTX_PUBLIC; + +struct JPAKE_CTX + { + JPAKE_CTX_PUBLIC p; + BIGNUM *secret; /* The shared secret */ + BN_CTX *ctx; + BIGNUM *xa; /* Alice's x1 or Bob's x3 */ + BIGNUM *xb; /* Alice's x2 or Bob's x4 */ + BIGNUM *key; /* The calculated (shared) key */ + }; + +static void JPAKE_ZKP_init(JPAKE_ZKP *zkp) + { + zkp->gr = BN_new(); + zkp->b = BN_new(); + } + +static void JPAKE_ZKP_release(JPAKE_ZKP *zkp) + { + BN_free(zkp->b); + BN_free(zkp->gr); + } + +/* Two birds with one stone - make the global name as expected */ +#define JPAKE_STEP_PART_init JPAKE_STEP2_init +#define JPAKE_STEP_PART_release JPAKE_STEP2_release + +void JPAKE_STEP_PART_init(JPAKE_STEP_PART *p) + { + p->gx = BN_new(); + JPAKE_ZKP_init(&p->zkpx); + } + +void JPAKE_STEP_PART_release(JPAKE_STEP_PART *p) + { + JPAKE_ZKP_release(&p->zkpx); + BN_free(p->gx); + } + +void JPAKE_STEP1_init(JPAKE_STEP1 *s1) + { + JPAKE_STEP_PART_init(&s1->p1); + JPAKE_STEP_PART_init(&s1->p2); + } + +void JPAKE_STEP1_release(JPAKE_STEP1 *s1) + { + JPAKE_STEP_PART_release(&s1->p2); + JPAKE_STEP_PART_release(&s1->p1); + } + +static void JPAKE_CTX_init(JPAKE_CTX *ctx, const char *name, + const char *peer_name, const BIGNUM *p, + const BIGNUM *g, const BIGNUM *q, + const BIGNUM *secret) + { + ctx->p.name = OPENSSL_strdup(name); + ctx->p.peer_name = OPENSSL_strdup(peer_name); + ctx->p.p = BN_dup(p); + ctx->p.g = BN_dup(g); + ctx->p.q = BN_dup(q); + ctx->secret = BN_dup(secret); + + ctx->p.gxc = BN_new(); + ctx->p.gxd = BN_new(); + + ctx->xa = BN_new(); + ctx->xb = BN_new(); + ctx->key = BN_new(); + ctx->ctx = BN_CTX_new(); + } + +static void JPAKE_CTX_release(JPAKE_CTX *ctx) + { + BN_CTX_free(ctx->ctx); + BN_clear_free(ctx->key); + BN_clear_free(ctx->xb); + BN_clear_free(ctx->xa); + + BN_free(ctx->p.gxd); + BN_free(ctx->p.gxc); + + BN_clear_free(ctx->secret); + BN_free(ctx->p.q); + BN_free(ctx->p.g); + BN_free(ctx->p.p); + OPENSSL_free(ctx->p.peer_name); + OPENSSL_free(ctx->p.name); + + memset(ctx, '\0', sizeof *ctx); + } + +JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name, + const BIGNUM *p, const BIGNUM *g, const BIGNUM *q, + const BIGNUM *secret) + { + JPAKE_CTX *ctx = OPENSSL_malloc(sizeof *ctx); + + JPAKE_CTX_init(ctx, name, peer_name, p, g, q, secret); + + return ctx; + } + +void JPAKE_CTX_free(JPAKE_CTX *ctx) + { + JPAKE_CTX_release(ctx); + OPENSSL_free(ctx); + } + +static void hashlength(SHA_CTX *sha, size_t l) + { + unsigned char b[2]; + + assert(l <= 0xffff); + b[0] = l >> 8; + b[1] = l&0xff; + SHA1_Update(sha, b, 2); + } + +static void hashstring(SHA_CTX *sha, const char *string) + { + size_t l = strlen(string); + + hashlength(sha, l); + SHA1_Update(sha, string, l); + } + +static void hashbn(SHA_CTX *sha, const BIGNUM *bn) + { + size_t l = BN_num_bytes(bn); + unsigned char *bin = OPENSSL_malloc(l); + + hashlength(sha, l); + BN_bn2bin(bn, bin); + SHA1_Update(sha, bin, l); + OPENSSL_free(bin); + } + +/* h=hash(g, g^r, g^x, name) */ +static void zkp_hash(BIGNUM *h, const BIGNUM *zkpg, const JPAKE_STEP_PART *p, + const char *proof_name) + { + unsigned char md[SHA_DIGEST_LENGTH]; + SHA_CTX sha; + + /* + * XXX: hash should not allow moving of the boundaries - Java code + * is flawed in this respect. Length encoding seems simplest. + */ + SHA1_Init(&sha); + hashbn(&sha, zkpg); + assert(!BN_is_zero(p->zkpx.gr)); + hashbn(&sha, p->zkpx.gr); + hashbn(&sha, p->gx); + hashstring(&sha, proof_name); + SHA1_Final(md, &sha); + BN_bin2bn(md, SHA_DIGEST_LENGTH, h); + } + +/* + * Prove knowledge of x + * Note that p->gx has already been calculated + */ +static void generate_zkp(JPAKE_STEP_PART *p, const BIGNUM *x, + const BIGNUM *zkpg, JPAKE_CTX *ctx) + { + BIGNUM *r = BN_new(); + BIGNUM *h = BN_new(); + BIGNUM *t = BN_new(); + + /* + * r in [0,q) + * XXX: Java chooses r in [0, 2^160) - i.e. distribution not uniform + */ + BN_rand_range(r, ctx->p.q); + /* g^r */ + BN_mod_exp(p->zkpx.gr, zkpg, r, ctx->p.p, ctx->ctx); + + /* h=hash... */ + zkp_hash(h, zkpg, p, ctx->p.name); + + /* b = r - x*h */ + BN_mod_mul(t, x, h, ctx->p.q, ctx->ctx); + BN_mod_sub(p->zkpx.b, r, t, ctx->p.q, ctx->ctx); + + /* cleanup */ + BN_free(t); + BN_free(h); + BN_free(r); + } + +static int verify_zkp(const JPAKE_STEP_PART *p, const BIGNUM *zkpg, + JPAKE_CTX *ctx) + { + BIGNUM *h = BN_new(); + BIGNUM *t1 = BN_new(); + BIGNUM *t2 = BN_new(); + BIGNUM *t3 = BN_new(); + int ret = 0; + + zkp_hash(h, zkpg, p, ctx->p.peer_name); + + /* t1 = g^b */ + BN_mod_exp(t1, zkpg, p->zkpx.b, ctx->p.p, ctx->ctx); + /* t2 = (g^x)^h = g^{hx} */ + BN_mod_exp(t2, p->gx, h, ctx->p.p, ctx->ctx); + /* t3 = t1 * t2 = g^{hx} * g^b = g^{hx+b} = g^r (allegedly) */ + BN_mod_mul(t3, t1, t2, ctx->p.p, ctx->ctx); + + /* verify t3 == g^r */ + if(BN_cmp(t3, p->zkpx.gr) == 0) + ret = 1; + else + JPAKEerr(JPAKE_F_VERIFY_ZKP, JPAKE_R_ZKP_VERIFY_FAILED); + + /* cleanup */ + BN_free(t3); + BN_free(t2); + BN_free(t1); + BN_free(h); + + return ret; + } + +static void generate_step_part(JPAKE_STEP_PART *p, const BIGNUM *x, + const BIGNUM *g, JPAKE_CTX *ctx) + { + BN_mod_exp(p->gx, g, x, ctx->p.p, ctx->ctx); + generate_zkp(p, x, g, ctx); + } + +/* Generate each party's random numbers. xa is in [0, q), xb is in [1, q). */ +static void genrand(JPAKE_CTX *ctx) + { + BIGNUM *qm1; + + /* xa in [0, q) */ + BN_rand_range(ctx->xa, ctx->p.q); + + /* q-1 */ + qm1 = BN_new(); + BN_copy(qm1, ctx->p.q); + BN_sub_word(qm1, 1); + + /* ... and xb in [0, q-1) */ + BN_rand_range(ctx->xb, qm1); + /* [1, q) */ + BN_add_word(ctx->xb, 1); + + /* cleanup */ + BN_free(qm1); + } + +int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx) + { + genrand(ctx); + generate_step_part(&send->p1, ctx->xa, ctx->p.g, ctx); + generate_step_part(&send->p2, ctx->xb, ctx->p.g, ctx); + + return 1; + } + +int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received) + { + /* verify their ZKP(xc) */ + if(!verify_zkp(&received->p1, ctx->p.g, ctx)) + { + JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_VERIFY_X3_FAILED); + return 0; + } + + /* verify their ZKP(xd) */ + if(!verify_zkp(&received->p2, ctx->p.g, ctx)) + { + JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_VERIFY_X4_FAILED); + return 0; + } + + /* g^xd != 1 */ + if(BN_is_one(received->p2.gx)) + { + JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X4_IS_ONE); + return 0; + } + + /* Save the bits we need for later */ + BN_copy(ctx->p.gxc, received->p1.gx); + BN_copy(ctx->p.gxd, received->p2.gx); + + return 1; + } + + +int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx) + { + BIGNUM *t1 = BN_new(); + BIGNUM *t2 = BN_new(); + + /* + * X = g^{(xa + xc + xd) * xb * s} + * t1 = g^xa + */ + BN_mod_exp(t1, ctx->p.g, ctx->xa, ctx->p.p, ctx->ctx); + /* t2 = t1 * g^{xc} = g^{xa} * g^{xc} = g^{xa + xc} */ + BN_mod_mul(t2, t1, ctx->p.gxc, ctx->p.p, ctx->ctx); + /* t1 = t2 * g^{xd} = g^{xa + xc + xd} */ + BN_mod_mul(t1, t2, ctx->p.gxd, ctx->p.p, ctx->ctx); + /* t2 = xb * s */ + BN_mod_mul(t2, ctx->xb, ctx->secret, ctx->p.q, ctx->ctx); + + /* + * ZKP(xb * s) + * XXX: this is kinda funky, because we're using + * + * g' = g^{xa + xc + xd} + * + * as the generator, which means X is g'^{xb * s} + * X = t1^{t2} = t1^{xb * s} = g^{(xa + xc + xd) * xb * s} + */ + generate_step_part(send, t2, t1, ctx); + + /* cleanup */ + BN_free(t1); + BN_free(t2); + + return 1; + } + +/* gx = g^{xc + xa + xb} * xd * s */ +static int compute_key(JPAKE_CTX *ctx, const BIGNUM *gx) + { + BIGNUM *t1 = BN_new(); + BIGNUM *t2 = BN_new(); + BIGNUM *t3 = BN_new(); + + /* + * K = (gx/g^{xb * xd * s})^{xb} + * = (g^{(xc + xa + xb) * xd * s - xb * xd *s})^{xb} + * = (g^{(xa + xc) * xd * s})^{xb} + * = g^{(xa + xc) * xb * xd * s} + * [which is the same regardless of who calculates it] + */ + + /* t1 = (g^{xd})^{xb} = g^{xb * xd} */ + BN_mod_exp(t1, ctx->p.gxd, ctx->xb, ctx->p.p, ctx->ctx); + /* t2 = -s = q-s */ + BN_sub(t2, ctx->p.q, ctx->secret); + /* t3 = t1^t2 = g^{-xb * xd * s} */ + BN_mod_exp(t3, t1, t2, ctx->p.p, ctx->ctx); + /* t1 = gx * t3 = X/g^{xb * xd * s} */ + BN_mod_mul(t1, gx, t3, ctx->p.p, ctx->ctx); + /* K = t1^{xb} */ + BN_mod_exp(ctx->key, t1, ctx->xb, ctx->p.p, ctx->ctx); + + /* cleanup */ + BN_free(t3); + BN_free(t2); + BN_free(t1); + + return 1; + } + +int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received) + { + BIGNUM *t1 = BN_new(); + BIGNUM *t2 = BN_new(); + int ret = 0; + + /* + * g' = g^{xc + xa + xb} [from our POV] + * t1 = xa + xb + */ + BN_mod_add(t1, ctx->xa, ctx->xb, ctx->p.q, ctx->ctx); + /* t2 = g^{t1} = g^{xa+xb} */ + BN_mod_exp(t2, ctx->p.g, t1, ctx->p.p, ctx->ctx); + /* t1 = g^{xc} * t2 = g^{xc + xa + xb} */ + BN_mod_mul(t1, ctx->p.gxc, t2, ctx->p.p, ctx->ctx); + + if(verify_zkp(received, t1, ctx)) + ret = 1; + else + JPAKEerr(JPAKE_F_JPAKE_STEP2_PROCESS, JPAKE_R_VERIFY_B_FAILED); + + compute_key(ctx, received->gx); + + /* cleanup */ + BN_free(t2); + BN_free(t1); + + return ret; + } + +static void quickhashbn(unsigned char *md, const BIGNUM *bn) + { + SHA_CTX sha; + + SHA1_Init(&sha); + hashbn(&sha, bn); + SHA1_Final(md, &sha); + } + +void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a) + {} + +int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx) + { + quickhashbn(send->hhk, ctx->key); + SHA1(send->hhk, sizeof send->hhk, send->hhk); + + return 1; + } + +int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received) + { + unsigned char hhk[SHA_DIGEST_LENGTH]; + + quickhashbn(hhk, ctx->key); + SHA1(hhk, sizeof hhk, hhk); + if(memcmp(hhk, received->hhk, sizeof hhk)) + { + JPAKEerr(JPAKE_F_JPAKE_STEP3A_PROCESS, JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH); + return 0; + } + return 1; + } + +void JPAKE_STEP3A_release(JPAKE_STEP3A *s3a) + {} + +void JPAKE_STEP3B_init(JPAKE_STEP3B *s3b) + {} + +int JPAKE_STEP3B_generate(JPAKE_STEP3B *send, JPAKE_CTX *ctx) + { + quickhashbn(send->hk, ctx->key); + + return 1; + } + +int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received) + { + unsigned char hk[SHA_DIGEST_LENGTH]; + + quickhashbn(hk, ctx->key); + if(memcmp(hk, received->hk, sizeof hk)) + { + JPAKEerr(JPAKE_F_JPAKE_STEP3B_PROCESS, JPAKE_R_HASH_OF_KEY_MISMATCH); + return 0; + } + return 1; + } + +void JPAKE_STEP3B_release(JPAKE_STEP3B *s3b) + {} + +const BIGNUM *JPAKE_get_shared_key(JPAKE_CTX *ctx) + { + return ctx->key; + } + diff --git a/src/lib/libcrypto/jpake/jpake.h b/src/lib/libcrypto/jpake/jpake.h new file mode 100644 index 0000000000..693ea188cb --- /dev/null +++ b/src/lib/libcrypto/jpake/jpake.h @@ -0,0 +1,129 @@ +/* + * Implement J-PAKE, as described in + * http://grouper.ieee.org/groups/1363/Research/contributions/hao-ryan-2008.pdf + * + * With hints from http://www.cl.cam.ac.uk/~fh240/software/JPAKE2.java. + */ + +#ifndef HEADER_JPAKE_H +#define HEADER_JPAKE_H + +#include + +#ifdef OPENSSL_NO_JPAKE +#error JPAKE is disabled. +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#include + +typedef struct JPAKE_CTX JPAKE_CTX; + +/* Note that "g" in the ZKPs is not necessarily the J-PAKE g. */ +typedef struct + { + BIGNUM *gr; /* g^r (r random) */ + BIGNUM *b; /* b = r - x*h, h=hash(g, g^r, g^x, name) */ + } JPAKE_ZKP; + +typedef struct + { + BIGNUM *gx; /* g^x in step 1, g^(xa + xc + xd) * xb * s in step 2 */ + JPAKE_ZKP zkpx; /* ZKP(x) or ZKP(xb * s) */ + } JPAKE_STEP_PART; + +typedef struct + { + JPAKE_STEP_PART p1; /* g^x3, ZKP(x3) or g^x1, ZKP(x1) */ + JPAKE_STEP_PART p2; /* g^x4, ZKP(x4) or g^x2, ZKP(x2) */ + } JPAKE_STEP1; + +typedef JPAKE_STEP_PART JPAKE_STEP2; + +typedef struct + { + unsigned char hhk[SHA_DIGEST_LENGTH]; + } JPAKE_STEP3A; + +typedef struct + { + unsigned char hk[SHA_DIGEST_LENGTH]; + } JPAKE_STEP3B; + +/* Parameters are copied */ +JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name, + const BIGNUM *p, const BIGNUM *g, const BIGNUM *q, + const BIGNUM *secret); +void JPAKE_CTX_free(JPAKE_CTX *ctx); + +/* + * Note that JPAKE_STEP1 can be used multiple times before release + * without another init. + */ +void JPAKE_STEP1_init(JPAKE_STEP1 *s1); +int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx); +int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received); +void JPAKE_STEP1_release(JPAKE_STEP1 *s1); + +/* + * Note that JPAKE_STEP2 can be used multiple times before release + * without another init. + */ +void JPAKE_STEP2_init(JPAKE_STEP2 *s2); +int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx); +int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received); +void JPAKE_STEP2_release(JPAKE_STEP2 *s2); + +/* + * Optionally verify the shared key. If the shared secrets do not + * match, the two ends will disagree about the shared key, but + * otherwise the protocol will succeed. + */ +void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a); +int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx); +int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received); +void JPAKE_STEP3A_release(JPAKE_STEP3A *s3a); + +void JPAKE_STEP3B_init(JPAKE_STEP3B *s3b); +int JPAKE_STEP3B_generate(JPAKE_STEP3B *send, JPAKE_CTX *ctx); +int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received); +void JPAKE_STEP3B_release(JPAKE_STEP3B *s3b); + +/* + * the return value belongs to the library and will be released when + * ctx is released, and will change when a new handshake is performed. + */ +const BIGNUM *JPAKE_get_shared_key(JPAKE_CTX *ctx); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_JPAKE_strings(void); + +/* Error codes for the JPAKE functions. */ + +/* Function codes. */ +#define JPAKE_F_JPAKE_STEP1_PROCESS 101 +#define JPAKE_F_JPAKE_STEP2_PROCESS 102 +#define JPAKE_F_JPAKE_STEP3A_PROCESS 103 +#define JPAKE_F_JPAKE_STEP3B_PROCESS 104 +#define JPAKE_F_VERIFY_ZKP 100 + +/* Reason codes. */ +#define JPAKE_R_G_TO_THE_X4_IS_ONE 105 +#define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH 106 +#define JPAKE_R_HASH_OF_KEY_MISMATCH 107 +#define JPAKE_R_VERIFY_B_FAILED 102 +#define JPAKE_R_VERIFY_X3_FAILED 103 +#define JPAKE_R_VERIFY_X4_FAILED 104 +#define JPAKE_R_ZKP_VERIFY_FAILED 100 + +#ifdef __cplusplus +} +#endif +#endif diff --git a/src/lib/libcrypto/jpake/jpake_err.c b/src/lib/libcrypto/jpake/jpake_err.c new file mode 100644 index 0000000000..1b95067967 --- /dev/null +++ b/src/lib/libcrypto/jpake/jpake_err.c @@ -0,0 +1,105 @@ +/* crypto/jpake/jpake_err.c */ +/* ==================================================================== + * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/* NOTE: this file was auto generated by the mkerr.pl script: any changes + * made to it will be overwritten when the script next updates this file, + * only reason strings will be preserved. + */ + +#include +#include +#include + +/* BEGIN ERROR CODES */ +#ifndef OPENSSL_NO_ERR + +#define ERR_FUNC(func) ERR_PACK(ERR_LIB_JPAKE,func,0) +#define ERR_REASON(reason) ERR_PACK(ERR_LIB_JPAKE,0,reason) + +static ERR_STRING_DATA JPAKE_str_functs[]= + { +{ERR_FUNC(JPAKE_F_JPAKE_STEP1_PROCESS), "JPAKE_STEP1_process"}, +{ERR_FUNC(JPAKE_F_JPAKE_STEP2_PROCESS), "JPAKE_STEP2_process"}, +{ERR_FUNC(JPAKE_F_JPAKE_STEP3A_PROCESS), "JPAKE_STEP3A_process"}, +{ERR_FUNC(JPAKE_F_JPAKE_STEP3B_PROCESS), "JPAKE_STEP3B_process"}, +{ERR_FUNC(JPAKE_F_VERIFY_ZKP), "VERIFY_ZKP"}, +{0,NULL} + }; + +static ERR_STRING_DATA JPAKE_str_reasons[]= + { +{ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_ONE) ,"g to the x4 is one"}, +{ERR_REASON(JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH),"hash of hash of key mismatch"}, +{ERR_REASON(JPAKE_R_HASH_OF_KEY_MISMATCH),"hash of key mismatch"}, +{ERR_REASON(JPAKE_R_VERIFY_B_FAILED) ,"verify b failed"}, +{ERR_REASON(JPAKE_R_VERIFY_X3_FAILED) ,"verify x3 failed"}, +{ERR_REASON(JPAKE_R_VERIFY_X4_FAILED) ,"verify x4 failed"}, +{ERR_REASON(JPAKE_R_ZKP_VERIFY_FAILED) ,"zkp verify failed"}, +{0,NULL} + }; + +#endif + +void ERR_load_JPAKE_strings(void) + { +#ifndef OPENSSL_NO_ERR + + if (ERR_func_error_string(JPAKE_str_functs[0].error) == NULL) + { + ERR_load_strings(0,JPAKE_str_functs); + ERR_load_strings(0,JPAKE_str_reasons); + } +#endif + } diff --git a/src/lib/libcrypto/jpake/jpaketest.c b/src/lib/libcrypto/jpake/jpaketest.c new file mode 100644 index 0000000000..792fc49eb4 --- /dev/null +++ b/src/lib/libcrypto/jpake/jpaketest.c @@ -0,0 +1,192 @@ +#include + +#ifdef OPENSSL_NO_JPAKE + +#include + +int main(int argc, char *argv[]) +{ + printf("No J-PAKE support\n"); + return(0); +} + +#else + +#include +#include + +static void showbn(const char *name, const BIGNUM *bn) + { + fputs(name, stdout); + fputs(" = ", stdout); + BN_print_fp(stdout, bn); + putc('\n', stdout); + } + +static int run_jpake(JPAKE_CTX *alice, JPAKE_CTX *bob) + { + JPAKE_STEP1 alice_s1; + JPAKE_STEP1 bob_s1; + JPAKE_STEP2 alice_s2; + JPAKE_STEP2 bob_s2; + JPAKE_STEP3A alice_s3a; + JPAKE_STEP3B bob_s3b; + + /* Alice -> Bob: step 1 */ + puts("A->B s1"); + JPAKE_STEP1_init(&alice_s1); + JPAKE_STEP1_generate(&alice_s1, alice); + if(!JPAKE_STEP1_process(bob, &alice_s1)) + { + printf("Bob fails to process Alice's step 1\n"); + ERR_print_errors_fp(stdout); + return 1; + } + JPAKE_STEP1_release(&alice_s1); + + /* Bob -> Alice: step 1 */ + puts("B->A s1"); + JPAKE_STEP1_init(&bob_s1); + JPAKE_STEP1_generate(&bob_s1, bob); + if(!JPAKE_STEP1_process(alice, &bob_s1)) + { + printf("Alice fails to process Bob's step 1\n"); + ERR_print_errors_fp(stdout); + return 2; + } + JPAKE_STEP1_release(&bob_s1); + + /* Alice -> Bob: step 2 */ + puts("A->B s2"); + JPAKE_STEP2_init(&alice_s2); + JPAKE_STEP2_generate(&alice_s2, alice); + if(!JPAKE_STEP2_process(bob, &alice_s2)) + { + printf("Bob fails to process Alice's step 2\n"); + ERR_print_errors_fp(stdout); + return 3; + } + JPAKE_STEP2_release(&alice_s2); + + /* Bob -> Alice: step 2 */ + puts("B->A s2"); + JPAKE_STEP2_init(&bob_s2); + JPAKE_STEP2_generate(&bob_s2, bob); + if(!JPAKE_STEP2_process(alice, &bob_s2)) + { + printf("Alice fails to process Bob's step 2\n"); + ERR_print_errors_fp(stdout); + return 4; + } + JPAKE_STEP2_release(&bob_s2); + + showbn("Alice's key", JPAKE_get_shared_key(alice)); + showbn("Bob's key ", JPAKE_get_shared_key(bob)); + + /* Alice -> Bob: step 3a */ + puts("A->B s3a"); + JPAKE_STEP3A_init(&alice_s3a); + JPAKE_STEP3A_generate(&alice_s3a, alice); + if(!JPAKE_STEP3A_process(bob, &alice_s3a)) + { + printf("Bob fails to process Alice's step 3a\n"); + ERR_print_errors_fp(stdout); + return 5; + } + JPAKE_STEP3A_release(&alice_s3a); + + /* Bob -> Alice: step 3b */ + puts("B->A s3b"); + JPAKE_STEP3B_init(&bob_s3b); + JPAKE_STEP3B_generate(&bob_s3b, bob); + if(!JPAKE_STEP3B_process(alice, &bob_s3b)) + { + printf("Alice fails to process Bob's step 3b\n"); + ERR_print_errors_fp(stdout); + return 6; + } + JPAKE_STEP3B_release(&bob_s3b); + + return 0; + } + +int main(int argc, char **argv) + { + JPAKE_CTX *alice; + JPAKE_CTX *bob; + BIGNUM *p = NULL; + BIGNUM *g = NULL; + BIGNUM *q = NULL; + BIGNUM *secret = BN_new(); + BIO *bio_err; + + bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); + + CRYPTO_malloc_debug_init(); + CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + + ERR_load_crypto_strings(); + + /* + BN_hex2bn(&p, "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7"); + BN_hex2bn(&g, "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a"); + BN_hex2bn(&q, "9760508f15230bccb292b982a2eb840bf0581cf5"); + */ + /* + p = BN_new(); + BN_generate_prime(p, 1024, 1, NULL, NULL, NULL, NULL); + */ + /* Use a safe prime for p (that we found earlier) */ + BN_hex2bn(&p, "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F"); + showbn("p", p); + g = BN_new(); + BN_set_word(g, 2); + showbn("g", g); + q = BN_new(); + BN_rshift1(q, p); + showbn("q", q); + + BN_rand(secret, 32, -1, 0); + + /* A normal run, expect this to work... */ + alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret); + bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret); + + if(run_jpake(alice, bob) != 0) + { + fprintf(stderr, "Plain JPAKE run failed\n"); + return 1; + } + + JPAKE_CTX_free(bob); + JPAKE_CTX_free(alice); + + /* Now give Alice and Bob different secrets */ + alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret); + BN_add_word(secret, 1); + bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret); + + if(run_jpake(alice, bob) != 5) + { + fprintf(stderr, "Mismatched secret JPAKE run failed\n"); + return 1; + } + + JPAKE_CTX_free(bob); + JPAKE_CTX_free(alice); + + BN_free(secret); + BN_free(q); + BN_free(g); + BN_free(p); + + CRYPTO_cleanup_all_ex_data(); + ERR_remove_state(0); + ERR_free_strings(); + CRYPTO_mem_leaks(bio_err); + + return 0; + } + +#endif diff --git a/src/lib/libcrypto/pqueue/Makefile b/src/lib/libcrypto/pqueue/Makefile index d0c39d25ce..36bfc349aa 100644 --- a/src/lib/libcrypto/pqueue/Makefile +++ b/src/lib/libcrypto/pqueue/Makefile @@ -33,7 +33,7 @@ top: all: lib lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) + $(ARX) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib diff --git a/src/lib/libcrypto/seed/Makefile b/src/lib/libcrypto/seed/Makefile index f9de27b288..ffaeb84218 100644 --- a/src/lib/libcrypto/seed/Makefile +++ b/src/lib/libcrypto/seed/Makefile @@ -34,7 +34,7 @@ top: all: lib lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) + $(ARX) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib diff --git a/src/lib/libcrypto/store/Makefile b/src/lib/libcrypto/store/Makefile index 0dcfd7857a..c9f5d001a3 100644 --- a/src/lib/libcrypto/store/Makefile +++ b/src/lib/libcrypto/store/Makefile @@ -35,7 +35,7 @@ top: all: lib lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) + $(ARX) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib @@ -89,14 +89,14 @@ str_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h str_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h str_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h str_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -str_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -str_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -str_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -str_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -str_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -str_lib.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h -str_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -str_lib.o: str_lib.c str_locl.h +str_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h +str_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +str_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +str_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +str_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +str_lib.o: ../../include/openssl/stack.h ../../include/openssl/store.h +str_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +str_lib.o: ../../include/openssl/x509_vfy.h str_lib.c str_locl.h str_mem.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h str_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h str_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h diff --git a/src/lib/libcrypto/util/copy.pl b/src/lib/libcrypto/util/copy.pl index e20b45530a..eba6d5815e 100644 --- a/src/lib/libcrypto/util/copy.pl +++ b/src/lib/libcrypto/util/copy.pl @@ -8,9 +8,16 @@ use Fcntl; # Perl script 'copy' comment. On Windows the built in "copy" command also # copies timestamps: this messes up Makefile dependencies. +my $stripcr = 0; + my $arg; foreach $arg (@ARGV) { + if ($arg eq "-stripcr") + { + $stripcr = 1; + next; + } $arg =~ s|\\|/|g; # compensate for bug/feature in cygwin glob... foreach (glob $arg) { @@ -49,6 +56,10 @@ foreach (@filelist) || die "Can't Open $dfile"; while (sysread IN, $buf, 10240) { + if ($stripcr) + { + $buf =~ tr/\015//d; + } syswrite(OUT, $buf, length($buf)); } close(IN); diff --git a/src/lib/libcrypto/x509v3/v3_addr.c b/src/lib/libcrypto/x509v3/v3_addr.c index ed9847b307..a37f844d3c 100644 --- a/src/lib/libcrypto/x509v3/v3_addr.c +++ b/src/lib/libcrypto/x509v3/v3_addr.c @@ -594,10 +594,10 @@ static IPAddressOrRanges *make_prefix_or_range(IPAddrBlocks *addr, return NULL; switch (afi) { case IANA_AFI_IPV4: - sk_IPAddressOrRange_set_cmp_func(aors, v4IPAddressOrRange_cmp); + (void)sk_IPAddressOrRange_set_cmp_func(aors, v4IPAddressOrRange_cmp); break; case IANA_AFI_IPV6: - sk_IPAddressOrRange_set_cmp_func(aors, v6IPAddressOrRange_cmp); + (void)sk_IPAddressOrRange_set_cmp_func(aors, v6IPAddressOrRange_cmp); break; } f->ipAddressChoice->type = IPAddressChoice_addressesOrRanges; @@ -854,7 +854,7 @@ static int IPAddressOrRanges_canonize(IPAddressOrRanges *aors, if (!make_addressRange(&merged, a_min, b_max, length)) return 0; sk_IPAddressOrRange_set(aors, i, merged); - sk_IPAddressOrRange_delete(aors, i + 1); + (void)sk_IPAddressOrRange_delete(aors, i + 1); IPAddressOrRange_free(a); IPAddressOrRange_free(b); --i; @@ -878,6 +878,7 @@ int v3_addr_canonize(IPAddrBlocks *addr) v3_addr_get_afi(f))) return 0; } + (void)sk_IPAddressFamily_set_cmp_func(addr, IPAddressFamily_cmp); sk_IPAddressFamily_sort(addr); assert(v3_addr_is_canonical(addr)); return 1; @@ -1122,7 +1123,7 @@ int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b) return 1; if (b == NULL || v3_addr_inherits(a) || v3_addr_inherits(b)) return 0; - sk_IPAddressFamily_set_cmp_func(b, IPAddressFamily_cmp); + (void)sk_IPAddressFamily_set_cmp_func(b, IPAddressFamily_cmp); for (i = 0; i < sk_IPAddressFamily_num(a); i++) { IPAddressFamily *fa = sk_IPAddressFamily_value(a, i); int j = sk_IPAddressFamily_find(b, fa); @@ -1183,7 +1184,7 @@ static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx, } if (!v3_addr_is_canonical(ext)) validation_err(X509_V_ERR_INVALID_EXTENSION); - sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp); + (void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp); if ((child = sk_IPAddressFamily_dup(ext)) == NULL) { X509V3err(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL, ERR_R_MALLOC_FAILURE); ret = 0; @@ -1209,7 +1210,7 @@ static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx, } continue; } - sk_IPAddressFamily_set_cmp_func(x->rfc3779_addr, IPAddressFamily_cmp); + (void)sk_IPAddressFamily_set_cmp_func(x->rfc3779_addr, IPAddressFamily_cmp); for (j = 0; j < sk_IPAddressFamily_num(child); j++) { IPAddressFamily *fc = sk_IPAddressFamily_value(child, j); int k = sk_IPAddressFamily_find(x->rfc3779_addr, fc); diff --git a/src/lib/libcrypto/x509v3/v3_asid.c b/src/lib/libcrypto/x509v3/v3_asid.c index 271930f967..abd497ed1f 100644 --- a/src/lib/libcrypto/x509v3/v3_asid.c +++ b/src/lib/libcrypto/x509v3/v3_asid.c @@ -466,7 +466,7 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) break; } ASIdOrRange_free(b); - sk_ASIdOrRange_delete(choice->u.asIdsOrRanges, i + 1); + (void)sk_ASIdOrRange_delete(choice->u.asIdsOrRanges, i + 1); i--; continue; } -- cgit v1.2.3-55-g6feb